Docs: Fix typos
ci/woodpecker/pr/woodpecker Pipeline is pending Details

This commit is contained in:
solidsanek 2023-04-23 00:05:31 +02:00
parent d6bed599c8
commit 7cf6b40dc5
63 changed files with 611 additions and 669 deletions

View File

@ -15,12 +15,12 @@ source venv/bin/activate
pip install -r requirements.txt
# Run an http server who rebuilds when files change
# Accessable on http://127.0.0.1:8000
# Accessible on http://127.0.0.1:8000
mkdocs serve
# Build the docs
# The static html pages will have been created in the folder "site"
# You can serve them from a server by pointing your server software (nginx, apache...) to this location
# You can serve them from a server by pointing your server software (NGINX, Apache...) to this location
mkdocs build
# To get out of the virtual environment, you do

View File

@ -1,10 +1,10 @@
# Transfering the config to/from the database
# Transferring the config to/from the database
{! administration/CLI_tasks/general_cli_task_info.include !}
## Transfer config from file to DB.
!!! note
!!! Note
You need to add the following to your config before executing this command:
```elixir
@ -25,7 +25,7 @@
## Transfer config from DB to `config/env.exported_from_db.secret.exs`
!!! note
!!! Note
In-Database configuration will still be applied after executing this command unless you set the following in your config:
```elixir
@ -34,9 +34,9 @@
Options:
- `<path>` - where to save migrated config. E.g. `--path=/tmp`. If file saved into non standart folder, you must manually copy file into directory where Pleroma can read it. For OTP install path will be `PLEROMA_CONFIG_PATH` or `/etc/akkoma`. For installation from source - `config` directory in the akkoma folder.
- `<env>` - environment, for which is migrated config. By default is `prod`.
- To delete transferred settings from database optional flag `-d` can be used
- `<path>` - where to save migrated config. E.g. `--path=/tmp`. If a file saved into a non-standard folder, you must manually copy the file into directory where Pleroma can read it. For OTP install path will be `PLEROMA_CONFIG_PATH` or `/etc/akkoma`. For installation from source - `config` directory in the Akkoma folder.
- `<env>` - environment, for which is migrated config. By default, is `prod`.
- To delete transferred settings from database, optional flag `-d` can be used
=== "OTP"
```sh
@ -48,7 +48,7 @@ Options:
mix pleroma.config migrate_from_db [--env=<env>] [-d] [--path=<path>]
```
## Dump all of the config settings defined in the database
## Dump all the config settings defined in the database
=== "OTP"
@ -172,7 +172,7 @@ it may be easier to dump the values to JSON and then modify them in a text edito
=== "From Source"
```sh
mix pleroma.config dump_to_file group key path
mix pleroma.config dump_to_file group key path
# For example, to dump the MRF simple configuration:
mix pleroma.config dump_to_file pleroma mrf_simple /tmp/mrf_simple.json
```

View File

@ -2,12 +2,12 @@
{! administration/CLI_tasks/general_cli_task_info.include !}
!!! danger
!!! Danger
These mix tasks can take a long time to complete. Many of them were written to address specific database issues that happened because of bugs in migrations or other specific scenarios. Do not run these tasks "just in case" if everything is fine your instance.
## Replace embedded objects with their references
Replaces embedded objects with references to them in the `objects` table. Only needs to be ran once if the instance was created before Pleroma 1.0.5. The reason why this is not a migration is because it could significantly increase the database size after being ran, however after this `VACUUM FULL` will be able to reclaim about 20% (really depends on what is in the database, your mileage may vary) of the db size before the migration.
Replaces embedded objects with references to them in the `objects` table. Only needs to be ran once if the instance was created before Pleroma 1.0.5. The reason why this is not a migration is because it could significantly increase the database size after being ran, however after this `VACUUM FULL` will be able to reclaim about 20% (really depends on what is in the database, your mileage may vary) of the database size before the migration.
=== "OTP"
@ -29,7 +29,7 @@ Replaces embedded objects with references to them in the `objects` table. Only n
This will prune remote posts older than 90 days (configurable with [`config :pleroma, :instance, remote_post_retention_days`](../../configuration/cheatsheet.md#instance)) from the database. Pruned posts may be refetched in some cases.
!!! note
The disk space will only be reclaimed after a proper vacuum. By default Postgresql does this for you on a regular basis, but if your instance has been running for a long time and there are many rows deleted, it may be advantageous to use `VACUUM FULL` (e.g. by using the `--vacuum` option).
The disk space will only be reclaimed after a proper vacuum. By default, PostgreSQL does this for you on a regular basis, but if your instance has been running for a long time and there are many rows deleted, it may be advantageous to use `VACUUM FULL` (e.g. by using the `--vacuum` option).
!!! danger
You may run out of disk space during the execution of the task or vacuuming if you don't have about 1/3rds of the database size free. Vacuum causes a substantial increase in I/O traffic, and may lead to a degraded experience while it is running.
@ -99,8 +99,8 @@ Can be safely re-run
## Vacuum the database
!!! note
By default Postgresql has an autovacuum deamon running. While the tasks described here can help in some cases, they shouldn't be needed on a regular basis. See [the Postgresql docs on vacuuming](https://www.postgresql.org/docs/current/sql-vacuum.html) for more information on this.
!!! Note
By default, PostgreSQL has an autovacuum daemon running. While the tasks described here can help in some cases, they shouldn't be needed on a regular basis. See [the PostgreSQL docs on vacuuming](https://www.postgresql.org/docs/current/sql-vacuum.html) for more information on this.
### Analyze
@ -120,7 +120,7 @@ Running an `analyze` vacuum job can improve performance by updating statistics u
### Full
Running a `full` vacuum job rebuilds your entire database by reading all of the data and rewriting it into smaller
Running a `full` vacuum job rebuilds your entire database by reading all the data and rewriting it into smaller
and more compact files with an optimized layout. This process will take a long time and use additional disk space as
it builds the files side-by-side the existing database files. It can make your database faster and use less disk space,
but should only be run if necessary. **It is safe to cancel this.**
@ -153,7 +153,7 @@ but should only be run if necessary. **It is safe to cancel this.**
## Change Text Search Configuration
Change `default_text_search_config` for database and (if necessary) text_search_config used in index, then rebuild index (it may take time).
Change `default_text_search_config` for database and (if necessary) text_search_config used in index, then rebuild index (it may take time).
=== "OTP"
@ -172,9 +172,9 @@ See [PostgreSQL documentation](https://www.postgresql.org/docs/current/textsearc
## Pruning old activities
Over time, transient `Delete` activities and `Tombstone` objects
can accumulate in your database, inflating its size. This is not ideal.
There is a periodic task to prune these transient objects,
but on first run this may take a while on older instances to catch up
can accumulate in your database, inflating its size. This is not ideal.
There is a periodic task to prune these transient objects,
but on the first run this may take a while on older instances to catch up
to the current day.
=== "OTP"

View File

@ -2,7 +2,7 @@
A few tasks to help with debugging, troubleshooting, and diagnosing problems.
They mostly relate to common postgres queries.
They mostly relate to common PostgreSQL queries.
## Home timeline query plan
@ -26,5 +26,5 @@ from the perspective of another given user.
`./bin/pleroma_ctl diagnostics user_timeline <nickname> <viewing_nickname>`
=== "From Source"
`mix pleroma.diagnostics user_timeline <nickname> <viewing_nickname>`
`mix pleroma.diagnostics user_timeline <nickname> <viewing_nickname>`

View File

@ -16,8 +16,7 @@
mix pleroma.digest test <nickname> [since_date]
```
Example:
Example:
=== "OTP"
@ -30,4 +29,3 @@ Example:
```sh
mix pleroma.digest test donaldtheduck 2019-05-20
```

View File

@ -1,4 +1,4 @@
# EMail administration tasks
# Email administration tasks
{! administration/CLI_tasks/general_cli_task_info.include !}

View File

@ -14,9 +14,8 @@
mix pleroma.emoji ls-packs [option ...]
```
### Options
- `-m, --manifest PATH/URL` - path to a custom manifest, it can either be an URL starting with `http`, in that case the manifest will be fetched from that address, or a local path
- `-m, --manifest PATH/URL` - path to a custom manifest, it can either be a URL starting with `http`, in that case the manifest will be fetched from that address, or a local path
## Fetch, verify and install the specified packs from the manifest into `STATIC-DIR/emoji/PACK-NAME`

View File

@ -12,7 +12,7 @@
mix pleroma.frontend install <frontend> [--ref <ref>] [--file <file>] [--build-url <build-url>] [--path <path>] [--build-dir <build-dir>]
```
Frontend can be installed either from local zip file, or automatically downloaded from the web.
Frontend can be installed either from a local zip file, or automatically downloaded from the web.
You can give all the options directly on the command line, but missing information will be filled out by looking at the data configured under `frontends.available` in the config files.
@ -91,4 +91,3 @@ The installation process is the same, but you will have to give all the needed o
```
If you don't have a zip file but just want to install a frontend from a local path, you can simply copy the files over a folder of this template: `${instance_static}/frontends/${name}/${ref}`.

View File

@ -1,5 +1,5 @@
Every command should be ran as the `akkoma` user from it's home directory. For example if you are superuser, you would have to wrap the command in `su akkoma -s $SHELL -lc "$COMMAND"`.
Every command should be ran as the `akkoma` user from its home directory. For example, if you are superuser, you would have to wrap the command in `su akkoma -s $SHELL -lc "$COMMAND"`.
??? note "From source note about `MIX_ENV`"
??? Note "From source note about `MIX_ENV`"
The `mix` command should be prefixed with the name of environment your Akkoma server is running in, usually it's `MIX_ENV=prod`
The `mix` command should be prefixed with the name of the environment your Akkoma server is running in, usually it's `MIX_ENV=prod`

View File

@ -15,7 +15,6 @@
mix pleroma.instance gen [option ...]
```
If any of the options are left unspecified, you will be prompted interactively.
### Options
@ -35,10 +34,10 @@ If any of the options are left unspecified, you will be prompted interactively.
- `--db-configurable <Y|N>` - Allow/disallow configuring instance from admin part
- `--uploads-dir <path>` - the directory uploads go in when using a local uploader
- `--static-dir <path>` - the directory custom public files should be read from (custom emojis, frontend bundle overrides, robots.txt, etc.)
- `--listen-ip <ip>` - the ip the app should listen to, defaults to 127.0.0.1
- `--listen-ip <ip>` - the IP the app should listen to, defaults to 127.0.0.1
- `--listen-port <port>` - the port the app should listen to, defaults to 4000
- `--strip-uploads <Y|N>` - use ExifTool to strip uploads of sensitive location data
- `--anonymize-uploads <Y|N>` - randomize uploaded filenames
- `--dedupe-uploads <Y|N>` - store files based on their hash to reduce data storage requirements if duplicates are uploaded with different filenames
- `--skip-release-env` - skip generation the release environment file
- `--skip-release-env` - skip generation of the release environment file
- `--release-env-file` - release environment file path

View File

@ -4,7 +4,7 @@
## Create trusted OAuth App.
Optional params:
Optional parameters:
* `-s SCOPES` - scopes for app, e.g. `read,write,follow,push`.
=== "OTP"
@ -17,4 +17,4 @@ Optional params:
```sh
mix pleroma.app create -n APP_NAME -r REDIRECT_URI
```
```

View File

@ -16,7 +16,6 @@
mix pleroma.user new <nickname> <email> [option ...]
```
### Options
- `--name <name>` - the user's display name
- `--bio <bio>` - the user's bio
@ -39,8 +38,7 @@
mix pleroma.user list
```
## Generate an invite link
## Generate an invitation link
=== "OTP"
@ -54,7 +52,6 @@
mix pleroma.user invite [option ...]
```
### Options
- `--expires-at DATE` - last day on which token is active (e.g. "2019-04-05")
- `--max-use NUMBER` - maximum numbers of token uses
@ -73,7 +70,6 @@
mix pleroma.user invites
```
## Revoke invite
=== "OTP"
@ -88,7 +84,6 @@
mix pleroma.user revoke_invite <token>
```
## Delete a user
=== "OTP"
@ -103,7 +98,6 @@
mix pleroma.user rm <nickname>
```
## Delete user's posts and interactions
=== "OTP"
@ -118,7 +112,6 @@
mix pleroma.user delete_activities <nickname>
```
## Sign user out from all applications (delete user's OAuth tokens and authorizations)
=== "OTP"
@ -161,7 +154,6 @@
mix pleroma.user deactivate NICKNAME
```
## Deactivate all accounts from an instance and unsubscribe local users on it
=== "OTP"
@ -176,7 +168,6 @@
mix pleroma.user deactivate_all_from_instance <instance>
```
## Create a password reset link for user
=== "OTP"
@ -191,8 +182,7 @@
mix pleroma.user reset_password <nickname>
```
## Disable Multi Factor Authentication (MFA/2FA) for a user
## Disable Multi-Factor Authentication (MFA/2FA) for a user
=== "OTP"
@ -206,7 +196,6 @@
mix pleroma.user reset_mfa <nickname>
```
## Set the value of the given user's settings
=== "OTP"
@ -241,7 +230,6 @@
mix pleroma.user tag <nickname> <tags>
```
## Delete tags from a user
=== "OTP"
@ -256,7 +244,6 @@
mix pleroma.user untag <nickname> <tags>
```
## Toggle confirmation status of the user
=== "OTP"
@ -304,7 +291,7 @@
## Fix following state
Sometimes the system can get into a situation where
it think you're already following someone and won't send a request
it thinks you're already following someone and won't send a request
to the remote instance, or won't let you unfollow someone. This
bug was fixed, but in case you encounter these weird states:
@ -324,4 +311,4 @@ The first argument is the local user's nickname - if you are `myuser@myinstance`
The second is the remote user, consisting of both nickname AND domain.
If you are a weird follow state situation and cannot resolve it with the above, you may need to co-operate with the remote admin to clear the state their side too - they should provide the arguments *backwards*, i.e `fix_follow_state remote local`.
If you are a weird follow state situation and cannot resolve it with the above, you may need to co-operate with the remote admin to clear the state their side too - they should provide the arguments *backwards*, i.e. `fix_follow_state remote local`.

View File

@ -8,15 +8,15 @@
4. Copy `akkoma.pgdump`, `config/prod.secret.exs`[²], `config/setup_db.psql` (if still available) and the `uploads` folder to your backup destination. If you have other modifications, copy those changes too.
5. Restart the Akkoma service.
[¹]: We assume the database name is "akkoma". If not, you can find the correct name in your config files.
[²]: If you've installed using OTP, you need `config/config.exs` instead of `config/prod.secret.exs`.
[¹]: We assume the database name is "akkoma". If not, you can find the correct name in your config files.
[²]: If you've installed using OTP, you need `config/config.exs` instead of `config/prod.secret.exs`.
## Restore/Move
1. Optionally reinstall Akkoma (either on the same server or on another server if you want to move servers).
2. Stop the Akkoma service.
3. Go to the working directory of Akkoma (default is `/opt/akkoma`)
4. Copy the above mentioned files back to their original position.
4. Copy the above-mentioned files back to their original position.
5. Drop the existing database and user if restoring in-place[¹]. `sudo -Hu postgres psql -c 'DROP DATABASE akkoma;';` `sudo -Hu postgres psql -c 'DROP USER akkoma;'`
6. Restore the database schema and akkoma role using either of the following options
* You can use the original `setup_db.psql` if you have it[²]: `sudo -Hu postgres psql -f config/setup_db.psql`.
@ -24,24 +24,24 @@
7. Now restore the Akkoma instance's data into the empty database schema[¹]: `sudo -Hu postgres pg_restore -d akkoma -v -1 </path/to/backup_location/akkoma.pgdump>`
8. If you installed a newer Akkoma version, you should run `MIX_ENV=prod mix ecto.migrate`[³]. This task performs database migrations, if there were any.
9. Restart the Akkoma service.
10. Run `sudo -Hu postgres vacuumdb --all --analyze-in-stages`. This will quickly generate the statistics so that postgres can properly plan queries.
11. If setting up on a new server configure Nginx by using the `installation/akkoma.nginx` config sample or reference the Akkoma installation guide for your OS which contains the Nginx configuration instructions.
10. Run `sudo -Hu postgres vacuumdb --all --analyze-in-stages`. This will quickly generate the statistics so that PostgreSQL can properly plan queries.
11. If setting up on a new server configure NGINX by using the `installation/akkoma.nginx` config sample or reference the Akkoma installation guide for your OS which contains the NGINX configuration instructions.
[¹]: We assume the database name and user are both "akkoma". If not, you can find the correct name in your config files.
[²]: You can recreate the `config/setup_db.psql` by running the `mix pleroma.instance gen` task again. You can ignore most of the questions, but make the database user, name, and password the same as found in your backed up config file. This will also create a new `config/generated_config.exs` file which you may delete as it is not needed.
[³]: Prefix with `MIX_ENV=prod` to run it using the production config file.
[¹]: We assume the database name and user are both "akkoma". If not, you can find the correct name in your config files.
[²]: You can recreate the `config/setup_db.psql` by running the `mix pleroma.instance gen` task again. You can ignore most of the questions, but make the database user, name, and password the same as found in your backed up config file. This will also create a new `config/generated_config.exs` file which you may delete as it is not needed.
[³]: Prefix with `MIX_ENV=prod` to run it using the production config file.
## Remove
1. Optionally you can remove the users of your instance. This will trigger delete requests for their accounts and posts. Note that this is 'best effort' and doesn't mean that all traces of your instance will be gone from the fediverse.
1. Optionally, you can remove the users of your instance. This will trigger delete requests for their accounts and posts. Note that this is 'best effort' and doesn't mean that all traces of your instance will be gone from the Fediverse.
* You can do this from the admin-FE where you can select all local users and delete the accounts using the *Moderate multiple users* dropdown.
* You can also list local users and delete them individually using the CLI tasks for [Managing users](./CLI_tasks/user.md).
* You can also list local users and delete them individually using the CLI tasks for [managing users](./CLI_tasks/user.md).
2. Stop the Akkoma service `systemctl stop akkoma`
3. Disable Akkoma from systemd `systemctl disable akkoma`
4. Remove the files and folders you created during installation (see installation guide). This includes the akkoma, nginx and systemd files and folders.
5. Reload nginx now that the configuration is removed `systemctl reload nginx`
4. Remove the files and folders you created during installation (see installation guide). This includes the Akkoma, NGINX and systemd files and folders.
5. Reload NGINX now that the configuration is removed `systemctl reload nginx`
6. Remove the database and database user[¹] `sudo -Hu postgres psql -c 'DROP DATABASE akkoma;';` `sudo -Hu postgres psql -c 'DROP USER akkoma;'`
7. Remove the system user `userdel akkoma`
8. Remove the dependencies that you don't need anymore (see installation guide). Make sure you don't remove packages that are still needed for other software that you have running!
[¹]: We assume the database name and user are both "akkoma". If not, you can find the correct name in your config files.
[¹]: We assume the database name and user are both "akkoma". If not, you can find the correct name in your config files.

View File

@ -1,25 +1,25 @@
# Monitoring Akkoma
If you run akkoma, you may be inclined to collect metrics to ensure your instance is running smoothly,
If you run Akkoma, you may be inclined to collect metrics to ensure your instance is running smoothly,
and that there's nothing quietly failing in the background.
To facilitate this, akkoma exposes prometheus metrics to be scraped.
To facilitate this, Akkoma exposes Prometheus metrics to be scrapped.
## Prometheus
See: [export\_prometheus\_metrics](../../configuration/cheatsheet#instance)
To scrape prometheus metrics, we need an oauth2 token with the `admin:metrics` scope.
To scrape Prometheus metrics, we need an oauth2 token with the `admin:metrics` scope.
consider using [constanze](https://akkoma.dev/AkkomaGang/constanze) to make this easier -
Consider using [constanze](https://akkoma.dev/AkkomaGang/constanze) to make this easier -
```bash
constanze token --client-app --scopes "admin:metrics" --client-name "Prometheus"
```
or see `scripts/create_metrics_app.sh` in the source tree for the process to get this token.
Or see `scripts/create_metrics_app.sh` in the source tree for the process to get this token.
Once you have your token of the form `Bearer $ACCESS_TOKEN`, you can use that in your prometheus config:
Once you have your token of the form `Bearer $ACCESS_TOKEN`, you can use that in your Prometheus config:
```yaml
- job_name: akkoma

