Merge remote-tracking branch 'remotes/origin/develop' into 2168-media-preview-proxy

This commit is contained in:
Ivan Tashkinov 2020-08-18 18:02:09 +03:00
commit 27e7999a15
263 changed files with 2070 additions and 990 deletions

View file

@ -196,6 +196,7 @@ amd64:
variables: &release-variables variables: &release-variables
MIX_ENV: prod MIX_ENV: prod
before_script: &before-release before_script: &before-release
- apt install cmake -y
- echo "import Mix.Config" > config/prod.secret.exs - echo "import Mix.Config" > config/prod.secret.exs
- mix local.hex --force - mix local.hex --force
- mix local.rebar --force - mix local.rebar --force
@ -214,7 +215,7 @@ amd64-musl:
cache: *release-cache cache: *release-cache
variables: *release-variables variables: *release-variables
before_script: &before-release-musl before_script: &before-release-musl
- apk add git gcc g++ musl-dev make - apk add git gcc g++ musl-dev make cmake
- echo "import Mix.Config" > config/prod.secret.exs - echo "import Mix.Config" > config/prod.secret.exs
- mix local.hex --force - mix local.hex --force
- mix local.rebar --force - mix local.rebar --force

View file

@ -17,6 +17,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
- Configuration: `:media_proxy, whitelist` format changed to host with scheme (e.g. `http://example.com` instead of `example.com`). Domain format is deprecated. - Configuration: `:media_proxy, whitelist` format changed to host with scheme (e.g. `http://example.com` instead of `example.com`). Domain format is deprecated.
- **Breaking:** Configuration: `:instance, welcome_user_nickname` moved to `:welcome, :direct_message, :sender_nickname`, `:instance, :welcome_message` moved to `:welcome, :direct_message, :message`. Old config namespace is deprecated. - **Breaking:** Configuration: `:instance, welcome_user_nickname` moved to `:welcome, :direct_message, :sender_nickname`, `:instance, :welcome_message` moved to `:welcome, :direct_message, :message`. Old config namespace is deprecated.
- **Breaking:** LDAP: Fallback to local database authentication has been removed for security reasons and lack of a mechanism to ensure the passwords are synchronized when LDAP passwords are updated. - **Breaking:** LDAP: Fallback to local database authentication has been removed for security reasons and lack of a mechanism to ensure the passwords are synchronized when LDAP passwords are updated.
- **Breaking** Changed defaults for `:restrict_unauthenticated` so that when `:instance, :public` is set to `false` then all `:restrict_unauthenticated` items be effectively set to `true`. If you'd like to allow unauthenticated access to specific API endpoints on a private instance, please explicitly set `:restrict_unauthenticated` to non-default value in `config/prod.secret.exs`.
<details> <details>
<summary>API Changes</summary> <summary>API Changes</summary>
@ -105,6 +106,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
- Fix edge case where MediaProxy truncates media, usually caused when Caddy is serving content for the other Federated instance. - Fix edge case where MediaProxy truncates media, usually caused when Caddy is serving content for the other Federated instance.
- Emoji Packs could not be listed when instance was set to `public: false` - Emoji Packs could not be listed when instance was set to `public: false`
- Fix whole_word always returning false on filter get requests - Fix whole_word always returning false on filter get requests
- Migrations not working on OTP releases if the database was connected over ssl
## [Unreleased (patch)] ## [Unreleased (patch)]

View file

@ -4,7 +4,7 @@ COPY . .
ENV MIX_ENV=prod ENV MIX_ENV=prod
RUN apk add git gcc g++ musl-dev make &&\ RUN apk add git gcc g++ musl-dev make cmake &&\
echo "import Mix.Config" > config/prod.secret.exs &&\ echo "import Mix.Config" > config/prod.secret.exs &&\
mix local.hex --force &&\ mix local.hex --force &&\
mix local.rebar --force &&\ mix local.rebar --force &&\

View file

@ -737,10 +737,12 @@
timeout: 300_000 timeout: 300_000
] ]
private_instance? = :if_instance_is_private
config :pleroma, :restrict_unauthenticated, config :pleroma, :restrict_unauthenticated,
timelines: %{local: false, federated: false}, timelines: %{local: private_instance?, federated: private_instance?},
profiles: %{local: false, remote: false}, profiles: %{local: private_instance?, remote: private_instance?},
activities: %{local: false, remote: false} activities: %{local: private_instance?, remote: private_instance?}
config :pleroma, Pleroma.Web.ApiSpec.CastAndValidate, strict: false config :pleroma, Pleroma.Web.ApiSpec.CastAndValidate, strict: false

View file

@ -194,7 +194,7 @@
type: [:string, {:list, :string}, {:list, :tuple}], type: [:string, {:list, :string}, {:list, :tuple}],
description: description:
"List of actions for the mogrify command. It's possible to add self-written settings as string. " <> "List of actions for the mogrify command. It's possible to add self-written settings as string. " <>
"For example `[\"auto-orient\", \"strip\", {\"resize\", \"3840x1080>\"}]` string will be parsed into list of the settings.", "For example `auto-orient, strip, {\"resize\", \"3840x1080>\"}` value will be parsed into valid list of the settings.",
suggestions: [ suggestions: [
"strip", "strip",
"auto-orient", "auto-orient",
@ -951,7 +951,7 @@
}, },
%{ %{
key: :instance_thumbnail, key: :instance_thumbnail,
type: :string, type: {:string, :image},
description: description:
"The instance thumbnail can be any image that represents your instance and is used by some apps or services when they display information about your instance.", "The instance thumbnail can be any image that represents your instance and is used by some apps or services when they display information about your instance.",
suggestions: ["/instance/thumbnail.jpeg"] suggestions: ["/instance/thumbnail.jpeg"]
@ -964,25 +964,25 @@
] ]
}, },
%{ %{
group: :welcome, group: :pleroma,
key: :welcome,
type: :group, type: :group,
description: "Welcome messages settings", description: "Welcome messages settings",
children: [ children: [
%{ %{
group: :direct_message, key: :direct_message,
type: :group, type: :keyword,
descpiption: "Direct message settings", descpiption: "Direct message settings",
children: [ children: [
%{ %{
key: :enabled, key: :enabled,
type: :boolean, type: :boolean,
description: "Enables sends direct message for new user after registration" description: "Enables sending a direct message to newly registered users"
}, },
%{ %{
key: :message, key: :message,
type: :string, type: :string,
description: description: "A message that will be sent to newly registered users",
"A message that will be sent to a newly registered users as a direct message",
suggestions: [ suggestions: [
"Hi, @username! Welcome on board!" "Hi, @username! Welcome on board!"
] ]
@ -990,7 +990,7 @@
%{ %{
key: :sender_nickname, key: :sender_nickname,
type: :string, type: :string,
description: "The nickname of the local user that sends the welcome message", description: "The nickname of the local user that sends a welcome message",
suggestions: [ suggestions: [
"lain" "lain"
] ]
@ -998,20 +998,20 @@
] ]
}, },
%{ %{
group: :chat_message, key: :chat_message,
type: :group, type: :keyword,
descpiption: "Chat message settings", descpiption: "Chat message settings",
children: [ children: [
%{ %{
key: :enabled, key: :enabled,
type: :boolean, type: :boolean,
description: "Enables sends chat message for new user after registration" description: "Enables sending a chat message to newly registered users"
}, },
%{ %{
key: :message, key: :message,
type: :string, type: :string,
description: description:
"A message that will be sent to a newly registered users as a chat message", "A message that will be sent to newly registered users as a chat message",
suggestions: [ suggestions: [
"Hello, welcome on board!" "Hello, welcome on board!"
] ]
@ -1019,7 +1019,7 @@
%{ %{
key: :sender_nickname, key: :sender_nickname,
type: :string, type: :string,
description: "The nickname of the local user that sends the welcome message", description: "The nickname of the local user that sends a welcome chat message",
suggestions: [ suggestions: [
"lain" "lain"
] ]
@ -1027,20 +1027,20 @@
] ]
}, },
%{ %{
group: :email, key: :email,
type: :group, type: :keyword,
descpiption: "Email message settings", descpiption: "Email message settings",
children: [ children: [
%{ %{
key: :enabled, key: :enabled,
type: :boolean, type: :boolean,
description: "Enables sends direct message for new user after registration" description: "Enables sending an email to newly registered users"
}, },
%{ %{
key: :sender, key: :sender,
type: [:string, :tuple], type: [:string, :tuple],
description: description:
"The email address or tuple with `{nickname, email}` that will use as sender to the welcome email.", "Email address and/or nickname that will be used to send the welcome email.",
suggestions: [ suggestions: [
{"Pleroma App", "welcome@pleroma.app"} {"Pleroma App", "welcome@pleroma.app"}
] ]
@ -1049,21 +1049,21 @@
key: :subject, key: :subject,
type: :string, type: :string,
description: description:
"The subject of welcome email. Can be use EEX template with `user` and `instance_name` variables.", "Subject of the welcome email. EEX template with user and instance_name variables can be used.",
suggestions: ["Welcome to <%= instance_name%>"] suggestions: ["Welcome to <%= instance_name%>"]
}, },
%{ %{
key: :html, key: :html,
type: :string, type: :string,
description: description:
"The html content of welcome email. Can be use EEX template with `user` and `instance_name` variables.", "HTML content of the welcome email. EEX template with user and instance_name variables can be used.",
suggestions: ["<h1>Hello <%= user.name%>. Welcome to <%= instance_name%></h1>"] suggestions: ["<h1>Hello <%= user.name%>. Welcome to <%= instance_name%></h1>"]
}, },
%{ %{
key: :text, key: :text,
type: :string, type: :string,
description: description:
"The text content of welcome email. Can be use EEX template with `user` and `instance_name` variables.", "Text content of the welcome email. EEX template with user and instance_name variables can be used.",
suggestions: ["Hello <%= user.name%>. \n Welcome to <%= instance_name%>\n"] suggestions: ["Hello <%= user.name%>. \n Welcome to <%= instance_name%>\n"]
} }
] ]
@ -1236,7 +1236,7 @@
}, },
%{ %{
key: :background, key: :background,
type: :string, type: {:string, :image},
description: description:
"URL of the background, unless viewing a user profile with a background that is set", "URL of the background, unless viewing a user profile with a background that is set",
suggestions: ["/images/city.jpg"] suggestions: ["/images/city.jpg"]
@ -1293,7 +1293,7 @@
}, },
%{ %{
key: :logo, key: :logo,
type: :string, type: {:string, :image},
description: "URL of the logo, defaults to Pleroma's logo", description: "URL of the logo, defaults to Pleroma's logo",
suggestions: ["/static/logo.png"] suggestions: ["/static/logo.png"]
}, },
@ -1325,7 +1325,7 @@
%{ %{
key: :nsfwCensorImage, key: :nsfwCensorImage,
label: "NSFW Censor Image", label: "NSFW Censor Image",
type: :string, type: {:string, :image},
description: description:
"URL of the image to use for hiding NSFW media attachments in the timeline", "URL of the image to use for hiding NSFW media attachments in the timeline",
suggestions: ["/static/img/nsfw.74818f9.png"] suggestions: ["/static/img/nsfw.74818f9.png"]
@ -1451,7 +1451,7 @@
}, },
%{ %{
key: :default_user_avatar, key: :default_user_avatar,
type: :string, type: {:string, :image},
description: "URL of the default user avatar", description: "URL of the default user avatar",
suggestions: ["/images/avi.png"] suggestions: ["/images/avi.png"]
} }
@ -1810,12 +1810,12 @@
%{ %{
key: :enabled, key: :enabled,
type: :boolean, type: :boolean,
description: "Enables invalidate media cache" description: "Enables media cache object invalidation."
}, },
%{ %{
key: :provider, key: :provider,
type: :module, type: :module,
description: "Module which will be used to cache purge.", description: "Module which will be used to purge objects from the cache.",
suggestions: [ suggestions: [
Pleroma.Web.MediaProxy.Invalidation.Script, Pleroma.Web.MediaProxy.Invalidation.Script,
Pleroma.Web.MediaProxy.Invalidation.Http Pleroma.Web.MediaProxy.Invalidation.Http
@ -2642,7 +2642,7 @@
children: [ children: [
%{ %{
key: :logo, key: :logo,
type: :string, type: {:string, :image},
description: "A path to a custom logo. Set it to `nil` to use the default Pleroma logo.", description: "A path to a custom logo. Set it to `nil` to use the default Pleroma logo.",
suggestions: ["some/path/logo.png"] suggestions: ["some/path/logo.png"]
}, },
@ -3299,7 +3299,7 @@
group: :pleroma, group: :pleroma,
key: :connections_pool, key: :connections_pool,
type: :group, type: :group,
description: "Advanced settings for `gun` connections pool", description: "Advanced settings for `Gun` connections pool",
children: [ children: [
%{ %{
key: :connection_acquisition_wait, key: :connection_acquisition_wait,
@ -3340,7 +3340,7 @@
group: :pleroma, group: :pleroma,
key: :pools, key: :pools,
type: :group, type: :group,
description: "Advanced settings for `gun` workers pools", description: "Advanced settings for `Gun` workers pools",
children: children:
Enum.map([:federation, :media, :upload, :default], fn pool_name -> Enum.map([:federation, :media, :upload, :default], fn pool_name ->
%{ %{
@ -3369,7 +3369,7 @@
group: :pleroma, group: :pleroma,
key: :hackney_pools, key: :hackney_pools,
type: :group, type: :group,
description: "Advanced settings for `hackney` connections pools", description: "Advanced settings for `Hackney` connections pools",
children: [ children: [
%{ %{
key: :federation, key: :federation,
@ -3433,6 +3433,7 @@
%{ %{
group: :pleroma, group: :pleroma,
key: :restrict_unauthenticated, key: :restrict_unauthenticated,
label: "Restrict Unauthenticated",
type: :group, type: :group,
description: description:
"Disallow viewing timelines, user profiles and statuses for unauthenticated users.", "Disallow viewing timelines, user profiles and statuses for unauthenticated users.",
@ -3555,13 +3556,17 @@
children: [ children: [
%{ %{
key: "name", key: "name",
label: "Name",
type: :string, type: :string,
description: "Name of the installed primary frontend" description:
"Name of the installed primary frontend. Valid config must include both `Name` and `Reference` values."
}, },
%{ %{
key: "ref", key: "ref",
label: "Reference",
type: :string, type: :string,
description: "reference of the installed primary frontend to be used" description:
"Reference of the installed primary frontend to be used. Valid config must include both `Name` and `Reference` values."
} }
] ]
} }

