From ef9930ed8050a309f2d95df8f0504de2b1da4677 Mon Sep 17 00:00:00 2001 From: ultem Date: Sat, 24 Aug 2019 10:16:27 +0000 Subject: Minor corrections and clarification for Alpine standard v.3.10 --- docs/installation/alpine_linux_en.md | 33 ++++++++++++++++++++++++++++----- 1 file changed, 28 insertions(+), 5 deletions(-) (limited to 'docs') diff --git a/docs/installation/alpine_linux_en.md b/docs/installation/alpine_linux_en.md index 1f300f353..c77618936 100644 --- a/docs/installation/alpine_linux_en.md +++ b/docs/installation/alpine_linux_en.md @@ -1,7 +1,9 @@ # Installing on Alpine Linux ## Installation -This guide is a step-by-step installation guide for Alpine Linux. It also assumes that you have administrative rights, either as root or a user with [sudo permissions](https://www.linode.com/docs/tools-reference/custom-kernels-distros/install-alpine-linux-on-your-linode/#configuration). If you want to run this guide with root, ignore the `sudo` at the beginning of the lines, unless it calls a user like `sudo -Hu pleroma`; in this case, use `su -l -s $SHELL -c 'command'` instead. +This guide is a step-by-step installation guide for Alpine Linux. The instructions were verified against Alpine v.3.10 standard image. You might miss additional dependencies if you use `netboot` instead. + +It assumes that you have administrative rights, either as root or a user with [sudo permissions](https://www.linode.com/docs/tools-reference/custom-kernels-distros/install-alpine-linux-on-your-linode/#configuration). If you want to run this guide with root, ignore the `sudo` at the beginning of the lines, unless it calls a user like `sudo -Hu pleroma`; in this case, use `su -l -s $SHELL -c 'command'` instead. ### Required packages @@ -20,12 +22,13 @@ This guide is a step-by-step installation guide for Alpine Linux. It also assume ### Prepare the system -* First make sure to have the community repository enabled: +* The community repository must be enabled in `/etc/apk/repositories`. Depending on which version and mirror you use this looks like `http://alpine.42.fr/v3.10/community`. If you autogenerated the mirror during installation: ```shell -echo "https://nl.alpinelinux.org/alpine/latest-stable/community" | sudo tee -a /etc/apk/repository +awk 'NR==2' /etc/apk/repositories | sed 's/main/community/' | tee -a /etc/apk/repositories ``` + * Then update the system, if not already done: ```shell @@ -77,7 +80,8 @@ sudo rc-update add postgresql * Add a new system user for the Pleroma service: ```shell -sudo adduser -S -s /bin/false -h /opt/pleroma -H pleroma +sudo addgroup pleroma +sudo adduser -S -s /bin/false -h /opt/pleroma -H -G pleroma pleroma ``` **Note**: To execute a single command as the Pleroma system user, use `sudo -Hu pleroma command`. You can also switch to a shell by using `sudo -Hu pleroma $SHELL`. If you don’t have and want `sudo` on your system, you can use `su` as root user (UID 0) for a single command by using `su -l pleroma -s $SHELL -c 'command'` and `su -l pleroma -s $SHELL` for starting a shell. @@ -164,7 +168,26 @@ If that doesn’t work, make sure, that nginx is not already running. If it stil sudo cp /opt/pleroma/installation/pleroma.nginx /etc/nginx/conf.d/pleroma.conf ``` -* Before starting nginx edit the configuration and change it to your needs (e.g. change servername, change cert paths) +* Before starting nginx edit the configuration and change it to your needs. You must change change `server_name` and the paths to the certificates. You can use `nano` (install with `apk add nano` if missing). + +``` +server { + server_name your.domain; + listen 80; + ... +} + +server { + server_name your.domain; + listen 443 ssl http2; + ... + ssl_trusted_certificate /etc/letsencrypt/live/your.domain/chain.pem; + ssl_certificate /etc/letsencrypt/live/your.domain/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/your.domain/privkey.pem; + ... +} +``` + * Enable and start nginx: ```shell -- cgit v1.2.3 From 880307e0d52444326eee8e79b2f66af706d85b4a Mon Sep 17 00:00:00 2001 From: ultem Date: Fri, 30 Aug 2019 19:41:31 +0000 Subject: minor: Fix version dot --- docs/installation/alpine_linux_en.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/installation/alpine_linux_en.md b/docs/installation/alpine_linux_en.md index c77618936..f200362ca 100644 --- a/docs/installation/alpine_linux_en.md +++ b/docs/installation/alpine_linux_en.md @@ -1,7 +1,7 @@ # Installing on Alpine Linux ## Installation -This guide is a step-by-step installation guide for Alpine Linux. The instructions were verified against Alpine v.3.10 standard image. You might miss additional dependencies if you use `netboot` instead. +This guide is a step-by-step installation guide for Alpine Linux. The instructions were verified against Alpine v3.10 standard image. You might miss additional dependencies if you use `netboot` instead. It assumes that you have administrative rights, either as root or a user with [sudo permissions](https://www.linode.com/docs/tools-reference/custom-kernels-distros/install-alpine-linux-on-your-linode/#configuration). If you want to run this guide with root, ignore the `sudo` at the beginning of the lines, unless it calls a user like `sudo -Hu pleroma`; in this case, use `su -l -s $SHELL -c 'command'` instead. -- cgit v1.2.3 From 7808eee9aa4a02c289173a45e0b02def3bf51773 Mon Sep 17 00:00:00 2001 From: AkiraFukushima Date: Sat, 31 Aug 2019 16:23:15 +0900 Subject: Update Japanese document to follow English document --- docs/installation/debian_based_jp.md | 135 +++++++++++++++++------------------ 1 file changed, 67 insertions(+), 68 deletions(-) (limited to 'docs') diff --git a/docs/installation/debian_based_jp.md b/docs/installation/debian_based_jp.md index caf72363b..5ca6b3634 100644 --- a/docs/installation/debian_based_jp.md +++ b/docs/installation/debian_based_jp.md @@ -5,180 +5,179 @@ ## インストール -このガイドはDebian Stretchを仮定しています。Ubuntu 16.04でも可能です。 +このガイドはDebian Stretchを利用することを想定しています。Ubuntu 16.04や18.04でもおそらく動作します。また、ユーザはrootもしくはsudoにより管理者権限を持っていることを前提とします。もし、以下の操作をrootユーザで行う場合は、 `sudo` を無視してください。ただし、`sudo -Hu pleroma` のようにユーザを指定している場合には `su -s $SHELL -c 'command'` を代わりに使ってください。 ### 必要なソフトウェア -- PostgreSQL 9.6+ (postgresql-contrib-9.6 または他のバージョンの PSQL をインストールしてください) -- Elixir 1.5 以上 ([Debianのリポジトリからインストールしないこと!!! ここからインストールすること!](https://elixir-lang.org/install.html#unix-and-unix-like))。または [asdf](https://github.com/asdf-vm/asdf) を pleroma ユーザーでインストール。 -- erlang-dev +- PostgreSQL 9.6以上 (Ubuntu16.04では9.5しか提供されていないので,[](https://www.postgresql.org/download/linux/ubuntu/)こちらから新しいバージョンを入手してください) +- postgresql-contrib 9.6以上 (同上) +- Elixir 1.5 以上 ([Debianのリポジトリからインストールしないこと!!! ここからインストールすること!](https://elixir-lang.org/install.html#unix-and-unix-like)。または [asdf](https://github.com/asdf-vm/asdf) をpleromaユーザーでインストールしてください) + - erlang-dev - erlang-tools - erlang-parsetools +- erlang-eldap (LDAP認証を有効化するときのみ必要) - erlang-ssh -- erlang-xmerl (Jessieではバックポートからインストールすること!) +- erlang-xmerl - git - build-essential -- openssh -- openssl -- nginx prefered (Apacheも動くかもしれませんが、誰もテストしていません!) -- certbot (または何らかのACME Let's encryptクライアント) + +#### このガイドで利用している追加パッケージ + +- nginx (おすすめです。他のリバースプロキシを使う場合は、参考となる設定をこのリポジトリから探してください) +- certbot (または何らかのLet's Encrypt向けACMEクライアント) ### システムを準備する * まずシステムをアップデートしてください。 ``` -apt update && apt dist-upgrade +sudo apt update +sudo apt full-upgrade ``` -* 複数のツールとpostgresqlをインストールします。あとで必要になるので。 +* 上記に挙げたパッケージをインストールしておきます。 ``` -apt install git build-essential openssl ssh sudo postgresql-9.6 postgresql-contrib-9.6 +sudo apt install git build-essential postgresql postgresql-contrib ``` -(postgresqlのバージョンは、あなたのディストロにあわせて変えてください。または、バージョン番号がいらないかもしれません。) + ### ElixirとErlangをインストールします * Erlangのリポジトリをダウンロードおよびインストールします。 ``` -wget -P /tmp/ https://packages.erlang-solutions.com/erlang-solutions_1.0_all.deb && sudo dpkg -i /tmp/erlang-solutions_1.0_all.deb +wget -P /tmp/ https://packages.erlang-solutions.com/erlang-solutions_1.0_all.deb +sudo dpkg -i /tmp/erlang-solutions_1.0_all.deb ``` * ElixirとErlangをインストールします、 ``` -apt update && apt install elixir erlang-dev erlang-parsetools erlang-xmerl erlang-tools erlang-ssh +sudo apt update +sudo apt install elixir erlang-dev erlang-parsetools erlang-xmerl erlang-tools erlang-ssh ``` ### Pleroma BE (バックエンド) をインストールします -* 新しいユーザーを作ります。 -``` -adduser pleroma -``` -(Give it any password you want, make it STRONG) +* Pleroma用に新しいユーザーを作ります。 -* 新しいユーザーをsudoグループに入れます。 ``` -usermod -aG sudo pleroma +sudo useradd -r -s /bin/false -m -d /var/lib/pleroma -U pleroma ``` -* 新しいユーザーに変身し、ホームディレクトリに移動します。 -``` -su pleroma -cd ~ -``` +**注意**: Pleromaユーザとして単発のコマンドを実行したい場合はは、`sudo -Hu pleroma command` を使ってください。シェルを使いたい場合は `sudo -Hu pleroma $SHELL`です。もし `sudo` を使わない場合は、rootユーザで `su -l pleroma -s $SHELL -c 'command'` とすることでコマンドを、`su -l pleroma -s $SHELL` とすることでシェルを開始できます。 * Gitリポジトリをクローンします。 ``` -git clone -b master https://git.pleroma.social/pleroma/pleroma +sudo mkdir -p /opt/pleroma +sudo chown -R pleroma:pleroma /opt/pleroma +sudo -Hu pleroma git clone -b master https://git.pleroma.social/pleroma/pleroma /opt/pleroma ``` * 新しいディレクトリに移動します。 ``` -cd pleroma/ +cd /opt/pleroma ``` * Pleromaが依存するパッケージをインストールします。Hexをインストールしてもよいか聞かれたら、yesを入力してください。 ``` -mix deps.get +sudo -Hu pleroma mix deps.get ``` * コンフィギュレーションを生成します。 ``` -mix pleroma.instance gen +sudo -Hu pleroma mix pleroma.instance gen ``` * rebar3をインストールしてもよいか聞かれたら、yesを入力してください。 - * この処理には時間がかかります。私もよく分かりませんが、何らかのコンパイルが行われているようです。 - * あなたのインスタンスについて、いくつかの質問があります。その回答は `config/generated_config.exs` というコンフィギュレーションファイルに保存されます。 + * このときにpleromaの一部がコンパイルされるため、この処理には時間がかかります。 + * あなたのインスタンスについて、いくつかの質問されます。この質問により `config/generated_config.exs` という設定ファイルが生成されます。 -**注意**: メディアプロクシを有効にすると回答して、なおかつ、キャッシュのURLは空欄のままにしている場合は、`generated_config.exs` を編集して、`base_url` で始まる行をコメントアウトまたは削除してください。そして、上にある行の `true` の後にあるコンマを消してください。 * コンフィギュレーションを確認して、もし問題なければ、ファイル名を変更してください。 ``` mv config/{generated_config.exs,prod.secret.exs} ``` -* これまでのコマンドで、すでに `config/setup_db.psql` というファイルが作られています。このファイルをもとに、データベースを作成します。 +* 先程のコマンドで、すでに `config/setup_db.psql` というファイルが作られています。このファイルをもとに、データベースを作成します。 ``` -sudo su postgres -c 'psql -f config/setup_db.psql' +sudo -Hu pleroma mix pleroma.instance gen ``` -* そして、データベースのミグレーションを実行します。 +* そして、データベースのマイグレーションを実行します。 ``` -MIX_ENV=prod mix ecto.migrate +sudo -Hu pleroma MIX_ENV=prod mix ecto.migrate ``` -* Pleromaを起動できるようになりました。 +* これでPleromaを起動できるようになりました。 ``` -MIX_ENV=prod mix phx.server +sudo -Hu pleroma MIX_ENV=prod mix phx.server ``` -### インストールを終わらせる +### インストールの最終段階 -あなたの新しいインスタンスを世界に向けて公開するには、nginxまたは何らかのウェブサーバー (プロクシ) を使用する必要があります。また、Pleroma のためにシステムサービスファイルを作成する必要があります。 +あなたの新しいインスタンスを世界に向けて公開するには、nginx等のWebサーバやプロキシサーバをPleromaの前段に使用する必要があります。また、Pleroma のためにシステムサービスファイルを作成する必要があります。 #### Nginx * まだインストールしていないなら、nginxをインストールします。 ``` -apt install nginx +sudo apt install nginx ``` * SSLをセットアップします。他の方法でもよいですが、ここではcertbotを説明します。 certbotを使うならば、まずそれをインストールします。 ``` -apt install certbot +sudo apt install certbot ``` そしてセットアップします。 ``` -mkdir -p /var/lib/letsencrypt/.well-known -% certbot certonly --email your@emailaddress --webroot -w /var/lib/letsencrypt/ -d yourdomain +sudo mkdir -p /var/lib/letsencrypt/ +sudo certbot certonly --email -d --standalone ``` -もしうまくいかないときは、先にnginxを設定してください。ssl "on" を "off" に変えてから再試行してください。 +もしうまくいかないときは、nginxが正しく動いていない可能性があります。先にnginxを設定してください。ssl "on" を "off" に変えてから再試行してください。 --- -* nginxコンフィギュレーションの例をnginxフォルダーにコピーします。 +* nginxの設定ファイルサンプルをnginxフォルダーにコピーします。 ``` -cp /home/pleroma/pleroma/installation/pleroma.nginx /etc/nginx/sites-enabled/pleroma.nginx +sudo cp /opt/pleroma/installation/pleroma.nginx /etc/nginx/sites-available/pleroma.nginx +sudo ln -s /etc/nginx/sites-available/pleroma.nginx /etc/nginx/sites-enabled/pleroma.nginx ``` -* nginxを起動する前に、コンフィギュレーションを編集してください。例えば、サーバー名、証明書のパスなどを変更する必要があります。 +* nginxを起動する前に、設定ファイルを編集してください。例えば、サーバー名、証明書のパスなどを変更する必要があります。 * nginxを再起動します。 ``` -systemctl reload nginx.service +sudo systemctl enable --now nginx.service ``` -#### Systemd サービス +もし証明書を更新する必要が出てきた場合には、nginxの関連するlocationブロックのコメントアウトを外し、以下のコマンドを動かします。 -* サービスファイルの例をコピーします。 ``` -cp /home/pleroma/pleroma/installation/pleroma.service /usr/lib/systemd/system/pleroma.service +sudo certbot certonly --email -d --webroot -w /var/lib/letsencrypt/ ``` -* サービスファイルを変更します。すべてのパスが正しいことを確認してください。また、`[Service]` セクションに以下の行があることを確認してください。 -``` -Environment="MIX_ENV=prod" -``` +#### 他のWebサーバやプロキシ +これに関してはサンプルが `/opt/pleroma/installation/` にあるので、探してみてください。 + +#### Systemd サービス -* `pleroma.service` を enable および start してください。 +* サービスファイルのサンプルをコピーします。 ``` -systemctl enable --now pleroma.service +sudo cp /opt/pleroma/installation/pleroma.service /etc/systemd/system/pleroma.service ``` -#### モデレーターを作る - -新たにユーザーを作ったら、モデレーター権限を与えたいかもしれません。以下のタスクで可能です。 +* サービスファイルを変更します。すべてのパスが正しいことを確認してください +* サービスを有効化し `pleroma.service` を開始してください ``` -mix set_moderator username [true|false] +sudo systemctl enable --now pleroma.service ``` -モデレーターはすべてのポストを消すことができます。将来的には他のことも可能になるかもしれません。 +#### 初期ユーザの作成 -#### メディアプロクシを有効にする +新たにインスタンスを作成したら、以下のコマンドにより管理者権限を持った初期ユーザを作成できます。 -`generate_config` でメディアプロクシを有効にしているなら、すでにメディアプロクシが動作しています。あとから設定を変更したいなら、[How to activate mediaproxy](How-to-activate-mediaproxy) を見てください。 +``` +sudo -Hu pleroma MIX_ENV=prod mix pleroma.user new --admin +``` -#### コンフィギュレーションとカスタマイズ +#### その他の設定とカスタマイズ * [Backup your instance](backup.html) * [Configuration tips](general-tips-for-customizing-pleroma-fe.html) -- cgit v1.2.3 From af746fa4a814dbacd4fe4a3e58b1ee1732363d22 Mon Sep 17 00:00:00 2001 From: Maxim Filippov Date: Wed, 4 Sep 2019 20:08:13 +0300 Subject: Return total for reports --- docs/api/admin_api.md | 1 + 1 file changed, 1 insertion(+) (limited to 'docs') diff --git a/docs/api/admin_api.md b/docs/api/admin_api.md index d79c342be..5a090c720 100644 --- a/docs/api/admin_api.md +++ b/docs/api/admin_api.md @@ -313,6 +313,7 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret ```json { + "total" : 1, "reports": [ { "account": { -- cgit v1.2.3 From f649a2e972b70dfefb7bfc110b27a0194cda51c5 Mon Sep 17 00:00:00 2001 From: lain Date: Fri, 13 Sep 2019 16:19:50 +0200 Subject: Pleroma API Docs: Documented Emoji reaction endpoints. --- docs/api/pleroma_api.md | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) (limited to 'docs') diff --git a/docs/api/pleroma_api.md b/docs/api/pleroma_api.md index b134b31a8..c846df1da 100644 --- a/docs/api/pleroma_api.md +++ b/docs/api/pleroma_api.md @@ -354,3 +354,28 @@ The status posting endpoint takes an additional parameter, `in_reply_to_conversa * Params: * `recipients`: A list of ids of users that should receive posts to this conversation. This will replace the current list of recipients, so submit the full list. The owner of owner of the conversation will always be part of the set of recipients, though. * Response: JSON, statuses (200 - healthy, 503 unhealthy) + +# Emoji Reactions + +Emoji reactions work a lot like favourites do. They make it possible to react to a post with a single emoji character. + +## `POST /api/v1/pleroma/statuses/:id/react_with_emoji` +### React to a post with a unicode emoji +* Method: `POST` +* Authentication: required +* Params: `emoji`: A single character unicode emoji +* Response: JSON, the status. + +## `GET /api/v1/pleroma/statuses/:id/emoji_reactions_by` +### Get an object of emoji to account mappings with accounts that reacted to the post +* Method: `GET` +* Authentication: optional +* Params: None +* Response: JSON, a map of emoji to account list mappings. +* Example Response: +```json +{ + "😀" => [{"id" => "xyz.."...}, {"id" => "zyx..."}], + "🗡" => [{"id" => "abc..."}] +} +``` -- cgit v1.2.3 From c625fe6f09a308f10e98c9e5ea4bf14500a0b58a Mon Sep 17 00:00:00 2001 From: Alex S Date: Fri, 13 Sep 2019 19:03:39 +0300 Subject: config.md back --- docs/config.md | 702 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 701 insertions(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/config.md b/docs/config.md index 7f54a34b1..066547bb1 100644 --- a/docs/config.md +++ b/docs/config.md @@ -1 +1,701 @@ -This file is a placeholder, please run mix pleroma.docs to generate it. +# Configuration + +This file describe the configuration, it is recommended to edit the relevant *.secret.exs file instead of the others founds in the ``config`` directory. +If you run Pleroma with ``MIX_ENV=prod`` the file is ``prod.secret.exs``, otherwise it is ``dev.secret.exs``. + +## Pleroma.Upload +* `uploader`: Select which `Pleroma.Uploaders` to use +* `filters`: List of `Pleroma.Upload.Filter` to use. +* `link_name`: When enabled Pleroma will add a `name` parameter to the url of the upload, for example `https://instance.tld/media/corndog.png?name=corndog.png`. This is needed to provide the correct filename in Content-Disposition headers when using filters like `Pleroma.Upload.Filter.Dedupe` +* `base_url`: The base URL to access a user-uploaded file. Useful when you want to proxy the media files via another host. +* `proxy_remote`: If you're using a remote uploader, Pleroma will proxy media requests instead of redirecting to it. +* `proxy_opts`: Proxy options, see `Pleroma.ReverseProxy` documentation. + +Note: `strip_exif` has been replaced by `Pleroma.Upload.Filter.Mogrify`. + +## Pleroma.Uploaders.Local +* `uploads`: Which directory to store the user-uploads in, relative to pleroma’s working directory + +## Pleroma.Uploaders.S3 +* `bucket`: S3 bucket name +* `bucket_namespace`: S3 bucket namespace +* `public_endpoint`: S3 endpoint that the user finally accesses(ex. "https://s3.dualstack.ap-northeast-1.amazonaws.com") +* `truncated_namespace`: If you use S3 compatible service such as Digital Ocean Spaces or CDN, set folder name or "" etc. +For example, when using CDN to S3 virtual host format, set "". +At this time, write CNAME to CDN in public_endpoint. + +## Pleroma.Upload.Filter.Mogrify + +* `args`: List of actions for the `mogrify` command like `"strip"` or `["strip", "auto-orient", {"implode", "1"}]`. + +## Pleroma.Upload.Filter.Dedupe + +No specific configuration. + +## Pleroma.Upload.Filter.AnonymizeFilename + +This filter replaces the filename (not the path) of an upload. For complete obfuscation, add +`Pleroma.Upload.Filter.Dedupe` before AnonymizeFilename. + +* `text`: Text to replace filenames in links. If empty, `{random}.extension` will be used. You can get the original filename extension by using `{extension}`, for example `custom-file-name.{extension}`. + +## Pleroma.Emails.Mailer +* `adapter`: one of the mail adapters listed in [Swoosh readme](https://github.com/swoosh/swoosh#adapters), or `Swoosh.Adapters.Local` for in-memory mailbox. +* `api_key` / `password` and / or other adapter-specific settings, per the above documentation. +* `enabled`: Allows enable/disable send emails. Default: `false`. + +An example for Sendgrid adapter: + +```elixir +config :pleroma, Pleroma.Emails.Mailer, + adapter: Swoosh.Adapters.Sendgrid, + api_key: "YOUR_API_KEY" +``` + +An example for SMTP adapter: + +```elixir +config :pleroma, Pleroma.Emails.Mailer, + adapter: Swoosh.Adapters.SMTP, + relay: "smtp.gmail.com", + username: "YOUR_USERNAME@gmail.com", + password: "YOUR_SMTP_PASSWORD", + port: 465, + ssl: true, + tls: :always, + auth: :always +``` + +## :uri_schemes +* `valid_schemes`: List of the scheme part that is considered valid to be an URL + +## :instance +* `name`: The instance’s name +* `email`: Email used to reach an Administrator/Moderator of the instance +* `notify_email`: Email used for notifications. +* `description`: The instance’s description, can be seen in nodeinfo and ``/api/v1/instance`` +* `limit`: Posts character limit (CW/Subject included in the counter) +* `remote_limit`: Hard character limit beyond which remote posts will be dropped. +* `upload_limit`: File size limit of uploads (except for avatar, background, banner) +* `avatar_upload_limit`: File size limit of user’s profile avatars +* `background_upload_limit`: File size limit of user’s profile backgrounds +* `banner_upload_limit`: File size limit of user’s profile banners +* `poll_limits`: A map with poll limits for **local** polls + * `max_options`: Maximum number of options + * `max_option_chars`: Maximum number of characters per option + * `min_expiration`: Minimum expiration time (in seconds) + * `max_expiration`: Maximum expiration time (in seconds) +* `registrations_open`: Enable registrations for anyone, invitations can be enabled when false. +* `invites_enabled`: Enable user invitations for admins (depends on `registrations_open: false`). +* `account_activation_required`: Require users to confirm their emails before signing in. +* `federating`: Enable federation with other instances +* `federation_incoming_replies_max_depth`: Max. depth of reply-to activities fetching on incoming federation, to prevent out-of-memory situations while fetching very long threads. If set to `nil`, threads of any depth will be fetched. Lower this value if you experience out-of-memory crashes. +* `federation_reachability_timeout_days`: Timeout (in days) of each external federation target being unreachable prior to pausing federating to it. +* `allow_relay`: Enable Pleroma’s Relay, which makes it possible to follow a whole instance +* `rewrite_policy`: Message Rewrite Policy, either one or a list. Here are the ones available by default: + * `Pleroma.Web.ActivityPub.MRF.NoOpPolicy`: Doesn’t modify activities (default) + * `Pleroma.Web.ActivityPub.MRF.DropPolicy`: Drops all activities. It generally doesn’t makes sense to use in production + * `Pleroma.Web.ActivityPub.MRF.SimplePolicy`: Restrict the visibility of activities from certains instances (See ``:mrf_simple`` section) + * `Pleroma.Web.ActivityPub.MRF.TagPolicy`: Applies policies to individual users based on tags, which can be set using pleroma-fe/admin-fe/any other app that supports Pleroma Admin API. For example it allows marking posts from individual users nsfw (sensitive) + * `Pleroma.Web.ActivityPub.MRF.SubchainPolicy`: Selectively runs other MRF policies when messages match (see ``:mrf_subchain`` section) + * `Pleroma.Web.ActivityPub.MRF.RejectNonPublic`: Drops posts with non-public visibility settings (See ``:mrf_rejectnonpublic`` section) + * `Pleroma.Web.ActivityPub.MRF.EnsureRePrepended`: Rewrites posts to ensure that replies to posts with subjects do not have an identical subject and instead begin with re:. + * `Pleroma.Web.ActivityPub.MRF.AntiLinkSpamPolicy`: Rejects posts from likely spambots by rejecting posts from new users that contain links. + * `Pleroma.Web.ActivityPub.MRF.MediaProxyWarmingPolicy`: Crawls attachments using their MediaProxy URLs so that the MediaProxy cache is primed. + * `Pleroma.Web.ActivityPub.MRF.MentionPolicy`: Drops posts mentioning configurable users. (see `:mrf_mention` section) + * `Pleroma.Web.ActivityPub.MRF.VocabularyPolicy`: Restricts activities to a configured set of vocabulary. (see `:mrf_vocabulary` section) +* `public`: Makes the client API in authentificated mode-only except for user-profiles. Useful for disabling the Local Timeline and The Whole Known Network. +* `quarantined_instances`: List of ActivityPub instances where private(DMs, followers-only) activities will not be send. +* `managed_config`: Whenether the config for pleroma-fe is configured in this config or in ``static/config.json`` +* `allowed_post_formats`: MIME-type list of formats allowed to be posted (transformed into HTML) +* `mrf_transparency`: Make the content of your Message Rewrite Facility settings public (via nodeinfo). +* `mrf_transparency_exclusions`: Exclude specific instance names from MRF transparency. The use of the exclusions feature will be disclosed in nodeinfo as a boolean value. +* `scope_copy`: Copy the scope (private/unlisted/public) in replies to posts by default. +* `subject_line_behavior`: Allows changing the default behaviour of subject lines in replies. Valid values: + * "email": Copy and preprend re:, as in email. + * "masto": Copy verbatim, as in Mastodon. + * "noop": Don't copy the subject. +* `always_show_subject_input`: When set to false, auto-hide the subject field when it's empty. +* `extended_nickname_format`: Set to `true` to use extended local nicknames format (allows underscores/dashes). This will break federation with + older software for theses nicknames. +* `max_pinned_statuses`: The maximum number of pinned statuses. `0` will disable the feature. +* `autofollowed_nicknames`: Set to nicknames of (local) users that every new user should automatically follow. +* `no_attachment_links`: Set to true to disable automatically adding attachment link text to statuses +* `welcome_message`: A message that will be send to a newly registered users as a direct message. +* `welcome_user_nickname`: The nickname of the local user that sends the welcome message. +* `max_report_comment_size`: The maximum size of the report comment (Default: `1000`) +* `safe_dm_mentions`: If set to true, only mentions at the beginning of a post will be used to address people in direct messages. This is to prevent accidental mentioning of people when talking about them (e.g. "@friend hey i really don't like @enemy"). Default: `false`. +* `healthcheck`: If set to true, system data will be shown on ``/api/pleroma/healthcheck``. +* `remote_post_retention_days`: The default amount of days to retain remote posts when pruning the database. +* `user_bio_length`: A user bio maximum length (default: `5000`) +* `user_name_length`: A user name maximum length (default: `100`) +* `skip_thread_containment`: Skip filter out broken threads. The default is `false`. +* `limit_to_local_content`: Limit unauthenticated users to search for local statutes and users only. Possible values: `:unauthenticated`, `:all` and `false`. The default is `:unauthenticated`. +* `dynamic_configuration`: Allow transferring configuration to DB with the subsequent customization from Admin api. +* `max_account_fields`: The maximum number of custom fields in the user profile (default: `10`) +* `max_remote_account_fields`: The maximum number of custom fields in the remote user profile (default: `20`) +* `account_field_name_length`: An account field name maximum length (default: `512`) +* `account_field_value_length`: An account field value maximum length (default: `512`) +* `external_user_synchronization`: Enabling following/followers counters synchronization for external users. + + + +## :logger +* `backends`: `:console` is used to send logs to stdout, `{ExSyslogger, :ex_syslogger}` to log to syslog, and `Quack.Logger` to log to Slack + +An example to enable ONLY ExSyslogger (f/ex in ``prod.secret.exs``) with info and debug suppressed: +```elixir +config :logger, + backends: [{ExSyslogger, :ex_syslogger}] + +config :logger, :ex_syslogger, + level: :warn +``` + +Another example, keeping console output and adding the pid to syslog output: +```elixir +config :logger, + backends: [:console, {ExSyslogger, :ex_syslogger}] + +config :logger, :ex_syslogger, + level: :warn, + option: [:pid, :ndelay] +``` + +See: [logger’s documentation](https://hexdocs.pm/logger/Logger.html) and [ex_syslogger’s documentation](https://hexdocs.pm/ex_syslogger/) + +An example of logging info to local syslog, but warn to a Slack channel: +```elixir +config :logger, + backends: [ {ExSyslogger, :ex_syslogger}, Quack.Logger ], + level: :info + +config :logger, :ex_syslogger, + level: :info, + ident: "pleroma", + format: "$metadata[$level] $message" + +config :quack, + level: :warn, + meta: [:all], + webhook_url: "https://hooks.slack.com/services/YOUR-API-KEY-HERE" +``` + +See the [Quack Github](https://github.com/azohra/quack) for more details + +## :frontend_configurations + +This can be used to configure a keyword list that keeps the configuration data for any kind of frontend. By default, settings for `pleroma_fe` and `masto_fe` are configured. + +Frontends can access these settings at `/api/pleroma/frontend_configurations` + +To add your own configuration for PleromaFE, use it like this: + +```elixir +config :pleroma, :frontend_configurations, + pleroma_fe: %{ + theme: "pleroma-dark", + # ... see /priv/static/static/config.json for the available keys. +}, + masto_fe: %{ + showInstanceSpecificPanel: true + } +``` + +These settings **need to be complete**, they will override the defaults. + +NOTE: for versions < 1.0, you need to set [`:fe`](#fe) to false, as shown a few lines below. + +## :fe +__THIS IS DEPRECATED__ + +If you are using this method, please change it to the [`frontend_configurations`](#frontend_configurations) method. +Please **set this option to false** in your config like this: + +```elixir +config :pleroma, :fe, false +``` + +This section is used to configure Pleroma-FE, unless ``:managed_config`` in ``:instance`` is set to false. + +* `theme`: Which theme to use, they are defined in ``styles.json`` +* `logo`: URL of the logo, defaults to Pleroma’s logo +* `logo_mask`: Whether to use only the logo's shape as a mask (true) or as a regular image (false) +* `logo_margin`: What margin to use around the logo +* `background`: URL of the background, unless viewing a user profile with a background that is set +* `redirect_root_no_login`: relative URL which indicates where to redirect when a user isn’t logged in. +* `redirect_root_login`: relative URL which indicates where to redirect when a user is logged in. +* `show_instance_panel`: Whenether to show the instance’s specific panel. +* `scope_options_enabled`: Enable setting an notice visibility and subject/CW when posting +* `formatting_options_enabled`: Enable setting a formatting different than plain-text (ie. HTML, Markdown) when posting, relates to ``:instance, allowed_post_formats`` +* `collapse_message_with_subjects`: When a message has a subject(aka Content Warning), collapse it by default +* `hide_post_stats`: Hide notices statistics(repeats, favorites, …) +* `hide_user_stats`: Hide profile statistics(posts, posts per day, followers, followings, …) + +## :assets + +This section configures assets to be used with various frontends. Currently the only option +relates to mascots on the mastodon frontend + +* `mascots`: KeywordList of mascots, each element __MUST__ contain both a `url` and a + `mime_type` key. +* `default_mascot`: An element from `mascots` - This will be used as the default mascot + on MastoFE (default: `:pleroma_fox_tan`) + +## :mrf_simple +* `media_removal`: List of instances to remove medias from +* `media_nsfw`: List of instances to put medias as NSFW(sensitive) from +* `federated_timeline_removal`: List of instances to remove from Federated (aka The Whole Known Network) Timeline +* `reject`: List of instances to reject any activities from +* `accept`: List of instances to accept any activities from +* `report_removal`: List of instances to reject reports from +* `avatar_removal`: List of instances to strip avatars from +* `banner_removal`: List of instances to strip banners from + +## :mrf_subchain +This policy processes messages through an alternate pipeline when a given message matches certain criteria. +All criteria are configured as a map of regular expressions to lists of policy modules. + +* `match_actor`: Matches a series of regular expressions against the actor field. + +Example: + +``` +config :pleroma, :mrf_subchain, + match_actor: %{ + ~r/https:\/\/example.com/s => [Pleroma.Web.ActivityPub.MRF.DropPolicy] + } +``` + +## :mrf_rejectnonpublic +* `allow_followersonly`: whether to allow followers-only posts +* `allow_direct`: whether to allow direct messages + +## :mrf_hellthread +* `delist_threshold`: Number of mentioned users after which the message gets delisted (the message can still be seen, but it will not show up in public timelines and mentioned users won't get notifications about it). Set to 0 to disable. +* `reject_threshold`: Number of mentioned users after which the messaged gets rejected. Set to 0 to disable. + +## :mrf_keyword +* `reject`: A list of patterns which result in message being rejected, each pattern can be a string or a [regular expression](https://hexdocs.pm/elixir/Regex.html) +* `federated_timeline_removal`: A list of patterns which result in message being removed from federated timelines (a.k.a unlisted), each pattern can be a string or a [regular expression](https://hexdocs.pm/elixir/Regex.html) +* `replace`: A list of tuples containing `{pattern, replacement}`, `pattern` can be a string or a [regular expression](https://hexdocs.pm/elixir/Regex.html) + +## :mrf_mention +* `actors`: A list of actors, for which to drop any posts mentioning. + +## :mrf_vocabulary +* `accept`: A list of ActivityStreams terms to accept. If empty, all supported messages are accepted. +* `reject`: A list of ActivityStreams terms to reject. If empty, no messages are rejected. + +## :media_proxy +* `enabled`: Enables proxying of remote media to the instance’s proxy +* `base_url`: The base URL to access a user-uploaded file. Useful when you want to proxy the media files via another host/CDN fronts. +* `proxy_opts`: All options defined in `Pleroma.ReverseProxy` documentation, defaults to `[max_body_length: (25*1_048_576)]`. +* `whitelist`: List of domains to bypass the mediaproxy + +## :gopher +* `enabled`: Enables the gopher interface +* `ip`: IP address to bind to +* `port`: Port to bind to +* `dstport`: Port advertised in urls (optional, defaults to `port`) + +## Pleroma.Web.Endpoint +`Phoenix` endpoint configuration, all configuration options can be viewed [here](https://hexdocs.pm/phoenix/Phoenix.Endpoint.html#module-dynamic-configuration), only common options are listed here +* `http` - a list containing http protocol configuration, all configuration options can be viewed [here](https://hexdocs.pm/plug_cowboy/Plug.Cowboy.html#module-options), only common options are listed here. For deployment using docker, you need to set this to `[ip: {0,0,0,0}, port: 4000]` to make pleroma accessible from other containers (such as your nginx server). + - `ip` - a tuple consisting of 4 integers + - `port` +* `url` - a list containing the configuration for generating urls, accepts + - `host` - the host without the scheme and a post (e.g `example.com`, not `https://example.com:2020`) + - `scheme` - e.g `http`, `https` + - `port` + - `path` +* `extra_cookie_attrs` - a list of `Key=Value` strings to be added as non-standard cookie attributes. Defaults to `["SameSite=Lax"]`. See the [SameSite article](https://www.owasp.org/index.php/SameSite) on OWASP for more info. + + + +**Important note**: if you modify anything inside these lists, default `config.exs` values will be overwritten, which may result in breakage, to make sure this does not happen please copy the default value for the list from `config.exs` and modify/add only what you need + +Example: +```elixir +config :pleroma, Pleroma.Web.Endpoint, + url: [host: "example.com", port: 2020, scheme: "https"], + http: [ + # start copied from config.exs + dispatch: [ + {:_, + [ + {"/api/v1/streaming", Pleroma.Web.MastodonAPI.WebsocketHandler, []}, + {"/websocket", Phoenix.Endpoint.CowboyWebSocket, + {Phoenix.Transports.WebSocket, + {Pleroma.Web.Endpoint, Pleroma.Web.UserSocket, websocket_config}}}, + {:_, Phoenix.Endpoint.Cowboy2Handler, {Pleroma.Web.Endpoint, []}} + ]} + # end copied from config.exs + ], + port: 8080, + ip: {127, 0, 0, 1} + ] +``` + +This will make Pleroma listen on `127.0.0.1` port `8080` and generate urls starting with `https://example.com:2020` + +## :activitypub +* ``unfollow_blocked``: Whether blocks result in people getting unfollowed +* ``outgoing_blocks``: Whether to federate blocks to other instances +* ``deny_follow_blocked``: Whether to disallow following an account that has blocked the user in question +* ``sign_object_fetches``: Sign object fetches with HTTP signatures + +## :http_security +* ``enabled``: Whether the managed content security policy is enabled +* ``sts``: Whether to additionally send a `Strict-Transport-Security` header +* ``sts_max_age``: The maximum age for the `Strict-Transport-Security` header if sent +* ``ct_max_age``: The maximum age for the `Expect-CT` header if sent +* ``referrer_policy``: The referrer policy to use, either `"same-origin"` or `"no-referrer"` +* ``report_uri``: Adds the specified url to `report-uri` and `report-to` group in CSP header. + +## :mrf_user_allowlist + +The keys in this section are the domain names that the policy should apply to. +Each key should be assigned a list of users that should be allowed through by +their ActivityPub ID. + +An example: + +```elixir +config :pleroma, :mrf_user_allowlist, + "example.org": ["https://example.org/users/admin"] +``` + +## :web_push_encryption, :vapid_details + +Web Push Notifications configuration. You can use the mix task `mix web_push.gen.keypair` to generate it. + +* ``subject``: a mailto link for the administrative contact. It’s best if this email is not a personal email address, but rather a group email so that if a person leaves an organization, is unavailable for an extended period, or otherwise can’t respond, someone else on the list can. +* ``public_key``: VAPID public key +* ``private_key``: VAPID private key + +## Pleroma.Captcha +* `enabled`: Whether the captcha should be shown on registration +* `method`: The method/service to use for captcha +* `seconds_valid`: The time in seconds for which the captcha is valid + +### Pleroma.Captcha.Kocaptcha +Kocaptcha is a very simple captcha service with a single API endpoint, +the source code is here: https://github.com/koto-bank/kocaptcha. The default endpoint +`https://captcha.kotobank.ch` is hosted by the developer. + +* `endpoint`: the kocaptcha endpoint to use + +## :admin_token + +Allows to set a token that can be used to authenticate with the admin api without using an actual user by giving it as the 'admin_token' parameter. Example: + +```elixir +config :pleroma, :admin_token, "somerandomtoken" +``` + +You can then do + +```sh +curl "http://localhost:4000/api/pleroma/admin/invite_token?admin_token=somerandomtoken" +``` + +## :pleroma_job_queue + +[Pleroma Job Queue](https://git.pleroma.social/pleroma/pleroma_job_queue) configuration: a list of queues with maximum concurrent jobs. + +Pleroma has the following queues: + +* `federator_outgoing` - Outgoing federation +* `federator_incoming` - Incoming federation +* `mailer` - Email sender, see [`Pleroma.Emails.Mailer`](#pleroma-emails-mailer) +* `transmogrifier` - Transmogrifier +* `web_push` - Web push notifications +* `scheduled_activities` - Scheduled activities, see [`Pleroma.ScheduledActivities`](#pleromascheduledactivity) + +Example: + +```elixir +config :pleroma_job_queue, :queues, + federator_incoming: 50, + federator_outgoing: 50 +``` + +This config contains two queues: `federator_incoming` and `federator_outgoing`. Both have the `max_jobs` set to `50`. + +## Pleroma.Web.Federator.RetryQueue + +* `enabled`: If set to `true`, failed federation jobs will be retried +* `max_jobs`: The maximum amount of parallel federation jobs running at the same time. +* `initial_timeout`: The initial timeout in seconds +* `max_retries`: The maximum number of times a federation job is retried + +## Pleroma.Web.Metadata +* `providers`: a list of metadata providers to enable. Providers available: + * Pleroma.Web.Metadata.Providers.OpenGraph + * Pleroma.Web.Metadata.Providers.TwitterCard + * Pleroma.Web.Metadata.Providers.RelMe - add links from user bio with rel=me into the `
` as `` +* `unfurl_nsfw`: If set to `true` nsfw attachments will be shown in previews + +## :rich_media +* `enabled`: if enabled the instance will parse metadata from attached links to generate link previews +* `ignore_hosts`: list of hosts which will be ignored by the metadata parser. For example `["accounts.google.com", "xss.website"]`, defaults to `[]`. +* `ignore_tld`: list TLDs (top-level domains) which will ignore for parse metadata. default is ["local", "localdomain", "lan"] +* `parsers`: list of Rich Media parsers + +## :fetch_initial_posts +* `enabled`: if enabled, when a new user is federated with, fetch some of their latest posts +* `pages`: the amount of pages to fetch + +## :hackney_pools + +Advanced. Tweaks Hackney (http client) connections pools. + +There's three pools used: + +* `:federation` for the federation jobs. + You may want this pool max_connections to be at least equal to the number of federator jobs + retry queue jobs. +* `:media` for rich media, media proxy +* `:upload` for uploaded media (if using a remote uploader and `proxy_remote: true`) + +For each pool, the options are: + +* `max_connections` - how much connections a pool can hold +* `timeout` - retention duration for connections + +## :auto_linker + +Configuration for the `auto_linker` library: + +* `class: "auto-linker"` - specify the class to be added to the generated link. false to clear +* `rel: "noopener noreferrer"` - override the rel attribute. false to clear +* `new_window: true` - set to false to remove `target='_blank'` attribute +* `scheme: false` - Set to true to link urls with schema `http://google.com` +* `truncate: false` - Set to a number to truncate urls longer then the number. Truncated urls will end in `..` +* `strip_prefix: true` - Strip the scheme prefix +* `extra: false` - link urls with rarely used schemes (magnet, ipfs, irc, etc.) + +Example: + +```elixir +config :auto_linker, + opts: [ + scheme: true, + extra: true, + class: false, + strip_prefix: false, + new_window: false, + rel: false + ] +``` + +## Pleroma.ScheduledActivity + +* `daily_user_limit`: the number of scheduled activities a user is allowed to create in a single day (Default: `25`) +* `total_user_limit`: the number of scheduled activities a user is allowed to create in total (Default: `300`) +* `enabled`: whether scheduled activities are sent to the job queue to be executed + +## Pleroma.ActivityExpiration + +# `enabled`: whether expired activities will be sent to the job queue to be deleted + +## Pleroma.Web.Auth.Authenticator + +* `Pleroma.Web.Auth.PleromaAuthenticator`: default database authenticator +* `Pleroma.Web.Auth.LDAPAuthenticator`: LDAP authentication + +## :ldap + +Use LDAP for user authentication. When a user logs in to the Pleroma +instance, the name and password will be verified by trying to authenticate +(bind) to an LDAP server. If a user exists in the LDAP directory but there +is no account with the same name yet on the Pleroma instance then a new +Pleroma account will be created with the same name as the LDAP user name. + +* `enabled`: enables LDAP authentication +* `host`: LDAP server hostname +* `port`: LDAP port, e.g. 389 or 636 +* `ssl`: true to use SSL, usually implies the port 636 +* `sslopts`: additional SSL options +* `tls`: true to start TLS, usually implies the port 389 +* `tlsopts`: additional TLS options +* `base`: LDAP base, e.g. "dc=example,dc=com" +* `uid`: LDAP attribute name to authenticate the user, e.g. when "cn", the filter will be "cn=username,base" + +## BBS / SSH access + +To enable simple command line interface accessible over ssh, add a setting like this to your configuration file: + +```exs +app_dir = File.cwd! +priv_dir = Path.join([app_dir, "priv/ssh_keys"]) + +config :esshd, + enabled: true, + priv_dir: priv_dir, + handler: "Pleroma.BBS.Handler", + port: 10_022, + password_authenticator: "Pleroma.BBS.Authenticator" +``` + +Feel free to adjust the priv_dir and port number. Then you will have to create the key for the keys (in the example `priv/ssh_keys`) and create the host keys with `ssh-keygen -m PEM -N "" -b 2048 -t rsa -f ssh_host_rsa_key`. After restarting, you should be able to connect to your Pleroma instance with `ssh username@server -p $PORT` + +## :auth + +* `Pleroma.Web.Auth.PleromaAuthenticator`: default database authenticator +* `Pleroma.Web.Auth.LDAPAuthenticator`: LDAP authentication + +Authentication / authorization settings. + +* `auth_template`: authentication form template. By default it's `show.html` which corresponds to `lib/pleroma/web/templates/o_auth/o_auth/show.html.eex`. +* `oauth_consumer_template`: OAuth consumer mode authentication form template. By default it's `consumer.html` which corresponds to `lib/pleroma/web/templates/o_auth/o_auth/consumer.html.eex`. +* `oauth_consumer_strategies`: the list of enabled OAuth consumer strategies; by default it's set by `OAUTH_CONSUMER_STRATEGIES` environment variable. Each entry in this space-delimited string should be of format `` or `:` (e.g. `twitter` or `keycloak:ueberauth_keycloak_strategy` in case dependency is named differently than `ueberauth_`). + +## :email_notifications + +Email notifications settings. + + - digest - emails of "what you've missed" for users who have been + inactive for a while. + - active: globally enable or disable digest emails + - schedule: When to send digest email, in [crontab format](https://en.wikipedia.org/wiki/Cron). + "0 0 * * 0" is the default, meaning "once a week at midnight on Sunday morning" + - interval: Minimum interval between digest emails to one user + - inactivity_threshold: Minimum user inactivity threshold + +## Pleroma.Emails.UserEmail + +- `:logo` - a path to a custom logo. Set it to `nil` to use the default Pleroma logo. +- `:styling` - a map with color settings for email templates. + +## OAuth consumer mode + +OAuth consumer mode allows sign in / sign up via external OAuth providers (e.g. Twitter, Facebook, Google, Microsoft, etc.). +Implementation is based on Ueberauth; see the list of [available strategies](https://github.com/ueberauth/ueberauth/wiki/List-of-Strategies). + +Note: each strategy is shipped as a separate dependency; in order to get the strategies, run `OAUTH_CONSUMER_STRATEGIES="..." mix deps.get`, +e.g. `OAUTH_CONSUMER_STRATEGIES="twitter facebook google microsoft" mix deps.get`. +The server should also be started with `OAUTH_CONSUMER_STRATEGIES="..." mix phx.server` in case you enable any strategies. + +Note: each strategy requires separate setup (on external provider side and Pleroma side). Below are the guidelines on setting up most popular strategies. + +Note: make sure that `"SameSite=Lax"` is set in `extra_cookie_attrs` when you have this feature enabled. OAuth consumer mode will not work with `"SameSite=Strict"` + +* For Twitter, [register an app](https://developer.twitter.com/en/apps), configure callback URL to https:///oauth/twitter/callback + +* For Facebook, [register an app](https://developers.facebook.com/apps), configure callback URL to https:///oauth/facebook/callback, enable Facebook Login service at https://developers.facebook.com/apps//fb-login/settings/ + +* For Google, [register an app](https://console.developers.google.com), configure callback URL to https:///oauth/google/callback + +* For Microsoft, [register an app](https://portal.azure.com), configure callback URL to https:///oauth/microsoft/callback + +Once the app is configured on external OAuth provider side, add app's credentials and strategy-specific settings (if any — e.g. see Microsoft below) to `config/prod.secret.exs`, +per strategy's documentation (e.g. [ueberauth_twitter](https://github.com/ueberauth/ueberauth_twitter)). Example config basing on environment variables: + +```elixir +# Twitter +config :ueberauth, Ueberauth.Strategy.Twitter.OAuth, + consumer_key: System.get_env("TWITTER_CONSUMER_KEY"), + consumer_secret: System.get_env("TWITTER_CONSUMER_SECRET") + +# Facebook +config :ueberauth, Ueberauth.Strategy.Facebook.OAuth, + client_id: System.get_env("FACEBOOK_APP_ID"), + client_secret: System.get_env("FACEBOOK_APP_SECRET"), + redirect_uri: System.get_env("FACEBOOK_REDIRECT_URI") + +# Google +config :ueberauth, Ueberauth.Strategy.Google.OAuth, + client_id: System.get_env("GOOGLE_CLIENT_ID"), + client_secret: System.get_env("GOOGLE_CLIENT_SECRET"), + redirect_uri: System.get_env("GOOGLE_REDIRECT_URI") + +# Microsoft +config :ueberauth, Ueberauth.Strategy.Microsoft.OAuth, + client_id: System.get_env("MICROSOFT_CLIENT_ID"), + client_secret: System.get_env("MICROSOFT_CLIENT_SECRET") + +config :ueberauth, Ueberauth, + providers: [ + microsoft: {Ueberauth.Strategy.Microsoft, [callback_params: []]} + ] + +# Keycloak +# Note: make sure to add `keycloak:ueberauth_keycloak_strategy` entry to `OAUTH_CONSUMER_STRATEGIES` environment variable +keycloak_url = "https://publicly-reachable-keycloak-instance.org:8080" + +config :ueberauth, Ueberauth.Strategy.Keycloak.OAuth, + client_id: System.get_env("KEYCLOAK_CLIENT_ID"), + client_secret: System.get_env("KEYCLOAK_CLIENT_SECRET"), + site: keycloak_url, + authorize_url: "#{keycloak_url}/auth/realms/master/protocol/openid-connect/auth", + token_url: "#{keycloak_url}/auth/realms/master/protocol/openid-connect/token", + userinfo_url: "#{keycloak_url}/auth/realms/master/protocol/openid-connect/userinfo", + token_method: :post + +config :ueberauth, Ueberauth, + providers: [ + keycloak: {Ueberauth.Strategy.Keycloak, [uid_field: :email]} + ] +``` + +## OAuth 2.0 provider - :oauth2 + +Configure OAuth 2 provider capabilities: + +* `token_expires_in` - The lifetime in seconds of the access token. +* `issue_new_refresh_token` - Keeps old refresh token or generate new refresh token when to obtain an access token. +* `clean_expired_tokens` - Enable a background job to clean expired oauth tokens. Defaults to `false`. +* `clean_expired_tokens_interval` - Interval to run the job to clean expired tokens. Defaults to `86_400_000` (24 hours). + +## :emoji +* `shortcode_globs`: Location of custom emoji files. `*` can be used as a wildcard. Example `["/emoji/custom/**/*.png"]` +* `pack_extensions`: A list of file extensions for emojis, when no emoji.txt for a pack is present. Example `[".png", ".gif"]` +* `groups`: Emojis are ordered in groups (tags). This is an array of key-value pairs where the key is the groupname and the value the location or array of locations. `*` can be used as a wildcard. Example `[Custom: ["/emoji/*.png", "/emoji/custom/*.png"]]` +* `default_manifest`: Location of the JSON-manifest. This manifest contains information about the emoji-packs you can download. Currently only one manifest can be added (no arrays). + +## Database options + +### RUM indexing for full text search +* `rum_enabled`: If RUM indexes should be used. Defaults to `false`. + +RUM indexes are an alternative indexing scheme that is not included in PostgreSQL by default. While they may eventually be mainlined, for now they have to be installed as a PostgreSQL extension from https://github.com/postgrespro/rum. + +Their advantage over the standard GIN indexes is that they allow efficient ordering of search results by timestamp, which makes search queries a lot faster on larger servers, by one or two orders of magnitude. They take up around 3 times as much space as GIN indexes. + +To enable them, both the `rum_enabled` flag has to be set and the following special migration has to be run: + +`mix ecto.migrate --migrations-path priv/repo/optional_migrations/rum_indexing/` + +This will probably take a long time. + +## :rate_limit + +This is an advanced feature and disabled by default. + +A keyword list of rate limiters where a key is a limiter name and value is the limiter configuration. The basic configuration is a tuple where: + +* The first element: `scale` (Integer). The time scale in milliseconds. +* The second element: `limit` (Integer). How many requests to limit in the time scale provided. + +It is also possible to have different limits for unauthenticated and authenticated users: the keyword value must be a list of two tuples where the first one is a config for unauthenticated users and the second one is for authenticated. + +See [`Pleroma.Plugs.RateLimiter`](Pleroma.Plugs.RateLimiter.html) documentation for examples. + +Supported rate limiters: + +* `:search` for the search requests (account & status search etc.) +* `:app_account_creation` for registering user accounts from the same IP address +* `:relations_actions` for actions on relations with all users (follow, unfollow) +* `:relation_id_action` for actions on relation with a specific user (follow, unfollow) +* `:statuses_actions` for create / delete / fav / unfav / reblog / unreblog actions on any statuses +* `:status_id_action` for fav / unfav or reblog / unreblog actions on the same status by the same user + +## :web_cache_ttl + +The expiration time for the web responses cache. Values should be in milliseconds or `nil` to disable expiration. + +Available caches: + +* `:activity_pub` - activity pub routes (except question activities). Defaults to `nil` (no expiration). +* `:activity_pub_question` - activity pub routes (question activities). Defaults to `30_000` (30 seconds). -- cgit v1.2.3 From 3b8ec98b0e3b3fb2bd333f3be724676c4821366f Mon Sep 17 00:00:00 2001 From: Ivan Tashkinov Date: Sun, 15 Sep 2019 10:15:57 +0300 Subject: [#1149] Reinstated docs/config.md changes. --- docs/config.md | 1456 +++++++++++++++++++++++++++++--------------------------- 1 file changed, 755 insertions(+), 701 deletions(-) (limited to 'docs') diff --git a/docs/config.md b/docs/config.md index 066547bb1..270d7fcea 100644 --- a/docs/config.md +++ b/docs/config.md @@ -1,701 +1,755 @@ -# Configuration - -This file describe the configuration, it is recommended to edit the relevant *.secret.exs file instead of the others founds in the ``config`` directory. -If you run Pleroma with ``MIX_ENV=prod`` the file is ``prod.secret.exs``, otherwise it is ``dev.secret.exs``. - -## Pleroma.Upload -* `uploader`: Select which `Pleroma.Uploaders` to use -* `filters`: List of `Pleroma.Upload.Filter` to use. -* `link_name`: When enabled Pleroma will add a `name` parameter to the url of the upload, for example `https://instance.tld/media/corndog.png?name=corndog.png`. This is needed to provide the correct filename in Content-Disposition headers when using filters like `Pleroma.Upload.Filter.Dedupe` -* `base_url`: The base URL to access a user-uploaded file. Useful when you want to proxy the media files via another host. -* `proxy_remote`: If you're using a remote uploader, Pleroma will proxy media requests instead of redirecting to it. -* `proxy_opts`: Proxy options, see `Pleroma.ReverseProxy` documentation. - -Note: `strip_exif` has been replaced by `Pleroma.Upload.Filter.Mogrify`. - -## Pleroma.Uploaders.Local -* `uploads`: Which directory to store the user-uploads in, relative to pleroma’s working directory - -## Pleroma.Uploaders.S3 -* `bucket`: S3 bucket name -* `bucket_namespace`: S3 bucket namespace -* `public_endpoint`: S3 endpoint that the user finally accesses(ex. "https://s3.dualstack.ap-northeast-1.amazonaws.com") -* `truncated_namespace`: If you use S3 compatible service such as Digital Ocean Spaces or CDN, set folder name or "" etc. -For example, when using CDN to S3 virtual host format, set "". -At this time, write CNAME to CDN in public_endpoint. - -## Pleroma.Upload.Filter.Mogrify - -* `args`: List of actions for the `mogrify` command like `"strip"` or `["strip", "auto-orient", {"implode", "1"}]`. - -## Pleroma.Upload.Filter.Dedupe - -No specific configuration. - -## Pleroma.Upload.Filter.AnonymizeFilename - -This filter replaces the filename (not the path) of an upload. For complete obfuscation, add -`Pleroma.Upload.Filter.Dedupe` before AnonymizeFilename. - -* `text`: Text to replace filenames in links. If empty, `{random}.extension` will be used. You can get the original filename extension by using `{extension}`, for example `custom-file-name.{extension}`. - -## Pleroma.Emails.Mailer -* `adapter`: one of the mail adapters listed in [Swoosh readme](https://github.com/swoosh/swoosh#adapters), or `Swoosh.Adapters.Local` for in-memory mailbox. -* `api_key` / `password` and / or other adapter-specific settings, per the above documentation. -* `enabled`: Allows enable/disable send emails. Default: `false`. - -An example for Sendgrid adapter: - -```elixir -config :pleroma, Pleroma.Emails.Mailer, - adapter: Swoosh.Adapters.Sendgrid, - api_key: "YOUR_API_KEY" -``` - -An example for SMTP adapter: - -```elixir -config :pleroma, Pleroma.Emails.Mailer, - adapter: Swoosh.Adapters.SMTP, - relay: "smtp.gmail.com", - username: "YOUR_USERNAME@gmail.com", - password: "YOUR_SMTP_PASSWORD", - port: 465, - ssl: true, - tls: :always, - auth: :always -``` - -## :uri_schemes -* `valid_schemes`: List of the scheme part that is considered valid to be an URL - -## :instance -* `name`: The instance’s name -* `email`: Email used to reach an Administrator/Moderator of the instance -* `notify_email`: Email used for notifications. -* `description`: The instance’s description, can be seen in nodeinfo and ``/api/v1/instance`` -* `limit`: Posts character limit (CW/Subject included in the counter) -* `remote_limit`: Hard character limit beyond which remote posts will be dropped. -* `upload_limit`: File size limit of uploads (except for avatar, background, banner) -* `avatar_upload_limit`: File size limit of user’s profile avatars -* `background_upload_limit`: File size limit of user’s profile backgrounds -* `banner_upload_limit`: File size limit of user’s profile banners -* `poll_limits`: A map with poll limits for **local** polls - * `max_options`: Maximum number of options - * `max_option_chars`: Maximum number of characters per option - * `min_expiration`: Minimum expiration time (in seconds) - * `max_expiration`: Maximum expiration time (in seconds) -* `registrations_open`: Enable registrations for anyone, invitations can be enabled when false. -* `invites_enabled`: Enable user invitations for admins (depends on `registrations_open: false`). -* `account_activation_required`: Require users to confirm their emails before signing in. -* `federating`: Enable federation with other instances -* `federation_incoming_replies_max_depth`: Max. depth of reply-to activities fetching on incoming federation, to prevent out-of-memory situations while fetching very long threads. If set to `nil`, threads of any depth will be fetched. Lower this value if you experience out-of-memory crashes. -* `federation_reachability_timeout_days`: Timeout (in days) of each external federation target being unreachable prior to pausing federating to it. -* `allow_relay`: Enable Pleroma’s Relay, which makes it possible to follow a whole instance -* `rewrite_policy`: Message Rewrite Policy, either one or a list. Here are the ones available by default: - * `Pleroma.Web.ActivityPub.MRF.NoOpPolicy`: Doesn’t modify activities (default) - * `Pleroma.Web.ActivityPub.MRF.DropPolicy`: Drops all activities. It generally doesn’t makes sense to use in production - * `Pleroma.Web.ActivityPub.MRF.SimplePolicy`: Restrict the visibility of activities from certains instances (See ``:mrf_simple`` section) - * `Pleroma.Web.ActivityPub.MRF.TagPolicy`: Applies policies to individual users based on tags, which can be set using pleroma-fe/admin-fe/any other app that supports Pleroma Admin API. For example it allows marking posts from individual users nsfw (sensitive) - * `Pleroma.Web.ActivityPub.MRF.SubchainPolicy`: Selectively runs other MRF policies when messages match (see ``:mrf_subchain`` section) - * `Pleroma.Web.ActivityPub.MRF.RejectNonPublic`: Drops posts with non-public visibility settings (See ``:mrf_rejectnonpublic`` section) - * `Pleroma.Web.ActivityPub.MRF.EnsureRePrepended`: Rewrites posts to ensure that replies to posts with subjects do not have an identical subject and instead begin with re:. - * `Pleroma.Web.ActivityPub.MRF.AntiLinkSpamPolicy`: Rejects posts from likely spambots by rejecting posts from new users that contain links. - * `Pleroma.Web.ActivityPub.MRF.MediaProxyWarmingPolicy`: Crawls attachments using their MediaProxy URLs so that the MediaProxy cache is primed. - * `Pleroma.Web.ActivityPub.MRF.MentionPolicy`: Drops posts mentioning configurable users. (see `:mrf_mention` section) - * `Pleroma.Web.ActivityPub.MRF.VocabularyPolicy`: Restricts activities to a configured set of vocabulary. (see `:mrf_vocabulary` section) -* `public`: Makes the client API in authentificated mode-only except for user-profiles. Useful for disabling the Local Timeline and The Whole Known Network. -* `quarantined_instances`: List of ActivityPub instances where private(DMs, followers-only) activities will not be send. -* `managed_config`: Whenether the config for pleroma-fe is configured in this config or in ``static/config.json`` -* `allowed_post_formats`: MIME-type list of formats allowed to be posted (transformed into HTML) -* `mrf_transparency`: Make the content of your Message Rewrite Facility settings public (via nodeinfo). -* `mrf_transparency_exclusions`: Exclude specific instance names from MRF transparency. The use of the exclusions feature will be disclosed in nodeinfo as a boolean value. -* `scope_copy`: Copy the scope (private/unlisted/public) in replies to posts by default. -* `subject_line_behavior`: Allows changing the default behaviour of subject lines in replies. Valid values: - * "email": Copy and preprend re:, as in email. - * "masto": Copy verbatim, as in Mastodon. - * "noop": Don't copy the subject. -* `always_show_subject_input`: When set to false, auto-hide the subject field when it's empty. -* `extended_nickname_format`: Set to `true` to use extended local nicknames format (allows underscores/dashes). This will break federation with - older software for theses nicknames. -* `max_pinned_statuses`: The maximum number of pinned statuses. `0` will disable the feature. -* `autofollowed_nicknames`: Set to nicknames of (local) users that every new user should automatically follow. -* `no_attachment_links`: Set to true to disable automatically adding attachment link text to statuses -* `welcome_message`: A message that will be send to a newly registered users as a direct message. -* `welcome_user_nickname`: The nickname of the local user that sends the welcome message. -* `max_report_comment_size`: The maximum size of the report comment (Default: `1000`) -* `safe_dm_mentions`: If set to true, only mentions at the beginning of a post will be used to address people in direct messages. This is to prevent accidental mentioning of people when talking about them (e.g. "@friend hey i really don't like @enemy"). Default: `false`. -* `healthcheck`: If set to true, system data will be shown on ``/api/pleroma/healthcheck``. -* `remote_post_retention_days`: The default amount of days to retain remote posts when pruning the database. -* `user_bio_length`: A user bio maximum length (default: `5000`) -* `user_name_length`: A user name maximum length (default: `100`) -* `skip_thread_containment`: Skip filter out broken threads. The default is `false`. -* `limit_to_local_content`: Limit unauthenticated users to search for local statutes and users only. Possible values: `:unauthenticated`, `:all` and `false`. The default is `:unauthenticated`. -* `dynamic_configuration`: Allow transferring configuration to DB with the subsequent customization from Admin api. -* `max_account_fields`: The maximum number of custom fields in the user profile (default: `10`) -* `max_remote_account_fields`: The maximum number of custom fields in the remote user profile (default: `20`) -* `account_field_name_length`: An account field name maximum length (default: `512`) -* `account_field_value_length`: An account field value maximum length (default: `512`) -* `external_user_synchronization`: Enabling following/followers counters synchronization for external users. - - - -## :logger -* `backends`: `:console` is used to send logs to stdout, `{ExSyslogger, :ex_syslogger}` to log to syslog, and `Quack.Logger` to log to Slack - -An example to enable ONLY ExSyslogger (f/ex in ``prod.secret.exs``) with info and debug suppressed: -```elixir -config :logger, - backends: [{ExSyslogger, :ex_syslogger}] - -config :logger, :ex_syslogger, - level: :warn -``` - -Another example, keeping console output and adding the pid to syslog output: -```elixir -config :logger, - backends: [:console, {ExSyslogger, :ex_syslogger}] - -config :logger, :ex_syslogger, - level: :warn, - option: [:pid, :ndelay] -``` - -See: [logger’s documentation](https://hexdocs.pm/logger/Logger.html) and [ex_syslogger’s documentation](https://hexdocs.pm/ex_syslogger/) - -An example of logging info to local syslog, but warn to a Slack channel: -```elixir -config :logger, - backends: [ {ExSyslogger, :ex_syslogger}, Quack.Logger ], - level: :info - -config :logger, :ex_syslogger, - level: :info, - ident: "pleroma", - format: "$metadata[$level] $message" - -config :quack, - level: :warn, - meta: [:all], - webhook_url: "https://hooks.slack.com/services/YOUR-API-KEY-HERE" -``` - -See the [Quack Github](https://github.com/azohra/quack) for more details - -## :frontend_configurations - -This can be used to configure a keyword list that keeps the configuration data for any kind of frontend. By default, settings for `pleroma_fe` and `masto_fe` are configured. - -Frontends can access these settings at `/api/pleroma/frontend_configurations` - -To add your own configuration for PleromaFE, use it like this: - -```elixir -config :pleroma, :frontend_configurations, - pleroma_fe: %{ - theme: "pleroma-dark", - # ... see /priv/static/static/config.json for the available keys. -}, - masto_fe: %{ - showInstanceSpecificPanel: true - } -``` - -These settings **need to be complete**, they will override the defaults. - -NOTE: for versions < 1.0, you need to set [`:fe`](#fe) to false, as shown a few lines below. - -## :fe -__THIS IS DEPRECATED__ - -If you are using this method, please change it to the [`frontend_configurations`](#frontend_configurations) method. -Please **set this option to false** in your config like this: - -```elixir -config :pleroma, :fe, false -``` - -This section is used to configure Pleroma-FE, unless ``:managed_config`` in ``:instance`` is set to false. - -* `theme`: Which theme to use, they are defined in ``styles.json`` -* `logo`: URL of the logo, defaults to Pleroma’s logo -* `logo_mask`: Whether to use only the logo's shape as a mask (true) or as a regular image (false) -* `logo_margin`: What margin to use around the logo -* `background`: URL of the background, unless viewing a user profile with a background that is set -* `redirect_root_no_login`: relative URL which indicates where to redirect when a user isn’t logged in. -* `redirect_root_login`: relative URL which indicates where to redirect when a user is logged in. -* `show_instance_panel`: Whenether to show the instance’s specific panel. -* `scope_options_enabled`: Enable setting an notice visibility and subject/CW when posting -* `formatting_options_enabled`: Enable setting a formatting different than plain-text (ie. HTML, Markdown) when posting, relates to ``:instance, allowed_post_formats`` -* `collapse_message_with_subjects`: When a message has a subject(aka Content Warning), collapse it by default -* `hide_post_stats`: Hide notices statistics(repeats, favorites, …) -* `hide_user_stats`: Hide profile statistics(posts, posts per day, followers, followings, …) - -## :assets - -This section configures assets to be used with various frontends. Currently the only option -relates to mascots on the mastodon frontend - -* `mascots`: KeywordList of mascots, each element __MUST__ contain both a `url` and a - `mime_type` key. -* `default_mascot`: An element from `mascots` - This will be used as the default mascot - on MastoFE (default: `:pleroma_fox_tan`) - -## :mrf_simple -* `media_removal`: List of instances to remove medias from -* `media_nsfw`: List of instances to put medias as NSFW(sensitive) from -* `federated_timeline_removal`: List of instances to remove from Federated (aka The Whole Known Network) Timeline -* `reject`: List of instances to reject any activities from -* `accept`: List of instances to accept any activities from -* `report_removal`: List of instances to reject reports from -* `avatar_removal`: List of instances to strip avatars from -* `banner_removal`: List of instances to strip banners from - -## :mrf_subchain -This policy processes messages through an alternate pipeline when a given message matches certain criteria. -All criteria are configured as a map of regular expressions to lists of policy modules. - -* `match_actor`: Matches a series of regular expressions against the actor field. - -Example: - -``` -config :pleroma, :mrf_subchain, - match_actor: %{ - ~r/https:\/\/example.com/s => [Pleroma.Web.ActivityPub.MRF.DropPolicy] - } -``` - -## :mrf_rejectnonpublic -* `allow_followersonly`: whether to allow followers-only posts -* `allow_direct`: whether to allow direct messages - -## :mrf_hellthread -* `delist_threshold`: Number of mentioned users after which the message gets delisted (the message can still be seen, but it will not show up in public timelines and mentioned users won't get notifications about it). Set to 0 to disable. -* `reject_threshold`: Number of mentioned users after which the messaged gets rejected. Set to 0 to disable. - -## :mrf_keyword -* `reject`: A list of patterns which result in message being rejected, each pattern can be a string or a [regular expression](https://hexdocs.pm/elixir/Regex.html) -* `federated_timeline_removal`: A list of patterns which result in message being removed from federated timelines (a.k.a unlisted), each pattern can be a string or a [regular expression](https://hexdocs.pm/elixir/Regex.html) -* `replace`: A list of tuples containing `{pattern, replacement}`, `pattern` can be a string or a [regular expression](https://hexdocs.pm/elixir/Regex.html) - -## :mrf_mention -* `actors`: A list of actors, for which to drop any posts mentioning. - -## :mrf_vocabulary -* `accept`: A list of ActivityStreams terms to accept. If empty, all supported messages are accepted. -* `reject`: A list of ActivityStreams terms to reject. If empty, no messages are rejected. - -## :media_proxy -* `enabled`: Enables proxying of remote media to the instance’s proxy -* `base_url`: The base URL to access a user-uploaded file. Useful when you want to proxy the media files via another host/CDN fronts. -* `proxy_opts`: All options defined in `Pleroma.ReverseProxy` documentation, defaults to `[max_body_length: (25*1_048_576)]`. -* `whitelist`: List of domains to bypass the mediaproxy - -## :gopher -* `enabled`: Enables the gopher interface -* `ip`: IP address to bind to -* `port`: Port to bind to -* `dstport`: Port advertised in urls (optional, defaults to `port`) - -## Pleroma.Web.Endpoint -`Phoenix` endpoint configuration, all configuration options can be viewed [here](https://hexdocs.pm/phoenix/Phoenix.Endpoint.html#module-dynamic-configuration), only common options are listed here -* `http` - a list containing http protocol configuration, all configuration options can be viewed [here](https://hexdocs.pm/plug_cowboy/Plug.Cowboy.html#module-options), only common options are listed here. For deployment using docker, you need to set this to `[ip: {0,0,0,0}, port: 4000]` to make pleroma accessible from other containers (such as your nginx server). - - `ip` - a tuple consisting of 4 integers - - `port` -* `url` - a list containing the configuration for generating urls, accepts - - `host` - the host without the scheme and a post (e.g `example.com`, not `https://example.com:2020`) - - `scheme` - e.g `http`, `https` - - `port` - - `path` -* `extra_cookie_attrs` - a list of `Key=Value` strings to be added as non-standard cookie attributes. Defaults to `["SameSite=Lax"]`. See the [SameSite article](https://www.owasp.org/index.php/SameSite) on OWASP for more info. - - - -**Important note**: if you modify anything inside these lists, default `config.exs` values will be overwritten, which may result in breakage, to make sure this does not happen please copy the default value for the list from `config.exs` and modify/add only what you need - -Example: -```elixir -config :pleroma, Pleroma.Web.Endpoint, - url: [host: "example.com", port: 2020, scheme: "https"], - http: [ - # start copied from config.exs - dispatch: [ - {:_, - [ - {"/api/v1/streaming", Pleroma.Web.MastodonAPI.WebsocketHandler, []}, - {"/websocket", Phoenix.Endpoint.CowboyWebSocket, - {Phoenix.Transports.WebSocket, - {Pleroma.Web.Endpoint, Pleroma.Web.UserSocket, websocket_config}}}, - {:_, Phoenix.Endpoint.Cowboy2Handler, {Pleroma.Web.Endpoint, []}} - ]} - # end copied from config.exs - ], - port: 8080, - ip: {127, 0, 0, 1} - ] -``` - -This will make Pleroma listen on `127.0.0.1` port `8080` and generate urls starting with `https://example.com:2020` - -## :activitypub -* ``unfollow_blocked``: Whether blocks result in people getting unfollowed -* ``outgoing_blocks``: Whether to federate blocks to other instances -* ``deny_follow_blocked``: Whether to disallow following an account that has blocked the user in question -* ``sign_object_fetches``: Sign object fetches with HTTP signatures - -## :http_security -* ``enabled``: Whether the managed content security policy is enabled -* ``sts``: Whether to additionally send a `Strict-Transport-Security` header -* ``sts_max_age``: The maximum age for the `Strict-Transport-Security` header if sent -* ``ct_max_age``: The maximum age for the `Expect-CT` header if sent -* ``referrer_policy``: The referrer policy to use, either `"same-origin"` or `"no-referrer"` -* ``report_uri``: Adds the specified url to `report-uri` and `report-to` group in CSP header. - -## :mrf_user_allowlist - -The keys in this section are the domain names that the policy should apply to. -Each key should be assigned a list of users that should be allowed through by -their ActivityPub ID. - -An example: - -```elixir -config :pleroma, :mrf_user_allowlist, - "example.org": ["https://example.org/users/admin"] -``` - -## :web_push_encryption, :vapid_details - -Web Push Notifications configuration. You can use the mix task `mix web_push.gen.keypair` to generate it. - -* ``subject``: a mailto link for the administrative contact. It’s best if this email is not a personal email address, but rather a group email so that if a person leaves an organization, is unavailable for an extended period, or otherwise can’t respond, someone else on the list can. -* ``public_key``: VAPID public key -* ``private_key``: VAPID private key - -## Pleroma.Captcha -* `enabled`: Whether the captcha should be shown on registration -* `method`: The method/service to use for captcha -* `seconds_valid`: The time in seconds for which the captcha is valid - -### Pleroma.Captcha.Kocaptcha -Kocaptcha is a very simple captcha service with a single API endpoint, -the source code is here: https://github.com/koto-bank/kocaptcha. The default endpoint -`https://captcha.kotobank.ch` is hosted by the developer. - -* `endpoint`: the kocaptcha endpoint to use - -## :admin_token - -Allows to set a token that can be used to authenticate with the admin api without using an actual user by giving it as the 'admin_token' parameter. Example: - -```elixir -config :pleroma, :admin_token, "somerandomtoken" -``` - -You can then do - -```sh -curl "http://localhost:4000/api/pleroma/admin/invite_token?admin_token=somerandomtoken" -``` - -## :pleroma_job_queue - -[Pleroma Job Queue](https://git.pleroma.social/pleroma/pleroma_job_queue) configuration: a list of queues with maximum concurrent jobs. - -Pleroma has the following queues: - -* `federator_outgoing` - Outgoing federation -* `federator_incoming` - Incoming federation -* `mailer` - Email sender, see [`Pleroma.Emails.Mailer`](#pleroma-emails-mailer) -* `transmogrifier` - Transmogrifier -* `web_push` - Web push notifications -* `scheduled_activities` - Scheduled activities, see [`Pleroma.ScheduledActivities`](#pleromascheduledactivity) - -Example: - -```elixir -config :pleroma_job_queue, :queues, - federator_incoming: 50, - federator_outgoing: 50 -``` - -This config contains two queues: `federator_incoming` and `federator_outgoing`. Both have the `max_jobs` set to `50`. - -## Pleroma.Web.Federator.RetryQueue - -* `enabled`: If set to `true`, failed federation jobs will be retried -* `max_jobs`: The maximum amount of parallel federation jobs running at the same time. -* `initial_timeout`: The initial timeout in seconds -* `max_retries`: The maximum number of times a federation job is retried - -## Pleroma.Web.Metadata -* `providers`: a list of metadata providers to enable. Providers available: - * Pleroma.Web.Metadata.Providers.OpenGraph - * Pleroma.Web.Metadata.Providers.TwitterCard - * Pleroma.Web.Metadata.Providers.RelMe - add links from user bio with rel=me into the `
` as `` -* `unfurl_nsfw`: If set to `true` nsfw attachments will be shown in previews - -## :rich_media -* `enabled`: if enabled the instance will parse metadata from attached links to generate link previews -* `ignore_hosts`: list of hosts which will be ignored by the metadata parser. For example `["accounts.google.com", "xss.website"]`, defaults to `[]`. -* `ignore_tld`: list TLDs (top-level domains) which will ignore for parse metadata. default is ["local", "localdomain", "lan"] -* `parsers`: list of Rich Media parsers - -## :fetch_initial_posts -* `enabled`: if enabled, when a new user is federated with, fetch some of their latest posts -* `pages`: the amount of pages to fetch - -## :hackney_pools - -Advanced. Tweaks Hackney (http client) connections pools. - -There's three pools used: - -* `:federation` for the federation jobs. - You may want this pool max_connections to be at least equal to the number of federator jobs + retry queue jobs. -* `:media` for rich media, media proxy -* `:upload` for uploaded media (if using a remote uploader and `proxy_remote: true`) - -For each pool, the options are: - -* `max_connections` - how much connections a pool can hold -* `timeout` - retention duration for connections - -## :auto_linker - -Configuration for the `auto_linker` library: - -* `class: "auto-linker"` - specify the class to be added to the generated link. false to clear -* `rel: "noopener noreferrer"` - override the rel attribute. false to clear -* `new_window: true` - set to false to remove `target='_blank'` attribute -* `scheme: false` - Set to true to link urls with schema `http://google.com` -* `truncate: false` - Set to a number to truncate urls longer then the number. Truncated urls will end in `..` -* `strip_prefix: true` - Strip the scheme prefix -* `extra: false` - link urls with rarely used schemes (magnet, ipfs, irc, etc.) - -Example: - -```elixir -config :auto_linker, - opts: [ - scheme: true, - extra: true, - class: false, - strip_prefix: false, - new_window: false, - rel: false - ] -``` - -## Pleroma.ScheduledActivity - -* `daily_user_limit`: the number of scheduled activities a user is allowed to create in a single day (Default: `25`) -* `total_user_limit`: the number of scheduled activities a user is allowed to create in total (Default: `300`) -* `enabled`: whether scheduled activities are sent to the job queue to be executed - -## Pleroma.ActivityExpiration - -# `enabled`: whether expired activities will be sent to the job queue to be deleted - -## Pleroma.Web.Auth.Authenticator - -* `Pleroma.Web.Auth.PleromaAuthenticator`: default database authenticator -* `Pleroma.Web.Auth.LDAPAuthenticator`: LDAP authentication - -## :ldap - -Use LDAP for user authentication. When a user logs in to the Pleroma -instance, the name and password will be verified by trying to authenticate -(bind) to an LDAP server. If a user exists in the LDAP directory but there -is no account with the same name yet on the Pleroma instance then a new -Pleroma account will be created with the same name as the LDAP user name. - -* `enabled`: enables LDAP authentication -* `host`: LDAP server hostname -* `port`: LDAP port, e.g. 389 or 636 -* `ssl`: true to use SSL, usually implies the port 636 -* `sslopts`: additional SSL options -* `tls`: true to start TLS, usually implies the port 389 -* `tlsopts`: additional TLS options -* `base`: LDAP base, e.g. "dc=example,dc=com" -* `uid`: LDAP attribute name to authenticate the user, e.g. when "cn", the filter will be "cn=username,base" - -## BBS / SSH access - -To enable simple command line interface accessible over ssh, add a setting like this to your configuration file: - -```exs -app_dir = File.cwd! -priv_dir = Path.join([app_dir, "priv/ssh_keys"]) - -config :esshd, - enabled: true, - priv_dir: priv_dir, - handler: "Pleroma.BBS.Handler", - port: 10_022, - password_authenticator: "Pleroma.BBS.Authenticator" -``` - -Feel free to adjust the priv_dir and port number. Then you will have to create the key for the keys (in the example `priv/ssh_keys`) and create the host keys with `ssh-keygen -m PEM -N "" -b 2048 -t rsa -f ssh_host_rsa_key`. After restarting, you should be able to connect to your Pleroma instance with `ssh username@server -p $PORT` - -## :auth - -* `Pleroma.Web.Auth.PleromaAuthenticator`: default database authenticator -* `Pleroma.Web.Auth.LDAPAuthenticator`: LDAP authentication - -Authentication / authorization settings. - -* `auth_template`: authentication form template. By default it's `show.html` which corresponds to `lib/pleroma/web/templates/o_auth/o_auth/show.html.eex`. -* `oauth_consumer_template`: OAuth consumer mode authentication form template. By default it's `consumer.html` which corresponds to `lib/pleroma/web/templates/o_auth/o_auth/consumer.html.eex`. -* `oauth_consumer_strategies`: the list of enabled OAuth consumer strategies; by default it's set by `OAUTH_CONSUMER_STRATEGIES` environment variable. Each entry in this space-delimited string should be of format `` or `:` (e.g. `twitter` or `keycloak:ueberauth_keycloak_strategy` in case dependency is named differently than `ueberauth_`). - -## :email_notifications - -Email notifications settings. - - - digest - emails of "what you've missed" for users who have been - inactive for a while. - - active: globally enable or disable digest emails - - schedule: When to send digest email, in [crontab format](https://en.wikipedia.org/wiki/Cron). - "0 0 * * 0" is the default, meaning "once a week at midnight on Sunday morning" - - interval: Minimum interval between digest emails to one user - - inactivity_threshold: Minimum user inactivity threshold - -## Pleroma.Emails.UserEmail - -- `:logo` - a path to a custom logo. Set it to `nil` to use the default Pleroma logo. -- `:styling` - a map with color settings for email templates. - -## OAuth consumer mode - -OAuth consumer mode allows sign in / sign up via external OAuth providers (e.g. Twitter, Facebook, Google, Microsoft, etc.). -Implementation is based on Ueberauth; see the list of [available strategies](https://github.com/ueberauth/ueberauth/wiki/List-of-Strategies). - -Note: each strategy is shipped as a separate dependency; in order to get the strategies, run `OAUTH_CONSUMER_STRATEGIES="..." mix deps.get`, -e.g. `OAUTH_CONSUMER_STRATEGIES="twitter facebook google microsoft" mix deps.get`. -The server should also be started with `OAUTH_CONSUMER_STRATEGIES="..." mix phx.server` in case you enable any strategies. - -Note: each strategy requires separate setup (on external provider side and Pleroma side). Below are the guidelines on setting up most popular strategies. - -Note: make sure that `"SameSite=Lax"` is set in `extra_cookie_attrs` when you have this feature enabled. OAuth consumer mode will not work with `"SameSite=Strict"` - -* For Twitter, [register an app](https://developer.twitter.com/en/apps), configure callback URL to https:///oauth/twitter/callback - -* For Facebook, [register an app](https://developers.facebook.com/apps), configure callback URL to https:///oauth/facebook/callback, enable Facebook Login service at https://developers.facebook.com/apps//fb-login/settings/ - -* For Google, [register an app](https://console.developers.google.com), configure callback URL to https:///oauth/google/callback - -* For Microsoft, [register an app](https://portal.azure.com), configure callback URL to https:///oauth/microsoft/callback - -Once the app is configured on external OAuth provider side, add app's credentials and strategy-specific settings (if any — e.g. see Microsoft below) to `config/prod.secret.exs`, -per strategy's documentation (e.g. [ueberauth_twitter](https://github.com/ueberauth/ueberauth_twitter)). Example config basing on environment variables: - -```elixir -# Twitter -config :ueberauth, Ueberauth.Strategy.Twitter.OAuth, - consumer_key: System.get_env("TWITTER_CONSUMER_KEY"), - consumer_secret: System.get_env("TWITTER_CONSUMER_SECRET") - -# Facebook -config :ueberauth, Ueberauth.Strategy.Facebook.OAuth, - client_id: System.get_env("FACEBOOK_APP_ID"), - client_secret: System.get_env("FACEBOOK_APP_SECRET"), - redirect_uri: System.get_env("FACEBOOK_REDIRECT_URI") - -# Google -config :ueberauth, Ueberauth.Strategy.Google.OAuth, - client_id: System.get_env("GOOGLE_CLIENT_ID"), - client_secret: System.get_env("GOOGLE_CLIENT_SECRET"), - redirect_uri: System.get_env("GOOGLE_REDIRECT_URI") - -# Microsoft -config :ueberauth, Ueberauth.Strategy.Microsoft.OAuth, - client_id: System.get_env("MICROSOFT_CLIENT_ID"), - client_secret: System.get_env("MICROSOFT_CLIENT_SECRET") - -config :ueberauth, Ueberauth, - providers: [ - microsoft: {Ueberauth.Strategy.Microsoft, [callback_params: []]} - ] - -# Keycloak -# Note: make sure to add `keycloak:ueberauth_keycloak_strategy` entry to `OAUTH_CONSUMER_STRATEGIES` environment variable -keycloak_url = "https://publicly-reachable-keycloak-instance.org:8080" - -config :ueberauth, Ueberauth.Strategy.Keycloak.OAuth, - client_id: System.get_env("KEYCLOAK_CLIENT_ID"), - client_secret: System.get_env("KEYCLOAK_CLIENT_SECRET"), - site: keycloak_url, - authorize_url: "#{keycloak_url}/auth/realms/master/protocol/openid-connect/auth", - token_url: "#{keycloak_url}/auth/realms/master/protocol/openid-connect/token", - userinfo_url: "#{keycloak_url}/auth/realms/master/protocol/openid-connect/userinfo", - token_method: :post - -config :ueberauth, Ueberauth, - providers: [ - keycloak: {Ueberauth.Strategy.Keycloak, [uid_field: :email]} - ] -``` - -## OAuth 2.0 provider - :oauth2 - -Configure OAuth 2 provider capabilities: - -* `token_expires_in` - The lifetime in seconds of the access token. -* `issue_new_refresh_token` - Keeps old refresh token or generate new refresh token when to obtain an access token. -* `clean_expired_tokens` - Enable a background job to clean expired oauth tokens. Defaults to `false`. -* `clean_expired_tokens_interval` - Interval to run the job to clean expired tokens. Defaults to `86_400_000` (24 hours). - -## :emoji -* `shortcode_globs`: Location of custom emoji files. `*` can be used as a wildcard. Example `["/emoji/custom/**/*.png"]` -* `pack_extensions`: A list of file extensions for emojis, when no emoji.txt for a pack is present. Example `[".png", ".gif"]` -* `groups`: Emojis are ordered in groups (tags). This is an array of key-value pairs where the key is the groupname and the value the location or array of locations. `*` can be used as a wildcard. Example `[Custom: ["/emoji/*.png", "/emoji/custom/*.png"]]` -* `default_manifest`: Location of the JSON-manifest. This manifest contains information about the emoji-packs you can download. Currently only one manifest can be added (no arrays). - -## Database options - -### RUM indexing for full text search -* `rum_enabled`: If RUM indexes should be used. Defaults to `false`. - -RUM indexes are an alternative indexing scheme that is not included in PostgreSQL by default. While they may eventually be mainlined, for now they have to be installed as a PostgreSQL extension from https://github.com/postgrespro/rum. - -Their advantage over the standard GIN indexes is that they allow efficient ordering of search results by timestamp, which makes search queries a lot faster on larger servers, by one or two orders of magnitude. They take up around 3 times as much space as GIN indexes. - -To enable them, both the `rum_enabled` flag has to be set and the following special migration has to be run: - -`mix ecto.migrate --migrations-path priv/repo/optional_migrations/rum_indexing/` - -This will probably take a long time. - -## :rate_limit - -This is an advanced feature and disabled by default. - -A keyword list of rate limiters where a key is a limiter name and value is the limiter configuration. The basic configuration is a tuple where: - -* The first element: `scale` (Integer). The time scale in milliseconds. -* The second element: `limit` (Integer). How many requests to limit in the time scale provided. - -It is also possible to have different limits for unauthenticated and authenticated users: the keyword value must be a list of two tuples where the first one is a config for unauthenticated users and the second one is for authenticated. - -See [`Pleroma.Plugs.RateLimiter`](Pleroma.Plugs.RateLimiter.html) documentation for examples. - -Supported rate limiters: - -* `:search` for the search requests (account & status search etc.) -* `:app_account_creation` for registering user accounts from the same IP address -* `:relations_actions` for actions on relations with all users (follow, unfollow) -* `:relation_id_action` for actions on relation with a specific user (follow, unfollow) -* `:statuses_actions` for create / delete / fav / unfav / reblog / unreblog actions on any statuses -* `:status_id_action` for fav / unfav or reblog / unreblog actions on the same status by the same user - -## :web_cache_ttl - -The expiration time for the web responses cache. Values should be in milliseconds or `nil` to disable expiration. - -Available caches: - -* `:activity_pub` - activity pub routes (except question activities). Defaults to `nil` (no expiration). -* `:activity_pub_question` - activity pub routes (question activities). Defaults to `30_000` (30 seconds). +# Configuration + +This file describe the configuration, it is recommended to edit the relevant *.secret.exs file instead of the others founds in the ``config`` directory. +If you run Pleroma with ``MIX_ENV=prod`` the file is ``prod.secret.exs``, otherwise it is ``dev.secret.exs``. + +## Pleroma.Upload +* `uploader`: Select which `Pleroma.Uploaders` to use +* `filters`: List of `Pleroma.Upload.Filter` to use. +* `link_name`: When enabled Pleroma will add a `name` parameter to the url of the upload, for example `https://instance.tld/media/corndog.png?name=corndog.png`. This is needed to provide the correct filename in Content-Disposition headers when using filters like `Pleroma.Upload.Filter.Dedupe` +* `base_url`: The base URL to access a user-uploaded file. Useful when you want to proxy the media files via another host. +* `proxy_remote`: If you're using a remote uploader, Pleroma will proxy media requests instead of redirecting to it. +* `proxy_opts`: Proxy options, see `Pleroma.ReverseProxy` documentation. + +Note: `strip_exif` has been replaced by `Pleroma.Upload.Filter.Mogrify`. + +## Pleroma.Uploaders.Local +* `uploads`: Which directory to store the user-uploads in, relative to pleroma’s working directory + +## Pleroma.Uploaders.S3 +* `bucket`: S3 bucket name +* `bucket_namespace`: S3 bucket namespace +* `public_endpoint`: S3 endpoint that the user finally accesses(ex. "https://s3.dualstack.ap-northeast-1.amazonaws.com") +* `truncated_namespace`: If you use S3 compatible service such as Digital Ocean Spaces or CDN, set folder name or "" etc. +For example, when using CDN to S3 virtual host format, set "". +At this time, write CNAME to CDN in public_endpoint. + +## Pleroma.Upload.Filter.Mogrify + +* `args`: List of actions for the `mogrify` command like `"strip"` or `["strip", "auto-orient", {"implode", "1"}]`. + +## Pleroma.Upload.Filter.Dedupe + +No specific configuration. + +## Pleroma.Upload.Filter.AnonymizeFilename + +This filter replaces the filename (not the path) of an upload. For complete obfuscation, add +`Pleroma.Upload.Filter.Dedupe` before AnonymizeFilename. + +* `text`: Text to replace filenames in links. If empty, `{random}.extension` will be used. You can get the original filename extension by using `{extension}`, for example `custom-file-name.