Browse Source

Merge branch 'develop' into underscore-world

underscore-world
Dee 4 months ago
parent
commit
fea8a1fec3
100 changed files with 5171 additions and 1362 deletions
  1. +1
    -1
      .formatter.exs
  2. +5
    -0
      .gitignore
  3. +4
    -25
      .gitlab-ci.yml
  4. +110
    -24
      CHANGELOG.md
  5. +60
    -21
      config/config.exs
  6. +2756
    -0
      config/description.exs
  7. +7
    -2
      config/test.exs
  8. +59
    -16
      docs/API/admin_api.md
  9. +21
    -1
      docs/API/differences_in_mastoapi_responses.md
  10. +121
    -4
      docs/API/pleroma_api.md
  11. +0
    -0
      docs/API/prometheus.md
  12. +19
    -0
      docs/administration/CLI_tasks/config.md
  13. +48
    -0
      docs/administration/CLI_tasks/database.md
  14. +13
    -0
      docs/administration/CLI_tasks/digest.md
  15. +30
    -0
      docs/administration/CLI_tasks/emoji.md
  16. +30
    -0
      docs/administration/CLI_tasks/instance.md
  17. +30
    -0
      docs/administration/CLI_tasks/relay.md
  18. +12
    -0
      docs/administration/CLI_tasks/uploads.md
  19. +94
    -0
      docs/administration/CLI_tasks/user.md
  20. +0
    -0
      docs/administration/backup.md
  21. +0
    -0
      docs/administration/updating.md
  22. +2
    -2
      docs/clients.md
  23. +0
    -17
      docs/config/General-tips-for-customizing-Pleroma-FE.md
  24. +0
    -12
      docs/config/small_customizations.md
  25. +129
    -44
      docs/configuration/cheatsheet.md
  26. +1
    -0
      docs/configuration/custom_emoji.md
  27. +0
    -0
      docs/configuration/hardening.md
  28. +0
    -0
      docs/configuration/howto_mediaproxy.md
  29. +0
    -0
      docs/configuration/howto_mongooseim.md
  30. +0
    -0
      docs/configuration/howto_proxy.md
  31. +0
    -0
      docs/configuration/howto_set_richmedia_cache_ttl_based_on_image.md
  32. +0
    -0
      docs/configuration/howto_user_recomendation.md
  33. +0
    -0
      docs/configuration/i2p.md
  34. +0
    -0
      docs/configuration/mrf.md
  35. +0
    -0
      docs/configuration/onion_federation.md
  36. +0
    -0
      docs/configuration/static_dir.md
  37. +32
    -11
      docs/installation/alpine_linux_en.md
  38. +4
    -6
      docs/installation/arch_linux_en.md
  39. +4
    -6
      docs/installation/centos7_en.md
  40. +4
    -6
      docs/installation/debian_based_en.md
  41. +71
    -74
      docs/installation/debian_based_jp.md
  42. +4
    -6
      docs/installation/gentoo_en.md
  43. +5
    -5
      docs/installation/migrating_from_source_otp_en.md
  44. +6
    -6
      docs/installation/otp_en.md
  45. +6
    -2
      installation/pleroma-mongooseim.cfg
  46. +1
    -0
      installation/pleroma.nginx
  47. +1
    -1
      lib/mix/pleroma.ex
  48. +20
    -16
      lib/mix/tasks/pleroma/benchmark.ex
  49. +1
    -12
      lib/mix/tasks/pleroma/config.ex
  50. +22
    -0
      lib/mix/tasks/pleroma/count_statuses.ex
  51. +2
    -28
      lib/mix/tasks/pleroma/database.ex
  52. +1
    -9
      lib/mix/tasks/pleroma/digest.ex
  53. +42
    -0
      lib/mix/tasks/pleroma/docs.ex
  54. +1
    -1
      lib/mix/tasks/pleroma/ecto/ecto.ex
  55. +1
    -1
      lib/mix/tasks/pleroma/ecto/migrate.ex
  56. +1
    -1
      lib/mix/tasks/pleroma/ecto/rollback.ex
  57. +3
    -50
      lib/mix/tasks/pleroma/emoji.ex
  58. +2
    -31
      lib/mix/tasks/pleroma/instance.ex
  59. +2
    -19
      lib/mix/tasks/pleroma/relay.ex
  60. +2
    -10
      lib/mix/tasks/pleroma/uploads.ex
  61. +9
    -106
      lib/mix/tasks/pleroma/user.ex
  62. +68
    -154
      lib/pleroma/activity.ex
  63. +63
    -0
      lib/pleroma/activity/ir/topics.ex
  64. +26
    -8
      lib/pleroma/activity/queries.ex
  65. +1
    -2
      lib/pleroma/activity_expiration.ex
  66. +47
    -34
      lib/pleroma/application.ex
  67. +1
    -1
      lib/pleroma/bbs/handler.ex
  68. +7
    -6
      lib/pleroma/bookmark.ex
  69. +12
    -0
      lib/pleroma/constants.ex
  70. +2
    -0
      lib/pleroma/conversation.ex
  71. +19
    -2
      lib/pleroma/conversation/participation.ex
  72. +1
    -1
      lib/pleroma/conversation/participation_recipient_ship.ex
  73. +6
    -2
      lib/pleroma/daemons/activity_expiration_daemon.ex
  74. +8
    -5
      lib/pleroma/daemons/digest_email_daemon.ex
  75. +6
    -2
      lib/pleroma/daemons/scheduled_activity_daemon.ex
  76. +50
    -0
      lib/pleroma/delivery.ex
  77. +73
    -0
      lib/pleroma/docs/generator.ex
  78. +20
    -0
      lib/pleroma/docs/json.ex
  79. +88
    -0
      lib/pleroma/docs/markdown.ex
  80. +1
    -1
      lib/pleroma/emails/admin_email.ex
  81. +7
    -1
      lib/pleroma/emails/mailer.ex
  82. +34
    -196
      lib/pleroma/emoji.ex
  83. +59
    -0
      lib/pleroma/emoji/formatter.ex
  84. +224
    -0
      lib/pleroma/emoji/loader.ex
  85. +1
    -1
      lib/pleroma/filter.ex
  86. +0
    -182
      lib/pleroma/flake_id.ex
  87. +3
    -50
      lib/pleroma/formatter.ex
  88. +9
    -0
      lib/pleroma/healthcheck.ex
  89. +4
    -2
      lib/pleroma/html.ex
  90. +7
    -1
      lib/pleroma/instances/instance.ex
  91. +78
    -0
      lib/pleroma/job_queue_monitor.ex
  92. +6
    -17
      lib/pleroma/list.ex
  93. +193
    -72
      lib/pleroma/moderation_log.ex
  94. +6
    -4
      lib/pleroma/notification.ex
  95. +29
    -2
      lib/pleroma/object.ex
  96. +73
    -38
      lib/pleroma/object/fetcher.ex
  97. +1
    -0
      lib/pleroma/pagination.ex
  98. +1
    -1
      lib/pleroma/password_reset_token.ex
  99. +136
    -0
      lib/pleroma/plugs/cache.ex
  100. +2
    -1
      lib/pleroma/plugs/http_signature.ex

+ 1
- 1
.formatter.exs View File

@@ -1,3 +1,3 @@
[
inputs: ["mix.exs", "{config,lib,test}/**/*.{ex,exs}"]
inputs: ["mix.exs", "{config,lib,test}/**/*.{ex,exs}", "priv/repo/migrations/*.exs"]
]

+ 5
- 0
.gitignore View File

@@ -37,7 +37,12 @@ erl_crash.dump

# Prevent committing docs files
/priv/static/doc/*
docs/generated_config.md

# Code test coverage
/cover
/Elixir.*.coverdata

.idea
pleroma.iml


+ 4
- 25
.gitlab-ci.yml View File

@@ -28,23 +28,6 @@ build:
- mix deps.get
- mix compile --force

docs-build:
stage: build
only:
- master@pleroma/pleroma
- develop@pleroma/pleroma
variables:
MIX_ENV: dev
PLEROMA_BUILD_ENV: prod
script:
- mix deps.get
- mix compile
- mix docs
artifacts:
paths:
- priv/static/doc


unit-testing:
stage: test
services:
@@ -85,19 +68,14 @@ analysis:

docs-deploy:
stage: deploy
image: alpine:3.9
image: alpine:latest
only:
- master@pleroma/pleroma
- develop@pleroma/pleroma
before_script:
- apk update && apk add openssh-client rsync
- apk add curl
script:
- mkdir -p ~/.ssh
- echo "${SSH_HOST_KEY}" > ~/.ssh/known_hosts
- eval $(ssh-agent -s)
- echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add -
- rsync -hrvz --delete -e "ssh -p ${SSH_PORT}" priv/static/doc/ "${SSH_USER_HOST_LOCATION}/${CI_COMMIT_REF_NAME}"

- curl -X POST -F"token=$DOCS_PIPELINE_TRIGGER" -F'ref=master' -F"variables[BRANCH]=$CI_COMMIT_REF_NAME" https://git.pleroma.social/api/v4/projects/673/trigger/pipeline
review_app:
image: alpine:3.9
stage: deploy
@@ -151,6 +129,7 @@ amd64:
only: &release-only
- master@pleroma/pleroma
- develop@pleroma/pleroma
- /^maint/.*$/@pleroma/pleroma
artifacts: &release-artifacts
name: "pleroma-$CI_COMMIT_REF_NAME-$CI_COMMIT_SHORT_SHA-$CI_JOB_NAME"
paths:


+ 110
- 24
CHANGELOG.md View File

@@ -4,13 +4,44 @@ All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).