View file

@ -1266,11 +1266,14 @@ Loads json generated from `config/descriptions.exs`.
- Params: - Params:
- *optional* `page`: **integer** page number - *optional* `page`: **integer** page number
- *optional* `page_size`: **integer** number of log entries per page (default is `50`) - *optional* `page_size`: **integer** number of log entries per page (default is `50`)
- *optional* `query`: **string** search term
- Response: - Response:
``` json ``` json
{ {
"page_size": integer,
"count": integer,
"urls": [ "urls": [
"http://example.com/media/a688346.jpg", "http://example.com/media/a688346.jpg",
"http://example.com/media/fb1f4d.jpg" "http://example.com/media/fb1f4d.jpg"
@ -1290,12 +1293,7 @@ Loads json generated from `config/descriptions.exs`.
- Response: - Response:
``` json ``` json
{ { }
"urls": [
"http://example.com/media/a688346.jpg",
"http://example.com/media/fb1f4d.jpg"
]
}
``` ```
@ -1311,11 +1309,6 @@ Loads json generated from `config/descriptions.exs`.
- Response: - Response:
``` json ``` json
{ { }
"urls": [
"http://example.com/media/a688346.jpg",
"http://example.com/media/fb1f4d.jpg"
]
}
``` ```

View file

@ -11,15 +11,18 @@
config :pleroma, configurable_from_database: true config :pleroma, configurable_from_database: true
``` ```
```sh tab="OTP" === "OTP"
```sh
./bin/pleroma_ctl config migrate_to_db ./bin/pleroma_ctl config migrate_to_db
``` ```
```sh tab="From Source" === "From Source"
```sh
mix pleroma.config migrate_to_db mix pleroma.config migrate_to_db
``` ```
## Transfer config from DB to `config/env.exported_from_db.secret.exs` ## Transfer config from DB to `config/env.exported_from_db.secret.exs`
!!! note !!! note
@ -31,10 +34,12 @@ mix pleroma.config migrate_to_db
To delete transfered settings from database optional flag `-d` can be used. `<env>` is `prod` by default. To delete transfered settings from database optional flag `-d` can be used. `<env>` is `prod` by default.
```sh tab="OTP" === "OTP"
```sh
./bin/pleroma_ctl config migrate_from_db [--env=<env>] [-d] ./bin/pleroma_ctl config migrate_from_db [--env=<env>] [-d]
``` ```
```sh tab="From Source" === "From Source"
```sh
mix pleroma.config migrate_from_db [--env=<env>] [-d] mix pleroma.config migrate_from_db [--env=<env>] [-d]
``` ```

View file

@ -9,14 +9,19 @@
Replaces embedded objects with references to them in the `objects` table. Only needs to be ran once if the instance was created before Pleroma 1.0.5. The reason why this is not a migration is because it could significantly increase the database size after being ran, however after this `VACUUM FULL` will be able to reclaim about 20% (really depends on what is in the database, your mileage may vary) of the db size before the migration. Replaces embedded objects with references to them in the `objects` table. Only needs to be ran once if the instance was created before Pleroma 1.0.5. The reason why this is not a migration is because it could significantly increase the database size after being ran, however after this `VACUUM FULL` will be able to reclaim about 20% (really depends on what is in the database, your mileage may vary) of the db size before the migration.
```sh tab="OTP" === "OTP"
```sh
./bin/pleroma_ctl database remove_embedded_objects [option ...] ./bin/pleroma_ctl database remove_embedded_objects [option ...]
``` ```
```sh tab="From Source" === "From Source"
```sh
mix pleroma.database remove_embedded_objects [option ...] mix pleroma.database remove_embedded_objects [option ...]
``` ```
### Options ### Options
- `--vacuum` - run `VACUUM FULL` after the embedded objects are replaced with their references - `--vacuum` - run `VACUUM FULL` after the embedded objects are replaced with their references
@ -27,11 +32,15 @@ This will prune remote posts older than 90 days (configurable with [`config :ple
!!! danger !!! danger
The disk space will only be reclaimed after `VACUUM FULL`. You may run out of disk space during the execution of the task or vacuuming if you don't have about 1/3rds of the database size free. The disk space will only be reclaimed after `VACUUM FULL`. You may run out of disk space during the execution of the task or vacuuming if you don't have about 1/3rds of the database size free.
```sh tab="OTP" === "OTP"
```sh
./bin/pleroma_ctl database prune_objects [option ...] ./bin/pleroma_ctl database prune_objects [option ...]
``` ```
```sh tab="From Source" === "From Source"
```sh
mix pleroma.database prune_objects [option ...] mix pleroma.database prune_objects [option ...]
``` ```
@ -42,31 +51,43 @@ mix pleroma.database prune_objects [option ...]
Can be safely re-run Can be safely re-run
```sh tab="OTP" === "OTP"
```sh
./bin/pleroma_ctl database bump_all_conversations ./bin/pleroma_ctl database bump_all_conversations
``` ```
```sh tab="From Source" === "From Source"
```sh
mix pleroma.database bump_all_conversations mix pleroma.database bump_all_conversations
``` ```
## Remove duplicated items from following and update followers count for all users ## Remove duplicated items from following and update followers count for all users
```sh tab="OTP" === "OTP"
```sh
./bin/pleroma_ctl database update_users_following_followers_counts ./bin/pleroma_ctl database update_users_following_followers_counts
``` ```
```sh tab="From Source" === "From Source"
```sh
mix pleroma.database update_users_following_followers_counts mix pleroma.database update_users_following_followers_counts
``` ```
## Fix the pre-existing "likes" collections for all objects ## Fix the pre-existing "likes" collections for all objects
```sh tab="OTP" === "OTP"
```sh
./bin/pleroma_ctl database fix_likes_collections ./bin/pleroma_ctl database fix_likes_collections
``` ```
```sh tab="From Source" === "From Source"
```sh
mix pleroma.database fix_likes_collections mix pleroma.database fix_likes_collections
``` ```
@ -76,11 +97,15 @@ mix pleroma.database fix_likes_collections
Running an `analyze` vacuum job can improve performance by updating statistics used by the query planner. **It is safe to cancel this.** Running an `analyze` vacuum job can improve performance by updating statistics used by the query planner. **It is safe to cancel this.**
```sh tab="OTP" === "OTP"
```sh
./bin/pleroma_ctl database vacuum analyze ./bin/pleroma_ctl database vacuum analyze
``` ```
```sh tab="From Source" === "From Source"
```sh
mix pleroma.database vacuum analyze mix pleroma.database vacuum analyze
``` ```
@ -91,20 +116,28 @@ and more compact files with an optimized layout. This process will take a long t
it builds the files side-by-side the existing database files. It can make your database faster and use less disk space, it builds the files side-by-side the existing database files. It can make your database faster and use less disk space,
but should only be run if necessary. **It is safe to cancel this.** but should only be run if necessary. **It is safe to cancel this.**
```sh tab="OTP" === "OTP"
```sh
./bin/pleroma_ctl database vacuum full ./bin/pleroma_ctl database vacuum full
``` ```
```sh tab="From Source" === "From Source"
```sh
mix pleroma.database vacuum full mix pleroma.database vacuum full
``` ```
## Add expiration to all local statuses ## Add expiration to all local statuses
```sh tab="OTP" === "OTP"
```sh
./bin/pleroma_ctl database ensure_expiration ./bin/pleroma_ctl database ensure_expiration
``` ```
```sh tab="From Source" === "From Source"
```sh
mix pleroma.database ensure_expiration mix pleroma.database ensure_expiration
``` ```

View file

@ -4,22 +4,30 @@
## Send digest email since given date (user registration date by default) ignoring user activity status. ## Send digest email since given date (user registration date by default) ignoring user activity status.
```sh tab="OTP" === "OTP"
```sh
./bin/pleroma_ctl digest test <nickname> [since_date] ./bin/pleroma_ctl digest test <nickname> [since_date]
``` ```
```sh tab="From Source" === "From Source"
```sh
mix pleroma.digest test <nickname> [since_date] mix pleroma.digest test <nickname> [since_date]
``` ```
Example: Example:
```sh tab="OTP" === "OTP"
```sh
./bin/pleroma_ctl digest test donaldtheduck 2019-05-20 ./bin/pleroma_ctl digest test donaldtheduck 2019-05-20
``` ```
```sh tab="From Source" === "From Source"
```sh
mix pleroma.digest test donaldtheduck 2019-05-20 mix pleroma.digest test donaldtheduck 2019-05-20
``` ```

View file

@ -4,21 +4,29 @@
## Send test email (instance email by default) ## Send test email (instance email by default)
```sh tab="OTP" === "OTP"
```sh
./bin/pleroma_ctl email test [--to <destination email address>] ./bin/pleroma_ctl email test [--to <destination email address>]
``` ```
```sh tab="From Source" === "From Source"
```sh
mix pleroma.email test [--to <destination email address>] mix pleroma.email test [--to <destination email address>]
``` ```
Example: Example:
```sh tab="OTP" === "OTP"
```sh
./bin/pleroma_ctl email test --to root@example.org ./bin/pleroma_ctl email test --to root@example.org
``` ```
```sh tab="From Source" === "From Source"
```sh
mix pleroma.email test --to root@example.org mix pleroma.email test --to root@example.org
``` ```

