From ec1452fd1cdb9cb1db9b8bad872916d3213489e2 Mon Sep 17 00:00:00 2001 From: href Date: Thu, 14 May 2020 21:36:31 +0200 Subject: Pleroma.MIME: use gen_magic --- config/config.exs | 2 ++ config/description.exs | 14 ++++++++++++++ 2 files changed, 16 insertions(+) (limited to 'config') diff --git a/config/config.exs b/config/config.exs index 6a7bb9e06..65aa8643e 100644 --- a/config/config.exs +++ b/config/config.exs @@ -678,6 +678,8 @@ config :pleroma, :hackney_pools, timeout: 300_000 ] +config :pleroma, :gen_magic_pool, size: 2 + config :pleroma, :restrict_unauthenticated, timelines: %{local: false, federated: false}, profiles: %{local: false, remote: false}, diff --git a/config/description.exs b/config/description.exs index b21d7840c..a318afbe6 100644 --- a/config/description.exs +++ b/config/description.exs @@ -3325,5 +3325,19 @@ config :pleroma, :config_description, [ suggestions: [false] } ] + }, + %{ + group: :pleroma, + key: :gen_magic_pool, + type: :group, + description: "GenMagic/libmagic configuration", + children: [ + %{ + key: :size, + type: :integer, + description: "Number of gen_magic workers to start.", + suggestions: [2] + } + ] } ] -- cgit v1.2.3 From f124f6820582d50be83ba7a1709b14ce8ee1abcc Mon Sep 17 00:00:00 2001 From: href Date: Tue, 16 Jun 2020 15:11:45 +0200 Subject: Switch from gen_magic to majic, use Majic.Plug, remove Pleroma.MIME --- config/config.exs | 2 +- config/description.exs | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) (limited to 'config') diff --git a/config/config.exs b/config/config.exs index 65aa8643e..f58b99faa 100644 --- a/config/config.exs +++ b/config/config.exs @@ -678,7 +678,7 @@ config :pleroma, :hackney_pools, timeout: 300_000 ] -config :pleroma, :gen_magic_pool, size: 2 +config :pleroma, :majic_pool, size: 2 config :pleroma, :restrict_unauthenticated, timelines: %{local: false, federated: false}, diff --git a/config/description.exs b/config/description.exs index a318afbe6..2afc5e366 100644 --- a/config/description.exs +++ b/config/description.exs @@ -3328,14 +3328,14 @@ config :pleroma, :config_description, [ }, %{ group: :pleroma, - key: :gen_magic_pool, + key: :majic_pool, type: :group, - description: "GenMagic/libmagic configuration", + description: "Majic/libmagic configuration", children: [ %{ key: :size, type: :integer, - description: "Number of gen_magic workers to start.", + description: "Number of majic workers to start.", suggestions: [2] } ] -- cgit v1.2.3 From 7aff2b47c56c5b41620445b7d49c429eb1866164 Mon Sep 17 00:00:00 2001 From: Mark Felder Date: Tue, 6 Oct 2020 15:47:11 -0500 Subject: Fix docs for default headers used by RemoteIp. We only use X-Forwarded-For by default. --- config/description.exs | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'config') diff --git a/config/description.exs b/config/description.exs index ac3dfbb2b..f6331dd30 100644 --- a/config/description.exs +++ b/config/description.exs @@ -3262,8 +3262,9 @@ config :pleroma, :config_description, [ %{ key: :headers, type: {:list, :string}, - description: - "A list of strings naming the `req_headers` to use when deriving the `remote_ip`. Order does not matter. Default: `~w[forwarded x-forwarded-for x-client-ip x-real-ip]`." + description: """ + A list of strings naming the `req_headers` to use when deriving the `remote_ip`. Default: `["x-forwarded-for"]`. + """ }, %{ key: :proxies, -- cgit v1.2.3 From d43d05005ae4e8b0f069111baee867492d4f0c52 Mon Sep 17 00:00:00 2001 From: Mark Felder Date: Tue, 6 Oct 2020 17:02:46 -0500 Subject: Move hardcoded default configuration into config.exs --- config/config.exs | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) (limited to 'config') diff --git a/config/config.exs b/config/config.exs index 2e6b0796a..d53663d36 100644 --- a/config/config.exs +++ b/config/config.exs @@ -677,7 +677,18 @@ config :pleroma, :rate_limit, config :pleroma, Pleroma.Workers.PurgeExpiredActivity, enabled: true, min_lifetime: 600 -config :pleroma, Pleroma.Plugs.RemoteIp, enabled: true +config :pleroma, Pleroma.Plugs.RemoteIp, + enabled: true, + headers: ["x-forwarded-for"], + proxies: [], + reserved: [ + "127.0.0.0/8", + "::1/128", + "fc00::/7", + "10.0.0.0/8", + "172.16.0.0/12", + "192.168.0.0/16" + ] config :pleroma, :static_fe, enabled: false -- cgit v1.2.3 From b8c05f4876b8f48bcd93d7e5d60539101329065a Mon Sep 17 00:00:00 2001 From: Mark Felder Date: Tue, 6 Oct 2020 17:21:27 -0500 Subject: Improve descriptions for reserved and proxies --- config/description.exs | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'config') diff --git a/config/description.exs