## [Unreleased]
### Added
- Refreshing poll results for remote polls
- Job queue stats to the healthcheck page
- Admin API: Add ability to require password reset
- Mastodon API: Account entities now include `follow_requests_count` (planned Mastodon 3.x addition)
- Pleroma API: `GET /api/v1/pleroma/accounts/:id/scrobbles` to get a list of recently scrobbled items
- Pleroma API: `POST /api/v1/pleroma/scrobble` to scrobble a media item
- Mastodon API: Add `upload_limit`, `avatar_upload_limit`, `background_upload_limit`, and `banner_upload_limit` to `/api/v1/instance`
- Mastodon API: Add `pleroma.unread_conversation_count` to the Account entity
- OAuth: support for hierarchical permissions / [Mastodon 2.4.3 OAuth permissions](https://docs.joinmastodon.org/api/permissions/)
- Authentication: Added rate limit for password-authorized actions / login existence checks
- Metadata Link: Atom syndication Feed
- Mix task to re-count statuses for all users (`mix pleroma.count_statuses`)

### Changed
- **Breaking:** Elixir >=1.8 is now required (was >= 1.7)
- **Breaking:** Admin API: Return link alongside with token on password reset
- Replaced [pleroma_job_queue](https://git.pleroma.social/pleroma/pleroma_job_queue) and `Pleroma.Web.Federator.RetryQueue` with [Oban](https://github.com/sorentwo/oban) (see [`docs/config.md`](docs/config.md) on migrating customized worker / retry settings)
- Introduced [quantum](https://github.com/quantum-elixir/quantum-core) job scheduler
- Admin API: Return `total` when querying for reports
- Mastodon API: Return `pleroma.direct_conversation_id` when creating a direct message (`POST /api/v1/statuses`)
- Admin API: Return link alongside with token on password reset
- MRF (Simple Policy): Also use `:accept`/`:reject` on the actors rather than only their activities
- OStatus: Extract RSS functionality
- Mastodon API: Add `pleroma.direct_conversation_id` to the status endpoint (`GET /api/v1/statuses/:id`)

### Fixed
- Mastodon API: Fix private and direct statuses not being filtered out from the public timeline for an authenticated user (`GET /api/v1/timelines/public`)
- Mastodon API: Inability to get some local users by nickname in `/api/v1/accounts/:id_or_nickname`
- Added `:instance, extended_nickname_format` setting to the default config
- Report emails now include functional links to profiles of remote user accounts

## [1.1.0] - 2019-??-??
### Security
- OStatus: eliminate the possibility of a protocol downgrade attack.
- OStatus: prevent following locked accounts, bypassing the approval process.
- Mastodon API: respect post privacy in `/api/v1/statuses/:id/{favourited,reblogged}_by`

### Removed
- **Breaking:** GNU Social API with Qvitter extensions support
- **Breaking:** ActivityPub: The `accept_blocks` configuration setting.
- Emoji: Remove longfox emojis.
- Remove `Reply-To` header from report emails for admins.

@@ -18,6 +49,8 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
- **Breaking:** Configuration: A setting to explicitly disable the mailer was added, defaulting to true, if you are using a mailer add `config :pleroma, Pleroma.Emails.Mailer, enabled: true` to your config
- **Breaking:** Configuration: `/media/` is now removed when `base_url` is configured, append `/media/` to your `base_url` config to keep the old behaviour if desired
- **Breaking:** `/api/pleroma/notifications/read` is moved to `/api/v1/pleroma/notifications/read` and now supports `max_id` and responds with Mastodon API entities.
- **Breaking:** `/api/pleroma/admin/users/invite_token` now uses `POST`, changed accepted params and returns full invite in json instead of only token string.
- Configuration: added `config/description.exs`, from which `docs/config.md` is generated
- Configuration: OpenGraph and TwitterCard providers enabled by default
- Configuration: Filter.AnonymizeFilename added ability to retain file extension with custom text
- Mastodon API: `pleroma.thread_muted` key in the Status entity
@@ -25,24 +58,21 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
- NodeInfo: Return `skipThreadContainment` in `metadata` for the `skip_thread_containment` option
- NodeInfo: Return `mailerEnabled` in `metadata`
- Mastodon API: Unsubscribe followers when they unfollow a user
- Mastodon API: `pleroma.thread_muted` key in the Status entity
- AdminAPI: Add "godmode" while fetching user statuses (i.e. admin can see private statuses)
- Improve digest email template
– Pagination: (optional) return `total` alongside with `items` when paginating
- Add `rel="ugc"` to all links in statuses, to prevent SEO spam

### Fixed
- Following from Osada
- Not being able to pin unlisted posts
- Objects being re-embedded to activities after being updated (e.g faved/reposted). Running 'mix pleroma.database prune_objects' again is advised.
- Favorites timeline doing database-intensive queries
- Metadata rendering errors resulting in the entire page being inaccessible
- `federation_incoming_replies_max_depth` option being ignored in certain cases
- Federation/MediaProxy not working with instances that have wrong certificate order
- Mastodon API: Handling of search timeouts (`/api/v1/search` and `/api/v2/search`)
- Mastodon API: Misskey's endless polls being unable to render
- Mastodon API: Embedded relationships not being properly rendered in the Account entity of Status entity
- Mastodon API: Notifications endpoint crashing if one notification failed to render
- Mastodon API: follower/following counters not being nullified, when `hide_follows`/`hide_followers` is set
- Mastodon API: `muted` in the Status entity, using author's account to determine if the tread was muted
- Mastodon API: Add `account_id`, `type`, `offset`, and `limit` to search API (`/api/v1/search` and `/api/v2/search`)
- Mastodon API, streaming: Fix filtering of notifications based on blocks/mutes/thread mutes
- ActivityPub C2S: follower/following collection pages being inaccessible even when authentifucated if `hide_followers`/ `hide_follows` was set
@@ -50,17 +80,14 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
- Rich Media: Parser failing when no TTL can be found by image TTL setters
- Rich Media: The crawled URL is now spliced into the rich media data.
- ActivityPub S2S: sharedInbox usage has been mostly aligned with the rules in the AP specification.
- ActivityPub S2S: remote user deletions now work the same as local user deletions.
- ActivityPub S2S: POST requests are now signed with `(request-target)` pseudo-header.
- Not being able to access the Mastodon FE login page on private instances
- Invalid SemVer version generation, when the current branch does not have commits ahead of tag/checked out on a tag
- Pleroma.Upload base_url was not automatically whitelisted by MediaProxy. Now your custom CDN or file hosting will be accessed directly as expected.
- Report email not being sent to admins when the reporter is a remote user
- MRF: ensure that subdomain_match calls are case-insensitive
- Reverse Proxy limiting `max_body_length` was incorrectly defined and only checked `Content-Length` headers which may not be sufficient in some circumstances
- MRF: fix use of unserializable keyword lists in describe() implementations
- ActivityPub: Deactivated user deletion
- ActivityPub: Fix `/users/:nickname/inbox` crashing without an authenticated user
- MRF: fix ability to follow a relay when AntiFollowbotPolicy was enabled
- Mastodon API: Blocks are now treated consistently between the Streaming API and the Timeline APIs
- Mastodon API: `exclude_replies` is correctly handled again.

### Added
- Expiring/ephemeral activites. All activities can have expires_at value set, which controls when they should be deleted automatically.
@@ -68,16 +95,9 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
- Mastodon API: all status JSON responses contain a `pleroma.expires_at` item which states when an activity will expire. The value is only shown to the user who created the activity. To everyone else it's empty.
- Configuration: `ActivityExpiration.enabled` controls whether expired activites will get deleted at the appropriate time. Enabled by default.
- Conversations: Add Pleroma-specific conversation endpoints and status posting extensions. Run the `bump_all_conversations` task again to create the necessary data.
- **Breaking:** MRF describe API, which adds support for exposing configuration information about MRF policies to NodeInfo.
Custom modules will need to be updated by adding, at the very least, `def describe, do: {:ok, %{}}` to the MRF policy modules.
- MRF: Support for priming the mediaproxy cache (`Pleroma.Web.ActivityPub.MRF.MediaProxyWarmingPolicy`)
- MRF: Support for excluding specific domains from Transparency.
- MRF: Support for filtering posts based on who they mention (`Pleroma.Web.ActivityPub.MRF.MentionPolicy`)
- MRF: Support for filtering posts based on ActivityStreams vocabulary (`Pleroma.Web.ActivityPub.MRF.VocabularyPolicy`)
- MRF (Simple Policy): Support for wildcard domains.
- Support for wildcard domains in user domain blocks setting.
- Configuration: `quarantined_instances` support wildcard domains.
- Configuration: `federation_incoming_replies_max_depth` option
- Mastodon API: Support for the [`tagged` filter](https://github.com/tootsuite/mastodon/pull/9755) in [`GET /api/v1/accounts/:id/statuses`](https://docs.joinmastodon.org/api/rest/accounts/#get-api-v1-accounts-id-statuses)
- Mastodon API, streaming: Add support for passing the token in the `Sec-WebSocket-Protocol` header
- Mastodon API, extension: Ability to reset avatar, profile banner, and background
@@ -89,6 +109,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
- Mastodon API: added `/auth/password` endpoint for password reset with rate limit.
- Mastodon API: /api/v1/accounts/:id/statuses now supports nicknames or user id
- Mastodon API: Improve support for the user profile custom fields
- Mastodon API: follower/following counters are nullified when `hide_follows`/`hide_followers` and `hide_follows_count`/`hide_followers_count` are set
- Admin API: Return users' tags when querying reports
- Admin API: Return avatar and display name when querying users
- Admin API: Allow querying user by ID
@@ -104,10 +125,14 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
- ActivityPub: Optional signing of ActivityPub object fetches.
- Admin API: Endpoint for fetching latest user's statuses
- Pleroma API: Add `/api/v1/pleroma/accounts/confirmation_resend?email=<email>` for resending account confirmation.
- Relays: Added a task to list relay subscriptions.
- Mix Tasks: `mix pleroma.database fix_likes_collections`
- Federation: Remove `likes` from objects.
- Pleroma API: Email change endpoint.
- Admin API: Added moderation log
- Support for `X-Forwarded-For` and similar HTTP headers which used by reverse proxies to pass a real user IP address to the backend. Must not be enabled unless your instance is behind at least one reverse proxy (such as Nginx, Apache HTTPD or Varnish Cache).
- Web response cache (currently, enabled for ActivityPub)
- Mastodon API: Added an endpoint to get multiple statuses by IDs (`GET /api/v1/statuses/?ids[]=1&ids[]=2`)
- ActivityPub: Add ActivityPub actor's `discoverable` parameter.
- Admin API: Added moderation log filters (user/start date/end date/search/pagination)
- Reverse Proxy: Do not retry failed requests to limit pressure on the peer

