Merge branch 'develop' of https://akkoma.dev/AkkomaGang/akkoma into akko.wtf

CHANGELOG.md

@@ -39,6 +39,12 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 - our litepub JSON-LD schema is now served with the correct content type
 - remote APNG attachments are now recognised as images
 
+## Upgrade Notes
+
+- As mentioned in "Changed", `Pleroma.Upload, :base_url` **MUST** be configured. Uploads will fail without it.
+  - Akkoma will refuse to start if this is not set.
+- Same with media proxy.
+
 ## 2024.02
 
 ## Added

config/description.exs

@@ -100,9 +100,9 @@
         label: "Base URL",
         type: :string,
         description:
-          "Base URL for the uploads. Required if you use a CDN or host attachments under a different domain.",
+          "Base URL for the uploads. Required if you use a CDN or host attachments under a different domain - it is HIGHLY recommended that you **do not** set this to be the same as the domain akkoma is hosted on.",
         suggestions: [
-          "https://cdn-host.com"
+          "https://media.akkoma.dev/media/"
         ]
       },
       %{

config/test.exs

@@ -22,6 +22,7 @@
 config :pleroma, :auth, oauth_consumer_strategies: []
 
 config :pleroma, Pleroma.Upload,
+  base_url: "http://localhost:4001/media/",
   filters: [],
   link_name: false
 

docs/docs/configuration/cheatsheet.md

@@ -602,7 +602,7 @@ the source code is here: [kocaptcha](https://github.com/koto-bank/kocaptcha). Th
 * `filters`: List of [upload filters](#upload-filters) to use.
 * `link_name`: When enabled Akkoma will add a `name` parameter to the url of the upload, for example `https://instance.tld/media/corndog.png?name=corndog.png`. This is needed to provide the correct filename in Content-Disposition headers
 * `base_url`: The base URL to access a user-uploaded file; MUST be configured explicitly.
-  Using a (sub)domain distinct from the instance endpoint is **strongly** recommended.
+  Using a (sub)domain distinct from the instance endpoint is **strongly** recommended. A good value might be `https://media.myakkoma.instance/media/`. 
 * `proxy_remote`: If you're using a remote uploader, Akkoma will proxy media requests instead of redirecting to it.
 * `proxy_opts`: Proxy options, see `Pleroma.ReverseProxy` documentation.
 * `filename_display_max_length`: Set max length of a filename to display. 0 = no limit. Default: 30.

lib/pleroma/config/deprecation_warnings.ex

@@ -182,7 +182,9 @@ def warn do
       check_quarantined_instances_tuples(),
       check_transparency_exclusions_tuples(),
       check_simple_policy_tuples(),
-      check_http_adapter()
+      check_http_adapter(),
+      check_uploader_base_url_set(),
+      check_uploader_base_url_is_not_base_domain()
     ]
     |> Enum.reduce(:ok, fn
       :ok, :ok -> :ok
@@ -337,4 +339,54 @@ def check_uploders_s3_public_endpoint do
       :ok
     end
   end
+
+  def check_uploader_base_url_set() do
+    uses_local_uploader? = Config.get([Pleroma.Upload, :uploader]) == Pleroma.Uploaders.Local
+    base_url = Pleroma.Config.get([Pleroma.Upload, :base_url])
+
+    if base_url || !uses_local_uploader? do
+      :ok
+    else
+      Logger.error("""
+      !!!WARNING!!!
+      Your config does not specify a base_url for uploads!
+      Please make the following change:\n
+      \n* `config :pleroma, Pleroma.Upload, base_url: "https://example.com/media/`
+      \n
+      \nPlease note that it is HEAVILY recommended to use a subdomain to host user-uploaded media!
+      """)
+
+      # This is a hard exit - the uploader will not work without a base_url
+      raise ArgumentError, message: "No base_url set for uploads - please set one in your config!"
+    end
+  end
+
+  def check_uploader_base_url_is_not_base_domain() do
+    uses_local_uploader? = Config.get([Pleroma.Upload, :uploader]) == Pleroma.Uploaders.Local
+
+    uploader_host =
+      [Pleroma.Upload, :base_url]
+      |> Pleroma.Config.get()
+      |> URI.parse()
+      |> Map.get(:host)
+
+    akkoma_host =
+      [Pleroma.Web.Endpoint, :url]
+      |> Pleroma.Config.get()
+      |> Keyword.get(:host)
+
+    if uploader_host == akkoma_host && uses_local_uploader? do
+      Logger.error("""
+      !!!WARNING!!!
+      Your Akkoma Host and your Upload base_url's host are the same!
+      This can potentially be insecure!
+
+      It is HIGHLY recommended that you migrate your media uploads
+      to a subdomain at your earliest convenience
+      """)
+    end
+
+    # This isn't actually an error condition, just a warning
+    :ok
+  end
 end

