Compare commits

...

60 commits

Author SHA1 Message Date
3489c8ac3a
fix: loading config 2023-02-04 23:24:05 +01:00
06ef752218
adjust readme 2023-02-04 23:00:34 +01:00
44f02fa3ec
update documents for new release 2023-02-04 22:22:00 +01:00
d655bda30c
add foundkey floofer 2023-02-04 22:15:28 +01:00
839daea887
remove mi-white.png asset 2023-02-04 18:08:19 +01:00
41c42f96f0
BREAKING server: disable deliver rate limit by default
The deliver rate limit seems to cause a lot of performance problems,
presumably because of the overhead the rate limit has. It also does
not really make sense to rate limit outgoing because we are requesting
from different servers anyway.

fixes FoundKeyGang/FoundKey#190

Changelog: Changed
2023-02-04 17:57:52 +01:00
9a6bb8be7d
server: default config items on load 2023-02-04 17:56:15 +01:00
1adf88b090
fixup: OpenGraph data generation
This is a fixup for commits 39fb7e5946 and be30e70344.
2023-02-04 16:44:30 +01:00
28c11ca7af
refactor isPureRenote to foundkey-js 2023-02-04 16:42:36 +01:00
9458045c8f
server: refactor note/renote rendering to separate file 2023-02-04 15:32:25 +01:00
a8c0e1f827
fix migration for note.url unique index
fixes FoundKeyGang/FoundKey#331

Co-authored-by: Johann150 <johann.galle@protonmail.com>
2023-02-04 11:03:29 +01:00
63665e8bd1
client: replace array concat with Array.prototype.flat 2023-02-04 00:33:23 +01:00
85a68a5eee
activitypub: properly render CW only quotes
Changelog: Fixed
2023-02-04 00:27:43 +01:00
0bb4a6af50
client: fix quotes with only a CW
Changelog: Fixed
2023-02-04 00:22:52 +01:00
a45908c1cb
client: check quoteId for canPost computation
fixes FoundKeyGang/FoundKey#334

Changelog: Fixed
2023-02-03 23:12:12 +01:00
ca257d7d0c
server: remove application level websocket ping
Changelog: Removed
2023-02-03 11:48:46 +01:00
30c26abde7
server: add websocket ping mechanism
fixes FoundKeyGang/FoundKey#336

Changelog: Fixed
2023-02-03 11:47:54 +01:00
17324e1e94
server: add unique constraint for registry items
fixes FoundKeyGang/FoundKey#335
2023-02-03 00:27:33 +01:00
8b98c9f2f4
server: remove unused 'domain' column 2023-02-02 23:29:24 +01:00
be30e70344
server: add more OpenGraph data, remove custom misskey meta tags
Changelog: Changed
2023-02-01 23:18:10 +01:00
39fb7e5946
server: improve OpenGraph data for note attachments
With this change, not all files will be proclaimed to be image files. Only
images, videos and audio files will be represented with OpenGraph data.

More properties for these files will also be represented, e.g. image alt text.

However, if the note has a CW or any of the files are marked sensitive, none
of the files will be used.

The users profile picture will not be used any more.

Changelog: Changed
2023-02-01 22:53:32 +01:00
75b14124f2
server: improve variable naming 2023-02-01 11:30:53 +01:00
7480e27c0c
server: remove twitter links from HTML templates
Since the twitter integration has been removed, this will never be true
and can therefore be removed.
2023-02-01 11:27:27 +01:00
953de3e4b2
adjust mailmap 2023-01-30 19:36:22 +01:00
2d32bc33d7
server: fix error for invalid URLs in profile fields
Co-authored-by: Chloe Kudryavtsev <code@code.bunkerlabs.net>
2023-01-30 19:24:15 +01:00
bb3ec8bafe Revert "server: fix user deletion race condition"
This reverts commit cc83cbe523, reversing
changes made to 8abd3ebec7.

This changeset contains:
* multiple type errors
* a foreign key incompatibility
* breaks outgoing note federation (in at least two ways)
2023-01-30 14:59:24 +01:00
6fd80816fa
client: remove unused property from MFM component 2023-01-29 14:29:58 +01:00
cc83cbe523
server: fix user deletion race condition
Changelog: Fixed
Ref: https://github.com/misskey-dev/misskey/issues/7506
2023-01-29 12:53:29 +01:00
8abd3ebec7
client: remove notification forwarding to service worker
This was an interim measure, but now that push notifications are always enabled,
this should not be necessary any more and the service worker should receive
all notifications automatically.
2023-01-29 12:39:26 +01:00
36031c083a
docs: adjust parameters for v2 methods other than POST 2023-01-26 13:34:13 +01:00
05f8172ce9
docs: describe /ap/ endpoints 2023-01-26 13:25:50 +01:00
151053897d
server: lower rate limit for deletion activities
Changelog: Changed
2023-01-26 13:25:50 +01:00
95a9027a66
docs: show rate limit information
Changelog: Added
2023-01-26 13:25:49 +01:00
57cf6c7163
server: indicate Retry-After when rate limiting
This refactors the rate limiting code to throw an ApiError directly.

Changelog: Added
2023-01-26 08:37:07 +01:00
9b76c805ec
fix: DriveFile folder & user undefined instead of null when unrequested 2023-01-25 22:14:53 +01:00
21b20920c2
docs: use endpoint stability to mark endpoints deprecated 2023-01-23 20:13:17 +01:00
e7644eb757
server: add index to human readable URL 2023-01-23 19:58:07 +01:00
66ec875624
server: also search human readable URL
Changelog: Fixed
2023-01-23 18:09:04 +01:00
78f5ca3792
server: fix empty array in quote detection 2023-01-22 21:47:02 +01:00
c792e4199c
server: add missing return in extractQuoteUrl 2023-01-22 21:42:49 +01:00
afa4094050
BREAKING: Remove galleries
Existing gallery posts will be made into normal notes.
If a user has gallery posts, a clip with all gallery posts will be created.

