diff options
Diffstat (limited to 'config')
-rw-r--r-- | config/config.exs | 296 | ||||
-rw-r--r-- | config/config.md | 111 | ||||
-rw-r--r-- | config/dev.exs | 5 | ||||
-rw-r--r-- | config/emoji.txt | 5 | ||||
-rw-r--r-- | config/test.exs | 36 |
5 files changed, 322 insertions, 131 deletions
diff --git a/config/config.exs b/config/config.exs index 12f47389c..595e3505c 100644 --- a/config/config.exs +++ b/config/config.exs @@ -1,3 +1,41 @@ +# .i;;;;i. +# iYcviii;vXY: +# .YXi .i1c. +# .YC. . in7. +# .vc. ...... ;1c. +# i7, .. .;1; +# i7, .. ... .Y1i +# ,7v .6MMM@; .YX, +# .7;. ..IMMMMMM1 :t7. +# .;Y. ;$MMMMMM9. :tc. +# vY. .. .nMMM@MMU. ;1v. +# i7i ... .#MM@M@C. .....:71i +# it: .... $MMM@9;.,i;;;i,;tti +# :t7. ..... 0MMMWv.,iii:::,,;St. +# .nC. ..... IMMMQ..,::::::,.,czX. +# .ct: ....... .ZMMMI..,:::::::,,:76Y. +# c2: ......,i..Y$M@t..:::::::,,..inZY +# vov ......:ii..c$MBc..,,,,,,,,,,..iI9i +# i9Y ......iii:..7@MA,..,,,,,,,,,....;AA: +# iIS. ......:ii::..;@MI....,............;Ez. +# .I9. ......:i::::...8M1..................C0z. +# .z9; ......:i::::,.. .i:...................zWX. +# vbv ......,i::::,,. ................. :AQY +# c6Y. .,...,::::,,..:t0@@QY. ................ :8bi +# :6S. ..,,...,:::,,,..EMMMMMMI. ............... .;bZ, +# :6o, .,,,,..:::,,,..i#MMMMMM#v................. YW2. +# .n8i ..,,,,,,,::,,,,.. tMMMMM@C:.................. .1Wn +# 7Uc. .:::,,,,,::,,,,.. i1t;,..................... .UEi +# 7C...::::::::::::,,,,.. .................... vSi. +# ;1;...,,::::::,......... .................. Yz: +# v97,......... .voC. +# izAotX7777777777777777777777777777777777777777Y7n92: +# .;CoIIIIIUAA666666699999ZZZZZZZZZZZZZZZZZZZZ6ov. +# +# !!! ATTENTION !!! +# DO NOT EDIT THIS FILE! THIS FILE CONTAINS THE DEFAULT VALUES FOR THE CON- +# FIGURATION! EDIT YOUR SECRET FILE (either prod.secret.exs, dev.secret.exs). +# # This file is responsible for configuring your application # and its dependencies with the aid of the Mix.Config module. # @@ -8,14 +46,45 @@ use Mix.Config # General application configuration config :pleroma, ecto_repos: [Pleroma.Repo] -config :pleroma, Pleroma.Repo, types: Pleroma.PostgresTypes +config :pleroma, Pleroma.Repo, + types: Pleroma.PostgresTypes, + telemetry_event: [Pleroma.Repo.Instrumenter] + +config :pleroma, Pleroma.Captcha, + enabled: false, + seconds_valid: 60, + method: Pleroma.Captcha.Kocaptcha + +config :pleroma, :hackney_pools, + federation: [ + max_connections: 50, + timeout: 150_000 + ], + media: [ + max_connections: 50, + timeout: 150_000 + ], + upload: [ + max_connections: 25, + timeout: 300_000 + ] + +config :pleroma, Pleroma.Captcha.Kocaptcha, endpoint: "https://captcha.kotobank.ch" # Upload configuration config :pleroma, Pleroma.Upload, uploader: Pleroma.Uploaders.Local, - filters: [], + filters: [Pleroma.Upload.Filter.Dedupe], + link_name: true, proxy_remote: false, - proxy_opts: [] + proxy_opts: [ + redirect_on_failure: false, + max_body_length: 25 * 1_048_576, + http: [ + follow_redirect: true, + pool: :upload + ] + ] config :pleroma, Pleroma.Uploaders.Local, uploads: "uploads" @@ -27,7 +96,13 @@ config :pleroma, Pleroma.Uploaders.MDII, cgi: "https://mdii.sakura.ne.jp/mdii-post.cgi", files: "https://mdii.sakura.ne.jp" -config :pleroma, :emoji, shortcode_globs: ["/emoji/custom/**/*.png"] +config :pleroma, :emoji, + shortcode_globs: ["/emoji/custom/**/*.png"], + groups: [ + # Put groups that have higher priority than defaults here. Example in `docs/config/custom_emoji.md` + Finmoji: "/finmoji/128px/*-128.png", + Custom: ["/emoji/*.png", "/emoji/custom/*.png"] + ] config :pleroma, :uri_schemes, valid_schemes: [ @@ -47,24 +122,63 @@ config :pleroma, :uri_schemes, "xmpp" ] +websocket_config = [ + path: "/websocket", + serializer: [ + {Phoenix.Socket.V1.JSONSerializer, "~> 1.0.0"}, + {Phoenix.Socket.V2.JSONSerializer, "~> 2.0.0"} + ], + timeout: 60_000, + transport_log: false, + compress: false +] + # Configures the endpoint config :pleroma, Pleroma.Web.Endpoint, + instrumenters: [Pleroma.Web.Endpoint.Instrumenter], url: [host: "localhost"], + http: [ + dispatch: [ + {:_, + [ + {"/api/v1/streaming", Pleroma.Web.MastodonAPI.WebsocketHandler, []}, + {"/websocket", Phoenix.Endpoint.CowboyWebSocket, + {Phoenix.Transports.WebSocket, + {Pleroma.Web.Endpoint, Pleroma.Web.UserSocket, websocket_config}}}, + {:_, Phoenix.Endpoint.Cowboy2Handler, {Pleroma.Web.Endpoint, []}} + ]} + ] + ], protocol: "https", secret_key_base: "aK4Abxf29xU9TTDKre9coZPUgevcVCFQJe/5xP/7Lt4BEif6idBIbjupVbOrbKxl", signing_salt: "CqaoopA2", render_errors: [view: Pleroma.Web.ErrorView, accepts: ~w(json)], pubsub: [name: Pleroma.PubSub, adapter: Phoenix.PubSub.PG2], - secure_cookie_flag: true + secure_cookie_flag: true, + extra_cookie_attrs: [ + "SameSite=Lax" + ] # Configures Elixir's Logger config :logger, :console, format: "$time $metadata[$level] $message\n", metadata: [:request_id] +config :logger, :ex_syslogger, + level: :debug, + ident: "Pleroma", + format: "$metadata[$level] $message", + metadata: [:request_id] + +config :quack, + level: :warn, + meta: [:all], + webhook_url: "https://hooks.slack.com/services/YOUR-KEY-HERE" + config :mime, :types, %{ "application/xml" => ["xml"], "application/xrd+xml" => ["xrd+xml"], + "application/jrd+json" => ["jrd+json"], "application/activity+json" => ["activity+json"], "application/ld+json" => ["activity+json"] } @@ -72,33 +186,52 @@ config :mime, :types, %{ config :pleroma, :websub, Pleroma.Web.Websub config :pleroma, :ostatus, Pleroma.Web.OStatus config :pleroma, :httpoison, Pleroma.HTTP +config :tesla, adapter: Tesla.Adapter.Hackney # Configures http settings, upstream proxy etc. -config :pleroma, :http, proxy_url: nil +config :pleroma, :http, + proxy_url: nil, + adapter: [ + ssl_options: [ + # We don't support TLS v1.3 yet + versions: [:tlsv1, :"tlsv1.1", :"tlsv1.2"] + ] + ] config :pleroma, :instance, name: "Pleroma", email: "example@example.com", + notify_email: "noreply@example.com", description: "A Pleroma instance, an alternative fediverse server", - limit: 5000, + limit: 5_000, + remote_limit: 100_000, upload_limit: 16_000_000, avatar_upload_limit: 2_000_000, background_upload_limit: 4_000_000, banner_upload_limit: 4_000_000, registrations_open: true, federating: true, + federation_reachability_timeout_days: 7, allow_relay: true, rewrite_policy: Pleroma.Web.ActivityPub.MRF.NoOpPolicy, public: true, quarantined_instances: [], managed_config: true, + static_dir: "instance/static/", allowed_post_formats: [ "text/plain", "text/html", "text/markdown" ], finmoji_enabled: true, - mrf_transparency: true + mrf_transparency: true, + autofollowed_nicknames: [], + max_pinned_statuses: 1, + no_attachment_links: false, + welcome_user_nickname: nil, + welcome_message: nil, + max_report_comment_size: 1000, + safe_dm_mentions: false config :pleroma, :markup, # XXX - unfortunately, inline images must be enabled by default right now, because @@ -112,6 +245,7 @@ config :pleroma, :markup, Pleroma.HTML.Scrubber.Default ] +# Deprecated, will