lib/pleroma/user.ex

@@ -969,15 +969,16 @@ defp maybe_send_registration_email(%User{email: email} = user) when is_binary(em
 
   defp maybe_send_registration_email(_), do: {:ok, :noop}
 
-  def needs_update?(%User{local: true}), do: false
+  def needs_update?(user, options \\ [])
+  def needs_update?(%User{local: true}, _options), do: false
+  def needs_update?(%User{local: false, last_refreshed_at: nil}, _options), do: true
 
-  def needs_update?(%User{local: false, last_refreshed_at: nil}), do: true
-
-  def needs_update?(%User{local: false} = user) do
-    NaiveDateTime.diff(NaiveDateTime.utc_now(), user.last_refreshed_at) >= 86_400
+  def needs_update?(%User{local: false} = user, options) do
+    NaiveDateTime.diff(NaiveDateTime.utc_now(), user.last_refreshed_at) >=
+      Keyword.get(options, :maximum_age, 86_400)
   end
 
-  def needs_update?(_), do: true
+  def needs_update?(_, _options), do: true
 
   # "Locked" (self-locked) users demand explicit authorization of follow requests
   @spec can_direct_follow_local(User.t(), User.t()) :: true | false
@@ -1980,10 +1981,10 @@ def html_filter_policy(_), do: Config.get([:markup, :scrub_policy])
 
   def fetch_by_ap_id(ap_id), do: ActivityPub.make_user_from_ap_id(ap_id)
 
-  def get_or_fetch_by_ap_id(ap_id) do
+  def get_or_fetch_by_ap_id(ap_id, options \\ []) do
     cached_user = get_cached_by_ap_id(ap_id)
 
-    maybe_fetched_user = needs_update?(cached_user) && fetch_by_ap_id(ap_id)
+    maybe_fetched_user = needs_update?(cached_user, options) && fetch_by_ap_id(ap_id)
 
     case {cached_user, maybe_fetched_user} do
       {_, {:ok, %User{} = user}} ->

lib/pleroma/web/activity_pub/transmogrifier.ex

@@ -576,7 +576,12 @@ def handle_incoming(
         _options
       ) do
     with %User{} = origin_user <- User.get_cached_by_ap_id(origin_actor),
-         {:ok, %User{} = target_user} <- User.get_or_fetch_by_ap_id(target_actor),
+         # Use a dramatically shortened maximum age before refresh here because it is reasonable
+         # for a user to
+         # 1. Add the alias to their new account and then
+         # 2. Press the button on their new account
+         # within a very short period of time and expect it to work
+         {:ok, %User{} = target_user} <- User.get_or_fetch_by_ap_id(target_actor, maximum_age: 5),
          true <- origin_actor in target_user.also_known_as do
       ActivityPub.move(origin_user, target_user, false)
     else

mix.exs

@@ -4,7 +4,7 @@ defmodule Pleroma.Mixfile do
   def project do
     [
       app: :pleroma,
-      version: version("3.12.0"),
+      version: version("3.12.2"),
       elixir: "~> 1.14",
       elixirc_paths: elixirc_paths(Mix.env()),
       compilers: Mix.compilers(),

priv/static/schemas/litepub-0.1.jsonld

@@ -19,6 +19,7 @@
             "toot": "http://joinmastodon.org/ns#",
             "misskey": "https://misskey-hub.net/ns#",
             "fedibird": "http://fedibird.com/ns#",
+            "sharkey": "https://joinsharkey.org/ns#",
             "value": "schema:value",
             "sensitive": "as:sensitive",
             "litepub": "http://litepub.social/ns#",
@@ -45,6 +46,14 @@
             "contentMap": {
                 "@id": "as:content",
                 "@container": "@language"
+            },
+            "featured": {
+                "@id": "toot:featured",
+                "@type": "@id"
+            },
+            "backgroundUrl": {
+                "@id": "sharkey:backgroundUrl",
+                "@type": "@id"
             }
         }
     ]

