Merge branch 'testing' into v2

2024-09-03 19:16:06 +02:00 · 2023-08-15 17:05:19 +02:00 · 2023-08-15 17:05:19 +02:00 · f1e4b3ec60
commit f1e4b3ec60
parent d7c2b3799f 36a2a744dc
8 changed files with 120 additions and 106 deletions
--- a/README.md
+++ b/README.md
@ -18,12 +18,11 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in

 GoToSocial is an [ActivityPub](https://activitypub.rocks/) social network server, written in Golang. With GoToSocial, you can keep in touch with your friends, post, read, and share images and articles. All without being tracked or advertised to!

-
-**Shipped version:** 0.9.0~ynh1
+**Shipped version:** 0.10.0~ynh1

 ## Screenshots

-![Screenshot of GoToSocial](./doc/screenshots/screenshot.jpg)
+![Screenshot of GoToSocial](./doc/screenshots/screenshot.png)

 ## :red_circle: Antifeatures

--- a/README_fr.md
+++ b/README_fr.md
@ -23,7 +23,7 @@ Un serveur de réseau social basé sur [ActivityPub](https://activitypub.rocks/)

 ## Captures d’écran

-![Capture d’écran de GoToSocial](./doc/screenshots/screenshot.jpg)
+![Capture d’écran de GoToSocial](./doc/screenshots/screenshot.png)

 ## :red_circle: Fonctions indésirables

--- a/conf/config.yaml
+++ b/conf/config.yaml
@ -195,10 +195,6 @@ db-tls-ca-cert: ""
 #
 # If you set the multiplier to less than 1, only one open connection will be used regardless of cpu count.
 #
-# PLEASE NOTE!!: This setting currently only applies for Postgres. SQLite will always use 1 connection regardless
-# of what is set here. This behavior will change in future when we implement better SQLITE_BUSY handling.
-# See https://github.com/superseriousbusiness/gotosocial/issues/1407 for more details.
-#
 # Examples: [16, 8, 10, 2]
 # Default: 8
 db-max-open-conns-multiplier: 8
@ -232,99 +228,17 @@ db-sqlite-cache-size: "8MiB"
 # If set to empty string or zero, the sqlite default will be used.
 # See: https://www.sqlite.org/pragma.html#pragma_busy_timeout
 # Examples: ["0s", "1s", "30s", "1m", "5m"]
-# Default: "5s"
-db-sqlite-busy-timeout: "5m"
+# Default: "30m"
+db-sqlite-busy-timeout: "30m"

 cache:
-  # Cache configuration options:
-  #
-  # max-size   = maximum cached objects count
-  # ttl        = cached object lifetime
-  # sweep-freq = frequency to look for stale cache objects
-  #              (zero will disable cache sweeping)
-
-  #############################
-  #### VISIBILITY CACHES ######
-  #############################
-  #
-  # Configure Status and account 
-  # visibility cache.
-
-  visibility-max-size: 2000
-  visibility-ttl: "30m"
-  visibility-sweep-freq: "1m"
-
-  gts:
-    ###########################
-    #### DATABASE CACHES ######
-    ###########################
-    #
-    # Configure GTS database
-    # model caches.
-
-    account-max-size: 2000
-    account-ttl: "30m"
-    account-sweep-freq: "1m"
-
-    block-max-size: 100
-    block-ttl: "30m"
-    block-sweep-freq: "1m"
-
-    domain-block-max-size: 2000
-    domain-block-ttl: "24h"
-    domain-block-sweep-freq: "1m"
-
-    emoji-max-size: 2000
-    emoji-ttl: "30m"
-    emoji-sweep-freq: "1m"
-
-    emoji-category-max-size: 100
-    emoji-category-ttl: "30m"
-    emoji-category-sweep-freq: "1m"
-
-    follow-max-size: 2000
-    follow-ttl: "30m"
-    follow-sweep-freq: "1m"
-
-    follow-request-max-size: 2000
-    follow-request-ttl: "30m"
-    follow-request-sweep-freq: "1m"
-
-    media-max-size: 1000
-    media-ttl: "30m"
-    media-sweep-freq: "1m"
-
-    mention-max-size: 2000
-    mention-ttl: "30m"
-    mention-sweep-freq: "1m"
-
-    notification-max-size: 1000
-    notification-ttl: "30m"
-    notification-sweep-freq: "1m"
-
-    report-max-size: 100
-    report-ttl: "30m"
-    report-sweep-freq: "1m"
-
-    status-max-size: 2000
-    status-ttl: "30m"
-    status-sweep-freq: "1m"
-
-    status-fave-max-size: 2000
-    status-fave-ttl: "30m"
-    status-fave-sweep-freq: "1m"
-
-    tombstone-max-size: 500
-    tombstone-ttl: "30m"
-    tombstone-sweep-freq: "1m"
-
-    user-max-size: 500
-    user-ttl: "30m"
-    user-sweep-freq: "1m"
-
-    webfinger-max-size: 250
-    webfinger-ttl: "24h"
-    webfinger-sweep-freq: "1m"
+  # cache.memory-target sets a target limit that
+  # the application will try to keep it's caches
+  # within. This is based on estimated sizes of
+  # in-memory objects, and so NOT AT ALL EXACT.
+  # Examples: ["100MiB", "200MiB", "500MiB", "1GiB"]
+  # Default: "100MiB"
+  memory-target: "100MiB"

