#━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ # FoundKey configuration #━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ # ┌─────┐ #───┘ URL └───────────────────────────────────────────────────── # Final accessible URL seen by a user. # Only the host part will be used. # ONCE YOU HAVE STARTED THE INSTANCE, DO NOT CHANGE THE # URL SETTINGS AFTER THAT! url: https://example.tld/ # ┌───────────────────────┐ #───┘ Port and TLS settings └─────────────────────────────────── # # FoundKey requires a reverse proxy to support HTTPS connections. # # +-------- https://example.tld/ ----------+ # +------+ |+-------------+ +-----------------+| # | User | ---> || Proxy (443) | ---> | FoundKey (3000) || # +------+ |+-------------+ +-----------------+| # +----------------------------------------+ # # You need to set up a reverse proxy. (e.g. nginx) # An encrypted connection with HTTPS is highly recommended # because tokens may be transferred in GET requests. # The port that your FoundKey server should listen on. port: 3000 # ┌──────────────────────────┐ #───┘ PostgreSQL configuration └──────────────────────────────── db: host: localhost port: 5432 # Database name db: foundkey # Auth user: example-foundkey-user pass: example-foundkey-pass # Whether to disable query caching # Default is to cache, i.e. false. #disableCache: true # Extra connection options #extra: # ssl: true # ┌─────────────────────┐ #───┘ Redis configuration └───────────────────────────────────── redis: host: localhost port: 6379 # Address family to connect over. # Can be either a number or string (0/dual, 4/ipv4, 6/ipv6) # Default is "dual". #family: dual # The following properties are optional. #pass: example-pass #prefix: example-prefix #db: 1 # ┌─────────────────────────────┐ #───┘ Elasticsearch configuration └───────────────────────────── # Elasticsearch is optional. #elasticsearch: # host: localhost # port: 9200 # ssl: false # user: # pass: # ┌─────────────────────┐ #───┘ Other configuration └───────────────────────────────────── # Whether to disable HSTS (not recommended) # Default is to enable HSTS, i.e. false. #disableHsts: true # Number of worker processes by type. # The sum should not exceed the number of available cores. #clusterLimits: # web: 1 # queue: 1 # Jobs each worker will try to work on at a time. #deliverJobConcurrency: 128 #inboxJobConcurrency: 16 # Rate limit for each Worker. # Use -1 to disable. # A rate limit for deliver jobs is not recommended as it comes with # a big performance penalty due to overhead of rate limiting. #deliverJobPerSec: -1 #inboxJobPerSec: 16 # Number of times each job will be tried. # 1 means only try once and don't retry. #deliverJobMaxAttempts: 12 #inboxJobMaxAttempts: 8 # Proxy for HTTP/HTTPS outgoing connections #proxy: http://127.0.0.1:3128 # Hosts that should not be connected to through the proxy specified above #proxyBypassHosts: [ # 'example.com', # '192.0.2.8' #] # Proxy for SMTP/SMTPS #proxySmtp: http://127.0.0.1:3128 # use HTTP/1.1 CONNECT #proxySmtp: socks4://127.0.0.1:1080 # use SOCKS4 #proxySmtp: socks5://127.0.0.1:1080 # use SOCKS5 # Media Proxy #mediaProxy: https://example.com/proxy # Proxy remote files # Default is to not proxy remote files, i.e. false. #proxyRemoteFiles: true # Storage path for files if stored locally (absolute path) # default is to store it in ./files in the directory foundkey is located in #internalStoragePath: '/etc/foundkey/files' # Upload or download file size limits (bytes) # default is 262144000 = 250MiB #maxFileSize: 262144000 # Max note text length (in characters) #maxNoteTextLength: 3000 # By default, Foundkey will fail when something tries to make it fetch something from private IPs. # With the following setting you can explicitly allow some private CIDR subnets. # Default is an empty list, i.e. none allowed. #allowedPrivateNetworks: [ # '127.0.0.1/32' #] # images used on error screens. You can use absolute or relative URLs. # If you use relative URLs, be aware that the URL may be used on different pages/paths, so the path component should be absolute. #images: # info: /twemoji/1f440.svg # notFound: /twemoji/2049.svg # error: /twemoji/1f480.svg # Whether it should be allowed to fetch content in ActivityPub form without HTTP signatures. # It is recommended to leave this as default to improve the effectiveness of instance blocks.s # However, note that while this prevents fetching in ActivityPub form, it could still be scraped # from the API or other representations if the other side is determined to do so. #allowUnsignedFetches: false