test/pleroma/config/deprecation_warnings_test.exs

@@ -289,4 +289,64 @@ test "check_http_adapter/0" do
 
     Application.put_env(:tesla, :adapter, Tesla.Mock)
   end
+
+  describe "check_uploader_base_url_set/0" do
+    test "should error if the base_url is not set" do
+      clear_config([Pleroma.Upload, :base_url], nil)
+
+      # we need to capture the error
+      assert_raise ArgumentError, fn ->
+        assert capture_log(fn ->
+                 DeprecationWarnings.check_uploader_base_url_set()
+               end) =~ "Your config does not specify a base_url for uploads!"
+      end
+    end
+
+    test "should not error if the base_url is set" do
+      clear_config([Pleroma.Upload, :base_url], "https://example.com")
+
+      refute capture_log(fn ->
+               DeprecationWarnings.check_uploader_base_url_set()
+             end) =~ "Your config does not specify a base_url for uploads!"
+    end
+
+    test "should not error if local uploader is not used" do
+      clear_config([Pleroma.Upload, :base_url], nil)
+      clear_config([Pleroma.Upload, :uploader], Pleroma.Uploaders.S3)
+
+      refute capture_log(fn ->
+               DeprecationWarnings.check_uploader_base_url_set()
+             end) =~ "Your config does not specify a base_url for uploads!"
+    end
+  end
+
+  describe "check_uploader_base_url_is_not_base_domain/0" do
+    test "should error if the akkoma domain is the same as the upload domain" do
+      clear_config([Pleroma.Upload, :base_url], "http://localhost")
+
+      assert capture_log(fn ->
+               DeprecationWarnings.check_uploader_base_url_is_not_base_domain()
+             end) =~ "Your Akkoma Host and your Upload base_url's host are the same!"
+    end
+
+    test "should not error if the local uploader is not used" do
+      clear_config([Pleroma.Upload, :base_url], "http://localhost")
+      clear_config([Pleroma.Upload, :uploader], Pleroma.Uploaders.S3)
+
+      refute capture_log(fn ->
+               DeprecationWarnings.check_uploader_base_url_is_not_base_domain()
+             end) =~ "Your Akkoma Host and your Upload base_url's host are the same!"
+    end
+
+    test "should not error if the akkoma domain is different from the upload domain" do
+      clear_config([Pleroma.Upload, :base_url], "https://media.localhost")
+      clear_config([Pleroma.Upload, :uploader], Pleroma.Uploaders.Local)
+
+      refute capture_log(fn ->
+               DeprecationWarnings.check_uploader_base_url_is_not_base_domain()
+             end) =~ "Your Akkoma Host and your Upload base_url's host are the same!"
+
+      clear_config([Pleroma.Upload, :base_url])
+    end
+  end
 end

test/pleroma/web/activity_pub/mrf/steal_emoji_policy_test.exs

@@ -3,7 +3,7 @@
 # SPDX-License-Identifier: AGPL-3.0-only
 
 defmodule Pleroma.Web.ActivityPub.MRF.StealEmojiPolicyTest do
-  use Pleroma.DataCase
+  use Pleroma.DataCase, async: false
 
   alias Pleroma.Config
   alias Pleroma.Emoji
@@ -60,6 +60,9 @@ defmacro mock_tesla(
 
     emoji_path = [:instance, :static_dir] |> Config.get() |> Path.join("emoji/stolen")
 
+    emoji_base_path = [:instance, :static_dir] |> Config.get() |> Path.join("emoji/")
+    File.mkdir_p(emoji_base_path)
+
     Emoji.reload()
 
     message = %{

test/pleroma/web/plugs/http_security_plug_test.exs

@@ -7,6 +7,8 @@ defmodule Pleroma.Web.Plugs.HTTPSecurityPlugTest do
 
   alias Plug.Conn
 
+  setup_all do: clear_config([Pleroma.Upload, :base_url], nil)
+
   describe "http security enabled" do
     setup do: clear_config([:http_security, :enabled], true)