diff options
Diffstat (limited to 'config')
| -rw-r--r-- | config/config.exs | 15 | ||||
| -rw-r--r-- | config/description.exs | 30 | ||||
| -rw-r--r-- | config/test.exs | 2 |
3 files changed, 38 insertions, 9 deletions
diff --git a/config/config.exs b/config/config.exs index 0e12d6e15..63e386250 100644 --- a/config/config.exs +++ b/config/config.exs @@ -678,7 +678,18 @@ config :pleroma, :rate_limit, config :pleroma, Pleroma.Workers.PurgeExpiredActivity, enabled: true, min_lifetime: 600 -config :pleroma, Pleroma.Plugs.RemoteIp, enabled: true +config :pleroma, Pleroma.Web.Plugs.RemoteIp, + enabled: true, + headers: ["x-forwarded-for"], + proxies: [], + reserved: [ + "127.0.0.0/8", + "::1/128", + "fc00::/7", + "10.0.0.0/8", + "172.16.0.0/12", + "192.168.0.0/16" + ] config :pleroma, :static_fe, enabled: false @@ -792,6 +803,8 @@ config :pleroma, :hackney_pools, timeout: 300_000 ] +config :pleroma, :majic_pool, size: 2 + private_instance? = :if_instance_is_private config :pleroma, :restrict_unauthenticated, diff --git a/config/description.exs b/config/description.exs index 4942e196d..88f2a6133 100644 --- a/config/description.exs +++ b/config/description.exs @@ -3256,10 +3256,10 @@ config :pleroma, :config_description, [ }, %{ group: :pleroma, - key: Pleroma.Plugs.RemoteIp, + key: Pleroma.Web.Plugs.RemoteIp, type: :group, description: """ - `Pleroma.Plugs.RemoteIp` is a shim to call [`RemoteIp`](https://git.pleroma.social/pleroma/remote_ip) but with runtime configuration. + `Pleroma.Web.Plugs.RemoteIp` is a shim to call [`RemoteIp`](https://git.pleroma.social/pleroma/remote_ip) but with runtime configuration. **If your instance is not behind at least one reverse proxy, you should not enable this plug.** """, children: [ @@ -3271,20 +3271,22 @@ config :pleroma, :config_description, [ %{ key: :headers, type: {:list, :string}, - description: - "A list of strings naming the `req_headers` to use when deriving the `remote_ip`. Order does not matter. Default: `~w[forwarded x-forwarded-for x-client-ip x-real-ip]`." + description: """ + A list of strings naming the HTTP headers to use when deriving the true client IP. Default: `["x-forwarded-for"]`. + """ }, %{ key: :proxies, type: {:list, :string}, description: - "A list of strings in [CIDR](https://en.wikipedia.org/wiki/CIDR) notation specifying the IPs of known proxies. Default: `[]`." + "A list of upstream proxy IP subnets in CIDR notation from which we will parse the content of `headers`. Defaults to `[]`. IPv4 entries without a bitmask will be assumed to be /32 and IPv6 /128." }, %{ key: :reserved, type: {:list, :string}, - description: - "Defaults to [localhost](https://en.wikipedia.org/wiki/Localhost) and [private network](https://en.wikipedia.org/wiki/Private_network)." + description: """ + A list of reserved IP subnets in CIDR notation which should be ignored if found in `headers`. Defaults to `["127.0.0.0/8", "::1/128", "fc00::/7", "10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16"]` + """ } ] }, @@ -3715,6 +3717,20 @@ config :pleroma, :config_description, [ }, %{ group: :pleroma, + key: :majic_pool, + type: :group, + description: "Majic/libmagic configuration", + children: [ + %{ + key: :size, + type: :integer, + description: "Number of majic workers to start.", + suggestions: [2] + } + ] + }, + %{ + group: :pleroma, key: Pleroma.Backup, type: :group, description: "Account Backup", diff --git a/config/test.exs b/config/test.exs index 95f860f2f..7cc660e3c 100644 --- a/config/test.exs +++ b/config/test.exs @@ -113,7 +113,7 @@ config :pleroma, Pleroma.Gun, Pleroma.GunMock config :pleroma, Pleroma.Emails.NewUsersDigestEmail, enabled: true -config :pleroma, Pleroma.Plugs.RemoteIp, enabled: false +config :pleroma, Pleroma.Web.Plugs.RemoteIp, enabled: false config :pleroma, Pleroma.Web.ApiSpec.CastAndValidate, strict: true |