Compare commits

...

18 commits

Author SHA1 Message Date
8c956bc671 Add OnlyMedia upload filter change to changelog 2023-06-28 01:56:34 +01:00
5144d6f4ba Add OnlyMedia Upload Filter to simplify restricting uploads to audio, image, and video types
Original: https://git.pleroma.social/pleroma/pleroma/-/merge_requests/3897
2023-06-28 01:56:14 +01:00
3e4a279a1b Merge pull request 'Implement blocklists for MediaProxy' (#574) from XxXCertifiedForkliftDriverXxX/akkoma:feature/mediaproxy-blocklist into develop
Reviewed-on: AkkomaGang/akkoma#574
2023-06-28 00:54:25 +00:00
fc87baf1cf Merge pull request 'Use OS CA store for Mint HTTP connections' (#573) from XxXCertifiedForkliftDriverXxX/akkoma:fix/use-os-certs into develop
Reviewed-on: AkkomaGang/akkoma#573
2023-06-28 00:52:26 +00:00
XxXCertifiedForkliftDriverXxX
767e1272b3 Use OS CA store for Mint HTTP connections 2023-06-26 15:50:49 +02:00
XxXCertifiedForkliftDriverXxX
07b478dc49 Implement blocklists for MediaProxy 2023-06-26 15:18:31 +02:00
67cae52b08 Merge pull request 'Add asdf install guide for debian/ubuntu' (#559) from norm/akkoma:asdf into develop
Reviewed-on: AkkomaGang/akkoma#559
2023-06-26 12:58:01 +00:00
4db42f5ab5 Merge pull request 'Adapt some migrations so they can be rolled back' (#565) from ilja/akkoma:fix_some_migrations_for_rollback into develop
Reviewed-on: AkkomaGang/akkoma#565
2023-06-26 12:52:22 +00:00
145191ef26 Merge pull request 'Update docker compose commands to Compose V2' (#570) from norm/akkoma:docker-compose into develop
Reviewed-on: AkkomaGang/akkoma#570
2023-06-26 12:37:38 +00:00
6674b33d75
update docs with new docker compose commands 2023-06-18 01:44:25 -04:00
2dfce40117
Update docker compose commands to Compose V2
This just replaces all instances of `docker-compose` with `docker
compose` in the docker scripts.

The old Compose V1 program is unsupported since 2021:
https://docs.docker.com/compose/migrate/#will-i-still-be-able-to-use-compose-v1-if-i-really-want-to
2023-06-18 01:37:40 -04:00
5e3ca133f2
reword to not mention specific elixir version 2023-06-11 08:46:56 -04:00
ilja
3a13f91fff Adapt some migrations so they can be rolled back
This is useful for people who want to migrate back to Pleroma.
It's also added in the docs, but also noted that this is barely tested and to be used at their own risk.
2023-06-09 22:02:26 +02:00
5ce38591e5
fix typo 2023-05-31 09:03:25 -04:00
2482d96782
remove one more java dep 2023-05-31 08:59:03 -04:00
f68b047bf7
remove java and gui dependencies 2023-05-31 08:46:05 -04:00
48a0145736
add command to restart shell 2023-05-30 21:21:44 -04:00
d956dc2f09
Add asdf install guide for debian/ubuntu
Closes #557
2023-05-30 21:17:26 -04:00
23 changed files with 265 additions and 49 deletions

View file

@ -4,6 +4,12 @@ All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
## Unreleased
- Added a new configuration option to the MediaProxy feature that allows the blocking of specific domains from using the media proxy or being explicitly allowed by the Content-Security-Policy.
- Please make sure instances you wanted to block media from are not in the MediaProxy `whitelist`, and instead use `blocklist`.
- `OnlyMedia` Upload Filter to simplify restricting uploads to audio, image, and video types
## 2023.05
## Added

View file

@ -443,7 +443,8 @@
# Note: max_read_duration defaults to Pleroma.ReverseProxy.max_read_duration_default/1
max_read_duration: 30_000
],
whitelist: []
whitelist: [],
blocklist: []
config :pleroma, Pleroma.Web.MediaProxy.Invalidation.Http,
method: :purge,

View file

@ -1558,7 +1558,21 @@
%{
key: :whitelist,
type: {:list, :string},
description: "List of hosts with scheme to bypass the MediaProxy",
description: """
List of hosts with scheme to bypass the MediaProxy.\n
The media will be fetched by the client, directly from the remote server.\n
To allow this, it will Content-Security-Policy exceptions for each instance listed.\n
This is to be used for instances you trust and do not want to cache media for.
""",
suggestions: ["http://example.com"]
},
%{
key: :blocklist,
type: {:list, :string},
description: """
List of hosts with scheme which will not go through the MediaProxy, and will not be explicitly allowed by the Content-Security-Policy.
This is to be used for instances where you do not want their media to go through your server or to be accessed by clients.
""",
suggestions: ["http://example.com"]
}
]

