diff --git a/.github/workflows/updater.yml b/.github/workflows/updater.yml index d91ef61..61c811f 100644 --- a/.github/workflows/updater.yml +++ b/.github/workflows/updater.yml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Fetch the source code - uses: actions/checkout@v2 + uses: actions/checkout@v3 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Run the updater script @@ -33,7 +33,7 @@ jobs: - name: Create Pull Request id: cpr if: ${{ env.PROCEED == 'true' }} - uses: peter-evans/create-pull-request@v3 + uses: peter-evans/create-pull-request@v4 with: token: ${{ secrets.GITHUB_TOKEN }} commit-message: Update to version ${{ env.VERSION }} diff --git a/README.md b/README.md index 16affce..eca101f 100644 --- a/README.md +++ b/README.md @@ -6,6 +6,7 @@ It shall NOT be edited by hand. # GoToSocial for YunoHost [![Integration level](https://dash.yunohost.org/integration/gotosocial.svg)](https://dash.yunohost.org/appci/app/gotosocial) ![Working status](https://ci-apps.yunohost.org/ci/badges/gotosocial.status.svg) ![Maintenance status](https://ci-apps.yunohost.org/ci/badges/gotosocial.maintain.svg) + [![Install GoToSocial with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=gotosocial) *[Lire ce readme en français.](./README_fr.md)* @@ -24,7 +25,7 @@ With GoToSocial, you can keep in touch with your friends, post, read, and share Documentation is at [docs.gotosocial.org](https://docs.gotosocial.org). -**Shipped version:** 0.6.0~ynh1 +**Shipped version:** 0.8.1~ynh1 ## Screenshots @@ -96,8 +97,6 @@ To create a new user, proceed as follows: ``` bash ./gotosocial --config-path config.yaml admin account create --username some_username --email someuser@example.org --password 'SomeLongAndComplicatedPassword' - -./gotosocial --config-path config.yaml admin account confirm --username some_username ``` And to promote them as an administrator of your instance: @@ -112,7 +111,7 @@ And to promote them as an administrator of your instance: ## Documentation and resources -* Official app website: +* Official app website: * Official user documentation: * Official admin documentation: * Upstream app code repository: diff --git a/README_fr.md b/README_fr.md index f1f68c7..b0c72d0 100644 --- a/README_fr.md +++ b/README_fr.md @@ -6,6 +6,7 @@ It shall NOT be edited by hand. # GoToSocial pour YunoHost [![Niveau d’intégration](https://dash.yunohost.org/integration/gotosocial.svg)](https://dash.yunohost.org/appci/app/gotosocial) ![Statut du fonctionnement](https://ci-apps.yunohost.org/ci/badges/gotosocial.status.svg) ![Statut de maintenance](https://ci-apps.yunohost.org/ci/badges/gotosocial.maintain.svg) + [![Installer GoToSocial avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=gotosocial) *[Read this readme in english.](./README.md)* @@ -24,7 +25,7 @@ Avec GoToSocial, vous pouvez rester en contact avec vos amis, publier, lire et p Vous pouvez consulter la documentation à l'adresse : [docs.gotosocial.org](https://docs.gotosocial.org). -**Version incluse :** 0.6.0~ynh1 +**Version incluse :** 0.8.1~ynh1 ## Captures d’écran @@ -96,8 +97,6 @@ Pour créer un nouveau compte utilisateur, procédez comme suit : ``` bash ./gotosocial --config-path config.yaml admin account create --username nom_dutilisateur --email utilisateur@example.org --password 'UnMotDePasseTrèsComplexe' - -./gotosocial --config-path config.yaml admin account confirm --username nom_dutilisateur ``` Et pour promouvoir un compte en tant qu'administrateur de votre instance : @@ -112,7 +111,7 @@ Et pour promouvoir un compte en tant qu'administrateur de votre instance : ## Documentations et ressources -* Site officiel de l’app : +* Site officiel de l’app : * Documentation officielle utilisateur : * Documentation officielle de l’admin : * Dépôt de code officiel de l’app : diff --git a/check_process b/check_process index 29bba52..6035d12 100644 --- a/check_process +++ b/check_process @@ -5,7 +5,6 @@ ;; Test complet ; Manifest - domain="goto.domain.tld" admin="xana" email="user@example.com" password="1Strong-Password" @@ -21,6 +20,7 @@ upgrade=1 from_commit=29c7d0df5dd6e3d90070f242b74cce980676cd72 upgrade=1 from_commit=5c1c052995a10d899abcb0e4d4fa1c1dc35f84a5 upgrade=1 from_commit=1b6c1c62e022f04afa02bf128f419e77a72bf1e9 + upgrade=1 from_commit=9a6d018337c7d83193282830ff9d9e9b0ae3a733 backup_restore=1 multi_instance=1 port_already_use=1 @@ -34,4 +34,6 @@ Notification=none ; commit=5c1c052995a10d899abcb0e4d4fa1c1dc35f84a5 name=v0.4.0~ynh1 ; commit=1b6c1c62e022f04afa02bf128f419e77a72bf1e9 - name=0.5.2~ynh2 \ No newline at end of file + name=0.5.2~ynh2 + ; commit=9a6d018337c7d83193282830ff9d9e9b0ae3a733 + name=0.6.0~ynh1 \ No