View File

@ -20,21 +20,21 @@ su -s "$SHELL" akkoma
# Download latest stable release
./bin/pleroma_ctl update --branch stable
# Stop akkoma
# Stop Akkoma
./bin/pleroma stop # or using the system service manager (e.g. systemctl stop akkoma)
# Run database migrations
./bin/pleroma_ctl migrate
# Start akkoma
# Start Akkoma
./bin/pleroma daemon # or using the system service manager (e.g. systemctl start akkoma)
# Update frontend(s). See Frontend Configuration doc for more information.
./bin/pleroma_ctl frontend install pleroma-fe --ref stable
```
If you selected an alternate flavour on installation,
you _may_ need to specify `--flavour`, in the same way as
If you selected an alternate flavour on installation,
you _may_ need to specify `--flavour`, in the same way as
[when installing](../../installation/otp_en#detecting-flavour).
## For from source installations (using git)
@ -53,13 +53,13 @@ export MIX_ENV=prod
mix deps.get
mix compile
# Stop akkoma (replace with your system service manager's equivalent if different)
# Stop Akkoma (replace with your system service manager's equivalent if different)
sudo systemctl stop akkoma
# Run database migrations
mix ecto.migrate
# Start akkoma (replace with your system service manager's equivalent if different)
# Start Akkoma (replace with your system service manager's equivalent if different)
sudo systemctl start akkoma
# Update Pleroma-FE frontend to latest stable. For other Frontends see Frontend Configuration doc for more information.

View File

@ -64,5 +64,5 @@ Apps listed here might not support all of Akkoma's features.
### BloatFE
- Source Code: <https://git.freesoftwareextremist.com/bloat/>
- Contact: [@r@freesoftwareextremist.com](https://freesoftwareextremist.com/users/r)
- Features: Does not requires JavaScript
- Features: Does not require JavaScript
- Features: MastoAPI

View File

@ -2,9 +2,9 @@
This is a cheat sheet for Akkoma configuration file, any setting possible to configure should be listed here.
For OTP installations the configuration is typically stored in `/etc/akkoma/config.exs`.
For OTP installations, the configuration is typically stored in `/etc/akkoma/config.exs`.
For from source installations Akkoma configuration works by first importing the base config `config/config.exs`, then overriding it by the environment config `config/$MIX_ENV.exs` and then overriding it by user config `config/$MIX_ENV.secret.exs`. In from source installations you should always make the changes to the user config and NEVER to the base config to avoid breakages and merge conflicts. So for production you change/add configuration to `config/prod.secret.exs`.
For from source installations, Akkoma configuration works by first importing the base config `config/config.exs`, then overriding it by the environment config `config/$MIX_ENV.exs` and then overriding it by user config `config/$MIX_ENV.secret.exs`. In from source installations, you should always make the changes to the user config and NEVER to the base config to avoid breakages and merge conflicts. So, for production you change/add configuration to `config/prod.secret.exs`.
To add configuration to your config file, you can copy it from the base config. The latest version of it can be viewed [here](https://akkoma.dev/AkkomaGang/akkoma/src/branch/develop/config/config.exs). You can also use this file if you don't know how an option is supposed to be formatted.
@ -12,7 +12,7 @@ To add configuration to your config file, you can copy it from the base config.
* `name`: The instances name.
* `email`: Email used to reach an Administrator/Moderator of the instance.
* `notify_email`: Email used for notifications.
* `description`: The instances description, can be seen in nodeinfo and ``/api/v1/instance``.
* `description`: The instances description, can be seen in nodeinfo and `/api/v1/instance`.
* `limit`: Posts character limit (CW/Subject included in the counter).
* `description_limit`: The character limit for image descriptions.
* `remote_limit`: Hard character limit beyond which remote posts will be dropped.
@ -33,12 +33,11 @@ To add configuration to your config file, you can copy it from the base config.
* `federation_incoming_replies_max_depth`: Max. depth of reply-to activities fetching on incoming federation, to prevent out-of-memory situations while fetching very long threads. If set to `nil`, threads of any depth will be fetched. Lower this value if you experience out-of-memory crashes.
* `federation_reachability_timeout_days`: Timeout (in days) of each external federation target being unreachable prior to pausing federating to it.
* `allow_relay`: Permits remote instances to subscribe to all public posts of your instance. This may increase the visibility of your instance.
* `public`: Allows unauthenticated access to public resources on your instance. This is essentially used as the default value for `:restrict_unauthenticated`.
* `public`: Allows unauthenticated access to public resources on your instance. This is essentially used as the default value for `:restrict_unauthenticated`.
See `restrict_unauthenticated` for more details.
* `quarantined_instances`: *DEPRECATED* ActivityPub instances where activities will not be sent. They can still reach there via other means, we just won't send them.
* `quarantined_instances`: *DEPRECATED* ActivityPub instances where activities will not be sent. They can still reach there via other means; we just won't send them.
* `allowed_post_formats`: MIME-type list of formats allowed to be posted (transformed into HTML).
* `extended_nickname_format`: Set to `true` to use extended local nicknames format (allows underscores/dashes). This will break federation with
older software for theses nicknames.
* `extended_nickname_format`: Set to `true` to use extended local nicknames format (allows underscores/dashes). This will break federation with older software for these nicknames.
* `max_pinned_statuses`: The maximum number of pinned statuses. `0` will disable the feature.
* `autofollowed_nicknames`: Set to nicknames of (local) users that every new user should automatically follow.
* `autofollowing_nicknames`: Set to nicknames of (local) users that automatically follows every newly registered user.
@ -46,7 +45,7 @@ To add configuration to your config file, you can copy it from the base config.
* `max_report_comment_size`: The maximum size of the report comment (Default: `1000`).
* `safe_dm_mentions`: If set to true, only mentions at the beginning of a post will be used to address people in direct messages. This is to prevent accidental mentioning of people when talking about them (e.g. "@friend hey i really don't like @enemy"). Default: `false`.
* `healthcheck`: If set to true, system data will be shown on ``/api/v1/pleroma/healthcheck``.
* `remote_post_retention_days`: The default amount of days to retain remote posts when pruning the database.
* `remote_post_retention_days`: The default number of days to retain remote posts when pruning the database.
* `user_bio_length`: A user bio maximum length (default: `5000`).
* `user_name_length`: A user name maximum length (default: `100`).
* `skip_thread_containment`: Skip filter out broken threads. The default is `false`.
@ -60,9 +59,9 @@ To add configuration to your config file, you can copy it from the base config.
* `cleanup_attachments`: Remove attachments along with statuses. Does not affect duplicate files and attachments without status. Enabling this will increase load to database when deleting statuses on larger instances.
* `show_reactions`: Let favourites and emoji reactions be viewed through the API (default: `true`).
* `password_reset_token_validity`: The time after which reset tokens aren't accepted anymore, in seconds (default: one day).
* `local_bubble`: Array of domains representing instances closely related to yours. Used to populate the `bubble` timeline. e.g `["example.com"]`, (default: `[]`)
* `languages`: List of Language Codes used by the instance. This is used to try and set a default language from the frontend. It will try and find the first match between the languages set here and the user's browser languages. It will default to the first language in this setting if there is no match.. (default `["en"]`)
* `export_prometheus_metrics`: Enable prometheus metrics, served at `/api/v1/akkoma/metrics`, requiring the `admin:metrics` oauth scope.
* `local_bubble`: Array of domains representing instances closely related to yours. Used to populate the `bubble` timeline. e.g. `["example.com"]`, (default: `[]`)
* `languages`: List of Language Codes used by the instance. This is used to try and set a default language from the frontend. It will try and find the first match between the languages set here and the user's browser languages. It will default to the first language in this setting if there is no match. (default `["en"]`)
* `export_prometheus_metrics`: Enable Prometheus metrics, served at `/api/v1/akkoma/metrics`, requiring the `admin:metrics` OAuth scope.
## :database
* `improved_hashtag_timeline`: Setting to force toggle / force disable improved hashtags timeline. `:enabled` forces hashtags to be fetched from `hashtags` table for hashtags timeline. `:disabled` forces object-embedded hashtags to be used (slower). Keep it `:auto` for automatic behaviour (it is auto-set to `:enabled` [unless overridden] when HashtagsTableMigrator completes).
@ -73,15 +72,15 @@ To add configuration to your config file, you can copy it from the base config.
## Welcome
* `direct_message`: - welcome message sent as a direct message.
* `enabled`: Enables the send a direct message to a newly registered user. Defaults to `false`.
* `enabled`: Enables to send a direct message to a newly registered user. Defaults to `false`.
* `sender_nickname`: The nickname of the local user that sends the welcome message.
* `message`: A message that will be send to a newly registered users as a direct message.
* `email`: - welcome message sent as a email.
* `enabled`: Enables the send a welcome email to a newly registered user. Defaults to `false`.
* `message`: A message that will be sent to a newly registered users as a direct message.
* `email`: - welcome message sent as an email.
* `enabled`: Enables to send a welcome email to a newly registered user. Defaults to `false`.
* `sender`: The email address or tuple with `{nickname, email}` that will use as sender to the welcome email.
* `subject`: A subject of welcome email.
* `html`: A html that will be send to a newly registered users as a email.
* `text`: A text that will be send to a newly registered users as a email.
* `html`: A HTML that will be sent to a newly registered users as an email.
* `text`: A text that will be sent to a newly registered users as an email.
Example:
@ -106,9 +105,9 @@ To add configuration to your config file, you can copy it from the base config.
### :mrf
* `policies`: Message Rewrite Policy, either one or a list. Here are the ones available by default:
* `Pleroma.Web.ActivityPub.MRF.NoOpPolicy`: Doesnt modify activities (default).
* `Pleroma.Web.ActivityPub.MRF.DropPolicy`: Drops all activities. It generally doesnt makes sense to use in production.
* `Pleroma.Web.ActivityPub.MRF.SimplePolicy`: Restrict the visibility of activities from certains instances (See [`:mrf_simple`](#mrf_simple)).
* `Pleroma.Web.ActivityPub.MRF.TagPolicy`: Applies policies to individual users based on tags, which can be set using pleroma-fe/admin-fe/any other app that supports Pleroma Admin API. For example it allows marking posts from individual users nsfw (sensitive).
* `Pleroma.Web.ActivityPub.MRF.DropPolicy`: Drops all activities. It generally doesnt make sense to use in production.
* `Pleroma.Web.ActivityPub.MRF.SimplePolicy`: Restrict the visibility of activities from certain instances (See [`:mrf_simple`](#mrf_simple)).
* `Pleroma.Web.ActivityPub.MRF.TagPolicy`: Applies policies to individual users based on tags, which can be set using pleroma-fe/admin-fe/any other app that supports Pleroma Admin API. For example, it allows marking posts from individual users nsfw (sensitive).
* `Pleroma.Web.ActivityPub.MRF.SubchainPolicy`: Selectively runs other MRF policies when messages match (See [`:mrf_subchain`](#mrf_subchain)).
* `Pleroma.Web.ActivityPub.MRF.RejectNonPublic`: Drops posts with non-public visibility settings (See [`:mrf_rejectnonpublic`](#mrf_rejectnonpublic)).
* `Pleroma.Web.ActivityPub.MRF.EnsureRePrepended`: Rewrites posts to ensure that replies to posts with subjects do not have an identical subject and instead begin with re:.
@ -131,16 +130,16 @@ To add configuration to your config file, you can copy it from the base config.
## Federation
### MRF policies
!!! note
!!! Note
Configuring MRF policies is not enough for them to take effect. You have to enable them by specifying their module in `policies` under [:mrf](#mrf) section.
#### :mrf_simple
* `media_removal`: List of instances to strip media attachments from and the reason for doing so.
* `media_nsfw`: List of instances to tag all media as NSFW (sensitive) from and the reason for doing so.
* `media_nsfw`: List of instances to tag all media as NSFW (sensitive) from, and the reason for doing so.
* `federated_timeline_removal`: List of instances to remove from the Federated Timeline (aka The Whole Known Network) and the reason for doing so.
* `reject`: List of instances to reject activities (except deletes) from and the reason for doing so. Additionally prevents activities from being sent to that instance.
* `accept`: List of instances to only accept activities (except deletes) from and the reason for doing so.
* `followers_only`: Force posts from the given instances to be visible by followers only and the reason for doing so.
* `reject`: List of instances to reject activities (except deletes) from and the reason for doing so. Additionally, prevents activities from being sent to that instance.
* `accept`: List of instances to only accept activities (except deletes) from, and the reason for doing so.
* `followers_only`: Force posts from the given instances to be visible by followers only, and the reason for doing so.
* `report_removal`: List of instances to reject reports from and the reason for doing so.
* `avatar_removal`: List of instances to strip avatars from and the reason for doing so.
* `banner_removal`: List of instances to strip banners from and the reason for doing so.
@ -170,8 +169,8 @@ config :pleroma, :mrf_subchain,
* `reject_threshold`: Number of mentioned users after which the messaged gets rejected. Set to 0 to disable.
#### :mrf_keyword
* `reject`: A list of patterns which result in message being rejected, each pattern can be a string or a [regular expression](https://hexdocs.pm/elixir/Regex.html).
* `federated_timeline_removal`: A list of patterns which result in message being removed from federated timelines (a.k.a unlisted), each pattern can be a string or a [regular expression](https://hexdocs.pm/elixir/Regex.html).
* `reject`: A list of patterns which result in a message being rejected, each pattern can be a string or a [regular expression](https://hexdocs.pm/elixir/Regex.html).
* `federated_timeline_removal`: A list of patterns which result in message being removed from federated timelines (a.k.a. unlisted), each pattern can be a string or a [regular expression](https://hexdocs.pm/elixir/Regex.html).
* `replace`: A list of tuples containing `{pattern, replacement}`, `pattern` can be a string or a [regular expression](https://hexdocs.pm/elixir/Regex.html).
#### :mrf_mention
@ -267,7 +266,7 @@ These settings **need to be complete**, they will override the defaults.
### :frontends
These settings tell akkoma which frontend files to serve the user.
These settings tell Akkoma which frontend files to serve the user.
See: [Frontend Management](../frontend_management)
@ -307,8 +306,8 @@ Available options:
### :assets
This section configures assets to be used with various frontends. Currently the only option
relates to mascots on the mastodon frontend
This section configures assets to be used with various frontends. Currently, the only option
relates to mascots on the Mastodon frontend
* `mascots`: KeywordList of mascots, each element __MUST__ contain both a `url` and a
`mime_type` key.
@ -317,9 +316,9 @@ relates to mascots on the mastodon frontend
### :manifest
This section describe PWA manifest instance-specific values. Currently this option relate only for MastoFE.
This section describes PWA manifest instance-specific values. Currently, this option relates only to MastoFE.
* `icons`: Describe the icons of the app, this a list of maps describing icons in the same way as the
* `icons`: Describe the icons of the app, this is a list of maps describing icons in the same way as the
[spec](https://www.w3.org/TR/appmanifest/#imageresource-and-its-members) describes it.
Example:
@ -348,7 +347,7 @@ This section describe PWA manifest instance-specific values. Currently this opti
* `shortcode_globs`: Location of custom emoji files. `*` can be used as a wildcard. Example `["/emoji/custom/**/*.png"]`
* `pack_extensions`: A list of file extensions for emojis, when no emoji.txt for a pack is present. Example `[".png", ".gif"]`
* `groups`: Emojis are ordered in groups (tags). This is an array of key-value pairs where the key is the groupname and the value the location or array of locations. `*` can be used as a wildcard. Example `[Custom: ["/emoji/*.png", "/emoji/custom/*.png"]]`
* `groups`: Emojis are ordered in groups (tags). This is an array of key-value pairs, where the key is the group name and the value the location or array of locations. `*` can be used as a wildcard. Example `[Custom: ["/emoji/*.png", "/emoji/custom/*.png"]]`
* `default_manifest`: Location of the JSON-manifest. This manifest contains information about the emoji-packs you can download. Currently only one manifest can be added (no arrays).
* `shared_pack_cache_seconds_per_file`: When an emoji pack is shared, the archive is created and cached in
memory for this amount of seconds multiplied by the number of files.
@ -358,14 +357,14 @@ This section describe PWA manifest instance-specific values. Currently this opti
* `enabled`: Enables proxying of remote media to the instances proxy
* `base_url`: The base URL to access a user-uploaded file. Useful when you want to proxy the media files via another host/CDN fronts.
* `proxy_opts`: All options defined in `Pleroma.ReverseProxy` documentation, defaults to `[max_body_length: (25*1_048_576)]`.
* `whitelist`: List of hosts with scheme to bypass the mediaproxy (e.g. `https://example.com`)
* `whitelist`: List of hosts with scheme to bypass the media proxy (e.g. `https://example.com`)
* `invalidation`: options for remove media from cache after delete object:
* `enabled`: Enables purge cache
* `provider`: Which one of the [purge cache strategy](#purge-cache-strategy) to use.
* `provider`: Which one of the [purge cache strategy](#purge-cache-strategy) to use.
## :media_preview_proxy
* `enabled`: Enables proxying of remote media preview to the instances proxy. Requires enabled media proxy (`media_proxy/enabled`).
* `enabled`: Enables proxying of remote media preview to the instances proxy. Requires media proxy to be enabled (`media_proxy/enabled`).
* `thumbnail_max_width`: Max width of preview thumbnail for images (video preview always has original dimensions).
* `thumbnail_max_height`: Max height of preview thumbnail for images (video preview always has original dimensions).
* `image_quality`: Quality of the output. Ranges from 0 (min quality) to 100 (max quality).
@ -375,8 +374,8 @@ This section describe PWA manifest instance-specific values. Currently this opti
#### Pleroma.Web.MediaProxy.Invalidation.Script
This strategy allow perform external shell script to purge cache.
Urls of attachments are passed to the script as arguments.
This strategy allows to perform external shell script to purge cache.
URLs of attachments are passed to the script as arguments.
* `script_path`: Path to the external script.
* `url_format`: Set to `:htcacheclean` if using Apache's htcacheclean utility.
@ -390,10 +389,10 @@ config :pleroma, Pleroma.Web.MediaProxy.Invalidation.Script,
#### Pleroma.Web.MediaProxy.Invalidation.Http
This strategy allow perform custom http request to purge cache.
This strategy allows to perform custom HTTP request to purge cache.
* `method`: http method. default is `purge`
* `headers`: http headers.
* `method`: HTTP method. Default is `purge`
* `headers`: HTTP headers.
* `options`: request options.
Example:
@ -410,12 +409,12 @@ config :pleroma, Pleroma.Web.MediaProxy.Invalidation.Http,
* `providers`: a list of metadata providers to enable. Providers available:
* `Pleroma.Web.Metadata.Providers.OpenGraph`
* `Pleroma.Web.Metadata.Providers.TwitterCard`
* `unfurl_nsfw`: If set to `true` nsfw attachments will be shown in previews.
* `unfurl_nsfw`: If set to `true` NSFW attachments will be shown in previews.
### :rich_media (consumer)
* `enabled`: if enabled the instance will parse metadata from attached links to generate link previews.
* `ignore_hosts`: list of hosts which will be ignored by the metadata parser. For example `["accounts.google.com", "xss.website"]`, defaults to `[]`.
* `ignore_tld`: list TLDs (top-level domains) which will ignore for parse metadata. default is ["local", "localdomain", "lan"].
* `enabled`: if enabled, the instance will parse metadata from attached links to generate link previews.
* `ignore_hosts`: list of hosts which will be ignored by the metadata parser. For example, `["accounts.google.com", "xss.website"]`, defaults to `[]`.
* `ignore_tld`: list TLDs (top-level domains) which will ignore to parse metadata. Default is ["local", "localdomain", "lan"].
* `parsers`: list of Rich Media parsers.
* `failure_backoff`: Amount of milliseconds after request failure, during which the request will not be retried.
@ -423,15 +422,15 @@ config :pleroma, Pleroma.Web.MediaProxy.Invalidation.Http,
### Pleroma.Web.Endpoint
!!! note
!!! Note
`Phoenix` endpoint configuration, all configuration options can be viewed [here](https://hexdocs.pm/phoenix/Phoenix.Endpoint.html#module-dynamic-configuration), only common options are listed here.
* `http` - a list containing http protocol configuration, all configuration options can be viewed [here](https://hexdocs.pm/plug_cowboy/Plug.Cowboy.html#module-options), only common options are listed here. For deployment using docker, you need to set this to `[ip: {0,0,0,0}, port: 4000]` to make akkoma accessible from other containers (such as your nginx server).
* `http` - a list containing HTTP protocol configuration, all configuration options can be viewed [here](https://hexdocs.pm/plug_cowboy/Plug.Cowboy.html#module-options), only common options are listed here. For deployment using docker, you need to set this to `[ip: {0,0,0,0}, port: 4000]` to make Akkoma accessible from other containers (such as your NGINX server).
- `ip` - a tuple consisting of 4 integers
- `port`
* `url` - a list containing the configuration for generating urls, accepts
- `host` - the host without the scheme and a post (e.g `example.com`, not `https://example.com:2020`)
- `scheme` - e.g `http`, `https`
* `url` - a list containing the configuration for generating URLs, accepts
- `host` - the host without the scheme and a post (e.g. `example.com`, not `https://example.com:2020`)
- `scheme` - e.g. `http`, `https`
- `port`
- `path`
* `extra_cookie_attrs` - a list of `Key=Value` strings to be added as non-standard cookie attributes. Defaults to `["SameSite=Lax"]`. See the [SameSite article](https://www.owasp.org/index.php/SameSite) on OWASP for more info.
@ -446,18 +445,18 @@ config :pleroma, Pleroma.Web.Endpoint,
]
```
This will make Akkoma listen on `127.0.0.1` port `8080` and generate urls starting with `https://example.com:2020`
This will make Akkoma listen on `127.0.0.1` port `8080` and generate URLs starting with `https://example.com:2020`
### :http_security
* ``enabled``: Whether the managed content security policy is enabled.
* ``sts``: Whether to additionally send a `Strict-Transport-Security` header.
* ``sts_max_age``: The maximum age for the `Strict-Transport-Security` header if sent.
* ``referrer_policy``: The referrer policy to use, either `"same-origin"` or `"no-referrer"`.
* ``report_uri``: Adds the specified url to `report-uri` and `report-to` group in CSP header.
* ``report_uri``: Adds the specified URL to `report-uri` and `report-to` group in CSP header.
### Pleroma.Web.Plugs.RemoteIp
!!! warning
!!! Warning
If your instance is not behind at least one reverse proxy, you should not enable this plug.
`Pleroma.Web.Plugs.RemoteIp` is a shim to call [`RemoteIp`](https://git.pleroma.social/pleroma/remote_ip) but with runtime configuration.
@ -466,19 +465,18 @@ Available options:
* `enabled` - Enable/disable the plug. Defaults to `false`.
* `headers` - A list of strings naming the HTTP headers to use when deriving the true client IP address. Defaults to `["x-forwarded-for"]`.
* `proxies` - A list of upstream proxy IP subnets in CIDR notation from which we will parse the content of `headers`. Defaults to `[]`. IPv4 entries without a bitmask will be assumed to be /32 and IPv6 /128.
* `proxies` - A list of upstream proxy IP subnets in CIDR notation, from which we will parse the content of `headers`. Defaults to `[]`. IPv4 entries without a bitmask will be assumed to be /32 and IPv6 /128.
* `reserved` - A list of reserved IP subnets in CIDR notation which should be ignored if found in `headers`. Defaults to `["127.0.0.0/8", "::1/128", "fc00::/7", "10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16"]`.
### :rate_limit
!!! note
If your instance is behind a reverse proxy ensure [`Pleroma.Web.Plugs.RemoteIp`](#pleroma-plugs-remoteip) is enabled (it is enabled by default).
!!! Note
If your instance is behind a reverse proxy, ensure [`Pleroma.Web.Plugs.RemoteIp`](#pleroma-plugs-remoteip) is enabled (it is enabled by default).
A keyword list of rate limiters where a key is a limiter name and value is the limiter configuration. The basic configuration is a tuple where:
A keyword list of rate limiters, where a key is a limiter name and value is the limiter configuration. The basic configuration is a tuple where:
* The first element: `scale` (Integer). The time scale in milliseconds.
* The second element: `limit` (Integer). How many requests to limit in the time scale provided.
* The first element: `scale` (Integer). The timescale in milliseconds.
* The second element: `limit` (Integer). How many requests to limit in the timescale provided.
It is also possible to have different limits for unauthenticated and authenticated users: the keyword value must be a list of two tuples where the first one is a config for unauthenticated users and the second one is for authenticated.
@ -493,18 +491,18 @@ config :pleroma, :rate_limit,
Means that:
1. In 60 seconds, 15 authentication attempts can be performed from the same IP address.
2. In 1 second, 10 search requests can be performed from the same IP adress by unauthenticated users, while authenticated users can perform 30 search requests per second.
2. In 1 second, 10 search requests can be performed from the same IP address by unauthenticated users, while authenticated users can perform 30 search requests per second.
Supported rate limiters:
* `:search` - Account/Status search.
* `:timeline` - Timeline requests (each timeline has it's own limiter).
* `:timeline` - Timeline requests (each timeline has its own limiter).
* `:app_account_creation` - Account registration from the API.
* `:relations_actions` - Following/Unfollowing in general.
* `:relation_id_action` - Following/Unfollowing for a specific user.
* `:statuses_actions` - Status actions such as: (un)repeating, (un)favouriting, creating, deleting.
* `:status_id_action` - (un)Repeating/(un)Favouriting a particular status.
* `:authentication` - Authentication actions, i.e getting an OAuth token.
* `:authentication` - Authentication actions, i.e. getting an OAuth token.
* `:password_reset` - Requesting password reset emails.
* `:account_confirmation_resend` - Requesting resending account confirmation emails.
* `:ap_routes` - Requesting statuses via ActivityPub.
@ -557,20 +555,20 @@ the source code is here: [kocaptcha](https://github.com/koto-bank/kocaptcha). Th
* `uploader`: Which one of the [uploaders](#uploaders) to use.
* `filters`: List of [upload filters](#upload-filters) to use.
* `link_name`: When enabled Akkoma will add a `name` parameter to the url of the upload, for example `https://instance.tld/media/corndog.png?name=corndog.png`. This is needed to provide the correct filename in Content-Disposition headers when using filters like `Pleroma.Upload.Filter.Dedupe`
* `link_name`: When enabled, Akkoma will add a `name` parameter to the URL of the upload, for example `https://instance.tld/media/corndog.png?name=corndog.png`. This is needed to provide the correct filename in Content-Disposition headers when using filters like `Pleroma.Upload.Filter.Dedupe`
* `base_url`: The base URL to access a user-uploaded file. Useful when you want to host the media files via another domain or are using a 3rd party S3 provider.
* `proxy_remote`: If you're using a remote uploader, Akkoma will proxy media requests instead of redirecting to it.
* `proxy_opts`: Proxy options, see `Pleroma.ReverseProxy` documentation.
* `filename_display_max_length`: Set max length of a filename to display. 0 = no limit. Default: 30.
!!! warning
!!! Warning
`strip_exif` has been replaced by `Pleroma.Upload.Filter.Mogrify`.
### Uploaders
#### Pleroma.Uploaders.Local
* `uploads`: Which directory to store the user-uploads in, relative to pleromas working directory.
* `uploads`: Which directory to store the user-uploads in, relative to Akkomas working directory.
#### Pleroma.Uploaders.S3
@ -611,22 +609,22 @@ No specific configuration.
#### Pleroma.Upload.Filter.Exiftool
This filter only strips the GPS and location metadata with Exiftool leaving color profiles and attributes intact.
This filter only strips the GPS and location metadata with ExifTool leaving color profiles and attributes intact.
No specific configuration.
#### Pleroma.Upload.Filter.Mogrify
* `args`: List of actions for the `mogrify` command like `"strip"` or `["strip", "auto-orient", {"implode", "1"}]`.
* `args`: List of actions for the `mogrify` command, like `"strip"` or `["strip", "auto-orient", {"implode", "1"}]`.
## Email
### Pleroma.Emails.Mailer
* `adapter`: one of the mail adapters listed in [Swoosh readme](https://github.com/swoosh/swoosh#adapters), or `Swoosh.Adapters.Local` for in-memory mailbox.
* `adapter`: one of the mail adapters listed in [Swoosh README](https://github.com/swoosh/swoosh#adapters), or `Swoosh.Adapters.Local` for in-memory mailbox.
* `api_key` / `password` and / or other adapter-specific settings, per the above documentation.
* `enabled`: Allows enable/disable send emails. Default: `false`.
* `enabled`: Allows to enable/disable send emails. Default: `false`.
An example for Sendgrid adapter:
An example for SendGrid adapter:
```elixir
config :pleroma, Pleroma.Emails.Mailer,
@ -668,7 +666,7 @@ Email notifications settings.
### Pleroma.Emails.NewUsersDigestEmail
- `:enabled` - a boolean, enables new users admin digest email when `true`. Defaults to `false`.
- `:enabled` - a boolean, enables new users' admin digest email when `true`. Defaults to `false`.
## Background jobs
@ -676,7 +674,7 @@ Email notifications settings.
[Oban](https://github.com/sorentwo/oban) asynchronous job processor configuration.
Configuration options described in [Oban readme](https://github.com/sorentwo/oban#usage):
Configuration options described in [Oban README](https://github.com/sorentwo/oban#usage):
* `repo` - app's Ecto repo (`Pleroma.Repo`)
* `log` - logs verbosity
@ -763,7 +761,7 @@ config :logger, :ex_syslogger,
level: :warn
```
Another example, keeping console output and adding the pid to syslog output:
Another example, keeping console output and adding the PID to syslog output:
```elixir
config :logger,
backends: [:console, {ExSyslogger, :ex_syslogger}]
@ -791,7 +789,7 @@ config :logger, :ex_syslogger,
### RUM indexing for full text search
!!! warning
!!! Warning
It is recommended to use PostgreSQL v11 or newer. We have seen some minor issues with lower PostgreSQL versions.
* `rum_enabled`: If RUM indexes should be used. Defaults to `false`.
@ -800,7 +798,7 @@ RUM indexes are an alternative indexing scheme that is not included in PostgreSQ
Their advantage over the standard GIN indexes is that they allow efficient ordering of search results by timestamp, which makes search queries a lot faster on larger servers, by one or two orders of magnitude. They take up around 3 times as much space as GIN indexes.
To enable them, both the `rum_enabled` flag has to be set and the following special migration has to be run:
To enable them, both the `rum_enabled` flag has to be set, and the following special migration has to be run:
`mix ecto.migrate --migrations-path priv/repo/optional_migrations/rum_indexing/`
@ -810,7 +808,7 @@ This will probably take a long time.
### :admin_token
Allows to set a token that can be used to authenticate with the admin api without using an actual user by giving it as the `admin_token` parameter or `x-admin-token` HTTP header. Example:
Allows to set a token that can be used to authenticate with the admin API without using an actual user by giving it as the `admin_token` parameter or `x-admin-token` HTTP header. Example:
```elixir
config :pleroma, :admin_token, "somerandomtoken"
@ -834,8 +832,8 @@ Warning: it's discouraged to use this feature because of the associated security
Authentication / authorization settings.
* `auth_template`: authentication form template. By default it's `show.html` which corresponds to `lib/pleroma/web/templates/o_auth/o_auth/show.html.eex`.
* `oauth_consumer_template`: OAuth consumer mode authentication form template. By default it's `consumer.html` which corresponds to `lib/pleroma/web/templates/o_auth/o_auth/consumer.html.eex`.
* `auth_template`: authentication form template. By default, it's `show.html` which corresponds to `lib/pleroma/web/templates/o_auth/o_auth/show.html.eex`.
* `oauth_consumer_template`: OAuth consumer mode authentication form template. By default, it's `consumer.html` which corresponds to `lib/pleroma/web/templates/o_auth/o_auth/consumer.html.eex`.
* `oauth_consumer_strategies`: the list of enabled OAuth consumer strategies; by default it's set by `OAUTH_CONSUMER_STRATEGIES` environment variable. Each entry in this space-delimited string should be of format `<strategy>` or `<strategy>:<dependency>` (e.g. `twitter` or `keycloak:ueberauth_keycloak_strategy` in case dependency is named differently than `ueberauth_<strategy>`).
### Pleroma.Web.Auth.Authenticator
@ -848,8 +846,8 @@ Authentication / authorization settings.
Use LDAP for user authentication. When a user logs in to the Akkoma
instance, the name and password will be verified by trying to authenticate
(bind) to an LDAP server. If a user exists in the LDAP directory but there
is no account with the same name yet on the Akkoma instance then a new
Akkoma account will be created with the same name as the LDAP user name.
is no account with the same name yet on the Akkoma instance, then a new
Akkoma account will be created with the same name as the LDAP username.
* `enabled`: enables LDAP authentication
* `host`: LDAP server hostname
@ -870,29 +868,29 @@ OAuth 2.0 provider settings:
* `token_expires_in` - The lifetime in seconds of the access token.
* `issue_new_refresh_token` - Keeps old refresh token or generate new refresh token when to obtain an access token.
* `clean_expired_tokens` - Enable a background job to clean expired oauth tokens. Defaults to `false`.
* `clean_expired_tokens` - Enable a background job to clean expired OAuth tokens. Defaults to `false`.
OAuth 2.0 provider and related endpoints:
* `POST /api/v1/apps` creates client app basing on provided params.
* `POST /api/v1/apps` creates client app basing on provided parameters.
* `GET/POST /oauth/authorize` renders/submits authorization form.
* `POST /oauth/token` creates/renews OAuth token.
* `POST /oauth/revoke` revokes provided OAuth token.
* `GET /api/v1/accounts/verify_credentials` (with proper `Authorization` header or `access_token` URI param) returns user info on requester (with `acct` field containing local nickname and `fqn` field containing fully-qualified nickname which could generally be used as email stub for OAuth software that demands email field in identity endpoint response, like Peertube).
* `GET /api/v1/accounts/verify_credentials` (with proper `Authorization` header or `access_token` URI parameter) returns user info on requester (with `acct` field containing local nickname and `fqn` field containing fully-qualified nickname which could generally be used as email stub for OAuth software that demands email field in identity endpoint response, like Peertube).
### OAuth consumer mode
### OAuth's consumer mode
OAuth consumer mode allows sign in / sign up via external OAuth providers (e.g. Twitter, Facebook, Google, Microsoft, etc.).
Implementation is based on Ueberauth; see the list of [available strategies](https://github.com/ueberauth/ueberauth/wiki/List-of-Strategies).
OAuth's consumer mode allows sign in / sign up via external OAuth providers (e.g. Twitter, Facebook, Google, Microsoft, etc.).
Implementation is based on Überauth; see the list of [available strategies](https://github.com/ueberauth/ueberauth/wiki/List-of-Strategies).
!!! note
!!! Note
Each strategy is shipped as a separate dependency; in order to get the strategies, run `OAUTH_CONSUMER_STRATEGIES="..." mix deps.get`, e.g. `OAUTH_CONSUMER_STRATEGIES="twitter facebook google microsoft" mix deps.get`. The server should also be started with `OAUTH_CONSUMER_STRATEGIES="..." mix phx.server` in case you enable any strategies.
!!! note
!!! Note
Each strategy requires separate setup (on external provider side and Akkoma side). Below are the guidelines on setting up most popular strategies.
!!! note
Make sure that `"SameSite=Lax"` is set in `extra_cookie_attrs` when you have this feature enabled. OAuth consumer mode will not work with `"SameSite=Strict"`
!!! Note
Make sure that `"SameSite=Lax"` is set in `extra_cookie_attrs` when you have this feature enabled. OAuth's consumer mode will not work with `"SameSite=Strict"`
* For Twitter, [register an app](https://developer.twitter.com/en/apps), configure callback URL to https://<your_host>/oauth/twitter/callback
@ -902,7 +900,7 @@ Implementation is based on Ueberauth; see the list of [available strategies](htt
* For Microsoft, [register an app](https://portal.azure.com), configure callback URL to https://<your_host>/oauth/microsoft/callback
Once the app is configured on external OAuth provider side, add app's credentials and strategy-specific settings (if any — e.g. see Microsoft below) to `config/prod.secret.exs`,
Once the app is configured on external OAuth provider side, add app's credentials and strategy-specific settings (if any — e.g., see Microsoft below) to `config/prod.secret.exs`,
per strategy's documentation (e.g. [ueberauth_twitter](https://github.com/ueberauth/ueberauth_twitter)). Example config basing on environment variables:
```elixir
@ -955,7 +953,7 @@ config :ueberauth, Ueberauth,
## Link parsing
### :uri_schemes
* `valid_schemes`: List of the scheme part that is considered valid to be an URL.
* `valid_schemes`: List of the scheme part that is considered valid to be a URL.
### Pleroma.Formatter
@ -964,10 +962,10 @@ Configuration for Akkoma's link formatter which parses mentions, hashtags, and U
* `class` - specify the class to be added to the generated link (default: `false`)
* `rel` - specify the rel attribute (default: `ugc`)
* `new_window` - adds `target="_blank"` attribute (default: `false`)
* `truncate` - Set to a number to truncate URLs longer then the number. Truncated URLs will end in `...` (default: `false`)
* `truncate` - Set to a number to truncate URLs longer than the number. Truncated URLs will end in `...` (default: `false`)
* `strip_prefix` - Strip the scheme prefix (default: `false`)
* `extra` - link URLs with rarely used schemes (magnet, ipfs, irc, etc.) (default: `true`)
* `validate_tld` - Set to false to disable TLD validation for URLs/emails. Can be set to :no_scheme to validate TLDs only for urls without a scheme (e.g `example.com` will be validated, but `http://example.loki` won't) (default: `:no_scheme`)
* `extra` - link URLs with rarely used schemes (magnet, IPFS, IRC, etc.) (default: `true`)
* `validate_tld` - Set to false to disable TLD validation for URLs/emails. Can be set to :no_scheme to validate TLDs only for URLs without a scheme (e.g. `example.com` will be validated, but `http://example.loki` won't) (default: `:no_scheme`)
Example:
@ -1003,7 +1001,7 @@ git clone <MY MODULE>
## :configurable_from_database
Boolean, enables/disables in-database configuration. Read [Transfering the config to/from the database](../administration/CLI_tasks/config.md) for more information.
Boolean, enables/disables in-database configuration. Read [Transferring the config to/from the database](../administration/CLI_tasks/config.md) for more information.
## :database_config_whitelist
@ -1053,7 +1051,7 @@ Turning any of the `:restrict_unauthenticated` options to `true` will restrict a
#### When :instance, :public is `false`
When `:instance, :public` is set to `false`, all of the `:restrict_unauthenticated` options will effectively be set to `true` by default,
When `:instance, :public` is set to `false`, all the `:restrict_unauthenticated` options will effectively be set to `true` by default,
meaning that only authenticated users will be able to access the corresponding resources.
If you'd like to allow unauthenticated access to specific resources, you can turn these settings to `false`.
@ -1072,10 +1070,10 @@ Control favicons for instances.
## Pleroma.User.Backup
!!! note
!!! Note
Requires enabled email
* `:purge_after_days` an integer, remove backup achives after N days.
* `:purge_after_days` an integer, remove backup archives after N days.
* `:limit_days` an integer, limit user to export not more often than once per N days.
* `:dir` a string with a path to backup temporary directory or `nil` to let Akkoma choose temporary directory in the following order:
1. the directory named by the TMPDIR environment variable
@ -1087,14 +1085,14 @@ Control favicons for instances.
### Theme settings
Settings to change theme as exposed to the outside world, for software
that scans `index.html` (mainly misskey)
that scans `index.html` (mainly Misskey)
```
config :pleroma, Pleroma.Web.Metadata.Providers.Theme, theme_color: "#593196"
```
This sets the `theme-color` meta tag on `index.html`, and is basically
a hack to make misskey find the right thing.
a hack to make Misskey find the right thing.
## Ephemeral activities (Pleroma.Workers.PurgeExpiredActivity)
@ -1112,7 +1110,7 @@ Settings to restrict concurrently running jobs. Jobs which can be configured:
Each job has these settings:
* `:max_running` - max concurrently runnings jobs
* `:max_running` - max concurrently running jobs
* `:max_waiting` - max waiting jobs
### Translation Settings
@ -1121,7 +1119,7 @@ Settings to automatically translate statuses for end users. Currently supported
translation services are DeepL and LibreTranslate. The supported command line tool is [Argos Translate](https://github.com/argosopentech/argos-translate).
Translations are available at `/api/v1/statuses/:id/translations/:language`, where
`language` is the target language code (e.g `en`)
`language` is the target language code (e.g., `en`)
### `:translator`
@ -1142,6 +1140,6 @@ Translations are available at `/api/v1/statuses/:id/translations/:language`, whe
### `:argos_translate`
- `:command_argos_translate` - command for `argos-translate`. Can be the command if it's in your PATH, or the full path to the file (default: `argos-translate`).
- `:command_argos_translate` - command for `argos-translate`. Can be the command if it's in your PATH, or the full path to the file (default: `argos-translate`).
- `:command_argospm` - command for `argospm`. Can be the command if it's in your PATH, or the full path to the file (default: `argospm`).
- `:strip_html` - Strip html from the post before translating it (default: `true`).

View File

@ -46,7 +46,7 @@ config :pleroma, :emoji,
]
```
Order of the `groups` matters, so to override default tags just put your group on top of the list. E.g:
Order of the `groups` matters, so to override default tags, just put your group on top of the list. E.g:
```elixir
config :pleroma, :emoji,
shortcode_globs: ["/emoji/custom/**/*.png"],
@ -74,7 +74,7 @@ Managing your emoji can be hard work, and you just want to have the cool emoji y
You can use the `Pleroma.Web.ActivityPub.MRF.StealEmojiPolicy` [Message Rewrite Facility](../configuration/cheatsheet.md#mrf) to automatically add to your instance emoji that messages from specific servers contain. Note that this happens on message processing, so the emoji will be added only after your instance receives some interaction containing emoji _after_ configuring this.
To activate this you have to [configure](../configuration/cheatsheet.md#mrf_steal_emoji) it in your configuration file. For example if you wanted to steal any emoji that is not related to cinnamon and not larger than about 10K from `coolemoji.space` and `spiceenthusiasts.biz`, you would add the following:
To activate this, you have to [configure](../configuration/cheatsheet.md#mrf_steal_emoji) it in your configuration file. For example if you wanted to steal any emoji that is not related to cinnamon and not larger than about 10K from `coolemoji.space` and `spiceenthusiasts.biz`, you would add the following:
```elixir
config :pleroma, :mrf,
policies: [

