From 2e5affce61a9255602d3a5d4c5caced9f09b1f5a Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Tue, 11 Jun 2019 14:27:41 +0700 Subject: Add RateLimiter --- docs/config.md | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'docs/config.md') diff --git a/docs/config.md b/docs/config.md index c61a5d8a3..e31e2b90f 100644 --- a/docs/config.md +++ b/docs/config.md @@ -616,3 +616,14 @@ To enable them, both the `rum_enabled` flag has to be set and the following spec `mix ecto.migrate --migrations-path priv/repo/optional_migrations/rum_indexing/` This will probably take a long time. + +## :rate_limit + +A keyword list of rate limiters where a key is a limiter name and value is the limiter configuration. The basic configuration is a tuple where: + +* The first element: `scale` (Integer). The time scale in milliseconds. +* The second element: `limit` (Integer). How many requests to limit in the time scale provided. + +It is also possible to have different limits for unauthenticated and authenticated users: the keyword value must be a list of two tuples where the first one is a config for unauthenticated users and the second one is for authenticated. + +See [`Pleroma.Plugs.RateLimiter`](Pleroma.Plugs.RateLimiter.html) documentation for examples. -- cgit v1.2.3 From ad04d12de63d559cc6398c58296afd04321adfbc Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Tue, 11 Jun 2019 16:06:03 +0700 Subject: Replace `MastodonAPIController.account_register/2` rate limiter --- docs/config.md | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) (limited to 'docs/config.md') diff --git a/docs/config.md b/docs/config.md index e31e2b90f..b62b80490 100644 --- a/docs/config.md +++ b/docs/config.md @@ -114,12 +114,6 @@ config :pleroma, Pleroma.Emails.Mailer, * `skip_thread_containment`: Skip filter out broken threads. The default is `false`. * `limit_unauthenticated_to_local_content`: Limit unauthenticated users to search for local statutes and users only. The default is `true`. -## :app_account_creation -REST API for creating an account settings -* `enabled`: Enable/disable registration -* `max_requests`: Number of requests allowed for creating accounts -* `interval`: Interval for restricting requests for one ip (seconds) - ## :logger * `backends`: `:console` is used to send logs to stdout, `{ExSyslogger, :ex_syslogger}` to log to syslog, and `Quack.Logger` to log to Slack @@ -568,7 +562,7 @@ config :ueberauth, Ueberauth, providers: [ microsoft: {Ueberauth.Strategy.Microsoft, [callback_params: []]} ] - + # Keycloak # Note: make sure to add `keycloak:ueberauth_keycloak_strategy` entry to `OAUTH_CONSUMER_STRATEGIES` environment variable keycloak_url = "https://publicly-reachable-keycloak-instance.org:8080" -- cgit v1.2.3 From 6f29865d43f30303bc05bfb10aa28fe3ebef1bfd Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Tue, 11 Jun 2019 21:25:53 +0700 Subject: Add option to restrict all users to local content --- docs/config.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'docs/config.md') diff --git a/docs/config.md b/docs/config.md index b62b80490..9e877fb51 100644 --- a/docs/config.md +++ b/docs/config.md @@ -112,7 +112,8 @@ config :pleroma, Pleroma.Emails.Mailer, * `healthcheck`: If set to true, system data will be shown on ``/api/pleroma/healthcheck``. * `remote_post_retention_days`: The default amount of days to retain remote posts when pruning the database. * `skip_thread_containment`: Skip filter out broken threads. The default is `false`. -* `limit_unauthenticated_to_local_content`: Limit unauthenticated users to search for local statutes and users only. The default is `true`. +* `limit_to_local_content`: Limit unauthenticated users to search for local statutes and users only. Possible values: `:unauthenticated`, `:all` and `false`. The default is `:unauthenticated`. + ## :logger * `backends`: `:console` is used to send logs to stdout, `{ExSyslogger, :ex_syslogger}` to log to