newline at end of file diff --git a/conf/arm64.src b/conf/arm64.src index 1d614fc..9638143 100644 --- a/conf/arm64.src +++ b/conf/arm64.src @@ -1,7 +1,7 @@ -SOURCE_URL=https://github.com/superseriousbusiness/gotosocial/releases/download/v0.6.0/gotosocial_0.6.0_linux_arm64.tar.gz -SOURCE_SUM=a97b3aad81f72b990e9982686e6906599522cc8ec442d1e2d02ebba03b125168 +SOURCE_URL=https://github.com/superseriousbusiness/gotosocial/releases/download/v0.8.1/gotosocial_0.8.1_linux_arm64.tar.gz +SOURCE_SUM=671d66a6c7cd6b96b7499bf3e6419a1c4cc9278ff532191c0bcecc025fd4a0db SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_EXTRACT=true SOURCE_IN_SUBDIR=false -SOURCE_FILENAME=gotosocial_0.6.0_linux_arm64.tar.gz +SOURCE_FILENAME=gotosocial_0.8.1_linux_arm64.tar.gz diff --git a/conf/armv6.src b/conf/armv6.src index 03fc737..9ce61fd 100644 --- a/conf/armv6.src +++ b/conf/armv6.src @@ -1,7 +1,7 @@ -SOURCE_URL=https://github.com/superseriousbusiness/gotosocial/releases/download/v0.6.0/gotosocial_0.6.0_linux_armv6.tar.gz -SOURCE_SUM=10e3d227e738fd58ee6a1dca778667dbbc63933640a168b9cc5fc97203c7f26c +SOURCE_URL=https://github.com/superseriousbusiness/gotosocial/releases/download/v0.8.1/gotosocial_0.8.1_linux_armv6.tar.gz +SOURCE_SUM=207aed157dd418d6a4a7e4cff74de0724e08b0be24cf7208122988a2d9da44cc SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_EXTRACT=true SOURCE_IN_SUBDIR=false -SOURCE_FILENAME=gotosocial_0.6.0_linux_armv6.tar.gz +SOURCE_FILENAME=gotosocial_0.8.1_linux_armv6.tar.gz diff --git a/conf/armv7.src b/conf/armv7.src index adf827d..a67e712 100644 --- a/conf/armv7.src +++ b/conf/armv7.src @@ -1,7 +1,7 @@ -SOURCE_URL=https://github.com/superseriousbusiness/gotosocial/releases/download/v0.6.0/gotosocial_0.6.0_linux_armv7.tar.gz -SOURCE_SUM=e9f1cc03b18faeae2009781c6a2f6f9138c37aa85f4b2c5954c12a4798ed6208 +SOURCE_URL=https://github.com/superseriousbusiness/gotosocial/releases/download/v0.8.1/gotosocial_0.8.1_linux_armv7.tar.gz +SOURCE_SUM=54117d643829ec0c3a8e47d036d2485747d301299964dd33178308e560e1b265 SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_EXTRACT=true SOURCE_IN_SUBDIR=false -SOURCE_FILENAME=gotosocial_0.6.0_linux_armv7.tar.gz +SOURCE_FILENAME=gotosocial_0.8.1_linux_armv7.tar.gz diff --git a/conf/config.yaml b/conf/config.yaml index 287216e..d728ee6 100644 --- a/conf/config.yaml +++ b/conf/config.yaml @@ -1,5 +1,5 @@ # GoToSocial -# Copyright (C) 2021-2022 GoToSocial Authors admin@gotosocial.org +# Copyright (C) 2021-2023 GoToSocial Authors admin@gotosocial.org # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU Affero General Public License as published by @@ -55,6 +55,11 @@ host: "__DOMAIN__" # to "gts.example.org/.well-known/webfinger" so that GtS can handle them properly. # # You should also redirect requests at "example.org/.well-known/nodeinfo" in the same way. +# +# You should also redirect requests at "example.org/.well-known/host-meta" in the same way. This endpoint +# is used by a number of clients to discover the API endpoint to use when the host and account domain are +# different. +# # An empty string (ie., not set) means that the same value as 'host' will be used. # # DO NOT change this after your server has already run once, or you will break things! @@ -77,9 +82,11 @@ protocol: "https" # String. Address to bind the GoToSocial server to. # This can be an IPv4 address or an IPv6 address (surrounded in square brackets), or a hostname. -# Default value will bind to all interfaces. -# You probably won't need to change this unless you're setting GoToSocial up in some fancy way or -# you have specific networking requirements. +# The default value will bind to all interfaces, which makes the server +# accessible by other machines. For most setups there is no need to change this. +# If you are using GoToSocial in a reverse proxy setup with the proxy running on +# the same machine, you will want to set this to "localhost" or an equivalent, +# so that the proxy can't be bypassed. # Examples: ["0.0.0.0", "172.128.0.16", "localhost", "[::]", "[2001:db8::fed1]"] # Default: "0.0.0.0" bind-address: "0.0.0.0" @@ -163,6 +170,157 @@ db-tls-mode: "disable" # Default: "" db-tls-ca-cert: "" +# Int. Number to multiply by CPU count to set permitted total of open database connections (in-use and idle). +# You can use this setting to tune your database connection behavior, though most admins won't need to touch it. +# +# Example values for multiplier 8: +# +# 1 cpu = 08 open connections +# 2 cpu = 16 open connections +# 4 cpu = 32 open connections +# +# Example values for multiplier 4: +# +# 1 cpu = 04 open connections +# 2 cpu = 08 open connections +# 4 cpu = 16 open connections +# +# A multiplier of 8 is a sensible default, but you may wish to increase this for instances +# running on very performant hardware, or decrease it for instances using v. slow CPUs. +# +# If you set the multiplier to less than 1, only one open connection will be used regardless of cpu count. +# +# PLEASE NOTE!!: This setting currently only applies for Postgres. SQLite will always use 1 connection regardless +# of what is set here. This behavior will change in future when we implement better SQLITE_BUSY handling. +# See https://github.com/superseriousbusiness/gotosocial/issues/1407 for more details. +# +# Examples: [16, 8, 10, 2] +# Default: 8 +db-max-open-conns-multiplier: 8 + +# String. SQLite journaling mode. +# SQLite only -- unused otherwise. +# If set to empty string, the sqlite default will be used. +# See: https://www.sqlite.org/pragma.html#pragma_journal_mode +# Examples: ["DELETE", "TRUNCATE", "PERSIST", "MEMORY", "WAL", "OFF"] +# Default: "WAL" +db-sqlite-journal-mode: "WAL" + +# String. SQLite synchronous mode. +# SQLite only -- unused otherwise. +# If set to empty string, the sqlite default will be used. +# See: https://www.sqlite.org/pragma.html#pragma_synchronous +# Examples: ["OFF", "NORMAL", "FULL", "EXTRA"] +# Default: "NORMAL" +db-sqlite-synchronous: "NORMAL" + +# Byte size. SQlite cache size. +# SQLite only -- unused otherwise. +# If set to empty string or zero, the sqlite default (2MiB) will be used. +# See: https://www.sqlite.org/pragma.html#pragma_cache_size +# Examples: ["0", "2MiB", "8MiB", "64MiB"] +# Default: "8MiB" +db-sqlite-cache-size: "8MiB" + +# Duration. SQlite busy timeout. +# SQLite only -- unused otherwise. +# If set to empty string or zero, the sqlite default will be used. +# See: https://www.sqlite.org/pragma.html#pragma_busy_timeout +# Examples: ["0s", "1s", "30s", "1m", "5m"] +# Default: "5s" +db-sqlite-busy-timeout: "5m" + +cache: + # Cache configuration options: + # + # max-size = maximum cached objects count + # ttl = cached object lifetime + # sweep-freq = frequency to look for stale cache objects + # (zero will disable cache sweeping) + + ############################# + #### VISIBILITY CACHES ###### + ############################# + # + # Configure Status and account + # visibility cache. + + visibility-max-size: 2000 + visibility-ttl: "30m" + visibility-sweep-freq: "1m" + + gts: + ########################### + #### DATABASE CACHES ###### + ########################### + # + # Configure GTS database + # model caches. + + account-max-size: 2000 + account-ttl: "30m" + account-sweep-freq: "1m" + + block-max-size: 100 + block-ttl: "30m" + block-sweep-freq: "1m" + + domain-block-max-size: 2000 + domain-block-ttl: "24h" + domain-block-sweep-freq: "1m" + + emoji-max-size: 2000 + emoji-ttl: "30m" + emoji-sweep-freq: "1m" + + emoji-category-max-size: 100 + emoji-category-ttl: "30m" + emoji-category-sweep-freq: "1m" + + follow-max-size: 2000 + follow-ttl: "30m" + follow-sweep-freq: "1m" + + follow-request-max-size: 2000 + follow-request-ttl: "30m" + follow-request-sweep-freq: "1m" + + media-max-size: 1000 + media-ttl: "30m" + media-sweep-freq: "1m" + + mention-max-size: 2000 + mention-ttl: "30m" + mention-sweep-freq: "1m" + + notification-max-size: 1000 + notification-ttl: "30m" + notification-sweep-freq: "1m" + + report-max-size: 100 + report-ttl: "30m" + report-sweep-freq: "1m" + + status-max-size: 2000 + status-ttl: "30m" + status-sweep-freq: "1m" + + status-fave-max-size: 2000 + status-fave-ttl: "30m" + status-fave-sweep-freq: "1m" + + tombstone-max-size: 500 + tombstone-ttl: "30m" + tombstone-sweep-freq: "1m" + + user-max-size: 500 + user-ttl: "30m" + user-sweep-freq: "1m" + + webfinger-max-size: 250 + webfinger-ttl: "24h" + webfinger-sweep-freq: "1m" + ###################### ##### WEB CONFIG ##### ###################### @@ -200,6 +358,12 @@ instance-expose-peers: __INSTANCE_EXPOSE_PEERS__ # Default: false instance-expose-suspended: __INSTANCE_EXPOSE_SUSPENDED__ +# Bool. Allow unauthenticated users to view /about/suspended, +# showing the HTML rendered list of instances that this instance blocks/suspends. +# Options: [true, false] +# Default: false +instance-expose-suspended-web: __INSTANCE_EXPOSE_SUSPENDED_WEB__ + # Bool. Allow unauthenticated users to make queries to /api/v1/timelines/public in order # to see a list of public posts on this server. Even if set to 'false', then authenticated # users (members of the instance) will still be able to query the endpoint. @@ -332,6 +496,8 @@ storage-local-base-path: "__DATA_DIR__" # String. API endpoint of the S3 compatible service. # Only required when running with the s3 storage