View File

@ -2,7 +2,7 @@
Frontends in Akkoma are swappable, you can pick which you'd like.
For a basic setup, you can set a frontends for the key `primary` and `admin` and the options of `name` and `ref`. This will then make Akkoma serve the frontend from a folder constructed by concatenating the instance static path, `frontends` and the name and ref.
For a basic setup, you can set a frontend for the key `primary` and `admin` and the options of `name` and `ref`. This will then make Akkoma serve the frontend from a folder constructed by concatenating the instance static path, `frontends` and the name and ref.
The key `primary` refers to the frontend that will be served by default for general requests. The key `admin` refers to the frontend that will be served at the `/pleroma/admin` path.
@ -26,7 +26,7 @@ config :pleroma, :frontends,
}
```
This would serve the frontend from the the folder at `$instance_static/frontends/pleroma/stable`. You have to copy the frontend into this folder yourself. You can choose the name and ref any way you like, but they will be used by mix tasks to automate installation in the future, the name referring to the project and the ref referring to a commit.
This would serve the frontend from the folder at `$instance_static/frontends/pleroma/stable`. You have to copy the frontend into this folder yourself. You can choose the name and ref any way you like, but they will be used by mix tasks to automate installation in the future, the name referring to the project and the ref referring to a commit.
Refer to [the frontend CLI task](../../administration/CLI_tasks/frontend) for how to install the frontend's files
@ -42,9 +42,9 @@ as well as [fedibird](https://github.com/fedibird/mastodon)'s extended frontend
To enable either one, you must run the `frontend.install` task for either `mastodon-fe` or `fedibird-fe` (both `--ref akkoma`), then make sure
`:pleroma, :frontends, :mastodon` references the one you want.
## Swagger (openAPI) documentation viewer
## Swagger (OpenAPI) documentation viewer
If you're a developer and you'd like a human-readable rendering of the
If you're a developer, and you'd like a human-readable rendering of the
API documentation, you can enable [Swagger UI](https://github.com/swagger-api/swagger-ui).
In your config:

View File

@ -71,7 +71,7 @@ Use private `/tmp` and `/var/tmp` folders inside a new file system namespace, wh
> Recommended value: `true`
The `/home`, `/root`, and `/run/user` folders can not be accessed by this service anymore. If your Akkoma user has its home folder in one of the restricted places, or use one of these folders as its working directory, you have to set this to `false`.
The `/home`, `/root`, and `/run/user` folders cannot be accessed by this service anymore. If your Akkoma user has its home folder in one of the restricted places, or use one of these folders as its working directory, you have to set this to `false`.
### ProtectSystem

View File

@ -11,7 +11,7 @@ Akkoma supports that, but it might be tricky to set up, and any error might prev
It is important to understand that for federation purposes, a user in Akkoma has two unique identifiers associated:
- A webfinger `acct:` URI, used for discovery and as a verifiable global name for the user across Akkoma instances. In our example, our account's acct: URI is `acct:user@example.org`
- A Webfinger `acct:` URI, used for discovery and as a verifiable global name for the user across Akkoma instances. In our example, our account's acct: URI is `acct:user@example.org`
- An author/actor URI, used in every other aspect of federation. This is the way in which users are identified in ActivityPub, the underlying protocol used for federation with other Akkoma instances.
In our case, it is `https://akkoma.example.org/users/user`.
@ -19,7 +19,7 @@ Both account identifiers are unique and required for Akkoma. An important risk i
## WebFinger
As said earlier, each Akkoma user has an `acct`: URI, which is used for discovery and authentication. When you add @user@example.org, a webfinger query is performed. This is done in two steps:
As said earlier, each Akkoma user has an `acct`: URI, which is used for discovery and authentication. When you add @user@example.org, a Webfinger query is performed. This is done in two steps:
1. Querying `https://example.org/.well-known/host-meta` (where the domain of the URL matches the domain part of the `acct`: URI) to get information on how to perform the query.
This file will indeed contain a URL template of the form `https://example.org/.well-known/webfinger?resource={uri}` that will be used in the second step.
@ -47,11 +47,11 @@ config :pleroma, Pleroma.Web.WebFinger, domain: "example.org"
### Configuring WebFinger domain
Now, you have Akkoma running at `https://akkoma.example.org` as well as a website at `https://example.org`. If you recall how webfinger queries work, the first step is to query `https://example.org/.well-known/host-meta`, which will contain an URL template.
Now, you have Akkoma running at `https://akkoma.example.org` as well as a website at `https://example.org`. If you recall how Webfinger queries work, the first step is to query `https://example.org/.well-known/host-meta`, which will contain a URL template.
Therefore, the easiest way to configure `example.org` is to redirect `/.well-known/host-meta` to `akkoma.example.org`.
With nginx, it would be as simple as adding:
With NGINX, it would be as simple as adding:
```nginx
location = /.well-known/host-meta {

View File

@ -44,7 +44,7 @@ The configuration of Akkoma (and Pleroma) has traditionally been managed with a
4. ⚠️ **THIS IS NOT REQUIRED** ⚠️
Now you can edit your config file and strip it down to the only settings which are not possible to control in the database. e.g., the Postgres (Repo) and webserver (Endpoint) settings cannot be controlled in the database because the application needs the settings to start up and access the database.
Now you can edit your config file and strip it down to the only settings which are not possible to control in the database. e.g., the PostgreSQL (Repo) and webserver (Endpoint) settings cannot be controlled in the database because the application needs the settings to start up and access the database.
Any settings in the database will override those in the config file, but you may find it less confusing if the setting is only declared in one place.
@ -74,8 +74,7 @@ The configuration of Akkoma (and Pleroma) has traditionally been managed with a
config :pleroma, configurable_from_database: true
```
5. Restart your instance and you can now access the Settings tab in AdminFE.
5. Restart your instance, and you can now access the Settings tab in AdminFE.
## Reverting back from database config
@ -127,12 +126,12 @@ You can clear the database config with the following command:
$ ./bin/pleroma_ctl config reset
```
Additionally, every time you migrate the configuration to the database the config table is automatically truncated to ensure a clean migration.
Additionally, every time you migrate the configuration to the database, the config table is automatically truncated to ensure a clean migration.
### Manually removing a setting
If you encounter a situation where the server cannot run properly because of an invalid setting in the database and this is preventing you from accessing AdminFE, you can manually remove the offending setting if you know which one it is.
e.g., here is an example showing a the removal of the `config :pleroma, :instance` settings:
e.g., here is an example showing the removal of the `config :pleroma, :instance` settings:
**Source:**
@ -152,4 +151,4 @@ e.g., here is an example showing a the removal of the `config :pleroma, :instanc
config :pleroma, :instance deleted from the ConfigDB.
```
Now the `config :pleroma, :instance` settings have been removed from the database.
Now, the `config :pleroma, :instance` settings have been removed from the database.

View File

@ -1,12 +1,12 @@
# How to activate mediaproxy
## Explanation
Without the `mediaproxy` function, Akkoma doesn't store any remote content like pictures, video etc. locally. So every time you open Akkoma, the content is loaded from the source server, from where the post is coming. This can result in slowly loading content or/and increased bandwidth usage on the source server.
With the `mediaproxy` function you can use nginx to cache this content, so users can access it faster, because it's loaded from your server.
Without the `mediaproxy` function, Akkoma doesn't store any remote content like pictures, video etc. locally. So, every time you open Akkoma, the content is loaded from the source server, from where the post is coming. This can result in slowly loading content or/and increased bandwidth usage on the source server.
With the `mediaproxy` function, you can use NGINX to cache this content, so users can access it faster, because it's loaded from your server.
## Activate it
* Edit your nginx config and add the following location:
* Edit your NGINX config and add the following location:
```
location /proxy {
proxy_cache akkoma_media_cache;
@ -14,7 +14,7 @@ location /proxy {
proxy_pass http://localhost:4000;
}
```
Also add the following on top of the configuration, outside of the `server` block:
Also add the following on top of the configuration, outside the `server` block:
```
proxy_cache_path /tmp/akkoma-media-cache levels=1:2 keys_zone=akkoma_media_cache:10m max_size=10g inactive=720m use_temp_path=off;
```
@ -29,6 +29,6 @@ config :pleroma, :media_proxy,
]
#base_url: "https://cache.akkoma.social"
```
If you want to use a subdomain to serve the files, uncomment `base_url`, change the url and add a comma after `true` in the previous line.
If you want to use a subdomain to serve the files, uncomment `base_url`, change the URL and add a comma after `true` in the previous line.
* Restart nginx and Akkoma
* Restart NGINX and Akkoma

View File

@ -1,5 +1,5 @@
# How to configure upstream proxy for federation
If you want to proxify all http requests (e.g. for TOR) that Akkoma makes to an upstream proxy server, edit your config file (`dev.secret.exs` or `prod.secret.exs`) and add the following:
If you want to proxify all HTTP requests (e.g. for TOR) that Akkoma makes to an upstream proxy server, edit your config file (`dev.secret.exs` or `prod.secret.exs`) and add the following:
```
config :pleroma, :http,

View File

@ -1,24 +1,22 @@
# How to enable text search for Chinese, Japanese and Korean
Akkoma's full text search feature is powered by PostgreSQL's native [text search](https://www.postgresql.org/docs/current/textsearch.html), it works well out of box for most of languages, but needs extra configurations for some asian languages like Chinese, Japanese and Korean (CJK).
Akkoma's full text search feature is powered by PostgreSQL's native [text search](https://www.postgresql.org/docs/current/textsearch.html), it works well out of box for most of languages, but needs extra configurations for some Asian languages like Chinese, Japanese and Korean (CJK).
## Setup and test the new search config
In most cases, you would need an extension installed to support parsing CJK text. Here are a few extensions you may choose from, or you are more than welcome to share additional ones you found working for you with the rest of Akkoma community.
* [a generic n-gram parser](https://github.com/huangjimmy/pg_cjk_parser) supports Simplifed/Traditional Chinese, Japanese, and Korean
* [a generic n-gram parser](https://github.com/huangjimmy/pg_cjk_parser) supports Simplified/Traditional Chinese, Japanese, and Korean
* [a Korean parser](https://github.com/i0seph/textsearch_ko) based on mecab
* [a Japanese parser](https://www.amris.co.jp/tsja/index.html) based on mecab
* [zhparser](https://github.com/amutu/zhparser/) is a PostgreSQL extension base on the Simple Chinese Word Segmentation(SCWS)
* [another Chinese parser](https://github.com/jaiminpan/pg_jieba) based on Jieba Chinese Word Segmentation
Once you have the new search config , make sure you test it with the `pleroma` user in PostgreSQL (change `YOUR.CONFIG` to your real configuration name)
```
SELECT ts_debug('YOUR.CONFIG', '安装和配置Nginx, ElixirとErlangをインストールします');
```
Check output of the query, and see if it matches your expectation.
Once you have the new search config, make sure you test it with the `pleroma` user in PostgreSQL (change `YOUR.CONFIG` to your real configuration name)
```
SELECT ts_debug('YOUR.CONFIG', '安装和配置NGINX, ElixirとErlangをインストールします');
```
Check the output of the query, and see if it matches your expectation.
## Update text search config and index in database
@ -37,6 +35,6 @@ Check output of the query, and see if it matches your expectation.
Note: index update may take a while, and it can be done while the instance is up and running, so you may restart db connection as soon as you see `Recreate index` in task output.
## Restart database connection
Since some changes above will only apply with a new database connection, you will have to restart either Akkoma or PostgreSQL process, or use `pg_terminate_backend` SQL command without restarting either.
Since some changes above will only apply with a new database connection, you will have to restart either Akkoma or PostgreSQL process, or use `pg_terminate_backend` SQL command without restarting either.
Now the search results of statuses should be much more friendly for your language of choice, the results for searching users and tags were not changed, as the default parsing/matching should work for most cases.
Now the search results of statuses should be much more friendly for your language of choice, the results for searching users and tags were not changed, as the default parsing/matching should work for most cases.

View File

@ -1,10 +1,10 @@
# How to set rich media cache ttl based on image ttl
# How to set rich media cache TTL based on image TTL
## Explanation
Richmedia are cached without the ttl but the rich media may have image which can expire, like aws signed url.
In such cases the old image url (expired) is returned from the media cache.
Richmedia are cached without the TTL, but the rich media may have image which can expire, like AWS-signed URL.
In such cases, the old image URL (expired) is returned from the media cache.
So to avoid such situation we can define a module that will set ttl based on image.
So, to avoid such situation, we can define a module that will set TTL based on image.
The module must adopt behaviour `Pleroma.Web.RichMedia.Parser.TTL`
### Example
@ -16,8 +16,8 @@ defmodule MyModule do
@impl Pleroma.Web.RichMedia.Parser.TTL
def ttl(data, url) do
image_url = Map.get(data, :image)
# do some parsing in the url and get the ttl of the image
# return ttl is unix time
# do some parsing in the url and get the TTL of the image
# return TTL is unix time
parse_ttl_from_url(image_url)
end
end

View File

@ -8,7 +8,7 @@ To add a custom theme to your instance, you'll first need to get a custom theme,
* You can create your own theme using the Pleroma FE by going to settings (gear on the top right) and choose the Theme tab. Here you have the options to create a personal theme.
* To download your theme, you can do Save preset
* If you want to upload a theme to customise it further, you can upload it using Load preset
* If you want to upload a theme to customize it further, you can upload it using Load preset
This will only save the theme for you personally. To make it available to the whole instance, you'll need to upload it to the server.
@ -47,7 +47,7 @@ Now you'll already be able to select the theme in Pleroma FE from the drop-down.
### Give the theme a name
When you open one of the themes that ship with Akkoma, you'll notice that the json has a `"name"` key. Add a key-value pair to your theme where the key name is `"name"` and the value the name you want to give your theme. After this you can refresh te page in your browser and the name should be visible in the drop-down.
When you open one of the themes that ship with Akkoma, you'll notice that the JSON has a `"name"` key. Add a key-value pair to your theme where the key name is `"name"` and the value the name you want to give your theme. After this you can refresh the page in your browser and the name should be visible in the drop-down.
Example of `my-awesome-theme.json` where we add the name "My Awesome Theme"
```json
@ -60,7 +60,7 @@ Example of `my-awesome-theme.json` where we add the name "My Awesome Theme"
### Set as default theme
Now we can set the new theme as default in the [Pleroma FE configuration](https://docs-fe.akkoma.dev/stable/CONFIGURATION).
Now we can set the new theme as default in the [Pleroma FE configuration](https://docs-fe.akkoma.dev/stable/CONFIGURATION/).
Example of adding the new theme in the back-end config files
```elixir
@ -70,4 +70,4 @@ config :pleroma, :frontend_configurations,
}
```
If you added it in the back-end configuration file, you'll need to restart your instance for the changes to take effect. If you don't see the changes, it's probably because the browser has cached the previous theme. In that case you'll want to clear browser caches. Alternatively you can use a private/incognito window just to see the changes.
If you added it in the back-end configuration file, you'll need to restart your instance for the changes to take effect. If you don't see the changes, it's probably because the browser has cached the previous theme. In that case you'll want to clear browser caches. Alternatively, you can use a private/incognito window just to see the changes.