be gone in 1.0 config :pleroma, :fe, theme: "pleroma-dark", logo: "/static/logo.png", @@ -125,7 +259,31 @@ config :pleroma, :fe, formatting_options_enabled: false, collapse_message_with_subject: false, hide_post_stats: false, - hide_user_stats: false + hide_user_stats: false, + scope_copy: true, + subject_line_behavior: "email", + always_show_subject_input: true + +config :pleroma, :frontend_configurations, + pleroma_fe: %{ + theme: "pleroma-dark", + logo: "/static/logo.png", + background: "/images/city.jpg", + redirectRootNoLogin: "/main/all", + redirectRootLogin: "/main/friends", + showInstanceSpecificPanel: true, + scopeOptionsEnabled: false, + formattingOptionsEnabled: false, + collapseMessageWithSubject: false, + hidePostStats: false, + hideUserStats: false, + scopeCopy: true, + subjectLineBehavior: "email", + alwaysShowSubjectInput: true + }, + masto_fe: %{ + showInstanceSpecificPanel: true + } config :pleroma, :activitypub, accept_blocks: true, @@ -141,6 +299,10 @@ config :pleroma, :mrf_rejectnonpublic, allow_followersonly: false, allow_direct: false +config :pleroma, :mrf_hellthread, + delist_threshold: 10, + reject_threshold: 20 + config :pleroma, :mrf_simple, media_removal: [], media_nsfw: [], @@ -148,18 +310,26 @@ config :pleroma, :mrf_simple, reject: [], accept: [] +config :pleroma, :mrf_keyword, + reject: [], + federated_timeline_removal: [], + replace: [] + +config :pleroma, :rich_media, enabled: true + config :pleroma, :media_proxy, enabled: false, - # base_url: "https://cache.pleroma.social", proxy_opts: [ - # inline_content_types: [] | false | true, - # http: [:insecure] + redirect_on_failure: false, + max_body_length: 25 * 1_048_576, + http: [ + follow_redirect: true, + pool: :media + ] ] config :pleroma, :chat, enabled: true -config :ecto, json_library: Jason - config :phoenix, :format_encoders, json: Jason config :pleroma, :gopher, @@ -167,6 +337,8 @@ config :pleroma, :gopher, ip: {0, 0, 0, 0}, port: 9999 +config :pleroma, Pleroma.Web.Metadata, providers: [], unfurl_nsfw: false + config :pleroma, :suggestions, enabled: false, third_party_engine: @@ -196,6 +368,102 @@ config :cors_plug, credentials: true, headers: ["Authorization", "Content-Type", "Idempotency-Key"] +config :pleroma, Pleroma.User, + restricted_nicknames: [ + ".well-known", + "~", + "about", + "activities", + "api", + "auth", + "dev", + "friend-requests", + "inbox", + "internal", + "main", + "media", + "nodeinfo", + "notice", + "oauth", + "objects", + "ostatus_subscribe", + "pleroma", + "proxy", + "push", + "registration", + "relay", + "settings", + "status", + "tag", + "user-search", + "users", + "web" + ] + +config :pleroma, Pleroma.Web.Federator.RetryQueue, + enabled: false, + max_jobs: 20, + initial_timeout: 30, + max_retries: 5 + +config :pleroma_job_queue, :queues, + federator_incoming: 50, + federator_outgoing: 50, + web_push: 50, + mailer: 10, + transmogrifier: 20, + scheduled_activities: 10 + +config :pleroma, :fetch_initial_posts, + enabled: false, + pages: 5 + +config :auto_linker, + opts: [ + scheme: true, + extra: true, + class: false, + strip_prefix: false, + new_window: false, + rel: false + ] + +config :pleroma, :ldap, + enabled: System.get_env("LDAP_ENABLED") == "true", + host: System.get_env("LDAP_HOST") || "localhost", + port: String.to_integer(System.get_env("LDAP_PORT") || "389"), + ssl: System.get_env("LDAP_SSL") == "true", + sslopts: [], + tls: System.get_env("LDAP_TLS") == "true", + tlsopts: [], + base: System.get_env("LDAP_BASE") || "dc=example,dc=com", + uid: System.get_env("LDAP_UID") || "cn" + +oauth_consumer_strategies = String.split(System.get_env("OAUTH_CONSUMER_STRATEGIES") || "") + +ueberauth_providers = + for strategy <- oauth_consumer_strategies do + strategy_module_name = "Elixir.Ueberauth.Strategy.