backend. # Examples: ["minio:9000", "s3.nl-ams.scw.cloud", "s3.us-west-002.backblazeb2.com"] +# GoToSocial uses "DNS-style" when accessing buckets. +# If you are using Scaleways object storage, please remove the "bucket name" from the endpoint address # Default: "" storage-s3-endpoint: "__STORAGE_S3_ENDPOINT__" @@ -340,6 +506,13 @@ storage-s3-endpoint: "__STORAGE_S3_ENDPOINT__" # Default: false storage-s3-proxy: __STORAGE_S3_PROXY__ +# Bool. Use SSL for S3 connections. +# +# Only set this to 'false' when testing locally. +# +# Default: true +storage-s3-use-ssl: true + # String. Access key part of the S3 credentials. # Consider setting this value using environment variables to avoid leaking it via the config file # Only required when running with the s3 storage backend. @@ -437,6 +610,22 @@ letsencrypt-cert-dir: "/gotosocial/storage/certs" # Default: "" letsencrypt-email-address: "" +############################## +##### MANUAL TLS CONFIG ##### +############################## + +# String. Path to a PEM-encoded file on disk that includes the certificate chain +# and the public key +# Examples: ["/gotosocial/storage/certs/chain.pem"] +# Default: "" +tls-certificate-chain: "" + +# String. Path to a PEM-encoded file on disk containing the private key for the +# associated tls-certificate-chain +# Examples: ["/gotosocial/storage/certs/private.pem"] +# Default: "" +tls-certificate-key: "" + ####################### ##### OIDC CONFIG ##### ####################### @@ -482,7 +671,7 @@ oidc-client-secret: "" # Array of string. Scopes to request from the OIDC provider. The returned values will be used to # populate users created in GtS as a result of the authentication flow. 'openid' and 'email' are required. # 'profile' is used to extract a username for the newly created user. -# 'groups' is optional and can be used to determine if a user is an admin (if they're in the group 'admin' or 'admins'). +# 'groups' is optional and can be used to determine if a user is an admin based on oidc-admin-groups. # Examples: See eg., https://auth0.com/docs/scopes/openid-connect-scopes # Default: ["openid", "email", "profile", "groups"] oidc-scopes: @@ -491,6 +680,18 @@ oidc-scopes: - "profile" - "groups" +# Bool. Link OIDC authenticated users to existing ones based on their email address. +# This is mostly intended for migration purposes if you were running previous versions of GTS +# which only correlated users with their email address. Should be set to false for most usecases. +# Options: [true, false] +# Default: false +oidc-link-existing: false + +# Array of string. If the returned ID token contains a 'groups' claim that matches one of the +# groups in oidc-admin-groups, then this user will be granted admin rights on the GtS instance +# Default: [] +oidc-admin-groups: [] + ####################### ##### SMTP CONFIG ##### ####################### @@ -501,30 +702,42 @@ oidc-scopes: # If this is not set, smtp will not be used to send emails, and you can ignore the other settings. # Examples: ["mail.example.org", "localhost"] # Default: "" -smtp-host: "localhost" +smtp-host: "__SMTP_HOST__" # Int. Port to use to connect to the smtp server. # Examples: [] # Default: 0 -smtp-port: 25 +smtp-port: __SMTP_PORT__ # String. Username to use when authenticating with the smtp server. # This should have been provided to you by your smtp host. # This is often, but not always, an email address. # Examples: ["maillord@example.org"] # Default: "" -smtp-username: "" +smtp-username: "__SMTP_USERNAME__" # String. Password to use when authenticating with the smtp server. # This should have been provided to you by your smtp host. # Examples: ["1234", "password"] # Default: "" -smtp-password: "" +smtp-password: "__SMTP_PASSWORD__" # String. 'From' address for sent emails. # Examples: ["mail@example.org"] # Default: "" -smtp-from: "GoToSocial@__DOMAIN__" +smtp-from: "__SMTP_FROM__" + +# Bool. If true, when an email is sent that has multiple recipients, each recipient +# will be included in the To field, so that each recipient can see who else got the +# email, and they can 'reply all' to the other recipients if they want to. +# +# If false, email will be sent to Undisclosed Recipients, and each recipient will not +# be able to see who else received the email. +# +# It might be useful to change this setting to 'true' if you want to be able to discuss +# new moderation reports with other admins by 'replying-all' to the notification email. +# Default: false +smtp-disclose-recipients: __SMTP_DISCLOSE_RECIPIENTS__ ######################### ##### SYSLOG CONFIG ##### @@ -578,9 +791,8 @@ syslog-address: "localhost:514" # Default: "lax" advanced-cookies-samesite: "__ADVANCED_COOKIES_SAMESITE__" -# Int. Amount of requests to permit from a single IP address within a span of 5 minutes. -# If this amount is exceeded, a 429 HTTP error code will be returned. -# See https://docs.gotosocial.org/en/latest/api/swagger/#rate-limit. +# Int. Amount of requests to permit per router grouping from a single IP address within +# a span of 5 minutes. If this amount is exceeded, a 429 HTTP error code will be returned. # # If you find yourself adjusting this limit because it's regularly being exceeded, # you should first verify that your settings for `trusted-proxies` (above) are correct. @@ -594,3 +806,38 @@ advanced-cookies-samesite: "__ADVANCED_COOKIES_SAMESITE__" # Examples: [1000, 500, 0] # Default: 1000 advanced-rate-limit-requests: __ADVANCED_RATE_LIMIT_REQUESTS__ + +# Int. Amount of open requests to permit per CPU, per router grouping, before applying http +# request throttling. Any requests beyond the calculated limit are held in a backlog queue for +# up to 30 seconds before either being processed or timing out. Requests that don't fit in the backlog +# queue will have status 503 returned to them, and the header 'Retry-After' will be set to 30 seconds. +# +# Open request limit is available CPUs * multiplier; backlog queue limit is limit * multiplier. +# +# Example values for multiplier 8: +# +# 1 cpu = 08 open, 064 backlog +# 2 cpu = 16 open, 128 backlog +# 4 cpu = 32 open, 256 backlog +# +# Example values for multiplier 4: +# +# 1 cpu = 04 open, 016 backlog +# 2 cpu = 08 open, 032 backlog +# 4 cpu = 16 open, 064 backlog +# +# A multiplier of 8 is a sensible default, but you may wish to increase this for instances +# running on very performant hardware, or decrease it for instances using v. slow CPUs. +# +# If you set this to 0 or less, http request throttling will be disabled entirely. +# +# Examples: [8, 4, 9, 0] +# Default: 8 +advanced-throttling-multiplier: 8 + +# Duration. Time period to use as the "retry-after" header value in response to throttled requests. +# Minimum resolution is 1 second. +# +# Examples: [30s, 10s, 5s, 1m] +# Default: 30s +advanced-throttling-retry-after: "30s" diff --git a/conf/i386.src b/conf/i386.src index a6df2ed..d0c8e9c 100644 --- a/conf/i386.src +++ b/conf/i386.src @@ -1,7 +1,7 @@ -SOURCE_URL=https://github.com/superseriousbusiness/gotosocial/releases/download/v0.6.0/gotosocial_0.6.0_linux_386.tar.gz -SOURCE_SUM=228cf5dac5f8fda9a9711963b6834ca782ed553207e78dc6f8132f30c4aa318f +SOURCE_URL=https://github.com/superseriousbusiness/gotosocial/releases/download/v0.8.1/gotosocial_0.8.1_linux_386.tar.gz +SOURCE_SUM=8d1436b1eab293e97f3de3572b3631da1efb12b23dc29ffcdb76b40f8f925a0c SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_EXTRACT=true SOURCE_IN_SUBDIR=false -SOURCE_FILENAME=gotosocial_0.6.0_linux_386.tar.gz +SOURCE_FILENAME=gotosocial_0.8.1_linux_386.tar.gz diff --git a/conf/nginx.conf b/conf/nginx.conf index a6db09c..1a4cd60 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,4 +1,3 @@ -#sub_path_only rewrite ^__PATH__$ __PATH__/ permanent; location __PATH__/ { proxy_http_version 1.1; diff --git a/conf/x86-64.src b/conf/x86-64.src index 7f3b436..512ed20 100644 --- a/conf/x86-64.src +++ b/conf/x86-64.src @@ -1,7 +1,7 @@ -SOURCE_URL=https://github.com/superseriousbusiness/gotosocial/releases/download/v0.6.0/gotosocial_0.6.0_linux_amd64.tar.gz -SOURCE_SUM=4d7e2a569b625e5854ff00f5c0574870a3643d74821cfe7f923e0408ff3db2fc +SOURCE_URL=https://github.com/superseriousbusiness/gotosocial/releases/download/v0.8.1/gotosocial_0.8.1_linux_amd64.tar.gz +SOURCE_SUM=32475bc78db64dbcfadb61b6c9b63542d9687fb9d42fa4c866f8136d86f8cf6d SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_EXTRACT=true SOURCE_IN_SUBDIR=false -SOURCE_FILENAME=gotosocial_0.6.0_linux_amd64.tar.gz +SOURCE_FILENAME=gotosocial_0.8.1_linux_amd64.tar.gz diff --git a/config_panel.toml b/config_panel.toml index 681af8a..3b6b032 100644 --- a/config_panel.toml +++ b/config_panel.toml @@ -19,7 +19,7 @@ name = "Accounts config" help = "Config pertaining to creation and maintenance of accounts on the server, as well as defaults for new accounts." -[main.accounts.registration_open] +[main.accounts.accounts_registration_open] ask.en = "Open registrations?" ask.fr = "Inscriptions ouvertes ?" bind = "accounts-registration-open:__FINALPATH__/config.yaml" @@ -29,7 +29,7 @@ help.en = "Do we want people to be able to just submit sign up requests, or do w help.fr = "Voulez-vous que les gens puissent simplement envoyer des demandes d'inscription, ou voulez-vous qu'iels doivent être invité-e-s ?" type = "select" -[main.accounts.approval_required] +[main.accounts.accounts_approval_required] ask.en = "Approval required?" ask.fr = "Validation requise ?" bind = "accounts-approval-required:__FINALPATH__/config.yaml" @@ -39,7 +39,7 @@ help.en = "Do sign up requests require approval from an admin/moderator before a help.fr = "Les demandes d'inscription doivent-elles être approuvées par un-e administrateur-ice/modérateur-ice avant qu'un compte puisse se connecter/utiliser le serveur ?" type = "select" -[main.accounts.reason_required] +[main.accounts.accounts_reason_required] ask.en = "Reason required?" ask.fr = "Motif requis ?" bind = "accounts-reason-required:__FINALPATH__/config.yaml" @@ -49,7 +49,7 @@ help.en = "Are sign up requests required to submit a reason for the request (eg. help.fr = "Les demandes d'inscription doivent-elles être motivées (par exemple, par une explication de la raison pour laquelle la personne souhaite rejoindre l'instance) ?" type = "select" -[main.accounts.allow_custom_css] +[main.accounts.accounts_allow_custom_css] ask.en = "Allow custom CSS?" ask.fr = "Autoriser le CSS personnalisé ?" bind = "accounts-allow-custom-css:__FINALPATH__/config.yaml" @@ -245,6 +245,16 @@ help.en = "Allow unauthenticated users to make queries to /api/v1/instance/peers help.fr = "Permet aux utilisateurs non authentifiés d'effectuer des requêtes API sur /api/v1/instance/peers?filter=suspended afin de voir la liste des instances bloquées ou suspendues par votre instance. Cela permettra également aux utilisateurs non authentifiés de consulter la liste via l'interface Web. Même s'il est défini à 'false', les utilisateurs authentifiés (membres de l'instance) seront toujours en mesure d'interroger l'API." type = "select" +[main.instance.instance_expose_suspended_web] +ask.en = "API: Expose suspended on Web (/about/suspended)?" +ask.fr = "API : Exposer les instances bloquées sur le Web (/about/suspended) ?" +bind = "instance-expose-suspended-web:__FINALPATH__/config.yaml" +choices = ["true", "false"] +default = "false" +help.en = "Allow unauthenticated users to view /about/suspended, showing the HTML rendered list of instances that this instance blocks/suspends." +help.fr = "Permet aux utilisateurs non authentifiés d'afficher /about/suspended, montrant la liste rendue en HTML des instances que cette instance bloque ou suspend." +type = "select" + [main.instance.instance_expose_public_timeline] ask.en = "API: Expose public timeline?" ask.fr = "API : Exposer la timeline publique ?" @@ -269,6 +279,73 @@ La livraison dans la boîte de réception partagée peut réduire de manière si Voir : https://www.w3.org/TR/activitypub/#shared-inbox-delivery""" type = "select" +################ +#### SMTP CONFIG +################ + +[main.smtp] + +name = "SMTP config" + +help = "Config for sending emails via an smtp server." + +[main.smtp.smtp_host] +ask.en = "SMTP Server Hostname" +ask.fr = "Nom d'hôte du serveur SMTP" +bind = "smtp-host:__FINALPATH__/config.yaml" +default = "localhost" +help.en = "The hostname of the SMTP server you want to use. Examples: mail.example.org, localhost" +help.fr = "Le nom d'hôte du serveur SMTP que vous souhaitez utiliser. Exemples: mail.example.org, localhost" +type = "string" + +[main.smtp.smtp_port] +ask.en = "SMTP Port" +ask.fr = "Port SMTP" +bind = "smtp-port:__FINALPATH__/config.yaml" +default = "25" +help.en = "Port to use to connect to the SMTP server" +help.fr = "Port à utiliser pour se connecter au serveur SMTP" +type = "number" + +[main.smtp.smtp_username] +ask.en = "SMTP Username" +ask.fr = "Nom d'utilisateur SMTP" +bind = "smtp-username:__FINALPATH__/config.yaml" +default = "" +help.en = "Username to use when authenticating with the SMTP server" +help.fr = "Nom d'utilisateur à utiliser lors de l'authentification avec le serveur SMTP" +type = "string" + +[main.smtp.smtp_password] +ask.en = "SMTP Password" +ask.fr = "Mot de passe SMTP" +bind = "smtp-password:__FINALPATH__/config.yaml" +default = "" +help.en = "Password to use when authenticating with the SMTP server" +help.fr = "Mot de passe à utiliser lors de l'authentification avec le serveur SMTP" +type = "password" + +[main.smtp.smtp_from] +ask.en = "SMTP From Address" +ask.fr = "Adresse d'expédition SMTP" +bind = "smtp-from:__FINALPATH__/config.yaml" +default = "GoToSocial@__DOMAIN__" +help.en = "From address for sent emails" +help.fr = "L'adresse utilisée pour les e-mails envoyés" +type = "email" + +[main.smtp.smtp_disclose_recipients] +ask.en = "SMTP Disclose Recipients" +ask.fr = "SMTP Divulguer les destinataires" +bind = "smtp-disclose-recipients:__FINALPATH__/config.yaml" +choices = ["true", "false"] +default = "false" +help.en = """true: Disclose all recipients in the To field\ +false: Email will be sent to Undisclosed Recipients""" +help.fr = """true : divulguer tous les destinataires dans le champ À\ +false : l'e-mail sera envoyé sans divulguer les destinataires""" +type = "select" + #################### #### ADVANCED SETTINGS #################### @@ -296,8 +373,8 @@ type = "select" ask.en = "Amount of requests to permit from a single IP address within a span of 5 minutes." ask.fr = "Nombre de requêtes autorisées à partir d'une seule adresse IP dans un délai de 5 minutes." bind = "advanced-rate-limit-requests:__FINALPATH__/config.yaml" -default = "1000" -help.en = """Default: 1000\ +default = "300" +help.en = """Default: 300\ If this amount is exceeded, a 429 HTTP error code will be returned.\ See https://docs.gotosocial.org/en/latest/api/swagger/#rate-limit.\ If you find yourself adjusting this limit because it's regularly being exceeded, you should first verify that your settings for `trusted-proxies` are correct.\ diff --git a/doc/DISCLAIMER.md b/doc/DISCLAIMER.md index a6912b0..f13fb16 100644 --- a/doc/DISCLAIMER.md +++ b/doc/DISCLAIMER.md @@ -62,8 +62,6 @@ To create a new user, proceed as follows: ``` bash ./gotosocial --config-path config.yaml admin account create --username some_username --email someuser@example.org --password 'SomeLongAndComplicatedPassword' - -./gotosocial --config-path config.yaml admin account confirm --username some_username ``` And to promote them as an administrator of your instance: diff --git a/doc/DISCLAIMER_fr.md b/doc/DISCLAIMER_fr.md index 6a32c79..5d1e78b 100644 --- a/doc/DISCLAIMER_fr.md +++ b/doc/DISCLAIMER_fr.md @@ -62,8 +62,6 @@ Pour créer un nouveau compte utilisateur, procédez comme suit : ``` bash ./gotosocial --config-path config.yaml admin account create --username nom_dutilisateur --email utilisateur@example.org --password 'UnMotDePasseTrèsComplexe' - -./gotosocial --config-path config.yaml admin account confirm --username nom_dutilisateur ``` Et pour promouvoir un compte en tant qu'administrateur de votre instance : diff --git a/manifest.json b/manifest.json index 983e871..9360a62 100644 --- a/manifest.json +++ b/manifest.json @@ -6,11 +6,11 @@ "en": "ActivityPub social network server", "fr": "Serveur de réseau social basé sur ActivityPub" }, - "version": "0.6.0~ynh1", + "version": "0.8.1~ynh1", "url": "https://github.com/superseriousbusiness/gotosocial", "upstream": { "license": "AGPL-3.0-only", - "website": "https://docs.gotosocial.org/", + "website": "https://gotosocial.org/", "demo": "", "admindoc": "https://docs.gotosocial.org/en/latest/", "userdoc": "https://docs.gotosocial.org/en/latest/", @@ -114,4 +114,4 @@ } ] } -} \ No newline at end of file +} diff --git a/scripts/install b/scripts/install index 36aaafb..e9fd918 100644 --- a/scripts/install +++ b/scripts/install @@ -34,6 +34,7 @@ accounts_allow_custom_css="false" instance_expose_peers="false" instance_expose_suspended="false" +instance_expose_suspended_web="false" instance_expose_public_timeline="false" instance_deliver_to_shared_inboxes="true" @@ -58,8 +59,15 @@ statuses_poll_max_options="6" statuses_poll_option_max_chars="50" statuses_media_max_files="6" +smtp_host="localhost" +smtp_port="25" +smtp_username="" +smtp_password="" +smtp_from="noreply@$domain" +smtp_disclose_recipients="false" + advanced_cookies_samesite="lax" -advanced_rate_limit_requests="1000" +advanced_rate_limit_requests="300" #================================================= # STORE SETTINGS FROM MANIFEST @@ -86,6 +94,7 @@ ynh_app_setting_set --app="$app" --key=accounts_allow_custom_css --value="$accou ynh_app_setting_set --app="$app" --key=instance_expose_peers --value="$instance_expose_peers" ynh_app_setting_set --app="$app" --key=instance_expose_suspended --value="$instance_expose_suspended" +ynh_app_setting_set --app="$app" --key=instance_expose_suspended_web --value="$instance_expose_suspended_web" ynh_app_setting_set --app="$app" --key=instance_expose_public_timeline --value="$instance_expose_public_timeline" ynh_app_setting_set --app="$app" --key=instance_deliver_to_shared_inboxes --value="$instance_deliver_to_shared_inboxes" @@ -110,6 +119,13 @@ ynh_app_setting_set --app="$app" --key=statuses_poll_max_options --value="$statu ynh_app_setting_set --app="$app" --key=statuses_poll_option_max_chars --value="$statuses_poll_option_max_chars" ynh_app_setting_set --app="$app" --key=statuses_media_max_files --value="$statuses_media_max_files" +ynh_app_setting_set --app="$app" --key=smtp_host --value="$smtp_host" +ynh_app_setting_set --app="$app" --key=smtp_port --value="$smtp_port" +ynh_app_setting_set --app="$app" --key=smtp_username --value="$smtp_username" +ynh_app_setting_set --app="$app" --key=smtp_password --value="$smtp_password" +ynh_app_setting_set --app="$app" --key=smtp_from --value="$smtp_from" +ynh_app_setting_set --app="$app" --key=smtp_disclose_recipients --value="$smtp_disclose_recipients" + ynh_app_setting_set --app="$app" --key=advanced_cookies_samesite --value="$advanced_cookies_samesite" ynh_app_setting_set --app="$app" --key=advanced_rate_limit_requests --value="$advanced_rate_limit_requests" @@ -157,7 +173,7 @@ chown -R "$app:www-data" "$install_dir" #================================================= ynh_script_progression --message="Configuring NGINX web server..." --weight=1 -# Create a dedicated NGINX config +# Create a dedicated NGINX config for the main domain ynh_add_nginx_config #================================================= diff --git a/scripts/remove b/scripts/remove index f83f5ea..93193fe 100755 --- a/scripts/remove +++ b/scripts/remove @@ -35,7 +35,7 @@ ynh_remove_systemd_config #================================================= ynh_script_progression --message="Removing NGINX web server configuration..." --weight=1 -# Remove the dedicated NGINX config +# Remove the dedicated NGINX config of the main domain ynh_remove_nginx_config #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index 9bfe0e6..3d4adc4 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -154,6 +154,68 @@ then ynh_app_setting_set --app="$app" --key=advanced_rate_limit_requests --value="$advanced_rate_limit_requests" fi +# Upgrade from <0.7.1~ynh1: +if ynh_compare_current_package_version --comparison lt --version 0.7.1~ynh1 || [ -z "$instance_expose_suspended_web" ] +then + # updating parameters + advanced_rate_limit_requests="300" + # declaration of new parameter + instance_expose_suspended_web="false" + # registration of parameters + ynh_app_setting_set --app="$app" --key=advanced_rate_limit_requests --value="$advanced_rate_limit_requests" + ynh_app_setting_set --app="$app" --key=instance_expose_suspended_web --value="$instance_expose_suspended_web" +fi + +# Upgrade from <0.8.0~ynh2: +if ynh_compare_current_package_version --comparison lt --version 0.8.0~ynh2 || [ -z "$smtp_host" ] +then + # declaration of new parameter + smtp_host="localhost" + smtp_port="25" + smtp_username="" + smtp_password="" + smtp_from="noreply@$domain" + smtp_disclose_recipients="false" + # registration of parameters + ynh_app_setting_set --app="$app" --key=smtp_host --value="$smtp_host" + ynh_app_setting_set --app="$app" --key=smtp_port --value="$smtp_port" + ynh_app_setting_set --app="$app" --key=smtp_username --value="$smtp_username" + ynh_app_setting_set --app="$app" --key=smtp_password --value="$smtp_password" + ynh_app_setting_set --app="$app" --key=smtp_from --value="$smtp_from" + ynh_app_setting_set --app="$app" --key=smtp_disclose_recipients --value="$smtp_disclose_recipients" +fi + +# Upgrade from <0.8.0~ynh3: +if ynh_compare_current_package_version --comparison lt --version 0.8.0~ynh3 +then + # get settings from problem key + allow_custom_css=$(ynh_app_setting_get --app="$app" --key=allow_custom_css) + approval_required=$(ynh_app_setting_get --app="$app" --key=approval_required) + reason_required=$(ynh_app_setting_get --app="$app" --key=reason_required) + registration_open=$(ynh_app_setting_get --app="$app" --key=registration_open) + # apply setting to correct key if set on old key + if [ -n "$allow_custom_css" ] + then + ynh_app_setting_set --app="$app" --key=accounts_allow_custom_css --value="$allow_custom_css" + ynh_app_setting_delete --app="$app" --key=allow_custom_css + fi + if [ -n "$approval_required" ] + then + ynh_app_setting_set --app="$app" --key=accounts_approval_required --value="$approval_required" + ynh_app_setting_delete --app="$app" --key=approval_required + fi + if [ -n "$reason_required" ] + then + ynh_app_setting_set --app="$app" --key=accounts_reason_required --value="$reason_required" + ynh_app_setting_delete --app="$app" --key=reason_required + fi + if [ -n "$registration_open" ] + then + ynh_app_setting_set --app="$app" --key=accounts_registration_open --value="$registration_open" + ynh_app_setting_delete --app="$app" --key=registration_open + fi +fi + #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -184,7 +246,7 @@ chown -R "$app:www-data" "$install_dir" #================================================= ynh_script_progression --message="Upgrading NGINX web server configuration..." -# Create a dedicated NGINX config +# Create a dedicated NGINX config for the main domain ynh_add_nginx_config #=================================================