 ######################
 ##### WEB CONFIG #####
@ -389,6 +303,15 @@ instance-expose-public-timeline: __INSTANCE_EXPOSE_PUBLIC_TIMELINE__
 # Default: true
 instance-deliver-to-shared-inboxes: __INSTANCE_DELIVER_TO_SHARED_INBOXES__

+# Bool. This flag will inject a Mastodon version into the version field that
+# is included in /api/v1/instance. This version is often used by Mastodon clients
+# to do API feature detection. By injecting a Mastodon compatible version, it is
+# possible to cajole those clients to behave correctly with GoToSocial.
+#
+# Options: [true, false]
+# Default: false
+instance-inject-mastodon-version: false
+
 ###########################
 ##### ACCOUNTS CONFIG #####
 ###########################
@ -426,6 +349,13 @@ accounts-reason-required: __ACCOUNTS_REASON_REQUIRED__
 # Default: false
 accounts-allow-custom-css: __ACCOUNTS_ALLOW_CUSTOM_CSS__

+# Int. If accounts-allow-custom-css is true, this is the permitted length in characters for
+# CSS uploaded by accounts on this instance. No effect if accounts-allow-custom-css is false.
+#
+# Examples: [500, 5000, 9999]
+# Default: 10000
+accounts-custom-css-length: __ACCOUNTS_CUSTOM_CSS_LENGTH__
+
 ########################
 ##### MEDIA CONFIG #####
 ########################
@ -459,8 +389,8 @@ media-description-max-chars: __MEDIA_DESCRIPTION_MAX_CHARS__
 # are kept so that it can be fetched again if requested by a user.
 #
 # If this is set to 0, then media from remote instances will be cached indefinitely.
-# Examples: [30, 60, 7, 0]
-# Default: 30
+# Examples: 7
+# Default: 7
 media-remote-cache-days: __MEDIA_REMOTE_CACHE_DAYS__

 # Int. Max size in bytes of emojis uploaded to this instance via the admin API.
@ -476,7 +406,7 @@ media-emoji-local-max-size: __MEDIA_EMOJI_LOCAL_MAX_SIZE__
 # This strikes a good balance between decent interoperability with instances that have
 # higher emoji size limits, and not taking up too much space in storage.
 # Examples: [51200, 102400]
-# Default: 51200
+# Default: 102400
 media-emoji-remote-max-size: __MEDIA_EMOJI_REMOTE_MAX_SIZE__