View file

@ -4,11 +4,13 @@
## Lists emoji packs and metadata specified in the manifest ## Lists emoji packs and metadata specified in the manifest
```sh tab="OTP" === "OTP"
```sh
./bin/pleroma_ctl emoji ls-packs [option ...] ./bin/pleroma_ctl emoji ls-packs [option ...]
``` ```
```sh tab="From Source" === "From Source"
```sh
mix pleroma.emoji ls-packs [option ...] mix pleroma.emoji ls-packs [option ...]
``` ```
@ -18,11 +20,13 @@ mix pleroma.emoji ls-packs [option ...]
## Fetch, verify and install the specified packs from the manifest into `STATIC-DIR/emoji/PACK-NAME` ## Fetch, verify and install the specified packs from the manifest into `STATIC-DIR/emoji/PACK-NAME`
```sh tab="OTP" === "OTP"
```sh
./bin/pleroma_ctl emoji get-packs [option ...] <pack ...> ./bin/pleroma_ctl emoji get-packs [option ...] <pack ...>
``` ```
```sh tab="From Source" === "From Source"
```sh
mix pleroma.emoji get-packs [option ...] <pack ...> mix pleroma.emoji get-packs [option ...] <pack ...>
``` ```
@ -31,11 +35,13 @@ mix pleroma.emoji get-packs [option ...] <pack ...>
## Create a new manifest entry and a file list from the specified remote pack file ## Create a new manifest entry and a file list from the specified remote pack file
```sh tab="OTP" === "OTP"
```sh
./bin/pleroma_ctl emoji gen-pack PACK-URL ./bin/pleroma_ctl emoji gen-pack PACK-URL
``` ```
```sh tab="From Source" === "From Source"
```sh
mix pleroma.emoji gen-pack PACK-URL mix pleroma.emoji gen-pack PACK-URL
``` ```
@ -47,7 +53,8 @@ Currently, only .zip archives are recognized as remote pack files and packs are
## Reload emoji packs ## Reload emoji packs
```sh tab="OTP" === "OTP"
```sh
./bin/pleroma_ctl emoji reload ./bin/pleroma_ctl emoji reload
``` ```

View file

@ -3,11 +3,15 @@
{! backend/administration/CLI_tasks/general_cli_task_info.include !} {! backend/administration/CLI_tasks/general_cli_task_info.include !}
## Generate a new configuration file ## Generate a new configuration file
```sh tab="OTP" === "OTP"
```sh
./bin/pleroma_ctl instance gen [option ...] ./bin/pleroma_ctl instance gen [option ...]
``` ```
```sh tab="From Source" === "From Source"
```sh
mix pleroma.instance gen [option ...] mix pleroma.instance gen [option ...]
``` ```

View file

@ -7,10 +7,14 @@
Optional params: Optional params:
* `-s SCOPES` - scopes for app, e.g. `read,write,follow,push`. * `-s SCOPES` - scopes for app, e.g. `read,write,follow,push`.
```sh tab="OTP" === "OTP"
```sh
./bin/pleroma_ctl app create -n APP_NAME -r REDIRECT_URI ./bin/pleroma_ctl app create -n APP_NAME -r REDIRECT_URI
``` ```
```sh tab="From Source" === "From Source"
```sh
mix pleroma.app create -n APP_NAME -r REDIRECT_URI mix pleroma.app create -n APP_NAME -r REDIRECT_URI
``` ```

View file

@ -4,30 +4,42 @@
## Follow a relay ## Follow a relay
```sh tab="OTP" === "OTP"
```sh
./bin/pleroma_ctl relay follow <relay_url> ./bin/pleroma_ctl relay follow <relay_url>
``` ```
```sh tab="From Source" === "From Source"
```sh
mix pleroma.relay follow <relay_url> mix pleroma.relay follow <relay_url>
``` ```
## Unfollow a remote relay ## Unfollow a remote relay
```sh tab="OTP" === "OTP"
```sh
./bin/pleroma_ctl relay unfollow <relay_url> ./bin/pleroma_ctl relay unfollow <relay_url>
``` ```
```sh tab="From Source" === "From Source"
```sh
mix pleroma.relay unfollow <relay_url> mix pleroma.relay unfollow <relay_url>
``` ```
## List relay subscriptions ## List relay subscriptions
```sh tab="OTP" === "OTP"
```sh
./bin/pleroma_ctl relay list ./bin/pleroma_ctl relay list
``` ```
```sh tab="From Source" === "From Source"
```sh
mix pleroma.relay list mix pleroma.relay list
``` ```

View file

@ -0,0 +1,21 @@
# Managing robots.txt
{! backend/administration/CLI_tasks/general_cli_task_info.include !}
## Generate a new robots.txt file and add it to the static directory
The `robots.txt` that ships by default is permissive. It allows well-behaved search engines to index all of your instance's URIs.
If you want to generate a restrictive `robots.txt`, you can run the following mix task. The generated `robots.txt` will be written in your instance [static directory](../../../configuration/static_dir/).
=== "OTP"
```sh
./bin/pleroma_ctl robots_txt disallow_all
```
=== "From Source"
```sh
mix pleroma.robots_txt disallow_all
```

View file

@ -3,11 +3,15 @@
{! backend/administration/CLI_tasks/general_cli_task_info.include !} {! backend/administration/CLI_tasks/general_cli_task_info.include !}
## Migrate uploads from local to remote storage ## Migrate uploads from local to remote storage
```sh tab="OTP" === "OTP"
```sh
./bin/pleroma_ctl uploads migrate_local <target_uploader> [option ...] ./bin/pleroma_ctl uploads migrate_local <target_uploader> [option ...]
``` ```
```sh tab="From Source" === "From Source"
```sh
mix pleroma.uploads migrate_local <target_uploader> [option ...] mix pleroma.uploads migrate_local <target_uploader> [option ...]
``` ```

View file

@ -4,11 +4,15 @@
## Create a user ## Create a user
```sh tab="OTP" === "OTP"
```sh
./bin/pleroma_ctl user new <nickname> <email> [option ...] ./bin/pleroma_ctl user new <nickname> <email> [option ...]
``` ```
```sh tab="From Source" === "From Source"
```sh
mix pleroma.user new <nickname> <email> [option ...] mix pleroma.user new <nickname> <email> [option ...]
``` ```
@ -22,21 +26,31 @@ mix pleroma.user new <nickname> <email> [option ...]
- `-y`, `--assume-yes`/`--no-assume-yes` - whether to assume yes to all questions - `-y`, `--assume-yes`/`--no-assume-yes` - whether to assume yes to all questions
## List local users ## List local users
```sh tab="OTP"
=== "OTP"
```sh
./bin/pleroma_ctl user list ./bin/pleroma_ctl user list
``` ```
```sh tab="From Source" === "From Source"
```sh
mix pleroma.user list mix pleroma.user list
``` ```
## Generate an invite link ## Generate an invite link
```sh tab="OTP"
=== "OTP"
```sh
./bin/pleroma_ctl user invite [option ...] ./bin/pleroma_ctl user invite [option ...]
``` ```
```sh tab="From Source" === "From Source"
```sh
mix pleroma.user invite [option ...] mix pleroma.user invite [option ...]
``` ```
@ -46,111 +60,166 @@ mix pleroma.user invite [option ...]
- `--max-use NUMBER` - maximum numbers of token uses - `--max-use NUMBER` - maximum numbers of token uses
## List generated invites ## List generated invites
```sh tab="OTP"
=== "OTP"
```sh
./bin/pleroma_ctl user invites ./bin/pleroma_ctl user invites
``` ```
```sh tab="From Source" === "From Source"
```sh
mix pleroma.user invites mix pleroma.user invites
``` ```
## Revoke invite ## Revoke invite
```sh tab="OTP"
=== "OTP"
```sh
./bin/pleroma_ctl user revoke_invite <token> ./bin/pleroma_ctl user revoke_invite <token>
``` ```
```sh tab="From Source" === "From Source"
```sh
mix pleroma.user revoke_invite <token> mix pleroma.user revoke_invite <token>
``` ```
## Delete a user ## Delete a user
```sh tab="OTP"
=== "OTP"
```sh
./bin/pleroma_ctl user rm <nickname> ./bin/pleroma_ctl user rm <nickname>
``` ```
```sh tab="From Source" === "From Source"
```sh
mix pleroma.user rm <nickname> mix pleroma.user rm <nickname>
``` ```
## Delete user's posts and interactions ## Delete user's posts and interactions
```sh tab="OTP"
=== "OTP"
```sh
./bin/pleroma_ctl user delete_activities <nickname> ./bin/pleroma_ctl user delete_activities <nickname>
``` ```
```sh tab="From Source" === "From Source"
```sh
mix pleroma.user delete_activities <nickname> mix pleroma.user delete_activities <nickname>
``` ```
## Sign user out from all applications (delete user's OAuth tokens and authorizations) ## Sign user out from all applications (delete user's OAuth tokens and authorizations)
```sh tab="OTP"
=== "OTP"
```sh
./bin/pleroma_ctl user sign_out <nickname> ./bin/pleroma_ctl user sign_out <nickname>
``` ```
```sh tab="From Source" === "From Source"
```sh
mix pleroma.user sign_out <nickname> mix pleroma.user sign_out <nickname>
``` ```
## Deactivate or activate a user ## Deactivate or activate a user
```sh tab="OTP"
=== "OTP"
```sh
./bin/pleroma_ctl user toggle_activated <nickname> ./bin/pleroma_ctl user toggle_activated <nickname>
``` ```
```sh tab="From Source" === "From Source"
```sh
mix pleroma.user toggle_activated <nickname> mix pleroma.user toggle_activated <nickname>
``` ```
## Deactivate a user and unsubscribes local users from the user ## Deactivate a user and unsubscribes local users from the user
```sh tab="OTP"
=== "OTP"
```sh
./bin/pleroma_ctl user deactivate NICKNAME ./bin/pleroma_ctl user deactivate NICKNAME
``` ```
```sh tab="From Source" === "From Source"
```sh
mix pleroma.user deactivate NICKNAME mix pleroma.user deactivate NICKNAME
``` ```
## Deactivate all accounts from an instance and unsubscribe local users on it ## Deactivate all accounts from an instance and unsubscribe local users on it
```sh tab="OTP"
=== "OTP"
```sh
./bin/pleroma_ctl user deactivate_all_from_instance <instance> ./bin/pleroma_ctl user deactivate_all_from_instance <instance>
``` ```
```sh tab="From Source" === "From Source"
```sh
mix pleroma.user deactivate_all_from_instance <instance> mix pleroma.user deactivate_all_from_instance <instance>
``` ```
## Create a password reset link for user ## Create a password reset link for user
```sh tab="OTP"
=== "OTP"
```sh
./bin/pleroma_ctl user reset_password <nickname> ./bin/pleroma_ctl user reset_password <nickname>
``` ```
```sh tab="From Source" === "From Source"
```sh
mix pleroma.user reset_password <nickname> mix pleroma.user reset_password <nickname>
``` ```
## Disable Multi Factor Authentication (MFA/2FA) for a user ## Disable Multi Factor Authentication (MFA/2FA) for a user
```sh tab="OTP"
=== "OTP"
```sh
./bin/pleroma_ctl user reset_mfa <nickname> ./bin/pleroma_ctl user reset_mfa <nickname>
``` ```
```sh tab="From Source" === "From Source"
```sh
mix pleroma.user reset_mfa <nickname> mix pleroma.user reset_mfa <nickname>
``` ```
## Set the value of the given user's settings ## Set the value of the given user's settings
```sh tab="OTP"
=== "OTP"
```sh
./bin/pleroma_ctl user set <nickname> [option ...] ./bin/pleroma_ctl user set <nickname> [option ...]
``` ```
```sh tab="From Source" === "From Source"
```sh
mix pleroma.user set <nickname> [option ...] mix pleroma.user set <nickname> [option ...]
``` ```
@ -160,30 +229,45 @@ mix pleroma.user set <nickname> [option ...]
- `--admin`/`--no-admin` - whether the user should be an admin - `--admin`/`--no-admin` - whether the user should be an admin
## Add tags to a user ## Add tags to a user
```sh tab="OTP"
=== "OTP"
```sh
./bin/pleroma_ctl user tag <nickname> <tags> ./bin/pleroma_ctl user tag <nickname> <tags>
``` ```
```sh tab="From Source" === "From Source"
```sh
mix pleroma.user tag <nickname> <tags> mix pleroma.user tag <nickname> <tags>
``` ```
## Delete tags from a user ## Delete tags from a user
```sh tab="OTP"
=== "OTP"
```sh
./bin/pleroma_ctl user untag <nickname> <tags> ./bin/pleroma_ctl user untag <nickname> <tags>
``` ```
```sh tab="From Source" === "From Source"
```sh
mix pleroma.user untag <nickname> <tags> mix pleroma.user untag <nickname> <tags>
``` ```
## Toggle confirmation status of the user ## Toggle confirmation status of the user
```sh tab="OTP"
=== "OTP"
```sh
./bin/pleroma_ctl user toggle_confirmed <nickname> ./bin/pleroma_ctl user toggle_confirmed <nickname>
``` ```
```sh tab="From Source" === "From Source"
```sh
mix pleroma.user toggle_confirmed <nickname> mix pleroma.user toggle_confirmed <nickname>
``` ```

View file

@ -38,7 +38,7 @@ To add configuration to your config file, you can copy it from the base config.
* `federation_incoming_replies_max_depth`: Max. depth of reply-to activities fetching on incoming federation, to prevent out-of-memory situations while fetching very long threads. If set to `nil`, threads of any depth will be fetched. Lower this value if you experience out-of-memory crashes. * `federation_incoming_replies_max_depth`: Max. depth of reply-to activities fetching on incoming federation, to prevent out-of-memory situations while fetching very long threads. If set to `nil`, threads of any depth will be fetched. Lower this value if you experience out-of-memory crashes.
* `federation_reachability_timeout_days`: Timeout (in days) of each external federation target being unreachable prior to pausing federating to it. * `federation_reachability_timeout_days`: Timeout (in days) of each external federation target being unreachable prior to pausing federating to it.
* `allow_relay`: Enable Pleromas Relay, which makes it possible to follow a whole instance. * `allow_relay`: Enable Pleromas Relay, which makes it possible to follow a whole instance.
* `public`: Makes the client API in authenticated mode-only except for user-profiles. Useful for disabling the Local Timeline and The Whole Known Network. See also: `restrict_unauthenticated`. * `public`: Makes the client API in authenticated mode-only except for user-profiles. Useful for disabling the Local Timeline and The Whole Known Network. Note that there is a dependent setting restricting or allowing unauthenticated access to specific resources, see `restrict_unauthenticated` for more details.
* `quarantined_instances`: List of ActivityPub instances where private (DMs, followers-only) activities will not be send. * `quarantined_instances`: List of ActivityPub instances where private (DMs, followers-only) activities will not be send.
* `managed_config`: Whenether the config for pleroma-fe is configured in [:frontend_configurations](#frontend_configurations) or in ``static/config.json``. * `managed_config`: Whenether the config for pleroma-fe is configured in [:frontend_configurations](#frontend_configurations) or in ``static/config.json``.
* `allowed_post_formats`: MIME-type list of formats allowed to be posted (transformed into HTML). * `allowed_post_formats`: MIME-type list of formats allowed to be posted (transformed into HTML).
@ -114,6 +114,7 @@ To add configuration to your config file, you can copy it from the base config.
* `Pleroma.Web.ActivityPub.MRF.MentionPolicy`: Drops posts mentioning configurable users. (See [`:mrf_mention`](#mrf_mention)). * `Pleroma.Web.ActivityPub.MRF.MentionPolicy`: Drops posts mentioning configurable users. (See [`:mrf_mention`](#mrf_mention)).
* `Pleroma.Web.ActivityPub.MRF.VocabularyPolicy`: Restricts activities to a configured set of vocabulary. (See [`:mrf_vocabulary`](#mrf_vocabulary)). * `Pleroma.Web.ActivityPub.MRF.VocabularyPolicy`: Restricts activities to a configured set of vocabulary. (See [`:mrf_vocabulary`](#mrf_vocabulary)).
* `Pleroma.Web.ActivityPub.MRF.ObjectAgePolicy`: Rejects or delists posts based on their age when received. (See [`:mrf_object_age`](#mrf_object_age)). * `Pleroma.Web.ActivityPub.MRF.ObjectAgePolicy`: Rejects or delists posts based on their age when received. (See [`:mrf_object_age`](#mrf_object_age)).
* `Pleroma.Web.ActivityPub.MRF.ActivityExpirationPolicy`: Sets a default expiration on all posts made by users of the local instance. Requires `Pleroma.ActivityExpiration` to be enabled for processing the scheduled delections.
* `transparency`: Make the content of your Message Rewrite Facility settings public (via nodeinfo). * `transparency`: Make the content of your Message Rewrite Facility settings public (via nodeinfo).
* `transparency_exclusions`: Exclude specific instance names from MRF transparency. The use of the exclusions feature will be disclosed in nodeinfo as a boolean value. * `transparency_exclusions`: Exclude specific instance names from MRF transparency. The use of the exclusions feature will be disclosed in nodeinfo as a boolean value.
@ -220,6 +221,8 @@ config :pleroma, :mrf_user_allowlist, %{
## Pleroma.ActivityExpiration ## Pleroma.ActivityExpiration
Enables the worker which processes posts scheduled for deletion. Pinned posts are exempt from expiration.
* `enabled`: whether expired activities will be sent to the job queue to be deleted * `enabled`: whether expired activities will be sent to the job queue to be deleted
## Frontends ## Frontends
@ -1048,6 +1051,8 @@ Restrict access for unauthenticated users to timelines (public and federated), u
* `local` * `local`
* `remote` * `remote`
Note: when `:instance, :public` is set to `false`, all `:restrict_unauthenticated` items be effectively set to `true` by default. If you'd like to allow unauthenticated access to specific API endpoints on a private instance, please explicitly set `:restrict_unauthenticated` to non-default value in `config/prod.secret.exs`.
Note: setting `restrict_unauthenticated/timelines/local` to `true` has no practical sense if `restrict_unauthenticated/timelines/federated` is set to `false` (since local public activities will still be delivered to unauthenticated users as part of federated timeline). Note: setting `restrict_unauthenticated/timelines/local` to `true` has no practical sense if `restrict_unauthenticated/timelines/federated` is set to `false` (since local public activities will still be delivered to unauthenticated users as part of federated timeline).
## Pleroma.Web.ApiSpec.CastAndValidate ## Pleroma.Web.ApiSpec.CastAndValidate

View file

@ -1,45 +1,61 @@
# Static Directory # Static Directory
Static frontend files are shipped in `priv/static/` and tracked by version control in this repository. If you want to overwrite or update these without the possibility of merge conflicts, you can write your custom versions to `instance/static/`. Static frontend files are shipped with pleroma. If you want to overwrite or update these without problems during upgrades, you can write your custom versions to the static directory.
``` You can find the location of the static directory in the [configuration](../cheatsheet/#instance).
=== "OTP"
```elixir
config :pleroma, :instance, config :pleroma, :instance,
static_dir: "instance/static/", static_dir: "/var/lib/pleroma/static/"
``` ```
For example, edit `instance/static/instance/panel.html` . === "From Source"
```elixir
config :pleroma, :instance,
static_dir: "instance/static/"
```
Alternatively, you can overwrite this value in your configuration to use a different static instance directory. Alternatively, you can overwrite this value in your configuration to use a different static instance directory.
This document is written assuming `instance/static/`. This document is written using `$static_dir` as the value of the `config :pleroma, :instance, static_dir` setting.
Or, if you want to manage your custom file in git repository, basically remove the `instance/` entry from `.gitignore`. If you use a From Source installation and want to manage your custom files in the git repository, you can remove the `instance/` entry from `.gitignore`.
## robots.txt ## robots.txt
By default, the `robots.txt` that ships in `priv/static/` is permissive. It allows well-behaved search engines to index all of your instance's URIs. There's a mix tasks to [generate a new robot.txt](../../administration/CLI_tasks/robots_txt/).
If you want to generate a restrictive `robots.txt`, you can run the following mix task. The generated `robots.txt` will be written in your instance static directory. For more complex things, you can write your own robots.txt to `$static_dir/robots.txt`.
E.g. if you want to block all crawlers except for [fediverse.network](https://fediverse.network/about) you can use
``` ```
mix pleroma.robots_txt disallow_all User-Agent: *
Disallow: /
User-Agent: crawler-us-il-1.fediverse.network
Allow: /
User-Agent: makhnovtchina.random.sh
Allow: /
``` ```
## Thumbnail ## Thumbnail
Put on `instance/static/instance/thumbnail.jpeg` with your selfie or other neat picture. It will appear in [Pleroma Instances](http://distsn.org/pleroma-instances.html). Add `$static_dir/instance/thumbnail.jpeg` with your selfie or other neat picture. It will be available on `http://your-domain.tld/instance/thumbnail.jpeg` and can be used by external applications.
## Instance-specific panel ## Instance-specific panel
![instance-specific panel demo](/uploads/296b19ec806b130e0b49b16bfe29ce8a/image.png) Create and Edit your file at `$static_dir/instance/panel.html`.
Create and Edit your file on `instance/static/instance/panel.html`.
## Background ## Background
You can change the background of your Pleroma instance by uploading it to `instance/static/`, and then changing `background` in `config/prod.secret.exs` accordingly. You can change the background of your Pleroma instance by uploading it to `$static_dir/`, and then changing `background` in [your configuration](../cheatsheet/#frontend_configurations) accordingly.
If you put `instance/static/images/background.jpg` E.g. if you put `$static_dir/images/background.jpg`
``` ```
config :pleroma, :frontend_configurations, config :pleroma, :frontend_configurations,
@ -50,12 +66,14 @@ config :pleroma, :frontend_configurations,
## Logo ## Logo
![logo modification demo](/uploads/c70b14de60fa74245e7f0dcfa695ebff/image.png) !!! important
Note the extra `static` folder for the default logo.png location
If you want to give a brand to your instance, You can change the logo of your instance by uploading it to `instance/static/`. If you want to give a brand to your instance, You can change the logo of your instance by uploading it to the static directory `$static_dir/static/logo.png`.
Alternatively, you can specify the path with config. Alternatively, you can specify the path to your logo in [your configuration](../cheatsheet/#frontend_configurations).
If you put `instance/static/static/mylogo-file.png`
E.g. if you put `$static_dir/static/mylogo-file.png`
``` ```
config :pleroma, :frontend_configurations, config :pleroma, :frontend_configurations,
@ -66,4 +84,7 @@ config :pleroma, :frontend_configurations,
## Terms of Service ## Terms of Service
Terms of Service will be shown to all users on the registration page. It's the best place where to write down the rules for your instance. You can modify the rules by changing `instance/static/static/terms-of-service.html`. !!! important
Note the extra `static` folder for the terms-of-service.html
Terms of Service will be shown to all users on the registration page. It's the best place where to write down the rules for your instance. You can modify the rules by adding and changing `$static_dir/static/terms-of-service.html`.