#{String.capitalize(strategy)}" + strategy_module = String.to_atom(strategy_module_name) + {String.to_atom(strategy), {strategy_module, [callback_params: ["state"]]}} + end + +config :ueberauth, + Ueberauth, + base_path: "/oauth", + providers: ueberauth_providers + +config :pleroma, :auth, oauth_consumer_strategies: oauth_consumer_strategies + +config :pleroma, Pleroma.Emails.Mailer, adapter: Swoosh.Adapters.Sendmail + +config :prometheus, Pleroma.Web.Endpoint.MetricsExporter, path: "/api/pleroma/app_metrics" + +config :pleroma, Pleroma.ScheduledActivity, + daily_user_limit: 25, + total_user_limit: 300, + enabled: true + # Import environment specific config. This must remain at the bottom # of this file so it overrides the configuration defined above. import_config "#{Mix.env()}.exs" diff --git a/config/config.md b/config/config.md deleted file mode 100644 index 47e838dd6..000000000 --- a/config/config.md +++ /dev/null @@ -1,111 +0,0 @@ -# Configuration - -This file describe the configuration, it is recommended to edit the relevant *.secret.exs file instead of the others founds in the ``config`` directory. -If you run Pleroma with ``MIX_ENV=prod`` the file is ``prod.secret.exs``, otherwise it is ``dev.secret.exs``. - -## Pleroma.Upload -* `uploader`: Select which `Pleroma.Uploaders` to use -* `filters`: List of `Pleroma.Upload.Filter` to use. -* `base_url`: The base URL to access a user-uploaded file. Useful when you want to proxy the media files via another host. -* `proxy_remote`: If you're using a remote uploader, Pleroma will proxy media requests instead of redirecting to it. -* `proxy_opts`: Proxy options, see `Pleroma.ReverseProxy` documentation. - -Note: `strip_exif` has been replaced by `Pleroma.Upload.Filter.Mogrify`. - -## Pleroma.Uploaders.Local -* `uploads`: Which directory to store the user-uploads in, relative to pleroma’s working directory - -## Pleroma.Upload.Filter.Mogrify - -* `args`: List of actions for the `mogrify` command like `"strip"` or `["strip", {"impode", "1"}]`. - -## :uri_schemes -* `valid_schemes`: List of the scheme part that is considered valid to be an URL - -## :instance -* `name`: The instance’s name -* `email`: Email used to reach an Administrator/Moderator of the instance -* `description`: The instance’s description, can be seen in nodeinfo and ``/api/v1/instance`` -* `limit`: Posts character limit (CW/Subject included in the counter) -* `upload_limit`: File size limit of uploads (except for avatar, background, banner) -* `avatar_upload_limit`: File size limit of user’s profile avatars -* `background_upload_limit`: File size limit of user’s profile backgrounds -* `banner_upload_limit`: File size limit of user’s profile backgrounds -* `registerations_open`: Enable registerations for anyone, invitations can be used when false. -* `federating` -* `allow_relay`: Enable Pleroma’s Relay, which makes it possible to follow a whole instance -* `rewrite_policy`: Message Rewrite Policy, either one or a list. Here are the ones available by default: - * `Pleroma.Web.ActivityPub.MRF.NoOpPolicy`: Doesn’t modify activities (default) - * `Pleroma.Web.ActivityPub.MRF.DropPolicy`: Drops all activities. It generally doesn’t makes sense