b/config/description.exs index f6331dd30..2c7d91ccc 100644 --- a/config/description.exs +++ b/config/description.exs @@ -3270,13 +3270,14 @@ config :pleroma, :config_description, [ key: :proxies, type: {:list, :string}, description: - "A list of strings in [CIDR](https://en.wikipedia.org/wiki/CIDR) notation specifying the IPs of known proxies. Default: `[]`." + "A list of upstream proxy IP subnets in CIDR notation. Defaults to `[]`. IPv4 entries without a bitmask will be assumed to be /32 and IPv6 /128." }, %{ key: :reserved, type: {:list, :string}, - description: - "Defaults to [localhost](https://en.wikipedia.org/wiki/Localhost) and [private network](https://en.wikipedia.org/wiki/Private_network)." + description: """ + A list of reserved IP subnets in CIDR notation which should be ignored if found in `headers`. Defaults to `["127.0.0.0/8", "::1/128", "fc00::/7", "10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16"]` + """ } ] }, -- cgit v1.2.3 From e08eb4aba07ce843f3f1149b8c70fb6b4d855c44 Mon Sep 17 00:00:00 2001 From: Mark Felder Date: Tue, 6 Oct 2020 17:29:56 -0500 Subject: Don't leak internal variables in the docs. They're useless to users. --- config/description.exs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'config') diff --git a/config/description.exs b/config/description.exs index 2c7d91ccc..71cb5d913 100644 --- a/config/description.exs +++ b/config/description.exs @@ -3263,7 +3263,7 @@ config :pleroma, :config_description, [ key: :headers, type: {:list, :string}, description: """ - A list of strings naming the `req_headers` to use when deriving the `remote_ip`. Default: `["x-forwarded-for"]`. + A list of strings naming the HTTP headers to use when deriving the true client IP. Default: `["x-forwarded-for"]`. """ }, %{ -- cgit v1.2.3 From b90eda3d8bfa1faf5bdabce9539b601476abed94 Mon Sep 17 00:00:00 2001 From: Mark Felder Date: Tue, 6 Oct 2020 17:36:29 -0500 Subject: Improve description yet again --- config/description.exs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'config') diff --git a/config/description.exs b/config/description.exs index 71cb5d913..c6916ad14 100644 --- a/config/description.exs +++ b/config/description.exs @@ -3270,7 +3270,7 @@ config :pleroma, :config_description, [ key: :proxies, type: {:list, :string}, description: - "A list of upstream proxy IP subnets in CIDR notation. Defaults to `[]`. IPv4 entries without a bitmask will be assumed to be /32 and IPv6 /128." + "A list of upstream proxy IP subnets in CIDR notation from which we will parse the content of `headers`. Defaults to `[]`. IPv4 entries without a bitmask will be assumed to be /32 and IPv6 /128." }, %{ key: :reserved, -- cgit v1.2.3 From 3be8ab51038cdfeb4bbf78633eb79c4d6f6b8d0b Mon Sep 17 00:00:00 2001 From: Alexander Strizhakov Date: Wed, 24 Jun 2020 09:30:32 +0300 Subject: RemoteIp module name --- config/config.exs | 2 +- config/description.exs | 4 ++-- config/test.exs | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) (limited to 'config') diff --git a/config/config.exs b/config/config.exs index d53663d36..273da5bb6 100644 --- a/config/config.exs +++ b/config/config.exs @@ -677,7 +677,7 @@ config :pleroma, :rate_limit, config :pleroma, Pleroma.Workers.PurgeExpiredActivity, enabled: true, min_lifetime: 600 -config :pleroma, Pleroma.Plugs.RemoteIp, +config :pleroma, Pleroma.Web.Plugs.RemoteIp, enabled: true, headers: ["x-forwarded-for"], proxies: [], diff --git a/config/description.exs b/config/description.exs index 3902b9632..6e83a8e09 100644 --- a/config/description.exs +++ b/config/description.exs @@ -3250,10 +3250,10 @@ config :pleroma, :config_description, [ }, %{ group: :pleroma, - key: Pleroma.Plugs.RemoteIp, + key: Pleroma.Web.Plugs.RemoteIp, type: :group, description: """ - `Pleroma.Plugs.RemoteIp` is a shim to call [`RemoteIp`](https://git.pleroma.social/pleroma/remote_ip) but with runtime configuration. + `Pleroma.Web.Plugs.RemoteIp` is a shim to call [`RemoteIp`](https://git.pleroma.social/pleroma/remote_ip) but with runtime configuration. **If your instance is not behind at least one reverse proxy, you should not enable this plug.** """, children: [ diff --git a/config/test.exs b/config/test.exs index 95f860f2f..7cc660e3c 100644 --- a/config/test.exs +++ b/config/test.exs @@ -113,7 +113,7 @@ config :pleroma, Pleroma.Gun, Pleroma.GunMock config :pleroma, Pleroma.Emails.NewUsersDigestEmail, enabled: true -config :pleroma, Pleroma.Plugs.RemoteIp, enabled: false +config :pleroma, Pleroma.Web.Plugs.RemoteIp, enabled: false config :pleroma, Pleroma.Web.ApiSpec.CastAndValidate, strict: true -- cgit v1.2.3