View file

@ -1,4 +1,4 @@
#!/bin/sh
docker-compose build --build-arg UID=$(id -u) --build-arg GID=$(id -g) akkoma
docker-compose build --build-arg UID=$(id -u) --build-arg GID=$(id -g) db
docker compose build --build-arg UID=$(id -u) --build-arg GID=$(id -g) akkoma
docker compose build --build-arg UID=$(id -u) --build-arg GID=$(id -g) db

View file

@ -1,3 +1,3 @@
#!/bin/sh
docker-compose run --rm akkoma $@
docker compose run --rm akkoma $@

View file

@ -615,6 +615,12 @@ This filter only strips the GPS and location metadata with Exiftool leaving colo
No specific configuration.
#### Pleroma.Upload.Filter.OnlyMedia
This filter rejects uploads that are not identified with Content-Type matching audio/\*, image/\*, or video/\*
No specific configuration.
#### Pleroma.Upload.Filter.Mogrify
* `args`: List of actions for the `mogrify` command like `"strip"` or `["strip", "auto-orient", {"implode", "1"}]`.

View file

@ -23,23 +23,7 @@ sudo apt full-upgrade
sudo apt install git build-essential postgresql postgresql-contrib cmake libmagic-dev
```
### Install Elixir and Erlang
* Install Elixir and Erlang (you might need to use backports or [asdf](https://github.com/asdf-vm/asdf) on old systems):
```shell
sudo apt update
sudo apt install elixir erlang-dev erlang-nox
```
### Optional packages: [`docs/installation/optional/media_graphics_packages.md`](../installation/optional/media_graphics_packages.md)
```shell
sudo apt install imagemagick ffmpeg libimage-exiftool-perl
```
### Install AkkomaBE
### Create the akkoma user
* Add a new system user for the Akkoma service:
@ -49,7 +33,67 @@ sudo useradd -r -s /bin/false -m -d /var/lib/akkoma -U akkoma
**Note**: To execute a single command as the Akkoma system user, use `sudo -Hu akkoma command`. You can also switch to a shell by using `sudo -Hu akkoma $SHELL`. If you dont have and want `sudo` on your system, you can use `su` as root user (UID 0) for a single command by using `su -l akkoma -s $SHELL -c 'command'` and `su -l akkoma -s $SHELL` for starting a shell.
* Git clone the AkkomaBE repository from stable-branch and make the Akkoma user the owner of the directory:
### Install Elixir and Erlang
If your distribution packages a recent enough version of Elixir, you can install it directly from the distro repositories and skip to the next section of the guide:
```shell
sudo apt install elixir erlang-dev erlang-nox
```
Otherwise use [asdf](https://github.com/asdf-vm/asdf) to install the latest versions of Elixir and Erlang.
First, install some dependencies needed to build Elixir and Erlang:
```shell
sudo apt install curl unzip build-essential autoconf m4 libncurses5-dev libssh-dev unixodbc-dev xsltproc libxml2-utils libncurses-dev
```
Then login to the `akkoma` user and install asdf:
```shell
git clone https://github.com/asdf-vm/asdf.git ~/.asdf --branch v0.11.3
```
Add the following lines to `~/.bashrc`:
```shell
. "$HOME/.asdf/asdf.sh"
# asdf completions
. "$HOME/.asdf/completions/asdf.bash"
```
Restart the shell:
```shell
exec $SHELL
```
Next install Erlang:
```shell
asdf plugin add erlang https://github.com/asdf-vm/asdf-erlang.git
export KERL_CONFIGURE_OPTIONS="--disable-debug --without-javac"
asdf install erlang 25.3.2.1
asdf global erlang 25.3.2.1
```
Now install Elixir:
```shell
asdf plugin-add elixir https://github.com/asdf-vm/asdf-elixir.git
asdf install elixir 1.14.5-otp-25
asdf global elixir 1.14.5-otp-25
```
Confirm that Elixir is installed correctly by checking the version:
```shell
elixir --version
```
### Optional packages: [`docs/installation/optional/media_graphics_packages.md`](../installation/optional/media_graphics_packages.md)
```shell
sudo apt install imagemagick ffmpeg libimage-exiftool-perl
```
### Install AkkomaBE
* Log into the `akkoma` user and clone the AkkomaBE repository from the stable branch and make the Akkoma user the owner of the directory:
```shell
sudo mkdir -p /opt/akkoma