{extension}`. + +## Pleroma.Emails.Mailer +* `adapter`: one of the mail adapters listed in [Swoosh readme](https://github.com/swoosh/swoosh#adapters), or `Swoosh.Adapters.Local` for in-memory mailbox. +* `api_key` / `password` and / or other adapter-specific settings, per the above documentation. +* `enabled`: Allows enable/disable send emails. Default: `false`. + +An example for Sendgrid adapter: + +```elixir +config :pleroma, Pleroma.Emails.Mailer, + adapter: Swoosh.Adapters.Sendgrid, + api_key: "YOUR_API_KEY" +``` + +An example for SMTP adapter: + +```elixir +config :pleroma, Pleroma.Emails.Mailer, + adapter: Swoosh.Adapters.SMTP, + relay: "smtp.gmail.com", + username: "YOUR_USERNAME@gmail.com", + password: "YOUR_SMTP_PASSWORD", + port: 465, + ssl: true, + tls: :always, + auth: :always +``` + +## :uri_schemes +* `valid_schemes`: List of the scheme part that is considered valid to be an URL + +## :instance +* `name`: The instance’s name +* `email`: Email used to reach an Administrator/Moderator of the instance +* `notify_email`: Email used for notifications. +* `description`: The instance’s description, can be seen in nodeinfo and ``/api/v1/instance`` +* `limit`: Posts character limit (CW/Subject included in the counter) +* `remote_limit`: Hard character limit beyond which remote posts will be dropped. +* `upload_limit`: File size limit of uploads (except for avatar, background, banner) +* `avatar_upload_limit`: File size limit of user’s profile avatars +* `background_upload_limit`: File size limit of user’s profile backgrounds +* `banner_upload_limit`: File size limit of user’s profile banners +* `poll_limits`: A map with poll limits for **local** polls + * `max_options`: Maximum number of options + * `max_option_chars`: Maximum number of characters per option + * `min_expiration`: Minimum expiration time (in seconds) + * `max_expiration`: Maximum expiration time (in seconds) +* `registrations_open`: Enable registrations for anyone, invitations can be enabled when false. +* `invites_enabled`: Enable user invitations for admins (depends on `registrations_open: false`). +* `account_activation_required`: Require users to confirm their emails before signing in. +* `federating`: Enable federation with other instances +* `federation_incoming_replies_max_depth`: Max. depth of reply-to activities fetching on incoming federation, to prevent out-of-memory situations while fetching very long threads. If set to `nil`, threads of any depth will be fetched. Lower this value if you experience out-of-memory crashes. +* `federation_reachability_timeout_days`: Timeout (in days) of each external federation target being unreachable prior to pausing federating to it. +* `allow_relay`: Enable Pleroma’s Relay, which makes it possible to follow a whole instance +* `rewrite_policy`: Message Rewrite Policy, either one or a list. Here are the ones available by default: + * `Pleroma.Web.ActivityPub.MRF.NoOpPolicy`: Doesn’t modify activities (default) + * `Pleroma.Web.ActivityPub.MRF.DropPolicy`: Drops all activities. It generally doesn’t makes sense to use in production + * `Pleroma.Web.ActivityPub.MRF.SimplePolicy`: Restrict the visibility of activities from certains instances (See ``:mrf_simple`` section) + * `Pleroma.Web.ActivityPub.MRF.TagPolicy`: Applies policies to individual users based on tags, which can be set using pleroma-fe/admin-fe/any other app that supports Pleroma Admin API. For example it allows marking posts from individual users nsfw (sensitive) + * `Pleroma.Web.ActivityPub.MRF.SubchainPolicy`: Selectively runs other MRF policies when messages match (see ``:mrf_subchain`` section) + * `Pleroma.Web.ActivityPub.MRF.RejectNonPublic`: Drops posts with non-public visibility settings (See ``:mrf_rejectnonpublic`` section) + * `Pleroma.Web.ActivityPub.MRF.EnsureRePrepended`: Rewrites posts to ensure that replies to posts with subjects do not have an identical subject and instead begin with re:. + * `Pleroma.Web.ActivityPub.MRF.AntiLinkSpamPolicy`: Rejects posts from likely spambots by rejecting posts from new users that contain links. + * `Pleroma.Web.ActivityPub.MRF.MediaProxyWarmingPolicy`: Crawls attachments using their MediaProxy URLs so that the MediaProxy cache is primed. + * `Pleroma.Web.ActivityPub.MRF.MentionPolicy`: Drops posts mentioning configurable users. (see `:mrf_mention` section) + * `Pleroma.Web.ActivityPub.MRF.VocabularyPolicy`: Restricts activities to a configured set of vocabulary. (see `:mrf_vocabulary` section) +* `public`: Makes the client API in authentificated mode-only except for user-profiles. Useful for disabling the Local Timeline and The Whole Known Network. +* `quarantined_instances`: List of ActivityPub instances where private(DMs, followers-only) activities will not be send. +* `managed_config`: Whenether the config for pleroma-fe is configured in this config or in ``static/config.json`` +* `allowed_post_formats`: MIME-type list of formats allowed to be posted (transformed into HTML) +* `mrf_transparency`: Make the content of your Message Rewrite Facility settings public (via nodeinfo). +* `mrf_transparency_exclusions`: Exclude specific instance names from MRF transparency. The use of the exclusions feature will be disclosed in nodeinfo as a boolean value. +* `scope_copy`: Copy the scope (private/unlisted/public) in replies to posts by default. +* `subject_line_behavior`: Allows changing the default behaviour of subject lines in replies. Valid values: + * "email": Copy and preprend re:, as in email. + * "masto": Copy verbatim, as in Mastodon. + * "noop": Don't copy the subject. +* `always_show_subject_input`: When set to false, auto-hide the subject field when it's empty. +* `extended_nickname_format`: Set to `true` to use extended local nicknames format (allows underscores/dashes). This will break federation with + older software for theses nicknames. +* `max_pinned_statuses`: The maximum number of pinned statuses. `0` will disable the feature. +* `autofollowed_nicknames`: Set to nicknames of (local) users that every new user should automatically follow. +* `no_attachment_links`: Set to true to disable automatically adding attachment link text to statuses +* `welcome_message`: A message that will be send to a newly registered users as a direct message. +* `welcome_user_nickname`: The nickname of the local user that sends the welcome message. +* `max_report_comment_size`: The maximum size of the report comment (Default: `1000`) +* `safe_dm_mentions`: If set to true, only mentions at the beginning of a post will be used to address people in direct messages. This is to prevent accidental mentioning of people when talking about them (e.g. "@friend hey i really don't like @enemy"). Default: `false`. +* `healthcheck`: If set to true, system data will be shown on ``/api/pleroma/healthcheck``. +* `remote_post_retention_days`: The default amount of days to retain remote posts when pruning the database. +* `user_bio_length`: A user bio maximum length (default: `5000`) +* `user_name_length`: A user name maximum length (default: `100`) +* `skip_thread_containment`: Skip filter out broken threads. The default is `false`. +* `limit_to_local_content`: Limit unauthenticated users to search for local statutes and users only. Possible values: `:unauthenticated`, `:all` and `false`. The default is `:unauthenticated`. +* `dynamic_configuration`: Allow transferring configuration to DB with the subsequent customization from Admin api. +* `max_account_fields`: The maximum number of custom fields in the user profile (default: `10`) +* `max_remote_account_fields`: The maximum number of custom fields in the remote user profile (default: `20`) +* `account_field_name_length`: An account field name maximum length (default: `512`) +* `account_field_value_length`: An account field value maximum length (default: `512`) +* `external_user_synchronization`: Enabling following/followers counters synchronization for external users. + + + +## :logger +* `backends`: `:console` is used to send logs to stdout, `{ExSyslogger, :ex_syslogger}` to log to syslog, and `Quack.Logger` to log to Slack + +An example to enable ONLY ExSyslogger (f/ex in ``prod.secret.exs``) with info and debug suppressed: +```elixir +config :logger, + backends: [{ExSyslogger, :ex_syslogger}] + +config :logger, :ex_syslogger, + level: :warn +``` + +Another example, keeping console output and adding the pid to syslog output: +```elixir +config :logger, + backends: [:console, {ExSyslogger, :ex_syslogger}] + +config :logger, :ex_syslogger, + level: :warn, + option: [:pid, :ndelay] +``` + +See: [logger’s documentation](https://hexdocs.pm/logger/Logger.html) and [ex_syslogger’s documentation](https://hexdocs.pm/ex_syslogger/) + +An example of logging info to local syslog, but warn to a Slack channel: +```elixir +config :logger, + backends: [ {ExSyslogger, :ex_syslogger}, Quack.Logger ], + level: :info + +config :logger, :ex_syslogger, + level: :info, + ident: "pleroma", + format: "$metadata[$level] $message" + +config :quack, + level: :warn, + meta: [:all], + webhook_url: "https://hooks.slack.com/services/YOUR-API-KEY-HERE" +``` + +See the [Quack Github](https://github.com/azohra/quack) for more details + +## :frontend_configurations + +This can be used to configure a keyword list that keeps the configuration data for any kind of frontend. By default, settings for `pleroma_fe` and `masto_fe` are configured. + +Frontends can access these settings at `/api/pleroma/frontend_configurations` + +To add your own configuration for PleromaFE, use it like this: + +```elixir +config :pleroma, :frontend_configurations, + pleroma_fe: %{ + theme: "pleroma-dark", + # ... see /priv/static/static/config.json for the available keys. +}, + masto_fe: %{ + showInstanceSpecificPanel: true + } +``` + +These settings **need to be complete**, they will override the defaults. + +NOTE: for versions < 1.0, you need to set [`:fe`](#fe) to false, as shown a few lines below. + +## :fe +__THIS IS DEPRECATED__ + +If you are using this method, please change it to the [`frontend_configurations`](#frontend_configurations) method. +Please **set this option to false** in your config like this: + +```elixir +config :pleroma, :fe, false +``` + +This section is used to configure Pleroma-FE, unless ``:managed_config`` in ``:instance`` is set to false. + +* `theme`: Which theme to use, they are defined in ``styles.json`` +* `logo`: URL of the logo, defaults to Pleroma’s logo +* `logo_mask`: Whether to use only the logo's shape as a mask (true) or as a regular image (false) +* `logo_margin`: What margin to use around the logo +* `background`: URL of the background, unless viewing a user profile with a background that is set +* `redirect_root_no_login`: relative URL which indicates where to redirect when a user isn’t logged in. +* `redirect_root_login`: relative URL which indicates where to redirect when a user is logged in. +* `show_instance_panel`: Whenether to show the instance’s specific panel. +* `scope_options_enabled`: Enable setting an notice visibility and subject/CW when posting +* `formatting_options_enabled`: Enable setting a formatting different than plain-text (ie. HTML, Markdown) when posting, relates to ``:instance, allowed_post_formats`` +* `collapse_message_with_subjects`: When a message has a subject(aka Content Warning), collapse it by default +* `hide_post_stats`: Hide notices statistics(repeats, favorites, …) +* `hide_user_stats`: Hide profile statistics(posts, posts per day, followers, followings, …) + +## :assets + +This section configures assets to be used with various frontends. Currently the only option +relates to mascots on the mastodon frontend + +* `mascots`: KeywordList of mascots, each element __MUST__ contain both a `url` and a + `mime_type` key. +* `default_mascot`: An element from `mascots` - This will be used as the default mascot + on MastoFE (default: `:pleroma_fox_tan`) + +## :mrf_simple +* `media_removal`: List of instances to remove medias from +* `media_nsfw`: List of instances to put medias as NSFW(sensitive) from +* `federated_timeline_removal`: List of instances to remove from Federated (aka The Whole Known Network) Timeline +* `reject`: List of instances to reject any activities from +* `accept`: List of instances to accept any activities from +* `report_removal`: List of instances to reject reports from +* `avatar_removal`: List of instances to strip avatars from +* `banner_removal`: List of instances to strip banners from + +## :mrf_subchain +This policy processes messages through an alternate pipeline when a given message matches certain criteria. +All criteria are configured as a map of regular expressions to lists of policy modules. + +* `match_actor`: Matches a series of regular expressions against the actor field. + +Example: + +``` +config :pleroma, :mrf_subchain, + match_actor: %{ + ~r/https:\/\/example.com/s => [Pleroma.Web.ActivityPub.MRF.DropPolicy] + } +``` + +## :mrf_rejectnonpublic +* `allow_followersonly`: whether to allow followers-only posts +* `allow_direct`: whether to allow direct messages + +## :mrf_hellthread +* `delist_threshold`: Number of mentioned users after which the message gets delisted (the message can still be seen, but it will not show up in public timelines and mentioned users won't get notifications about it). Set to 0 to disable. +* `reject_threshold`: Number of mentioned users after which the messaged gets rejected. Set to 0 to disable. + +## :mrf_keyword +* `reject`: A list of patterns which result in message being rejected, each pattern can be a string or a [regular expression](https://hexdocs.pm/elixir/Regex.html) +* `federated_timeline_removal`: A list of patterns which result in message being removed from federated timelines (a.k.a unlisted), each pattern can be a string or a [regular expression](https://hexdocs.pm/elixir/Regex.html) +* `replace`: A list of tuples containing `{pattern, replacement}`, `pattern` can be a string or a [regular expression](https://hexdocs.pm/elixir/Regex.html) + +## :mrf_mention +* `actors`: A list of actors, for which to drop any posts mentioning. + +## :mrf_vocabulary +* `accept`: A list of ActivityStreams terms to accept. If empty, all supported messages are accepted. +* `reject`: A list of ActivityStreams terms to reject. If empty, no messages are rejected. + +## :media_proxy +* `enabled`: Enables proxying of remote media to the instance’s proxy +* `base_url`: The base URL to access a user-uploaded file. Useful when you want to proxy the media files via another host/CDN fronts. +* `proxy_opts`: All options defined in `Pleroma.ReverseProxy` documentation, defaults to `[max_body_length: (25*1_048_576)]`. +* `whitelist`: List of domains to bypass the mediaproxy + +## :gopher +* `enabled`: Enables the gopher interface +* `ip`: IP address to bind to +* `port`: Port to bind to +* `dstport`: Port advertised in urls (optional, defaults to `port`) + +## Pleroma.Web.Endpoint +`Phoenix` endpoint configuration, all configuration options can be viewed [here](https://hexdocs.pm/phoenix/Phoenix.Endpoint.html#module-dynamic-configuration), only common options are listed here +* `http` - a list containing http protocol configuration, all configuration options can be viewed [here](https://hexdocs.pm/plug_cowboy/Plug.Cowboy.html#module-options), only common options are listed here. For deployment using docker, you need to set this to `[ip: {0,0,0,0}, port: 4000]` to make pleroma accessible from other containers (such as your nginx server). + - `ip` - a tuple consisting of 4 integers + - `port` +* `url` - a list containing the configuration for generating urls, accepts + - `host` - the host without the scheme and a post (e.g `example.com`, not `https://example.com:2020`) + - `scheme` - e.g `http`, `https` + - `port` + - `path` +* `extra_cookie_attrs` - a list of `Key=Value` strings to be added as non-standard cookie attributes. Defaults to `["SameSite=Lax"]`. See the [SameSite article](https://www.owasp.org/index.php/SameSite) on OWASP for more info. + + + +**Important note**: if you modify anything inside these lists, default `config.exs` values will be overwritten, which may result in breakage, to make sure this does not happen please copy the default value for the list from `config.exs` and modify/add only what you need + +Example: +```elixir +config :pleroma, Pleroma.Web.Endpoint, + url: [host: "example.com", port: 2020, scheme: "https"], + http: [ + # start copied from config.exs + dispatch: [ + {:_, + [ + {"/api/v1/streaming", Pleroma.Web.MastodonAPI.WebsocketHandler, []}, + {"/websocket", Phoenix.Endpoint.CowboyWebSocket, + {Phoenix.Transports.WebSocket, + {Pleroma.Web.Endpoint, Pleroma.Web.UserSocket, websocket_config}}}, + {:_, Phoenix.Endpoint.Cowboy2Handler, {Pleroma.Web.Endpoint, []}} + ]} + # end copied from config.exs + ], + port: 8080, + ip: {127, 0, 0, 1} + ] +``` + +This will make Pleroma listen on `127.0.0.1` port `8080` and generate urls starting with `https://example.com:2020` + +## :activitypub +* ``unfollow_blocked``: Whether blocks result in people getting unfollowed +* ``outgoing_blocks``: Whether to federate blocks to other instances +* ``deny_follow_blocked``: Whether to disallow following an account that has blocked the user in question +* ``sign_object_fetches``: Sign object fetches with HTTP signatures + +## :http_security +* ``enabled``: Whether the managed content security policy is enabled +* ``sts``: Whether to additionally send a `Strict-Transport-Security` header +* ``sts_max_age``: The maximum age for the `Strict-Transport-Security` header if sent +* ``ct_max_age``: The maximum age for the `Expect-CT` header if sent +* ``referrer_policy``: The referrer policy to use, either `"same-origin"` or `"no-referrer"` +* ``report_uri``: Adds the specified url to `report-uri` and `report-to` group in CSP header. + +## :mrf_user_allowlist + +The keys in this section are the domain names that the policy should apply to. +Each key should be assigned a list of users that should be allowed through by +their ActivityPub ID. + +An example: + +```elixir +config :pleroma, :mrf_user_allowlist, + "example.org": ["https://example.org/users/admin"] +``` + +## :web_push_encryption, :vapid_details + +Web Push Notifications configuration. You can use the mix task `mix web_push.gen.keypair` to generate it. + +* ``subject``: a mailto link for the administrative contact. It’s best if this email is not a personal email address, but rather a group email so that if a person leaves an organization, is unavailable for an extended period, or otherwise can’t respond, someone else on the list can. +* ``public_key``: VAPID public key +* ``private_key``: VAPID private key + +## Pleroma.Captcha +* `enabled`: Whether the captcha should be shown on registration +* `method`: The method/service to use for captcha +* `seconds_valid`: The time in seconds for which the captcha is valid + +### Pleroma.Captcha.Kocaptcha +Kocaptcha is a very simple captcha service with a single API endpoint, +the source code is here: https://github.com/koto-bank/kocaptcha. The default endpoint +`https://captcha.kotobank.ch` is hosted by the developer. + +* `endpoint`: the kocaptcha endpoint to use + +## :admin_token + +Allows to set a token that can be used to authenticate with the admin api without using an actual user by giving it as the 'admin_token' parameter. Example: + +```elixir +config :pleroma, :admin_token, "somerandomtoken" +``` + +You can then do + +```sh +curl "http://localhost:4000/api/pleroma/admin/invite_token?admin_token=somerandomtoken" +``` + +## Oban + +[Oban](https://github.com/sorentwo/oban) asynchronous job processor configuration. + +Configuration options described in [Oban readme](https://github.com/sorentwo/oban#usage): +* `repo` - app's Ecto repo (`Pleroma.Repo`) +* `verbose` - logs verbosity +* `prune` - non-retryable jobs [pruning settings](https://github.com/sorentwo/oban#pruning) (`:disabled` / `{:maxlen, value}` / `{:maxage, value}`) +* `queues` - job queues (see below) + +Pleroma has the following queues: + +* `activity_expiration` - Activity expiration +* `federator_outgoing` - Outgoing federation +* `federator_incoming` - Incoming federation +* `mailer` - Email sender, see [`Pleroma.Emails.Mailer`](#pleromaemailsmailer) +* `transmogrifier` - Transmogrifier +* `web_push` - Web push notifications +* `scheduled_activities` - Scheduled activities, see [`Pleroma.ScheduledActivity`](#pleromascheduledactivity) + +Example: + +```elixir +config :pleroma, Oban, + repo: Pleroma.Repo, + verbose: false, + prune: {:maxlen, 1500}, + queues: [ + federator_incoming: 50, + federator_outgoing: 50 + ] +``` + +This config contains two queues: `federator_incoming` and `federator_outgoing`. Both have the number of max concurrent jobs set to `50`. + +### Migrating `pleroma_job_queue` settings + +`config :pleroma_job_queue, :queues` is replaced by `config :pleroma, Oban, :queues` and uses the same format (keys are queues' names, values are max concurrent jobs numbers). + +### Note on running with PostgreSQL in silent mode + +If you are running PostgreSQL in [`silent_mode`](https://postgresqlco.nf/en/doc/param/silent_mode?version=9.1), it's advised to set [`log_destination`](https://postgresqlco.nf/en/doc/param/log_destination?version=9.1) to `syslog`, +otherwise `postmaster.log` file may grow because of "you don't own a lock of type ShareLock" warnings (see https://github.com/sorentwo/oban/issues/52). + +## :workers + +Includes custom worker options not interpretable directly by `Oban`. + +* `retries` — keyword lists where keys are `Oban` queues (see above) and values are numbers of max attempts for failed jobs. + +Example: + +```elixir +config :pleroma, :workers, + retries: [ + federator_incoming: 5, + federator_outgoing: 5 + ] +``` + +### Migrating `Pleroma.Web.Federator.RetryQueue` settings + +* `max_retries` is replaced with `config :pleroma, :workers, retries: [federator_outgoing: 5]` +* `enabled: false` corresponds to `config :pleroma, :workers, retries: [federator_outgoing: 1]` +* deprecated options: `max_jobs`, `initial_timeout` + +## Pleroma.Web.Metadata +* `providers`: a list of metadata providers to enable. Providers available: + * Pleroma.Web.Metadata.Providers.OpenGraph + * Pleroma.Web.Metadata.Providers.TwitterCard + * Pleroma.Web.Metadata.Providers.RelMe - add links from user bio with rel=me into the `
` as `` +* `unfurl_nsfw`: If set to `true` nsfw attachments will be shown in previews + +## :rich_media +* `enabled`: if enabled the instance will parse metadata from attached links to generate link previews +* `ignore_hosts`: list of hosts which will be ignored by the metadata parser. For example `["accounts.google.com", "xss.website"]`, defaults to `[]`. +* `ignore_tld`: list TLDs (top-level domains) which will ignore for parse metadata. default is ["local", "localdomain", "lan"] +* `parsers`: list of Rich Media parsers + +## :fetch_initial_posts +* `enabled`: if enabled, when a new user is federated with, fetch some of their latest posts +* `pages`: the amount of pages to fetch + +## :hackney_pools + +Advanced. Tweaks Hackney (http client) connections pools. + +There's three pools used: + +* `:federation` for the federation jobs. + You may want this pool max_connections to be at least equal to the number of federator jobs + retry queue jobs. +* `:media` for rich media, media proxy +* `:upload` for uploaded media (if using a remote uploader and `proxy_remote: true`) + +For each pool, the options are: + +* `max_connections` - how much connections a pool can hold +* `timeout` - retention duration for connections + +## :auto_linker + +Configuration for the `auto_linker` library: + +* `class: "auto-linker"` - specify the class to be added to the generated link. false to clear +* `rel: "noopener noreferrer"` - override the rel attribute. false to clear +* `new_window: true` - set to false to remove `target='_blank'` attribute +* `scheme: false` - Set to true to link urls with schema `http://google.com` +* `truncate: false` - Set to a number to truncate urls longer then the number. Truncated urls will end in `..` +* `strip_prefix: true` - Strip the scheme prefix +* `extra: false` - link urls with rarely used schemes (magnet, ipfs, irc, etc.) + +Example: + +```elixir +config :auto_linker, + opts: [ + scheme: true, + extra: true, + class: false, + strip_prefix: false, + new_window: false, + rel: false + ] +``` + +## Pleroma.Scheduler + +Configuration for [Quantum](https://github.com/quantum-elixir/quantum-core) jobs scheduler. + +See [Quantum readme](https://github.com/quantum-elixir/quantum-core#usage) for the list of supported options. + +Example: + +```elixir +config :pleroma, Pleroma.Scheduler, + global: true, + overlap: true, + timezone: :utc, + jobs: [{"0 */6 * * * *", {Pleroma.Web.Websub, :refresh_subscriptions, []}}] +``` + +The above example defines a single job which invokes `Pleroma.Web.Websub.refresh_subscriptions()` every 6 hours ("0 */6 * * * *", [crontab format](https://en.wikipedia.org/wiki/Cron)). + +## Pleroma.ScheduledActivity + +* `daily_user_limit`: the number of scheduled activities a user is allowed to create in a single day (Default: `25`) +* `total_user_limit`: the number of scheduled activities a user is allowed to create in total (Default: `300`) +* `enabled`: whether scheduled activities are sent to the job queue to be executed + +## Pleroma.ActivityExpiration + +# `enabled`: whether expired activities will be sent to the job queue to be deleted + +## Pleroma.Web.Auth.Authenticator + +* `Pleroma.Web.Auth.PleromaAuthenticator`: default database authenticator +* `Pleroma.Web.Auth.LDAPAuthenticator`: LDAP authentication + +## :ldap + +Use LDAP for user authentication. When a user logs in to the Pleroma +instance, the name and password will be verified by trying to authenticate +(bind) to an LDAP server. If a user exists in the LDAP directory but there +is no account with the same name yet on the Pleroma instance then a new +Pleroma account will be created with the same name as the LDAP user name. + +* `enabled`: enables LDAP authentication +* `host`: LDAP server hostname +* `port`: LDAP port, e.g. 389 or 636 +* `ssl`: true to use SSL, usually implies the port 636 +* `sslopts`: additional SSL options +* `tls`: true to start TLS, usually implies the port 389 +* `tlsopts`: additional TLS options +* `base`: LDAP base, e.g. "dc=example,dc=com" +* `uid`: LDAP attribute name to authenticate the user, e.g. when "cn", the filter will be "cn=username,base" + +## BBS / SSH access + +To enable simple command line interface accessible over ssh, add a setting like this to your configuration file: + +```exs +app_dir = File.cwd! +priv_dir = Path.join([app_dir, "priv/ssh_keys"]) + +config :esshd, + enabled: true, + priv_dir: priv_dir, + handler: "Pleroma.BBS.Handler", + port: 10_022, + password_authenticator: "Pleroma.BBS.Authenticator" +``` + +Feel free to adjust the priv_dir and port number. Then you will have to create the key for the keys (in the example `priv/ssh_keys`) and create the host keys with `ssh-keygen -m PEM -N "" -b 2048 -t rsa -f ssh_host_rsa_key`. After restarting, you should be able to connect to your Pleroma instance with `ssh username@server -p $PORT` + +## :auth + +* `Pleroma.Web.Auth.PleromaAuthenticator`: default database authenticator +* `Pleroma.Web.Auth.LDAPAuthenticator`: LDAP authentication + +Authentication / authorization settings. + +* `auth_template`: authentication form template. By default it's `show.html` which corresponds to `lib/pleroma/web/templates/o_auth/o_auth/show.html.eex`. +* `oauth_consumer_template`: OAuth consumer mode authentication form template. By default it's `consumer.html` which corresponds to `lib/pleroma/web/templates/o_auth/o_auth/consumer.html.eex`. +* `oauth_consumer_strategies`: the list of enabled OAuth consumer strategies; by default it's set by `OAUTH_CONSUMER_STRATEGIES` environment variable. Each entry in this space-delimited string should be of format `` or `:` (e.g. `twitter` or `keycloak:ueberauth_keycloak_strategy` in case dependency is named differently than `ueberauth_`). + +## :email_notifications + +Email notifications settings. + + - digest - emails of "what you've missed" for users who have been + inactive for a while. + - active: globally enable or disable digest emails + - schedule: When to send digest email, in [crontab format](https://en.wikipedia.org/wiki/Cron). + "0 0 * * 0" is the default, meaning "once a week at midnight on Sunday morning" + - interval: Minimum interval between digest emails to one user + - inactivity_threshold: Minimum user inactivity threshold + +## Pleroma.Emails.UserEmail + +- `:logo` - a path to a custom logo. Set it to `nil` to use the default Pleroma logo. +- `:styling` - a map with color settings for email templates. + +## OAuth consumer mode + +OAuth consumer mode allows sign in / sign up via external OAuth providers (e.g. Twitter, Facebook, Google, Microsoft, etc.). +Implementation is based on Ueberauth; see the list of [available strategies](https://github.com/ueberauth/ueberauth/wiki/List-of-Strategies). + +Note: each strategy is shipped as a separate dependency; in order to get the strategies, run `OAUTH_CONSUMER_STRATEGIES="..." mix deps.get`, +e.g. `OAUTH_CONSUMER_STRATEGIES="twitter facebook google microsoft" mix deps.get`. +The server should also be started with `OAUTH_CONSUMER_STRATEGIES="..." mix phx.server` in case you enable any strategies. + +Note: each strategy requires separate setup (on external provider side and Pleroma side). Below are the guidelines on setting up most popular strategies. + +Note: make sure that `"SameSite=Lax"` is set in `extra_cookie_attrs` when you have this feature enabled. OAuth consumer mode will not work with `"SameSite=Strict"` + +* For Twitter, [register an app](https://developer.twitter.com/en/apps), configure callback URL to https:///oauth/twitter/callback + +* For Facebook, [register an app](https://developers.facebook.com/apps), configure callback URL to https:///oauth/facebook/callback, enable Facebook Login service at https://developers.facebook.com/apps//fb-login/settings/ + +* For Google, [register an app](https://console.developers.google.com), configure callback URL to https:///oauth/google/callback + +* For Microsoft, [register an app](https://portal.azure.com), configure callback URL to https:///oauth/microsoft/callback + +Once the app is configured on external OAuth provider side, add app's credentials and strategy-specific settings (if any — e.g. see Microsoft below) to `config/prod.secret.exs`, +per strategy's documentation (e.g. [ueberauth_twitter](https://github.com/ueberauth/ueberauth_twitter)). Example config basing on environment variables: + +```elixir +# Twitter +config :ueberauth, Ueberauth.Strategy.Twitter.OAuth, + consumer_key: System.get_env("TWITTER_CONSUMER_KEY"), + consumer_secret: System.get_env("TWITTER_CONSUMER_SECRET") + +# Facebook +config :ueberauth, Ueberauth.Strategy.Facebook.OAuth, + client_id: System.get_env("FACEBOOK_APP_ID"), + client_secret: System.get_env("FACEBOOK_APP_SECRET"), + redirect_uri: System.get_env("FACEBOOK_REDIRECT_URI") + +# Google +config :ueberauth, Ueberauth.Strategy.Google.OAuth, + client_id: System.get_env("GOOGLE_CLIENT_ID"), + client_secret: System.get_env("GOOGLE_CLIENT_SECRET"), + redirect_uri: System.get_env("GOOGLE_REDIRECT_URI") + +# Microsoft +config :ueberauth, Ueberauth.Strategy.Microsoft.OAuth, + client_id: System.get_env("MICROSOFT_CLIENT_ID"), + client_secret: System.get_env("MICROSOFT_CLIENT_SECRET") + +config :ueberauth, Ueberauth, + providers: [ + microsoft: {Ueberauth.Strategy.Microsoft, [callback_params: []]} + ] + +# Keycloak +# Note: make sure to add `keycloak:ueberauth_keycloak_strategy` entry to `OAUTH_CONSUMER_STRATEGIES` environment variable +keycloak_url = "https://publicly-reachable-keycloak-instance.org:8080" + +config :ueberauth, Ueberauth.Strategy.Keycloak.OAuth, + client_id: System.get_env("KEYCLOAK_CLIENT_ID"), + client_secret: System.get_env("KEYCLOAK_CLIENT_SECRET"), + site: keycloak_url, + authorize_url: "#{keycloak_url}/auth/realms/master/protocol/openid-connect/auth", + token_url: "#{keycloak_url}/auth/realms/master/protocol/openid-connect/token", + userinfo_url: "#{keycloak_url}/auth/realms/master/protocol/openid-connect/userinfo", + token_method: :post + +config :ueberauth, Ueberauth, + providers: [ + keycloak: {Ueberauth.Strategy.Keycloak, [uid_field: :email]} + ] +``` + +## OAuth 2.0 provider - :oauth2 + +Configure OAuth 2 provider capabilities: + +* `token_expires_in` - The lifetime in seconds of the access token. +* `issue_new_refresh_token` - Keeps old refresh token or generate new refresh token when to obtain an access token. +* `clean_expired_tokens` - Enable a background job to clean expired oauth tokens. Defaults to `false`. +* `clean_expired_tokens_interval` - Interval to run the job to clean expired tokens. Defaults to `86_400_000` (24 hours). + +## :emoji +* `shortcode_globs`: Location of custom emoji files. `*` can be used as a wildcard. Example `["/emoji/custom/**/*.png"]` +* `pack_extensions`: A list of file extensions for emojis, when no emoji.txt for a pack is present. Example `[".png", ".gif"]` +* `groups`: Emojis are ordered in groups (tags). This is an array of key-value pairs where the key is the groupname and the value the location or array of locations. `*` can be used as a wildcard. Example `[Custom: ["/emoji/*.png", "/emoji/custom/*.png"]]` +* `default_manifest`: Location of the JSON-manifest. This manifest contains information about the emoji-packs you can download. Currently only one manifest can be added (no arrays). + +## Database options + +### RUM indexing for full text search +* `rum_enabled`: If RUM indexes should be used. Defaults to `false`. + +RUM indexes are an alternative indexing scheme that is not included in PostgreSQL by default. While they may eventually be mainlined, for now they have to be installed as a PostgreSQL extension from https://github.com/postgrespro/rum. + +Their advantage over the standard GIN indexes is that they allow efficient ordering of search results by timestamp, which makes search queries a lot faster on larger servers, by one or two orders of magnitude. They take up around 3 times as much space as GIN indexes. + +To enable them, both the `rum_enabled` flag has to be set and the following special migration has to be run: + +`mix ecto.migrate --migrations-path priv/repo/optional_migrations/rum_indexing/` + +This will probably take a long time. + +## :rate_limit + +This is an advanced feature and disabled by default. + +A keyword list of rate limiters where a key is a limiter name and value is the limiter configuration. The basic configuration is a tuple where: + +* The first element: `scale` (Integer). The time scale in milliseconds. +* The second element: `limit` (Integer). How many requests to limit in the time scale provided. + +It is also possible to have different limits for unauthenticated and authenticated users: the keyword value must be a list of two tuples where the first one is a config for unauthenticated users and the second one is for authenticated. + +See [`Pleroma.Plugs.RateLimiter`](Pleroma.Plugs.RateLimiter.html) documentation for examples. + +Supported rate limiters: + +* `:search` for the search requests (account & status search etc.) +* `:app_account_creation` for registering user accounts from the same IP address +* `:relations_actions` for actions on relations with all users (follow, unfollow) +* `:relation_id_action` for actions on relation with a specific user (follow, unfollow) +* `:statuses_actions` for create / delete / fav / unfav / reblog / unreblog actions on any statuses +* `:status_id_action` for fav / unfav or reblog / unreblog actions on the same status by the same user + +## :web_cache_ttl + +The expiration time for the web responses cache. Values should be in milliseconds or `nil` to disable expiration. + +Available caches: + +* `:activity_pub` - activity pub routes (except question activities). Defaults to `nil` (no expiration). +* `:activity_pub_question` - activity pub routes (question activities). Defaults to `30_000` (30 seconds). -- cgit v1.2.3 From d6ab78e610f16e97246ec9e83b3db72f04cf41e7 Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Mon, 16 Sep 2019 21:48:01 +0700 Subject: Set `account_field_value_length` limit to 2048 by default --- docs/config.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/config.md b/docs/config.md index 270d7fcea..3f37fa561 100644 --- a/docs/config.md +++ b/docs/config.md @@ -135,7 +135,7 @@ config :pleroma, Pleroma.Emails.Mailer, * `max_account_fields`: The maximum number of custom fields in the user profile (default: `10`) * `max_remote_account_fields`: The maximum number of custom fields in the remote user profile (default: `20`) * `account_field_name_length`: An account field name maximum length (default: `512`) -* `account_field_value_length`: An account field value maximum length (default: `512`) +* `account_field_value_length`: An account field value maximum length (default: `2048`) * `external_user_synchronization`: Enabling following/followers counters synchronization for external users. -- cgit v1.2.3 From 450bf7a63c39c2301d5985448a867e77f1dfe3b3 Mon Sep 17 00:00:00 2001 From: eugenijm Date: Fri, 13 Sep 2019 17:37:30 +0300 Subject: Mastodon API: Add a setting to hide follow/follower count from the user view (`hide_follows_count` and `hide_followers_count`) --- docs/api/differences_in_mastoapi_responses.md | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'docs') diff --git a/docs/api/differences_in_mastoapi_responses.md b/docs/api/differences_in_mastoapi_responses.md index 9b32baf3a..3c7f5dad7 100644 --- a/docs/api/differences_in_mastoapi_responses.md +++ b/docs/api/differences_in_mastoapi_responses.md @@ -50,6 +50,8 @@ Has these additional fields under the `pleroma` object: - `confirmation_pending`: boolean, true if a new user account is waiting on email confirmation to be activated - `hide_followers`: boolean, true when the user has follower hiding enabled - `hide_follows`: boolean, true when the user has follow hiding enabled +- `hide_followers_count`: boolean, true when the user has follower stat hiding enabled +- `hide_follows_count`: boolean, true when the user has follow stat hiding enabled - `settings_store`: A generic map of settings for frontends. Opaque to the backend. Only returned in `verify_credentials` and `update_credentials` - `chat_token`: The token needed for Pleroma chat. Only returned in `verify_credentials` - `deactivated`: boolean, true when the user is deactivated @@ -112,6 +114,8 @@ Additional parameters can be added to the JSON body/Form data: - `no_rich_text` - if true, html tags are stripped from all statuses requested from the API - `hide_followers` - if true, user's followers will be hidden - `hide_follows` - if true, user's follows will be hidden +- `hide_followers_count` - if true, user's follower count will be hidden +- `hide_follows_count` - if true, user's follow count will be hidden - `hide_favorites` - if true, user's favorites timeline will be hidden - `show_role` - if true, user's role (e.g admin, moderator) will be exposed to anyone in the API - `default_scope` - the scope returned under `privacy` key in Source subentity -- cgit v1.2.3 From 4faf2b1555f004664005e0efddb9815ebca4c5c7 Mon Sep 17 00:00:00 2001 From: Alex S Date: Fri, 6 Sep 2019 17:14:31 +0300 Subject: post for creating invite tokens in admin api --- docs/api/admin_api.md | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) (limited to 'docs') diff --git a/docs/api/admin_api.md b/docs/api/admin_api.md index 9362e3d78..a8c75d93f 100644 --- a/docs/api/admin_api.md +++ b/docs/api/admin_api.md @@ -226,13 +226,25 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret ### Get an account registration invite token -- Methods: `GET` +- Methods: `POST` - Params: - *optional* `invite` => [ - *optional* `max_use` (integer) - *optional* `expires_at` (date string e.g. "2019-04-07") ] -- Response: invite token (base64 string) +- Response: + +```json +{ + "id": integer, + "token": string, + "used": boolean, + "expires_at": date, + "uses": integer, + "max_use": integer, + "invite_type": string (possible values: `one_time`, `reusable`, `date_limited`, `reusable_date_limited`) +} +``` ## `/api/pleroma/admin/users/invites` -- cgit v1.2.3 From 17ff63b3c34e6e70580be98e71b353d1f0684222 Mon Sep 17 00:00:00 2001 From: Alex S Date: Sat, 7 Sep 2019 08:56:22 +0300 Subject: docs fix --- docs/api/admin_api.md | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'docs') diff --git a/docs/api/admin_api.md b/docs/api/admin_api.md index a8c75d93f..577f802ac 100644 --- a/docs/api/admin_api.md +++ b/docs/api/admin_api.md @@ -228,10 +228,8 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret - Methods: `POST` - Params: - - *optional* `invite` => [ - - *optional* `max_use` (integer) - - *optional* `expires_at` (date string e.g. "2019-04-07") - ] + - *optional* `max_use` (integer) + - *optional* `expires_at` (date string e.g. "2019-04-07") - Response: ```json -- cgit v1.2.3 From a18f1e7cd7addf8aee9c56643f4f0531e1c5b5a0 Mon Sep 17 00:00:00 2001 From: Alex S Date: Fri, 13 Sep 2019 08:07:29 +0300 Subject: namings --- docs/api/admin_api.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/api/admin_api.md b/docs/api/admin_api.md index 577f802ac..7637fa0d4 100644 --- a/docs/api/admin_api.md +++ b/docs/api/admin_api.md @@ -224,7 +224,7 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret ## `/api/pleroma/admin/users/invite_token` -### Get an account registration invite token +### Create an account registration invite token - Methods: `POST` - Params: -- cgit v1.2.3 From ee620ecbf11398277551ef603355a56a53690461 Mon Sep 17 00:00:00 2001 From: Ekaterina Vaartis Date: Mon, 12 Aug 2019 13:13:01 +0300 Subject: Add caching for emoji pack sharing --- docs/config.md | 2 ++ 1 file changed, 2 insertions(+) (limited to 'docs') diff --git a/docs/config.md b/docs/config.md index 3f37fa561..1179def56 100644 --- a/docs/config.md +++ b/docs/config.md @@ -707,6 +707,8 @@ Configure OAuth 2 provider capabilities: * `pack_extensions`: A list of file extensions for emojis, when no emoji.txt for a pack is present. Example `[".png", ".gif"]` * `groups`: Emojis are ordered in groups (tags). This is an array of key-value pairs where the key is the groupname and the value the location or array of locations. `*` can be used as a wildcard. Example `[Custom: ["/emoji/*.png", "/emoji/custom/*.png"]]` * `default_manifest`: Location of the JSON-manifest. This manifest contains information about the emoji-packs you can download. Currently only one manifest can be added (no arrays). +* `shared_pack_cache_seconds_per_file`: When an emoji pack is shared, the archive is created and cached in + memory for this amount of seconds multiplied by the number of files. ## Database options -- cgit v1.2.3 From dd818bdd487149b75295abd351e3dee3e7378dd7 Mon Sep 17 00:00:00 2001 From: Ekaterina Vaartis Date: Wed, 11 Sep 2019 22:39:26 +0300 Subject: Add documentation for the emoji endpoints --- docs/api/pleroma_api.md | 66 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 66 insertions(+) (limited to 'docs') diff --git a/docs/api/pleroma_api.md b/docs/api/pleroma_api.md index 30fac77da..a7e7fbe25 100644 --- a/docs/api/pleroma_api.md +++ b/docs/api/pleroma_api.md @@ -365,3 +365,69 @@ The status posting endpoint takes an additional parameter, `in_reply_to_conversa * Params: * `recipients`: A list of ids of users that should receive posts to this conversation. This will replace the current list of recipients, so submit the full list. The owner of owner of the conversation will always be part of the set of recipients, though. * Response: JSON, statuses (200 - healthy, 503 unhealthy) + + +## `POST /api/pleroma/emoji/reload` +### Reload the instance's custom emoji +* Method `POST` +* Authentication: required +* Params: None +* Response: JSON, "ok" and 200 status + +## `PUT /api/pleroma/emoji/packs/:name` +### Creates an empty custom emoji pack +* Method `PUT` +* Authentication: required +* Params: None +* Response: JSON, "ok" and 200 status or 409 if the pack with that name already exists + +## `DELETE /api/pleroma/emoji/packs/:name` +### Delete a custom emoji pack +* Method `DELETE` +* Authentication: required +* Params: None +* Response: JSON, "ok" and 200 status or 500 if there was an error deleting the pack + +## `POST /api/pleroma/emoji/packs/:name/update_file` +### Update a file in a custom emoji pack +* Method `POST` +* Authentication: required +* Params: + * if the `action` is `add`, adds an emoji named `shortcode` to the pack `pack_name`, + that means that the emoji file needs to be uploaded with the request + (thus requiring it to be a multipart request) and be named `file`. + There can also be an optional `filename` that will be the new emoji file name + (if it's not there, the name will be taken from the uploaded file). + * if the `action` is `update`, changes emoji shortcode + (from `shortcode` to `new_shortcode` or moves the file (from the current filename to `new_filename`) + * if the `action` is `remove`, removes the emoji named `shortcode` and it's associated file +* Response: JSON, updated "files" section of the pack and 200 status, 409 if the trying to use a shortcode + that is already taken, 400 if there was an error with the shortcode, filename or file (additional info + in the "error" part of the response JSON) + +## `POST /api/pleroma/emoji/packs/:name/update_metadata` +### Updates (replaces) pack metadata +* Method `POST` +* Authentication: required +* Params: + * `new_data`: new metadata to replace the old one +* Response: JSON, updated "metadata" section of the pack and 200 status or 400 if there was a + problem with the new metadata (the error is specified in the "error" part of the response JSON) + +## `POST /api/pleroma/emoji/packs/download_from` +### Requests the instance to download the pack from another instance +* Method `POST` +* Authentication: required +* Params: + * `instance_address`: the address of the instance to download from + * `pack_name`: the pack to download from that instance +* Response: JSON, "ok" and 200 status if the pack was downloaded, or 500 if there were + errors downloading the pack + +## `GET /api/pleroma/emoji/packs/:name/download_shared` +### Requests the instance to download the pack from another instance +* Method `GET` +* Authentication: not requires +* Params: None +* Response: the archive of the pack with a 200 status code, 403 if the pack is not set as shared, + 404 if the pack does not exist -- cgit v1.2.3 From d51e5e447ee944e77646b15a7aabc0214e99c351 Mon Sep 17 00:00:00 2001 From: Ekaterina Vaartis Date: Thu, 12 Sep 2019 20:38:57 +0300 Subject: Move emoji reloading to admin api --- docs/api/admin_api.md | 7 +++++++ docs/api/pleroma_api.md | 8 -------- 2 files changed, 7 insertions(+), 8 deletions(-) (limited to 'docs') diff --git a/docs/api/admin_api.md b/docs/api/admin_api.md index 7637fa0d4..0377ea655 100644 --- a/docs/api/admin_api.md +++ b/docs/api/admin_api.md @@ -733,3 +733,10 @@ Compile time settings (need instance reboot): } ] ``` + +## `POST /api/pleroma/admin/reload_emoji` +### Reload the instance's custom emoji +* Method `POST` +* Authentication: required +* Params: None +* Response: JSON, "ok" and 200 status diff --git a/docs/api/pleroma_api.md b/docs/api/pleroma_api.md index a7e7fbe25..05a4e6fcc 100644 --- a/docs/api/pleroma_api.md +++ b/docs/api/pleroma_api.md @@ -366,14 +366,6 @@ The status posting endpoint takes an additional parameter, `in_reply_to_conversa * `recipients`: A list of ids of users that should receive posts to this conversation. This will replace the current list of recipients, so submit the full list. The owner of owner of the conversation will always be part of the set of recipients, though. * Response: JSON, statuses (200 - healthy, 503 unhealthy) - -## `POST /api/pleroma/emoji/reload` -### Reload the instance's custom emoji -* Method `POST` -* Authentication: required -* Params: None -* Response: JSON, "ok" and 200 status - ## `PUT /api/pleroma/emoji/packs/:name` ### Creates an empty custom emoji pack * Method `PUT` -- cgit v1.2.3 From 8aed05ac1518a10fb30532429984e02a05180ec3 Mon Sep 17 00:00:00 2001 From: vaartis Date: Fri, 13 Sep 2019 12:32:23 +0000 Subject: Apply suggestion to docs/api/pleroma_api.md --- docs/api/pleroma_api.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/api/pleroma_api.md b/docs/api/pleroma_api.md index 05a4e6fcc..e76bf0caf 100644 --- a/docs/api/pleroma_api.md +++ b/docs/api/pleroma_api.md @@ -417,7 +417,7 @@ The status posting endpoint takes an additional parameter, `in_reply_to_conversa errors downloading the pack ## `GET /api/pleroma/emoji/packs/:name/download_shared` -### Requests the instance to download the pack from another instance +### Requests a local pack from the instance * Method `GET` * Authentication: not requires * Params: None -- cgit v1.2.3 From 43022c347f9001d9cb8de976dd521a1e5f1c1318 Mon Sep 17 00:00:00 2001 From: vaartis Date: Fri, 13 Sep 2019 12:32:40 +0000 Subject: Apply suggestion to docs/api/pleroma_api.md --- docs/api/pleroma_api.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/api/pleroma_api.md b/docs/api/pleroma_api.md index e76bf0caf..faf6e3acd 100644 --- a/docs/api/pleroma_api.md +++ b/docs/api/pleroma_api.md @@ -419,7 +419,7 @@ The status posting endpoint takes an additional parameter, `in_reply_to_conversa ## `GET /api/pleroma/emoji/packs/:name/download_shared` ### Requests a local pack from the instance * Method `GET` -* Authentication: not requires +* Authentication: not required * Params: None * Response: the archive of the pack with a 200 status code, 403 if the pack is not set as shared, 404 if the pack does not exist -- cgit v1.2.3 From 86795d5ac2604e08654b872927678d3e05a68e85 Mon Sep 17 00:00:00 2001 From: Ekaterina Vaartis Date: Fri, 13 Sep 2019 21:00:28 +0300 Subject: Document emoji pack listing in the api docs --- docs/api/pleroma_api.md | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'docs') diff --git a/docs/api/pleroma_api.md b/docs/api/pleroma_api.md index faf6e3acd..a469ddfbf 100644 --- a/docs/api/pleroma_api.md +++ b/docs/api/pleroma_api.md @@ -366,6 +366,13 @@ The status posting endpoint takes an additional parameter, `in_reply_to_conversa * `recipients`: A list of ids of users that should receive posts to this conversation. This will replace the current list of recipients, so submit the full list. The owner of owner of the conversation will always be part of the set of recipients, though. * Response: JSON, statuses (200 - healthy, 503 unhealthy) +## `GET /api/pleroma/emoji/packs` +### Lists the custom emoji packs on the server +* Method `GET` +* Authentication: not required +* Params: None +* Response: JSON, "ok" and 200 status and the JSON hashmap of "pack name" to "pack contents" + ## `PUT /api/pleroma/emoji/packs/:name` ### Creates an empty custom emoji pack * Method `PUT` -- cgit v1.2.3 From c3856bed0c4c177c3e6716d06d615a928d95f69c Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Wed, 18 Sep 2019 23:17:15 +0200 Subject: docs/clients.md: Update source code urls --- docs/clients.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'docs') diff --git a/docs/clients.md b/docs/clients.md index 9029361f8..6c6180f7a 100644 --- a/docs/clients.md +++ b/docs/clients.md @@ -39,7 +39,7 @@ Feel free to contact us to be added to this list! ### Nekonium - Homepage: [F-Droid Repository](https://repo.gdgd.jp.net/), [Google Play](https://play.google.com/store/apps/details?id=com.apps.nekonium), [Amazon](https://www.amazon.co.jp/dp/B076FXPRBC/) -- Source: +- Source: - Contact: [@lin@pleroma.gdgd.jp.net](https://pleroma.gdgd.jp.net/users/lin) - Platforms: Android - Features: Streaming Ready @@ -67,7 +67,7 @@ Feel free to contact us to be added to this list! ## Alternative Web Interfaces ### Brutaldon - Homepage: -- Source Code: +- Source Code: - Contact: [@gcupc@glitch.social](https://glitch.social/users/gcupc) - Features: No Streaming -- cgit v1.2.3 From cf3041220a7a14dc3fac24177fac1f4aecc77f5f Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Tue, 17 Sep 2019 15:22:46 +0700 Subject: Add support for `rel="ugc"` --- docs/config.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/config.md b/docs/config.md index 3f37fa561..def462900 100644 --- a/docs/config.md +++ b/docs/config.md @@ -521,7 +521,7 @@ config :auto_linker, class: false, strip_prefix: false, new_window: false, - rel: false + rel: "ugc" ] ``` -- cgit v1.2.3 From fe4db3b94e71bafb913044de543472764671cd1a Mon Sep 17 00:00:00 2001 From: lain Date: Thu, 19 Sep 2019 21:01:05 +0200 Subject: API Docs: Document conversation ids. --- docs/api/differences_in_mastoapi_responses.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/api/differences_in_mastoapi_responses.md b/docs/api/differences_in_mastoapi_responses.md index 3c7f5dad7..d007a69c3 100644 --- a/docs/api/differences_in_mastoapi_responses.md +++ b/docs/api/differences_in_mastoapi_responses.md @@ -21,7 +21,8 @@ Adding the parameter `with_muted=true` to the timeline queries will also return Has these additional fields under the `pleroma` object: - `local`: true if the post was made on the local instance -- `conversation_id`: the ID of the conversation the status is associated with (if any) +- `conversation_id`: the ID of the AP context the status is associated with (if any) +- `direct_conversation_id`: the ID of the Mastodon direct message conversation the status is associated with (if any) - `in_reply_to_account_acct`: the `acct` property of User entity for replied user (if any) - `content`: a map consisting of alternate representations of the `content` property with the key being it's mimetype. Currently the only alternate representation supported is `text/plain` - `spoiler_text`: a map consisting of alternate representations of the `spoiler_text` property with the key being it's mimetype. Currently the only alternate representation supported is `text/plain` -- cgit v1.2.3 From 6f25668215f7f9fe20bfaf3dd72e2262a6d8915e Mon Sep 17 00:00:00 2001 From: Maxim Filippov Date: Sun, 22 Sep 2019 16:08:07 +0300 Subject: Admin API: Add ability to force user's password reset --- docs/api/admin_api.md | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'docs') diff --git a/docs/api/admin_api.md b/docs/api/admin_api.md index 7637fa0d4..c6b9dd2b6 100644 --- a/docs/api/admin_api.md +++ b/docs/api/admin_api.md @@ -310,6 +310,14 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret - Params: none - Response: password reset token (base64 string) +## `/api/pleroma/admin/users/:nickname/force_password_reset` + +### Force passord reset for a user with a given nickname + +- Methods: `PATCH` +- Params: none +- Response: none (code `204`) + ## `/api/pleroma/admin/reports` ### Get a list of reports - Method `GET` -- cgit v1.2.3 From f89fe3ac06505cc07372fcdefdc3fde72d1f04a0 Mon Sep 17 00:00:00 2001 From: Maxim Filippov Date: Sun, 22 Sep 2019 16:45:38 +0300 Subject: Update docs --- docs/api/admin_api.md | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/api/admin_api.md b/docs/api/admin_api.md index 9362e3d78..8bc6379aa 100644 --- a/docs/api/admin_api.md +++ b/docs/api/admin_api.md @@ -298,7 +298,15 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret - Methods: `GET` - Params: none -- Response: password reset token (base64 string) +- Response: + +```json +{ + "token": "U13DX6muOvpRsj35_ij9wLxUbkU-eFvfKttxs6gIajo=", // password reset token (base64 string) + "link": "https://pleroma.social/api/pleroma/password_reset/U13DX6muOvpRsj35_ij9wLxUbkU-eFvfKttxs6gIajo%3D" +} +``` + ## `/api/pleroma/admin/reports` ### Get a list of reports -- cgit v1.2.3 From 63af6951fa42429d0a02861d5ad1afdd053864cf Mon Sep 17 00:00:00 2001 From: Rachel Fae Fox Date: Mon, 23 Sep 2019 20:38:53 +0000 Subject: add tunable for stream uploads, as needed for jortage to work. --- docs/config.md | 1 + 1 file changed, 1 insertion(+) (limited to 'docs') diff --git a/docs/config.md b/docs/config.md index 1179def56..34e9c19ec 100644 --- a/docs/config.md +++ b/docs/config.md @@ -23,6 +23,7 @@ Note: `strip_exif` has been replaced by `Pleroma.Upload.Filter.Mogrify`. * `truncated_namespace`: If you use S3 compatible service such as Digital Ocean Spaces or CDN, set folder name or "" etc. For example, when using CDN to S3 virtual host format, set "". At this time, write CNAME to CDN in public_endpoint. +* `streaming_enabled`: Enable streaming uploads, when enabled the file will be sent to the server in chunks as it's being read. This may be unsupported by some providers, try disabling this if you have upload problems. ## Pleroma.Upload.Filter.Mogrify -- cgit v1.2.3 From fc16bec3176bad683dfef1be472f09be1a86928b Mon Sep 17 00:00:00 2001 From: Ekaterina Vaartis Date: Thu, 26 Sep 2019 09:52:11 +0300 Subject: Add list_from endpoint to the pleroma_api docs --- docs/api/pleroma_api.md | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'docs') diff --git a/docs/api/pleroma_api.md b/docs/api/pleroma_api.md index a469ddfbf..ac5489aa3 100644 --- a/docs/api/pleroma_api.md +++ b/docs/api/pleroma_api.md @@ -423,6 +423,15 @@ The status posting endpoint takes an additional parameter, `in_reply_to_conversa * Response: JSON, "ok" and 200 status if the pack was downloaded, or 500 if there were errors downloading the pack +## `POST /api/pleroma/emoji/packs/list_from` +### Requests the instance to list the packs from another instance +* Method `POST` +* Authentication: required +* Params: + * `instance_address`: the address of the instance to download from +* Response: JSON with the pack list, same as if the request was made to that instance's + list endpoint directly + 200 status + ## `GET /api/pleroma/emoji/packs/:name/download_shared` ### Requests a local pack from the instance * Method `GET` -- cgit v1.2.3 From f249b2381f15f089f5f87f16e467b63d34bbea70 Mon Sep 17 00:00:00 2001 From: kPherox Date: Thu, 26 Sep 2019 16:10:34 +0000 Subject: Fix code block for admin api document --- docs/api/admin_api.md | 1 + 1 file changed, 1 insertion(+) (limited to 'docs') diff --git a/docs/api/admin_api.md b/docs/api/admin_api.md index d4e08f221..d7ab808d5 100644 --- a/docs/api/admin_api.md +++ b/docs/api/admin_api.md @@ -711,6 +711,7 @@ Compile time settings (need instance reboot): } ] } +``` - Response: -- cgit v1.2.3 From 39a4892929e160186c7cbeef0f2abe6131758511 Mon Sep 17 00:00:00 2001 From: Maxim Filippov Date: Thu, 26 Sep 2019 19:20:47 +0300 Subject: Add docs --- docs/api/admin_api.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/api/admin_api.md b/docs/api/admin_api.md index d4e08f221..573111416 100644 --- a/docs/api/admin_api.md +++ b/docs/api/admin_api.md @@ -731,7 +731,11 @@ Compile time settings (need instance reboot): - Method `GET` - Params: - *optional* `page`: **integer** page number - - *optional* `page_size`: **integer** number of users per page (default is `50`) + - *optional* `page_size`: **integer** number of log entries per page (default is `50`) + - *optional* `start_date`: **datetime (ISO 8601)** filter logs by creation date, start from `start_date`. Accepts datetime in ISO 8601 format (YYYY-MM-DDThh:mm:ss), e.g. `2005-08-09T18:31:42` + - *optional* `end_date`: **datetime (ISO 8601)** filter logs by creation date, end by from `end_date`. Accepts datetime in ISO 8601 format (YYYY-MM-DDThh:mm:ss), e.g. 2005-08-09T18:31:42 + - *optional* `user_id`: **integer** filter logs by actor's id + - *optional* `search`: **string** search logs by the log message - Response: ```json -- cgit v1.2.3 From f9380289eb251c818e87e8f0ad0a41fc8bdd90aa Mon Sep 17 00:00:00 2001 From: minibikini Date: Fri, 27 Sep 2019 21:59:23 +0000 Subject: Add `remote_ip` plug --- docs/config.md | 15 +++++++++++++++ 1 file changed, 15 insertions(+) (limited to 'docs') diff --git a/docs/config.md b/docs/config.md index ed119fd32..262d15bba 100644 --- a/docs/config.md +++ b/docs/config.md @@ -730,6 +730,8 @@ This will probably take a long time. This is an advanced feature and disabled by default. +If your instance is behind a reverse proxy you must enable and configure [`Pleroma.Plugs.RemoteIp`](#pleroma-plugs-remoteip). + A keyword list of rate limiters where a key is a limiter name and value is the limiter configuration. The basic configuration is a tuple where: * The first element: `scale` (Integer). The time scale in milliseconds. @@ -756,3 +758,16 @@ Available caches: * `:activity_pub` - activity pub routes (except question activities). Defaults to `nil` (no expiration). * `:activity_pub_question` - activity pub routes (question activities). Defaults to `30_000` (30 seconds). + +## Pleroma.Plugs.RemoteIp + +**If your instance is not behind at least one reverse proxy, you should not enable this plug.** + +`Pleroma.Plugs.RemoteIp` is a shim to call [`RemoteIp`](https://git.pleroma.social/pleroma/remote_ip) but with runtime configuration. + +Available options: + +* `enabled` - Enable/disable the plug. Defaults to `false`. +* `headers` - A list of strings naming the `req_headers` to use when deriving the `remote_ip`. Order does not matter. Defaults to `~w[forwarded x-forwarded-for x-client-ip x-real-ip]`. +* `proxies` - A list of strings in [CIDR](https://en.wikipedia.org/wiki/CIDR) notation specifying the IPs of known proxies. Defaults to `[]`. +* `reserved` - Defaults to [localhost](https://en.wikipedia.org/wiki/Localhost) and [private network](https://en.wikipedia.org/wiki/Private_network). -- cgit v1.2.3 From 0e59d1dc04db64decc0c3bd47e3bf459cb768710 Mon Sep 17 00:00:00 2001 From: Maxim Filippov Date: Sun, 29 Sep 2019 00:01:35 +0300 Subject: Update admin_api.md --- docs/api/admin_api.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'docs') diff --git a/docs/api/admin_api.md b/docs/api/admin_api.md index fcdb33944..8795c2628 100644 --- a/docs/api/admin_api.md +++ b/docs/api/admin_api.md @@ -330,10 +330,10 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret ### Get a list of reports - Method `GET` - Params: - - `state`: optional, the state of reports. Valid values are `open`, `closed` and `resolved` - - `limit`: optional, the number of records to retrieve - - `since_id`: optional, returns results that are more recent than the specified id - - `max_id`: optional, returns results that are older than the specified id + - *optional* `state`: **string** the state of reports. Valid values are `open`, `closed` and `resolved` + - *optional* `limit`: **integer** the number of records to retrieve + - *optional* `page`: **integer** page number + - *optional* `page_size`: **integer** number of log entries per page (default is `50`) - Response: - On failure: 403 Forbidden error `{"error": "error_msg"}` when requested by anonymous or non-admin - On success: JSON, returns a list of reports, where: -- cgit v1.2.3 From 717cb4f9332a9cb71d6965ad9eea13861892881e Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Sun, 29 Sep 2019 02:14:53 +0200 Subject: admin_api.md: Put data-type info as the values MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Similar to how the other responses examples are done, this also makes it proper JSON (as it doesn’t have comments). --- docs/api/admin_api.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'docs') diff --git a/docs/api/admin_api.md b/docs/api/admin_api.md index 8795c2628..ee9e68cb1 100644 --- a/docs/api/admin_api.md +++ b/docs/api/admin_api.md @@ -312,8 +312,8 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret ```json { - "token": "U13DX6muOvpRsj35_ij9wLxUbkU-eFvfKttxs6gIajo=", // password reset token (base64 string) - "link": "https://pleroma.social/api/pleroma/password_reset/U13DX6muOvpRsj35_ij9wLxUbkU-eFvfKttxs6gIajo%3D" + "token": "base64 reset token", + "link": "https://pleroma.social/api/pleroma/password_reset/url-encoded-base64-token" } ``` -- cgit v1.2.3 From 5fd29edac47de145fb7025a99137a69072dca3bb Mon Sep 17 00:00:00 2001 From: Ariadne Conill Date: Fri, 27 Sep 2019 11:04:52 +0000 Subject: docs: add scrobble API description --- docs/api/pleroma_api.md | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) (limited to 'docs') diff --git a/docs/api/pleroma_api.md b/docs/api/pleroma_api.md index ac5489aa3..183cf8a28 100644 --- a/docs/api/pleroma_api.md +++ b/docs/api/pleroma_api.md @@ -439,3 +439,33 @@ The status posting endpoint takes an additional parameter, `in_reply_to_conversa * Params: None * Response: the archive of the pack with a 200 status code, 403 if the pack is not set as shared, 404 if the pack does not exist + +## `GET /api/v1/pleroma/accounts/:uid/now-playing` +### Requests a list of current and recent Listen activities for an account +* Method `GET` +* Authentication: not required +* Params: None +* Response: An array of media metadata entities. +* Example response: +```json +[ + { + "id": "1234", + "title": "Some Title", + "artist": "Some Artist", + "album": "Some Album", + "length": 180000 + } +] +``` + +## `POST /api/v1/pleroma/now-playing` +### Creates a new Listen activity for an account +* Method `POST` +* Authentication: required +* Params: + * `title`: the title of the media playing + * `album`: the album of the media playing [optional] + * `artist`: the artist of the media playing [optional] + * `length`: the length of the media playing [optional] +* Response: the newly created media metadata entity representing the Listen activity -- cgit v1.2.3 From a6e1469767cd716eccf1106e3704130a4fc909b8 Mon Sep 17 00:00:00 2001 From: Ariadne Conill Date: Sun, 29 Sep 2019 00:18:06 +0000 Subject: router: change scrobble timeline route from now-playing to scrobbles --- docs/api/pleroma_api.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'docs') diff --git a/docs/api/pleroma_api.md b/docs/api/pleroma_api.md index 183cf8a28..33116b4b9 100644 --- a/docs/api/pleroma_api.md +++ b/docs/api/pleroma_api.md @@ -440,7 +440,7 @@ The status posting endpoint takes an additional parameter, `in_reply_to_conversa * Response: the archive of the pack with a 200 status code, 403 if the pack is not set as shared, 404 if the pack does not exist -## `GET /api/v1/pleroma/accounts/:uid/now-playing` +## `GET /api/v1/pleroma/accounts/:id/scrobbles` ### Requests a list of current and recent Listen activities for an account * Method `GET` * Authentication: not required @@ -450,11 +450,13 @@ The status posting endpoint takes an additional parameter, `in_reply_to_conversa ```json [ { + "account": {...}, "id": "1234", "title": "Some Title", "artist": "Some Artist", "album": "Some Album", - "length": 180000 + "length": 180000, + "created_at": "2019-09-28T12:40:45.000Z" } ] ``` -- cgit v1.2.3 From 1d7cbdaf7b2f3ff6576959ed26885d7545f31a14 Mon Sep 17 00:00:00 2001 From: Ariadne Conill Date: Sun, 29 Sep 2019 02:18:34 +0000 Subject: change new scrobble endpoint --- docs/api/pleroma_api.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/api/pleroma_api.md b/docs/api/pleroma_api.md index 33116b4b9..41889a0ef 100644 --- a/docs/api/pleroma_api.md +++ b/docs/api/pleroma_api.md @@ -461,7 +461,7 @@ The status posting endpoint takes an additional parameter, `in_reply_to_conversa ] ``` -## `POST /api/v1/pleroma/now-playing` +## `POST /api/v1/pleroma/scrobble` ### Creates a new Listen activity for an account * Method `POST` * Authentication: required -- cgit v1.2.3 From 93f966ea4bb2b4d551cb3e248150809554deddc8 Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Wed, 2 Oct 2019 14:51:30 +0700 Subject: Update CHANGELOG and pleroma_api.md --- docs/api/pleroma_api.md | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) (limited to 'docs') diff --git a/docs/api/pleroma_api.md b/docs/api/pleroma_api.md index a469ddfbf..dfd6623ec 100644 --- a/docs/api/pleroma_api.md +++ b/docs/api/pleroma_api.md @@ -317,7 +317,8 @@ See [Admin-API](Admin-API.md) "active": 0, # active processes "idle": 0, # idle processes "memory_used": 0.00, # Memory used - "healthy": true # Instance state + "healthy": true, # Instance state + "job_queue_stats": {} # Job queue stats } ``` @@ -391,7 +392,7 @@ The status posting endpoint takes an additional parameter, `in_reply_to_conversa ### Update a file in a custom emoji pack * Method `POST` * Authentication: required -* Params: +* Params: * if the `action` is `add`, adds an emoji named `shortcode` to the pack `pack_name`, that means that the emoji file needs to be uploaded with the request (thus requiring it to be a multipart request) and be named `file`. @@ -408,7 +409,7 @@ The status posting endpoint takes an additional parameter, `in_reply_to_conversa ### Updates (replaces) pack metadata * Method `POST` * Authentication: required -* Params: +* Params: * `new_data`: new metadata to replace the old one * Response: JSON, updated "metadata" section of the pack and 200 status or 400 if there was a problem with the new metadata (the error is specified in the "error" part of the response JSON) @@ -417,7 +418,7 @@ The status posting endpoint takes an additional parameter, `in_reply_to_conversa ### Requests the instance to download the pack from another instance * Method `POST` * Authentication: required -* Params: +* Params: * `instance_address`: the address of the instance to download from * `pack_name`: the pack to download from that instance * Response: JSON, "ok" and 200 status if the pack was downloaded, or 500 if there were -- cgit v1.2.3 From 0e41951eab405ea5a3016bbb0897eba4aa7c6a0b Mon Sep 17 00:00:00 2001 From: lain Date: Wed, 2 Oct 2019 18:20:40 +0200 Subject: Pleroma API Readme: Document unreaction endpoint. --- docs/api/pleroma_api.md | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'docs') diff --git a/docs/api/pleroma_api.md b/docs/api/pleroma_api.md index 7862e6301..e672aec96 100644 --- a/docs/api/pleroma_api.md +++ b/docs/api/pleroma_api.md @@ -483,6 +483,13 @@ Emoji reactions work a lot like favourites do. They make it possible to react to * Params: `emoji`: A single character unicode emoji * Response: JSON, the status. +## `POST /api/v1/pleroma/statuses/:id/unreact_with_emoji` +### Remove a reaction to a post with a unicode emoji +* Method: `POST` +* Authentication: required +* Params: `emoji`: A single character unicode emoji +* Response: JSON, the status. + ## `GET /api/v1/pleroma/statuses/:id/emoji_reactions_by` ### Get an object of emoji to account mappings with accounts that reacted to the post * Method: `GET` -- cgit v1.2.3 From acc62f327d45c0a9a0414da56bc339ec3e22cb63 Mon Sep 17 00:00:00 2001 From: rinpatch Date: Wed, 2 Oct 2019 23:28:45 +0300 Subject: Rename some directories because MkDocs uses them for categories --- docs/API/admin_api.md | 763 ++++++++++++++++++++ docs/API/differences_in_mastoapi_responses.md | 149 ++++ docs/API/pleroma_api.md | 473 +++++++++++++ docs/API/prometheus.md | 22 + docs/admin/backup.md | 17 - docs/admin/updating.md | 9 - docs/administration/backup.md | 17 + docs/administration/updating.md | 9 + docs/api/admin_api.md | 763 -------------------- docs/api/differences_in_mastoapi_responses.md | 149 ---- docs/api/pleroma_api.md | 473 ------------- docs/api/prometheus.md | 22 - docs/config.md | 773 --------------------- .../General-tips-for-customizing-Pleroma-FE.md | 17 - docs/config/custom_emoji.md | 68 -- docs/config/hardening.md | 103 --- docs/config/howto_mediaproxy.md | 34 - docs/config/howto_mongooseim.md | 10 - docs/config/howto_proxy.md | 12 - ...howto_set_richmedia_cache_ttl_based_on_image.md | 33 - docs/config/howto_user_recomendation.md | 31 - docs/config/i2p.md | 196 ------ docs/config/mrf.md | 122 ---- docs/config/onion_federation.md | 159 ----- docs/config/small_customizations.md | 12 - docs/config/static_dir.md | 69 -- .../General-tips-for-customizing-Pleroma-FE.md | 17 + docs/configuration/config.md | 773 +++++++++++++++++++++ docs/configuration/custom_emoji.md | 68 ++ docs/configuration/hardening.md | 103 +++ docs/configuration/howto_mediaproxy.md | 34 + docs/configuration/howto_mongooseim.md | 10 + docs/configuration/howto_proxy.md | 12 + ...howto_set_richmedia_cache_ttl_based_on_image.md | 33 + docs/configuration/howto_user_recomendation.md | 31 + docs/configuration/i2p.md | 196 ++++++ docs/configuration/mrf.md | 122 ++++ docs/configuration/onion_federation.md | 159 +++++ docs/configuration/small_customizations.md | 12 + docs/configuration/static_dir.md | 69 ++ 40 files changed, 3072 insertions(+), 3072 deletions(-) create mode 100644 docs/API/admin_api.md create mode 100644 docs/API/differences_in_mastoapi_responses.md create mode 100644 docs/API/pleroma_api.md create mode 100644 docs/API/prometheus.md delete mode 100644 docs/admin/backup.md delete mode 100644 docs/admin/updating.md create mode 100644 docs/administration/backup.md create mode 100644 docs/administration/updating.md delete mode 100644 docs/api/admin_api.md delete mode 100644 docs/api/differences_in_mastoapi_responses.md delete mode 100644 docs/api/pleroma_api.md delete mode 100644 docs/api/prometheus.md delete mode 100644 docs/config.md delete mode 100644 docs/config/General-tips-for-customizing-Pleroma-FE.md delete mode 100644 docs/config/custom_emoji.md delete mode 100644 docs/config/hardening.md delete mode 100644 docs/config/howto_mediaproxy.md delete mode 100644 docs/config/howto_mongooseim.md delete mode 100644 docs/config/howto_proxy.md delete mode 100644 docs/config/howto_set_richmedia_cache_ttl_based_on_image.md delete mode 100644 docs/config/howto_user_recomendation.md delete mode 100644 docs/config/i2p.md delete mode 100644 docs/config/mrf.md delete mode 100644 docs/config/onion_federation.md delete mode 100644 docs/config/small_customizations.md delete mode 100644 docs/config/static_dir.md create mode 100644 docs/configuration/General-tips-for-customizing-Pleroma-FE.md create mode 100644 docs/configuration/config.md create mode 100644 docs/configuration/custom_emoji.md create mode 100644 docs/configuration/hardening.md create mode 100644 docs/configuration/howto_mediaproxy.md create mode 100644 docs/configuration/howto_mongooseim.md create mode 100644 docs/configuration/howto_proxy.md create mode 100644 docs/configuration/howto_set_richmedia_cache_ttl_based_on_image.md create mode 100644 docs/configuration/howto_user_recomendation.md create mode 100644 docs/configuration/i2p.md create mode 100644 docs/configuration/mrf.md create mode 100644 docs/configuration/onion_federation.md create mode 100644 docs/configuration/small_customizations.md create mode 100644 docs/configuration/static_dir.md (limited to 'docs') diff --git a/docs/API/admin_api.md b/docs/API/admin_api.md new file mode 100644 index 000000000..ee9e68cb1 --- /dev/null +++ b/docs/API/admin_api.md @@ -0,0 +1,763 @@ +# Admin API + +Authentication is required and the user must be an admin. + +## `/api/pleroma/admin/users` + +### List users + +- Method `GET` +- Query Params: + - *optional* `query`: **string** search term (e.g. nickname, domain, nickname@domain) + - *optional* `filters`: **string** comma-separated string of filters: + - `local`: only local users + - `external`: only external users + - `active`: only active users + - `deactivated`: only deactivated users + - `is_admin`: users with admin role + - `is_moderator`: users with moderator role + - *optional* `page`: **integer** page number + - *optional* `page_size`: **integer** number of users per page (default is `50`) + - *optional* `tags`: **[string]** tags list + - *optional* `name`: **string** user display name + - *optional* `email`: **string** user email +- Example: `https://mypleroma.org/api/pleroma/admin/users?query=john&filters=local,active&page=1&page_size=10&tags[]=some_tag&tags[]=another_tag&name=display_name&email=email@example.com` +- Response: + +```json +{ + "page_size": integer, + "count": integer, + "users": [ + { + "deactivated": bool, + "id": integer, + "nickname": string, + "roles": { + "admin": bool, + "moderator": bool + }, + "local": bool, + "tags": array, + "avatar": string, + "display_name": string + }, + ... + ] +} +``` + +## `/api/pleroma/admin/users` + +### Remove a user + +- Method `DELETE` +- Params: + - `nickname` +- Response: User’s nickname + +### Create a user + +- Method: `POST` +- Params: + `users`: [ + { + `nickname`, + `email`, + `password` + } + ] +- Response: User’s nickname + +## `/api/pleroma/admin/users/follow` +### Make a user follow another user + +- Methods: `POST` +- Params: + - `follower`: The nickname of the follower + - `followed`: The nickname of the followed +- Response: + - "ok" + +## `/api/pleroma/admin/users/unfollow` +### Make a user unfollow another user + +- Methods: `POST` +- Params: + - `follower`: The nickname of the follower + - `followed`: The nickname of the followed +- Response: + - "ok" + +## `/api/pleroma/admin/users/:nickname/toggle_activation` + +### Toggle user activation + +- Method: `PATCH` +- Params: + - `nickname` +- Response: User’s object + +```json +{ + "deactivated": bool, + "id": integer, + "nickname": string +} +``` + +## `/api/pleroma/admin/users/tag` + +### Tag a list of users + +- Method: `PUT` +- Params: + - `nicknames` (array) + - `tags` (array) + +### Untag a list of users + +- Method: `DELETE` +- Params: + - `nicknames` (array) + - `tags` (array) + +## `/api/pleroma/admin/users/:nickname/permission_group` + +### Get user user permission groups membership + +- Method: `GET` +- Params: none +- Response: + +```json +{ + "is_moderator": bool, + "is_admin": bool +} +``` + +## `/api/pleroma/admin/users/:nickname/permission_group/:permission_group` + +Note: Available `:permission_group` is currently moderator and admin. 404 is returned when the permission group doesn’t exist. + +### Get user user permission groups membership per permission group + +- Method: `GET` +- Params: none +- Response: + +```json +{ + "is_moderator": bool, + "is_admin": bool +} +``` + +### Add user in permission group + +- Method: `POST` +- Params: none +- Response: + - On failure: `{"error": "…"}` + - On success: JSON of the `user.info` + +### Remove user from permission group + +- Method: `DELETE` +- Params: none +- Response: + - On failure: `{"error": "…"}` + - On success: JSON of the `user.info` +- Note: An admin cannot revoke their own admin status. + +## `/api/pleroma/admin/users/:nickname/activation_status` + +### Active or deactivate a user + +- Method: `PUT` +- Params: + - `nickname` + - `status` BOOLEAN field, false value means deactivation. + +## `/api/pleroma/admin/users/:nickname_or_id` + +### Retrive the details of a user + +- Method: `GET` +- Params: + - `nickname` or `id` +- Response: + - On failure: `Not found` + - On success: JSON of the user + +## `/api/pleroma/admin/users/:nickname_or_id/statuses` + +### Retrive user's latest statuses + +- Method: `GET` +- Params: + - `nickname` or `id` + - *optional* `page_size`: number of statuses to return (default is `20`) + - *optional* `godmode`: `true`/`false` – allows to see private statuses +- Response: + - On failure: `Not found` + - On success: JSON array of user's latest statuses + +## `/api/pleroma/admin/relay` + +### Follow a Relay + +- Methods: `POST` +- Params: + - `relay_url` +- Response: + - On success: URL of the followed relay + +### Unfollow a Relay + +- Methods: `DELETE` +- Params: + - `relay_url` +- Response: + - On success: URL of the unfollowed relay + +## `/api/pleroma/admin/users/invite_token` + +### Create an account registration invite token + +- Methods: `POST` +- Params: + - *optional* `max_use` (integer) + - *optional* `expires_at` (date string e.g. "2019-04-07") +- Response: + +```json +{ + "id": integer, + "token": string, + "used": boolean, + "expires_at": date, + "uses": integer, + "max_use": integer, + "invite_type": string (possible values: `one_time`, `reusable`, `date_limited`, `reusable_date_limited`) +} +``` + +## `/api/pleroma/admin/users/invites` + +### Get a list of generated invites + +- Methods: `GET` +- Params: none +- Response: + +```json +{ + + "invites": [ + { + "id": integer, + "token": string, + "used": boolean, + "expires_at": date, + "uses": integer, + "max_use": integer, + "invite_type": string (possible values: `one_time`, `reusable`, `date_limited`, `reusable_date_limited`) + }, + ... + ] +} +``` + +## `/api/pleroma/admin/users/revoke_invite` + +### Revoke invite by token + +- Methods: `POST` +- Params: + - `token` +- Response: + +```json +{ + "id": integer, + "token": string, + "used": boolean, + "expires_at": date, + "uses": integer, + "max_use": integer, + "invite_type": string (possible values: `one_time`, `reusable`, `date_limited`, `reusable_date_limited`) + +} +``` + + +## `/api/pleroma/admin/users/email_invite` + +### Sends registration invite via email + +- Methods: `POST` +- Params: + - `email` + - `name`, optional + +## `/api/pleroma/admin/users/:nickname/password_reset` + +### Get a password reset token for a given nickname + +- Methods: `GET` +- Params: none +- Response: + +```json +{ + "token": "base64 reset token", + "link": "https://pleroma.social/api/pleroma/password_reset/url-encoded-base64-token" +} +``` + + +## `/api/pleroma/admin/users/:nickname/force_password_reset` + +### Force passord reset for a user with a given nickname + +- Methods: `PATCH` +- Params: none +- Response: none (code `204`) + +## `/api/pleroma/admin/reports` +### Get a list of reports +- Method `GET` +- Params: + - *optional* `state`: **string** the state of reports. Valid values are `open`, `closed` and `resolved` + - *optional* `limit`: **integer** the number of records to retrieve + - *optional* `page`: **integer** page number + - *optional* `page_size`: **integer** number of log entries per page (default is `50`) +- Response: + - On failure: 403 Forbidden error `{"error": "error_msg"}` when requested by anonymous or non-admin + - On success: JSON, returns a list of reports, where: + - `account`: the user who has been reported + - `actor`: the user who has sent the report + - `statuses`: list of statuses that have been included to the report + +```json +{ + "total" : 1, + "reports": [ + { + "account": { + "acct": "user", + "avatar": "https://pleroma.example.org/images/avi.png", + "avatar_static": "https://pleroma.example.org/images/avi.png", + "bot": false, + "created_at": "2019-04-23T17:32:04.000Z", + "display_name": "User", + "emojis": [], + "fields": [], + "followers_count": 1, + "following_count": 1, + "header": "https://pleroma.example.org/images/banner.png", + "header_static": "https://pleroma.example.org/images/banner.png", + "id": "9i6dAJqSGSKMzLG2Lo", + "locked": false, + "note": "", + "pleroma": { + "confirmation_pending": false, + "hide_favorites": true, + "hide_followers": false, + "hide_follows": false, + "is_admin": false, + "is_moderator": false, + "relationship": {}, + "tags": [] + }, + "source": { + "note": "", + "pleroma": {}, + "sensitive": false + }, + "tags": ["force_unlisted"], + "statuses_count": 3, + "url": "https://pleroma.example.org/users/user", + "username": "user" + }, + "actor": { + "acct": "lain", + "avatar": "https://pleroma.example.org/images/avi.png", + "avatar_static": "https://pleroma.example.org/images/avi.png", + "bot": false, + "created_at": "2019-03-28T17:36:03.000Z", + "display_name": "Roger Braun", + "emojis": [], + "fields": [], + "followers_count": 1, + "following_count": 1, + "header": "https://pleroma.example.org/images/banner.png", + "header_static": "https://pleroma.example.org/images/banner.png", + "id": "9hEkA5JsvAdlSrocam", + "locked": false, + "note": "", + "pleroma": { + "confirmation_pending": false, + "hide_favorites": false, + "hide_followers": false, + "hide_follows": false, + "is_admin": false, + "is_moderator": false, + "relationship": {}, + "tags": [] + }, + "source": { + "note": "", + "pleroma": {}, + "sensitive": false + }, + "tags": ["force_unlisted"], + "statuses_count": 1, + "url": "https://pleroma.example.org/users/lain", + "username": "lain" + }, + "content": "Please delete it", + "created_at": "2019-04-29T19:48:15.000Z", + "id": "9iJGOv1j8hxuw19bcm", + "state": "open", + "statuses": [ + { + "account": { ... }, + "application": { + "name": "Web", + "website": null + }, + "bookmarked": false, + "card": null, + "content": "@lain click on my link https://www.google.com/", + "created_at": "2019-04-23T19:15:47.000Z", + "emojis": [], + "favourited": false, + "favourites_count": 0, + "id": "9i6mQ9uVrrOmOime8m", + "in_reply_to_account_id": null, + "in_reply_to_id": null, + "language": null, + "media_attachments": [], + "mentions": [ + { + "acct": "lain", + "id": "9hEkA5JsvAdlSrocam", + "url": "https://pleroma.example.org/users/lain", + "username": "lain" + }, + { + "acct": "user", + "id": "9i6dAJqSGSKMzLG2Lo", + "url": "https://pleroma.example.org/users/user", + "username": "user" + } + ], + "muted": false, + "pinned": false, + "pleroma": { + "content": { + "text/plain": "@lain click on my link https://www.google.com/" + }, + "conversation_id": 28, + "in_reply_to_account_acct": null, + "local": true, + "spoiler_text": { + "text/plain": "" + } + }, + "reblog": null, + "reblogged": false, + "reblogs_count": 0, + "replies_count": 0, + "sensitive": false, + "spoiler_text": "", + "tags": [], + "uri": "https://pleroma.example.org/objects/8717b90f-8e09-4b58-97b0-e3305472b396", + "url": "https://pleroma.example.org/notice/9i6mQ9uVrrOmOime8m", + "visibility": "direct" + } + ] + } + ] +} +``` + +## `/api/pleroma/admin/reports/:id` +### Get an individual report +- Method `GET` +- Params: + - `id` +- Response: + - On failure: + - 403 Forbidden `{"error": "error_msg"}` + - 404 Not Found `"Not found"` + - On success: JSON, Report object (see above) + +## `/api/pleroma/admin/reports/:id` +### Change the state of the report +- Method `PUT` +- Params: + - `id` + - `state`: required, the new state. Valid values are `open`, `closed` and `resolved` +- Response: + - On failure: + - 400 Bad Request `"Unsupported state"` + - 403 Forbidden `{"error": "error_msg"}` + - 404 Not Found `"Not found"` + - On success: JSON, Report object (see above) + +## `/api/pleroma/admin/reports/:id/respond` +### Respond to a report +- Method `POST` +- Params: + - `id` + - `status`: required, the message +- Response: + - On failure: + - 400 Bad Request `"Invalid parameters"` when `status` is missing + - 403 Forbidden `{"error": "error_msg"}` + - 404 Not Found `"Not found"` + - On success: JSON, created Mastodon Status entity + +```json +{ + "account": { ... }, + "application": { + "name": "Web", + "website": null + }, + "bookmarked": false, + "card": null, + "content": "Your claim is going to be closed", + "created_at": "2019-05-11T17:13:03.000Z", + "emojis": [], + "favourited": false, + "favourites_count": 0, + "id": "9ihuiSL1405I65TmEq", + "in_reply_to_account_id": null, + "in_reply_to_id": null, + "language": null, + "media_attachments": [], + "mentions": [ + { + "acct": "user", + "id": "9i6dAJqSGSKMzLG2Lo", + "url": "https://pleroma.example.org/users/user", + "username": "user" + }, + { + "acct": "admin", + "id": "9hEkA5JsvAdlSrocam", + "url": "https://pleroma.example.org/users/admin", + "username": "admin" + } + ], + "muted": false, + "pinned": false, + "pleroma": { + "content": { + "text/plain": "Your claim is going to be closed" + }, + "conversation_id": 35, + "in_reply_to_account_acct": null, + "local": true, + "spoiler_text": { + "text/plain": "" + } + }, + "reblog": null, + "reblogged": false, + "reblogs_count": 0, + "replies_count": 0, + "sensitive": false, + "spoiler_text": "", + "tags": [], + "uri": "https://pleroma.example.org/objects/cab0836d-9814-46cd-a0ea-529da9db5fcb", + "url": "https://pleroma.example.org/notice/9ihuiSL1405I65TmEq", + "visibility": "direct" +} +``` + +## `/api/pleroma/admin/statuses/:id` +### Change the scope of an individual reported status +- Method `PUT` +- Params: + - `id` + - `sensitive`: optional, valid values are `true` or `false` + - `visibility`: optional, valid values are `public`, `private` and `unlisted` +- Response: + - On failure: + - 400 Bad Request `"Unsupported visibility"` + - 403 Forbidden `{"error": "error_msg"}` + - 404 Not Found `"Not found"` + - On success: JSON, Mastodon Status entity + +## `/api/pleroma/admin/statuses/:id` +### Delete an individual reported status +- Method `DELETE` +- Params: + - `id` +- Response: + - On failure: + - 403 Forbidden `{"error": "error_msg"}` + - 404 Not Found `"Not found"` + - On success: 200 OK `{}` + + +## `/api/pleroma/admin/config/migrate_to_db` +### Run mix task pleroma.config migrate_to_db +Copy settings on key `:pleroma` to DB. +- Method `GET` +- Params: none +- Response: + +```json +{} +``` + +## `/api/pleroma/admin/config/migrate_from_db` +### Run mix task pleroma.config migrate_from_db +Copy all settings from DB to `config/prod.exported_from_db.secret.exs` with deletion from DB. +- Method `GET` +- Params: none +- Response: + +```json +{} +``` + +## `/api/pleroma/admin/config` +### List config settings +List config settings only works with `:pleroma => :instance => :dynamic_configuration` setting to `true`. +- Method `GET` +- Params: none +- Response: + +```json +{ + configs: [ + { + "group": string, + "key": string or string with leading `:` for atoms, + "value": string or {} or [] or {"tuple": []} + } + ] +} +``` + +## `/api/pleroma/admin/config` +### Update config settings +Updating config settings only works with `:pleroma => :instance => :dynamic_configuration` setting to `true`. +Module name can be passed as string, which starts with `Pleroma`, e.g. `"Pleroma.Upload"`. +Atom keys and values can be passed with `:` in the beginning, e.g. `":upload"`. +Tuples can be passed as `{"tuple": ["first_val", Pleroma.Module, []]}`. +`{"tuple": ["some_string", "Pleroma.Some.Module", []]}` will be converted to `{"some_string", Pleroma.Some.Module, []}`. +Keywords can be passed as lists with 2 child tuples, e.g. +`[{"tuple": ["first_val", Pleroma.Module]}, {"tuple": ["second_val", true]}]`. + +If value contains list of settings `[subkey: val1, subkey2: val2, subkey3: val3]`, it's possible to remove only subkeys instead of all settings passing `subkeys` parameter. E.g.: +{"group": "pleroma", "key": "some_key", "delete": "true", "subkeys": [":subkey", ":subkey3"]}. + +Compile time settings (need instance reboot): +- all settings by this keys: + - `:hackney_pools` + - `:chat` + - `Pleroma.Web.Endpoint` + - `Pleroma.Repo` +- part settings: + - `Pleroma.Captcha` -> `:seconds_valid` + - `Pleroma.Upload` -> `:proxy_remote` + - `:instance` -> `:upload_limit` + +- Method `POST` +- Params: + - `configs` => [ + - `group` (string) + - `key` (string or string with leading `:` for atoms) + - `value` (string, [], {} or {"tuple": []}) + - `delete` = true (optional, if parameter must be deleted) + - `subkeys` [(string with leading `:` for atoms)] (optional, works only if `delete=true` parameter is passed, otherwise will be ignored) + ] + +- Request (example): + +```json +{ + configs: [ + { + "group": "pleroma", + "key": "Pleroma.Upload", + "value": [ + {"tuple": [":uploader", "Pleroma.Uploaders.Local"]}, + {"tuple": [":filters", ["Pleroma.Upload.Filter.Dedupe"]]}, + {"tuple": [":link_name", true]}, + {"tuple": [":proxy_remote", false]}, + {"tuple": [":proxy_opts", [ + {"tuple": [":redirect_on_failure", false]}, + {"tuple": [":max_body_length", 1048576]}, + {"tuple": [":http": [ + {"tuple": [":follow_redirect", true]}, + {"tuple": [":pool", ":upload"]}, + ]]} + ] + ]}, + {"tuple": [":dispatch", { + "tuple": ["/api/v1/streaming", "Pleroma.Web.MastodonAPI.WebsocketHandler", []] + }]} + ] + } + ] +} +``` + +- Response: + +```json +{ + configs: [ + { + "group": string, + "key": string or string with leading `:` for atoms, + "value": string or {} or [] or {"tuple": []} + } + ] +} +``` + +## `/api/pleroma/admin/moderation_log` +### Get moderation log +- Method `GET` +- Params: + - *optional* `page`: **integer** page number + - *optional* `page_size`: **integer** number of log entries per page (default is `50`) + - *optional* `start_date`: **datetime (ISO 8601)** filter logs by creation date, start from `start_date`. Accepts datetime in ISO 8601 format (YYYY-MM-DDThh:mm:ss), e.g. `2005-08-09T18:31:42` + - *optional* `end_date`: **datetime (ISO 8601)** filter logs by creation date, end by from `end_date`. Accepts datetime in ISO 8601 format (YYYY-MM-DDThh:mm:ss), e.g. 2005-08-09T18:31:42 + - *optional* `user_id`: **integer** filter logs by actor's id + - *optional* `search`: **string** search logs by the log message +- Response: + +```json +[ + { + "data": { + "actor": { + "id": 1, + "nickname": "lain" + }, + "action": "relay_follow" + }, + "time": 1502812026, // timestamp + "message": "[2017-08-15 15:47:06] @nick0 followed relay: https://example.org/relay" // log message + } +] +``` + +## `POST /api/pleroma/admin/reload_emoji` +### Reload the instance's custom emoji +* Method `POST` +* Authentication: required +* Params: None +* Response: JSON, "ok" and 200 status diff --git a/docs/API/differences_in_mastoapi_responses.md b/docs/API/differences_in_mastoapi_responses.md new file mode 100644 index 000000000..d007a69c3 --- /dev/null +++ b/docs/API/differences_in_mastoapi_responses.md @@ -0,0 +1,149 @@ +# Differences in Mastodon API responses from vanilla Mastodon + +A Pleroma instance can be identified by " (compatible; Pleroma )" present in `version` field in response from `/api/v1/instance` + +## Flake IDs + +Pleroma uses 128-bit ids as opposed to Mastodon's 64 bits. However just like Mastodon's ids they are sortable strings + +## Attachment cap + +Some apps operate under the assumption that no more than 4 attachments can be returned or uploaded. Pleroma however does not enforce any limits on attachment count neither when returning the status object nor when posting. + +## Timelines + +Adding the parameter `with_muted=true` to the timeline queries will also return activities by muted (not by blocked!) users. + +## Statuses + +- `visibility`: has an additional possible value `list` + +Has these additional fields under the `pleroma` object: + +- `local`: true if the post was made on the local instance +- `conversation_id`: the ID of the AP context the status is associated with (if any) +- `direct_conversation_id`: the ID of the Mastodon direct message conversation the status is associated with (if any) +- `in_reply_to_account_acct`: the `acct` property of User entity for replied user (if any) +- `content`: a map consisting of alternate representations of the `content` property with the key being it's mimetype. Currently the only alternate representation supported is `text/plain` +- `spoiler_text`: a map consisting of alternate representations of the `spoiler_text` property with the key being it's mimetype. Currently the only alternate representation supported is `text/plain` +- `expires_at`: a datetime (iso8601) that states when the post will expire (be deleted automatically), or empty if the post won't expire +- `thread_muted`: true if the thread the post belongs to is muted + +## Attachments + +Has these additional fields under the `pleroma` object: + +- `mime_type`: mime type of the attachment. + +## Accounts + +The `id` parameter can also be the `nickname` of the user. This only works in these endpoints, not the deeper nested ones for following etc. + +- `/api/v1/accounts/:id` +- `/api/v1/accounts/:id/statuses` + +Has these additional fields under the `pleroma` object: + +- `tags`: Lists an array of tags for the user +- `relationship{}`: Includes fields as documented for Mastodon API https://docs.joinmastodon.org/api/entities/#relationship +- `is_moderator`: boolean, nullable, true if user is a moderator +- `is_admin`: boolean, nullable, true if user is an admin +- `confirmation_pending`: boolean, true if a new user account is waiting on email confirmation to be activated +- `hide_followers`: boolean, true when the user has follower hiding enabled +- `hide_follows`: boolean, true when the user has follow hiding enabled +- `hide_followers_count`: boolean, true when the user has follower stat hiding enabled +- `hide_follows_count`: boolean, true when the user has follow stat hiding enabled +- `settings_store`: A generic map of settings for frontends. Opaque to the backend. Only returned in `verify_credentials` and `update_credentials` +- `chat_token`: The token needed for Pleroma chat. Only returned in `verify_credentials` +- `deactivated`: boolean, true when the user is deactivated + +### Source + +Has these additional fields under the `pleroma` object: + +- `show_role`: boolean, nullable, true when the user wants his role (e.g admin, moderator) to be shown +- `no_rich_text` - boolean, nullable, true when html tags are stripped from all statuses requested from the API + +## Conversations + +Has an additional field under the `pleroma` object: + +- `recipients`: The list of the recipients of this Conversation. These will be addressed when replying to this conversation. + +## Account Search + +Behavior has changed: + +- `/api/v1/accounts/search`: Does not require authentication + + +## Notifications + +Has these additional fields under the `pleroma` object: + +- `is_seen`: true if the notification was read by the user + +## POST `/api/v1/statuses` + +Additional parameters can be added to the JSON body/Form data: + +- `preview`: boolean, if set to `true` the post won't be actually posted, but the status entitiy would still be rendered back. This could be useful for previewing rich text/custom emoji, for example. +- `content_type`: string, contain the MIME type of the status, it is transformed into HTML by the backend. You can get the list of the supported MIME types with the nodeinfo endpoint. +- `to`: A list of nicknames (like `lain@soykaf.club` or `lain` on the local server) that will be used to determine who is going to be addressed by this post. Using this will disable the implicit addressing by mentioned names in the `status` body, only the people in the `to` list will be addressed. The normal rules for for post visibility are not affected by this and will still apply. +- `visibility`: string, besides standard MastoAPI values (`direct`, `private`, `unlisted` or `public`) it can be used to address a List by setting it to `list:LIST_ID`. +- `expires_in`: The number of seconds the posted activity should expire in. When a posted activity expires it will be deleted from the server, and a delete request for it will be federated. This needs to be longer than an hour. +- `in_reply_to_conversation_id`: Will reply to a given conversation, addressing only the people who are part of the recipient set of that conversation. Sets the visibility to `direct`. + +## GET `/api/v1/statuses` + +An endpoint to get multiple statuses by IDs. + +Required parameters: + +- `ids`: array of activity ids + +Usage example: `GET /api/v1/statuses/?ids[]=1&ids[]=2`. + +Returns: array of Status. + +The maximum number of statuses is limited to 100 per request. + +## PATCH `/api/v1/update_credentials` + +Additional parameters can be added to the JSON body/Form data: + +- `no_rich_text` - if true, html tags are stripped from all statuses requested from the API +- `hide_followers` - if true, user's followers will be hidden +- `hide_follows` - if true, user's follows will be hidden +- `hide_followers_count` - if true, user's follower count will be hidden +- `hide_follows_count` - if true, user's follow count will be hidden +- `hide_favorites` - if true, user's favorites timeline will be hidden +- `show_role` - if true, user's role (e.g admin, moderator) will be exposed to anyone in the API +- `default_scope` - the scope returned under `privacy` key in Source subentity +- `pleroma_settings_store` - Opaque user settings to be saved on the backend. +- `skip_thread_containment` - if true, skip filtering out broken threads +- `pleroma_background_image` - sets the background image of the user. + +### Pleroma Settings Store +Pleroma has mechanism that allows frontends to save blobs of json for each user on the backend. This can be used to save frontend-specific settings for a user that the backend does not need to know about. + +The parameter should have a form of `{frontend_name: {...}}`, with `frontend_name` identifying your type of client, e.g. `pleroma_fe`. It will overwrite everything under this property, but will not overwrite other frontend's settings. + +This information is returned in the `verify_credentials` endpoint. + +## Authentication + +*Pleroma supports refreshing tokens. + +`POST /oauth/token` +Post here request with grant_type=refresh_token to obtain new access token. Returns an access token. + +## Account Registration +`POST /api/v1/accounts` + +Has theses additionnal parameters (which are the same as in Pleroma-API): + * `fullname`: optional + * `bio`: optional + * `captcha_solution`: optional, contains provider-specific captcha solution, + * `captcha_token`: optional, contains provider-specific captcha token + * `token`: invite token required when the registerations aren't public. diff --git a/docs/API/pleroma_api.md b/docs/API/pleroma_api.md new file mode 100644 index 000000000..41889a0ef --- /dev/null +++ b/docs/API/pleroma_api.md @@ -0,0 +1,473 @@ +# Pleroma API + +Requests that require it can be authenticated with [an OAuth token](https://tools.ietf.org/html/rfc6749), the `_pleroma_key` cookie, or [HTTP Basic Authentication](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Authorization). + +Request parameters can be passed via [query strings](https://en.wikipedia.org/wiki/Query_string) or as [form data](https://www.w3.org/TR/html401/interact/forms.html). Files must be uploaded as `multipart/form-data`. + +## `/api/pleroma/emoji` +### Lists the custom emoji on that server. +* Method: `GET` +* Authentication: not required +* Params: none +* Response: JSON +* Example response: +```json +{ + "girlpower": { + "tags": [ + "Finmoji" + ], + "image_url": "/finmoji/128px/girlpower-128.png" + }, + "education": { + "tags": [ + "Finmoji" + ], + "image_url": "/finmoji/128px/education-128.png" + }, + "finnishlove": { + "tags": [ + "Finmoji" + ], + "image_url": "/finmoji/128px/finnishlove-128.png" + } +} +``` +* Note: Same data as Mastodon API’s `/api/v1/custom_emojis` but in a different format + +## `/api/pleroma/follow_import` +### Imports your follows, for example from a Mastodon CSV file. +* Method: `POST` +* Authentication: required +* Params: + * `list`: STRING or FILE containing a whitespace-separated list of accounts to follow +* Response: HTTP 200 on success, 500 on error +* Note: Users that can't be followed are silently skipped. + +## `/api/pleroma/captcha` +### Get a new captcha +* Method: `GET` +* Authentication: not required +* Params: none +* Response: Provider specific JSON, the only guaranteed parameter is `type` +* Example response: `{"type": "kocaptcha", "token": "whatever", "url": "https://captcha.kotobank.ch/endpoint"}` + +## `/api/pleroma/delete_account` +### Delete an account +* Method `POST` +* Authentication: required +* Params: + * `password`: user's password +* Response: JSON. Returns `{"status": "success"}` if the deletion was successful, `{"error": "[error message]"}` otherwise +* Example response: `{"error": "Invalid password."}` + +## `/api/pleroma/disable_account` +### Disable an account +* Method `POST` +* Authentication: required +* Params: + * `password`: user's password +* Response: JSON. Returns `{"status": "success"}` if the account was successfully disabled, `{"error": "[error message]"}` otherwise +* Example response: `{"error": "Invalid password."}` + +## `/api/account/register` +### Register a new user +* Method `POST` +* Authentication: not required +* Params: + * `nickname` + * `fullname` + * `bio` + * `email` + * `password` + * `confirm` + * `captcha_solution`: optional, contains provider-specific captcha solution, + * `captcha_token`: optional, contains provider-specific captcha token + * `token`: invite token required when the registrations aren't public. +* Response: JSON. Returns a user object on success, otherwise returns `{"error": "error_msg"}` +* Example response: +```json +{ + "background_image": null, + "cover_photo": "https://pleroma.soykaf.com/images/banner.png", + "created_at": "Tue Dec 18 16:55:56 +0000 2018", + "default_scope": "public", + "description": "blushy-crushy fediverse idol + pleroma dev\nlet's be friends \nぷれろまの生徒会長。謎の外人。日本語OK. \n公主病.", + "description_html": "blushy-crushy fediverse idol + pleroma dev.
let's be friends
ぷれろまの生徒会長。謎の外人。日本語OK.