### Changed
- Configuration: Filter.AnonymizeFilename added ability to retain file extension with custom text
@@ -115,6 +140,67 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
- RichMedia: parsers and their order are configured in `rich_media` config.
- RichMedia: add the rich media ttl based on image expiration time.

## [1.0.7] - 2019-09-26
### Fixed
- Broken federation on Erlang 22 (previous versions of hackney http client were using an option that got deprecated)
### Changed
- ActivityPub: The first page in inboxes/outboxes is no longer embedded.

## [1.0.6] - 2019-08-14
### Fixed
- MRF: fix use of unserializable keyword lists in describe() implementations
- ActivityPub S2S: POST requests are now signed with `(request-target)` pseudo-header.

## [1.0.5] - 2019-08-13
### Fixed
- Mastodon API: follower/following counters not being nullified, when `hide_follows`/`hide_followers` is set
- Mastodon API: `muted` in the Status entity, using author's account to determine if the thread was muted
- Mastodon API: return the actual profile URL in the Account entity's `url` property when appropriate
- Templates: properly style anchor tags
- Objects being re-embedded to activities after being updated (e.g faved/reposted). Running 'mix pleroma.database prune_objects' again is advised.
- Not being able to access the Mastodon FE login page on private instances
- MRF: ensure that subdomain_match calls are case-insensitive
- Fix internal server error when using the healthcheck API.

### Added
- **Breaking:** MRF describe API, which adds support for exposing configuration information about MRF policies to NodeInfo.
Custom modules will need to be updated by adding, at the very least, `def describe, do: {:ok, %{}}` to the MRF policy modules.
- Relays: Added a task to list relay subscriptions.
- MRF: Support for filtering posts based on ActivityStreams vocabulary (`Pleroma.Web.ActivityPub.MRF.VocabularyPolicy`)
- MRF (Simple Policy): Support for wildcard domains.
- Support for wildcard domains in user domain blocks setting.
- Configuration: `quarantined_instances` support wildcard domains.
- Mix Tasks: `mix pleroma.database fix_likes_collections`
- Configuration: `federation_incoming_replies_max_depth` option

### Removed
- Federation: Remove `likes` from objects.
- **Breaking:** ActivityPub: The `accept_blocks` configuration setting.

## [1.0.4] - 2019-08-01
### Fixed
- Invalid SemVer version generation, when the current branch does not have commits ahead of tag/checked out on a tag

## [1.0.3] - 2019-07-31
### Security
- OStatus: eliminate the possibility of a protocol downgrade attack.
- OStatus: prevent following locked accounts, bypassing the approval process.
- TwitterAPI: use CommonAPI to handle remote follows instead of OStatus.

## [1.0.2] - 2019-07-28
### Fixed
- Not being able to pin unlisted posts
- Mastodon API: represent poll IDs as strings
- MediaProxy: fix matching filenames
- MediaProxy: fix filename encoding
- Migrations: fix a sporadic migration failure
- Metadata rendering errors resulting in the entire page being inaccessible
- Federation/MediaProxy not working with instances that have wrong certificate order
- ActivityPub S2S: remote user deletions now work the same as local user deletions.

### Changed
- Configuration: OpenGraph and TwitterCard providers enabled by default
- Configuration: Filter.AnonymizeFilename added ability to retain file extension with custom text

## [1.0.1] - 2019-07-14
### Security


+ 60
- 21
config/config.exs View File

@@ -51,6 +51,24 @@ config :pleroma, Pleroma.Repo,
telemetry_event: [Pleroma.Repo.Instrumenter],
migration_lock: nil

scheduled_jobs =
with digest_config <- Application.get_env(:pleroma, :email_notifications)[:digest],
true <- digest_config[:active] do
[{digest_config[:schedule], {Pleroma.Daemons.DigestEmailDaemon, :perform, []}}]
else
_ -> []
end

scheduled_jobs =
scheduled_jobs ++
[{"0 */6 * * * *", {Pleroma.Web.Websub, :refresh_subscriptions, []}}]

config :pleroma, Pleroma.Scheduler,
global: true,
overlap: true,
timezone: :utc,
jobs: scheduled_jobs

config :pleroma, Pleroma.Captcha,
enabled: false,
seconds_valid: 60,
@@ -91,6 +109,7 @@ config :pleroma, Pleroma.Uploaders.Local, uploads: "uploads"

config :pleroma, Pleroma.Uploaders.S3,
bucket: nil,
streaming_enabled: true,
public_endpoint: "https://s3.amazonaws.com"

config :pleroma, Pleroma.Uploaders.MDII,
@@ -104,7 +123,8 @@ config :pleroma, :emoji,
# Put groups that have higher priority than defaults here. Example in `docs/config/custom_emoji.md`
Custom: ["/emoji/*.png", "/emoji/**/*.png"]
],
default_manifest: "https://git.pleroma.social/pleroma/emoji-index/raw/master/index.json"
default_manifest: "https://git.pleroma.social/pleroma/emoji-index/raw/master/index.json",
shared_pack_cache_seconds_per_file: 60

config :pleroma, :uri_schemes,
valid_schemes: [
@@ -258,8 +278,9 @@ config :pleroma, :instance,
max_account_fields: 10,
max_remote_account_fields: 20,
account_field_name_length: 512,
account_field_value_length: 512,
external_user_synchronization: true
account_field_value_length: 2048,
external_user_synchronization: true,
extended_nickname_format: false

config :pleroma, :markup,
# XXX - unfortunately, inline images must be enabled by default right now, because
@@ -313,6 +334,10 @@ config :pleroma, :activitypub,
follow_handshake_timeout: 500,
sign_object_fetches: true

config :pleroma, :streamer,
workers: 3,
overflow_workers: 2

config :pleroma, :user, deny_follow_blocked: true

config :pleroma, :mrf_normalize_markup, scrub_policy: Pleroma.HTML.Scrubber.Default
@@ -373,6 +398,8 @@ config :pleroma, :chat, enabled: true

config :phoenix, :format_encoders, json: Jason

config :phoenix, :json_library, Jason

config :pleroma, :gopher,
enabled: false,
ip: {0, 0, 0, 0},
@@ -382,7 +409,8 @@ config :pleroma, Pleroma.Web.Metadata,
providers: [
Pleroma.Web.Metadata.Providers.OpenGraph,
Pleroma.Web.Metadata.Providers.TwitterCard,
Pleroma.Web.Metadata.Providers.RelMe
Pleroma.Web.Metadata.Providers.RelMe,
Pleroma.Web.Metadata.Providers.Feed
],
unfurl_nsfw: false

@@ -449,21 +477,26 @@ config :pleroma, Pleroma.User,
"web"
]

config :pleroma, Pleroma.Web.Federator.RetryQueue,
enabled: false,
max_jobs: 20,
initial_timeout: 30,
max_retries: 5

config :pleroma_job_queue, :queues,
activity_expiration: 10,
federator_incoming: 50,
federator_outgoing: 50,
web_push: 50,
mailer: 10,
transmogrifier: 20,
scheduled_activities: 10,
background: 5
config :pleroma, Oban,
repo: Pleroma.Repo,
verbose: false,
prune: {:maxlen, 1500},
queues: [
activity_expiration: 10,
federator_incoming: 50,
federator_outgoing: 50,
web_push: 50,
mailer: 10,
transmogrifier: 20,
scheduled_activities: 10,
background: 5
]

config :pleroma, :workers,
retries: [
federator_incoming: 5,
federator_outgoing: 5
]

config :pleroma, :fetch_initial_posts,
enabled: false,
@@ -478,7 +511,7 @@ config :auto_linker,
class: false,
strip_prefix: false,
new_window: false,
rel: false
rel: "ugc"
]

config :pleroma, :ldap,
@@ -556,10 +589,16 @@ config :pleroma, :env, Mix.env()
config :http_signatures,
adapter: Pleroma.Signature

config :pleroma, :rate_limit, nil
config :pleroma, :rate_limit, authentication: {60_000, 15}

config :pleroma, Pleroma.ActivityExpiration, enabled: true

config :pleroma, Pleroma.Plugs.RemoteIp, enabled: false

config :pleroma, :web_cache_ttl,
activity_pub: nil,
activity_pub_question: 30_000