Changelog: Removed
2023-01-22 20:18:57 +01:00
c4b5952788
migrate galleries to notes/clips 2023-01-22 19:44:39 +01:00
e3fd371f4a
Implement FEP-e232 qoutes
Changelog: Added
2023-01-17 21:49:27 +01:00
5893a44ff5
server: parse quote tag syntax
Ref: FEP-e232
2023-01-17 21:45:57 +01:00
9bdf24d3a5
enhance: add tag for quotes
Ref: FEP-e232
2023-01-17 21:45:49 +01:00
2bbb85b472
backend: remove galleries 2023-01-16 18:53:57 +01:00
70fb1e9a5c
foundkey-js: remove galleries 2023-01-16 18:47:29 +01:00
48163872ed
client: remove galleries 2023-01-16 18:39:50 +01:00
7170b86724
fixup: websocket data parsing + logger 2023-01-14 13:22:09 +01:00
96e6187e83
docs: admin password reset 2023-01-14 12:03:50 +01:00
3d2cfc075a
fixup: actually check whether the group joining is from the user 2023-01-13 21:55:14 +01:00
83373e0c51
split build task into parallel and non-parallel versions
This allows FoundKey to be built on systems with 2GB or less RAM without swapping or running out of memory.
2023-01-12 17:08:50 -05:00
11518d2f26
add documentation about moderation 2023-01-12 20:53:39 +01:00
f9c360d59f
client: remove duplicated check
Since the enclosing block already checks for moderator, this check is unnecessary.
2023-01-12 20:09:24 +01:00
2a8792fe07
client: add button to delete all files for moderators
The functionality was already there, there was just no button to access it
for some reason.

closes FoundKeyGang/FoundKey#243

Changelog: Added
2023-01-12 19:42:57 +01:00
b8963a0119
update yarn.lock 2023-01-12 19:27:16 +01:00
1319dc93d9
server: switch websocket to ws 2023-01-11 23:57:37 +01:00
b245d39b6e
server: delete records of fully deleted users 2023-01-08 21:22:03 +01:00
80f72e21cd
server: track deletion completion 2023-01-08 21:22:03 +01:00
85e985d13f
server: change data structure to track deletion completion 2023-01-08 21:21:54 +01:00
128 changed files with 871 additions and 2182 deletions

View file

@ -6,10 +6,11 @@
#───┘ URL └─────────────────────────────────────────────────────
# Final accessible URL seen by a user.
url: https://example.tld/
# Only the host part will be used.
# ONCE YOU HAVE STARTED THE INSTANCE, DO NOT CHANGE THE
# URL SETTINGS AFTER THAT!
url: https://example.tld/
# ┌───────────────────────┐
#───┘ Port and TLS settings └───────────────────────────────────
@ -45,6 +46,7 @@ db:
pass: example-foundkey-pass
# Whether to disable query caching
# Default is to cache, i.e. false.
#disableCache: true
# Extra connection options
@ -57,7 +59,11 @@ db:
redis:
host: localhost
port: 6379
#family: dual # can be either a number or string (0/dual, 4/ipv4, 6/ipv6)
# Address family to connect over.
# Can be either a number or string (0/dual, 4/ipv4, 6/ipv6)
# Default is "dual".
#family: dual
# The following properties are optional.
#pass: example-pass
#prefix: example-prefix
#db: 1
@ -65,6 +71,7 @@ redis:
# ┌─────────────────────────────┐
#───┘ Elasticsearch configuration └─────────────────────────────
# Elasticsearch is optional.
#elasticsearch:
# host: localhost
# port: 9200
@ -75,35 +82,41 @@ redis:
# ┌─────────────────────┐
#───┘ Other configuration └─────────────────────────────────────
# Whether disable HSTS
# Whether to disable HSTS (not recommended)
# Default is to enable HSTS, i.e. false.
#disableHsts: true
# Number of worker processes by type.
# The sum must not exceed the number of available cores.
# The sum should not exceed the number of available cores.
#clusterLimits:
# web: 1
# queue: 1
# Job concurrency per worker
# deliverJobConcurrency: 128
# inboxJobConcurrency: 16
# Jobs each worker will try to work on at a time.
#deliverJobConcurrency: 128
#inboxJobConcurrency: 16
# Job rate limiter
# deliverJobPerSec: 128
# inboxJobPerSec: 16
# Rate limit for each Worker.
# Use -1 to disable.
# A rate limit for deliver jobs is not recommended as it comes with
# a big performance penalty due to overhead of rate limiting.
#deliverJobPerSec: -1
#inboxJobPerSec: 16
# Job attempts
# deliverJobMaxAttempts: 12
# inboxJobMaxAttempts: 8
# Number of times each job will be tried.
# 1 means only try once and don't retry.
#deliverJobMaxAttempts: 12
#inboxJobMaxAttempts: 8
# Syslog option
#syslog:
# host: localhost
# port: 514
# Proxy for HTTP/HTTPS
# Proxy for HTTP/HTTPS outgoing connections
#proxy: http://127.0.0.1:3128
# Hosts that should not be connected to through the proxy specified above
#proxyBypassHosts: [
# 'example.com',
# '192.0.2.8'
@ -117,7 +130,8 @@ redis:
# Media Proxy
#mediaProxy: https://example.com/proxy
# Proxy remote files (default: false)
# Proxy remote files
# Default is to not proxy remote files, i.e. false.
#proxyRemoteFiles: true
# Storage path for files if stored locally (absolute path)
@ -125,11 +139,15 @@ redis:
#internalStoragePath: '/etc/foundkey/files'
# Upload or download file size limits (bytes)
# default is 262144000 = 250MiB
#maxFileSize: 262144000
# Max note text length (in characters)
#maxNoteTextLength: 3000
# By default, Foundkey will fail when something tries to make it fetch something from private IPs.
# With the following setting you can explicitly allow some private CIDR subnets.
# Default is an empty list, i.e. none allowed.
#allowedPrivateNetworks: [
# '127.0.0.1/32'
#]