公主病.", + "favourites_count": 0, + "fields": [], + "followers_count": 0, + "following": false, + "follows_you": false, + "friends_count": 0, + "id": 6, + "is_local": true, + "locked": false, + "name": "lain", + "name_html": "lain", + "no_rich_text": false, + "pleroma": { + "tags": [] + }, + "profile_image_url": "https://pleroma.soykaf.com/images/avi.png", + "profile_image_url_https": "https://pleroma.soykaf.com/images/avi.png", + "profile_image_url_original": "https://pleroma.soykaf.com/images/avi.png", + "profile_image_url_profile_size": "https://pleroma.soykaf.com/images/avi.png", + "rights": { + "delete_others_notice": false + }, + "screen_name": "lain", + "statuses_count": 0, + "statusnet_blocking": false, + "statusnet_profile_url": "https://pleroma.soykaf.com/users/lain" +} +``` + +## `/api/pleroma/admin/`… +See [Admin-API](Admin-API.md) + +## `/api/v1/pleroma/notifications/read` +### Mark notifications as read +* Method `POST` +* Authentication: required +* Params (mutually exclusive): + * `id`: a single notification id to read + * `max_id`: read all notifications up to this id +* Response: Notification entity/Array of Notification entities that were read. In case of `max_id`, only the first 80 read notifications will be returned. + +## `/api/v1/pleroma/accounts/:id/subscribe` +### Subscribe to receive notifications for all statuses posted by a user +* Method `POST` +* Authentication: required +* Params: + * `id`: account id to subscribe to +* Response: JSON, returns a mastodon relationship object on success, otherwise returns `{"error": "error_msg"}` +* Example response: +```json +{ + "id": "abcdefg", + "following": true, + "followed_by": false, + "blocking": false, + "muting": false, + "muting_notifications": false, + "subscribing": true, + "requested": false, + "domain_blocking": false, + "showing_reblogs": true, + "endorsed": false +} +``` + +## `/api/v1/pleroma/accounts/:id/unsubscribe` +### Unsubscribe to stop receiving notifications from user statuses +* Method `POST` +* Authentication: required +* Params: + * `id`: account id to unsubscribe from +* Response: JSON, returns a mastodon relationship object on success, otherwise returns `{"error": "error_msg"}` +* Example response: +```json +{ + "id": "abcdefg", + "following": true, + "followed_by": false, + "blocking": false, + "muting": false, + "muting_notifications": false, + "subscribing": false, + "requested": false, + "domain_blocking": false, + "showing_reblogs": true, + "endorsed": false +} +``` + +## `/api/v1/pleroma/accounts/:id/favourites` +### Returns favorites timeline of any user +* Method `GET` +* Authentication: not required +* Params: + * `id`: the id of the account for whom to return results + * `limit`: optional, the number of records to retrieve + * `since_id`: optional, returns results that are more recent than the specified id + * `max_id`: optional, returns results that are older than the specified id +* Response: JSON, returns a list of Mastodon Status entities on success, otherwise returns `{"error": "error_msg"}` +* Example response: +```json +[ + { + "account": { + "id": "9hptFmUF3ztxYh3Svg", + "url": "https://pleroma.example.org/users/nick2", + "username": "nick2", + ... + }, + "application": {"name": "Web", "website": null}, + "bookmarked": false, + "card": null, + "content": "This is :moominmamma: note 0", + "created_at": "2019-04-15T15:42:15.000Z", + "emojis": [], + "favourited": false, + "favourites_count": 1, + "id": "9hptFmVJ02khbzYJaS", + "in_reply_to_account_id": null, + "in_reply_to_id": null, + "language": null, + "media_attachments": [], + "mentions": [], + "muted": false, + "pinned": false, + "pleroma": { + "content": {"text/plain": "This is :moominmamma: note 0"}, + "conversation_id": 13679, + "local": true, + "spoiler_text": {"text/plain": "2hu"} + }, + "reblog": null, + "reblogged": false, + "reblogs_count": 0, + "replies_count": 0, + "sensitive": false, + "spoiler_text": "2hu", + "tags": [{"name": "2hu", "url": "/tag/2hu"}], + "uri": "https://pleroma.example.org/objects/198ed2a1-7912-4482-b559-244a0369e984", + "url": "https://pleroma.example.org/notice/9hptFmVJ02khbzYJaS", + "visibility": "public" + } +] +``` + +## `/api/v1/pleroma/accounts/update_*` +### Set and clear account avatar, banner, and background + +- PATCH `/api/v1/pleroma/accounts/update_avatar`: Set/clear user avatar image +- PATCH `/api/v1/pleroma/accounts/update_banner`: Set/clear user banner image +- PATCH `/api/v1/pleroma/accounts/update_background`: Set/clear user background image + +## `/api/v1/pleroma/accounts/confirmation_resend` +### Resend confirmation email +* Method `POST` +* Params: + * `email`: email of that needs to be verified +* Authentication: not required +* Response: 204 No Content + +## `/api/v1/pleroma/mascot` +### Gets user mascot image +* Method `GET` +* Authentication: required + +* Response: JSON. Returns a mastodon media attachment entity. +* Example response: +```json +{ + "id": "abcdefg", + "url": "https://pleroma.example.org/media/abcdefg.png", + "type": "image", + "pleroma": { + "mime_type": "image/png" + } +} +``` + +### Updates user mascot image +* Method `PUT` +* Authentication: required +* Params: + * `image`: Multipart image +* Response: JSON. Returns a mastodon media attachment entity + when successful, otherwise returns HTTP 415 `{"error": "error_msg"}` +* Example response: +```json +{ + "id": "abcdefg", + "url": "https://pleroma.example.org/media/abcdefg.png", + "type": "image", + "pleroma": { + "mime_type": "image/png" + } +} +``` +* Note: Behaves exactly the same as `POST /api/v1/upload`. + Can only accept images - any attempt to upload non-image files will be met with `HTTP 415 Unsupported Media Type`. + +## `/api/pleroma/notification_settings` +### Updates user notification settings +* Method `PUT` +* Authentication: required +* Params: + * `followers`: BOOLEAN field, receives notifications from followers + * `follows`: BOOLEAN field, receives notifications from people the user follows + * `remote`: BOOLEAN field, receives notifications from people on remote instances + * `local`: BOOLEAN field, receives notifications from people on the local instance +* Response: JSON. Returns `{"status": "success"}` if the update was successful, otherwise returns `{"error": "error_msg"}` + +## `/api/pleroma/healthcheck` +### Healthcheck endpoint with additional system data. +* Method `GET` +* Authentication: not required +* Params: none +* Response: JSON, statuses (200 - healthy, 503 unhealthy). +* Example response: +```json +{ + "pool_size": 0, # database connection pool + "active": 0, # active processes + "idle": 0, # idle processes + "memory_used": 0.00, # Memory used + "healthy": true # Instance state +} +``` + +## `/api/pleroma/change_email` +### Change account email +* Method `POST` +* Authentication: required +* Params: + * `password`: user's password + * `email`: new email +* Response: JSON. Returns `{"status": "success"}` if the change was successful, `{"error": "[error message]"}` otherwise +* Note: Currently, Mastodon has no API for changing email. If they add it in future it might be incompatible with Pleroma. + +# Pleroma Conversations + +Pleroma Conversations have the same general structure that Mastodon Conversations have. The behavior differs in the following ways when using these endpoints: + +1. Pleroma Conversations never add or remove recipients, unless explicitly changed by the user. +2. Pleroma Conversations statuses can be requested by Conversation id. +3. Pleroma Conversations can be replied to. + +Conversations have the additional field "recipients" under the "pleroma" key. This holds a list of all the accounts that will receive a message in this conversation. + +The status posting endpoint takes an additional parameter, `in_reply_to_conversation_id`, which, when set, will set the visiblity to direct and address only the people who are the recipients of that Conversation. + + +## `GET /api/v1/pleroma/conversations/:id/statuses` +### Timeline for a given conversation +* Method `GET` +* Authentication: required +* Params: Like other timelines +* Response: JSON, statuses (200 - healthy, 503 unhealthy). + +## `GET /api/v1/pleroma/conversations/:id` +### The conversation with the given ID. +* Method `GET` +* Authentication: required +* Params: None +* Response: JSON, statuses (200 - healthy, 503 unhealthy). + +## `PATCH /api/v1/pleroma/conversations/:id` +### Update a conversation. Used to change the set of recipients. +* Method `PATCH` +* Authentication: required +* Params: + * `recipients`: A list of ids of users that should receive posts to this conversation. This will replace the current list of recipients, so submit the full list. The owner of owner of the conversation will always be part of the set of recipients, though. +* Response: JSON, statuses (200 - healthy, 503 unhealthy) + +## `GET /api/pleroma/emoji/packs` +### Lists the custom emoji packs on the server +* Method `GET` +* Authentication: not required +* Params: None +* Response: JSON, "ok" and 200 status and the JSON hashmap of "pack name" to "pack contents" + +## `PUT /api/pleroma/emoji/packs/:name` +### Creates an empty custom emoji pack +* Method `PUT` +* Authentication: required +* Params: None +* Response: JSON, "ok" and 200 status or 409 if the pack with that name already exists + +## `DELETE /api/pleroma/emoji/packs/:name` +### Delete a custom emoji pack +* Method `DELETE` +* Authentication: required +* Params: None +* Response: JSON, "ok" and 200 status or 500 if there was an error deleting the pack + +## `POST /api/pleroma/emoji/packs/:name/update_file` +### Update a file in a custom emoji pack +* Method `POST` +* Authentication: required +* Params: + * if the `action` is `add`, adds an emoji named `shortcode` to the pack `pack_name`, + that means that the emoji file needs to be uploaded with the request + (thus requiring it to be a multipart request) and be named `file`. + There can also be an optional `filename` that will be the new emoji file name + (if it's not there, the name will be taken from the uploaded file). + * if the `action` is `update`, changes emoji shortcode + (from `shortcode` to `new_shortcode` or moves the file (from the current filename to `new_filename`) + * if the `action` is `remove`, removes the emoji named `shortcode` and it's associated file +* Response: JSON, updated "files" section of the pack and 200 status, 409 if the trying to use a shortcode + that is already taken, 400 if there was an error with the shortcode, filename or file (additional info + in the "error" part of the response JSON) + +## `POST /api/pleroma/emoji/packs/:name/update_metadata` +### Updates (replaces) pack metadata +* Method `POST` +* Authentication: required +* Params: + * `new_data`: new metadata to replace the old one +* Response: JSON, updated "metadata" section of the pack and 200 status or 400 if there was a + problem with the new metadata (the error is specified in the "error" part of the response JSON) + +## `POST /api/pleroma/emoji/packs/download_from` +### Requests the instance to download the pack from another instance +* Method `POST` +* Authentication: required +* Params: + * `instance_address`: the address of the instance to download from + * `pack_name`: the pack to download from that instance +* Response: JSON, "ok" and 200 status if the pack was downloaded, or 500 if there were + errors downloading the pack + +## `POST /api/pleroma/emoji/packs/list_from` +### Requests the instance to list the packs from another instance +* Method `POST` +* Authentication: required +* Params: + * `instance_address`: the address of the instance to download from +* Response: JSON with the pack list, same as if the request was made to that instance's + list endpoint directly + 200 status + +## `GET /api/pleroma/emoji/packs/:name/download_shared` +### Requests a local pack from the instance +* Method `GET` +* Authentication: not required +* Params: None +* Response: the archive of the pack with a 200 status code, 403 if the pack is not set as shared, + 404 if the pack does not exist + +## `GET /api/v1/pleroma/accounts/:id/scrobbles` +### Requests a list of current and recent Listen activities for an account +* Method `GET` +* Authentication: not required +* Params: None +* Response: An array of media metadata entities. +* Example response: +```json +[ + { + "account": {...}, + "id": "1234", + "title": "Some Title", + "artist": "Some Artist", + "album": "Some Album", + "length": 180000, + "created_at": "2019-09-28T12:40:45.000Z" + } +] +``` + +## `POST /api/v1/pleroma/scrobble` +### Creates a new Listen activity for an account +* Method `POST` +* Authentication: required +* Params: + * `title`: the title of the media playing + * `album`: the album of the media playing [optional] + * `artist`: the artist of the media playing [optional] + * `length`: the length of the media playing [optional] +* Response: the newly created media metadata entity representing the Listen activity diff --git a/docs/API/prometheus.md b/docs/API/prometheus.md new file mode 100644 index 000000000..19c564e3c --- /dev/null +++ b/docs/API/prometheus.md @@ -0,0 +1,22 @@ +# Prometheus Metrics + +Pleroma includes support for exporting metrics via the [prometheus_ex](https://github.com/deadtrickster/prometheus.ex) library. + +## `/api/pleroma/app_metrics` +### Exports Prometheus application metrics +* Method: `GET` +* Authentication: not required +* Params: none +* Response: JSON + +## Grafana +### Config example +The following is a config example to use with [Grafana](https://grafana.com) + +``` + - job_name: 'beam' + metrics_path: /api/pleroma/app_metrics + scheme: https + static_configs: + - targets: ['pleroma.soykaf.com'] +``` diff --git a/docs/admin/backup.md b/docs/admin/backup.md deleted file mode 100644 index 2c70e7bf8..000000000 --- a/docs/admin/backup.md +++ /dev/null @@ -1,17 +0,0 @@ -# Backup/Restore your instance - -## Backup - -1. Stop the Pleroma service. -2. Go to the working directory of Pleroma (default is `/opt/pleroma`) -3. Run `sudo -Hu postgres pg_dump -d --format=custom -f ` -4. Copy `pleroma.pgdump`, `config/prod.secret.exs` and the `uploads` folder to your backup destination. If you have other modifications, copy those changes too. -5. Restart the Pleroma service. - -## Restore - -1. Stop the Pleroma service. -2. Go to the working directory of Pleroma (default is `/opt/pleroma`) -3. Copy the above mentioned files back to their original position. -4. Run `sudo -Hu postgres pg_restore -d -v -1 ` -5. Restart the Pleroma service. diff --git a/docs/admin/updating.md b/docs/admin/updating.md deleted file mode 100644 index 84e6ef18d..000000000 --- a/docs/admin/updating.md +++ /dev/null @@ -1,9 +0,0 @@ -# Updating your instance -1. Go to the working directory of Pleroma (default is `/opt/pleroma`) -2. Run `git pull`. This pulls the latest changes from upstream. -3. Run `mix deps.get`. This pulls in any new dependencies. -4. Stop the Pleroma service. -5. Run `mix ecto.migrate`[^1]. This task performs database migrations, if there were any. -6. Start the Pleroma service. - -[^1]: Prefix with `MIX_ENV=prod` to run it using the production config file. diff --git a/docs/administration/backup.md b/docs/administration/backup.md new file mode 100644 index 000000000..2c70e7bf8 --- /dev/null +++ b/docs/administration/backup.md @@ -0,0 +1,17 @@ +# Backup/Restore your instance + +## Backup + +1. Stop the Pleroma service. +2. Go to the working directory of Pleroma (default is `/opt/pleroma`) +3. Run `sudo -Hu postgres pg_dump -d --format=custom -f ` +4. Copy `pleroma.pgdump`, `config/prod.secret.exs` and the `uploads` folder to your backup destination. If you have other modifications, copy those changes too. +5. Restart the Pleroma service. + +## Restore + +1. Stop the Pleroma service. +2. Go to the working directory of Pleroma (default is `/opt/pleroma`) +3. Copy the above mentioned files back to their original position. +4. Run `sudo -Hu postgres pg_restore -d -v -1 ` +5. Restart the Pleroma service. diff --git a/docs/administration/updating.md b/docs/administration/updating.md new file mode 100644 index 000000000..84e6ef18d --- /dev/null +++ b/docs/administration/updating.md @@ -0,0 +1,9 @@ +# Updating your instance +1. Go to the working directory of Pleroma (default is `/opt/pleroma`) +2. Run `git pull`. This pulls the latest changes from upstream. +3. Run `mix deps.get`. This pulls in any new dependencies. +4. Stop the Pleroma service. +5. Run `mix ecto.migrate`[^1]. This task performs database migrations, if there were any. +6. Start the Pleroma service. + +[^1]: Prefix with `MIX_ENV=prod` to run it using the production config file. diff --git a/docs/api/admin_api.md b/docs/api/admin_api.md deleted file mode 100644 index ee9e68cb1..000000000 --- a/docs/api/admin_api.md +++ /dev/null @@ -1,763 +0,0 @@ -# Admin API - -Authentication is required and the user must be an admin. - -## `/api/pleroma/admin/users` - -### List users - -- Method `GET` -- Query Params: - - *optional* `query`: **string** search term (e.g. nickname, domain, nickname@domain) - - *optional* `filters`: **string** comma-separated string of filters: - - `local`: only local users - - `external`: only external users - - `active`: only active users - - `deactivated`: only deactivated users - - `is_admin`: users with admin role - - `is_moderator`: users with moderator role - - *optional* `page`: **integer** page number - - *optional* `page_size`: **integer** number of users per page (default is `50`) - - *optional* `tags`: **[string]** tags list - - *optional* `name`: **string** user display name - - *optional* `email`: **string** user email -- Example: `https://mypleroma.org/api/pleroma/admin/users?query=john&filters=local,active&page=1&page_size=10&tags[]=some_tag&tags[]=another_tag&name=display_name&email=email@example.com` -- Response: - -```json -{ - "page_size": integer, - "count": integer, - "users": [ - { - "deactivated": bool, - "id": integer, - "nickname": string, - "roles": { - "admin": bool, - "moderator": bool - }, - "local": bool, - "tags": array, - "avatar": string, - "display_name": string - }, - ... - ] -} -``` - -## `/api/pleroma/admin/users` - -### Remove a user - -- Method `DELETE` -- Params: - - `nickname` -- Response: User’s nickname - -### Create a user - -- Method: `POST` -- Params: - `users`: [ - { - `nickname`, - `email`, - `password` - } - ] -- Response: User’s nickname - -## `/api/pleroma/admin/users/follow` -### Make a user follow another user - -- Methods: `POST` -- Params: - - `follower`: The nickname of the follower - - `followed`: The nickname of the followed -- Response: - - "ok" - -## `/api/pleroma/admin/users/unfollow` -### Make a user unfollow another user - -- Methods: `POST` -- Params: - - `follower`: The nickname of the follower - - `followed`: The nickname of the followed -- Response: - - "ok" - -## `/api/pleroma/admin/users/:nickname/toggle_activation` - -### Toggle user activation - -- Method: `PATCH` -- Params: - - `nickname` -- Response: User’s object - -```json -{ - "deactivated": bool, - "id": integer, - "nickname": string -} -``` - -## `/api/pleroma/admin/users/tag` - -### Tag a list of users - -- Method: `PUT` -- Params: - - `nicknames` (array) - - `tags` (array) - -### Untag a list of users - -- Method: `DELETE` -- Params: - - `nicknames` (array) - - `tags` (array) - -## `/api/pleroma/admin/users/:nickname/permission_group` - -### Get user user permission groups membership - -- Method: `GET` -- Params: none -- Response: - -```json -{ - "is_moderator": bool, - "is_admin": bool -} -``` - -## `/api/pleroma/admin/users/:nickname/permission_group/:permission_group` - -Note: Available `:permission_group` is currently moderator and admin. 404 is returned when the permission group doesn’t exist. - -### Get user user permission groups membership per permission group - -- Method: `GET` -- Params: none -- Response: - -```json -{ - "is_moderator": bool, - "is_admin": bool -} -``` - -### Add user in permission group - -- Method: `POST` -- Params: none -- Response: - - On failure: `{"error": "…"}` - - On success: JSON of the `user.info` - -### Remove user from permission group - -- Method: `DELETE` -- Params: none -- Response: - - On failure: `{"error": "…"}` - - On success: JSON of the `user.info` -- Note: An admin cannot revoke their own admin status. - -## `/api/pleroma/admin/users/:nickname/activation_status` - -### Active or deactivate a user - -- Method: `PUT` -- Params: - - `nickname` - - `status` BOOLEAN field, false value means deactivation. - -## `/api/pleroma/admin/users/:nickname_or_id` - -### Retrive the details of a user - -- Method: `GET` -- Params: - - `nickname` or `id` -- Response: - - On failure: `Not found` - - On success: JSON of the user - -## `/api/pleroma/admin/users/:nickname_or_id/statuses` - -### Retrive user's latest statuses - -- Method: `GET` -- Params: - - `nickname` or `id` - - *optional* `page_size`: number of statuses to return (default is `20`) - - *optional* `godmode`: `true`/`false` – allows to see private statuses -- Response: - - On failure: `Not found` - - On success: JSON array of user's latest statuses - -## `/api/pleroma/admin/relay` - -### Follow a Relay - -- Methods: `POST` -- Params: - - `relay_url` -- Response: - - On success: URL of the followed relay - -### Unfollow a Relay - -- Methods: `DELETE` -- Params: - - `relay_url` -- Response: - - On success: URL of the unfollowed relay - -## `/api/pleroma/admin/users/invite_token` - -### Create an account registration invite token - -- Methods: `POST` -- Params: - - *optional* `max_use` (integer) - - *optional* `expires_at` (date string e.g. "2019-04-07") -- Response: - -```json -{ - "id": integer, - "token": string, - "used": boolean, - "expires_at": date, - "uses": integer, - "max_use": integer, - "invite_type": string (possible values: `one_time`, `reusable`, `date_limited`, `reusable_date_limited`) -} -``` - -## `/api/pleroma/admin/users/invites` - -### Get a list of generated invites - -- Methods: `GET` -- Params: none -- Response: - -```json -{ - - "invites": [ - { - "id": integer, - "token": string, - "used": boolean, - "expires_at": date, - "uses": integer, - "max_use": integer, - "invite_type": string (possible values: `one_time`, `reusable`, `date_limited`, `reusable_date_limited`) - }, - ... - ] -} -``` - -## `/api/pleroma/admin/users/revoke_invite` - -### Revoke invite by token - -- Methods: `POST` -- Params: - - `token` -- Response: - -```json -{ - "id": integer, - "token": string, - "used": boolean, - "expires_at": date, - "uses": integer, - "max_use": integer, - "invite_type": string (possible values: `one_time`, `reusable`, `date_limited`, `reusable_date_limited`) - -} -``` - - -## `/api/pleroma/admin/users/email_invite` - -### Sends registration invite via email - -- Methods: `POST` -- Params: - - `email` - - `name`, optional - -## `/api/pleroma/admin/users/:nickname/password_reset` - -### Get a password reset token for a given nickname - -- Methods: `GET` -- Params: none -- Response: - -```json -{ - "token": "base64 reset token", - "link": "https://pleroma.social/api/pleroma/password_reset/url-encoded-base64-token" -} -``` - - -## `/api/pleroma/admin/users/:nickname/force_password_reset` - -### Force passord reset for a user with a given nickname - -- Methods: `PATCH` -- Params: none -- Response: none (code `204`) - -## `/api/pleroma/admin/reports` -### Get a list of reports -- Method `GET` -- Params: - - *optional* `state`: **string** the state of reports. Valid values are `open`, `closed` and `resolved` - - *optional* `limit`: **integer** the number of records to retrieve - - *optional* `page`: **integer** page number - - *optional* `page_size`: **integer** number of log entries per page (default is `50`) -- Response: - - On failure: 403 Forbidden error `{"error": "error_msg"}` when requested by anonymous or non-admin - - On success: JSON, returns a list of reports, where: - - `account`: the user who has been reported - - `actor`: the user who has sent the report - - `statuses`: list of statuses that have been included to the report - -```json -{ - "total" : 1, - "reports": [ - { - "account": { - "acct": "user", - "avatar": "https://pleroma.example.org/images/avi.png", - "avatar_static": "https://pleroma.example.org/images/avi.png", - "bot": false, - "created_at": "2019-04-23T17:32:04.000Z", - "display_name": "User", - "emojis": [], - "fields": [], - "followers_count": 1, - "following_count": 1, - "header": "https://pleroma.example.org/images/banner.png", - "header_static": "https://pleroma.example.org/images/banner.png", - "id": "9i6dAJqSGSKMzLG2Lo", - "locked": false, - "note": "", - "pleroma": { - "confirmation_pending": false, - "hide_favorites": true, - "hide_followers": false, - "hide_follows": false, - "is_admin": false, - "is_moderator": false, - "relationship": {}, - "tags": [] - }, - "source": { - "note": "", - "pleroma": {}, - "sensitive": false - }, - "tags": ["force_unlisted"], - "statuses_count": 3, - "url": "https://pleroma.example.org/users/user", - "username": "user" - }, - "actor": { - "acct": "lain", - "avatar": "https://pleroma.example.org/images/avi.png", - "avatar_static": "https://pleroma.example.org/images/avi.png", - "bot": false, - "created_at": "2019-03-28T17:36:03.000Z", - "display_name": "Roger Braun", - "emojis": [], - "fields": [], - "followers_count": 1, - "following_count": 1, - "header": "https://pleroma.example.org/images/banner.png", - "header_static": "https://pleroma.example.org/images/banner.png", - "id": "9hEkA5JsvAdlSrocam", - "locked": false, - "note": "", - "pleroma": { - "confirmation_pending": false, - "hide_favorites": false, - "hide_followers": false, - "hide_follows": false, - "is_admin": false, - "is_moderator": false, - "relationship": {}, - "tags": [] - }, - "source": { - "note": "", - "pleroma": {}, - "sensitive": false - }, - "tags": ["force_unlisted"], - "statuses_count": 1, - "url": "https://pleroma.example.org/users/lain", - "username": "lain" - }, - "content": "Please delete it", - "created_at": "2019-04-29T19:48:15.000Z", - "id": "9iJGOv1j8hxuw19bcm", - "state": "open", - "statuses": [ - { - "account": { ... }, - "application": { - "name": "Web", - "website": null - }, - "bookmarked": false, - "card": null, - "content": "@lain click on my link https://www.google.com/", - "created_at": "2019-04-23T19:15:47.000Z", - "emojis": [], - "favourited": false, - "favourites_count": 0, - "id": "9i6mQ9uVrrOmOime8m", - "in_reply_to_account_id": null, - "in_reply_to_id": null, - "language": null, - "media_attachments": [], - "mentions": [ - { - "acct": "lain", - "id": "9hEkA5JsvAdlSrocam", - "url": "https://pleroma.example.org/users/lain", - "username": "lain" - }, - { - "acct": "user", - "id": "9i6dAJqSGSKMzLG2Lo", - "url": "https://pleroma.example.org/users/user", - "username": "user" - } - ], - "muted": false, - "pinned": false, - "pleroma": { - "content": { - "text/plain": "@lain click on my link https://www.google.com/" - }, - "conversation_id": 28, - "in_reply_to_account_acct": null, - "local": true, - "spoiler_text": { - "text/plain": "" - } - }, - "reblog": null, - "reblogged": false, - "reblogs_count": 0, - "replies_count": 0, - "sensitive": false, - "spoiler_text": "", - "tags": [], - "uri": "https://pleroma.example.org/objects/8717b90f-8e09-4b58-97b0-e3305472b396", - "url": "https://pleroma.example.org/notice/9i6mQ9uVrrOmOime8m", - "visibility": "direct" - } - ] - } - ] -} -``` - -## `/api/pleroma/admin/reports/:id` -### Get an individual report -- Method `GET` -- Params: - - `id` -- Response: - - On failure: - - 403 Forbidden `{"error": "error_msg"}` - - 404 Not Found `"Not found"` - - On success: JSON, Report object (see above) - -## `/api/pleroma/admin/reports/:id` -### Change the state of the report -- Method `PUT` -- Params: - - `id` - - `state`: required, the new state. Valid values are `open`, `closed` and `resolved` -- Response: - - On failure: - - 400 Bad Request `"Unsupported state"` - - 403 Forbidden `{"error": "error_msg"}` - - 404 Not Found `"Not found"` - - On success: JSON, Report object (see above) - -## `/api/pleroma/admin/reports/:id/respond` -### Respond to a report -- Method `POST` -- Params: - - `id` - - `status`: required, the message -- Response: - - On failure: - - 400 Bad Request `"Invalid parameters"` when `status` is missing - - 403 Forbidden `{"error": "error_msg"}` - - 404 Not Found `"Not found"` - - On success: JSON, created Mastodon Status entity - -```json -{ - "account": { ... }, - "application": { - "name": "Web", - "website": null - }, - "bookmarked": false, - "card": null, - "content": "Your claim is going to be closed", - "created_at": "2019-05-11T17:13:03.000Z", - "emojis": [], - "favourited": false, - "favourites_count": 0, - "id": "9ihuiSL1405I65TmEq", - "in_reply_to_account_id": null, - "in_reply_to_id": null, - "language": null, - "media_attachments": [], - "mentions": [ - { - "acct": "user", - "id": "9i6dAJqSGSKMzLG2Lo", - "url": "https://pleroma.example.org/users/user", - "username": "user" - }, - { - "acct": "admin", - "id": "9hEkA5JsvAdlSrocam", - "url": "https://pleroma.example.org/users/admin", - "username": "admin" - } - ], - "muted": false, - "pinned": false, - "pleroma": { - "content": { - "text/plain": "Your claim is going to be closed" - }, - "conversation_id": 35, - "in_reply_to_account_acct": null, - "local": true, - "spoiler_text": { - "text/plain": "" - } - }, - "reblog": null, - "reblogged": false, - "reblogs_count": 0, - "replies_count": 0, - "sensitive": false, - "spoiler_text": "", - "tags": [], - "uri": "https://pleroma.example.org/objects/cab0836d-9814-46cd-a0ea-529da9db5fcb", - "url": "https://pleroma.example.org/notice/9ihuiSL1405I65TmEq", - "visibility": "direct" -} -``` - -## `/api/pleroma/admin/statuses/:id` -### Change the scope of an individual reported status -- Method `PUT` -- Params: - - `id` - - `sensitive`: optional, valid values are `true` or `false` - - `visibility`: optional, valid values are `public`, `private` and `unlisted` -- Response: - - On failure: - - 400 Bad Request `"Unsupported visibility"` - - 403 Forbidden `{"error": "error_msg"}` - - 404 Not Found `"Not found"` - - On success: JSON, Mastodon Status entity - -## `/api/pleroma/admin/statuses/:id` -### Delete an individual reported status -- Method `DELETE` -- Params: - - `id` -- Response: - - On failure: - - 403 Forbidden `{"error": "error_msg"}` - - 404 Not Found `"Not found"` - - On success: 200 OK `{}` - - -## `/api/pleroma/admin/config/migrate_to_db` -### Run mix task pleroma.config migrate_to_db -Copy settings on key `:pleroma` to DB. -- Method `GET` -- Params: none -- Response: - -```json -{} -``` - -## `/api/pleroma/admin/config/migrate_from_db` -### Run mix task pleroma.config migrate_from_db -Copy all settings from DB to `config/prod.exported_from_db.secret.exs` with deletion from DB. -- Method `GET` -- Params: none -- Response: - -```json -{} -``` - -## `/api/pleroma/admin/config` -### List config settings -List config settings only works with `:pleroma => :instance => :dynamic_configuration` setting to `true`. -- Method `GET` -- Params: none -- Response: - -```json -{ - configs: [ - { - "group": string, - "key": string or string with leading `:` for atoms, - "value": string or {} or [] or {"tuple": []} - } - ] -} -``` - -## `/api/pleroma/admin/config` -### Update config settings -Updating config settings only works with `:pleroma => :instance => :dynamic_configuration` setting to `true`. -Module name can be passed as string, which starts with `Pleroma`, e.g. `"Pleroma.Upload"`. -Atom keys and values can be passed with `:` in the beginning, e.g. `":upload"`. -Tuples can be passed as `{"tuple": ["first_val", Pleroma.Module, []]}`. -`{"tuple": ["some_string", "Pleroma.Some.Module", []]}` will be converted to `{"some_string", Pleroma.Some.Module, []}`. -Keywords can be passed as lists with 2 child tuples, e.g. -`[{"tuple": ["first_val", Pleroma.Module]}, {"tuple": ["second_val", true]}]`. - -If value contains list of settings `[subkey: val1, subkey2: val2, subkey3: val3]`, it's possible to remove only subkeys instead of all settings passing `subkeys` parameter. E.g.: -{"group": "pleroma", "key": "some_key", "delete": "true", "subkeys": [":subkey", ":subkey3"]}. - -Compile time settings (need instance reboot): -- all settings by this keys: - - `:hackney_pools` - - `:chat` - - `Pleroma.Web.Endpoint` - - `Pleroma.Repo` -- part settings: - - `Pleroma.Captcha` -> `:seconds_valid` - - `Pleroma.Upload` -> `:proxy_remote` - - `:instance` -> `:upload_limit` - -- Method `POST` -- Params: - - `configs` => [ - - `group` (string) - - `key` (string or string with leading `:` for atoms) - - `value` (string, [], {} or {"tuple": []}) - - `delete` = true (optional, if parameter must be deleted) - - `subkeys` [(string with leading `:` for atoms)] (optional, works only if `delete=true` parameter is passed, otherwise will be ignored) - ] - -- Request (example): - -```json -{ - configs: [ - { - "group": "pleroma", - "key": "Pleroma.Upload", - "value": [ - {"tuple": [":uploader", "Pleroma.Uploaders.Local"]}, - {"tuple": [":filters", ["Pleroma.Upload.Filter.Dedupe"]]}, - {"tuple": [":link_name", true]}, - {"tuple": [":proxy_remote", false]}, - {"tuple": [":proxy_opts", [ - {"tuple": [":redirect_on_failure", false]}, - {"tuple": [":max_body_length", 1048576]}, - {"tuple": [":http": [ - {"tuple": [":follow_redirect", true]}, - {"tuple": [":pool", ":upload"]}, - ]]} - ] - ]}, - {"tuple": [":dispatch", { - "tuple": ["/api/v1/streaming", "Pleroma.Web.MastodonAPI.WebsocketHandler", []] - }]} - ] - } - ] -} -``` - -- Response: - -```json -{ - configs: [ - { - "group": string, - "key": string or string with leading `:` for atoms, - "value": string or {} or [] or {"tuple": []} - } - ] -} -``` - -## `/api/pleroma/admin/moderation_log` -### Get moderation log -- Method `GET` -- Params: - - *optional* `page`: **integer** page number - - *optional* `page_size`: **integer** number of log entries per page (default is `50`) - - *optional* `start_date`: **datetime (ISO 8601)** filter logs by creation date, start from `start_date`. Accepts datetime in ISO 8601 format (YYYY-MM-DDThh:mm:ss), e.g. `2005-08-09T18:31:42` - - *optional* `end_date`: **datetime (ISO 8601)** filter logs by creation date, end by from `end_date`. Accepts datetime in ISO 8601 format (YYYY-MM-DDThh:mm:ss), e.g. 2005-08-09T18:31:42 - - *optional* `user_id`: **integer** filter logs by actor's id - - *optional* `search`: **string** search logs by the log message -- Response: - -```json -[ - { - "data": { - "actor": { - "id": 1, - "nickname": "lain" - }, - "action": "relay_follow" - }, - "time": 1502812026, // timestamp - "message": "[2017-08-15 15:47:06] @nick0 followed relay: https://example.org/relay" // log message - } -] -``` - -## `POST /api/pleroma/admin/reload_emoji` -### Reload the instance's custom emoji -* Method `POST` -* Authentication: required -* Params: None -* Response: JSON, "ok" and 200 status diff --git a/docs/api/differences_in_mastoapi_responses.md b/docs/api/differences_in_mastoapi_responses.md deleted file mode 100644 index d007a69c3..000000000 --- a/docs/api/differences_in_mastoapi_responses.md +++ /dev/null @@ -1,149 +0,0 @@ -# Differences in Mastodon API responses from vanilla Mastodon - -A Pleroma instance can be identified by " (compatible; Pleroma )" present in `version` field in response from `/api/v1/instance` - -## Flake IDs - -Pleroma uses 128-bit ids as opposed to Mastodon's 64 bits. However just like Mastodon's ids they are sortable strings - -## Attachment cap - -Some apps operate under the assumption that no more than 4 attachments can be returned or uploaded. Pleroma however does not enforce any limits on attachment count neither when returning the status object nor when posting. - -## Timelines - -Adding the parameter `with_muted=true` to the timeline queries will also return activities by muted (not by blocked!) users. - -## Statuses - -- `visibility`: has an additional possible value `list` - -Has these additional fields under the `pleroma` object: - -- `local`: true if the post was made on the local instance -- `conversation_id`: the ID of the AP context the status is associated with (if any) -- `direct_conversation_id`: the ID of the Mastodon direct message conversation the status is associated with (if any) -- `in_reply_to_account_acct`: the `acct` property of User entity for replied user (if any) -- `content`: a map consisting of alternate representations of the `content` property with the key being it's mimetype. Currently the only alternate representation supported is `text/plain` -- `spoiler_text`: a map consisting of alternate representations of the `spoiler_text` property with the key being it's mimetype. Currently the only alternate representation supported is `text/plain` -- `expires_at`: a datetime (iso8601) that states when the post will expire (be deleted automatically), or empty if the post won't expire -- `thread_muted`: true if the thread the post belongs to is muted - -## Attachments - -Has these additional fields under the `pleroma` object: - -- `mime_type`: mime type of the attachment. - -## Accounts - -The `id` parameter can also be the `nickname` of the user. This only works in these endpoints, not the deeper nested ones for following etc. - -- `/api/v1/accounts/:id` -- `/api/v1/accounts/:id/statuses` - -Has these additional fields under the `pleroma` object: - -- `tags`: Lists an array of tags for the user -- `relationship{}`: Includes fields as documented for Mastodon API https://docs.joinmastodon.org/api/entities/#relationship -- `is_moderator`: boolean, nullable, true if user is a moderator -- `is_admin`: boolean, nullable, true if user is an admin -- `confirmation_pending`: boolean, true if a new user account is waiting on email confirmation to be activated -- `hide_followers`: boolean, true when the user has follower hiding enabled -- `hide_follows`: boolean, true when the user has follow hiding enabled -- `hide_followers_count`: boolean, true when the user has follower stat hiding enabled -- `hide_follows_count`: boolean, true when the user has follow stat hiding enabled -- `settings_store`: A generic map of settings for frontends. Opaque to the backend. Only returned in `verify_credentials` and `update_credentials` -- `chat_token`: The token needed for Pleroma chat. Only returned in `verify_credentials` -- `deactivated`: boolean, true when the user is deactivated - -### Source - -Has these additional fields under the `pleroma` object: - -- `show_role`: boolean, nullable, true when the user wants his role (e.g admin, moderator) to be shown -- `no_rich_text` - boolean, nullable, true when html tags are stripped from all statuses requested from the API - -## Conversations - -Has an additional field under the `pleroma` object: - -- `recipients`: The list of the recipients of this Conversation. These will be addressed when replying to this conversation. - -## Account Search - -Behavior has changed: - -- `/api/v1/accounts/search`: Does not require authentication - - -## Notifications - -Has these additional fields under the `pleroma` object: - -- `is_seen`: true if the notification was read by the user - -## POST `/api/v1/statuses` - -Additional parameters can be added to the JSON body/Form data: - -- `preview`: boolean, if set to `true` the post won't be actually posted, but the status entitiy would still be rendered back. This could be useful for previewing rich text/custom emoji, for example. -- `content_type`: string, contain the MIME type of the status, it is transformed into HTML by the backend. You can get the list of the supported MIME types with the nodeinfo endpoint. -- `to`: A list of nicknames (like `lain@soykaf.club` or `lain` on the local server) that will be used to determine who is going to be addressed by this post. Using this will disable the implicit addressing by mentioned names in the `status` body, only the people in the `to` list will be addressed. The normal rules for for post visibility are not affected by this and will still apply. -- `visibility`: string, besides standard MastoAPI values (`direct`, `private`, `unlisted` or `public`) it can be used to address a List by setting it to `list:LIST_ID`. -- `expires_in`: The number of seconds the posted activity should expire in. When a posted activity expires it will be deleted from the server, and a delete request for it will be federated. This needs to be longer than an hour. -- `in_reply_to_conversation_id`: Will reply to a given conversation, addressing only the people who are part of the recipient set of that conversation. Sets the visibility to `direct`. - -## GET `/api/v1/statuses` - -An endpoint to get multiple statuses by IDs. - -Required parameters: - -- `ids`: array of activity ids - -Usage example: `GET /api/v1/statuses/?ids[]=1&ids[]=2`. - -Returns: array of Status. - -The maximum number of statuses is limited to 100 per request. - -## PATCH `/api/v1/update_credentials` - -Additional parameters can be added to the JSON body/Form data: - -- `no_rich_text` - if true, html tags are stripped from all statuses requested from the API -- `hide_followers` - if true, user's followers will be hidden -- `hide_follows` - if true, user's follows will be hidden -- `hide_followers_count` - if true, user's follower count will be hidden -- `hide_follows_count` - if true, user's follow count will be hidden -- `hide_favorites` - if true, user's favorites timeline will be hidden -- `show_role` - if true, user's role (e.g admin, moderator) will be exposed to anyone in the API -- `default_scope` - the scope returned under `privacy` key in Source subentity -- `pleroma_settings_store` - Opaque user settings to be saved on the backend. -- `skip_thread_containment` - if true, skip filtering out broken threads -- `pleroma_background_image` - sets the background image of the user. - -### Pleroma Settings Store -Pleroma has mechanism that allows frontends to save blobs of json for each user on the backend. This can be used to save frontend-specific settings for a user that the backend does not need to know about. - -The parameter should have a form of `{frontend_name: {...}}`, with `frontend_name` identifying your type of client, e.g. `pleroma_fe`. It will overwrite everything under this property, but will not overwrite other frontend's settings. - -This information is returned in the `verify_credentials` endpoint. - -## Authentication - -*Pleroma supports refreshing tokens. - -`POST /oauth/token` -Post here request with grant_type=refresh_token to obtain new access token. Returns an access token. - -## Account Registration -`POST /api/v1/accounts` - -Has theses additionnal parameters (which are the same as in Pleroma-API): - * `fullname`: optional - * `bio`: optional - * `captcha_solution`: optional, contains provider-specific captcha solution, - * `captcha_token`: optional, contains provider-specific captcha token - * `token`: invite token required when the registerations aren't public. diff --git a/docs/api/pleroma_api.md b/docs/api/pleroma_api.md deleted file mode 100644 index 41889a0ef..000000000 --- a/docs/api/pleroma_api.md +++ /dev/null @@ -1,473 +0,0 @@ -# Pleroma API - -Requests that require it can be authenticated with [an OAuth token](https://tools.ietf.org/html/rfc6749), the `_pleroma_key` cookie, or [HTTP Basic Authentication](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Authorization). - -Request parameters can be passed via [query strings](https://en.wikipedia.org/wiki/Query_string) or as [form data](https://www.w3.org/TR/html401/interact/forms.html). Files must be uploaded as `multipart/form-data`. - -## `/api/pleroma/emoji` -### Lists the custom emoji on that server. -* Method: `GET` -* Authentication: not required -* Params: none -* Response: JSON -* Example response: -```json -{ - "girlpower": { - "tags": [ - "Finmoji" - ], - "image_url": "/finmoji/128px/girlpower-128.png" - }, - "education": { - "tags": [ - "Finmoji" - ], - "image_url": "/finmoji/128px/education-128.png" - }, - "finnishlove": { - "tags": [ - "Finmoji" - ], - "image_url": "/finmoji/128px/finnishlove-128.png" - } -} -``` -* Note: Same data as Mastodon API’s `/api/v1/custom_emojis` but in a different format - -## `/api/pleroma/follow_import` -### Imports your follows, for example from a Mastodon CSV file. -* Method: `POST` -* Authentication: required -* Params: - * `list`: STRING or FILE containing a whitespace-separated list of accounts to follow -* Response: HTTP 200 on success, 500 on error -* Note: Users that can't be followed are silently skipped. - -## `/api/pleroma/captcha` -### Get a new captcha -* Method: `GET` -* Authentication: not required -* Params: none -* Response: Provider specific JSON, the only guaranteed parameter is `type` -* Example response: `{"type": "kocaptcha", "token": "whatever", "url": "https://captcha.kotobank.ch/endpoint"}` - -## `/api/pleroma/delete_account` -### Delete an account -* Method `POST` -* Authentication: required -* Params: - * `password`: user's password -* Response: JSON. Returns `{"status": "success"}` if the deletion was successful, `{"error": "[error message]"}` otherwise -* Example response: `{"error": "Invalid password."}` - -## `/api/pleroma/disable_account` -### Disable an account -* Method `POST` -* Authentication: required -* Params: - * `password`: user's password -* Response: JSON. Returns `{"status": "success"}` if the account was successfully disabled, `{"error": "[error message]"}` otherwise -* Example response: `{"error": "Invalid password."}` - -## `/api/account/register` -### Register a new user -* Method `POST` -* Authentication: not required -* Params: - * `nickname` - * `fullname` - * `bio` - * `email` - * `password` - * `confirm` - * `captcha_solution`: optional, contains provider-specific captcha solution, - * `captcha_token`: optional, contains provider-specific captcha token - * `token`: invite token required when the registrations aren't public. -* Response: JSON. Returns a user object on success, otherwise returns `{"error": "error_msg"}` -* Example response: -```json -{ - "background_image": null, - "cover_photo": "https://pleroma.soykaf.com/images/banner.png", - "created_at": "Tue Dec 18 16:55:56 +0000 2018", - "default_scope": "public", - "description": "blushy-crushy fediverse idol + pleroma dev\nlet's be friends \nぷれろまの生徒会長。謎の外人。日本語OK. \n公主病.", - "description_html": "blushy-crushy fediverse idol + pleroma dev.
let's be friends
ぷれろまの生徒会長。謎の外人。日本語OK.
公主病.", - "favourites_count": 0, - "fields": [], - "followers_count": 0, - "following": false, - "follows_you": false, - "friends_count": 0, - "id": 6, - "is_local": true, - "locked": false, - "name": "lain", - "name_html": "lain", - "no_rich_text": false, - "pleroma": { - "tags": [] - }, - "profile_image_url": "https://pleroma.soykaf.com/images/avi.png", - "profile_image_url_https": "https://pleroma.soykaf.com/images/avi.png", - "profile_image_url_original": "https://pleroma.soykaf.com/images/avi.png", - "profile_image_url_profile_size": "https://pleroma.soykaf.com/images/avi.png", - "rights": { - "delete_others_notice": false - }, - "screen_name": "lain", - "statuses_count": 0, - "statusnet_blocking": false, - "statusnet_profile_url": "https://pleroma.soykaf.com/users/lain" -} -``` - -## `/api/pleroma/admin/`… -See [Admin-API](Admin-API.md) - -## `/api/v1/pleroma/notifications/read` -### Mark notifications as read -* Method `POST` -* Authentication: required -* Params (mutually exclusive): - * `id`: a single notification id to read - * `max_id`: read all notifications up to this id -* Response: Notification entity/Array of Notification entities that were read. In case of `max_id`, only the first 80 read notifications will be returned. - -## `/api/v1/pleroma/accounts/:id/subscribe` -### Subscribe to receive notifications for all statuses posted by a user -* Method `POST` -* Authentication: required -* Params: - * `id`: account id to subscribe to -* Response: JSON, returns a mastodon relationship object on success, otherwise returns `{"error": "error_msg"}` -* Example response: -```json -{ - "id": "abcdefg", - "following": true, - "followed_by": false, - "blocking": false, - "muting": false, - "muting_notifications": false, - "subscribing": true, - "requested": false, - "domain_blocking": false, - "showing_reblogs": true, - "endorsed": false -} -``` - -## `/api/v1/pleroma/accounts/:id/unsubscribe` -### Unsubscribe to stop receiving notifications from user statuses -* Method `POST` -* Authentication: required -* Params: - * `id`: account id to unsubscribe from -* Response: JSON, returns a mastodon relationship object on success, otherwise returns `{"error": "error_msg"}` -* Example response: -```json -{ - "id": "abcdefg", - "following": true, - "followed_by": false, - "blocking": false, - "muting": false, - "muting_notifications": false, - "subscribing": false, - "requested": false, - "domain_blocking": false, - "showing_reblogs": true, - "endorsed": false -} -``` - -## `/api/v1/pleroma/accounts/:id/favourites` -### Returns favorites timeline of any user -* Method `GET` -* Authentication: not required -* Params: - * `id`: the id of the account for whom to return results - * `limit`: optional, the number of records to retrieve - * `since_id`: optional, returns results that are more recent than the specified id - * `max_id`: optional, returns results that are older than the specified id -* Response: JSON, returns a list of Mastodon Status entities on success, otherwise returns `{"error": "error_msg"}` -* Example response: -```json -[ - { - "account": { - "id": "9hptFmUF3ztxYh3Svg", - "url": "https://pleroma.example.org/users/nick2", - "username": "nick2", - ... - }, - "application": {"name": "Web", "website": null}, - "bookmarked": false, - "card": null, - "content": "This is :moominmamma: note 0", - "created_at": "2019-04-15T15:42:15.000Z", - "emojis": [], - "favourited": false, - "favourites_count": 1, - "id": "9hptFmVJ02khbzYJaS", - "in_reply_to_account_id": null, - "in_reply_to_id": null, - "language": null, - "media_attachments": [], - "mentions": [], - "muted": false, - "pinned": false, - "pleroma": { - "content": {"text/plain": "This is :moominmamma: note 0"}, - "conversation_id": 13679, - "local": true, - "spoiler_text": {"text/plain": "2hu"} - }, - "reblog": null, - "reblogged": false, - "reblogs_count": 0, - "replies_count": 0, - "sensitive": false, - "spoiler_text": "2hu", - "tags": [{"name": "2hu", "url": "/tag/2hu"}], - "uri": "https://pleroma.example.org/objects/198ed2a1-7912-4482-b559-244a0369e984", - "url": "https://pleroma.example.org/notice/9hptFmVJ02khbzYJaS", - "visibility": "public" - } -] -``` - -## `/api/v1/pleroma/accounts/update_*` -### Set and clear account avatar, banner, and background - -- PATCH `/api/v1/pleroma/accounts/update_avatar`: Set/clear user avatar image -- PATCH `/api/v1/pleroma/accounts/update_banner`: Set/clear user banner image -- PATCH `/api/v1/pleroma/accounts/update_background`: Set/clear user background image - -## `/api/v1/pleroma/accounts/confirmation_resend` -### Resend confirmation email -* Method `POST` -* Params: - * `email`: email of that needs to be verified -* Authentication: not required -* Response: 204 No Content - -## `/api/v1/pleroma/mascot` -### Gets user mascot image -* Method `GET` -* Authentication: required - -* Response: JSON. Returns a mastodon media attachment entity. -* Example response: -```json -{ - "id": "abcdefg", - "url": "https://pleroma.example.org/media/abcdefg.png", - "type": "image", - "pleroma": { - "mime_type": "image/png" - } -} -``` - -### Updates user mascot image -* Method `PUT` -* Authentication: required -* Params: - * `image`: Multipart image -* Response: JSON. Returns a mastodon media attachment entity - when successful, otherwise returns HTTP 415 `{"error": "error_msg"}` -* Example response: -```json -{ - "id": "abcdefg", - "url": "https://pleroma.example.org/media/abcdefg.png", - "type": "image", - "pleroma": { - "mime_type": "image/png" - } -} -``` -* Note: Behaves exactly the same as `POST /api/v1/upload`. - Can only accept images - any attempt to upload non-image files will be met with `HTTP 415 Unsupported Media Type`. - -## `/api/pleroma/notification_settings` -### Updates user notification settings -* Method `PUT` -* Authentication: required -* Params: - * `followers`: BOOLEAN field, receives notifications from followers - * `follows`: BOOLEAN field, receives notifications from people the user follows - * `remote`: BOOLEAN field, receives notifications from people on remote instances - * `local`: BOOLEAN field, receives notifications from people on the local instance -* Response: JSON. Returns `{"status": "success"}` if the update was successful, otherwise returns `{"error": "error_msg"}` - -## `/api/pleroma/healthcheck` -### Healthcheck endpoint with additional system data. -* Method `GET` -* Authentication: not required -* Params: none -* Response: JSON, statuses (200 - healthy, 503 unhealthy). -* Example response: -```json -{ - "pool_size": 0, # database connection pool - "active": 0, # active processes - "idle": 0, # idle processes - "memory_used": 0.00, # Memory used - "healthy": true # Instance state -} -``` - -## `/api/pleroma/change_email` -### Change account email -* Method `POST` -* Authentication: required -* Params: - * `password`: user's password - * `email`: new email -* Response: JSON. Returns `{"status": "success"}` if the change was successful, `{"error": "[error message]"}` otherwise -* Note: Currently, Mastodon has no API for changing email. If they add it in future it might be incompatible with Pleroma. - -# Pleroma Conversations - -Pleroma Conversations have the same general structure that Mastodon Conversations have. The behavior differs in the following ways when using these endpoints: - -1. Pleroma Conversations never add or remove recipients, unless explicitly changed by the user. -2. Pleroma Conversations statuses can be requested by Conversation id. -3. Pleroma Conversations can be replied to. - -Conversations have the additional field "recipients" under the "pleroma" key. This holds a list of all the accounts that will receive a message in this conversation. - -The status posting endpoint takes an additional parameter, `in_reply_to_conversation_id`, which, when set, will set the visiblity to direct and address only the people who are the recipients of that Conversation. - - -## `GET /api/v1/pleroma/conversations/:id/statuses` -### Timeline for a given conversation -* Method `GET` -* Authentication: required -* Params: Like other timelines -* Response: JSON, statuses (200 - healthy, 503 unhealthy). - -## `GET /api/v1/pleroma/conversations/:id` -### The conversation with the given ID. -* Method `GET` -* Authentication: required -* Params: None -* Response: JSON, statuses (200 - healthy, 503 unhealthy). - -## `PATCH /api/v1/pleroma/conversations/:id` -### Update a conversation. Used to change the set of recipients. -* Method `PATCH` -* Authentication: required -* Params: - * `recipients`: A list of ids of users that should receive posts to this conversation. This will replace the current list of recipients, so submit the full list. The owner of owner of the conversation will always be part of the set of recipients, though. -* Response: JSON, statuses (200 - healthy, 503 unhealthy) - -## `GET /api/pleroma/emoji/packs` -### Lists the custom emoji packs on the server -* Method `GET` -* Authentication: not required -* Params: None -* Response: JSON, "ok" and 200 status and the JSON hashmap of "pack name" to "pack contents" - -## `PUT /api/pleroma/emoji/packs/:name` -### Creates an empty custom emoji pack -* Method `PUT` -* Authentication: required -* Params: None -* Response: JSON, "ok" and 200 status or 409 if the pack with that name already exists - -## `DELETE /api/pleroma/emoji/packs/:name` -### Delete a custom emoji pack -* Method `DELETE` -* Authentication: required -* Params: None -* Response: JSON, "ok" and 200 status or 500 if there was an error deleting the pack - -## `POST /api/pleroma/emoji/packs/:name/update_file` -### Update a file in a custom emoji pack -* Method `POST` -* Authentication: required -* Params: - * if the `action` is `add`, adds an emoji named `shortcode` to the pack `pack_name`, - that means that the emoji file needs to be uploaded with the request - (thus requiring it to be a multipart request) and be named `file`. - There can also be an optional `filename` that will be the new emoji file name - (if it's not there, the name will be taken from the uploaded file). - * if the `action` is `update`, changes emoji shortcode - (from `shortcode` to `new_shortcode` or moves the file (from the current filename to `new_filename`) - * if the `action` is `remove`, removes the emoji named `shortcode` and it's associated file -* Response: JSON, updated "files" section of the pack and 200 status, 409 if the trying to use a shortcode - that is already taken, 400 if there was an error with the shortcode, filename or file (additional info - in the "error" part of the response JSON) - -## `POST /api/pleroma/emoji/packs/:name/update_metadata` -### Updates (replaces) pack metadata -* Method `POST` -* Authentication: required -* Params: - * `new_data`: new metadata to replace the old one -* Response: JSON, updated "metadata" section of the pack and 200 status or 400 if there was a - problem with the new metadata (the error is specified in the "error" part of the response JSON) - -## `POST /api/pleroma/emoji/packs/download_from` -### Requests the instance to download the pack from another instance -* Method `POST` -* Authentication: required -* Params: - * `instance_address`: the address of the instance to download from - * `pack_name`: the pack to download from that instance -* Response: JSON, "ok" and 200 status if the pack was downloaded, or 500 if there were - errors downloading the pack - -## `POST /api/pleroma/emoji/packs/list_from` -### Requests the instance to list the packs from another instance -* Method `POST` -* Authentication: required -* Params: - * `instance_address`: the address of the instance to download from -* Response: JSON with the pack list, same as if the request was made to that instance's - list endpoint directly + 200 status - -## `GET /api/pleroma/emoji/packs/:name/download_shared` -### Requests a local pack from the instance -* Method `GET` -* Authentication: not required -* Params: None -* Response: the archive of the pack with a 200 status code, 403 if the pack is not set as shared, - 404 if the pack does not exist - -## `GET /api/v1/pleroma/accounts/:id/scrobbles` -### Requests a list of current and recent Listen activities for an account -* Method `GET` -* Authentication: not required -* Params: None -* Response: An array of media metadata entities. -* Example response: -```json -[ - { - "account": {...}, - "id": "1234", - "title": "Some Title", - "artist": "Some Artist", - "album": "Some Album", - "length": 180000, - "created_at": "2019-09-28T12:40:45.000Z" - } -] -``` - -## `POST /api/v1/pleroma/scrobble` -### Creates a new Listen activity for an account -* Method `POST` -* Authentication: required -* Params: - * `title`: the title of the media playing - * `album`: the album of the media playing [optional] - * `artist`: the artist of the media playing [optional] - * `length`: the length of the media playing [optional] -* Response: the newly created media metadata entity representing the Listen activity diff --git a/docs/api/prometheus.md b/docs/api/prometheus.md deleted file mode 100644 index 19c564e3c..000000000 --- a/docs/api/prometheus.md +++ /dev/null @@ -1,22 +0,0 @@ -# Prometheus Metrics - -Pleroma includes support for exporting metrics via the [prometheus_ex](https://github.com/deadtrickster/prometheus.ex) library. - -## `/api/pleroma/app_metrics` -### Exports Prometheus application metrics -* Method: `GET` -* Authentication: not required -* Params: none -* Response: JSON - -## Grafana -### Config example -The following is a config example to use with [Grafana](https://grafana.com) - -``` - - job_name: 'beam' - metrics_path: /api/pleroma/app_metrics - scheme: https - static_configs: - - targets: ['pleroma.soykaf.com'] -``` diff --git a/docs/config.md b/docs/config.md deleted file mode 100644 index 262d15bba..000000000 --- a/docs/config.md +++ /dev/null @@ -1,773 +0,0 @@ -# Configuration - -This file describe the configuration, it is recommended to edit the relevant *.secret.exs file instead of the others founds in the ``config`` directory. -If you run Pleroma with ``MIX_ENV=prod`` the file is ``prod.secret.exs``, otherwise it is ``dev.secret.exs``. - -## Pleroma.Upload -* `uploader`: Select which `Pleroma.Uploaders` to use -* `filters`: List of `Pleroma.Upload.Filter` to use. -* `link_name`: When enabled Pleroma will add a `name` parameter to the url of the upload, for example `https://instance.tld/media/corndog.png?name=corndog.png`. This is needed to provide the correct filename in Content-Disposition headers when using filters like `Pleroma.Upload.Filter.Dedupe` -* `base_url`: The base URL to access a user-uploaded file. Useful when you want to proxy the media files via another host. -* `proxy_remote`: If you're using a remote uploader, Pleroma will proxy media requests instead of redirecting to it. -* `proxy_opts`: Proxy options, see `Pleroma.ReverseProxy` documentation. - -Note: `strip_exif` has been replaced by `Pleroma.Upload.Filter.Mogrify`. - -## Pleroma.Uploaders.Local -* `uploads`: Which directory to store the user-uploads in, relative to pleroma’s working directory - -## Pleroma.Uploaders.S3 -* `bucket`: S3 bucket name -* `bucket_namespace`: S3 bucket namespace -* `public_endpoint`: S3 endpoint that the user finally accesses(ex. "https://s3.dualstack.ap-northeast-1.amazonaws.com") -* `truncated_namespace`: If you use S3 compatible service such as Digital Ocean Spaces or CDN, set folder name or "" etc. -For example, when using CDN to S3 virtual host format, set "". -At this time, write CNAME to CDN in public_endpoint. -* `streaming_enabled`: Enable streaming uploads, when enabled the file will be sent to the server in chunks as it's being read. This may be unsupported by some providers, try disabling this if you have upload problems. - -## Pleroma.Upload.Filter.Mogrify - -* `args`: List of actions for the `mogrify` command like `"strip"` or `["strip", "auto-orient", {"implode", "1"}]`. - -## Pleroma.Upload.Filter.Dedupe - -No specific configuration. - -## Pleroma.Upload.Filter.AnonymizeFilename - -This filter replaces the filename (not the path) of an upload. For complete obfuscation, add -`Pleroma.Upload.Filter.Dedupe` before AnonymizeFilename. - -* `text`: Text to replace filenames in links. If empty, `{random}.extension` will be used. You can get the original filename extension by using `{extension}`, for example `custom-file-name.{extension}`. - -## Pleroma.Emails.Mailer -* `adapter`: one of the mail adapters listed in [Swoosh readme](https://github.com/swoosh/swoosh#adapters), or `Swoosh.Adapters.Local` for in-memory mailbox. -* `api_key` / `password` and / or other adapter-specific settings, per the above documentation. -* `enabled`: Allows enable/disable send emails. Default: `false`. - -An example for Sendgrid adapter: - -```elixir -config :pleroma, Pleroma.Emails.Mailer, - adapter: Swoosh.Adapters.Sendgrid, - api_key: "YOUR_API_KEY" -``` - -An example for SMTP adapter: - -```elixir -config :pleroma, Pleroma.Emails.Mailer, - adapter: Swoosh.Adapters.SMTP, - relay: "smtp.gmail.com", - username: "YOUR_USERNAME@gmail.com", - password: "YOUR_SMTP_PASSWORD", - port: 465, - ssl: true, - tls: :always, - auth: :always -``` - -## :uri_schemes -* `valid_schemes`: List of the scheme part that is considered valid to be an URL - -## :instance -* `name`: The instance’s name -* `email`: Email used to reach an Administrator/Moderator of the instance -* `notify_email`: Email used for notifications. -* `description`: The instance’s description, can be seen in nodeinfo and ``/api/v1/instance`` -* `limit`: Posts character limit (CW/Subject included in the counter) -* `remote_limit`: Hard character limit beyond which remote posts will be dropped. -* `upload_limit`: File size limit of uploads (except for avatar, background, banner) -* `avatar_upload_limit`: File size limit of user’s profile avatars -* `background_upload_limit`: File size limit of user’s profile backgrounds -* `banner_upload_limit`: File size limit of user’s profile banners -* `poll_limits`: A map with poll limits for **local** polls - * `max_options`: Maximum number of options - * `max_option_chars`: Maximum number of characters per option - * `min_expiration`: Minimum expiration time (in seconds) - * `max_expiration`: Maximum expiration time (in seconds) -* `registrations_open`: Enable registrations for anyone, invitations can be enabled when false. -* `invites_enabled`: Enable user invitations for admins (depends on `registrations_open: false`). -* `account_activation_required`: Require users to confirm their emails before signing in. -* `federating`: Enable federation with other instances -* `federation_incoming_replies_max_depth`: Max. depth of reply-to activities fetching on incoming federation, to prevent out-of-memory situations while fetching very long threads. If set to `nil`, threads of any depth will be fetched. Lower this value if you experience out-of-memory crashes. -* `federation_reachability_timeout_days`: Timeout (in days) of each external federation target being unreachable prior to pausing federating to it. -* `allow_relay`: Enable Pleroma’s Relay, which makes it possible to follow a whole instance -* `rewrite_policy`: Message Rewrite Policy, either one or a list. Here are the ones available by default: - * `Pleroma.Web.ActivityPub.MRF.NoOpPolicy`: Doesn’t modify activities (default) - * `Pleroma.Web.ActivityPub.MRF.DropPolicy`: Drops all activities. It generally doesn’t makes sense to use in production - * `Pleroma.Web.ActivityPub.MRF.SimplePolicy`: Restrict the visibility of activities from certains instances (See ``:mrf_simple`` section) - * `Pleroma.Web.ActivityPub.MRF.TagPolicy`: Applies policies to individual users based on tags, which can be set using pleroma-fe/admin-fe/any other app that supports Pleroma Admin API. For example it allows marking posts from individual users nsfw (sensitive) - * `Pleroma.Web.ActivityPub.MRF.SubchainPolicy`: Selectively runs other MRF policies when messages match (see ``:mrf_subchain`` section) - * `Pleroma.Web.ActivityPub.MRF.RejectNonPublic`: Drops posts with non-public visibility settings (See ``:mrf_rejectnonpublic`` section) - * `Pleroma.Web.ActivityPub.MRF.EnsureRePrepended`: Rewrites posts to ensure that replies to posts with subjects do not have an identical subject and instead begin with re:. - * `Pleroma.Web.ActivityPub.MRF.AntiLinkSpamPolicy`: Rejects posts from likely spambots by rejecting posts from new users that contain links. - * `Pleroma.Web.ActivityPub.MRF.MediaProxyWarmingPolicy`: Crawls attachments using their MediaProxy URLs so that the MediaProxy cache is primed. - * `Pleroma.Web.ActivityPub.MRF.MentionPolicy`: Drops posts mentioning configurable users. (see `:mrf_mention` section) - * `Pleroma.Web.ActivityPub.MRF.VocabularyPolicy`: Restricts activities to a configured set of vocabulary. (see `:mrf_vocabulary` section) -* `public`: Makes the client API in authentificated mode-only except for user-profiles. Useful for disabling the Local Timeline and The Whole Known Network. -* `quarantined_instances`: List of ActivityPub instances where private(DMs, followers-only) activities will not be send. -* `managed_config`: Whenether the config for pleroma-fe is configured in this config or in ``static/config.json`` -* `allowed_post_formats`: MIME-type list of formats allowed to be posted (transformed into HTML) -* `mrf_transparency`: Make the content of your Message Rewrite Facility settings public (via nodeinfo). -* `mrf_transparency_exclusions`: Exclude specific instance names from MRF transparency. The use of the exclusions feature will be disclosed in nodeinfo as a boolean value. -* `scope_copy`: Copy the scope (private/unlisted/public) in replies to posts by default. -* `subject_line_behavior`: Allows changing the default behaviour of subject lines in replies. Valid values: - * "email": Copy and preprend re:, as in email. - * "masto": Copy verbatim, as in Mastodon. - * "noop": Don't copy the subject. -* `always_show_subject_input`: When set to false, auto-hide the subject field when it's empty. -* `extended_nickname_format`: Set to `true` to use extended local nicknames format (allows underscores/dashes). This will break federation with - older software for theses nicknames. -* `max_pinned_statuses`: The maximum number of pinned statuses. `0` will disable the feature. -* `autofollowed_nicknames`: Set to nicknames of (local) users that every new user should automatically follow. -* `no_attachment_links`: Set to true to disable automatically adding attachment link text to statuses -* `welcome_message`: A message that will be send to a newly registered users as a direct message. -* `welcome_user_nickname`: The nickname of the local user that sends the welcome message. -* `max_report_comment_size`: The maximum size of the report comment (Default: `1000`) -* `safe_dm_mentions`: If set to true, only mentions at the beginning of a post will be used to address people in direct messages. This is to prevent accidental mentioning of people when talking about them (e.g. "@friend hey i really don't like @enemy"). Default: `false`. -* `healthcheck`: If set to true, system data will be shown on ``/api/pleroma/healthcheck``. -* `remote_post_retention_days`: The default amount of days to retain remote posts when pruning the database. -* `user_bio_length`: A user bio maximum length (default: `5000`) -* `user_name_length`: A user name maximum length (default: `100`) -* `skip_thread_containment`: Skip filter out broken threads. The default is `false`. -* `limit_to_local_content`: Limit unauthenticated users to search for local statutes and users only. Possible values: `:unauthenticated`, `:all` and `false`. The default is `:unauthenticated`. -* `dynamic_configuration`: Allow transferring configuration to DB with the subsequent customization from Admin api. -* `max_account_fields`: The maximum number of custom fields in the user profile (default: `10`) -* `max_remote_account_fields`: The maximum number of custom fields in the remote user profile (default: `20`) -* `account_field_name_length`: An account field name maximum length (default: `512`) -* `account_field_value_length`: An account field value maximum length (default: `2048`) -* `external_user_synchronization`: Enabling following/followers counters synchronization for external users. - - - -## :logger -* `backends`: `:console` is used to send logs to stdout, `{ExSyslogger, :ex_syslogger}` to log to syslog, and `Quack.Logger` to log to Slack - -An example to enable ONLY ExSyslogger (f/ex in ``prod.secret.exs``) with info and debug suppressed: -```elixir -config :logger, - backends: [{ExSyslogger, :ex_syslogger}] - -config :logger, :ex_syslogger, - level: :warn -``` - -Another example, keeping console output and adding the pid to syslog output: -```elixir -config :logger, - backends: [:console, {ExSyslogger, :ex_syslogger}] - -config :logger, :ex_syslogger, - level: :warn, - option: [:pid, :ndelay] -``` - -See: [logger’s documentation](https://hexdocs.pm/logger/Logger.html) and [ex_syslogger’s documentation](https://hexdocs.pm/ex_syslogger/) - -An example of logging info to local syslog, but warn to a Slack channel: -```elixir -config :logger, - backends: [ {ExSyslogger, :ex_syslogger}, Quack.Logger ], - level: :info - -config :logger, :ex_syslogger, - level: :info, - ident: "pleroma", - format: "$metadata[$level] $message" - -config :quack, - level: :warn, - meta: [:all], - webhook_url: "https://hooks.slack.com/services/YOUR-API-KEY-HERE" -``` - -See the [Quack Github](https://github.com/azohra/quack) for more details - -## :frontend_configurations - -This can be used to configure a keyword list that keeps the configuration data for any kind of frontend. By default, settings for `pleroma_fe` and `masto_fe` are configured. - -Frontends can access these settings at `/api/pleroma/frontend_configurations` - -To add your own configuration for PleromaFE, use it like this: - -```elixir -config :pleroma, :frontend_configurations, - pleroma_fe: %{ - theme: "pleroma-dark", - # ... see /priv/static/static/config.json for the available keys. -}, - masto_fe: %{ - showInstanceSpecificPanel: true - } -``` - -These settings **need to be complete**, they will override the defaults. - -NOTE: for versions < 1.0, you need to set [`:fe`](#fe) to false, as shown a few lines below. - -## :fe -__THIS IS DEPRECATED__ - -If you are using this method, please change it to the [`frontend_configurations`](#frontend_configurations) method. -Please **set this option to false** in your config like this: - -```elixir -config :pleroma, :fe, false -``` - -This section is used to configure Pleroma-FE, unless ``:managed_config`` in ``:instance`` is set to false. - -* `theme`: Which theme to use, they are defined in ``styles.json`` -* `logo`: URL of the logo, defaults to Pleroma’s logo -* `logo_mask`: Whether to use only the logo's shape as a mask (true) or as a regular image (false) -* `logo_margin`: What margin to use around the logo -* `background`: URL of the background, unless viewing a user profile with a background that is set -* `redirect_root_no_login`: relative URL which indicates where to redirect when a user isn’t logged in. -* `redirect_root_login`: relative URL which indicates where to redirect when a user is logged in. -* `show_instance_panel`: Whenether to show the instance’s specific panel. -* `scope_options_enabled`: Enable setting an notice visibility and subject/CW when posting -* `formatting_options_enabled`: Enable setting a formatting different than plain-text (ie. HTML, Markdown) when posting, relates to ``:instance, allowed_post_formats`` -* `collapse_message_with_subjects`: When a message has a subject(aka Content Warning), collapse it by default -* `hide_post_stats`: Hide notices statistics(repeats, favorites, …) -* `hide_user_stats`: Hide profile statistics(posts, posts per day, followers, followings, …) - -## :assets - -This section configures assets to be used with various frontends. Currently the only option -relates to mascots on the mastodon frontend - -* `mascots`: KeywordList of mascots, each element __MUST__ contain both a `url` and a - `mime_type` key. -* `default_mascot`: An element from `mascots` - This will be used as the default mascot - on MastoFE (default: `:pleroma_fox_tan`) - -## :mrf_simple -* `media_removal`: List of instances to remove medias from -* `media_nsfw`: List of instances to put medias as NSFW(sensitive) from -* `federated_timeline_removal`: List of instances to remove from Federated (aka The Whole Known Network) Timeline -* `reject`: List of instances to reject any activities from -* `accept`: List of instances to accept any activities from -* `report_removal`: List of instances to reject reports from -* `avatar_removal`: List of instances to strip avatars from -* `banner_removal`: List of instances to strip banners from - -## :mrf_subchain -This policy processes messages through an alternate pipeline when a given message matches certain criteria. -All criteria are configured as a map of regular expressions to lists of policy modules. - -* `match_actor`: Matches a series of regular expressions against the actor field. - -Example: - -``` -config :pleroma, :mrf_subchain, - match_actor: %{ - ~r/https:\/\/example.com/s => [Pleroma.Web.ActivityPub.MRF.DropPolicy] - } -``` - -## :mrf_rejectnonpublic -* `allow_followersonly`: whether to allow followers-only posts -* `allow_direct`: whether to allow direct messages - -## :mrf_hellthread -* `delist_threshold`: Number of mentioned users after which the message gets delisted (the message can still be seen, but it will not show up in public timelines and mentioned users won't get notifications about it). Set to 0 to disable. -* `reject_threshold`: Number of mentioned users after which the messaged gets rejected. Set to 0 to disable. - -## :mrf_keyword -* `reject`: A list of patterns which result in message being rejected, each pattern can be a string or a [regular expression](https://hexdocs.pm/elixir/Regex.html) -* `federated_timeline_removal`: A list of patterns which result in message being removed from federated timelines (a.k.a unlisted), each pattern can be a string or a [regular expression](https://hexdocs.pm/elixir/Regex.html) -* `replace`: A list of tuples containing `{pattern, replacement}`, `pattern` can be a string or a [regular expression](https://hexdocs.pm/elixir/Regex.html) - -## :mrf_mention -* `actors`: A list of actors, for which to drop any posts mentioning. - -## :mrf_vocabulary -* `accept`: A list of ActivityStreams terms to accept. If empty, all supported messages are accepted. -* `reject`: A list of ActivityStreams terms to reject. If empty, no messages are rejected. - -## :media_proxy -* `enabled`: Enables proxying of remote media to the instance’s proxy -* `base_url`: The base URL to access a user-uploaded file. Useful when you want to proxy the media files via another host/CDN fronts. -* `proxy_opts`: All options defined in `Pleroma.ReverseProxy` documentation, defaults to `[max_body_length: (25*1_048_576)]`. -* `whitelist`: List of domains to bypass the mediaproxy - -## :gopher -* `enabled`: Enables the gopher interface -* `ip`: IP address to bind to -* `port`: Port to bind to -* `dstport`: Port advertised in urls (optional, defaults to `port`) - -## Pleroma.Web.Endpoint -`Phoenix` endpoint configuration, all configuration options can be viewed [here](https://hexdocs.pm/phoenix/Phoenix.Endpoint.html#module-dynamic-configuration), only common options are listed here -* `http` - a list containing http protocol configuration, all configuration options can be viewed [here](https://hexdocs.pm/plug_cowboy/Plug.Cowboy.html#module-options), only common options are listed here. For deployment using docker, you need to set this to `[ip: {0,0,0,0}, port: 4000]` to make pleroma accessible from other containers (such as your nginx server). - - `ip` - a tuple consisting of 4 integers - - `port` -* `url` - a list containing the configuration for generating urls, accepts - - `host` - the host without the scheme and a post (e.g `example.com`, not `https://example.com:2020`) - - `scheme` - e.g `http`, `https` - - `port` - - `path` -* `extra_cookie_attrs` - a list of `Key=Value` strings to be added as non-standard cookie attributes. Defaults to `["SameSite=Lax"]`. See the [SameSite article](https://www.owasp.org/index.php/SameSite) on OWASP for more info. - - - -**Important note**: if you modify anything inside these lists, default `config.exs` values will be overwritten, which may result in breakage, to make sure this does not happen please copy the default value for the list from `config.exs` and modify/add only what you need - -Example: -```elixir -config :pleroma, Pleroma.Web.Endpoint, - url: [host: "example.com", port: 2020, scheme: "https"], - http: [ - # start copied from config.exs - dispatch: [ - {:_, - [ - {"/api/v1/streaming", Pleroma.Web.MastodonAPI.WebsocketHandler, []}, - {"/websocket", Phoenix.Endpoint.CowboyWebSocket, - {Phoenix.Transports.WebSocket, - {Pleroma.Web.Endpoint, Pleroma.Web.UserSocket, websocket_config}}}, - {:_, Phoenix.Endpoint.Cowboy2Handler, {Pleroma.Web.Endpoint, []}} - ]} - # end copied from config.exs - ], - port: 8080, - ip: {127, 0, 0, 1} - ] -``` - -This will make Pleroma listen on `127.0.0.1` port `8080` and generate urls starting with `https://example.com:2020` - -## :activitypub -* ``unfollow_blocked``: Whether blocks result in people getting unfollowed -* ``outgoing_blocks``: Whether to federate blocks to other instances -* ``deny_follow_blocked``: Whether to disallow following an account that has blocked the user in question -* ``sign_object_fetches``: Sign object fetches with HTTP signatures - -## :http_security -* ``enabled``: Whether the managed content security policy is enabled -* ``sts``: Whether to additionally send a `Strict-Transport-Security` header -* ``sts_max_age``: The maximum age for the `Strict-Transport-Security` header if sent -* ``ct_max_age``: The maximum age for the `Expect-CT` header if sent -* ``referrer_policy``: The referrer policy to use, either `"same-origin"` or `"no-referrer"` -* ``report_uri``: Adds the specified url to `report-uri` and `report-to` group in CSP header. - -## :mrf_user_allowlist - -The keys in this section are the domain names that the policy should apply to. -Each key should be assigned a list of users that should be allowed through by -their ActivityPub ID. - -An example: - -```elixir -config :pleroma, :mrf_user_allowlist, - "example.org": ["https://example.org/users/admin"] -``` - -## :web_push_encryption, :vapid_details - -Web Push Notifications configuration. You can use the mix task `mix web_push.gen.keypair` to generate it. - -* ``subject``: a mailto link for the administrative contact. It’s best if this email is not a personal email address, but rather a group email so that if a person leaves an organization, is unavailable for an extended period, or otherwise can’t respond, someone else on the list can. -* ``public_key``: VAPID public key -* ``private_key``: VAPID private key - -## Pleroma.Captcha -* `enabled`: Whether the captcha should be shown on registration -* `method`: The method/service to use for captcha -* `seconds_valid`: The time in seconds for which the captcha is valid - -### Pleroma.Captcha.Kocaptcha -Kocaptcha is a very simple captcha service with a single API endpoint, -the source code is here: https://github.com/koto-bank/kocaptcha. The default endpoint -`https://captcha.kotobank.ch` is hosted by the developer. - -* `endpoint`: the kocaptcha endpoint to use - -## :admin_token - -Allows to set a token that can be used to authenticate with the admin api without using an actual user by giving it as the 'admin_token' parameter. Example: - -```elixir -config :pleroma, :admin_token, "somerandomtoken" -``` - -You can then do - -```sh -curl "http://localhost:4000/api/pleroma/admin/invite_token?admin_token=somerandomtoken" -``` - -## Oban - -[Oban](https://github.com/sorentwo/oban) asynchronous job processor configuration. - -Configuration options described in [Oban readme](https://github.com/sorentwo/oban#usage): -* `repo` - app's Ecto repo (`Pleroma.Repo`) -* `verbose` - logs verbosity -* `prune` - non-retryable jobs [pruning settings](https://github.com/sorentwo/oban#pruning) (`:disabled` / `{:maxlen, value}` / `{:maxage, value}`) -* `queues` - job queues (see below) - -Pleroma has the following queues: - -* `activity_expiration` - Activity expiration -* `federator_outgoing` - Outgoing federation -* `federator_incoming` - Incoming federation -* `mailer` - Email sender, see [`Pleroma.Emails.Mailer`](#pleromaemailsmailer) -* `transmogrifier` - Transmogrifier -* `web_push` - Web push notifications -* `scheduled_activities` - Scheduled activities, see [`Pleroma.ScheduledActivity`](#pleromascheduledactivity) - -Example: - -```elixir -config :pleroma, Oban, - repo: Pleroma.Repo, - verbose: false, - prune: {:maxlen, 1500}, - queues: [ - federator_incoming: 50, - federator_outgoing: 50 - ] -``` - -This config contains two queues: `federator_incoming` and `federator_outgoing`. Both have the number of max concurrent jobs set to `50`. - -### Migrating `pleroma_job_queue` settings - -`config :pleroma_job_queue, :queues` is replaced by `config :pleroma, Oban, :queues` and uses the same format (keys are queues' names, values are max concurrent jobs numbers). - -### Note on running with PostgreSQL in silent mode - -If you are running PostgreSQL in [`silent_mode`](https://postgresqlco.nf/en/doc/param/silent_mode?version=9.1), it's advised to set [`log_destination`](https://postgresqlco.nf/en/doc/param/log_destination?version=9.1) to `syslog`, -otherwise `postmaster.log` file may grow because of "you don't own a lock of type ShareLock" warnings (see https://github.com/sorentwo/oban/issues/52). - -## :workers - -Includes custom worker options not interpretable directly by `Oban`. - -* `retries` — keyword lists where keys are `Oban` queues (see above) and values are numbers of max attempts for failed jobs. - -Example: - -```elixir -config :pleroma, :workers, - retries: [ - federator_incoming: 5, - federator_outgoing: 5 - ] -``` - -### Migrating `Pleroma.Web.Federator.RetryQueue` settings - -* `max_retries` is replaced with `config :pleroma, :workers, retries: [federator_outgoing: 5]` -* `enabled: false` corresponds to `config :pleroma, :workers, retries: [federator_outgoing: 1]` -* deprecated options: `max_jobs`, `initial_timeout` - -## Pleroma.Web.Metadata -* `providers`: a list of metadata providers to enable. Providers available: - * Pleroma.Web.Metadata.Providers.OpenGraph - * Pleroma.Web.Metadata.Providers.TwitterCard - * Pleroma.Web.Metadata.Providers.RelMe - add links from user bio with rel=me into the `
` as `` -* `unfurl_nsfw`: If set to `true` nsfw attachments will be shown in previews - -## :rich_media -* `enabled`: if enabled the instance will parse metadata from attached links to generate link previews -* `ignore_hosts`: list of hosts which will be ignored by the metadata parser. For example `["accounts.google.com", "xss.website"]`, defaults to `[]`. -* `ignore_tld`: list TLDs (top-level domains) which will ignore for parse metadata. default is ["local", "localdomain", "lan"] -* `parsers`: list of Rich Media parsers - -## :fetch_initial_posts -* `enabled`: if enabled, when a new user is federated with, fetch some of their latest posts -* `pages`: the amount of pages to fetch - -## :hackney_pools - -Advanced. Tweaks Hackney (http client) connections pools. - -There's three pools used: - -* `:federation` for the federation jobs. - You may want this pool max_connections to be at least equal to the number of federator jobs + retry queue jobs. -* `:media` for rich media, media proxy -* `:upload` for uploaded media (if using a remote uploader and `proxy_remote: true`) - -For each pool, the options are: - -* `max_connections` - how much connections a pool can hold -* `timeout` - retention duration for connections - -## :auto_linker - -Configuration for the `auto_linker` library: - -* `class: "auto-linker"` - specify the class to be added to the generated link. false to clear -* `rel: "noopener noreferrer"` - override the rel attribute. false to clear -* `new_window: true` - set to false to remove `target='_blank'` attribute -* `scheme: false` - Set to true to link urls with schema `http://google.com` -* `truncate: false` - Set to a number to truncate urls longer then the number. Truncated urls will end in `..` -* `strip_prefix: true` - Strip the scheme prefix -* `extra: false` - link urls with rarely used schemes (magnet, ipfs, irc, etc.) - -Example: - -```elixir -config :auto_linker, - opts: [ - scheme: true, - extra: true, - class: false, - strip_prefix: false, - new_window: false, - rel: "ugc" - ] -``` - -## Pleroma.Scheduler - -Configuration for [Quantum](https://github.com/quantum-elixir/quantum-core) jobs scheduler. - -See [Quantum readme](https://github.com/quantum-elixir/quantum-core#usage) for the list of supported options. - -Example: - -```elixir -config :pleroma, Pleroma.Scheduler, - global: true, - overlap: true, - timezone: :utc, - jobs: [{"0 */6 * * * *", {Pleroma.Web.Websub, :refresh_subscriptions, []}}] -``` - -The above example defines a single job which invokes `Pleroma.Web.Websub.refresh_subscriptions()` every 6 hours ("0 */6 * * * *", [crontab format](https://en.wikipedia.org/wiki/Cron)). - -## Pleroma.ScheduledActivity - -* `daily_user_limit`: the number of scheduled activities a user is allowed to create in a single day (Default: `25`) -* `total_user_limit`: the number of scheduled activities a user is allowed to create in total (Default: `300`) -* `enabled`: whether scheduled activities are sent to the job queue to be executed - -## Pleroma.ActivityExpiration - -# `enabled`: whether expired activities will be sent to the job queue to be deleted - -## Pleroma.Web.Auth.Authenticator - -* `Pleroma.Web.Auth.PleromaAuthenticator`: default database authenticator -* `Pleroma.Web.Auth.LDAPAuthenticator`: LDAP authentication - -## :ldap - -Use LDAP for user authentication. When a user logs in to the Pleroma -instance, the name and password will be verified by trying to authenticate -(bind) to an LDAP server. If a user exists in the LDAP directory but there -is no account with the same name yet on the Pleroma instance then a new -Pleroma account will be created with the same name as the LDAP user name. - -* `enabled`: enables LDAP authentication -* `host`: LDAP server hostname -* `port`: LDAP port, e.g. 389 or 636 -* `ssl`: true to use SSL, usually implies the port 636 -* `sslopts`: additional SSL options -* `tls`: true to start TLS, usually implies the port 389 -* `tlsopts`: additional TLS options -* `base`: LDAP base, e.g. "dc=example,dc=com" -* `uid`: LDAP attribute name to authenticate the user, e.g. when "cn", the filter will be "cn=username,base" - -## BBS / SSH access - -To enable simple command line interface accessible over ssh, add a setting like this to your configuration file: - -```exs -app_dir = File.cwd! -priv_dir = Path.join([app_dir, "priv/ssh_keys"]) - -config :esshd, - enabled: true, - priv_dir: priv_dir, - handler: "Pleroma.BBS.Handler", - port: 10_022, - password_authenticator: "Pleroma.BBS.Authenticator" -``` - -Feel free to adjust the priv_dir and port number. Then you will have to create the key for the keys (in the example `priv/ssh_keys`) and create the host keys with `ssh-keygen -m PEM -N "" -b 2048 -t rsa -f ssh_host_rsa_key`. After restarting, you should be able to connect to your Pleroma instance with `ssh username@server -p $PORT` - -## :auth - -* `Pleroma.Web.Auth.PleromaAuthenticator`: default database authenticator -* `Pleroma.Web.Auth.LDAPAuthenticator`: LDAP authentication - -Authentication / authorization settings. - -* `auth_template`: authentication form template. By default it's `show.html` which corresponds to `lib/pleroma/web/templates/o_auth/o_auth/show.html.eex`. -* `oauth_consumer_template`: OAuth consumer mode authentication form template. By default it's `consumer.html` which corresponds to `lib/pleroma/web/templates/o_auth/o_auth/consumer.html.eex`. -* `oauth_consumer_strategies`: the list of enabled OAuth consumer strategies; by default it's set by `OAUTH_CONSUMER_STRATEGIES` environment variable. Each entry in this space-delimited string should be of format `` or `:` (e.g. `twitter` or `keycloak:ueberauth_keycloak_strategy` in case dependency is named differently than `ueberauth_`). - -## :email_notifications - -Email notifications settings. - - - digest - emails of "what you've missed" for users who have been - inactive for a while. - - active: globally enable or disable digest emails - - schedule: When to send digest email, in [crontab format](https://en.wikipedia.org/wiki/Cron). - "0 0 * * 0" is the default, meaning "once a week at midnight on Sunday morning" - - interval: Minimum interval between digest emails to one user - - inactivity_threshold: Minimum user inactivity threshold - -## Pleroma.Emails.UserEmail - -- `:logo` - a path to a custom logo. Set it to `nil` to use the default Pleroma logo. -- `:styling` - a map with color settings for email templates. - -## OAuth consumer mode - -OAuth consumer mode allows sign in / sign up via external OAuth providers (e.g. Twitter, Facebook, Google, Microsoft, etc.). -Implementation is based on Ueberauth; see the list of [available strategies](https://github.com/ueberauth/ueberauth/wiki/List-of-Strategies). - -Note: each strategy is shipped as a separate dependency; in order to get the strategies, run `OAUTH_CONSUMER_STRATEGIES="..." mix deps.get`, -e.g. `OAUTH_CONSUMER_STRATEGIES="twitter facebook google microsoft" mix deps.get`. -The server should also be started with `OAUTH_CONSUMER_STRATEGIES="..." mix phx.server` in case you enable any strategies. - -Note: each strategy requires separate setup (on external provider side and Pleroma side). Below are the guidelines on setting up most popular strategies. - -Note: make sure that `"SameSite=Lax"` is set in `extra_cookie_attrs` when you have this feature enabled. OAuth consumer mode will not work with `"SameSite=Strict"` - -* For Twitter, [register an app](https://developer.twitter.com/en/apps), configure callback URL to https:///oauth/twitter/callback - -* For Facebook, [register an app](https://developers.facebook.com/apps), configure callback URL to https:///oauth/facebook/callback, enable Facebook Login service at https://developers.facebook.com/apps//fb-login/settings/ - -* For Google, [register an app](https://console.developers.google.com), configure callback URL to https:///oauth/google/callback - -* For Microsoft, [register an app](https://portal.azure.com), configure callback URL to https:///oauth/microsoft/callback - -Once the app is configured on external OAuth provider side, add app's credentials and strategy-specific settings (if any — e.g. see Microsoft below) to `config/prod.secret.exs`, -per strategy's documentation (e.g. [ueberauth_twitter](https://github.com/ueberauth/ueberauth_twitter)). Example config basing on environment variables: - -```elixir -# Twitter -config :ueberauth, Ueberauth.Strategy.Twitter.OAuth, - consumer_key: System.get_env("TWITTER_CONSUMER_KEY"), - consumer_secret: System.get_env("TWITTER_CONSUMER_SECRET") - -# Facebook -config :ueberauth, Ueberauth.Strategy.Facebook.OAuth, - client_id: System.get_env("FACEBOOK_APP_ID"), - client_secret: System.get_env("FACEBOOK_APP_SECRET"), - redirect_uri: System.get_env("FACEBOOK_REDIRECT_URI") - -# Google -config :ueberauth, Ueberauth.Strategy.Google.OAuth, - client_id: System.get_env("GOOGLE_CLIENT_ID"), - client_secret: System.get_env("GOOGLE_CLIENT_SECRET"), - redirect_uri: System.get_env("GOOGLE_REDIRECT_URI") - -# Microsoft -config :ueberauth, Ueberauth.Strategy.Microsoft.OAuth, - client_id: System.get_env("MICROSOFT_CLIENT_ID"), - client_secret: System.get_env("MICROSOFT_CLIENT_SECRET") - -config :ueberauth, Ueberauth, - providers: [ - microsoft: {Ueberauth.Strategy.Microsoft, [callback_params: []]} - ] - -# Keycloak -# Note: make sure to add `keycloak:ueberauth_keycloak_strategy` entry to `OAUTH_CONSUMER_STRATEGIES` environment variable -keycloak_url = "https://publicly-reachable-keycloak-instance.org:8080" - -config :ueberauth, Ueberauth.Strategy.Keycloak.OAuth, - client_id: System.get_env("KEYCLOAK_CLIENT_ID"), - client_secret: System.get_env("KEYCLOAK_CLIENT_SECRET"), - site: keycloak_url, - authorize_url: "#{keycloak_url}/auth/realms/master/protocol/openid-connect/auth", - token_url: "#{keycloak_url}/auth/realms/master/protocol/openid-connect/token", - userinfo_url: "#{keycloak_url}/auth/realms/master/protocol/openid-connect/userinfo", - token_method: :post - -config :ueberauth, Ueberauth, - providers: [ - keycloak: {Ueberauth.Strategy.Keycloak, [uid_field: :email]} - ] -``` - -## OAuth 2.0 provider - :oauth2 - -Configure OAuth 2 provider capabilities: - -* `token_expires_in` - The lifetime in seconds of the access token. -* `issue_new_refresh_token` - Keeps old refresh token or generate new refresh token when to obtain an access token. -* `clean_expired_tokens` - Enable a background job to clean expired oauth tokens. Defaults to `false`. -* `clean_expired_tokens_interval` - Interval to run the job to clean expired tokens. Defaults to `86_400_000` (24 hours). - -## :emoji -* `shortcode_globs`: Location of custom emoji files. `*` can be used as a wildcard. Example `["/emoji/custom/**/*.png"]` -* `pack_extensions`: A list of file extensions for emojis, when no emoji.txt for a pack is present. Example `[".png", ".gif"]` -* `groups`: Emojis are ordered in groups (tags). This is an array of key-value pairs where the key is the groupname and the value the location or array of locations. `*` can be used as a wildcard. Example `[Custom: ["/emoji/*.png", "/emoji/custom/*.png"]]` -* `default_manifest`: Location of the JSON-manifest. This manifest contains information about the emoji-packs you can download. Currently only one manifest can be added (no arrays). -* `shared_pack_cache_seconds_per_file`: When an emoji pack is shared, the archive is created and cached in - memory for this amount of seconds multiplied by the number of files. - -## Database options - -### RUM indexing for full text search -* `rum_enabled`: If RUM indexes should be used. Defaults to `false`. - -RUM indexes are an alternative indexing scheme that is not included in PostgreSQL by default. While they may eventually be mainlined, for now they have to be installed as a PostgreSQL extension from https://github.com/postgrespro/rum. - -Their advantage over the standard GIN indexes is that they allow efficient ordering of search results by timestamp, which makes search queries a lot faster on larger servers, by one or two orders of magnitude. They take up around 3 times as much space as GIN indexes. - -To enable them, both the `rum_enabled` flag has to be set and the following special migration has to be run: - -`mix ecto.migrate --migrations-path priv/repo/optional_migrations/rum_indexing/` - -This will probably take a long time. - -## :rate_limit - -This is an advanced feature and disabled by default. - -If your instance is behind a reverse proxy you must enable and configure [`Pleroma.Plugs.RemoteIp`](#pleroma-plugs-remoteip). - -A keyword list of rate limiters where a key is a limiter name and value is the limiter configuration. The basic configuration is a tuple where: - -* The first element: `scale` (Integer). The time scale in milliseconds. -* The second element: `limit` (Integer). How many requests to limit in the time scale provided. - -It is also possible to have different limits for unauthenticated and authenticated users: the keyword value must be a list of two tuples where the first one is a config for unauthenticated users and the second one is for authenticated. - -See [`Pleroma.Plugs.RateLimiter`](Pleroma.Plugs.RateLimiter.html) documentation for examples. - -Supported rate limiters: - -* `:search` for the search requests (account & status search etc.) -* `:app_account_creation` for registering user accounts from the same IP address -* `:relations_actions` for actions on relations with all users (follow, unfollow) -* `:relation_id_action` for actions on relation with a specific user (follow, unfollow) -* `:statuses_actions` for create / delete / fav / unfav / reblog / unreblog actions on any statuses -* `:status_id_action` for fav / unfav or reblog / unreblog actions on the same status by the same user - -## :web_cache_ttl - -The expiration time for the web responses cache. Values should be in milliseconds or `nil` to disable expiration. - -Available caches: - -* `:activity_pub` - activity pub routes (except question activities). Defaults to `nil` (no expiration). -* `:activity_pub_question` - activity pub routes (question activities). Defaults to `30_000` (30 seconds). - -## Pleroma.Plugs.RemoteIp - -**If your instance is not behind at least one reverse proxy, you should not enable this plug.