# Import environment specific config. This must remain at the bottom
# of this file so it overrides the configuration defined above.
import_config "#{Mix.env()}.exs"

+ 2756
- 0
config/description.exs
File diff suppressed because it is too large
View File


+ 7
- 2
config/test.exs View File

@@ -30,7 +30,8 @@ config :pleroma, :instance,
notify_email: "noreply@example.com",
skip_thread_containment: false,
federating: false,
external_user_synchronization: false
external_user_synchronization: false,
static_dir: "test/instance_static/"

config :pleroma, :activitypub, sign_object_fetches: false

@@ -61,7 +62,11 @@ config :web_push_encryption, :vapid_details,

config :web_push_encryption, :http_client, Pleroma.Web.WebPushHttpClientMock

config :pleroma_job_queue, disabled: true
config :pleroma, Oban,
queues: false,
prune: :disabled

config :pleroma, Pleroma.Scheduler, jobs: []

config :pleroma, Pleroma.ScheduledActivity,
daily_user_limit: 2,


docs/api/admin_api.md → docs/API/admin_api.md View File

@@ -60,9 +60,13 @@ Authentication is required and the user must be an admin.

- Method: `POST`
- Params:
- `nickname`
- `email`
- `password`
`users`: [
{
`nickname`,
`email`,
`password`
}
]
- Response: User’s nickname

## `/api/pleroma/admin/users/follow`
@@ -220,15 +224,25 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret

## `/api/pleroma/admin/users/invite_token`

### Get an account registration invite token
### Create an account registration invite token

- Methods: `GET`
- Methods: `POST`
- Params:
- *optional* `invite` => [
- *optional* `max_use` (integer)
- *optional* `expires_at` (date string e.g. "2019-04-07")
]
- Response: invite token (base64 string)
- *optional* `max_use` (integer)
- *optional* `expires_at` (date string e.g. "2019-04-07")
- Response:

```json
{
"id": integer,
"token": string,
"used": boolean,
"expires_at": date,
"uses": integer,
"max_use": integer,
"invite_type": string (possible values: `one_time`, `reusable`, `date_limited`, `reusable_date_limited`)
}
```

## `/api/pleroma/admin/users/invites`

@@ -294,16 +308,32 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret

- Methods: `GET`
- Params: none
- Response: password reset token (base64 string)
- Response:

```json
{
"token": "base64 reset token",
"link": "https://pleroma.social/api/pleroma/password_reset/url-encoded-base64-token"
}
```


## `/api/pleroma/admin/users/:nickname/force_password_reset`

### Force passord reset for a user with a given nickname

- Methods: `PATCH`
- Params: none
- Response: none (code `204`)

## `/api/pleroma/admin/reports`
### Get a list of reports
- Method `GET`
- Params:
- `state`: optional, the state of reports. Valid values are `open`, `closed` and `resolved`
- `limit`: optional, the number of records to retrieve
- `since_id`: optional, returns results that are more recent than the specified id
- `max_id`: optional, returns results that are older than the specified id
- *optional* `state`: **string** the state of reports. Valid values are `open`, `closed` and `resolved`
- *optional* `limit`: **integer** the number of records to retrieve
- *optional* `page`: **integer** page number
- *optional* `page_size`: **integer** number of log entries per page (default is `50`)
- Response:
- On failure: 403 Forbidden error `{"error": "error_msg"}` when requested by anonymous or non-admin
- On success: JSON, returns a list of reports, where:
@@ -313,6 +343,7 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret

```json
{
"total" : 1,
"reports": [
{
"account": {
@@ -680,6 +711,7 @@ Compile time settings (need instance reboot):
}
]
}
```

- Response:

@@ -700,7 +732,11 @@ Compile time settings (need instance reboot):
- Method `GET`
- Params:
- *optional* `page`: **integer** page number
- *optional* `page_size`: **integer** number of users per page (default is `50`)
- *optional* `page_size`: **integer** number of log entries per page (default is `50`)
- *optional* `start_date`: **datetime (ISO 8601)** filter logs by creation date, start from `start_date`. Accepts datetime in ISO 8601 format (YYYY-MM-DDThh:mm:ss), e.g. `2005-08-09T18:31:42`
- *optional* `end_date`: **datetime (ISO 8601)** filter logs by creation date, end by from `end_date`. Accepts datetime in ISO 8601 format (YYYY-MM-DDThh:mm:ss), e.g. 2005-08-09T18:31:42
- *optional* `user_id`: **integer** filter logs by actor's id
- *optional* `search`: **string** search logs by the log message
- Response:

```json
@@ -718,3 +754,10 @@ Compile time settings (need instance reboot):
}
]
```

## `POST /api/pleroma/admin/reload_emoji`
### Reload the instance's custom emoji
* Method `POST`
* Authentication: required
* Params: None
* Response: JSON, "ok" and 200 status

docs/api/differences_in_mastoapi_responses.md → docs/API/differences_in_mastoapi_responses.md View File

@@ -21,7 +21,8 @@ Adding the parameter `with_muted=true` to the timeline queries will also return
Has these additional fields under the `pleroma` object:

- `local`: true if the post was made on the local instance
- `conversation_id`: the ID of the conversation the status is associated with (if any)
- `conversation_id`: the ID of the AP context the status is associated with (if any)
- `direct_conversation_id`: the ID of the Mastodon direct message conversation the status is associated with (if any)
- `in_reply_to_account_acct`: the `acct` property of User entity for replied user (if any)
- `content`: a map consisting of alternate representations of the `content` property with the key being it's mimetype. Currently the only alternate representation supported is `text/plain`
- `spoiler_text`: a map consisting of alternate representations of the `spoiler_text` property with the key being it's mimetype. Currently the only alternate representation supported is `text/plain`
@@ -50,9 +51,12 @@ Has these additional fields under the `pleroma` object:
- `confirmation_pending`: boolean, true if a new user account is waiting on email confirmation to be activated
- `hide_followers`: boolean, true when the user has follower hiding enabled
- `hide_follows`: boolean, true when the user has follow hiding enabled
- `hide_followers_count`: boolean, true when the user has follower stat hiding enabled
- `hide_follows_count`: boolean, true when the user has follow stat hiding enabled
- `settings_store`: A generic map of settings for frontends. Opaque to the backend. Only returned in `verify_credentials` and `update_credentials`
- `chat_token`: The token needed for Pleroma chat. Only returned in `verify_credentials`
- `deactivated`: boolean, true when the user is deactivated
- `unread_conversation_count`: The count of unread conversations. Only returned to the account owner.

### Source

@@ -91,6 +95,20 @@ Additional parameters can be added to the JSON body/Form data:
- `expires_in`: The number of seconds the posted activity should expire in. When a posted activity expires it will be deleted from the server, and a delete request for it will be federated. This needs to be longer than an hour.
- `in_reply_to_conversation_id`: Will reply to a given conversation, addressing only the people who are part of the recipient set of that conversation. Sets the visibility to `direct`.

## GET `/api/v1/statuses`

An endpoint to get multiple statuses by IDs.

Required parameters:

- `ids`: array of activity ids

Usage example: `GET /api/v1/statuses/?ids[]=1&ids[]=2`.

Returns: array of Status.

The maximum number of statuses is limited to 100 per request.

## PATCH `/api/v1/update_credentials`

Additional parameters can be added to the JSON body/Form data:
@@ -98,6 +116,8 @@ Additional parameters can be added to the JSON body/Form data:
- `no_rich_text` - if true, html tags are stripped from all statuses requested from the API
- `hide_followers` - if true, user's followers will be hidden
- `hide_follows` - if true, user's follows will be hidden
- `hide_followers_count` - if true, user's follower count will be hidden
- `hide_follows_count` - if true, user's follow count will be hidden
- `hide_favorites` - if true, user's favorites timeline will be hidden
- `show_role` - if true, user's role (e.g admin, moderator) will be exposed to anyone in the API
- `default_scope` - the scope returned under `privacy` key in Source subentity

docs/api/pleroma_api.md → docs/API/pleroma_api.md View File

@@ -124,7 +124,7 @@ Request parameters can be passed via [query strings](https://en.wikipedia.org/wi
```

## `/api/pleroma/admin/`…
See [Admin-API](Admin-API.md)
See [Admin-API](admin_api.md)

## `/api/v1/pleroma/notifications/read`
### Mark notifications as read
@@ -252,7 +252,7 @@ See [Admin-API](Admin-API.md)
* Params:
* `email`: email of that needs to be verified
* Authentication: not required
* Response: 204 No Content
* Response: 204 No Content

## `/api/v1/pleroma/mascot`
### Gets user mascot image
@@ -317,15 +317,26 @@ See [Admin-API](Admin-API.md)
"active": 0, # active processes
"idle": 0, # idle processes
"memory_used": 0.00, # Memory used
"healthy": true # Instance state
"healthy": true, # Instance state
"job_queue_stats": {} # Job queue stats
}
```

## `/api/pleroma/change_email`
### Change account email
* Method `POST`
* Authentication: required
* Params:
* `password`: user's password
* `email`: new email
* Response: JSON. Returns `{"status": "success"}` if the change was successful, `{"error": "[error message]"}` otherwise
* Note: Currently, Mastodon has no API for changing email. If they add it in future it might be incompatible with Pleroma.