 ##########################
@ -501,7 +431,7 @@ storage-local-base-path: "__DATA_DIR__"
 # String. API endpoint of the S3 compatible service.
 # Only required when running with the s3 storage backend.
 # Examples: ["minio:9000", "s3.nl-ams.scw.cloud", "s3.us-west-002.backblazeb2.com"]
-# GoToSocial uses "DNS-style" when accessing buckets. 
+# GoToSocial uses "DNS-style" when accessing buckets.
 # If you are using Scaleways object storage, please remove the "bucket name" from the endpoint address
 # Default: ""
 storage-s3-endpoint: "__STORAGE_S3_ENDPOINT__"
@ -524,12 +454,14 @@ storage-s3-use-ssl: true
 # Examples: ["AKIAJSIE27KKMHXI3BJQ","miniouser"]
 # Default: ""
 storage-s3-access-key: "__STORAGE_S3_ACCESS_KEY__"
+
 # String. Secret key part of the S3 credentials.
 # Consider setting this value using environment variables to avoid leaking it via the config file
 # Only required when running with the s3 storage backend.
 # Examples: ["5bEYu26084qjSFyclM/f2pz4gviSfoOg+mFwBH39","miniopassword"]
 # Default: ""
 storage-s3-secret-key: "__STORAGE_S3_SECRET_KEY__"
+
 # String. Name of the storage bucket.
 #
 # If you have already encoded your bucket name in the storage-s3-endpoint, this
@ -619,7 +551,7 @@ letsencrypt-email-address: ""
 ##### MANUAL TLS CONFIG  #####
 ##############################

-# String. Path to a PEM-encoded file on disk that includes the certificate chain 
+# String. Path to a PEM-encoded file on disk that includes the certificate chain
 # and the public key
 # Examples: ["/gotosocial/storage/certs/chain.pem"]
 # Default: ""
@ -762,7 +694,7 @@ syslog-enabled: false

 # String. Protocol to use when directing logs to syslog. Leave empty to connect to local syslog.
 # Options: ["udp", "tcp", ""]
-# Default: "tcp"
+# Default: "udp"
 syslog-protocol: "udp"

 # String. Address:port to send syslog logs to. Leave empty to connect to local syslog.
@ -800,6 +732,69 @@ tracing-endpoint: ""
 # Default: false
 tracing-insecure-transport: false

+################################
+##### HTTP CLIENT SETTINGS #####
+################################
+
+# Settings for OUTGOING http client connections used by GoToSocial to make
+# requests to remote resources (status GETs, media GETs, inbox POSTs, etc).
+
+http-client:
+
+  # Duration. Timeout to use for outgoing HTTP requests. If the timeout
+  # is exceeded, the connection to the remote server will be dropped.
+  # A value of 0s indicates no timeout: this is not advised!
+  # Examples: ["5s", "10s", "0s"]
+  # Default: "10s"
+  timeout: "10s"
+
+  ########################################
+  #### RESERVED IP RANGE EXCEPTIONS ######
+  ########################################
+  #
+  # Explicitly allow or block outgoing dialing within the provided IPv4/v6 CIDR ranges.
+  #
+  # By default, as a basic security precaution, GoToSocial blocks outgoing dialing within most "special-purpose"
+  # IP ranges. However, it may be desirable for admins with more exotic setups (proxies, funky NAT, etc) to
+  # explicitly override one or more of these otherwise blocked ranges.
+  #
+  # Each of the below allow/block config options accepts an array of IPv4 and/or IPv6 CIDR strings.
+  # For example, to override the hardcoded block of IPv4 and IPv6 dialing to localhost, set:
+  #
+  #   allow-ips: ["127.0.0.1/32", "::1/128"].
+  #
+  # You can also use YAML multi-line arrays to define these, but be diligent with indentation.
+  #
+  # When dialing, GoToSocial will first check if the destination falls within explicitly allowed IP ranges,
+  # then explicitly blocked IP ranges, then the default (hardcoded) blocked IP ranges, returning OK on the
+  # first allowed match, not OK on the first blocked match, or just defaulting to OK if nothing is matched.
+  #
+  # As with all security settings, it is better to start too restrictive and then ease off depending on
+  # your use case, than to start too permissive and try to close the stable door after the horse has
+  # already bolted. With this in mind:
+  # - Don't touch these settings unless you have a good reason to, and only if you know what you're doing.
+  # - When adding explicitly allowed exceptions, use the narrowest possible CIDR for your use case.
+  #
+  # For reserved / special ranges, see:
+  # - https://www.iana.org/assignments/iana-ipv4-special-registry/iana-ipv4-special-registry.xhtml
+  # - https://www.iana.org/assignments/iana-ipv6-special-registry/iana-ipv6-special-registry.xhtml
+  #
+  # Both allow-ips and block-ips default to an empty array.
+  allow-ips: []
+  block-ips: []
+
+  # Bool. Disable verification of TLS certificates of remote servers.
+  # With this set to 'true', GoToSocial will not error when a remote
+  # server presents an invalid or self-signed certificate.
+  #
+  # THIS SETTING SHOULD BE USED FOR TESTING ONLY! IF YOU TURN THIS
+  # ON WHILE RUNNING IN PRODUCTION YOU ARE LEAVING YOUR SERVER WIDE
+  # OPEN TO MAN IN THE MIDDLE ATTACKS! DO NOT CHANGE THIS SETTING 
+  # UNLESS YOU KNOW EXACTLY WHAT YOU'RE DOING AND WHY YOU'RE DOING IT.
+  #
+  # Default: false
+  tls-insecure-skip-verify: false
+
 #############################
 ##### ADVANCED SETTINGS #####
 #############################
@ -875,7 +870,7 @@ advanced-throttling-multiplier: 8
 # Minimum resolution is 1 second.
 #
 # Examples: [30s, 10s, 5s, 1m]
-# Default: 30s
+# Default: "30s"
 advanced-throttling-retry-after: "30s"