View file

@ -10,7 +10,7 @@ If you want to migrate from or OTP to docker, check out [the migration guide](./
### Prepare the system
* Install docker and docker-compose
* Install docker and docker compose
* [Docker](https://docs.docker.com/engine/install/)
* [Docker-compose](https://docs.docker.com/compose/install/)
* This will usually just be a repository installation and a package manager invocation.
@ -26,7 +26,7 @@ echo "DOCKER_USER=$(id -u):$(id -g)" >> .env
```
This probably won't need to be changed, it's only there to set basic environment
variables for the docker-compose file.
variables for the docker compose file.
### Building the container
@ -65,9 +65,9 @@ cp config/generated_config.exs config/prod.secret.exs
We need to run a few commands on the database container, this isn't too bad
```bash
docker-compose run --rm --user akkoma -d db
docker compose run --rm --user akkoma -d db
# Note down the name it gives here, it will be something like akkoma_db_run
docker-compose run --rm akkoma psql -h db -U akkoma -f config/setup_db.psql
docker compose run --rm akkoma psql -h db -U akkoma -f config/setup_db.psql
docker stop akkoma_db_run # Replace with the name you noted down
```
@ -84,17 +84,17 @@ We're going to run it in the foreground on the first run, just to make sure
everything start up.
```bash
docker-compose up
docker compose up
```
If everything went well, you should be able to access your instance at http://localhost:4000
You can `ctrl-c` out of the docker-compose now to shutdown the server.
You can `ctrl-c` out of the docker compose now to shutdown the server.
### Running in the background
```bash
docker-compose up -d
docker compose up -d
```
### Create your first user
@ -125,8 +125,8 @@ cp docker-resources/Caddyfile.example docker-resources/Caddyfile
Then edit the TLD in your caddyfile to the domain you're serving on.
Uncomment the `caddy` section in the docker-compose file,
then run `docker-compose up -d` again.
Uncomment the `caddy` section in the docker compose file,
then run `docker compose up -d` again.
#### Running a reverse proxy on the host
@ -152,7 +152,7 @@ git pull
./docker-resources/manage.sh mix deps.get
./docker-resources/manage.sh mix compile
./docker-resources/manage.sh mix ecto.migrate
docker-compose restart akkoma db
docker compose restart akkoma db
```
#### Further reading