# Pleroma Conversations

Pleroma Conversations have the same general structure that Mastodon Conversations have. The behavior differs in the following ways when using these endpoints:

1. Pleroma Conversations never add or remove recipients, unless explicitly changed by the user.
1. Pleroma Conversations never add or remove recipients, unless explicitly changed by the user.
2. Pleroma Conversations statuses can be requested by Conversation id.
3. Pleroma Conversations can be replied to.

@@ -355,3 +366,109 @@ The status posting endpoint takes an additional parameter, `in_reply_to_conversa
* Params:
* `recipients`: A list of ids of users that should receive posts to this conversation. This will replace the current list of recipients, so submit the full list. The owner of owner of the conversation will always be part of the set of recipients, though.
* Response: JSON, statuses (200 - healthy, 503 unhealthy)

## `GET /api/pleroma/emoji/packs`
### Lists the custom emoji packs on the server
* Method `GET`
* Authentication: not required
* Params: None
* Response: JSON, "ok" and 200 status and the JSON hashmap of "pack name" to "pack contents"

## `PUT /api/pleroma/emoji/packs/:name`
### Creates an empty custom emoji pack
* Method `PUT`
* Authentication: required
* Params: None
* Response: JSON, "ok" and 200 status or 409 if the pack with that name already exists

## `DELETE /api/pleroma/emoji/packs/:name`
### Delete a custom emoji pack
* Method `DELETE`
* Authentication: required
* Params: None
* Response: JSON, "ok" and 200 status or 500 if there was an error deleting the pack

## `POST /api/pleroma/emoji/packs/:name/update_file`
### Update a file in a custom emoji pack
* Method `POST`
* Authentication: required
* Params:
* if the `action` is `add`, adds an emoji named `shortcode` to the pack `pack_name`,
that means that the emoji file needs to be uploaded with the request
(thus requiring it to be a multipart request) and be named `file`.
There can also be an optional `filename` that will be the new emoji file name
(if it's not there, the name will be taken from the uploaded file).
* if the `action` is `update`, changes emoji shortcode
(from `shortcode` to `new_shortcode` or moves the file (from the current filename to `new_filename`)
* if the `action` is `remove`, removes the emoji named `shortcode` and it's associated file
* Response: JSON, updated "files" section of the pack and 200 status, 409 if the trying to use a shortcode
that is already taken, 400 if there was an error with the shortcode, filename or file (additional info
in the "error" part of the response JSON)

## `POST /api/pleroma/emoji/packs/:name/update_metadata`
### Updates (replaces) pack metadata
* Method `POST`
* Authentication: required
* Params:
* `new_data`: new metadata to replace the old one
* Response: JSON, updated "metadata" section of the pack and 200 status or 400 if there was a
problem with the new metadata (the error is specified in the "error" part of the response JSON)

## `POST /api/pleroma/emoji/packs/download_from`
### Requests the instance to download the pack from another instance
* Method `POST`
* Authentication: required
* Params:
* `instance_address`: the address of the instance to download from
* `pack_name`: the pack to download from that instance
* Response: JSON, "ok" and 200 status if the pack was downloaded, or 500 if there were
errors downloading the pack

## `POST /api/pleroma/emoji/packs/list_from`
### Requests the instance to list the packs from another instance
* Method `POST`
* Authentication: required
* Params:
* `instance_address`: the address of the instance to download from
* Response: JSON with the pack list, same as if the request was made to that instance's
list endpoint directly + 200 status

## `GET /api/pleroma/emoji/packs/:name/download_shared`
### Requests a local pack from the instance
* Method `GET`
* Authentication: not required
* Params: None
* Response: the archive of the pack with a 200 status code, 403 if the pack is not set as shared,
404 if the pack does not exist

## `GET /api/v1/pleroma/accounts/:id/scrobbles`
### Requests a list of current and recent Listen activities for an account
* Method `GET`
* Authentication: not required
* Params: None
* Response: An array of media metadata entities.
* Example response:
```json
[
{
"account": {...},
"id": "1234",
"title": "Some Title",
"artist": "Some Artist",
"album": "Some Album",
"length": 180000,
"created_at": "2019-09-28T12:40:45.000Z"
}
]
```

## `POST /api/v1/pleroma/scrobble`
### Creates a new Listen activity for an account
* Method `POST`
* Authentication: required
* Params:
* `title`: the title of the media playing
* `album`: the album of the media playing [optional]
* `artist`: the artist of the media playing [optional]
* `length`: the length of the media playing [optional]
* Response: the newly created media metadata entity representing the Listen activity

docs/api/prometheus.md → docs/API/prometheus.md View File


+ 19
- 0
docs/administration/CLI_tasks/config.md View File

@@ -0,0 +1,19 @@
# Transfering the config to/from the database

!!! danger
This is a Work In Progress, not usable just yet.

Every command should be ran with a prefix, in case of OTP releases it is `./bin/pleroma_ctl config` and in case of source installs it's
`mix pleroma.config`.

## Transfer config from file to DB.

```sh
$PREFIX migrate_to_db
```

## Transfer config from DB to `config/env.exported_from_db.secret.exs`

```sh
$PREFIX migrate_from_db <env>
```

+ 48
- 0
docs/administration/CLI_tasks/database.md View File

@@ -0,0 +1,48 @@
# Database maintenance tasks

Every command should be ran with a prefix, in case of OTP releases it is `./bin/pleroma_ctl database` and in case of source installs it's `mix pleroma.database`.

## Replace embedded objects with their references

Replaces embedded objects with references to them in the `objects` table. Only needs to be ran once if the instance was created before Pleroma 1.0.5. The reason why this is not a migration is because it could significantly increase the database size after being ran, however after this `VACUUM FULL` will be able to reclaim about 20% (really depends on what is in the database, your mileage may vary) of the db size before the migration.

```sh
$PREFIX remove_embedded_objects [<options>]
```

### Options
- `--vacuum` - run `VACUUM FULL` after the embedded objects are replaced with their references

## Prune old remote posts from the database

This will prune remote posts older than 90 days (configurable with [`config :pleroma, :instance, remote_post_retention_days`](../../configuration/cheatsheet.md#instance)) from the database, they will be refetched from source when accessed.

!!! note
The disk space will only be reclaimed after `VACUUM FULL`

```sh
$PREFIX pleroma.database prune_objects [<options>]
```

### Options
- `--vacuum` - run `VACUUM FULL` after the objects are pruned

## Create a conversation for all existing DMs

Can be safely re-run

```sh
$PREFIX bump_all_conversations
```

## Remove duplicated items from following and update followers count for all users

```sh
$PREFIX update_users_following_followers_counts
```

## Fix the pre-existing "likes" collections for all objects

```sh
$PREFIX fix_likes_collections
```

+ 13
- 0
docs/administration/CLI_tasks/digest.md View File

@@ -0,0 +1,13 @@
# Managing digest emails
Every command should be ran with a prefix, in case of OTP releases it is `./bin/pleroma_ctl digest` and in case of source installs it's `mix pleroma.digest`.

## Send digest email since given date (user registration date by default) ignoring user activity status.

```sh
$PREFIX test <nickname> [<since_date>]
```

Example:
```sh
$PREFIX test donaldtheduck 2019-05-20
```

+ 30
- 0
docs/administration/CLI_tasks/emoji.md View File

@@ -0,0 +1,30 @@
# Managing emoji packs

Every command should be ran with a prefix, in case of OTP releases it is `./bin/pleroma_ctl emoji` and in case of source installs it's `mix pleroma.emoji`.

## Lists emoji packs and metadata specified in the manifest

```sh
$PREFIX ls-packs [<options>]
```

### Options
- `-m, --manifest PATH/URL` - path to a custom manifest, it can either be an URL starting with `http`, in that case the manifest will be fetched from that address, or a local path

## Fetch, verify and install the specified packs from the manifest into `STATIC-DIR/emoji/PACK-NAME`
```sh
$PREFIX get-packs [<options>] <packs>
```

### Options
- `-m, --manifest PATH/URL` - same as [`ls-packs`](#ls-packs)

## Create a new manifest entry and a file list from the specified remote pack file
```sh
$PREFIX gen-pack PACK-URL
```
Currently, only .zip archives are recognized as remote pack files and packs are therefore assumed to be zip archives. This command is intended to run interactively and will first ask you some basic questions about the pack, then download the remote file and generate an SHA256 checksum for it, then generate an emoji file list for you.

The manifest entry will either be written to a newly created `index.json` file or appended to the existing one, *replacing* the old pack with the same name if it was in the file previously.

The file list will be written to the file specified previously, *replacing* that file. You _should_ check that the file list doesn't contain anything you don't need in the pack, that is, anything that is not an emoji (the whole pack is downloaded, but only emoji files are extracted).

+ 30
- 0
docs/administration/CLI_tasks/instance.md View File

@@ -0,0 +1,30 @@
# Managing instance configuration

Every command should be ran with a prefix, in case of OTP releases it is `./bin/pleroma_ctl instance` and in case of source installs it's `mix pleroma.instance`.