syslog, and `Quack.Logger` to log to Slack -- cgit v1.2.3 From ced59be1ae8deb4dd505215062d45be3e262710e Mon Sep 17 00:00:00 2001 From: rinpatch Date: Tue, 11 Jun 2019 22:15:28 +0300 Subject: Document TagPolicy in `rewrite_policy` section --- docs/config.md | 1 + 1 file changed, 1 insertion(+) (limited to 'docs/config.md') diff --git a/docs/config.md b/docs/config.md index b62b80490..54632fbda 100644 --- a/docs/config.md +++ b/docs/config.md @@ -86,6 +86,7 @@ config :pleroma, Pleroma.Emails.Mailer, * `Pleroma.Web.ActivityPub.MRF.NoOpPolicy`: Doesn’t modify activities (default) * `Pleroma.Web.ActivityPub.MRF.DropPolicy`: Drops all activities. It generally doesn’t makes sense to use in production * `Pleroma.Web.ActivityPub.MRF.SimplePolicy`: Restrict the visibility of activities from certains instances (See ``:mrf_simple`` section) + * `Pleroma.Web.ActivityPub.MRF.TagPolicy`: Applies policies to individual users based on tags, which can be set using pleroma-fe/admin-fe/any other app that supports Pleroma Admin API. For example it allows marking posts from individual users nsfw (sensitive) * `Pleroma.Web.ActivityPub.MRF.SubchainPolicy`: Selectively runs other MRF policies when messages match (see ``:mrf_subchain`` section) * `Pleroma.Web.ActivityPub.MRF.RejectNonPublic`: Drops posts with non-public visibility settings (See ``:mrf_rejectnonpublic`` section) * `Pleroma.Web.ActivityPub.MRF.EnsureRePrepended`: Rewrites posts to ensure that replies to posts with subjects do not have an identical subject and instead begin with re:. -- cgit v1.2.3 From c2ca1f22a25d22d6d863406ed05b08c643e5824c Mon Sep 17 00:00:00 2001 From: Alexander Strizhakov Date: Fri, 14 Jun 2019 15:45:05 +0000 Subject: it is changed in compile time we can't change module attributes and endpoint settings in runtime --- docs/config.md | 1 + 1 file changed, 1 insertion(+) (limited to 'docs/config.md') diff --git a/docs/config.md b/docs/config.md index 2b0f5726b..ed8e465c6 100644 --- a/docs/config.md +++ b/docs/config.md @@ -114,6 +114,7 @@ config :pleroma, Pleroma.Emails.Mailer, * `remote_post_retention_days`: The default amount of days to retain remote posts when pruning the database. * `skip_thread_containment`: Skip filter out broken threads. The default is `false`. * `limit_to_local_content`: Limit unauthenticated users to search for local statutes and users only. Possible values: `:unauthenticated`, `:all` and `false`. The default is `:unauthenticated`. +* `dynamic_configuration`: Allow transferring configuration to DB with the subsequent customization from Admin api. ## :logger -- cgit v1.2.3 From 736d8ad6be1ccb1514a189ccf2384e9699ea107e Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Wed, 19 Jun 2019 15:57:44 +0000 Subject: implement anti link spam MRF --- docs/config.md | 1 + 1 file changed, 1 insertion(+) (limited to 'docs/config.md') diff --git a/docs/config.md b/docs/config.md index ed8e465c6..4e9697afc 100644 --- a/docs/config.md +++ b/docs/config.md @@ -90,6 +90,7 @@ config :pleroma, Pleroma.Emails.Mailer, * `Pleroma.Web.ActivityPub.MRF.SubchainPolicy`: Selectively runs other MRF policies when messages match (see ``:mrf_subchain`` section) * `Pleroma.Web.ActivityPub.MRF.RejectNonPublic`: Drops posts with non-public visibility settings (See ``:mrf_rejectnonpublic`` section) * `Pleroma.Web.ActivityPub.MRF.EnsureRePrepended`: Rewrites posts to ensure that replies to posts with subjects do not have an identical subject and instead begin with re:. + * `Pleroma.Web.ActivityPub.MRF.AntiLinkSpamPolicy`: Rejects posts from likely spambots using naive heuristics. * `public`: Makes the client API in authentificated mode-only except for user-profiles. Useful for disabling the Local Timeline and The Whole Known Network. * `quarantined_instances`: List of ActivityPub instances where private(DMs, followers-only) activities will not be send. * `managed_config`: Whenether the config for pleroma-fe is configured in this config or in ``static/config.json`` -- cgit v1.2.3 From 630ac6a921bc80a93f5f994731c1085fd1b9d3e8 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Thu, 20 Jun 2019 03:01:03 +0000 Subject: docs: better description for mrf anti link spam --- docs/config.