View file

@ -118,3 +118,15 @@ To fix this, run:
```
which will remove the config from the database. Things should work now.
## Migrating back to Pleroma
Akkoma is a hard fork of Pleroma. As such, migrating back is not guaranteed to always work. But if you want to migrate back to Pleroma, you can always try. Just note that you may run into unexpected issues and you're basically on your own. The following are some tips that may help, but note that these are barely tested, so proceed at your own risk.
First you will need to roll back the database migrations. The latest migration both Akkoma and Pleroma still have in common should be 20210416051708, so roll back to that. If you run from source, that should be
```sh
MIX_ENV=prod mix ecto.rollback --to 20210416051708
```
Then switch back to Pleroma for updates (similar to how was done to migrate to Akkoma), and remove the front-ends. The front-ends are installed in the `frontends` folder in the [static directory](../configuration/static_dir.md). Once you are back to Pleroma, you will need to run the database migrations again. See the Pleroma documentation for this.

View file

@ -10,7 +10,7 @@ You probably should, in the first instance.
### Prepare the system
* Install docker and docker-compose
* Install docker and docker compose
* [Docker](https://docs.docker.com/engine/install/)
* [Docker-compose](https://docs.docker.com/compose/install/)
* This will usually just be a repository installation and a package manager invocation.
@ -46,7 +46,7 @@ For *most* from-source installs it'll already be there.
And the same with `uploads`, make sure your uploads (if you have them on disk) are
located at `uploads/` in the akkoma source directory.
If you have them on a different disk, you will need to mount that disk into the docker-compose file,
If you have them on a different disk, you will need to mount that disk into the docker compose file,
with an entry that looks like this:
```yaml
@ -66,7 +66,7 @@ echo "DOCKER_USER=$(id -u):$(id -g)" >> .env
```
This probably won't need to be changed, it's only there to set basic environment
variables for the docker-compose file.
variables for the docker compose file.
=== "From source"
@ -126,21 +126,21 @@ mkdir pgdata
Now we can import our database to the container.
```bash
docker-compose run --rm --user akkoma -d db
docker-compose run --rm akkoma pg_restore -v -U akkoma -j $(grep -c ^processor /proc/cpuinfo) -d akkoma -h db akkoma_backup.sql
docker compose run --rm --user akkoma -d db
docker compose run --rm akkoma pg_restore -v -U akkoma -j $(grep -c ^processor /proc/cpuinfo) -d akkoma -h db akkoma_backup.sql
```
### Reverse proxies
If you're just reusing your old proxy, you may have to uncomment the line in
the docker-compose file under `ports`. You'll find it.
the docker compose file under `ports`. You'll find it.
Otherwise, you can use the same setup as the [docker installation guide](./docker_en.md#reverse-proxies).
### Let's go
```bash
docker-compose up -d
docker compose up -d
```
You should now be at the same point as you were before, but with a docker install.

View file

@ -8,6 +8,8 @@ Restart=on-failure
; Uncomment this if you're on Arch Linux
; Environment="PATH=/usr/local/sbin:/usr/local/bin:/usr/bin:/usr/bin/site_perl:/usr/bin/vendor_perl:/usr/bin/core_perl"
; Uncomment if using asdf to manage Elixir and Erlang
; Environment="PATH=/var/lib/akkoma/.asdf/shims:/var/lib/akkoma/.asdf/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
; Name of the user that runs the Akkoma service.
User=akkoma
@ -24,6 +26,8 @@ Environment="HOME=/var/lib/akkoma"
WorkingDirectory=/opt/akkoma
; Path to the Mix binary.
ExecStart=/usr/bin/mix phx.server
; If using asdf comment the above line and uncomment the one below instead
; ExecStart=/var/lib/akkoma/.asdf/shims/mix phx.server
; Some security directives.
; Use private /tmp and /var/tmp folders inside a new file system namespace, which are discarded after the process stops.

View file

@ -262,11 +262,14 @@ defp http_children do
proxy = Pleroma.HTTP.AdapterHelper.format_proxy(proxy_url)
pool_size = Config.get([:http, :pool_size])
:public_key.cacerts_load()
config =
[:http, :adapter]
|> Config.get([])
|> Pleroma.HTTP.AdapterHelper.add_pool_size(pool_size)
|> Pleroma.HTTP.AdapterHelper.maybe_add_proxy_pool(proxy)
|> Pleroma.HTTP.AdapterHelper.maybe_add_cacerts(:public_key.cacerts_get())
|> Keyword.put(:name, MyFinch)
[{Finch, config}]

View file

@ -47,6 +47,17 @@ def maybe_add_proxy_pool(opts, proxy) do
|> put_in([:pools, :default, :conn_opts, :proxy], proxy)
end
def maybe_add_cacerts(opts, nil), do: opts
def maybe_add_cacerts(opts, cacerts) do
opts
|> maybe_add_pools()
|> maybe_add_default_pool()
|> maybe_add_conn_opts()
|> maybe_add_transport_opts()
|> put_in([:pools, :default, :conn_opts, :transport_opts, :cacerts], cacerts)
end
def add_pool_size(opts, pool_size) do
opts
|> maybe_add_pools()
@ -82,6 +93,16 @@ defp maybe_add_conn_opts(opts) do
end
end
defp maybe_add_transport_opts(opts) do
transport_opts = get_in(opts, [:pools, :default, :conn_opts, :transport_opts])
unless is_nil(transport_opts) do
opts
else
put_in(opts, [:pools, :default, :conn_opts, :transport_opts], [])