View file

@ -0,0 +1,210 @@
# Installing on FreeBSD
This document was written for FreeBSD 12.1, but should be work on future releases.
## Required software
This assumes the target system has `pkg(8)`.
```
# pkg install elixir postgresql12-server postgresql12-client postgresql12-contrib git-lite sudo nginx gmake acme.sh
```
Copy the rc.d scripts to the right directory:
Setup the required services to automatically start at boot, using `sysrc(8)`.
```
# sysrc nginx_enable=YES
# sysrc postgresql_enable=YES
```
## Initialize postgres
```
# service postgresql initdb
# service postgresql start
```
## Configuring Pleroma
Create a user for Pleroma:
```
# pw add user pleroma -m
# echo 'export LC_ALL="en_US.UTF-8"' >> /home/pleroma/.profile
# su -l pleroma
```
Clone the repository:
```
$ cd $HOME # Should be the same as /home/pleroma
$ git clone -b stable https://git.pleroma.social/pleroma/pleroma.git
```
Configure Pleroma. Note that you need a domain name at this point:
```
$ cd /home/pleroma/pleroma
$ mix deps.get # Enter "y" when asked to install Hex
$ mix pleroma.instance gen # You will be asked a few questions here.
$ cp config/generated_config.exs config/prod.secret.exs
```
Since Postgres is configured, we can now initialize the database. There should
now be a file in `config/setup_db.psql` that makes this easier. Edit it, and
*change the password* to a password of your choice. Make sure it is secure, since
it'll be protecting your database. As root, you can now initialize the database:
```
# cd /home/pleroma/pleroma
# sudo -Hu postgres -g postgres psql -f config/setup_db.psql
```
Postgres allows connections from all users without a password by default. To
fix this, edit `/var/db/postgres/data12/pg_hba.conf`. Change every `trust` to
`password`.
Once this is done, restart Postgres with:
```
# service postgresql restart
```
Run the database migrations.
Back as the pleroma user, run the following to implement any database migrations.
```
# su -l pleroma
$ cd /home/pleroma/pleroma
$ MIX_ENV=prod mix ecto.migrate
```
You will need to do this whenever you update with `git pull`:
## Configuring acme.sh
We'll be using acme.sh in Stateless Mode for TLS certificate renewal.
First, as root, allow the user `acme` to have access to the acme log file, as follows:
```
# touch /var/log/acme.sh.log
# chown acme:acme /var/log/acme.sh.log
# chmod 600 /var/log/acme.sh.log
```
Next, obtain your account fingerprint:
```
# sudo -Hu acme -g acme acme.sh --register-account
```
You need to add the following to your nginx configuration for the server
running on port 80:
```
location ~ ^/\.well-known/acme-challenge/([-_a-zA-Z0-9]+)$ {
default_type text/plain;
return 200 "$1.6fXAG9VyG0IahirPEU2ZerUtItW2DHzDzD9wZaEKpqd";
}
```
Replace the string after after `$1.` with your fingerprint.
Start nginx:
```
# service nginx start
```
It should now be possible to issue a cert (replace `example.com`
with your domain name):
```
# sudo -Hu acme -g acme acme.sh --issue -d example.com --stateless
```
Let's add auto-renewal to `/etc/crontab`
(replace `example.com` with your domain):
```
/usr/local/bin/sudo -Hu acme -g acme /usr/local/sbin/acme.sh -r -d example.com --stateless
```
### Configuring nginx
FreeBSD's default nginx configuration does not contain an include directive, which is
typically used for multiple sites. Therefore, you will need to first create the required
directory as follows:
```
# mkdir -p /usr/local/etc/nginx/sites-available
```
Next, add an `include` directive to `/usr/local/etc/nginx/nginx.conf`, within the `http {}`
block, as follows:
```
http {
...
include /usr/local/etc/nginx/sites-available/*;
}
```
As root, copy `/home/pleroma/pleroma/installation/pleroma.nginx` to
`/usr/local/etc/nginx/sites-available/pleroma.nginx`.
Edit the defaults of `/usr/local/etc/nginx/sites-available/pleroma.nginx`:
* Change `ssl_trusted_certificate` to `/var/db/acme/certs/example.tld/example.tld.cer`.
* Change `ssl_certificate` to `/var/db/acme/certs/example.tld/fullchain.cer`.
* Change `ssl_certificate_key` to `/var/db/acme/certs/example.tld/example.tld.key`.
* Change all references of `example.tld` to your instance's domain name.
## Creating a startup script for Pleroma
Pleroma will need to compile when it initially starts, which typically takes a longer
period of time. Therefore, it is good practice to initially run pleroma from the
command-line before utilizing the rc.d script. That is done as follows:
```
# su -l pleroma
$ cd $HOME/pleroma
$ MIX_ENV=prod mix phx.server
```
Copy the startup script to the correct location and make sure it's executable:
```
# cp /home/pleroma/pleroma/installation/freebsd/rc.d/pleroma /usr/local/etc/rc.d/pleroma
# chmod +x /usr/local/etc/rc.d/pleroma
```
Update the `/etc/rc.conf` and start pleroma with the following commands:
```
# sysrc pleroma_enable=YES
# service pleroma start
```
#### Create your first user
If your instance is up and running, you can create your first user with administrative rights with the following task:
```shell
sudo -Hu pleroma MIX_ENV=prod mix pleroma.user new <username> <your@emailaddress> --admin
```
## Conclusion
Restart nginx with `# service nginx restart` and you should be up and running.
Make sure your time is in sync, or other instances will receive your posts with
incorrect timestamps. You should have ntpd running.
## Questions
Questions about the installation or didnt it work as it should be, ask in [#pleroma:matrix.org](https://matrix.heldscal.la/#/room/#freenode_#pleroma:matrix.org) or IRC Channel **#pleroma** on **Freenode**.