View file

@ -1,9 +1,9 @@
Andreas Nedbal <git@pixelde.su> <andreas.nedbal@in2code.de>
Andreas Nedbal <git@pixelde.su> <github-bf215181b5140522137b3d4f6b73544a@desu.email>
Balazs Nadasdi <balazs@weave.works> <yitsushi@gmail.com>
Chloe Kudryavtsev <code@code.bunkerlabs.net> <code@toast.bunkerlabs.net>
Chloe Kudryavtsev <code@code.bunkerlabs.net> <toast+git@toast.cafe>
Chloe Kudryavtsev <code@code.bunkerlabs.net> <toast@toast.cafe>
Chloe Kudryavtsev <code@toast.bunkerlabs.net> <code@code.bunkerlabs.net>
Chloe Kudryavtsev <code@toast.bunkerlabs.net> <toast+git@toast.cafe>
Chloe Kudryavtsev <code@toast.bunkerlabs.net> <toast@toast.cafe>
Dr. Gutfuck LLC <40531868+gutfuckllc@users.noreply.github.com>
Ehsan Javadynia <31900907+ehsanjavadynia@users.noreply.github.com> <ehsan.javadynia@gmail.com>
Francis Dinh <normandy@biribiri.dev>

View file

@ -11,6 +11,108 @@ Unreleased changes should not be listed in this file.
Instead, run `git shortlog --format='%h %s' --group=trailer:changelog <last tag>..` to see unreleased changes; replace `<last tag>` with the tag you wish to compare from.
If you are a contributor, please read [CONTRIBUTING.md, section "Changelog Trailer"](./CONTRIBUTING.md#changelog-trailer) on what to do instead.
## 13.0.0-preview4 - 2023-02-05
This release contains 6 breaking changes, including changes to the configuration file format.
### Added
- new Foundkey logo
- client: add button to unrenote/remove all own renotes
- client: add mod tracker
- client: add button to delete all files of a user for moderators
- server: implement OAuth 2.0 Authorization Code grant
- server: add config for error images
- server: expire notifications after 3 months
- server: start adding /api/v2 routes
- server: indicate Retry-After when rate limiting
- docs: show rate limit information
### Changed
- **BREAKING** server: implement separate web workers
The configuration file format has been changed: The `clusterLimit` item has been removed
and `clusterLimits` has been added instead. Check the example configuration file.
- **BREAKING** server: remove wildcard blocking and instead block subdomains (#269)
As an administrator you may need to check the list of blocked instances.
- **BREAKING** server: disable deliver rate limit by default
We found that the deliver rate limit causes a lot of load for no real benefit. Because of this,
it will be disabled by default. The default value of `deliverJobPerSec` is set to
disable this rate limit.
- server: adjust permissions for `/api/admin/accounts/delete`
The admin/accounts/delete endpoint now requries administrator privileges
instead of just moderator privileges.
- server: increase nodeinfo caching
- client: headlines in queue widget are links
- client: add tooltips to visibility icons
- server: improve error messages
- server: change default value for `/api/admin/show-users` origin param
- server: lower rate limit for deletion activities
Deleting things that result in federating a delete activity have a more strict rate limit.
This affects the following endpoints:
- `/api/notes/delete`
- `/api/notes/reactions/delete`
- `/api/notes/unrenote`
- server: improve OpenGraph data
- properly render note attachments as RDFa
- add more metadata about e.g. author
- proper OpenGraph data replaces custom `misskey:` RDFa tags
- activitypub: implement [FEP-e232](https://codeberg.org/fediverse/fep/src/branch/main/feps/fep-e232.md) qoutes
- activitypub: use `quoteUri` instead of `quoteUrl`
### Fixed
- client: fix layout of app authorization page
- client: unify different error dialogs
- client: set display name limit same as server
- client: dont display instance banner tooltip if software name is unknown
- client: fix 500 error in notifications
- client: fix some tooltips not closing
- client: fix issue of search only working once
- client: check `quoteId` for canPost computation
- client: fix quotes with only a CW
- server: fix thread mutes not applying to renotes
- server: fix ReferenceError: meta is undefined
- server: fix TypeError in registerOrFetchInstanceDoc
- server: fix ratelimit in `/api/i/import-following`
- server: handle redirects in signed get
- server: remove reversi database tables
- server: set file permissions after copy
- server: also use human readable URL in search
- server: fix user deletion race condition
- server: add websocket ping mechanism
This should help keep websocket connections alive even if there are no events for
prolonged time periods. This should also fix issues where the "connection has been lost"
dialog appeared despite the connection being fine.
- activitypub: properly parse incoming hashtags
- activitypub: Do block checks more globally
- activitypub: properly render CW only quotes
### Removed:
- **BREAKING** server: remove Twitter, Github and Discord integrations
ff31b8b06 server: remove bios and cli
a673647fb server: remove avatarColor and bannerColor properties
- **BREAKING** server: remove `api/admin/delete-account`,
You should use the API endpoint `admin/accounts/delete` instead.
It has the same parameter and the same behaviour.
- **BREAKING** remove galleries
Galleries have been removed because low usage and duplication of other behaviour.
Existing gallery posts will be turned into ordinary notes.
If a user had any gallery posts, a new clip called "Gallery" will be created containing
all of the former gallery posts that are now notes.
This affects the following endpoints:
- `/api/gallery/featured`
- `/api/gallery/popular`
- `/api/gallery/posts`
- `/api/gallery/posts/create`
- `/api/gallery/posts/delete`
- `/api/gallery/posts/like`
- `/api/gallery/posts/show`
- `/api/gallery/posts/unlike`
- `/api/i/gallery/likes`
- `/api/i/gallery/posts`
- `/api/users/gallery/posts`
- server: remove application level websocket ping
This pinging mechanism was unused in `foundkey-js`, and we expect other usage to be low.
You can use the pinging mechanism built into the websocket protocol if you wish.
Note that the Server will now also send pings on its own (see *Fixed* section).
## 13.0.0-preview3 - 2022-12-02
This release contains 1 urgent security fix necessitated by `misskey-forkbomb`.
This release contains 1 breaking change.

