diff --git a/README.md b/README.md index ef7e9ce..1211539 100644 --- a/README.md +++ b/README.md @@ -18,12 +18,11 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in GoToSocial is an [ActivityPub](https://activitypub.rocks/) social network server, written in Golang. With GoToSocial, you can keep in touch with your friends, post, read, and share images and articles. All without being tracked or advertised to! - -**Shipped version:** 0.9.0~ynh1 +**Shipped version:** 0.10.0~ynh1 ## Screenshots -![Screenshot of GoToSocial](./doc/screenshots/screenshot.jpg) +![Screenshot of GoToSocial](./doc/screenshots/screenshot.png) ## :red_circle: Antifeatures diff --git a/README_fr.md b/README_fr.md index 217ae7d..81a0810 100644 --- a/README_fr.md +++ b/README_fr.md @@ -23,7 +23,7 @@ Un serveur de réseau social basé sur [ActivityPub](https://activitypub.rocks/) ## Captures d’écran -![Capture d’écran de GoToSocial](./doc/screenshots/screenshot.jpg) +![Capture d’écran de GoToSocial](./doc/screenshots/screenshot.png) ## :red_circle: Fonctions indésirables diff --git a/conf/config.yaml b/conf/config.yaml index 91ef916..d24e51d 100644 --- a/conf/config.yaml +++ b/conf/config.yaml @@ -195,10 +195,6 @@ db-tls-ca-cert: "" # # If you set the multiplier to less than 1, only one open connection will be used regardless of cpu count. # -# PLEASE NOTE!!: This setting currently only applies for Postgres. SQLite will always use 1 connection regardless -# of what is set here. This behavior will change in future when we implement better SQLITE_BUSY handling. -# See https://github.com/superseriousbusiness/gotosocial/issues/1407 for more details. -# # Examples: [16, 8, 10, 2] # Default: 8 db-max-open-conns-multiplier: 8 @@ -232,99 +228,17 @@ db-sqlite-cache-size: "8MiB" # If set to empty string or zero, the sqlite default will be used. # See: https://www.sqlite.org/pragma.html#pragma_busy_timeout # Examples: ["0s", "1s", "30s", "1m", "5m"] -# Default: "5s" -db-sqlite-busy-timeout: "5m" +# Default: "30m" +db-sqlite-busy-timeout: "30m" cache: - # Cache configuration options: - # - # max-size = maximum cached objects count - # ttl = cached object lifetime - # sweep-freq = frequency to look for stale cache objects - # (zero will disable cache sweeping) - - ############################# - #### VISIBILITY CACHES ###### - ############################# - # - # Configure Status and account - # visibility cache. - - visibility-max-size: 2000 - visibility-ttl: "30m" - visibility-sweep-freq: "1m" - - gts: - ########################### - #### DATABASE CACHES ###### - ########################### - # - # Configure GTS database - # model caches. - - account-max-size: 2000 - account-ttl: "30m" - account-sweep-freq: "1m" - - block-max-size: 100 - block-ttl: "30m" - block-sweep-freq: "1m" - - domain-block-max-size: 2000 - domain-block-ttl: "24h" - domain-block-sweep-freq: "1m" - - emoji-max-size: 2000 - emoji-ttl: "30m" - emoji-sweep-freq: "1m" - - emoji-category-max-size: 100 - emoji-category-ttl: "30m" - emoji-category-sweep-freq: "1m" - - follow-max-size: 2000 - follow-ttl: "30m" - follow-sweep-freq: "1m" - - follow-request-max-size: 2000 - follow-request-ttl: "30m" - follow-request-sweep-freq: "1m" - - media-max-size: 1000 - media-ttl: "30m" - media-sweep-freq: "1m" - - mention-max-size: 2000 - mention-ttl: "30m" - mention-sweep-freq: "1m" - - notification-max-size: 1000 - notification-ttl: "30m" - notification-sweep-freq: "1m" - - report-max-size: 100 - report-ttl: "30m" - report-sweep-freq: "1m" - - status-max-size: 2000 - status-ttl: "30m" - status-sweep-freq: "1m" - - status-fave-max-size: 2000 - status-fave-ttl: "30m" - status-fave-sweep-freq: "1m" - - tombstone-max-size: 500 - tombstone-ttl: "30m" - tombstone-sweep-freq: "1m" - - user-max-size: 500 - user-ttl: "30m" - user-sweep-freq: "1m" - - webfinger-max-size: 250 - webfinger-ttl: "24h" - webfinger-sweep-freq: "1m" + # cache.memory-target sets a target limit that + # the application will try to keep it's caches + # within. This is based on estimated sizes of + # in-memory objects, and so NOT AT ALL EXACT. + # Examples: ["100MiB", "200MiB", "500MiB", "1GiB"] + # Default: "100MiB" + memory-target: "100MiB" ###################### ##### WEB CONFIG ##### @@ -389,6 +303,15 @@ instance-expose-public-timeline: __INSTANCE_EXPOSE_PUBLIC_TIMELINE__ # Default: true instance-deliver-to-shared-inboxes: __INSTANCE_DELIVER_TO_SHARED_INBOXES__ +# Bool. This flag will inject a Mastodon version into the version field that +# is included in /api/v1/instance. This version is often used by Mastodon clients +# to do API feature detection. By injecting a Mastodon compatible version, it is +# possible to cajole those clients to behave correctly with GoToSocial. +# +# Options: [true, false] +# Default: false +instance-inject-mastodon-version: false + ########################### ##### ACCOUNTS CONFIG ##### ########################### @@ -426,6 +349,13 @@ accounts-reason-required: __ACCOUNTS_REASON_REQUIRED__ # Default: false accounts-allow-custom-css: __ACCOUNTS_ALLOW_CUSTOM_CSS__ +# Int. If accounts-allow-custom-css is true, this is the permitted length in characters for +# CSS uploaded by accounts on this instance. No effect if accounts-allow-custom-css is false. +# +# Examples: [500, 5000, 9999] +# Default: 10000 +accounts-custom-css-length: __ACCOUNTS_CUSTOM_CSS_LENGTH__ + ######################## ##### MEDIA CONFIG ##### ######################## @@ -459,8 +389,8 @@ media-description-max-chars: __MEDIA_DESCRIPTION_MAX_CHARS__ # are kept so that it can be fetched again if requested by a user. # # If this is set to 0, then media from remote instances will be cached indefinitely. -# Examples: [30, 60, 7, 0] -# Default: 30 +# Examples: 7 +# Default: 7 media-remote-cache-days: __MEDIA_REMOTE_CACHE_DAYS__ # Int. Max size in bytes of emojis uploaded to this instance via the admin API. @@ -476,7 +406,7 @@ media-emoji-local-max-size: __MEDIA_EMOJI_LOCAL_MAX_SIZE__ # This strikes a good balance between decent interoperability with instances that have # higher emoji size limits, and not taking up too much space in storage. # Examples: [51200, 102400] -# Default: 51200 +# Default: 102400 media-emoji-remote-max-size: __MEDIA_EMOJI_REMOTE_MAX_SIZE__ ########################## @@ -501,7 +431,7 @@ storage-local-base-path: "__DATA_DIR__" # String. API endpoint of the S3 compatible service. # Only required when running with the s3 storage backend. # Examples: ["minio:9000", "s3.nl-ams.scw.cloud", "s3.us-west-002.backblazeb2.com"] -# GoToSocial uses "DNS-style" when accessing buckets. +# GoToSocial uses "DNS-style" when accessing buckets. # If you are using Scaleways object storage, please remove the "bucket name" from the endpoint address # Default: "" storage-s3-endpoint: "__STORAGE_S3_ENDPOINT__" @@ -524,12 +454,14 @@ storage-s3-use-ssl: true # Examples: ["AKIAJSIE27KKMHXI3BJQ","miniouser"] # Default: "" storage-s3-access-key: "__STORAGE_S3_ACCESS_KEY__" + # String. Secret key part of the S3 credentials. # Consider setting this value using environment variables to avoid leaking it via the config file # Only required when running with the s3 storage backend. # Examples: ["5bEYu26084qjSFyclM/f2pz4gviSfoOg+mFwBH39","miniopassword"] # Default: "" storage-s3-secret-key: "__STORAGE_S3_SECRET_KEY__" + # String. Name of the storage bucket. # # If you have already encoded your bucket name in the storage-s3-endpoint, this @@ -619,7 +551,7 @@ letsencrypt-email-address: "" ##### MANUAL TLS CONFIG ##### ############################## -# String. Path to a PEM-encoded file on disk that includes the certificate chain +# String. Path to a PEM-encoded file on disk that includes the certificate chain # and the public key # Examples: ["/gotosocial/storage/certs/chain.pem"] # Default: "" @@ -762,7 +694,7 @@ syslog-enabled: false # String. Protocol to use when directing logs to syslog. Leave empty to connect to local syslog. # Options: ["udp", "tcp", ""] -# Default: "tcp" +# Default: "udp" syslog-protocol: "udp" # String. Address:port to send syslog logs to. Leave empty to connect to local syslog. @@ -800,6 +732,69 @@ tracing-endpoint: "" # Default: false tracing-insecure-transport: false +################################ +##### HTTP CLIENT SETTINGS ##### +################################ + +# Settings for OUTGOING http client connections used by GoToSocial to make +# requests to remote resources (status GETs, media GETs, inbox POSTs, etc). + +http-client: + + # Duration. Timeout to use for outgoing HTTP requests. If the timeout + # is exceeded, the connection to the remote server will be dropped. + # A value of 0s indicates no timeout: this is not advised! + # Examples: ["5s", "10s", "0s"] + # Default: "10s" + timeout: "10s" + + ######################################## + #### RESERVED IP RANGE EXCEPTIONS ###### + ######################################## + # + # Explicitly allow or block outgoing dialing within the provided IPv4/v6 CIDR ranges. + # + # By default, as a basic security precaution, GoToSocial blocks outgoing dialing within most "special-purpose" + # IP ranges. However, it may be desirable for admins with more exotic setups (proxies, funky NAT, etc) to + # explicitly override one or more of these otherwise blocked ranges. + # + # Each of the below allow/block config options accepts an array of IPv4 and/or IPv6 CIDR strings. + # For example, to override the hardcoded block of IPv4 and IPv6 dialing to localhost, set: + # + # allow-ips: ["127.0.0.1/32", "::1/128"]. + # + # You can also use YAML multi-line arrays to define these, but be diligent with indentation. + # + # When dialing, GoToSocial will first check if the destination falls within explicitly allowed IP ranges, + # then explicitly blocked IP ranges, then the default (hardcoded) blocked IP ranges, returning OK on the + # first allowed match, not OK on the first blocked match, or just defaulting to OK if nothing is matched. + # + # As with all security settings, it is better to start too restrictive and then ease off depending on + # your use case, than to start too permissive and try to close the stable door after the horse has + # already bolted. With this in mind: + # - Don't touch these settings unless you have a good reason to, and only if you know what you're doing. + # - When adding explicitly allowed exceptions, use the narrowest possible CIDR for your use case. + # + # For reserved / special ranges, see: + # - https://www.iana.org/assignments/iana-ipv4-special-registry/iana-ipv4-special-registry.xhtml + # - https://www.iana.org/assignments/iana-ipv6-special-registry/iana-ipv6-special-registry.xhtml + # + # Both allow-ips and block-ips default to an empty array. + allow-ips: [] + block-ips: [] + + # Bool. Disable verification of TLS certificates of remote servers. + # With this set to 'true', GoToSocial will not error when a remote + # server presents an invalid or self-signed certificate. + # + # THIS SETTING SHOULD BE USED FOR TESTING ONLY! IF YOU TURN THIS + # ON WHILE RUNNING IN PRODUCTION YOU ARE LEAVING YOUR SERVER WIDE + # OPEN TO MAN IN THE MIDDLE ATTACKS! DO NOT CHANGE THIS SETTING + # UNLESS