View file

@ -8,11 +8,13 @@ You will be running commands as root. If you aren't root already, please elevate
The system needs to have `curl` and `unzip` installed for downloading and unpacking release builds. The system needs to have `curl` and `unzip` installed for downloading and unpacking release builds.
```sh tab="Alpine" === "Alpine"
```sh
apk add curl unzip apk add curl unzip
``` ```
```sh tab="Debian/Ubuntu" === "Debian/Ubuntu"
```sh
apt install curl unzip apt install curl unzip
``` ```
@ -110,7 +112,8 @@ OTP releases have different service files than from-source installs so they need
**Warning:** The service files assume pleroma user's home directory is `/opt/pleroma`, please make sure all paths fit your installation. **Warning:** The service files assume pleroma user's home directory is `/opt/pleroma`, please make sure all paths fit your installation.
```sh tab="Alpine" === "Alpine"
```sh
# Copy the service into a proper directory # Copy the service into a proper directory
cp -f ~pleroma/installation/init.d/pleroma /etc/init.d/pleroma cp -f ~pleroma/installation/init.d/pleroma /etc/init.d/pleroma
@ -118,7 +121,8 @@ cp -f ~pleroma/installation/init.d/pleroma /etc/init.d/pleroma
rc-service pleroma start rc-service pleroma start
``` ```
```sh tab="Debian/Ubuntu" === "Debian/Ubuntu"
```sh
# Copy the service into a proper directory # Copy the service into a proper directory
cp ~pleroma/installation/pleroma.service /etc/systemd/system/pleroma.service cp ~pleroma/installation/pleroma.service /etc/systemd/system/pleroma.service

View file

@ -28,13 +28,15 @@ Other than things bundled in the OTP release Pleroma depends on:
* nginx (could be swapped with another reverse proxy but this guide covers only it) * nginx (could be swapped with another reverse proxy but this guide covers only it)
* certbot (for Let's Encrypt certificates, could be swapped with another ACME client, but this guide covers only it) * certbot (for Let's Encrypt certificates, could be swapped with another ACME client, but this guide covers only it)
```sh tab="Alpine" === "Alpine"
```
echo "http://nl.alpinelinux.org/alpine/latest-stable/community" >> /etc/apk/repositories echo "http://nl.alpinelinux.org/alpine/latest-stable/community" >> /etc/apk/repositories
apk update apk update
apk add curl unzip ncurses postgresql postgresql-contrib nginx certbot apk add curl unzip ncurses postgresql postgresql-contrib nginx certbot
``` ```
```sh tab="Debian/Ubuntu" === "Debian/Ubuntu"
```
apt install curl unzip libncurses5 postgresql postgresql-contrib nginx certbot apt install curl unzip libncurses5 postgresql postgresql-contrib nginx certbot
``` ```
@ -47,7 +49,8 @@ apt install curl unzip libncurses5 postgresql postgresql-contrib nginx certbot
RUM indexes are an alternative indexing scheme that is not included in PostgreSQL by default. You can read more about them on the [Configuration page](../configuration/cheatsheet.md#rum-indexing-for-full-text-search). They are completely optional and most of the time are not worth it, especially if you are running a single user instance (unless you absolutely need ordered search results). RUM indexes are an alternative indexing scheme that is not included in PostgreSQL by default. You can read more about them on the [Configuration page](../configuration/cheatsheet.md#rum-indexing-for-full-text-search). They are completely optional and most of the time are not worth it, especially if you are running a single user instance (unless you absolutely need ordered search results).
```sh tab="Alpine" === "Alpine"
```
apk add git build-base postgresql-dev apk add git build-base postgresql-dev
git clone https://github.com/postgrespro/rum /tmp/rum git clone https://github.com/postgrespro/rum /tmp/rum
cd /tmp/rum cd /tmp/rum
@ -57,7 +60,8 @@ cd
rm -r /tmp/rum rm -r /tmp/rum
``` ```
```sh tab="Debian/Ubuntu" === "Debian/Ubuntu"
```
# Available only on Buster/19.04 # Available only on Buster/19.04
apt install postgresql-11-rum apt install postgresql-11-rum
``` ```
@ -65,11 +69,13 @@ apt install postgresql-11-rum
#### (Optional) Performance configuration #### (Optional) Performance configuration
It is encouraged to check [Optimizing your PostgreSQL performance](../configuration/postgresql.md) document, for tips on PostgreSQL tuning. It is encouraged to check [Optimizing your PostgreSQL performance](../configuration/postgresql.md) document, for tips on PostgreSQL tuning.
```sh tab="Alpine" === "Alpine"
```
rc-service postgresql restart rc-service postgresql restart
``` ```
```sh tab="Debian/Ubuntu" === "Debian/Ubuntu"
```
systemctl restart postgresql systemctl restart postgresql
``` ```
@ -151,11 +157,13 @@ certbot certonly --standalone --preferred-challenges http -d yourinstance.tld
The location of nginx configs is dependent on the distro The location of nginx configs is dependent on the distro
```sh tab="Alpine" === "Alpine"
```
cp /opt/pleroma/installation/pleroma.nginx /etc/nginx/conf.d/pleroma.conf cp /opt/pleroma/installation/pleroma.nginx /etc/nginx/conf.d/pleroma.conf
``` ```
```sh tab="Debian/Ubuntu" === "Debian/Ubuntu"
```
cp /opt/pleroma/installation/pleroma.nginx /etc/nginx/sites-available/pleroma.conf cp /opt/pleroma/installation/pleroma.nginx /etc/nginx/sites-available/pleroma.conf
ln -s /etc/nginx/sites-available/pleroma.conf /etc/nginx/sites-enabled/pleroma.conf ln -s /etc/nginx/sites-available/pleroma.conf /etc/nginx/sites-enabled/pleroma.conf
``` ```
@ -175,11 +183,13 @@ nginx -t
``` ```
#### Start nginx #### Start nginx
```sh tab="Alpine" === "Alpine"
```
rc-service nginx start rc-service nginx start
``` ```
```sh tab="Debian/Ubuntu" === "Debian/Ubuntu"
```
systemctl start nginx systemctl start nginx
``` ```
@ -187,7 +197,8 @@ At this point if you open your (sub)domain in a browser you should see a 502 err
### Setting up a system service ### Setting up a system service
```sh tab="Alpine" === "Alpine"
```
# Copy the service into a proper directory # Copy the service into a proper directory
cp /opt/pleroma/installation/init.d/pleroma /etc/init.d/pleroma cp /opt/pleroma/installation/init.d/pleroma /etc/init.d/pleroma
@ -196,7 +207,8 @@ rc-service pleroma start
rc-update add pleroma rc-update add pleroma
``` ```
```sh tab="Debian/Ubuntu" === "Debian/Ubuntu"
```
# Copy the service into a proper directory # Copy the service into a proper directory
cp /opt/pleroma/installation/pleroma.service /etc/systemd/system/pleroma.service cp /opt/pleroma/installation/pleroma.service /etc/systemd/system/pleroma.service
@ -223,7 +235,8 @@ $EDITOR path-to-nginx-config
nginx -t nginx -t
``` ```
```sh tab="Alpine" === "Alpine"
```
# Restart nginx # Restart nginx
rc-service nginx restart rc-service nginx restart
@ -244,7 +257,8 @@ chmod +x /etc/periodic/daily/renew-pleroma-cert
run-parts --test /etc/periodic/daily run-parts --test /etc/periodic/daily
``` ```
```sh tab="Debian/Ubuntu" === "Debian/Ubuntu"
```
# Restart nginx # Restart nginx
systemctl restart nginx systemctl restart nginx

View file

@ -0,0 +1,28 @@
#!/bin/sh
# REQUIRE: DAEMON postgresql
# PROVIDE: pleroma
# sudo -u pleroma MIX_ENV=prod elixir --erl \"-detached\" -S mix phx.server
. /etc/rc.subr
name="pleroma"
desc="Pleroma Social Media Platform"
rcvar=${name}_enable
command="/usr/local/bin/elixir"
command_args="--erl \"-detached\" -S /usr/local/bin/mix phx.server"
pidfile="/dev/null"
pleroma_user="pleroma"
pleroma_home="/home/pleroma"
pleroma_chdir="${pleroma_home}/pleroma"
pleroma_env="HOME=${pleroma_home} MIX_ENV=prod"
check_pidfile()
{
pid=$(pgrep beam.smp$)
echo -n "${pid}"
}
load_rc_config ${name}
run_rc_command "$1"

View file

@ -134,13 +134,23 @@ def run(["ensure_expiration"]) do
Pleroma.Activity Pleroma.Activity
|> join(:left, [a], u in assoc(a, :expiration)) |> join(:left, [a], u in assoc(a, :expiration))
|> join(:inner, [a, _u], o in Object,
on:
fragment(
"(?->>'id') = COALESCE((?)->'object'->> 'id', (?)->>'object')",
o.data,
a.data,
a.data
)
)
|> where(local: true) |> where(local: true)
|> where([a, u], is_nil(u)) |> where([a, u], is_nil(u))
|> where([a], fragment("(? ->> 'type'::text) = 'Create'", a.data))
|> where([_a, _u, o], fragment("?->>'type' = 'Note'", o.data))
|> Pleroma.RepoStreamer.chunk_stream(100) |> Pleroma.RepoStreamer.chunk_stream(100)
|> Stream.each(fn activities -> |> Stream.each(fn activities ->
Enum.each(activities, fn activity -> Enum.each(activities, fn activity ->
expires_at = Timex.shift(activity.inserted_at, days: days) expires_at = Timex.shift(activity.inserted_at, days: days)
Pleroma.ActivityExpiration.create(activity, expires_at, false) Pleroma.ActivityExpiration.create(activity, expires_at, false)
end) end)
end) end)

View file

@ -41,6 +41,10 @@ def run(args \\ []) do
load_pleroma() load_pleroma()
{opts, _} = OptionParser.parse!(args, strict: @switches, aliases: @aliases) {opts, _} = OptionParser.parse!(args, strict: @switches, aliases: @aliases)
if Application.get_env(:pleroma, Pleroma.Repo)[:ssl] do
Application.ensure_all_started(:ssl)
end
opts = opts =
if opts[:to] || opts[:step] || opts[:all], if opts[:to] || opts[:step] || opts[:all],
do: opts, do: opts,

View file

@ -40,6 +40,10 @@ def run(args \\ []) do
load_pleroma() load_pleroma()
{opts, _} = OptionParser.parse!(args, strict: @switches, aliases: @aliases) {opts, _} = OptionParser.parse!(args, strict: @switches, aliases: @aliases)
if Application.get_env(:pleroma, Pleroma.Repo)[:ssl] do
Application.ensure_all_started(:ssl)
end
opts = opts =
if opts[:to] || opts[:step] || opts[:all], if opts[:to] || opts[:step] || opts[:all],
do: opts, do: opts,

View file

@ -340,4 +340,10 @@ def direct_conversation_id(activity, for_user) do
_ -> nil _ -> nil
end end
end end
@spec pinned_by_actor?(Activity.t()) :: boolean()
def pinned_by_actor?(%Activity{} = activity) do
actor = user_actor(activity)
activity.id in actor.pinned_activities
end
end end

View file

@ -46,7 +46,12 @@ def due_expirations(offset \\ 0) do
ActivityExpiration ActivityExpiration
|> where([exp], exp.scheduled_at < ^naive_datetime) |> where([exp], exp.scheduled_at < ^naive_datetime)
|> limit(50)
|> preload(:activity)
|> Repo.all() |> Repo.all()
|> Enum.reject(fn %{activity: activity} ->
Activity.pinned_by_actor?(activity)
end)
end end
def validate_scheduled_at(changeset, false), do: changeset def validate_scheduled_at(changeset, false), do: changeset

View file

@ -81,6 +81,16 @@ def delete(key) do
Application.delete_env(:pleroma, key) Application.delete_env(:pleroma, key)
end end
def restrict_unauthenticated_access?(resource, kind) do
setting = get([:restrict_unauthenticated, resource, kind])
if setting in [nil, :if_instance_is_private] do
!get!([:instance, :public])
else
setting
end
end
def oauth_consumer_strategies, do: get([:auth, :oauth_consumer_strategies], []) def oauth_consumer_strategies, do: get([:auth, :oauth_consumer_strategies], [])
def oauth_consumer_enabled?, do: oauth_consumer_strategies() != [] def oauth_consumer_enabled?, do: oauth_consumer_strategies() != []

View file

@ -125,8 +125,8 @@ def fetch_object_from_id(id, options \\ []) do
defp prepare_activity_params(data) do defp prepare_activity_params(data) do
%{ %{
"type" => "Create", "type" => "Create",
"to" => data["to"], "to" => data["to"] || [],
"cc" => data["cc"], "cc" => data["cc"] || [],
# Should we seriously keep this attributedTo thing? # Should we seriously keep this attributedTo thing?
"actor" => data["actor"] || data["attributedTo"], "actor" => data["actor"] || data["attributedTo"],
"object" => data "object" => data

View file

@ -6,6 +6,10 @@ defmodule Pleroma.Upload.Filter.Mogrifun do
@behaviour Pleroma.Upload.Filter @behaviour Pleroma.Upload.Filter
alias Pleroma.Upload.Filter alias Pleroma.Upload.Filter
@moduledoc """
This module is just an example of an Upload filter. It's not supposed to be used in production.
"""
@filters [ @filters [
{"implode", "1"}, {"implode", "1"},
{"-raise", "20"}, {"-raise", "20"},

View file

@ -311,10 +311,12 @@ def visible_for(%User{} = user, for_user) do
def visible_for(_, _), do: :invisible def visible_for(_, _), do: :invisible
defp restrict_unauthenticated?(%User{local: local}) do defp restrict_unauthenticated?(%User{local: true}) do
config_key = if local, do: :local, else: :remote Config.restrict_unauthenticated_access?(:profiles, :local)
end
Config.get([:restrict_unauthenticated, :profiles, config_key], false) defp restrict_unauthenticated?(%User{local: _}) do
Config.restrict_unauthenticated_access?(:profiles, :remote)
end end
defp visible_account_status(user) do defp visible_account_status(user) do
@ -1581,6 +1583,49 @@ def update_notification_settings(%User{} = user, settings) do
|> update_and_set_cache() |> update_and_set_cache()
end end
@spec purge_user_changeset(User.t()) :: Changeset.t()
def purge_user_changeset(user) do
# "Right to be forgotten"
# https://gdpr.eu/right-to-be-forgotten/
change(user, %{
bio: nil,
raw_bio: nil,
email: nil,
name: nil,
password_hash: nil,
keys: nil,
public_key: nil,
avatar: %{},
tags: [],
last_refreshed_at: nil,
last_digest_emailed_at: nil,
banner: %{},
background: %{},
note_count: 0,
follower_count: 0,
following_count: 0,
locked: false,
confirmation_pending: false,
password_reset_pending: false,
approval_pending: false,
registration_reason: nil,
confirmation_token: nil,
domain_blocks: [],
deactivated: true,
ap_enabled: false,
is_moderator: false,
is_admin: false,
mastofe_settings: nil,
mascot: nil,
emoji: %{},
pleroma_settings_store: %{},
fields: [],
raw_fields: [],
discoverable: false,
also_known_as: []
})
end
def delete(users) when is_list(users) do def delete(users) when is_list(users) do
for user <- users, do: delete(user) for user <- users, do: delete(user)
end end
@ -1608,7 +1653,7 @@ defp delete_or_deactivate(%User{local: true} = user) do
_ -> _ ->
user user
|> change(%{deactivated: true, email: nil}) |> purge_user_changeset()
|> update_and_set_cache() |> update_and_set_cache()
end end
end end

View file

@ -285,32 +285,6 @@ def listen(%{to: to, actor: actor, context: context, object: object} = params) d
end end
end end
@spec accept(map()) :: {:ok, Activity.t()} | {:error, any()}
def accept(params) do
accept_or_reject("Accept", params)
end
@spec reject(map()) :: {:ok, Activity.t()} | {:error, any()}
def reject(params) do
accept_or_reject("Reject", params)
end
@spec accept_or_reject(String.t(), map()) :: {:ok, Activity.t()} | {:error, any()}
defp accept_or_reject(type, %{to: to, actor: actor, object: object} = params) do