View File

@ -1,4 +1,4 @@
# I2P Federation and Accessability
# I2P Federation and Accessibility
This guide is going to focus on the Akkoma federation aspect. The actual installation is neatly explained in the official documentation, and more likely to remain up-to-date.
It might be added to this guide if there will be a need for that.
@ -17,7 +17,7 @@ One using the config, and one using external software (fedproxy). The external s
**Warning:** So far, everytime I followed this way of federating using I2P, the rest of my federation stopped working. I'm leaving this here in case it will help with making it work.
Assuming you're running in prod, cd to your Akkoma folder and append the following to `config/prod.secret.exs`:
Assuming you're running in prod, `cd` to your Akkoma folder and append the following to `config/prod.secret.exs`:
```
config :pleroma, :http, proxy_url: {:socks5, :localhost, 4447}
```
@ -39,13 +39,13 @@ You can change the socks proxy port in `/etc/i2pd/i2pd.conf`.
### Using Fedproxy
Fedproxy passes through clearnet requests direct to where they are going. It doesn't force anything over Tor.
Fedproxy passes through Clearnet requests direct to where they are going. It doesn't force anything over Tor.
To use [fedproxy](https://github.com/majestrate/fedproxy) you'll need to install Golang.
```
apt install golang
```
Use a different user than akkoma or root. Run the following to add the Gopath to your ~/.bashrc.
Use a different user than Akkoma or root. Run the following to add the GOPATH to your ~/.bashrc.
```
echo "export GOPATH=/home/ren/.go" >> ~/.bashrc
```
@ -62,7 +62,7 @@ fedproxy 127.0.0.1:2000 127.0.0.1:4447
If you want to also use it for Tor, add `127.0.0.1:9050` to that command.
You'll also need to modify your Akkoma config.
Assuming you're running in prod, cd to your Akkoma folder and append the following to `config/prod.secret.exs`:
Assuming you're running in prod, `cd` to your Akkoma folder and append the following to `config/prod.secret.exs`:
```
config :pleroma, :http, proxy_url: {:socks5, :localhost, 2000}
```
@ -103,12 +103,12 @@ systemctl start i2pd.service
*Notice:* The stop command initiates a graceful shutdown process, i2pd stops after finishing to route transit tunnels (maximum 10 minutes).
Now you'll have to find your address.
To do that you can download and use I2PD tools.[^1]
Or you'll need to access your web-console on localhost:7070.
To do that, you can download and use I2PD tools.[^1]
Or, you'll need to access your web-console on localhost:7070.
If you don't have a GUI, you'll have to SSH tunnel into it like this:
`ssh -L 7070:127.0.0.1:7070 user@ip -p port`.
Now you can access it at localhost:7070.
Go to I2P tunnels page. Look for Server tunnels and you will see an address that ends with `.b32.i2p` next to "akkoma".
Go to I2P tunnels page. Look for Server tunnels, and you will see an address that ends with `.b32.i2p` next to "akkoma".
This is your site's address.
### I2P-only Instance
@ -117,20 +117,20 @@ If creating an I2P-only instance, open `config/prod.secret.exs` and under "confi
```
url: [host: "i2paddress", scheme: "http", port: 80],
```
In addition to that, replace the existing nginx config's contents with the example below.
In addition to that, replace the existing NGINX config's contents with the example below.
### Existing Instance (Clearnet Instance)
If not an I2P-only instance, add the nginx config below to your existing config at `/etc/nginx/sites-enabled/akkoma.nginx`.
And for both cases, disable CSP in Akkoma's config (STS is disabled by default) so you can define those yourself separately from the clearnet (if your instance is also on the clearnet).
And for both cases, disable CSP in Akkoma's config (STS is disabled by default) so you can define those yourself separately from the Clearnet (if your instance is also on the Clearnet).
Copy the following into the `config/prod.secret.exs` in your Akkoma folder (/home/akkoma/akkoma/):
```
config :pleroma, :http_security,
enabled: false
```
Use this as the Nginx config:
Use this as the NGINX config:
```
proxy_cache_path /tmp/akkoma-media-cache levels=1:2 keys_zone=akkoma_media_cache:10m max_size=10g inactive=720m use_temp_path=off;
# The above already exists in a clearnet instance's config.
@ -179,7 +179,7 @@ server {
}
}
```
reload Nginx:
reload NGINX:
```
systemctl stop i2pd.service --no-block
systemctl start i2pd.service

View File

@ -1,10 +1,10 @@
# Configuring Ejabberd (XMPP Server) to use Akkoma for authentication
# Configuring ejabberd (XMPP Server) to use Akkoma for authentication
If you want to give your Akkoma users an XMPP (chat) account, you can configure [Ejabberd](https://github.com/processone/ejabberd) to use your Akkoma server for user authentication, automatically giving every local user an XMPP account.
If you want to give your Akkoma users an XMPP (chat) account, you can configure [ejabberd](https://github.com/processone/ejabberd) to use your Akkoma server for user authentication, automatically giving every local user an XMPP account.
In general, you just have to follow the configuration described at [https://docs.ejabberd.im/admin/configuration/authentication/#external-script](https://docs.ejabberd.im/admin/configuration/authentication/#external-script). Please read this section carefully.
In general, you just have to follow the configuration described at [https://docs.ejabberd.im/admin/configuration/authentication/#external-script](https://docs.ejabberd.im/admin/configuration/authentication/#external-script). Please read this section carefully.
Copy the script below to suitable path on your system and set owner and permissions. Also do not forget adjusting `AKKOMA_HOST` and `AKKOMA_PORT`, if necessary.
Copy the script below to a suitable path on your system and set owner and permissions. Also, do not forget adjusting `AKKOMA_HOST` and `AKKOMA_PORT`, if necessary.
```bash
cp akkoma_ejabberd_auth.py /etc/ejabberd/akkoma_ejabberd_auth.py
@ -12,7 +12,7 @@ chown ejabberd /etc/ejabberd/akkoma_ejabberd_auth.py
chmod 700 /etc/ejabberd/akkoma_ejabberd_auth.py
```
Set external auth params in ejabberd.yaml file:
Set external auth parameters in ejabberd.yaml file:
```bash
auth_method: [external]
@ -23,8 +23,7 @@ auth_use_cache: false
Restart / reload your ejabberd service.
After restarting your Ejabberd server, your users should now be able to connect with their Akkoma credentials.
After restarting your ejabberd server, your users should now be able to connect with their Akkoma credentials.
```python
import sys
@ -33,7 +32,6 @@ import http.client
from base64 import b64encode
import logging
AKKOMA_HOST = "127.0.0.1"
AKKOMA_PORT = "4000"
AUTH_ENDPOINT = "/api/v1/accounts/verify_credentials"
@ -42,12 +40,10 @@ LOGFILE = "/var/log/ejabberd/akkoma_auth.log"
logging.basicConfig(filename=LOGFILE, level=logging.INFO)
# Akkoma functions
def create_connection():
return http.client.HTTPConnection(AKKOMA_HOST, AKKOMA_PORT)
def verify_credentials(user: str, password: str) -> bool:
user_pass_b64 = b64encode("{}:{}".format(
user, password).encode('utf-8')).decode("ascii")
@ -69,7 +65,6 @@ def verify_credentials(user: str, password: str) -> bool:
logging.info("Can not connect: %s", str(e))
return False
def does_user_exist(user: str) -> bool:
conn = create_connection()
conn.request("GET", "{}/{}".format(USER_ENDPOINT, user))
@ -80,15 +75,12 @@ def does_user_exist(user: str) -> bool:
return False
def auth(username: str, server: str, password: str) -> bool:
return verify_credentials(username, password)
def isuser(username, server):
return does_user_exist(username)
def read():
(pkt_size,) = struct.unpack('>H', bytes(sys.stdin.read(2), encoding='utf8'))
pkt = sys.stdin.read(pkt_size)
@ -114,7 +106,6 @@ def read():
else:
write(False)
def write(result):
if result:
sys.stdout.write('\x00\x02\x00\x01')
@ -122,7 +113,6 @@ def write(result):
sys.stdout.write('\x00\x02\x00\x00')
sys.stdout.flush()
if __name__ == "__main__":
logging.info("Starting akkoma ejabberd auth daemon...")
while True:

View File

@ -5,6 +5,6 @@ If you want to give your Akkoma users an XMPP (chat) account, you can configure
In general, you just have to follow the configuration described at [https://mongooseim.readthedocs.io/en/latest/authentication-backends/HTTP-authentication-module/](https://mongooseim.readthedocs.io/en/latest/authentication-backends/HTTP-authentication-module/) and do these changes to your mongooseim.cfg.
1. Set the auth_method to `{auth_method, http}`.
2. Add the http auth pool like this: `{http, global, auth, [{workers, 50}], [{server, "https://yourakkomainstance.com"}]}`
2. Add the HTTP auth pool like this: `{http, global, auth, [{workers, 50}], [{server, "https://yourakkomainstance.com"}]}`
Restart your MongooseIM server, your users should now be able to connect with their Akkoma credentials.

View File

@ -11,7 +11,7 @@ Possible uses include:
* removing media from messages
* sending only public messages to a specific instance
The MRF provides user-configurable policies. The default policy is `NoOpPolicy`, which disables the MRF functionality. Akkoma also includes an easy to use policy called `SimplePolicy` which maps messages matching certain pre-defined criterion to actions built into the policy module.
The MRF provides user-configurable policies. The default policy is `NoOpPolicy`, which disables the MRF functionality. Akkoma also includes an easy-to-use policy called `SimplePolicy` which maps messages matching certain pre-defined criterion to actions built into the policy module.
It is possible to use multiple, active MRF policies at the same time.
@ -29,7 +29,7 @@ config :pleroma, :mrf,
Once `SimplePolicy` is enabled, you can configure various groups in the `:mrf_simple` config object. These groups are:
* `reject`: Servers in this group will have their messages rejected. Also outbound messages will not be sent to these servers.
* `reject`: Servers in this group will have their messages rejected. Also, outbound messages will not be sent to these servers.
* `accept`: If not empty, only messages from these instances will be accepted (whitelist federation).
* `media_nsfw`: Servers in this group will have the #nsfw tag and sensitive setting injected into incoming messages which contain media.
* `media_removal`: Servers in this group will have media stripped from incoming messages.
@ -124,7 +124,7 @@ Please note that the Akkoma developers consider custom MRF policy modules to fal
### MRF policies descriptions
If MRF policy depends on config, it can be added into MRF tab to adminFE by adding `config_description/0` method, which returns a map with a specific structure. See existing MRF's like `lib/pleroma/web/activity_pub/mrf/activity_expiration_policy.ex` for examples. Note that more complex inputs, like tuples or maps, may need extra changes in the adminFE and just adding it to `config_description/0` may not be enough to get these inputs working from the adminFE.
If MRF policy depends on config, it can be added into MRF tab to AdminFE by adding `config_description/0` method, which returns a map with a specific structure. See existing MRF's like `lib/pleroma/web/activity_pub/mrf/activity_expiration_policy.ex` for examples. Note that more complex inputs, like tuples or maps, may need extra changes in the adminFE and just adding it to `config_description/0` may not be enough to get these inputs working from the AdminFE.
Example:

View File

@ -5,14 +5,14 @@ In addition, federating with such instances will also help furthering that goal.
This is a guide to show you how it can be easily done.
This guide assumes you already got Akkoma working, and that it's running on the default port 4000.
This guide also assumes you're using Nginx as the reverse proxy.
This guide also assumes you're using NGINX as the reverse proxy.
To install Tor on Debian / Ubuntu:
```
apt -yq install tor
```
**WARNING:** Onion instances not using a Tor version supporting V3 addresses will not be able to federate with you.
**WARNING:** Onion instances not using a Tor version supporting V3 addresses will not be able to federate with you.
Create the hidden service for your Akkoma instance in `/etc/tor/torrc`, with an HTTP tunnel:
```
@ -21,7 +21,7 @@ HiddenServicePort 80 127.0.0.1:8099
HiddenServiceVersion 3 # Remove if Tor version is below 0.3 ( tor --version )
HTTPTunnelPort 9080
```
Restart Tor to generate an adress:
Restart Tor to generate an address:
```
systemctl restart tor@default.service
```
@ -60,21 +60,21 @@ If creating a Tor-only instance, open `config/prod.secret.exs` and under "config
```
url: [host: "onionaddress", scheme: "http", port: 80],
```
In addition to that, replace the existing nginx config's contents with the example below.
In addition to that, replace the existing NGINX config's contents with the example below.
## Existing Instance (Clearnet Instance)
If not a Tor-only instance,
add the nginx config below to your existing config at `/etc/nginx/sites-enabled/akkoma.nginx`.
If not a Tor-only instance,
add the NGINX config below to your existing config at `/etc/nginx/sites-enabled/akkoma.nginx`.
---
For both cases, disable CSP in Akkoma's config (STS is disabled by default) so you can define those yourself separately from the clearnet (if your instance is also on the clearnet).
For both cases, disable CSP in Akkoma's config (STS is disabled by default) so you can define those yourself separately from the Clearnet (if your instance is also on the Clearnet).
Copy the following into the `config/prod.secret.exs` in your Akkoma folder (/home/akkoma/akkoma/):
```
config :pleroma, :http_security,
enabled: false
```
Use this as the Nginx config:
Use this as the NGINX config:
```
proxy_cache_path /tmp/akkoma-media-cache levels=1:2 keys_zone=akkoma_media_cache:10m max_size=10g inactive=720m use_temp_path=off;
# The above already exists in a clearnet instance's config.
@ -123,7 +123,7 @@ server {
}
}
```
reload Nginx:
reload NGINX:
```
systemctl reload nginx
```
@ -134,7 +134,7 @@ You should now be able to both access your instance using Tor and federate with
### Possible Issues
* In Debian, make sure your hidden service folder `/var/lib/tor/akkoma_hidden_service/` and its contents, has debian-tor as both owner and group by using
* In Debian, make sure your hidden service folder `/var/lib/tor/akkoma_hidden_service/` and its contents, has debian-tor as both owner and group by using
```
ls -la /var/lib/tor/
```

View File

@ -1,6 +1,6 @@
# Optimizing the BEAM
Akkoma is built upon the Erlang/OTP VM known as BEAM. The BEAM VM is highly optimized for latency, but this has drawbacks in environments without dedicated hardware. One of the tricks used by the BEAM VM is [busy waiting](https://en.wikipedia.org/wiki/Busy_waiting). This allows the application to pretend to be busy working so the OS kernel does not pause the application process and switch to another process waiting for the CPU to execute its workload. It does this by spinning for a period of time which inflates the apparent CPU usage of the application so it is immediately ready to execute another task. This can be observed with utilities like **top(1)** which will show consistently high CPU usage for the process. Switching between procesess is a rather expensive operation and also clears CPU caches further affecting latency and performance. The goal of busy waiting is to avoid this penalty.
Akkoma is built upon the Erlang/OTP VM known as BEAM. The BEAM VM is highly optimized for latency, but this has drawbacks in environments without dedicated hardware. One of the tricks used by the BEAM VM is [busy waiting](https://en.wikipedia.org/wiki/Busy_waiting). This allows the application to pretend to be busy working so the OS kernel does not pause the application process and switch to another process waiting for the CPU to execute its workload. It does this by spinning for a period of time which inflates the apparent CPU usage of the application so it is immediately ready to execute another task. This can be observed with utilities like **top(1)** which will show consistently high CPU usage for the process. Switching between processes is a rather expensive operation and also clears CPU caches further affecting latency and performance. The goal of busy waiting is to avoid this penalty.
This strategy is very successful in making a performant and responsive application, but is not desirable on Virtual Machines or hardware with few CPU cores. Akkoma instances are often deployed on the same server as the required PostgreSQL database which can lead to situations where the Akkoma application is holding the CPU in a busy-wait loop and as a result the database cannot process requests in a timely manner. The fewer CPUs available, the more this problem is exacerbated. The latency is further amplified by the OS being installed on a Virtual Machine as the Hypervisor uses CPU time-slicing to pause the entire OS and switch between other tasks.
@ -18,10 +18,9 @@ Please only change these settings if you are experiencing issues or really know
* AWS (known to use burst scheduling)
## Example configurations
Tuning the BEAM requires you provide a config file normally called [vm.args](http://erlang.org/doc/man/erl.html#emulator-flags). If you are using systemd to manage the service you can modify the unit file as such:
Tuning the BEAM requires you provide a config file, normally called [vm.args](http://erlang.org/doc/man/erl.html#emulator-flags). If you are using systemd to manage the service you can modify the unit file as such:
`ExecStart=/usr/bin/elixir --erl '-args_file /opt/akkoma/config/vm.args' -S /usr/bin/mix phx.server`

View File

@ -1,38 +1,37 @@
# Using a Varnish Cache
Varnish is a layer that sits between your web server and your backend application -
it does something similar to nginx caching, but tends to be optimised for speed over
it does something similar to NGINX caching, but tends to be optimized for speed over
all else.
To set up a varnish cache, first you'll need to install varnish.
To set up a Varnish cache, first you'll need to install Varnish.
This will vary by distribution, and since this is a rather advanced guide,
no copy-paste instructions are provided. It's probably in your distribution's
package manager, though. `apt-get install varnish` and so on.
Once you have varnish installed, you'll need to configure it to work with akkoma.
Once you have Varnish installed, you'll need to configure it to work with Akkoma.
Copy the configuration file to the varnish configuration directory:
Copy the configuration file to the Varnish configuration directory:
cp installation/akkoma.vcl /etc/varnish/akkoma.vcl
You may want to check if varnish added a `default.vcl` file to the same directory,
if so you can just remove it without issue.
You may want to check if Varnish added a `default.vcl` file to the same directory,
if so, you can just remove it without issue.
Then boot up varnish, probably `systemctl start varnish` or `service varnish start`.
Then boot up Varnish, probably `systemctl start varnish` or `service varnish start`.
Now you should be able to `curl -D- localhost:6081` and see a bunch of
akkoma javascript.
Akkoma JavaScript.
Once that's out of the way, we can point our webserver at varnish. This
Once that's out of the way, we can point our webserver at Varnish. This
=== "Nginx"
=== "NGINX"
upstream phoenix {
server 127.0.0.1:6081 max_fails=5 fail_timeout=60s;
}
=== "Caddy"
reverse_proxy 127.0.0.1:6081
@ -51,4 +50,4 @@ if (std.port(server.ip) != 443) {
}
```
This will allow your webserver alone to handle redirects.
This will allow your webserver alone to handle redirects.

View File

@ -6,7 +6,7 @@ Akkoma performance is largely dependent on performance of the underlying databas
[PgTune](https://pgtune.leopard.in.ua) can be used to get recommended settings. Be sure to set "Number of Connections" to 20, otherwise it might produce settings hurtful to database performance. It is also recommended to not use "Network Storage" option.
If your server runs other services, you may want to take that into account. E.g. if you have 4G ram, but 1G of it is already used for other services, it may be better to tell PGTune you only have 3G. In the end, PGTune only provides recomended settings, you can always try to finetune further.
If your server runs other services, you may want to take that into account. E.g. if you have 4G ram, but 1G of it is already used for other services, it may be better to tell PGTune you only have 3G. In the end, PGTune only provides recommended settings, you can always try to finetune further.
### Example configurations
@ -35,8 +35,7 @@ max_parallel_workers = 2
When PostgreSQL receives a query, it decides on a strategy for searching the requested data, this is called a query plan. The query planner has two modes: generic and custom. Generic makes a plan for all queries of the same shape, ignoring the parameters, which is then cached and reused. Custom, on the contrary, generates a unique query plan based on query parameters.
By default PostgreSQL has an algorithm to decide which mode is more efficient for particular query, however this algorithm has been observed to be wrong on some of the queries Akkoma sends, leading to serious performance loss. Therefore, it is recommended to disable generic mode.
By default, PostgreSQL has an algorithm to decide which mode is more efficient for a particular query, however this algorithm has been observed to be wrong on some of the queries Akkoma sends, leading to serious performance loss. Therefore, it is recommended to disable generic mode.
Akkoma already avoids generic query plans by default, however the method it uses is not the most efficient because it needs to be compatible with all supported PostgreSQL versions. For PostgreSQL 12 and higher additional performance can be gained by adding the following to Akkoma configuration:
```elixir
@ -47,4 +46,4 @@ config :pleroma, Pleroma.Repo,
]
```
A more detailed explaination of the issue can be found at <https://blog.soykaf.com/post/postgresql-elixir-troubles/>.
A more detailed explanation of the issue can be found at <https://blog.soykaf.com/post/postgresql-elixir-troubles/>.