** - -`Pleroma.Plugs.RemoteIp` is a shim to call [`RemoteIp`](https://git.pleroma.social/pleroma/remote_ip) but with runtime configuration. - -Available options: - -* `enabled` - Enable/disable the plug. Defaults to `false`. -* `headers` - A list of strings naming the `req_headers` to use when deriving the `remote_ip`. Order does not matter. Defaults to `~w[forwarded x-forwarded-for x-client-ip x-real-ip]`. -* `proxies` - A list of strings in [CIDR](https://en.wikipedia.org/wiki/CIDR) notation specifying the IPs of known proxies. Defaults to `[]`. -* `reserved` - Defaults to [localhost](https://en.wikipedia.org/wiki/Localhost) and [private network](https://en.wikipedia.org/wiki/Private_network). diff --git a/docs/config/General-tips-for-customizing-Pleroma-FE.md b/docs/config/General-tips-for-customizing-Pleroma-FE.md deleted file mode 100644 index 15c4882dd..000000000 --- a/docs/config/General-tips-for-customizing-Pleroma-FE.md +++ /dev/null @@ -1,17 +0,0 @@ -# General tips for customizing Pleroma FE -There are some configuration scripts for Pleroma BE and FE: - -1. `config/prod.secret.exs` -1. `config/config.exs` -1. `priv/static/static/config.json` - -The `prod.secret.exs` affects first. `config.exs` is for fallback or default. `config.json` is for GNU-social-BE-Pleroma-FE instances. - -Usually all you have to do is: - -1. Copy the section in the `config/config.exs` which you want to activate. -1. Paste into `config/prod.secret.exs`. -1. Edit `config/prod.secret.exs`. -1. Restart the Pleroma daemon. - -`prod.secret.exs` is for the `MIX_ENV=prod` environment. `dev.secret.exs` is for the `MIX_ENV=dev` environment respectively. diff --git a/docs/config/custom_emoji.md b/docs/config/custom_emoji.md deleted file mode 100644 index f72c0edbc..000000000 --- a/docs/config/custom_emoji.md +++ /dev/null @@ -1,68 +0,0 @@ -# Custom Emoji - -Before you add your own custom emoji, check if they are available in an existing pack. -See `Mix.Tasks.Pleroma.Emoji` for information about emoji packs. - -To add custom emoji: -* Create the `STATIC-DIR/emoji/` directory if it doesn't exist - (`STATIC-DIR` is configurable, `instance/static/` by default) -* Create a directory with whatever name you want (custom is a good name to show the purpose of it). - This will create a local emoji pack. -* Put your `.png` emoji files in that directory. In case of conflicts, you can create an `emoji.txt` - file in that directory and specify a custom shortcode using the following format: - `shortcode, file-path, tag1, tag2, etc`. One emoji per line. Note that if you do so, - you'll have to list all other emojis in the pack too. -* Either restart pleroma or connect to the iex session pleroma's running and - run `Pleroma.Emoji.reload/0` in it. - -Example: - -image files (in `instance/static/emoji/custom`): `happy.png` and `sad.png` - -content of `emoji.txt`: -``` -happy, /emoji/custom/happy.png, Tag1,Tag2 -sad, /emoji/custom/sad.png, Tag1 -foo, /emoji/custom/foo.png -``` - -The files should be PNG (APNG is okay with `.png` for `image/png` Content-type) and under 50kb for compatibility with mastodon. - -Default file extentions and locations for emojis are set in `config.exs`. To use different locations or file-extentions, add the `shortcode_globs` to your secrets file (`prod.secret.exs` or `dev.secret.exs`) and edit it. Note that not all fediverse-software will show emojis with other file extentions: -```elixir -config :pleroma, :emoji, shortcode_globs: ["/emoji/custom/**/*.png", "/emoji/custom/**/*.gif"] -``` - -## Emoji tags (groups) - -Default tags are set in `config.exs`. To set your own tags, copy the structure to your secrets file (`prod.secret.exs` or `dev.secret.exs`) and edit it. -```elixir -config :pleroma, :emoji, - shortcode_globs: ["/emoji/custom/**/*.png"], - groups: [ - Finmoji: "/finmoji/128px/*-128.png", - Custom: ["/emoji/*.png", "/emoji/custom/*.png"] - ] -``` - -Order of the `groups` matters, so to override default tags just put your group on top of the list. E.g: -```elixir -config :pleroma, :emoji, - shortcode_globs: ["/emoji/custom/**/*.png"], - groups: [ - "Finmoji special": "/finmoji/128px/a_trusted_friend-128.png", # special file - "Cirno": "/emoji/custom/cirno*.png", # png files in /emoji/custom/ which start with `cirno` - "Special group": "/emoji/custom/special_folder/*.png", # png files in /emoji/custom/special_folder/ - "Another group": "/emoji/custom/special_folder/*/.png", # png files in /emoji/custom/special_folder/ subfolders - Finmoji: "/finmoji/128px/*-128.png", - Custom: ["/emoji/*.png", "/emoji/custom/*.png"] - ] -``` - -Priority of tags assigns in emoji.txt and custom.txt: - -`tag in file > special group setting in config.exs > default setting in config.exs` - -Priority for globs: - -`special group setting in config.exs > default setting in config.exs` diff --git a/docs/config/hardening.md b/docs/config/hardening.md deleted file mode 100644 index b54c28850..000000000 --- a/docs/config/hardening.md +++ /dev/null @@ -1,103 +0,0 @@ -# Hardening your instance -Here are some suggestions which improve the security of parts of your Pleroma instance. - -## Configuration file - -These changes should go into `prod.secret.exs` or `dev.secret.exs`, depending on your `MIX_ENV` value. - -### `http` - -> Recommended value: `[ip: {127, 0, 0, 1}]` - -This sets the Pleroma application server to only listen to the localhost interface. This way, you can only reach your server over the Internet by going through the reverse proxy. By default, Pleroma listens on all interfaces. - -### `secure_cookie_flag` - -> Recommended value: `true` - -This sets the `secure` flag on Pleroma’s session cookie. This makes sure, that the cookie is only accepted over encrypted HTTPs connections. This implicitly renames the cookie from `pleroma_key` to `__Host-pleroma-key` which enforces some restrictions. (see [cookie prefixes](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie#Cookie_prefixes)) - -### `:http_security` - -> Recommended value: `true` - -This will send additional HTTP security headers to the clients, including: - -* `X-XSS-Protection: "1; mode=block"` -* `X-Permitted-Cross-Domain-Policies: "none"` -* `X-Frame-Options: "DENY"` -* `X-Content-Type-Options: "nosniff"` -* `X-Download-Options: "noopen"` - -A content security policy (CSP) will also be set: - -```csp -content-security-policy: - default-src 'none'; - base-uri 'self'; - frame-ancestors 'none'; - img-src 'self' data: https:; - media-src 'self' https:; - style-src 'self' 'unsafe-inline'; - font-src 'self'; - script-src 'self'; - connect-src 'self' wss://example.tld; - manifest-src 'self'; - upgrade-insecure-requests; -``` - -#### `sts` - -> Recommended value: `true` - -An additional “Strict transport security” header will be sent with the configured `sts_max_age` parameter. This tells the browser, that the domain should only be accessed over a secure HTTPs connection. - -#### `ct_max_age` - -An additional “Expect-CT” header will be sent with the configured `ct_max_age` parameter. This enforces the use of TLS certificates that are published in the certificate transparency log. (see [Expect-CT](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Expect-CT)) - -#### `referrer_policy` - -> Recommended value: `same-origin` - -If you click on a link, your browser’s request to the other site will include from where it is coming from. The “Referrer policy” header tells the browser how and if it should send this information. (see [Referrer policy](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy)) - -## systemd - -A systemd unit example is provided at `installation/pleroma.service`. - -### PrivateTmp - -> Recommended value: `true` - -Use private `/tmp` and `/var/tmp` folders inside a new file system namespace, which are discarded after the process stops. - -### ProtectHome - -> Recommended value: `true` - -The `/home`, `/root`, and `/run/user` folders can not be accessed by this service anymore. If your Pleroma user has its home folder in one of the restricted places, or use one of these folders as its working directory, you have to set this to `false`. - -### ProtectSystem - -> Recommended value: `full` - -Mount `/usr`, `/boot`, and `/etc` as read-only for processes invoked by this service. - -### PrivateDevices - -> Recommended value: `true` - -Sets up a new `/dev` mount for the process and only adds API pseudo devices like `/dev/null`, `/dev/zero` or `/dev/random` but not physical devices. This may not work on devices like the Raspberry Pi, where you need to set this to `false`. - -### NoNewPrivileges - -> Recommended value: `true` - -Ensures that the service process and all its children can never gain new privileges through `execve()`. - -### CapabilityBoundingSet - -> Recommended value: `~CAP_SYS_ADMIN` - -Drops the sysadmin capability from the daemon. diff --git a/docs/config/howto_mediaproxy.md b/docs/config/howto_mediaproxy.md deleted file mode 100644 index 16c40c5db..000000000 --- a/docs/config/howto_mediaproxy.md +++ /dev/null @@ -1,34 +0,0 @@ -# How to activate mediaproxy -## Explanation - -Without the `mediaproxy` function, Pleroma doesn't store any remote content like pictures, video etc. locally. So every time you open Pleroma, the content is loaded from the source server, from where the post is coming. This can result in slowly loading content or/and increased bandwidth usage on the source server. -With the `mediaproxy` function you can use nginx to cache this content, so users can access it faster, because it's loaded from your server. - -## Activate it - -* Edit your nginx config and add the following location: -``` -location /proxy { - proxy_cache pleroma_media_cache; - proxy_cache_lock on; - proxy_pass http://localhost:4000; -} -``` -Also add the following on top of the configuration, outside of the `server` block: -``` -proxy_cache_path /tmp/pleroma-media-cache levels=1:2 keys_zone=pleroma_media_cache:10m max_size=10g inactive=720m use_temp_path=off; -``` -If you came here from one of the installation guides, take a look at the example configuration `/installation/pleroma.nginx`, where this part is already included. - -* Append the following to your `prod.secret.exs` or `dev.secret.exs` (depends on which mode your instance is running): -``` -config :pleroma, :media_proxy, - enabled: true, - proxy_opts: [ - redirect_on_failure: true - ] - #base_url: "https://cache.pleroma.social" -``` -If you want to use a subdomain to serve the files, uncomment `base_url`, change the url and add a comma after `true` in the previous line. - -* Restart nginx and Pleroma diff --git a/docs/config/howto_mongooseim.md b/docs/config/howto_mongooseim.md deleted file mode 100644 index a33e590a1..000000000 --- a/docs/config/howto_mongooseim.md +++ /dev/null @@ -1,10 +0,0 @@ -# Configuring MongooseIM (XMPP Server) to use Pleroma for authentication - -If you want to give your Pleroma users an XMPP (chat) account, you can configure [MongooseIM](https://github.com/esl/MongooseIM) to use your Pleroma server for user authentication, automatically giving every local user an XMPP account. - -In general, you just have to follow the configuration described at [https://mongooseim.readthedocs.io/en/latest/authentication-backends/HTTP-authentication-module/](https://mongooseim.readthedocs.io/en/latest/authentication-backends/HTTP-authentication-module/) and do these changes to your mongooseim.cfg. - -1. Set the auth_method to `{auth_method, http}`. -2. Add the http auth pool like this: `{http, global, auth, [{workers, 50}], [{server, "https://yourpleromainstance.com"}]}` - -Restart your MongooseIM server, your users should now be able to connect with their Pleroma credentials. diff --git a/docs/config/howto_proxy.md b/docs/config/howto_proxy.md deleted file mode 100644 index 10a635266..000000000 --- a/docs/config/howto_proxy.md +++ /dev/null @@ -1,12 +0,0 @@ -# How to configure upstream proxy for federation -If you want to proxify all http requests (e.g. for TOR) that pleroma makes to an upstream proxy server, edit you config file (`dev.secret.exs` or `prod.secret.exs`) and add the following: - -``` -config :pleroma, :http, - proxy_url: "127.0.0.1:8123" -``` - -The other way to do it, for example, with Tor you would most likely add something like this: -``` -config :pleroma, :http, proxy_url: {:socks5, :localhost, 9050} -``` diff --git a/docs/config/howto_set_richmedia_cache_ttl_based_on_image.md b/docs/config/howto_set_richmedia_cache_ttl_based_on_image.md deleted file mode 100644 index bfee5a9e6..000000000 --- a/docs/config/howto_set_richmedia_cache_ttl_based_on_image.md +++ /dev/null @@ -1,33 +0,0 @@ -# How to set rich media cache ttl based on image ttl -## Explanation - -Richmedia are cached without the ttl but the rich media may have image which can expire, like aws signed url. -In such cases the old image url (expired) is returned from the media cache. - -So to avoid such situation we can define a module that will set ttl based on image. -The module must adopt behaviour `Pleroma.Web.RichMedia.Parser.TTL` - -### Example - -```exs -defmodule MyModule do - @behaviour Pleroma.Web.RichMedia.Parser.TTL - - @impl Pleroma.Web.RichMedia.Parser.TTL - def ttl(data, url) do - image_url = Map.get(data, :image) - # do some parsing in the url and get the ttl of the image - # return ttl is unix time - parse_ttl_from_url(image_url) - end -end -``` - -And update the config - -```exs -config :pleroma, :rich_media, - ttl_setters: [Pleroma.Web.RichMedia.Parser.TTL.AwsSignedUrl, MyModule] -``` - -> For reference there is a parser for AWS signed URL `Pleroma.Web.RichMedia.Parser.TTL.AwsSignedUrl`, it's enabled by default. diff --git a/docs/config/howto_user_recomendation.md b/docs/config/howto_user_recomendation.md deleted file mode 100644 index c4d749d0c..000000000 --- a/docs/config/howto_user_recomendation.md +++ /dev/null @@ -1,31 +0,0 @@ -# How to activate user recommendation (Who to follow panel) -![who-to-follow-panel-small](/uploads/9de1b1300436c32461d272945f1bc23e/who-to-follow-panel-small.png) - -To show the *who to follow* panel, edit `config/prod.secret.exs` in the Pleroma backend. Following code activates the *who to follow* panel: - -```elixir -config :pleroma, :suggestions, - enabled: true, - third_party_engine: - "http://vinayaka.distsn.org/cgi-bin/vinayaka-user-match-suggestions-api.cgi?{{host}}+{{user}}", - timeout: 300_000, - limit: 40, - web: "https://vinayaka.distsn.org" - -``` - -`config/config.exs` already includes this code, but `enabled:` is `false`. - -`/api/v1/suggestions` is also provided when *who to follow* panel is enabled. - -For advanced customization, following code shows the newcomers of the fediverse at the *who to follow* panel: - -```elixir -config :pleroma, :suggestions, - enabled: true, - third_party_engine: - "http://vinayaka.distsn.org/cgi-bin/vinayaka-user-new-suggestions-api.cgi?{{host}}+{{user}}", - timeout: 60_000, - limit: 40, - web: "https://vinayaka.distsn.org/user-new.html" -``` diff --git a/docs/config/i2p.md b/docs/config/i2p.md deleted file mode 100644 index 62ced8b7a..000000000 --- a/docs/config/i2p.md +++ /dev/null @@ -1,196 +0,0 @@ -# I2P Federation and Accessability - -This guide is going to focus on the Pleroma federation aspect. The actual installation is neatly explained in the official documentation, and more likely to remain up-to-date. -It might be added to this guide if there will be a need for that. - -We're going to use I2PD for its lightweightness over the official client. -Follow the documentation according to your distro: https://i2pd.readthedocs.io/en/latest/user-guide/install/#installing - -How to run it: https://i2pd.readthedocs.io/en/latest/user-guide/run/ - -## I2P Federation - -There are 2 ways to go about this. -One using the config, and one using external software (fedproxy). The external software works better so far. - -### Using the Config - -**Warning:** So far, everytime I followed this way of federating using I2P, the rest of my federation stopped working. I'm leaving this here in case it will help with making it work. - -Assuming you're running in prod, cd to your Pleroma folder and append the following to `config/prod.secret.exs`: -``` -config :pleroma, :http, proxy_url: {:socks5, :localhost, 4447} -``` -And then run the following: -``` -su pleroma -MIX_ENV=prod mix deps.get -MIX_ENV=prod mix ecto.migrate -exit -``` -You can restart I2PD here and finish if you don't wish to make your instance viewable or accessible over I2P. -``` -systemctl stop i2pd.service --no-block -systemctl start i2pd.service -``` -*Notice:* The stop command initiates a graceful shutdown process, i2pd stops after finishing to route transit tunnels (maximum 10 minutes). - -You can change the socks proxy port in `/etc/i2pd/i2pd.conf`. - -### Using Fedproxy - -Fedproxy passes through clearnet requests direct to where they are going. It doesn't force anything over Tor. - -To use [fedproxy](https://github.com/majestrate/fedproxy) you'll need to install Golang. -``` -apt install golang -``` -Use a different user than pleroma or root. Run the following to add the Gopath to your ~/.bashrc. -``` -echo "export GOPATH=/home/ren/.go" >> ~/.bashrc -``` -Restart that bash session (you can exit and log back in). -Run the following to get fedproxy. -``` -go get -u github.com/majestrate/fedproxy$ -cp $(GOPATH)/bin/fedproxy /usr/local/bin/fedproxy -``` -And then the following to start it for I2P only. -``` -fedproxy 127.0.0.1:2000 127.0.0.1:4447 -``` -If you want to also use it for Tor, add `127.0.0.1:9050` to that command. -You'll also need to modify your Pleroma config. - -Assuming you're running in prod, cd to your Pleroma folder and append the following to `config/prod.secret.exs`: -``` -config :pleroma, :http, proxy_url: {:socks5, :localhost, 2000} -``` -And then run the following: -``` -su pleroma -MIX_ENV=prod mix deps.get -MIX_ENV=prod mix ecto.migrate -exit -``` -You can restart I2PD here and finish if you don't wish to make your instance viewable or accessible over I2P. - -``` -systemctl stop i2pd.service --no-block -systemctl start i2pd.service -``` -*Notice:* The stop command initiates a graceful shutdown process, i2pd stops after finishing to route transit tunnels (maximum 10 minutes). - -You can change the socks proxy port in `/etc/i2pd/i2pd.conf`. - -## I2P Instance Access - -Make your instance accessible using I2P. - -Add the following to your I2PD config `/etc/i2pd/tunnels.conf`: -``` -[pleroma] -type = http -host = 127.0.0.1 -port = 14447 -keys = pleroma.dat -``` -Restart I2PD: -``` -systemctl stop i2pd.service --no-block -systemctl start i2pd.service -``` -*Notice:* The stop command initiates a graceful shutdown process, i2pd stops after finishing to route transit tunnels (maximum 10 minutes). - -Now you'll have to find your address. -To do that you can download and use I2PD tools.[^1] -Or you'll need to access your web-console on localhost:7070. -If you don't have a GUI, you'll have to SSH tunnel into it like this: -`ssh -L 7070:127.0.0.1:7070 user@ip -p port`. -Now you can access it at localhost:7070. -Go to I2P tunnels page. Look for Server tunnels and you will see an address that ends with `.b32.i2p` next to "pleroma". -This is your site's address. - -### I2P-only Instance - -If creating an I2P-only instance, open `config/prod.secret.exs` and under "config :pleroma, Pleroma.Web.Endpoint," edit "https" and "port: 443" to the following: -``` - url: [host: "i2paddress", scheme: "http", port: 80], -``` -In addition to that, replace the existing nginx config's contents with the example below. - -### Existing Instance (Clearnet Instance) - -If not an I2P-only instance, add the nginx config below to your existing config at `/etc/nginx/sites-enabled/pleroma.nginx`. - -And for both cases, disable CSP in Pleroma's config (STS is disabled by default) so you can define those yourself seperately from the clearnet (if your instance is also on the clearnet). -Copy the following into the `config/prod.secret.exs` in your Pleroma folder (/home/pleroma/pleroma/): -``` -config :pleroma, :http_security, - enabled: false -``` - -Use this as the Nginx config: -``` -proxy_cache_path /tmp/pleroma-media-cache levels=1:2 keys_zone=pleroma_media_cache:10m max_size=10g inactive=720m use_temp_path=off; -# The above already exists in a clearnet instance's config. -# If not, add it. - -server { - listen 127.0.0.1:14447; - server_name youri2paddress; - - # Comment to enable logs - access_log /dev/null; - error_log /dev/null; - - gzip_vary on; - gzip_proxied any; - gzip_comp_level 6; - gzip_buffers 16 8k; - gzip_http_version 1.1; - gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript application/activity+json application/atom+xml; - - client_max_body_size 16m; - - location / { - - add_header X-XSS-Protection "1; mode=block"; - add_header X-Permitted-Cross-Domain-Policies none; - add_header X-Frame-Options DENY; - add_header X-Content-Type-Options nosniff; - add_header Referrer-Policy same-origin; - add_header X-Download-Options noopen; - - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - proxy_set_header Host $http_host; - - proxy_pass http://localhost:4000; - - client_max_body_size 16m; - } - - location /proxy { - proxy_cache pleroma_media_cache; - proxy_cache_lock on; - proxy_ignore_client_abort on; - proxy_pass http://localhost:4000; - } -} -``` -reload Nginx: -``` -systemctl stop i2pd.service --no-block -systemctl start i2pd.service -``` -*Notice:* The stop command initiates a graceful shutdown process, i2pd stops after finishing to route transit tunnels (maximum 10 minutes). - -You should now be able to both access your instance using I2P and federate with other I2P instances! - -[^1]: [I2PD tools](https://github.com/purplei2p/i2pd-tools) to print information about a router info file or an I2P private key, generate an I2P private key, and generate vanity addresses. - -### Possible Issues - -Will be added when encountered. diff --git a/docs/config/mrf.md b/docs/config/mrf.md deleted file mode 100644 index 45be18fc5..000000000 --- a/docs/config/mrf.md +++ /dev/null @@ -1,122 +0,0 @@ -# Message Rewrite Facility -The Message Rewrite Facility (MRF) is a subsystem that is implemented as a series of hooks that allows the administrator to rewrite or discard messages. - -Possible uses include: - -* marking incoming messages with media from a given account or instance as sensitive -* rejecting messages from a specific instance -* rejecting reports (flags) from a specific instance -* removing/unlisting messages from the public timelines -* removing media from messages -* sending only public messages to a specific instance - -The MRF provides user-configurable policies. The default policy is `NoOpPolicy`, which disables the MRF functionality. Pleroma also includes an easy to use policy called `SimplePolicy` which maps messages matching certain pre-defined criterion to actions built into the policy module. -It is possible to use multiple, active MRF policies at the same time. - -## Quarantine Instances - -You have the ability to prevent from private / followers-only messages from federating with specific instances. Which means they will only get the public or unlisted messages from your instance. - -If, for example, you're using `MIX_ENV=prod` aka using production mode, you would open your configuration file located in `config/prod.secret.exs` and edit or add the option under your `:instance` config object. Then you would specify the instance within quotes. -``` -config :pleroma, :instance, - [...] - quarantined_instances: ["instance.example", "other.example"] -``` - -## Using `SimplePolicy` - -`SimplePolicy` is capable of handling most common admin tasks. - -To use `SimplePolicy`, you must enable it. Do so by adding the following to your `:instance` config object, so that it looks like this: - -``` -config :pleroma, :instance, - [...] - rewrite_policy: Pleroma.Web.ActivityPub.MRF.SimplePolicy -``` - -Once `SimplePolicy` is enabled, you can configure various groups in the `:mrf_simple` config object. These groups are: - -* `media_removal`: Servers in this group will have media stripped from incoming messages. -* `media_nsfw`: Servers in this group will have the #nsfw tag and sensitive setting injected into incoming messages which contain media. -* `reject`: Servers in this group will have their messages rejected. -* `federated_timeline_removal`: Servers in this group will have their messages unlisted from the public timelines by flipping the `to` and `cc` fields. -* `report_removal`: Servers in this group will have their reports (flags) rejected. - -Servers should be configured as lists. - -### Example - -This example will enable `SimplePolicy`, block media from `illegalporn.biz`, mark media as NSFW from `porn.biz` and `porn.business`, reject messages from `spam.com`, remove messages from `spam.university` from the federated timeline and block reports (flags) from `whiny.whiner`: - -``` -config :pleroma, :instance, - rewrite_policy: [Pleroma.Web.ActivityPub.MRF.SimplePolicy] - -config :pleroma, :mrf_simple, - media_removal: ["illegalporn.biz"], - media_nsfw: ["porn.biz", "porn.business"], - reject: ["spam.com"], - federated_timeline_removal: ["spam.university"], - report_removal: ["whiny.whiner"] - -``` - -### Use with Care - -The effects of MRF policies can be very drastic. It is important to use this functionality carefully. Always try to talk to an admin before writing an MRF policy concerning their instance. - -## Writing your own MRF Policy - -As discussed above, the MRF system is a modular system that supports pluggable policies. This means that an admin may write a custom MRF policy in Elixir or any other language that runs on the Erlang VM, by specifying the module name in the `rewrite_policy` config setting. - -For example, here is a sample policy module which rewrites all messages to "new message content": - -```elixir -# This is a sample MRF policy which rewrites all Notes to have "new message -# content." -defmodule Site.RewritePolicy do - @behavior Pleroma.Web.ActivityPub.MRF - - # Catch messages which contain Note objects with actual data to filter. - # Capture the object as `object`, the message content as `content` and the - # message itself as `message`. - @impl true - def filter(%{"type" => Create", "object" => {"type" => "Note", "content" => content} = object} = message) - when is_binary(content) do - # Subject / CW is stored as summary instead of `name` like other AS2 objects - # because of Mastodon doing it that way. - summary = object["summary"] - - # Message edits go here. - content = "new message content" - - # Assemble the mutated object. - object = - object - |> Map.put("content", content) - |> Map.put("summary", summary) - - # Assemble the mutated message. - message = Map.put(message, "object", object) - {:ok, message} - end - - # Let all other messages through without modifying them. - @impl true - def filter(message), do: {:ok, message} -end -``` - -If you save this file as `lib/site/mrf/rewrite_policy.ex`, it will be included when you next rebuild Pleroma. You can enable it in the configuration like so: - -``` -config :pleroma, :instance, - rewrite_policy: [ - Pleroma.Web.ActivityPub.MRF.SimplePolicy, - Site.RewritePolicy - ] -``` - -Please note that the Pleroma developers consider custom MRF policy modules to fall under the purview of the AGPL. As such, you are obligated to release the sources to your custom MRF policy modules upon request. diff --git a/docs/config/onion_federation.md b/docs/config/onion_federation.md deleted file mode 100644 index 99f104995..000000000 --- a/docs/config/onion_federation.md +++ /dev/null @@ -1,159 +0,0 @@ -# Easy Onion Federation (Tor) -Tor can free people from the necessity of a domain, in addition to helping protect their privacy. As Pleroma's goal is to empower the people and let as many as possible host an instance with as little resources as possible, the ability to host an instance with a small, cheap computer like a RaspberryPi along with Tor, would be a great way to achieve that. -In addition, federating with such instances will also help furthering that goal. - -This is a guide to show you how it can be easily done. - -This guide assumes you already got Pleroma working, and that it's running on the default port 4000. -Currently only has an Nginx example. - -To install Tor on Debian / Ubuntu: -``` -apt -yq install tor -``` -If using an old server version (older than Debian Stretch or Ubuntu 18.04), install from backports or PPA. -I recommend using a newer server version instead. - -To have the newest, V3 onion addresses (which I recommend) in Debian, install Tor from backports. -If you do not have backports, uncomment the stretch-backports links at the end of `/etc/apt/sources.list`. -Then install: -``` -apt update -apt -t stretch-backports -yq install tor -``` -**WARNING:** Onion instances not using a Tor version supporting V3 addresses will not be able to federate with you. - -Create the hidden service for your Pleroma instance in `/etc/tor/torrc`: -``` -HiddenServiceDir /var/lib/tor/pleroma_hidden_service/ -HiddenServicePort 80 127.0.0.1:8099 -HiddenServiceVersion 3 # Remove if Tor version is below 0.3 ( tor --version ) -``` -Restart Tor to generate an adress: -``` -systemctl restart tor@default.service -``` -Get the address: -``` -cat /var/lib/tor/pleroma_hidden_service/hostname -``` - -# Federation - -Next, edit your Pleroma config. -If running in prod, cd to your Pleroma directory, edit `config/prod.secret.exs` -and append this line: -``` -config :pleroma, :http, proxy_url: {:socks5, :localhost, 9050} -``` -In your Pleroma directory, assuming you're running prod, -run the following: -``` -su pleroma -MIX_ENV=prod mix deps.get -MIX_ENV=prod mix ecto.migrate -exit -``` -restart Pleroma (if using systemd): -``` -systemctl restart pleroma -``` - -# Tor Instance Access - -Make your instance accessible using Tor. - -## Tor-only Instance -If creating a Tor-only instance, open `config/prod.secret.exs` and under "config :pleroma, Pleroma.Web.Endpoint," edit "https" and "port: 443" to the following: -``` - url: [host: "onionaddress", scheme: "http", port: 80], -``` -In addition to that, replace the existing nginx config's contents with the example below. - -## Existing Instance (Clearnet Instance) -If not a Tor-only instance, -add the nginx config below to your existing config at `/etc/nginx/sites-enabled/pleroma.nginx`. - ---- -For both cases, disable CSP in Pleroma's config (STS is disabled by default) so you can define those yourself seperately from the clearnet (if your instance is also on the clearnet). -Copy the following into the `config/prod.secret.exs` in your Pleroma folder (/home/pleroma/pleroma/): -``` -config :pleroma, :http_security, - enabled: false -``` - -Use this as the Nginx config: -``` -proxy_cache_path /tmp/pleroma-media-cache levels=1:2 keys_zone=pleroma_media_cache:10m max_size=10g inactive=720m use_temp_path=off; -# The above already exists in a clearnet instance's config. -# If not, add it. - -server { - listen 127.0.0.1:8099; - server_name youronionaddress; - - # Comment to enable logs - access_log /dev/null; - error_log /dev/null; - - gzip_vary on; - gzip_proxied any; - gzip_comp_level 6; - gzip_buffers 16 8k; - gzip_http_version 1.1; - gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript application/activity+json application/atom+xml; - - client_max_body_size 16m; - - location / { - - add_header X-XSS-Protection "1; mode=block"; - add_header X-Permitted-Cross-Domain-Policies none; - add_header X-Frame-Options DENY; - add_header X-Content-Type-Options nosniff; - add_header Referrer-Policy same-origin; - add_header X-Download-Options noopen; - - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - proxy_set_header Host $http_host; - - proxy_pass http://localhost:4000; - - client_max_body_size 16m; - } - - location /proxy { - proxy_cache pleroma_media_cache; - proxy_cache_lock on; - proxy_ignore_client_abort on; - proxy_pass http://localhost:4000; - } -} -``` -reload Nginx: -``` -systemctl reload nginx -``` - -You should now be able to both access your instance using Tor and federate with other Tor instances! - ---- - -### Possible Issues - -* In Debian, make sure your hidden service folder `/var/lib/tor/pleroma_hidden_service/` and its contents, has debian-tor as both owner and group by using -``` -ls -la /var/lib/tor/ -``` -If it's not, run: -``` -chown -R debian-tor:debian-tor /var/lib/tor/pleroma_hidden_service/ -``` -* Make sure *only* the owner has *only* read and write permissions. -If not, run: -``` -chmod -R 600 /var/lib/tor/pleroma_hidden_service/ -``` -* If you have trouble logging in to the Mastodon Frontend when using Tor, use the Tor Browser Bundle. diff --git a/docs/config/small_customizations.md b/docs/config/small_customizations.md deleted file mode 100644 index f91657a4c..000000000 --- a/docs/config/small_customizations.md +++ /dev/null @@ -1,12 +0,0 @@ -# Small customizations - -See also static_dir.md for visual settings. - -## Theme - -All users of your instance will be able to change the theme they use by going to the settings (the cog in the top-right hand corner). However, if you wish to change the default theme, you can do so by editing `theme` in `config/dev.secret.exs` accordingly. - -## Message Visibility - -To enable message visibility options when posting like in the Mastodon frontend, set -`scope_options_enabled` to `true` in `config/dev.secret.exs`. diff --git a/docs/config/static_dir.md b/docs/config/static_dir.md deleted file mode 100644 index 5fb38c3de..000000000 --- a/docs/config/static_dir.md +++ /dev/null @@ -1,69 +0,0 @@ -# Static Directory - -Static frontend files are shipped in `priv/static/` and tracked by version control in this repository. If you want to overwrite or update these without the possibility of merge conflicts, you can write your custom versions to `instance/static/`. - -``` -config :pleroma, :instance, - static_dir: "instance/static/", -``` - -For example, edit `instance/static/instance/panel.html` . - -Alternatively, you can overwrite this value in your configuration to use a different static instance directory. - -This document is written assuming `instance/static/`. - -Or, if you want to manage your custom file in git repository, basically remove the `instance/` entry from `.gitignore`. - -## robots.txt - -By default, the `robots.txt` that ships in `priv/static/` is permissive. It allows well-behaved search engines to index all of your instance's URIs. - -If you want to generate a restrictive `robots.txt`, you can run the following mix task. The generated `robots.txt` will be written in your instance static directory. - -``` -mix pleroma.robots_txt disallow_all -``` - -## Thumbnail - -Put on `instance/static/instance/thumbnail.jpeg` with your selfie or other neat picture. It will appear in [Pleroma Instances](http://distsn.org/pleroma-instances.html). - -## Instance-specific panel - -![instance-specific panel demo](/uploads/296b19ec806b130e0b49b16bfe29ce8a/image.png) - -Create and Edit your file on `instance/static/instance/panel.html`. - -## Background - -You can change the background of your Pleroma instance by uploading it to `instance/static/`, and then changing `background` in `config/prod.secret.exs` accordingly. - -If you put `instance/static/images/background.jpg` - -``` -config :pleroma, :frontend_configurations, - pleroma_fe: %{ - background: "/images/background.jpg" - } -``` - -## Logo - -![logo modification demo](/uploads/c70b14de60fa74245e7f0dcfa695ebff/image.png) - -If you want to give a brand to your instance, You can change the logo of your instance by uploading it to `instance/static/`. - -Alternatively, you can specify the path with config. -If you put `instance/static/static/mylogo-file.png` - -``` -config :pleroma, :frontend_configurations, - pleroma_fe: %{ - logo: "/static/mylogo-file.png" - } -``` - -## Terms of Service - -Terms of Service will be shown to all users on the registration page. It's the best place where to write down the rules for your instance. You can modify the rules by changing `instance/static/static/terms-of-service.html`. diff --git a/docs/configuration/General-tips-for-customizing-Pleroma-FE.md b/docs/configuration/General-tips-for-customizing-Pleroma-FE.md new file mode 100644 index 000000000..15c4882dd --- /dev/null +++ b/docs/configuration/General-tips-for-customizing-Pleroma-FE.md @@ -0,0 +1,17 @@ +# General tips for customizing Pleroma FE +There are some configuration scripts for Pleroma BE and FE: + +1. `config/prod.secret.exs` +1. `config/config.exs` +1. `priv/static/static/config.json` + +The `prod.secret.exs` affects first. `config.exs` is for fallback or default. `config.json` is for GNU-social-BE-Pleroma-FE instances. + +Usually all you have to do is: + +1. Copy the section in the `config/config.exs` which you want to activate. +1. Paste into `config/prod.secret.exs`. +1. Edit `config/prod.secret.exs`. +1. Restart the Pleroma daemon. + +`prod.secret.exs` is for the `MIX_ENV=prod` environment. `dev.secret.exs` is for the `MIX_ENV=dev` environment respectively. diff --git a/docs/configuration/config.md b/docs/configuration/config.md new file mode 100644 index 000000000..262d15bba --- /dev/null +++ b/docs/configuration/config.md @@ -0,0 +1,773 @@ +# Configuration + +This file describe the configuration, it is recommended to edit the relevant *.secret.exs file instead of the others founds in the ``config`` directory. +If you run Pleroma with ``MIX_ENV=prod`` the file is ``prod.secret.exs``, otherwise it is ``dev.secret.exs``. + +## Pleroma.Upload +* `uploader`: Select which `Pleroma.Uploaders` to use +* `filters`: List of `Pleroma.Upload.Filter` to use. +* `link_name`: When enabled Pleroma will add a `name` parameter to the url of the upload, for example `https://instance.tld/media/corndog.png?name=corndog.png`. This is needed to provide the correct filename in Content-Disposition headers when using filters like `Pleroma.Upload.Filter.Dedupe` +* `base_url`: The base URL to access a user-uploaded file. Useful when you want to proxy the media files via another host. +* `proxy_remote`: If you're using a remote uploader, Pleroma will proxy media requests instead of redirecting to it. +* `proxy_opts`: Proxy options, see `Pleroma.ReverseProxy` documentation. + +Note: `strip_exif` has been replaced by `Pleroma.Upload.Filter.Mogrify`. + +## Pleroma.Uploaders.Local +* `uploads`: Which directory to store the user-uploads in, relative to pleroma’s working directory + +## Pleroma.Uploaders.S3 +* `bucket`: S3 bucket name +* `bucket_namespace`: S3 bucket namespace +* `public_endpoint`: S3 endpoint that the user finally accesses(ex. "https://s3.dualstack.ap-northeast-1.amazonaws.com") +* `truncated_namespace`: If you use S3 compatible service such as Digital Ocean Spaces or CDN, set folder name or "" etc. +For example, when using CDN to S3 virtual host format, set "". +At this time, write CNAME to CDN in public_endpoint. +* `streaming_enabled`: Enable streaming uploads, when enabled the file will be sent to the server in chunks as it's being read. This may be unsupported by some providers, try disabling this if you have upload problems. + +## Pleroma.Upload.Filter.Mogrify + +* `args`: List of actions for the `mogrify` command like `"strip"` or `["strip", "auto-orient", {"implode", "1"}]`. + +## Pleroma.Upload.Filter.Dedupe + +No specific configuration. + +## Pleroma.Upload.Filter.AnonymizeFilename + +This filter replaces the filename (not the path) of an upload. For complete obfuscation, add +`Pleroma.Upload.Filter.Dedupe` before AnonymizeFilename. + +* `text`: Text to replace filenames in links. If empty, `{random}.extension` will be used. You can get the original filename extension by using `{extension}`, for example `custom-file-name.{extension}`. + +## Pleroma.Emails.Mailer +* `adapter`: one of the mail adapters listed in [Swoosh readme](https://github.com/swoosh/swoosh#adapters), or `Swoosh.Adapters.Local` for in-memory mailbox. +* `api_key` / `password` and / or other adapter-specific settings, per the above documentation. +* `enabled`: Allows enable/disable send emails. Default: `false`. + +An example for Sendgrid adapter: + +```elixir +config :pleroma, Pleroma.Emails.Mailer, + adapter: Swoosh.Adapters.Sendgrid, + api_key: "YOUR_API_KEY" +``` + +An example for SMTP adapter: + +```elixir +config :pleroma, Pleroma.Emails.Mailer, + adapter: Swoosh.Adapters.SMTP, + relay: "smtp.gmail.com", + username: "YOUR_USERNAME@gmail.com", + password: "YOUR_SMTP_PASSWORD", + port: 465, + ssl: true, + tls: :always, + auth: :always +``` + +## :uri_schemes +* `valid_schemes`: List of the scheme part that is considered valid to be an URL + +## :instance +* `name`: The instance’s name +* `email`: Email used to reach an Administrator/Moderator of the instance +* `notify_email`: Email used for notifications. +* `description`: The instance’s description, can be seen in nodeinfo and ``/api/v1/instance`` +* `limit`: Posts character limit (CW/Subject included in the counter) +* `remote_limit`: Hard character limit beyond which remote posts will be dropped. +* `upload_limit`: File size limit of uploads (except for avatar, background, banner) +* `avatar_upload_limit`: File size limit of user’s profile avatars +* `background_upload_limit`: File size limit of user’s profile backgrounds +* `banner_upload_limit`: File size limit of user’s profile banners +* `poll_limits`: A map with poll limits for **local** polls + * `max_options`: Maximum number of options + * `max_option_chars`: Maximum number of characters per option + * `min_expiration`: Minimum expiration time (in seconds) + * `max_expiration`: Maximum expiration time (in seconds) +* `registrations_open`: Enable registrations for anyone, invitations can be enabled when false. +* `invites_enabled`: Enable user invitations for admins (depends on `registrations_open: false`). +* `account_activation_required`: Require users to confirm their emails before signing in. +* `federating`: Enable federation with other instances +* `federation_incoming_replies_max_depth`: Max. depth of reply-to activities fetching on incoming federation, to prevent out-of-memory situations while fetching very long threads. If set to `nil`, threads of any depth will be fetched. Lower this value if you experience out-of-memory crashes. +* `federation_reachability_timeout_days`: Timeout (in days) of each external federation target being unreachable prior to pausing federating to it. +* `allow_relay`: Enable Pleroma’s Relay, which makes it possible to follow a whole instance +* `rewrite_policy`: Message Rewrite Policy, either one or a list. Here are the ones available by default: + * `Pleroma.Web.ActivityPub.MRF.NoOpPolicy`: Doesn’t modify activities (default) + * `Pleroma.Web.ActivityPub.MRF.DropPolicy`: Drops all activities. It generally doesn’t makes sense to use in production + * `Pleroma.Web.ActivityPub.MRF.SimplePolicy`: Restrict the visibility of activities from certains instances (See ``:mrf_simple`` section) + * `Pleroma.Web.ActivityPub.MRF.TagPolicy`: Applies policies to individual users based on tags, which can be set using pleroma-fe/admin-fe/any other app that supports Pleroma Admin API. For example it allows marking posts from individual users nsfw (sensitive) + * `Pleroma.Web.ActivityPub.MRF.SubchainPolicy`: Selectively runs other MRF policies when messages match (see ``:mrf_subchain`` section) + * `Pleroma.Web.ActivityPub.MRF.RejectNonPublic`: Drops posts with non-public visibility settings (See ``:mrf_rejectnonpublic`` section) + * `Pleroma.Web.ActivityPub.MRF.EnsureRePrepended`: Rewrites posts to ensure that replies to posts with subjects do not have an identical subject and instead begin with re:. + * `Pleroma.Web.ActivityPub.MRF.AntiLinkSpamPolicy`: Rejects posts from likely spambots by rejecting posts from new users that contain links. + * `Pleroma.Web.ActivityPub.MRF.MediaProxyWarmingPolicy`: Crawls attachments using their MediaProxy URLs so that the MediaProxy cache is primed. + * `Pleroma.Web.ActivityPub.MRF.MentionPolicy`: Drops posts mentioning configurable users. (see `:mrf_mention` section) + * `Pleroma.Web.ActivityPub.MRF.VocabularyPolicy`: Restricts activities to a configured set of vocabulary. (see `:mrf_vocabulary` section) +* `public`: Makes the client API in authentificated mode-only except for user-profiles. Useful for disabling the Local Timeline and The Whole Known Network. +* `quarantined_instances`: List of ActivityPub instances where private(DMs, followers-only) activities will not be send. +* `managed_config`: Whenether the config for pleroma-fe is configured in this config or in ``static/config.json`` +* `allowed_post_formats`: MIME-type list of formats allowed to be posted (transformed into HTML) +* `mrf_transparency`: Make the content of your Message Rewrite Facility settings public (via nodeinfo). +* `mrf_transparency_exclusions`: Exclude specific instance names from MRF transparency. The use of the exclusions feature will be disclosed in nodeinfo as a boolean value. +* `scope_copy`: Copy the scope (private/unlisted/public) in replies to posts by default. +* `subject_line_behavior`: Allows changing the default behaviour of subject lines in replies. Valid values: + * "email": Copy and preprend re:, as in email. + * "masto": Copy verbatim, as in Mastodon. + * "noop": Don't copy the subject. +* `always_show_subject_input`: When set to false, auto-hide the subject field when it's empty. +* `extended_nickname_format`: Set to `true` to use extended local nicknames format (allows underscores/dashes). This will break federation with + older software for theses nicknames. +* `max_pinned_statuses`: The maximum number of pinned statuses. `0` will disable the feature. +* `autofollowed_nicknames`: Set to nicknames of (local) users that every new user should automatically follow. +* `no_attachment_links`: Set to true to disable automatically adding attachment link text to statuses +* `welcome_message`: A message that will be send to a newly registered users as a direct message. +* `welcome_user_nickname`: The nickname of the local user that sends the welcome message. +* `max_report_comment_size`: The maximum size of the report comment (Default: `1000`) +* `safe_dm_mentions`: If set to true, only mentions at the beginning of a post will be used to address people in direct messages. This is to prevent accidental mentioning of people when talking about them (e.g. "@friend hey i really don't like @enemy"). Default: `false`. +* `healthcheck`: If set to true, system data will be shown on ``/api/pleroma/healthcheck``. +* `remote_post_retention_days`: The default amount of days to retain remote posts when pruning the database. +* `user_bio_length`: A user bio maximum length (default: `5000`) +* `user_name_length`: A user name maximum length (default: `100`) +* `skip_thread_containment`: Skip filter out broken threads. The default is `false`. +* `limit_to_local_content`: Limit unauthenticated users to search for local statutes and users only. Possible values: `:unauthenticated`, `:all` and `false`. The default is `:unauthenticated`. +* `dynamic_configuration`: Allow transferring configuration to DB with the subsequent customization from Admin api. +* `max_account_fields`: The maximum number of custom fields in the user profile (default: `10`) +* `max_remote_account_fields`: The maximum number of custom fields in the remote user profile (default: `20`) +* `account_field_name_length`: An account field name maximum length (default: `512`) +* `account_field_value_length`: An account field value maximum length (default: `2048`) +* `external_user_synchronization`: Enabling following/followers counters synchronization for external users. + + + +## :logger +* `backends`: `:console` is used to send logs to stdout, `{ExSyslogger, :ex_syslogger}` to log to syslog, and `Quack.Logger` to log to Slack + +An example to enable ONLY ExSyslogger (f/ex in ``prod.secret.exs``) with info and debug suppressed: +```elixir +config :logger, + backends: [{ExSyslogger, :ex_syslogger}] + +config :logger, :ex_syslogger, + level: :warn +``` + +Another example, keeping console output and adding the pid to syslog output: +```elixir +config :logger, + backends: [:console, {ExSyslogger, :ex_syslogger}] + +config :logger, :ex_syslogger, + level: :warn, + option: [:pid, :ndelay] +``` + +See: [logger’s documentation](https://hexdocs.pm/logger/Logger.html) and [ex_syslogger’s documentation](https://hexdocs.pm/ex_syslogger/) + +An example of logging info to local syslog, but warn to a Slack channel: +```elixir +config :logger, + backends: [ {ExSyslogger, :ex_syslogger}, Quack.Logger ], + level: :info + +config :logger, :ex_syslogger, + level: :info, + ident: "pleroma", + format: "$metadata[$level] $message" + +config :quack, + level: :warn, + meta: [:all], + webhook_url: "https://hooks.slack.com/services/YOUR-API-KEY-HERE" +``` + +See the [Quack Github](https://github.com/azohra/quack) for more details + +## :frontend_configurations + +This can be used to configure a keyword list that keeps the configuration data for any kind of frontend. By default, settings for `pleroma_fe` and `masto_fe` are configured. + +Frontends can access these settings at `/api/pleroma/frontend_configurations` + +To add your own configuration for PleromaFE, use it like this: + +```elixir +config :pleroma, :frontend_configurations, + pleroma_fe: %{ + theme: "pleroma-dark", + # ... see /priv/static/static/config.json for the available keys. +}, + masto_fe: %{ + showInstanceSpecificPanel: true + } +``` + +These settings **need to be complete**, they will override the defaults. + +NOTE: for versions < 1.0, you need to set [`:fe`](#fe) to false, as shown a few lines below. + +## :fe +__THIS IS DEPRECATED__ + +If you are using this method, please change it to the [`frontend_configurations`](#frontend_configurations) method. +Please **set this option to false** in your config like this: + +```elixir +config :pleroma, :fe, false +``` + +This section is used to configure Pleroma-FE, unless ``:managed_config`` in ``:instance`` is set to false. + +* `theme`: Which theme to use, they are defined in ``styles.json`` +* `logo`: URL of the logo, defaults to Pleroma’s logo +* `logo_mask`: Whether to use only the logo's shape as a mask (true) or as a regular image (false) +* `logo_margin`: What margin to use around the logo +* `background`: URL of the background, unless viewing a user profile with a background that is set +* `redirect_root_no_login`: relative URL which indicates where to redirect when a user isn’t logged in. +* `redirect_root_login`: relative URL which indicates where to redirect when a user is logged in. +* `show_instance_panel`: Whenether to show the instance’s specific panel. +* `scope_options_enabled`: Enable setting an notice visibility and subject/CW when posting +* `formatting_options_enabled`: Enable setting a formatting different than plain-text (ie. HTML, Markdown) when posting, relates to ``:instance, allowed_post_formats`` +* `collapse_message_with_subjects`: When a message has a subject(aka Content Warning), collapse it by default +* `hide_post_stats`: Hide notices statistics(repeats, favorites, …) +* `hide_user_stats`: Hide profile statistics(posts, posts per day, followers, followings, …) + +## :assets + +This section configures assets to be used with various frontends. Currently the only option +relates to mascots on the mastodon frontend + +* `mascots`: KeywordList of mascots, each element __MUST__ contain both a `url` and a + `mime_type` key. +* `default_mascot`: An element from `mascots` - This will be used as the default mascot + on MastoFE (default: `:pleroma_fox_tan`) + +## :mrf_simple +* `media_removal`: List of instances to remove medias from +* `media_nsfw`: List of instances to put medias as NSFW(sensitive) from +* `federated_timeline_removal`: List of instances to remove from Federated (aka The Whole Known Network) Timeline +* `reject`: List of instances to reject any activities from +* `accept`: List of instances to accept any activities from +* `report_removal`: List of instances to reject reports from +* `avatar_removal`: List of instances to strip avatars from +* `banner_removal`: List of instances to strip banners from + +## :mrf_subchain +This policy processes messages through an alternate pipeline when a given message matches certain criteria. +All criteria are configured as a map of regular expressions to lists of policy modules. + +* `match_actor`: Matches a series of regular expressions against the actor field. + +Example: + +``` +config :pleroma, :mrf_subchain, + match_actor: %{ + ~r/https:\/\/example.com/s => [Pleroma.Web.ActivityPub.MRF.DropPolicy] + } +``` + +## :mrf_rejectnonpublic +* `allow_followersonly`: whether to allow followers-only posts +* `allow_direct`: whether to allow direct messages + +## :mrf_hellthread +* `delist_threshold`: Number of mentioned users after which the message gets delisted (the message can still be seen, but it will not show up in public timelines and mentioned users won't get notifications about it). Set to 0 to disable. +* `reject_threshold`: Number of mentioned users after which the messaged gets rejected. Set to 0 to disable. + +## :mrf_keyword +* `reject`: A list of patterns which result in message being rejected, each pattern can be a string or a [regular expression](https://hexdocs.pm/elixir/Regex.html) +* `federated_timeline_removal`: A list of patterns which result in message being removed from federated timelines (a.k.a unlisted), each pattern can be a string or a [regular expression](https://hexdocs.pm/elixir/Regex.html) +* `replace`: A list of tuples containing `{pattern, replacement}`, `pattern` can be a string or a [regular expression](https://hexdocs.pm/elixir/Regex.html) + +## :mrf_mention +* `actors`: A list of actors, for which to drop any posts mentioning. + +## :mrf_vocabulary +* `accept`: A list of ActivityStreams terms to accept. If empty, all supported messages are accepted. +* `reject`: A list of ActivityStreams terms to reject. If empty, no messages are rejected. + +## :media_proxy +* `enabled`: Enables proxying of remote media to the instance’s proxy +* `base_url`: The base URL to access a user-uploaded file. Useful when you want to proxy the media files via another host/CDN fronts. +* `proxy_opts`: All options defined in `Pleroma.ReverseProxy` documentation, defaults to `[max_body_length: (25*1_048_576)]`. +* `whitelist`: List of domains to bypass the mediaproxy + +## :gopher +* `enabled`: Enables the gopher interface +* `ip`: IP address to bind to +* `port`: Port to bind to +* `dstport`: Port advertised in urls (optional, defaults to `port`) + +## Pleroma.Web.Endpoint +`Phoenix` endpoint configuration, all configuration options can be viewed [here](https://hexdocs.pm/phoenix/Phoenix.Endpoint.html#module-dynamic-configuration), only common options are listed here +* `http` - a list containing http protocol configuration, all configuration options can be viewed [here](https://hexdocs.pm/plug_cowboy/Plug.Cowboy.html#module-options), only common options are listed here. For deployment using docker, you need to set this to `[ip: {0,0,0,0}, port: 4000]` to make pleroma accessible from other containers (such as your nginx server). + - `ip` - a tuple consisting of 4 integers + - `port` +* `url` - a list containing the configuration for generating urls, accepts + - `host` - the host without the scheme and a post (e.g `example.com`, not `https://example.com:2020`) + - `scheme` - e.g `http`, `https` + - `port` + - `path` +* `extra_cookie_attrs` - a list of `Key=Value` strings to be added as non-standard cookie attributes. Defaults to `["SameSite=Lax"]`. See the [SameSite article](https://www.owasp.org/index.php/SameSite) on OWASP for more info. + + + +**Important note**: if you modify anything inside these lists, default `config.exs` values will be overwritten, which may result in breakage, to make sure this does not happen please copy the default value for the list from `config.exs` and modify/add only what you need + +Example: +```elixir +config :pleroma, Pleroma.Web.Endpoint, + url: [host: "example.com", port: 2020, scheme: "https"], + http: [ + # start copied from config.exs + dispatch: [ + {:_, + [ + {"/api/v1/streaming", Pleroma.Web.MastodonAPI.WebsocketHandler, []}, + {"/websocket", Phoenix.Endpoint.CowboyWebSocket, + {Phoenix.Transports.WebSocket, + {Pleroma.Web.Endpoint, Pleroma.Web.UserSocket, websocket_config}}}, + {:_, Phoenix.Endpoint.Cowboy2Handler, {Pleroma.Web.Endpoint, []}} + ]} + # end copied from config.exs + ], + port: 8080, + ip: {127, 0, 0, 1} + ] +``` + +This will make Pleroma listen on `127.0.0.1` port `8080` and generate urls starting with `https://example.com:2020` + +## :activitypub +* ``unfollow_blocked``: Whether blocks result in people getting unfollowed +* ``outgoing_blocks``: Whether to federate blocks to other instances +* ``deny_follow_blocked``: Whether to disallow following an account that has blocked the user in question +* ``sign_object_fetches``: Sign object fetches with HTTP signatures + +## :http_security +* ``enabled``: Whether the managed content security policy is enabled +* ``sts``: Whether to additionally send a `Strict-Transport-Security` header +* ``sts_max_age``: The maximum age for the `Strict-Transport-Security` header if sent +* ``ct_max_age``: The maximum age for the `Expect-CT` header if sent +* ``referrer_policy``: The referrer policy to use, either `"same-origin"` or `"no-referrer"` +* ``report_uri``: Adds the specified url to `report-uri` and `report-to` group in CSP header. + +## :mrf_user_allowlist + +The keys in this section are the domain names that the policy should apply to. +Each key should be assigned a list of users that should be allowed through by +their ActivityPub ID. + +An example: + +```elixir +config :pleroma, :mrf_user_allowlist, + "example.org": ["https://example.org/users/admin"] +``` + +## :web_push_encryption, :vapid_details + +Web Push Notifications configuration. You can use the mix task `mix web_push.gen.keypair` to generate it. + +* ``subject``: a mailto link for the administrative contact. It’s best if this email is not a personal email address, but rather a group email so that if a person leaves an organization, is unavailable for an extended period, or otherwise can’t respond, someone else on the list can. +* ``public_key``: VAPID public key +* ``private_key``: VAPID private key + +## Pleroma.Captcha +* `enabled`: Whether the captcha should be shown on registration +* `method`: The method/service to use for captcha +* `seconds_valid`: The time in seconds for which the captcha is valid + +### Pleroma.Captcha.Kocaptcha +Kocaptcha is a very simple captcha service with a single API endpoint, +the source code is here: https://github.com/koto-bank/kocaptcha. The default endpoint +`https://captcha.kotobank.ch` is hosted by the developer. + +* `endpoint`: the kocaptcha endpoint to use + +## :admin_token + +Allows to set a token that can be used to authenticate with the admin api without using an actual user by giving it as the 'admin_token' parameter. Example: + +```elixir +config :pleroma, :admin_token, "somerandomtoken" +``` + +You can then do + +```sh +curl "http://localhost:4000/api/pleroma/admin/invite_token?admin_token=somerandomtoken" +``` + +## Oban + +[Oban](https://github.com/sorentwo/oban) asynchronous job processor configuration. + +Configuration options described in [Oban readme](https://github.com/sorentwo/oban#usage): +* `repo` - app's Ecto repo (`Pleroma.Repo`) +* `verbose` - logs verbosity +* `prune` - non-retryable jobs [pruning settings](https://github.com/sorentwo/oban#pruning) (`:disabled` / `{:maxlen, value}` / `{:maxage, value}`) +* `queues` - job queues (see below) + +Pleroma has the following queues: + +* `activity_expiration` - Activity expiration +* `federator_outgoing` - Outgoing federation +* `federator_incoming` - Incoming federation +* `mailer` - Email sender, see [`Pleroma.Emails.Mailer`](#pleromaemailsmailer) +* `transmogrifier` - Transmogrifier +* `web_push` - Web push notifications +* `scheduled_activities` - Scheduled activities, see [`Pleroma.ScheduledActivity`](#pleromascheduledactivity) + +Example: + +```elixir +config :pleroma, Oban, + repo: Pleroma.Repo, + verbose: false, + prune: {:maxlen, 1500}, + queues: [ + federator_incoming: 50, + federator_outgoing: 50 + ] +``` + +This config contains two queues: `federator_incoming` and `federator_outgoing`. Both have the number of max concurrent jobs set to `50`. + +### Migrating `pleroma_job_queue` settings + +`config :pleroma_job_queue, :queues` is replaced by `config :pleroma, Oban, :queues` and uses the same format (keys are queues' names, values are max concurrent jobs numbers). + +### Note on running with PostgreSQL in silent mode + +If you are running PostgreSQL in [`silent_mode`](https://postgresqlco.nf/en/doc/param/silent_mode?version=9.1), it's advised to set [`log_destination`](https://postgresqlco.nf/en/doc/param/log_destination?version=9.1) to `syslog`, +otherwise `postmaster.log` file may grow because of "you don't own a lock of type ShareLock" warnings (see https://github.com/sorentwo/oban/issues/52). + +## :workers + +Includes custom worker options not interpretable directly by `Oban`. + +* `retries` — keyword lists where keys are `Oban` queues (see above) and values are numbers of max attempts for failed jobs. + +Example: + +```elixir +config :pleroma, :workers, + retries: [ + federator_incoming: 5, + federator_outgoing: 5 + ] +``` + +### Migrating `Pleroma.Web.Federator.RetryQueue` settings + +* `max_retries` is replaced with `config :pleroma, :workers, retries: [federator_outgoing: 5]` +* `enabled: false` corresponds to `config :pleroma, :workers, retries: [federator_outgoing: 1]` +* deprecated options: `max_jobs`, `initial_timeout` + +## Pleroma.Web.Metadata +* `providers`: a list of metadata providers to enable. Providers available: + * Pleroma.Web.Metadata.Providers.OpenGraph + * Pleroma.Web.Metadata.Providers.TwitterCard + * Pleroma.Web.Metadata.Providers.RelMe - add links from user bio with rel=me into the `
` as `` +* `unfurl_nsfw`: If set to `true` nsfw attachments will be shown in previews + +## :rich_media +* `enabled`: if enabled the instance will parse metadata from attached links to generate link previews +* `ignore_hosts`: list of hosts which will be ignored by the metadata parser. For example `["accounts.google.com", "xss.website"]`, defaults to `[]`. +* `ignore_tld`: list TLDs (top-level domains) which will ignore for parse metadata. default is ["local", "localdomain", "lan"] +* `parsers`: list of Rich Media parsers + +## :fetch_initial_posts +* `enabled`: if enabled, when a new user is federated with, fetch some of their latest posts +* `pages`: the amount of pages to fetch + +## :hackney_pools + +Advanced. Tweaks Hackney (http client) connections pools. + +There's three pools used: + +* `:federation` for the federation jobs. + You may want this pool max_connections to be at least equal to the number of federator jobs + retry queue jobs. +* `:media` for rich media, media proxy +* `:upload` for uploaded media (if using a remote uploader and `proxy_remote: true`) + +For each pool, the options are: + +* `max_connections` - how much connections a pool can hold +* `timeout` - retention duration for connections + +## :auto_linker + +Configuration for the `auto_linker` library: + +* `class: "auto-linker"` - specify the class to be added to the generated link. false to clear +* `rel: "noopener noreferrer"` - override the rel attribute. false to clear +* `new_window: true` - set to false to remove `target='_blank'` attribute +* `scheme: false` - Set to true to link urls with schema `http://google.com` +* `truncate: false` - Set to a number to truncate urls longer then the number. Truncated urls will end in `..` +* `strip_prefix: true` - Strip the scheme prefix +* `extra: false` - link urls with rarely used schemes (magnet, ipfs, irc, etc.) + +Example: + +```elixir +config :auto_linker, + opts: [ + scheme: true, + extra: true, + class: false, + strip_prefix: false, + new_window: false, + rel: "ugc" + ] +``` + +## Pleroma.Scheduler + +Configuration for [Quantum](https://github.com/quantum-elixir/quantum-core) jobs scheduler. + +See [Quantum readme](https://github.com/quantum-elixir/quantum-core#usage) for the list of supported options. + +Example: + +```elixir +config :pleroma, Pleroma.Scheduler, + global: true, + overlap: true, + timezone: :utc, + jobs: [{"0 */6 * * * *", {Pleroma.Web.Websub, :refresh_subscriptions, []}}] +``` + +The above example defines a single job which invokes `Pleroma.Web.Websub.refresh_subscriptions()` every 6 hours ("0 */6 * * * *", [crontab format](https://en.wikipedia.org/wiki/Cron)). + +## Pleroma.ScheduledActivity + +* `daily_user_limit`: the number of scheduled activities a user is allowed to create in a single day (Default: `25`) +* `total_user_limit`: the number of scheduled activities a user is allowed to create in total (Default: `300`) +* `enabled`: whether scheduled activities are sent to the job queue to be executed + +## Pleroma.ActivityExpiration + +# `enabled`: whether expired activities will be sent to the job queue to be deleted + +## Pleroma.Web.Auth.Authenticator + +* `Pleroma.Web.Auth.PleromaAuthenticator`: default database authenticator +* `Pleroma.Web.Auth.LDAPAuthenticator`: LDAP authentication + +## :ldap + +Use LDAP for user authentication. When a user logs in to the Pleroma +instance, the name and password will be verified by trying to authenticate +(bind) to an LDAP server. If a user exists in the LDAP directory but there +is no account with the same name yet on the Pleroma instance then a new +Pleroma account will be created with the same name as the LDAP user name. + +* `enabled`: enables LDAP authentication +* `host`: LDAP server hostname +* `port`: LDAP port, e.g. 389 or 636 +* `ssl`: true to use SSL, usually implies the port 636 +* `sslopts`: additional SSL options +* `tls`: true to start TLS, usually implies the port 389 +* `tlsopts`: additional TLS options +* `base`: LDAP base, e.g. "dc=example,dc=com" +* `uid`: LDAP attribute name to authenticate the user, e.g. when "cn", the filter will be "cn=username,base" + +## BBS / SSH access + +To enable simple command line interface accessible over ssh, add a setting like this to your configuration file: + +```exs +app_dir = File.cwd! +priv_dir = Path.join([app_dir, "priv/ssh_keys"]) + +config :esshd, + enabled: true, + priv_dir: priv_dir, + handler: "Pleroma.BBS.Handler", + port: 10_022, + password_authenticator: "Pleroma.BBS.Authenticator" +``` + +Feel free to adjust the priv_dir and port number. Then you will have to create the key for the keys (in the example `priv/ssh_keys`) and create the host keys with `ssh-keygen -m PEM -N "" -b 2048 -t rsa -f ssh_host_rsa_key`. After restarting, you should be able to connect to your Pleroma instance with `ssh username@server -p $PORT` + +## :auth + +* `Pleroma.Web.Auth.PleromaAuthenticator`: default database authenticator +* `Pleroma.Web.Auth.LDAPAuthenticator`: LDAP authentication + +Authentication / authorization settings. + +* `auth_template`: authentication form template. By default it's `show.html` which corresponds to `lib/pleroma/web/templates/o_auth/o_auth/show.html.eex`. +* `oauth_consumer_template`: OAuth consumer mode authentication form template. By default it's `consumer.html` which corresponds to `lib/pleroma/web/templates/o_auth/o_auth/consumer.html.eex`. +* `oauth_consumer_strategies`: the list of enabled OAuth consumer strategies; by default it's set by `OAUTH_CONSUMER_STRATEGIES` environment variable. Each entry in this space-delimited string should be of format `` or `:` (e.g. `twitter` or `keycloak:ueberauth_keycloak_strategy` in case dependency is named differently than `ueberauth_`). + +## :email_notifications + +Email notifications settings. + + - digest - emails of "what you've missed" for users who have been + inactive for a while. + - active: globally enable or disable digest emails + - schedule: When to send digest email, in [crontab format](https://en.wikipedia.org/wiki/Cron). + "0 0 * * 0" is the default, meaning "once a week at midnight on Sunday morning" + - interval: Minimum interval between digest emails to one user + - inactivity_threshold: Minimum user inactivity threshold + +## Pleroma.Emails.UserEmail + +- `:logo` - a path to a custom logo. Set it to `nil` to use the default Pleroma logo. +- `:styling` - a map with color settings for email templates. + +## OAuth consumer mode + +OAuth consumer mode allows sign in / sign up via external OAuth providers (e.g. Twitter, Facebook, Google, Microsoft, etc.). +Implementation is based on Ueberauth; see the list of [available strategies](https://github.com/ueberauth/ueberauth/wiki/List-of-Strategies). + +Note: each strategy is shipped as a separate dependency; in order to get the strategies, run `OAUTH_CONSUMER_STRATEGIES="..." mix deps.get`, +e.g. `OAUTH_CONSUMER_STRATEGIES="twitter facebook google microsoft" mix deps.get`. +The server should also be started with `OAUTH_CONSUMER_STRATEGIES="..." mix phx.server` in case you enable any strategies. + +Note: each strategy requires separate setup (on external provider side and Pleroma side). Below are the guidelines on setting up most popular strategies. + +Note: make sure that `"SameSite=Lax"` is set in `extra_cookie_attrs` when you have this feature enabled. OAuth consumer mode will not work with `"SameSite=Strict"` + +* For Twitter, [register an app](https://developer.twitter.com/en/apps), configure callback URL to https:///oauth/twitter/callback + +* For Facebook, [register an app](https://developers.facebook.com/apps), configure callback URL to https:///oauth/facebook/callback, enable Facebook Login service at https://developers.facebook.com/apps//fb-login/settings/ + +* For Google, [register an app](https://console.developers.google.com), configure callback URL to https:///oauth/google/callback + +* For Microsoft, [register an app](https://portal.azure.com), configure callback URL to https:///oauth/microsoft/callback + +Once the app is configured on external OAuth provider side, add app's credentials and strategy-specific settings (if any — e.g. see Microsoft below) to `config/prod.secret.exs`, +per strategy's documentation (e.g. [ueberauth_twitter](https://github.com/ueberauth/ueberauth_twitter)). Example config basing on environment variables: + +```elixir +# Twitter +config :ueberauth, Ueberauth.Strategy.Twitter.OAuth, + consumer_key: System.get_env("TWITTER_CONSUMER_KEY"), + consumer_secret: System.get_env("TWITTER_CONSUMER_SECRET") + +# Facebook +config :ueberauth, Ueberauth.Strategy.Facebook.OAuth, + client_id: System.get_env("FACEBOOK_APP_ID"), + client_secret: System.get_env("FACEBOOK_APP_SECRET"), + redirect_uri: System.get_env("FACEBOOK_REDIRECT_URI") + +# Google +config :ueberauth, Ueberauth.Strategy.Google.OAuth, + client_id: System.get_env("GOOGLE_CLIENT_ID"), + client_secret: System.get_env("GOOGLE_CLIENT_SECRET"), + redirect_uri: System.get_env("GOOGLE_REDIRECT_URI") + +# Microsoft +config :ueberauth, Ueberauth.Strategy.Microsoft.OAuth, + client_id: System.get_env("MICROSOFT_CLIENT_ID"), + client_secret: System.get_env("MICROSOFT_CLIENT_SECRET") + +config :ueberauth, Ueberauth, + providers: [ + microsoft: {Ueberauth.Strategy.Microsoft, [callback_params: []]} + ] + +# Keycloak +# Note: make sure to add `keycloak:ueberauth_keycloak_strategy` entry to `OAUTH_CONSUMER_STRATEGIES` environment variable +keycloak_url = "https://publicly-reachable-keycloak-instance.org:8080" + +config :ueberauth, Ueberauth.Strategy.Keycloak.OAuth, + client_id: System.get_env("KEYCLOAK_CLIENT_ID"), + client_secret: System.get_env("KEYCLOAK_CLIENT_SECRET"), + site: keycloak_url, + authorize_url: "#{keycloak_url}/auth/realms/master/protocol/openid-connect/auth", + token_url: "#{keycloak_url}/auth/realms/master/protocol/openid-connect/token", + userinfo_url: "#{keycloak_url}/auth/realms/master/protocol/openid-connect/userinfo", + token_method: :post + +config :ueberauth, Ueberauth, + providers: [ + keycloak: {Ueberauth.Strategy.Keycloak, [uid_field: :email]} + ] +``` + +## OAuth 2.0 provider - :oauth2 + +Configure OAuth 2 provider capabilities: + +* `token_expires_in` - The lifetime in seconds of the access token. +* `issue_new_refresh_token` - Keeps old refresh token or generate new refresh token when to obtain an access token. +* `clean_expired_tokens` - Enable a background job to clean expired oauth tokens. Defaults to `false`. +* `clean_expired_tokens_interval` - Interval to run the job to clean expired tokens. Defaults to `86_400_000` (24 hours). + +## :emoji +* `shortcode_globs`: Location of custom emoji files. `*` can be used as a wildcard. Example `["/emoji/custom/**/*.png"]` +* `pack_extensions`: A list of file extensions for emojis, when no emoji.txt for a pack is present. Example `[".png", ".gif"]` +* `groups`: Emojis are ordered in groups (tags). This is an array of key-value pairs where the key is the groupname and the value the location or array of locations. `*` can be used as a wildcard. Example `[Custom: ["/emoji/*.png", "/emoji/custom/*.png"]]` +* `default_manifest`: Location of the JSON-manifest. This manifest contains information about the emoji-packs you can download. Currently only one manifest can be added (no arrays). +* `shared_pack_cache_seconds_per_file`: When an emoji pack is shared, the archive is created and cached in + memory for this amount of seconds multiplied by the number of files. + +## Database options + +### RUM indexing for full text search +* `rum_enabled`: If RUM indexes should be used. Defaults to `false`. + +RUM indexes are an alternative indexing scheme that is not included in PostgreSQL by default. While they may eventually be mainlined, for now they have to be installed as a PostgreSQL extension from https://github.com/postgrespro/rum. + +Their advantage over the standard GIN indexes is that they allow efficient ordering of search results by timestamp, which makes search queries a lot faster on larger servers, by one or two orders of magnitude. They take up around 3 times as much space as GIN indexes. + +To enable them, both the `rum_enabled` flag has to be set and the following special migration has to be run: + +`mix ecto.migrate --migrations-path priv/repo/optional_migrations/rum_indexing/` + +This will probably take a long time. + +## :rate_limit + +This is an advanced feature and disabled by default. + +If your instance is behind a reverse proxy you must enable and configure [`Pleroma.Plugs.RemoteIp`](#pleroma-plugs-remoteip). + +A keyword list of rate limiters where a key is a limiter name and value is the limiter configuration. The basic configuration is a tuple where: + +* The first element: `scale` (Integer). The time scale in milliseconds. +* The second element: `limit` (Integer). How many requests to limit in the time scale provided. + +It is also possible to have different limits for unauthenticated and authenticated users: the keyword value must be a list of two tuples where the first one is a config for unauthenticated users and the second one is for authenticated. + +See [`Pleroma.Plugs.RateLimiter`](Pleroma.Plugs.RateLimiter.html) documentation for examples. + +Supported rate limiters: + +* `:search` for the search requests (account & status search etc.) +* `:app_account_creation` for registering user accounts from the same IP address +* `:relations_actions` for actions on relations with all users (follow, unfollow) +* `:relation_id_action` for actions on relation with a specific user (follow, unfollow) +* `:statuses_actions` for create / delete / fav / unfav / reblog / unreblog actions on any statuses +* `:status_id_action` for fav / unfav or reblog / unreblog actions on the same status by the same user + +## :web_cache_ttl + +The expiration time for the web responses cache. Values should be in milliseconds or `nil` to disable expiration. + +Available caches: + +* `:activity_pub` - activity pub routes (except question activities). Defaults to `nil` (no expiration). +* `:activity_pub_question` - activity pub routes (question activities). Defaults to `30_000` (30 seconds). + +## Pleroma.Plugs.RemoteIp + +**If your instance is not behind at least one reverse proxy, you should not enable this plug.** + +`Pleroma.Plugs.RemoteIp` is a shim to call [`RemoteIp`](https://git.pleroma.social/pleroma/remote_ip) but with runtime configuration. + +Available options: + +* `enabled` - Enable/disable the plug. Defaults to `false`. +* `headers` - A list of strings naming the `req_headers` to use when deriving the `remote_ip`. Order does not matter. Defaults to `~w[forwarded x-forwarded-for x-client-ip x-real-ip]`. +* `proxies` - A list of strings in [CIDR](https://en.wikipedia.org/wiki/CIDR) notation specifying the IPs of known proxies. Defaults to `[]`. +* `reserved` - Defaults to [localhost](https://en.wikipedia.org/wiki/Localhost) and [private network](https://en.wikipedia.org/wiki/Private_network). diff --git a/docs/configuration/custom_emoji.md b/docs/configuration/custom_emoji.md new file mode 100644 index 000000000..f72c0edbc --- /dev/null +++ b/docs/configuration/custom_emoji.md @@ -0,0 +1,68 @@ +# Custom Emoji + +Before you add your own custom emoji, check if they are available in an existing pack. +See `Mix.Tasks.Pleroma.Emoji` for information about emoji packs. + +To add custom emoji: +* Create the `STATIC-DIR/emoji/` directory if it doesn't exist + (`STATIC-DIR` is configurable, `instance/static/` by default) +* Create a directory with whatever name you want (custom is a good name to show the purpose of it). + This will create a local emoji pack. +* Put your `.png` emoji files in that directory. In case of conflicts, you can create an `emoji.txt` + file in that directory and specify a custom shortcode using the following format: + `shortcode, file-path, tag1, tag2, etc`. One emoji per line. Note that if you do so, + you'll have to list all other emojis in the pack too. +* Either restart pleroma or connect to the iex session pleroma's running and + run `Pleroma.Emoji.reload/0` in it. + +Example: + +image files (in `instance/static/emoji/custom`): `happy.png` and `sad.png` + +content of `emoji.txt`: +``` +happy, /emoji/custom/happy.png, Tag1,Tag2 +sad, /emoji/custom/sad.png, Tag1 +foo, /emoji/custom/foo.png +``` + +The files should be PNG (APNG is okay with `.png` for `image/png` Content-type) and under 50kb for compatibility with mastodon. + +Default file extentions and locations for emojis are set in `config.exs`. To use different locations or file-extentions, add the `shortcode_globs` to your secrets file (`prod.secret.exs` or `dev.secret.exs`) and edit it. Note that not all fediverse-software will show emojis with other file extentions: +```elixir +config :pleroma, :emoji, shortcode_globs: ["/emoji/custom/**/*.png", "/emoji/custom/**/*.gif"] +``` + +## Emoji tags (groups) + +Default tags are set in `config.exs`. To set your own tags, copy the structure to your secrets file (`prod.secret.exs` or `dev.secret.exs`) and edit it. +```elixir +config :pleroma, :emoji, + shortcode_globs: ["/emoji/custom/**/*.png"], + groups: [ + Finmoji: "/finmoji/128px/*-128.png", + Custom: ["/emoji/*.png", "/emoji/custom/*.png"] + ] +``` + +Order of the `groups` matters, so to override default tags just put your group on top of the list. E.g: +```elixir +config :pleroma, :emoji, + shortcode_globs: ["/emoji/custom/**/*.png"], + groups: [ + "Finmoji special": "/finmoji/128px/a_trusted_friend-128.png", # special file + "Cirno": "/emoji/custom/cirno*.png", # png files in /emoji/custom/ which start with `cirno` + "Special group": "/emoji/custom/special_folder/*.png", # png files in /emoji/custom/special_folder/ + "Another group": "/emoji/custom/special_folder/*/.png", # png files in /emoji/custom/special_folder/ subfolders + Finmoji: "/finmoji/128px/*-128.png", + Custom: ["/emoji/*.png", "/emoji/custom/*.png"] + ] +``` + +Priority of tags assigns in emoji.txt and custom.txt: + +`tag in file > special group setting in config.exs > default setting in config.exs` + +Priority for globs: + +`special group setting in config.exs > default setting in config.exs` diff --git a/docs/configuration/hardening.md b/docs/configuration/hardening.md new file mode 100644 index 000000000..b54c28850 --- /dev/null +++ b/docs/configuration/hardening.md @@ -0,0 +1,103 @@ +# Hardening your instance +Here are some suggestions which improve the security of parts of your Pleroma instance. + +## Configuration file + +These changes should go into `prod.secret.exs` or `dev.secret.exs`, depending on your `MIX_ENV` value. + +### `http` + +> Recommended value: `[ip: {127, 0, 0, 1}]` + +This sets the Pleroma application server to only listen to the localhost interface. This way, you can only reach your server over the Internet by going through the reverse proxy. By default, Pleroma listens on all interfaces. + +### `secure_cookie_flag` + +> Recommended value: `true` + +This sets the `secure` flag on Pleroma’s session cookie. This makes sure, that the cookie is only accepted over encrypted HTTPs connections. This implicitly renames the cookie from `pleroma_key` to `__Host-pleroma-key` which enforces some restrictions. (see [cookie prefixes](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie#Cookie_prefixes)) + +### `:http_security` + +> Recommended value: `true` + +This will send additional HTTP security headers to the clients, including: + +* `X-XSS-Protection: "1; mode=block"` +* `X-Permitted-Cross-Domain-Policies: "none"` +* `X-Frame-Options: "DENY"` +* `X-Content-Type-Options: "nosniff"` +* `X-Download-Options: "noopen"` + +A content security policy (CSP) will also be set: + +```csp +content-security-policy: + default-src 'none'; + base-uri 'self'; + frame-ancestors 'none'; + img-src 'self' data: https:; + media-src 'self' https:; + style-src 'self' 'unsafe-inline'; + font-src 'self'; + script-src 'self'; + connect-src 'self' wss://example.tld; + manifest-src 'self'; + upgrade-insecure-requests; +``` + +#### `sts` + +> Recommended value: `true` + +An additional “Strict transport security” header will be sent with the configured `sts_max_age` parameter. This tells the browser, that the domain should only be accessed over a secure HTTPs connection. + +#### `ct_max_age` + +An additional “Expect-CT” header will be sent with the configured `ct_max_age` parameter. This enforces the use of TLS certificates that are published in the certificate transparency log. (see [Expect-CT](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Expect-CT)) + +#### `referrer_policy` + +> Recommended value: `same-origin` + +If you click on a link, your browser’s request to the other site will include from where it is coming from. The “Referrer policy” header tells the browser how and if it should send this information. (see [Referrer policy](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy)) + +## systemd + +A systemd unit example is provided at `installation/pleroma.service`. + +### PrivateTmp + +> Recommended value: `true` + +Use private `/tmp` and `/var/tmp` folders inside a new file system namespace, which are discarded after the process stops. + +### ProtectHome + +> Recommended value: `true` + +The `/home`, `/root`, and `/run/user` folders can not be accessed by this service anymore. If your Pleroma user has its home folder in one of the restricted places, or use one of these folders as its working directory, you have to set this to `false`. + +### ProtectSystem + +> Recommended value: `full` + +Mount `/usr`, `/boot`, and `/etc` as read-only for processes invoked by this service. + +### PrivateDevices + +> Recommended value: `true` + +Sets up a new `/dev` mount for the process and only adds API pseudo devices like `/dev/null`, `/dev/zero` or `/dev/random` but not physical devices. This may not work on devices like the Raspberry Pi, where you need to set this to `false`. + +### NoNewPrivileges + +> Recommended value: `true` + +Ensures that the service process and all its children can never gain new privileges through `execve()`. + +### CapabilityBoundingSet + +> Recommended value: `~CAP_SYS_ADMIN` + +Drops the sysadmin capability from the daemon. diff --git a/docs/configuration/howto_mediaproxy.md b/docs/configuration/howto_mediaproxy.md new file mode 100644 index 000000000..16c40c5db --- /dev/null +++ b/docs/configuration/howto_mediaproxy.md @@ -0,0 +1,34 @@ +# How to activate mediaproxy +## Explanation + +Without the `mediaproxy` function, Pleroma doesn't store any remote content like pictures, video etc. locally. So every time you open Pleroma, the content is loaded from the source server, from where the post is coming. This can result in slowly loading content or/and increased bandwidth usage on the source server. +With the `mediaproxy` function you can use nginx to cache this content, so users can access it faster, because it's loaded from your server. + +## Activate it + +* Edit your nginx config and add the following location: +``` +location /proxy { + proxy_cache pleroma_media_cache; + proxy_cache_lock on; + proxy_pass http://localhost:4000; +} +``` +Also add the following on top of the configuration, outside of the `server` block: +``` +proxy_cache_path /tmp/pleroma-media-cache levels=1:2 keys_zone=pleroma_media_cache:10m max_size=10g inactive=720m use_temp_path=off; +``` +If you came here from one of the installation guides, take a look at the example configuration `/installation/pleroma.nginx`, where this part is already included. + +* Append the following to your `prod.secret.exs` or `dev.secret.exs` (depends on which mode your instance is running): +``` +config :pleroma, :media_proxy, + enabled: true, + proxy_opts: [ + redirect_on_failure: true + ] + #base_url: "https://cache.pleroma.social" +``` +If you want to use a subdomain to serve the files, uncomment `base_url`, change the url and add a comma after `true` in the previous line. + +* Restart nginx and Pleroma diff --git a/docs/configuration/howto_mongooseim.md b/docs/configuration/howto_mongooseim.md new file mode 100644 index 000000000..a33e590a1 --- /dev/null +++ b/docs/configuration/howto_mongooseim.md @@ -0,0 +1,10 @@ +# Configuring MongooseIM (XMPP Server) to use Pleroma for authentication + +If you want to give your Pleroma users an XMPP (chat) account, you can configure [MongooseIM](https://github.com/esl/MongooseIM) to use your Pleroma server for user authentication, automatically giving every local user an XMPP account. + +In general, you just have to follow the configuration described at [https://mongooseim.readthedocs.io/en/latest/authentication-backends/HTTP-authentication-module/](https://mongooseim.readthedocs.io/en/latest/authentication-backends/HTTP-authentication-module/) and do these changes to your mongooseim.cfg. + +1. Set the auth_method to `{auth_method, http}`. +2. Add the http auth pool like this: `{http, global, auth, [{workers, 50}], [{server, "https://yourpleromainstance.com"}]}` + +Restart your MongooseIM server, your users should now be able to connect with their Pleroma credentials. diff --git a/docs/configuration/howto_proxy.md b/docs/configuration/howto_proxy.md new file mode 100644 index 000000000..10a635266 --- /dev/null +++ b/docs/configuration/howto_proxy.md @@ -0,0 +1,12 @@ +# How to configure upstream proxy for federation +If you want to proxify all http requests (e.g. for TOR) that pleroma makes to an upstream proxy server, edit you config file (`dev.secret.exs` or `prod.secret.exs`) and add the following: + +``` +config :pleroma, :http, + proxy_url: "127.0.0.1:8123" +``` + +The other way to do it, for example, with Tor you would most likely add something like this: +``` +config :pleroma, :http, proxy_url: {:socks5, :localhost, 9050} +``` diff --git a/docs/configuration/howto_set_richmedia_cache_ttl_based_on_image.md b/docs/configuration/howto_set_richmedia_cache_ttl_based_on_image.md new file mode 100644 index 000000000..bfee5a9e6 --- /dev/null +++ b/docs/configuration/howto_set_richmedia_cache_ttl_based_on_image.md @@ -0,0 +1,33 @@ +# How to set rich media cache ttl based on image ttl +## Explanation + +Richmedia are cached without the ttl but the rich media may have image which can expire, like aws signed url. +In such cases the old image url (expired) is returned from the media cache. + +So to avoid such situation we can define a module that will set ttl based on image. +The module must adopt behaviour `Pleroma.Web.RichMedia.Parser.TTL` + +### Example + +```exs +defmodule MyModule do + @behaviour Pleroma.Web.RichMedia.Parser.TTL + + @impl Pleroma.Web.RichMedia.Parser.TTL + def ttl(data, url) do + image_url = Map.get(data, :image) + # do some parsing in the url and get the ttl of the image + # return ttl is unix time + parse_ttl_from_url(image_url) + end +end +``` + +And update the config + +```exs +config :pleroma, :rich_media, + ttl_setters: [Pleroma.Web.RichMedia.Parser.TTL.AwsSignedUrl, MyModule] +``` + +> For reference there is a parser for AWS signed URL `Pleroma.Web.RichMedia.Parser.TTL.AwsSignedUrl`, it's enabled by default. diff --git a/docs/configuration/howto_user_recomendation.md b/docs/configuration/howto_user_recomendation.md new file mode 100644 index 000000000..c4d749d0c --- /dev/null +++ b/docs/configuration/howto_user_recomendation.md @@ -0,0 +1,31 @@ +# How to activate user recommendation (Who to follow panel) +![who-to-follow-panel-small](/uploads/9de1b1300436c32461d272945f1bc23e/who-to-follow-panel-small.png) + +To show the *who to follow* panel, edit `config/prod.secret.exs` in the Pleroma backend. Following code activates the *who to follow* panel: + +```elixir +config :pleroma, :suggestions, + enabled: true, + third_party_engine: + "http://vinayaka.distsn.org/cgi-bin/vinayaka-user-match-suggestions-api.cgi?{{host}}+{{user}}", + timeout: 300_000, + limit: 40, + web: "https://vinayaka.distsn.org" + +``` + +`config/config.exs` already includes this code, but `enabled:` is `false`. + +`/api/v1/suggestions` is also provided when *who to follow* panel is enabled. + +For advanced customization, following code shows the newcomers of the fediverse at the *who to follow* panel: + +```elixir +config :pleroma, :suggestions, + enabled: true, + third_party_engine: + "http://vinayaka.distsn.org/cgi-bin/vinayaka-user-new-suggestions-api.cgi?{{host}}+{{user}}", + timeout: 60_000, + limit: 40, + web: "https://vinayaka.distsn.org/user-new.html" +``` diff --git a/docs/configuration/i2p.md b/docs/configuration/i2p.md new file mode 100644 index 000000000..62ced8b7a --- /dev/null +++ b/docs/configuration/i2p.md @@ -0,0 +1,196 @@ +# I2P Federation and Accessability + +This guide is going to focus on the Pleroma federation aspect. The actual installation is neatly explained in the official documentation, and more likely to remain up-to-date. +It might be added to this guide if there will be a need for that. + +We're going to use I2PD for its lightweightness over the official client. +Follow the documentation according to your distro: https://i2pd.readthedocs.io/en/latest/user-guide/install/#installing + +How to run it: https://i2pd.readthedocs.io/en/latest/user-guide/run/ + +## I2P Federation + +There are 2 ways to go about this. +One using the config, and one using external software (fedproxy). The external software works better so far. + +### Using the Config + +**Warning:** So far, everytime I followed this way of federating using I2P, the rest of my federation stopped working. I'm leaving this here in case it will help with making it work. + +Assuming you're running in prod, cd to your Pleroma folder and append the following to `config/prod.secret.exs`: +``` +config :pleroma, :http, proxy_url: {:socks5, :localhost, 4447} +``` +And then run the following: +``` +su pleroma +MIX_ENV=prod mix deps.get +MIX_ENV=prod mix ecto.migrate +exit +``` +You can restart I2PD here and finish if you don't wish to make your instance viewable or accessible over I2P. +``` +systemctl stop i2pd.service --no-block +systemctl start i2pd.service +``` +*Notice:* The stop command initiates a graceful shutdown process, i2pd stops after finishing to route transit tunnels (maximum 10 minutes). + +You can change the socks proxy port in `/etc/i2pd/i2pd.conf`. + +### Using Fedproxy + +Fedproxy passes through clearnet requests direct to where they are going. It doesn't force anything over Tor. + +To use [fedproxy](https://github.com/majestrate/fedproxy) you'll need to install Golang. +``` +apt install golang +``` +Use a different user than pleroma or root. Run the following to add the Gopath to your ~/.bashrc. +``` +echo "export GOPATH=/home/ren/.go" >> ~/.bashrc +``` +Restart that bash session (you can exit and log back in). +Run the following to get fedproxy. +``` +go get -u github.com/majestrate/fedproxy$ +cp $(GOPATH)/bin/fedproxy /usr/local/bin/fedproxy +``` +And then the following to start it for I2P only. +``` +fedproxy 127.0.0.1:2000 127.0.0.1:4447 +``` +If you want to also use it for Tor, add `127.0.0.1:9050` to that command. +You'll also need to modify your Pleroma config. + +Assuming you're running in prod, cd to your Pleroma folder and append the following to `config/prod.secret.exs`: +``` +config :pleroma, :http, proxy_url: {:socks5, :localhost, 2000} +``` +And then run the following: +``` +su pleroma +MIX_ENV=prod mix deps.get +MIX_ENV=prod mix ecto.migrate +exit +``` +You can restart I2PD here and finish if you don't wish to make your instance viewable or accessible over I2P. + +``` +systemctl stop i2pd.service --no-block +systemctl start i2pd.service +``` +*Notice:* The stop command initiates a graceful shutdown process, i2pd stops after finishing to route transit tunnels (maximum 10 minutes). + +You can change the socks proxy port in `/etc/i2pd/i2pd.conf`. + +## I2P Instance Access + +Make your instance accessible using I2P. + +Add the following to your I2PD config `/etc/i2pd/tunnels.conf`: +``` +[pleroma] +type = http +host = 127.0.0.1 +port = 14447 +keys = pleroma.dat +``` +Restart I2PD: +``` +systemctl stop i2pd.service --no-block +systemctl start i2pd.service +``` +*Notice:* The stop command initiates a graceful shutdown process, i2pd stops after finishing to route transit tunnels (maximum 10 minutes). + +Now you'll have to find your address. +To do that you can download and use I2PD tools.[^1] +Or you'll need to access your web-console on localhost:7070. +If you don't have a GUI, you'll have to SSH tunnel into it like this: +`ssh -L 7070:127.0.0.1:7070 user@ip -p port`. +Now you can access it at localhost:7070. +Go to I2P tunnels page. Look for Server tunnels and you will see an address that ends with `.b32.i2p` next to "pleroma". +This is your site's address. + +### I2P-only Instance + +If creating an I2P-only instance, open `config/prod.secret.exs` and under "config :pleroma, Pleroma.Web.Endpoint," edit "https" and "port: 443" to the following: +``` + url: [host: "i2paddress", scheme: "http", port: 80], +``` +In addition to that, replace the existing nginx config's contents with the example below. + +### Existing Instance (Clearnet Instance) + +If not an I2P-only instance, add the nginx config below to your existing config at `/etc/nginx/sites-enabled/pleroma.nginx`. + +And for both cases, disable CSP in Pleroma's config (STS is disabled by default) so you can define those yourself seperately from the clearnet (if your instance is also on the clearnet). +Copy the following into the `config/prod.secret.exs` in your Pleroma folder (/home/pleroma/pleroma/): +``` +config :pleroma, :http_security, + enabled: false +``` + +Use this as the Nginx config: +``` +proxy_cache_path /tmp/pleroma-media-cache levels=1:2 keys_zone=pleroma_media_cache:10m max_size=10g inactive=720m use_temp_path=off; +# The above already exists in a clearnet instance's config. +# If not, add it. + +server { + listen 127.0.0.1:14447; + server_name youri2paddress; + + # Comment to enable logs + access_log /dev/null; + error_log /dev/null; + + gzip_vary on; + gzip_proxied any; + gzip_comp_level 6; + gzip_buffers 16 8k; + gzip_http_version 1.1; + gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript application/activity+json application/atom+xml; + + client_max_body_size 16m; + + location / { + + add_header X-XSS-Protection "1; mode=block"; + add_header X-Permitted-Cross-Domain-Policies none; + add_header X-Frame-Options DENY; + add_header X-Content-Type-Options nosniff; + add_header Referrer-Policy same-origin; + add_header X-Download-Options noopen; + + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header Host $http_host; + + proxy_pass http://localhost:4000; + + client_max_body_size 16m; + } + + location /proxy { + proxy_cache pleroma_media_cache; + proxy_cache_lock on; + proxy_ignore_client_abort on; + proxy_pass http://localhost:4000; + } +} +``` +reload Nginx: +``` +systemctl stop i2pd.service --no-block +systemctl start i2pd.service +``` +*Notice:* The stop command initiates a graceful shutdown process, i2pd stops after finishing to route transit tunnels (maximum 10 minutes). + +You should now be able to both access your instance using I2P and federate with other I2P instances! + +[^1]: [I2PD tools](https://github.com/purplei2p/i2pd-tools) to print information about a router info file or an I2P private key, generate an I2P private key, and generate vanity addresses. + +### Possible Issues + +Will be added when encountered. diff --git a/docs/configuration/mrf.md b/docs/configuration/mrf.md new file mode 100644 index 000000000..45be18fc5 --- /dev/null +++ b/docs/configuration/mrf.md @@ -0,0 +1,122 @@ +# Message Rewrite Facility +The Message Rewrite Facility (MRF) is a subsystem that is implemented as a series of hooks that allows the administrator to rewrite or discard messages. + +Possible uses include: + +* marking incoming messages with media from a given account or instance as sensitive +* rejecting messages from a specific instance +* rejecting reports (flags) from a specific instance +* removing/unlisting messages from the public timelines +* removing media from messages +* sending only public messages to a specific instance + +The MRF provides user-configurable policies. The default policy is `NoOpPolicy`, which disables the MRF functionality. Pleroma also includes an easy to use policy called `SimplePolicy` which maps messages matching certain pre-defined criterion to actions built into the policy module. +It is possible to use multiple, active MRF policies at the same time. + +## Quarantine Instances + +You have the ability to prevent from private / followers-only messages from federating with specific instances. Which means they will only get the public or unlisted messages from your instance. + +If, for example, you're using `MIX_ENV=prod` aka using production mode, you would open your configuration file located in `config/prod.secret.exs` and edit or add the option under your `:instance` config object. Then you would specify the instance within quotes. +``` +config :pleroma, :instance, + [...] + quarantined_instances: ["instance.example", "other.example"] +``` + +## Using `SimplePolicy` + +`SimplePolicy` is capable of handling most common admin tasks. + +To use `SimplePolicy`, you must enable it. Do so by adding the following to your `:instance` config object, so that it looks like this: + +``` +config :pleroma, :instance, + [...] + rewrite_policy: Pleroma.Web.ActivityPub.MRF.SimplePolicy +``` + +Once `SimplePolicy` is enabled, you can configure various groups in the `:mrf_simple` config object. These groups are: + +* `media_removal`: Servers in this group will have media stripped from incoming messages. +* `media_nsfw`: Servers in this group will have the #nsfw tag and sensitive setting injected into incoming messages which contain media. +* `reject`: Servers in this group will have their messages rejected. +* `federated_timeline_removal`: Servers in this group will have their messages unlisted from the public timelines by flipping the `to` and `cc` fields. +* `report_removal`: Servers in this group will have their reports (flags) rejected. + +Servers should be configured as lists. + +### Example + +This example will enable `SimplePolicy`, block media from `illegalporn.biz`, mark media as NSFW from `porn.biz` and `porn.business`, reject messages from `spam.com`, remove messages from `spam.university` from the federated timeline and block reports (flags) from `whiny.whiner`: + +``` +config :pleroma, :instance, + rewrite_policy: [Pleroma.Web.ActivityPub.MRF.SimplePolicy] + +config :pleroma, :mrf_simple, + media_removal: ["illegalporn.biz"], + media_nsfw: ["porn.biz", "porn.business"], + reject: ["spam.com"], + federated_timeline_removal: ["spam.university"], + report_removal: ["whiny.whiner"] + +``` + +### Use with Care + +The effects of MRF policies can be very drastic. It is important to use this functionality carefully. Always try to talk to an admin before writing an MRF policy concerning their instance. + +## Writing your own MRF Policy + +As discussed above, the MRF system is a modular system that supports pluggable policies. This means that an admin may write a custom MRF policy in Elixir or any other language that runs on the Erlang VM, by specifying the module name in the `rewrite_policy` config setting. + +For example, here is a sample policy module which rewrites all messages to "new message content": + +```elixir +# This is a sample MRF policy which rewrites all Notes to have "new message +# content." +defmodule Site.RewritePolicy do + @behavior Pleroma.Web.ActivityPub.MRF + + # Catch messages which contain Note objects with actual data to filter. + # Capture the object as `object`, the message content as `content` and the + # message itself as `message`. + @impl true + def filter(%{"type" => Create", "object" => {"type" => "Note", "content" => content} = object} = message) + when is_binary(content) do + # Subject / CW is stored as summary instead of `name` like other AS2 objects + # because of Mastodon doing it that way. + summary = object["summary"] + + # Message edits go here. + content = "new message content" + + # Assemble the mutated object. + object = + object + |> Map.put("content", content) + |> Map.put("summary", summary) + + # Assemble the mutated message. + message = Map.put(message, "object", object) + {:ok, message} + end + + # Let all other messages through without modifying them. + @impl true + def filter(message), do: {:ok, message} +end +``` + +If you save this file as `lib/site/mrf/rewrite_policy.ex`, it will be included when you next rebuild Pleroma. You can enable it in the configuration like so: + +``` +config :pleroma, :instance, + rewrite_policy: [ + Pleroma.Web.ActivityPub.MRF.SimplePolicy, + Site.RewritePolicy + ] +``` + +Please note that the Pleroma developers consider custom MRF policy modules to fall under the purview of the AGPL. As such, you are obligated to release the sources to your custom MRF policy modules upon request. diff --git a/docs/configuration/onion_federation.md b/docs/configuration/onion_federation.md new file mode 100644 index 000000000..99f104995 --- /dev/null +++ b/docs/configuration/onion_federation.md @@ -0,0 +1,159 @@ +# Easy Onion Federation (Tor) +Tor can free people from the necessity of a domain, in addition to helping protect their privacy. As Pleroma's goal is to empower the people and let as many as possible host an instance with as little resources as possible, the ability to host an instance with a small, cheap computer like a RaspberryPi along with Tor, would be a great way to achieve that. +In addition, federating with such instances will also help furthering that goal. + +This is a guide to show you how it can be easily done. + +This guide assumes you already got Pleroma working, and that it's running on the default port 4000. +Currently only has an Nginx example. + +To install Tor on Debian / Ubuntu: +``` +apt -yq install tor +``` +If using an old server version (older than Debian Stretch or Ubuntu 18.04), install from backports or PPA. +I recommend using a newer server version instead. + +To have the newest, V3 onion addresses (which I recommend) in Debian, install Tor from backports. +If you do not have backports, uncomment the stretch-backports links at the end of `/etc/apt/sources.list`. +Then install: +``` +apt update +apt -t stretch-backports -yq install tor +``` +**WARNING:** Onion instances not using a Tor version supporting V3 addresses will not be able to federate with you. + +Create the hidden service for your Pleroma instance in `/etc/tor/torrc`: +``` +HiddenServiceDir /var/lib/tor/pleroma_hidden_service/ +HiddenServicePort 80 127.0.0.1:8099 +HiddenServiceVersion 3 # Remove if Tor version is below 0.3 ( tor --version ) +``` +Restart Tor to generate an adress: +``` +systemctl restart tor@default.service +``` +Get the address: +``` +cat /var/lib/tor/pleroma_hidden_service/hostname +``` + +# Federation + +Next, edit your Pleroma config. +If running in prod, cd to your Pleroma directory, edit `config/prod.secret.exs` +and append this line: +``` +config :pleroma, :http, proxy_url: {:socks5, :localhost, 9050} +``` +In your Pleroma directory, assuming you're running prod, +run the following: +``` +su pleroma +MIX_ENV=prod mix deps.get +MIX_ENV=prod mix ecto.migrate +exit +``` +restart Pleroma (if using systemd): +``` +systemctl restart pleroma +``` + +# Tor Instance Access + +Make your instance accessible using Tor. + +## Tor-only Instance +If creating a Tor-only instance, open `config/prod.secret.exs` and under "config :pleroma, Pleroma.Web.Endpoint," edit "https" and "port: 443" to the following: +``` + url: [host: "onionaddress", scheme: "http", port: 80], +``` +In addition to that, replace the existing nginx config's contents with the example below. + +## Existing Instance (Clearnet Instance) +If not a Tor-only instance, +add the nginx config below to your existing config at `/etc/nginx/sites-enabled/pleroma.nginx`. + +--- +For both cases, disable CSP in Pleroma's config (STS is disabled by default) so you can define those yourself seperately from the clearnet (if your instance is also on the clearnet). +Copy the following into the `config/prod.secret.exs` in your Pleroma folder (/home/pleroma/pleroma/): +``` +config :pleroma, :http_security, + enabled: false +``` + +Use this as the Nginx config: +``` +proxy_cache_path /tmp/pleroma-media-cache levels=1:2 keys_zone=pleroma_media_cache:10m max_size=10g inactive=720m use_temp_path=off; +# The above already exists in a clearnet instance's config. +# If not, add it. + +server { + listen 127.0.0.1:8099; + server_name youronionaddress; + + # Comment to enable logs + access_log /dev/null; + error_log /dev/null; + + gzip_vary on; + gzip_proxied any; + gzip_comp_level 6; + gzip_buffers 16 8k; + gzip_http_version 1.1; + gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript application/activity+json application/atom+xml; + + client_max_body_size 16m; + + location / { + + add_header X-XSS-Protection "1; mode=block"; + add_header X-Permitted-Cross-Domain-Policies none; + add_header X-Frame-Options DENY; + add_header X-Content-Type-Options nosniff; + add_header Referrer-Policy same-origin; + add_header X-Download-Options noopen; + + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header Host $http_host; + + proxy_pass http://localhost:4000; + + client_max_body_size 16m; + } + + location /proxy { + proxy_cache pleroma_media_cache; + proxy_cache_lock on; + proxy_ignore_client_abort on; + proxy_pass http://localhost:4000; + } +} +``` +reload Nginx: +``` +systemctl reload nginx +``` + +You should now be able to both access your instance using Tor and federate with other Tor instances! + +--- + +### Possible Issues + +* In Debian, make sure your hidden service folder `/var/lib/tor/pleroma_hidden_service/` and its contents, has debian-tor as both owner and group by using +``` +ls -la /var/lib/tor/ +``` +If it's not, run: +``` +chown -R debian-tor:debian-tor /var/lib/tor/pleroma_hidden_service/ +``` +* Make sure *only* the owner has *only* read and write permissions. +If not, run: +``` +chmod -R 600 /var/lib/tor/pleroma_hidden_service/ +``` +* If you have trouble logging in to the Mastodon Frontend when using Tor, use the Tor Browser Bundle. diff --git a/docs/configuration/small_customizations.md b/docs/configuration/small_customizations.md new file mode 100644 index 000000000..f91657a4c --- /dev/null +++ b/docs/configuration/small_customizations.md @@ -0,0 +1,12 @@ +# Small customizations + +See also static_dir.md for visual settings. + +## Theme + +All users of your instance will be able to change the theme they use by going to the settings (the cog in the top-right hand corner). However, if you wish to change the default theme, you can do so by editing `theme` in `config/dev.secret.exs` accordingly. + +## Message Visibility + +To enable message visibility options when posting like in the Mastodon frontend, set +`scope_options_enabled` to `true` in `config/dev.secret.exs`. diff --git a/docs/configuration/static_dir.md b/docs/configuration/static_dir.md new file mode 100644 index 000000000..5fb38c3de --- /dev/null +++ b/docs/configuration/static_dir.md @@ -0,0 +1,69 @@ +# Static Directory + +Static frontend files are shipped in `priv/static/` and tracked by version control in this repository. If you want to overwrite or update these without the possibility of merge conflicts, you can write your custom versions to `instance/static/`. + +``` +config :pleroma, :instance, + static_dir: "instance/static/", +``` + +For example, edit `instance/static/instance/panel.html` . + +Alternatively, you can overwrite this value in your configuration to use a different static instance directory. + +This document is written assuming `instance/static/`. + +Or, if you want to manage your custom file in git repository, basically remove the `instance/` entry from `.gitignore`. + +## robots.txt + +By default, the `robots.txt` that ships in `priv/static/` is permissive. It allows well-behaved search engines to index all of your instance's URIs. + +If you want to generate a restrictive `robots.txt`, you can run the following mix task. The generated `robots.txt` will be written in your instance static directory. + +``` +mix pleroma.robots_txt disallow_all +``` + +## Thumbnail + +Put on `instance/static/instance/thumbnail.jpeg` with your selfie or other neat picture. It will appear in [Pleroma Instances](http://distsn.org/pleroma-instances.html). + +## Instance-specific panel + +![instance-specific panel demo](/uploads/296b19ec806b130e0b49b16bfe29ce8a/image.png) + +Create and Edit your file on `instance/static/instance/panel.html`. + +## Background + +You can change the background of your Pleroma instance by uploading it to `instance/static/`, and then changing `background` in `config/prod.secret.exs` accordingly. + +If you put `instance/static/images/background.jpg` + +``` +config :pleroma, :frontend_configurations, + pleroma_fe: %{ + background: "/images/background.jpg" + } +``` + +## Logo + +![logo modification demo](/uploads/c70b14de60fa74245e7f0dcfa695ebff/image.png) + +If you want to give a brand to your instance, You can change the logo of your instance by uploading it to `instance/static/`. + +Alternatively, you can specify the path with config. +If you put `instance/static/static/mylogo-file.png` + +``` +config :pleroma, :frontend_configurations, + pleroma_fe: %{ + logo: "/static/mylogo-file.png" + } +``` + +## Terms of Service + +Terms of Service will be shown to all users on the registration page. It's the best place where to write down the rules for your instance. You can modify the rules by changing `instance/static/static/terms-of-service.html`. -- cgit v1.2.3 From 03e1898917d161c2682ded202d335de582c04989 Mon Sep 17 00:00:00 2001 From: rinpatch Date: Wed, 2 Oct 2019 23:54:55 +0300 Subject: Rename "Configuration" to "Configuration Cheat Sheet" and explain a bit about how Pleroma Configuration works --- docs/configuration/cheatsheet.md | 777 +++++++++++++++++++++++++++++++++++++++ docs/configuration/config.md | 773 -------------------------------------- 2 files changed, 777 insertions(+), 773 deletions(-) create mode 100644 docs/configuration/cheatsheet.md delete mode 100644 docs/configuration/config.md (limited to 'docs') diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md new file mode 100644 index 000000000..fd936aed7 --- /dev/null +++ b/docs/configuration/cheatsheet.md @@ -0,0 +1,777 @@ +# Configuration Cheat Sheet + +This is a cheat sheet for Pleroma configuration file, any setting possible to configure should be listed here. + +Pleroma configuration works by first importing the base config (`config/config.exs` on source installs, compiled-in on OTP releases), then overriding it by the environment config (`config/$MIX_ENV.exs` on source installs, N/A to OTP releases) and then overriding it by user config (`config/$MIX_ENV.secret.exs` on source installs, typically `/etc/pleroma/config.exs` on OTP releases). + +You shouldn't edit the base config directly to avoid breakages and merge conflicts, but it can be used as a reference if you don't understand how an option is supposed to be formatted, the latest version of it can be viewed [here](https://git.pleroma.social/pleroma/pleroma/blob/develop/config/config.exs). + + +## Pleroma.Upload +* `uploader`: Select which `Pleroma.Uploaders` to use +* `filters`: List of `Pleroma.Upload.Filter` to use. +* `link_name`: When enabled Pleroma will add a `name` parameter to the url of the upload, for example `https://instance.tld/media/corndog.png?name=corndog.png`. This is needed to provide the correct filename in Content-Disposition headers when using filters like `Pleroma.Upload.Filter.Dedupe` +* `base_url`: The base URL to access a user-uploaded file. Useful when you want to proxy the media files via another host. +* `proxy_remote`: If you're using a remote uploader, Pleroma will proxy media requests instead of redirecting to it. +* `proxy_opts`: Proxy options, see `Pleroma.ReverseProxy` documentation. + +Note: `strip_exif` has been replaced by `Pleroma.Upload.Filter.Mogrify`. + +## Pleroma.Uploaders.Local +* `uploads`: Which directory to store the user-uploads in, relative to pleroma’s working directory + +## Pleroma.Uploaders.S3 +* `bucket`: S3 bucket name +* `bucket_namespace`: S3 bucket namespace +* `public_endpoint`: S3 endpoint that the user finally accesses(ex. "https://s3.dualstack.ap-northeast-1.amazonaws.com") +* `truncated_namespace`: If you use S3 compatible service such as Digital Ocean Spaces or CDN, set folder name or "" etc. +For example, when using CDN to S3 virtual host format, set "". +At this time, write CNAME to CDN in public_endpoint. +* `streaming_enabled`: Enable streaming uploads, when enabled the file will be sent to the server in chunks as it's being read. This may be unsupported by some providers, try disabling this if you have upload problems. + +## Pleroma.Upload.Filter.Mogrify + +* `args`: List of actions for the `mogrify` command like `"strip"` or `["strip", "auto-orient", {"implode", "1"}]`. + +## Pleroma.Upload.Filter.Dedupe + +No specific configuration. + +## Pleroma.Upload.Filter.AnonymizeFilename + +This filter replaces the filename (not the path) of an upload. For complete obfuscation, add +`Pleroma.Upload.Filter.Dedupe` before AnonymizeFilename. + +* `text`: Text to replace filenames in links. If empty, `{random}.extension` will be used. You can get the original filename extension by using `{extension}`, for example `custom-file-name.