## Generate a new configuration file
```sh
$PREFIX gen [<options>]
```

If any of the options are left unspecified, you will be prompted interactively.

### Options
- `-f`, `--force` - overwrite any output files
- `-o <path>`, `--output <path>` - the output file for the generated configuration
- `--output-psql <path>` - the output file for the generated PostgreSQL setup
- `--domain <domain>` - the domain of your instance
- `--instance-name <instance_name>` - the name of your instance
- `--admin-email <email>` - the email address of the instance admin
- `--notify-email <email>` - email address for notifications
- `--dbhost <hostname>` - the hostname of the PostgreSQL database to use
- `--dbname <database_name>` - the name of the database to use
- `--dbuser <username>` - the user (aka role) to use for the database connection
- `--dbpass <password>` - the password to use for the database connection
- `--rum <Y|N>` - Whether to enable RUM indexes
- `--indexable <Y|N>` - Allow/disallow indexing site by search engines
- `--db-configurable <Y|N>` - Allow/disallow configuring instance from admin part
- `--uploads-dir <path>` - the directory uploads go in when using a local uploader
- `--static-dir <path>` - the directory custom public files should be read from (custom emojis, frontend bundle overrides, robots.txt, etc.)
- `--listen-ip <ip>` - the ip the app should listen to, defaults to 127.0.0.1
- `--listen-port <port>` - the port the app should listen to, defaults to 4000

+ 30
- 0
docs/administration/CLI_tasks/relay.md View File

@@ -0,0 +1,30 @@
# Managing relays

Every command should be ran with a prefix, in case of OTP releases it is `./bin/pleroma_ctl relay` and in case of source installs it's `mix pleroma.relay`.

## Follow a relay
```sh
$PREFIX follow <relay_url>
```

Example:
```sh
$PREFIX follow https://example.org/relay
```

## Unfollow a remote relay

```sh
$PREFIX unfollow <relay_url>
```

Example:
```sh
$PREFIX unfollow https://example.org/relay
```

## List relay subscriptions

```sh
$PREFIX list
```

+ 12
- 0
docs/administration/CLI_tasks/uploads.md View File

@@ -0,0 +1,12 @@
# Managing uploads

Every command should be ran with a prefix, in case of OTP releases it is `./bin/pleroma_ctl uploads` and in case of source installs it's `mix pleroma.uploads`.

## Migrate uploads from local to remote storage
```sh
$PREFIX migrate_local <target_uploader> [<options>]
```
### Options
- `--delete` - delete local uploads after migrating them to the target uploader

A list of available uploaders can be seen in [Configuration Cheat Sheet](../../configuration/cheatsheet.md#pleromaupload)

+ 94
- 0
docs/administration/CLI_tasks/user.md View File

@@ -0,0 +1,94 @@
# Managing users

Every command should be ran with a prefix, in case of OTP releases it is `./bin/pleroma_ctl user` and in case of source installs it's `mix pleroma.user`.

## Create a user
```sh
$PREFIX new <nickname> <email> [<options>]
```

### Options
- `--name <name>` - the user's display name
- `--bio <bio>` - the user's bio
- `--password <password>` - the user's password
- `--moderator`/`--no-moderator` - whether the user should be a moderator
- `--admin`/`--no-admin` - whether the user should be an admin
- `-y`, `--assume-yes`/`--no-assume-yes` - whether to assume yes to all questions

## Generate an invite link
```sh
$PREFIX invite [<options>]
```

### Options
- `--expires-at DATE` - last day on which token is active (e.g. "2019-04-05")
- `--max-use NUMBER` - maximum numbers of token uses

## List generated invites
```sh
$PREFIX invites
```

## Revoke invite
```sh
$PREFIX revoke_invite <token_or_id>
```

## Delete a user
```sh
$PREFIX rm <nickname>
```

## Delete user's posts and interactions
```sh
$PREFIX delete_activities <nickname>
```

## Sign user out from all applications (delete user's OAuth tokens and authorizations)
```sh
$PREFIX sign_out <nickname>
```

## Deactivate or activate a user
```sh
$PREFIX toggle_activated <nickname>
```

## Unsubscribe local users from a user and deactivate the user
```sh
$PREFIX unsubscribe NICKNAME
```

## Unsubscribe local users from an instance and deactivate all accounts on it
```sh
$PREFIX unsubscribe_all_from_instance <instance>
```

## Create a password reset link for user
```sh
$PREFIX reset_password <nickname>
```

## Set the value of the given user's settings
```sh
$PREFIX set <nickname> [<options>]
```
### Options
- `--locked`/`--no-locked` - whether the user should be locked
- `--moderator`/`--no-moderator` - whether the user should be a moderator
- `--admin`/`--no-admin` - whether the user should be an admin

## Add tags to a user
```sh
$PREFIX tag <nickname> <tags>
```

## Delete tags from a user
```sh
$PREFIX untag <nickname> <tags>
```

## Toggle confirmation status of the user
```sh
$PREFIX toggle_confirmed <nickname>
```

docs/admin/backup.md → docs/administration/backup.md View File


docs/admin/updating.md → docs/administration/updating.md View File


+ 2
- 2
docs/clients.md View File

@@ -39,7 +39,7 @@ Feel free to contact us to be added to this list!

### Nekonium
- Homepage: [F-Droid Repository](https://repo.gdgd.jp.net/), [Google Play](https://play.google.com/store/apps/details?id=com.apps.nekonium), [Amazon](https://www.amazon.co.jp/dp/B076FXPRBC/)
- Source: <https://git.gdgd.jp.net/lin/nekonium/>
- Source: <https://gogs.gdgd.jp.net/lin/nekonium>
- Contact: [@lin@pleroma.gdgd.jp.net](https://pleroma.gdgd.jp.net/users/lin)
- Platforms: Android
- Features: Streaming Ready
@@ -67,7 +67,7 @@ Feel free to contact us to be added to this list!
## Alternative Web Interfaces
### Brutaldon
- Homepage: <https://jfm.carcosa.net/projects/software/brutaldon/>
- Source Code: <https://github.com/jfmcbrayer/brutaldon>
- Source Code: <https://git.carcosa.net/jmcbray/brutaldon>
- Contact: [@gcupc@glitch.social](https://glitch.social/users/gcupc)
- Features: No Streaming



+ 0
- 17
docs/config/General-tips-for-customizing-Pleroma-FE.md View File

@@ -1,17 +0,0 @@
# General tips for customizing Pleroma FE
There are some configuration scripts for Pleroma BE and FE:

1. `config/prod.secret.exs`
1. `config/config.exs`
1. `priv/static/static/config.json`

The `prod.secret.exs` affects first. `config.exs` is for fallback or default. `config.json` is for GNU-social-BE-Pleroma-FE instances.

Usually all you have to do is:

1. Copy the section in the `config/config.exs` which you want to activate.
1. Paste into `config/prod.secret.exs`.
1. Edit `config/prod.secret.exs`.
1. Restart the Pleroma daemon.

`prod.secret.exs` is for the `MIX_ENV=prod` environment. `dev.secret.exs` is for the `MIX_ENV=dev` environment respectively.

+ 0
- 12
docs/config/small_customizations.md View File

@@ -1,12 +0,0 @@
# Small customizations

See also static_dir.md for visual settings.

## Theme

All users of your instance will be able to change the theme they use by going to the settings (the cog in the top-right hand corner). However, if you wish to change the default theme, you can do so by editing `theme` in `config/dev.secret.exs` accordingly.

## Message Visibility

To enable message visibility options when posting like in the Mastodon frontend, set
`scope_options_enabled` to `true` in `config/dev.secret.exs`.

docs/config.md → docs/configuration/cheatsheet.md View File

@@ -1,7 +1,11 @@
# Configuration
# Configuration Cheat Sheet

This is a cheat sheet for Pleroma configuration file, any setting possible to configure should be listed here.

Pleroma configuration works by first importing the base config (`config/config.exs` on source installs, compiled-in on OTP releases), then overriding it by the environment config (`config/$MIX_ENV.exs` on source installs, N/A to OTP releases) and then overriding it by user config (`config/$MIX_ENV.secret.exs` on source installs, typically `/etc/pleroma/config.exs` on OTP releases).

You shouldn't edit the base config directly to avoid breakages and merge conflicts, but it can be used as a reference if you don't understand how an option is supposed to be formatted, the latest version of it can be viewed [here](https://git.pleroma.social/pleroma/pleroma/blob/develop/config/config.exs).

This file describe the configuration, it is recommended to edit the relevant *.secret.exs file instead of the others founds in the ``config`` directory.
If you run Pleroma with ``MIX_ENV=prod`` the file is ``prod.secret.exs``, otherwise it is ``dev.secret.exs``.

## Pleroma.Upload
* `uploader`: Select which `Pleroma.Uploaders` to use
@@ -11,7 +15,8 @@ If you run Pleroma with ``MIX_ENV=prod`` the file is ``prod.secret.exs``, otherw
* `proxy_remote`: If you're using a remote uploader, Pleroma will proxy media requests instead of redirecting to it.
* `proxy_opts`: Proxy options, see `Pleroma.ReverseProxy` documentation.