 # Int. CPU multiplier for the amount of goroutines to spawn in order to send messages via ActivityPub.
--- a/config_panel.toml
+++ b/config_panel.toml
@ -65,6 +65,15 @@ Pour les instances avec des inscriptions publiques, il est **HAUTEMENT RECOMMAND
 Quelle que soit la valeur de ce paramètre, tout CSS téléchargé ne sera pas fédéré à d'autres instances, il ne sera affiché que sur les profils et les statuts de *cette* instance."""
 type = "select"

+[main.accounts.accounts_custom_css_length]
+ask.en = "Custom CSS length?"
+ask.fr = "Longueur du CSS personnalisé ?"
+bind = "accounts-custom-css-length:__FINALPATH__/config.yaml"
+default = "10000"
+help.en = "If accounts-allow-custom-css is 'true', this is the permitted length in characters for CSS uploaded by accounts on this instance. No effect if accounts-allow-custom-css is 'false'. Default: 10000"
+help.fr = "Si accounts-allow-custom-css est 'true', il s'agit de la longueur autorisée en caractères pour les feuilles de style CSS qui sont fournies par les comptes sur cette instance. Aucun effet si accounts-allow-custom-css est 'false'. Valeur par défaut : 10000"
+type = "number"
+
 #################
 #### MEDIA CONFIG
 #################
--- a/doc/screenshots/screenshot.jpg
+++ b/doc/screenshots/screenshot.jpg
--- a/doc/screenshots/screenshot.png
+++ b/doc/screenshots/screenshot.png
--- a/scripts/install
+++ b/scripts/install
@ -18,6 +18,7 @@ client_max_body_size="100M"

 # Config stuff:
 accounts_allow_custom_css="false"
+accounts_custom_css_length="10000"

 instance_expose_peers="false"
 instance_expose_suspended="false"
@ -68,6 +69,7 @@ ynh_app_setting_set --app="$app" --key=accounts_registration_open --value="$acco
 ynh_app_setting_set --app="$app" --key=accounts_approval_required --value="$accounts_approval_required"
 ynh_app_setting_set --app="$app" --key=accounts_reason_required --value="$accounts_reason_required"
 ynh_app_setting_set --app="$app" --key=accounts_allow_custom_css --value="$accounts_allow_custom_css"
+ynh_app_setting_set --app="$app" --key=accounts_custom_css_length --value="$accounts_custom_css_length"

 ynh_app_setting_set --app="$app" --key=instance_expose_peers --value="$instance_expose_peers"
 ynh_app_setting_set --app="$app" --key=instance_expose_suspended --value="$instance_expose_suspended"
--- a/scripts/upgrade
+++ b/scripts/upgrade
@ -208,6 +208,15 @@ then
 	fi
 fi

+# Upgrade from <0.10.0~ynh1:
+if ynh_compare_current_package_version --comparison lt --version 0.10.0~ynh1 || [ -z "$accounts_custom_css_length" ]
+then
+	# declaration of new parameter
+	accounts_custom_css_length="10000"
+	# registration of parameter
+	ynh_app_setting_set --app="$app" --key=accounts_custom_css_length --value="$accounts_custom_css_length"
+fi
+
 #=================================================
 # DOWNLOAD, CHECK AND UNPACK SOURCE
 #=================================================