local = Map.get(params, :local, true)
activity_id = Map.get(params, :activity_id, nil)
data =
%{"to" => to, "type" => type, "actor" => actor.ap_id, "object" => object}
|> Maps.put_if_present("id", activity_id)
with {:ok, activity} <- insert(data, local),
_ <- notify_and_stream(activity),
:ok <- maybe_federate(activity) do
{:ok, activity}
end
end
@spec unfollow(User.t(), User.t(), String.t() | nil, boolean()) :: @spec unfollow(User.t(), User.t(), String.t() | nil, boolean()) ::
{:ok, Activity.t()} | nil | {:error, any()} {:ok, Activity.t()} | nil | {:error, any()}
def unfollow(follower, followed, activity_id \\ nil, local \\ true) do def unfollow(follower, followed, activity_id \\ nil, local \\ true) do

View file

@ -14,6 +14,28 @@ defmodule Pleroma.Web.ActivityPub.Builder do
require Pleroma.Constants require Pleroma.Constants
def accept_or_reject(actor, activity, type) do
data = %{
"id" => Utils.generate_activity_id(),
"actor" => actor.ap_id,
"type" => type,
"object" => activity.data["id"],
"to" => [activity.actor]
}
{:ok, data, []}
end
@spec reject(User.t(), Activity.t()) :: {:ok, map(), keyword()}
def reject(actor, rejected_activity) do
accept_or_reject(actor, rejected_activity, "Reject")
end
@spec accept(User.t(), Activity.t()) :: {:ok, map(), keyword()}
def accept(actor, accepted_activity) do
accept_or_reject(actor, accepted_activity, "Accept")
end
@spec follow(User.t(), User.t()) :: {:ok, map(), keyword()} @spec follow(User.t(), User.t()) :: {:ok, map(), keyword()}
def follow(follower, followed) do def follow(follower, followed) do
data = %{ data = %{

View file

@ -13,8 +13,10 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidator do
alias Pleroma.EctoType.ActivityPub.ObjectValidators alias Pleroma.EctoType.ActivityPub.ObjectValidators
alias Pleroma.Object alias Pleroma.Object
alias Pleroma.User alias Pleroma.User
alias Pleroma.Web.ActivityPub.ObjectValidators.AcceptRejectValidator
alias Pleroma.Web.ActivityPub.ObjectValidators.AnnounceValidator alias Pleroma.Web.ActivityPub.ObjectValidators.AnnounceValidator
alias Pleroma.Web.ActivityPub.ObjectValidators.AnswerValidator alias Pleroma.Web.ActivityPub.ObjectValidators.AnswerValidator
alias Pleroma.Web.ActivityPub.ObjectValidators.AudioValidator
alias Pleroma.Web.ActivityPub.ObjectValidators.BlockValidator alias Pleroma.Web.ActivityPub.ObjectValidators.BlockValidator
alias Pleroma.Web.ActivityPub.ObjectValidators.ChatMessageValidator alias Pleroma.Web.ActivityPub.ObjectValidators.ChatMessageValidator
alias Pleroma.Web.ActivityPub.ObjectValidators.CreateChatMessageValidator alias Pleroma.Web.ActivityPub.ObjectValidators.CreateChatMessageValidator
@ -30,6 +32,17 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidator do
@spec validate(map(), keyword()) :: {:ok, map(), keyword()} | {:error, any()} @spec validate(map(), keyword()) :: {:ok, map(), keyword()} | {:error, any()}
def validate(object, meta) def validate(object, meta)
def validate(%{"type" => type} = object, meta)
when type in ~w[Accept Reject] do
with {:ok, object} <-
object
|> AcceptRejectValidator.cast_and_validate()
|> Ecto.Changeset.apply_action(:insert) do
object = stringify_keys(object)
{:ok, object, meta}
end
end
def validate(%{"type" => "Follow"} = object, meta) do def validate(%{"type" => "Follow"} = object, meta) do
with {:ok, object} <- with {:ok, object} <-
object object
@ -125,6 +138,16 @@ def validate(%{"type" => "Question"} = object, meta) do
end end
end end
def validate(%{"type" => "Audio"} = object, meta) do
with {:ok, object} <-
object
|> AudioValidator.cast_and_validate()
|> Ecto.Changeset.apply_action(:insert) do
object = stringify_keys(object)
{:ok, object, meta}
end
end
def validate(%{"type" => "Answer"} = object, meta) do def validate(%{"type" => "Answer"} = object, meta) do
with {:ok, object} <- with {:ok, object} <-
object object
@ -164,7 +187,7 @@ def validate(
%{"type" => "Create", "object" => %{"type" => objtype} = object} = create_activity, %{"type" => "Create", "object" => %{"type" => objtype} = object} = create_activity,
meta meta
) )
when objtype in ["Question", "Answer"] do when objtype in ~w[Question Answer Audio] do
with {:ok, object_data} <- cast_and_apply(object), with {:ok, object_data} <- cast_and_apply(object),
meta = Keyword.put(meta, :object_data, object_data |> stringify_keys), meta = Keyword.put(meta, :object_data, object_data |> stringify_keys),
{:ok, create_activity} <- {:ok, create_activity} <-
@ -198,6 +221,10 @@ def cast_and_apply(%{"type" => "Answer"} = object) do
AnswerValidator.cast_and_apply(object) AnswerValidator.cast_and_apply(object)
end end
def cast_and_apply(%{"type" => "Audio"} = object) do
AudioValidator.cast_and_apply(object)
end
def cast_and_apply(o), do: {:error, {:validator_not_set, o}} def cast_and_apply(o), do: {:error, {:validator_not_set, o}}
# is_struct/1 isn't present in Elixir 1.8.x # is_struct/1 isn't present in Elixir 1.8.x

View file

@ -0,0 +1,56 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.ObjectValidators.AcceptRejectValidator do
use Ecto.Schema
alias Pleroma.Activity
alias Pleroma.EctoType.ActivityPub.ObjectValidators
import Ecto.Changeset
import Pleroma.Web.ActivityPub.ObjectValidators.CommonValidations
@primary_key false
embedded_schema do
field(:id, ObjectValidators.ObjectID, primary_key: true)
field(:type, :string)
field(:object, ObjectValidators.ObjectID)
field(:actor, ObjectValidators.ObjectID)
field(:to, ObjectValidators.Recipients, default: [])
field(:cc, ObjectValidators.Recipients, default: [])
end
def cast_data(data) do
%__MODULE__{}
|> cast(data, __schema__(:fields))
end
def validate_data(cng) do
cng
|> validate_required([:id, :type, :actor, :to, :cc, :object])
|> validate_inclusion(:type, ["Accept", "Reject"])
|> validate_actor_presence()
|> validate_object_presence(allowed_types: ["Follow"])
|> validate_accept_reject_rights()
end
def cast_and_validate(data) do
data
|> cast_data
|> validate_data
end
def validate_accept_reject_rights(cng) do
with object_id when is_binary(object_id) <- get_field(cng, :object),
%Activity{data: %{"object" => followed_actor}} <- Activity.get_by_ap_id(object_id),
true <- followed_actor == get_field(cng, :actor) do
cng
else
_e ->
cng
|> add_error(:actor, "can't accept or reject the given activity")
end
end
end

View file

@ -15,16 +15,13 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidators.AnswerValidator do
embedded_schema do embedded_schema do
field(:id, ObjectValidators.ObjectID, primary_key: true) field(:id, ObjectValidators.ObjectID, primary_key: true)
field(:to, {:array, :string}, default: []) field(:to, ObjectValidators.Recipients, default: [])
field(:cc, {:array, :string}, default: []) field(:cc, ObjectValidators.Recipients, default: [])
field(:bto, ObjectValidators.Recipients, default: [])
# is this actually needed? field(:bcc, ObjectValidators.Recipients, default: [])
field(:bto, {:array, :string}, default: [])
field(:bcc, {:array, :string}, default: [])
field(:type, :string) field(:type, :string)
field(:name, :string) field(:name, :string)
field(:inReplyTo, :string) field(:inReplyTo, ObjectValidators.ObjectID)
field(:attributedTo, ObjectValidators.ObjectID) field(:attributedTo, ObjectValidators.ObjectID)
# TODO: Remove actor on objects # TODO: Remove actor on objects

View file

@ -0,0 +1,92 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.ObjectValidators.AudioValidator do
use Ecto.Schema
alias Pleroma.EctoType.ActivityPub.ObjectValidators
alias Pleroma.Web.ActivityPub.ObjectValidators.AttachmentValidator
alias Pleroma.Web.ActivityPub.ObjectValidators.CommonFixes
alias Pleroma.Web.ActivityPub.ObjectValidators.CommonValidations
import Ecto.Changeset
@primary_key false
@derive Jason.Encoder
embedded_schema do
field(:id, ObjectValidators.ObjectID, primary_key: true)
field(:to, ObjectValidators.Recipients, default: [])
field(:cc, ObjectValidators.Recipients, default: [])
field(:bto, ObjectValidators.Recipients, default: [])
field(:bcc, ObjectValidators.Recipients, default: [])
# TODO: Write type
field(:tag, {:array, :map}, default: [])
field(:type, :string)
field(:content, :string)
field(:context, :string)
# TODO: Remove actor on objects
field(:actor, ObjectValidators.ObjectID)
field(:attributedTo, ObjectValidators.ObjectID)
field(:summary, :string)
field(:published, ObjectValidators.DateTime)
# TODO: Write type
field(:emoji, :map, default: %{})
field(:sensitive, :boolean, default: false)
embeds_many(:attachment, AttachmentValidator)
field(:replies_count, :integer, default: 0)
field(:like_count, :integer, default: 0)
field(:announcement_count, :integer, default: 0)
field(:inReplyTo, :string)
field(:uri, ObjectValidators.Uri)
# short identifier for PleromaFE to group statuses by context
field(:context_id, :integer)
field(:likes, {:array, :string}, default: [])
field(:announcements, {:array, :string}, default: [])
end
def cast_and_apply(data) do
data
|> cast_data
|> apply_action(:insert)
end
def cast_and_validate(data) do
data
|> cast_data()
|> validate_data()
end
def cast_data(data) do
%__MODULE__{}
|> changeset(data)
end
defp fix(data) do
data
|> CommonFixes.fix_defaults()
|> CommonFixes.fix_attribution()
end
def changeset(struct, data) do
data = fix(data)
struct
|> cast(data, __schema__(:fields) -- [:attachment])
|> cast_embed(:attachment)
end
def validate_data(data_cng) do
data_cng
|> validate_inclusion(:type, ["Audio"])
|> validate_required([:id, :actor, :attributedTo, :type, :context])
|> CommonValidations.validate_any_presence([:cc, :to])
|> CommonValidations.validate_fields_match([:actor, :attributedTo])
|> CommonValidations.validate_actor_presence()
|> CommonValidations.validate_host_match()
end
end

View file

@ -0,0 +1,22 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.ObjectValidators.CommonFixes do
alias Pleroma.Web.ActivityPub.Utils
# based on Pleroma.Web.ActivityPub.Utils.lazy_put_objects_defaults
def fix_defaults(data) do
%{data: %{"id" => context}, id: context_id} =
Utils.create_context(data["context"] || data["conversation"])
data
|> Map.put_new("context", context)
|> Map.put_new("context_id", context_id)
end
def fix_attribution(data) do
data
|> Map.put_new("actor", data["attributedTo"])
end
end

View file

@ -16,11 +16,10 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidators.CreateNoteValidator do
field(:id, ObjectValidators.ObjectID, primary_key: true) field(:id, ObjectValidators.ObjectID, primary_key: true)
field(:actor, ObjectValidators.ObjectID) field(:actor, ObjectValidators.ObjectID)
field(:type, :string) field(:type, :string)
field(:to, {:array, :string}) field(:to, ObjectValidators.Recipients, default: [])
field(:cc, {:array, :string}) field(:cc, ObjectValidators.Recipients, default: [])
field(:bto, {:array, :string}, default: []) field(:bto, ObjectValidators.Recipients, default: [])
field(:bcc, {:array, :string}, default: []) field(:bcc, ObjectValidators.Recipients, default: [])
embeds_one(:object, NoteValidator) embeds_one(:object, NoteValidator)
end end

View file

@ -20,8 +20,8 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidators.EmojiReactValidator do
field(:actor, ObjectValidators.ObjectID) field(:actor, ObjectValidators.ObjectID)
field(:context, :string) field(:context, :string)
field(:content, :string) field(:content, :string)
field(:to, {:array, :string}, default: []) field(:to, ObjectValidators.Recipients, default: [])
field(:cc, {:array, :string}, default: []) field(:cc, ObjectValidators.Recipients, default: [])
end end
def cast_and_validate(data) do def cast_and_validate(data) do

View file

@ -13,10 +13,10 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidators.NoteValidator do
embedded_schema do embedded_schema do
field(:id, ObjectValidators.ObjectID, primary_key: true) field(:id, ObjectValidators.ObjectID, primary_key: true)
field(:to, {:array, :string}, default: []) field(:to, ObjectValidators.Recipients, default: [])
field(:cc, {:array, :string}, default: []) field(:cc, ObjectValidators.Recipients, default: [])
field(:bto, {:array, :string}, default: []) field(:bto, ObjectValidators.Recipients, default: [])
field(:bcc, {:array, :string}, default: []) field(:bcc, ObjectValidators.Recipients, default: [])
# TODO: Write type # TODO: Write type
field(:tag, {:array, :map}, default: []) field(:tag, {:array, :map}, default: [])
field(:type, :string) field(:type, :string)
@ -34,7 +34,7 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidators.NoteValidator do
field(:replies_count, :integer, default: 0) field(:replies_count, :integer, default: 0)
field(:like_count, :integer, default: 0) field(:like_count, :integer, default: 0)
field(:announcement_count, :integer, default: 0) field(:announcement_count, :integer, default: 0)
field(:inReplyTo, :string) field(:inReplyTo, ObjectValidators.ObjectID)
field(:uri, ObjectValidators.Uri) field(:uri, ObjectValidators.Uri)
field(:likes, {:array, :string}, default: []) field(:likes, {:array, :string}, default: [])

View file

@ -7,9 +7,9 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidators.QuestionValidator do
alias Pleroma.EctoType.ActivityPub.ObjectValidators alias Pleroma.EctoType.ActivityPub.ObjectValidators
alias Pleroma.Web.ActivityPub.ObjectValidators.AttachmentValidator alias Pleroma.Web.ActivityPub.ObjectValidators.AttachmentValidator
alias Pleroma.Web.ActivityPub.ObjectValidators.CommonFixes
alias Pleroma.Web.ActivityPub.ObjectValidators.CommonValidations alias Pleroma.Web.ActivityPub.ObjectValidators.CommonValidations
alias Pleroma.Web.ActivityPub.ObjectValidators.QuestionOptionsValidator alias Pleroma.Web.ActivityPub.ObjectValidators.QuestionOptionsValidator
alias Pleroma.Web.ActivityPub.Utils
import Ecto.Changeset import Ecto.Changeset
@ -19,10 +19,10 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidators.QuestionValidator do
# Extends from NoteValidator # Extends from NoteValidator
embedded_schema do embedded_schema do
field(:id, ObjectValidators.ObjectID, primary_key: true) field(:id, ObjectValidators.ObjectID, primary_key: true)
field(:to, {:array, :string}, default: []) field(:to, ObjectValidators.Recipients, default: [])
field(:cc, {:array, :string}, default: []) field(:cc, ObjectValidators.Recipients, default: [])
field(:bto, {:array, :string}, default: []) field(:bto, ObjectValidators.Recipients, default: [])
field(:bcc, {:array, :string}, default: []) field(:bcc, ObjectValidators.Recipients, default: [])
# TODO: Write type # TODO: Write type
field(:tag, {:array, :map}, default: []) field(:tag, {:array, :map}, default: [])