View File

@ -13,21 +13,21 @@ While it has no external dependencies, it has problems with performance and rele
## Meilisearch
Note that it's quite a bit more memory hungry than PostgreSQL (around 4-5G for ~1.2 million
posts while idle and up to 7G while indexing initially). The disk usage for this additional index is also
posts while idle and up to 7G while indexing, initially). The disk usage for this additional index is also
around 4 gigabytes. Like [RUM](./cheatsheet.md#rum-indexing-for-full-text-search) indexes, it offers considerably
higher performance and ordering by timestamp in a reasonable amount of time.
Additionally, the search results seem to be more accurate.
Due to high memory usage, it may be best to set it up on a different machine, if running pleroma on a low-resource
Due to high memory usage, it may be best to set it up on a different machine, if running Pleroma on a low-resource
computer, and use private key authentication to secure the remote search instance.
To use [meilisearch](https://www.meilisearch.com/), set the search module to `Pleroma.Search.Meilisearch`:
To use [Meilisearch](https://www.meilisearch.com/), set the search module to `Pleroma.Search.Meilisearch`:
> config :pleroma, Pleroma.Search, module: Pleroma.Search.Meilisearch
You then need to set the address of the meilisearch instance, and optionally the private key for authentication. You might
also want to change the `initial_indexing_chunk_size` to be smaller if you're server is not very powerful, but not higher than `100_000`,
because meilisearch will refuse to process it if it's too big. However, in general you want this to be as big as possible, because meilisearch
You then need to set the address of the Meilisearch instance, and optionally the private key for authentication. You might
also want to change the `initial_indexing_chunk_size` to be smaller if your server is not very powerful, but not higher than `100_000`,
because Meilisearch will refuse to process it if it's too big. However, in general you want this to be as big as possible, because Meilisearch
indexes faster when it can process many posts in a single batch.
> config :pleroma, Pleroma.Search.Meilisearch,
@ -35,11 +35,11 @@ indexes faster when it can process many posts in a single batch.
> private_key: "private key",
> initial_indexing_chunk_size: 100_000
Information about setting up meilisearch can be found in the
Information about setting up Meilisearch can be found in the
[official documentation](https://docs.meilisearch.com/learn/getting_started/installation.html).
You probably want to start it with `MEILI_NO_ANALYTICS=true` environment variable to disable analytics.
At least version 0.25.0 is required, but you are strongly adviced to use at least 0.26.0, as it introduces
the `--enable-auto-batching` option which drastically improves performance. Without this option, the search
At least version 0.25.0 is required, but you are strongly advised to use at least 0.26.0, as it introduces
the `--enable-auto-batching` option, which drastically improves performance. Without this option, the search
is hardly usable on a somewhat big instance.
### Private key authentication (optional)
@ -61,9 +61,9 @@ You will see a "Default Admin API Key", this is the key you actually put into yo
### Initial indexing
After setting up the configuration, you'll want to index all of your already existsing posts. Only public posts are indexed. You'll only
After setting up the configuration, you'll want to index all of your already existing posts. Only public posts are indexed. You'll only
have to do it one time, but it might take a while, depending on the amount of posts your instance has seen. This is also a fairly RAM
consuming process for `meilisearch`, and it will take a lot of RAM when running if you have a lot of posts (seems to be around 5G for ~1.2
consuming process for `Meilisearch`, and it will take a lot of RAM when running if you have a lot of posts (seems to be around 5G for ~1.2
million posts while idle and up to 7G while indexing initially, but your experience may be different).
The sequence of actions is as follows:
@ -73,7 +73,7 @@ The sequence of actions is as follows:
3. Start the initial indexing process (as described below with `index`),
and wait until the task says it sent everything from the database to index
4. Wait until everything is actually indexed (by checking with `stats` as described below),
at this point you don't have to do anything, just wait a while.
at this point, you don't have to do anything, just wait a while.
To start the initial indexing, run the `index` command:
@ -88,7 +88,7 @@ To start the initial indexing, run the `index` command:
```
This will show you the total amount of posts to index, and then show you the amount of posts indexed currently, until the numbers eventually
become the same. The posts are indexed in big batches and meilisearch will take some time to actually index them, even after you have
become the same. The posts are indexed in big batches and Meilisearch will take some time to actually index them, even after you have
inserted all the posts into it. Depending on the amount of posts, this may be as long as several hours. To get information about the status
of indexing and how many posts have actually been indexed, use the `stats` command:
@ -124,15 +124,15 @@ depends on the amount of text in posts.
## Elasticsearch
**Note: This requires at least ElasticSearch 7**
**Note: This requires at least Elasticsearch 7**
As with meilisearch, this can be rather memory-hungry, but it is very good at what it does.
As with Meilisearch, this can be rather memory-hungry, but it is very good at what it does.
To use [elasticsearch](https://www.elastic.co/), set the search module to `Pleroma.Search.Elasticsearch`:
To use [Elasticsearch]( https://www.elastic.co/elasticsearch/), set the search module to `Pleroma.Search.Elasticsearch`:
> config :pleroma, Pleroma.Search, module: Pleroma.Search.Elasticsearch
You then need to set the URL and authentication credentials if relevant.
You then need to set the URL and authentication credentials, if relevant.
> config :pleroma, Pleroma.Search.Elasticsearch.Cluster,
> url: "http://127.0.0.1:9200/",
@ -141,7 +141,7 @@ You then need to set the URL and authentication credentials if relevant.
### Initial indexing
After setting up the configuration, you'll want to index all of your already existsing posts. You'll only have to do it one time, but it might take a while, depending on the amount of posts your instance has seen.
After setting up the configuration, you'll want to index all of your already existing posts. You'll only have to do it one time, but it might take a while, depending on the amount of posts your instance has seen.
The sequence of actions is as follows:

View File

@ -26,7 +26,7 @@ If you use a From Source installation and want to manage your custom files in th
## robots.txt
There's a mix tasks to [generate a new robot.txt](../../administration/CLI_tasks/robots_txt/).
There's a mix task to [generate a new robot.txt](../../administration/CLI_tasks/robots_txt/).
For more complex things, you can write your own robots.txt to `$static_dir/robots.txt`.
@ -49,7 +49,7 @@ Add `$static_dir/instance/thumbnail.jpeg` with your selfie or other neat picture
## Instance-specific panel
Create and Edit your file at `$static_dir/instance/panel.html`.
Create and edit your file at `$static_dir/instance/panel.html`.
## Background
@ -66,10 +66,10 @@ config :pleroma, :frontend_configurations,
## Logo
!!! important
!!! Important
Note the extra `static` folder for the default logo.png location
If you want to give a brand to your instance, You can change the logo of your instance by uploading it to the static directory `$static_dir/static/logo.png`.
If you want to give a brand to your instance, you can change the logo of your instance by uploading it to the static directory `$static_dir/static/logo.png`.
Alternatively, you can specify the path to your logo in [your configuration](../cheatsheet/#frontend_configurations).
@ -84,28 +84,28 @@ config :pleroma, :frontend_configurations,
## Terms of Service
!!! important
!!! Important
Note the extra `static` folder for the terms-of-service.html
Terms of Service will be shown to all users on the registration page. It's the best place where to write down the rules for your instance. You can modify the rules by adding and changing `$static_dir/static/terms-of-service.html`.
## Favicon
The favicon will display on the frontend, and in the browser tab.
The favicon will display on the frontend, and in the browser tab.
Place a PNG file at `$static_dir/favicon.png` to change the favicon. Not that this
is _one level above_ where the logo is placed, it should be on the same level as
the `frontends` directory.
## Styling rendered pages
To overwrite the CSS stylesheet of the OAuth form and other static pages, you can upload your own CSS file to `instance/static/static.css`. This will completely replace the CSS used by those pages, so it might be a good idea to copy the one from `priv/static/instance/static.css` and make your changes.
## Overriding pleroma-fe styles
## Overriding Pleroma-fe styles
To overwrite the CSS stylesheet of pleroma-fe, you can put a file at
To overwrite the CSS stylesheet of Pleroma-fe, you can put a file at
`$static_dir/static/custom.css` containing your styles. These will be loaded
with the rest of the CSS.
You will probably have to put `!important` on most/all your styles to override the
default ones, due to the specificity precedence of CSS.
default ones, due to the specificity precedence of CSS.

View File

@ -1,12 +1,12 @@
# Storing Remote Media
Akkoma does not store remote/federated media by default. The best way to achieve this is to change Nginx to keep its reverse proxy cache
Akkoma does not store remote/federated media by default. The best way to achieve this is to change NGINX to keep its reverse proxy cache
for a year and to activate the `MediaProxyWarmingPolicy` MRF policy in Akkoma which will automatically fetch all media through the proxy
as soon as the post is received by your instance.
## Nginx
## NGINX
The following are excerpts from the [suggested nginx config](../../../installation/nginx/akkoma.nginx) that demonstrates the necessary config for the media proxy to work.
The following are excerpts from the [suggested NGINX config](../../../installation/nginx/akkoma.nginx) that demonstrates the necessary config for the media proxy to work.
A `proxy_cache_path` must be defined, for example:

View File

@ -1,6 +1,6 @@
# Admin API
Authentication is required and the user must be an admin.
Authentication is required, and the user must be an admin.
Backwards-compatibility for admin API endpoints without version prefixes (`/api/pleroma/admin/*`) has been removed as of Akkoma 3.6.0. Please use `/api/v1/pleroma/admin/*` instead.
@ -137,7 +137,7 @@ Backwards-compatibility for admin API endpoints without version prefixes (`/api/
## `GET /api/v1/pleroma/admin/users/:nickname/permission_group`
### Get user user permission groups membership
### Get user permission groups membership
- Params: none
- Response:
@ -153,7 +153,7 @@ Backwards-compatibility for admin API endpoints without version prefixes (`/api/
Note: Available `:permission_group` is currently moderator and admin. 404 is returned when the permission group doesnt exist.
### Get user user permission groups membership per permission group
### Get user permission groups membership per permission group
- Params: none
- Response:
@ -303,7 +303,7 @@ Removes the user(s) from follower recommendations.
## `GET /api/v1/pleroma/admin/users/:nickname_or_id`
### Retrive the details of a user
### Retrieve the details of a user
- Params:
- `nickname` or `id`
@ -313,7 +313,7 @@ Removes the user(s) from follower recommendations.
## `GET /api/v1/pleroma/admin/users/:nickname_or_id/statuses`
### Retrive user's latest statuses
### Retrieve user's latest statuses
- Params:
- `nickname` or `id`
@ -337,7 +337,7 @@ Removes the user(s) from follower recommendations.
## `GET /api/v1/pleroma/admin/instances/:instance/statuses`
### Retrive instance's latest statuses
### Retrieve instance's latest statuses
- Params:
- `instance`: instance name
@ -377,7 +377,7 @@ It may take some time.
## `GET /api/v1/pleroma/admin/statuses`
### Retrives all latest statuses
### Retrieves all latest statuses
- Params:
- *optional* `page_size`: number of statuses to return (default is `20`)
@ -414,7 +414,7 @@ Params:
Response:
* On success: relay json object
* On success: relay JSON object
```json
{"actor": "https://example.com/relay", "followed_back": true}
@ -426,7 +426,7 @@ Response:
- Params:
- `relay_url`
- *optional* `force`: forcefully unfollow a relay even when the relay is not available. (default is `false`)
- *optional* `force`: forcefully unfollow a relay, even when the relay is not available. (default is `false`)
Response:
@ -505,7 +505,7 @@ Response:
## `POST /api/v1/pleroma/admin/users/email_invite`
### Sends registration invite via email
### Sends registration invites via email
- Params:
- `email`
@ -528,7 +528,6 @@ Response:
### Get a password reset token for a given nickname
- Params: none
- Response:
@ -541,7 +540,7 @@ Response:
## `PATCH /api/v1/pleroma/admin/users/force_password_reset`
### Force passord reset for a user with a given nickname
### Force password reset for a user with a given nickname
- Params:
- `nicknames`
@ -549,7 +548,7 @@ Response:
## PUT `/api/v1/pleroma/admin/users/disable_mfa`
### Disable mfa for user's account.
### Disable MFA for user's account.
- Params:
- `nickname`
@ -960,7 +959,7 @@ Status: 404
## `GET /api/v1/pleroma/admin/need_reboot`
### Returns the flag whether the pleroma should be restarted
### Returns the flag whether the Akkoma should be restarted
- Params: none
- Response:
@ -975,7 +974,7 @@ Status: 404
### Get list of merged default settings with saved in database.
*If `need_reboot` is `true`, instance must be restarted, so reboot time settings can take effect.*
*If `need_reboot` is `true`, the instance must be restarted, so reboot time settings can take effect.*
**Only works when configuration from database is enabled.**
@ -1002,7 +1001,7 @@ Status: 404
### Update config settings
*If `need_reboot` is `true`, instance must be restarted, so reboot time settings can take effect.*
*If `need_reboot` is `true`, the instance must be restarted, so reboot time settings can take effect.*
**Only works when configuration from database is enabled.**
@ -1045,7 +1044,7 @@ Most of the settings will be applied in `runtime`, this means that you don't nee
- `delete` - true (*optional*, if setting must be deleted)
- `subkeys` - array of strings (*optional*, only works when `delete=true` parameter is passed, otherwise will be ignored)
*When a value have several nested settings, you can delete only some nested settings by passing a parameter `subkeys`, without deleting all settings by key.*
*When a value has several nested settings, you can delete only some nested settings by passing a parameter `subkeys`, without deleting all settings by key.*
```
[subkey: val1, subkey2: val2, subkey3: val3] \\ initial value
{"group": ":pleroma", "key": "some_key", "delete": true, "subkeys": [":subkey", ":subkey3"]} \\ passing json for deletion
@ -1132,7 +1131,7 @@ List of settings which support only full update by subkey:
## ` GET /api/v1/pleroma/admin/config/descriptions`
### Get JSON with config descriptions.
Loads json generated from `config/descriptions.exs`.
Loads JSON generated from `config/descriptions.exs`.
- Params: none
- Response:
@ -1268,7 +1267,6 @@ Loads json generated from `config/descriptions.exs`.
}
```
## `POST /api/v1/pleroma/admin/oauth_app`
### Create OAuth App

View File

@ -1,10 +1,10 @@
# Differences in Mastodon API responses from vanilla Mastodon
A Akkoma instance can be identified by "<Mastodon version> (compatible; Pleroma <version>)" present in `version` field in response from `/api/v1/instance`
An Akkoma instance can be identified by "<Mastodon version> (compatible; Pleroma <version>)" present in `version` field in response from `/api/v1/instance`
## Flake IDs
Akkoma uses 128-bit ids as opposed to Mastodon's 64 bits. However, just like Mastodon's ids, they are lexically sortable strings
Akkoma uses 128-bit IDs as opposed to Mastodon's 64 bits. However, just like Mastodon's IDs, they are lexically sortable strings
## Timelines
@ -32,8 +32,8 @@ Has these additional fields under the `pleroma` object:
- `conversation_id`: the ID of the AP context the status is associated with (if any)
- `direct_conversation_id`: the ID of the Mastodon direct message conversation the status is associated with (if any)
- `in_reply_to_account_acct`: the `acct` property of User entity for replied user (if any)
- `content`: a map consisting of alternate representations of the `content` property with the key being its mimetype. Currently, the only alternate representation supported is `text/plain`
- `spoiler_text`: a map consisting of alternate representations of the `spoiler_text` property with the key being its mimetype. Currently, the only alternate representation supported is `text/plain`
- `content`: a map consisting of alternate representations of the `content` property, with the key being its mimetype. Currently, the only alternate representation supported is `text/plain`
- `spoiler_text`: a map consisting of alternate representations of the `spoiler_text` property, with the key being its mimetype. Currently, the only alternate representation supported is `text/plain`
- `expires_at`: a datetime (iso8601) that states when the post will expire (be deleted automatically), or empty if the post won't expire
- `thread_muted`: true if the thread the post belongs to is muted
- `emoji_reactions`: A list with emoji / reaction maps. The format is `{name: "☕", count: 1, me: true}`. Contains no information about the reacting users, for that use the `/statuses/:id/reactions` endpoint.
@ -90,11 +90,11 @@ Endpoints which accept `with_relationships` parameter:
Has these additional fields under the `pleroma` object:
- `ap_id`: nullable URL string, ActivityPub id of the user
- `ap_id`: nullable URL string, ActivityPub ID of the user
- `background_image`: nullable URL string, background image of the user
- `tags`: Lists an array of tags for the user
- `relationship` (object): Includes fields as documented for Mastodon API https://docs.joinmastodon.org/entities/relationship/
- `is_moderator`: boolean, nullable, true if user is a moderator
- `is_moderator`: boolean, nullable, true if user is a moderator
- `is_admin`: boolean, nullable, true if user is an admin
- `confirmation_pending`: boolean, true if a new user account is waiting on email confirmation to be activated
- `hide_favorites`: boolean, true when the user has hiding favorites enabled
@ -114,8 +114,8 @@ Has these additional fields under the `pleroma` object:
Has these additional fields under the `pleroma` object:
- `show_role`: boolean, nullable, true when the user wants his role (e.g admin, moderator) to be shown
- `no_rich_text` - boolean, nullable, true when html tags are stripped from all statuses requested from the API
- `show_role`: boolean, nullable, true when the user wants his role (e.g. admin, moderator) to be shown
- `no_rich_text` - boolean, nullable, true when HTML tags are stripped from all statuses requested from the API
- `discoverable`: boolean, true when the user allows external services (search bots) etc. to index / list the account (regardless of this setting, user will still appear in regular search results)
- `actor_type`: string, the type of this account.
@ -183,7 +183,7 @@ An endpoint to delete multiple statuses by IDs.
Required parameters:
- `ids`: array of activity ids
- `ids`: array of activity IDs
Usage example: `DELETE /api/v1/notifications/destroy_multiple/?ids[]=1&ids[]=2`.
@ -206,7 +206,7 @@ An endpoint to get multiple statuses by IDs.
Required parameters:
- `ids`: array of activity ids
- `ids`: array of activity IDs
Usage example: `GET /api/v1/statuses/?ids[]=1&ids[]=2`.
@ -239,7 +239,7 @@ All images (avatar, banner and background) can be reset to the default by sendin
### Akkoma Settings Store
Akkoma has mechanism that allows frontends to save blobs of json for each user on the backend. This can be used to save frontend-specific settings for a user that the backend does not need to know about.
Akkoma has a mechanism that allows frontends to save blobs of JSON for each user on the backend. This can be used to save frontend-specific settings for a user that the backend does not need to know about.
The parameter should have a form of `{frontend_name: {...}}`, with `frontend_name` identifying your type of client, e.g. `pleroma_fe`. It will overwrite everything under this property, but will not overwrite other frontend's settings.
@ -318,7 +318,7 @@ Permits these additional alert types:
Has these additional fields under the `pleroma` object:
- `unread_count`: contains number unread notifications
- `unread_count`: contains number of unread notifications
## Streaming
@ -330,7 +330,7 @@ For viewing remote server timelines, there are `public:remote` and `public:remot
Akkoma streams follow relationships updates as `pleroma:follow_relationships_update` events to the `user` stream.
The message payload consist of:
The message payload consists of:
- `state`: a relationship state, one of `follow_pending`, `follow_accept` or `follow_reject`.

View File

@ -20,9 +20,8 @@ Content-Type: multipart/form-data
Parameters:
- (required) `file`: The file being uploaded
- (optionnal) `description`: A plain-text description of the media, for accessibility purposes.
- (optional) `description`: A plain-text description of the media, for accessibility purposes.
Response: HTTP 201 Created with the object into the body, no `Location` header provided as it doesn't have an `id`
The object given in the reponse should then be inserted into an Object's `attachment` field.
The object given in the response should then be inserted into an Object's `attachment` field.

View File

@ -10,7 +10,7 @@
For routes with `:authenticated_api` pipeline, authentication & authorization are expected, thus `OAuthScopesPlug` will be run unless explicitly skipped (also `EnsureAuthenticatedPlug` will be executed immediately before action even if there was an early run to give an early error, since `OAuthScopesPlug` supports `:proceed_unauthenticated` option, and other plugs may support similar options as well).
For `:api` pipeline routes, it'll be verified whether `OAuthScopesPlug` was called or explicitly skipped, and if it was not then auth information will be dropped for request. Then `EnsurePublicOrAuthenticatedPlug` will be called to ensure that either the instance is not private or user is authenticated (unless explicitly skipped). Such automated checks help to prevent human errors and result in higher security / privacy for users.
For `:api` pipeline routes, it'll be verified whether `OAuthScopesPlug` was called or explicitly skipped, and if it was not, then auth information will be dropped for request. Then `EnsurePublicOrAuthenticatedPlug` will be called to ensure that either the instance is not private or user is authenticated (unless explicitly skipped). Such automated checks help to prevent human errors and result in higher security / privacy for users.
## Non-OAuth authentication

View File

@ -18,24 +18,24 @@ The docs are written in Markdown, including certain extensions, and can be found
## Technology
Akkoma is written in [Elixir](https://elixir-lang.org/) and uses [Postgresql](https://www.postgresql.org/) for database. We use [Git](https://git-scm.com/) for collaboration and tracking code changes. Furthermore it can typically run on [Unix and Unix-like OS'es](https://en.wikipedia.org/wiki/Unix-like). For development, you should use an OS which [can run Akkoma](../installation/debian_based_en/).
Akkoma is written in [Elixir](https://elixir-lang.org/) and uses [PostgreSQL](https://www.postgresql.org/) for database. We use [Git](https://git-scm.com/) for collaboration and tracking code changes. Furthermore it can typically run on [Unix and Unix-like OS'es](https://en.wikipedia.org/wiki/Unix-like). For development, you should use an OS which [can run Akkoma](../installation/debian_based_en/).
It's good to have at least some basic understanding of at least Git and Elixir. If this is completely new for you, there's some [videos explaining Git](https://git-scm.com/doc) and Codeberg has a nice article explaining the typical [pull requests Git flow](https://docs.codeberg.org/collaborating/pull-requests-and-git-flow/). For Elixir, you can follow Elixir's own [Getting Started guide](https://elixir-lang.org/getting-started/introduction.html).
It's good to have at least some basic understanding of at least Git and Elixir. If this is completely new for you, there are some [videos explaining Git](https://git-scm.com/doc) and Codeberg has a nice article explaining the typical [pull requests Git flow](https://docs.codeberg.org/collaborating/pull-requests-and-git-flow/). For Elixir, you can follow Elixir's own [Getting Started guide](https://elixir-lang.org/getting-started/introduction.html).
## Setting up a development environment
The best way to start is getting the software to run from source so you can start poking on it. Check out the [guides for setting up an Akkoma instance for development](setting_up_akkoma_dev/#setting-up-a-akkoma-development-environment).
The best way to start is getting the software to run from source, so you can start poking on it. Check out the [guides for setting up an Akkoma instance for development](setting_up_akkoma_dev/#setting-up-a-akkoma-development-environment).
## General overview
### Modules
Akkoma has several modules. There are modules for [uploading](https://akkoma.dev/AkkomaGang/akkoma/src/branch/develop/lib/pleroma/uploaders), [upload filters](https://akkoma.dev/AkkomaGang/akkoma/src/branch/develop/lib/pleroma/upload/filter), [translators](https://akkoma.dev/AkkomaGang/akkoma/src/branch/develop/lib/pleroma/akkoma/translators)... The most famous ones are without a doubt the [MRF policies](https://akkoma.dev/AkkomaGang/akkoma/src/branch/develop/lib/pleroma/web/activity_pub/mrf). Modules are often self contained and a good way to start with development because you don't have to think about much more than just the module itself. We even have an example on [writing your own MRF policy](/configuration/mrf/#writing-your-own-mrf-policy)!
Akkoma has several modules. There are modules for [uploading](https://akkoma.dev/AkkomaGang/akkoma/src/branch/develop/lib/pleroma/uploaders), [upload filters](https://akkoma.dev/AkkomaGang/akkoma/src/branch/develop/lib/pleroma/upload/filter), [translators](https://akkoma.dev/AkkomaGang/akkoma/src/branch/develop/lib/pleroma/akkoma/translators)... The most famous ones are without a doubt the [MRF policies](https://akkoma.dev/AkkomaGang/akkoma/src/branch/develop/lib/pleroma/web/activity_pub/mrf). Modules are often self-contained and a good way to start with development because you don't have to think about much more than just the module itself. We even have an example on [writing your own MRF policy](/configuration/mrf/#writing-your-own-mrf-policy)!
Another easy entry point is the [mix tasks](https://akkoma.dev/AkkomaGang/akkoma/src/branch/develop/lib/mix/tasks/pleroma). They too are often self contained and don't need you to go through much of the code.
### Activity Streams/Activity Pub
Akkoma uses Activity Streams for both federation, as well as internal representation. It may be interesting to at least go over the specifications of [Activity Pub](https://www.w3.org/TR/activitypub/), [Activity Streams 2.0](https://www.w3.org/TR/activitystreams-core/), and [Activity Streams Vocabulary](https://www.w3.org/TR/activitystreams-vocabulary/). Note that these are not enough to have a full grasp of how everything works, but should at least give you the basics to understand how messages are passed between and inside Akkoma instances.
Akkoma uses Activity Streams for both federation, and internal representation. It may be interesting to at least go over the specifications of [Activity Pub](https://www.w3.org/TR/activitypub/), [Activity Streams 2.0](https://www.w3.org/TR/activitystreams-core/), and [Activity Streams Vocabulary](https://www.w3.org/TR/activitystreams-vocabulary/). Note that these are not enough to have a full grasp of how everything works, but should at least give you the basics to understand how messages are passed between and inside Akkoma instances.
## Don't forget

View File

@ -1,38 +1,38 @@
# Setting up a Akkoma development environment
# Setting up an Akkoma development environment
Akkoma requires some adjustments from the defaults for running the instance locally. The following should help you to get started.
## Installing
1. Install Akkoma as explained in [the docs](../installation/debian_based_en.md), with some exceptions:
* No need to create a dedicated akkoma user, it's easier to just use your own user
* You can use your own fork of the repository and add akkoma as a remote `git remote add akkoma 'https://akkoma.dev/AkkomaGang/akkoma.git'`
* For domain you can use `localhost`
* For the DB you can still choose a dedicated user. The mix tasks sets it up, so it's no extra work for you
* No need to create a dedicated Akkoma user, it's easier to just use your own user
* You can use your own fork of the repository and add Akkoma as a remote `git remote add akkoma 'https://akkoma.dev/AkkomaGang/akkoma.git'`
* For domain, you can use `localhost`
* For the DB, you can still choose a dedicated user. The mix tasks sets it up, so it's no extra work for you
* instead of creating a `prod.secret.exs`, create `dev.secret.exs`
* No need to prefix with `MIX_ENV=prod`. We're using dev and that's the default MIX_ENV
* You can skip nginx and systemd
* You can skip NGINX and systemd
* For front-end, you'll probably want to install and use the develop branch instead of the stable branch. There's no guarantee that the stable branch of the FE will always work on the develop branch of the BE.
2. Change the dev.secret.exs
* Change the FE settings to use the installed branch (see also [Frontend Management](/configuration/frontend_management/))
* Change the scheme in `config :pleroma, Pleroma.Web.Endpoint` to http (see examples below)
* Change the scheme in `config :pleroma, Pleroma.Web.Endpoint` to HTTP (see examples below)
* If you want to change other settings, you can do that too
3. You can now start the server with `mix phx.server`. Once it's build and started, you can access the instance on `http://<host>:<port>` (e.g.http://localhost:4000 ) and should be able to do everything locally you normally can.
3. You can now start the server with `mix phx.server`. Once it's build and started, you can access the instance on `http://<host>:<port>` (e.g. http://localhost:4000 ) and should be able to do everything locally you normally can.
Example on how to install pleroma-fe and admin-fe using it's develop branch
Example on how to install Pleroma-fe and Admin-fe using its develop branch
```sh
mix pleroma.frontend install pleroma-fe --ref develop
mix pleroma.frontend install admin-fe --ref develop
```
Example config to use the pleroma-fe and admin-fe installed from the develop branch
Example config to use the Pleroma-fe and Admin-fe installed from the develop branch
```elixir
config :pleroma, :frontends,
primary: %{"name" => "pleroma-fe", "ref" => "develop"},
admin: %{"name" => "admin-fe", "ref" => "develop"}
```
Example config to change the scheme to http. Change the port if you want to run on another port.
Example config to change the scheme to HTTP. Change the port if you want to run on another port.
```elixir
config :pleroma, Pleroma.Web.Endpoint,
url: [host: "localhost", scheme: "http", port: 4000],
@ -53,7 +53,7 @@ config :logger, :console,
## Testing with HTTPS
If you end up developing alongside other software like misskey,
If you end up developing alongside other software like Misskey,
you will not be able to federate without an SSL certificate. You should
be able to use the snakeoil certificate that comes standard with most
distributions or generate one from scratch, then force elixir to accept it.

View File

@ -4,8 +4,8 @@
## What is Akkoma?
Akkoma is a federated social networking platform, compatible with Mastodon and other ActivityPub implementations. It is free software licensed under the AGPLv3.
It actually consists of two components: a backend, named simply Akkoma, and a user-facing frontend, named Pleroma-FE. It also includes the Mastodon frontend, if that's your thing.
It's part of what we call the fediverse, a federated network of instances which speak common protocols and can communicate with each other.
One account on an instance is enough to talk to the entire fediverse!
It's part of what we call the Fediverse, a federated network of instances which speak common protocols and can communicate with each other.
One account on an instance is enough to talk to the entire Fediverse!
## Community Channels
@ -29,15 +29,14 @@ If you don't feel like joining an existing instance, but instead prefer to deplo
Installation instructions can be found in the installation section of these docs.
## I got an account, now what?
Great! Now you can explore the fediverse! Open the login page for your Akkoma instance (e.g. <https://otp.akkoma.dev>) and login with your username and password. (If you don't have an account yet, click on Register)
Great! Now you can explore the Fediverse! Open the login page for your Akkoma instance (e.g. <https://otp.akkoma.dev>) and login with your username and password. (If you don't have an account yet, click on Register)
### Pleroma-FE
The default front-end used by Akkoma is Pleroma-FE. You can find more information on what it is and how to use it in the [Introduction to Pleroma-FE](https://docs-fe.akkoma.dev/stable/).
### Mastodon interface
If the Pleroma-FE interface isn't your thing, or you're just trying something new but you want to keep using the familiar Mastodon interface, we got that too!
Just add a "/web" after your instance url (e.g. <https://otp.akkoma.dev/web>) and you'll end on the Mastodon web interface, but with a Akkoma backend! MAGIC!
The Mastodon interface is from the Glitch-soc fork. For more information on the Mastodon interface you can check the [Mastodon](https://docs.joinmastodon.org/) and [Glitch-soc](https://glitch-soc.github.io/docs/) documentation.
If the Pleroma-FE interface isn't your thing, or you're just trying something new, but you want to keep using the familiar Mastodon interface, we got that too!
Just add a "/web" after your instance URL (e.g. <https://otp.akkoma.dev/web>) and you'll end on the Mastodon web interface, but with an Akkoma backend! MAGIC!
The Mastodon interface is from the Glitch-soc fork. For more information on the Mastodon interface, you can check the [Mastodon](https://docs.joinmastodon.org/) and [Glitch-soc](https://glitch-soc.github.io/docs/) documentation.
Remember, what you see is only the frontend part of Mastodon, the backend is still Akkoma.

View File

@ -14,7 +14,7 @@ If you want to run this guide with root, ignore the `doas` at the beginning of t
### Prepare the system
* The community repository must be enabled in `/etc/apk/repositories`. Depending on which version and mirror you use this looks like `https://dl-5.alpinelinux.org/alpine/v3.16/community`. If you autogenerated the mirror during installation:
* The community repository must be enabled in `/etc/apk/repositories`. Depending on which version and mirror you use, this looks like `https://dl-5.alpinelinux.org/alpine/v3.16/community`. If you autogenerated the mirror during installation:
```shell
awk 'NR==2' /etc/apk/repositories | sed 's/main/community/' | tee -a /etc/apk/repositories
@ -41,7 +41,7 @@ doas apk add git build-base cmake file-dev
doas apk add erlang elixir
```
* Install `erlang-eldap` if you want to enable ldap authenticator
* Install `erlang-eldap` if you want to enable LDAP authenticator
```shell
doas apk add erlang-eldap
@ -49,7 +49,7 @@ doas apk add erlang-eldap
### Install PostgreSQL
* Install Postgresql server:
* Install PostgreSQL server:
```shell
doas apk add postgresql postgresql-contrib
@ -61,7 +61,7 @@ doas apk add postgresql postgresql-contrib
doas rc-service postgresql start
```
* Enable and start postgresql server:
* Enable and start PostgreSQL server:
```shell
doas rc-update add postgresql
@ -106,8 +106,8 @@ doas -u akkoma mix deps.get
* Generate the configuration: `doas -u akkoma env MIX_ENV=prod mix pleroma.instance gen`
* Answer with `yes` if it asks you to install `rebar3`.
* This may take some time, because parts of akkoma get compiled first.
* After that it will ask you a few questions about your instance and generates a configuration file in `config/generated_config.exs`.
* This may take some time, because parts of Akkoma get compiled first.
* After that, it will ask you a few questions about your instance and generates a configuration file in `config/generated_config.exs`.
* Check the configuration and if all looks right, rename it, so Akkoma will load it (`prod.secret.exs` for productive instances):
@ -115,7 +115,7 @@ doas -u akkoma mix deps.get
doas -u akkoma mv config/{generated_config.exs,prod.secret.exs}
```
* The previous command creates also the file `config/setup_db.psql`, with which you can create the database:
* The previous command also creates the file `config/setup_db.psql`, with which you can create the database:
```shell
doas -u postgres psql -f config/setup_db.psql
@ -135,17 +135,17 @@ doas -u akkoma env MIX_ENV=prod mix phx.server
### Finalize installation
If you want to open your newly installed instance to the world, you should run nginx or some other webserver/proxy in front of Akkoma and you should consider to create an OpenRC service file for Akkoma.
If you want to open your newly installed instance to the world, you should run NGINX or some other webserver/proxy in front of Akkoma and you should consider to create an OpenRC service file for Akkoma.
#### Nginx
#### NGINX
* Install nginx, if not already done:
* Install NGINX, if not already done:
```shell
doas apk add nginx
```
* Setup your SSL cert, using your method of choice or certbot. If using certbot, first install it:
* Set up your SSL cert, using your method of choice or Certbot. If using Certbot, first install it:
```shell
doas apk add certbot
@ -158,15 +158,15 @@ doas mkdir -p /var/lib/letsencrypt/
doas certbot certonly --email <your@emailaddress> -d <yourdomain> --standalone
```
If that doesnt work, make sure, that nginx is not already running. If it still doesnt work, try setting up nginx first (change ssl “on” to “off” and try again).
If that doesnt work, make sure, that NGINX is not already running. If it still doesnt work, try setting up NGINX first (change SSL “on” to “off” and try again).
* Copy the example nginx configuration to the nginx folder
* Copy the example NGINX configuration to the NGINX folder
```shell
doas cp /opt/akkoma/installation/nginx/akkoma.nginx /etc/nginx/conf.d/akkoma.conf
```
* Before starting nginx edit the configuration and change it to your needs. You must change change `server_name` and the paths to the certificates. You can use `nano` (install with `apk add nano` if missing).
* Before starting NGINX, edit the configuration and change it to your needs. You must change `server_name` and the paths to the certificates. You can use `nano` (install with `apk add nano` if missing).
```
server {
@ -186,14 +186,14 @@ server {
}
```
* Enable and start nginx:
* Enable and start NGINX:
```shell
doas rc-update add nginx
doas rc-service nginx start
```
If you need to renew the certificate in the future, uncomment the relevant location block in the nginx config and run:
If you need to renew the certificate in the future, uncomment the relevant location block in the NGINX config and run:
```shell
doas certbot certonly --email <your@emailaddress> -d <yourdomain> --webroot -w /var/lib/letsencrypt/