to use in production - * `Pleroma.Web.ActivityPub.MRF.SimplePolicy`: Restrict the visibility of activities from certains instances (See ``:mrf_simple`` section) - * `Pleroma.Web.ActivityPub.MRF.RejectNonPublic`: Drops posts with non-public visibility settings (See ``:mrf_rejectnonpublic`` section) -* `public`: Makes the client API in authentificated mode-only except for user-profiles. Useful for disabling the Local Timeline and The Whole Known Network. -* `quarantined_instances`: List of ActivityPub instances where private(DMs, followers-only) activities will not be send. -* `managed_config`: Whenether the config for pleroma-fe is configured in this config or in ``static/config.json`` -* `allowed_post_formats`: MIME-type list of formats allowed to be posted (transformed into HTML) -* `finmoji_enabled`: Whenether to enable the finmojis in the custom emojis. -* `mrf_transparency`: Make the content of your Message Rewrite Facility settings public (via nodeinfo). - -## :fe -This section is used to configure Pleroma-FE, unless ``:managed_config`` in ``:instance`` is set to false. - -* `theme`: Which theme to use, they are defined in ``styles.json`` -* `logo`: URL of the logo, defaults to Pleroma’s logo -* `logo_mask`: Whenether to mask the logo -* `logo_margin`: What margin to use around the logo -* `background`: URL of the background, unless viewing a user profile with a background that is set -* `redirect_root_no_login`: relative URL which indicates where to redirect when a user isn’t logged in. -* `redirect_root_login`: relative URL which indicates where to redirect when a user is logged in. -* `show_instance_panel`: Whenether to show the instance’s specific panel. -* `scope_options_enabled`: Enable setting an notice visibility and subject/CW when posting -* `formatting_options_enabled`: Enable setting a formatting different than plain-text (ie. HTML, Markdown) when posting, relates to ``:instance, allowed_post_formats`` -* `collapse_message_with_subjects`: When a message has a subject(aka Content Warning), collapse it by default -* `hide_post_stats`: Hide notices statistics(repeats, favorites, …) -* `hide_user_stats`: Hide profile statistics(posts, posts per day, followers, followings, …) - -## :mrf_simple -* `media_removal`: List of instances to remove medias from -* `media_nsfw`: List of instances to put medias as NSFW(sensitive) from -* `federated_timeline_removal`: List of instances to remove from Federated (aka The Whole Known Network) Timeline -* `reject`: List of instances to reject any activities from -* `accept`: List of instances to accept any activities from - -## :mrf_rejectnonpublic -* `allow_followersonly`: whether to allow followers-only posts -* `allow_direct`: whether to allow direct messages - -## :media_proxy -* `enabled`: Enables proxying of remote media to the instance’s proxy -* `base_url`: The base URL to access a user-uploaded file. Useful when you want to proxy the media files via another host/CDN fronts. -* `proxy_opts`: All options defined in `Pleroma.ReverseProxy` documentation, defaults to `[max_body_length: (25*1_048_576)]`. - -## :gopher -* `enabled`: Enables the gopher interface -* `ip`: IP address to bind to -* `port`: Port to bind to - -## :activitypub -* ``accept_blocks``: Whether to accept incoming block activities from other instances -* ``unfollow_blocked``: Whether blocks result in people getting unfollowed -* ``outgoing_blocks``: Whether to federate blocks to other instances -* ``deny_follow_blocked``: Whether to disallow following an account that has blocked the user in question - -## :http_security -* ``enabled``: Whether the managed content security policy is enabled -* ``sts``: Whether to additionally send a `Strict-Transport-Security` header -* ``sts_max_age``: The maximum age for the `Strict-Transport-Security` header if sent -* ``ct_max_age``: The maximum age for the `Expect-CT` header if sent -* ``referrer_policy``: The referrer policy to use, either `"same-origin"` or `"no-referrer"`. - -## :mrf_user_allowlist - -The keys in this section are the domain names that the policy should apply to. -Each key should be assigned a list of users that should be allowed through by -their ActivityPub ID. - -An example: - -``` -config :pleroma, :mrf_user_allowlist, - "example.org": ["https://example.org/users/admin"] -``` diff --git a/config/dev.exs b/config/dev.exs index 166be721a..0432adce7 100644 --- a/config/dev.exs +++ b/config/dev.exs @@ -15,7 +15,10 @@ config :pleroma, Pleroma.Web.Endpoint, debug_errors: true, code_reloader: true, check_origin: false, - watchers: [] + watchers: [], + secure_cookie_flag: false + +config :pleroma, Pleroma.Emails.Mailer, adapter: Swoosh.Adapters.Local # ## SSL Support # diff --git a/config/emoji.txt b/config/emoji.txt index 7afacb09f..79246f239 100644 --- a/config/emoji.txt +++ b/config/emoji.txt @@ -1,5 +1,5 @@ -firefox, /emoji/Firefox.gif -blank, /emoji/blank.png +firefox, /emoji/Firefox.gif, Gif,Fun +blank, /emoji/blank.png, Fun f_00b, /emoji/f_00b.png f_00b11b, /emoji/f_00b11b.png f_00b33b, /emoji/f_00b33b.png @@ -28,4 +28,3 @@ f_33b00b, /emoji/f_33b00b.png f_33b22b, /emoji/f_33b22b.png f_33h, /emoji/f_33h.png f_33t, /emoji/f_33t.png - diff --git a/config/test.exs b/config/test.exs index 3aaed1b2c..f93bc5994 100644 --- a/config/test.exs +++ b/config/test.exs @@ -4,13 +4,29 @@ use Mix.Config # you can enable the server option below. config :pleroma, Pleroma.Web.Endpoint, http: [port: 4001], - server: false + url: [port: 4001], + server: true + +# Disable captha for tests +config :pleroma, Pleroma.Captcha, + # It should not be enabled for automatic tests + enabled: false, + # A fake captcha service for tests + method: Pleroma.Captcha.Mock # Print only warnings and errors during test config :logger, level: :warn +config :pleroma, Pleroma.Upload, filters: [], link_name: false + config :pleroma, Pleroma.Uploaders.Local, uploads: "test/uploads" +config :pleroma, Pleroma.Emails.Mailer, adapter: Swoosh.Adapters.Test + +config :pleroma, :instance, + email: "admin@example.com", + notify_email: "noreply@example.com" + # Configure your database config :pleroma, Pleroma.Repo, adapter: Ecto.Adapters.Postgres, @@ -25,7 +41,23 @@ config :pbkdf2_elixir, rounds: 1 config :pleroma, :websub, Pleroma.Web.WebsubMock config :pleroma, :ostatus, Pleroma.Web.OStatusMock -config :pleroma, :httpoison, HTTPoisonMock +config :tesla, adapter: Tesla.Mock +config :pleroma, :rich_media, enabled: false + +config :web_push_encryption, :vapid_details, + subject: "mailto:administrator@example.com", + public_key: + "BLH1qVhJItRGCfxgTtONfsOKDc9VRAraXw-3NsmjMngWSh7NxOizN6bkuRA7iLTMPS82PjwJAr3UoK9EC1IFrz4", + private_key: "_-XZ0iebPrRfZ_o0-IatTdszYa8VCH1yLN-JauK7HHA" + +config :web_push_encryption, :http_client, Pleroma.Web.WebPushHttpClientMock + +config :pleroma_job_queue, disabled: true + +config :pleroma, Pleroma.ScheduledActivity, + daily_user_limit: 2, + total_user_limit: 3, + enabled: false try do import_config "test.secret.exs" |