field(:type, :string) field(:type, :string)
@ -42,7 +42,7 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidators.QuestionValidator do
field(:replies_count, :integer, default: 0) field(:replies_count, :integer, default: 0)
field(:like_count, :integer, default: 0) field(:like_count, :integer, default: 0)
field(:announcement_count, :integer, default: 0) field(:announcement_count, :integer, default: 0)
field(:inReplyTo, :string) field(:inReplyTo, ObjectValidators.ObjectID)
field(:uri, ObjectValidators.Uri) field(:uri, ObjectValidators.Uri)
# short identifier for PleromaFE to group statuses by context # short identifier for PleromaFE to group statuses by context
field(:context_id, :integer) field(:context_id, :integer)
@ -81,27 +81,11 @@ defp fix_closed(data) do
end end
end end
# based on Pleroma.Web.ActivityPub.Utils.lazy_put_objects_defaults
defp fix_defaults(data) do
%{data: %{"id" => context}, id: context_id} =
Utils.create_context(data["context"] || data["conversation"])
data
|> Map.put_new_lazy("published", &Utils.make_date/0)
|> Map.put_new("context", context)
|> Map.put_new("context_id", context_id)
end
defp fix_attribution(data) do
data
|> Map.put_new("actor", data["attributedTo"])
end
defp fix(data) do defp fix(data) do
data data
|> fix_attribution() |> CommonFixes.fix_defaults()
|> CommonFixes.fix_attribution()
|> fix_closed() |> fix_closed()
|> fix_defaults()
end end
def changeset(struct, data) do def changeset(struct, data) do
@ -117,7 +101,7 @@ def changeset(struct, data) do
def validate_data(data_cng) do def validate_data(data_cng) do
data_cng data_cng
|> validate_inclusion(:type, ["Question"]) |> validate_inclusion(:type, ["Question"])
|> validate_required([:id, :actor, :attributedTo, :type, :context]) |> validate_required([:id, :actor, :attributedTo, :type, :context, :context_id])
|> CommonValidations.validate_any_presence([:cc, :to]) |> CommonValidations.validate_any_presence([:cc, :to])
|> CommonValidations.validate_fields_match([:actor, :attributedTo]) |> CommonValidations.validate_fields_match([:actor, :attributedTo])
|> CommonValidations.validate_actor_presence() |> CommonValidations.validate_actor_presence()

View file

@ -18,8 +18,8 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidators.UndoValidator do
field(:type, :string) field(:type, :string)
field(:object, ObjectValidators.ObjectID) field(:object, ObjectValidators.ObjectID)
field(:actor, ObjectValidators.ObjectID) field(:actor, ObjectValidators.ObjectID)
field(:to, {:array, :string}, default: []) field(:to, ObjectValidators.Recipients, default: [])
field(:cc, {:array, :string}, default: []) field(:cc, ObjectValidators.Recipients, default: [])
end end
def cast_and_validate(data) do def cast_and_validate(data) do

View file

@ -16,14 +16,70 @@ defmodule Pleroma.Web.ActivityPub.SideEffects do
alias Pleroma.Repo alias Pleroma.Repo
alias Pleroma.User alias Pleroma.User
alias Pleroma.Web.ActivityPub.ActivityPub alias Pleroma.Web.ActivityPub.ActivityPub
alias Pleroma.Web.ActivityPub.Builder
alias Pleroma.Web.ActivityPub.Pipeline alias Pleroma.Web.ActivityPub.Pipeline
alias Pleroma.Web.ActivityPub.Utils alias Pleroma.Web.ActivityPub.Utils
alias Pleroma.Web.Push alias Pleroma.Web.Push
alias Pleroma.Web.Streamer alias Pleroma.Web.Streamer
alias Pleroma.Workers.BackgroundWorker alias Pleroma.Workers.BackgroundWorker
require Logger
def handle(object, meta \\ []) def handle(object, meta \\ [])
# Task this handles
# - Follows
# - Sends a notification
def handle(
%{
data: %{
"actor" => actor,
"type" => "Accept",
"object" => follow_activity_id
}
} = object,
meta
) do
with %Activity{actor: follower_id} = follow_activity <-
Activity.get_by_ap_id(follow_activity_id),
%User{} = followed <- User.get_cached_by_ap_id(actor),
%User{} = follower <- User.get_cached_by_ap_id(follower_id),
{:ok, follow_activity} <- Utils.update_follow_state_for_all(follow_activity, "accept"),
{:ok, _relationship} <- FollowingRelationship.update(follower, followed, :follow_accept) do
Notification.update_notification_type(followed, follow_activity)
User.update_follower_count(followed)
User.update_following_count(follower)
end
{:ok, object, meta}
end
# Task this handles
# - Rejects all existing follow activities for this person
# - Updates the follow state
# - Dismisses notification
def handle(
%{
data: %{
"actor" => actor,
"type" => "Reject",
"object" => follow_activity_id
}
} = object,
meta
) do
with %Activity{actor: follower_id} = follow_activity <-
Activity.get_by_ap_id(follow_activity_id),
%User{} = followed <- User.get_cached_by_ap_id(actor),
%User{} = follower <- User.get_cached_by_ap_id(follower_id),
{:ok, _follow_activity} <- Utils.update_follow_state_for_all(follow_activity, "reject") do
FollowingRelationship.update(follower, followed, :follow_reject)
Notification.dismiss(follow_activity)
end
{:ok, object, meta}
end
# Tasks this handle # Tasks this handle
# - Follows if possible # - Follows if possible
# - Sends a notification # - Sends a notification
@ -44,33 +100,13 @@ def handle(
{_, {:ok, _}, _, _} <- {_, {:ok, _}, _, _} <-
{:following, User.follow(follower, followed, :follow_pending), follower, followed} do {:following, User.follow(follower, followed, :follow_pending), follower, followed} do
if followed.local && !followed.locked do if followed.local && !followed.locked do
Utils.update_follow_state_for_all(object, "accept") {:ok, accept_data, _} = Builder.accept(followed, object)
FollowingRelationship.update(follower, followed, :follow_accept) {:ok, _activity, _} = Pipeline.common_pipeline(accept_data, local: true)
User.update_follower_count(followed)
User.update_following_count(follower)
%{
to: [following_user],
actor: followed,
object: follow_id,
local: true
}
|> ActivityPub.accept()
end end
else else
{:following, {:error, _}, follower, followed} -> {:following, {:error, _}, _follower, followed} ->
Utils.update_follow_state_for_all(object, "reject") {:ok, reject_data, _} = Builder.reject(followed, object)
FollowingRelationship.update(follower, followed, :follow_reject) {:ok, _activity, _} = Pipeline.common_pipeline(reject_data, local: true)
if followed.local do
%{
to: [follower.ap_id],
actor: followed,
object: follow_id,
local: true
}
|> ActivityPub.reject()
end
_ -> _ ->
nil nil
@ -217,13 +253,15 @@ def handle(%{data: %{"type" => "EmojiReact"}} = object, meta) do
# - Stream out the activity # - Stream out the activity
def handle(%{data: %{"type" => "Delete", "object" => deleted_object}} = object, meta) do def handle(%{data: %{"type" => "Delete", "object" => deleted_object}} = object, meta) do
deleted_object = deleted_object =
Object.normalize(deleted_object, false) || User.get_cached_by_ap_id(deleted_object) Object.normalize(deleted_object, false) ||
User.get_cached_by_ap_id(deleted_object)
result = result =
case deleted_object do case deleted_object do
%Object{} -> %Object{} ->
with {:ok, deleted_object, activity} <- Object.delete(deleted_object), with {:ok, deleted_object, activity} <- Object.delete(deleted_object),
%User{} = user <- User.get_cached_by_ap_id(deleted_object.data["actor"]) do {_, actor} when is_binary(actor) <- {:actor, deleted_object.data["actor"]},
%User{} = user <- User.get_cached_by_ap_id(actor) do
User.remove_pinnned_activity(user, activity) User.remove_pinnned_activity(user, activity)
{:ok, user} = ActivityPub.decrease_note_count_if_public(user, deleted_object) {:ok, user} = ActivityPub.decrease_note_count_if_public(user, deleted_object)
@ -237,6 +275,10 @@ def handle(%{data: %{"type" => "Delete", "object" => deleted_object}} = object,
ActivityPub.stream_out(object) ActivityPub.stream_out(object)
ActivityPub.stream_out_participations(deleted_object, user) ActivityPub.stream_out_participations(deleted_object, user)
:ok :ok
else
{:actor, _} ->
Logger.error("The object doesn't have an actor: #{inspect(deleted_object)}")
:no_object_actor
end end
%User{} -> %User{} ->
@ -298,7 +340,8 @@ def handle_object_creation(%{"type" => "Answer"} = object_map, meta) do
end end
end end
def handle_object_creation(%{"type" => "Question"} = object, meta) do def handle_object_creation(%{"type" => objtype} = object, meta)
when objtype in ~w[Audio Question] do
with {:ok, object, meta} <- Pipeline.common_pipeline(object, meta) do with {:ok, object, meta} <- Pipeline.common_pipeline(object, meta) do
{:ok, object, meta} {:ok, object, meta}
end end

View file

@ -9,9 +9,7 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier do
alias Pleroma.Activity alias Pleroma.Activity
alias Pleroma.EarmarkRenderer alias Pleroma.EarmarkRenderer
alias Pleroma.EctoType.ActivityPub.ObjectValidators alias Pleroma.EctoType.ActivityPub.ObjectValidators
alias Pleroma.FollowingRelationship
alias Pleroma.Maps alias Pleroma.Maps
alias Pleroma.Notification
alias Pleroma.Object alias Pleroma.Object
alias Pleroma.Object.Containment alias Pleroma.Object.Containment
alias Pleroma.Repo alias Pleroma.Repo
@ -391,32 +389,6 @@ defp fix_content(%{"mediaType" => "text/markdown", "content" => content} = objec
defp fix_content(object), do: object defp fix_content(object), do: object
defp mastodon_follow_hack(%{"id" => id, "actor" => follower_id}, followed) do
with true <- id =~ "follows",
%User{local: true} = follower <- User.get_cached_by_ap_id(follower_id),
%Activity{} = activity <- Utils.fetch_latest_follow(follower, followed) do
{:ok, activity}
else
_ -> {:error, nil}
end
end
defp mastodon_follow_hack(_, _), do: {:error, nil}
defp get_follow_activity(follow_object, followed) do
with object_id when not is_nil(object_id) <- Utils.get_ap_id(follow_object),
{_, %Activity{} = activity} <- {:activity, Activity.get_by_ap_id(object_id)} do
{:ok, activity}
else
# Can't find the activity. This might a Mastodon 2.3 "Accept"
{:activity, nil} ->
mastodon_follow_hack(follow_object, followed)
_ ->
{:error, nil}
end
end
# Reduce the object list to find the reported user. # Reduce the object list to find the reported user.
defp get_reported(objects) do defp get_reported(objects) do
Enum.reduce_while(objects, nil, fn ap_id, _ -> Enum.reduce_while(objects, nil, fn ap_id, _ ->
@ -489,7 +461,7 @@ def handle_incoming(
%{"type" => "Create", "object" => %{"type" => objtype} = object} = data, %{"type" => "Create", "object" => %{"type" => objtype} = object} = data,
options options
) )
when objtype in ["Article", "Event", "Note", "Video", "Page", "Audio"] do when objtype in ~w{Article Event Note Video Page} do
actor = Containment.get_actor(data) actor = Containment.get_actor(data)
with nil <- Activity.get_create_by_object_ap_id(object["id"]), with nil <- Activity.get_create_by_object_ap_id(object["id"]),
@ -551,60 +523,6 @@ def handle_incoming(
end end
end end
def handle_incoming(
%{"type" => "Accept", "object" => follow_object, "actor" => _actor, "id" => id} = data,
_options
) do
with actor <- Containment.get_actor(data),
{:ok, %User{} = followed} <- User.get_or_fetch_by_ap_id(actor),
{:ok, follow_activity} <- get_follow_activity(follow_object, followed),
{:ok, follow_activity} <- Utils.update_follow_state_for_all(follow_activity, "accept"),
%User{local: true} = follower <- User.get_cached_by_ap_id(follow_activity.data["actor"]),
{:ok, _relationship} <- FollowingRelationship.update(follower, followed, :follow_accept) do
User.update_follower_count(followed)
User.update_following_count(follower)
Notification.update_notification_type(followed, follow_activity)
ActivityPub.accept(%{
to: follow_activity.data["to"],
type: "Accept",
actor: followed,
object: follow_activity.data["id"],
local: false,
activity_id: id
})
else
_e ->
:error
end
end
def handle_incoming(
%{"type" => "Reject", "object" => follow_object, "actor" => _actor, "id" => id} = data,
_options
) do
with actor <- Containment.get_actor(data),
{:ok, %User{} = followed} <- User.get_or_fetch_by_ap_id(actor),
{:ok, follow_activity} <- get_follow_activity(follow_object, followed),
{:ok, follow_activity} <- Utils.update_follow_state_for_all(follow_activity, "reject"),
%User{local: true} = follower <- User.get_cached_by_ap_id(follow_activity.data["actor"]),
{:ok, _relationship} <- FollowingRelationship.update(follower, followed, :follow_reject),
{:ok, activity} <-
ActivityPub.reject(%{
to: follow_activity.data["to"],
type: "Reject",
actor: followed,
object: follow_activity.data["id"],
local: false,
activity_id: id
}) do
{:ok, activity}
else
_e -> :error
end
end
@misskey_reactions %{ @misskey_reactions %{
"like" => "👍", "like" => "👍",
"love" => "❤️", "love" => "❤️",
@ -637,7 +555,7 @@ def handle_incoming(
%{"type" => "Create", "object" => %{"type" => objtype}} = data, %{"type" => "Create", "object" => %{"type" => objtype}} = data,
_options _options
) )
when objtype in ["Question", "Answer", "ChatMessage"] do when objtype in ~w{Question Answer ChatMessage Audio} do
with {:ok, %User{}} <- ObjectValidator.fetch_actor(data), with {:ok, %User{}} <- ObjectValidator.fetch_actor(data),
{:ok, activity, _} <- Pipeline.common_pipeline(data, local: false) do {:ok, activity, _} <- Pipeline.common_pipeline(data, local: false) do
{:ok, activity} {:ok, activity}
@ -659,9 +577,10 @@ def handle_incoming(
%{"type" => type} = data, %{"type" => type} = data,
_options _options
) )
when type in ~w{Update Block Follow} do when type in ~w{Update Block Follow Accept Reject} do
with {:ok, %User{}} <- ObjectValidator.fetch_actor(data), with {:ok, %User{}} <- ObjectValidator.fetch_actor(data),
{:ok, activity, _} <- Pipeline.common_pipeline(data, local: false) do {:ok, activity, _} <-
Pipeline.common_pipeline(data, local: false) do
{:ok, activity} {:ok, activity}
end end
end end
@ -670,7 +589,8 @@ def handle_incoming(
%{"type" => "Delete"} = data, %{"type" => "Delete"} = data,
_options _options
) do ) do
with {:ok, activity, _} <- Pipeline.common_pipeline(data, local: false) do with {:ok, activity, _} <-
Pipeline.common_pipeline(data, local: false) do
{:ok, activity} {:ok, activity}
else else
{:error, {:validate_object, _}} = e -> {:error, {:validate_object, _}} = e ->

View file

@ -59,12 +59,9 @@ def visible_for_user?(%{data: %{"listMessage" => list_ap_id}} = activity, %User{
end end
def visible_for_user?(%{local: local} = activity, nil) do def visible_for_user?(%{local: local} = activity, nil) do
cfg_key = cfg_key = if local, do: :local, else: :remote
if local,
do: :local,
else: :remote
if Pleroma.Config.get([:restrict_unauthenticated, :activities, cfg_key]), if Pleroma.Config.restrict_unauthenticated_access?(:activities, cfg_key),