View file

@ -21,3 +21,7 @@ https://github.com/deskjet/chiptune2.js#license
libopenmpt (as part of openmpt) by OpenMPT
License: BSD 3-Clause
https://github.com/OpenMPT/openmpt/blob/master/LICENSE
The logo file (logo.svg) was created by Blinry
License: [CC-BY-4.0](https://creativecommons.org/licenses/by/4.0/)
https://blinry.org/

View file

@ -1,3 +1,5 @@
<div align="center"><img src="./logo.svg" height="200" alt="Foundkey logo, an owl holding a key"/></div>
# FoundKey
FoundKey is a free and open source microblogging server compatible with ActivityPub. Forked from Misskey, FoundKey improves on maintainability and behaviour, while also bringing in useful features.
@ -10,4 +12,5 @@ FoundKey's documentation is a work in progress. In the meantime, much of the doc
If you're interested in helping out with the project, please read the [contributing guide](./CONTRIBUTING.md).
## Sponsors
FoundKey is not interested in sponsorships.
FoundKey is not interested in finanical sponsorships.
We welcome contributions in the forms of code, testing and bug reporting (see also section *Contributing* above).

View file

@ -70,6 +70,8 @@ Build foundkey with the following:
`NODE_ENV=production yarn build`
If your system has at least 4GB of RAM, run `NODE_ENV=production yarn build-parallel` to speed up build times.
If you're still encountering errors about some modules, use node-gyp:
1. `npx node-gyp configure`
@ -182,6 +184,7 @@ Use git to pull in the latest changes and rerun the build and migration commands
git pull
git submodule update --init
yarn install
# Use build-parallel if your system has 4GB or more RAM and want faster builds
NODE_ENV=production yarn build
yarn migrate
```

103
docs/moderation.md Normal file
View file

@ -0,0 +1,103 @@
# User moderation
A lot of the user moderation activities can be found on the `user-info` page. You can reach this page by going to a users profile page, open the three dot menu, select "About" and navigating to the "Moderation" section of the page that opens.
With the necessary privileges, this page will allow you to:
- Toggle whether a user is a moderator (administrators on local users only)
- Reset the users password (local users only)
- Delete a user (administrators only)
- Delete all files of a user
For remote users, cached files (if any) will be deleted.
- Silence a user
This disallows a user from making a note with `public` visibility.
If necessary the visibility of incoming notes or locally created notes will be lowered.
- Suspend a user
This will drop any incoming activities of this actor and hide them from public view on this instance.
# Administrator
When an instance is first set up, the initial user to be created will be made an administrator by default.
This means that typically the instance owner is the administrator.
It is also possible to have multiple administrators, however making a user an administrator is not implemented in the client.
To make a user an administrator, you will need access to the database.
This is intended for security reasons of
1. not exposing this very dangerous functionality via the API
2. making sure someone that has shell access to the server anyway "approves" this.
To make a user an administrator, you will first need the user's ID.
To get it you can go to the user's profile page, open the three dot menu, select "About" and copy the ID displayed there.
Then, go to the database and run the following query, replacing `<ID>` with the ID gotten above.
```sql
UPDATE "user" SET "isAdmin" = true WHERE "id" = '<ID>';
```
The user that was made administrator may need to reload their client to see the changes take effect.
To demote a user, you can do a similar operation, but instead with `... SET "isAdmin" = false ...`.
## Immunity
- Cannot be reported by local users.
- Cannot have their password reset.
To see how you can reset an administrator password, see below.
- Cannot have their account deleted.
- Cannot be suspended.
- Cannot be silenced.
- Cannot have their account details viewed by moderators.
- Cannot be made moderators.
## Abilities
- Create or delete user accounts.
- Add or remove moderators.
- View and change instance configuration (e.g. Translation API keys).
- View all followers and followees.
Administrators also have the same ability as moderators.
Note of course that people with access to the server and/or database access can do basically anything without restrictions (including breaking the instance).
## Resetting an administrators password
Administrators are blocked from the paths of resetting the password by moderators or administrators.
However, if your server has email configured you should be able to use the "Forgot password" link on the normal signin dialog.
If you did not set up email, you will need to kick of this process instead through modifying the database yourself.
You will need the user ID whose password should be reset, indicated in the following as `<USERID>`;
as well as a random string (a UUID would be recommended) indicated as `<TOKEN>`.
Replacing the two terms above, run the following SQL query:
```sql
INSERT INTO "password_reset_request" VALUES ('0000000000', now(), '<TOKEN>', '<USERID>');