{extension}`. + +## Pleroma.Emails.Mailer +* `adapter`: one of the mail adapters listed in [Swoosh readme](https://github.com/swoosh/swoosh#adapters), or `Swoosh.Adapters.Local` for in-memory mailbox. +* `api_key` / `password` and / or other adapter-specific settings, per the above documentation. +* `enabled`: Allows enable/disable send emails. Default: `false`. + +An example for Sendgrid adapter: + +```elixir +config :pleroma, Pleroma.Emails.Mailer, + adapter: Swoosh.Adapters.Sendgrid, + api_key: "YOUR_API_KEY" +``` + +An example for SMTP adapter: + +```elixir +config :pleroma, Pleroma.Emails.Mailer, + adapter: Swoosh.Adapters.SMTP, + relay: "smtp.gmail.com", + username: "YOUR_USERNAME@gmail.com", + password: "YOUR_SMTP_PASSWORD", + port: 465, + ssl: true, + tls: :always, + auth: :always +``` + +## :uri_schemes +* `valid_schemes`: List of the scheme part that is considered valid to be an URL + +## :instance +* `name`: The instance’s name +* `email`: Email used to reach an Administrator/Moderator of the instance +* `notify_email`: Email used for notifications. +* `description`: The instance’s description, can be seen in nodeinfo and ``/api/v1/instance`` +* `limit`: Posts character limit (CW/Subject included in the counter) +* `remote_limit`: Hard character limit beyond which remote posts will be dropped. +* `upload_limit`: File size limit of uploads (except for avatar, background, banner) +* `avatar_upload_limit`: File size limit of user’s profile avatars +* `background_upload_limit`: File size limit of user’s profile backgrounds +* `banner_upload_limit`: File size limit of user’s profile banners +* `poll_limits`: A map with poll limits for **local** polls + * `max_options`: Maximum number of options + * `max_option_chars`: Maximum number of characters per option + * `min_expiration`: Minimum expiration time (in seconds) + * `max_expiration`: Maximum expiration time (in seconds) +* `registrations_open`: Enable registrations for anyone, invitations can be enabled when false. +* `invites_enabled`: Enable user invitations for admins (depends on `registrations_open: false`). +* `account_activation_required`: Require users to confirm their emails before signing in. +* `federating`: Enable federation with other instances +* `federation_incoming_replies_max_depth`: Max. depth of reply-to activities fetching on incoming federation, to prevent out-of-memory situations while fetching very long threads. If set to `nil`, threads of any depth will be fetched. Lower this value if you experience out-of-memory crashes. +* `federation_reachability_timeout_days`: Timeout (in days) of each external federation target being unreachable prior to pausing federating to it. +* `allow_relay`: Enable Pleroma’s Relay, which makes it possible to follow a whole instance +* `rewrite_policy`: Message Rewrite Policy, either one or a list. Here are the ones available by default: + * `Pleroma.Web.ActivityPub.MRF.NoOpPolicy`: Doesn’t modify activities (default) + * `Pleroma.Web.ActivityPub.MRF.DropPolicy`: Drops all activities. It generally doesn’t makes sense to use in production + * `Pleroma.Web.ActivityPub.MRF.SimplePolicy`: Restrict the visibility of activities from certains instances (See ``:mrf_simple`` section) + * `Pleroma.Web.ActivityPub.MRF.TagPolicy`: Applies policies to individual users based on tags, which can be set using pleroma-fe/admin-fe/any other app that supports Pleroma Admin API. For example it allows marking posts from individual users nsfw (sensitive) + * `Pleroma.Web.ActivityPub.MRF.SubchainPolicy`: Selectively runs other MRF policies when messages match (see ``:mrf_subchain`` section) + * `Pleroma.Web.ActivityPub.MRF.RejectNonPublic`: Drops posts with non-public visibility settings (See ``:mrf_rejectnonpublic`` section) + * `Pleroma.Web.ActivityPub.MRF.EnsureRePrepended`: Rewrites posts to ensure that replies to posts with subjects do not have an identical subject and instead begin with re:. + * `Pleroma.Web.ActivityPub.MRF.AntiLinkSpamPolicy`: Rejects posts from likely spambots by rejecting posts from new users that contain links. + * `Pleroma.Web.ActivityPub.MRF.MediaProxyWarmingPolicy`: Crawls attachments using their MediaProxy URLs so that the MediaProxy cache is primed. + * `Pleroma.Web.ActivityPub.MRF.MentionPolicy`: Drops posts mentioning configurable users. (see `:mrf_mention` section) + * `Pleroma.Web.ActivityPub.MRF.VocabularyPolicy`: Restricts activities to a configured set of vocabulary. (see `:mrf_vocabulary` section) +* `public`: Makes the client API in authentificated mode-only except for user-profiles. Useful for disabling the Local Timeline and The Whole Known Network. +* `quarantined_instances`: List of ActivityPub instances where private(DMs, followers-only) activities will not be send. +* `managed_config`: Whenether the config for pleroma-fe is configured in this config or in ``static/config.json`` +* `allowed_post_formats`: MIME-type list of formats allowed to be posted (transformed into HTML) +* `mrf_transparency`: Make the content of your Message Rewrite Facility settings public (via nodeinfo). +* `mrf_transparency_exclusions`: Exclude specific instance names from MRF transparency. The use of the exclusions feature will be disclosed in nodeinfo as a boolean value. +* `scope_copy`: Copy the scope (private/unlisted/public) in replies to posts by default. +* `subject_line_behavior`: Allows changing the default behaviour of subject lines in replies. Valid values: + * "email": Copy and preprend re:, as in email. + * "masto": Copy verbatim, as in Mastodon. + * "noop": Don't copy the subject. +* `always_show_subject_input`: When set to false, auto-hide the subject field when it's empty. +* `extended_nickname_format`: Set to `true` to use extended local nicknames format (allows underscores/dashes). This will break federation with + older software for theses nicknames. +* `max_pinned_statuses`: The maximum number of pinned statuses. `0` will disable the feature. +* `autofollowed_nicknames`: Set to nicknames of (local) users that every new user should automatically follow. +* `no_attachment_links`: Set to true to disable automatically adding attachment link text to statuses +* `welcome_message`: A message that will be send to a newly registered users as a direct message. +* `welcome_user_nickname`: The nickname of the local user that sends the welcome message. +* `max_report_comment_size`: The maximum size of the report comment (Default: `1000`) +* `safe_dm_mentions`: If set to true, only mentions at the beginning of a post will be used to address people in direct messages. This is to prevent accidental mentioning of people when talking about them (e.g. "@friend hey i really don't like @enemy"). Default: `false`. +* `healthcheck`: If set to true, system data will be shown on ``/api/pleroma/healthcheck``. +* `remote_post_retention_days`: The default amount of days to retain remote posts when pruning the database. +* `user_bio_length`: A user bio maximum length (default: `5000`) +* `user_name_length`: A user name maximum length (default: `100`) +* `skip_thread_containment`: Skip filter out broken threads. The default is `false`. +* `limit_to_local_content`: Limit unauthenticated users to search for local statutes and users only. Possible values: `:unauthenticated`, `:all` and `false`. The default is `:unauthenticated`. +* `dynamic_configuration`: Allow transferring configuration to DB with the subsequent customization from Admin api. +* `max_account_fields`: The maximum number of custom fields in the user profile (default: `10`) +* `max_remote_account_fields`: The maximum number of custom fields in the remote user profile (default: `20`) +* `account_field_name_length`: An account field name maximum length (default: `512`) +* `account_field_value_length`: An account field value maximum length (default: `2048`) +* `external_user_synchronization`: Enabling following/followers counters synchronization for external users. + + + +## :logger +* `backends`: `:console` is used to send logs to stdout, `{ExSyslogger, :ex_syslogger}` to log to syslog, and `Quack.Logger` to log to Slack + +An example to enable ONLY ExSyslogger (f/ex in ``prod.secret.exs``) with info and debug suppressed: +```elixir +config :logger, + backends: [{ExSyslogger, :ex_syslogger}] + +config :logger, :ex_syslogger, + level: :warn +``` + +Another example, keeping console output and adding the pid to syslog output: +```elixir +config :logger, + backends: [:console, {ExSyslogger, :ex_syslogger}] + +config :logger, :ex_syslogger, + level: :warn, + option: [:pid, :ndelay] +``` + +See: [logger’s documentation](https://hexdocs.pm/logger/Logger.html) and [ex_syslogger’s documentation](https://hexdocs.pm/ex_syslogger/) + +An example of logging info to local syslog, but warn to a Slack channel: +```elixir +config :logger, + backends: [ {ExSyslogger, :ex_syslogger}, Quack.Logger ], + level: :info + +config :logger, :ex_syslogger, + level: :info, + ident: "pleroma", + format: "$metadata[$level] $message" + +config :quack, + level: :warn, + meta: [:all], + webhook_url: "https://hooks.slack.com/services/YOUR-API-KEY-HERE" +``` + +See the [Quack Github](https://github.com/azohra/quack) for more details + +## :frontend_configurations + +This can be used to configure a keyword list that keeps the configuration data for any kind of frontend. By default, settings for `pleroma_fe` and `masto_fe` are configured. + +Frontends can access these settings at `/api/pleroma/frontend_configurations` + +To add your own configuration for PleromaFE, use it like this: + +```elixir +config :pleroma, :frontend_configurations, + pleroma_fe: %{ + theme: "pleroma-dark", + # ... see /priv/static/static/config.json for the available keys. +}, + masto_fe: %{ + showInstanceSpecificPanel: true + } +``` + +These settings **need to be complete**, they will override the defaults. + +NOTE: for versions < 1.0, you need to set [`:fe`](#fe) to false, as shown a few lines below. + +## :fe +__THIS IS DEPRECATED__ + +If you are using this method, please change it to the [`frontend_configurations`](#frontend_configurations) method. +Please **set this option to false** in your config like this: + +```elixir +config :pleroma, :fe, false +``` + +This section is used to configure Pleroma-FE, unless ``:managed_config`` in ``:instance`` is set to false. + +* `theme`: Which theme to use, they are defined in ``styles.json`` +* `logo`: URL of the logo, defaults to Pleroma’s logo +* `logo_mask`: Whether to use only the logo's shape as a mask (true) or as a regular image (false) +* `logo_margin`: What margin to use around the logo +* `background`: URL of the background, unless viewing a user profile with a background that is set +* `redirect_root_no_login`: relative URL which indicates where to redirect when a user isn’t logged in. +* `redirect_root_login`: relative URL which indicates where to redirect when a user is logged in. +* `show_instance_panel`: Whenether to show the instance’s specific panel. +* `scope_options_enabled`: Enable setting an notice visibility and subject/CW when posting +* `formatting_options_enabled`: Enable setting a formatting different than plain-text (ie. HTML, Markdown) when posting, relates to ``:instance, allowed_post_formats`` +* `collapse_message_with_subjects`: When a message has a subject(aka Content Warning), collapse it by default +* `hide_post_stats`: Hide notices statistics(repeats, favorites, …) +* `hide_user_stats`: Hide profile statistics(posts, posts per day, followers, followings, …) + +## :assets + +This section configures assets to be used with various frontends. Currently the only option +relates to mascots on the mastodon frontend + +* `mascots`: KeywordList of mascots, each element __MUST__ contain both a `url` and a + `mime_type` key. +* `default_mascot`: An element from `mascots` - This will be used as the default mascot + on MastoFE (default: `:pleroma_fox_tan`) + +## :mrf_simple +* `media_removal`: List of instances to remove medias from +* `media_nsfw`: List of instances to put medias as NSFW(sensitive) from +* `federated_timeline_removal`: List of instances to remove from Federated (aka The Whole Known Network) Timeline +* `reject`: List of instances to reject any activities from +* `accept`: List of instances to accept any activities from +* `report_removal`: List of instances to reject reports from +* `avatar_removal`: List of instances to strip avatars from +* `banner_removal`: List of instances to strip banners from + +## :mrf_subchain +This policy processes messages through an alternate pipeline when a given message matches certain criteria. +All criteria are configured as a map of regular expressions to lists of policy modules. + +* `match_actor`: Matches a series of regular expressions against the actor field. + +Example: + +``` +config :pleroma, :mrf_subchain, + match_actor: %{ + ~r/https:\/\/example.com/s => [Pleroma.Web.ActivityPub.MRF.DropPolicy] + } +``` + +## :mrf_rejectnonpublic +* `allow_followersonly`: whether to allow followers-only posts +* `allow_direct`: whether to allow direct messages + +## :mrf_hellthread +* `delist_threshold`: Number of mentioned users after which the message gets delisted (the message can still be seen, but it will not show up in public timelines and mentioned users won't get notifications about it). Set to 0 to disable. +* `reject_threshold`: Number of mentioned users after which the messaged gets rejected. Set to 0 to disable. + +## :mrf_keyword +* `reject`: A list of patterns which result in message being rejected, each pattern can be a string or a [regular expression](https://hexdocs.pm/elixir/Regex.html) +* `federated_timeline_removal`: A list of patterns which result in message being removed from federated timelines (a.k.a unlisted), each pattern can be a string or a [regular expression](https://hexdocs.pm/elixir/Regex.html) +* `replace`: A list of tuples containing `{pattern, replacement}`, `pattern` can be a string or a [regular expression](https://hexdocs.pm/elixir/Regex.html) + +## :mrf_mention +* `actors`: A list of actors, for which to drop any posts mentioning. + +## :mrf_vocabulary +* `accept`: A list of ActivityStreams terms to accept. If empty, all supported messages are accepted. +* `reject`: A list of ActivityStreams terms to reject. If empty, no messages are rejected. + +## :media_proxy +* `enabled`: Enables proxying of remote media to the instance’s proxy +* `base_url`: The base URL to access a user-uploaded file. Useful when you want to proxy the media files via another host/CDN fronts. +* `proxy_opts`: All options defined in `Pleroma.ReverseProxy` documentation, defaults to `[max_body_length: (25*1_048_576)]`. +* `whitelist`: List of domains to bypass the mediaproxy + +## :gopher +* `enabled`: Enables the gopher interface +* `ip`: IP address to bind to +* `port`: Port to bind to +* `dstport`: Port advertised in urls (optional, defaults to `port`) + +## Pleroma.Web.Endpoint +`Phoenix` endpoint configuration, all configuration options can be viewed [here](https://hexdocs.pm/phoenix/Phoenix.Endpoint.html#module-dynamic-configuration), only common options are listed here +* `http` - a list containing http protocol configuration, all configuration options can be viewed [here](https://hexdocs.pm/plug_cowboy/Plug.Cowboy.html#module-options), only common options are listed here. For deployment using docker, you need to set this to `[ip: {0,0,0,0}, port: 4000]` to make pleroma accessible from other containers (such as your nginx server). + - `ip` - a tuple consisting of 4 integers + - `port` +* `url` - a list containing the configuration for generating urls, accepts + - `host` - the host without the scheme and a post (e.g `example.com`, not `https://example.com:2020`) + - `scheme` - e.g `http`, `https` + - `port` + - `path` +* `extra_cookie_attrs` - a list of `Key=Value` strings to be added as non-standard cookie attributes. Defaults to `["SameSite=Lax"]`. See the [SameSite article](https://www.owasp.org/index.php/SameSite) on OWASP for more info. + + + +**Important note**: if you modify anything inside these lists, default `config.exs` values will be overwritten, which may result in breakage, to make sure this does not happen please copy the default value for the list from `config.exs` and modify/add only what you need + +Example: +```elixir +config :pleroma, Pleroma.Web.Endpoint, + url: [host: "example.com", port: 2020, scheme: "https"], + http: [ + # start copied from config.exs + dispatch: [ + {:_, + [ + {"/api/v1/streaming", Pleroma.Web.MastodonAPI.WebsocketHandler, []}, + {"/websocket", Phoenix.Endpoint.CowboyWebSocket, + {Phoenix.Transports.WebSocket, + {Pleroma.Web.Endpoint, Pleroma.Web.UserSocket, websocket_config}}}, + {:_, Phoenix.Endpoint.Cowboy2Handler, {Pleroma.Web.Endpoint, []}} + ]} + # end copied from config.exs + ], + port: 8080, + ip: {127, 0, 0, 1} + ] +``` + +This will make Pleroma listen on `127.0.0.1` port `8080` and generate urls starting with `https://example.com:2020` + +## :activitypub +* ``unfollow_blocked``: Whether blocks result in people getting unfollowed +* ``outgoing_blocks``: Whether to federate blocks to other instances +* ``deny_follow_blocked``: Whether to disallow following an account that has blocked the user in question +* ``sign_object_fetches``: Sign object fetches with HTTP signatures + +## :http_security +* ``enabled``: Whether the managed content security policy is enabled +* ``sts``: Whether to additionally send a `Strict-Transport-Security` header +* ``sts_max_age``: The maximum age for the `Strict-Transport-Security` header if sent +* ``ct_max_age``: The maximum age for the `Expect-CT` header if sent +* ``referrer_policy``: The referrer policy to use, either `"same-origin"` or `"no-referrer"` +* ``report_uri``: Adds the specified url to `report-uri` and `report-to` group in CSP header. + +## :mrf_user_allowlist + +The keys in this section are the domain names that the policy should apply to. +Each key should be assigned a list of users that should be allowed through by +their ActivityPub ID. + +An example: + +```elixir +config :pleroma, :mrf_user_allowlist, + "example.org": ["https://example.org/users/admin"] +``` + +## :web_push_encryption, :vapid_details + +Web Push Notifications configuration. You can use the mix task `mix web_push.gen.keypair` to generate it. + +* ``subject``: a mailto link for the administrative contact. It’s best if this email is not a personal email address, but rather a group email so that if a person leaves an organization, is unavailable for an extended period, or otherwise can’t respond, someone else on the list can. +* ``public_key``: VAPID public key +* ``private_key``: VAPID private key + +## Pleroma.Captcha +* `enabled`: Whether the captcha should be shown on registration +* `method`: The method/service to use for captcha +* `seconds_valid`: The time in seconds for which the captcha is valid + +### Pleroma.Captcha.Kocaptcha +Kocaptcha is a very simple captcha service with a single API endpoint, +the source code is here: https://github.com/koto-bank/kocaptcha. The default endpoint +`https://captcha.kotobank.ch` is hosted by the developer. + +* `endpoint`: the kocaptcha endpoint to use + +## :admin_token + +Allows to set a token that can be used to authenticate with the admin api without using an actual user by giving it as the 'admin_token' parameter. Example: + +```elixir +config :pleroma, :admin_token, "somerandomtoken" +``` + +You can then do + +```sh +curl "http://localhost:4000/api/pleroma/admin/invite_token?admin_token=somerandomtoken" +``` + +## Oban + +[Oban](https://github.com/sorentwo/oban) asynchronous job processor configuration. + +Configuration options described in [Oban readme](https://github.com/sorentwo/oban#usage): +* `repo` - app's Ecto repo (`Pleroma.Repo`) +* `verbose` - logs verbosity +* `prune` - non-retryable jobs [pruning settings](https://github.com/sorentwo/oban#pruning) (`:disabled` / `{:maxlen, value}` / `{:maxage, value}`) +* `queues` - job queues (see below) + +Pleroma has the following queues: + +* `activity_expiration` - Activity expiration +* `federator_outgoing` - Outgoing federation +* `federator_incoming` - Incoming federation +* `mailer` - Email sender, see [`Pleroma.Emails.Mailer`](#pleromaemailsmailer) +* `transmogrifier` - Transmogrifier +* `web_push` - Web push notifications +* `scheduled_activities` - Scheduled activities, see [`Pleroma.ScheduledActivity`](#pleromascheduledactivity) + +Example: + +```elixir +config :pleroma, Oban, + repo: Pleroma.Repo, + verbose: false, + prune: {:maxlen, 1500}, + queues: [ + federator_incoming: 50, + federator_outgoing: 50 + ] +``` + +This config contains two queues: `federator_incoming` and `federator_outgoing`. Both have the number of max concurrent jobs set to `50`. + +### Migrating `pleroma_job_queue` settings + +`config :pleroma_job_queue, :queues` is replaced by `config :pleroma, Oban, :queues` and uses the same format (keys are queues' names, values are max concurrent jobs numbers). + +### Note on running with PostgreSQL in silent mode + +If you are running PostgreSQL in [`silent_mode`](https://postgresqlco.nf/en/doc/param/silent_mode?version=9.1), it's advised to set [`log_destination`](https://postgresqlco.nf/en/doc/param/log_destination?version=9.1) to `syslog`, +otherwise `postmaster.log` file may grow because of "you don't own a lock of type ShareLock" warnings (see https://github.com/sorentwo/oban/issues/52). + +## :workers + +Includes custom worker options not interpretable directly by `Oban`. + +* `retries` — keyword lists where keys are `Oban` queues (see above) and values are numbers of max attempts for failed jobs. + +Example: + +```elixir +config :pleroma, :workers, + retries: [ + federator_incoming: 5, + federator_outgoing: 5 + ] +``` + +### Migrating `Pleroma.Web.Federator.RetryQueue` settings + +* `max_retries` is replaced with `config :pleroma, :workers, retries: [federator_outgoing: 5]` +* `enabled: false` corresponds to `config :pleroma, :workers, retries: [federator_outgoing: 1]` +* deprecated options: `max_jobs`, `initial_timeout` + +## Pleroma.Web.Metadata +* `providers`: a list of metadata providers to enable. Providers available: + * Pleroma.Web.Metadata.Providers.OpenGraph + * Pleroma.Web.Metadata.Providers.TwitterCard + * Pleroma.Web.Metadata.Providers.RelMe - add links from user bio with rel=me into the `
` as `` +* `unfurl_nsfw`: If set to `true` nsfw attachments will be shown in previews + +## :rich_media +* `enabled`: if enabled the instance will parse metadata from attached links to generate link previews +* `ignore_hosts`: list of hosts which will be ignored by the metadata parser. For example `["accounts.google.com", "xss.website"]`, defaults to `[]`. +* `ignore_tld`: list TLDs (top-level domains) which will ignore for parse metadata. default is ["local", "localdomain", "lan"] +* `parsers`: list of Rich Media parsers + +## :fetch_initial_posts +* `enabled`: if enabled, when a new user is federated with, fetch some of their latest posts +* `pages`: the amount of pages to fetch + +## :hackney_pools + +Advanced. Tweaks Hackney (http client) connections pools. + +There's three pools used: + +* `:federation` for the federation jobs. + You may want this pool max_connections to be at least equal to the number of federator jobs + retry queue jobs. +* `:media` for rich media, media proxy +* `:upload` for uploaded media (if using a remote uploader and `proxy_remote: true`) + +For each pool, the options are: + +* `max_connections` - how much connections a pool can hold +* `timeout` - retention duration for connections + +## :auto_linker + +Configuration for the `auto_linker` library: + +* `class: "auto-linker"` - specify the class to be added to the generated link. false to clear +* `rel: "noopener noreferrer"` - override the rel attribute. false to clear +* `new_window: true` - set to false to remove `target='_blank'` attribute +* `scheme: false` - Set to true to link urls with schema `http://google.com` +* `truncate: false` - Set to a number to truncate urls longer then the number. Truncated urls will end in `..` +* `strip_prefix: true` - Strip the scheme prefix +* `extra: false` - link urls with rarely used schemes (magnet, ipfs, irc, etc.) + +Example: + +```elixir +config :auto_linker, + opts: [ + scheme: true, + extra: true, + class: false, + strip_prefix: false, + new_window: false, + rel: "ugc" + ] +``` + +## Pleroma.Scheduler + +Configuration for [Quantum](https://github.com/quantum-elixir/quantum-core) jobs scheduler. + +See [Quantum readme](https://github.com/quantum-elixir/quantum-core#usage) for the list of supported options. + +Example: + +```elixir +config :pleroma, Pleroma.Scheduler, + global: true, + overlap: true, + timezone: :utc, + jobs: [{"0 */6 * * * *", {Pleroma.Web.Websub, :refresh_subscriptions, []}}] +``` + +The above example defines a single job which invokes `Pleroma.Web.Websub.refresh_subscriptions()` every 6 hours ("0 */6 * * * *", [crontab format](https://en.wikipedia.org/wiki/Cron)). + +## Pleroma.ScheduledActivity + +* `daily_user_limit`: the number of scheduled activities a user is allowed to create in a single day (Default: `25`) +* `total_user_limit`: the number of scheduled activities a user is allowed to create in total (Default: `300`) +* `enabled`: whether scheduled activities are sent to the job queue to be executed + +## Pleroma.ActivityExpiration + +# `enabled`: whether expired activities will be sent to the job queue to be deleted + +## Pleroma.Web.Auth.Authenticator + +* `Pleroma.Web.Auth.PleromaAuthenticator`: default database authenticator +* `Pleroma.Web.Auth.LDAPAuthenticator`: LDAP authentication + +## :ldap + +Use LDAP for user authentication. When a user logs in to the Pleroma +instance, the name and password will be verified by trying to authenticate +(bind) to an LDAP server. If a user exists in the LDAP directory but there +is no account with the same name yet on the Pleroma instance then a new +Pleroma account will be created with the same name as the LDAP user name. + +* `enabled`: enables LDAP authentication +* `host`: LDAP server hostname +* `port`: LDAP port, e.g. 389 or 636 +* `ssl`: true to use SSL, usually implies the port 636 +* `sslopts`: additional SSL options +* `tls`: true to start TLS, usually implies the port 389 +* `tlsopts`: additional TLS options +* `base`: LDAP base, e.g. "dc=example,dc=com" +* `uid`: LDAP attribute name to authenticate the user, e.g. when "cn", the filter will be "cn=username,base" + +## BBS / SSH access + +To enable simple command line interface accessible over ssh, add a setting like this to your configuration file: + +```exs +app_dir = File.cwd! +priv_dir = Path.join([app_dir, "priv/ssh_keys"]) + +config :esshd, + enabled: true, + priv_dir: priv_dir, + handler: "Pleroma.BBS.Handler", + port: 10_022, + password_authenticator: "Pleroma.BBS.Authenticator" +``` + +Feel free to adjust the priv_dir and port number. Then you will have to create the key for the keys (in the example `priv/ssh_keys`) and create the host keys with `ssh-keygen -m PEM -N "" -b 2048 -t rsa -f ssh_host_rsa_key`. After restarting, you should be able to connect to your Pleroma instance with `ssh username@server -p $PORT` + +## :auth + +* `Pleroma.Web.Auth.PleromaAuthenticator`: default database authenticator +* `Pleroma.Web.Auth.LDAPAuthenticator`: LDAP authentication + +Authentication / authorization settings. + +* `auth_template`: authentication form template. By default it's `show.html` which corresponds to `lib/pleroma/web/templates/o_auth/o_auth/show.html.eex`. +* `oauth_consumer_template`: OAuth consumer mode authentication form template. By default it's `consumer.html` which corresponds to `lib/pleroma/web/templates/o_auth/o_auth/consumer.html.eex`. +* `oauth_consumer_strategies`: the list of enabled OAuth consumer strategies; by default it's set by `OAUTH_CONSUMER_STRATEGIES` environment variable. Each entry in this space-delimited string should be of format `` or `:` (e.g. `twitter` or `keycloak:ueberauth_keycloak_strategy` in case dependency is named differently than `ueberauth_`). + +## :email_notifications + +Email notifications settings. + + - digest - emails of "what you've missed" for users who have been + inactive for a while. + - active: globally enable or disable digest emails + - schedule: When to send digest email, in [crontab format](https://en.wikipedia.org/wiki/Cron). + "0 0 * * 0" is the default, meaning "once a week at midnight on Sunday morning" + - interval: Minimum interval between digest emails to one user + - inactivity_threshold: Minimum user inactivity threshold + +## Pleroma.Emails.UserEmail + +- `:logo` - a path to a custom logo. Set it to `nil` to use the default Pleroma logo. +- `:styling` - a map with color settings for email templates. + +## OAuth consumer mode + +OAuth consumer mode allows sign in / sign up via external OAuth providers (e.g. Twitter, Facebook, Google, Microsoft, etc.). +Implementation is based on Ueberauth; see the list of [available strategies](https://github.com/ueberauth/ueberauth/wiki/List-of-Strategies). + +Note: each strategy is shipped as a separate dependency; in order to get the strategies, run `OAUTH_CONSUMER_STRATEGIES="..." mix deps.get`, +e.g. `OAUTH_CONSUMER_STRATEGIES="twitter facebook google microsoft" mix deps.get`. +The server should also be started with `OAUTH_CONSUMER_STRATEGIES="..." mix phx.server` in case you enable any strategies. + +Note: each strategy requires separate setup (on external provider side and Pleroma side). Below are the guidelines on setting up most popular strategies. + +Note: make sure that `"SameSite=Lax"` is set in `extra_cookie_attrs` when you have this feature enabled. OAuth consumer mode will not work with `"SameSite=Strict"` + +* For Twitter, [register an app](https://developer.twitter.com/en/apps), configure callback URL to https:///oauth/twitter/callback + +* For Facebook, [register an app](https://developers.facebook.com/apps), configure callback URL to https:///oauth/facebook/callback, enable Facebook Login service at https://developers.facebook.com/apps//fb-login/settings/ + +* For Google, [register an app](https://console.developers.google.com), configure callback URL to https:///oauth/google/callback + +* For Microsoft, [register an app](https://portal.azure.com), configure callback URL to https:///oauth/microsoft/callback + +Once the app is configured on external OAuth provider side, add app's credentials and strategy-specific settings (if any — e.g. see Microsoft below) to `config/prod.secret.exs`, +per strategy's documentation (e.g. [ueberauth_twitter](https://github.com/ueberauth/ueberauth_twitter)). Example config basing on environment variables: + +```elixir +# Twitter +config :ueberauth, Ueberauth.Strategy.Twitter.OAuth, + consumer_key: System.get_env("TWITTER_CONSUMER_KEY"), + consumer_secret: System.get_env("TWITTER_CONSUMER_SECRET") + +# Facebook +config :ueberauth, Ueberauth.Strategy.Facebook.OAuth, + client_id: System.get_env("FACEBOOK_APP_ID"), + client_secret: System.get_env("FACEBOOK_APP_SECRET"), + redirect_uri: System.get_env("FACEBOOK_REDIRECT_URI") + +# Google +config :ueberauth, Ueberauth.Strategy.Google.OAuth, + client_id: System.get_env("GOOGLE_CLIENT_ID"), + client_secret: System.get_env("GOOGLE_CLIENT_SECRET"), + redirect_uri: System.get_env("GOOGLE_REDIRECT_URI") + +# Microsoft +config :ueberauth, Ueberauth.Strategy.Microsoft.OAuth, + client_id: System.get_env("MICROSOFT_CLIENT_ID"), + client_secret: System.get_env("MICROSOFT_CLIENT_SECRET") + +config :ueberauth, Ueberauth, + providers: [ + microsoft: {Ueberauth.Strategy.Microsoft, [callback_params: []]} + ] + +# Keycloak +# Note: make sure to add `keycloak:ueberauth_keycloak_strategy` entry to `OAUTH_CONSUMER_STRATEGIES` environment variable +keycloak_url = "https://publicly-reachable-keycloak-instance.org:8080" + +config :ueberauth, Ueberauth.Strategy.Keycloak.OAuth, + client_id: System.get_env("KEYCLOAK_CLIENT_ID"), + client_secret: System.get_env("KEYCLOAK_CLIENT_SECRET"), + site: keycloak_url, + authorize_url: "#{keycloak_url}/auth/realms/master/protocol/openid-connect/auth", + token_url: "#{keycloak_url}/auth/realms/master/protocol/openid-connect/token", + userinfo_url: "#{keycloak_url}/auth/realms/master/protocol/openid-connect/userinfo", + token_method: :post + +config :ueberauth, Ueberauth, + providers: [ + keycloak: {Ueberauth.Strategy.Keycloak, [uid_field: :email]} + ] +``` + +## OAuth 2.0 provider - :oauth2 + +Configure OAuth 2 provider capabilities: + +* `token_expires_in` - The lifetime in seconds of the access token. +* `issue_new_refresh_token` - Keeps old refresh token or generate new refresh token when to obtain an access token. +* `clean_expired_tokens` - Enable a background job to clean expired oauth tokens. Defaults to `false`. +* `clean_expired_tokens_interval` - Interval to run the job to clean expired tokens. Defaults to `86_400_000` (24 hours). + +## :emoji +* `shortcode_globs`: Location of custom emoji files. `*` can be used as a wildcard. Example `["/emoji/custom/**/*.png"]` +* `pack_extensions`: A list of file extensions for emojis, when no emoji.txt for a pack is present. Example `[".png", ".gif"]` +* `groups`: Emojis are ordered in groups (tags). This is an array of key-value pairs where the key is the groupname and the value the location or array of locations. `*` can be used as a wildcard. Example `[Custom: ["/emoji/*.png", "/emoji/custom/*.png"]]` +* `default_manifest`: Location of the JSON-manifest. This manifest contains information about the emoji-packs you can download. Currently only one manifest can be added (no arrays). +* `shared_pack_cache_seconds_per_file`: When an emoji pack is shared, the archive is created and cached in + memory for this amount of seconds multiplied by the number of files. + +## Database options + +### RUM indexing for full text search +* `rum_enabled`: If RUM indexes should be used. Defaults to `false`. + +RUM indexes are an alternative indexing scheme that is not included in PostgreSQL by default. While they may eventually be mainlined, for now they have to be installed as a PostgreSQL extension from https://github.com/postgrespro/rum. + +Their advantage over the standard GIN indexes is that they allow efficient ordering of search results by timestamp, which makes search queries a lot faster on larger servers, by one or two orders of magnitude. They take up around 3 times as much space as GIN indexes. + +To enable them, both the `rum_enabled` flag has to be set and the following special migration has to be run: + +`mix ecto.migrate --migrations-path priv/repo/optional_migrations/rum_indexing/` + +This will probably take a long time. + +## :rate_limit + +This is an advanced feature and disabled by default. + +If your instance is behind a reverse proxy you must enable and configure [`Pleroma.Plugs.RemoteIp`](#pleroma-plugs-remoteip). + +A keyword list of rate limiters where a key is a limiter name and value is the limiter configuration. The basic configuration is a tuple where: + +* The first element: `scale` (Integer). The time scale in milliseconds. +* The second element: `limit` (Integer). How many requests to limit in the time scale provided. + +It is also possible to have different limits for unauthenticated and authenticated users: the keyword value must be a list of two tuples where the first one is a config for unauthenticated users and the second one is for authenticated. + +See [`Pleroma.Plugs.RateLimiter`](Pleroma.Plugs.RateLimiter.html) documentation for examples. + +Supported rate limiters: + +* `:search` for the search requests (account & status search etc.) +* `:app_account_creation` for registering user accounts from the same IP address +* `:relations_actions` for actions on relations with all users (follow, unfollow) +* `:relation_id_action` for actions on relation with a specific user (follow, unfollow) +* `:statuses_actions` for create / delete / fav / unfav / reblog / unreblog actions on any statuses +* `:status_id_action` for fav / unfav or reblog / unreblog actions on the same status by the same user + +## :web_cache_ttl + +The expiration time for the web responses cache. Values should be in milliseconds or `nil` to disable expiration. + +Available caches: + +* `:activity_pub` - activity pub routes (except question activities). Defaults to `nil` (no expiration). +* `:activity_pub_question` - activity pub routes (question activities). Defaults to `30_000` (30 seconds). + +## Pleroma.Plugs.RemoteIp + +**If your instance is not behind at least one reverse proxy, you should not enable this plug.** + +`Pleroma.Plugs.RemoteIp` is a shim to call [`RemoteIp`](https://git.pleroma.social/pleroma/remote_ip) but with runtime configuration. + +Available options: + +* `enabled` - Enable/disable the plug. Defaults to `false`. +* `headers` - A list of strings naming the `req_headers` to use when deriving the `remote_ip`. Order does not matter. Defaults to `~w[forwarded x-forwarded-for x-client-ip x-real-ip]`. +* `proxies` - A list of strings in [CIDR](https://en.wikipedia.org/wiki/CIDR) notation specifying the IPs of known proxies. Defaults to `[]`. +* `reserved` - Defaults to [localhost](https://en.wikipedia.org/wiki/Localhost) and [private network](https://en.wikipedia.org/wiki/Private_network). diff --git a/docs/configuration/config.md b/docs/configuration/config.md deleted file mode 100644 index 262d15bba..000000000 --- a/docs/configuration/config.md +++ /dev/null @@ -1,773 +0,0 @@ -# Configuration - -This file describe the configuration, it is recommended to edit the relevant *.secret.exs file instead of the others founds in the ``config`` directory. -If you run Pleroma with ``MIX_ENV=prod`` the file is ``prod.secret.exs``, otherwise it is ``dev.secret.exs``. - -## Pleroma.Upload -* `uploader`: Select which `Pleroma.Uploaders` to use -* `filters`: List of `Pleroma.Upload.Filter` to use. -* `link_name`: When enabled Pleroma will add a `name` parameter to the url of the upload, for example `https://instance.tld/media/corndog.png?name=corndog.png`. This is needed to provide the correct filename in Content-Disposition headers when using filters like `Pleroma.Upload.Filter.Dedupe` -* `base_url`: The base URL to access a user-uploaded file. Useful when you want to proxy the media files via another host. -* `proxy_remote`: If you're using a remote uploader, Pleroma will proxy media requests instead of redirecting to it. -* `proxy_opts`: Proxy options, see `Pleroma.ReverseProxy` documentation. - -Note: `strip_exif` has been replaced by `Pleroma.Upload.Filter.Mogrify`. - -## Pleroma.Uploaders.Local -* `uploads`: Which directory to store the user-uploads in, relative to pleroma’s working directory - -## Pleroma.Uploaders.S3 -* `bucket`: S3 bucket name -* `bucket_namespace`: S3 bucket namespace -* `public_endpoint`: S3 endpoint that the user finally accesses(ex. "https://s3.dualstack.ap-northeast-1.amazonaws.com") -* `truncated_namespace`: If you use S3 compatible service such as Digital Ocean Spaces or CDN, set folder name or "" etc. -For example, when using CDN to S3 virtual host format, set "". -At this time, write CNAME to CDN in public_endpoint. -* `streaming_enabled`: Enable streaming uploads, when enabled the file will be sent to the server in chunks as it's being read. This may be unsupported by some providers, try disabling this if you have upload problems. - -## Pleroma.Upload.Filter.Mogrify - -* `args`: List of actions for the `mogrify` command like `"strip"` or `["strip", "auto-orient", {"implode", "1"}]`. - -## Pleroma.Upload.Filter.Dedupe - -No specific configuration. - -## Pleroma.Upload.Filter.AnonymizeFilename - -This filter replaces the filename (not the path) of an upload. For complete obfuscation, add -`Pleroma.Upload.Filter.Dedupe` before AnonymizeFilename. - -* `text`: Text to replace filenames in links. If empty, `{random}.extension` will be used. You can get the original filename extension by using `{extension}`, for example `custom-file-name.{extension}`. - -## Pleroma.Emails.Mailer -* `adapter`: one of the mail adapters listed in [Swoosh readme](https://github.com/swoosh/swoosh#adapters), or `Swoosh.Adapters.Local` for in-memory mailbox. -* `api_key` / `password` and / or other adapter-specific settings, per the above documentation. -* `enabled`: Allows enable/disable send emails. Default: `false`. - -An example for Sendgrid adapter: - -```elixir -config :pleroma, Pleroma.Emails.Mailer, - adapter: Swoosh.Adapters.Sendgrid, - api_key: "YOUR_API_KEY" -``` - -An example for SMTP adapter: - -```elixir -config :pleroma, Pleroma.Emails.Mailer, - adapter: Swoosh.Adapters.SMTP, - relay: "smtp.gmail.com", - username: "YOUR_USERNAME@gmail.com", - password: "YOUR_SMTP_PASSWORD", - port: 465, - ssl: true, - tls: :always, - auth: :always -``` - -## :uri_schemes -* `valid_schemes`: List of the scheme part that is considered valid to be an URL - -## :instance -* `name`: The instance’s name -* `email`: Email used to reach an Administrator/Moderator of the instance -* `notify_email`: Email used for notifications. -* `description`: The instance’s description, can be seen in nodeinfo and ``/api/v1/instance`` -* `limit`: Posts character limit (CW/Subject included in the counter) -* `remote_limit`: Hard character limit beyond which remote posts will be dropped. -* `upload_limit`: File size limit of uploads (except for avatar, background, banner) -* `avatar_upload_limit`: File size limit of user’s profile avatars -* `background_upload_limit`: File size limit of user’s profile backgrounds -* `banner_upload_limit`: File size limit of user’s profile banners -* `poll_limits`: A map with poll limits for **local** polls - * `max_options`: Maximum number of options - * `max_option_chars`: Maximum number of characters per option - * `min_expiration`: Minimum expiration time (in seconds) - * `max_expiration`: Maximum expiration time (in seconds) -* `registrations_open`: Enable registrations for anyone, invitations can be enabled when false. -* `invites_enabled`: Enable user invitations for admins (depends on `registrations_open: false`). -* `account_activation_required`: Require users to confirm their emails before signing in. -* `federating`: Enable federation with other instances -* `federation_incoming_replies_max_depth`: Max. depth of reply-to activities fetching on incoming federation, to prevent out-of-memory situations while fetching very long threads. If set to `nil`, threads of any depth will be fetched. Lower this value if you experience out-of-memory crashes. -* `federation_reachability_timeout_days`: Timeout (in days) of each external federation target being unreachable prior to pausing federating to it. -* `allow_relay`: Enable Pleroma’s Relay, which makes it possible to follow a whole instance -* `rewrite_policy`: Message Rewrite Policy, either one or a list. Here are the ones available by default: - * `Pleroma.Web.ActivityPub.MRF.NoOpPolicy`: Doesn’t modify activities (default) - * `Pleroma.Web.ActivityPub.MRF.DropPolicy`: Drops all activities. It generally doesn’t makes sense to use in production - * `Pleroma.Web.ActivityPub.MRF.SimplePolicy`: Restrict the visibility of activities from certains instances (See ``:mrf_simple`` section) - * `Pleroma.Web.ActivityPub.MRF.TagPolicy`: Applies policies to individual users based on tags, which can be set using pleroma-fe/admin-fe/any other app that supports Pleroma Admin API. For example it allows marking posts from individual users nsfw (sensitive) - * `Pleroma.Web.ActivityPub.MRF.SubchainPolicy`: Selectively runs other MRF policies when messages match (see ``:mrf_subchain`` section) - * `Pleroma.Web.ActivityPub.MRF.RejectNonPublic`: Drops posts with non-public visibility settings (See ``:mrf_rejectnonpublic`` section) - * `Pleroma.Web.ActivityPub.MRF.EnsureRePrepended`: Rewrites posts to ensure that replies to posts with subjects do not have an identical subject and instead begin with re:. - * `Pleroma.Web.ActivityPub.MRF.AntiLinkSpamPolicy`: Rejects posts from likely spambots by rejecting posts from new users that contain links. - * `Pleroma.Web.ActivityPub.MRF.MediaProxyWarmingPolicy`: Crawls attachments using their MediaProxy URLs so that the MediaProxy cache is primed. - * `Pleroma.Web.ActivityPub.MRF.MentionPolicy`: Drops posts mentioning configurable users. (see `:mrf_mention` section) - * `Pleroma.Web.ActivityPub.MRF.VocabularyPolicy`: Restricts activities to a configured set of vocabulary. (see `:mrf_vocabulary` section) -* `public`: Makes the client API in authentificated mode-only except for user-profiles. Useful for disabling the Local Timeline and The Whole Known Network. -* `quarantined_instances`: List of ActivityPub instances where private(DMs, followers-only) activities will not be send. -* `managed_config`: Whenether the config for pleroma-fe is configured in this config or in ``static/config.json`` -* `allowed_post_formats`: MIME-type list of formats allowed to be posted (transformed into HTML) -* `mrf_transparency`: Make the content of your Message Rewrite Facility settings public (via nodeinfo). -* `mrf_transparency_exclusions`: Exclude specific instance names from MRF transparency. The use of the exclusions feature will be disclosed in nodeinfo as a boolean value. -* `scope_copy`: Copy the scope (private/unlisted/public) in replies to posts by default. -* `subject_line_behavior`: Allows changing the default behaviour of subject lines in replies. Valid values: - * "email": Copy and preprend re:, as in email. - * "masto": Copy verbatim, as in Mastodon. - * "noop": Don't copy the subject. -* `always_show_subject_input`: When set to false, auto-hide the subject field when it's empty. -* `extended_nickname_format`: Set to `true` to use extended local nicknames format (allows underscores/dashes). This will break federation with - older software for theses nicknames. -* `max_pinned_statuses`: The maximum number of pinned statuses. `0` will disable the feature. -* `autofollowed_nicknames`: Set to nicknames of (local) users that every new user should automatically follow. -* `no_attachment_links`: Set to true to disable automatically adding attachment link text to statuses -* `welcome_message`: A message that will be send to a newly registered users as a direct message. -* `welcome_user_nickname`: The nickname of the local user that sends the welcome message. -* `max_report_comment_size`: The maximum size of the report comment (Default: `1000`) -* `safe_dm_mentions`: If set to true, only mentions at the beginning of a post will be used to address people in direct messages. This is to prevent accidental mentioning of people when talking about them (e.g. "@friend hey i really don't like @enemy"). Default: `false`. -* `healthcheck`: If set to true, system data will be shown on ``/api/pleroma/healthcheck``. -* `remote_post_retention_days`: The default amount of days to retain remote posts when pruning the database. -* `user_bio_length`: A user bio maximum length (default: `5000`) -* `user_name_length`: A user name maximum length (default: `100`) -* `skip_thread_containment`: Skip filter out broken threads. The default is `false`. -* `limit_to_local_content`: Limit unauthenticated users to search for local statutes and users only. Possible values: `:unauthenticated`, `:all` and `false`. The default is `:unauthenticated`. -* `dynamic_configuration`: Allow transferring configuration to DB with the subsequent customization from Admin api. -* `max_account_fields`: The maximum number of custom fields in the user profile (default: `10`) -* `max_remote_account_fields`: The maximum number of custom fields in the remote user profile (default: `20`) -* `account_field_name_length`: An account field name maximum length (default: `512`) -* `account_field_value_length`: An account field value maximum length (default: `2048`) -* `external_user_synchronization`: Enabling following/followers counters synchronization for external users. - - - -## :logger -* `backends`: `:console` is used to send logs to stdout, `{ExSyslogger, :ex_syslogger}` to log to syslog, and `Quack.Logger` to log to Slack - -An example to enable ONLY ExSyslogger (f/ex in ``prod.secret.exs``) with info and debug suppressed: -```elixir -config :logger, - backends: [{ExSyslogger, :ex_syslogger}] - -config :logger, :ex_syslogger, - level: :warn -``` - -Another example, keeping console output and adding the pid to syslog output: -```elixir -config :logger, - backends: [:console, {ExSyslogger, :ex_syslogger}] - -config :logger, :ex_syslogger, - level: :warn, - option: [:pid, :ndelay] -``` - -See: [logger’s documentation](https://hexdocs.pm/logger/Logger.html) and [ex_syslogger’s documentation](https://hexdocs.pm/ex_syslogger/) - -An example of logging info to local syslog, but warn to a Slack channel: -```elixir -config :logger, - backends: [ {ExSyslogger, :ex_syslogger}, Quack.Logger ], - level: :info - -config :logger, :ex_syslogger, - level: :info, - ident: "pleroma", - format: "$metadata[$level] $message" - -config :quack, - level: :warn, - meta: [:all], - webhook_url: "https://hooks.slack.com/services/YOUR-API-KEY-HERE" -``` - -See the [Quack Github](https://github.com/azohra/quack) for more details - -## :frontend_configurations - -This can be used to configure a keyword list that keeps the configuration data for any kind of frontend. By default, settings for `pleroma_fe` and `masto_fe` are configured. - -Frontends can access these settings at `/api/pleroma/frontend_configurations` - -To add your own configuration for PleromaFE, use it like this: - -```elixir -config :pleroma, :frontend_configurations, - pleroma_fe: %{ - theme: "pleroma-dark", - # ... see /priv/static/static/config.json for the available keys. -}, - masto_fe: %{ - showInstanceSpecificPanel: true - } -``` - -These settings **need to be complete**, they will override the defaults. - -NOTE: for versions < 1.0, you need to set [`:fe`](#fe) to false, as shown a few lines below. - -## :fe -__THIS IS DEPRECATED__ - -If you are using this method, please change it to the [`frontend_configurations`](#frontend_configurations) method. -Please **set this option to false** in your config like this: - -```elixir -config :pleroma, :fe, false -``` - -This section is used to configure Pleroma-FE, unless ``:managed_config`` in ``:instance`` is set to false. - -* `theme`: Which theme to use, they are defined in ``styles.json`` -* `logo`: URL of the logo, defaults to Pleroma’s logo -* `logo_mask`: Whether to use only the logo's shape as a mask (true) or as a regular image (false) -* `logo_margin`: What margin to use around the logo -* `background`: URL of the background, unless viewing a user profile with a background that is set -* `redirect_root_no_login`: relative URL which indicates where to redirect when a user isn’t logged in. -* `redirect_root_login`: relative URL which indicates where to redirect when a user is logged in. -* `show_instance_panel`: Whenether to show the instance’s specific panel. -* `scope_options_enabled`: Enable setting an notice visibility and subject/CW when posting -* `formatting_options_enabled`: Enable setting a formatting different than plain-text (ie. HTML, Markdown) when posting, relates to ``:instance, allowed_post_formats`` -* `collapse_message_with_subjects`: When a message has a subject(aka Content Warning), collapse it by default -* `hide_post_stats`: Hide notices statistics(repeats, favorites, …) -* `hide_user_stats`: Hide profile statistics(posts, posts per day, followers, followings, …) - -## :assets - -This section configures assets to be used with various frontends. Currently the only option -relates to mascots on the mastodon frontend - -* `mascots`: KeywordList of mascots, each element __MUST__ contain both a `url` and a - `mime_type` key. -* `default_mascot`: An element from `mascots` - This will be used as the default mascot - on MastoFE (default: `:pleroma_fox_tan`) - -## :mrf_simple -* `media_removal`: List of instances to remove medias from -* `media_nsfw`: List of instances to put medias as NSFW(sensitive) from -* `federated_timeline_removal`: List of instances to remove from Federated (aka The Whole Known Network) Timeline -* `reject`: List of instances to reject any activities from -* `accept`: List of instances to accept any activities from -* `report_removal`: List of instances to reject reports from -* `avatar_removal`: List of instances to strip avatars from -* `banner_removal`: List of instances to strip banners from - -## :mrf_subchain -This policy processes messages through an alternate pipeline when a given message matches certain criteria. -All criteria are configured as a map of regular expressions to lists of policy modules. - -* `match_actor`: Matches a series of regular expressions against the actor field. - -Example: - -``` -config :pleroma, :mrf_subchain, - match_actor: %{ - ~r/https:\/\/example.com/s => [Pleroma.Web.ActivityPub.MRF.DropPolicy] - } -``` - -## :mrf_rejectnonpublic -* `allow_followersonly`: whether to allow followers-only posts -* `allow_direct`: whether to allow direct messages - -## :mrf_hellthread -* `delist_threshold`: Number of mentioned users after which the message gets delisted (the message can still be seen, but it will not show up in public timelines and mentioned users won't get notifications about it). Set to 0 to disable. -* `reject_threshold`: Number of mentioned users after which the messaged gets rejected. Set to 0 to disable. - -## :mrf_keyword -* `reject`: A list of patterns which result in message being rejected, each pattern can be a string or a [regular expression](https://hexdocs.pm/elixir/Regex.html) -* `federated_timeline_removal`: A list of patterns which result in message being removed from federated timelines (a.k.a unlisted), each pattern can be a string or a [regular expression](https://hexdocs.pm/elixir/Regex.html) -* `replace`: A list of tuples containing `{pattern, replacement}`, `pattern` can be a string or a [regular expression](https://hexdocs.pm/elixir/Regex.html) - -## :mrf_mention -* `actors`: A list of actors, for which to drop any posts mentioning. - -## :mrf_vocabulary -* `accept`: A list of ActivityStreams terms to accept. If empty, all supported messages are accepted. -* `reject`: A list of ActivityStreams terms to reject. If empty, no messages are rejected. - -## :media_proxy -* `enabled`: Enables proxying of remote media to the instance’s proxy -* `base_url`: The base URL to access a user-uploaded file. Useful when you want to proxy the media files via another host/CDN fronts. -* `proxy_opts`: All options defined in `Pleroma.ReverseProxy` documentation, defaults to `[max_body_length: (25*1_048_576)]`. -* `whitelist`: List of domains to bypass the mediaproxy - -## :gopher -* `enabled`: Enables the gopher interface -* `ip`: IP address to bind to -* `port`: Port to bind to -* `dstport`: Port advertised in urls (optional, defaults to `port`) - -## Pleroma.Web.Endpoint -`Phoenix` endpoint configuration, all configuration options can be viewed [here](https://hexdocs.pm/phoenix/Phoenix.Endpoint.html#module-dynamic-configuration), only common options are listed here -* `http` - a list containing http protocol configuration, all configuration options can be viewed [here](https://hexdocs.pm/plug_cowboy/Plug.Cowboy.html#module-options), only common options are listed here. For deployment using docker, you need to set this to `[ip: {0,0,0,0}, port: 4000]` to make pleroma accessible from other containers (such as your nginx server). - - `ip` - a tuple consisting of 4 integers - - `port` -* `url` - a list containing the configuration for generating urls, accepts - - `host` - the host without the scheme and a post (e.g `example.com`, not `https://example.com:2020`) - - `scheme` - e.g `http`, `https` - - `port` - - `path` -* `extra_cookie_attrs` - a list of `Key=Value` strings to be added as non-standard cookie attributes. Defaults to `["SameSite=Lax"]`. See the [SameSite article](https://www.owasp.org/index.php/SameSite) on OWASP for more info. - - - -**Important note**: if you modify anything inside these lists, default `config.exs` values will be overwritten, which may result in breakage, to make sure this does not happen please copy the default value for the list from `config.exs` and modify/add only what you need - -Example: -```elixir -config :pleroma, Pleroma.Web.Endpoint, - url: [host: "example.com", port: 2020, scheme: "https"], - http: [ - # start copied from config.exs - dispatch: [ - {:_, - [ - {"/api/v1/streaming", Pleroma.Web.MastodonAPI.WebsocketHandler, []}, - {"/websocket", Phoenix.Endpoint.CowboyWebSocket, - {Phoenix.Transports.WebSocket, - {Pleroma.Web.Endpoint, Pleroma.Web.UserSocket, websocket_config}}}, - {:_, Phoenix.Endpoint.Cowboy2Handler, {Pleroma.Web.Endpoint, []}} - ]} - # end copied from config.exs - ], - port: 8080, - ip: {127, 0, 0, 1} - ] -``` - -This will make Pleroma listen on `127.0.0.1` port `8080` and generate urls starting with `https://example.com:2020` - -## :activitypub -* ``unfollow_blocked``: Whether blocks result in people getting unfollowed -* ``outgoing_blocks``: Whether to federate blocks to other instances -* ``deny_follow_blocked``: Whether to disallow following an account that has blocked the user in question -* ``sign_object_fetches``: Sign object fetches with HTTP signatures - -## :http_security -* ``enabled``: Whether the managed content security policy is enabled -* ``sts``: Whether to additionally send a `Strict-Transport-Security` header -* ``sts_max_age``: The maximum age for the `Strict-Transport-Security` header if sent -* ``ct_max_age``: The maximum age for the `Expect-CT` header if sent -* ``referrer_policy``: The referrer policy to use, either `"same-origin"` or `"no-referrer"` -* ``report_uri``: Adds the specified url to `report-uri` and `report-to` group in CSP header. - -## :mrf_user_allowlist - -The keys in this section are the domain names that the policy should apply to. -Each key should be assigned a list of users that should be allowed through by -their ActivityPub ID. - -An example: - -```elixir -config :pleroma, :mrf_user_allowlist, - "example.org": ["https://example.org/users/admin"] -``` - -## :web_push_encryption, :vapid_details - -Web Push Notifications configuration. You can use the mix task `mix web_push.gen.keypair` to generate it. - -* ``subject``: a mailto link for the administrative contact. It’s best if this email is not a personal email address, but rather a group email so that if a person leaves an organization, is unavailable for an extended period, or otherwise can’t respond, someone else on the list can. -* ``public_key``: VAPID public key -* ``private_key``: VAPID private key - -## Pleroma.Captcha -* `enabled`: Whether the captcha should be shown on registration -* `method`: The method/service to use for captcha -* `seconds_valid`: The time in seconds for which the captcha is valid - -### Pleroma.Captcha.Kocaptcha -Kocaptcha is a very simple captcha service with a single API endpoint, -the source code is here: https://github.com/koto-bank/kocaptcha. The default endpoint -`https://captcha.kotobank.ch` is hosted by the developer. - -* `endpoint`: the kocaptcha endpoint to use - -## :admin_token - -Allows to set a token that can be used to authenticate with the admin api without using an actual user by giving it as the 'admin_token' parameter. Example: - -```elixir -config :pleroma, :admin_token, "somerandomtoken" -``` - -You can then do - -```sh -curl "http://localhost:4000/api/pleroma/admin/invite_token?admin_token=somerandomtoken" -``` - -## Oban - -[Oban](https://github.com/sorentwo/oban) asynchronous job processor configuration. - -Configuration options described in [Oban readme](https://github.com/sorentwo/oban#usage): -* `repo` - app's Ecto repo (`Pleroma.Repo`) -* `verbose` - logs verbosity -* `prune` - non-retryable jobs [pruning settings](https://github.com/sorentwo/oban#pruning) (`:disabled` / `{:maxlen, value}` / `{:maxage, value}`) -* `queues` - job queues (see below) - -Pleroma has the following queues: - -* `activity_expiration` - Activity expiration -* `federator_outgoing` - Outgoing federation -* `federator_incoming` - Incoming federation -* `mailer` - Email sender, see [`Pleroma.Emails.Mailer`](#pleromaemailsmailer) -* `transmogrifier` - Transmogrifier -* `web_push` - Web push notifications -* `scheduled_activities` - Scheduled activities, see [`Pleroma.ScheduledActivity`](#pleromascheduledactivity) - -Example: - -```elixir -config :pleroma, Oban, - repo: Pleroma.Repo, - verbose: false, - prune: {:maxlen, 1500}, - queues: [ - federator_incoming: 50, - federator_outgoing: 50 - ] -``` - -This config contains two queues: `federator_incoming` and `federator_outgoing`. Both have the number of max concurrent jobs set to `50`. - -### Migrating `pleroma_job_queue` settings - -`config :pleroma_job_queue, :queues` is replaced by `config :pleroma, Oban, :queues` and uses the same format (keys are queues' names, values are max concurrent jobs numbers). - -### Note on running with PostgreSQL in silent mode - -If you are running PostgreSQL in [`silent_mode`](https://postgresqlco.nf/en/doc/param/silent_mode?version=9.1), it's advised to set [`log_destination`](https://postgresqlco.nf/en/doc/param/log_destination?version=9.1) to `syslog`, -otherwise `postmaster.log` file may grow because of "you don't own a lock of type ShareLock" warnings (see https://github.com/sorentwo/oban/issues/52). - -## :workers - -Includes custom worker options not interpretable directly by `Oban`. - -* `retries` — keyword lists where keys are `Oban` queues (see above) and values are numbers of max attempts for failed jobs. - -Example: - -```elixir -config :pleroma, :workers, - retries: [ - federator_incoming: 5, - federator_outgoing: 5 - ] -``` - -### Migrating `Pleroma.Web.Federator.RetryQueue` settings - -* `max_retries` is replaced with `config :pleroma, :workers, retries: [federator_outgoing: 5]` -* `enabled: false` corresponds to `config :pleroma, :workers, retries: [federator_outgoing: 1]` -* deprecated options: `max_jobs`, `initial_timeout` - -## Pleroma.Web.Metadata -* `providers`: a list of metadata providers to enable. Providers available: - * Pleroma.Web.Metadata.Providers.OpenGraph - * Pleroma.Web.Metadata.Providers.TwitterCard - * Pleroma.Web.Metadata.Providers.RelMe - add links from user bio with rel=me into the `
` as `` -* `unfurl_nsfw`: If set to `true` nsfw attachments will be shown in previews - -## :rich_media -* `enabled`: if enabled the instance will parse metadata from attached links to generate link previews -* `ignore_hosts`: list of hosts which will be ignored by the metadata parser. For example `["accounts.google.com", "xss.website"]`, defaults to `[]`. -* `ignore_tld`: list TLDs (top-level domains) which will ignore for parse metadata. default is ["local", "localdomain", "lan"] -* `parsers`: list of Rich Media parsers - -## :fetch_initial_posts -* `enabled`: if enabled, when a new user is federated with, fetch some of their latest posts -* `pages`: the amount of pages to fetch - -## :hackney_pools - -Advanced. Tweaks Hackney (http client) connections pools. - -There's three pools used: - -* `:federation` for the federation jobs. - You may want this pool max_connections to be at least equal to the number of federator jobs + retry queue jobs. -* `:media` for rich media, media proxy -* `:upload` for uploaded media (if using a remote uploader and `proxy_remote: true`) - -For each pool, the options are: - -* `max_connections` - how much connections a pool can hold -* `timeout` - retention duration for connections - -## :auto_linker - -Configuration for the `auto_linker` library: - -* `class: "auto-linker"` - specify the class to be added to the generated link. false to clear -* `rel: "noopener noreferrer"` - override the rel attribute. false to clear -* `new_window: true` - set to false to remove `target='_blank'` attribute -* `scheme: false` - Set to true to link urls with schema `http://google.com` -* `truncate: false` - Set to a number to truncate urls longer then the number. Truncated urls will end in `..` -* `strip_prefix: true` - Strip the scheme prefix -* `extra: false` - link urls with rarely used schemes (magnet, ipfs, irc, etc.) - -Example: - -```elixir -config :auto_linker, - opts: [ - scheme: true, - extra: true, - class: false, - strip_prefix: false, - new_window: false, - rel: "ugc" - ] -``` - -## Pleroma.Scheduler - -Configuration for [Quantum](https://github.com/quantum-elixir/quantum-core) jobs scheduler. - -See [Quantum readme](https://github.com/quantum-elixir/quantum-core#usage) for the list of supported options. - -Example: - -```elixir -config :pleroma, Pleroma.Scheduler, - global: true, - overlap: true, - timezone: :utc, - jobs: [{"0 */6 * * * *", {Pleroma.Web.Websub, :refresh_subscriptions, []}}] -``` - -The above example defines a single job which invokes `Pleroma.Web.Websub.refresh_subscriptions()` every 6 hours ("0 */6 * * * *", [crontab format](https://en.wikipedia.org/wiki/Cron)). - -## Pleroma.ScheduledActivity - -* `daily_user_limit`: the number of scheduled activities a user is allowed to create in a single day (Default: `25`) -* `total_user_limit`: the number of scheduled activities a user is allowed to create in total (Default: `300`) -* `enabled`: whether scheduled activities are sent to the job queue to be executed - -## Pleroma.ActivityExpiration - -# `enabled`: whether expired activities will be sent to the job queue to be deleted - -## Pleroma.Web.Auth.Authenticator - -* `Pleroma.Web.Auth.PleromaAuthenticator`: default database authenticator -* `Pleroma.Web.Auth.LDAPAuthenticator`: LDAP authentication - -## :ldap - -Use LDAP for user authentication. When a user logs in to the Pleroma -instance, the name and password will be verified by trying to authenticate -(bind) to an LDAP server. If a user exists in the LDAP directory but there -is no account with the same name yet on the Pleroma instance then a new -Pleroma account will be created with the same name as the LDAP user name. - -* `enabled`: enables LDAP authentication -* `host`: LDAP server hostname -* `port`: LDAP port, e.g. 389 or 636 -* `ssl`: true to use SSL, usually implies the port 636 -* `sslopts`: additional SSL options -* `tls`: true to start TLS, usually implies the port 389 -* `tlsopts`: additional TLS options -* `base`: LDAP base, e.g. "dc=example,dc=com" -* `uid`: LDAP attribute name to authenticate the user, e.g. when "cn", the filter will be "cn=username,base" - -## BBS / SSH access - -To enable simple command line interface accessible over ssh, add a setting like this to your configuration file: - -```exs -app_dir = File.cwd! -priv_dir = Path.join([app_dir, "priv/ssh_keys"]) - -config :esshd, - enabled: true, - priv_dir: priv_dir, - handler: "Pleroma.BBS.Handler", - port: 10_022, - password_authenticator: "Pleroma.BBS.Authenticator" -``` - -Feel free to adjust the priv_dir and port number. Then you will have to create the key for the keys (in the example `priv/ssh_keys`) and create the host keys with `ssh-keygen -m PEM -N "" -b 2048 -t rsa -f ssh_host_rsa_key`. After restarting, you should be able to connect to your Pleroma instance with `ssh username@server -p $PORT` - -## :auth - -* `Pleroma.Web.Auth.PleromaAuthenticator`: default database authenticator -* `Pleroma.Web.Auth.LDAPAuthenticator`: LDAP authentication - -Authentication / authorization settings. - -* `auth_template`: authentication form template. By default it's `show.html` which corresponds to `lib/pleroma/web/templates/o_auth/o_auth/show.html.eex`. -* `oauth_consumer_template`: OAuth consumer mode authentication form template. By default it's `consumer.html` which corresponds to `lib/pleroma/web/templates/o_auth/o_auth/consumer.html.eex`. -* `oauth_consumer_strategies`: the list of enabled OAuth consumer strategies; by default it's set by `OAUTH_CONSUMER_STRATEGIES` environment variable. Each entry in this space-delimited string should be of format `` or `:` (e.g. `twitter` or `keycloak:ueberauth_keycloak_strategy` in case dependency is named differently than `ueberauth_`). - -## :email_notifications - -Email notifications settings. - - - digest - emails of "what you've missed" for users who have been - inactive for a while. - - active: globally enable or disable digest emails - - schedule: When to send digest email, in [crontab format](https://en.wikipedia.org/wiki/Cron). - "0 0 * * 0" is the default, meaning "once a week at midnight on Sunday morning" - - interval: Minimum interval between digest emails to one user - - inactivity_threshold: Minimum user inactivity threshold - -## Pleroma.Emails.UserEmail - -- `:logo` - a path to a custom logo. Set it to `nil` to use the default Pleroma logo. -- `:styling` - a map with color settings for email templates. - -## OAuth consumer mode - -OAuth consumer mode allows sign in / sign up via external OAuth providers (e.g. Twitter, Facebook, Google, Microsoft, etc.). -Implementation is based on Ueberauth; see the list of [available strategies](https://github.com/ueberauth/ueberauth/wiki/List-of-Strategies). - -Note: each strategy is shipped as a separate dependency; in order to get the strategies, run `OAUTH_CONSUMER_STRATEGIES="..." mix deps.get`, -e.g. `OAUTH_CONSUMER_STRATEGIES="twitter facebook google microsoft" mix deps.get`. -The server should also be started with `OAUTH_CONSUMER_STRATEGIES="..." mix phx.server` in case you enable any strategies. - -Note: each strategy requires separate setup (on external provider side and Pleroma side). Below are the guidelines on setting up most popular strategies. - -Note: make sure that `"SameSite=Lax"` is set in `extra_cookie_attrs` when you have this feature enabled. OAuth consumer mode will not work with `"SameSite=Strict"` - -* For Twitter, [register an app](https://developer.twitter.com/en/apps), configure callback URL to https:///oauth/twitter/callback - -* For Facebook, [register an app](https://developers.facebook.com/apps), configure callback URL to https:///oauth/facebook/callback, enable Facebook Login service at https://developers.facebook.com/apps//fb-login/settings/ - -* For Google, [register an app](https://console.developers.google.com), configure callback URL to https:///oauth/google/callback - -* For Microsoft, [register an app](https://portal.azure.com), configure callback URL to https:///oauth/microsoft/callback - -Once the app is configured on external OAuth provider side, add app's credentials and strategy-specific settings (if any — e.g. see Microsoft below) to `config/prod.secret.exs`, -per strategy's documentation (e.g. [ueberauth_twitter](https://github.com/ueberauth/ueberauth_twitter)). Example config basing on environment variables: - -```elixir -# Twitter -config :ueberauth, Ueberauth.Strategy.Twitter.OAuth, - consumer_key: System.get_env("TWITTER_CONSUMER_KEY"), - consumer_secret: System.get_env("TWITTER_CONSUMER_SECRET") - -# Facebook -config :ueberauth, Ueberauth.Strategy.Facebook.OAuth, - client_id: System.get_env("FACEBOOK_APP_ID"), - client_secret: System.get_env("FACEBOOK_APP_SECRET"), - redirect_uri: System.get_env("FACEBOOK_REDIRECT_URI") - -# Google -config :ueberauth, Ueberauth.Strategy.Google.OAuth, - client_id: System.get_env("GOOGLE_CLIENT_ID"), - client_secret: System.get_env("GOOGLE_CLIENT_SECRET"), - redirect_uri: System.get_env("GOOGLE_REDIRECT_URI") - -# Microsoft -config :ueberauth, Ueberauth.Strategy.Microsoft.OAuth, - client_id: System.get_env("MICROSOFT_CLIENT_ID"), - client_secret: System.get_env("MICROSOFT_CLIENT_SECRET") - -config :ueberauth, Ueberauth, - providers: [ - microsoft: {Ueberauth.Strategy.Microsoft, [callback_params: []]} - ] - -# Keycloak -# Note: make sure to add `keycloak:ueberauth_keycloak_strategy` entry to `OAUTH_CONSUMER_STRATEGIES` environment variable -keycloak_url = "https://publicly-reachable-keycloak-instance.org:8080" - -config :ueberauth, Ueberauth.Strategy.Keycloak.OAuth, - client_id: System.get_env("KEYCLOAK_CLIENT_ID"), - client_secret: System.get_env("KEYCLOAK_CLIENT_SECRET"), - site: keycloak_url, - authorize_url: "#{keycloak_url}/auth/realms/master/protocol/openid-connect/auth", - token_url: "#{keycloak_url}/auth/realms/master/protocol/openid-connect/token", - userinfo_url: "#{keycloak_url}/auth/realms/master/protocol/openid-connect/userinfo", - token_method: :post - -config :ueberauth, Ueberauth, - providers: [ - keycloak: {Ueberauth.Strategy.Keycloak, [uid_field: :email]} - ] -``` - -## OAuth 2.0 provider - :oauth2 - -Configure OAuth 2 provider capabilities: - -* `token_expires_in` - The lifetime in seconds of the access token. -* `issue_new_refresh_token` - Keeps old refresh token or generate new refresh token when to obtain an access token. -* `clean_expired_tokens` - Enable a background job to clean expired oauth tokens. Defaults to `false`. -* `clean_expired_tokens_interval` - Interval to run the job to clean expired tokens. Defaults to `86_400_000` (24 hours). - -## :emoji -* `shortcode_globs`: Location of custom emoji files. `*` can be used as a wildcard. Example `["/emoji/custom/**/*.png"]` -* `pack_extensions`: A list of file extensions for emojis, when no emoji.txt for a pack is present. Example `[".png", ".gif"]` -* `groups`: Emojis are ordered in groups (tags). This is an array of key-value pairs where the key is the groupname and the value the location or array of locations. `*` can be used as a wildcard. Example `[Custom: ["/emoji/*.png", "/emoji/custom/*.png"]]` -* `default_manifest`: Location of the JSON-manifest. This manifest contains information about the emoji-packs you can download. Currently only one manifest can be added (no arrays). -* `shared_pack_cache_seconds_per_file`: When an emoji pack is shared, the archive is created and cached in - memory for this amount of seconds multiplied by the number of files. - -## Database options - -### RUM indexing for full text search -* `rum_enabled`: If RUM indexes should be used. Defaults to `false`. - -RUM indexes are an alternative indexing scheme that is not included in PostgreSQL by default. While they may eventually be mainlined, for now they have to be installed as a PostgreSQL extension from https://github.com/postgrespro/rum. - -Their advantage over the standard GIN indexes is that they allow efficient ordering of search results by timestamp, which makes search queries a lot faster on larger servers, by one or two orders of magnitude. They take up around 3 times as much space as GIN indexes. - -To enable them, both the `rum_enabled` flag has to be set and the following special migration has to be run: - -`mix ecto.migrate --migrations-path priv/repo/optional_migrations/rum_indexing/` - -This will probably take a long time. - -## :rate_limit - -This is an advanced feature and disabled by default. - -If your instance is behind a reverse proxy you must enable and configure [`Pleroma.Plugs.RemoteIp`](#pleroma-plugs-remoteip). - -A keyword list of rate limiters where a key is a limiter name and value is the limiter configuration. The basic configuration is a tuple where: - -* The first element: `scale` (Integer). The time scale in milliseconds. -* The second element: `limit` (Integer). How many requests to limit in the time scale provided. - -It is also possible to have different limits for unauthenticated and authenticated users: the keyword value must be a list of two tuples where the first one is a config for unauthenticated users and the second one is for authenticated. - -See [`Pleroma.Plugs.RateLimiter`](Pleroma.Plugs.RateLimiter.html) documentation for examples. - -Supported rate limiters: - -* `:search` for the search requests (account & status search etc.) -* `:app_account_creation` for registering user accounts from the same IP address -* `:relations_actions` for actions on relations with all users (follow, unfollow) -* `:relation_id_action` for actions on relation with a specific user (follow, unfollow) -* `:statuses_actions` for create / delete / fav / unfav / reblog / unreblog actions on any statuses -* `:status_id_action` for fav / unfav or reblog / unreblog actions on the same status by the same user - -## :web_cache_ttl - -The expiration time for the web responses cache. Values should be in milliseconds or `nil` to disable expiration. - -Available caches: - -* `:activity_pub` - activity pub routes (except question activities). Defaults to `nil` (no expiration). -* `:activity_pub_question` - activity pub routes (question activities). Defaults to `30_000` (30 seconds). - -## Pleroma.Plugs.RemoteIp - -**If your instance is not behind at least one reverse proxy, you should not enable this plug.** - -`Pleroma.Plugs.RemoteIp` is a shim to call [`RemoteIp`](https://git.pleroma.social/pleroma/remote_ip) but with runtime configuration. - -Available options: - -* `enabled` - Enable/disable the plug. Defaults to `false`. -* `headers` - A list of strings naming the `req_headers` to use when deriving the `remote_ip`. Order does not matter. Defaults to `~w[forwarded x-forwarded-for x-client-ip x-real-ip]`. -* `proxies` - A list of strings in [CIDR](https://en.wikipedia.org/wiki/CIDR) notation specifying the IPs of known proxies. Defaults to `[]`. -* `reserved` - Defaults to [localhost](https://en.wikipedia.org/wiki/Localhost) and [private network](https://en.wikipedia.org/wiki/Private_network). -- cgit v1.2.3 From 838ff12ec5d930bbd0caa472ea602ce665370bbc Mon Sep 17 00:00:00 2001 From: rinpatch Date: Wed, 2 Oct 2019 23:58:57 +0300 Subject: Remove "General tips for customizing Pleroma FE" because it's no longer relevant and we have actual fe docs now --- .../General-tips-for-customizing-Pleroma-FE.md | 17 ----------------- 1 file changed, 17 deletions(-) delete mode 100644 docs/configuration/General-tips-for-customizing-Pleroma-FE.md (limited to 'docs') diff --git a/docs/configuration/General-tips-for-customizing-Pleroma-FE.md b/docs/configuration/General-tips-for-customizing-Pleroma-FE.md deleted file mode 100644 index 15c4882dd..000000000 --- a/docs/configuration/General-tips-for-customizing-Pleroma-FE.md +++ /dev/null @@ -1,17 +0,0 @@ -# General tips for customizing Pleroma FE -There are some configuration scripts for Pleroma BE and FE: - -1. `config/prod.secret.exs` -1. `config/config.exs` -1. `priv/static/static/config.json` - -The `prod.secret.exs` affects first. `config.exs` is for fallback or default. `config.json` is for GNU-social-BE-Pleroma-FE instances. - -Usually all you have to do is: - -1. Copy the section in the `config/config.exs` which you want to activate. -1. Paste into `config/prod.secret.exs`. -1. Edit `config/prod.secret.exs`. -1. Restart the Pleroma daemon. - -`prod.secret.exs` is for the `MIX_ENV=prod` environment. `dev.secret.exs` is for the `MIX_ENV=dev` environment respectively. -- cgit v1.2.3 From 74d682a09ecaacb9f784e27cf0e815ddf81511f6 Mon Sep 17 00:00:00 2001 From: rinpatch Date: Thu, 3 Oct 2019 00:00:53 +0300 Subject: Remove Small customizations as it's contents have been integrated into static_dir.md --- docs/configuration/small_customizations.md | 12 ------------ 1 file changed, 12 deletions(-) delete mode 100644 docs/configuration/small_customizations.md (limited to 'docs') diff --git a/docs/configuration/small_customizations.md b/docs/configuration/small_customizations.md deleted file mode 100644 index f91657a4c..000000000 --- a/docs/configuration/small_customizations.md +++ /dev/null @@ -1,12 +0,0 @@ -# Small customizations - -See also static_dir.md for visual settings. - -## Theme - -All users of your instance will be able to change the theme they use by going to the settings (the cog in the top-right hand corner). However, if you wish to change the default theme, you can do so by editing `theme` in `config/dev.secret.exs` accordingly. - -## Message Visibility - -To enable message visibility options when posting like in the Mastodon frontend, set -`scope_options_enabled` to `true` in `config/dev.secret.exs`. -- cgit v1.2.3 From b8e5e46fa8c15d0bf3f98c5704e994ffe82be35c Mon Sep 17 00:00:00 2001 From: rinpatch Date: Thu, 3 Oct 2019 00:18:32 +0300 Subject: Fix references to other pages --- docs/installation/alpine_linux_en.md | 10 ++++------ docs/installation/arch_linux_en.md | 10 ++++------ docs/installation/centos7_en.md | 10 ++++------ docs/installation/debian_based_en.md | 10 ++++------ docs/installation/debian_based_jp.md | 10 ++++------ docs/installation/gentoo_en.md | 10 ++++------ docs/installation/migrating_from_source_otp_en.md | 10 +++++----- docs/installation/otp_en.md | 10 +++++----- 8 files changed, 34 insertions(+), 46 deletions(-) (limited to 'docs') diff --git a/docs/installation/alpine_linux_en.md b/docs/installation/alpine_linux_en.md index f200362ca..f5d1fade1 100644 --- a/docs/installation/alpine_linux_en.md +++ b/docs/installation/alpine_linux_en.md @@ -225,12 +225,10 @@ sudo -Hu pleroma MIX_ENV=prod mix pleroma.user new Date: Thu, 3 Oct 2019 00:22:14 +0300 Subject: Fix more links --- docs/API/pleroma_api.md | 2 +- docs/installation/otp_en.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'docs') diff --git a/docs/API/pleroma_api.md b/docs/API/pleroma_api.md index 41889a0ef..3a8ef4e2c 100644 --- a/docs/API/pleroma_api.md +++ b/docs/API/pleroma_api.md @@ -124,7 +124,7 @@ Request parameters can be passed via [query strings](https://en.wikipedia.org/wi ``` ## `/api/pleroma/admin/`… -See [Admin-API](Admin-API.md) +See [Admin-API](admin_api.md) ## `/api/v1/pleroma/notifications/read` ### Mark notifications as read diff --git a/docs/installation/otp_en.md b/docs/installation/otp_en.md index f192c0cb1..b4e5254cd 100644 --- a/docs/installation/otp_en.md +++ b/docs/installation/otp_en.md @@ -42,7 +42,7 @@ apk add curl unzip ncurses postgresql postgresql-contrib nginx certbot ## Setup ### Configuring PostgreSQL #### (Optional) Installing RUM indexes -RUM indexes are an alternative indexing scheme that is not included in PostgreSQL by default. You can read more about them on the [Configuration page](config.html#rum-indexing-for-full-text-search). They are completely optional and most of the time are not worth it, especially if you are running a single user instance (unless you absolutely need ordered search results). +RUM indexes are an alternative indexing scheme that is not included in PostgreSQL by default. You can read more about them on the [Configuration page](../configuration/cheatsheet.md#rum-indexing-for-full-text-search). They are completely optional and most of the time are not worth it, especially if you are running a single user instance (unless you absolutely need ordered search results). Debian/Ubuntu (available only on Buster/19.04): ```sh -- cgit v1.2.3 From 2767c413fb385580acc010dafa9282e4dcaecb60 Mon Sep 17 00:00:00 2001 From: rinpatch Date: Thu, 3 Oct 2019 00:36:18 +0300 Subject: Remove a reference to inline docs since everything it describes is described in the cheatsheet already and add A TODO --- docs/configuration/cheatsheet.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index fd936aed7..35274c61b 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -743,7 +743,7 @@ A keyword list of rate limiters where a key is a limiter name and value is the l It is also possible to have different limits for unauthenticated and authenticated users: the keyword value must be a list of two tuples where the first one is a config for unauthenticated users and the second one is for authenticated. -See [`Pleroma.Plugs.RateLimiter`](Pleroma.Plugs.RateLimiter.html) documentation for examples. +TODO: Add a list of available limiters Supported rate limiters: -- cgit v1.2.3 From bd9c7807fbf21402cc0444c711c40677ca5de2a0 Mon Sep 17 00:00:00 2001 From: rinpatch Date: Thu, 3 Oct 2019 01:03:47 +0300 Subject: Move emoji task docs to a separate file --- docs/administration/CLI_tasks/emoji.md | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 docs/administration/CLI_tasks/emoji.md (limited to 'docs') diff --git a/docs/administration/CLI_tasks/emoji.md b/docs/administration/CLI_tasks/emoji.md new file mode 100644 index 000000000..5b8dc11ab --- /dev/null +++ b/docs/administration/CLI_tasks/emoji.md @@ -0,0 +1,33 @@ +# Managing emoji packs + +Every command should be ran with a prefix, in case of OTP releases it is `./bin/pleroma_ctl emoji` and in case of source installs it's `mix pleroma.emoji`. + +## ls-packs + +```sh +$PREFIX ls-packs [OPTION...] +``` + +Lists the emoji packs and metadata specified in the manifest. + +### Options +- `-m, --manifest PATH/URL` - path to a custom manifest, it can either be an URL starting with `http`, in that case the manifest will be fetched from that address, or a local path + +## get-packs +```sh +$PREFIX get-packs [OPTION...] PACKS +``` +Fetches, verifies and installs the specified PACKS from the manifest into the `STATIC-DIR/emoji/PACK-NAME` + +### Options +- `-m, --manifest PATH/URL` - same as [`ls-packs`](#ls-packs) + +## gen-pack +```sh +$PREFIX gen-pack PACK-URL +``` +Creates a new manifest entry and a file list from the specified remote pack file. Currently, only .zip archives are recognized as remote pack files and packs are therefore assumed to be zip archives. This command is intended to run interactively and will first ask you some basic questions about the pack, then download the remote file and generate an SHA256 checksum for it, then generate an emoji file list for you. + + The manifest entry will either be written to a newly created `index.json` file or appended to the existing one, *replacing* the old pack with the same name if it was in the file previously. + + The file list will be written to the file specified previously, *replacing* that file. You _should_ check that the file list doesn't contain anything you don't need in the pack, that is, anything that is not an emoji (the whole pack is downloaded, but only emoji files are extracted). -- cgit v1.2.3 From 869ea2ab90bb461ad3dd06ac974f227da369fcf8 Mon Sep 17 00:00:00 2001 From: rinpatch Date: Thu, 3 Oct 2019 01:09:51 +0300 Subject: Move digest email docs to a separate file and improve styling --- docs/administration/CLI_tasks/digest.md | 15 +++++++++++++++ docs/administration/CLI_tasks/emoji.md | 6 +++--- 2 files changed, 18 insertions(+), 3 deletions(-) create mode 100644 docs/administration/CLI_tasks/digest.md (limited to 'docs') diff --git a/docs/administration/CLI_tasks/digest.md b/docs/administration/CLI_tasks/digest.md new file mode 100644 index 000000000..89b3ed237 --- /dev/null +++ b/docs/administration/CLI_tasks/digest.md @@ -0,0 +1,15 @@ +# Managing digest emails +Every command should be ran with a prefix, in case of OTP releases it is `./bin/pleroma_ctl digest` and in case of source installs it's `mix pleroma.digest`. + +## `test` + +```sh +$PREFIX test +``` + +Send digest email since given date (user registration date by default) ignoring user activity status. + +Example: +```sh +$PREFIX test donaldtheduck 2019-05-20 +``` diff --git a/docs/administration/CLI_tasks/emoji.md b/docs/administration/CLI_tasks/emoji.md index 5b8dc11ab..39216a897 100644 --- a/docs/administration/CLI_tasks/emoji.md +++ b/docs/administration/CLI_tasks/emoji.md @@ -2,7 +2,7 @@ Every command should be ran with a prefix, in case of OTP releases it is `./bin/pleroma_ctl emoji` and in case of source installs it's `mix pleroma.emoji`. -## ls-packs +## `ls-packs` ```sh $PREFIX ls-packs [OPTION...] @@ -13,7 +13,7 @@ Lists the emoji packs and metadata specified in the manifest. ### Options - `-m, --manifest PATH/URL` - path to a custom manifest, it can either be an URL starting with `http`, in that case the manifest will be fetched from that address, or a local path -## get-packs +## `get-packs` ```sh $PREFIX get-packs [OPTION...] PACKS ``` @@ -22,7 +22,7 @@ Fetches, verifies and installs the specified PACKS from the manifest into the `S ### Options - `-m, --manifest PATH/URL` - same as [`ls-packs`](#ls-packs) -## gen-pack +## `gen-pack` ```sh $PREFIX gen-pack PACK-URL ``` -- cgit v1.2.3 From a54739a530a291483893b0c334d35fb893026a2a Mon Sep 17 00:00:00 2001 From: rinpatch Date: Thu, 3 Oct 2019 08:51:57 +0300 Subject: Improve styling of CLI tasks --- docs/administration/CLI_tasks/digest.md | 6 ++---- docs/administration/CLI_tasks/emoji.md | 15 ++++++--------- 2 files changed, 8 insertions(+), 13 deletions(-) (limited to 'docs') diff --git a/docs/administration/CLI_tasks/digest.md b/docs/administration/CLI_tasks/digest.md index 89b3ed237..547702031 100644 --- a/docs/administration/CLI_tasks/digest.md +++ b/docs/administration/CLI_tasks/digest.md @@ -1,14 +1,12 @@ # Managing digest emails Every command should be ran with a prefix, in case of OTP releases it is `./bin/pleroma_ctl digest` and in case of source installs it's `mix pleroma.digest`. -## `test` +## Send digest email since given date (user registration date by default) ignoring user activity status. ```sh -$PREFIX test +$PREFIX test [] ``` -Send digest email since given date (user registration date by default) ignoring user activity status. - Example: ```sh $PREFIX test donaldtheduck 2019-05-20 diff --git a/docs/administration/CLI_tasks/emoji.md b/docs/administration/CLI_tasks/emoji.md index 39216a897..d274953eb 100644 --- a/docs/administration/CLI_tasks/emoji.md +++ b/docs/administration/CLI_tasks/emoji.md @@ -2,31 +2,28 @@ Every command should be ran with a prefix, in case of OTP releases it is `./bin/pleroma_ctl emoji` and in case of source installs it's `mix pleroma.emoji`. -## `ls-packs` +## Lists the emoji packs and metadata specified in the manifest. ```sh -$PREFIX ls-packs [OPTION...] +$PREFIX ls-packs [] ``` -Lists the emoji packs and metadata specified in the manifest. - ### Options - `-m, --manifest PATH/URL` - path to a custom manifest, it can either be an URL starting with `http`, in that case the manifest will be fetched from that address, or a local path -## `get-packs` +## Fetch, verify and install the specified packs from the manifest into `STATIC-DIR/emoji/PACK-NAME` ```sh -$PREFIX get-packs [OPTION...] PACKS +$PREFIX get-packs [] ``` -Fetches, verifies and installs the specified PACKS from the manifest into the `STATIC-DIR/emoji/PACK-NAME` ### Options - `-m, --manifest PATH/URL` - same as [`ls-packs`](#ls-packs) -## `gen-pack` +## Create a new manifest entry and a file list from the specified remote pack file ```sh $PREFIX gen-pack PACK-URL ``` -Creates a new manifest entry and a file list from the specified remote pack file. Currently, only .zip archives are recognized as remote pack files and packs are therefore assumed to be zip archives. This command is intended to run interactively and will first ask you some basic questions about the pack, then download the remote file and generate an SHA256 checksum for it, then generate an emoji file list for you. +Currently, only .zip archives are recognized as remote pack files and packs are therefore assumed to be zip archives. This command is intended to run interactively and will first ask you some basic questions about the pack, then download the remote file and generate an SHA256 checksum for it, then generate an emoji file list for you. The manifest entry will either be written to a newly created `index.json` file or appended to the existing one, *replacing* the old pack with the same name if it was in the file previously. -- cgit v1.2.3 From 6435ba83cd07162a9ad9a386253814e2f12d951d Mon Sep 17 00:00:00 2001 From: rinpatch Date: Thu, 3 Oct 2019 09:02:48 +0300 Subject: Move instance CLI task docs to a text file --- docs/administration/CLI_tasks/emoji.md | 2 +- docs/administration/CLI_tasks/instance.md | 30 ++++++++++++++++++++++++++++++ 2 files changed, 31 insertions(+), 1 deletion(-) create mode 100644 docs/administration/CLI_tasks/instance.md (limited to 'docs') diff --git a/docs/administration/CLI_tasks/emoji.md b/docs/administration/CLI_tasks/emoji.md index d274953eb..eee02f2ef 100644 --- a/docs/administration/CLI_tasks/emoji.md +++ b/docs/administration/CLI_tasks/emoji.md @@ -2,7 +2,7 @@ Every command should be ran with a prefix, in case of OTP releases it is `./bin/pleroma_ctl emoji` and in case of source installs it's `mix pleroma.emoji`. -## Lists the emoji packs and metadata specified in the manifest. +## Lists emoji packs and metadata specified in the manifest ```sh $PREFIX ls-packs [] diff --git a/docs/administration/CLI_tasks/instance.md b/docs/administration/CLI_tasks/instance.md new file mode 100644 index 000000000..975ee61d9 --- /dev/null +++ b/docs/administration/CLI_tasks/instance.md @@ -0,0 +1,30 @@ +# Managing instance configuration + +Every command should be ran with a prefix, in case of OTP releases it is `./bin/pleroma_ctl instance` and in case of source installs it's `mix pleroma.instance`. + +## Generate a new configuration file +```sh +$PREFIX gen [] +``` + +If any of the options are left unspecified, you will be prompted interactively. + +## Options +- `-f`, `--force` - overwrite any output files +- `-o `, `--output ` - the output file for the generated configuration +- `--output-psql ` - the output file for the generated PostgreSQL setup +- `--domain ` - the domain of your instance +- `--instance-name ` - the name of your instance +- `--admin-email ` - the email address of the instance admin +- `--notify-email ` - email address for notifications +- `--dbhost ` - the hostname of the PostgreSQL database to use +- `--dbname ` - the name of the database to use +- `--dbuser ` - the user (aka role) to use for the database connection +- `--dbpass ` - the password to use for the database connection +- `--rum ` - Whether to enable RUM indexes +- `--indexable ` - Allow/disallow indexing site by search engines +- `--db-configurable ` - Allow/disallow configuring instance from admin part +- `--uploads-dir ` - the directory uploads go in when using a local uploader +- `--static-dir ` - the directory custom public files should be read from (custom emojis, frontend bundle overrides, robots.txt, etc.) +- `--listen-ip ` - the ip the app should listen to, defaults to 127.0.0.1 +- `--listen-port ` - the port the app should listen to, defaults to 4000 -- cgit v1.2.3 From 808d0a0170577155d0f1097c66c4e0b23c8303b9 Mon Sep 17 00:00:00 2001 From: rinpatch Date: Thu, 3 Oct 2019 09:10:31 +0300 Subject: Move relay docs to a separate file --- docs/administration/CLI_tasks/relay.md | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 docs/administration/CLI_tasks/relay.md (limited to 'docs') diff --git a/docs/administration/CLI_tasks/relay.md b/docs/administration/CLI_tasks/relay.md new file mode 100644 index 000000000..aa44617df --- /dev/null +++ b/docs/administration/CLI_tasks/relay.md @@ -0,0 +1,30 @@ +# Managing relays + +Every command should be ran with a prefix, in case of OTP releases it is `./bin/pleroma_ctl relay` and in case of source installs it's `mix pleroma.relay`. + +## Follow a relay +```sh +$PREFIX follow +``` + +Example: +```sh +$PREFIX follow https://example.org/relay +``` + +## Unfollow a remote relay + +```sh +$PREFIX unfollow +``` + +Example: +```sh +$PREFIX unfollow https://example.org/relay +``` + +## List relay subscriptions + +```sh +$PREFIX list +``` -- cgit v1.2.3 From d39ccc2e7ffd019f8fe2438f388c0a0bb8aac34a Mon Sep 17 00:00:00 2001 From: rinpatch Date: Thu, 3 Oct 2019 09:35:21 +0300 Subject: Move uploads task docs to a separate file --- docs/administration/CLI_tasks/uploads.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 docs/administration/CLI_tasks/uploads.md (limited to 'docs') diff --git a/docs/administration/CLI_tasks/uploads.md b/docs/administration/CLI_tasks/uploads.md new file mode 100644 index 000000000..a72bbd01f --- /dev/null +++ b/docs/administration/CLI_tasks/uploads.md @@ -0,0 +1,12 @@ +# Managing uploads + +Every command should be ran with a prefix, in case of OTP releases it is `./bin/pleroma_ctl uploads` and in case of source installs it's `mix pleroma.uploads`. + +## Migrate uploads from local to remote storage +```sh +$PREFIX migrate_local TARGET_UPLOADER [OPTIONS...] +``` +## Options +- `--delete` - delete local uploads after migrating them to the target uploader + +A list of available uploaders can be seen in [Configuration Cheat Sheet](../../configuration/cheatsheet.md#pleromaupload) -- cgit v1.2.3 From f5372bfb4a65c8324926965fe34c920bc2449bc5 Mon Sep 17 00:00:00 2001 From: rinpatch Date: Thu, 3 Oct 2019 09:36:35 +0300 Subject: Fix up some headings --- docs/administration/CLI_tasks/instance.md | 2 +- docs/administration/CLI_tasks/uploads.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'docs') diff --git a/docs/administration/CLI_tasks/instance.md b/docs/administration/CLI_tasks/instance.md index 975ee61d9..ab0b68ad0 100644 --- a/docs/administration/CLI_tasks/instance.md +++ b/docs/administration/CLI_tasks/instance.md @@ -9,7 +9,7 @@ $PREFIX gen [] If any of the options are left unspecified, you will be prompted interactively. -## Options +### Options - `-f`, `--force` - overwrite any output files - `-o `, `--output ` - the output file for the generated configuration - `--output-psql ` - the output file for the generated PostgreSQL setup diff --git a/docs/administration/CLI_tasks/uploads.md b/docs/administration/CLI_tasks/uploads.md index a72bbd01f..321ec5e74 100644 --- a/docs/administration/CLI_tasks/uploads.md +++ b/docs/administration/CLI_tasks/uploads.md @@ -6,7 +6,7 @@ Every command should be ran with a prefix, in case of OTP releases it is `./bin/ ```sh $PREFIX migrate_local TARGET_UPLOADER [OPTIONS...] ``` -## Options +### Options - `--delete` - delete local uploads after migrating them to the target uploader A list of available uploaders can be seen in [Configuration Cheat Sheet](../../configuration/cheatsheet.md#pleromaupload) -- cgit v1.2.3 From 8fd47a4a5a9704a523046e7b8d2cdac3f090acea Mon Sep 17 00:00:00 2001 From: rinpatch Date: Thu, 3 Oct 2019 09:38:24 +0300 Subject: Use consistent command signature --- docs/administration/CLI_tasks/uploads.