YOU KNOW EXACTLY WHAT YOU'RE DOING AND WHY YOU'RE DOING IT. + # + # Default: false + tls-insecure-skip-verify: false + ############################# ##### ADVANCED SETTINGS ##### ############################# @@ -875,7 +870,7 @@ advanced-throttling-multiplier: 8 # Minimum resolution is 1 second. # # Examples: [30s, 10s, 5s, 1m] -# Default: 30s +# Default: "30s" advanced-throttling-retry-after: "30s" # Int. CPU multiplier for the amount of goroutines to spawn in order to send messages via ActivityPub. diff --git a/config_panel.toml b/config_panel.toml index 502ddd7..cd7aad4 100644 --- a/config_panel.toml +++ b/config_panel.toml @@ -65,6 +65,15 @@ Pour les instances avec des inscriptions publiques, il est **HAUTEMENT RECOMMAND Quelle que soit la valeur de ce paramètre, tout CSS téléchargé ne sera pas fédéré à d'autres instances, il ne sera affiché que sur les profils et les statuts de *cette* instance.""" type = "select" +[main.accounts.accounts_custom_css_length] +ask.en = "Custom CSS length?" +ask.fr = "Longueur du CSS personnalisé ?" +bind = "accounts-custom-css-length:__FINALPATH__/config.yaml" +default = "10000" +help.en = "If accounts-allow-custom-css is 'true', this is the permitted length in characters for CSS uploaded by accounts on this instance. No effect if accounts-allow-custom-css is 'false'. Default: 10000" +help.fr = "Si accounts-allow-custom-css est 'true', il s'agit de la longueur autorisée en caractères pour les feuilles de style CSS qui sont fournies par les comptes sur cette instance. Aucun effet si accounts-allow-custom-css est 'false'. Valeur par défaut : 10000" +type = "number" + ################# #### MEDIA CONFIG ################# diff --git a/doc/screenshots/screenshot.jpg b/doc/screenshots/screenshot.jpg deleted file mode 100644 index 1706dbd..0000000 Binary files a/doc/screenshots/screenshot.jpg and /dev/null differ diff --git a/doc/screenshots/screenshot.png b/doc/screenshots/screenshot.png new file mode 100644 index 0000000..750c214 Binary files /dev/null and b/doc/screenshots/screenshot.png differ diff --git a/scripts/install b/scripts/install index 591ae93..3d27d3c 100755 --- a/scripts/install +++ b/scripts/install @@ -18,6 +18,7 @@ client_max_body_size="100M" # Config stuff: accounts_allow_custom_css="false" +accounts_custom_css_length="10000" instance_expose_peers="false" instance_expose_suspended="false" @@ -68,6 +69,7 @@ ynh_app_setting_set --app="$app" --key=accounts_registration_open --value="$acco ynh_app_setting_set --app="$app" --key=accounts_approval_required --value="$accounts_approval_required" ynh_app_setting_set --app="$app" --key=accounts_reason_required --value="$accounts_reason_required" ynh_app_setting_set --app="$app" --key=accounts_allow_custom_css --value="$accounts_allow_custom_css" +ynh_app_setting_set --app="$app" --key=accounts_custom_css_length --value="$accounts_custom_css_length" ynh_app_setting_set --app="$app" --key=instance_expose_peers --value="$instance_expose_peers" ynh_app_setting_set --app="$app" --key=instance_expose_suspended --value="$instance_expose_suspended" diff --git a/scripts/upgrade b/scripts/upgrade index 69dad50..05322db 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -208,6 +208,15 @@ then fi fi +# Upgrade from <0.10.0~ynh1: +if ynh_compare_current_package_version --comparison lt --version 0.10.0~ynh1 || [ -z "$accounts_custom_css_length" ] +then + # declaration of new parameter + accounts_custom_css_length="10000" + # registration of parameter + ynh_app_setting_set --app="$app" --key=accounts_custom_css_length --value="$accounts_custom_css_length" +fi + #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #=================================================