```
After that, navigate to `/reset-password/<TOKEN>` on your instance to finish the password reset process.
After that you should be able to sign in with the new password you just set.
# Moderator
A moderator has fewer privileges than an administrator.
They can also be more easily added or removed by an adminstrator.
Having moderators may be a good idea to help with user moderation.
## Immunity
- Cannot be reported by local users.
- Cannot be suspended.
## Abilities
- Suspend users.
- Add, list and remove relays.
- View queue, database and server information.
- Create, edit, delete, export and import local custom emoji.
- View global, social and local timelines even if disabled by administrators.
- Show, update and delete any users files and file metadata.
Managing emoji is described in [a separate file](emoji.md).
- Delete any users notes.
- Create an invitation.
This allows users to register an account even if (public) registrations are closed using an invite code.
- View users' account details.
- Suspend and unsuspend users.
- Silence and unsilence users.
- Handle reports.
- Create, update and delete announcements.
- View the moderation log.

View file

@ -501,6 +501,7 @@ scratchpadDescription: "The Scratchpad provides an environment for AiScript expe
\ in it."
output: "Output"
updateRemoteUser: "Update remote user information"
deleteAllFiles: "Delete all files"
deleteAllFilesConfirm: "Are you sure that you want to delete all files?"
removeAllFollowing: "Unfollow all followed users"
removeAllFollowingDescription: "Executing this unfollows all accounts from {host}.\
@ -678,7 +679,6 @@ editCode: "Edit code"
apply: "Apply"
receiveAnnouncementFromInstance: "Receive notifications from this instance"
emailNotification: "Email notifications"
publish: "Publish"
useReactionPickerForContextMenu: "Open reaction picker on right-click"
typingUsers: "{users} is/are typing..."
jumpToSpecifiedDate: "Jump to specific date"
@ -719,11 +719,7 @@ switch: "Switch"
noMaintainerInformationWarning: "Maintainer information is not configured."
noBotProtectionWarning: "Bot protection is not configured."
configure: "Configure"
postToGallery: "Create new gallery post"
attachmentRequired: "At least 1 attachment is required."
gallery: "Gallery"
recentPosts: "Recent posts"
popularPosts: "Popular posts"
shareWithNote: "Share with note"
emailNotConfiguredWarning: "Email address not set."
ratio: "Ratio"
@ -862,11 +858,6 @@ _forgotPassword:
\ instance administrator instead."
contactAdmin: "This instance does not support using email addresses, please contact\
\ the instance administrator to reset your password instead."
_gallery:
my: "My Gallery"
liked: "Liked Posts"
like: "Like"
unlike: "Remove like"
_email:
_follow:
title: "You've got a new follower"
@ -1108,10 +1099,6 @@ _permissions:
"write:user-groups": "Create, modify, delete, transfer, join and leave groups. Invite and ban others from groups. Accept and reject group invitations."
"read:channels": "List and read followed and joined channels"
"write:channels": "Create, modify, follow and unfollow channels"
"read:gallery": "List and read gallery posts"
"write:gallery": "Create, modify and delete gallery posts"
"read:gallery-likes": "List and read gallery post likes"
"write:gallery-likes": "Like and unlike gallery posts"
_auth:
shareAccess: "Would you like to authorize \"{name}\" to access this account?"
shareAccessAsk: "Are you sure you want to authorize this application to access your\

BIN
logo.svg Normal file

Binary file not shown.

After

Width:  |  Height:  |  Size: 3.3 KiB

View file

@ -1,6 +1,6 @@
{
"name": "foundkey",
"version": "13.0.0-preview3",
"version": "13.0.0-preview4",
"repository": {
"type": "git",
"url": "https://akkoma.dev/FoundKeyGang/FoundKey.git"
@ -10,7 +10,8 @@
"packages/*"
],
"scripts": {
"build": "yarn workspaces foreach --parallel --topological run build && yarn run gulp",
"build": "yarn workspaces foreach --topological run build && yarn run gulp",
"build-parallel": "yarn workspaces foreach --parallel --topological run build && yarn run gulp",
"start": "yarn workspace backend run start",
"start:test": "yarn workspace backend run start:test",
"init": "yarn migrate",

Binary file not shown.

Before

Width:  |  Height:  |  Size: 5.4 KiB

After

Width:  |  Height:  |  Size: 12 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 9.6 KiB

After

Width:  |  Height:  |  Size: 12 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 88 KiB

After

Width:  |  Height:  |  Size: 66 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 9.1 KiB

After

Width:  |  Height:  |  Size: 12 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 7.5 KiB

After

Width:  |  Height:  |  Size: 22 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 20 KiB

After

Width:  |  Height:  |  Size: 106 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 18 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 23 KiB

After

Width:  |  Height:  |  Size: 12 KiB

View file

@ -0,0 +1,65 @@
import { genId } from '../built/misc/gen-id.js';
export class removeGroups1673892262930 {
name = 'removeGroups1673892262930';
async up(queryRunner) {