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/administration/CLI_tasks/uploads.md b/docs/administration/CLI_tasks/uploads.md index 321ec5e74..71800e341 100644 --- a/docs/administration/CLI_tasks/uploads.md +++ b/docs/administration/CLI_tasks/uploads.md @@ -4,7 +4,7 @@ Every command should be ran with a prefix, in case of OTP releases it is `./bin/ ## Migrate uploads from local to remote storage ```sh -$PREFIX migrate_local TARGET_UPLOADER [OPTIONS...] +$PREFIX migrate_local [] ``` ### Options - `--delete` - delete local uploads after migrating them to the target uploader -- cgit v1.2.3 From b4ca864c6b2e6ee9addea7fbc0b09fca581816ce Mon Sep 17 00:00:00 2001 From: rinpatch Date: Thu, 3 Oct 2019 10:15:24 +0300 Subject: Move user tasks docs to a separate file --- docs/administration/CLI_tasks/user.md | 94 +++++++++++++++++++++++++++++++++++ 1 file changed, 94 insertions(+) create mode 100644 docs/administration/CLI_tasks/user.md (limited to 'docs') diff --git a/docs/administration/CLI_tasks/user.md b/docs/administration/CLI_tasks/user.md new file mode 100644 index 000000000..045730753 --- /dev/null +++ b/docs/administration/CLI_tasks/user.md @@ -0,0 +1,94 @@ +# Managing users + +Every command should be ran with a prefix, in case of OTP releases it is `./bin/pleroma_ctl user` and in case of source installs it's `mix pleroma.user`. + +## Create a user +```sh +$PREFIX new [] +``` + +### Options +- `--name ` - the user's display name +- `--bio ` - the user's bio +- `--password ` - the user's password +- `--moderator`/`--no-moderator` - whether the user should be a moderator +- `--admin`/`--no-admin` - whether the user should be an admin +- `-y`, `--assume-yes`/`--no-assume-yes` - whether to assume yes to all questions + +## Generate an invite link +```sh +$PREFIX invite [] +``` + +### Options +- `--expires-at DATE` - last day on which token is active (e.g. "2019-04-05") +- `--max-use NUMBER` - maximum numbers of token uses + +## List generated invites +```sh +$PREFIX invites +``` + +## Revoke invite +```sh +$PREFIX revoke_invite +``` + +## Delete a user +``` +$PREFIX rm +``` + +## Delete user's posts and interactions +```sh +$PREFIX delete_activities +``` + +## Sign user out from all applications (delete user's OAuth tokens and authorizations) +```sh +$PREFIX sign_out +``` + +## Deactivate or activate a user +```sh +$PREFIX toggle_activated +``` + +## Unsubscribe local users from a user and deactivate the user +```sh +$PREFIX unsubscribe NICKNAME +``` + +## Unsubscribe local users from an instance and deactivate all accounts on it +```sh +$PREFIX unsubscribe_all_from_instance +``` + +## Create a password reset link for user +```sh +$PREFIX reset_password +``` + +## Set the value of the given user's settings +```sh +$PREFIX set [] +``` +### Options +- `--locked`/`--no-locked` - whether the user should be locked +- `--moderator`/`--no-moderator` - whether the user should be a moderator +- `--admin`/`--no-admin` - whether the user should be an admin + +## Add tags to a user +```sh +$PREFIX tag +``` + +## Delete tags from a user +```sh +$PREFIX untag +``` + +## Toggle confirmation status of the user +```sh +$PREFIX toggle_confirmed +``` -- cgit v1.2.3 From 2cbe2dcbde9346fd354de816ea660b3ab085d876 Mon Sep 17 00:00:00 2001 From: rinpatch Date: Thu, 3 Oct 2019 10:31:59 +0300 Subject: Oops --- docs/configuration/cheatsheet.md | 2 -- 1 file changed, 2 deletions(-) (limited to 'docs') diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index 35274c61b..35832e606 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -743,8 +743,6 @@ A keyword list of rate limiters where a key is a limiter name and value is the l It is also possible to have different limits for unauthenticated and authenticated users: the keyword value must be a list of two tuples where the first one is a config for unauthenticated users and the second one is for authenticated. -TODO: Add a list of available limiters - Supported rate limiters: * `:search` for the search requests (account & status search etc.) -- cgit v1.2.3 From 66450f861597ac5c5a349f005b7cc061e4e34ded Mon Sep 17 00:00:00 2001 From: rinpatch Date: Thu, 3 Oct 2019 10:36:01 +0300 Subject: Cheatsheet: Move the deprecated config warning into a warning block --- docs/configuration/cheatsheet.md | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) (limited to 'docs') diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index 35832e606..f1d41b0c6 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -212,14 +212,15 @@ These settings **need to be complete**, they will override the defaults. NOTE: for versions < 1.0, you need to set [`:fe`](#fe) to false, as shown a few lines below. ## :fe -__THIS IS DEPRECATED__ +!!! warning + __THIS IS DEPRECATED__ -If you are using this method, please change it to the [`frontend_configurations`](#frontend_configurations) method. -Please **set this option to false** in your config like this: + If you are using this method, please change it to the [`frontend_configurations`](#frontend_configurations) method. + Please **set this option to false** in your config like this: -```elixir -config :pleroma, :fe, false -``` + ```elixir + config :pleroma, :fe, false + ``` This section is used to configure Pleroma-FE, unless ``:managed_config`` in ``:instance`` is set to false. -- cgit v1.2.3 From cb162678df877e3f9b299e10516d0ebd29355b80 Mon Sep 17 00:00:00 2001 From: rinpatch Date: Thu, 3 Oct 2019 10:37:34 +0300 Subject: Add missing language spec --- docs/configuration/cheatsheet.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index f1d41b0c6..82367ae0b 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -266,7 +266,7 @@ All criteria are configured as a map of regular expressions to lists of policy m Example: -``` +```elixir config :pleroma, :mrf_subchain, match_actor: %{ ~r/https:\/\/example.com/s => [Pleroma.Web.ActivityPub.MRF.DropPolicy] -- cgit v1.2.3 From 4e70009490365f0439043aa59f9e6cd05f6da723 Mon Sep 17 00:00:00 2001 From: rinpatch Date: Thu, 3 Oct 2019 10:39:53 +0300 Subject: Move bold text in RemoveIp description into a proper warning --- docs/configuration/cheatsheet.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index 82367ae0b..57325dd56 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -764,7 +764,8 @@ Available caches: ## Pleroma.Plugs.RemoteIp -**If your instance is not behind at least one reverse proxy, you should not enable this plug.** +!!! warning + If your instance is not behind at least one reverse proxy, you should not enable this plug. `Pleroma.Plugs.RemoteIp` is a shim to call [`RemoteIp`](https://git.pleroma.social/pleroma/remote_ip) but with runtime configuration. -- cgit v1.2.3 From 25849157aae60e1bac776d395cadb6d15424eb1d Mon Sep 17 00:00:00 2001 From: rinpatch Date: Thu, 3 Oct 2019 10:43:38 +0300 Subject: Remove fe settings from :instance as they no longer do anything --- docs/configuration/cheatsheet.md | 6 ------ 1 file changed, 6 deletions(-) (limited to 'docs') diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index 57325dd56..e23bcaf63 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -115,12 +115,6 @@ config :pleroma, Pleroma.Emails.Mailer, * `allowed_post_formats`: MIME-type list of formats allowed to be posted (transformed into HTML) * `mrf_transparency`: Make the content of your Message Rewrite Facility settings public (via nodeinfo). * `mrf_transparency_exclusions`: Exclude specific instance names from MRF transparency. The use of the exclusions feature will be disclosed in nodeinfo as a boolean value. -* `scope_copy`: Copy the scope (private/unlisted/public) in replies to posts by default. -* `subject_line_behavior`: Allows changing the default behaviour of subject lines in replies. Valid values: - * "email": Copy and preprend re:, as in email. - * "masto": Copy verbatim, as in Mastodon. - * "noop": Don't copy the subject. -* `always_show_subject_input`: When set to false, auto-hide the subject field when it's empty. * `extended_nickname_format`: Set to `true` to use extended local nicknames format (allows underscores/dashes). This will break federation with older software for theses nicknames. * `max_pinned_statuses`: The maximum number of pinned statuses. `0` will disable the feature. -- cgit v1.2.3 From e560d65db3c6e2692a8060b0646d6e8808b864f0 Mon Sep 17 00:00:00 2001 From: rinpatch Date: Thu, 3 Oct 2019 10:45:40 +0300 Subject: Fix a typo in activity expirations --- docs/configuration/cheatsheet.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index e23bcaf63..e5f68f09b 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -551,7 +551,7 @@ The above example defines a single job which invokes `Pleroma.Web.Websub.refresh ## Pleroma.ActivityExpiration -# `enabled`: whether expired activities will be sent to the job queue to be deleted +* `enabled`: whether expired activities will be sent to the job queue to be deleted ## Pleroma.Web.Auth.Authenticator -- cgit v1.2.3 From aefb4dcff5721aaa20ebb52d4f7da4874cb1b612 Mon Sep 17 00:00:00 2001 From: rinpatch Date: Thu, 3 Oct 2019 10:54:41 +0300 Subject: Cheatsheet: Use note/warning blocks instead of bold text --- docs/configuration/cheatsheet.md | 22 ++++++++++++++-------- 1 file changed, 14 insertions(+), 8 deletions(-) (limited to 'docs') diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index e5f68f09b..70a475363 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -15,7 +15,8 @@ You shouldn't edit the base config directly to avoid breakages and merge conflic * `proxy_remote`: If you're using a remote uploader, Pleroma will proxy media requests instead of redirecting to it. * `proxy_opts`: Proxy options, see `Pleroma.ReverseProxy` documentation. -Note: `strip_exif` has been replaced by `Pleroma.Upload.Filter.Mogrify`. +!!! warning + `strip_exif` has been replaced by `Pleroma.Upload.Filter.Mogrify`. ## Pleroma.Uploaders.Local * `uploads`: Which directory to store the user-uploads in, relative to pleroma’s working directory @@ -300,7 +301,10 @@ config :pleroma, :mrf_subchain, * `dstport`: Port advertised in urls (optional, defaults to `port`) ## Pleroma.Web.Endpoint -`Phoenix` endpoint configuration, all configuration options can be viewed [here](https://hexdocs.pm/phoenix/Phoenix.Endpoint.html#module-dynamic-configuration), only common options are listed here + +!!! note + `Phoenix` endpoint configuration, all configuration options can be viewed [here](https://hexdocs.pm/phoenix/Phoenix.Endpoint.html#module-dynamic-configuration), only common options are listed here. + * `http` - a list containing http protocol configuration, all configuration options can be viewed [here](https://hexdocs.pm/plug_cowboy/Plug.Cowboy.html#module-options), only common options are listed here. For deployment using docker, you need to set this to `[ip: {0,0,0,0}, port: 4000]` to make pleroma accessible from other containers (such as your nginx server). - `ip` - a tuple consisting of 4 integers - `port` @@ -313,7 +317,8 @@ config :pleroma, :mrf_subchain, -**Important note**: if you modify anything inside these lists, default `config.exs` values will be overwritten, which may result in breakage, to make sure this does not happen please copy the default value for the list from `config.exs` and modify/add only what you need +!!! warning + If you modify anything inside these lists, default `config.exs` values will be overwritten, which may result in breakage, to make sure this does not happen please copy the default value for the list from `config.exs` and modify/add only what you need Example: ```elixir @@ -627,13 +632,14 @@ Email notifications settings. OAuth consumer mode allows sign in / sign up via external OAuth providers (e.g. Twitter, Facebook, Google, Microsoft, etc.). Implementation is based on Ueberauth; see the list of [available strategies](https://github.com/ueberauth/ueberauth/wiki/List-of-Strategies). -Note: each strategy is shipped as a separate dependency; in order to get the strategies, run `OAUTH_CONSUMER_STRATEGIES="..." mix deps.get`, -e.g. `OAUTH_CONSUMER_STRATEGIES="twitter facebook google microsoft" mix deps.get`. -The server should also be started with `OAUTH_CONSUMER_STRATEGIES="..." mix phx.server` in case you enable any strategies. +!!! note + Each strategy is shipped as a separate dependency; in order to get the strategies, run `OAUTH_CONSUMER_STRATEGIES="..." mix deps.get`, e.g. `OAUTH_CONSUMER_STRATEGIES="twitter facebook google microsoft" mix deps.get`. The server should also be started with `OAUTH_CONSUMER_STRATEGIES="..." mix phx.server` in case you enable any strategies. -Note: each strategy requires separate setup (on external provider side and Pleroma side). Below are the guidelines on setting up most popular strategies. +!!! note + Each strategy requires separate setup (on external provider side and Pleroma side). Below are the guidelines on setting up most popular strategies. -Note: make sure that `"SameSite=Lax"` is set in `extra_cookie_attrs` when you have this feature enabled. OAuth consumer mode will not work with `"SameSite=Strict"` +!!! note + Make sure that `"SameSite=Lax"` is set in `extra_cookie_attrs` when you have this feature enabled. OAuth consumer mode will not work with `"SameSite=Strict"` * For Twitter, [register an app](https://developer.twitter.com/en/apps), configure callback URL to https:///oauth/twitter/callback -- cgit v1.2.3 From 2656f418183d0109a1706a78a2517b61e12871c7 Mon Sep 17 00:00:00 2001 From: rinpatch Date: Thu, 3 Oct 2019 10:57:27 +0300 Subject: Remove silent mode note as it's no longer relevant --- docs/configuration/cheatsheet.md | 5 ----- 1 file changed, 5 deletions(-) (limited to 'docs') diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index 70a475363..9e5368cf1 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -444,11 +444,6 @@ This config contains two queues: `federator_incoming` and `federator_outgoing`. `config :pleroma_job_queue, :queues` is replaced by `config :pleroma, Oban, :queues` and uses the same format (keys are queues' names, values are max concurrent jobs numbers). -### Note on running with PostgreSQL in silent mode - -If you are running PostgreSQL in [`silent_mode`](https://postgresqlco.nf/en/doc/param/silent_mode?version=9.1), it's advised to set [`log_destination`](https://postgresqlco.nf/en/doc/param/log_destination?version=9.1) to `syslog`, -otherwise `postmaster.log` file may grow because of "you don't own a lock of type ShareLock" warnings (see https://github.com/sorentwo/oban/issues/52). - ## :workers Includes custom worker options not interpretable directly by `Oban`. -- cgit v1.2.3 From 8e08d5b2336bdb6108ec5df15b7b642e0bc2acad Mon Sep 17 00:00:00 2001 From: rinpatch Date: Thu, 3 Oct 2019 11:02:07 +0300 Subject: MkDocs does not like if a paragraph doesn't have a newline after it --- docs/configuration/custom_emoji.md | 1 + 1 file changed, 1 insertion(+) (limited to 'docs') diff --git a/docs/configuration/custom_emoji.md b/docs/configuration/custom_emoji.md index f72c0edbc..1648840fd 100644 --- a/docs/configuration/custom_emoji.md +++ b/docs/configuration/custom_emoji.md @@ -4,6 +4,7 @@ Before you add your own custom emoji, check if they are available in an existing See `Mix.Tasks.Pleroma.Emoji` for information about emoji packs. To add custom emoji: + * Create the `STATIC-DIR/emoji/` directory if it doesn't exist (`STATIC-DIR` is configurable, `instance/static/` by default) * Create a directory with whatever name you want (custom is a good name to show the purpose of it). -- cgit v1.2.3 From 6baa037903e06c80a5b5f1c34b2cfdd471ba2f8f Mon Sep 17 00:00:00 2001 From: rinpatch Date: Thu, 3 Oct 2019 11:17:29 +0300 Subject: Move database maintenance tasks docs to a separate file --- docs/administration/CLI_tasks/database.md | 48 +++++++++++++++++++++++++++++++ 1 file changed, 48 insertions(+) create mode 100644 docs/administration/CLI_tasks/database.md (limited to 'docs') diff --git a/docs/administration/CLI_tasks/database.md b/docs/administration/CLI_tasks/database.md new file mode 100644 index 000000000..484639231 --- /dev/null +++ b/docs/administration/CLI_tasks/database.md @@ -0,0 +1,48 @@ +# Database maintenance tasks + +Every command should be ran with a prefix, in case of OTP releases it is `./bin/pleroma_ctl database` and in case of source installs it's `mix pleroma.database`. + +## Replace embedded objects with their references + +Replaces embedded objects with references to them in the `objects` table. Only needs to be ran once if the instance was created before Pleroma 1.0.5. The reason why this is not a migration is because it could significantly increase the database size after being ran, however after this `VACUUM FULL` will be able to reclaim about 20% (really depends on what is in the database, your mileage may vary) of the db size before the migration. + +```sh +$PREFIX remove_embedded_objects [] +``` + +### Options +- `--vacuum` - run `VACUUM FULL` after the embedded objects are replaced with their references + +## Prune old remote posts from the database + +This will prune remote posts older than 90 days (configurable with [`config :pleroma, :instance, remote_post_retention_days`](../../configuration/cheatsheet.md#instance)) from the database, they will be refetched from source when accessed. + +!!! note + The disk space will only be reclaimed after `VACUUM FULL` + +```sh +$PREFIX pleroma.database prune_objects [] +``` + +### Options +- `--vacuum` - run `VACUUM FULL` after the objects are pruned + +## Create a conversation for all existing DMs + +Can be safely re-run + +```sh +$PREFIX bump_all_conversations +``` + +## Remove duplicated items from following and update followers count for all users + +```sh +$PREFIX update_users_following_followers_counts +``` + +## Fix the pre-existing "likes" collections for all objects + +```sh +$PREFIX fix_likes_collections +``` -- cgit v1.2.3 From 1cae564b5d749a23f29a5303a82e27e2952a55ed Mon Sep 17 00:00:00 2001 From: rinpatch Date: Thu, 3 Oct 2019 14:12:57 +0300 Subject: Move config task docs to a separate file and mark it as WIP --- docs/administration/CLI_tasks/config.md | 19 +++++++++++++++++++ docs/configuration/cheatsheet.md | 6 +++++- 2 files changed, 24 insertions(+), 1 deletion(-) create mode 100644 docs/administration/CLI_tasks/config.md (limited to 'docs') diff --git a/docs/administration/CLI_tasks/config.md b/docs/administration/CLI_tasks/config.md new file mode 100644 index 000000000..ce19e2402 --- /dev/null +++ b/docs/administration/CLI_tasks/config.md @@ -0,0 +1,19 @@ +# Transfering the config to/from the database + +!!! danger + This is a Work In Progress, not usable just yet. + +Every command should be ran with a prefix, in case of OTP releases it is `./bin/pleroma_ctl config` and in case of source installs it's +`mix pleroma.config`. + +## Transfer config from file to DB. + +```sh +$PREFIX migrate_to_db +``` + +## Transfer config from DB to `config/env.exported_from_db.secret.exs` + +```sh +$PREFIX migrate_from_db +``` diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index 9e5368cf1..8f00915a3 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -131,13 +131,17 @@ config :pleroma, Pleroma.Emails.Mailer, * `user_name_length`: A user name maximum length (default: `100`) * `skip_thread_containment`: Skip filter out broken threads. The default is `false`. * `limit_to_local_content`: Limit unauthenticated users to search for local statutes and users only. Possible values: `:unauthenticated`, `:all` and `false`. The default is `:unauthenticated`. -* `dynamic_configuration`: Allow transferring configuration to DB with the subsequent customization from Admin api. * `max_account_fields`: The maximum number of custom fields in the user profile (default: `10`) * `max_remote_account_fields`: The maximum number of custom fields in the remote user profile (default: `20`) * `account_field_name_length`: An account field name maximum length (default: `512`) * `account_field_value_length`: An account field value maximum length (default: `2048`) * `external_user_synchronization`: Enabling following/followers counters synchronization for external users. +!!! danger + This is a Work In Progress, not usable just yet + +* `dynamic_configuration`: Allow transferring configuration to DB with the subsequent customization from Admin api. + ## :logger -- cgit v1.2.3 From 69784eb75a00fb929765adbeab41022052038cca Mon Sep 17 00:00:00 2001 From: rinpatch Date: Thu, 3 Oct 2019 15:10:04 +0300 Subject: Add a missing language specification --- docs/administration/CLI_tasks/user.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/administration/CLI_tasks/user.md b/docs/administration/CLI_tasks/user.md index 045730753..cf120f2c9 100644 --- a/docs/administration/CLI_tasks/user.md +++ b/docs/administration/CLI_tasks/user.md @@ -35,7 +35,7 @@ $PREFIX revoke_invite ``` ## Delete a user -``` +```sh $PREFIX rm ``` -- cgit v1.2.3 From 06d9df79c5c99069dd12e863c99167eb20b6495b Mon Sep 17 00:00:00 2001 From: eugenijm Date: Wed, 2 Oct 2019 00:37:08 +0300 Subject: Mastodon API: Add `pleroma.unread_conversation_count` to the Account entity --- docs/API/differences_in_mastoapi_responses.md | 1 + 1 file changed, 1 insertion(+) (limited to 'docs') diff --git a/docs/API/differences_in_mastoapi_responses.md b/docs/API/differences_in_mastoapi_responses.md index d007a69c3..21b297529 100644 --- a/docs/API/differences_in_mastoapi_responses.md +++ b/docs/API/differences_in_mastoapi_responses.md @@ -56,6 +56,7 @@ Has these additional fields under the `pleroma` object: - `settings_store`: A generic map of settings for frontends. Opaque to the backend. Only returned in `verify_credentials` and `update_credentials` - `chat_token`: The token needed for Pleroma chat. Only returned in `verify_credentials` - `deactivated`: boolean, true when the user is deactivated +- `unread_conversation_count`: The count of unread conversations. Only returned to the account owner. ### Source -- cgit v1.2.3 From e4ab9a05ddc857298f2f0f36e06c2a874e1d6a6b Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Fri, 4 Oct 2019 00:10:28 +0200 Subject: cheatsheet.md: link to pleroma-fe docs for :frontend_configurations --- docs/configuration/cheatsheet.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index 8f00915a3..b86799ecc 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -189,7 +189,7 @@ See the [Quack Github](https://github.com/azohra/quack) for more details ## :frontend_configurations -This can be used to configure a keyword list that keeps the configuration data for any kind of frontend. By default, settings for `pleroma_fe` and `masto_fe` are configured. +This can be used to configure a keyword list that keeps the configuration data for any kind of frontend. By default, settings for `pleroma_fe` and `masto_fe` are configured. You can find the documentation for `pleroma_fe` configuration into [Pleroma-FE configuration and customization for instance administrators](/frontend/CONFIGURATION/#options). Frontends can access these settings at `/api/pleroma/frontend_configurations` -- cgit v1.2.3 From 795ea5dfc2549b50265cea2f7b7a774356a735b4 Mon Sep 17 00:00:00 2001 From: Maxim Filippov Date: Fri, 4 Oct 2019 18:58:44 +0300 Subject: Move HTTP verb to the header (admin_api.md) --- docs/api/admin_api.md | 190 +++++++++++++++++++++++++++++--------------------- 1 file changed, 109 insertions(+), 81 deletions(-) (limited to 'docs') diff --git a/docs/api/admin_api.md b/docs/api/admin_api.md index ee9e68cb1..045686bf4 100644 --- a/docs/api/admin_api.md +++ b/docs/api/admin_api.md @@ -2,11 +2,10 @@ Authentication is required and the user must be an admin. -## `/api/pleroma/admin/users` +## `GET /api/pleroma/admin/users` ### List users -- Method `GET` - Query Params: - *optional* `query`: **string** search term (e.g. nickname, domain, nickname@domain) - *optional* `filters`: **string** comma-separated string of filters: @@ -47,11 +46,10 @@ Authentication is required and the user must be an admin. } ``` -## `/api/pleroma/admin/users` +## `DELETE /api/pleroma/admin/users` ### Remove a user -- Method `DELETE` - Params: - `nickname` - Response: User’s nickname @@ -69,31 +67,30 @@ Authentication is required and the user must be an admin. ] - Response: User’s nickname -## `/api/pleroma/admin/users/follow` +## `POST /api/pleroma/admin/users/follow` + ### Make a user follow another user -- Methods: `POST` - Params: - - `follower`: The nickname of the follower - - `followed`: The nickname of the followed + - `follower`: The nickname of the follower + - `followed`: The nickname of the followed - Response: - - "ok" + - "ok" + +## `POST /api/pleroma/admin/users/unfollow` -## `/api/pleroma/admin/users/unfollow` ### Make a user unfollow another user -- Methods: `POST` - Params: - - `follower`: The nickname of the follower - - `followed`: The nickname of the followed + - `follower`: The nickname of the follower + - `followed`: The nickname of the followed - Response: - - "ok" + - "ok" -## `/api/pleroma/admin/users/:nickname/toggle_activation` +## `PATCH /api/pleroma/admin/users/:nickname/toggle_activation` ### Toggle user activation -- Method: `PATCH` - Params: - `nickname` - Response: User’s object @@ -106,27 +103,26 @@ Authentication is required and the user must be an admin. } ``` -## `/api/pleroma/admin/users/tag` +## `PUT /api/pleroma/admin/users/tag` ### Tag a list of users -- Method: `PUT` - Params: - `nicknames` (array) - `tags` (array) +## `DELETE /api/pleroma/admin/users/tag` + ### Untag a list of users -- Method: `DELETE` - Params: - `nicknames` (array) - `tags` (array) -## `/api/pleroma/admin/users/:nickname/permission_group` +## `GET /api/pleroma/admin/users/:nickname/permission_group` ### Get user user permission groups membership -- Method: `GET` - Params: none - Response: @@ -137,13 +133,12 @@ Authentication is required and the user must be an admin. } ``` -## `/api/pleroma/admin/users/:nickname/permission_group/:permission_group` +## `GET /api/pleroma/admin/users/:nickname/permission_group/:permission_group` Note: Available `:permission_group` is currently moderator and admin. 404 is returned when the permission group doesn’t exist. ### Get user user permission groups membership per permission group -- Method: `GET` - Params: none - Response: @@ -154,48 +149,47 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret } ``` +## `POST /api/pleroma/admin/users/:nickname/permission_group/:permission_group` + ### Add user in permission group -- Method: `POST` - Params: none - Response: - On failure: `{"error": "…"}` - On success: JSON of the `user.info` +## `DELETE /api/pleroma/admin/users/:nickname/permission_group/:permission_group` + ### Remove user from permission group -- Method: `DELETE` - Params: none - Response: - On failure: `{"error": "…"}` - On success: JSON of the `user.info` - Note: An admin cannot revoke their own admin status. -## `/api/pleroma/admin/users/:nickname/activation_status` +## `PUT /api/pleroma/admin/users/:nickname/activation_status` ### Active or deactivate a user -- Method: `PUT` - Params: - `nickname` - `status` BOOLEAN field, false value means deactivation. -## `/api/pleroma/admin/users/:nickname_or_id` +## `GET /api/pleroma/admin/users/:nickname_or_id` ### Retrive the details of a user -- Method: `GET` - Params: - `nickname` or `id` - Response: - On failure: `Not found` - On success: JSON of the user -## `/api/pleroma/admin/users/:nickname_or_id/statuses` +## `GET /api/pleroma/admin/users/:nickname_or_id/statuses` ### Retrive user's latest statuses -- Method: `GET` - Params: - `nickname` or `id` - *optional* `page_size`: number of statuses to return (default is `20`) @@ -204,29 +198,28 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret - On failure: `Not found` - On success: JSON array of user's latest statuses -## `/api/pleroma/admin/relay` +## `POST /api/pleroma/admin/relay` ### Follow a Relay -- Methods: `POST` - Params: - `relay_url` - Response: - On success: URL of the followed relay +## `DELETE /api/pleroma/admin/relay` + ### Unfollow a Relay -- Methods: `DELETE` - Params: - `relay_url` - Response: - On success: URL of the unfollowed relay -## `/api/pleroma/admin/users/invite_token` +## `POST /api/pleroma/admin/users/invite_token` ### Create an account registration invite token -- Methods: `POST` - Params: - *optional* `max_use` (integer) - *optional* `expires_at` (date string e.g. "2019-04-07") @@ -244,11 +237,10 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret } ``` -## `/api/pleroma/admin/users/invites` +## `GET /api/pleroma/admin/users/invites` ### Get a list of generated invites -- Methods: `GET` - Params: none - Response: @@ -270,11 +262,10 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret } ``` -## `/api/pleroma/admin/users/revoke_invite` +## `POST /api/pleroma/admin/users/revoke_invite` ### Revoke invite by token -- Methods: `POST` - Params: - `token` - Response: @@ -292,21 +283,18 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret } ``` - -## `/api/pleroma/admin/users/email_invite` +## `POST /api/pleroma/admin/users/email_invite` ### Sends registration invite via email -- Methods: `POST` - Params: - `email` - `name`, optional -## `/api/pleroma/admin/users/:nickname/password_reset` +## `GET /api/pleroma/admin/users/:nickname/password_reset` ### Get a password reset token for a given nickname -- Methods: `GET` - Params: none - Response: @@ -317,18 +305,17 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret } ``` - -## `/api/pleroma/admin/users/:nickname/force_password_reset` +## `PATCH /api/pleroma/admin/users/:nickname/force_password_reset` ### Force passord reset for a user with a given nickname -- Methods: `PATCH` - Params: none - Response: none (code `204`) -## `/api/pleroma/admin/reports` +## `GET /api/pleroma/admin/reports` + ### Get a list of reports -- Method `GET` + - Params: - *optional* `state`: **string** the state of reports. Valid values are `open`, `closed` and `resolved` - *optional* `limit`: **integer** the number of records to retrieve @@ -343,7 +330,7 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret ```json { - "total" : 1, + "totalReports" : 1, "reports": [ { "account": { @@ -481,13 +468,24 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret } ] } + ], + "totalGroupedReports": 1, + "groupedReports": [ + { + "date": "2019-01-01", // date of the latest report + "account": { ... }, // author of the reported status + "status": { ... }, // reported status + "actors": [{ ... }, { ... }], // accounts that sent reports on the status + "reports": [{ ... }] + } ] } ``` -## `/api/pleroma/admin/reports/:id` +## `GET /api/pleroma/admin/reports/:id` + ### Get an individual report -- Method `GET` + - Params: - `id` - Response: @@ -496,22 +494,41 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret - 404 Not Found `"Not found"` - On success: JSON, Report object (see above) -## `/api/pleroma/admin/reports/:id` -### Change the state of the report -- Method `PUT` +## `PATCH /api/pleroma/admin/reports` + +### Change the state of one or multiple reports + - Params: - - `id` - - `state`: required, the new state. Valid values are `open`, `closed` and `resolved` + +```json + `reports`: [ + { + `id`, // required, report id + `state` // required, the new state. Valid values are `open`, `closed` and `resolved` + }, + ... + ] +``` + - Response: - On failure: - - 400 Bad Request `"Unsupported state"` - - 403 Forbidden `{"error": "error_msg"}` - - 404 Not Found `"Not found"` - - On success: JSON, Report object (see above) + - 400 Bad Request, JSON: + + ```json + [ + { + `id`, // report id + `error` // error message + } + ] + ``` + + - On success: `204`, empty response + +## `POST /api/pleroma/admin/reports/:id/respond` -## `/api/pleroma/admin/reports/:id/respond` ### Respond to a report -- Method `POST` + - Params: - `id` - `status`: required, the message @@ -581,9 +598,10 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret } ``` -## `/api/pleroma/admin/statuses/:id` +## `PUT /api/pleroma/admin/statuses/:id` + ### Change the scope of an individual reported status -- Method `PUT` + - Params: - `id` - `sensitive`: optional, valid values are `true` or `false` @@ -595,9 +613,10 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret - 404 Not Found `"Not found"` - On success: JSON, Mastodon Status entity -## `/api/pleroma/admin/statuses/:id` +## `DELETE /api/pleroma/admin/statuses/:id` + ### Delete an individual reported status -- Method `DELETE` + - Params: - `id` - Response: @@ -606,11 +625,12 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret - 404 Not Found `"Not found"` - On success: 200 OK `{}` +## `GET /api/pleroma/admin/config/migrate_to_db` -## `/api/pleroma/admin/config/migrate_to_db` ### Run mix task pleroma.config migrate_to_db + Copy settings on key `:pleroma` to DB. -- Method `GET` + - Params: none - Response: @@ -618,9 +638,12 @@ Copy settings on key `:pleroma` to DB. {} ``` -## `/api/pleroma/admin/config/migrate_from_db` +## `GET /api/pleroma/admin/config/migrate_from_db` + ### Run mix task pleroma.config migrate_from_db + Copy all settings from DB to `config/prod.exported_from_db.secret.exs` with deletion from DB. + - Method `GET` - Params: none - Response: @@ -629,10 +652,12 @@ Copy all settings from DB to `config/prod.exported_from_db.secret.exs` with dele {} ``` -## `/api/pleroma/admin/config` +## `GET /api/pleroma/admin/config` + ### List config settings + List config settings only works with `:pleroma => :instance => :dynamic_configuration` setting to `true`. -- Method `GET` + - Params: none - Response: @@ -648,8 +673,10 @@ List config settings only works with `:pleroma => :instance => :dynamic_configur } ``` -## `/api/pleroma/admin/config` +## `POST /api/pleroma/admin/config` + ### Update config settings + Updating config settings only works with `:pleroma => :instance => :dynamic_configuration` setting to `true`. Module name can be passed as string, which starts with `Pleroma`, e.g. `"Pleroma.Upload"`. Atom keys and values can be passed with `:` in the beginning, e.g. `":upload"`. @@ -672,7 +699,6 @@ Compile time settings (need instance reboot): - `Pleroma.Upload` -> `:proxy_remote` - `:instance` -> `:upload_limit` -- Method `POST` - Params: - `configs` => [ - `group` (string) @@ -727,9 +753,10 @@ Compile time settings (need instance reboot): } ``` -## `/api/pleroma/admin/moderation_log` +## `GET /api/pleroma/admin/moderation_log` + ### Get moderation log -- Method `GET` + - Params: - *optional* `page`: **integer** page number - *optional* `page_size`: **integer** number of log entries per page (default is `50`) @@ -756,8 +783,9 @@ Compile time settings (need instance reboot): ``` ## `POST /api/pleroma/admin/reload_emoji` + ### Reload the instance's custom emoji -* Method `POST` -* Authentication: required -* Params: None -* Response: JSON, "ok" and 200 status + +- Authentication: required +- Params: None +- Response: JSON, "ok" and 200 status -- cgit v1.2.3 From e07e9cb75e6605218acea1ef41772ca29124bd0d Mon Sep 17 00:00:00 2001 From: kaniini Date: Sat, 5 Oct 2019 10:00:05 +0000 Subject: Revert "Merge branch 'user-info-unread-direct-conversation' into 'develop'" This reverts merge request !1737 --- docs/API/differences_in_mastoapi_responses.md | 1 - 1 file changed, 1 deletion(-) (limited to 'docs') diff --git a/docs/API/differences_in_mastoapi_responses.md b/docs/API/differences_in_mastoapi_responses.md index 21b297529..d007a69c3 100644 --- a/docs/API/differences_in_mastoapi_responses.md +++ b/docs/API/differences_in_mastoapi_responses.md @@ -56,7 +56,6 @@ Has these additional fields under the `pleroma` object: - `settings_store`: A generic map of settings for frontends. Opaque to the backend. Only returned in `verify_credentials` and `update_credentials` - `chat_token`: The token needed for Pleroma chat. Only returned in `verify_credentials` - `deactivated`: boolean, true when the user is deactivated -- `unread_conversation_count`: The count of unread conversations. Only returned to the account owner. ### Source -- cgit v1.2.3 From 8249924485965148f3a690c5d76e5f8b3bd78940 Mon Sep 17 00:00:00 2001 From: eugenijm Date: Wed, 2 Oct 2019 00:37:08 +0300 Subject: Mastodon API: Add `pleroma.unread_conversation_count` to the Account entity --- docs/API/differences_in_mastoapi_responses.md | 1 + 1 file changed, 1 insertion(+) (limited to 'docs') diff --git a/docs/API/differences_in_mastoapi_responses.md b/docs/API/differences_in_mastoapi_responses.md index d007a69c3..21b297529 100644 --- a/docs/API/differences_in_mastoapi_responses.md +++ b/docs/API/differences_in_mastoapi_responses.md @@ -56,6 +56,7 @@ Has these additional fields under the `pleroma` object: - `settings_store`: A generic map of settings for frontends. Opaque to the backend. Only returned in `verify_credentials` and `update_credentials` - `chat_token`: The token needed for Pleroma chat. Only returned in `verify_credentials` - `deactivated`: boolean, true when the user is deactivated +- `unread_conversation_count`: The count of unread conversations. Only returned to the account owner. ### Source -- cgit v1.2.3 From 4b3f77a99ff849f7593f63f7dccd206683b34d97 Mon Sep 17 00:00:00 2001 From: Sergey Suprunenko Date: Mon, 7 Oct 2019 12:20:41 +0000 Subject: Extract RSS Feed functionality from OStatus --- docs/configuration/cheatsheet.md | 1 + 1 file changed, 1 insertion(+) (limited to 'docs') diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index b86799ecc..8d85276ed 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -475,6 +475,7 @@ config :pleroma, :workers, * Pleroma.Web.Metadata.Providers.OpenGraph * Pleroma.Web.Metadata.Providers.TwitterCard * Pleroma.Web.Metadata.Providers.RelMe - add links from user bio with rel=me into the `
` as `` + * Pleroma.Web.Metadata.Providers.Feed - add a link to a user's Atom feed into the `
` as `` * `unfurl_nsfw`: If set to `true` nsfw attachments will be shown in previews ## :rich_media -- cgit v1.2.3 From 7aceaa517be7b109a9acc15fb4914535b536b66c Mon Sep 17 00:00:00 2001 From: Maxim Filippov Date: Mon, 7 Oct 2019 15:01:18 +0300 Subject: Admin API: Reports, grouped by status --- docs/api/admin_api.md | 30 ++++++++++++++++++++++-------- 1 file changed, 22 insertions(+), 8 deletions(-) (limited to 'docs') diff --git a/docs/api/admin_api.md b/docs/api/admin_api.md index 045686bf4..e8232225c 100644 --- a/docs/api/admin_api.md +++ b/docs/api/admin_api.md @@ -468,18 +468,32 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret } ] } - ], - "totalGroupedReports": 1, - "groupedReports": [ + ] +} +``` + +## `GET /api/pleroma/admin/grouped_reports` + +### Get a list of reports, grouped by status + +- Params: none +- On success: JSON, returns a list of reports, where: + - `date`: date of the latest report + - `account`: the user who has been reported (see `/api/pleroma/admin/reports` for reference) + - `status`: reported status (see `/api/pleroma/admin/reports` for reference) + - `actors`: users who had reported this status (see `/api/pleroma/admin/reports` for reference) + - `reports`: reports (see `/api/pleroma/admin/reports` for reference) + +```json + "reports": [ { - "date": "2019-01-01", // date of the latest report - "account": { ... }, // author of the reported status - "status": { ... }, // reported status - "actors": [{ ... }, { ... }], // accounts that sent reports on the status + "date": "2019-10-07T12:31:39.615149Z", + "account": { ... }, + "status": { ... }, + "actors": [{ ... }, { ... }], "reports": [{ ... }] } ] -} ``` ## `GET /api/pleroma/admin/reports/:id` -- cgit v1.2.3 From ad42837244ba4c945b76c5addaffe47353cf62a8 Mon Sep 17 00:00:00 2001 From: Maxim Filippov Date: Wed, 9 Oct 2019 17:03:54 +0300 Subject: Ability to toggle activation status and permission group for a group of users --- docs/API/admin_api.md | 49 ++++++++++++++++++++++++++++++++++++++++--------- 1 file changed, 40 insertions(+), 9 deletions(-) (limited to 'docs') diff --git a/docs/API/admin_api.md b/docs/API/admin_api.md index ee9e68cb1..55f8749e1 100644 --- a/docs/API/admin_api.md +++ b/docs/API/admin_api.md @@ -154,31 +154,62 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret } ``` +## `POST /api/pleroma/admin/users/permission_group/:permission_group` + ### Add user in permission group -- Method: `POST` -- Params: none +- Params: + - `nicknames`: nicknames array - Response: - On failure: `{"error": "…"}` - On success: JSON of the `user.info` +## `DELETE /api/pleroma/admin/users/permission_group/:permission_group` + ### Remove user from permission group -- Method: `DELETE` -- Params: none +- Params: + - `nicknames`: nicknames array - Response: - On failure: `{"error": "…"}` - On success: JSON of the `user.info` - Note: An admin cannot revoke their own admin status. -## `/api/pleroma/admin/users/:nickname/activation_status` +## `PATCH /api/pleroma/admin/users/activate` -### Active or deactivate a user +### Activate user -- Method: `PUT` - Params: - - `nickname` - - `status` BOOLEAN field, false value means deactivation. + - `nicknames`: nicknames array +- Response: + +```json +{ + users: [ + { + // user object + } + ] +} +``` + +## `PATCH /api/pleroma/admin/users/deactivate` + +### Deactivate user + +- Params: + - `nicknames`: nicknames array +- Response: + +```json +{ + users: [ + { + // user object + } + ] +} +``` ## `/api/pleroma/admin/users/:nickname_or_id` -- cgit v1.2.3 From f5104f36bbec7d49d4ff5acee4b9d28223c6474d Mon Sep 17 00:00:00 2001 From: Maxim Filippov Date: Fri, 11 Oct 2019 00:24:31 +0300 Subject: Deprecate /api/pleroma/admin/users/:nickname/toggle_activation instead of deleting it --- docs/API/admin_api.md | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'docs') diff --git a/docs/API/admin_api.md b/docs/API/admin_api.md index 55f8749e1..b0b827960 100644 --- a/docs/API/admin_api.md +++ b/docs/API/admin_api.md @@ -211,6 +211,14 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret } ``` +## DEPRECATED `PATCH /api/pleroma/admin/users/:nickname/activation_status` + +### Active or deactivate a user + +- Params: + - `nickname` + - `status` BOOLEAN field, false value means deactivation. + ## `/api/pleroma/admin/users/:nickname_or_id` ### Retrive the details of a user -- cgit v1.2.3 From aaa4252f416fbad099f95232de4cf6eab11dd7d2 Mon Sep 17 00:00:00 2001 From: Maxim Filippov Date: Fri, 11 Oct 2019 15:58:45 +0300 Subject: Deprecate POST/DELETE /api/pleroma/admin/users/:nickname/permission_group/:permission_group instead of deleting it --- docs/API/admin_api.md | 23 +++++++++++++++++++++-- 1 file changed, 21 insertions(+), 2 deletions(-) (limited to 'docs') diff --git a/docs/API/admin_api.md b/docs/API/admin_api.md index b0b827960..2c8237b57 100644 --- a/docs/API/admin_api.md +++ b/docs/API/admin_api.md @@ -154,9 +154,18 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret } ``` +## DEPRECATED `POST /api/pleroma/admin/users/:nickname/permission_group/:permission_group` + +### Add user to permission group + +- Params: none +- Response: + - On failure: `{"error": "…"}` + - On success: JSON of the `user.info` + ## `POST /api/pleroma/admin/users/permission_group/:permission_group` -### Add user in permission group +### Add users to permission group - Params: - `nicknames`: nicknames array @@ -164,10 +173,20 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret - On failure: `{"error": "…"}` - On success: JSON of the `user.info` -## `DELETE /api/pleroma/admin/users/permission_group/:permission_group` +## DEPRECATED `DELETE /api/pleroma/admin/users/:nickname/permission_group/:permission_group` ### Remove user from permission group +- Params: none +- Response: + - On failure: `{"error": "…"}` + - On success: JSON of the `user.info` +- Note: An admin cannot revoke their own admin status. + +## `DELETE /api/pleroma/admin/users/permission_group/:permission_group` + +### Remove users from permission group + - Params: - `nicknames`: nicknames array - Response: -- cgit v1.2.3 From cc6875b582df49d2cb780e0940b85d5b04fe0e74 Mon Sep 17 00:00:00 2001 From: Maxim Filippov Date: Fri, 11 Oct 2019 19:12:29 +0300 Subject: Add `GET /api/pleroma/admin/relay` endpoint - lists all followed relays --- docs/API/admin_api.md | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'docs') diff --git a/docs/API/admin_api.md b/docs/API/admin_api.md index ee9e68cb1..1c5c8afa4 100644 --- a/docs/API/admin_api.md +++ b/docs/API/admin_api.md @@ -222,6 +222,14 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret - Response: - On success: URL of the unfollowed relay +## `GET /api/pleroma/admin/relay` + +### List Relays + +- Params: none +- Response: + - On success: JSON array of relays + ## `/api/pleroma/admin/users/invite_token` ### Create an account registration invite token -- cgit v1.2.3 From a97b642289659a5fccb5943c54caa1ecdce5fd2f Mon Sep 17 00:00:00 2001 From: eugenijm Date: Tue, 8 Oct 2019 23:05:57 +0300 Subject: Mastodon API: Add `exclude_visibilities` parameter to the timeline and notification endpoints --- docs/API/differences_in_mastoapi_responses.md | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'docs') diff --git a/docs/API/differences_in_mastoapi_responses.md b/docs/API/differences_in_mastoapi_responses.md index 21b297529..aca0f5e0e 100644 --- a/docs/API/differences_in_mastoapi_responses.md +++ b/docs/API/differences_in_mastoapi_responses.md @@ -13,6 +13,7 @@ Some apps operate under the assumption that no more than 4 attachments can be re ## Timelines Adding the parameter `with_muted=true` to the timeline queries will also return activities by muted (not by blocked!) users. +Adding the parameter `exclude_visibilities` to the timeline queries will exclude the statuses with the given visibilities. The parameter accepts an array of visibility types (`public`, `unlisted`, `private`, `direct`), e.g., `exclude_visibilities[]=direct&exclude_visibilities[]=private`. ## Statuses @@ -84,6 +85,12 @@ Has these additional fields under the `pleroma` object: - `is_seen`: true if the notification was read by the user +## GET `/api/v1/notifications` + +Accepts additional parameters: + +- `exclude_visibilities`: will exclude the notifications for activities with the given visibilities. The parameter accepts an array of visibility types (`public`, `unlisted`, `private`, `direct`). Usage example: `GET /api/v1/notifications?exclude_visibilities[]=direct&exclude_visibilities[]=private`. + ## POST `/api/v1/statuses` Additional parameters can be added to the JSON body/Form data: -- cgit v1.2.3 From 0e9243e8a28e957f2a9401eb153cc2b27723d0a3 Mon Sep 17 00:00:00 2001 From: rinpatch Date: Mon, 14 Oct 2019 18:38:51 +0300 Subject: Preparations for renaming `master` to `stable` --- docs/installation/alpine_linux_en.md | 2 +- docs/installation/arch_linux_en.md | 2 +- docs/installation/centos7_en.md | 2 +- docs/installation/debian_based_en.md | 2 +- docs/installation/debian_based_jp.md | 2 +- docs/installation/gentoo_en.md | 2 +- docs/installation/migrating_from_source_otp_en.md | 4 ++-- docs/installation/netbsd_en.md | 2 +- docs/installation/openbsd_en.md | 2 +- docs/installation/openbsd_fi.md | 2 +- docs/installation/otp_en.md | 2 +- 11 files changed, 12 insertions(+), 12 deletions(-) (limited to 'docs') diff --git a/docs/installation/alpine_linux_en.md b/docs/installation/alpine_linux_en.md index f5d1fade1..2a9b8f6ff 100644 --- a/docs/installation/alpine_linux_en.md +++ b/docs/installation/alpine_linux_en.md @@ -91,7 +91,7 @@ sudo adduser -S -s /bin/false -h /opt/pleroma -H -G pleroma pleroma ```shell sudo mkdir -p /opt/pleroma sudo chown -R pleroma:pleroma /opt/pleroma -sudo -Hu pleroma git clone -b master https://git.pleroma.social/pleroma/pleroma /opt/pleroma +sudo -Hu pleroma git clone -b stable https://git.pleroma.social/pleroma/pleroma /opt/pleroma ``` * Change to the new directory: diff --git a/docs/installation/arch_linux_en.md b/docs/installation/arch_linux_en.md index 58a8d023f..8370986ad 100644 --- a/docs/installation/arch_linux_en.md +++ b/docs/installation/arch_linux_en.md @@ -66,7 +66,7 @@ sudo useradd -r -s /bin/false -m -d /var/lib/pleroma -U pleroma ```shell sudo mkdir -p /opt/pleroma sudo chown -R pleroma:pleroma /opt/pleroma -sudo -Hu pleroma git clone -b master https://git.pleroma.social/pleroma/pleroma /opt/pleroma +sudo -Hu pleroma git clone -b stable https://git.pleroma.social/pleroma/pleroma /opt/pleroma ``` * Change to the new directory: diff --git a/docs/installation/centos7_en.md b/docs/installation/centos7_en.md index fe26339b5..ad4f58dc1 100644 --- a/docs/installation/centos7_en.md +++ b/docs/installation/centos7_en.md @@ -143,7 +143,7 @@ sudo useradd -r -s /bin/false -m -d /var/lib/pleroma -U pleroma ```shell sudo mkdir -p /opt/pleroma sudo chown -R pleroma:pleroma /opt/pleroma -sudo -Hu pleroma git clone -b master https://git.pleroma.social/pleroma/pleroma /opt/pleroma +sudo -Hu pleroma git clone -b stable https://git.pleroma.social/pleroma/pleroma /opt/pleroma ``` * Change to the new directory: diff --git a/docs/installation/debian_based_en.md b/docs/installation/debian_based_en.md index e5f8dd670..fe2dbb92d 100644 --- a/docs/installation/debian_based_en.md +++ b/docs/installation/debian_based_en.md @@ -68,7 +68,7 @@ sudo useradd -r -s /bin/false -m -d /var/lib/pleroma -U pleroma ```shell sudo mkdir -p /opt/pleroma sudo chown -R pleroma:pleroma /opt/pleroma -sudo -Hu pleroma git clone -b master https://git.pleroma.social/pleroma/pleroma /opt/pleroma +sudo -Hu pleroma git clone -b stable https://git.pleroma.social/pleroma/pleroma /opt/pleroma ``` * Change to the new directory: diff --git a/docs/installation/debian_based_jp.md b/docs/installation/debian_based_jp.md index e7d834b17..7aa0bcc24 100644 --- a/docs/installation/debian_based_jp.md +++ b/docs/installation/debian_based_jp.md @@ -68,7 +68,7 @@ sudo useradd -r -s /bin/false -m -d /var/lib/pleroma -U pleroma ``` sudo mkdir -p /opt/pleroma sudo chown -R pleroma:pleroma /opt/pleroma -sudo -Hu pleroma git clone -b master https://git.pleroma.social/pleroma/pleroma /opt/pleroma +sudo -Hu pleroma git clone -b stable https://git.pleroma.social/pleroma/pleroma /opt/pleroma ``` * 新しいディレクトリに移動します。 diff --git a/docs/installation/gentoo_en.md b/docs/installation/gentoo_en.md index 55d677acf..1e61373cc 100644 --- a/docs/installation/gentoo_en.md +++ b/docs/installation/gentoo_en.md @@ -106,7 +106,7 @@ It is highly recommended you use your own fork for the `https://path/to/repo` pa ```shell pleroma$ cd ~ - pleroma$ git clone -b master https://path/to/repo + pleroma$ git clone -b stable https://path/to/repo ``` * Change to the new directory: diff --git a/docs/installation/migrating_from_source_otp_en.md b/docs/installation/migrating_from_source_otp_en.md index e204cb3ee..87568faad 100644 --- a/docs/installation/migrating_from_source_otp_en.md +++ b/docs/installation/migrating_from_source_otp_en.md @@ -96,9 +96,9 @@ rm -r ~pleroma/* export FLAVOUR="arm64-musl" # Clone the release build into a temporary directory and unpack it -# Replace `master` with `develop` if you want to run the develop branch +# Replace `stable` with `unstable` if you want to run the unstable branch su pleroma -s $SHELL -lc " -curl 'https://git.pleroma.social/api/v4/projects/2/jobs/artifacts/master/download?job=$FLAVOUR' -o /tmp/pleroma.zip +curl 'https://git.pleroma.social/api/v4/projects/2/jobs/artifacts/stable/download?job=$FLAVOUR' -o /tmp/pleroma.zip unzip /tmp/pleroma.zip -d /tmp/ " diff --git a/docs/installation/netbsd_en.md b/docs/installation/netbsd_en.md index a096d5354..6a922a27e 100644 --- a/docs/installation/netbsd_en.md +++ b/docs/installation/netbsd_en.md @@ -58,7 +58,7 @@ Clone the repository: ``` $ cd /home/pleroma -$ git clone -b master https://git.pleroma.social/pleroma/pleroma.git +$ git clone -b stable https://git.pleroma.social/pleroma/pleroma.git ``` Configure Pleroma. Note that you need a domain name at this point: diff --git a/docs/installation/openbsd_en.md b/docs/installation/openbsd_en.md index fcba38b2c..3585a326b 100644 --- a/docs/installation/openbsd_en.md +++ b/docs/installation/openbsd_en.md @@ -29,7 +29,7 @@ This creates a "pleroma" login class and sets higher values than default for dat Create the \_pleroma user, assign it the pleroma login class and create its home directory (/home/\_pleroma/): `useradd -m -L pleroma _pleroma` #### Clone pleroma's directory -Enter a shell as the \_pleroma user. As root, run `su _pleroma -;cd`. Then clone the repository with `git clone -b master https://git.pleroma.social/pleroma/pleroma.git`. Pleroma is now installed in /home/\_pleroma/pleroma/, it will be configured and started at the end of this guide. +Enter a shell as the \_pleroma user. As root, run `su _pleroma -;cd`. Then clone the repository with `git clone -b stable https://git.pleroma.social/pleroma/pleroma.git`. Pleroma is now installed in /home/\_pleroma/pleroma/, it will be configured and started at the end of this guide. #### Postgresql Start a shell as the \_postgresql user (as root run `su _postgresql -` then run the `initdb` command to initialize postgresql: diff --git a/docs/installation/openbsd_fi.md b/docs/installation/openbsd_fi.md index 39819a8c8..272273cff 100644 --- a/docs/installation/openbsd_fi.md +++ b/docs/installation/openbsd_fi.md @@ -44,7 +44,7 @@ Vaihda pleroma-käyttäjään ja mene kotihakemistoosi: Lataa pleroman lähdekoodi: -`$ git clone -b master https://git.pleroma.social/pleroma/pleroma.git` +`$ git clone -b stable https://git.pleroma.social/pleroma/pleroma.git` `$ cd pleroma` diff --git a/docs/installation/otp_en.md b/docs/installation/otp_en.md index b4e5254cd..c028f4229 100644 --- a/docs/installation/otp_en.md +++ b/docs/installation/otp_en.md @@ -80,7 +80,7 @@ export FLAVOUR="arm64-musl" # Clone the release build into a temporary directory and unpack it su pleroma -s $SHELL -lc " -curl 'https://git.pleroma.social/api/v4/projects/2/jobs/artifacts/master/download?job=$FLAVOUR' -o /tmp/pleroma.zip +curl 'https://git.pleroma.social/api/v4/projects/2/jobs/artifacts/stable/download?job=$FLAVOUR' -o /tmp/pleroma.zip unzip /tmp/pleroma.zip -d /tmp/ " -- cgit v1.2.3 From df3c2dfd8bed82121f3dcfba18105ce8ee5daddf Mon Sep 17 00:00:00 2001 From: KokaKiwi Date: Sat, 19 Oct 2019 12:11:25 +0200 Subject: Add documentation for PWA manifest configuration. --- docs/configuration/cheatsheet.md | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) (limited to 'docs') diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index 8d85276ed..3427ae419 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -247,6 +247,35 @@ relates to mascots on the mastodon frontend * `default_mascot`: An element from `mascots` - This will be used as the default mascot on MastoFE (default: `:pleroma_fox_tan`) +## :manifest + +This section describe PWA manifest instance-specific values. Currently this option relate only for MastoFE. + +* `icons`: Describe the icons of the app, this a list of maps describing icons in the same way as the + [spec](https://www.w3.org/TR/appmanifest/#imageresource-and-its-members) describes it. + + Example: + + ```elixir + config :pleroma, :manifest, + icons: [ + %{ + src: "/static/logo.png" + }, + %{ + src: "/static/icon.png", + type: "image/png" + }, + %{ + src: "/static/icon.ico", + sizes: "72x72 96x96 128x128 256x256" + } + ] + ``` + +* `theme_color`: Describe the theme color of the app. (Example: `"#282c37"`, `"rebeccapurple"`) +* `background_color`: Describe the background color of the app. (Example: `"#191b22"`, `"aliceblue"`) + ## :mrf_simple * `media_removal`: List of instances to remove medias from * `media_nsfw`: List of instances to put medias as NSFW(sensitive) from -- cgit v1.2.3 From 52ed2f8f2d962154ba61b31a3f5aab13dc7217fc Mon Sep 17 00:00:00 2001 From: eugenijm Date: Fri, 11 Oct 2019 06:40:58 +0300 Subject: Pleroma API: `POST /api/v1/pleroma/conversations/read` to mark all user's conversations as read --- docs/API/pleroma_api.md | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'docs') diff --git a/docs/API/pleroma_api.md b/docs/API/pleroma_api.md index 0517bbdd7..6c326dc9b 100644 --- a/docs/API/pleroma_api.md +++ b/docs/API/pleroma_api.md @@ -367,6 +367,13 @@ The status posting endpoint takes an additional parameter, `in_reply_to_conversa * `recipients`: A list of ids of users that should receive posts to this conversation. This will replace the current list of recipients, so submit the full list. The owner of owner of the conversation will always be part of the set of recipients, though. * Response: JSON, statuses (200 - healthy, 503 unhealthy) +## `GET /api/v1/pleroma/conversations/read` +### Marks all user's conversations as read. +* Method `POST` +* Authentication: required +* Params: None +* Response: JSON, returns a list of Mastodon Conversation entities that were marked as read (200 - healthy, 503 unhealthy). + ## `GET /api/pleroma/emoji/packs` ### Lists the custom emoji packs on the server * Method `GET` -- cgit v1.2.3 From e8843974cb9b8adfe8798bb8f7ff17b7a92f5ab8 Mon Sep 17 00:00:00 2001 From: Ivan Tashkinov Date: Sun, 20 Oct 2019 13:42:42 +0300 Subject: [#1304] Moved remaining fields from User.Info to User. Misc. fixes / improvements. --- docs/API/admin_api.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'docs') diff --git a/docs/API/admin_api.md b/docs/API/admin_api.md index ee9e68cb1..b56f53967 100644 --- a/docs/API/admin_api.md +++ b/docs/API/admin_api.md @@ -160,7 +160,7 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret - Params: none - Response: - On failure: `{"error": "…"}` - - On success: JSON of the `user.info` + - On success: JSON of the user ### Remove user from permission group @@ -168,7 +168,7 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret - Params: none - Response: - On failure: `{"error": "…"}` - - On success: JSON of the `user.info` + - On success: JSON of the user - Note: An admin cannot revoke their own admin status. ## `/api/pleroma/admin/users/:nickname/activation_status` -- cgit v1.2.3 From ee04fbc35ad56784614c8cdd3f863da284a5725e Mon Sep 17 00:00:00 2001 From: Ivan Tashkinov Date: Sun, 20 Oct 2019 22:29:56 +0300 Subject: [#1304]. Post-merge fixes. Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into 1304-user-info-deprecation # Conflicts: # CHANGELOG.md # lib/pleroma/notification.ex # lib/pleroma/user.ex # lib/pleroma/user/info.ex # lib/pleroma/web/admin_api/admin_api_controller.ex # lib/pleroma/web/ostatus/handlers/follow_handler.ex # lib/pleroma/web/ostatus/ostatus.ex # lib/pleroma/web/salmon/salmon.ex # lib/pleroma/web/websub/websub.ex # test/web/admin_api/admin_api_controller_test.exs # test/web/federator_test.exs # test/web/mastodon_api/controllers/conversation_controller_test.exs # test/web/ostatus/ostatus_controller_test.exs # test/web/ostatus/ostatus_test.exs # test/web/salmon/salmon_test.exs # test/web/websub/websub_test.exs --- docs/API/admin_api.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'docs') diff --git a/docs/API/admin_api.md b/docs/API/admin_api.md index 6faf1786b..e64ae6429 100644 --- a/docs/API/admin_api.md +++ b/docs/API/admin_api.md @@ -180,7 +180,7 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret - `nicknames`: nicknames array - Response: - On failure: `{"error": "…"}` - - On success: JSON of the `user.info` + - On success: JSON of the user ## DEPRECATED `DELETE /api/pleroma/admin/users/:nickname/permission_group/:permission_group` @@ -200,7 +200,7 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret - `nicknames`: nicknames array - Response: - On failure: `{"error": "…"}` - - On success: JSON of the `user.info` + - On success: JSON of the user - Note: An admin cannot revoke their own admin status. ## `PATCH /api/pleroma/admin/users/activate` -- cgit v1.2.3 From ab5c8ec9fac8045cd5a3f25526f302bc9249e1bf Mon Sep 17 00:00:00 2001 From: Maxim Filippov Date: Fri, 1 Nov 2019 20:26:52 +0300 Subject: Update docs --- docs/API/admin_api.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'docs') diff --git a/docs/API/admin_api.md b/docs/API/admin_api.md index e64ae6429..c042b08ac 100644 --- a/docs/API/admin_api.md +++ b/docs/API/admin_api.md @@ -392,13 +392,13 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret } ``` - -## `/api/pleroma/admin/users/:nickname/force_password_reset` +## `/api/pleroma/admin/users/force_password_reset` ### Force passord reset for a user with a given nickname - Methods: `PATCH` -- Params: none +- Params: + - `nicknames` - Response: none (code `204`) ## `/api/pleroma/admin/reports` -- cgit v1.2.3 From 7888803ffed428438ed107d35a856647a46b347d Mon Sep 17 00:00:00 2001 From: eugenijm Date: Thu, 7 Nov 2019 03:00:21 +0300 Subject: Mastodon API: Add the `recipients` parameter to `GET /api/v1/conversations` --- docs/API/differences_in_mastoapi_responses.md | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'docs') diff --git a/docs/API/differences_in_mastoapi_responses.md b/docs/API/differences_in_mastoapi_responses.md index aca0f5e0e..7fbe17130 100644 --- a/docs/API/differences_in_mastoapi_responses.md +++ b/docs/API/differences_in_mastoapi_responses.md @@ -72,6 +72,12 @@ Has an additional field under the `pleroma` object: - `recipients`: The list of the recipients of this Conversation. These will be addressed when replying to this conversation. +## GET `/api/v1/conversations` + +Accepts additional parameters: + +- `recipients`: Only return conversations with the given recipients (a list of user ids). Usage example: `GET /api/v1/conversations?recipients[]=1&recipients[]=2` + ## Account Search Behavior has changed: -- cgit v1.2.3 From 518b0193a1d769d0e02c3d7cd853c1f79fab9642 Mon Sep 17 00:00:00 2001 From: rinpatch Date: Sun, 10 Nov 2019 03:33:36 +0300 Subject: Big config cheatsheet revamp Categorize things, remove old deprecation warnings, consistently place dots in unordered lists, fix links, etc. --- docs/configuration/cheatsheet.md | 874 +++++++++++++++++++-------------------- 1 file changed, 432 insertions(+), 442 deletions(-) (limited to 'docs') diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index 3427ae419..8f609fcfd 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -6,135 +6,66 @@ Pleroma configuration works by first importing the base config (`config/config.e You shouldn't edit the base config directly to avoid breakages and merge conflicts, but it can be used as a reference if you don't understand how an option is supposed to be formatted, the latest version of it can be viewed [here](https://git.pleroma.social/pleroma/pleroma/blob/develop/config/config.exs). - -## Pleroma.Upload -* `uploader`: Select which `Pleroma.Uploaders` to use -* `filters`: List of `Pleroma.Upload.Filter` to use. -* `link_name`: When enabled Pleroma will add a `name` parameter to the url of the upload, for example `https://instance.tld/media/corndog.png?name=corndog.png`. This is needed to provide the correct filename in Content-Disposition headers when using filters like `Pleroma.Upload.Filter.Dedupe` -* `base_url`: The base URL to access a user-uploaded file. Useful when you want to proxy the media files via another host. -* `proxy_remote`: If you're using a remote uploader, Pleroma will proxy media requests instead of redirecting to it. -* `proxy_opts`: Proxy options, see `Pleroma.ReverseProxy` documentation. - -!!! warning - `strip_exif` has been replaced by `Pleroma.Upload.Filter.Mogrify`. - -## Pleroma.Uploaders.Local -* `uploads`: Which directory to store the user-uploads in, relative to pleroma’s working directory - -## Pleroma.Uploaders.S3 -* `bucket`: S3 bucket name -* `bucket_namespace`: S3 bucket namespace -* `public_endpoint`: S3 endpoint that the user finally accesses(ex. "https://s3.dualstack.ap-northeast-1.amazonaws.com") -* `truncated_namespace`: If you use S3 compatible service such as Digital Ocean Spaces or CDN, set folder name or "" etc. -For example, when using CDN to S3 virtual host format, set "". -At this time, write CNAME to CDN in public_endpoint. -* `streaming_enabled`: Enable streaming uploads, when enabled the file will be sent to the server in chunks as it's being read. This may be unsupported by some providers, try disabling this if you have upload problems. - -## Pleroma.Upload.Filter.Mogrify - -* `args`: List of actions for the `mogrify` command like `"strip"` or `["strip", "auto-orient", {"implode", "1"}]`. - -## Pleroma.Upload.Filter.Dedupe - -No specific configuration. - -## Pleroma.Upload.Filter.AnonymizeFilename - -This filter replaces the filename (not the path) of an upload. For complete obfuscation, add -`Pleroma.Upload.Filter.Dedupe` before AnonymizeFilename. - -* `text`: Text to replace filenames in links. If empty, `{random}.extension` will be used. You can get the original filename extension by using `{extension}`, for example `custom-file-name.{extension}`. - -## Pleroma.Emails.Mailer -* `adapter`: one of the mail adapters listed in [Swoosh readme](https://github.com/swoosh/swoosh#adapters), or `Swoosh.Adapters.Local` for in-memory mailbox. -* `api_key` / `password` and / or other adapter-specific settings, per the above documentation. -* `enabled`: Allows enable/disable send emails. Default: `false`. - -An example for Sendgrid adapter: - -```elixir -config :pleroma, Pleroma.Emails.Mailer, - adapter: Swoosh.Adapters.Sendgrid, - api_key: "YOUR_API_KEY" -``` - -An example for SMTP adapter: - -```elixir -config :pleroma, Pleroma.Emails.Mailer, - adapter: Swoosh.Adapters.SMTP, - relay: "smtp.gmail.com", - username: "YOUR_USERNAME@gmail.com", - password: "YOUR_SMTP_PASSWORD", - port: 465, - ssl: true, - tls: :always, - auth: :always -``` - -## :uri_schemes -* `valid_schemes`: List of the scheme part that is considered valid to be an URL - ## :instance -* `name`: The instance’s name -* `email`: Email used to reach an Administrator/Moderator of the instance +* `name`: The instance’s name. +* `email`: Email used to reach an Administrator/Moderator of the instance. * `notify_email`: Email used for notifications. -* `description`: The instance’s description, can be seen in nodeinfo and ``/api/v1/instance`` -* `limit`: Posts character limit (CW/Subject included in the counter) +* `description`: The instance’s description, can be seen in nodeinfo and ``/api/v1/instance``. +* `limit`: Posts character limit (CW/Subject included in the counter). * `remote_limit`: Hard character limit beyond which remote posts will be dropped. -* `upload_limit`: File size limit of uploads (except for avatar, background, banner) -* `avatar_upload_limit`: File size limit of user’s profile avatars -* `background_upload_limit`: File size limit of user’s profile backgrounds -* `banner_upload_limit`: File size limit of user’s profile banners -* `poll_limits`: A map with poll limits for **local** polls - * `max_options`: Maximum number of options - * `max_option_chars`: Maximum number of characters per option - * `min_expiration`: Minimum expiration time (in seconds) - * `max_expiration`: Maximum expiration time (in seconds) +* `upload_limit`: File size limit of uploads (except for avatar, background, banner). +* `avatar_upload_limit`: File size limit of user’s profile avatars. +* `background_upload_limit`: File size limit of user’s profile backgrounds. +* `banner_upload_limit`: File size limit of user’s profile banners. +* `poll_limits`: A map with poll limits for **local** polls. + * `max_options`: Maximum number of options. + * `max_option_chars`: Maximum number of characters per option. + * `min_expiration`: Minimum expiration time (in seconds). + * `max_expiration`: Maximum expiration time (in seconds). * `registrations_open`: Enable registrations for anyone, invitations can be enabled when false. * `invites_enabled`: Enable user invitations for admins (depends on `registrations_open: false`). * `account_activation_required`: Require users to confirm their emails before signing in. -* `federating`: Enable federation with other instances +* `federating`: Enable federation with other instances. * `federation_incoming_replies_max_depth`: Max. depth of reply-to activities fetching on incoming federation, to prevent out-of-memory situations while fetching very long threads. If set to `nil`, threads of any depth will be fetched. Lower this value if you experience out-of-memory crashes. * `federation_reachability_timeout_days`: Timeout (in days) of each external federation target being unreachable prior to pausing federating to it. -* `allow_relay`: Enable Pleroma’s Relay, which makes it possible to follow a whole instance +* `allow_relay`: Enable Pleroma’s Relay, which makes it possible to follow a whole instance. * `rewrite_policy`: Message Rewrite Policy, either one or a list. Here are the ones available by default: - * `Pleroma.Web.ActivityPub.MRF.NoOpPolicy`: Doesn’t modify activities (default) - * `Pleroma.Web.ActivityPub.MRF.DropPolicy`: Drops all activities. It generally doesn’t makes sense to use in production - * `Pleroma.Web.ActivityPub.MRF.SimplePolicy`: Restrict the visibility of activities from certains instances (See ``:mrf_simple`` section) - * `Pleroma.Web.ActivityPub.MRF.TagPolicy`: Applies policies to individual users based on tags, which can be set using pleroma-fe/admin-fe/any other app that supports Pleroma Admin API. For example it allows marking posts from individual users nsfw (sensitive) - * `Pleroma.Web.ActivityPub.MRF.SubchainPolicy`: Selectively runs other MRF policies when messages match (see ``:mrf_subchain`` section) - * `Pleroma.Web.ActivityPub.MRF.RejectNonPublic`: Drops posts with non-public visibility settings (See ``:mrf_rejectnonpublic`` section) - * `Pleroma.Web.ActivityPub.MRF.EnsureRePrepended`: Rewrites posts to ensure that replies to posts with subjects do not have an identical subject and instead begin with re:. - * `Pleroma.Web.ActivityPub.MRF.AntiLinkSpamPolicy`: Rejects posts from likely spambots by rejecting posts from new users that contain links. - * `Pleroma.Web.ActivityPub.MRF.MediaProxyWarmingPolicy`: Crawls attachments using their MediaProxy URLs so that the MediaProxy cache is primed. - * `Pleroma.Web.ActivityPub.MRF.MentionPolicy`: Drops posts mentioning configurable users. (see `:mrf_mention` section) - * `Pleroma.Web.ActivityPub.MRF.VocabularyPolicy`: Restricts activities to a configured set of vocabulary. (see `:mrf_vocabulary` section) + * `Pleroma.Web.ActivityPub.MRF.NoOpPolicy`: Doesn’t modify activities (default). + * `Pleroma.Web.ActivityPub.MRF.DropPolicy`: Drops all activities. It generally doesn’t makes sense to use in production. + * `Pleroma.Web.ActivityPub.MRF.SimplePolicy`: Restrict the visibility of activities from certains instances (See [`:mrf_simple`](#mrf_simple)). + * `Pleroma.Web.ActivityPub.MRF.TagPolicy`: Applies policies to individual users based on tags, which can be set using pleroma-fe/admin-fe/any other app that supports Pleroma Admin API. For example it allows marking posts from individual users nsfw (sensitive). + * `Pleroma.Web.ActivityPub.MRF.SubchainPolicy`: Selectively runs other MRF policies when messages match (See [`:mrf_subchain`](#mrf_subchain)). + * `Pleroma.Web.ActivityPub.MRF.RejectNonPublic`: Drops posts with non-public visibility settings (See [`:mrf_rejectnonpublic`](#mrf_rejectnonpublic)). + * `Pleroma.Web.ActivityPub.MRF.EnsureRePrepended`: Rewrites posts to ensure that replies to posts with subjects do not have an identical subject and instead begin with re:. + * `Pleroma.Web.ActivityPub.MRF.AntiLinkSpamPolicy`: Rejects posts from likely spambots by rejecting posts from new users that contain links. + * `Pleroma.Web.ActivityPub.MRF.MediaProxyWarmingPolicy`: Crawls attachments using their MediaProxy URLs so that the MediaProxy cache is primed. + * `Pleroma.Web.ActivityPub.MRF.MentionPolicy`: Drops posts mentioning configurable users. (See [`:mrf_mention`](#mrf_mention)). + * `Pleroma.Web.ActivityPub.MRF.VocabularyPolicy`: Restricts activities to a configured set of vocabulary. (See [`:mrf_vocabulary`](#mrf_vocabulary)). * `public`: Makes the client API in authentificated mode-only except for user-profiles. Useful for disabling the Local Timeline and The Whole Known Network. * `quarantined_instances`: List of ActivityPub instances where private(DMs, followers-only) activities will not be send. -* `managed_config`: Whenether the config for pleroma-fe is configured in this config or in ``static/config.json`` -* `allowed_post_formats`: MIME-type list of formats allowed to be posted (transformed into HTML) +* `managed_config`: Whenether the config for pleroma-fe is configured in [:frontend_configurations](#frontend_configurations) or in ``static/config.json``. +* `allowed_post_formats`: MIME-type list of formats allowed to be posted (transformed into HTML). * `mrf_transparency`: Make the content of your Message Rewrite Facility settings public (via nodeinfo). * `mrf_transparency_exclusions`: Exclude specific instance names from MRF transparency. The use of the exclusions feature will be disclosed in nodeinfo as a boolean value. * `extended_nickname_format`: Set to `true` to use extended local nicknames format (allows underscores/dashes). This will break federation with older software for theses nicknames. * `max_pinned_statuses`: The maximum number of pinned statuses. `0` will disable the feature. * `autofollowed_nicknames`: Set to nicknames of (local) users that every new user should automatically follow. -* `no_attachment_links`: Set to true to disable automatically adding attachment link text to statuses +* `no_attachment_links`: Set to true to disable automatically adding attachment link text to statuses. * `welcome_message`: A message that will be send to a newly registered users as a direct message. * `welcome_user_nickname`: The nickname of the local user that sends the welcome message. -* `max_report_comment_size`: The maximum size of the report comment (Default: `1000`) +* `max_report_comment_size`: The maximum size of the report comment (Default: `1000`). * `safe_dm_mentions`: If set to true, only mentions at the beginning of a post will be used to address people in direct messages. This is to prevent accidental mentioning of people when talking about them (e.g. "@friend hey i really don't like @enemy"). Default: `false`. * `healthcheck`: If set to true, system data will be shown on ``/api/pleroma/healthcheck``. * `remote_post_retention_days`: The default amount of days to retain remote posts when pruning the database. -* `user_bio_length`: A user bio maximum length (default: `5000`) -* `user_name_length`: A user name maximum length (default: `100`) +* `user_bio_length`: A user bio maximum length (default: `5000`). +* `user_name_length`: A user name maximum length (default: `100`). * `skip_thread_containment`: Skip filter out broken threads. The default is `false`. * `limit_to_local_content`: Limit unauthenticated users to search for local statutes and users only. Possible values: `:unauthenticated`, `:all` and `false`. The default is `:unauthenticated`. -* `max_account_fields`: The maximum number of custom fields in the user profile (default: `10`) -* `max_remote_account_fields`: The maximum number of custom fields in the remote user profile (default: `20`) -* `account_field_name_length`: An account field name maximum length (default: `512`) -* `account_field_value_length`: An account field value maximum length (default: `2048`) +* `max_account_fields`: The maximum number of custom fields in the user profile (default: `10`). +* `max_remote_account_fields`: The maximum number of custom fields in the remote user profile (default: `20`). +* `account_field_name_length`: An account field name maximum length (default: `512`). +* `account_field_value_length`: An account field value maximum length (default: `2048`). * `external_user_synchronization`: Enabling following/followers counters synchronization for external users. !!! danger @@ -142,52 +73,93 @@ config :pleroma, Pleroma.Emails.Mailer, * `dynamic_configuration`: Allow transferring configuration to DB with the subsequent customization from Admin api. +## Federation +### MRF policies +!!! note + Configuring MRF policies is not enough for them to take effect. You have to enable them by specifying their module in `rewrite_policy` under [:instance](#instance) section. + +#### :mrf_simple +* `media_removal`: List of instances to remove media from. +* `media_nsfw`: List of instances to put media as NSFW(sensitive) from. +* `federated_timeline_removal`: List of instances to remove from Federated (aka The Whole Known Network) Timeline. +* `reject`: List of instances to reject any activities from. +* `accept`: List of instances to accept any activities from. +* `report_removal`: List of instances to reject reports from. +* `avatar_removal`: List of instances to strip avatars from. +* `banner_removal`: List of instances to strip banners from. + +#### :mrf_subchain +This policy processes messages through an alternate pipeline when a given message matches certain criteria. +All criteria are configured as a map of regular expressions to lists of policy modules. -## :logger -* `backends`: `:console` is used to send logs to stdout, `{ExSyslogger, :ex_syslogger}` to log to syslog, and `Quack.Logger` to log to Slack +* `match_actor`: Matches a series of regular expressions against the actor field. -An example to enable ONLY ExSyslogger (f/ex in ``prod.secret.exs``) with info and debug suppressed: -```elixir -config :logger, - backends: [{ExSyslogger, :ex_syslogger}] +Example: -config :logger, :ex_syslogger, - level: :warn +```elixir +config :pleroma, :mrf_subchain, + match_actor: %{ + ~r/https:\/\/example.com/s => [Pleroma.Web.ActivityPub.MRF.DropPolicy] + } ``` -Another example, keeping console output and adding the pid to syslog output: -```elixir -config :logger, - backends: [:console, {ExSyslogger, :ex_syslogger}] +#### :mrf_rejectnonpublic +* `allow_followersonly`: whether to allow followers-only posts. +* `allow_direct`: whether to allow direct messages. -config :logger, :ex_syslogger, - level: :warn, - option: [:pid, :ndelay] -``` +#### :mrf_hellthread +* `delist_threshold`: Number of mentioned users after which the message gets delisted (the message can still be seen, but it will not show up in public timelines and mentioned users won't get notifications about it). Set to 0 to disable. +* `reject_threshold`: Number of mentioned users after which the messaged gets rejected. Set to 0 to disable. -See: [logger’s documentation](https://hexdocs.pm/logger/Logger.html) and [ex_syslogger’s documentation](https://hexdocs.pm/ex_syslogger/) +#### :mrf_keyword +* `reject`: A list of patterns which result in message being rejected, each pattern can be a string or a [regular expression](https://hexdocs.pm/elixir/Regex.html). +* `federated_timeline_removal`: A list of patterns which result in message being removed from federated timelines (a.k.a unlisted), each pattern can be a string or a [regular expression](https://hexdocs.pm/elixir/Regex.html). +* `replace`: A list of tuples containing `{pattern, replacement}`, `pattern` can be a string or a [regular expression](https://hexdocs.pm/elixir/Regex.html). -An example of logging info to local syslog, but warn to a Slack channel: -```elixir -config :logger, - backends: [ {ExSyslogger, :ex_syslogger}, Quack.Logger ], - level: :info +#### :mrf_mention +* `actors`: A list of actors, for which to drop any posts mentioning. -config :logger, :ex_syslogger, - level: :info, - ident: "pleroma", - format: "$metadata[$level] $message" +#### :mrf_vocabulary +* `accept`: A list of ActivityStreams terms to accept. If empty, all supported messages are accepted. +* `reject`: A list of ActivityStreams terms to reject. If empty, no messages are rejected. -config :quack, - level: :warn, - meta: [:all], - webhook_url: "https://hooks.slack.com/services/YOUR-API-KEY-HERE" +#### :mrf_user_allowlist + +The keys in this section are the domain names that the policy should apply to. +Each key should be assigned a list of users that should be allowed through by +their ActivityPub ID. + +An example: + +```elixir +config :pleroma, :mrf_user_allowlist, + "example.org": ["https://example.org/users/admin"] ``` -See the [Quack Github](https://github.com/azohra/quack) for more details +### :activitypub +* ``unfollow_blocked``: Whether blocks result in people getting unfollowed +* ``outgoing_blocks``: Whether to federate blocks to other instances +* ``deny_follow_blocked``: Whether to disallow following an account that has blocked the user in question +* ``sign_object_fetches``: Sign object fetches with HTTP signatures + +### :fetch_initial_posts +* `enabled`: if enabled, when a new user is federated with, fetch some of their latest posts +* `pages`: the amount of pages to fetch -## :frontend_configurations +## Pleroma.ScheduledActivity + +* `daily_user_limit`: the number of scheduled activities a user is allowed to create in a single day (Default: `25`) +* `total_user_limit`: the number of scheduled activities a user is allowed to create in total (Default: `300`) +* `enabled`: whether scheduled activities are sent to the job queue to be executed + +## Pleroma.ActivityExpiration + +* `enabled`: whether expired activities will be sent to the job queue to be deleted + +## Frontends + +### :frontend_configurations This can be used to configure a keyword list that keeps the configuration data for any kind of frontend. By default, settings for `pleroma_fe` and `masto_fe` are configured. You can find the documentation for `pleroma_fe` configuration into [Pleroma-FE configuration and customization for instance administrators](/frontend/CONFIGURATION/#options). @@ -208,36 +180,7 @@ config :pleroma, :frontend_configurations, These settings **need to be complete**, they will override the defaults. -NOTE: for versions < 1.0, you need to set [`:fe`](#fe) to false, as shown a few lines below. - -## :fe -!!! warning - __THIS IS DEPRECATED__ - - If you are using this method, please change it to the [`frontend_configurations`](#frontend_configurations) method. - Please **set this option to false** in your config like this: - - ```elixir - config :pleroma, :fe, false - ``` - -This section is used to configure Pleroma-FE, unless ``:managed_config`` in ``:instance`` is set to false. - -* `theme`: Which theme to use, they are defined in ``styles.json`` -* `logo`: URL of the logo, defaults to Pleroma’s logo -* `logo_mask`: Whether to use only the logo's shape as a mask (true) or as a regular image (false) -* `logo_margin`: What margin to use around the logo -* `background`: URL of the background, unless viewing a user profile with a background that is set -* `redirect_root_no_login`: relative URL which indicates where to redirect when a user isn’t logged in. -* `redirect_root_login`: relative URL which indicates where to redirect when a user is logged in. -* `show_instance_panel`: Whenether to show the instance’s specific panel. -* `scope_options_enabled`: Enable setting an notice visibility and subject/CW when posting -* `formatting_options_enabled`: Enable setting a formatting different than plain-text (ie. HTML, Markdown) when posting, relates to ``:instance, allowed_post_formats`` -* `collapse_message_with_subjects`: When a message has a subject(aka Content Warning), collapse it by default -* `hide_post_stats`: Hide notices statistics(repeats, favorites, …) -* `hide_user_stats`: Hide profile statistics(posts, posts per day, followers, followings, …) - -## :assets +### :assets This section configures assets to be used with various frontends. Currently the only option relates to mascots on the mastodon frontend @@ -245,9 +188,9 @@ relates to mascots on the mastodon frontend * `mascots`: KeywordList of mascots, each element __MUST__ contain both a `url` and a `mime_type` key. * `default_mascot`: An element from `mascots` - This will be used as the default mascot - on MastoFE (default: `:pleroma_fox_tan`) + on MastoFE (default: `:pleroma_fox_tan`). -## :manifest +### :manifest This section describe PWA manifest instance-specific values. Currently this option relate only for MastoFE. @@ -273,53 +216,16 @@ This section describe PWA manifest instance-specific values. Currently this opti ] ``` -* `theme_color`: Describe the theme color of the app. (Example: `"#282c37"`, `"rebeccapurple"`) -* `background_color`: Describe the background color of the app. (Example: `"#191b22"`, `"aliceblue"`) - -## :mrf_simple -* `media_removal`: List of instances to remove medias from -* `media_nsfw`: List of instances to put medias as NSFW(sensitive) from -* `federated_timeline_removal`: List of instances to remove from Federated (aka The Whole Known Network) Timeline -* `reject`: List of instances to reject any activities from -* `accept`: List of instances to accept any activities from -* `report_removal`: List of instances to reject reports from -* `avatar_removal`: List of instances to strip avatars from -* `banner_removal`: List of instances to strip banners from - -## :mrf_subchain -This policy processes messages through an alternate pipeline when a given message matches certain criteria. -All criteria are configured as a map of regular expressions to lists of policy modules. - -* `match_actor`: Matches a series of regular expressions against the actor field. - -Example: +* `theme_color`: Describe the theme color of the app. (Example: `"#282c37"`, `"rebeccapurple"`). +* `background_color`: Describe the background color of the app. (Example: `"#191b22"`, `"aliceblue"`). -```elixir -config :pleroma, :mrf_subchain, - match_actor: %{ - ~r/https:\/\/example.com/s => [Pleroma.Web.ActivityPub.MRF.DropPolicy] - } -``` - -## :mrf_rejectnonpublic -* `allow_followersonly`: whether to allow followers-only posts -* `allow_direct`: whether to allow direct messages - -## :mrf_hellthread -* `delist_threshold`: Number of mentioned users after which the message gets delisted (the message can still be seen, but it will not show up in public timelines and mentioned users won't get notifications about it). Set to 0 to disable. -* `reject_threshold`: Number of mentioned users after which the messaged gets rejected. Set to 0 to disable. - -## :mrf_keyword -* `reject`: A list of patterns which result in message being rejected, each pattern can be a string or a [regular expression](https://hexdocs.pm/elixir/Regex.html) -* `federated_timeline_removal`: A list of patterns which result in message being removed from federated timelines (a.k.a unlisted), each pattern can be a string or a [regular expression](https://hexdocs.pm/elixir/Regex.html) -* `replace`: A list of tuples containing `{pattern, replacement}`, `pattern` can be a string or a [regular expression](https://hexdocs.pm/elixir/Regex.html) - -## :mrf_mention -* `actors`: A list of actors, for which to drop any posts mentioning. - -## :mrf_vocabulary -* `accept`: A list of ActivityStreams terms to accept. If empty, all supported messages are accepted. -* `reject`: A list of ActivityStreams terms to reject. If empty, no messages are rejected. +## :emoji +* `shortcode_globs`: Location of custom emoji files. `*` can be used as a wildcard. Example `["/emoji/custom/**/*.png"]` +* `pack_extensions`: A list of file extensions for emojis, when no emoji.txt for a pack is present. Example `[".png", ".gif"]` +* `groups`: Emojis are ordered in groups (tags). This is an array of key-value pairs where the key is the groupname and the value the location or array of locations. `*` can be used as a wildcard. Example `[Custom: ["/emoji/*.png", "/emoji/custom/*.png"]]` +* `default_manifest`: Location of the JSON-manifest. This manifest contains information about the emoji-packs you can download. Currently only one manifest can be added (no arrays). +* `shared_pack_cache_seconds_per_file`: When an emoji pack is shared, the archive is created and cached in + memory for this amount of seconds multiplied by the number of files. ## :media_proxy * `enabled`: Enables proxying of remote media to the instance’s proxy @@ -327,13 +233,25 @@ config :pleroma, :mrf_subchain, * `proxy_opts`: All options defined in `Pleroma.ReverseProxy` documentation, defaults to `[max_body_length: (25*1_048_576)]`. * `whitelist`: List of domains to bypass the mediaproxy -## :gopher -* `enabled`: Enables the gopher interface -* `ip`: IP address to bind to -* `port`: Port to bind to -* `dstport`: Port advertised in urls (optional, defaults to `port`) +## Link previews + +### Pleroma.Web.Metadata (provider) +* `providers`: a list of metadata providers to enable. Providers available: + * `Pleroma.Web.Metadata.Providers.OpenGraph` + * `Pleroma.Web.Metadata.Providers.TwitterCard` + * `Pleroma.Web.Metadata.Providers.RelMe` - add links from user bio with rel=me into the `
` as ``. + * `Pleroma.Web.Metadata.Providers.Feed` - add a link to a user's Atom feed into the `
` as ``. +* `unfurl_nsfw`: If set to `true` nsfw attachments will be shown in previews. + +### :rich_media (consumer) +* `enabled`: if enabled the instance will parse metadata from attached links to generate link previews. +* `ignore_hosts`: list of hosts which will be ignored by the metadata parser. For example `["accounts.google.com", "xss.website"]`, defaults to `[]`. +* `ignore_tld`: list TLDs (top-level domains) which will ignore for parse metadata. default is ["local", "localdomain", "lan"]. +* `parsers`: list of Rich Media parsers. -## Pleroma.Web.Endpoint +## HTTP server + +### Pleroma.Web.Endpoint !!! note `Phoenix` endpoint configuration, all configuration options can be viewed [here](https://hexdocs.pm/phoenix/Phoenix.Endpoint.html#module-dynamic-configuration), only common options are listed here. @@ -348,28 +266,11 @@ config :pleroma, :mrf_subchain, - `path` * `extra_cookie_attrs` - a list of `Key=Value` strings to be added as non-standard cookie attributes. Defaults to `["SameSite=Lax"]`. See the [SameSite article](https://www.owasp.org/index.php/SameSite) on OWASP for more info. - - -!!! warning - If you modify anything inside these lists, default `config.exs` values will be overwritten, which may result in breakage, to make sure this does not happen please copy the default value for the list from `config.exs` and modify/add only what you need - Example: ```elixir config :pleroma, Pleroma.Web.Endpoint, url: [host: "example.com", port: 2020, scheme: "https"], http: [ - # start copied from config.exs - dispatch: [ - {:_, - [ - {"/api/v1/streaming", Pleroma.Web.MastodonAPI.WebsocketHandler, []}, - {"/websocket", Phoenix.Endpoint.CowboyWebSocket, - {Phoenix.Transports.WebSocket, - {Pleroma.Web.Endpoint, Pleroma.Web.UserSocket, websocket_config}}}, - {:_, Phoenix.Endpoint.Cowboy2Handler, {Pleroma.Web.Endpoint, []}} - ]} - # end copied from config.exs - ], port: 8080, ip: {127, 0, 0, 1} ] @@ -377,72 +278,191 @@ config :pleroma, Pleroma.Web.Endpoint, This will make Pleroma listen on `127.0.0.1` port `8080` and generate urls starting with `https://example.com:2020` -## :activitypub -* ``unfollow_blocked``: Whether blocks result in people getting unfollowed -* ``outgoing_blocks``: Whether to federate blocks to other instances -* ``deny_follow_blocked``: Whether to disallow following an account that has blocked the user in question -* ``sign_object_fetches``: Sign object fetches with HTTP signatures - -## :http_security -* ``enabled``: Whether the managed content security policy is enabled -* ``sts``: Whether to additionally send a `Strict-Transport-Security` header -* ``sts_max_age``: The maximum age for the `Strict-Transport-Security` header if sent -* ``ct_max_age``: The maximum age for the `Expect-CT` header if sent -* ``referrer_policy``: The referrer policy to use, either `"same-origin"` or `"no-referrer"` +### :http_security +* ``enabled``: Whether the managed content security policy is enabled. +* ``sts``: Whether to additionally send a `Strict-Transport-Security` header. +* ``sts_max_age``: The maximum age for the `Strict-Transport-Security` header if sent. +* ``ct_max_age``: The maximum age for the `Expect-CT` header if sent. +* ``referrer_policy``: The referrer policy to use, either `"same-origin"` or `"no-referrer"`. * ``report_uri``: Adds the specified url to `report-uri` and `report-to` group in CSP header. -## :mrf_user_allowlist +### Pleroma.Plugs.RemoteIp -The keys in this section are the domain names that the policy should apply to. -Each key should be assigned a list of users that should be allowed through by -their ActivityPub ID. +!!! warning + If your instance is not behind at least one reverse proxy, you should not enable this plug. -An example: +`Pleroma.Plugs.RemoteIp` is a shim to call [`RemoteIp`](https://git.pleroma.social/pleroma/remote_ip) but with runtime configuration. -```elixir -config :pleroma, :mrf_user_allowlist, - "example.org": ["https://example.org/users/admin"] -``` +Available options: -## :web_push_encryption, :vapid_details +* `enabled` - Enable/disable the plug. Defaults to `false`. +* `headers` - A list of strings naming the `req_headers` to use when deriving the `remote_ip`. Order does not matter. Defaults to `~w[forwarded x-forwarded-for x-client-ip x-real-ip]`. +* `proxies` - A list of strings in [CIDR](https://en.wikipedia.org/wiki/CIDR) notation specifying the IPs of known proxies. Defaults to `[]`. +* `reserved` - Defaults to [localhost](https://en.wikipedia.org/wiki/Localhost) and [private network](https://en.wikipedia.org/wiki/Private_network). -Web Push Notifications configuration. You can use the mix task `mix web_push.gen.keypair` to generate it. -* ``subject``: a mailto link for the administrative contact. It’s best if this email is not a personal email address, but rather a group email so that if a person leaves an organization, is unavailable for an extended period, or otherwise can’t respond, someone else on the list can. -* ``public_key``: VAPID public key -* ``private_key``: VAPID private key +### :rate_limit + +This is an advanced feature and disabled by default. + +If your instance is behind a reverse proxy you must enable and configure [`Pleroma.Plugs.RemoteIp`](#pleroma-plugs-remoteip). + +A keyword list of rate limiters where a key is a limiter name and value is the limiter configuration. The basic configuration is a tuple where: + +* The first element: `scale` (Integer). The time scale in milliseconds. +* The second element: `limit` (Integer). How many requests to limit in the time scale provided. + +It is also possible to have different limits for unauthenticated and authenticated users: the keyword value must be a list of two tuples where the first one is a config for unauthenticated users and the second one is for authenticated. + +Supported rate limiters: + +* `:search` for the search requests (account & status search etc.) +* `:app_account_creation` for registering user accounts from the same IP address +* `:relations_actions` for actions on relations with all users (follow, unfollow) +* `:relation_id_action` for actions on relation with a specific user (follow, unfollow) +* `:statuses_actions` for create / delete / fav / unfav / reblog / unreblog actions on any statuses +* `:status_id_action` for fav / unfav or reblog / unreblog actions on the same status by the same user -## Pleroma.Captcha -* `enabled`: Whether the captcha should be shown on registration -* `method`: The method/service to use for captcha -* `seconds_valid`: The time in seconds for which the captcha is valid +### :web_cache_ttl -### Pleroma.Captcha.Kocaptcha +The expiration time for the web responses cache. Values should be in milliseconds or `nil` to disable expiration. + +Available caches: + +* `:activity_pub` - activity pub routes (except question activities). Defaults to `nil` (no expiration). +* `:activity_pub_question` - activity pub routes (question activities). Defaults to `30_000` (30 seconds). + +## :hackney_pools + +Advanced. Tweaks Hackney (http client) connections pools. + +There's three pools used: + +* `:federation` for the federation jobs. + You may want this pool max_connections to be at least equal to the number of federator jobs + retry queue jobs. +* `:media` for rich media, media proxy +* `:upload` for uploaded media (if using a remote uploader and `proxy_remote: true`) + +For each pool, the options are: + +* `max_connections` - how much connections a pool can hold +* `timeout` - retention duration for connections + + +## Captcha + +### Pleroma.Captcha +* `enabled`: Whether the captcha should be shown on registration. +* `method`: The method/service to use for captcha. +* `seconds_valid`: The time in seconds for which the captcha is valid. + +### Captcha providers + +#### Pleroma.Captcha.Kocaptcha Kocaptcha is a very simple captcha service with a single API endpoint, the source code is here: https://github.com/koto-bank/kocaptcha. The default endpoint `https://captcha.kotobank.ch` is hosted by the developer. -* `endpoint`: the kocaptcha endpoint to use +* `endpoint`: the Kocaptcha endpoint to use. + +## Uploads + +### Pleroma.Upload +* `uploader`: Which one of the [uploaders](#uploaders) to use. +* `filters`: List of [upload filters](#upload-filters) to use. +* `link_name`: When enabled Pleroma will add a `name` parameter to the url of the upload, for example `https://instance.tld/media/corndog.png?name=corndog.png`. This is needed to provide the correct filename in Content-Disposition headers when using filters like `Pleroma.Upload.Filter.Dedupe` +* `base_url`: The base URL to access a user-uploaded file. Useful when you want to proxy the media files via another host. +* `proxy_remote`: If you're using a remote uploader, Pleroma will proxy media requests instead of redirecting to it. +* `proxy_opts`: Proxy options, see `Pleroma.ReverseProxy` documentation. + +!!! warning + `strip_exif` has been replaced by `Pleroma.Upload.Filter.Mogrify`. + +### Uploaders +#### Pleroma.Uploaders.Local +* `uploads`: Which directory to store the user-uploads in, relative to pleroma’s working directory. + +#### Pleroma.Uploaders.S3 +* `bucket`: S3 bucket name. +* `bucket_namespace`: S3 bucket namespace. +* `public_endpoint`: S3 endpoint that the user finally accesses(ex. "https://s3.dualstack.ap-northeast-1.amazonaws.com") +* `truncated_namespace`: If you use S3 compatible service such as Digital Ocean Spaces or CDN, set folder name or "" etc. +For example, when using CDN to S3 virtual host format, set "". +At this time, write CNAME to CDN in public_endpoint. +* `streaming_enabled`: Enable streaming uploads, when enabled the file will be sent to the server in chunks as it's being read. This may be unsupported by some providers, try disabling this if you have upload problems. + + +### Upload filters + +#### Pleroma.Upload.Filter.Mogrify + +* `args`: List of actions for the `mogrify` command like `"strip"` or `["strip", "auto-orient", {"implode", "1"}]`. + +#### Pleroma.Upload.Filter.Dedupe + +No specific configuration. + +#### Pleroma.Upload.Filter.AnonymizeFilename + +This filter replaces the filename (not the path) of an upload. For complete obfuscation, add +`Pleroma.Upload.Filter.Dedupe` before AnonymizeFilename. + +* `text`: Text to replace filenames in links. If empty, `{random}.extension` will be used. You can get the original filename extension by using `{extension}`, for example `custom-file-name.{extension}`. + +## Email + +### Pleroma.Emails.Mailer +* `adapter`: one of the mail adapters listed in [Swoosh readme](https://github.com/swoosh/swoosh#adapters), or `Swoosh.Adapters.Local` for in-memory mailbox. +* `api_key` / `password` and / or other adapter-specific settings, per the above documentation. +* `enabled`: Allows enable/disable send emails. Default: `false`. + +An example for Sendgrid adapter: + +```elixir +config :pleroma, Pleroma.Emails.Mailer, + adapter: Swoosh.Adapters.Sendgrid, + api_key: "YOUR_API_KEY" +``` + +An example for SMTP adapter: + +```elixir +config :pleroma, Pleroma.Emails.Mailer, + adapter: Swoosh.Adapters.SMTP, + relay: "smtp.gmail.com", + username: "YOUR_USERNAME@gmail.com", + password: "YOUR_SMTP_PASSWORD", + port: 465, + ssl: true, + tls: :always, + auth: :always +``` + +### :email_notifications -## :admin_token +Email notifications settings. -Allows to set a token that can be used to authenticate with the admin api without using an actual user by giving it as the 'admin_token' parameter. Example: + - digest - emails of "what you've missed" for users who have been + inactive for a while. + - active: globally enable or disable digest emails + - schedule: When to send digest email, in [crontab format](https://en.wikipedia.org/wiki/Cron). + "0 0 * * 0" is the default, meaning "once a week at midnight on Sunday morning" + - interval: Minimum interval between digest emails to one user + - inactivity_threshold: Minimum user inactivity threshold -```elixir -config :pleroma, :admin_token, "somerandomtoken" -``` +### Pleroma.Emails.UserEmail -You can then do +- `:logo` - a path to a custom logo. Set it to `nil` to use the default Pleroma logo. +- `:styling` - a map with color settings for email templates. -```sh -curl "http://localhost:4000/api/pleroma/admin/invite_token?admin_token=somerandomtoken" -``` +## Background jobs -## Oban +### Oban [Oban](https://github.com/sorentwo/oban) asynchronous job processor configuration. Configuration options described in [Oban readme](https://github.com/sorentwo/oban#usage): + * `repo` - app's Ecto repo (`Pleroma.Repo`) * `verbose` - logs verbosity * `prune` - non-retryable jobs [pruning settings](https://github.com/sorentwo/oban#pruning) (`:disabled` / `{:maxlen, value}` / `{:maxage, value}`) @@ -473,11 +493,11 @@ config :pleroma, Oban, This config contains two queues: `federator_incoming` and `federator_outgoing`. Both have the number of max concurrent jobs set to `50`. -### Migrating `pleroma_job_queue` settings +#### Migrating `pleroma_job_queue` settings `config :pleroma_job_queue, :queues` is replaced by `config :pleroma, Oban, :queues` and uses the same format (keys are queues' names, values are max concurrent jobs numbers). -## :workers +### :workers Includes custom worker options not interpretable directly by `Oban`. @@ -493,124 +513,101 @@ config :pleroma, :workers, ] ``` -### Migrating `Pleroma.Web.Federator.RetryQueue` settings +#### Migrating `Pleroma.Web.Federator.RetryQueue` settings * `max_retries` is replaced with `config :pleroma, :workers, retries: [federator_outgoing: 5]` * `enabled: false` corresponds to `config :pleroma, :workers, retries: [federator_outgoing: 1]` * deprecated options: `max_jobs`, `initial_timeout` -## Pleroma.Web.Metadata -* `providers`: a list of metadata providers to enable. Providers available: - * Pleroma.Web.Metadata.Providers.OpenGraph - * Pleroma.Web.Metadata.Providers.TwitterCard - * Pleroma.Web.Metadata.Providers.RelMe - add links from user bio with rel=me into the `
` as `` - * Pleroma.Web.Metadata.Providers.Feed - add a link to a user's Atom feed into the `