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs/config.md') diff --git a/docs/config.md b/docs/config.md index 4e9697afc..b75193545 100644 --- a/docs/config.md +++ b/docs/config.md @@ -90,7 +90,7 @@ config :pleroma, Pleroma.Emails.Mailer, * `Pleroma.Web.ActivityPub.MRF.SubchainPolicy`: Selectively runs other MRF policies when messages match (see ``:mrf_subchain`` section) * `Pleroma.Web.ActivityPub.MRF.RejectNonPublic`: Drops posts with non-public visibility settings (See ``:mrf_rejectnonpublic`` section) * `Pleroma.Web.ActivityPub.MRF.EnsureRePrepended`: Rewrites posts to ensure that replies to posts with subjects do not have an identical subject and instead begin with re:. - * `Pleroma.Web.ActivityPub.MRF.AntiLinkSpamPolicy`: Rejects posts from likely spambots using naive heuristics. + * `Pleroma.Web.ActivityPub.MRF.AntiLinkSpamPolicy`: Rejects posts from likely spambots by rejecting posts from new users that contain links. * `public`: Makes the client API in authentificated mode-only except for user-profiles. Useful for disabling the Local Timeline and The Whole Known Network. * `quarantined_instances`: List of ActivityPub instances where private(DMs, followers-only) activities will not be send. * `managed_config`: Whenether the config for pleroma-fe is configured in this config or in ``static/config.json`` -- cgit v1.2.3 From 4bac13966bb73d9c0eb517feb42ccaf809e5404c Mon Sep 17 00:00:00 2001 From: aries Date: Mon, 24 Jun 2019 01:10:55 +0900 Subject: modify config.md for S3 --- docs/config.md | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'docs/config.md') diff --git a/docs/config.md b/docs/config.md index b75193545..506be32a1 100644 --- a/docs/config.md +++ b/docs/config.md @@ -16,6 +16,13 @@ Note: `strip_exif` has been replaced by `Pleroma.Upload.Filter.Mogrify`. ## Pleroma.Uploaders.Local * `uploads`: Which directory to store the user-uploads in, relative to pleroma’s working directory +## Pleroma.Uploaders.S3 +* `bucket`: S3 bucket name +* `public_endpoint`: S3 endpoint that the user finally accesses(ex. "https://s3.dualstack.\.amazonaws.com") +* `truncated_namespace`: If you use S3 compatible service such as Digital Ocean Spaces or CDN, set folder name or "" etc. +For example, when using CDN to S3 virtual host format, set "". +At this time, write CNAME to CDN in public_endpoint. + ## Pleroma.Upload.Filter.Mogrify * `args`: List of actions for the `mogrify` command like `"strip"` or `["strip", "auto-orient", {"impode", "1"}]`. -- cgit v1.2.3 From 7daaaf84f1ec2f50319bddf9e3fad631b31b6df6 Mon Sep 17 00:00:00 2001 From: aries Date: Mon, 24 Jun 2019 01:28:01 +0900 Subject: Fix markdown mistakes --- docs/config.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs/config.md') diff --git a/docs/config.md b/docs/config.md index 506be32a1..04841a3ad 100644 --- a/docs/config.md +++ b/docs/config.md @@ -18,7 +18,7 @@ Note: `strip_exif` has been replaced by `Pleroma.Upload.Filter.Mogrify`. ## Pleroma.Uploaders.S3 * `bucket`: S3 bucket name -* `public_endpoint`: S3 endpoint that the user finally accesses(ex. "https://s3.dualstack.\.amazonaws.com") +* `public_endpoint`: S3 endpoint that the user finally accesses(ex. "https://s3.dualstack.ap-northeast-1.amazonaws.com) * `truncated_namespace`: If you use S3 compatible service such as Digital Ocean Spaces or CDN, set folder name or "" etc. For example, when using CDN to S3 virtual host format, set "". At this time, write CNAME to CDN in public_endpoint. -- cgit v1.2.3 From 550302c041139de43052022c0f73cba2b30a3080 Mon Sep 17 00:00:00 2001 From: aries Date: Mon, 24 Jun 2019 01:09:28 +0000 Subject: Apply suggestion to docs/config.md --- docs/config.