// migrate gallery posts into notes, keeping the ids
await queryRunner.query(`
INSERT INTO "note" (
"id", "createdAt", "text", "cw", "userId", "visibility", "fileIds", "attachedFileTypes", "tags"
)
WITH "file_types" ("id", "types") AS (
SELECT "gallery_post"."id", ARRAY_AGG("drive_file"."type")
FROM "gallery_post"
JOIN "drive_file" ON "drive_file"."id" = ANY("gallery_post"."fileIds")
GROUP BY "gallery_post"."id"
)
SELECT "gallery_post"."id", "gallery_post"."createdAt",
CASE
WHEN "gallery_post"."title" IS NULL THEN "gallery_post"."description"
ELSE '<b>' || "gallery_post"."title" || E'</b>\\n\\n' || "gallery_post"."description"
END,
CASE
WHEN "gallery_post"."isSensitive" THEN 'NSFW'
ELSE NULL
END,
"gallery_post"."userId", 'home', "gallery_post"."fileIds", "file_types"."types", "gallery_post"."tags"
FROM "gallery_post"
JOIN "file_types" ON "gallery_post"."id" = "file_types"."id"
`);
// make a clip for each users gallery
await queryRunner.query(`SELECT DISTINCT "userId" FROM "gallery_post"`).then(userIds =>
Promise.all(userIds.map(({ userId }) => {
const clipId = genId();
// generate the clip itself
return queryRunner.query(`INSERT INTO "clip" ("id", "createdAt", "userId", "name", "isPublic") VALUES ($1, now(), $2, 'Gallery', true)`, [clipId, userId])
// and add all the previous gallery posts to it
// to not have to use genId for each gallery post, we just prepend a zero, something that could never be generated by genId
.then(() => queryRunner.query(`INSERT INTO "clip_note" ("id", "noteId", "clipId") SELECT '0' || "id", "id", $1 FROM "gallery_post" WHERE "userId" = $2`, [clipId, userId]));
}))
);
await queryRunner.query(`DROP TABLE "gallery_like"`);
await queryRunner.query(`DROP TABLE "gallery_post"`);
}
async down(queryRunner) {
// can only restore the table structure
await queryRunner.query(`CREATE TABLE "gallery_post" ("id" character varying(32) NOT NULL, "createdAt" TIMESTAMP WITH TIME ZONE NOT NULL, "updatedAt" TIMESTAMP WITH TIME ZONE NOT NULL, "title" character varying(256) NOT NULL, "description" character varying(2048), "userId" character varying(32) NOT NULL, "fileIds" character varying(32) array NOT NULL DEFAULT '{}'::varchar[], "isSensitive" boolean NOT NULL DEFAULT false, "likedCount" integer NOT NULL DEFAULT '0', "tags" character varying(128) array NOT NULL DEFAULT '{}'::varchar[], CONSTRAINT "PK_8e90d7b6015f2c4518881b14753" PRIMARY KEY ("id")); COMMENT ON COLUMN "gallery_post"."createdAt" IS 'The created date of the GalleryPost.'; COMMENT ON COLUMN "gallery_post"."updatedAt" IS 'The updated date of the GalleryPost.'; COMMENT ON COLUMN "gallery_post"."userId" IS 'The ID of author.'; COMMENT ON COLUMN "gallery_post"."isSensitive" IS 'Whether the post is sensitive.'`);
await queryRunner.query(`CREATE INDEX "IDX_8f1a239bd077c8864a20c62c2c" ON "gallery_post" ("createdAt") `);
await queryRunner.query(`CREATE INDEX "IDX_f631d37835adb04792e361807c" ON "gallery_post" ("updatedAt") `);
await queryRunner.query(`CREATE INDEX "IDX_985b836dddd8615e432d7043dd" ON "gallery_post" ("userId") `);
await queryRunner.query(`CREATE INDEX "IDX_3ca50563facd913c425e7a89ee" ON "gallery_post" ("fileIds") `);
await queryRunner.query(`CREATE INDEX "IDX_f2d744d9a14d0dfb8b96cb7fc5" ON "gallery_post" ("isSensitive") `);
await queryRunner.query(`CREATE INDEX "IDX_1a165c68a49d08f11caffbd206" ON "gallery_post" ("likedCount") `);
await queryRunner.query(`CREATE INDEX "IDX_05cca34b985d1b8edc1d1e28df" ON "gallery_post" ("tags") `);
await queryRunner.query(`CREATE TABLE "gallery_like" ("id" character varying(32) NOT NULL, "createdAt" TIMESTAMP WITH TIME ZONE NOT NULL, "userId" character varying(32) NOT NULL, "postId" character varying(32) NOT NULL, CONSTRAINT "PK_853ab02be39b8de45cd720cc15f" PRIMARY KEY ("id"))`);
await queryRunner.query(`CREATE INDEX "IDX_8fd5215095473061855ceb948c" ON "gallery_like" ("userId") `);
await queryRunner.query(`CREATE UNIQUE INDEX "IDX_df1b5f4099e99fb0bc5eae53b6" ON "gallery_like" ("userId", "postId") `);
await queryRunner.query(`ALTER TABLE "gallery_post" ADD CONSTRAINT "FK_985b836dddd8615e432d7043ddb" FOREIGN KEY ("userId") REFERENCES "user"("id") ON DELETE CASCADE ON UPDATE NO ACTION`);
await queryRunner.query(`ALTER TABLE "gallery_like" ADD CONSTRAINT "FK_8fd5215095473061855ceb948cf" FOREIGN KEY ("userId") REFERENCES "user"("id") ON DELETE CASCADE ON UPDATE NO ACTION`);
await queryRunner.query(`ALTER TABLE "gallery_like" ADD CONSTRAINT "FK_b1cb568bfe569e47b7051699fc8" FOREIGN KEY ("postId") REFERENCES "gallery_post"("id") ON DELETE CASCADE ON UPDATE NO ACTION`);
}
}

View file

@ -0,0 +1,23 @@
export class syncOrm1674499888924 {
name = 'syncOrm1674499888924'
async up(queryRunner) {
await queryRunner.query(`COMMENT ON COLUMN "user"."token" IS 'The native access token of local users, or null.'`);
await queryRunner.query(`ALTER TABLE "auth_session" DROP CONSTRAINT "UQ_8e001e5a101c6dca37df1a76d66"`);
// remove human readable URL from notes where it is duplicated, so the index can be added
await queryRunner.query(`UPDATE "note" SET "url" = NULL WHERE "url" IN (SELECT "url" FROM "note" GROUP BY "url" HAVING COUNT("url") > 1)`);