View File

@ -8,7 +8,7 @@ This guide will assume that you have administrative rights, either as root or a
### Required packages
* `postgresql`
* `PostgreSQL`
* `elixir`
* `git`
* `base-devel`
@ -17,11 +17,11 @@ This guide will assume that you have administrative rights, either as root or a
#### Optional packages used in this guide
* `nginx` (preferred, example configs for other reverse proxies can be found in the repo)
* `certbot` (or any other ACME client for Lets Encrypt certificates)
* `NGINX` (preferred, example configs for other reverse proxies can be found in the repo)
* `Certbot` (or any other ACME client for Lets Encrypt certificates)
* `ImageMagick`
* `ffmpeg`
* `exiftool`
* `FFmpeg`
* `ExifTool`
### Prepare the system
@ -31,7 +31,7 @@ This guide will assume that you have administrative rights, either as root or a
sudo pacman -Syu
```
* Install some of the above mentioned programs:
* Install some of the above-mentioned programs:
```shell
sudo pacman -S git base-devel elixir cmake file
@ -97,8 +97,8 @@ sudo -Hu akkoma mix deps.get
* Generate the configuration: `sudo -Hu akkoma MIX_ENV=prod mix pleroma.instance gen`
* Answer with `yes` if it asks you to install `rebar3`.
* This may take some time, because parts of akkoma get compiled first.
* After that it will ask you a few questions about your instance and generates a configuration file in `config/generated_config.exs`.
* This may take some time, because parts of Akkoma get compiled first.
* After that, it will ask you a few questions about your instance and generates a configuration file in `config/generated_config.exs`.
* Check the configuration and if all looks right, rename it, so Akkoma will load it (`prod.secret.exs` for productive instances):
@ -106,7 +106,7 @@ sudo -Hu akkoma mix deps.get
sudo -Hu akkoma mv config/{generated_config.exs,prod.secret.exs}
```
* The previous command creates also the file `config/setup_db.psql`, with which you can create the database:
* The previous command also creates the file `config/setup_db.psql`, with which you can create the database:
```shell
sudo -Hu postgres psql -f config/setup_db.psql
@ -126,11 +126,11 @@ sudo -Hu akkoma MIX_ENV=prod mix phx.server
### Finalize installation
If you want to open your newly installed instance to the world, you should run nginx or some other webserver/proxy in front of Akkoma and you should consider to create a systemd service file for Akkoma.
If you want to open your newly installed instance to the world, you should run NGINX or some other webserver/proxy in front of Akkoma and you should consider to create a systemd service file for Akkoma.
#### Nginx
#### NGINX
* Install nginx, if not already done:
* Install NGINX, if not already done:
```shell
sudo pacman -S nginx
@ -148,7 +148,7 @@ sudo mkdir -p /etc/nginx/sites-{available,enabled}
include sites-enabled/*;
```
* Setup your SSL cert, using your method of choice or certbot. If using certbot, first install it:
* Setup your SSL cert, using your method of choice or Certbot. If using Certbot, first install it:
```shell
sudo pacman -S certbot certbot-nginx
@ -161,25 +161,25 @@ sudo mkdir -p /var/lib/letsencrypt/
sudo certbot certonly --email <your@emailaddress> -d <yourdomain> --standalone
```
If that doesnt work, make sure, that nginx is not already running. If it still doesnt work, try setting up nginx first (change ssl “on” to “off” and try again).
If that doesnt work, make sure, that NGINX is not already running. If it still doesnt work, try setting up NGINX first (change SSL “on” to “off” and try again).
---
* Copy the example nginx configuration and activate it:
* Copy the example NGINX configuration and activate it:
```shell
sudo cp /opt/akkoma/installation/nginx/akkoma.nginx /etc/nginx/sites-available/akkoma.nginx
sudo ln -s /etc/nginx/sites-available/akkoma.nginx /etc/nginx/sites-enabled/akkoma.nginx
```
* Before starting nginx edit the configuration and change it to your needs (e.g. change servername, change cert paths)
* Enable and start nginx:
* Before starting NGINX edit the configuration and change it to your needs (e.g. change servername, change cert paths)
* Enable and start NGINX:
```shell
sudo systemctl enable --now nginx.service
```
If you need to renew the certificate in the future, uncomment the relevant location block in the nginx config and run:
If you need to renew the certificate in the future, uncomment the relevant location block in the NGINX config and run:
```shell
sudo certbot certonly --email <your@emailaddress> -d <yourdomain> --webroot -w /var/lib/letsencrypt/

View File

@ -17,7 +17,7 @@ sudo apt update
sudo apt full-upgrade
```
* Install some of the above mentioned programs:
* Install some of the above-mentioned programs:
```shell
sudo apt install git build-essential postgresql postgresql-contrib cmake libmagic-dev
@ -32,7 +32,6 @@ sudo apt update
sudo apt install elixir erlang-dev erlang-nox
```
### Optional packages: [`docs/installation/optional/media_graphics_packages.md`](../installation/optional/media_graphics_packages.md)
```shell
@ -71,8 +70,8 @@ sudo -Hu akkoma mix deps.get
* Generate the configuration: `sudo -Hu akkoma MIX_ENV=prod mix pleroma.instance gen`
* Answer with `yes` if it asks you to install `rebar3`.
* This may take some time, because parts of akkoma get compiled first.
* After that it will ask you a few questions about your instance and generates a configuration file in `config/generated_config.exs`.
* This may take some time, because parts of Akkoma get compiled first.
* After that, it will ask you a few questions about your instance and generates a configuration file in `config/generated_config.exs`.
* Check the configuration and if all looks right, rename it, so Akkoma will load it (`prod.secret.exs` for productive instances):
@ -80,8 +79,7 @@ sudo -Hu akkoma mix deps.get
sudo -Hu akkoma mv config/{generated_config.exs,prod.secret.exs}
```
* The previous command creates also the file `config/setup_db.psql`, with which you can create the database:
* The previous command also creates the file `config/setup_db.psql`, with which you can create the database:
```shell
sudo -Hu postgres psql -f config/setup_db.psql
@ -101,17 +99,17 @@ sudo -Hu akkoma MIX_ENV=prod mix phx.server
### Finalize installation
If you want to open your newly installed instance to the world, you should run nginx or some other webserver/proxy in front of Akkoma and you should consider to create a systemd service file for Akkoma.
If you want to open your newly installed instance to the world, you should run NGINX or some other webserver/proxy in front of Akkoma and you should consider to create a systemd service file for Akkoma.
#### Nginx
#### NGINX
* Install nginx, if not already done:
* Install NGINX, if not already done:
```shell
sudo apt install nginx
```
* Setup your SSL cert, using your method of choice or certbot. If using certbot, first install it:
* Setup your SSL cert, using your method of choice or Certbot. If using Certbot, first install it:
```shell
sudo apt install certbot
@ -124,25 +122,25 @@ sudo mkdir -p /var/lib/letsencrypt/
sudo certbot certonly --email <your@emailaddress> -d <yourdomain> --standalone
```
If that doesnt work, make sure, that nginx is not already running. If it still doesnt work, try setting up nginx first (change ssl “on” to “off” and try again).
If that doesnt work, make sure, that NGINX is not already running. If it still doesnt work, try setting up NGINX first (change SSL “on” to “off” and try again).
---
* Copy the example nginx configuration and activate it:
* Copy the example NGINX configuration and activate it:
```shell
sudo cp /opt/akkoma/installation/nginx/akkoma.nginx /etc/nginx/sites-available/akkoma.nginx
sudo ln -s /etc/nginx/sites-available/akkoma.nginx /etc/nginx/sites-enabled/akkoma.nginx
```
* Before starting nginx edit the configuration and change it to your needs (e.g. change servername, change cert paths)
* Enable and start nginx:
* Before starting NGINX edit the configuration and change it to your needs (e.g. change servername, change cert paths)
* Enable and start NGINX:
```shell
sudo systemctl enable --now nginx.service
```
If you need to renew the certificate in the future, uncomment the relevant location block in the nginx config and run:
If you need to renew the certificate in the future, uncomment the relevant location block in the NGINX config and run:
```shell
sudo certbot certonly --email <your@emailaddress> -d <yourdomain> --webroot -w /var/lib/letsencrypt/

View File

@ -2,7 +2,7 @@
## Installation
This guide will show you how to get akkoma working in a docker container,
This guide will show you how to get Akkoma working in a docker container,
if you want isolation, or if you run a distribution not supported by the OTP
releases.
@ -11,10 +11,10 @@ If you want to migrate from or OTP to docker, check out [the migration guide](./
### Prepare the system
* Install docker and docker-compose
* [Docker](https://docs.docker.com/engine/install/)
* [Docker](https://docs.docker.com/engine/install/)
* [Docker-compose](https://docs.docker.com/compose/install/)
* This will usually just be a repository installation and a package manager invocation.
* Clone the akkoma repository
* Clone the Akkoma repository
* `git clone https://akkoma.dev/AkkomaGang/akkoma.git -b stable`
* `cd akkoma`
@ -30,7 +30,7 @@ variables for the docker-compose file.
### Building the container
The container provided is a thin wrapper around akkoma's dependencies,
The container provided is a thin wrapper around Akkoma's dependencies,
it does not contain the code itself. This is to allow for easy updates
and debugging if required.
@ -52,7 +52,7 @@ mkdir pgdata
This will ask you a few questions - the defaults are fine for most things,
the database hostname is `db`, the database password is `akkoma`
(not auto generated), and you will want to set the ip to `0.0.0.0`.
(not auto generated), and you will want to set the IP to `0.0.0.0`.
Now we'll want to copy over the config it just created
@ -60,12 +60,12 @@ Now we'll want to copy over the config it just created
cp config/generated_config.exs config/prod.secret.exs
```
### Setting up the database
### Setting up the database
We need to run a few commands on the database container, this isn't too bad
```bash
docker-compose run --rm --user akkoma -d db
docker-compose run --rm --user akkoma -d db
# Note down the name it gives here, it will be something like akkoma_db_run
docker-compose run --rm akkoma psql -h db -U akkoma -f config/setup_db.psql
docker stop akkoma_db_run # Replace with the name you noted down
@ -89,7 +89,7 @@ docker-compose up
If everything went well, you should be able to access your instance at http://localhost:4000
You can `ctrl-c` out of the docker-compose now to shutdown the server.
You can `ctrl-c` out of the docker-compose now to shut down the server.
### Running in the background
@ -105,17 +105,17 @@ If your instance is up and running, you can create your first user with administ
./docker-resources/manage.sh mix pleroma.user new MY_USERNAME MY_EMAIL@SOMEWHERE --admin
```
And follow the prompts
And follow the prompts
### Reverse proxies
This is a tad more complex in docker than on the host itself. It
You've got two options.
You've got two options.
#### Running caddy in a container
This is by far the easiest option. It'll handle HTTPS and all that for you.
This is by far the easiest option. It'll handle HTTPS and all that for you.
```bash
mkdir caddy-data
@ -137,7 +137,7 @@ as needed. Your standard setup can be found in the [Debian Guide](../debian_base
### You're done!
All that's left is to set up your frontends.
All that's left is to set up your frontends.
The standard from-source commands will apply to you, just make sure you
prefix them with `./docker-resources/manage.sh`!

View File

@ -1,16 +1,16 @@
# Installing on Fedora
## OTP releases and RedHat-distributions
## OTP releases and RedHat-based distributions
While the OTP releases of Akkoma work on most Linux distributions, they do not work correctly with RedHat-distributions. Therefore from-source installations are the recommended way to go when trying to install Akkoma on Fedora, Centos Stream or RedHat.
While the OTP releases of Akkoma work on most Linux distributions, they do not work correctly with RedHat-based distributions. Therefore, from-source installations are the recommended way to go when trying to install Akkoma on Fedora, Centos Stream or Red Hat.
However, it is possible to compile your own OTP release of Akkoma for RedHat. Keep in mind that this has a few drawbacks, and has no particular advantage over a from-source installation, since you'll need to install Erlang and Elixir anyway.
However, it is possible to compile your own OTP release of Akkoma for Red Hat. Keep in mind that this has a few drawbacks, and has no particular advantage over a from-source installation, since you'll need to install Erlang and Elixir anyway.
This guide will cover a from-source installation. For instructions on how to build your own OTP release, please check out [the OTP for RedHat guide](./otp_redhat_en.md).
This guide will cover a from-source installation. For instructions on how to build your own OTP release, please check out [the OTP for Red Hat guide](./otp_redhat_en.md).
## Installation
This guide will assume you are on Fedora 36. This guide should also work with current releases of Centos Stream and RedHat, although it has not been tested yet. It also assumes that you have administrative rights, either as root or a user with [sudo permissions](https://docs.fedoraproject.org/en-US/quick-docs/adding_user_to_sudoers_file/). If you want to run this guide with root, ignore the `sudo` at the beginning of the lines, unless it calls a user like `sudo -Hu akkoma`; in this case, use `su <username> -s $SHELL -c 'command'` instead.
This guide will assume you are on Fedora 36. This guide should also work with current releases of CentOS Stream and Red Hat, although it has not been tested yet. It also assumes that you have administrative rights, either as root or a user with [sudo permissions](https://docs.fedoraproject.org/en-US/quick-docs/adding_user_to_sudoers_file/). If you want to run this guide with root, ignore the `sudo` at the beginning of the lines, unless it calls a user like `sudo -Hu akkoma`; in this case, use `su <username> -s $SHELL -c 'command'` instead.
{! installation/generic_dependencies.include !}
@ -22,13 +22,13 @@ This guide will assume you are on Fedora 36. This guide should also work with cu
sudo dnf upgrade --refresh
```
* Install some of the above mentioned programs:
* Install some of the above-mentioned programs:
```shell
sudo dnf install git gcc g++ make cmake file-devel postgresql-server postgresql-contrib
```
* Enable and initialize Postgres:
* Enable and initialize PostgreSQL:
```shell
sudo postgresql-setup --initdb --unit postgresql
# Allow password auth for postgres
@ -44,10 +44,9 @@ sudo systemctl enable --now postgresql.service
sudo dnf install elixir erlang-os_mon erlang-eldap erlang-xmerl erlang-erl_interface erlang-syntax_tools
```
### Optional packages: [`docs/installation/optional/media_graphics_packages.md`](../installation/optional/media_graphics_packages.md)
* Install ffmpeg (requires setting up the RPM-fusion repositories):
* Install FFmpeg (requires setting up the RPM-fusion repositories):
```shell
sudo dnf -y install https://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm
@ -62,7 +61,6 @@ sudo dnf install ImageMagick perl-Image-ExifTool
```
### Install AkkomaBE
* Add a new system user for the Akkoma service:
@ -95,8 +93,8 @@ sudo -Hu akkoma mix deps.get
* Generate the configuration: `sudo -Hu akkoma MIX_ENV=prod mix pleroma.instance gen`
* Answer with `yes` if it asks you to install `rebar3`.
* This may take some time, because parts of akkoma get compiled first.
* After that it will ask you a few questions about your instance and generates a configuration file in `config/generated_config.exs`.
* This may take some time, because parts of Akkoma get compiled first.
* After that, it will ask you a few questions about your instance and generates a configuration file in `config/generated_config.exs`.
* Check the configuration and if all looks right, rename it, so Akkoma will load it (`prod.secret.exs` for productive instances):
@ -104,8 +102,7 @@ sudo -Hu akkoma mix deps.get
sudo -Hu akkoma mv config/{generated_config.exs,prod.secret.exs}
```
* The previous command creates also the file `config/setup_db.psql`, with which you can create the database:
* The previous command also creates the file `config/setup_db.psql`, with which you can create the database:
```shell
sudo -Hu postgres psql -f config/setup_db.psql
@ -125,17 +122,17 @@ sudo -Hu akkoma MIX_ENV=prod mix phx.server
### Finalize installation
If you want to open your newly installed instance to the world, you should run nginx or some other webserver/proxy in front of Akkoma and you should consider to create a systemd service file for Akkoma.
If you want to open your newly installed instance to the world, you should run NGINX or some other webserver/proxy in front of Akkoma and you should consider to create a systemd service file for Akkoma.
#### Nginx
#### NGINX
* Install nginx, if not already done:
* Install NGINX, if not already done:
```shell
sudo dnf install nginx
```
* Setup your SSL cert, using your method of choice or certbot. If using certbot, first install it:
* Setup your SSL cert, using your method of choice or Certbot. If using Certbot, first install it:
```shell
sudo dnf install certbot
@ -148,24 +145,24 @@ sudo mkdir -p /var/lib/letsencrypt/
sudo certbot certonly --email <your@emailaddress> -d <yourdomain> --standalone
```
If that doesnt work, make sure, that nginx is not already running. If it still doesnt work, try setting up nginx first (change ssl “on” to “off” and try again).
If that doesnt work, make sure, that NGINX is not already running. If it still doesnt work, try setting up NGINX first (change SSL “on” to “off” and try again).
---
* Copy the example nginx configuration and activate it:
* Copy the example NGINX configuration and activate it:
```shell
sudo cp /opt/akkoma/installation/nginx/akkoma.nginx /etc/nginx/conf.d/akkoma.conf
```
* Before starting nginx edit the configuration and change it to your needs (e.g. change servername, change cert paths)
* Enable and start nginx:
* Before starting NGINX edit the configuration and change it to your needs (e.g. change servername, change cert paths)
* Enable and start NGINX:
```shell
sudo systemctl enable --now nginx.service
```
If you need to renew the certificate in the future, uncomment the relevant location block in the nginx config and run:
If you need to renew the certificate in the future, uncomment the relevant location block in the NGINX config and run:
```shell
sudo certbot certonly --email <your@emailaddress> -d <yourdomain> --webroot -w /var/lib/letsencrypt/

View File

@ -21,7 +21,7 @@ Setup the required services to automatically start at boot, using `sysrc(8)`.
# sysrc postgresql_enable=YES
```
## Initialize postgres
## Initialize PostgreSQL
```
# service postgresql initdb
@ -70,11 +70,11 @@ it'll be protecting your database. As root, you can now initialize the database:
# sudo -Hu postgres -g postgres psql -f config/setup_db.psql
```
Postgres allows connections from all users without a password by default. To
PostgreSQL allows connections from all users without a password by default. To
fix this, edit `/var/db/postgres/data12/pg_hba.conf`. Change every `trust` to
`password`.
Once this is done, restart Postgres with:
Once this is done, restart PostgreSQL with:
```
# service postgresql restart
```
@ -109,7 +109,7 @@ Next, obtain your account fingerprint:
# sudo -Hu acme -g acme acme.sh --register-account
```
You need to add the following to your nginx configuration for the server
You need to add the following to your NGINX configuration for the server
running on port 80:
```
@ -119,9 +119,9 @@ running on port 80:
}
```
Replace the string after after `$1.` with your fingerprint.
Replace the string after `$1.` with your fingerprint.
Start nginx:
Start NGINX:
```
# service nginx start
@ -141,9 +141,9 @@ Let's add auto-renewal to `/etc/crontab`
/usr/local/bin/sudo -Hu acme -g acme /usr/local/sbin/acme.sh -r -d example.com --stateless
```
### Configuring nginx
### Configuring NGINX
FreeBSD's default nginx configuration does not contain an include directive, which is
FreeBSD's default NGINX configuration does not contain an include directive, which is
typically used for multiple sites. Therefore, you will need to first create the required
directory as follows:
@ -211,7 +211,7 @@ sudo -Hu akkoma MIX_ENV=prod mix pleroma.user new <username> <your@emailaddress>
## Conclusion
Restart nginx with `# service nginx restart` and you should be up and running.
Restart NGINX with `# service nginx restart` and you should be up and running.
Make sure your time is in sync, or other instances will receive your posts with
incorrect timestamps. You should have ntpd running.