end
end
@doc """
Merge default connection & adapter options with received ones.
"""

View file

@ -38,9 +38,9 @@ def filter([filter | rest], upload) do
{:ok, :noop} ->
filter(rest, upload)
error ->
Logger.error("#{__MODULE__}: Filter #{filter} failed: #{inspect(error)}")
error
{:error, e} ->
Logger.error("#{__MODULE__}: Filter #{filter} failed: #{inspect(e)}")
{:error, e}
end
end
end

View file

@ -0,0 +1,20 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2023 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Upload.Filter.OnlyMedia do
@behaviour Pleroma.Upload.Filter
alias Pleroma.Upload
def filter(%Upload{content_type: content_type}) do
[type, _subtype] = String.split(content_type, "/")
if type in ["image", "video", "audio"] do
{:ok, :noop}
else
{:error, "Disallowed content-type: #{content_type}"}
end
end
def filter(_), do: {:ok, :noop}
end

View file

@ -52,7 +52,7 @@ def url(url) do
@spec url_proxiable?(String.t()) :: boolean()
def url_proxiable?(url) do
not local?(url) and not whitelisted?(url)
not local?(url) and not whitelisted?(url) and not blocked?(url)
end
def preview_url(url, preview_params \\ []) do
@ -83,6 +83,11 @@ def whitelisted?(url) do
domain in mediaproxy_whitelist_domains
end
def blocked?(url) do
%{host: domain} = URI.parse(url)
domain in Config.get([:media_proxy, :whitelist])
end
defp maybe_get_domain_from_url("http" <> _ = url) do
URI.parse(url).host
end

View file

@ -203,7 +203,8 @@ defp deps do
{:excoveralls, "0.15.1", only: :test},
{:mox, "~> 1.0", only: :test},
{:websockex, "~> 0.4.3", only: :test},
{:dialyxir, "~> 1.0", only: [:dev], runtime: false}
{:dialyxir, "~> 1.0", only: [:dev], runtime: false},
{:mint, "~> 1.5.1", override: true}
] ++ oauth_deps()
end

View file

@ -1,11 +1,19 @@
defmodule Pleroma.Repo.Migrations.ForcePinnedObjectsToExist do
use Ecto.Migration
def change do
def up do
execute("UPDATE users SET pinned_objects = '{}' WHERE pinned_objects IS NULL")
alter table("users") do
modify(:pinned_objects, :map, null: false, default: %{})
end
end
def down do
alter table("users") do
modify(:pinned_objects, :map, null: true, default: nil)
end
execute("UPDATE users SET pinned_objects = NULL WHERE pinned_objects = '{}'")
end
end

View file

@ -1,9 +1,15 @@
defmodule Pleroma.Repo.Migrations.AddMastofeSettings do
use Ecto.Migration
def change do
def up do
alter table(:users) do
add_if_not_exists(:mastofe_settings, :map)
end
end
def down do
alter table(:users) do
remove_if_exists(:mastofe_settings, :map)
end
end
end

View file

@ -1,9 +1,15 @@
defmodule Pleroma.Repo.Migrations.AddLanguageToUsers do
use Ecto.Migration
def change do
def up do
alter table(:users) do
add_if_not_exists(:language, :string)
end
end
def down do
alter table(:users) do
remove_if_exists(:language, :string)
end
end
end

View file

@ -0,0 +1,32 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2023 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Upload.Filter.OnlyMediaTest do
use Pleroma.DataCase, async: true
alias Pleroma.Upload
alias Pleroma.Upload.Filter.OnlyMedia
test "Allows media Content-Type" do
["audio/mpeg", "image/jpeg", "video/mp4"]
|> Enum.each(fn type ->
upload = %Upload{
content_type: type
}
assert {:ok, :noop} = OnlyMedia.filter(upload)
end)
end
test "Disallows non-media Content-Type" do
["application/javascript", "application/pdf", "text/html"]
|> Enum.each(fn type ->
upload = %Upload{
content_type: type
}
assert {:error, _} = OnlyMedia.filter(upload)
end)
end
end

View file

@ -199,6 +199,15 @@ test "mediaproxy whitelist" do
assert unencoded == url
end
test "mediaproxy blocklist" do
clear_config([:media_proxy, :whitelist], ["https://google.com"])
clear_config([:media_proxy, :blocklist], ["https://feld.me"])
url = "https://feld.me/foo.png"
unencoded = MediaProxy.url(url)
assert unencoded == url
end
# TODO: delete after removing support bare domains for media proxy whitelist
test "mediaproxy whitelist bare domains whitelist (deprecated)" do
clear_config([:media_proxy, :whitelist], ["google.com", "feld.me"])
@ -220,6 +229,18 @@ test "does not change whitelisted urls" do
assert String.starts_with?(encoded, media_url)
end
test "does not change blocked urls" do
clear_config([:media_proxy, :whitelist], ["mycdn.akamai.com"])
clear_config([:media_proxy, :base_url], "https://cache.pleroma.social")
media_url = "https://mycdn.akamai.com"
url = "#{media_url}/static/logo.png"
encoded = MediaProxy.url(url)
assert String.starts_with?(encoded, media_url)
end
test "ensure Pleroma.Upload base_url is always whitelisted" do
media_url = "https://media.pleroma.social"
clear_config([Pleroma.Upload, :base_url], media_url)

View file

@ -128,6 +128,12 @@ test "with media_proxy bare domains whitelist (deprecated)", %{conn: conn} do
clear_config([:media_proxy, :whitelist], ["example4.com", "example5.com"])
assert_media_img_src(conn, "example5.com example4.com")
end
test "with media_proxy blocklist", %{conn: conn} do
clear_config([:media_proxy, :whitelist], ["https://example6.com", "https://example7.com"])
clear_config([:media_proxy, :blocklist], ["https://example8.com"])
assert_media_img_src(conn, "https://example7.com https://example6.com")
end
end
defp assert_media_img_src(conn, url) do