await queryRunner.query(`CREATE UNIQUE INDEX "IDX_71d35fceee0d0fa62b2fa8f3b2" ON "note" ("url") `);
await queryRunner.query(`CREATE UNIQUE INDEX "IDX_d9ecaed8c6dc43f3592c229282" ON "user_group_joining" ("userId", "userGroupId") `);
}
async down(queryRunner) {
await queryRunner.query(`DROP INDEX "public"."IDX_d9ecaed8c6dc43f3592c229282"`);
await queryRunner.query(`DROP INDEX "public"."IDX_71d35fceee0d0fa62b2fa8f3b2"`);
await queryRunner.query(`ALTER TABLE "auth_session" ADD CONSTRAINT "UQ_8e001e5a101c6dca37df1a76d66" UNIQUE ("accessTokenId")`);
await queryRunner.query(`COMMENT ON COLUMN "user"."token" IS 'The native access token of the User. It will be null if the origin of the user is local.'`);
}
}

View file

@ -0,0 +1,19 @@
export class registryRemoveDomain1675375940759 {
name = 'registryRemoveDomain1675375940759'
async up(queryRunner) {
await queryRunner.query(`DROP INDEX "public"."IDX_0a72bdfcdb97c0eca11fe7ecad"`);
await queryRunner.query(`ALTER TABLE "registry_item" DROP COLUMN "domain"`);
await queryRunner.query(`ALTER TABLE "registry_item" ALTER COLUMN "key" TYPE text USING "key"::text`);
// delete existing duplicated entries, keeping the latest updated one
await queryRunner.query(`DELETE FROM "registry_item" AS "a" WHERE "updatedAt" != (SELECT MAX("updatedAt") OVER (PARTITION BY "userId", "key", "scope") FROM "registry_item" AS "b" WHERE "a"."userId" = "b"."userId" AND "a"."key" = "b"."key" AND "a"."scope" = "b"."scope")`);
await queryRunner.query(`ALTER TABLE "registry_item" ADD CONSTRAINT "UQ_b8d6509f847331273ab99daccc7" UNIQUE ("userId", "key", "scope")`);
}
async down(queryRunner) {
await queryRunner.query(`ALTER TABLE "registry_item" DROP CONSTRAINT "UQ_b8d6509f847331273ab99daccc7"`);
await queryRunner.query(`ALTER TABLE "registry_item" ALTER COLUMN "key" TYPE character varying(1024) USING "key"::varchar(1024)`);
await queryRunner.query(`ALTER TABLE "registry_item" ADD "domain" character varying(512)`);
await queryRunner.query(`CREATE INDEX "IDX_0a72bdfcdb97c0eca11fe7ecad" ON "registry_item" ("domain") `);
}
}

View file

@ -1,6 +1,6 @@
{
"name": "backend",
"version": "13.0.0-preview3",
"version": "13.0.0-preview4",
"main": "./index.js",
"private": true,
"type": "module",
@ -113,7 +113,6 @@
"unzipper": "0.10.11",
"uuid": "8.3.2",
"web-push": "3.5.0",
"websocket": "1.0.34",
"ws": "8.8.0",
"xev": "3.0.2"
},
@ -164,7 +163,6 @@
"@types/tmp": "0.2.3",
"@types/uuid": "8.3.4",
"@types/web-push": "3.3.2",
"@types/websocket": "1.0.5",
"@types/ws": "8.5.3",
"@typescript-eslint/eslint-plugin": "^5.46.1",
"@typescript-eslint/parser": "^5.46.1",

View file

@ -26,7 +26,7 @@ const path = process.env.NODE_ENV === 'test'
export default function load(): Config {
const meta = JSON.parse(fs.readFileSync(`${_dirname}/../../../../built/meta.json`, 'utf-8'));
const clientManifest = JSON.parse(fs.readFileSync(`${_dirname}/../../../../built/_client_dist_/manifest.json`, 'utf-8'));
const config = yaml.load(fs.readFileSync(path, 'utf-8')) as Source;
let config = yaml.load(fs.readFileSync(path, 'utf-8')) as Source;
if (config.id && config.id !== 'aid') throw new Error('Unsupported ID algorithm. Only "aid" is supported.');
@ -38,13 +38,30 @@ export default function load(): Config {
config.port = config.port || parseInt(process.env.PORT || '', 10);
// set default values
config.images = Object.assign({
info: '/twemoji/1f440.svg',
notFound: '/twemoji/2049.svg',
error: '/twemoji/1f480.svg',
}, config.images ?? {});
if (!config.maxNoteTextLength) config.maxNoteTextLength = 3000;
config.clusterLimits = Object.assign({
web: 1,
queue: 1,
}, config.clusterLimits ?? {});
config = Object.assign({
disableHsts: false,
deliverJobConcurrency: 128,
inboxJobConcurrency: 16,
deliverJobPerSec: -1,
inboxJobPerSec: 16,
deliverJobMaxAttempts: 12,
inboxJobMaxAttempts: 8,
proxyRemoteFiles: false,
maxFileSize: 262144000, // 250 MiB
maxNoteTextLength: 3000,
}, config);
mixin.version = meta.version;
mixin.host = url.host;
@ -60,21 +77,8 @@ export default function load(): Config {
if (!config.redis.prefix) config.redis.prefix = mixin.host;
if (!config.clusterLimits) {
config.clusterLimits = {
web: 1,
queue: 1,
};
} else {
config.clusterLimits = {
web: 1,
queue: 1,
...config.clusterLimits,
};
if (config.clusterLimits.web < 1 || config.clusterLimits.queue < 1) {
throw new Error('invalid cluster limits');
}
if (config.clusterLimits.web < 1 || config.clusterLimits.queue < 1) {
throw new Error('invalid cluster limits');
}
return Object.assign(config, mixin);

View file

@ -50,8 +50,6 @@ import { UserSecurityKey } from '@/models/entities/user-security-key.js';
import { AttestationChallenge } from '@/models/entities/attestation-challenge.js';
import { Page } from '@/models/entities/page.js';
import { PageLike } from '@/models/entities/page-like.js';
import { GalleryPost } from '@/models/entities/gallery-post.js';
import { GalleryLike } from '@/models/entities/gallery-like.js';
import { ModerationLog } from '@/models/entities/moderation-log.js';
import { UsedUsername } from '@/models/entities/used-username.js';
import { Announcement } from '@/models/entities/announcement.js';
@ -143,8 +141,6 @@ export const entities = [
NoteUnread,
Page,
PageLike,
GalleryPost,