View File

@ -8,7 +8,7 @@ command to install.
For most installations, the following will suffice:
=== "OTP"
=== "OTP"
```sh
./bin/pleroma_ctl frontend install pleroma-fe --ref stable
# and also, if desired
@ -27,5 +27,4 @@ For most installations, the following will suffice:
./docker-resources/manage.sh mix pleroma.frontend install admin-fe --ref stable
```
For more customised installations, refer to [Frontend Management](../../configuration/frontend_management)
For more customized installations, refer to [Frontend Management](../../configuration/frontend_management)

View File

@ -5,7 +5,7 @@
* Erlang OTP 24+
* git
* file / libmagic
* gcc (clang might also work)
* GCC (clang might also work)
* GNU make
* CMake
@ -13,4 +13,4 @@
* ImageMagick
* FFmpeg
* exiftool
* ExifTool

View File

@ -18,13 +18,13 @@ dev-db/postgresql uuid
You could opt to add `USE="uuid"` to `/etc/portage/make.conf` if you'd rather set this as a global USE flags, but this flags does unrelated things in other packages, so keep that in mind if you elect to do so.
If you are planning to use `nginx`, as this guide suggests, you should also add the following flag to the same file.
If you are planning to use `NGINX`, as this guide suggests, you should also add the following flag to the same file.
```text
www-servers/nginx NGINX_MODULES_HTTP: slice
```
Double check your compiler flags in `/etc/portage/make.conf`. If you require any special compilation flags or would like to set up remote builds, now is the time to do so. Be sure that your CFLAGS and MAKEOPTS make sense for the platform you are using. It is not recommended to use above `-O2` or risky optimization flags for a production server.
Double-check your compiler flags in `/etc/portage/make.conf`. If you require any special compilation flags or would like to set up remote builds, now is the time to do so. Be sure that your CFLAGS and MAKEOPTS make sense for the platform you are using. It is not recommended to use above `-O2` or risky optimization flags for a production server.
### Installing a cron daemon
@ -42,7 +42,7 @@ Gentoo quite pointedly does not come with a cron daemon installed, and as such i
* `www-servers/nginx` (preferred, example configs for other reverse proxies can be found in the repo)
* `app-crypt/certbot` (or any other ACME client for Lets Encrypt certificates)
* `app-crypt/certbot-nginx` (nginx certbot plugin that allows use of the all-powerful `--nginx` flag on certbot)
* `app-crypt/certbot-nginx` (NGINX Certbot plugin that allows use of the all-powerful `--nginx` flag on Certbot)
* `media-gfx/imagemagick`
* `media-video/ffmpeg`
* `media-libs/exiftool`
@ -63,29 +63,29 @@ Gentoo quite pointedly does not come with a cron daemon installed, and as such i
If you would not like to install the optional packages, remove them from this line.
If you're running this from a low-powered virtual machine, it should work though it will take some time. There were no issues on a VPS with a single core and 1GB of RAM; if you are using an even more limited device and run into issues, you can try creating a swapfile or use a more powerful machine running Gentoo to [cross build](https://wiki.gentoo.org/wiki/Cross_build_environment). If you have a wait ahead of you, now would be a good time to take a break, strech a bit, refresh your beverage of choice and/or get a snack, and reply to Arch users' posts with "I use Gentoo btw" as we do.
If you're running this from a low-powered virtual machine, it should work, though it will take some time. There were no issues on a VPS with a single core and 1GB of RAM; if you are using an even more limited device and run into issues, you can try creating a swapfile or use a more powerful machine running Gentoo to [cross build](https://wiki.gentoo.org/wiki/Cross_build_environment). If you have a wait ahead of you, now would be a good time to take a break, strech a bit, refresh your beverage of choice and/or get a snack, and reply to Arch users' posts with "I use Gentoo btw" as we do.
### Install PostgreSQL
[Gentoo Wiki article](https://wiki.gentoo.org/wiki/PostgreSQL) as well as [PostgreSQL QuickStart](https://wiki.gentoo.org/wiki/PostgreSQL/QuickStart) might be worth a quick glance, as the way Gentoo handles postgres is slightly unusual, with built in capability to have two different databases running for testing and live or whatever other purpouse. While it is still straightforward to install, it does mean that the version numbers used in this guide might change for future updates, so keep an eye out for the output you get from `emerge` to ensure you are using the correct ones.
[Gentoo Wiki article](https://wiki.gentoo.org/wiki/PostgreSQL) as well as [PostgreSQL QuickStart](https://wiki.gentoo.org/wiki/PostgreSQL/QuickStart) might be worth a quick glance, as the way Gentoo handles postgres is slightly unusual, with built in capability to have two different databases running for testing and live or whatever other purpouse. While it is still straightforward to install, it does mean that the version numbers used in this guide might change for future updates, so keep an eye out for the output you get from `emerge` to ensure you are using the correct ones.
* Install postgresql if you have not done so already:
* Install PostgreSQL if you have not done so already:
```shell
# emerge --ask dev-db/postgresql
```
Ensure that `/etc/conf.d/postgresql-11` has the encoding you want (it defaults to UTF8 which is probably what you want) and make any adjustments to the data directory if you find it necessary. Be sure to adjust the number at the end depending on what version of postgres you actually installed.
Ensure that `/etc/conf.d/postgresql-11` has the encoding you want (it defaults to UTF8, which is probably what you want) and make any adjustments to the data directory if you find it necessary. Be sure to adjust the number at the end depending on what version of PostgreSQL you actually installed.
* Initialize the database cluster
The output from emerging postgresql should give you a command for initializing the postgres database. The default slot should be indicated in this command, ensure that it matches the command below.
The output from emerging PostgreSQL should give you a command for initializing the PostgreSQL database. The default slot should be indicated in this command, ensure that it matches the command below.
```shell
# emerge --config dev-db/postgresql:11
```
* Start postgres and enable the system service
* Start PostgreSQL and enable the system service
```shell
# /etc/init.d/postgresql-11 start
@ -108,7 +108,7 @@ Not only does this make it much easier to deploy changes you make, as you can co
* Add a new system user for the Akkoma service and set up default directories:
Remove `,wheel` if you do not want this user to be able to use `sudo`, however note that being able to `sudo` as the `akkoma` user will make finishing the insallation and common maintenence tasks somewhat easier:
Remove `,wheel` if you do not want this user to be able to use `sudo`, however, note that being able to `sudo` as the `akkoma` user will make finishing the insallation and common maintenence tasks somewhat easier:
```shell
# useradd -m -G users,wheel -s /bin/bash akkoma
@ -149,7 +149,7 @@ akkoma$ MIX_ENV=prod mix pleroma.instance gen
* This part precompiles some parts of Akkoma, so it might take a few moments
* After that it will ask you a few questions about your instance and generates a configuration file in `config/generated_config.exs`.
* After that, it will ask you a few questions about your instance and generates a configuration file in `config/generated_config.exs`.
* Spend some time with `generated_config.exs` to ensure that everything is in order. If you plan on using an S3-compatible service to store your local media, that can be done here. You will likely mostly be using `prod.secret.exs` for a production instance, however if you would like to set up a development environment, make a copy to `dev.secret.exs` and adjust settings as needed as well.
@ -157,7 +157,7 @@ akkoma$ MIX_ENV=prod mix pleroma.instance gen
akkoma$ mv config/generated_config.exs config/prod.secret.exs
```
* The previous command creates also the file `config/setup_db.psql`, with which you can create the database. Ensure that it is using the correct database name on the `CREATE DATABASE` and the `\c` lines, then run the postgres script:
* The previous command also creates the file `config/setup_db.psql`, with which you can create the database. Ensure that it is using the correct database name on the `CREATE DATABASE` and the `\c` lines, then run the PostgreSQL script:
```shell
akkoma$ sudo -Hu postgres psql -f config/setup_db.psql
@ -175,15 +175,15 @@ akkoma$ MIX_ENV=prod mix ecto.migrate
akkoma$ MIX_ENV=prod mix phx.server
```
It probably won't work over the public internet quite yet, however, as we still need to set up a web servere to proxy to the akkoma application, as well as configure SSL.
It probably won't work over the public internet quite yet, however, as we still need to set up a web server to proxy to the Akkoma application, as well as configure SSL.
### Finalize installation
Assuming you want to open your newly installed federated social network to, well, the federation, you should run nginx or some other webserver/proxy in front of Akkoma. It is also a good idea to set up Akkoma to run as a system service.
Assuming you want to open your newly installed federated social network to, well, the federation, you should run NGINX or some other webserver/proxy in front of Akkoma. It is also a good idea to set up Akkoma to run as a system service.
#### Nginx
#### NGINX
* Install nginx, if not already done:
* Install NGINX, if not already done:
```shell
# emerge --ask www-servers/nginx
@ -201,7 +201,7 @@ Assuming you want to open your newly installed federated social network to, well
include sites-enabled/*;
```
* Setup your SSL cert, using your method of choice or certbot. If using certbot, install it if you haven't already:
* Setup your SSL cert, using your method of choice or Certbot. If using Certbot, install it if you haven't already:
```shell
# emerge --ask app-crypt/certbot app-crypt/certbot-nginx
@ -214,33 +214,33 @@ and then set it up:
# certbot certonly --email <your@emailaddress> -d <yourdomain> --standalone
```
If that doesn't work the first time, add `--dry-run` to further attempts to avoid being ratelimited as you identify the issue, and do not remove it until the dry run succeeds. If that doesnt work, make sure, that nginx is not already running. If it still doesnt work, try setting up nginx first (change ssl “on” to “off” and try again). Often the answer to issues with certbot is to use the `--nginx` flag once you have nginx up and running.
If that doesn't work the first time, add `--dry-run` to further attempts to avoid being rate-limited as you identify the issue, and do not remove it until the dry run succeeds. If that doesnt work, make sure, that NGINX is not already running. If it still doesnt work, try setting up NGINX first (change SSL “on” to “off” and try again). Often the answer to issues with certbot is to use the `--nginx` flag once you have NGINX up and running.
If you are using any additional subdomains, such as for a media proxy, you can re-run the same command with the subdomain in question. When it comes time to renew later, you will not need to run multiple times for each domain, one renew will handle it.
---
* Copy the example nginx configuration and activate it:
* Copy the example NGINX configuration and activate it:
```shell
# cp /home/akkoma/akkoma/installation/nginx/akkoma.nginx /etc/nginx/sites-available/
# ln -s /etc/nginx/sites-available/akkoma.nginx /etc/nginx/sites-enabled/akkoma.nginx
```
* Take some time to ensure that your nginx config is correct
* Take some time to ensure that your NGINX config is correct
Replace all instances of `example.tld` with your instance's public URL. If for whatever reason you made changes to the port that your akkoma app runs on, be sure that is reflected in your configuration.
Replace all instances of `example.tld` with your instance's public URL. If for whatever reason you made changes to the port that your Akkoma app runs on, be sure that is reflected in your configuration.
Pay special attention to the line that begins with `ssl_ecdh_curve`. It is stongly advised to comment that line out so that OpenSSL will use its full capabilities, and it is also possible you are running OpenSSL 1.0.2 necessitating that you do this.
Pay special attention to the line that begins with `ssl_ecdh_curve`. It is strongly advised to comment that line out so that OpenSSL will use its full capabilities, and it is also possible you are running OpenSSL 1.0.2 necessitating that you do this.
* Enable and start nginx:
* Enable and start NGINX:
```shell
# rc-update add nginx default
# /etc/init.d/nginx start
```
If you are using certbot, it is HIGHLY recommend you set up a cron job that renews your certificate, and that you install the suggested `certbot-nginx` plugin. If you don't do these things, you only have yourself to blame when your instance breaks suddenly because you forgot about it.
If you are using Certbot, it is HIGHLY recommended you set up a cron job that renews your certificate, and that you install the suggested `certbot-nginx` plugin. If you don't do these things, you only have yourself to blame when your instance breaks suddenly because you forgot about it.
First, ensure that the command you will be installing into your crontab works.
@ -248,7 +248,7 @@ First, ensure that the command you will be installing into your crontab works.
# /usr/bin/certbot renew --nginx
```
Assuming not much time has passed since you got certbot working a few steps ago, you should get a message for all domains you installed certificates for saying `Cert not yet due for renewal`.
Assuming not much time has passed since you got Certbot working a few steps ago, you should get a message for all domains you installed certificates for saying `Cert not yet due for renewal`.
Now, run crontab as a superuser with `crontab -e` or `sudo crontab -e` as appropriate, and add the following line to your cron:
@ -256,7 +256,7 @@ Now, run crontab as a superuser with `crontab -e` or `sudo crontab -e` as approp
0 0 1 * * /usr/bin/certbot renew --nginx
```
This will run certbot on the first of the month at midnight. If you'd rather run more frequently, it's not a bad idea, feel free to go for it.
This will run Certbot on the first of the month at midnight. If you'd rather run more frequently, it's not a bad idea, feel free to go for it.
#### Other webserver/proxies

View File

@ -2,10 +2,10 @@
{! installation/otp_vs_from_source.include !}
In this guide we cover how you can migrate from a from source installation to one using OTP releases.
In this guide, we cover how you can migrate from a from source installation to one using OTP releases.
## Pre-requisites
You will be running commands as root. If you aren't root already, please elevate your priviledges by executing `sudo su`/`su`.
You will be running commands as root. If you aren't root already, please elevate your privileges by executing `sudo su`/`su`.
The system needs to have `curl` and `unzip` installed for downloading and unpacking release builds.
@ -20,7 +20,7 @@ The system needs to have `curl` and `unzip` installed for downloading and unpack
```
## Moving content out of the application directory
When using OTP releases the application directory changes with every version so it would be a bother to keep content there (and also dangerous unless `--no-rm` option is used when updating). Fortunately almost all paths in Akkoma are configurable, so it is possible to move them out of there.
When using OTP releases, the application directory changes with every version, so it would be a bother to keep content there (and also dangerous unless `--no-rm` option is used when updating). Fortunately almost all paths in Akkoma are configurable, so it is possible to move them out of there.
Akkoma should be stopped before proceeding.
@ -51,11 +51,11 @@ mkdir /var/lib/akkoma/static/emoji
ls -d ~akkoma/priv/static/emoji/*/ | xargs -i sh -c 'mv "{}" "/var/lib/akkoma/static/emoji/$(basename {})"'
```
But, if for some reason you have custom emojis in the root directory you should copy the whole directory instead.
But, if for some reason you have custom emojis in the root directory, you should copy the whole directory instead.
```sh
mv ~akkoma/priv/static/emoji /var/lib/akkoma/static/emoji
```
and then copy custom emojis to `/var/lib/akkoma/static/emoji/custom`.
and then copy custom emojis to `/var/lib/akkoma/static/emoji/custom`.
This is needed because storing custom emojis in the root directory is deprecated, but if you just move them to `/var/lib/akkoma/static/emoji/custom` it will break emoji urls on old posts.
@ -109,9 +109,9 @@ su akkoma -s $SHELL -lc "./bin/pleroma stop"
```
## Setting up a system service
OTP releases have different service files than from-source installs so they need to be copied over again.
OTP releases have different service files than from-source installs, so they need to be copied over again.
**Warning:** The service files assume akkoma user's home directory is `/opt/akkoma`, please make sure all paths fit your installation.
**Warning:** The service files assume Akkoma user's home directory is `/opt/akkoma`, please make sure all paths fit your installation.
=== "Alpine"
```sh

View File

@ -2,12 +2,12 @@
## Why should you migrate?
aside from actually responsive maintainer(s)? let's lookie here, we've got:
Aside from actually responsive maintainer(s)? Let's lookie here, we've got:
- custom emoji reactions
- misskey markdown (MFM) rendering and posting support
- elasticsearch support (because pleroma search is GARBAGE)
- latest develop pleroma-fe additions
- Misskey markdown (MFM) rendering and posting support
- Elasticsearch support (because pleroma search is GARBAGE)
- latest develop Pleroma-fe additions
- local-only posting
- automatic post translation
- the mastodon frontend back in all its glory
@ -24,7 +24,7 @@ on your setup.
## From Source
If you're running the source Akkoma install, you'll need to set the
upstream git URL then just rebuild - that'll be:
upstream git URL, then just rebuild - that'll be:
```bash
git remote set-url origin https://akkoma.dev/AkkomaGang/akkoma.git/
@ -35,7 +35,7 @@ git pull -r
```
### WARNING - Migrating from Pleroma Develop
If you are on pleroma develop, and have updated since 2022-08, you may have issues with database migrations.
If you are on Pleroma develop, and have updated since 2022-08, you may have issues with database migrations.
Please roll back the given migrations:
@ -47,7 +47,7 @@ Then compile, migrate and restart as usual.
## From OTP
This will just be setting the update URL - find your flavour from the [mapping on the install guide](../otp_en/#detecting-flavour) first.
This will just be setting the update URL - find your flavour from the [mapping on the installation guide](../otp_en/#detecting-flavour) first.
```bash
export FLAVOUR=[the flavour you found above]
@ -56,7 +56,7 @@ export FLAVOUR=[the flavour you found above]
./bin/pleroma_ctl migrate
```
Then restart. When updating in the future, you canjust use
Then restart. When updating in the future, you can just use:
```bash
./bin/pleroma_ctl update --branch stable
@ -92,7 +92,7 @@ See above for that command.
### I compile the JS from source
Your situation will likely be unique - you'll need the changes in the
[forked pleroma-fe repository](https://akkoma.dev/AkkomaGang/pleroma-fe),
[forked Pleroma-fe repository](https://akkoma.dev/AkkomaGang/pleroma-fe),
and either merge or cherry-pick from there depending on how you've got
things.
@ -102,8 +102,8 @@ things.
This may occur if you are using database configuration.
Sometimes the config in your database will cause akkoma to still report
that there's no frontend, even when you've run the install.
Sometimes the config in your database will cause Akkoma to still report
that there's no frontend, even when you've run the installation.
To fix this, run:
@ -117,4 +117,4 @@ To fix this, run:
mix pleroma.config delete pleroma frontends
```
which will remove the config from the database. Things should work now.
Which will remove the config from the database. Things should work now.

View File

@ -7,7 +7,7 @@
pkgin should have been installed by the NetBSD installer if you selected
the right options. If it isn't installed, install it using pkg_add.
Note that `postgresql11-contrib` is needed for the Postgres extensions
Note that `postgresql11-contrib` is needed for the PostgreSQL extensions
Akkoma uses.
The `mksh` shell is needed to run the Elixir `mix` script.
@ -35,14 +35,14 @@ Copy the rc.d scripts to the right directory:
# cp /usr/pkg/share/examples/rc.d/nginx /usr/pkg/share/examples/rc.d/pgsql /etc/rc.d
```
Add nginx and Postgres to `/etc/rc.conf`:
Add NGINX and PostgreSQL to `/etc/rc.conf`:
```
nginx=YES
pgsql=YES
```
## Configuring postgres
## Configuring PostgreSQL
First, run `# /etc/rc.d/pgsql start`. Then, `$ sudo -Hu pgsql -g pgsql createdb`.
@ -76,7 +76,7 @@ $ mix deps.get
$ MIX_ENV=prod mix pleroma.instance gen # You will be asked a few questions here.
```
Since Postgres is configured, we can now initialize the database. There should
Since PostgreSQL is configured, we can now initialize the database. There should
now be a file in `config/setup_db.psql` that makes this easier. Edit it, and
*change the password* to a password of your choice. Make sure it is secure, since
it'll be protecting your database. Now initialize the database:
@ -85,11 +85,11 @@ it'll be protecting your database. Now initialize the database:
$ sudo -Hu pgsql -g pgsql psql -f config/setup_db.psql
```
Postgres allows connections from all users without a password by default. To
PostgreSQL allows connections from all users without a password by default. To
fix this, edit `/usr/pkg/pgsql/data/pg_hba.conf`. Change every `trust` to
`password`.
Once this is done, restart Postgres with `# /etc/rc.d/pgsql restart`.
Once this is done, restart PostgreSQL with `# /etc/rc.d/pgsql restart`.
Run the database migrations.
You will need to do this whenever you update with `git pull`:
@ -98,14 +98,14 @@ You will need to do this whenever you update with `git pull`:
$ MIX_ENV=prod mix ecto.migrate
```
## Configuring nginx
## Configuring NGINX
Install the example configuration file
`/home/akkoma/akkoma/installation/nginx/akkoma.nginx` to
`/usr/pkg/etc/nginx.conf`.
Note that it will need to be wrapped in a `http {}` block. You should add
settings for the nginx daemon outside of the http block, for example:
settings for the NGINX daemon outside the HTTP block, for example:
```
user nginx nginx;
@ -133,7 +133,7 @@ First, get your account fingerprint:
$ sudo -Hu nginx -g nginx acme.sh --register-account
```
You need to add the following to your nginx configuration for the server
You need to add the following to your NGINX configuration for the server
running on port 80:
```
@ -143,7 +143,7 @@ running on port 80:
}
```
Replace the string after after `$1.` with your fingerprint.
Replace the string after `$1.` with your fingerprint.
Start nginx:
@ -193,10 +193,10 @@ Run `# /etc/rc.d/akkoma start` to start Akkoma.
## Conclusion
Restart nginx with `# /etc/rc.d/nginx restart` and you should be up and running.
Restart NGINX with `# /etc/rc.d/nginx restart` and you should be up and running.
Make sure your time is in sync, or other instances will receive your posts with
incorrect timestamps. You should have ntpd running.
incorrect timestamps. You should have `ntpd` running.
## Instances running NetBSD

View File

@ -1,6 +1,6 @@
# Installing on OpenBSD
This guide describes the installation and configuration of akkoma (and the required software to run it) on a single OpenBSD 7.2 server.
This guide describes the installation and configuration of Akkoma (and the required software to run it) on a single OpenBSD 7.2 server.
For any additional information regarding commands and configuration files mentioned here, check the man pages [online](https://man.openbsd.org/) or directly on your server with the man command.
@ -16,14 +16,14 @@ pkg_add elixir gmake git postgresql-server postgresql-contrib cmake ffmpeg erlan
pkg_add erlang-wx # Choose the latest version as package version when promted
```
Akkoma requires a reverse proxy, OpenBSD has relayd in base (and is used in this guide) and packages/ports are available for nginx (www/nginx) and apache (www/apache-httpd). Independently of the reverse proxy, [acme-client(1)](https://man.openbsd.org/acme-client) can be used to get a certificate from Let's Encrypt.
Akkoma requires a reverse proxy, OpenBSD has relayd in base (and is used in this guide) and packages/ports are available for NGINX (www/nginx) and Apache (www/apache-httpd). Independently of the reverse proxy, [acme-client(1)](https://man.openbsd.org/acme-client) can be used to get a certificate from Let's Encrypt.
#### Optional software
Per [`docs/installation/optional/media_graphics_packages.md`](../installation/optional/media_graphics_packages.md):
* ImageMagick
* ffmpeg
* exiftool
* FFmpeg
* ExifTool
To install the above:
@ -31,26 +31,26 @@ To install the above:
pkg_add ffmpeg p5-Image-ExifTool
```
#### Creating the akkoma user
#### Creating the Akkoma user
Akkoma will be run by a dedicated user, `_akkoma`. Before creating it, insert the following lines in `/etc/login.conf`:
```
akkoma:\
:datasize-max=1536M:\
:datasize-cur=1536M:\
:openfiles-max=4096
:datasize-max=1536M:\
:datasize-cur=1536M:\
:openfiles-max=4096
```
This creates a `akkoma` login class and sets higher values than default for datasize and openfiles (see [login.conf(5)](https://man.openbsd.org/login.conf)), this is required to avoid having akkoma crash some time after starting.
Create the `_akkoma` user, assign it the akkoma login class and create its home directory (`/home/_akkoma/`): `useradd -m -L akkoma _akkoma`
Create the `_akkoma` user, assign it the Akkoma login class and create its home directory (`/home/_akkoma/`): `useradd -m -L akkoma _akkoma`
#### Clone akkoma's directory
#### Clone Akkoma's directory
Enter a shell as the `_akkoma` user. As root, run `su _akkoma -;cd`. Then clone the repository with `git clone https://akkoma.dev/AkkomaGang/akkoma.git`. Akkoma is now installed in `/home/_akkoma/akkoma/`, it will be configured and started at the end of this guide.
#### PostgreSQL
Create `_postgresql`'s user directory (it hasn't been created yet): `mdir var/postgresql/data`. To set it as home
directory for user `_postgresql` run `usermod -d /var/postgresql/data _postgresql`.
Start a shell as the `_postgresql` user (as root run `su _postgresql -` then run the `initdb` command to initialize postgresql.
Start a shell as the `_postgresql` user (as root run `su _postgresql -` then run the `initdb` command to initialize PostgreSQL.
You will need to specify pgdata directory to the default (`/var/postgresql/data`) with the `-D <path>` and set the user to postgres with the `-U <username>` flag. This can be done as follows:
```
@ -58,7 +58,7 @@ initdb -D /var/postgresql/data -U postgres
```
If you are not using the default directory, you will have to update the `datadir` variable in the `/etc/rc.d/postgresql` script.
When this is done, enable postgresql so that it starts on boot and start it. As root, run:
When this is done, enable PostgreSQL so that it starts on boot and start it. As root, run:
```
rcctl enable postgresql
rcctl start postgresql
@ -66,9 +66,9 @@ rcctl start postgresql
To check that it started properly and didn't fail right after starting, you can run `ps aux | grep postgres`, there should be multiple lines of output.
#### httpd
httpd will have three fuctions:
httpd will have three functions:
* redirect requests trying to reach the instance over http to the https URL
* redirect requests trying to reach the instance over HTTP to the HTTPS URL
* serve a robots.txt file
* get Let's Encrypt certificates, with acme-client
@ -80,20 +80,20 @@ ext_inet="<IPv4 address>"
ext_inet6="<IPv6 address>"
server "default" {
listen on $ext_inet port 80 # Comment to disable listening on IPv4
listen on $ext_inet6 port 80 # Comment to disable listening on IPv6
listen on 127.0.0.1 port 80 # Do NOT comment this line
listen on $ext_inet port 80 # Comment to disable listening on IPv4
listen on $ext_inet6 port 80 # Comment to disable listening on IPv6
listen on 127.0.0.1 port 80 # Do NOT comment this line
log syslog
directory no index
log syslog
directory no index
location "/.well-known/acme-challenge/*" {
root "/acme"
request strip 2
}
location "/.well-known/acme-challenge/*" {
root "/acme"
request strip 2
}
location "/robots.txt" { root "/htdocs/local/" }
location "/*" { block return 302 "https://$HTTP_HOST$REQUEST_URI" }
location "/robots.txt" { root "/htdocs/local/" }
location "/*" { block return 302 "https://$HTTP_HOST$REQUEST_URI" }
}
```
Do not forget to change *<IPv4/6 address\>* to your server's address(es). If httpd should only listen on one protocol family, comment one of the two first *listen* options.
@ -114,17 +114,17 @@ Insert the following configuration in `/etc/acme-client.conf`:
#
authority letsencrypt-<domain name> {
#agreement url "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf"
api url "https://acme-v02.api.letsencrypt.org/directory"
account key "/etc/acme/letsencrypt-privkey-<domain name>.pem"
#agreement url "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf"
api url "https://acme-v02.api.letsencrypt.org/directory"
account key "/etc/acme/letsencrypt-privkey-<domain name>.pem"
}
domain <domain name> {
domain key "/etc/ssl/private/<domain name>.key"
domain certificate "/etc/ssl/<domain name>.crt"
domain full chain certificate "/etc/ssl/<domain name>.fullchain.pem"
sign with letsencrypt-<domain name>
challengedir "/var/www/acme/"
domain key "/etc/ssl/private/<domain name>.key"
domain certificate "/etc/ssl/<domain name>.crt"
domain full chain certificate "/etc/ssl/<domain name>.fullchain.pem"
sign with letsencrypt-<domain name>
challengedir "/var/www/acme/"
}
```
Replace *<domain name\>* by the domain name you'll use for your instance. As root, run `acme-client -n` to check the config, then `acme-client -ADv <domain name>` to create account and domain keys, and request a certificate for the first time.
@ -138,7 +138,7 @@ ln -s /etc/ssl/private/<domain name>.key /etc/ssl/private/<IP address>.key
This will have to be done for each IPv4 and IPv6 address relayd listens on.
#### relayd
relayd will be used as the reverse proxy sitting in front of akkoma.
relayd will be used as the reverse proxy sitting in front of Akkoma.
Insert the following configuration in `/etc/relayd.conf`:
```
# $OpenBSD: relayd.conf,v 1.4 2018/03/23 09:55:06 claudio Exp $
@ -150,42 +150,42 @@ table <akkoma_server> { 127.0.0.1 }
table <httpd_server> { 127.0.0.1 }
http protocol plerup { # Protocol for upstream akkoma server
#tcp { nodelay, sack, socket buffer 65536, backlog 128 } # Uncomment and adjust as you see fit
tls ciphers "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305"
tls ecdhe secp384r1
#tcp { nodelay, sack, socket buffer 65536, backlog 128 } # Uncomment and adjust as you see fit
tls ciphers "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305"
tls ecdhe secp384r1
# Forward some paths to the local server (as akkoma won't respond to them as you might want)
pass request quick path "/robots.txt" forward to <httpd_server>
# Forward some paths to the local server (as akkoma won't respond to them as you might want)
pass request quick path "/robots.txt" forward to <httpd_server>
# Append a bunch of headers
match request header append "X-Forwarded-For" value "$REMOTE_ADDR" # This two header and the next one are not strictly required by akkoma but adding them won't hurt
match request header append "X-Forwarded-By" value "$SERVER_ADDR:$SERVER_PORT"
# Append a bunch of headers
match request header append "X-Forwarded-For" value "$REMOTE_ADDR" # This two header and the next one are not strictly required by akkoma but adding them won't hurt
match request header append "X-Forwarded-By" value "$SERVER_ADDR:$SERVER_PORT"
match response header append "X-XSS-Protection" value "0"
match response header append "X-Permitted-Cross-Domain-Policies" value "none"
match response header append "X-Frame-Options" value "DENY"
match response header append "X-Content-Type-Options" value "nosniff"
match response header append "Referrer-Policy" value "same-origin"
match response header append "Content-Security-Policy" value "default-src 'none'; base-uri 'none'; form-action 'self'; img-src 'self' data: https:; media-src 'self' https:; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self'; connect-src 'self' wss://CHANGEME.tld; upgrade-insecure-requests;" # Modify "CHANGEME.tld" and set your instance's domain here
match request header append "Connection" value "upgrade"
#match response header append "Strict-Transport-Security" value "max-age=63072000; includeSubDomains; preload" # Uncomment this only after you get HTTPS working.
match response header append "X-XSS-Protection" value "0"
match response header append "X-Permitted-Cross-Domain-Policies" value "none"
match response header append "X-Frame-Options" value "DENY"
match response header append "X-Content-Type-Options" value "nosniff"
match response header append "Referrer-Policy" value "same-origin"
match response header append "Content-Security-Policy" value "default-src 'none'; base-uri 'none'; form-action 'self'; img-src 'self' data: https:; media-src 'self' https:; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self'; connect-src 'self' wss://CHANGEME.tld; upgrade-insecure-requests;" # Modify "CHANGEME.tld" and set your instance's domain here
match request header append "Connection" value "upgrade"
#match response header append "Strict-Transport-Security" value "max-age=63072000; includeSubDomains; preload" # Uncomment this only after you get HTTPS working.
# If you do not want remote frontends to be able to access your Akkoma backend server, comment these lines
match response header append "Access-Control-Allow-Origin" value "*"
match response header append "Access-Control-Allow-Methods" value "POST, PUT, DELETE, GET, PATCH, OPTIONS"
match response header append "Access-Control-Allow-Headers" value "Authorization, Content-Type, Idempotency-Key"
match response header append "Access-Control-Expose-Headers" value "Link, X-RateLimit-Reset, X-RateLimit-Limit, X-RateLimit-Remaining, X-Request-Id"
# Stop commenting lines here
# If you do not want remote frontends to be able to access your Akkoma backend server, comment these lines
match response header append "Access-Control-Allow-Origin" value "*"
match response header append "Access-Control-Allow-Methods" value "POST, PUT, DELETE, GET, PATCH, OPTIONS"
match response header append "Access-Control-Allow-Headers" value "Authorization, Content-Type, Idempotency-Key"
match response header append "Access-Control-Expose-Headers" value "Link, X-RateLimit-Reset, X-RateLimit-Limit, X-RateLimit-Remaining, X-Request-Id"
# Stop commenting lines here
}
relay wwwtls {
listen on $ext_inet port https tls # Comment to disable listening on IPv4
listen on $ext_inet6 port https tls # Comment to disable listening on IPv6
listen on $ext_inet port https tls # Comment to disable listening on IPv4
listen on $ext_inet6 port https tls # Comment to disable listening on IPv6
protocol plerup
protocol plerup
forward to <akkoma_server> port 4000 check http "/" code 200
forward to <httpd_server> port 80 check http "/robots.txt" code 200
forward to <akkoma_server> port 4000 check http "/" code 200
forward to <httpd_server> port 80 check http "/robots.txt" code 200
}
```
Again, change *<IPv4/6 address\>* to your server's address(es) and comment one of the two *listen* options if needed. Also change *wss://CHANGEME.tld* to *wss://<your instance's domain name\>*.
@ -225,22 +225,22 @@ Replace *<network interface\>* by your server's network interface name (which yo
Check pf's configuration by running `pfctl -nf /etc/pf.conf`, load it with `pfctl -f /etc/pf.conf` and enable pf at boot with `rcctl enable pf`.
#### Configure and start akkoma
Enter a shell as `_akkoma` (as root `su _akkoma -`) and enter akkoma's installation directory (`cd ~/akkoma/`).
#### Configure and start Akkoma
Enter a shell as `_akkoma` (as root `su _akkoma -`) and enter Akkoma's installation directory (`cd ~/akkoma/`).
Then follow the main installation guide:
* run `mix deps.get`
* run `MIX_ENV=prod mix pleroma.instance gen` and enter your instance's information when asked
* copy `config/generated_config.exs` to `config/prod.secret.exs`. The default values should be sufficient but you should edit it and check that everything seems OK.
* copy `config/generated_config.exs` to `config/prod.secret.exs`. The default values should be sufficient, but you should edit it and check that everything seems OK.
* exit your current shell back to a root one and run `psql -U postgres -f /home/_akkoma/akkoma/config/setup_db.psql` to setup the database.
* return to a `_akkoma` shell into akkoma's installation directory (`su _akkoma -;cd ~/akkoma`) and run `MIX_ENV=prod mix ecto.migrate`
* return to a `_akkoma` shell into Akkoma's installation directory (`su _akkoma -;cd ~/akkoma`) and run `MIX_ENV=prod mix ecto.migrate`
As `_akkoma` in `/home/_akkoma/akkoma`, you can now run `LC_ALL=en_US.UTF-8 MIX_ENV=prod mix phx.server` to start your instance.
In another SSH session/tmux window, check that it is working properly by running `ftp -MVo - http://127.0.0.1:4000/api/v1/instance`, you should get json output. Double-check that *uri*'s value is your instance's domain name.
In another SSH session/tmux window, check that it is working properly by running `ftp -MVo - http://127.0.0.1:4000/api/v1/instance`, you should get JSON output. Double-check that *uri*'s value is your instance's domain name.
##### Starting akkoma at boot
An rc script to automatically start akkoma at boot hasn't been written yet, it can be run in a tmux session (tmux is in base).
##### Starting Akkoma at boot
An rc script to automatically start Akkoma at boot hasn't been written yet, it can be run in a tmux session (tmux is in base).
#### Create administrative user