do: false, do: false,
else: is_public?(activity) else: is_public?(activity)
end end

View file

@ -26,29 +26,40 @@ defmodule Pleroma.Web.AdminAPI.MediaProxyCacheController do
defdelegate open_api_operation(action), to: Spec.MediaProxyCacheOperation defdelegate open_api_operation(action), to: Spec.MediaProxyCacheOperation
def index(%{assigns: %{user: _}} = conn, params) do def index(%{assigns: %{user: _}} = conn, params) do
cursor = entries = fetch_entries(params)
:banned_urls_cache urls = paginate_entries(entries, params.page, params.page_size)
|> :ets.table([{:traverse, {:select, Cachex.Query.create(true, :key)}}])
|> :qlc.cursor()
urls = render(conn, "index.json",
case params.page do urls: urls,
1 -> page_size: params.page_size,
:qlc.next_answers(cursor, params.page_size) count: length(entries)
)
_ ->
:qlc.next_answers(cursor, (params.page - 1) * params.page_size)
:qlc.next_answers(cursor, params.page_size)
end end
:qlc.delete_cursor(cursor) defp fetch_entries(params) do
MediaProxy.cache_table()
|> Cachex.stream!(Cachex.Query.create(true, :key))
|> filter_entries(params[:query])
end
render(conn, "index.json", urls: urls) defp filter_entries(stream, query) when is_binary(query) do
regex = ~r/#{query}/i
stream
|> Enum.filter(fn url -> String.match?(url, regex) end)
|> Enum.to_list()
end
defp filter_entries(stream, _), do: Enum.to_list(stream)
defp paginate_entries(entries, page, page_size) do
offset = page_size * (page - 1)
Enum.slice(entries, offset, page_size)
end end
def delete(%{assigns: %{user: _}, body_params: %{urls: urls}} = conn, _) do def delete(%{assigns: %{user: _}, body_params: %{urls: urls}} = conn, _) do
MediaProxy.remove_from_banned_urls(urls) MediaProxy.remove_from_banned_urls(urls)
render(conn, "index.json", urls: urls) json(conn, %{})
end end
def purge(%{assigns: %{user: _}, body_params: %{urls: urls, ban: ban}} = conn, _) do def purge(%{assigns: %{user: _}, body_params: %{urls: urls, ban: ban}} = conn, _) do
@ -58,6 +69,6 @@ def purge(%{assigns: %{user: _}, body_params: %{urls: urls, ban: ban}} = conn, _
MediaProxy.put_in_banned_urls(urls) MediaProxy.put_in_banned_urls(urls)
end end
render(conn, "index.json", urls: urls) json(conn, %{})
end end
end end

View file

@ -5,7 +5,11 @@
defmodule Pleroma.Web.AdminAPI.MediaProxyCacheView do defmodule Pleroma.Web.AdminAPI.MediaProxyCacheView do
use Pleroma.Web, :view use Pleroma.Web, :view
def render("index.json", %{urls: urls}) do def render("index.json", %{urls: urls, page_size: page_size, count: count}) do
%{urls: urls} %{
urls: urls,
count: count,
page_size: page_size
}
end end
end end

View file

@ -21,6 +21,12 @@ def index_operation do
operationId: "AdminAPI.MediaProxyCacheController.index", operationId: "AdminAPI.MediaProxyCacheController.index",
security: [%{"oAuth" => ["read:media_proxy_caches"]}], security: [%{"oAuth" => ["read:media_proxy_caches"]}],
parameters: [ parameters: [
Operation.parameter(
:query,
:query,
%Schema{type: :string, default: nil},
"Page"
),
Operation.parameter( Operation.parameter(
:page, :page,
:query, :query,
@ -36,7 +42,26 @@ def index_operation do
| admin_api_params() | admin_api_params()
], ],
responses: %{ responses: %{
200 => success_response() 200 =>
Operation.response(
"Array of banned MediaProxy URLs in Cachex",
"application/json",
%Schema{
type: :object,
properties: %{
count: %Schema{type: :integer},
page_size: %Schema{type: :integer},
urls: %Schema{
type: :array,
items: %Schema{
type: :string,
format: :uri,
description: "MediaProxy URLs"
}
}
}
}
)
} }
} }
end end
@ -61,7 +86,7 @@ def delete_operation do
required: true required: true
), ),
responses: %{ responses: %{
200 => success_response(), 200 => empty_object_response(),
400 => Operation.response("Error", "application/json", ApiError) 400 => Operation.response("Error", "application/json", ApiError)
} }
} }
@ -88,25 +113,9 @@ def purge_operation do
required: true required: true
), ),
responses: %{ responses: %{
200 => success_response(), 200 => empty_object_response(),
400 => Operation.response("Error", "application/json", ApiError) 400 => Operation.response("Error", "application/json", ApiError)
} }
} }
end end
defp success_response do
Operation.response("Array of banned MediaProxy URLs in Cachex", "application/json", %Schema{
type: :object,
properties: %{
urls: %Schema{
type: :array,
items: %Schema{
type: :string,
format: :uri,
description: "MediaProxy URLs"
}
}
}
})
end
end end

View file

@ -6,9 +6,7 @@ defmodule Pleroma.Web.CommonAPI do
alias Pleroma.Activity alias Pleroma.Activity
alias Pleroma.ActivityExpiration alias Pleroma.ActivityExpiration
alias Pleroma.Conversation.Participation alias Pleroma.Conversation.Participation
alias Pleroma.FollowingRelationship
alias Pleroma.Formatter alias Pleroma.Formatter
alias Pleroma.Notification
alias Pleroma.Object alias Pleroma.Object
alias Pleroma.ThreadMute alias Pleroma.ThreadMute
alias Pleroma.User alias Pleroma.User
@ -122,33 +120,16 @@ def unfollow(follower, unfollowed) do
def accept_follow_request(follower, followed) do def accept_follow_request(follower, followed) do
with %Activity{} = follow_activity <- Utils.fetch_latest_follow(follower, followed), with %Activity{} = follow_activity <- Utils.fetch_latest_follow(follower, followed),
{:ok, follower} <- User.follow(follower, followed), {:ok, accept_data, _} <- Builder.accept(followed, follow_activity),
{:ok, follow_activity} <- Utils.update_follow_state_for_all(follow_activity, "accept"), {:ok, _activity, _} <- Pipeline.common_pipeline(accept_data, local: true) do
{:ok, _relationship} <- FollowingRelationship.update(follower, followed, :follow_accept),
{:ok, _activity} <-
ActivityPub.accept(%{
to: [follower.ap_id],
actor: followed,
object: follow_activity.data["id"],
type: "Accept"
}) do
Notification.update_notification_type(followed, follow_activity)
{:ok, follower} {:ok, follower}
end end
end end
def reject_follow_request(follower, followed) do def reject_follow_request(follower, followed) do
with %Activity{} = follow_activity <- Utils.fetch_latest_follow(follower, followed), with %Activity{} = follow_activity <- Utils.fetch_latest_follow(follower, followed),
{:ok, follow_activity} <- Utils.update_follow_state_for_all(follow_activity, "reject"), {:ok, reject_data, _} <- Builder.reject(followed, follow_activity),
{:ok, _relationship} <- FollowingRelationship.update(follower, followed, :follow_reject), {:ok, _activity, _} <- Pipeline.common_pipeline(reject_data, local: true) do
{:ok, _notifications} <- Notification.dismiss(follow_activity),
{:ok, _activity} <-
ActivityPub.reject(%{
to: [follower.ap_id],
actor: followed,
object: follow_activity.data["id"],
type: "Reject"
}) do
{:ok, follower} {:ok, follower}
end end
end end

View file

@ -8,6 +8,7 @@ defmodule Pleroma.Web.MastodonAPI.TimelineController do
import Pleroma.Web.ControllerHelper, import Pleroma.Web.ControllerHelper,
only: [add_link_headers: 2, add_link_headers: 3] only: [add_link_headers: 2, add_link_headers: 3]
alias Pleroma.Config
alias Pleroma.Pagination alias Pleroma.Pagination
alias Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug alias Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug
alias Pleroma.Plugs.OAuthScopesPlug alias Pleroma.Plugs.OAuthScopesPlug
@ -89,11 +90,11 @@ def direct(%{assigns: %{user: user}} = conn, params) do
end end
defp restrict_unauthenticated?(true = _local_only) do defp restrict_unauthenticated?(true = _local_only) do
Pleroma.Config.get([:restrict_unauthenticated, :timelines, :local]) Config.restrict_unauthenticated_access?(:timelines, :local)
end end
defp restrict_unauthenticated?(_) do defp restrict_unauthenticated?(_) do
Pleroma.Config.get([:restrict_unauthenticated, :timelines, :federated]) Config.restrict_unauthenticated_access?(:timelines, :federated)
end end
# GET /api/v1/timelines/public # GET /api/v1/timelines/public

View file

@ -9,28 +9,31 @@ defmodule Pleroma.Web.MediaProxy do
alias Pleroma.Web.MediaProxy.Invalidation alias Pleroma.Web.MediaProxy.Invalidation
@base64_opts [padding: false] @base64_opts [padding: false]
@cache_table :banned_urls_cache
def cache_table, do: @cache_table
@spec in_banned_urls(String.t()) :: boolean() @spec in_banned_urls(String.t()) :: boolean()
def in_banned_urls(url), do: elem(Cachex.exists?(:banned_urls_cache, url(url)), 1) def in_banned_urls(url), do: elem(Cachex.exists?(@cache_table, url(url)), 1)
def remove_from_banned_urls(urls) when is_list(urls) do def remove_from_banned_urls(urls) when is_list(urls) do
Cachex.execute!(:banned_urls_cache, fn cache -> Cachex.execute!(@cache_table, fn cache ->
Enum.each(Invalidation.prepare_urls(urls), &Cachex.del(cache, &1)) Enum.each(Invalidation.prepare_urls(urls), &Cachex.del(cache, &1))
end) end)
end end
def remove_from_banned_urls(url) when is_binary(url) do def remove_from_banned_urls(url) when is_binary(url) do
Cachex.del(:banned_urls_cache, url(url)) Cachex.del(@cache_table, url(url))
end end
def put_in_banned_urls(urls) when is_list(urls) do def put_in_banned_urls(urls) when is_list(urls) do
Cachex.execute!(:banned_urls_cache, fn cache -> Cachex.execute!(@cache_table, fn cache ->
Enum.each(Invalidation.prepare_urls(urls), &Cachex.put(cache, &1, true)) Enum.each(Invalidation.prepare_urls(urls), &Cachex.put(cache, &1, true))
end) end)
end end
def put_in_banned_urls(url) when is_binary(url) do def put_in_banned_urls(url) when is_binary(url) do
Cachex.put(:banned_urls_cache, url(url), true) Cachex.put(@cache_table, url(url), true)
end end
def url(url) when is_nil(url) or url == "", do: nil def url(url) when is_nil(url) or url == "", do: nil

View file

@ -16,7 +16,7 @@ def generate_terms(params) do
end end
def build_public_tag(acc, params) do def build_public_tag(acc, params) do
if Pleroma.Config.get([:restrict_unauthenticated, :timelines, :federated], true) do if Pleroma.Config.restrict_unauthenticated_access?(:timelines, :federated) do
acc acc
else else
Map.put(acc, @public_url, public_timeline(params)) Map.put(acc, @public_url, public_timeline(params))

View file

@ -16,8 +16,8 @@ defmodule Pleroma.Workers.Cron.ClearOauthTokenWorker do
def perform(_job) do def perform(_job) do
if Config.get([:oauth2, :clean_expired_tokens], false) do if Config.get([:oauth2, :clean_expired_tokens], false) do
Token.delete_expired_tokens() Token.delete_expired_tokens()
else end
:ok :ok
end end
end end
end

View file

@ -37,9 +37,9 @@ def perform(_job) do
) )
|> Repo.all() |> Repo.all()
|> send_emails |> send_emails
else
:ok
end end
:ok
end end
def send_emails(users) do def send_emails(users) do

View file

@ -55,11 +55,9 @@ def perform(_job) do
|> Repo.all() |> Repo.all()
|> Enum.map(&Pleroma.Emails.NewUsersDigestEmail.new_users(&1, users_and_statuses)) |> Enum.map(&Pleroma.Emails.NewUsersDigestEmail.new_users(&1, users_and_statuses))
|> Enum.each(&Pleroma.Emails.Mailer.deliver/1) |> Enum.each(&Pleroma.Emails.Mailer.deliver/1)
else
:ok
end end
else end
:ok :ok
end end
end end
end

View file

@ -23,9 +23,9 @@ defmodule Pleroma.Workers.Cron.PurgeExpiredActivitiesWorker do
def perform(_job) do def perform(_job) do
if Config.get([ActivityExpiration, :enabled]) do if Config.get([ActivityExpiration, :enabled]) do
Enum.each(ActivityExpiration.due_expirations(@interval), &delete_activity/1) Enum.each(ActivityExpiration.due_expirations(@interval), &delete_activity/1)
else
:ok
end end
after
:ok
end end
def delete_activity(%ActivityExpiration{activity_id: activity_id}) do def delete_activity(%ActivityExpiration{activity_id: activity_id}) do

View file

@ -12,5 +12,6 @@ defmodule Pleroma.Workers.Cron.StatsWorker do
@impl Oban.Worker @impl Oban.Worker
def perform(_job) do def perform(_job) do
Pleroma.Stats.do_collect() Pleroma.Stats.do_collect()
:ok
end end
end end

View file

@ -0,0 +1,19 @@
defmodule Pleroma.Repo.Migrations.OnlyExpireCreates do
use Ecto.Migration
def up do
statement = """
DELETE FROM
activity_expirations a_exp USING activities a, objects o
WHERE
a_exp.activity_id = a.id AND (o.data->>'id') = COALESCE(a.data->'object'->>'id', a.data->>'object')
AND (a.data->>'type' != 'Create' OR o.data->>'type' != 'Note');
"""
execute(statement)
end
def down do
:ok
end
end

View file

@ -0,0 +1,19 @@
defmodule Pleroma.Repo.Migrations.ApIdNotNull do
use Ecto.Migration
require Logger
def up do
Logger.warn(
"If this migration fails please open an issue at https://git.pleroma.social/pleroma/pleroma/-/issues/new \n"
)
alter table(:users) do
modify(:ap_id, :string, null: false)
end
end
def down do
:ok
end
end

View file

@ -0,0 +1,7 @@
defmodule Pleroma.Repo.Migrations.AddInvisibleIndexToUsers do
use Ecto.Migration
def change do
create(index(:users, [:invisible]))
end
end

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

View file

@ -1 +1 @@
<!DOCTYPE html><html><head><meta charset=utf-8><meta http-equiv=X-UA-Compatible content="IE=edge,chrome=1"><meta name=renderer content=webkit><meta name=viewport content="width=device-width,initial-scale=1,maximum-scale=1,user-scalable=no"><title>Admin FE</title><link rel="shortcut icon" href=favicon.ico><link href=chunk-elementUI.1abbc9b8.css rel=stylesheet><link href=chunk-libs.686b5876.css rel=stylesheet><link href=app.01bdb34a.css rel=stylesheet></head><body><div id=app></div><script type=text/javascript src=static/js/runtime.0a70a9f5.js></script><script type=text/javascript src=static/js/chunk-elementUI.fba0efec.js></script><script type=text/javascript src=static/js/chunk-libs.b8c453ab.js></script><script type=text/javascript src=static/js/app.f220ac13.js></script></body></html> <!DOCTYPE html><html><head><meta charset=utf-8><meta http-equiv=X-UA-Compatible content="IE=edge,chrome=1"><meta name=renderer content=webkit><meta name=viewport content="width=device-width,initial-scale=1,maximum-scale=1,user-scalable=no"><title>Admin FE</title><link rel="shortcut icon" href=favicon.ico><link href=chunk-elementUI.1abbc9b8.css rel=stylesheet><link href=chunk-libs.5cf7f50a.css rel=stylesheet><link href=app.61bb0915.css rel=stylesheet></head><body><div id=app></div><script type=text/javascript src=static/js/runtime.ba9393f3.js></script><script type=text/javascript src=static/js/chunk-elementUI.2de79b84.js></script><script type=text/javascript src=static/js/chunk-libs.76802be9.js></script><script type=text/javascript src=static/js/app.86bfcdf3.js></script></body></html>

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Some files were not shown because too many files have changed in this diff Show more