GalleryLike,
DriveFile,
DriveFolder,
Poll,

View file

@ -27,9 +27,5 @@ export const kinds = [
'write:user-groups',
'read:channels',
'write:channels',
'read:gallery',
'write:gallery',
'read:gallery-likes',
'write:gallery-likes',
];
// IF YOU ADD KINDS(PERMISSIONS), YOU MUST ADD TRANSLATIONS (under _permissions).

View file

@ -19,7 +19,6 @@ export async function downloadUrl(url: string, path: string): Promise<void> {
const timeout = 30 * SECOND;
const operationTimeout = MINUTE;
const maxSize = config.maxFileSize || 262144000;
const req = got.stream(url, {
headers: {
@ -53,14 +52,14 @@ export async function downloadUrl(url: string, path: string): Promise<void> {
const contentLength = res.headers['content-length'];
if (contentLength != null) {
const size = Number(contentLength);
if (size > maxSize) {
logger.warn(`maxSize exceeded (${size} > ${maxSize}) on response`);
if (size > config.maxFileSize) {
logger.warn(`maxSize exceeded (${size} > ${config.maxFileSize}) on response`);
req.destroy();
}
}
}).on('downloadProgress', (progress: Got.Progress) => {
if (progress.transferred > maxSize) {
logger.warn(`maxSize exceeded (${progress.transferred} > ${maxSize}) on downloadProgress`);
if (progress.transferred > config.maxFileSize) {
logger.warn(`maxSize exceeded (${progress.transferred} > ${config.maxFileSize}) on downloadProgress`);
req.destroy();
}
});

View file

@ -89,7 +89,7 @@ const _https = new https.Agent({
lookup: cache.lookup,
} as https.AgentOptions);
const maxSockets = Math.max(256, config.deliverJobConcurrency || 128);
const maxSockets = Math.max(256, config.deliverJobConcurrency);
/**
* Get http proxy or non-proxy agent

View file

@ -1,11 +0,0 @@
import { Note } from '@/models/entities/note.js';
export function isPureRenote(note: Note): note is Note & { renoteId: string, text: null, fileIds: null | never[], hasPoll: false } {
return note.renoteId != null
&& note.text == null
&& (
note.fileIds == null
|| note.fileIds.length === 0
)
&& !note.hasPoll;
}

View file

@ -28,7 +28,6 @@ import { packedAntennaSchema } from '@/models/schema/antenna.js';
import { packedClipSchema } from '@/models/schema/clip.js';
import { packedFederationInstanceSchema } from '@/models/schema/federation-instance.js';
import { packedQueueCountSchema } from '@/models/schema/queue.js';
import { packedGalleryPostSchema } from '@/models/schema/gallery-post.js';
import { packedEmojiSchema } from '@/models/schema/emoji.js';
export const refs = {
@ -61,7 +60,6 @@ export const refs = {
Antenna: packedAntennaSchema,
Clip: packedClipSchema,
FederationInstance: packedFederationInstanceSchema,
GalleryPost: packedGalleryPostSchema,
Emoji: packedEmojiSchema,
};

View file

@ -79,7 +79,6 @@ export class AccessToken {
@Column('varchar', {
length: 64, array: true,
default: '{}',
})
public permission: string[];

View file

@ -1,33 +0,0 @@
import { PrimaryColumn, Entity, Index, JoinColumn, Column, ManyToOne } from 'typeorm';
import { id } from '../id.js';
import { User } from './user.js';
import { GalleryPost } from './gallery-post.js';
@Entity()
@Index(['userId', 'postId'], { unique: true })
export class GalleryLike {
@PrimaryColumn(id())
public id: string;
@Column('timestamp with time zone')
public createdAt: Date;
@Index()
@Column(id())
public userId: User['id'];
@ManyToOne(() => User, {
onDelete: 'CASCADE',
})
@JoinColumn()
public user: User | null;
@Column(id())
public postId: GalleryPost['id'];
@ManyToOne(() => GalleryPost, {
onDelete: 'CASCADE',
})
@JoinColumn()
public post: GalleryPost | null;
}

View file

@ -1,79 +0,0 @@
import { Entity, Index, JoinColumn, Column, PrimaryColumn, ManyToOne } from 'typeorm';
import { id } from '../id.js';
import { User } from './user.js';
import { DriveFile } from './drive-file.js';
@Entity()
export class GalleryPost {
@PrimaryColumn(id())
public id: string;
@Index()
@Column('timestamp with time zone', {
comment: 'The created date of the GalleryPost.',
})
public createdAt: Date;
@Index()
@Column('timestamp with time zone', {
comment: 'The updated date of the GalleryPost.',
})
public updatedAt: Date;
@Column('varchar', {
length: 256,
})
public title: string;
@Column('varchar', {
length: 2048, nullable: true,
})
public description: string | null;
@Index()
@Column({
...id(),
comment: 'The ID of author.',
})
public userId: User['id'];
@ManyToOne(() => User, {
onDelete: 'CASCADE',
})
@JoinColumn()
public user: User | null;
@Index()
@Column({
...id(),
array: true, default: '{}',
})
public fileIds: DriveFile['id'][];
@Index()
@Column('boolean', {
default: false,
comment: 'Whether the post is sensitive.',
})
public isSensitive: boolean;
@Index()
@Column('integer', {
default: 0,
})
public likedCount: number;
@Index()
@Column('varchar', {
length: 128, array: true, default: '{}',
})
public tags: string[];
constructor(data: Partial<GalleryPost>) {
if (data == null) return;
for (const [k, v] of Object.entries(data)) {
(this as any)[k] = v;
}
}
}

View file

@ -117,6 +117,7 @@ export class Note {
})
public uri: string | null;
@Index({ unique: true })
@Column('varchar', {
length: 512, nullable: true,
comment: 'The human readable url of a note. it will be null when the note is local.',