View File

@ -3,10 +3,10 @@
For specific Pleroma functionality (which is disabled by default) some or all of the below packages are required:
* `ImageMagic`
* `ffmpeg`
* `exiftool`
* `ExifTool`
Please refer to documentation in `docs/installation` on how to install them on specific OS.
Note: the packages are not required with the current default settings of Pleroma.
## `ImageMagick`
@ -16,17 +16,17 @@ Note: the packages are not required with the current default settings of Pleroma
It is required for the following Pleroma features:
* `Pleroma.Upload.Filters.Mogrify`, `Pleroma.Upload.Filters.Mogrifun` upload filters (related config: `Plaroma.Upload/filters` in `config/config.exs`)
* Media preview proxy for still images (related config: `media_preview_proxy/enabled` in `config/config.exs`)
## `ffmpeg`
`ffmpeg` is software to record, convert and stream audio and video.
## `FFmpeg`
`FFmpeg` is software to record, convert and stream audio and video.
It is required for the following Pleroma features:
* Media preview proxy for videos (related config: `media_preview_proxy/enabled` in `config/config.exs`)
## `exiftool`
## `ExifTool`
`exiftool` is media files metadata reader/writer.
`ExifTool` is media files metadata reader/writer.
It is required for the following Pleroma features:
* `Pleroma.Upload.Filters.Exiftool` upload filter (related config: `Plaroma.Upload/filters` in `config/config.exs`)

View File

@ -6,10 +6,10 @@ This guide covers a installation using an OTP release. To install Akkoma from so
## Pre-requisites
* A machine running Linux with GNU (e.g. Debian, Ubuntu) or musl (e.g. Alpine) libc and an `x86_64` CPU you have root access to. If you are not sure if it's compatible see [Detecting flavour section](#detecting-flavour) below
* For installing OTP releases on RedHat-based distros like Fedora and Centos Stream, please follow [this guide](./otp_redhat_en.md) instead.
* For installing OTP releases on RedHat-based distros like Fedora and CentOS Stream, please follow [this guide](./otp_redhat_en.md) instead.
* A (sub)domain pointed to the machine
You will be running commands as root. If you aren't root already, please elevate your priviledges by executing `sudo su`/`su`.
You will be running commands as root. If you aren't root already, please elevate your privileges by executing `sudo su`/`su`.
While in theory OTP releases are possbile to install on any compatible machine, for the sake of simplicity this guide focuses only on Debian/Ubuntu and Alpine.
@ -31,14 +31,14 @@ support.
### Installing the required packages
Other than things bundled in the OTP release Akkoma depends on:
Other than things bundled in the OTP release, Akkoma depends on:
* curl (to download the release build)
* unzip (needed to unpack release builds)
* ncurses (ERTS won't run without it)
* PostgreSQL (also utilizes extensions in postgresql-contrib)
* nginx (could be swapped with another reverse proxy but this guide covers only it)
* certbot (for Let's Encrypt certificates, could be swapped with another ACME client, but this guide covers only it)
* NGINX (could be swapped with another reverse proxy, but this guide covers only it)
* Certbot (for Let's Encrypt certificates, could be swapped with another ACME client, but this guide covers only it)
* libmagic/file
=== "Alpine"
@ -57,8 +57,8 @@ Other than things bundled in the OTP release Akkoma depends on:
Per [`docs/installation/optional/media_graphics_packages.md`](optional/media_graphics_packages.md):
* ImageMagick
* ffmpeg
* exiftool
* FFmpeg
* ExifTool
=== "Alpine"
```
@ -75,7 +75,7 @@ Per [`docs/installation/optional/media_graphics_packages.md`](optional/media_gra
### Configuring PostgreSQL
#### (Optional) Installing RUM indexes
!!! warning
!!! Warning
It is recommended to use PostgreSQL v11 or newer. We have seen some minor issues with lower PostgreSQL versions.
RUM indexes are an alternative indexing scheme that is not included in PostgreSQL by default. You can read more about them on the [Configuration page](../configuration/cheatsheet.md#rum-indexing-for-full-text-search). They are completely optional and most of the time are not worth it, especially if you are running a single user instance (unless you absolutely need ordered search results).
@ -118,7 +118,7 @@ Restart PostgreSQL to apply configuration changes:
adduser --system --shell /bin/false --home /opt/akkoma akkoma
# Set the flavour environment variable to the string you got in Detecting flavour section.
# For example if the flavour is `amd64` the command will be
# For example, if the flavour is `amd64` the command will be
export FLAVOUR="amd64"
# Clone the release build into a temporary directory and unpack it
@ -151,7 +151,7 @@ chown -R akkoma /etc/akkoma
# Run the config generator
su akkoma -s $SHELL -lc "./bin/pleroma_ctl instance gen --output /etc/akkoma/config.exs --output-psql /tmp/setup_db.psql"
# Create the postgres database
# Create the PostgreSQL database
su postgres -s $SHELL -lc "psql -f /tmp/setup_db.psql"
# Create the database schema
@ -170,16 +170,16 @@ sleep 20 && curl http://localhost:4000/api/v1/instance
su akkoma -s $SHELL -lc "./bin/pleroma stop"
```
### Setting up nginx and getting Let's Encrypt SSL certificaties
### Setting up NGINX and getting Let's Encrypt SSL certificates
#### Get a Let's Encrypt certificate
```sh
certbot certonly --standalone --preferred-challenges http -d yourinstance.tld
```
#### Copy Akkoma nginx configuration to the nginx folder
#### Copy Akkoma NGINX configuration to the NGINX folder
The location of nginx configs is dependent on the distro
The location of NGINX configs is dependent on the distro
=== "Alpine"
```
@ -192,12 +192,12 @@ The location of nginx configs is dependent on the distro
ln -s /etc/nginx/sites-available/akkoma.conf /etc/nginx/sites-enabled/akkoma.conf
```
If your distro does not have either of those you can append `include /etc/nginx/akkoma.conf` to the end of the http section in /etc/nginx/nginx.conf and
If your distro does not have either of those, you can append `include /etc/nginx/akkoma.conf` to the end of the HTTP section in /etc/nginx/nginx.conf and
```sh
cp /opt/akkoma/installation/nginx/akkoma.nginx /etc/nginx/akkoma.conf
```
#### Edit the nginx config
#### Edit the NGINX config
```sh
# Replace example.tld with your (sub)domain
$EDITOR path-to-nginx-config
@ -205,7 +205,7 @@ $EDITOR path-to-nginx-config
# Verify that the config is valid
nginx -t
```
#### Start nginx
#### Start NGINX
=== "Alpine"
```
@ -241,7 +241,7 @@ At this point if you open your (sub)domain in a browser you should see a 502 err
systemctl enable akkoma
```
If everything worked, you should see Akkoma-FE when visiting your domain. If that didn't happen, try reviewing the installation steps, starting Akkoma in the foreground and seeing if there are any errrors.
If everything worked, you should see Akkoma-FE when visiting your domain. If that didn't happen, try reviewing the installation steps, starting Akkoma in the foreground and seeing if there are any errors.
{! support.include !}
@ -261,7 +261,7 @@ nginx -t
=== "Alpine"
```
# Restart nginx
# Restart NGINX
rc-service nginx restart
# Start the cron daemon and make it start on boot
@ -283,7 +283,7 @@ nginx -t
=== "Debian/Ubuntu"
```
# Restart nginx
# Restart NGINX
systemctl restart nginx
# Ensure the webroot menthod and post hook is working
@ -304,7 +304,7 @@ nginx -t
cd /opt/akkoma
su akkoma -s $SHELL -lc "./bin/pleroma_ctl user new joeuser joeuser@sld.tld --admin"
```
This will create an account withe the username of 'joeuser' with the email address of joeuser@sld.tld, and set that user's account as an admin. This will result in a link that you can paste into the browser, which logs you in and enables you to set the password.
This will create an account with the username of 'joeuser' with the email address of joeuser@sld.tld, and set that user's account as an admin. This will result in a link that you can paste into the browser, which logs you in and enables you to set the password.
{! installation/frontends.include !}

View File

@ -1,18 +1,16 @@
# Installing on RedHat using OTP releases
# Installing on Red Hat using OTP releases
## OTP releases and Fedora/RedHat
## OTP releases and Fedora/Red Hat
The current OTP builds available for Linux are unfortunately incompatible with RedHat Linux distributions, like Fedora and Centos Stream. This is due to RedHat maintaining patched versions of certain Erlang libraries, making them incompatible with other Linux distributions.
The current OTP builds available for Linux are unfortunately incompatible with Red Hat Linux distributions, like Fedora and CentOS Stream. This is due to Red Hat maintaining patched versions of certain Erlang libraries, making them incompatible with other Linux distributions.
However, you may compile your own OTP release from scratch. This is particularly useful if you wish to quickly distribute your OTP build onto multiple systems, without having to worry about compiling code on every system. However, if your goal is to simply set up a single instance for yourself, installing from-source might be a simpler option. To install from-source, please follow [this guide](./fedora_based_en.md).
## Pre-requisites
In order to compile a RedHat-compatible OTP release, you will need to run a RedHat Linux distribution. This guide will assume you run Fedora 36, though it should also work on older Fedora releases and other RedHat distributions. It also assumes that you have administrative rights and sufficient knowledge on how to perform common CLI tasks in Linux. If you want to run this guide with root, ignore the `sudo` at the beginning of the lines.
Important: keep in mind that you must build your OTP release for the specific RedHat distribution you wish to use it on. A build on Fedora will only be compatible with a specific Fedora release version.
In order to compile a RedHat-compatible OTP release, you will need to run a Red Hat Linux distribution. This guide will assume you run Fedora 36, though it should also work on older Fedora releases and other Red Hat distributions. It also assumes that you have administrative rights and sufficient knowledge on how to perform common CLI tasks in Linux. If you want to run this guide with root, ignore the `sudo` at the beginning of the lines.
Important: keep in mind that you must build your OTP release for the specific Red Hat distribution you wish to use it on. A build on Fedora will only be compatible with a specific Fedora release version.
## Building an OTP release for Fedora 36
@ -30,7 +28,6 @@ sudo dnf upgrade --refresh
sudo dnf install git gcc g++ erlang elixir erlang-os_mon erlang-eldap erlang-xmerl erlang-erl_interface erlang-syntax_tools make cmake file-devel
```
### Preparing the project files
* Git clone the AkkomaBE repository. This can be done anywhere:
@ -46,7 +43,6 @@ git clone https://akkoma.dev/AkkomaGang/akkoma.git -b stable
cd ./akkoma
```
### Building the OTP release
* Run the following commands:
@ -65,23 +61,21 @@ Note that compiling the OTP release will take some time. Once it completes, you
If all went well, you will have built your very own Fedora-compatible OTP release! You can now pack up the files in the `release` directory and deploy them to your other Fedora servers.
## Installing the OTP release
Installing the OTP release from this point onward will be very similar to the regular OTP release. This guide assumes you will want to install your OTP package on other systems, so additional pre-requisites will be listed below.
Please note that running your own OTP release has some minor caveats that you should be aware of. They will be listed below as well.
### Installing required packages
Other than things bundled in the OTP release Akkoma depends on:
Other than things bundled in the OTP release, Akkoma depends on:
* curl (to download the release build)
* ncurses (ERTS won't run without it)
* PostgreSQL (also utilizes extensions in postgresql-contrib)
* nginx (could be swapped with another reverse proxy but this guide covers only it)
* certbot (for Let's Encrypt certificates, could be swapped with another ACME client, but this guide covers only it)
* NGINX (could be swapped with another reverse proxy, but this guide covers only it)
* Certbot (for Let's Encrypt certificates, could be swapped with another ACME client, but this guide covers only it)
* libmagic/file
First, update your system, if not already done:
@ -96,10 +90,9 @@ Then install the required packages:
sudo dnf install curl ncurses postgresql postgresql-contrib nginx certbot file-devel
```
### Optional packages: [`docs/installation/optional/media_graphics_packages.md`](../installation/optional/media_graphics_packages.md)
* Install ffmpeg (requires setting up the RPM-fusion repositories):
* Install FFmpeg (requires setting up the RPM-fusion repositories):
```shell
sudo dnf -y install https://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm
@ -113,7 +106,6 @@ sudo dnf install ffmpeg
sudo dnf install Imagemagick perl-Image-ExifTool
```
### Configuring PostgreSQL
#### (Optional) Performance configuration
It is encouraged to check [Optimizing your PostgreSQL performance](../configuration/postgresql.md) document, for tips on PostgreSQL tuning.
@ -150,7 +142,7 @@ sudo chown -R akkoma /etc/akkoma
# Run the config generator
sudo -Hu akkoma ./bin/pleroma_ctl instance gen --output /etc/akkoma/config.exs --output-psql /tmp/setup_db.psql
# Create the postgres database
# Create the PostgreSQL database
sudo -Hu postgres psql -f /tmp/setup_db.psql
# Create the database schema
@ -166,8 +158,7 @@ sleep 20 && curl http://localhost:4000/api/v1/instance
sudo -Hu akkoma ./bin/pleroma stop
```
### Setting up nginx and getting Let's Encrypt SSL certificaties
### Setting up NGINX and getting Let's Encrypt SSL certificates
#### Get a Let's Encrypt certificate
@ -175,13 +166,13 @@ sudo -Hu akkoma ./bin/pleroma stop
certbot certonly --standalone --preferred-challenges http -d yourinstance.tld
```
#### Copy Akkoma nginx configuration to the nginx folder
#### Copy Akkoma NGINX configuration to the NGINX folder
```shell
cp /opt/akkoma/installation/nginx/akkoma.nginx /etc/nginx/conf.d/akkoma.conf
```
#### Edit the nginx config
#### Edit the NGINX config
```shell
# Replace example.tld with your (sub)domain (replace $EDITOR with your editor of choice)
sudo $EDITOR /etc/nginx/conf.d/akkoma.conf
@ -189,7 +180,7 @@ sudo $EDITOR /etc/nginx/conf.d/akkoma.conf
# Verify that the config is valid
sudo nginx -t
```
#### Start nginx
#### Start NGINX
```shell
sudo systemctl start nginx
@ -197,7 +188,6 @@ sudo systemctl start nginx
At this point if you open your (sub)domain in a browser you should see a 502 error, that's because Akkoma is not started yet.
### Setting up a system service
```shell
@ -218,7 +208,7 @@ sudo systemctl enable akkoma
If everything worked, you should see a response from Akkoma-BE when visiting your domain. You may need to install frontends like Akkoma-FE and Admin-FE; refer to [this guide](../administration/CLI_tasks/frontend.md) on how to install them.
If that didn't happen, try reviewing the installation steps, starting Akkoma in the foreground and seeing if there are any errrors.
If that didn't happen, try reviewing the installation steps, starting Akkoma in the foreground and seeing if there are any errors.
{! support.include !}
@ -236,7 +226,7 @@ sudo $EDITOR /etc/nginx/conf.d/akkoma.conf
# Verify that the config is valid
sudo nginx -t
# Restart nginx
# Restart NGINX
sudo systemctl restart nginx
# Ensure the webroot menthod and post hook is working
@ -252,19 +242,18 @@ sudo chmod +x /etc/cron.daily/renew-akkoma-cert
sudo run-parts --test /etc/cron.daily
```
## Create your first user and set as admin
```shell
cd /opt/akkoma
sudo -Hu akkoma ./bin/pleroma_ctl user new joeuser joeuser@sld.tld --admin
```
This will create an account withe the username of 'joeuser' with the email address of joeuser@sld.tld, and set that user's account as an admin. This will result in a link that you can paste into the browser, which logs you in and enables you to set the password.
This will create an account with the username of 'joeuser' with the email address of joeuser@sld.tld, and set that user's account as an admin. This will result in a link that you can paste into the browser, which logs you in and enables you to set the password.
## Further reading
### Caveats of building your own OTP release
There are some things to take note of when your are running your own OTP builds.
There are some things to take note of when you are running your own OTP builds.
#### Updating your OTP builds
@ -274,10 +263,9 @@ Instead, you will have to rebuild your OTP release every time there are updates,
After that, run the `pleroma_ctl migrate` command as usual to perform database migrations.
#### Cross-compatibility between Red Hat distributions
#### Cross-compatibility between RedHat distributions
As it currently stands, your OTP build will only be compatible for the specific RedHat distribution you've built it on. Fedora builds only work on Fedora, Centos builds only on Centos, RedHat builds only on RedHat. Secondly, for Fedora, they will also be bound to the specific Fedora release. This is because different releases of Fedora may have significant changes made in some of the required packages and libraries.
As it currently stands, your OTP build will only be compatible for the specific Red Hat distribution you've built it on. Fedora builds only work on Fedora, Centos builds only on Centos, Red Hat builds only on Red Hat. Secondly, for Fedora, they will also be bound to the specific Fedora release. This is because different releases of Fedora may have significant changes made in some of the required packages and libraries.
{! installation/frontends.include !}

View File

@ -1,3 +1,3 @@
## OTP releases vs from-source installations
There are two ways to install Akkoma. You can use OTP releases or do a from-source installation. OTP releases are as close as you can get to binary releases with Erlang/Elixir. The release is self-contained, and provides everything needed to boot it, it is easily administered via the provided shell script to open up a remote console, start/stop/restart the release, start in the background, send remote commands, and more. With from source installations you install Akkoma from source, meaning you have to install certain dependencies like Erlang+Elixir and compile Akkoma yourself.
There are two ways to install Akkoma. You can use OTP releases or do a from-source installation. OTP releases are as close as you can get to binary releases with Erlang/Elixir. The release is self-contained, and provides everything needed to boot it, it is easily administered via the provided shell script to open up a remote console, start/stop/restart the release, start in the background, send remote commands, and more. With from source installations, you install Akkoma from source, meaning you have to install certain dependencies like Erlang+Elixir and compile Akkoma yourself.

View File

@ -1,5 +1,5 @@
## Support
If you encounter any issues or have questions regarding the install process, feel free to ask at [meta.akkoma.dev](https://meta.akkoma.dev/).
If you encounter any issues or have questions regarding the installation process, feel free to ask at [meta.akkoma.dev](https://meta.akkoma.dev/).
Or message via IRC on #akkoma at irc.akkoma.dev (port 6697, SSL)