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs/config.md') diff --git a/docs/config.md b/docs/config.md index 04841a3ad..b08c37e84 100644 --- a/docs/config.md +++ b/docs/config.md @@ -18,7 +18,7 @@ Note: `strip_exif` has been replaced by `Pleroma.Upload.Filter.Mogrify`. ## Pleroma.Uploaders.S3 * `bucket`: S3 bucket name -* `public_endpoint`: S3 endpoint that the user finally accesses(ex. "https://s3.dualstack.ap-northeast-1.amazonaws.com) +* `public_endpoint`: S3 endpoint that the user finally accesses(ex. "https://s3.dualstack.ap-northeast-1.amazonaws.com") * `truncated_namespace`: If you use S3 compatible service such as Digital Ocean Spaces or CDN, set folder name or "" etc. For example, when using CDN to S3 virtual host format, set "". At this time, write CNAME to CDN in public_endpoint. -- cgit v1.2.3 From 4ad15ad2a90ca1ac370c8a79f796adc603a90479 Mon Sep 17 00:00:00 2001 From: Maksim Pechnikov Date: Tue, 25 Jun 2019 22:25:37 +0300 Subject: add ignore hosts and TLDs for rich_media --- docs/config.md | 2 ++ 1 file changed, 2 insertions(+) (limited to 'docs/config.md') diff --git a/docs/config.md b/docs/config.md index b08c37e84..8c98f5c05 100644 --- a/docs/config.md +++ b/docs/config.md @@ -417,6 +417,8 @@ This config contains two queues: `federator_incoming` and `federator_outgoing`. ## :rich_media * `enabled`: if enabled the instance will parse metadata from attached links to generate link previews +* `ignore_hosts`: list host which will ignore for parse metadata. default is []. +* `ignore_tld`: list TLDs (top-level domains) which will ignore for parse metadata. default is ["local", "localdomain", "lan"] ## :fetch_initial_posts * `enabled`: if enabled, when a new user is federated with, fetch some of their latest posts -- cgit v1.2.3 From ec01b7c934560e5d60d29c8278e99b004b88ac61 Mon Sep 17 00:00:00 2001 From: Maksim Date: Wed, 26 Jun 2019 03:23:26 +0000 Subject: Apply suggestion to docs/config.md --- docs/config.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs/config.md') diff --git a/docs/config.md b/docs/config.md index 8c98f5c05..3490d943c 100644 --- a/docs/config.md +++ b/docs/config.md @@ -417,7 +417,7 @@ This config contains two queues: `federator_incoming` and `federator_outgoing`. ## :rich_media * `enabled`: if enabled the instance will parse metadata from attached links to generate link previews -* `ignore_hosts`: list host which will ignore for parse metadata. default is []. +* `ignore_hosts`: list of hosts which will be ignored by the metadata parser. For example `["accounts.google.com", "xss.website"]`, defaults to `[]`. * `ignore_tld`: list TLDs (top-level domains) which will ignore for parse metadata. default is ["local", "localdomain", "lan"] ## :fetch_initial_posts -- cgit v1.2.3 From 41e4752950079b80e3d5a06d9806686bd3216dff Mon Sep 17 00:00:00 2001 From: rinpatch Date: Wed, 26 Jun 2019 06:48:59 +0300 Subject: Make default pack extensions configurable and default to png and gif --- docs/config.md | 1 + 1 file changed, 1 insertion(+) (limited to 'docs/config.md') diff --git a/docs/config.md b/docs/config.md index b08c37e84..836c9f934 100644 --- a/docs/config.md +++ b/docs/config.md @@ -604,6 +604,7 @@ Configure OAuth 2 provider capabilities: ## :emoji * `shortcode_globs`: Location of custom emoji files. `*` can be used as a wildcard. Example `["/emoji/custom/**/*.png"]` +* `pack_extensions`: A list of file extensions for emojis, when no emoji.txt for a pack is present. Example `[".png", ".gif"]` * `groups`: Emojis are ordered in groups (tags). This is an array of key-value pairs where the key is the groupname and the value the location or array of locations. `*` can be used as a wildcard. Example `[Custom: ["/emoji/*.png", "/emoji/custom/*.png"]]` * `default_manifest`: Location of the JSON-manifest. This manifest contains information about the emoji-packs you can download. Currently only one manifest can be added (no arrays). -- cgit v1.2.3