Note: `strip_exif` has been replaced by `Pleroma.Upload.Filter.Mogrify`.
!!! warning
`strip_exif` has been replaced by `Pleroma.Upload.Filter.Mogrify`.

## Pleroma.Uploaders.Local
* `uploads`: Which directory to store the user-uploads in, relative to pleroma’s working directory
@@ -23,6 +28,7 @@ Note: `strip_exif` has been replaced by `Pleroma.Upload.Filter.Mogrify`.
* `truncated_namespace`: If you use S3 compatible service such as Digital Ocean Spaces or CDN, set folder name or "" etc.
For example, when using CDN to S3 virtual host format, set "".
At this time, write CNAME to CDN in public_endpoint.
* `streaming_enabled`: Enable streaming uploads, when enabled the file will be sent to the server in chunks as it's being read. This may be unsupported by some providers, try disabling this if you have upload problems.

## Pleroma.Upload.Filter.Mogrify

@@ -110,12 +116,6 @@ config :pleroma, Pleroma.Emails.Mailer,
* `allowed_post_formats`: MIME-type list of formats allowed to be posted (transformed into HTML)
* `mrf_transparency`: Make the content of your Message Rewrite Facility settings public (via nodeinfo).
* `mrf_transparency_exclusions`: Exclude specific instance names from MRF transparency. The use of the exclusions feature will be disclosed in nodeinfo as a boolean value.
* `scope_copy`: Copy the scope (private/unlisted/public) in replies to posts by default.
* `subject_line_behavior`: Allows changing the default behaviour of subject lines in replies. Valid values:
* "email": Copy and preprend re:, as in email.
* "masto": Copy verbatim, as in Mastodon.
* "noop": Don't copy the subject.
* `always_show_subject_input`: When set to false, auto-hide the subject field when it's empty.
* `extended_nickname_format`: Set to `true` to use extended local nicknames format (allows underscores/dashes). This will break federation with
older software for theses nicknames.
* `max_pinned_statuses`: The maximum number of pinned statuses. `0` will disable the feature.
@@ -131,13 +131,17 @@ config :pleroma, Pleroma.Emails.Mailer,
* `user_name_length`: A user name maximum length (default: `100`)
* `skip_thread_containment`: Skip filter out broken threads. The default is `false`.
* `limit_to_local_content`: Limit unauthenticated users to search for local statutes and users only. Possible values: `:unauthenticated`, `:all` and `false`. The default is `:unauthenticated`.
* `dynamic_configuration`: Allow transferring configuration to DB with the subsequent customization from Admin api.
* `max_account_fields`: The maximum number of custom fields in the user profile (default: `10`)
* `max_remote_account_fields`: The maximum number of custom fields in the remote user profile (default: `20`)
* `account_field_name_length`: An account field name maximum length (default: `512`)
* `account_field_value_length`: An account field value maximum length (default: `512`)
* `account_field_value_length`: An account field value maximum length (default: `2048`)
* `external_user_synchronization`: Enabling following/followers counters synchronization for external users.

!!! danger
This is a Work In Progress, not usable just yet

* `dynamic_configuration`: Allow transferring configuration to DB with the subsequent customization from Admin api.



## :logger
@@ -185,7 +189,7 @@ See the [Quack Github](https://github.com/azohra/quack) for more details

## :frontend_configurations

This can be used to configure a keyword list that keeps the configuration data for any kind of frontend. By default, settings for `pleroma_fe` and `masto_fe` are configured.
This can be used to configure a keyword list that keeps the configuration data for any kind of frontend. By default, settings for `pleroma_fe` and `masto_fe` are configured. You can find the documentation for `pleroma_fe` configuration into [Pleroma-FE configuration and customization for instance administrators](/frontend/CONFIGURATION/#options).

Frontends can access these settings at `/api/pleroma/frontend_configurations`

@@ -207,14 +211,15 @@ These settings **need to be complete**, they will override the defaults.
NOTE: for versions < 1.0, you need to set [`:fe`](#fe) to false, as shown a few lines below.

## :fe
__THIS IS DEPRECATED__
!!! warning
__THIS IS DEPRECATED__

If you are using this method, please change it to the [`frontend_configurations`](#frontend_configurations) method.
Please **set this option to false** in your config like this:
If you are using this method, please change it to the [`frontend_configurations`](#frontend_configurations) method.
Please **set this option to false** in your config like this:

```elixir
config :pleroma, :fe, false
```
```elixir
config :pleroma, :fe, false
```

This section is used to configure Pleroma-FE, unless ``:managed_config`` in ``:instance`` is set to false.

@@ -260,7 +265,7 @@ All criteria are configured as a map of regular expressions to lists of policy m

Example:

```
```elixir
config :pleroma, :mrf_subchain,
match_actor: %{
~r/https:\/\/example.com/s => [Pleroma.Web.ActivityPub.MRF.DropPolicy]
@@ -300,7 +305,10 @@ config :pleroma, :mrf_subchain,
* `dstport`: Port advertised in urls (optional, defaults to `port`)

## Pleroma.Web.Endpoint
`Phoenix` endpoint configuration, all configuration options can be viewed [here](https://hexdocs.pm/phoenix/Phoenix.Endpoint.html#module-dynamic-configuration), only common options are listed here

!!! note
`Phoenix` endpoint configuration, all configuration options can be viewed [here](https://hexdocs.pm/phoenix/Phoenix.Endpoint.html#module-dynamic-configuration), only common options are listed here.

* `http` - a list containing http protocol configuration, all configuration options can be viewed [here](https://hexdocs.pm/plug_cowboy/Plug.Cowboy.html#module-options), only common options are listed here. For deployment using docker, you need to set this to `[ip: {0,0,0,0}, port: 4000]` to make pleroma accessible from other containers (such as your nginx server).
- `ip` - a tuple consisting of 4 integers
- `port`
@@ -313,7 +321,8 @@ config :pleroma, :mrf_subchain,



**Important note**: if you modify anything inside these lists, default `config.exs` values will be overwritten, which may result in breakage, to make sure this does not happen please copy the default value for the list from `config.exs` and modify/add only what you need
!!! warning
If you modify anything inside these lists, default `config.exs` values will be overwritten, which may result in breakage, to make sure this does not happen please copy the default value for the list from `config.exs` and modify/add only what you need

Example:
```elixir
@@ -400,41 +409,73 @@ You can then do
curl "http://localhost:4000/api/pleroma/admin/invite_token?admin_token=somerandomtoken"
```

## :pleroma_job_queue
## Oban

[Oban](https://github.com/sorentwo/oban) asynchronous job processor configuration.

[Pleroma Job Queue](https://git.pleroma.social/pleroma/pleroma_job_queue) configuration: a list of queues with maximum concurrent jobs.
Configuration options described in [Oban readme](https://github.com/sorentwo/oban#usage):
* `repo` - app's Ecto repo (`Pleroma.Repo`)
* `verbose` - logs verbosity
* `prune` - non-retryable jobs [pruning settings](https://github.com/sorentwo/oban#pruning) (`:disabled` / `{:maxlen, value}` / `{:maxage, value}`)
* `queues` - job queues (see below)

Pleroma has the following queues:

* `activity_expiration` - Activity expiration
* `federator_outgoing` - Outgoing federation
* `federator_incoming` - Incoming federation
* `mailer` - Email sender, see [`Pleroma.Emails.Mailer`](#pleroma-emails-mailer)
* `mailer` - Email sender, see [`Pleroma.Emails.Mailer`](#pleromaemailsmailer)
* `transmogrifier` - Transmogrifier
* `web_push` - Web push notifications
* `scheduled_activities` - Scheduled activities, see [`Pleroma.ScheduledActivities`](#pleromascheduledactivity)
* `scheduled_activities` - Scheduled activities, see [`Pleroma.ScheduledActivity`](#pleromascheduledactivity)

Example:

```elixir
config :pleroma_job_queue, :queues,
federator_incoming: 50,
federator_outgoing: 50
config :pleroma, Oban,
repo: Pleroma.Repo,
verbose: false,
prune: {:maxlen, 1500},
queues: [
federator_incoming: 50,
federator_outgoing: 50
]
```

This config contains two queues: `federator_incoming` and `federator_outgoing`. Both have the `max_jobs` set to `50`.
This config contains two queues: `federator_incoming` and `federator_outgoing`. Both have the number of max concurrent jobs set to `50`.

### Migrating `pleroma_job_queue` settings

`config :pleroma_job_queue, :queues` is replaced by `config :pleroma, Oban, :queues` and uses the same format (keys are queues' names, values are max concurrent jobs numbers).

## :workers

Includes custom worker options not interpretable directly by `Oban`.

* `retries` — keyword lists where keys are `Oban` queues (see above) and values are numbers of max attempts for failed jobs.