` as `` -* `unfurl_nsfw`: If set to `true` nsfw attachments will be shown in previews - -## :rich_media -* `enabled`: if enabled the instance will parse metadata from attached links to generate link previews -* `ignore_hosts`: list of hosts which will be ignored by the metadata parser. For example `["accounts.google.com", "xss.website"]`, defaults to `[]`. -* `ignore_tld`: list TLDs (top-level domains) which will ignore for parse metadata. default is ["local", "localdomain", "lan"] -* `parsers`: list of Rich Media parsers +### Pleroma.Scheduler -## :fetch_initial_posts -* `enabled`: if enabled, when a new user is federated with, fetch some of their latest posts -* `pages`: the amount of pages to fetch +Configuration for [Quantum](https://github.com/quantum-elixir/quantum-core) jobs scheduler. -## :hackney_pools +See [Quantum readme](https://github.com/quantum-elixir/quantum-core#usage) for the list of supported options. -Advanced. Tweaks Hackney (http client) connections pools. +Example: -There's three pools used: +```elixir +config :pleroma, Pleroma.Scheduler, + global: true, + overlap: true, + timezone: :utc, + jobs: [{"0 */6 * * * *", {Pleroma.Web.Websub, :refresh_subscriptions, []}}] +``` -* `:federation` for the federation jobs. - You may want this pool max_connections to be at least equal to the number of federator jobs + retry queue jobs. -* `:media` for rich media, media proxy -* `:upload` for uploaded media (if using a remote uploader and `proxy_remote: true`) +The above example defines a single job which invokes `Pleroma.Web.Websub.refresh_subscriptions()` every 6 hours ("0 */6 * * * *", [crontab format](https://en.wikipedia.org/wiki/Cron)). -For each pool, the options are: +## :web_push_encryption, :vapid_details -* `max_connections` - how much connections a pool can hold -* `timeout` - retention duration for connections +Web Push Notifications configuration. You can use the mix task `mix web_push.gen.keypair` to generate it. -## :auto_linker +* ``subject``: a mailto link for the administrative contact. It’s best if this email is not a personal email address, but rather a group email so that if a person leaves an organization, is unavailable for an extended period, or otherwise can’t respond, someone else on the list can. +* ``public_key``: VAPID public key +* ``private_key``: VAPID private key -Configuration for the `auto_linker` library: +## :logger +* `backends`: `:console` is used to send logs to stdout, `{ExSyslogger, :ex_syslogger}` to log to syslog, and `Quack.Logger` to log to Slack -* `class: "auto-linker"` - specify the class to be added to the generated link. false to clear -* `rel: "noopener noreferrer"` - override the rel attribute. false to clear -* `new_window: true` - set to false to remove `target='_blank'` attribute -* `scheme: false` - Set to true to link urls with schema `http://google.com` -* `truncate: false` - Set to a number to truncate urls longer then the number. Truncated urls will end in `..` -* `strip_prefix: true` - Strip the scheme prefix -* `extra: false` - link urls with rarely used schemes (magnet, ipfs, irc, etc.) +An example to enable ONLY ExSyslogger (f/ex in ``prod.secret.exs``) with info and debug suppressed: +```elixir +config :logger, + backends: [{ExSyslogger, :ex_syslogger}] -Example: +config :logger, :ex_syslogger, + level: :warn +``` +Another example, keeping console output and adding the pid to syslog output: ```elixir -config :auto_linker, - opts: [ - scheme: true, - extra: true, - class: false, - strip_prefix: false, - new_window: false, - rel: "ugc" - ] -``` +config :logger, + backends: [:console, {ExSyslogger, :ex_syslogger}] -## Pleroma.Scheduler +config :logger, :ex_syslogger, + level: :warn, + option: [:pid, :ndelay] +``` -Configuration for [Quantum](https://github.com/quantum-elixir/quantum-core) jobs scheduler. +See: [logger’s documentation](https://hexdocs.pm/logger/Logger.html) and [ex_syslogger’s documentation](https://hexdocs.pm/ex_syslogger/) -See [Quantum readme](https://github.com/quantum-elixir/quantum-core#usage) for the list of supported options. +An example of logging info to local syslog, but warn to a Slack channel: +```elixir +config :logger, + backends: [ {ExSyslogger, :ex_syslogger}, Quack.Logger ], + level: :info -Example: +config :logger, :ex_syslogger, + level: :info, + ident: "pleroma", + format: "$metadata[$level] $message" -```elixir -config :pleroma, Pleroma.Scheduler, - global: true, - overlap: true, - timezone: :utc, - jobs: [{"0 */6 * * * *", {Pleroma.Web.Websub, :refresh_subscriptions, []}}] +config :quack, + level: :warn, + meta: [:all], + webhook_url: "https://hooks.slack.com/services/YOUR-API-KEY-HERE" ``` -The above example defines a single job which invokes `Pleroma.Web.Websub.refresh_subscriptions()` every 6 hours ("0 */6 * * * *", [crontab format](https://en.wikipedia.org/wiki/Cron)). +See the [Quack Github](https://github.com/azohra/quack) for more details -## Pleroma.ScheduledActivity -* `daily_user_limit`: the number of scheduled activities a user is allowed to create in a single day (Default: `25`) -* `total_user_limit`: the number of scheduled activities a user is allowed to create in total (Default: `300`) -* `enabled`: whether scheduled activities are sent to the job queue to be executed -## Pleroma.ActivityExpiration +## Database options -* `enabled`: whether expired activities will be sent to the job queue to be deleted +### RUM indexing for full text search +* `rum_enabled`: If RUM indexes should be used. Defaults to `false`. -## Pleroma.Web.Auth.Authenticator +RUM indexes are an alternative indexing scheme that is not included in PostgreSQL by default. While they may eventually be mainlined, for now they have to be installed as a PostgreSQL extension from https://github.com/postgrespro/rum. -* `Pleroma.Web.Auth.PleromaAuthenticator`: default database authenticator -* `Pleroma.Web.Auth.LDAPAuthenticator`: LDAP authentication +Their advantage over the standard GIN indexes is that they allow efficient ordering of search results by timestamp, which makes search queries a lot faster on larger servers, by one or two orders of magnitude. They take up around 3 times as much space as GIN indexes. -## :ldap +To enable them, both the `rum_enabled` flag has to be set and the following special migration has to be run: -Use LDAP for user authentication. When a user logs in to the Pleroma -instance, the name and password will be verified by trying to authenticate -(bind) to an LDAP server. If a user exists in the LDAP directory but there -is no account with the same name yet on the Pleroma instance then a new -Pleroma account will be created with the same name as the LDAP user name. +`mix ecto.migrate --migrations-path priv/repo/optional_migrations/rum_indexing/` -* `enabled`: enables LDAP authentication -* `host`: LDAP server hostname -* `port`: LDAP port, e.g. 389 or 636 -* `ssl`: true to use SSL, usually implies the port 636 -* `sslopts`: additional SSL options -* `tls`: true to start TLS, usually implies the port 389 -* `tlsopts`: additional TLS options -* `base`: LDAP base, e.g. "dc=example,dc=com" -* `uid`: LDAP attribute name to authenticate the user, e.g. when "cn", the filter will be "cn=username,base" +This will probably take a long time. + +## Alternative client protocols -## BBS / SSH access +### BBS / SSH access To enable simple command line interface accessible over ssh, add a setting like this to your configuration file: @@ -628,10 +625,33 @@ config :esshd, Feel free to adjust the priv_dir and port number. Then you will have to create the key for the keys (in the example `priv/ssh_keys`) and create the host keys with `ssh-keygen -m PEM -N "" -b 2048 -t rsa -f ssh_host_rsa_key`. After restarting, you should be able to connect to your Pleroma instance with `ssh username@server -p $PORT` -## :auth +### :gopher +* `enabled`: Enables the gopher interface +* `ip`: IP address to bind to +* `port`: Port to bind to +* `dstport`: Port advertised in urls (optional, defaults to `port`) + + +## Authentication + +### :admin_token + +Allows to set a token that can be used to authenticate with the admin api without using an actual user by giving it as the 'admin_token' parameter. Example: + +```elixir +config :pleroma, :admin_token, "somerandomtoken" +``` + +You can then do + +```sh +curl "http://localhost:4000/api/pleroma/admin/invite_token?admin_token=somerandomtoken" +``` + +### :auth -* `Pleroma.Web.Auth.PleromaAuthenticator`: default database authenticator -* `Pleroma.Web.Auth.LDAPAuthenticator`: LDAP authentication +* `Pleroma.Web.Auth.PleromaAuthenticator`: default database authenticator. +* `Pleroma.Web.Auth.LDAPAuthenticator`: LDAP authentication. Authentication / authorization settings. @@ -639,24 +659,30 @@ Authentication / authorization settings. * `oauth_consumer_template`: OAuth consumer mode authentication form template. By default it's `consumer.html` which corresponds to `lib/pleroma/web/templates/o_auth/o_auth/consumer.html.eex`. * `oauth_consumer_strategies`: the list of enabled OAuth consumer strategies; by default it's set by `OAUTH_CONSUMER_STRATEGIES` environment variable. Each entry in this space-delimited string should be of format `` or `:` (e.g. `twitter` or `keycloak:ueberauth_keycloak_strategy` in case dependency is named differently than `ueberauth_`). -## :email_notifications +### Pleroma.Web.Auth.Authenticator -Email notifications settings. +* `Pleroma.Web.Auth.PleromaAuthenticator`: default database authenticator. +* `Pleroma.Web.Auth.LDAPAuthenticator`: LDAP authentication. - - digest - emails of "what you've missed" for users who have been - inactive for a while. - - active: globally enable or disable digest emails - - schedule: When to send digest email, in [crontab format](https://en.wikipedia.org/wiki/Cron). - "0 0 * * 0" is the default, meaning "once a week at midnight on Sunday morning" - - interval: Minimum interval between digest emails to one user - - inactivity_threshold: Minimum user inactivity threshold +### :ldap -## Pleroma.Emails.UserEmail +Use LDAP for user authentication. When a user logs in to the Pleroma +instance, the name and password will be verified by trying to authenticate +(bind) to an LDAP server. If a user exists in the LDAP directory but there +is no account with the same name yet on the Pleroma instance then a new +Pleroma account will be created with the same name as the LDAP user name. -- `:logo` - a path to a custom logo. Set it to `nil` to use the default Pleroma logo. -- `:styling` - a map with color settings for email templates. +* `enabled`: enables LDAP authentication +* `host`: LDAP server hostname +* `port`: LDAP port, e.g. 389 or 636 +* `ssl`: true to use SSL, usually implies the port 636 +* `sslopts`: additional SSL options +* `tls`: true to start TLS, usually implies the port 389 +* `tlsopts`: additional TLS options +* `base`: LDAP base, e.g. "dc=example,dc=com" +* `uid`: LDAP attribute name to authenticate the user, e.g. when "cn", the filter will be "cn=username,base" -## OAuth consumer mode +### OAuth consumer mode OAuth consumer mode allows sign in / sign up via external OAuth providers (e.g. Twitter, Facebook, Google, Microsoft, etc.). Implementation is based on Ueberauth; see the list of [available strategies](https://github.com/ueberauth/ueberauth/wiki/List-of-Strategies). @@ -728,7 +754,7 @@ config :ueberauth, Ueberauth, ] ``` -## OAuth 2.0 provider - :oauth2 +### OAuth 2.0 provider - :oauth2 Configure OAuth 2 provider capabilities: @@ -737,70 +763,34 @@ Configure OAuth 2 provider capabilities: * `clean_expired_tokens` - Enable a background job to clean expired oauth tokens. Defaults to `false`. * `clean_expired_tokens_interval` - Interval to run the job to clean expired tokens. Defaults to `86_400_000` (24 hours). -## :emoji -* `shortcode_globs`: Location of custom emoji files. `*` can be used as a wildcard. Example `["/emoji/custom/**/*.png"]` -* `pack_extensions`: A list of file extensions for emojis, when no emoji.txt for a pack is present. Example `[".png", ".gif"]` -* `groups`: Emojis are ordered in groups (tags). This is an array of key-value pairs where the key is the groupname and the value the location or array of locations. `*` can be used as a wildcard. Example `[Custom: ["/emoji/*.png", "/emoji/custom/*.png"]]` -* `default_manifest`: Location of the JSON-manifest. This manifest contains information about the emoji-packs you can download. Currently only one manifest can be added (no arrays). -* `shared_pack_cache_seconds_per_file`: When an emoji pack is shared, the archive is created and cached in - memory for this amount of seconds multiplied by the number of files. - -## Database options - -### RUM indexing for full text search -* `rum_enabled`: If RUM indexes should be used. Defaults to `false`. - -RUM indexes are an alternative indexing scheme that is not included in PostgreSQL by default. While they may eventually be mainlined, for now they have to be installed as a PostgreSQL extension from https://github.com/postgrespro/rum. - -Their advantage over the standard GIN indexes is that they allow efficient ordering of search results by timestamp, which makes search queries a lot faster on larger servers, by one or two orders of magnitude. They take up around 3 times as much space as GIN indexes. - -To enable them, both the `rum_enabled` flag has to be set and the following special migration has to be run: - -`mix ecto.migrate --migrations-path priv/repo/optional_migrations/rum_indexing/` - -This will probably take a long time. - -## :rate_limit - -This is an advanced feature and disabled by default. - -If your instance is behind a reverse proxy you must enable and configure [`Pleroma.Plugs.RemoteIp`](#pleroma-plugs-remoteip). - -A keyword list of rate limiters where a key is a limiter name and value is the limiter configuration. The basic configuration is a tuple where: - -* The first element: `scale` (Integer). The time scale in milliseconds. -* The second element: `limit` (Integer). How many requests to limit in the time scale provided. - -It is also possible to have different limits for unauthenticated and authenticated users: the keyword value must be a list of two tuples where the first one is a config for unauthenticated users and the second one is for authenticated. - -Supported rate limiters: - -* `:search` for the search requests (account & status search etc.) -* `:app_account_creation` for registering user accounts from the same IP address -* `:relations_actions` for actions on relations with all users (follow, unfollow) -* `:relation_id_action` for actions on relation with a specific user (follow, unfollow) -* `:statuses_actions` for create / delete / fav / unfav / reblog / unreblog actions on any statuses -* `:status_id_action` for fav / unfav or reblog / unreblog actions on the same status by the same user - -## :web_cache_ttl - -The expiration time for the web responses cache. Values should be in milliseconds or `nil` to disable expiration. +## Link parsing -Available caches: +### :uri_schemes +* `valid_schemes`: List of the scheme part that is considered valid to be an URL. -* `:activity_pub` - activity pub routes (except question activities). Defaults to `nil` (no expiration). -* `:activity_pub_question` - activity pub routes (question activities). Defaults to `30_000` (30 seconds). +### :auto_linker -## Pleroma.Plugs.RemoteIp +Configuration for the `auto_linker` library: -!!! warning - If your instance is not behind at least one reverse proxy, you should not enable this plug. +* `class: "auto-linker"` - specify the class to be added to the generated link. false to clear. +* `rel: "noopener noreferrer"` - override the rel attribute. false to clear. +* `new_window: true` - set to false to remove `target='_blank'` attribute. +* `scheme: false` - Set to true to link urls with schema `http://google.com`. +* `truncate: false` - Set to a number to truncate urls longer then the number. Truncated urls will end in `..`. +* `strip_prefix: true` - Strip the scheme prefix. +* `extra: false` - link urls with rarely used schemes (magnet, ipfs, irc, etc.). -`Pleroma.Plugs.RemoteIp` is a shim to call [`RemoteIp`](https://git.pleroma.social/pleroma/remote_ip) but with runtime configuration. +Example: -Available options: +```elixir +config :auto_linker, + opts: [ + scheme: true, + extra: true, + class: false, + strip_prefix: false, + new_window: false, + rel: "ugc" + ] +``` -* `enabled` - Enable/disable the plug. Defaults to `false`. -* `headers` - A list of strings naming the `req_headers` to use when deriving the `remote_ip`. Order does not matter. Defaults to `~w[forwarded x-forwarded-for x-client-ip x-real-ip]`. -* `proxies` - A list of strings in [CIDR](https://en.wikipedia.org/wiki/CIDR) notation specifying the IPs of known proxies. Defaults to `[]`. -* `reserved` - Defaults to [localhost](https://en.wikipedia.org/wiki/Localhost) and [private network](https://en.wikipedia.org/wiki/Private_network). -- cgit v1.2.3 From 6ef804966461ff4351e6c8d3c867131c2af5d26a Mon Sep 17 00:00:00 2001 From: Phil Hagelberg Date: Sat, 9 Nov 2019 09:50:45 -0800 Subject: Add changelog entry, cheatsheet docs, and alphabetize. --- docs/configuration/cheatsheet.md | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'docs') diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index 8f609fcfd..dddd379d3 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -794,3 +794,10 @@ config :auto_linker, ] ``` +## :static_fe + +Render profiles and posts using server-generated HTML that is viewable without using JavaScript. + +Available options: + +* `enabled` - Enables the rendering of static HTML. Defaults to `false`. -- cgit v1.2.3 From 31343e4321a3c4053b66a1d6dc3da0e42dbdd972 Mon Sep 17 00:00:00 2001 From: Maxim Filippov Date: Mon, 11 Nov 2019 19:06:09 +0900 Subject: Code style fixes --- docs/API/admin_api.md | 2 -- 1 file changed, 2 deletions(-) (limited to 'docs') diff --git a/docs/API/admin_api.md b/docs/API/admin_api.md index ce70b5122..9d914c9a6 100644 --- a/docs/API/admin_api.md +++ b/docs/API/admin_api.md @@ -58,7 +58,6 @@ Authentication is required and the user must be an admin. ### Remove a user -- Method `DELETE` - Params: - `nicknames` - Response: Array of user nicknames @@ -735,7 +734,6 @@ Copy settings on key `:pleroma` to DB. Copy all settings from DB to `config/prod.exported_from_db.secret.exs` with deletion from DB. -- Method `GET` - Params: none - Response: -- cgit v1.2.3 From ab2e61238ee0dd5df0744c8bd8a7ffb089c4a0f8 Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Mon, 11 Nov 2019 19:13:07 +0700 Subject: Add a warning about Pg version to the RUM related docs --- docs/configuration/cheatsheet.md | 6 +++++- docs/installation/otp_en.md | 8 ++++++-- 2 files changed, 11 insertions(+), 3 deletions(-) (limited to 'docs') diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index 8f609fcfd..61783cf3f 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -523,7 +523,7 @@ config :pleroma, :workers, Configuration for [Quantum](https://github.com/quantum-elixir/quantum-core) jobs scheduler. -See [Quantum readme](https://github.com/quantum-elixir/quantum-core#usage) for the list of supported options. +See [Quantum readme](https://github.com/quantum-elixir/quantum-core#usage) for the list of supported options. Example: @@ -593,6 +593,10 @@ See the [Quack Github](https://github.com/azohra/quack) for more details ## Database options ### RUM indexing for full text search + +!!! warning + It is recommended to use PostgreSQL v11 or newer. We have seen some minor issues with lower PostgreSQL versions. + * `rum_enabled`: If RUM indexes should be used. Defaults to `false`. RUM indexes are an alternative indexing scheme that is not included in PostgreSQL by default. While they may eventually be mainlined, for now they have to be installed as a PostgreSQL extension from https://github.com/postgrespro/rum. diff --git a/docs/installation/otp_en.md b/docs/installation/otp_en.md index c028f4229..965e30e2a 100644 --- a/docs/installation/otp_en.md +++ b/docs/installation/otp_en.md @@ -42,6 +42,10 @@ apk add curl unzip ncurses postgresql postgresql-contrib nginx certbot ## Setup ### Configuring PostgreSQL #### (Optional) Installing RUM indexes + +!!! warning + It is recommended to use PostgreSQL v11 or newer. We have seen some minor issues with lower PostgreSQL versions. + RUM indexes are an alternative indexing scheme that is not included in PostgreSQL by default. You can read more about them on the [Configuration page](../configuration/cheatsheet.md#rum-indexing-for-full-text-search). They are completely optional and most of the time are not worth it, especially if you are running a single user instance (unless you absolutely need ordered search results). Debian/Ubuntu (available only on Buster/19.04): @@ -74,7 +78,7 @@ rc-service postgresql restart # Create the Pleroma user adduser --system --shell /bin/false --home /opt/pleroma pleroma -# Set the flavour environment variable to the string you got in Detecting flavour section. +# Set the flavour environment variable to the string you got in Detecting flavour section. # For example if the flavour is `arm64-musl` the command will be export FLAVOUR="arm64-musl" @@ -180,7 +184,7 @@ rc-service pleroma start rc-update add pleroma ``` -If everything worked, you should see Pleroma-FE when visiting your domain. If that didn't happen, try reviewing the installation steps, starting Pleroma in the foreground and seeing if there are any errrors. +If everything worked, you should see Pleroma-FE when visiting your domain. If that didn't happen, try reviewing the installation steps, starting Pleroma in the foreground and seeing if there are any errrors. Still doesn't work? Feel free to contact us on [#pleroma on freenode](https://webchat.freenode.net/?channels=%23pleroma) or via matrix at , you can also [file an issue on our Gitlab](https://git.pleroma.social/pleroma/pleroma/issues/new) -- cgit v1.2.3 From 04473677ccd70281172b8295b44feebb01168386 Mon Sep 17 00:00:00 2001 From: rinpatch Date: Mon, 11 Nov 2019 23:24:15 +0300 Subject: docs: move static-fe docs under a proper category --- docs/configuration/cheatsheet.md | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) (limited to 'docs') diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index 6c7f60203..7832f6962 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -180,6 +180,14 @@ config :pleroma, :frontend_configurations, These settings **need to be complete**, they will override the defaults. +### :static_fe + +Render profiles and posts using server-generated HTML that is viewable without using JavaScript. + +Available options: + +* `enabled` - Enables the rendering of static HTML. Defaults to `false`. + ### :assets This section configures assets to be used with various frontends. Currently the only option @@ -797,11 +805,3 @@ config :auto_linker, rel: "ugc" ] ``` - -## :static_fe - -Render profiles and posts using server-generated HTML that is viewable without using JavaScript. - -Available options: - -* `enabled` - Enables the rendering of static HTML. Defaults to `false`. -- cgit v1.2.3 From e6d7e27bd603806e96dfc2774f90cadb3cf73a8c Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Tue, 12 Nov 2019 18:36:50 +0700 Subject: Add `allow_following_move` setting to User --- docs/API/differences_in_mastoapi_responses.md | 2 ++ 1 file changed, 2 insertions(+) (limited to 'docs') diff --git a/docs/API/differences_in_mastoapi_responses.md b/docs/API/differences_in_mastoapi_responses.md index aca0f5e0e..41965f872 100644 --- a/docs/API/differences_in_mastoapi_responses.md +++ b/docs/API/differences_in_mastoapi_responses.md @@ -57,6 +57,7 @@ Has these additional fields under the `pleroma` object: - `settings_store`: A generic map of settings for frontends. Opaque to the backend. Only returned in `verify_credentials` and `update_credentials` - `chat_token`: The token needed for Pleroma chat. Only returned in `verify_credentials` - `deactivated`: boolean, true when the user is deactivated +- `allow_following_move`: boolean, true when the user allows automatically follow moved following accounts - `unread_conversation_count`: The count of unread conversations. Only returned to the account owner. ### Source @@ -130,6 +131,7 @@ Additional parameters can be added to the JSON body/Form data: - `default_scope` - the scope returned under `privacy` key in Source subentity - `pleroma_settings_store` - Opaque user settings to be saved on the backend. - `skip_thread_containment` - if true, skip filtering out broken threads +- `allow_following_move` - if true, allows automatically follow moved following accounts - `pleroma_background_image` - sets the background image of the user. ### Pleroma Settings Store -- cgit v1.2.3 From 3350cd8d965f45b51257ab6b9d5073fc81bdaa06 Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Wed, 13 Nov 2019 18:48:53 +0700 Subject: Fix formatting in OpenBSD install manual --- docs/installation/openbsd_en.md | 38 ++++++++++++++++++++++++-------------- 1 file changed, 24 insertions(+), 14 deletions(-) (limited to 'docs') diff --git a/docs/installation/openbsd_en.md b/docs/installation/openbsd_en.md index 3585a326b..45602bd75 100644 --- a/docs/installation/openbsd_en.md +++ b/docs/installation/openbsd_en.md @@ -1,9 +1,13 @@ # Installing on OpenBSD + This guide describes the installation and configuration of pleroma (and the required software to run it) on a single OpenBSD 6.4 server. + For any additional information regarding commands and configuration files mentioned here, check the man pages [online](https://man.openbsd.org/) or directly on your server with the man command. #### Required software + The following packages need to be installed: + * elixir * gmake * ImageMagick @@ -11,8 +15,11 @@ The following packages need to be installed: * postgresql-server * postgresql-contrib -To install them, run the following command (with doas or as root): -`pkg_add elixir gmake ImageMagick git postgresql-server postgresql-contrib` +To install them, run the following command (with doas or as root): + +``` +pkg_add elixir gmake ImageMagick git postgresql-server postgresql-contrib +``` Pleroma requires a reverse proxy, OpenBSD has relayd in base (and is used in this guide) and packages/ports are available for nginx (www/nginx) and apache (www/apache-httpd). Independently of the reverse proxy, [acme-client(1)](https://man.openbsd.org/acme-client) can be used to get a certificate from Let's Encrypt. @@ -31,8 +38,8 @@ Create the \_pleroma user, assign it the pleroma login class and create its home #### Clone pleroma's directory Enter a shell as the \_pleroma user. As root, run `su _pleroma -;cd`. Then clone the repository with `git clone -b stable https://git.pleroma.social/pleroma/pleroma.git`. Pleroma is now installed in /home/\_pleroma/pleroma/, it will be configured and started at the end of this guide. -#### Postgresql -Start a shell as the \_postgresql user (as root run `su _postgresql -` then run the `initdb` command to initialize postgresql: +#### PostgreSQL +Start a shell as the \_postgresql user (as root run `su _postgresql -` then run the `initdb` command to initialize postgresql: If you wish to not use the default location for postgresql's data (/var/postgresql/data), add the following switch at the end of the command: `-D ` and modify the `datadir` variable in the /etc/rc.d/postgresql script. When this is done, enable postgresql so that it starts on boot and start it. As root, run: @@ -44,6 +51,7 @@ To check that it started properly and didn't fail right after starting, you can #### httpd httpd will have three fuctions: + * redirect requests trying to reach the instance over http to the https URL * serve a robots.txt file * get Let's Encrypt certificates, with acme-client @@ -76,9 +84,9 @@ types { include "/usr/share/misc/mime.types" } ``` -Do not forget to change *\* to your server's address(es). If httpd should only listen on one protocol family, comment one of the two first *listen* options. +Do not forget to change ** to your server's address(es). If httpd should only listen on one protocol family, comment one of the two first *listen* options. -Create the /var/www/htdocs/local/ folder and write the content of your robots.txt in /var/www/htdocs/local/robots.txt. +Create the /var/www/htdocs/local/ folder and write the content of your robots.txt in /var/www/htdocs/local/robots.txt. Check the configuration with `httpd -n`, if it is OK enable and start httpd (as root): ``` rcctl enable httpd @@ -86,7 +94,7 @@ rcctl start httpd ``` #### acme-client -acme-client is used to get SSL/TLS certificates from Let's Encrypt. +acme-client is used to get SSL/TLS certificates from Let's Encrypt. Insert the following configuration in /etc/acme-client.conf: ``` # @@ -107,7 +115,7 @@ domain { challengedir "/var/www/acme/" } ``` -Replace *\* by the domain name you'll use for your instance. As root, run `acme-client -n` to check the config, then `acme-client -ADv ` to create account and domain keys, and request a certificate for the first time. +Replace ** by the domain name you'll use for your instance. As root, run `acme-client -n` to check the config, then `acme-client -ADv ` to create account and domain keys, and request a certificate for the first time. Make acme-client run everyday by adding it in /etc/daily.local. As root, run the following command: `echo "acme-client " >> /etc/daily.local`. Relayd will look for certificates and keys based on the address it listens on (see next part), the easiest way to make them available to relayd is to create a link, as root run: @@ -118,7 +126,7 @@ ln -s /etc/ssl/private/.key /etc/ssl/private/.key This will have to be done for each IPv4 and IPv6 address relayd listens on. #### relayd -relayd will be used as the reverse proxy sitting in front of pleroma. +relayd will be used as the reverse proxy sitting in front of pleroma. Insert the following configuration in /etc/relayd.conf: ``` # $OpenBSD: relayd.conf,v 1.4 2018/03/23 09:55:06 claudio Exp $ @@ -169,7 +177,7 @@ relay wwwtls { forward to port 80 check http "/robots.txt" code 200 } ``` -Again, change *\* to your server's address(es) and comment one of the two *listen* options if needed. Also change *wss://CHANGEME.tld* to *wss://\*. +Again, change ** to your server's address(es) and comment one of the two *listen* options if needed. Also change *wss://CHANGEME.tld* to *wss://*. Check the configuration with `relayd -n`, if it is OK enable and start relayd (as root): ``` rcctl enable relayd @@ -177,7 +185,7 @@ rcctl start relayd ``` #### pf -Enabling and configuring pf is highly recommended. +Enabling and configuring pf is highly recommended. In /etc/pf.conf, insert the following configuration: ``` # Macros @@ -202,20 +210,22 @@ pass in quick on $if inet6 proto icmp6 to ($if) icmp6-type { echoreq unreach par pass in quick on $if proto tcp to ($if) port { http https } # relayd/httpd pass in quick on $if proto tcp from $authorized_ssh_clients to ($if) port ssh ``` -Replace *\* by your server's network interface name (which you can get with ifconfig). Consider replacing the content of the authorized\_ssh\_clients macro by, for exemple, your home IP address, to avoid SSH connection attempts from bots. +Replace ** by your server's network interface name (which you can get with ifconfig). Consider replacing the content of the authorized\_ssh\_clients macro by, for exemple, your home IP address, to avoid SSH connection attempts from bots. Check pf's configuration by running `pfctl -nf /etc/pf.conf`, load it with `pfctl -f /etc/pf.conf` and enable pf at boot with `rcctl enable pf`. #### Configure and start pleroma -Enter a shell as \_pleroma (as root `su _pleroma -`) and enter pleroma's installation directory (`cd ~/pleroma/`). +Enter a shell as \_pleroma (as root `su _pleroma -`) and enter pleroma's installation directory (`cd ~/pleroma/`). + Then follow the main installation guide: + * run `mix deps.get` * run `mix pleroma.instance gen` and enter your instance's information when asked * copy config/generated\_config.exs to config/prod.secret.exs. The default values should be sufficient but you should edit it and check that everything seems OK. * exit your current shell back to a root one and run `psql -U postgres -f /home/_pleroma/config/setup_db.psql` to setup the database. * return to a \_pleroma shell into pleroma's installation directory (`su _pleroma -;cd ~/pleroma`) and run `MIX_ENV=prod mix ecto.migrate` -As \_pleroma in /home/\_pleroma/pleroma, you can now run `LC_ALL=en_US.UTF-8 MIX_ENV=prod mix phx.server` to start your instance. +As \_pleroma in /home/\_pleroma/pleroma, you can now run `LC_ALL=en_US.UTF-8 MIX_ENV=prod mix phx.server` to start your instance. In another SSH session/tmux window, check that it is working properly by running `ftp -MVo - http://127.0.0.1:4000/api/v1/instance`, you should get json output. Double-check that *uri*'s value is your instance's domain name. ##### Starting pleroma at boot -- cgit v1.2.3 From 29f49bf5fa9d033d88ddd2440db703681a25cc4e Mon Sep 17 00:00:00 2001 From: Ariadne Conill Date: Thu, 14 Nov 2019 18:31:30 -0600 Subject: docs: document MRF ObjectAgePolicy --- docs/configuration/cheatsheet.md | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'docs') diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index 7832f6962..d798bd692 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -41,6 +41,7 @@ You shouldn't edit the base config directly to avoid breakages and merge conflic * `Pleroma.Web.ActivityPub.MRF.MediaProxyWarmingPolicy`: Crawls attachments using their MediaProxy URLs so that the MediaProxy cache is primed. * `Pleroma.Web.ActivityPub.MRF.MentionPolicy`: Drops posts mentioning configurable users. (See [`:mrf_mention`](#mrf_mention)). * `Pleroma.Web.ActivityPub.MRF.VocabularyPolicy`: Restricts activities to a configured set of vocabulary. (See [`:mrf_vocabulary`](#mrf_vocabulary)). + * `Pleroma.Web.ActivityPub.MRF.ObjectAgePolicy`: Rejects or delists posts based on their age when received. (See [`:mrf_object_age`](#mrf_object_age)). * `public`: Makes the client API in authentificated mode-only except for user-profiles. Useful for disabling the Local Timeline and The Whole Known Network. * `quarantined_instances`: List of ActivityPub instances where private(DMs, followers-only) activities will not be send. * `managed_config`: Whenether the config for pleroma-fe is configured in [:frontend_configurations](#frontend_configurations) or in ``static/config.json``. @@ -137,6 +138,13 @@ config :pleroma, :mrf_user_allowlist, "example.org": ["https://example.org/users/admin"] ``` +#### :mrf_object_age +* `threshold`: Required age (in seconds) of a post before actions are taken. +* `actions`: A list of actions to apply to the post: + * `:delist` removes the post from public timelines + * `:strip_followers` removes followers from the ActivityPub recipient list, ensuring they won't be delivered to home timelines + * `:reject` rejects the message entirely + ### :activitypub * ``unfollow_blocked``: Whether blocks result in people getting unfollowed * ``outgoing_blocks``: Whether to federate blocks to other instances -- cgit v1.2.3 From 234c27cb2024e49f49ac6e82f9963752e92103ee Mon Sep 17 00:00:00 2001 From: lain Date: Fri, 15 Nov 2019 14:30:59 +0100 Subject: Documentation: Add warning about database mix tasks. --- docs/administration/CLI_tasks/database.md | 3 +++ 1 file changed, 3 insertions(+) (limited to 'docs') diff --git a/docs/administration/CLI_tasks/database.md b/docs/administration/CLI_tasks/database.md index 484639231..3011646c8 100644 --- a/docs/administration/CLI_tasks/database.md +++ b/docs/administration/CLI_tasks/database.md @@ -2,6 +2,9 @@ Every command should be ran with a prefix, in case of OTP releases it is `./bin/pleroma_ctl database` and in case of source installs it's `mix pleroma.database`. +!!! danger + These mix tasks can take a long time to complete. Many of them were written to address specific database issues that happened because of bugs in migrations or other specific scenarios. Do not run these tasks "just in case" if everything is fine your instance. + ## Replace embedded objects with their references Replaces embedded objects with references to them in the `objects` table. Only needs to be ran once if the instance was created before Pleroma 1.0.5. The reason why this is not a migration is because it could significantly increase the database size after being ran, however after this `VACUUM FULL` will be able to reclaim about 20% (really depends on what is in the database, your mileage may vary) of the db size before the migration. -- cgit v1.2.3 From adacf1b5e12ea15b740d77891059a94d9fa4f503 Mon Sep 17 00:00:00 2001 From: feld Date: Mon, 18 Nov 2019 16:16:27 +0000 Subject: Remove deprecated endpoint from docs that is fully removed from backend now --- docs/API/admin_api.md | 8 -------- 1 file changed, 8 deletions(-) (limited to 'docs') diff --git a/docs/API/admin_api.md b/docs/API/admin_api.md index 9d914c9a6..f64983a90 100644 --- a/docs/API/admin_api.md +++ b/docs/API/admin_api.md @@ -235,14 +235,6 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret } ``` -## DEPRECATED `PATCH /api/pleroma/admin/users/:nickname/activation_status` - -### Active or deactivate a user - -- Params: - - `nickname` - - `status` BOOLEAN field, false value means deactivation. - ## `GET /api/pleroma/admin/users/:nickname_or_id` ### Retrive the details of a user -- cgit v1.2.3 From 36686f52457454841c6b9c85a137eabeb1e739fc Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Tue, 19 Nov 2019 15:58:20 +0700 Subject: Support authentication via `x-admin-token` HTTP header --- docs/configuration/cheatsheet.md | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) (limited to 'docs') diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index d798bd692..07d9a1d45 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -656,7 +656,7 @@ Feel free to adjust the priv_dir and port number. Then you will have to create t ### :admin_token -Allows to set a token that can be used to authenticate with the admin api without using an actual user by giving it as the 'admin_token' parameter. Example: +Allows to set a token that can be used to authenticate with the admin api without using an actual user by giving it as the `admin_token` parameter or `x-admin-token` HTTP header. Example: ```elixir config :pleroma, :admin_token, "somerandomtoken" @@ -664,8 +664,14 @@ config :pleroma, :admin_token, "somerandomtoken" You can then do -```sh -curl "http://localhost:4000/api/pleroma/admin/invite_token?admin_token=somerandomtoken" +```shell +curl "http://localhost:4000/api/pleroma/admin/users/invites?admin_token=somerandomtoken" +``` + +or + +```shell +curl -H "X-Admin-Token: somerandomtoken" "http://localhost:4000/api/pleroma/admin/users/invites" ``` ### :auth -- cgit v1.2.3 From 46eb160135cf408fee87bb76fc46acfc51af901d Mon Sep 17 00:00:00 2001 From: Maxim Filippov Date: Tue, 19 Nov 2019 20:14:02 +0900 Subject: AdminAPI: Confirm user account, resend confirmation email --- docs/API/admin_api.md | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) (limited to 'docs') diff --git a/docs/API/admin_api.md b/docs/API/admin_api.md index 9d914c9a6..d943b3ee3 100644 --- a/docs/API/admin_api.md +++ b/docs/API/admin_api.md @@ -878,3 +878,19 @@ Compile time settings (need instance reboot): - Authentication: required - Params: None - Response: JSON, "ok" and 200 status + +## `PATCH /api/pleroma/admin/users/confirm_email` + +### Confirm users' emails + +- Params: + - `nicknames` +- Response: Array of user nicknames + +## `PATCH /api/pleroma/admin/users/resend_confirmation_email` + +### Resend confirmation email + +- Params: + - `nicknames` +- Response: Array of user nicknames -- cgit v1.2.3 From fbc379d68990b166e1034cfff252f975f793eba1 Mon Sep 17 00:00:00 2001 From: Alex Schroeder Date: Sun, 17 Nov 2019 21:58:30 +0100 Subject: Add CLI list users command --- docs/administration/CLI_tasks/user.md | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'docs') diff --git a/docs/administration/CLI_tasks/user.md b/docs/administration/CLI_tasks/user.md index cf120f2c9..96b2d9e6a 100644 --- a/docs/administration/CLI_tasks/user.md +++ b/docs/administration/CLI_tasks/user.md @@ -15,6 +15,11 @@ $PREFIX new [] - `--admin`/`--no-admin` - whether the user should be an admin - `-y`, `--assume-yes`/`--no-assume-yes` - whether to assume yes to all questions +## List local users +```sh +$PREFIX list +``` + ## Generate an invite link ```sh $PREFIX invite [] -- cgit v1.2.3 From d3656c2725fa80ea66dd9de2d74893fe9888ef57 Mon Sep 17 00:00:00 2001 From: Sadposter Date: Mon, 25 Nov 2019 09:53:11 +0000 Subject: add ability to set a custom user-agent string --- docs/configuration/cheatsheet.md | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'docs') diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index 07d9a1d45..082906293 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -74,6 +74,13 @@ You shouldn't edit the base config directly to avoid breakages and merge conflic * `dynamic_configuration`: Allow transferring configuration to DB with the subsequent customization from Admin api. +## :http + +* `proxy_url`: an upstream proxy to fetch posts and/or media with, (default: `nil`) +* `send_user_agent`: should we include a user agent with HTTP requests? (default: `true`) +* `user_agent`: what user agent should we use? (default: `:default`), must be string or `:default` +* `adapter`: array of hackney options + ## Federation ### MRF policies -- cgit v1.2.3 From e2dc89069d6d77a10848e53f321e2e464f539a25 Mon Sep 17 00:00:00 2001 From: Sadposter Date: Mon, 25 Nov 2019 11:26:42 +0000 Subject: move documentation section for http client --- docs/configuration/cheatsheet.md | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) (limited to 'docs') diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index 082906293..dc2f55229 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -74,13 +74,6 @@ You shouldn't edit the base config directly to avoid breakages and merge conflic * `dynamic_configuration`: Allow transferring configuration to DB with the subsequent customization from Admin api. -## :http - -* `proxy_url`: an upstream proxy to fetch posts and/or media with, (default: `nil`) -* `send_user_agent`: should we include a user agent with HTTP requests? (default: `true`) -* `user_agent`: what user agent should we use? (default: `:default`), must be string or `:default` -* `adapter`: array of hackney options - ## Federation ### MRF policies @@ -355,7 +348,17 @@ Available caches: * `:activity_pub` - activity pub routes (except question activities). Defaults to `nil` (no expiration). * `:activity_pub_question` - activity pub routes (question activities). Defaults to `30_000` (30 seconds). -## :hackney_pools +## HTTP client + +### :http + +* `proxy_url`: an upstream proxy to fetch posts and/or media with, (default: `nil`) +* `send_user_agent`: should we include a user agent with HTTP requests? (default: `true`) +* `user_agent`: what user agent should we use? (default: `:default`), must be string or `:default` +* `adapter`: array of hackney options + + +### :hackney_pools Advanced. Tweaks Hackney (http client) connections pools. -- cgit v1.2.3 From 0e9be6bafa81b4a55546b41e8b217fbe559cd16d Mon Sep 17 00:00:00 2001 From: Maksim Pechnikov Date: Mon, 25 Nov 2019 14:32:20 +0300 Subject: moved OAuth.Token.CleanWorker to Oban Periodic jobs --- docs/configuration/cheatsheet.md | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) (limited to 'docs') diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index 07d9a1d45..e414d0b11 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -483,6 +483,7 @@ Configuration options described in [Oban readme](https://github.com/sorentwo/oba * `verbose` - logs verbosity * `prune` - non-retryable jobs [pruning settings](https://github.com/sorentwo/oban#pruning) (`:disabled` / `{:maxlen, value}` / `{:maxage, value}`) * `queues` - job queues (see below) +* `crontab` - periodic jobs, see [`Oban.Cron`](#obancron) Pleroma has the following queues: @@ -494,6 +495,12 @@ Pleroma has the following queues: * `web_push` - Web push notifications * `scheduled_activities` - Scheduled activities, see [`Pleroma.ScheduledActivity`](#pleromascheduledactivity) +#### Oban.Cron + +Pleroma has the periodic jobs: + +`Pleroma.Workers.Cron.ClearOauthTokenWorker` - the job to clean an expired oauth tokens. + Example: ```elixir @@ -504,6 +511,9 @@ config :pleroma, Oban, queues: [ federator_incoming: 50, federator_outgoing: 50 + ], + crontab: [ + {"0 0 * * *", Pleroma.Workers.Cron.ClearOauthTokenWorker} ] ``` @@ -786,8 +796,7 @@ Configure OAuth 2 provider capabilities: * `token_expires_in` - The lifetime in seconds of the access token. * `issue_new_refresh_token` - Keeps old refresh token or generate new refresh token when to obtain an access token. -* `clean_expired_tokens` - Enable a background job to clean expired oauth tokens. Defaults to `false`. -* `clean_expired_tokens_interval` - Interval to run the job to clean expired tokens. Defaults to `86_400_000` (24 hours). +* `clean_expired_tokens` - Enable a background job to clean expired oauth tokens. Defaults to `false`. Interval settings sets in configuration periodic jobs [`Oban.Cron`](#obancron) ## Link parsing -- cgit v1.2.3 From 1fc28a4b441fdc0de8b2b43e2b045da38ee50b0a Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Tue, 26 Nov 2019 18:48:56 +0700 Subject: Add a view for the move notification --- docs/API/differences_in_mastoapi_responses.md | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'docs') diff --git a/docs/API/differences_in_mastoapi_responses.md b/docs/API/differences_in_mastoapi_responses.md index e649bdf24..006d17c1b 100644 --- a/docs/API/differences_in_mastoapi_responses.md +++ b/docs/API/differences_in_mastoapi_responses.md @@ -92,6 +92,12 @@ Has these additional fields under the `pleroma` object: - `is_seen`: true if the notification was read by the user +### Move Notification + +The `type` value is `move`. Has an additional field: + +- `target`: new account + ## GET `/api/v1/notifications` Accepts additional parameters: -- cgit v1.2.3 From 4b60d41db9d10e971ee91202389991da294c72de Mon Sep 17 00:00:00 2001 From: Maxim Filippov Date: Tue, 3 Dec 2019 23:54:07 +0900 Subject: Add report notes --- docs/API/admin_api.md | 69 +++------------------------------------------------ 1 file changed, 4 insertions(+), 65 deletions(-) (limited to 'docs') diff --git a/docs/API/admin_api.md b/docs/API/admin_api.md index 2cac317de..e51fad2cb 100644 --- a/docs/API/admin_api.md +++ b/docs/API/admin_api.md @@ -607,78 +607,17 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret - On success: `204`, empty response -## `POST /api/pleroma/admin/reports/:id/respond` +## `POST /api/pleroma/admin/reports/:id/notes` -### Respond to a report +### Create a report note - Params: - `id` - - `status`: required, the message + - `content`: required, the message - Response: - On failure: - 400 Bad Request `"Invalid parameters"` when `status` is missing - - 403 Forbidden `{"error": "error_msg"}` - - 404 Not Found `"Not found"` - - On success: JSON, created Mastodon Status entity - -```json -{ - "account": { ... }, - "application": { - "name": "Web", - "website": null - }, - "bookmarked": false, - "card": null, - "content": "Your claim is going to be closed", - "created_at": "2019-05-11T17:13:03.000Z", - "emojis": [], - "favourited": false, - "favourites_count": 0, - "id": "9ihuiSL1405I65TmEq", - "in_reply_to_account_id": null, - "in_reply_to_id": null, - "language": null, - "media_attachments": [], - "mentions": [ - { - "acct": "user", - "id": "9i6dAJqSGSKMzLG2Lo", - "url": "https://pleroma.example.org/users/user", - "username": "user" - }, - { - "acct": "admin", - "id": "9hEkA5JsvAdlSrocam", - "url": "https://pleroma.example.org/users/admin", - "username": "admin" - } - ], - "muted": false, - "pinned": false, - "pleroma": { - "content": { - "text/plain": "Your claim is going to be closed" - }, - "conversation_id": 35, - "in_reply_to_account_acct": null, - "local": true, - "spoiler_text": { - "text/plain": "" - } - }, - "reblog": null, - "reblogged": false, - "reblogs_count": 0, - "replies_count": 0, - "sensitive": false, - "spoiler_text": "", - "tags": [], - "uri": "https://pleroma.example.org/objects/cab0836d-9814-46cd-a0ea-529da9db5fcb", - "url": "https://pleroma.example.org/notice/9ihuiSL1405I65TmEq", - "visibility": "direct" -} -``` + - On success: `204`, empty response ## `PUT /api/pleroma/admin/statuses/:id` -- cgit v1.2.3 From 9487995e8b2172bd720d17d639d5d782d38a45a2 Mon Sep 17 00:00:00 2001 From: lain Date: Wed, 4 Dec 2019 12:51:06 +0100 Subject: Cheat Sheet: Addg chat_limit information. --- docs/configuration/cheatsheet.md | 1 + 1 file changed, 1 insertion(+) (limited to 'docs') diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index dc2f55229..ef2711e3c 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -12,6 +12,7 @@ You shouldn't edit the base config directly to avoid breakages and merge conflic * `notify_email`: Email used for notifications. * `description`: The instance’s description, can be seen in nodeinfo and ``/api/v1/instance``. * `limit`: Posts character limit (CW/Subject included in the counter). +* `chat_limit`: Character limit of the instance chat messages. * `remote_limit`: Hard character limit beyond which remote posts will be dropped. * `upload_limit`: File size limit of uploads (except for avatar, background, banner). * `avatar_upload_limit`: File size limit of user’s profile avatars. -- cgit v1.2.3 From 48ae3c4347f68e20db7e3e67da32be2e70599fb3 Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Thu, 5 Dec 2019 20:18:25 +0700 Subject: Add support for custom modules --- docs/configuration/cheatsheet.md | 2 ++ 1 file changed, 2 insertions(+) (limited to 'docs') diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index dc2f55229..f73d368c1 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -68,6 +68,8 @@ You shouldn't edit the base config directly to avoid breakages and merge conflic * `account_field_name_length`: An account field name maximum length (default: `512`). * `account_field_value_length`: An account field value maximum length (default: `2048`). * `external_user_synchronization`: Enabling following/followers counters synchronization for external users. +* `custom_modules_dir`: A path to custom Elixir modules (such as MRF policies). + !!! danger This is a Work In Progress, not usable just yet -- cgit v1.2.3 From 157bceeda9124cea7ba69eaf6639ca52b3fac7c6 Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Fri, 6 Dec 2019 15:04:46 +0700 Subject: Move runtime configuration from `:instance` to `:modules` --- docs/configuration/cheatsheet.md | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) (limited to 'docs') diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index f73d368c1..413a668c6 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -68,8 +68,6 @@ You shouldn't edit the base config directly to avoid breakages and merge conflic * `account_field_name_length`: An account field name maximum length (default: `512`). * `account_field_value_length`: An account field value maximum length (default: `2048`). * `external_user_synchronization`: Enabling following/followers counters synchronization for external users. -* `custom_modules_dir`: A path to custom Elixir modules (such as MRF policies). - !!! danger This is a Work In Progress, not usable just yet @@ -831,3 +829,13 @@ config :auto_linker, rel: "ugc" ] ``` + +## Custom Runtime Modules (`:modules`) + +* `runtime_dir`: A path to custom Elixir modules (such as MRF policies). + +Example: + +```elixir +config :pleroma, :modules, runtime_dir: "/var/lib/pleroma/modules" +``` -- cgit v1.2.3 From 93a80ee9155bf5257aa92afaca2fe017f28aabfa Mon Sep 17 00:00:00 2001 From: Ivan Tashkinov Date: Fri, 6 Dec 2019 16:56:23 +0300 Subject: [#1427] Bugfix for `enforce_oauth_admin_scope_usage`. Admin API documentation entry. --- docs/API/admin_api.md | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'docs') diff --git a/docs/API/admin_api.md b/docs/API/admin_api.md index 2cac317de..b19793150 100644 --- a/docs/API/admin_api.md +++ b/docs/API/admin_api.md @@ -2,6 +2,13 @@ Authentication is required and the user must be an admin. +Configuration options: + +* `[:auth, :enforce_oauth_admin_scope_usage]` — OAuth admin scope requirement toggle. + If `true`, admin actions explicitly demand admin OAuth scope(s) presence in OAuth token (client app must support admin scopes). + If `false` and token doesn't have admin scope(s), `is_admin` user flag grants access to admin-specific actions. + Note that client app needs to explicitly support admin scopes and request them when obtaining auth token. + ## `GET /api/pleroma/admin/users` ### List users -- cgit v1.2.3 From 00c38cf28dd2412650d5e0dba7f98997ff49f402 Mon Sep 17 00:00:00 2001 From: Maxim Filippov Date: Sun, 8 Dec 2019 11:29:33 +0300 Subject: Docs --- docs/API/admin_api.md | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) (limited to 'docs') diff --git a/docs/API/admin_api.md b/docs/API/admin_api.md index e51fad2cb..98efbf9c9 100644 --- a/docs/API/admin_api.md +++ b/docs/API/admin_api.md @@ -609,16 +609,28 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret ## `POST /api/pleroma/admin/reports/:id/notes` -### Create a report note +### Create report note - Params: - - `id` + - `id`: required, report id - `content`: required, the message - Response: - On failure: - 400 Bad Request `"Invalid parameters"` when `status` is missing - On success: `204`, empty response +## `POST /api/pleroma/admin/reports/:report_id/notes/:id` + +### Delete report note + +- Params: + - `report_id`: required, report id + - `id`: required, note id +- Response: + - On failure: + - 400 Bad Request `"Invalid parameters"` when `status` is missing + - On success: `204`, empty response + ## `PUT /api/pleroma/admin/statuses/:id` ### Change the scope of an individual reported status -- cgit v1.2.3 From e260a16c05f0c3a6694cc85b560eba5e373195c8 Mon Sep 17 00:00:00 2001 From: Maksim Pechnikov Date: Sun, 8 Dec 2019 22:09:15 +0300 Subject: update docs --- docs/API/pleroma_api.md | 1 + 1 file changed, 1 insertion(+) (limited to 'docs') diff --git a/docs/API/pleroma_api.md b/docs/API/pleroma_api.md index ad16d027e..acdb5efb4 100644 --- a/docs/API/pleroma_api.md +++ b/docs/API/pleroma_api.md @@ -302,6 +302,7 @@ See [Admin-API](admin_api.md) * `follows`: BOOLEAN field, receives notifications from people the user follows * `remote`: BOOLEAN field, receives notifications from people on remote instances * `local`: BOOLEAN field, receives notifications from people on the local instance + * `privacy_option`: BOOLEAN field, set privacy direct messages. exclude contents of a message from push notification when it's true. * Response: JSON. Returns `{"status": "success"}` if the update was successful, otherwise returns `{"error": "error_msg"}` ## `/api/pleroma/healthcheck` -- cgit v1.2.3 From eb9ea8475b19d6a00f690421b193310c09ba40f3 Mon Sep 17 00:00:00 2001 From: rinpatch Date: Mon, 9 Dec 2019 04:07:16 +0300 Subject: docs: add OTP/From source tabs to CLI tasks --- docs/administration/CLI_tasks/config.md | 21 ++- docs/administration/CLI_tasks/database.md | 46 +++++-- docs/administration/CLI_tasks/digest.md | 21 ++- docs/administration/CLI_tasks/emoji.md | 30 ++++- .../CLI_tasks/general_cli_task_info.include | 5 + docs/administration/CLI_tasks/instance.md | 11 +- docs/administration/CLI_tasks/relay.md | 29 ++-- docs/administration/CLI_tasks/uploads.md | 11 +- docs/administration/CLI_tasks/user.md | 147 ++++++++++++++++----- 9 files changed, 238 insertions(+), 83 deletions(-) create mode 100644 docs/administration/CLI_tasks/general_cli_task_info.include (limited to 'docs') diff --git a/docs/administration/CLI_tasks/config.md b/docs/administration/CLI_tasks/config.md index ce19e2402..e9d44b9a4 100644 --- a/docs/administration/CLI_tasks/config.md +++ b/docs/administration/CLI_tasks/config.md @@ -3,17 +3,26 @@ !!! danger This is a Work In Progress, not usable just yet. -Every command should be ran with a prefix, in case of OTP releases it is `./bin/pleroma_ctl config` and in case of source installs it's -`mix pleroma.config`. +{! backend/administration/CLI_tasks/general_cli_task_info.include !} ## Transfer config from file to DB. -```sh -$PREFIX migrate_to_db +```sh tab="OTP" + ./bin/pleroma_ctl config migrate_to_db ``` +```sh tab="From Source" +mix pleroma.config migrate_to_db +``` + + ## Transfer config from DB to `config/env.exported_from_db.secret.exs` -```sh -$PREFIX migrate_from_db +```sh tab="OTP" + ./bin/pleroma_ctl config migrate_from_db ``` + +```sh tab="From Source" +mix pleroma.config migrate_from_db +``` + diff --git a/docs/administration/CLI_tasks/database.md b/docs/administration/CLI_tasks/database.md index 3011646c8..51c7484ba 100644 --- a/docs/administration/CLI_tasks/database.md +++ b/docs/administration/CLI_tasks/database.md @@ -1,6 +1,6 @@ # Database maintenance tasks -Every command should be ran with a prefix, in case of OTP releases it is `./bin/pleroma_ctl database` and in case of source installs it's `mix pleroma.database`. +{! backend/administration/CLI_tasks/general_cli_task_info.include !} !!! danger These mix tasks can take a long time to complete. Many of them were written to address specific database issues that happened because of bugs in migrations or other specific scenarios. Do not run these tasks "just in case" if everything is fine your instance. @@ -9,8 +9,12 @@ Every command should be ran with a prefix, in case of OTP releases it is `./bin/ Replaces embedded objects with references to them in the `objects` table. Only needs to be ran once if the instance was created before Pleroma 1.0.5. The reason why this is not a migration is because it could significantly increase the database size after being ran, however after this `VACUUM FULL` will be able to reclaim about 20% (really depends on what is in the database, your mileage may vary) of the db size before the migration. -```sh -$PREFIX remove_embedded_objects [] +```sh tab="OTP" +./bin/pleroma_ctl database remove_embedded_objects [] +``` + +```sh tab="From Source" +mix pleroma.database remove_embedded_objects [] ``` ### Options @@ -20,11 +24,15 @@ $PREFIX remove_embedded_objects [] This will prune remote posts older than 90 days (configurable with [`config :pleroma, :instance, remote_post_retention_days`](../../configuration/cheatsheet.md#instance)) from the database, they will be refetched from source when accessed. -!!! note - The disk space will only be reclaimed after `VACUUM FULL` +!!! danger + The disk space will only be reclaimed after `VACUUM FULL`. You may run out of disk space during the execution of the task or vacuuming if you don't have about 1/3rds of the database size free. + +```sh tab="OTP" +./bin/pleroma_ctl database prune_objects [] +``` -```sh -$PREFIX pleroma.database prune_objects [] +```sh tab="From Source" +mix pleroma.database prune_objects [] ``` ### Options @@ -34,18 +42,30 @@ $PREFIX pleroma.database prune_objects [] Can be safely re-run -```sh -$PREFIX bump_all_conversations +```sh tab="OTP" +./bin/pleroma_ctl database bump_all_conversations +``` + +```sh tab="From Source" +mix pleroma.database bump_all_conversations ``` ## Remove duplicated items from following and update followers count for all users -```sh -$PREFIX update_users_following_followers_counts +```sh tab="OTP" +./bin/pleroma_ctl database update_users_following_followers_counts +``` + +```sh tab="From Source" +mix pleroma.database update_users_following_followers_counts ``` ## Fix the pre-existing "likes" collections for all objects -```sh -$PREFIX fix_likes_collections +```sh tab="OTP" +./bin/pleroma_ctl database fix_likes_collections +``` + +```sh tab="From Source" +mix pleroma.database fix_likes_collections ``` diff --git a/docs/administration/CLI_tasks/digest.md b/docs/administration/CLI_tasks/digest.md index 547702031..a70f24c06 100644 --- a/docs/administration/CLI_tasks/digest.md +++ b/docs/administration/CLI_tasks/digest.md @@ -1,13 +1,24 @@ # Managing digest emails -Every command should be ran with a prefix, in case of OTP releases it is `./bin/pleroma_ctl digest` and in case of source installs it's `mix pleroma.digest`. + +{! backend/administration/CLI_tasks/general_cli_task_info.include !} ## Send digest email since given date (user registration date by default) ignoring user activity status. -```sh -$PREFIX test [] +```sh tab="OTP" + ./bin/pleroma_ctl digest test [] +``` + +```sh tab="From Source" +mix pleroma.digest test [] ``` + Example: -```sh -$PREFIX test donaldtheduck 2019-05-20 +```sh tab="OTP" + ./bin/pleroma_ctl digest test donaldtheduck 2019-05-20 ``` + +```sh tab="From Source" +mix pleroma.digest test donaldtheduck 2019-05-20 +``` + diff --git a/docs/administration/CLI_tasks/emoji.md b/docs/administration/CLI_tasks/emoji.md index eee02f2ef..a3207bc6c 100644 --- a/docs/administration/CLI_tasks/emoji.md +++ b/docs/administration/CLI_tasks/emoji.md @@ -1,28 +1,44 @@ # Managing emoji packs -Every command should be ran with a prefix, in case of OTP releases it is `./bin/pleroma_ctl emoji` and in case of source installs it's `mix pleroma.emoji`. +{! backend/administration/CLI_tasks/general_cli_task_info.include !} ## Lists emoji packs and metadata specified in the manifest -```sh -$PREFIX ls-packs [] +```sh tab="OTP" +./bin/pleroma_ctl emoji ls-packs [] ``` +```sh tab="From Source" +mix pleroma.emoji ls-packs [] +``` + + ### Options - `-m, --manifest PATH/URL` - path to a custom manifest, it can either be an URL starting with `http`, in that case the manifest will be fetched from that address, or a local path ## Fetch, verify and install the specified packs from the manifest into `STATIC-DIR/emoji/PACK-NAME` -```sh -$PREFIX get-packs [] + +```sh tab="OTP" +./bin/pleroma_ctl emoji get-packs [] +``` + +```sh tab="From Source" +mix pleroma.emoji get-packs [] ``` ### Options - `-m, --manifest PATH/URL` - same as [`ls-packs`](#ls-packs) ## Create a new manifest entry and a file list from the specified remote pack file -```sh -$PREFIX gen-pack PACK-URL + +```sh tab="OTP" +./bin/pleroma_ctl emoji gen-pack PACK-URL ``` + +```sh tab="From Source" +mix pleroma.emoji gen-pack PACK-URL +``` + Currently, only .zip archives are recognized as remote pack files and packs are therefore assumed to be zip archives. This command is intended to run interactively and will first ask you some basic questions about the pack, then download the remote file and generate an SHA256 checksum for it, then generate an emoji file list for you. The manifest entry will either be written to a newly created `index.json` file or appended to the existing one, *replacing* the old pack with the same name if it was in the file previously. diff --git a/docs/administration/CLI_tasks/general_cli_task_info.include b/docs/administration/CLI_tasks/general_cli_task_info.include new file mode 100644 index 000000000..a1ff1da12 --- /dev/null +++ b/docs/administration/CLI_tasks/general_cli_task_info.include @@ -0,0 +1,5 @@ +Every command should be ran as the `pleroma` user from it's home directory. For example if you are superuser, you would have to wrap the command in `su pleroma -s $SHELL -lc "$COMMAND"`. + +??? note "From source note about `MIX_ENV`" + + The `mix` command should be prefixed with the name of environment your Pleroma server is running in, usually it's `MIX_ENV=prod` diff --git a/docs/administration/CLI_tasks/instance.md b/docs/administration/CLI_tasks/instance.md index ab0b68ad0..1a3b268be 100644 --- a/docs/administration/CLI_tasks/instance.md +++ b/docs/administration/CLI_tasks/instance.md @@ -1,12 +1,17 @@ # Managing instance configuration -Every command should be ran with a prefix, in case of OTP releases it is `./bin/pleroma_ctl instance` and in case of source installs it's `mix pleroma.instance`. +{! backend/administration/CLI_tasks/general_cli_task_info.include !} ## Generate a new configuration file -```sh -$PREFIX gen [] +```sh tab="OTP" + ./bin/pleroma_ctl instance gen [] ``` +```sh tab="From Source" +mix pleroma.instance gen [] +``` + + If any of the options are left unspecified, you will be prompted interactively. ### Options diff --git a/docs/administration/CLI_tasks/relay.md b/docs/administration/CLI_tasks/relay.md index aa44617df..c4f078f4d 100644 --- a/docs/administration/CLI_tasks/relay.md +++ b/docs/administration/CLI_tasks/relay.md @@ -1,30 +1,33 @@ # Managing relays -Every command should be ran with a prefix, in case of OTP releases it is `./bin/pleroma_ctl relay` and in case of source installs it's `mix pleroma.relay`. +{! backend/administration/CLI_tasks/general_cli_task_info.include !} ## Follow a relay -```sh -$PREFIX follow + +```sh tab="OTP" +./bin/pleroma_ctl relay follow ``` -Example: -```sh -$PREFIX follow https://example.org/relay +```sh tab="From Source" +mix pleroma.relay follow ``` ## Unfollow a remote relay -```sh -$PREFIX unfollow +```sh tab="OTP" +./bin/pleroma_ctl relay unfollow ``` -Example: -```sh -$PREFIX unfollow https://example.org/relay +```sh tab="From Source" +mix pleroma.relay unfollow ``` ## List relay subscriptions -```sh -$PREFIX list +```sh tab="OTP" +./bin/pleroma_ctl relay list +``` + +```sh tab="From Source" +mix pleroma.relay list ``` diff --git a/docs/administration/CLI_tasks/uploads.md b/docs/administration/CLI_tasks/uploads.md index 71800e341..e36c94c38 100644 --- a/docs/administration/CLI_tasks/uploads.md +++ b/docs/administration/CLI_tasks/uploads.md @@ -1,11 +1,16 @@ # Managing uploads -Every command should be ran with a prefix, in case of OTP releases it is `./bin/pleroma_ctl uploads` and in case of source installs it's `mix pleroma.uploads`. +{! backend/administration/CLI_tasks/general_cli_task_info.include !} ## Migrate uploads from local to remote storage -```sh -$PREFIX migrate_local [] +```sh tab="OTP" + ./bin/pleroma_ctl uploads migrate_local [] ``` + +```sh tab="From Source" +mix pleroma.uploads migrate_local [] +``` + ### Options - `--delete` - delete local uploads after migrating them to the target uploader diff --git a/docs/administration/CLI_tasks/user.md b/docs/administration/CLI_tasks/user.md index 96b2d9e6a..da8363131 100644 --- a/docs/administration/CLI_tasks/user.md +++ b/docs/administration/CLI_tasks/user.md @@ -1,12 +1,18 @@ # Managing users -Every command should be ran with a prefix, in case of OTP releases it is `./bin/pleroma_ctl user` and in case of source installs it's `mix pleroma.user`. +{! backend/administration/CLI_tasks/general_cli_task_info.include !} ## Create a user -```sh -$PREFIX new [] + +```sh tab="OTP" +./bin/pleroma_ctl user new [] +``` + +```sh tab="From Source" +mix pleroma.user new [] ``` + ### Options - `--name ` - the user's display name - `--bio ` - the user's bio @@ -16,84 +22,159 @@ $PREFIX new [] - `-y`, `--assume-yes`/`--no-assume-yes` - whether to assume yes to all questions ## List local users -```sh -$PREFIX list +```sh tab="OTP" + ./bin/pleroma_ctl user list ``` +```sh tab="From Source" +mix pleroma.user list +``` + + ## Generate an invite link -```sh -$PREFIX invite [] +```sh tab="OTP" + ./bin/pleroma_ctl user invite [] ``` +```sh tab="From Source" +mix pleroma.user invite [] +``` + + ### Options - `--expires-at DATE` - last day on which token is active (e.g. "2019-04-05") - `--max-use NUMBER` - maximum numbers of token uses ## List generated invites -```sh -$PREFIX invites +```sh tab="OTP" + ./bin/pleroma_ctl user invites ``` +```sh tab="From Source" +mix pleroma.user invites +``` + + ## Revoke invite -```sh -$PREFIX revoke_invite +```sh tab="OTP" + ./bin/pleroma_ctl user revoke_invite ``` +```sh tab="From Source" +mix pleroma.user revoke_invite +``` + + ## Delete a user -```sh -$PREFIX rm +```sh tab="OTP" + ./bin/pleroma_ctl user rm ``` +```sh tab="From Source" +mix pleroma.user rm +``` + + ## Delete user's posts and interactions -```sh -$PREFIX delete_activities +```sh tab="OTP" + ./bin/pleroma_ctl user delete_activities ``` +```sh tab="From Source" +mix pleroma.user delete_activities +``` + + ## Sign user out from all applications (delete user's OAuth tokens and authorizations) -```sh -$PREFIX sign_out +```sh tab="OTP" + ./bin/pleroma_ctl user sign_out ``` +```sh tab="From Source" +mix pleroma.user sign_out +``` + + ## Deactivate or activate a user -```sh -$PREFIX toggle_activated +```sh tab="OTP" + ./bin/pleroma_ctl user toggle_activated ``` +```sh tab="From Source" +mix pleroma.user toggle_activated +``` + + ## Unsubscribe local users from a user and deactivate the user -```sh -$PREFIX unsubscribe NICKNAME +```sh tab="OTP" + ./bin/pleroma_ctl user unsubscribe NICKNAME ``` +```sh tab="From Source" +mix pleroma.user unsubscribe NICKNAME +``` + + ## Unsubscribe local users from an instance and deactivate all accounts on it -```sh -$PREFIX unsubscribe_all_from_instance +```sh tab="OTP" + ./bin/pleroma_ctl user unsubscribe_all_from_instance ``` +```sh tab="From Source" +mix pleroma.user unsubscribe_all_from_instance +``` + + ## Create a password reset link for user -```sh -$PREFIX reset_password +```sh tab="OTP" + ./bin/pleroma_ctl user reset_password ``` +```sh tab="From Source" +mix pleroma.user reset_password +``` + + ## Set the value of the given user's settings -```sh -$PREFIX set [] +```sh tab="OTP" + ./bin/pleroma_ctl user set [] ``` + +```sh tab="From Source" +mix pleroma.user set [] +``` + ### Options - `--locked`/`--no-locked` - whether the user should be locked - `--moderator`/`--no-moderator` - whether the user should be a moderator - `--admin`/`--no-admin` - whether the user should be an admin ## Add tags to a user -```sh -$PREFIX tag +```sh tab="OTP" + ./bin/pleroma_ctl user tag ``` +```sh tab="From Source" +mix pleroma.user tag +``` + + ## Delete tags from a user -```sh -$PREFIX untag +```sh tab="OTP" + ./bin/pleroma_ctl user untag ``` +```sh tab="From Source" +mix pleroma.user untag +``` + + ## Toggle confirmation status of the user -```sh -$PREFIX toggle_confirmed +```sh tab="OTP" + ./bin/pleroma_ctl user toggle_confirmed ``` + +```sh tab="From Source" +mix pleroma.user toggle_confirmed +``` + -- cgit v1.2.3 From b4027e71871b4a73f0ee9f0431af7c6208e51f8d Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Mon, 9 Dec 2019 14:46:06 +0700 Subject: Document `with_move` parameter of the notification API --- docs/API/differences_in_mastoapi_responses.md | 1 + 1 file changed, 1 insertion(+) (limited to 'docs') diff --git a/docs/API/differences_in_mastoapi_responses.md b/docs/API/differences_in_mastoapi_responses.md index 006d17c1b..566789ec7 100644 --- a/docs/API/differences_in_mastoapi_responses.md +++ b/docs/API/differences_in_mastoapi_responses.md @@ -103,6 +103,7 @@ The `type` value is `move`. Has an additional field: Accepts additional parameters: - `exclude_visibilities`: will exclude the notifications for activities with the given visibilities. The parameter accepts an array of visibility types (`public`, `unlisted`, `private`, `direct`). Usage example: `GET /api/v1/notifications?exclude_visibilities[]=direct&exclude_visibilities[]=private`. +- `with_move`: boolean, when set to `true` will include Move notifications. `false` by default. ## POST `/api/v1/statuses` -- cgit v1.2.3 From 4692919ea68d30fbd1147ad9415a4573e31023be Mon Sep 17 00:00:00 2001 From: lain Date: Mon, 9 Dec 2019 14:15:59 +0000 Subject: Update pleroma_api.md --- docs/API/pleroma_api.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/API/pleroma_api.md b/docs/API/pleroma_api.md index acdb5efb4..7228d805b 100644 --- a/docs/API/pleroma_api.md +++ b/docs/API/pleroma_api.md @@ -302,7 +302,7 @@ See [Admin-API](admin_api.md) * `follows`: BOOLEAN field, receives notifications from people the user follows * `remote`: BOOLEAN field, receives notifications from people on remote instances * `local`: BOOLEAN field, receives notifications from people on the local instance - * `privacy_option`: BOOLEAN field, set privacy direct messages. exclude contents of a message from push notification when it's true. + * `privacy_option`: BOOLEAN field. When set to true, it removes the contents of a message from the push notification. * Response: JSON. Returns `{"status": "success"}` if the update was successful, otherwise returns `{"error": "error_msg"}` ## `/api/pleroma/healthcheck` -- cgit v1.2.3 From b0505b2cc764678501500c242232c6c1afbb3c60 Mon Sep 17 00:00:00 2001 From: rinpatch Date: Mon, 9 Dec 2019 20:07:43 +0300 Subject: docs: fix incorrect display in digest task docs --- docs/administration/CLI_tasks/digest.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/administration/CLI_tasks/digest.md b/docs/administration/CLI_tasks/digest.md index a70f24c06..1badda8c3 100644 --- a/docs/administration/CLI_tasks/digest.md +++ b/docs/administration/CLI_tasks/digest.md @@ -14,8 +14,9 @@ mix pleroma.digest test [] Example: + ```sh tab="OTP" - ./bin/pleroma_ctl digest test donaldtheduck 2019-05-20 +./bin/pleroma_ctl digest test donaldtheduck 2019-05-20 ``` ```sh tab="From Source" -- cgit v1.2.3 From 0a8b32a661cb470af41c21aa46e55f32c1a762cf Mon Sep 17 00:00:00 2001 From: rinpatch Date: Mon, 9 Dec 2019 20:08:31 +0300 Subject: docs: remove overoptimistic OTP benefits and use tabs in migration from source --- docs/installation/migrating_from_source_otp_en.md | 53 ++++++++--------------- 1 file changed, 19 insertions(+), 34 deletions(-) (limited to 'docs') diff --git a/docs/installation/migrating_from_source_otp_en.md b/docs/installation/migrating_from_source_otp_en.md index 87568faad..31c2f1294 100644 --- a/docs/installation/migrating_from_source_otp_en.md +++ b/docs/installation/migrating_from_source_otp_en.md @@ -1,42 +1,28 @@ # Switching a from-source install to OTP releases + ## What are OTP releases? OTP releases are as close as you can get to binary releases with Erlang/Elixir. The release is self-contained, and provides everything needed to boot it, it is easily administered via the provided shell script to open up a remote console, start/stop/restart the release, start in the background, send remote commands, and more. -### Can I still run the develop branch if I decide to use them? -Yes, we produce builds for every commit in `develop`. However `develop` is considered unstable, please don't use it in production because of faster access to new features, unless you need them as an app developer. -## Why would one want to switch? -Benefits of OTP releases over from-source installs include: -* **Less space used.** OTP releases come without source code, build tools, have docs and debug symbols stripped from the compiled bytecode and do not cointain tests, docs, revision history. -* **Minimal system dependencies.** Excluding the database and reverse proxy, only `curl`, `unzip` and `ncurses` are needed to download and run the release. Because Erlang runtime and Elixir are shipped with Pleroma, one can use the latest BEAM optimizations and Pleroma features, without having to worry about outdated system repos or a missing `erlang-*` package. -* **Potentially less bugs and better performance.** This extends on the previous point, because we have control over exactly what gets shipped, we can tweak the VM arguments and forget about weird bugs due to Erlang/Elixir version mismatches. -* **Faster and less bug-prone mix tasks.** On a from-source install one has to wait untill a new Pleroma node is started for each mix task and they execute outside of the instance context (for example if a user was deleted via a mix task, the instance will have no knowledge of that and continue to display status count and follows before the cache expires). Mix tasks in OTP releases are executed by calling into a running instance via RPC, which solves both of these problems. - -### Sounds great, how do I switch? -Currently we support Linux machines with GNU (e.g. Debian, Ubuntu) or musl (e.g. Alpine) libc and `x86_64`, `aarch64` or `armv7l` CPUs. If you are unsure, check the [Detecting flavour](otp_en.md#detecting-flavour) section in OTP install guide. If your platform is supported, proceed with the guide, if not check the [My platform is not supported](#my-platform-is-not-supported) section. -### I don't think it is worth the effort, can I stay on a from-source install? -Yes, currently there are no plans to deprecate them. - -### My platform is not supported -If you think your platform is a popular choice for running Pleroma instances, or has the potential to become one, you can [file an issue on our Gitlab](https://git.pleroma.social/pleroma/pleroma/issues/new). If not, guides on how to build and update releases by yourself will be available soon. + ## Pre-requisites You will be running commands as root. If you aren't root already, please elevate your priviledges by executing `sudo su`/`su`. The system needs to have `curl` and `unzip` installed for downloading and unpacking release builds. -Debian/Ubuntu: -```sh -apt install curl unzip -``` -Alpine: -``` +```sh tab="Alpine" apk add curl unzip +``` +```sh tab="Debian/Ubuntu" +apt install curl unzip ``` + ## Moving content out of the application directory When using OTP releases the application directory changes with every version so it would be a bother to keep content there (and also dangerous unless `--no-rm` option is used when updating). Fortunately almost all paths in Pleroma are configurable, so it is possible to move them out of there. Pleroma should be stopped before proceeding. ### Moving uploads/custom public files directory + ```sh # Create uploads directory and set proper permissions (skip if using a remote uploader) # Note: It does not have to be `/var/lib/pleroma/uploads`, you can configure it to be something else later @@ -92,8 +78,8 @@ Before proceeding, get the flavour from [Detecting flavour](otp_en.md#detecting- rm -r ~pleroma/* # Set the flavour environment variable to the string you got in Detecting flavour section. -# For example if the flavour is `arm64-musl` the command will be -export FLAVOUR="arm64-musl" +# For example if the flavour is `amd64-musl` the command will be +export FLAVOUR="amd64-musl" # Clone the release build into a temporary directory and unpack it # Replace `stable` with `unstable` if you want to run the unstable branch @@ -124,8 +110,15 @@ OTP releases have different service files than from-source installs so they need **Warning:** The service files assume pleroma user's home directory is `/opt/pleroma`, please make sure all paths fit your installation. -Debian/Ubuntu: -```sh +```sh tab="Alpine" +# Copy the service into a proper directory +cp -f ~pleroma/installation/init.d/pleroma /etc/init.d/pleroma + +# Start pleroma +rc-service pleroma start +``` + +```sh tab="Debian/Ubuntu" # Copy the service into a proper directory cp ~pleroma/installation/pleroma.service /etc/systemd/system/pleroma.service @@ -139,14 +132,6 @@ systemctl reenable pleroma systemctl start pleroma ``` -Alpine: -```sh -# Copy the service into a proper directory -cp -f ~pleroma/installation/init.d/pleroma /etc/init.d/pleroma - -# Start pleroma -rc-service pleroma start -``` ## Running mix tasks Refer to [Running mix tasks](otp_en.md#running-mix-tasks) section from OTP release installation guide. ## Updating -- cgit v1.2.3 From 8dbe2dfde1b606ec7dd5461cee89ad1b4e7ca39c Mon Sep 17 00:00:00 2001 From: rinpatch Date: Mon, 9 Dec 2019 20:09:47 +0300 Subject: docs: use tabs and improve grammar in OTP install guide --- docs/installation/otp_en.md | 152 +++++++++++++++++++++++--------------------- 1 file changed, 78 insertions(+), 74 deletions(-) (limited to 'docs') diff --git a/docs/installation/otp_en.md b/docs/installation/otp_en.md index 965e30e2a..93230806c 100644 --- a/docs/installation/otp_en.md +++ b/docs/installation/otp_en.md @@ -6,7 +6,7 @@ You will be running commands as root. If you aren't root already, please elevate your priviledges by executing `sudo su`/`su`. -While in theory OTP releases are possbile to install on any compatible machine, for the sake of simplicity this guide focuses only on Debian/Ubuntu/Alpine. +While in theory OTP releases are possbile to install on any compatible machine, for the sake of simplicity this guide focuses only on Debian/Ubuntu and Alpine. ### Detecting flavour @@ -20,6 +20,7 @@ If your platform is supported the output will contain the flavour string, you wi ### Installing the required packages Other than things bundled in the OTP release Pleroma depends on: + * curl (to download the release build) * unzip (needed to unpack release builds) * ncurses (ERTS won't run without it) @@ -27,18 +28,16 @@ Other than things bundled in the OTP release Pleroma depends on: * nginx (could be swapped with another reverse proxy but this guide covers only it) * certbot (for Let's Encrypt certificates, could be swapped with another ACME client, but this guide covers only it) -Debian/Ubuntu: -```sh -apt install curl unzip libncurses5 postgresql postgresql-contrib nginx certbot -``` -Alpine: - -```sh +```sh tab="Alpine" echo "http://nl.alpinelinux.org/alpine/latest-stable/community" >> /etc/apk/repositories apk update apk add curl unzip ncurses postgresql postgresql-contrib nginx certbot ``` +```sh tab="Debian/Ubuntu" +apt install curl unzip libncurses5 postgresql postgresql-contrib nginx certbot +``` + ## Setup ### Configuring PostgreSQL #### (Optional) Installing RUM indexes @@ -48,12 +47,7 @@ apk add curl unzip ncurses postgresql postgresql-contrib nginx certbot RUM indexes are an alternative indexing scheme that is not included in PostgreSQL by default. You can read more about them on the [Configuration page](../configuration/cheatsheet.md#rum-indexing-for-full-text-search). They are completely optional and most of the time are not worth it, especially if you are running a single user instance (unless you absolutely need ordered search results). -Debian/Ubuntu (available only on Buster/19.04): -```sh -apt install postgresql-11-rum -``` -Alpine: -```sh +```sh tab="Alpine" apk add git build-base postgresql-dev git clone https://github.com/postgrespro/rum /tmp/rum cd /tmp/rum @@ -62,25 +56,31 @@ make USE_PGXS=1 install cd rm -r /tmp/rum ``` + +```sh tab="Debian/Ubuntu" +# Available only on Buster/19.04 +apt install postgresql-11-rum +``` + #### (Optional) Performance configuration For optimal performance, you may use [PGTune](https://pgtune.leopard.in.ua), don't forget to restart postgresql after editing the configuration -Debian/Ubuntu: -```sh -systemctl restart postgresql -``` -Alpine: -```sh +```sh tab="Alpine" rc-service postgresql restart ``` + +```sh tab="Debian/Ubuntu" +systemctl restart postgresql +``` + ### Installing Pleroma ```sh -# Create the Pleroma user +# Create a Pleroma user adduser --system --shell /bin/false --home /opt/pleroma pleroma # Set the flavour environment variable to the string you got in Detecting flavour section. -# For example if the flavour is `arm64-musl` the command will be -export FLAVOUR="arm64-musl" +# For example if the flavour is `amd64-musl` the command will be +export FLAVOUR="amd64-musl" # Clone the release build into a temporary directory and unpack it su pleroma -s $SHELL -lc " @@ -133,49 +133,52 @@ su pleroma -s $SHELL -lc "./bin/pleroma stop" ### Setting up nginx and getting Let's Encrypt SSL certificaties +#### Get a Let's Encrypt certificate ```sh -# Get a Let's Encrypt certificate certbot certonly --standalone --preferred-challenges http -d yourinstance.tld +``` + +#### Copy Pleroma nginx configuration to the nginx folder -# Copy the Pleroma nginx configuration to the nginx folder -# The location of nginx configs is dependent on the distro +The location of nginx configs is dependent on the distro -# For Debian/Ubuntu: +```sh tab="Alpine" +cp /opt/pleroma/installation/pleroma.nginx /etc/nginx/conf.d/pleroma.conf +``` + +```sh tab="Debian/Ubuntu" cp /opt/pleroma/installation/pleroma.nginx /etc/nginx/sites-available/pleroma.nginx ln -s /etc/nginx/sites-available/pleroma.nginx /etc/nginx/sites-enabled/pleroma.nginx -# For Alpine: -cp /opt/pleroma/installation/pleroma.nginx /etc/nginx/conf.d/pleroma.conf -# If your distro does not have either of those you can append -# `include /etc/nginx/pleroma.conf` to the end of the http section in /etc/nginx/nginx.conf and +``` + +If your distro does not have either of those you can append `include /etc/nginx/pleroma.conf` to the end of the http section in /etc/nginx/nginx.conf and +```sh cp /opt/pleroma/installation/pleroma.nginx /etc/nginx/pleroma.conf +``` -# Edit the nginx config replacing example.tld with your (sub)domain +#### Edit the nginx config +```sh +# Replace example.tld with your (sub)domain $EDITOR path-to-nginx-config # Verify that the config is valid nginx -t +``` +#### Start nginx -# Start nginx -# For Debian/Ubuntu: -systemctl start nginx -# For Alpine: +```sh tab="Alpine" rc-service nginx start ``` -At this point if you open your (sub)domain in a browser you should see a 502 error, that's because pleroma is not started yet. +```sh tab="Debian/Ubuntu" +systemctl start nginx +``` + +At this point if you open your (sub)domain in a browser you should see a 502 error, that's because Pleroma is not started yet. ### Setting up a system service -Debian/Ubuntu: -```sh -# Copy the service into a proper directory -cp /opt/pleroma/installation/pleroma.service /etc/systemd/system/pleroma.service -# Start pleroma and enable it on boot -systemctl start pleroma -systemctl enable pleroma -``` -Alpine: -```sh +```sh tab="Alpine" # Copy the service into a proper directory cp /opt/pleroma/installation/init.d/pleroma /etc/init.d/pleroma @@ -184,13 +187,22 @@ rc-service pleroma start rc-update add pleroma ``` +```sh tab="Debian/Ubuntu" +# Copy the service into a proper directory +cp /opt/pleroma/installation/pleroma.service /etc/systemd/system/pleroma.service + +# Start pleroma and enable it on boot +systemctl start pleroma +systemctl enable pleroma +``` + If everything worked, you should see Pleroma-FE when visiting your domain. If that didn't happen, try reviewing the installation steps, starting Pleroma in the foreground and seeing if there are any errrors. -Still doesn't work? Feel free to contact us on [#pleroma on freenode](https://webchat.freenode.net/?channels=%23pleroma) or via matrix at , you can also [file an issue on our Gitlab](https://git.pleroma.social/pleroma/pleroma/issues/new) +Still doesn't work? Feel free to contact us on [#pleroma on freenode](https://irc.pleroma.social) or via matrix at , you can also [file an issue on our Gitlab](https://git.pleroma.social/pleroma/pleroma-support/issues/new) ## Post installation -### Setting up auto-renew Let's Encrypt certificate +### Setting up auto-renew of the Let's Encrypt certificate ```sh # Create the directory for webroot challenges mkdir -p /var/lib/letsencrypt @@ -201,25 +213,8 @@ $EDITOR path-to-nginx-config # Verify that the config is valid nginx -t ``` -Debian/Ubuntu: -```sh -# Restart nginx -systemctl restart nginx -# Ensure the webroot menthod and post hook is working -certbot renew --cert-name yourinstance.tld --webroot -w /var/lib/letsencrypt/ --dry-run --post-hook 'systemctl nginx reload' - -# Add it to the daily cron -echo '#!/bin/sh -certbot renew --cert-name yourinstance.tld --webroot -w /var/lib/letsencrypt/ --post-hook "systemctl reload nginx" -' > /etc/cron.daily/renew-pleroma-cert -chmod +x /etc/cron.daily/renew-pleroma-cert - -# If everything worked the output should contain /etc/cron.daily/renew-pleroma-cert -run-parts --test /etc/cron.daily -``` -Alpine: -```sh +```sh tab="Alpine" # Restart nginx rc-service nginx restart @@ -236,15 +231,25 @@ certbot renew --cert-name yourinstance.tld --webroot -w /var/lib/letsencrypt/ -- ' > /etc/periodic/daily/renew-pleroma-cert chmod +x /etc/periodic/daily/renew-pleroma-cert -# If everything worked this should output /etc/periodic/daily/renew-pleroma-cert +# If everything worked the output should contain /etc/cron.daily/renew-pleroma-cert run-parts --test /etc/periodic/daily ``` -### Running mix tasks -Throughout the wiki and guides there is a lot of references to mix tasks. Since `mix` is a build tool, you can't just call `mix pleroma.task`, instead you should call `pleroma_ctl` stripping pleroma/ecto namespace. -So for example, if the task is `mix pleroma.user set admin --admin`, you should run it like this: -```sh -su pleroma -s $SHELL -lc "./bin/pleroma_ctl user set admin --admin" +```sh tab="Debian/Ubuntu" +# Restart nginx +systemctl restart nginx + +# Ensure the webroot menthod and post hook is working +certbot renew --cert-name yourinstance.tld --webroot -w /var/lib/letsencrypt/ --dry-run --post-hook 'systemctl reload nginx' + +# Add it to the daily cron +echo '#!/bin/sh +certbot renew --cert-name yourinstance.tld --webroot -w /var/lib/letsencrypt/ --post-hook "systemctl reload nginx" +' > /etc/cron.daily/renew-pleroma-cert +chmod +x /etc/cron.daily/renew-pleroma-cert + +# If everything worked the output should contain /etc/cron.daily/renew-pleroma-cert +run-parts --test /etc/cron.daily ``` ## Create your first user and set as admin @@ -270,4 +275,3 @@ But you should **always check the release notes/changelog** in case there are co * [Backup your instance](../administration/backup.md) * [Hardening your instance](../configuration/hardening.md) * [How to activate mediaproxy](../configuration/howto_mediaproxy.md) -* [Updating your instance](../administration/updating.md) -- cgit v1.2.3 From d237e9b11d9deb92145fc5ce7a3dc81135fc91e9 Mon Sep 17 00:00:00 2001 From: rinpatch Date: Mon, 9 Dec 2019 20:11:39 +0300 Subject: docs: drop CentOS 7 install guide --- docs/installation/centos7_en.md | 274 ---------------------------------------- 1 file changed, 274 deletions(-) delete mode 100644 docs/installation/centos7_en.md (limited to 'docs') diff --git a/docs/installation/centos7_en.md b/docs/installation/centos7_en.md deleted file mode 100644 index ad4f58dc1..000000000 --- a/docs/installation/centos7_en.md +++ /dev/null @@ -1,274 +0,0 @@ -# Installing on CentOS 7 -## Installation - -This guide is a step-by-step installation guide for CentOS 7. It also assumes that you have administrative rights, either as root or a user with [sudo permissions](https://www.digitalocean.com/community/tutorials/how-to-create-a-sudo-user-on-centos-quickstart). If you want to run this guide with root, ignore the `sudo` at the beginning of the lines, unless it calls a user like `sudo -Hu pleroma`; in this case, use `su -s $SHELL -c 'command'` instead. - -### Required packages - -* `postgresql` (9,6+, CentOS 7 comes with 9.2, we will install version 11 in this guide) -* `elixir` (1.5+) -* `erlang` -* `erlang-parsetools` -* `erlang-xmerl` -* `git` -* Development Tools - -#### Optional packages used in this guide - -* `nginx` (preferred, example configs for other reverse proxies can be found in the repo) -* `certbot` (or any other ACME client for Let’s Encrypt certificates) - -### Prepare the system - -* First update the system, if not already done: - -```shell -sudo yum update -``` - -* Install some of the above mentioned programs: - -```shell -sudo yum install wget git unzip -``` - -* Install development tools: - -```shell -sudo yum group install "Development Tools" -``` - -### Install Elixir and Erlang - -* Add the EPEL repo: - -```shell -sudo yum install epel-release -sudo yum -y update -``` - -* Install Erlang repository: - -```shell -wget -P /tmp/ https://packages.erlang-solutions.com/erlang-solutions-1.0-1.noarch.rpm -sudo rpm -Uvh erlang-solutions-1.0-1.noarch.rpm -``` - -* Install Erlang: - -```shell -sudo yum install erlang erlang-parsetools erlang-xmerl -``` - -* Download [latest Elixir release from Github](https://github.com/elixir-lang/elixir/releases/tag/v1.8.1) (Example for the newest version at the time when this manual was written) - -```shell -wget -P /tmp/ https://github.com/elixir-lang/elixir/releases/download/v1.8.1/Precompiled.zip -``` - -* Create folder where you want to install Elixir, we’ll use: - -```shell -sudo mkdir -p /opt/elixir -``` - -* Unzip downloaded file there: - -```shell -sudo unzip /tmp/Precompiled.zip -d /opt/elixir -``` - -* Create symlinks for the pre-compiled binaries: - -```shell -for e in elixir elixirc iex mix; do sudo ln -s /opt/elixir/bin/${e} /usr/local/bin/${e}; done -``` - -### Install PostgreSQL - -* Add the Postgresql repository: - -```shell -sudo yum install https://download.postgresql.org/pub/repos/yum/11/redhat/rhel-7-x86_64/pgdg-centos11-11-2.noarch.rpm -``` - -* Install the Postgresql server: - -```shell -sudo yum install postgresql11-server postgresql11-contrib -``` - -* Initialize database: - -```shell -sudo /usr/pgsql-11/bin/postgresql-11-setup initdb -``` - -* Open configuration file `/var/lib/pgsql/11/data/pg_hba.conf` and change the following lines from: - -```plain -# IPv4 local connections: -host all all 127.0.0.1/32 ident -# IPv6 local connections: -host all all ::1/128 ident -``` - -to - -```plain -# IPv4 local connections: -host all all 127.0.0.1/32 md5 -# IPv6 local connections: -host all all ::1/128 md5 -``` - -* Enable and start postgresql server: - -```shell -sudo systemctl enable --now postgresql-11.service -``` - -### Install PleromaBE - -* Add a new system user for the Pleroma service: - -```shell -sudo useradd -r -s /bin/false -m -d /var/lib/pleroma -U pleroma -``` - -**Note**: To execute a single command as the Pleroma system user, use `sudo -Hu pleroma command`. You can also switch to a shell by using `sudo -Hu pleroma $SHELL`. If you don’t have and want `sudo` on your system, you can use `su` as root user (UID 0) for a single command by using `su -l pleroma -s $SHELL -c 'command'` and `su -l pleroma -s $SHELL` for starting a shell. - -* Git clone the PleromaBE repository and make the Pleroma user the owner of the directory: - -```shell -sudo mkdir -p /opt/pleroma -sudo chown -R pleroma:pleroma /opt/pleroma -sudo -Hu pleroma git clone -b stable https://git.pleroma.social/pleroma/pleroma /opt/pleroma -``` - -* Change to the new directory: - -```shell -cd /opt/pleroma -``` - -* Install the dependencies for Pleroma and answer with `yes` if it asks you to install `Hex`: - -```shell -sudo -Hu pleroma mix deps.get -``` - -* Generate the configuration: `sudo -Hu pleroma mix pleroma.instance gen` - * Answer with `yes` if it asks you to install `rebar3`. - * This may take some time, because parts of pleroma get compiled first. - * After that it will ask you a few questions about your instance and generates a configuration file in `config/generated_config.exs`. - -* Check the configuration and if all looks right, rename it, so Pleroma will load it (`prod.secret.exs` for productive instance, `dev.secret.exs` for development instances): - -```shell -mv config/{generated_config.exs,prod.secret.exs} -``` - -* The previous command creates also the file `config/setup_db.psql`, with which you can create the database: - -```shell -sudo -Hu postgres psql -f config/setup_db.psql -``` - -* Now run the database migration: - -```shell -sudo -Hu pleroma MIX_ENV=prod mix ecto.migrate -``` - -* Now you can start Pleroma already - -```shell -sudo -Hu pleroma MIX_ENV=prod mix phx.server -``` - -### Finalize installation - -If you want to open your newly installed instance to the world, you should run nginx or some other webserver/proxy in front of Pleroma and you should consider to create a systemd service file for Pleroma. - -#### Nginx - -* Install nginx, if not already done: - -```shell -sudo yum install nginx -``` - -* Setup your SSL cert, using your method of choice or certbot. If using certbot, first install it: - -```shell -sudo yum install certbot-nginx -``` - -and then set it up: - -```shell -sudo mkdir -p /var/lib/letsencrypt/ -sudo certbot certonly --email -d --standalone -``` - -If that doesn’t work, make sure, that nginx is not already running. If it still doesn’t work, try setting up nginx first (change ssl “on” to “off” and try again). - ---- - -* Copy the example nginx configuration to the nginx folder - -```shell -sudo cp /opt/pleroma/installation/pleroma.nginx /etc/nginx/conf.d/pleroma.conf -``` - -* Before starting nginx edit the configuration and change it to your needs (e.g. change servername, change cert paths) -* Enable and start nginx: - -```shell -sudo systemctl enable --now nginx -``` - -If you need to renew the certificate in the future, uncomment the relevant location block in the nginx config and run: - -```shell -sudo certbot certonly --email -d --webroot -w /var/lib/letsencrypt/ -``` - -#### Other webserver/proxies - -You can find example configurations for them in `/opt/pleroma/installation/`. - -#### Systemd service - -* Copy example service file - -```shell -sudo cp /opt/pleroma/installation/pleroma.service /etc/systemd/system/pleroma.service -``` - -* Edit the service file and make sure that all paths fit your installation -* Enable and start `pleroma.service`: - -```shell -sudo systemctl enable --now pleroma.service -``` - -#### Create your first user - -If your instance is up and running, you can create your first user with administrative rights with the following task: - -```shell -sudo -Hu pleroma MIX_ENV=prod mix pleroma.user new --admin -``` - -#### Further reading - -* [Backup your instance](../administration/backup.md) -* [Hardening your instance](../configuration/hardening.md) -* [How to activate mediaproxy](../configuration/howto_mediaproxy.md) -* [Updating your instance](../administration/updating.md) - -## Questions - -Questions about the installation or didn’t it work as it should be, ask in [#pleroma:matrix.org](https://matrix.heldscal.la/#/room/#freenode_#pleroma:matrix.org) or IRC Channel **#pleroma** on **Freenode**. -- cgit v1.2.3 From 701815e64c35160d29e418724c29cbe2d8b4024d Mon Sep 17 00:00:00 2001 From: Hakaba Hitoyo Date: Tue, 10 Dec 2019 13:19:26 +0000 Subject: [ActivityPub] Configurable ActivityPub actor type --- docs/API/differences_in_mastoapi_responses.md | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'docs') diff --git a/docs/API/differences_in_mastoapi_responses.md b/docs/API/differences_in_mastoapi_responses.md index 566789ec7..7f5d7681d 100644 --- a/docs/API/differences_in_mastoapi_responses.md +++ b/docs/API/differences_in_mastoapi_responses.md @@ -66,6 +66,8 @@ Has these additional fields under the `pleroma` object: - `show_role`: boolean, nullable, true when the user wants his role (e.g admin, moderator) to be shown - `no_rich_text` - boolean, nullable, true when html tags are stripped from all statuses requested from the API +- `discoverable`: boolean, true when the user allows discovery of the account in search results and other services. +- `actor_type`: string, the type of this account. ## Conversations @@ -146,6 +148,8 @@ Additional parameters can be added to the JSON body/Form data: - `skip_thread_containment` - if true, skip filtering out broken threads - `allow_following_move` - if true, allows automatically follow moved following accounts - `pleroma_background_image` - sets the background image of the user. +- `discoverable` - if true, discovery of this account in search results and other services is allowed. +- `actor_type` - the type of this account. ### Pleroma Settings Store Pleroma has mechanism that allows frontends to save blobs of json for each user on the backend. This can be used to save frontend-specific settings for a user that the backend does not need to know about. -- cgit v1.2.3 From c6f2735ffa1db7871bcb56c00b6d19e4de346d18 Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Thu, 12 Dec 2019 14:37:57 +0700 Subject: Remove runtime modules config example --- docs/configuration/cheatsheet.md | 6 ------ 1 file changed, 6 deletions(-) (limited to 'docs') diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index 743c188bb..b3a13833c 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -834,9 +834,3 @@ config :auto_linker, ## Custom Runtime Modules (`:modules`) * `runtime_dir`: A path to custom Elixir modules (such as MRF policies). - -Example: - -```elixir -config :pleroma, :modules, runtime_dir: "/var/lib/pleroma/modules" -``` -- cgit v1.2.3 From e53679698424a7d58c308c21d466b07e34e8c3e9 Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Wed, 11 Dec 2019 22:29:31 +0700 Subject: Add native captcha and enable it by default. --- docs/configuration/cheatsheet.md | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'docs') diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index ef2711e3c..ce2a14210 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -379,13 +379,19 @@ For each pool, the options are: ## Captcha ### Pleroma.Captcha + * `enabled`: Whether the captcha should be shown on registration. * `method`: The method/service to use for captcha. * `seconds_valid`: The time in seconds for which the captcha is valid. ### Captcha providers +#### Pleroma.Captcha.Native + +A built-in captcha provider. Enabled by default. + #### Pleroma.Captcha.Kocaptcha + Kocaptcha is a very simple captcha service with a single API endpoint, the source code is here: https://github.com/koto-bank/kocaptcha. The default endpoint `https://captcha.kotobank.ch` is hosted by the developer. -- cgit v1.2.3 From a12b6454bb0a270732f9b55f8d4366c9add44136 Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Mon, 16 Dec 2019 22:24:03 +0700 Subject: Add an option to require fetches to be signed --- docs/configuration/cheatsheet.md | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) (limited to 'docs') diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index ce2a14210..8fa4a1747 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -147,10 +147,11 @@ config :pleroma, :mrf_user_allowlist, * `:reject` rejects the message entirely ### :activitypub -* ``unfollow_blocked``: Whether blocks result in people getting unfollowed -* ``outgoing_blocks``: Whether to federate blocks to other instances -* ``deny_follow_blocked``: Whether to disallow following an account that has blocked the user in question -* ``sign_object_fetches``: Sign object fetches with HTTP signatures +* `unfollow_blocked`: Whether blocks result in people getting unfollowed +* `outgoing_blocks`: Whether to federate blocks to other instances +* `deny_follow_blocked`: Whether to disallow following an account that has blocked the user in question +* `sign_object_fetches`: Sign object fetches with HTTP signatures +* `authorized_fetch_mode`: Require HTTP Signature for AP fetches ### :fetch_initial_posts * `enabled`: if enabled, when a new user is federated with, fetch some of their latest posts -- cgit v1.2.3 From 36d66d965519037d086ad5080ccf833801c3381e Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Tue, 17 Dec 2019 02:06:58 +0700 Subject: Fix typo --- docs/configuration/cheatsheet.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index 8fa4a1747..cdc7c5ee0 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -151,7 +151,7 @@ config :pleroma, :mrf_user_allowlist, * `outgoing_blocks`: Whether to federate blocks to other instances * `deny_follow_blocked`: Whether to disallow following an account that has blocked the user in question * `sign_object_fetches`: Sign object fetches with HTTP signatures -* `authorized_fetch_mode`: Require HTTP Signature for AP fetches +* `authorized_fetch_mode`: Require HTTP signatures for AP fetches ### :fetch_initial_posts * `enabled`: if enabled, when a new user is federated with, fetch some of their latest posts -- cgit v1.2.3 From fc79c691736725e62dad1c7a701d8c5f3435410f Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Fri, 20 Dec 2019 19:47:44 +0700 Subject: Remove `/api/account/register` documentation from pleroma_api.md --- docs/API/pleroma_api.md | 53 ------------------------------------------------- 1 file changed, 53 deletions(-) (limited to 'docs') diff --git a/docs/API/pleroma_api.md b/docs/API/pleroma_api.md index 7228d805b..689edbcc2 100644 --- a/docs/API/pleroma_api.md +++ b/docs/API/pleroma_api.md @@ -70,59 +70,6 @@ Request parameters can be passed via [query strings](https://en.wikipedia.org/wi * Response: JSON. Returns `{"status": "success"}` if the account was successfully disabled, `{"error": "[error message]"}` otherwise * Example response: `{"error": "Invalid password."}` -## `/api/account/register` -### Register a new user -* Method `POST` -* Authentication: not required -* Params: - * `nickname` - * `fullname` - * `bio` - * `email` - * `password` - * `confirm` - * `captcha_solution`: optional, contains provider-specific captcha solution, - * `captcha_token`: optional, contains provider-specific captcha token - * `token`: invite token required when the registrations aren't public. -* Response: JSON. Returns a user object on success, otherwise returns `{"error": "error_msg"}` -* Example response: -```json -{ - "background_image": null, - "cover_photo": "https://pleroma.soykaf.com/images/banner.png", - "created_at": "Tue Dec 18 16:55:56 +0000 2018", - "default_scope": "public", - "description": "blushy-crushy fediverse idol + pleroma dev\nlet's be friends \nぷれろまの生徒会長。謎の外人。日本語OK. \n公主病.", - "description_html": "blushy-crushy fediverse idol + pleroma dev.
let's be friends
ぷれろまの生徒会長。謎の外人。日本語OK.
公主病.", - "favourites_count": 0, - "fields": [], - "followers_count": 0, - "following": false, - "follows_you": false, - "friends_count": 0, - "id": 6, - "is_local": true, - "locked": false, - "name": "lain", - "name_html": "lain", - "no_rich_text": false, - "pleroma": { - "tags": [] - }, - "profile_image_url": "https://pleroma.soykaf.com/images/avi.png", - "profile_image_url_https": "https://pleroma.soykaf.com/images/avi.png", - "profile_image_url_original": "https://pleroma.soykaf.com/images/avi.png", - "profile_image_url_profile_size": "https://pleroma.soykaf.com/images/avi.png", - "rights": { - "delete_others_notice": false - }, - "screen_name": "lain", - "statuses_count": 0, - "statusnet_blocking": false, - "statusnet_profile_url": "https://pleroma.soykaf.com/users/lain" -} -``` - ## `/api/pleroma/admin/`… See [Admin-API](admin_api.md) -- cgit v1.2.3 From b55f2563d05f2d0ca5e1293391c67d73d60d501d Mon Sep 17 00:00:00 2001 From: RX14 Date: Sun, 5 Jan 2020 19:00:48 +0000 Subject: Fix SMTP mailer example `ssl: true` and `tls: :always` tries to use both TLS and STARTTLS on the same SMTP connection, causing it to fail. --- docs/configuration/cheatsheet.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index a214b6e2f..cad3af68d 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -453,6 +453,7 @@ An example for Sendgrid adapter: ```elixir config :pleroma, Pleroma.Emails.Mailer, + enabled: true, adapter: Swoosh.Adapters.Sendgrid, api_key: "YOUR_API_KEY" ``` @@ -461,13 +462,13 @@ An example for SMTP adapter: ```elixir config :pleroma, Pleroma.Emails.Mailer, + enabled: true, adapter: Swoosh.Adapters.SMTP, relay: "smtp.gmail.com", username: "YOUR_USERNAME@gmail.com", password: "YOUR_SMTP_PASSWORD", port: 465, ssl: true, - tls: :always, auth: :always ``` -- cgit v1.2.3 From 2753285b7722fdb47f0ebb2180e997cf72f65d1a Mon Sep 17 00:00:00 2001 From: Alex S Date: Sun, 29 Sep 2019 11:17:38 +0300 Subject: config editing through database --- docs/API/admin_api.md | 120 +++++++++++++++++++++++++++++++++++--------------- docs/admin/config.md | 59 +++++++++++++++++++++++++ 2 files changed, 144 insertions(+), 35 deletions(-) create mode 100644 docs/admin/config.md (limited to 'docs') diff --git a/docs/API/admin_api.md b/docs/API/admin_api.md index d98a78af0..851c526d6 100644 --- a/docs/API/admin_api.md +++ b/docs/API/admin_api.md @@ -669,7 +669,7 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret ### Run mix task pleroma.config migrate_to_db -Copy settings on key `:pleroma` to DB. +Copies `pleroma` environment settings to the database. - Params: none - Response: @@ -682,7 +682,7 @@ Copy settings on key `:pleroma` to DB. ### Run mix task pleroma.config migrate_from_db -Copy all settings from DB to `config/prod.exported_from_db.secret.exs` with deletion from DB. +Copies all settings from database to `config/{env}.exported_from_db.secret.exs` with deletion from the table. Where `{env}` is the environment in which `pleroma` is running. - Params: none - Response: @@ -693,9 +693,9 @@ Copy all settings from DB to `config/prod.exported_from_db.secret.exs` with dele ## `GET /api/pleroma/admin/config` -### List config settings +### Get saved config settings -List config settings only works with `:pleroma => :instance => :dynamic_configuration` setting to `true`. +**Only works when `:dynamic_configuration` is `true`.** - Params: none - Response: @@ -704,9 +704,9 @@ List config settings only works with `:pleroma => :instance => :dynamic_configur { configs: [ { - "group": string, - "key": string or string with leading `:` for atoms, - "value": string or {} or [] or {"tuple": []} + "group": ":pleroma", + "key": "Pleroma.Upload", + "value": [] } ] } @@ -716,44 +716,61 @@ List config settings only works with `:pleroma => :instance => :dynamic_configur ### Update config settings -Updating config settings only works with `:pleroma => :instance => :dynamic_configuration` setting to `true`. -Module name can be passed as string, which starts with `Pleroma`, e.g. `"Pleroma.Upload"`. -Atom keys and values can be passed with `:` in the beginning, e.g. `":upload"`. -Tuples can be passed as `{"tuple": ["first_val", Pleroma.Module, []]}`. -`{"tuple": ["some_string", "Pleroma.Some.Module", []]}` will be converted to `{"some_string", Pleroma.Some.Module, []}`. -Keywords can be passed as lists with 2 child tuples, e.g. -`[{"tuple": ["first_val", Pleroma.Module]}, {"tuple": ["second_val", true]}]`. +**Only works when `:dynamic_configuration` is `true`.** + +Some modifications are necessary to save the config settings correctly: -If value contains list of settings `[subkey: val1, subkey2: val2, subkey3: val3]`, it's possible to remove only subkeys instead of all settings passing `subkeys` parameter. E.g.: -{"group": "pleroma", "key": "some_key", "delete": "true", "subkeys": [":subkey", ":subkey3"]}. +- strings which start with `Pleroma.`, `Phoenix.`, `Tesla.` or strings like `Oban`, `Ueberauth` will be converted to modules; +``` +"Pleroma.Upload" -> Pleroma.Upload +"Oban" -> Oban +``` +- strings starting with `:` will be converted to atoms; +``` +":pleroma" -> :pleroma +``` +- objects with `tuple` key and array value will be converted to atoms; +``` +{"tuple": ["string", "Pleroma.Upload", []]} -> {"string", Pleroma.Upload, []} +``` +- arrays with *tuple objects* and 2 childs in array will be converted to keywords; +``` +[{"tuple": [":key1", "value"]}, {"tuple": [":key2", "value"]}] -> [key1: "value", key2: "value"] +``` -Compile time settings (need instance reboot): -- all settings by this keys: +Most of the settings will be applied in `runtime`, this means that you don't need to restart the instance. But some settings are applied in `compile time` and require a reboot of the instance, such as: +- all settings inside these keys: - `:hackney_pools` - `:chat` - `Pleroma.Web.Endpoint` - - `Pleroma.Repo` -- part settings: - - `Pleroma.Captcha` -> `:seconds_valid` - - `Pleroma.Upload` -> `:proxy_remote` - - `:instance` -> `:upload_limit` +- partially settings inside these keys: + - `:seconds_valid` in `Pleroma.Captcha` + - `:proxy_remote` in `Pleroma.Upload` + - `:upload_limit` in `:instance` - Params: - - `configs` => [ - - `group` (string) - - `key` (string or string with leading `:` for atoms) - - `value` (string, [], {} or {"tuple": []}) - - `delete` = true (optional, if parameter must be deleted) - - `subkeys` [(string with leading `:` for atoms)] (optional, works only if `delete=true` parameter is passed, otherwise will be ignored) - ] + - `configs` - array of config objects + - config object params: + - `group` - string (**required**) + - `key` - string (**required**) + - `value` - string, [], {} or {"tuple": []} (**required**) + - `delete` - true (*optional*, if setting must be deleted) + - `subkeys` - array of strings (*optional*, only works when `delete=true` parameter is passed, otherwise will be ignored) + +*When a value have several nested settings, you can delete only some nested settings by passing a parameter `subkeys`, without deleting all settings by key.* +``` +[subkey: val1, subkey2: val2, subkey3: val3] \\ initial value +{"group": ":pleroma", "key": "some_key", "delete": true, "subkeys": [":subkey", ":subkey3"]} \\ passing json for deletion +[subkey2: val2] \\ value after deletion +``` -- Request (example): +- Request: ```json { configs: [ { - "group": "pleroma", + "group": ":pleroma", "key": "Pleroma.Upload", "value": [ {"tuple": [":uploader", "Pleroma.Uploaders.Local"]}, @@ -784,14 +801,47 @@ Compile time settings (need instance reboot): { configs: [ { - "group": string, - "key": string or string with leading `:` for atoms, - "value": string or {} or [] or {"tuple": []} + "group": ":pleroma", + "key": "Pleroma.Upload", + "value": [...] } ] } ``` +## ` GET /api/pleroma/admin/config/descriptions` + +### Get JSON with config descriptions. +Loads json generated from `config/descriptions.exs`. + +- Params: none +- Response: + +```json +[{ + "group": ":pleroma", // string + "key": "ModuleName", // string + "type": "group", // string or list with possible values, + "description": "Upload general settings", // string + "children": [ + { + "key": ":uploader", // string or module name `Pleroma.Upload` + "type": "module", + "description": "Module which will be used for uploads", + "suggestions": ["module1", "module2"] + }, + { + "key": ":filters", + "type": ["list", "module"], + "description": "List of filter modules for uploads", + "suggestions": [ + "module1", "module2", "module3" + ] + } + ] +}] +``` + ## `GET /api/pleroma/admin/moderation_log` ### Get moderation log diff --git a/docs/admin/config.md b/docs/admin/config.md new file mode 100644 index 000000000..f42ec8975 --- /dev/null +++ b/docs/admin/config.md @@ -0,0 +1,59 @@ +# Configuring instance +You can configure your instance from admin interface. You need account with admin rights and little change in config file, which will allow settings dynamic configuration from database. + +```elixir +config :pleroma, :instance, + dynamic_configuration: true +``` + +## How it works +Settings are stored in database and are applied in `runtime` after each change. Most of the settings take effect immediately, except some, which need instance reboot. These settings are needed in `compile time`, that's why settings are duplicated to the file. + +File with duplicated settings is located in `config/{env}.exported_from_db.exs`. For prod env it will be `config/prod.exported_from_db.exs`. + +## How to set it up +You need to migrate your existing settings to the database. You can do this with mix task (all config files will remain untouched): +```bash +mix pleroma.config migrate_to_db +``` +Now you can change settings in admin interface. After each save, settings are duplicated to the `config/{env}.exported_from_db.exs` file. + +**ATTENTION** + +**Be careful while changing the settings. Every inaccurate configuration change can break the federation or the instance load.** + +*Compile time settings, which require instance reboot and can break instance loading:* +- all settings inside these keys: + - `:hackney_pools` + - `:chat` + - `Pleroma.Web.Endpoint` +- partially settings inside these keys: + - `:seconds_valid` in `Pleroma.Captcha` + - `:proxy_remote` in `Pleroma.Upload` + - `:upload_limit` in `:instance` + +## How to remove it + +1. Truncate or delete all values from `config` table +```sql +TRUNCATE TABLE config; +``` +2. Delete `config/{env}.exported_from_db.exs`. + +For `prod` env: +```bash +cd /opt/pleroma +cp config/prod.exported_from_db.exs config/exported_from_db.back +rm -rf config/prod.exported_from_db.exs +``` +*If you don't want to backup settings, you can skip step with `cp` command.* + +3. Set dynamic configuration to `false`. +```elixir +config :pleroma, :instance, + dynamic_configuration: false +``` +4. Restart pleroma instance +```bash +sudo service pleroma restart +``` -- cgit v1.2.3 From 5cacb988b99347b228a30743fbcf310c9479b3f9 Mon Sep 17 00:00:00 2001 From: Alexander Date: Fri, 6 Dec 2019 15:12:56 +0300 Subject: partially settings update --- docs/API/admin_api.md | 35 +++++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) (limited to 'docs') diff --git a/docs/API/admin_api.md b/docs/API/admin_api.md index 851c526d6..dff12db56 100644 --- a/docs/API/admin_api.md +++ b/docs/API/admin_api.md @@ -764,6 +764,41 @@ Most of the settings will be applied in `runtime`, this means that you don't nee [subkey2: val2] \\ value after deletion ``` +*Most of the settings can be partially updated through merge old values with new values, except settings value of which is list or is not keyword.* + +Example of setting without keyword in value: +```elixir +config :tesla, :adapter, Tesla.Adapter.Hackney +``` + +List of settings which have list in value: +```elixir +@full_key_update [ + {:pleroma, :ecto_repos}, + {:quack, :meta}, + {:mime, :types}, + {:cors_plug, [:max_age, :methods, :expose, :headers]}, + {:auto_linker, :opts}, + {:swarm, :node_blacklist} + ] +``` + +*Settings without explicit key must be sended in separate config object params.* +```elixir +config :quack, + level: :debug, + meta: [:all], + ... +``` +```json +{ + configs: [ + {"group": ":quack", "key": ":level", "value": ":debug"}, + {"group": ":quack", "key": ":meta", "value": [":all"]}, + ... + ] +} +``` - Request: ```json -- cgit v1.2.3 From fea734ca703b686701b87c8c4c4969deb05d1f92 Mon Sep 17 00:00:00 2001 From: Alexander Date: Fri, 6 Dec 2019 17:50:53 +0300 Subject: errors on endpoints --- docs/API/admin_api.md | 21 +++++++-------------- 1 file changed, 7 insertions(+), 14 deletions(-) (limited to 'docs') diff --git a/docs/API/admin_api.md b/docs/API/admin_api.md index dff12db56..98af8e8f3 100644 --- a/docs/API/admin_api.md +++ b/docs/API/admin_api.md @@ -665,19 +665,6 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret - 404 Not Found `"Not found"` - On success: 200 OK `{}` -## `GET /api/pleroma/admin/config/migrate_to_db` - -### Run mix task pleroma.config migrate_to_db - -Copies `pleroma` environment settings to the database. - -- Params: none -- Response: - -```json -{} -``` - ## `GET /api/pleroma/admin/config/migrate_from_db` ### Run mix task pleroma.config migrate_from_db @@ -686,6 +673,8 @@ Copies all settings from database to `config/{env}.exported_from_db.secret.exs` - Params: none - Response: + - On failure: + - 400 Bad Request `"To use this endpoint you need to enable dynamic configuration."` ```json {} @@ -699,6 +688,9 @@ Copies all settings from database to `config/{env}.exported_from_db.secret.exs` - Params: none - Response: + - On failure: + - 400 Bad Request `"To use this endpoint you need to enable dynamic configuration."` + - 400 Bad Request `"To use dynamic configuration migrate your settings to database."` ```json { @@ -831,7 +823,8 @@ config :quack, ``` - Response: - + - On failure: + - 400 Bad Request `"To use this endpoint you need to enable dynamic configuration."` ```json { configs: [ -- cgit v1.2.3 From bb9a43c3ae7c63b21b687d018b9497f3614566bf Mon Sep 17 00:00:00 2001 From: Alexander Date: Thu, 12 Dec 2019 16:44:24 +0300 Subject: typo fix --- docs/API/admin_api.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/API/admin_api.md b/docs/API/admin_api.md index 98af8e8f3..e0eda0841 100644 --- a/docs/API/admin_api.md +++ b/docs/API/admin_api.md @@ -807,7 +807,7 @@ config :quack, {"tuple": [":proxy_opts", [ {"tuple": [":redirect_on_failure", false]}, {"tuple": [":max_body_length", 1048576]}, - {"tuple": [":http": [ + {"tuple": [":http", [ {"tuple": [":follow_redirect", true]}, {"tuple": [":pool", ":upload"]}, ]]} -- cgit v1.2.3 From 00aff5f78c5df202ffd0dcad231f819c3d11fe18 Mon Sep 17 00:00:00 2001 From: Alexander Strizhakov Date: Fri, 10 Jan 2020 17:54:54 +0300 Subject: syncing new setting to descriptions.exs --- docs/configuration/cheatsheet.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index cad3af68d..336fd3e11 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -355,7 +355,7 @@ Available caches: * `proxy_url`: an upstream proxy to fetch posts and/or media with, (default: `nil`) * `send_user_agent`: should we include a user agent with HTTP requests? (default: `true`) -* `user_agent`: what user agent should we use? (default: `:default`), must be string or `:default` +* `user_agent`: what user agent should we use? (default: `:default`), must be string or `:default` * `adapter`: array of hackney options -- cgit v1.2.3 From 958d0452e4e52f44301e4d9211fc965c1c184363 Mon Sep 17 00:00:00 2001 From: Alexander Strizhakov Date: Fri, 10 Jan 2020 18:18:09 +0300 Subject: fix for pleroma assets group update --- docs/API/admin_api.md | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'docs') diff --git a/docs/API/admin_api.md b/docs/API/admin_api.md index e0eda0841..cd4916248 100644 --- a/docs/API/admin_api.md +++ b/docs/API/admin_api.md @@ -3,7 +3,7 @@ Authentication is required and the user must be an admin. Configuration options: - + * `[:auth, :enforce_oauth_admin_scope_usage]` — OAuth admin scope requirement toggle. If `true`, admin actions explicitly demand admin OAuth scope(s) presence in OAuth token (client app must support admin scopes). If `false` and token doesn't have admin scope(s), `is_admin` user flag grants access to admin-specific actions. @@ -763,15 +763,17 @@ Example of setting without keyword in value: config :tesla, :adapter, Tesla.Adapter.Hackney ``` -List of settings which have list in value: +List of settings which support only full update: ```elixir @full_key_update [ {:pleroma, :ecto_repos}, + {:pleroma, :assets}, {:quack, :meta}, {:mime, :types}, {:cors_plug, [:max_age, :methods, :expose, :headers]}, {:auto_linker, :opts}, - {:swarm, :node_blacklist} + {:swarm, :node_blacklist}, + {:logger, :backends} ] ``` -- cgit v1.2.3 From 7d128ca2083d83486a05d8c4456aa4090006e781 Mon Sep 17 00:00:00 2001 From: Alexander Strizhakov Date: Fri, 10 Jan 2020 19:34:19 +0300 Subject: dynamic_configuration renaming and moving it from instance settings --- docs/API/admin_api.md | 4 ++-- docs/admin/config.md | 10 ++++------ docs/configuration/cheatsheet.md | 9 ++++----- 3 files changed, 10 insertions(+), 13 deletions(-) (limited to 'docs') diff --git a/docs/API/admin_api.md b/docs/API/admin_api.md index cd4916248..f2a0906b8 100644 --- a/docs/API/admin_api.md +++ b/docs/API/admin_api.md @@ -684,7 +684,7 @@ Copies all settings from database to `config/{env}.exported_from_db.secret.exs` ### Get saved config settings -**Only works when `:dynamic_configuration` is `true`.** +**Only works when configuration from database is enabled.** - Params: none - Response: @@ -708,7 +708,7 @@ Copies all settings from database to `config/{env}.exported_from_db.secret.exs` ### Update config settings -**Only works when `:dynamic_configuration` is `true`.** +**Only works when configuration from database is enabled.** Some modifications are necessary to save the config settings correctly: diff --git a/docs/admin/config.md b/docs/admin/config.md index f42ec8975..41ca8fd58 100644 --- a/docs/admin/config.md +++ b/docs/admin/config.md @@ -1,9 +1,8 @@ # Configuring instance -You can configure your instance from admin interface. You need account with admin rights and little change in config file, which will allow settings dynamic configuration from database. +You can configure your instance from admin interface. You need account with admin rights and little change in config file, which will allow settings configuration from database. ```elixir -config :pleroma, :instance, - dynamic_configuration: true +config :pleroma, configurable_from_database: true ``` ## How it works @@ -48,10 +47,9 @@ rm -rf config/prod.exported_from_db.exs ``` *If you don't want to backup settings, you can skip step with `cp` command.* -3. Set dynamic configuration to `false`. +3. Set configurable_from_database to `false`. ```elixir -config :pleroma, :instance, - dynamic_configuration: false +config :pleroma, configurable_from_database: false ``` 4. Restart pleroma instance ```bash diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index 336fd3e11..30d673eba 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -70,11 +70,6 @@ You shouldn't edit the base config directly to avoid breakages and merge conflic * `account_field_value_length`: An account field value maximum length (default: `2048`). * `external_user_synchronization`: Enabling following/followers counters synchronization for external users. -!!! danger - This is a Work In Progress, not usable just yet - -* `dynamic_configuration`: Allow transferring configuration to DB with the subsequent customization from Admin api. - ## Federation ### MRF policies @@ -841,3 +836,7 @@ config :auto_linker, ## Custom Runtime Modules (`:modules`) * `runtime_dir`: A path to custom Elixir modules (such as MRF policies). + + +## :configurable_from_database +Enable/disable configuration from database. -- cgit v1.2.3 From d933fd3d61df2f9c346ab08fb2c95ddc12803858 Mon Sep 17 00:00:00 2001 From: Alexander Strizhakov Date: Fri, 10 Jan 2020 19:49:40 +0300 Subject: more renamings --- docs/API/admin_api.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'docs') diff --git a/docs/API/admin_api.md b/docs/API/admin_api.md index f2a0906b8..37cd1910d 100644 --- a/docs/API/admin_api.md +++ b/docs/API/admin_api.md @@ -674,7 +674,7 @@ Copies all settings from database to `config/{env}.exported_from_db.secret.exs` - Params: none - Response: - On failure: - - 400 Bad Request `"To use this endpoint you need to enable dynamic configuration."` + - 400 Bad Request `"To use this endpoint you need to enable configuration from database."` ```json {} @@ -689,8 +689,8 @@ Copies all settings from database to `config/{env}.exported_from_db.secret.exs` - Params: none - Response: - On failure: - - 400 Bad Request `"To use this endpoint you need to enable dynamic configuration."` - - 400 Bad Request `"To use dynamic configuration migrate your settings to database."` + - 400 Bad Request `"To use this endpoint you need to enable configuration from database."` + - 400 Bad Request `"To use configuration from database migrate your settings to database."` ```json { @@ -826,7 +826,7 @@ config :quack, - Response: - On failure: - - 400 Bad Request `"To use this endpoint you need to enable dynamic configuration."` + - 400 Bad Request `"To use this endpoint you need to enable configuration from database."` ```json { configs: [ -- cgit v1.2.3 From e1308f10bd13d404769a4765af3b870e2779e90e Mon Sep 17 00:00:00 2001 From: Alibek Omarov Date: Sat, 11 Jan 2020 05:06:40 +0000 Subject: docs: API: update Mastodon API link --- docs/API/differences_in_mastoapi_responses.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/API/differences_in_mastoapi_responses.md b/docs/API/differences_in_mastoapi_responses.md index 7f5d7681d..bb62ed5f2 100644 --- a/docs/API/differences_in_mastoapi_responses.md +++ b/docs/API/differences_in_mastoapi_responses.md @@ -46,7 +46,7 @@ The `id` parameter can also be the `nickname` of the user. This only works in th Has these additional fields under the `pleroma` object: - `tags`: Lists an array of tags for the user -- `relationship{}`: Includes fields as documented for Mastodon API https://docs.joinmastodon.org/api/entities/#relationship +- `relationship{}`: Includes fields as documented for Mastodon API https://docs.joinmastodon.org/entities/relationship/ - `is_moderator`: boolean, nullable, true if user is a moderator - `is_admin`: boolean, nullable, true if user is an admin - `confirmation_pending`: boolean, true if a new user account is waiting on email confirmation to be activated -- cgit v1.2.3 From e02eb8de3ec8130e9808c6a54a5c78f7ec8feb23 Mon Sep 17 00:00:00 2001 From: ilja Date: Wed, 15 Jan 2020 09:12:24 +0100 Subject: Add OTP to updating.md * I removed the Update section from the OTP install and added it to updating.md * I also added a link to the updating.md from the OTP install page * I added a Questions section to the OTP install, similar to the debian_based_en.md * Restructured the updating.md a bit I would very much also like to link to the changelog, but I don't know how to do it because I can't find the page in the docs? --- docs/administration/updating.md | 17 +++++++++++++++++ docs/installation/otp_en.md | 17 ++++++----------- 2 files changed, 23 insertions(+), 11 deletions(-) (limited to 'docs') diff --git a/docs/administration/updating.md b/docs/administration/updating.md index 84e6ef18d..2a08dac1f 100644 --- a/docs/administration/updating.md +++ b/docs/administration/updating.md @@ -1,4 +1,21 @@ # Updating your instance + +You should **always check the release notes/changelog** in case there are config deprecations, special update special update steps, etc. + +Besides that, doing the following is generally enough: + +## For OTP installations + +```sh +# Download the new release +su pleroma -s $SHELL -lc "./bin/pleroma_ctl update" + +# Migrate the database, you are advised to stop the instance before doing that +su pleroma -s $SHELL -lc "./bin/pleroma_ctl migrate" +``` + +## For from source installations (using git) + 1. Go to the working directory of Pleroma (default is `/opt/pleroma`) 2. Run `git pull`. This pulls the latest changes from upstream. 3. Run `mix deps.get`. This pulls in any new dependencies. diff --git a/docs/installation/otp_en.md b/docs/installation/otp_en.md index 93230806c..aab5197a2 100644 --- a/docs/installation/otp_en.md +++ b/docs/installation/otp_en.md @@ -259,19 +259,14 @@ su pleroma -s $SHELL -lc "./bin/pleroma_ctl user new joeuser joeuser@sld.tld --a ``` This will create an account withe the username of 'joeuser' with the email address of joeuser@sld.tld, and set that user's account as an admin. This will result in a link that you can paste into the browser, which logs you in and enables you to set the password. -### Updating -Generally, doing the following is enough: -```sh -# Download the new release -su pleroma -s $SHELL -lc "./bin/pleroma_ctl update" - -# Migrate the database, you are advised to stop the instance before doing that -su pleroma -s $SHELL -lc "./bin/pleroma_ctl migrate" -``` -But you should **always check the release notes/changelog** in case there are config deprecations, special update steps, etc. - ## Further reading * [Backup your instance](../administration/backup.md) * [Hardening your instance](../configuration/hardening.md) * [How to activate mediaproxy](../configuration/howto_mediaproxy.md) +* [Updating your instance](../administration/updating.md) + +## Questions + +Questions about the installation or didn’t it work as it should be, ask in [#pleroma:matrix.org](https://matrix.heldscal.la/#/room/#freenode_#pleroma:matrix.org) or IRC Channel **#pleroma** on **Freenode**. + -- cgit v1.2.3 From 4c5b5f14dcec51cba8e86bcfcf2943ee9b49b0e4 Mon Sep 17 00:00:00 2001 From: lain Date: Mon, 20 Jan 2020 16:24:20 +0100 Subject: StatusView: Add `emoji_reactions` --- docs/API/differences_in_mastoapi_responses.md | 1 + 1 file changed, 1 insertion(+) (limited to 'docs') diff --git a/docs/API/differences_in_mastoapi_responses.md b/docs/API/differences_in_mastoapi_responses.md index bb62ed5f2..50076cf98 100644 --- a/docs/API/differences_in_mastoapi_responses.md +++ b/docs/API/differences_in_mastoapi_responses.md @@ -29,6 +29,7 @@ Has these additional fields under the `pleroma` object: - `spoiler_text`: a map consisting of alternate representations of the `spoiler_text` property with the key being it's mimetype. Currently the only alternate representation supported is `text/plain` - `expires_at`: a datetime (iso8601) that states when the post will expire (be deleted automatically), or empty if the post won't expire - `thread_muted`: true if the thread the post belongs to is muted +- `emoji_reactions`: An object with all the emoji reactions with count. Contains no information about the reacting users, for that use the `emoji_reactions_by` endpoint. ## Attachments -- cgit v1.2.3 From f01ab6cd29aaae39fef6a95ec8490223fb692499 Mon Sep 17 00:00:00 2001 From: Alexander Strizhakov Date: Tue, 21 Jan 2020 17:49:22 +0300 Subject: some refactor and tests --- docs/administration/CLI_tasks/config.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'docs') diff --git a/docs/administration/CLI_tasks/config.md b/docs/administration/CLI_tasks/config.md index e9d44b9a4..fe76b534b 100644 --- a/docs/administration/CLI_tasks/config.md +++ b/docs/administration/CLI_tasks/config.md @@ -18,11 +18,11 @@ mix pleroma.config migrate_to_db ## Transfer config from DB to `config/env.exported_from_db.secret.exs` +To delete transfered settings from database optional flag `-d` can be used. ```sh tab="OTP" - ./bin/pleroma_ctl config migrate_from_db + ./bin/pleroma_ctl config migrate_from_db --env= [-d] ``` ```sh tab="From Source" -mix pleroma.config migrate_from_db +mix pleroma.config migrate_from_db --env= [-d] ``` - -- cgit v1.2.3 From 043cd5aa5458bb5b2ae0b44e475db59c195bec24 Mon Sep 17 00:00:00 2001 From: lain Date: Wed, 22 Jan 2020 13:58:02 +0100 Subject: Emoji reactions: Document changes --- docs/API/differences_in_mastoapi_responses.md | 2 +- docs/API/pleroma_api.md | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) (limited to 'docs') diff --git a/docs/API/differences_in_mastoapi_responses.md b/docs/API/differences_in_mastoapi_responses.md index 50076cf98..3f75a13f7 100644 --- a/docs/API/differences_in_mastoapi_responses.md +++ b/docs/API/differences_in_mastoapi_responses.md @@ -29,7 +29,7 @@ Has these additional fields under the `pleroma` object: - `spoiler_text`: a map consisting of alternate representations of the `spoiler_text` property with the key being it's mimetype. Currently the only alternate representation supported is `text/plain` - `expires_at`: a datetime (iso8601) that states when the post will expire (be deleted automatically), or empty if the post won't expire - `thread_muted`: true if the thread the post belongs to is muted -- `emoji_reactions`: An object with all the emoji reactions with count. Contains no information about the reacting users, for that use the `emoji_reactions_by` endpoint. +- `emoji_reactions`: A list with emoji / reaction count tuples. Contains no information about the reacting users, for that use the `emoji_reactions_by` endpoint. ## Attachments diff --git a/docs/API/pleroma_api.md b/docs/API/pleroma_api.md index 689edbcc2..9ca8a5af0 100644 --- a/docs/API/pleroma_api.md +++ b/docs/API/pleroma_api.md @@ -451,11 +451,11 @@ Emoji reactions work a lot like favourites do. They make it possible to react to * Method: `GET` * Authentication: optional * Params: None -* Response: JSON, a map of emoji to account list mappings. +* Response: JSON, a list of emoji/account list tuples, sorted by emoji insertion date, in ascending order, e.g, the first emoji in the list is the oldest. * Example Response: ```json -{ - "😀" => [{"id" => "xyz.."...}, {"id" => "zyx..."}], - "🗡" => [{"id" => "abc..."}] -} +[ + ["😀", [{"id" => "xyz.."...}, {"id" => "zyx..."}]], + ["☕", [{"id" => "abc..."}]] +] ``` -- cgit v1.2.3 From a9c6f119ac8fb2124241a61b26d97bff207218d8 Mon Sep 17 00:00:00 2001 From: Alexander Strizhakov Date: Wed, 22 Jan 2020 18:08:53 +0300 Subject: docs update --- docs/API/admin_api.md | 20 ++++++++++++++----- docs/admin/config.md | 34 +++++++++++++++++++++++++++------ docs/administration/CLI_tasks/config.md | 6 +++--- 3 files changed, 46 insertions(+), 14 deletions(-) (limited to 'docs') diff --git a/docs/API/admin_api.md b/docs/API/admin_api.md index 37cd1910d..534c49eed 100644 --- a/docs/API/admin_api.md +++ b/docs/API/admin_api.md @@ -682,11 +682,12 @@ Copies all settings from database to `config/{env}.exported_from_db.secret.exs` ## `GET /api/pleroma/admin/config` -### Get saved config settings +### Get list of merged default settings with saved in database. **Only works when configuration from database is enabled.** -- Params: none +- Params: + - `only_db`: true (*optional*, get only saved in database settings) - Response: - On failure: - 400 Bad Request `"To use this endpoint you need to enable configuration from database."` @@ -734,7 +735,6 @@ Most of the settings will be applied in `runtime`, this means that you don't nee - all settings inside these keys: - `:hackney_pools` - `:chat` - - `Pleroma.Web.Endpoint` - partially settings inside these keys: - `:seconds_valid` in `Pleroma.Captcha` - `:proxy_remote` in `Pleroma.Upload` @@ -763,11 +763,10 @@ Example of setting without keyword in value: config :tesla, :adapter, Tesla.Adapter.Hackney ``` -List of settings which support only full update: +List of settings which support only full update by key: ```elixir @full_key_update [ {:pleroma, :ecto_repos}, - {:pleroma, :assets}, {:quack, :meta}, {:mime, :types}, {:cors_plug, [:max_age, :methods, :expose, :headers]}, @@ -777,6 +776,17 @@ List of settings which support only full update: ] ``` +List of settings which support only full update by subkey: +```elixir +@full_subkey_update [ + {:pleroma, :assets, :mascots}, + {:pleroma, :emoji, :groups}, + {:pleroma, :workers, :retries}, + {:pleroma, :mrf_subchain, :match_actor}, + {:pleroma, :mrf_keyword, :replace} + ] +``` + *Settings without explicit key must be sended in separate config object params.* ```elixir config :quack, diff --git a/docs/admin/config.md b/docs/admin/config.md index 41ca8fd58..35e43b6a9 100644 --- a/docs/admin/config.md +++ b/docs/admin/config.md @@ -8,14 +8,24 @@ config :pleroma, configurable_from_database: true ## How it works Settings are stored in database and are applied in `runtime` after each change. Most of the settings take effect immediately, except some, which need instance reboot. These settings are needed in `compile time`, that's why settings are duplicated to the file. -File with duplicated settings is located in `config/{env}.exported_from_db.exs`. For prod env it will be `config/prod.exported_from_db.exs`. +File with duplicated settings is located in `config/{env}.exported_from_db.exs` if pleroma is runned from source. For prod env it will be `config/prod.exported_from_db.exs`. + +For releases: `/etc/pleroma/prod.exported_from_db.secret.exs` or `PLEROMA_CONFIG_PATH/prod.exported_from_db.exs`. ## How to set it up -You need to migrate your existing settings to the database. You can do this with mix task (all config files will remain untouched): -```bash +You need to migrate your existing settings to the database. This task will migrate only added by user settings. +For example you add settings to `prod.secret.exs` file, only these settings will be migrated to database. For release it will be `/etc/pleroma/config.exs` or `PLEROMA_CONFIG_PATH`. +You can do this with mix task (all config files will remain untouched): + +```sh tab="OTP" + ./bin/pleroma_ctl config migrate_to_db +``` + +```sh tab="From Source" mix pleroma.config migrate_to_db ``` -Now you can change settings in admin interface. After each save, settings are duplicated to the `config/{env}.exported_from_db.exs` file. + +Now you can change settings in admin interface. After each save, settings from database are duplicated to the `config/{env}.exported_from_db.exs` file. **ATTENTION** @@ -25,13 +35,25 @@ Now you can change settings in admin interface. After each save, settings are du - all settings inside these keys: - `:hackney_pools` - `:chat` - - `Pleroma.Web.Endpoint` - partially settings inside these keys: - `:seconds_valid` in `Pleroma.Captcha` - `:proxy_remote` in `Pleroma.Upload` - `:upload_limit` in `:instance` -## How to remove it +## How to dump settings from database to file + +*Adding `-d` flag will delete migrated settings from database table.* + +```sh tab="OTP" + ./bin/pleroma_ctl config migrate_from_db [-d] +``` + +```sh tab="From Source" +mix pleroma.config migrate_from_db [-d] +``` + + +## How to completely remove it 1. Truncate or delete all values from `config` table ```sql diff --git a/docs/administration/CLI_tasks/config.md b/docs/administration/CLI_tasks/config.md index fe76b534b..2af51c247 100644 --- a/docs/administration/CLI_tasks/config.md +++ b/docs/administration/CLI_tasks/config.md @@ -18,11 +18,11 @@ mix pleroma.config migrate_to_db ## Transfer config from DB to `config/env.exported_from_db.secret.exs` -To delete transfered settings from database optional flag `-d` can be used. +To delete transfered settings from database optional flag `-d` can be used. is `prod` by default. ```sh tab="OTP" - ./bin/pleroma_ctl config migrate_from_db --env= [-d] + ./bin/pleroma_ctl config migrate_from_db [--env=] [-d] ``` ```sh tab="From Source" -mix pleroma.config migrate_from_db --env= [-d] +mix pleroma.config migrate_from_db [--env=] [-d] ``` -- cgit v1.2.3 From f3e074e949ce603446728b02ea059efe2a05a841 Mon Sep 17 00:00:00 2001 From: Alexander Strizhakov Date: Wed, 22 Jan 2020 18:22:54 +0300 Subject: little fixes --- docs/API/admin_api.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'docs') diff --git a/docs/API/admin_api.md b/docs/API/admin_api.md index 534c49eed..07aa7ec3f 100644 --- a/docs/API/admin_api.md +++ b/docs/API/admin_api.md @@ -722,11 +722,11 @@ Some modifications are necessary to save the config settings correctly: ``` ":pleroma" -> :pleroma ``` -- objects with `tuple` key and array value will be converted to atoms; +- objects with `tuple` key and array value will be converted to tuples; ``` {"tuple": ["string", "Pleroma.Upload", []]} -> {"string", Pleroma.Upload, []} ``` -- arrays with *tuple objects* and 2 childs in array will be converted to keywords; +- arrays with *tuple objects* will be converted to keywords; ``` [{"tuple": [":key1", "value"]}, {"tuple": [":key2", "value"]}] -> [key1: "value", key2: "value"] ``` -- cgit v1.2.3 From d43c9ab286c410abfe903b56911888d75f492155 Mon Sep 17 00:00:00 2001 From: Maksim Date: Wed, 22 Jan 2020 16:58:43 +0000 Subject: Apply suggestion to docs/configuration/cheatsheet.md --- docs/configuration/cheatsheet.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index f690259bf..22f099581 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -515,7 +515,7 @@ Pleroma has the following queues: #### Oban.Cron -Pleroma has the periodic jobs: +Pleroma has these periodic job workers: `Pleroma.Workers.Cron.ClearOauthTokenWorker` - the job to clean an expired oauth tokens. -- cgit v1.2.3 From e761d76e4fe95a8fadd8eb05d5c55ef5fc4bc8ec Mon Sep 17 00:00:00 2001 From: Maksim Date: Wed, 22 Jan 2020 16:58:50 +0000 Subject: Apply suggestion to docs/configuration/cheatsheet.md --- docs/configuration/cheatsheet.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index 22f099581..48d980aea 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -517,7 +517,7 @@ Pleroma has the following queues: Pleroma has these periodic job workers: -`Pleroma.Workers.Cron.ClearOauthTokenWorker` - the job to clean an expired oauth tokens. +`Pleroma.Workers.Cron.ClearOauthTokenWorker` - a job worker to cleanup expired oauth tokens. Example: -- cgit v1.2.3 From b8b90d967ad4b796af94c214cb9c20b3d1edff80 Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Wed, 22 Jan 2020 22:21:32 +0400 Subject: Update documentation --- docs/configuration/cheatsheet.md | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'docs') diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index cad3af68d..4711b7f54 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -489,6 +489,10 @@ Email notifications settings. - `:logo` - a path to a custom logo. Set it to `nil` to use the default Pleroma logo. - `:styling` - a map with color settings for email templates. +### Pleroma.Emails.NewUsersDigestEmail + +- `:enabled` - a boolean, enables new users admin digest email when `true`. Defaults to `false`. + ## Background jobs ### Oban -- cgit v1.2.3 From 85f45c768994ce9e0642cc3fc29b68b1ec9a6684 Mon Sep 17 00:00:00 2001 From: lain Date: Wed, 22 Jan 2020 20:11:18 +0100 Subject: Document new EmojiReaction notifications --- docs/API/differences_in_mastoapi_responses.md | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'docs') diff --git a/docs/API/differences_in_mastoapi_responses.md b/docs/API/differences_in_mastoapi_responses.md index 3f75a13f7..2236870c7 100644 --- a/docs/API/differences_in_mastoapi_responses.md +++ b/docs/API/differences_in_mastoapi_responses.md @@ -101,6 +101,14 @@ The `type` value is `move`. Has an additional field: - `target`: new account +### EmojiReaction Notification + +The `type` value is `pleroma:emoji_reaction`. Has these fields: + +- `emoji`: The used emoji +- `account`: The account of the user who reacted +- `status`: The status that was reacted on + ## GET `/api/v1/notifications` Accepts additional parameters: -- cgit v1.2.3 From 89eeadc2a892194ee83c1c885845a93e7ec6e397 Mon Sep 17 00:00:00 2001 From: Farhan Khan Date: Wed, 22 Jan 2020 17:33:10 -0500 Subject: Updated OpenBSD installation guide for version OpenBSD 6.6 * initdb command now requires explicit -U and -D flags * acme-client now requires version v02 API endpoint * Added step to add admin user, per other installation guides * Corrected setup_db.psql path --- docs/installation/openbsd_en.md | 22 +++++++++++++++++----- 1 file changed, 17 insertions(+), 5 deletions(-) (limited to 'docs') diff --git a/docs/installation/openbsd_en.md b/docs/installation/openbsd_en.md index 45602bd75..e8c5d844c 100644 --- a/docs/installation/openbsd_en.md +++ b/docs/installation/openbsd_en.md @@ -1,6 +1,6 @@ # Installing on OpenBSD -This guide describes the installation and configuration of pleroma (and the required software to run it) on a single OpenBSD 6.4 server. +This guide describes the installation and configuration of pleroma (and the required software to run it) on a single OpenBSD 6.6 server. For any additional information regarding commands and configuration files mentioned here, check the man pages [online](https://man.openbsd.org/) or directly on your server with the man command. @@ -40,7 +40,12 @@ Enter a shell as the \_pleroma user. As root, run `su _pleroma -;cd`. Then clone #### PostgreSQL Start a shell as the \_postgresql user (as root run `su _postgresql -` then run the `initdb` command to initialize postgresql: -If you wish to not use the default location for postgresql's data (/var/postgresql/data), add the following switch at the end of the command: `-D ` and modify the `datadir` variable in the /etc/rc.d/postgresql script. +You will need to specify pgdata directory to the default (/var/postgresql/data) with the `-D ` and set the user to postgres with the `-U ` flag. This can be done as follows: + +``` +initdb -D /var/postgresql/data -U postgres +``` +If you are not using the default directory, you will have to update the `datadir` variable in the /etc/rc.d/postgresql script. When this is done, enable postgresql so that it starts on boot and start it. As root, run: ``` @@ -81,7 +86,6 @@ server "default" { } types { - include "/usr/share/misc/mime.types" } ``` Do not forget to change ** to your server's address(es). If httpd should only listen on one protocol family, comment one of the two first *listen* options. @@ -103,7 +107,7 @@ Insert the following configuration in /etc/acme-client.conf: authority letsencrypt- { #agreement url "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf" - api url "https://acme-v01.api.letsencrypt.org/directory" + api url "https://acme-v02.api.letsencrypt.org/directory" account key "/etc/acme/letsencrypt-privkey-.pem" } @@ -222,7 +226,7 @@ Then follow the main installation guide: * run `mix deps.get` * run `mix pleroma.instance gen` and enter your instance's information when asked * copy config/generated\_config.exs to config/prod.secret.exs. The default values should be sufficient but you should edit it and check that everything seems OK. - * exit your current shell back to a root one and run `psql -U postgres -f /home/_pleroma/config/setup_db.psql` to setup the database. + * exit your current shell back to a root one and run `psql -U postgres -f /home/_pleroma/pleroma/config/setup_db.psql` to setup the database. * return to a \_pleroma shell into pleroma's installation directory (`su _pleroma -;cd ~/pleroma`) and run `MIX_ENV=prod mix ecto.migrate` As \_pleroma in /home/\_pleroma/pleroma, you can now run `LC_ALL=en_US.UTF-8 MIX_ENV=prod mix phx.server` to start your instance. @@ -230,3 +234,11 @@ In another SSH session/tmux window, check that it is working properly by running ##### Starting pleroma at boot An rc script to automatically start pleroma at boot hasn't been written yet, it can be run in a tmux session (tmux is in base). + + +#### Create administrative user + +If your instance is up and running, you can create your first user with administrative rights with the following command as the \_pleroma user. +``` +LC_ALL=en_US.UTF-8 MIX_ENV=prod mix pleroma.user new --admin +``` -- cgit v1.2.3 From 9a994878f18e4804f83d36eed441de53b53b3691 Mon Sep 17 00:00:00 2001 From: lain Date: Fri, 24 Jan 2020 10:53:01 +0100 Subject: Emoji reactions: Update docs and changelog --- docs/API/differences_in_mastoapi_responses.md | 2 +- docs/API/pleroma_api.md | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) (limited to 'docs') diff --git a/docs/API/differences_in_mastoapi_responses.md b/docs/API/differences_in_mastoapi_responses.md index 2236870c7..030660b34 100644 --- a/docs/API/differences_in_mastoapi_responses.md +++ b/docs/API/differences_in_mastoapi_responses.md @@ -29,7 +29,7 @@ Has these additional fields under the `pleroma` object: - `spoiler_text`: a map consisting of alternate representations of the `spoiler_text` property with the key being it's mimetype. Currently the only alternate representation supported is `text/plain` - `expires_at`: a datetime (iso8601) that states when the post will expire (be deleted automatically), or empty if the post won't expire - `thread_muted`: true if the thread the post belongs to is muted -- `emoji_reactions`: A list with emoji / reaction count tuples. Contains no information about the reacting users, for that use the `emoji_reactions_by` endpoint. +- `emoji_reactions`: A list with emoji / reaction maps. The format is {emoji: "☕", count: 1}. Contains no information about the reacting users, for that use the `emoji_reactions_by` endpoint. ## Attachments diff --git a/docs/API/pleroma_api.md b/docs/API/pleroma_api.md index 9ca8a5af0..9f5cafe5a 100644 --- a/docs/API/pleroma_api.md +++ b/docs/API/pleroma_api.md @@ -455,7 +455,7 @@ Emoji reactions work a lot like favourites do. They make it possible to react to * Example Response: ```json [ - ["😀", [{"id" => "xyz.."...}, {"id" => "zyx..."}]], - ["☕", [{"id" => "abc..."}]] + {"emoji": "😀", "count": 2, "accounts": [{"id" => "xyz.."...}, {"id" => "zyx..."}]}, + {"emoji": "☕", "count": 1, "accounts": [{"id" => "abc..."}]} ] ``` -- cgit v1.2.3 From dabd535e436789e64f6630460bfadd2f49dcf069 Mon Sep 17 00:00:00 2001 From: Hakaba Hitoyo Date: Mon, 27 Jan 2020 13:21:50 +0000 Subject: Remove user recommendation by third party engine --- docs/configuration/howto_user_recomendation.md | 31 -------------------------- 1 file changed, 31 deletions(-) delete mode 100644 docs/configuration/howto_user_recomendation.md (limited to 'docs') diff --git a/docs/configuration/howto_user_recomendation.md b/docs/configuration/howto_user_recomendation.md deleted file mode 100644 index c4d749d0c..000000000 --- a/docs/configuration/howto_user_recomendation.md +++ /dev/null @@ -1,31 +0,0 @@ -# How to activate user recommendation (Who to follow panel) -![who-to-follow-panel-small](/uploads/9de1b1300436c32461d272945f1bc23e/who-to-follow-panel-small.png) - -To show the *who to follow* panel, edit `config/prod.secret.exs` in the Pleroma backend. Following code activates the *who to follow* panel: - -```elixir -config :pleroma, :suggestions, - enabled: true, - third_party_engine: - "http://vinayaka.distsn.org/cgi-bin/vinayaka-user-match-suggestions-api.cgi?{{host}}+{{user}}", - timeout: 300_000, - limit: 40, - web: "https://vinayaka.distsn.org" - -``` - -`config/config.exs` already includes this code, but `enabled:` is `false`. - -`/api/v1/suggestions` is also provided when *who to follow* panel is enabled. - -For advanced customization, following code shows the newcomers of the fediverse at the *who to follow* panel: - -```elixir -config :pleroma, :suggestions, - enabled: true, - third_party_engine: - "http://vinayaka.distsn.org/cgi-bin/vinayaka-user-new-suggestions-api.cgi?{{host}}+{{user}}", - timeout: 60_000, - limit: 40, - web: "https://vinayaka.distsn.org/user-new.html" -``` -- cgit v1.2.3 From 7c6e5c541de808957be8a1948fa7a20eba8734df Mon Sep 17 00:00:00 2001 From: Alexander Strizhakov Date: Mon, 27 Jan 2020 19:48:20 +0300 Subject: docs update --- docs/API/admin_api.md | 13 +++++++++++++ docs/admin/config.md | 19 ++++++++++++------- 2 files changed, 25 insertions(+), 7 deletions(-) (limited to 'docs') diff --git a/docs/API/admin_api.md b/docs/API/admin_api.md index 07aa7ec3f..2c0c5f46b 100644 --- a/docs/API/admin_api.md +++ b/docs/API/admin_api.md @@ -665,6 +665,19 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret - 404 Not Found `"Not found"` - On success: 200 OK `{}` +## `GET /api/pleroma/admin/restart` + +### Restarts pleroma application + +- Params: none +- Response: + - On failure: + - 400 Bad Request `"To use this endpoint you need to enable configuration from database."` + +```json +{} +``` + ## `GET /api/pleroma/admin/config/migrate_from_db` ### Run mix task pleroma.config migrate_from_db diff --git a/docs/admin/config.md b/docs/admin/config.md index 35e43b6a9..b39a73961 100644 --- a/docs/admin/config.md +++ b/docs/admin/config.md @@ -6,11 +6,7 @@ config :pleroma, configurable_from_database: true ``` ## How it works -Settings are stored in database and are applied in `runtime` after each change. Most of the settings take effect immediately, except some, which need instance reboot. These settings are needed in `compile time`, that's why settings are duplicated to the file. - -File with duplicated settings is located in `config/{env}.exported_from_db.exs` if pleroma is runned from source. For prod env it will be `config/prod.exported_from_db.exs`. - -For releases: `/etc/pleroma/prod.exported_from_db.secret.exs` or `PLEROMA_CONFIG_PATH/prod.exported_from_db.exs`. +Settings are stored in database and are applied in `runtime` after each change. Most of the settings take effect immediately, except some, which need instance reboot. ## How to set it up You need to migrate your existing settings to the database. This task will migrate only added by user settings. @@ -25,7 +21,7 @@ You can do this with mix task (all config files will remain untouched): mix pleroma.config migrate_to_db ``` -Now you can change settings in admin interface. After each save, settings from database are duplicated to the `config/{env}.exported_from_db.exs` file. +Now you can change settings in admin interface. If `reboot time` settings were changed, pleroma must be rebooted. **ATTENTION** @@ -35,10 +31,19 @@ Now you can change settings in admin interface. After each save, settings from d - all settings inside these keys: - `:hackney_pools` - `:chat` + - `Oban` + - `:rate_limit` + - `:markup` + - `:streamer` - partially settings inside these keys: - `:seconds_valid` in `Pleroma.Captcha` - `:proxy_remote` in `Pleroma.Upload` - `:upload_limit` in `:instance` + - `:digest` in `:email_notifications` + - `:clean_expired_tokens` in `:oauth2` + - `:enabled` in `Pleroma.ActivityExpiration` + - `:enabled` in `Pleroma.ScheduledActivity` + - `:enabled` in `:gopher` ## How to dump settings from database to file @@ -59,7 +64,7 @@ mix pleroma.config migrate_from_db [-d] ```sql TRUNCATE TABLE config; ``` -2. Delete `config/{env}.exported_from_db.exs`. +2. If migrate_from_db task was runned, backup and delete `config/{env}.exported_from_db.exs`. For `prod` env: ```bash -- cgit v1.2.3 From c8964cc4384edd857280c6d9d5fe39ce7c4cf1ea Mon Sep 17 00:00:00 2001 From: Ilja Date: Tue, 28 Jan 2020 12:57:06 +0000 Subject: DOCS General update for the "Introduction to Pleroma" section * Put url's between angle brackets. docs-develop doesn't list the url's as links, I assume these will fix that (but don't know if I can check) * Added a third space before the "sub"bulletpoints. docs-develop doesn't show them as subpoints with only two spaces. I hope three will fix it (but don't know if I can check) * Added a newline above the bulletpoints because otherwise they are broken on docs-develop * Remove the :smile: thingies because neither of the docs (docs.pleroma.social and docs-develop.social) show them as emojis * Add a link to fediverse.network * Update to add new stuff and fix things that aren't correct (any more) --- docs/introduction.md | 70 ++++++++++++++++++++++++++++++---------------------- 1 file changed, 40 insertions(+), 30 deletions(-) (limited to 'docs') diff --git a/docs/introduction.md b/docs/introduction.md index 045dc7c05..823e14f53 100644 --- a/docs/introduction.md +++ b/docs/introduction.md @@ -3,53 +3,63 @@ Pleroma is a federated social networking platform, compatible with GNU social, Mastodon and other OStatus and ActivityPub implementations. It is free software licensed under the AGPLv3. It actually consists of two components: a backend, named simply Pleroma, and a user-facing frontend, named Pleroma-FE. It also includes the Mastodon frontend, if that's your thing. It's part of what we call the fediverse, a federated network of instances which speak common protocols and can communicate with each other. -One account on a instance is enough to talk to the entire fediverse! +One account on an instance is enough to talk to the entire fediverse! ## How can I use it? -Pleroma instances are already widely deployed, a list can be found here: -http://distsn.org/pleroma-instances.html +Pleroma instances are already widely deployed, a list can be found at . Information on all existing fediverse instances can be found at . If you don't feel like joining an existing instance, but instead prefer to deploy your own instance, that's easy too! -Installation instructions can be found here: -[main Pleroma wiki](/) +Installation instructions can be found in the installation section of these docs. ## I got an account, now what? -Great! Now you can explore the fediverse! -- Open the login page for your Pleroma instance (for ex. https://pleroma.soykaf.com) and login with your username and password. -(If you don't have one yet, click on Register) :slightly_smiling_face: +Great! Now you can explore the fediverse! Open the login page for your Pleroma instance (e.g. ) and login with your username and password. (If you don't have an account yet, click on Register) At this point you will have two columns in front of you. ### Left column -- first block: here you can see your avatar, your nickname a bio, and statistics (Statuses, Following, Followers). -Under that you have a text form which allows you to post new statuses. The icon on the left is for uploading media files and attach them to your post. The number under the text form is a character counter, every instance can have a different character limit (the default is 5000). -If you want to mention someone, type @ + name of the person. A drop-down menu will help you in finding the right person. :slight_smile: + +- first block: here you can see your avatar, your nickname and statistics (Statuses, Following, Followers). Clicking your profile pic will open your profile. +Under that you have a text form which allows you to post new statuses. The number on the bottom of the text form is a character counter, every instance can have a different character limit (the default is 5000). +If you want to mention someone, type @ + name of the person. A drop-down menu will help you in finding the right person. +Under the text form there are also several visibility options and there is the option to use rich text. +Under that the icon on the left is for uploading media files and attach them to your post. There is also an emoji-picker and an option to post a poll. To post your status, simply press Submit. +On the top right you will also see a wrench icon. This opens your personal settings. - second block: Here you can switch between the different timelines: - - Timeline: all the people that you follow - - Mentions: all the statutes where you are mentioned - - Public Timeline: all the statutes from the local instance - - The Whole Known Network: everything, local and remote! - -- third block: this is the Chat block, where you communicate with people on the same instance in realtime. It is local-only, for now, but we're planning to make it extendable to the entire fediverse! :sweat_smile: - + - Timeline: all the people that you follow + - Interactions: here you can switch between different timelines where there was interaction with your account. There is Mentions, Repeats and Favorites, and New follows + - Direct Messages: these are the Direct Messages sent to you + - Public Timeline: all the statutes from the local instance + - The Whole Known Network: all public posts the instance knows about, both local and remote! + - About: This isn't a Timeline but shows relevant info about the instance. You can find a list of the moderators and admins, Terms of Service, MRF policies and enabled features. +- Optional third block: This is the Instance panel that can be activated, but is deactivated by default. It's fully customisable and by default has links to the pleroma-fe and Mastodon-fe. - fourth block: This is the Notifications block, here you will get notified whenever somebody mentions you, follows you, repeats or favorites one of your statuses. ### Right column -This is where the interesting stuff happens! :slight_smile: +This is where the interesting stuff happens! Depending on the timeline you will see different statuses, but each status has a standard structure: -- Icon + name + link to profile. An optional left-arrow if it's a reply to another status (hovering will reveal the replied-to status). -- A + button on the right allows you to Expand/Collapse an entire discussion thread. It also updates in realtime! -- A binocular icon allows you to open the status on the instance where it's originating from. -- The text of the status, including mentions. If you click on a mention, it will automatically open the profile page of that person. -- Four buttons (left to right): Reply, Repeat, Favorite, Delete. - -## Mastodon interface -If the Pleroma interface isn't your thing, or you're just trying something new but you want to keep using the familiar Mastodon interface, we got that too! :smile: -Just add a "/web" after your instance url (for ex. https://pleroma.soycaf.com/web) and you'll end on the Mastodon web interface, but with a Pleroma backend! MAGIC! :fireworks: -For more information on the Mastodon interface, please look here: -https://github.com/tootsuite/documentation/blob/master/Using-Mastodon/User-guide.md + +- Profile pic, name and link to profile. An optional left-arrow if it's a reply to another status (hovering will reveal the replied-to status). Clicking on the profile pic will uncollapse the user's profile. +- A `+` button on the right allows you to Expand/Collapse an entire discussion thread. It also updates in realtime! +- An arrow icon allows you to open the status on the instance where it's originating from. +- The text of the status, including mentions and attachements. If you click on a mention, it will automatically open the profile page of that person. +- Three buttons (left to right): Reply, Repeat, Favorite. There is also a forth button, this is a dropdown menu for simple moderation like muting the conversation or, if you have moderation rights, delete the status from the server. + +### Top right + +- The magnifier icon opens the search screen where you can search for statuses, people and hashtags. It's also possible to import statusses from remote servers by pasting the url to the post in the search field. +- The gear icon gives you general settings +- If you have admin rights, you'll see an icon that opens the admin interface +- The last icon is to log out + +### Bottom right +On the bottom right you have a chatbox. Here you can communicate with people on the same instance in realtime. It is local-only, for now, but there are plans to make it extendable to the entire fediverse! + +### Mastodon interface +If the Pleroma interface isn't your thing, or you're just trying something new but you want to keep using the familiar Mastodon interface, we got that too! +Just add a "/web" after your instance url (e.g. ) and you'll end on the Mastodon web interface, but with a Pleroma backend! MAGIC! +The Mastodon interface is from the Glitch-soc fork. For more information on the Mastodon interface you can check the [Mastodon](https://docs.joinmastodon.org/) and [Glitch-soc](https://glitch-soc.github.io/docs/) documentation. Remember, what you see is only the frontend part of Mastodon, the backend is still Pleroma. -- cgit v1.2.3 From 4eb935be78eeaf1decb7fc109cec09ca18d82854 Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Mon, 20 Jan 2020 13:23:21 +0100 Subject: Create pleroma.email mix task Closes: https://git.pleroma.social/pleroma/pleroma/issues/1061 --- docs/administration/CLI_tasks/email.md | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 docs/administration/CLI_tasks/email.md (limited to 'docs') diff --git a/docs/administration/CLI_tasks/email.md b/docs/administration/CLI_tasks/email.md new file mode 100644 index 000000000..7b7a8457a --- /dev/null +++ b/docs/administration/CLI_tasks/email.md @@ -0,0 +1,24 @@ +# Managing emails + +{! backend/administration/CLI_tasks/general_cli_task_info.include !} + +## Send test email (instance email by default) + +```sh tab="OTP" + ./bin/pleroma_ctl email test [--to ] +``` + +```sh tab="From Source" +mix pleroma.email test [--to ] +``` + + +Example: + +```sh tab="OTP" +./bin/pleroma_ctl email test --to root@example.org +``` + +```sh tab="From Source" +mix pleroma.email test --to root@example.org +``` -- cgit v1.2.3 From d378550d2d68f2a41993c59cacd646cacc0995dc Mon Sep 17 00:00:00 2001 From: lain Date: Wed, 29 Jan 2020 11:40:57 +0100 Subject: Emoji Reactions: Document changes --- docs/API/differences_in_mastoapi_responses.md | 2 +- docs/API/pleroma_api.md | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) (limited to 'docs') diff --git a/docs/API/differences_in_mastoapi_responses.md b/docs/API/differences_in_mastoapi_responses.md index 030660b34..82d967e4d 100644 --- a/docs/API/differences_in_mastoapi_responses.md +++ b/docs/API/differences_in_mastoapi_responses.md @@ -29,7 +29,7 @@ Has these additional fields under the `pleroma` object: - `spoiler_text`: a map consisting of alternate representations of the `spoiler_text` property with the key being it's mimetype. Currently the only alternate representation supported is `text/plain` - `expires_at`: a datetime (iso8601) that states when the post will expire (be deleted automatically), or empty if the post won't expire - `thread_muted`: true if the thread the post belongs to is muted -- `emoji_reactions`: A list with emoji / reaction maps. The format is {emoji: "☕", count: 1}. Contains no information about the reacting users, for that use the `emoji_reactions_by` endpoint. +- `emoji_reactions`: A list with emoji / reaction maps. The format is `{emoji: "☕", count: 1, reacted: true}`. Contains no information about the reacting users, for that use the `emoji_reactions_by` endpoint. ## Attachments diff --git a/docs/API/pleroma_api.md b/docs/API/pleroma_api.md index 9f5cafe5a..c7125c1cd 100644 --- a/docs/API/pleroma_api.md +++ b/docs/API/pleroma_api.md @@ -455,7 +455,7 @@ Emoji reactions work a lot like favourites do. They make it possible to react to * Example Response: ```json [ - {"emoji": "😀", "count": 2, "accounts": [{"id" => "xyz.."...}, {"id" => "zyx..."}]}, - {"emoji": "☕", "count": 1, "accounts": [{"id" => "abc..."}]} + {"emoji": "😀", "count": 2, "reacted": true, "accounts": [{"id" => "xyz.."...}, {"id" => "zyx..."}]}, + {"emoji": "☕", "count": 1, "reacted": false, "accounts": [{"id" => "abc..."}]} ] ``` -- cgit v1.2.3 From f5cb2af85a2a3798d18d887b5947a65979cb65b9 Mon Sep 17 00:00:00 2001 From: rinpatch Date: Wed, 29 Jan 2020 23:59:00 +0300 Subject: cheatsheet: improve rate limiter docs and add new limiters --- docs/configuration/cheatsheet.md | 29 +++++++++++++++++++++++------ 1 file changed, 23 insertions(+), 6 deletions(-) (limited to 'docs') diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index 30d673eba..f910122df 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -326,14 +326,31 @@ A keyword list of rate limiters where a key is a limiter name and value is the l It is also possible to have different limits for unauthenticated and authenticated users: the keyword value must be a list of two tuples where the first one is a config for unauthenticated users and the second one is for authenticated. +For example: + +```elixir +config :pleroma, :rate_limit, + authentication: {60_000, 15}, + search: [{1000, 10}, {1000, 30}] +``` + +Means that: + +1. In 60 seconds, 50 authentication attempts can be performed from the same IP address. +2. In 1 second, 10 search requests can be performed from the same IP adress by unauthenticated users, while authenticated users can perform 30 search requests per second. + Supported rate limiters: -* `:search` for the search requests (account & status search etc.) -* `:app_account_creation` for registering user accounts from the same IP address -* `:relations_actions` for actions on relations with all users (follow, unfollow) -* `:relation_id_action` for actions on relation with a specific user (follow, unfollow) -* `:statuses_actions` for create / delete / fav / unfav / reblog / unreblog actions on any statuses -* `:status_id_action` for fav / unfav or reblog / unreblog actions on the same status by the same user +* `:search` - Account/Status search. +* `:app_account_creation` - Account registration from the API. +* `:relations_actions` - Following/Unfollowing in general. +* `:relation_id_action` - Following/Unfollowing for a specific user. +* `:statuses_actions` - Status actions such as: (un)repeating, (un)favouriting, creating, deleting. +* `:status_id_action` - (un)Repeating/(un)Favouriting a particular status. +* `:authentication` - Authentication actions, i.e getting an OAuth token. +* `password_reset` - Requesting password reset emails. +* `:account_confirmation_resend` - Requesting resending account confirmation emails. +* `:ap_routes` - Requesting statuses via ActivityPub. ### :web_cache_ttl -- cgit v1.2.3 From 889965141a1411dd546757fbb964695bd8f712d7 Mon Sep 17 00:00:00 2001 From: rinpatch Date: Wed, 29 Jan 2020 23:59:27 +0300 Subject: RemoteIp: only trust X-Forwarded-For Our nginx config will happily pass `Forwarded`/`X-Real-IP` from the client. Caddy, Apache and Varnish pass `X-Forwarded-For` as well anyway. --- docs/configuration/cheatsheet.md | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) (limited to 'docs') diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index f910122df..54cc9b1c1 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -308,16 +308,15 @@ This will make Pleroma listen on `127.0.0.1` port `8080` and generate urls start Available options: * `enabled` - Enable/disable the plug. Defaults to `false`. -* `headers` - A list of strings naming the `req_headers` to use when deriving the `remote_ip`. Order does not matter. Defaults to `~w[forwarded x-forwarded-for x-client-ip x-real-ip]`. +* `headers` - A list of strings naming the `req_headers` to use when deriving the `remote_ip`. Order does not matter. Defaults to `["x-forwarded-for"]`. * `proxies` - A list of strings in [CIDR](https://en.wikipedia.org/wiki/CIDR) notation specifying the IPs of known proxies. Defaults to `[]`. * `reserved` - Defaults to [localhost](https://en.wikipedia.org/wiki/Localhost) and [private network](https://en.wikipedia.org/wiki/Private_network). ### :rate_limit -This is an advanced feature and disabled by default. - -If your instance is behind a reverse proxy you must enable and configure [`Pleroma.Plugs.RemoteIp`](#pleroma-plugs-remoteip). +!!! note + If your instance is behind a reverse proxy ensure [`Pleroma.Plugs.RemoteIp`](#pleroma-plugs-remoteip) is enabled (it is enabled by default). A keyword list of rate limiters where a key is a limiter name and value is the limiter configuration. The basic configuration is a tuple where: -- cgit v1.2.3 From ff4bef140af4cf17b2f8be2622a528cbea0ed330 Mon Sep 17 00:00:00 2001 From: rinpatch Date: Thu, 30 Jan 2020 13:24:24 +0000 Subject: Apply suggestion to docs/configuration/cheatsheet.md --- docs/configuration/cheatsheet.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index 54cc9b1c1..fcd7cdfb9 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -335,7 +335,7 @@ config :pleroma, :rate_limit, Means that: -1. In 60 seconds, 50 authentication attempts can be performed from the same IP address. +1. In 60 seconds, 15 authentication attempts can be performed from the same IP address. 2. In 1 second, 10 search requests can be performed from the same IP adress by unauthenticated users, while authenticated users can perform 30 search requests per second. Supported rate limiters: -- cgit v1.2.3 From 01537cc1d6a290f6a9002b331b18986036300634 Mon Sep 17 00:00:00 2001 From: lain Date: Thu, 30 Jan 2020 18:28:28 +0000 Subject: Apply suggestion to docs/configuration/cheatsheet.md --- docs/configuration/cheatsheet.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index fcd7cdfb9..a81bfa29d 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -347,7 +347,7 @@ Supported rate limiters: * `:statuses_actions` - Status actions such as: (un)repeating, (un)favouriting, creating, deleting. * `:status_id_action` - (un)Repeating/(un)Favouriting a particular status. * `:authentication` - Authentication actions, i.e getting an OAuth token. -* `password_reset` - Requesting password reset emails. +* `:password_reset` - Requesting password reset emails. * `:account_confirmation_resend` - Requesting resending account confirmation emails. * `:ap_routes` - Requesting statuses via ActivityPub. -- cgit v1.2.3 From 90b862e7ab2ad64aed63502bc52ae92e5c0a1791 Mon Sep 17 00:00:00 2001 From: Lain Soykaf Date: Tue, 4 Feb 2020 16:22:13 +0100 Subject: Add cheatsheet entry --- docs/configuration/cheatsheet.md | 1 + 1 file changed, 1 insertion(+) (limited to 'docs') diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index a81bfa29d..ed9049a8d 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -69,6 +69,7 @@ You shouldn't edit the base config directly to avoid breakages and merge conflic * `account_field_name_length`: An account field name maximum length (default: `512`). * `account_field_value_length`: An account field value maximum length (default: `2048`). * `external_user_synchronization`: Enabling following/followers counters synchronization for external users. +* `cleanup_attachments`: Remove attachments along with statuses. Does not affect duplicate files and attachments without status. Enabling this will increase load to database when deleting statuses on larger instances. ## Federation ### MRF policies -- cgit v1.2.3 From 5db6ac8ee405d89943a3669da4ea154ce004860f Mon Sep 17 00:00:00 2001 From: Alexander Strizhakov Date: Wed, 5 Feb 2020 20:36:21 +0300 Subject: removing migrate_from_db endpoint from admin api --- docs/API/admin_api.md | 15 --------------- 1 file changed, 15 deletions(-) (limited to 'docs') diff --git a/docs/API/admin_api.md b/docs/API/admin_api.md index 2c0c5f46b..e445583cb 100644 --- a/docs/API/admin_api.md +++ b/docs/API/admin_api.md @@ -678,21 +678,6 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret {} ``` -## `GET /api/pleroma/admin/config/migrate_from_db` - -### Run mix task pleroma.config migrate_from_db - -Copies all settings from database to `config/{env}.exported_from_db.secret.exs` with deletion from the table. Where `{env}` is the environment in which `pleroma` is running. - -- Params: none -- Response: - - On failure: - - 400 Bad Request `"To use this endpoint you need to enable configuration from database."` - -```json -{} -``` - ## `GET /api/pleroma/admin/config` ### Get list of merged default settings with saved in database. -- cgit v1.2.3 From c85aa6e87f8887ad532580ec3f84811abace05f2 Mon Sep 17 00:00:00 2001 From: Alexander Strizhakov Date: Wed, 5 Feb 2020 17:06:01 +0300 Subject: removing confusing error --- docs/API/admin_api.md | 1 - 1 file changed, 1 deletion(-) (limited to 'docs') diff --git a/docs/API/admin_api.md b/docs/API/admin_api.md index e445583cb..fb6dfcb08 100644 --- a/docs/API/admin_api.md +++ b/docs/API/admin_api.md @@ -689,7 +689,6 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret - Response: - On failure: - 400 Bad Request `"To use this endpoint you need to enable configuration from database."` - - 400 Bad Request `"To use configuration from database migrate your settings to database."` ```json { -- cgit v1.2.3 From 6722dade42d5f404c00386b0336d821028d58d7c Mon Sep 17 00:00:00 2001 From: rinpatch Date: Thu, 6 Feb 2020 15:00:33 +0300 Subject: Simplify in-database config docs Large part of it was no longer true (i.e none of the changes need recompilation anymore and you can't brick an instance by changing them, it's not necessary to manually truncate the db manually anymore) --- docs/admin/config.md | 79 --------------------------------- docs/administration/CLI_tasks/config.md | 18 ++++++-- docs/configuration/cheatsheet.md | 3 +- 3 files changed, 17 insertions(+), 83 deletions(-) delete mode 100644 docs/admin/config.md (limited to 'docs') diff --git a/docs/admin/config.md b/docs/admin/config.md deleted file mode 100644 index 35e43b6a9..000000000 --- a/docs/admin/config.md +++ /dev/null @@ -1,79 +0,0 @@ -# Configuring instance -You can configure your instance from admin interface. You need account with admin rights and little change in config file, which will allow settings configuration from database. - -```elixir -config :pleroma, configurable_from_database: true -``` - -## How it works -Settings are stored in database and are applied in `runtime` after each change. Most of the settings take effect immediately, except some, which need instance reboot. These settings are needed in `compile time`, that's why settings are duplicated to the file. - -File with duplicated settings is located in `config/{env}.exported_from_db.exs` if pleroma is runned from source. For prod env it will be `config/prod.exported_from_db.exs`. - -For releases: `/etc/pleroma/prod.exported_from_db.secret.exs` or `PLEROMA_CONFIG_PATH/prod.exported_from_db.exs`. - -## How to set it up -You need to migrate your existing settings to the database. This task will migrate only added by user settings. -For example you add settings to `prod.secret.exs` file, only these settings will be migrated to database. For release it will be `/etc/pleroma/config.exs` or `PLEROMA_CONFIG_PATH`. -You can do this with mix task (all config files will remain untouched): - -```sh tab="OTP" - ./bin/pleroma_ctl config migrate_to_db -``` - -```sh tab="From Source" -mix pleroma.config migrate_to_db -``` - -Now you can change settings in admin interface. After each save, settings from database are duplicated to the `config/{env}.exported_from_db.exs` file. - -**ATTENTION** - -**Be careful while changing the settings. Every inaccurate configuration change can break the federation or the instance load.** - -*Compile time settings, which require instance reboot and can break instance loading:* -- all settings inside these keys: - - `:hackney_pools` - - `:chat` -- partially settings inside these keys: - - `:seconds_valid` in `Pleroma.Captcha` - - `:proxy_remote` in `Pleroma.Upload` - - `:upload_limit` in `:instance` - -## How to dump settings from database to file - -*Adding `-d` flag will delete migrated settings from database table.* - -```sh tab="OTP" - ./bin/pleroma_ctl config migrate_from_db [-d] -``` - -```sh tab="From Source" -mix pleroma.config migrate_from_db [-d] -``` - - -## How to completely remove it - -1. Truncate or delete all values from `config` table -```sql -TRUNCATE TABLE config; -``` -2. Delete `config/{env}.exported_from_db.exs`. - -For `prod` env: -```bash -cd /opt/pleroma -cp config/prod.exported_from_db.exs config/exported_from_db.back -rm -rf config/prod.exported_from_db.exs -``` -*If you don't want to backup settings, you can skip step with `cp` command.* - -3. Set configurable_from_database to `false`. -```elixir -config :pleroma, configurable_from_database: false -``` -4. Restart pleroma instance -```bash -sudo service pleroma restart -``` diff --git a/docs/administration/CLI_tasks/config.md b/docs/administration/CLI_tasks/config.md index 2af51c247..873775962 100644 --- a/docs/administration/CLI_tasks/config.md +++ b/docs/administration/CLI_tasks/config.md @@ -1,12 +1,16 @@ # Transfering the config to/from the database -!!! danger - This is a Work In Progress, not usable just yet. - {! backend/administration/CLI_tasks/general_cli_task_info.include !} ## Transfer config from file to DB. +!!! note + You need to add the following to your config before executing this command: + + ```elixir + config :pleroma, configurable_from_database: true + ``` + ```sh tab="OTP" ./bin/pleroma_ctl config migrate_to_db ``` @@ -18,7 +22,15 @@ mix pleroma.config migrate_to_db ## Transfer config from DB to `config/env.exported_from_db.secret.exs` +!!! note + In-Database configuration will still be applied after executing this command unless you set the following in your config: + + ```elixir + config :pleroma, configurable_from_database: false + ``` + To delete transfered settings from database optional flag `-d` can be used. is `prod` by default. + ```sh tab="OTP" ./bin/pleroma_ctl config migrate_from_db [--env=] [-d] ``` diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index ed9049a8d..f30aedc01 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -856,4 +856,5 @@ config :auto_linker, ## :configurable_from_database -Enable/disable configuration from database. + +Boolean, enables/disables in-database configuration. Read [Transfering the config to/from the database](../administration/CLI_tasks/config.md) for more information. -- cgit v1.2.3 From 8a79f20c21fcb3baab0a817fc000c78d348349fb Mon Sep 17 00:00:00 2001 From: Lain Soykaf Date: Thu, 6 Feb 2020 18:09:57 +0100 Subject: EmojiReactions: Rename to EmojiReacts --- docs/API/differences_in_mastoapi_responses.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/API/differences_in_mastoapi_responses.md b/docs/API/differences_in_mastoapi_responses.md index 82d967e4d..89245261c 100644 --- a/docs/API/differences_in_mastoapi_responses.md +++ b/docs/API/differences_in_mastoapi_responses.md @@ -101,7 +101,7 @@ The `type` value is `move`. Has an additional field: - `target`: new account -### EmojiReaction Notification +### EmojiReact Notification The `type` value is `pleroma:emoji_reaction`. Has these fields: -- cgit v1.2.3 From 01da001da15e102eff5c38277d9d4c865e8b3fab Mon Sep 17 00:00:00 2001 From: Alexander Strizhakov Date: Fri, 7 Feb 2020 10:48:10 +0300 Subject: fix --- docs/administration/CLI_tasks/config.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/administration/CLI_tasks/config.md b/docs/administration/CLI_tasks/config.md index 873775962..cc32bf859 100644 --- a/docs/administration/CLI_tasks/config.md +++ b/docs/administration/CLI_tasks/config.md @@ -29,7 +29,7 @@ mix pleroma.config migrate_to_db config :pleroma, configurable_from_database: false ``` -To delete transfered settings from database optional flag `-d` can be used. is `prod` by default. +To delete transfered settings from database optional flag `-d` can be used. `` is `prod` by default. ```sh tab="OTP" ./bin/pleroma_ctl config migrate_from_db [--env=] [-d] -- cgit v1.2.3 From ce958820095611bbe7c49a1b90a69c557a3cbec5 Mon Sep 17 00:00:00 2001 From: Lain Soykaf Date: Fri, 7 Feb 2020 14:59:26 +0100 Subject: EmojiReactions: Add docs and Changelog --- docs/API/differences_in_mastoapi_responses.md | 2 +- docs/API/pleroma_api.md | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) (limited to 'docs') diff --git a/docs/API/differences_in_mastoapi_responses.md b/docs/API/differences_in_mastoapi_responses.md index 89245261c..b822bc037 100644 --- a/docs/API/differences_in_mastoapi_responses.md +++ b/docs/API/differences_in_mastoapi_responses.md @@ -29,7 +29,7 @@ Has these additional fields under the `pleroma` object: - `spoiler_text`: a map consisting of alternate representations of the `spoiler_text` property with the key being it's mimetype. Currently the only alternate representation supported is `text/plain` - `expires_at`: a datetime (iso8601) that states when the post will expire (be deleted automatically), or empty if the post won't expire - `thread_muted`: true if the thread the post belongs to is muted -- `emoji_reactions`: A list with emoji / reaction maps. The format is `{emoji: "☕", count: 1, reacted: true}`. Contains no information about the reacting users, for that use the `emoji_reactions_by` endpoint. +- `emoji_reactions`: A list with emoji / reaction maps. The format is `{name: "☕", count: 1, me: true}`. Contains no information about the reacting users, for that use the `/statuses/:id/reactions` endpoint. ## Attachments diff --git a/docs/API/pleroma_api.md b/docs/API/pleroma_api.md index c7125c1cd..925dacf39 100644 --- a/docs/API/pleroma_api.md +++ b/docs/API/pleroma_api.md @@ -432,21 +432,21 @@ The status posting endpoint takes an additional parameter, `in_reply_to_conversa Emoji reactions work a lot like favourites do. They make it possible to react to a post with a single emoji character. -## `POST /api/v1/pleroma/statuses/:id/react_with_emoji` +## `PUT /api/v1/pleroma/statuses/:id/reactions/:emoji` ### React to a post with a unicode emoji * Method: `POST` * Authentication: required * Params: `emoji`: A single character unicode emoji * Response: JSON, the status. -## `POST /api/v1/pleroma/statuses/:id/unreact_with_emoji` +## `DELETE /api/v1/pleroma/statuses/:id/reactions/:emoji` ### Remove a reaction to a post with a unicode emoji * Method: `POST` * Authentication: required * Params: `emoji`: A single character unicode emoji * Response: JSON, the status. -## `GET /api/v1/pleroma/statuses/:id/emoji_reactions_by` +## `GET /api/v1/pleroma/statuses/:id/reactions` ### Get an object of emoji to account mappings with accounts that reacted to the post * Method: `GET` * Authentication: optional @@ -455,7 +455,7 @@ Emoji reactions work a lot like favourites do. They make it possible to react to * Example Response: ```json [ - {"emoji": "😀", "count": 2, "reacted": true, "accounts": [{"id" => "xyz.."...}, {"id" => "zyx..."}]}, - {"emoji": "☕", "count": 1, "reacted": false, "accounts": [{"id" => "abc..."}]} + {"name": "😀", "count": 2, "me": true, "accounts": [{"id" => "xyz.."...}, {"id" => "zyx..."}]}, + {"name": "☕", "count": 1, "me": false, "accounts": [{"id" => "abc..."}]} ] ``` -- cgit v1.2.3 From 713645d5c5c866ce3a4f3070b9cd43cf30c7efd3 Mon Sep 17 00:00:00 2001 From: lain Date: Fri, 7 Feb 2020 15:17:42 +0000 Subject: Apply suggestion to docs/API/pleroma_api.md --- docs/API/pleroma_api.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/API/pleroma_api.md b/docs/API/pleroma_api.md index 925dacf39..0ed1df2d4 100644 --- a/docs/API/pleroma_api.md +++ b/docs/API/pleroma_api.md @@ -441,7 +441,7 @@ Emoji reactions work a lot like favourites do. They make it possible to react to ## `DELETE /api/v1/pleroma/statuses/:id/reactions/:emoji` ### Remove a reaction to a post with a unicode emoji -* Method: `POST` +* Method: `DELETE` * Authentication: required * Params: `emoji`: A single character unicode emoji * Response: JSON, the status. -- cgit v1.2.3 From 57098713c02363aaee78d519726e6f2975f725d8 Mon Sep 17 00:00:00 2001 From: lain Date: Fri, 7 Feb 2020 15:18:05 +0000 Subject: Apply suggestion to docs/API/pleroma_api.md --- docs/API/pleroma_api.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/API/pleroma_api.md b/docs/API/pleroma_api.md index 0ed1df2d4..07e0af5e5 100644 --- a/docs/API/pleroma_api.md +++ b/docs/API/pleroma_api.md @@ -434,7 +434,7 @@ Emoji reactions work a lot like favourites do. They make it possible to react to ## `PUT /api/v1/pleroma/statuses/:id/reactions/:emoji` ### React to a post with a unicode emoji -* Method: `POST` +* Method: `PUT` * Authentication: required * Params: `emoji`: A single character unicode emoji * Response: JSON, the status. -- cgit v1.2.3 From 815f659ed893d860c8ed1fbbd762e837147c214b Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Fri, 7 Feb 2020 22:17:08 +0400 Subject: Fix MRF documentation --- docs/configuration/mrf.md | 28 +++++++++++++++------------- 1 file changed, 15 insertions(+), 13 deletions(-) (limited to 'docs') diff --git a/docs/configuration/mrf.md b/docs/configuration/mrf.md index 45be18fc5..9b2289e7c 100644 --- a/docs/configuration/mrf.md +++ b/docs/configuration/mrf.md @@ -1,4 +1,5 @@ # Message Rewrite Facility + The Message Rewrite Facility (MRF) is a subsystem that is implemented as a series of hooks that allows the administrator to rewrite or discard messages. Possible uses include: @@ -10,7 +11,8 @@ Possible uses include: * removing media from messages * sending only public messages to a specific instance -The MRF provides user-configurable policies. The default policy is `NoOpPolicy`, which disables the MRF functionality. Pleroma also includes an easy to use policy called `SimplePolicy` which maps messages matching certain pre-defined criterion to actions built into the policy module. +The MRF provides user-configurable policies. The default policy is `NoOpPolicy`, which disables the MRF functionality. Pleroma also includes an easy to use policy called `SimplePolicy` which maps messages matching certain pre-defined criterion to actions built into the policy module. + It is possible to use multiple, active MRF policies at the same time. ## Quarantine Instances @@ -18,7 +20,8 @@ It is possible to use multiple, active MRF policies at the same time. You have the ability to prevent from private / followers-only messages from federating with specific instances. Which means they will only get the public or unlisted messages from your instance. If, for example, you're using `MIX_ENV=prod` aka using production mode, you would open your configuration file located in `config/prod.secret.exs` and edit or add the option under your `:instance` config object. Then you would specify the instance within quotes. -``` + +```elixir config :pleroma, :instance, [...] quarantined_instances: ["instance.example", "other.example"] @@ -28,15 +31,15 @@ config :pleroma, :instance, `SimplePolicy` is capable of handling most common admin tasks. -To use `SimplePolicy`, you must enable it. Do so by adding the following to your `:instance` config object, so that it looks like this: +To use `SimplePolicy`, you must enable it. Do so by adding the following to your `:instance` config object, so that it looks like this: -``` +```elixir config :pleroma, :instance, [...] rewrite_policy: Pleroma.Web.ActivityPub.MRF.SimplePolicy ``` -Once `SimplePolicy` is enabled, you can configure various groups in the `:mrf_simple` config object. These groups are: +Once `SimplePolicy` is enabled, you can configure various groups in the `:mrf_simple` config object. These groups are: * `media_removal`: Servers in this group will have media stripped from incoming messages. * `media_nsfw`: Servers in this group will have the #nsfw tag and sensitive setting injected into incoming messages which contain media. @@ -50,7 +53,7 @@ Servers should be configured as lists. This example will enable `SimplePolicy`, block media from `illegalporn.biz`, mark media as NSFW from `porn.biz` and `porn.business`, reject messages from `spam.com`, remove messages from `spam.university` from the federated timeline and block reports (flags) from `whiny.whiner`: -``` +```elixir config :pleroma, :instance, rewrite_policy: [Pleroma.Web.ActivityPub.MRF.SimplePolicy] @@ -60,16 +63,15 @@ config :pleroma, :mrf_simple, reject: ["spam.com"], federated_timeline_removal: ["spam.university"], report_removal: ["whiny.whiner"] - ``` ### Use with Care -The effects of MRF policies can be very drastic. It is important to use this functionality carefully. Always try to talk to an admin before writing an MRF policy concerning their instance. +The effects of MRF policies can be very drastic. It is important to use this functionality carefully. Always try to talk to an admin before writing an MRF policy concerning their instance. ## Writing your own MRF Policy -As discussed above, the MRF system is a modular system that supports pluggable policies. This means that an admin may write a custom MRF policy in Elixir or any other language that runs on the Erlang VM, by specifying the module name in the `rewrite_policy` config setting. +As discussed above, the MRF system is a modular system that supports pluggable policies. This means that an admin may write a custom MRF policy in Elixir or any other language that runs on the Erlang VM, by specifying the module name in the `rewrite_policy` config setting. For example, here is a sample policy module which rewrites all messages to "new message content": @@ -83,7 +85,7 @@ defmodule Site.RewritePolicy do # Capture the object as `object`, the message content as `content` and the # message itself as `message`. @impl true - def filter(%{"type" => Create", "object" => {"type" => "Note", "content" => content} = object} = message) + def filter(%{"type" => "Create", "object" => {"type" => "Note", "content" => content} = object} = message) when is_binary(content) do # Subject / CW is stored as summary instead of `name` like other AS2 objects # because of Mastodon doing it that way. @@ -109,9 +111,9 @@ defmodule Site.RewritePolicy do end ``` -If you save this file as `lib/site/mrf/rewrite_policy.ex`, it will be included when you next rebuild Pleroma. You can enable it in the configuration like so: +If you save this file as `lib/site/mrf/rewrite_policy.ex`, it will be included when you next rebuild Pleroma. You can enable it in the configuration like so: -``` +```elixir config :pleroma, :instance, rewrite_policy: [ Pleroma.Web.ActivityPub.MRF.SimplePolicy, @@ -119,4 +121,4 @@ config :pleroma, :instance, ] ``` -Please note that the Pleroma developers consider custom MRF policy modules to fall under the purview of the AGPL. As such, you are obligated to release the sources to your custom MRF policy modules upon request. +Please note that the Pleroma developers consider custom MRF policy modules to fall under the purview of the AGPL. As such, you are obligated to release the sources to your custom MRF policy modules upon request. -- cgit v1.2.3 From dad23e3766fb90c2c9b6bca7b5531273242659ad Mon Sep 17 00:00:00 2001 From: Alexander Strizhakov Date: Sat, 8 Feb 2020 12:55:37 +0300 Subject: need_reboot flag --- docs/API/admin_api.md | 20 ++++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) (limited to 'docs') diff --git a/docs/API/admin_api.md b/docs/API/admin_api.md index fb6dfcb08..47acd240e 100644 --- a/docs/API/admin_api.md +++ b/docs/API/admin_api.md @@ -682,6 +682,8 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret ### Get list of merged default settings with saved in database. +*If `need_reboot` flag exists in response, instance must be restarted, so reboot time settings can take effect.* + **Only works when configuration from database is enabled.** - Params: @@ -692,20 +694,24 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret ```json { - configs: [ + "configs": [ { "group": ":pleroma", "key": "Pleroma.Upload", "value": [] } - ] + ], + "need_reboot": true } ``` + need_reboot - *optional*, if were changed reboot time settings. ## `POST /api/pleroma/admin/config` ### Update config settings +*If `need_reboot` flag exists in response, instance must be restarted, so reboot time settings can take effect.* + **Only works when configuration from database is enabled.** Some modifications are necessary to save the config settings correctly: @@ -793,7 +799,7 @@ config :quack, ``` ```json { - configs: [ + "configs": [ {"group": ":quack", "key": ":level", "value": ":debug"}, {"group": ":quack", "key": ":meta", "value": [":all"]}, ... @@ -804,7 +810,7 @@ config :quack, ```json { - configs: [ + "configs": [ { "group": ":pleroma", "key": "Pleroma.Upload", @@ -836,15 +842,17 @@ config :quack, - 400 Bad Request `"To use this endpoint you need to enable configuration from database."` ```json { - configs: [ + "configs": [ { "group": ":pleroma", "key": "Pleroma.Upload", "value": [...] } - ] + ], + "need_reboot": true } ``` +need_reboot - *optional*, if were changed reboot time settings. ## ` GET /api/pleroma/admin/config/descriptions` -- cgit v1.2.3 From a9e946b99af15a704b9008a9e032d905f5463017 Mon Sep 17 00:00:00 2001 From: Ilja Date: Mon, 10 Feb 2020 23:53:26 +0000 Subject: DOCS Backup/Restore/Migrate your instance * Added "Migrate" to the title because these steps can also be used to migrate the instance to another server * Added an optional step to reinstall pleroma (esp. for migrating servers) * Currently the steps threw an error 'could not execute query: ERROR: function "activity_visibility already exists with the same argument types' * I added a new step to drop and recreate an empty pleroma-database * I played around with the `-c` and `-C` options of pg_restore, but dropping and recreating seemd to be the only way I got it working * This was tested on Debian Stretch, psql (PostgreSQL) 9.6.15 --- docs/administration/backup.md | 34 ++++++++++++++++++++++++++-------- 1 file changed, 26 insertions(+), 8 deletions(-) (limited to 'docs') diff --git a/docs/administration/backup.md b/docs/administration/backup.md index 2c70e7bf8..685c45128 100644 --- a/docs/administration/backup.md +++ b/docs/administration/backup.md @@ -1,17 +1,35 @@ -# Backup/Restore your instance +# Backup/Restore/Move/Remove your instance ## Backup 1. Stop the Pleroma service. 2. Go to the working directory of Pleroma (default is `/opt/pleroma`) -3. Run `sudo -Hu postgres pg_dump -d --format=custom -f ` +3. Run `sudo -Hu postgres pg_dump -d --format=custom -f ` (make sure the postgres user has write access to the destination file) 4. Copy `pleroma.pgdump`, `config/prod.secret.exs` and the `uploads` folder to your backup destination. If you have other modifications, copy those changes too. 5. Restart the Pleroma service. -## Restore +## Restore/Move -1. Stop the Pleroma service. -2. Go to the working directory of Pleroma (default is `/opt/pleroma`) -3. Copy the above mentioned files back to their original position. -4. Run `sudo -Hu postgres pg_restore -d -v -1 ` -5. Restart the Pleroma service. +1. Optionally reinstall Pleroma (either on the same server or on another server if you want to move servers). Try to use the same database name. +2. Stop the Pleroma service. +3. Go to the working directory of Pleroma (default is `/opt/pleroma`) +4. Copy the above mentioned files back to their original position. +5. Drop the existing database and recreate an empty one `sudo -Hu postgres psql -c 'DROP DATABASE ;';` `sudo -Hu postgres psql -c 'CREATE DATABASE ;';` +6. Run `sudo -Hu postgres pg_restore -d -v -1 ` +7. If you installed a newer Pleroma version, you should run `mix ecto.migrate`[^1]. This task performs database migrations, if there were any. +8. Restart the Pleroma service. + +[^1]: Prefix with `MIX_ENV=prod` to run it using the production config file. + +## Remove + +1. Optionally you can remove the users of your instance. This will trigger delete requests for their accounts and posts. Note that this is 'best effort' and doesn't mean that all traces of your instance will be gone from the fediverse. + * You can do this from the admin-FE where you can select all local users and delete the accounts using the *Moderate multiple users* dropdown. + * You can also list local users and delete them individualy using the CLI tasks for [Managing users](./CLI_tasks/user.md). +2. Stop the Pleroma service `systemctl stop pleroma` +3. Disable pleroma from systemd `systemctl disable pleroma` +4. Remove the files and folders you created during installation (see installation guide). This includes the pleroma, nginx and systemd files and folders. +5. Reload nginx now that the configuration is removed `systemctl reload nginx` +6. Remove the database and database user `sudo -Hu postgres psql -c 'DROP DATABASE ;';` `sudo -Hu postgres psql -c 'DROP USER ;';` +7. Remove the system user `userdel pleroma` +8. Remove the dependencies that you don't need anymore (see installation guide). Make sure you don't remove packages that are still needed for other software that you have running! -- cgit v1.2.3 From ad16f38b9c193cd4a760eb2e35829e96b21414f5 Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Tue, 11 Feb 2020 01:58:35 +0100 Subject: differences_in_mastoapi_responses.md: Add note about unlisted results Closes: https://git.pleroma.social/pleroma/pleroma/issues/1164 --- docs/API/differences_in_mastoapi_responses.md | 3 +++ 1 file changed, 3 insertions(+) (limited to 'docs') diff --git a/docs/API/differences_in_mastoapi_responses.md b/docs/API/differences_in_mastoapi_responses.md index 89245261c..ebf842b7e 100644 --- a/docs/API/differences_in_mastoapi_responses.md +++ b/docs/API/differences_in_mastoapi_responses.md @@ -88,6 +88,9 @@ Behavior has changed: - `/api/v1/accounts/search`: Does not require authentication +## Search (global) + +Unlisted posts are available in search results, they are considered to be public posts that shouldn't be shown in local/federated timeline. ## Notifications -- cgit v1.2.3 From 209e4d8432bdac4cf3a7f6eff258641e5fc037e5 Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Tue, 11 Feb 2020 02:27:40 +0100 Subject: clients.md: Add Kyclos --- docs/clients.md | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'docs') diff --git a/docs/clients.md b/docs/clients.md index 6c6180f7a..8ac9ad3de 100644 --- a/docs/clients.md +++ b/docs/clients.md @@ -37,6 +37,11 @@ Feel free to contact us to be added to this list! - Platforms: Android - Features: Streaming Ready, Moderation, Text Formatting +### Kyclos +- Source Code: +- Platforms: SailfishOS +- Features: No Streaming + ### Nekonium - Homepage: [F-Droid Repository](https://repo.gdgd.jp.net/), [Google Play](https://play.google.com/store/apps/details?id=com.apps.nekonium), [Amazon](https://www.amazon.co.jp/dp/B076FXPRBC/) - Source: -- cgit v1.2.3 From 2c95b0fab9cfae48ac26f5522c6848199ac7d245 Mon Sep 17 00:00:00 2001 From: Mark Felder Date: Thu, 13 Feb 2020 15:19:01 -0600 Subject: Make the sample code actually compile --- docs/configuration/mrf.md | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) (limited to 'docs') diff --git a/docs/configuration/mrf.md b/docs/configuration/mrf.md index 45be18fc5..c7161ca4e 100644 --- a/docs/configuration/mrf.md +++ b/docs/configuration/mrf.md @@ -74,16 +74,18 @@ As discussed above, the MRF system is a modular system that supports pluggable p For example, here is a sample policy module which rewrites all messages to "new message content": ```elixir -# This is a sample MRF policy which rewrites all Notes to have "new message -# content." defmodule Site.RewritePolicy do - @behavior Pleroma.Web.ActivityPub.MRF + @moduledoc "MRF policy which rewrites all Notes to have 'new message content'." + @behaviour Pleroma.Web.ActivityPub.MRF # Catch messages which contain Note objects with actual data to filter. # Capture the object as `object`, the message content as `content` and the # message itself as `message`. @impl true - def filter(%{"type" => Create", "object" => {"type" => "Note", "content" => content} = object} = message) + def filter( + %{"type" => "Create", "object" => %{"type" => "Note", "content" => content} = object} = + message + ) when is_binary(content) do # Subject / CW is stored as summary instead of `name` like other AS2 objects # because of Mastodon doing it that way. @@ -106,6 +108,13 @@ defmodule Site.RewritePolicy do # Let all other messages through without modifying them. @impl true def filter(message), do: {:ok, message} + + @impl true + def describe do + mrf_sample = Pleroma.Config.get(:mrf_sample) + + {:ok, %{mrf_sample: mrf_sample}} + end end ``` -- cgit v1.2.3 From 88a76d0142075dbd71314b8e601a8d347d2f45e9 Mon Sep 17 00:00:00 2001 From: Mark Felder Date: Fri, 14 Feb 2020 10:55:18 -0600 Subject: Update suggested path for location of your custom MRF --- docs/configuration/mrf.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/configuration/mrf.md b/docs/configuration/mrf.md index c7161ca4e..80cfaaa84 100644 --- a/docs/configuration/mrf.md +++ b/docs/configuration/mrf.md @@ -118,7 +118,7 @@ defmodule Site.RewritePolicy do end ``` -If you save this file as `lib/site/mrf/rewrite_policy.ex`, it will be included when you next rebuild Pleroma. You can enable it in the configuration like so: +If you save this file as `lib/pleroma/web/activity_pub/mrf/rewrite_policy.ex`, it will be included when you next rebuild Pleroma. You can enable it in the configuration like so: ``` config :pleroma, :instance, -- cgit v1.2.3 From 6caf6a86c50fe3cb078d89b0f8ebcd7fd707bb23 Mon Sep 17 00:00:00 2001 From: feld Date: Fri, 14 Feb 2020 16:55:52 +0000 Subject: Apply suggestion to docs/configuration/mrf.md --- docs/configuration/mrf.md | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) (limited to 'docs') diff --git a/docs/configuration/mrf.md b/docs/configuration/mrf.md index 80cfaaa84..fc13aafc8 100644 --- a/docs/configuration/mrf.md +++ b/docs/configuration/mrf.md @@ -111,9 +111,7 @@ defmodule Site.RewritePolicy do @impl true def describe do - mrf_sample = Pleroma.Config.get(:mrf_sample) - - {:ok, %{mrf_sample: mrf_sample}} + {:ok, %{mrf_sample: %{content: "new message content"}}}` end end ``` -- cgit v1.2.3 From 31749559e178729e9f4c4211294de8d1e3e16516 Mon Sep 17 00:00:00 2001 From: Mark Felder Date: Fri, 14 Feb 2020 11:04:27 -0600 Subject: Fix MRF docs further. I don't think anyone has actually tested with the old docs. --- docs/configuration/mrf.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'docs') diff --git a/docs/configuration/mrf.md b/docs/configuration/mrf.md index 80cfaaa84..bc039689a 100644 --- a/docs/configuration/mrf.md +++ b/docs/configuration/mrf.md @@ -74,7 +74,7 @@ As discussed above, the MRF system is a modular system that supports pluggable p For example, here is a sample policy module which rewrites all messages to "new message content": ```elixir -defmodule Site.RewritePolicy do +defmodule Pleroma.Web.ActivityPub.MRF.RewritePolicy do @moduledoc "MRF policy which rewrites all Notes to have 'new message content'." @behaviour Pleroma.Web.ActivityPub.MRF @@ -124,7 +124,7 @@ If you save this file as `lib/pleroma/web/activity_pub/mrf/rewrite_policy.ex`, i config :pleroma, :instance, rewrite_policy: [ Pleroma.Web.ActivityPub.MRF.SimplePolicy, - Site.RewritePolicy + Pleroma.Web.ActivityPub.MRF.RewritePolicy ] ``` -- cgit v1.2.3 From 269d592181bff8601f6545b85158ee1c222ff20d Mon Sep 17 00:00:00 2001 From: Ivan Tashkinov Date: Sat, 15 Feb 2020 20:41:38 +0300 Subject: [#1505] Restricted max thread distance for fetching replies on incoming federation (in addition to reply-to depth restriction). --- docs/introduction.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/introduction.md b/docs/introduction.md index 823e14f53..a915c143c 100644 --- a/docs/introduction.md +++ b/docs/introduction.md @@ -41,7 +41,7 @@ On the top right you will also see a wrench icon. This opens your personal setti This is where the interesting stuff happens! Depending on the timeline you will see different statuses, but each status has a standard structure: -- Profile pic, name and link to profile. An optional left-arrow if it's a reply to another status (hovering will reveal the replied-to status). Clicking on the profile pic will uncollapse the user's profile. +- Profile pic, name and link to profile. An optional left-arrow if it's a reply to another status (hovering will reveal the reply-to status). Clicking on the profile pic will uncollapse the user's profile. - A `+` button on the right allows you to Expand/Collapse an entire discussion thread. It also updates in realtime! - An arrow icon allows you to open the status on the instance where it's originating from. - The text of the status, including mentions and attachements. If you click on a mention, it will automatically open the profile page of that person. -- cgit v1.2.3 From 3af6d3f8e27efbe1a048dfd0cd5a5f4f2a8eedc6 Mon Sep 17 00:00:00 2001 From: lain Date: Wed, 19 Feb 2020 17:17:05 +0100 Subject: Emoji Reactions: Add documentation --- docs/API/pleroma_api.md | 13 +++++++++++++ 1 file changed, 13 insertions(+) (limited to 'docs') diff --git a/docs/API/pleroma_api.md b/docs/API/pleroma_api.md index 07e0af5e5..761d5c69c 100644 --- a/docs/API/pleroma_api.md +++ b/docs/API/pleroma_api.md @@ -459,3 +459,16 @@ Emoji reactions work a lot like favourites do. They make it possible to react to {"name": "☕", "count": 1, "me": false, "accounts": [{"id" => "abc..."}]} ] ``` + +## `GET /api/v1/pleroma/statuses/:id/reactions/:emoji` +### Get an object of emoji to account mappings with accounts that reacted to the post for a specific emoji` +* Method: `GET` +* Authentication: optional +* Params: None +* Response: JSON, a list of emoji/account list tuples +* Example Response: +```json +[ + {"name": "😀", "count": 2, "me": true, "accounts": [{"id" => "xyz.."...}, {"id" => "zyx..."}]} +] +``` -- cgit v1.2.3 From 1ed485ec1da435e32a8a867f1a0b5b9d3624095f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Igelj=C3=A4ger?= Date: Fri, 21 Feb 2020 15:30:52 +0000 Subject: added why doing a vacuum after restoring a backup is so important --- docs/administration/backup.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/administration/backup.md b/docs/administration/backup.md index 685c45128..692aa7368 100644 --- a/docs/administration/backup.md +++ b/docs/administration/backup.md @@ -18,7 +18,9 @@ 6. Run `sudo -Hu postgres pg_restore -d -v -1 ` 7. If you installed a newer Pleroma version, you should run `mix ecto.migrate`[^1]. This task performs database migrations, if there were any. 8. Restart the Pleroma service. - +9. After you've restarted Pleroma, you will notice that postgres will take up more cpu resources than usual. A lot in fact. To fix this you must do a VACUUM ANLAYZE. This can also be done while the instance is still running like so: + $ sudo -u postgres psql pleroma_database_name + pleroma=# VACUUM ANALYZE; [^1]: Prefix with `MIX_ENV=prod` to run it using the production config file. ## Remove -- cgit v1.2.3 From c0146f4859c840ec64edda05dd50f581552bf118 Mon Sep 17 00:00:00 2001 From: Ilja Date: Mon, 24 Feb 2020 17:48:18 +0000 Subject: DOCS Theming your instance I added a new file to explain * where a custom theme can be created * where themes can be downloaded * where to add the theme on the server * how to make the theme available on the instance * how to set the theme as default on the instance --- docs/configuration/howto_theming_your_instance.md | 74 +++++++++++++++++++++++ 1 file changed, 74 insertions(+) create mode 100644 docs/configuration/howto_theming_your_instance.md (limited to 'docs') diff --git a/docs/configuration/howto_theming_your_instance.md b/docs/configuration/howto_theming_your_instance.md new file mode 100644 index 000000000..d0daf5b25 --- /dev/null +++ b/docs/configuration/howto_theming_your_instance.md @@ -0,0 +1,74 @@ +# Theming your instance + +To add a custom theme to your instance, you'll first need to get a custom theme, upload it to the server, make it available to the instance and eventually you can set it as default. + +## Getting a custom theme + +### Create your own theme + +* You can create your own theme using the Pleroma FE by going to settings (gear on the top right) and choose the Theme tab. Here you have the options to create a personal theme. +* To download your theme, you can do Save preset +* If you want to upload a theme to customise it further, you can upload it using Load preset + +This will only save the theme for you personally. To make it available to the whole instance, you'll need to upload it to the server. + +### Get an existing theme + +* You can download a theme from another instance by going to that instance, go to settings and make sure you have the theme selected that you want. Then you can do Save preset to download it. +* You can also find and download custom themes at + +## Adding the custom theme to the instance + +### Upload the theme to the server + +Themes can be found in the [static directory](static_dir.md). Create `STATIC-DIR/static/themes/` if needed and copy your theme there. Next you need to add an entry for your theme to `STATIC-DIR/static/styles.json`. If you use a from source installation, you'll first need to copy the file from `priv/static/static/styles.json`. + +Example of `styles.json` where we add our own `my-awesome-theme.json` +```json +{ + "pleroma-dark": [ "Pleroma Dark", "#121a24", "#182230", "#b9b9ba", "#d8a070", "#d31014", "#0fa00f", "#0095ff", "#ffa500" ], + "pleroma-light": [ "Pleroma Light", "#f2f4f6", "#dbe0e8", "#304055", "#f86f0f", "#d31014", "#0fa00f", "#0095ff", "#ffa500" ], + "classic-dark": [ "Classic Dark", "#161c20", "#282e32", "#b9b9b9", "#baaa9c", "#d31014", "#0fa00f", "#0095ff", "#ffa500" ], + "bird": [ "Bird", "#f8fafd", "#e6ecf0", "#14171a", "#0084b8", "#e0245e", "#17bf63", "#1b95e0", "#fab81e"], + "ir-black": [ "Ir Black", "#000000", "#242422", "#b5b3aa", "#ff6c60", "#FF6C60", "#A8FF60", "#96CBFE", "#FFFFB6" ], + "monokai": [ "Monokai", "#272822", "#383830", "#f8f8f2", "#f92672", "#F92672", "#a6e22e", "#66d9ef", "#f4bf75" ], + + "redmond-xx": "/static/themes/redmond-xx.json", + "redmond-xx-se": "/static/themes/redmond-xx-se.json", + "redmond-xxi": "/static/themes/redmond-xxi.json", + "breezy-dark": "/static/themes/breezy-dark.json", + "breezy-light": "/static/themes/breezy-light.json", + "mammal": "/static/themes/mammal.json", + "my-awesome-theme": "/static/themes/my-awesome-theme.json" +} +``` + +Now you'll already be able to select the theme in Pleroma FE from the drop-down. You don't need to restart Pleroma because we only changed static served files. You may need to refresh the page in your browser. You'll notice however that the theme doesn't have a name, it's just an empty entry in the drop-down. + +### Give the theme a name + +When you open one of the themes that ship with Pleroma, you'll notice that the json has a `"name"` key. Add a key-value pair to your theme where the key name is `"name"` and the value the name you want to give your theme. After this you can refresh te page in your browser and the name should be visible in the drop-down. + +Example of `my-awesome-theme.json` where we add the name "My Awesome Theme" +```json +{ + "_pleroma_theme_version": 2, + "name": "My Awesome Theme", + "theme": {} +} +``` + +### Set as default theme + +Now we can set the new theme as default in the [Pleroma FE configuration](General-tips-for-customizing-Pleroma-FE.md). + +Example of adding the new theme in the back-end config files +```elixir +config :pleroma, :frontend_configurations, + pleroma_fe: %{ + theme: "my-awesome-theme" + } +``` + +If you added it in the back-end configuration file, you'll need to restart your instance for the changes to take effect. If you don't see the changes, it's probably because the browser has cached the previous theme. In that case you'll want to clear browser caches. Alternatively you can use a private/incognito window just to see the changes. + -- cgit v1.2.3 From 7ad5c51f23102e89c491a2ef731e108873a09d71 Mon Sep 17 00:00:00 2001 From: eugenijm Date: Thu, 9 Jan 2020 22:18:55 +0300 Subject: Admin API: `GET /api/pleroma/admin/stats` to get status count by visibility scope --- docs/API/admin_api.md | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) (limited to 'docs') diff --git a/docs/API/admin_api.md b/docs/API/admin_api.md index 47acd240e..3882763cd 100644 --- a/docs/API/admin_api.md +++ b/docs/API/admin_api.md @@ -939,3 +939,20 @@ Loads json generated from `config/descriptions.exs`. - Params: - `nicknames` - Response: Array of user nicknames + +## `GET /api/pleroma/admin/stats` + +### Stats + +- Response: + +```json +{ + "status_visibility": { + "direct": 739, + "private": 9, + "public": 17, + "unlisted": 14 + } +} +``` -- cgit v1.2.3 From e4804137b3b5d269515bc40b9f173a1fc8931014 Mon Sep 17 00:00:00 2001 From: lain Date: Tue, 25 Feb 2020 11:51:01 +0100 Subject: Document database default changes --- docs/installation/otp_en.md | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'docs') diff --git a/docs/installation/otp_en.md b/docs/installation/otp_en.md index aab5197a2..32551f7b6 100644 --- a/docs/installation/otp_en.md +++ b/docs/installation/otp_en.md @@ -73,6 +73,15 @@ rc-service postgresql restart systemctl restart postgresql ``` +If you are using PostgreSQL 12 or higher, add this to your Ecto database configuration + +```elixir +prepare: :named, +parameters: [ + plan_cache_mode: "force_custom_plan" +] +``` + ### Installing Pleroma ```sh # Create a Pleroma user -- cgit v1.2.3 From 4ab07cf0d53c24c8770bd3a47892b23344b103f6 Mon Sep 17 00:00:00 2001 From: eugenijm Date: Wed, 26 Feb 2020 14:47:19 +0300 Subject: Admin API: Exclude boosts from `GET /api/pleroma/admin/users/:nickname/statuses` and `GET /api/pleroma/admin/instance/:instance/statuses` --- docs/API/admin_api.md | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'docs') diff --git a/docs/API/admin_api.md b/docs/API/admin_api.md index 3882763cd..91c76ce00 100644 --- a/docs/API/admin_api.md +++ b/docs/API/admin_api.md @@ -260,10 +260,24 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret - `nickname` or `id` - *optional* `page_size`: number of statuses to return (default is `20`) - *optional* `godmode`: `true`/`false` – allows to see private statuses + - *optional* `with_reblogs`: `true`/`false` – allows to see reblogs (default is false) - Response: - On failure: `Not found` - On success: JSON array of user's latest statuses +## `GET /api/pleroma/admin/instances/:instance/statuses` + +### Retrive instance's latest statuses + +- Params: + - `instance`: instance name + - *optional* `page_size`: number of statuses to return (default is `20`) + - *optional* `godmode`: `true`/`false` – allows to see private statuses + - *optional* `with_reblogs`: `true`/`false` – allows to see reblogs (default is false) +- Response: + - On failure: `Not found` + - On success: JSON array of instance's latest statuses + ## `POST /api/pleroma/admin/relay` ### Follow a Relay -- cgit v1.2.3 From 6f2efb1c450daa75d848dab8e3729ced81ed3904 Mon Sep 17 00:00:00 2001 From: Ivan Tashkinov Date: Thu, 27 Feb 2020 18:46:05 +0300 Subject: Runtime configurability of RateLimiter. Refactoring. Disabled default rate limits in tests. --- docs/configuration/i2p.md | 2 +- docs/configuration/onion_federation.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'docs') diff --git a/docs/configuration/i2p.md b/docs/configuration/i2p.md index 62ced8b7a..8c5207d67 100644 --- a/docs/configuration/i2p.md +++ b/docs/configuration/i2p.md @@ -123,7 +123,7 @@ In addition to that, replace the existing nginx config's contents with the examp If not an I2P-only instance, add the nginx config below to your existing config at `/etc/nginx/sites-enabled/pleroma.nginx`. -And for both cases, disable CSP in Pleroma's config (STS is disabled by default) so you can define those yourself seperately from the clearnet (if your instance is also on the clearnet). +And for both cases, disable CSP in Pleroma's config (STS is disabled by default) so you can define those yourself separately from the clearnet (if your instance is also on the clearnet). Copy the following into the `config/prod.secret.exs` in your Pleroma folder (/home/pleroma/pleroma/): ``` config :pleroma, :http_security, diff --git a/docs/configuration/onion_federation.md b/docs/configuration/onion_federation.md index 99f104995..37673211a 100644 --- a/docs/configuration/onion_federation.md +++ b/docs/configuration/onion_federation.md @@ -75,7 +75,7 @@ If not a Tor-only instance, add the nginx config below to your existing config at `/etc/nginx/sites-enabled/pleroma.nginx`. --- -For both cases, disable CSP in Pleroma's config (STS is disabled by default) so you can define those yourself seperately from the clearnet (if your instance is also on the clearnet). +For both cases, disable CSP in Pleroma's config (STS is disabled by default) so you can define those yourself separately from the clearnet (if your instance is also on the clearnet). Copy the following into the `config/prod.secret.exs` in your Pleroma folder (/home/pleroma/pleroma/): ``` config :pleroma, :http_security, -- cgit v1.2.3 From ffcebe7e22b4c5ccaf3ba63f3ed2885ac55a6b4d Mon Sep 17 00:00:00 2001 From: rinpatch Date: Fri, 28 Feb 2020 17:44:59 +0300 Subject: timeline controller: rate limit timelines to 3 requests per 500ms per timeline per ip/user --- docs/configuration/cheatsheet.md | 1 + 1 file changed, 1 insertion(+) (limited to 'docs') diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index ac55a0b32..1cffae977 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -343,6 +343,7 @@ Means that: Supported rate limiters: * `:search` - Account/Status search. +* `:timeline` - Timeline requests (each timeline has it's own limiter). * `:app_account_creation` - Account registration from the API. * `:relations_actions` - Following/Unfollowing in general. * `:relation_id_action` - Following/Unfollowing for a specific user. -- cgit v1.2.3 From 53ef8c11b9ab71b2c7e3565050e86794f45ef864 Mon Sep 17 00:00:00 2001 From: Ilja Date: Sun, 1 Mar 2020 19:16:54 +0000 Subject: Add warning to the fetch_initial_posts setting. Now we sometimes have people who enable this without realising the consequences (tons of posts being fetcht as each fetch makes Pleroma discover new users) I also made a more explicit distinction between OTP and from source installs in the general explanation --- docs/configuration/cheatsheet.md | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) (limited to 'docs') diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index 1cffae977..66be9cf4e 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -2,9 +2,11 @@ This is a cheat sheet for Pleroma configuration file, any setting possible to configure should be listed here. -Pleroma configuration works by first importing the base config (`config/config.exs` on source installs, compiled-in on OTP releases), then overriding it by the environment config (`config/$MIX_ENV.exs` on source installs, N/A to OTP releases) and then overriding it by user config (`config/$MIX_ENV.secret.exs` on source installs, typically `/etc/pleroma/config.exs` on OTP releases). +For OTP installations the configuration is typically stored in `/etc/pleroma/config.exs`. -You shouldn't edit the base config directly to avoid breakages and merge conflicts, but it can be used as a reference if you don't understand how an option is supposed to be formatted, the latest version of it can be viewed [here](https://git.pleroma.social/pleroma/pleroma/blob/develop/config/config.exs). +For from source installations Pleroma configuration works by first importing the base config `config/config.exs`, then overriding it by the environment config `config/$MIX_ENV.exs` and then overriding it by user config `config/$MIX_ENV.secret.exs`. In from source installations you should always make the changes to the user config and NEVER to the base config to avoid breakages and merge conflicts. So for production you change/add configuration to `config/prod.secret.exs`. + +To add configuration to your config file, you can copy it from the base config. The latest version of it can be viewed [here](https://git.pleroma.social/pleroma/pleroma/blob/develop/config/config.exs). You can also use this file if you don't know how an option is supposed to be formatted. ## :instance * `name`: The instance’s name. @@ -150,8 +152,10 @@ config :pleroma, :mrf_user_allowlist, * `authorized_fetch_mode`: Require HTTP signatures for AP fetches ### :fetch_initial_posts -* `enabled`: if enabled, when a new user is federated with, fetch some of their latest posts -* `pages`: the amount of pages to fetch +!!! warning + Be careful with this setting, fetching posts may lead to new users being discovered whose posts will then also be fetched. This can lead to serious load on your instance and database. +* `enabled`: If enabled, when a new user is discovered by your instance, fetch some of their latest posts. +* `pages`: The amount of pages to fetch ## Pleroma.ScheduledActivity -- cgit v1.2.3 From 036e8a40a2ff162272933d6cbf8dbab831ce26eb Mon Sep 17 00:00:00 2001 From: ilja Date: Mon, 2 Mar 2020 10:29:24 +0100 Subject: fix for :fetch_initial_posts A warning was added, but their were some newlines and whitespaces missing which broke the rendering of the setting. I've added them now --- docs/configuration/cheatsheet.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index 66be9cf4e..05fd6ceb1 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -152,8 +152,10 @@ config :pleroma, :mrf_user_allowlist, * `authorized_fetch_mode`: Require HTTP signatures for AP fetches ### :fetch_initial_posts + !!! warning - Be careful with this setting, fetching posts may lead to new users being discovered whose posts will then also be fetched. This can lead to serious load on your instance and database. + Be careful with this setting, fetching posts may lead to new users being discovered whose posts will then also be fetched. This can lead to serious load on your instance and database. + * `enabled`: If enabled, when a new user is discovered by your instance, fetch some of their latest posts. * `pages`: The amount of pages to fetch -- cgit v1.2.3 From 7af431c150cf4dc2c283b6a90fdaa7eafd860170 Mon Sep 17 00:00:00 2001 From: eugenijm Date: Mon, 2 Mar 2020 16:47:30 +0300 Subject: Exclude reblogs from `GET /api/pleroma/admin/statuses` by default --- docs/API/admin_api.md | 13 +++++++++++++ 1 file changed, 13 insertions(+) (limited to 'docs') diff --git a/docs/API/admin_api.md b/docs/API/admin_api.md index 91c76ce00..47afdfba5 100644 --- a/docs/API/admin_api.md +++ b/docs/API/admin_api.md @@ -278,6 +278,19 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret - On failure: `Not found` - On success: JSON array of instance's latest statuses +## `GET /api/pleroma/admin/statuses` + +### Retrives all latest statuses + +- Params: + - *optional* `page_size`: number of statuses to return (default is `20`) + - *optional* `local_only`: excludes remote statuses + - *optional* `godmode`: `true`/`false` – allows to see private statuses + - *optional* `with_reblogs`: `true`/`false` – allows to see reblogs (default is false) +- Response: + - On failure: `Not found` + - On success: JSON array of user's latest statuses + ## `POST /api/pleroma/admin/relay` ### Follow a Relay -- cgit v1.2.3