Example:

```elixir
config :pleroma, :workers,
retries: [
federator_incoming: 5,
federator_outgoing: 5
]
```

## Pleroma.Web.Federator.RetryQueue
### Migrating `Pleroma.Web.Federator.RetryQueue` settings

* `enabled`: If set to `true`, failed federation jobs will be retried
* `max_jobs`: The maximum amount of parallel federation jobs running at the same time.
* `initial_timeout`: The initial timeout in seconds
* `max_retries`: The maximum number of times a federation job is retried
* `max_retries` is replaced with `config :pleroma, :workers, retries: [federator_outgoing: 5]`
* `enabled: false` corresponds to `config :pleroma, :workers, retries: [federator_outgoing: 1]`
* deprecated options: `max_jobs`, `initial_timeout`

## Pleroma.Web.Metadata
* `providers`: a list of metadata providers to enable. Providers available:
* Pleroma.Web.Metadata.Providers.OpenGraph
* Pleroma.Web.Metadata.Providers.TwitterCard
* Pleroma.Web.Metadata.Providers.RelMe - add links from user bio with rel=me into the `<header>` as `<link rel=me>`
* Pleroma.Web.Metadata.Providers.Feed - add a link to a user's Atom feed into the `<header>` as `<link rel=alternate>`
* `unfurl_nsfw`: If set to `true` nsfw attachments will be shown in previews

## :rich_media
@@ -485,10 +526,28 @@ config :auto_linker,
class: false,
strip_prefix: false,
new_window: false,
rel: false
rel: "ugc"
]
```

## Pleroma.Scheduler

Configuration for [Quantum](https://github.com/quantum-elixir/quantum-core) jobs scheduler.

See [Quantum readme](https://github.com/quantum-elixir/quantum-core#usage) for the list of supported options.

Example:

```elixir
config :pleroma, Pleroma.Scheduler,
global: true,
overlap: true,
timezone: :utc,
jobs: [{"0 */6 * * * *", {Pleroma.Web.Websub, :refresh_subscriptions, []}}]
```

The above example defines a single job which invokes `Pleroma.Web.Websub.refresh_subscriptions()` every 6 hours ("0 */6 * * * *", [crontab format](https://en.wikipedia.org/wiki/Cron)).

## Pleroma.ScheduledActivity

* `daily_user_limit`: the number of scheduled activities a user is allowed to create in a single day (Default: `25`)
@@ -497,7 +556,7 @@ config :auto_linker,

## Pleroma.ActivityExpiration

# `enabled`: whether expired activities will be sent to the job queue to be deleted
* `enabled`: whether expired activities will be sent to the job queue to be deleted

## Pleroma.Web.Auth.Authenticator

@@ -573,13 +632,14 @@ Email notifications settings.
OAuth consumer mode allows sign in / sign up via external OAuth providers (e.g. Twitter, Facebook, Google, Microsoft, etc.).
Implementation is based on Ueberauth; see the list of [available strategies](https://github.com/ueberauth/ueberauth/wiki/List-of-Strategies).

Note: each strategy is shipped as a separate dependency; in order to get the strategies, run `OAUTH_CONSUMER_STRATEGIES="..." mix deps.get`,
e.g. `OAUTH_CONSUMER_STRATEGIES="twitter facebook google microsoft" mix deps.get`.
The server should also be started with `OAUTH_CONSUMER_STRATEGIES="..." mix phx.server` in case you enable any strategies.
!!! note
Each strategy is shipped as a separate dependency; in order to get the strategies, run `OAUTH_CONSUMER_STRATEGIES="..." mix deps.get`, e.g. `OAUTH_CONSUMER_STRATEGIES="twitter facebook google microsoft" mix deps.get`. The server should also be started with `OAUTH_CONSUMER_STRATEGIES="..." mix phx.server` in case you enable any strategies.

Note: each strategy requires separate setup (on external provider side and Pleroma side). Below are the guidelines on setting up most popular strategies.
!!! note
Each strategy requires separate setup (on external provider side and Pleroma side). Below are the guidelines on setting up most popular strategies.

Note: make sure that `"SameSite=Lax"` is set in `extra_cookie_attrs` when you have this feature enabled. OAuth consumer mode will not work with `"SameSite=Strict"`
!!! note
Make sure that `"SameSite=Lax"` is set in `extra_cookie_attrs` when you have this feature enabled. OAuth consumer mode will not work with `"SameSite=Strict"`

* For Twitter, [register an app](https://developer.twitter.com/en/apps), configure callback URL to https://<your_host>/oauth/twitter/callback

@@ -653,6 +713,8 @@ Configure OAuth 2 provider capabilities:
* `pack_extensions`: A list of file extensions for emojis, when no emoji.txt for a pack is present. Example `[".png", ".gif"]`
* `groups`: Emojis are ordered in groups (tags). This is an array of key-value pairs where the key is the groupname and the value the location or array of locations. `*` can be used as a wildcard. Example `[Custom: ["/emoji/*.png", "/emoji/custom/*.png"]]`
* `default_manifest`: Location of the JSON-manifest. This manifest contains information about the emoji-packs you can download. Currently only one manifest can be added (no arrays).
* `shared_pack_cache_seconds_per_file`: When an emoji pack is shared, the archive is created and cached in
memory for this amount of seconds multiplied by the number of files.

## Database options

@@ -673,6 +735,8 @@ This will probably take a long time.

This is an advanced feature and disabled by default.

If your instance is behind a reverse proxy you must enable and configure [`Pleroma.Plugs.RemoteIp`](#pleroma-plugs-remoteip).

A keyword list of rate limiters where a key is a limiter name and value is the limiter configuration. The basic configuration is a tuple where:

* The first element: `scale` (Integer). The time scale in milliseconds.
@@ -680,8 +744,6 @@ A keyword list of rate limiters where a key is a limiter name and value is the l

It is also possible to have different limits for unauthenticated and authenticated users: the keyword value must be a list of two tuples where the first one is a config for unauthenticated users and the second one is for authenticated.

See [`Pleroma.Plugs.RateLimiter`](Pleroma.Plugs.RateLimiter.html) documentation for examples.

Supported rate limiters:

* `:search` for the search requests (account & status search etc.)
@@ -690,3 +752,26 @@ Supported rate limiters:
* `:relation_id_action` for actions on relation with a specific user (follow, unfollow)
* `:statuses_actions` for create / delete / fav / unfav / reblog / unreblog actions on any statuses
* `:status_id_action` for fav / unfav or reblog / unreblog actions on the same status by the same user

## :web_cache_ttl

The expiration time for the web responses cache. Values should be in milliseconds or `nil` to disable expiration.

Available caches:

* `:activity_pub` - activity pub routes (except question activities). Defaults to `nil` (no expiration).
* `:activity_pub_question` - activity pub routes (question activities). Defaults to `30_000` (30 seconds).

## Pleroma.Plugs.RemoteIp

!!! warning
If your instance is not behind at least one reverse proxy, you should not enable this plug.

`Pleroma.Plugs.RemoteIp` is a shim to call [`RemoteIp`](https://git.pleroma.social/pleroma/remote_ip) but with runtime configuration.

Available options:

* `enabled` - Enable/disable the plug. Defaults to `false`.
* `headers` - A list of strings naming the `req_headers` to use when deriving the `remote_ip`. Order does not matter. Defaults to `~w[forwarded x-forwarded-for x-client-ip x-real-ip]`.
* `proxies` - A list of strings in [CIDR](https://en.wikipedia.org/wiki/CIDR) notation specifying the IPs of known proxies. Defaults to `[]`.
* `reserved` - Defaults to [localhost](https://en.wikipedia.org/wiki/Localhost) and [private network](https://en.wikipedia.org/wiki/Private_network).

docs/config/custom_emoji.md → docs/configuration/custom_emoji.md View File

@@ -4,6 +4,7 @@ Before you add your own custom emoji, check if they are available in an existing
See `Mix.Tasks.Pleroma.Emoji` for information about emoji packs.

To add custom emoji:

* Create the `STATIC-DIR/emoji/` directory if it doesn't exist
(`STATIC-DIR` is configurable, `instance/static/` by default)
* Create a directory with whatever name you want (custom is a good name to show the purpose of it).

docs/config/hardening.md → docs/configuration/hardening.md View File


docs/config/howto_mediaproxy.md → docs/configuration/howto_mediaproxy.md View File


docs/config/howto_mongooseim.md → docs/configuration/howto_mongooseim.md View File


docs/config/howto_proxy.md → docs/configuration/howto_proxy.md View File


docs/config/howto_set_richmedia_cache_ttl_based_on_image.md → docs/configuration/howto_set_richmedia_cache_ttl_based_on_image.md View File


docs/config/howto_user_recomendation.md → docs/configuration/howto_user_recomendation.md View File


docs/config/i2p.md → docs/configuration/i2p.md View File


docs/config/mrf.md → docs/configuration/mrf.md View File


docs/config/onion_federation.md → docs/configuration/onion_federation.md View File


docs/config/static_dir.md → docs/configuration/static_dir.md View File


+ 32
- 11
docs/installation/alpine_linux_en.md View File

@@ -1,7 +1,9 @@
# Installing on Alpine Linux
## Installation

This guide is a step-by-step installation guide for Alpine Linux. It also assumes that you have administrative rights, either as root or a user with [sudo permissions](https://www.linode.com/docs/tools-reference/custom-kernels-distros/install-alpine-linux-on-your-linode/#configuration). If you want to run this guide with root, ignore the `sudo` at the beginning of the lines, unless it calls a user like `sudo -Hu pleroma`; in this case, use `su -l <username> -s $SHELL -c 'command'` instead.
This guide is a step-by-step installation guide for Alpine Linux. The instructions were verified against Alpine v3.10 standard image. You might miss additional dependencies if you use `netboot` instead.

It assumes that you have administrative rights, either as root or a user with [sudo permissions](https://www.linode.com/docs/tools-reference/custom-kernels-distros/install-alpine-linux-on-your-linode/#configuration). If you want to run this guide with root, ignore the `sudo` at the beginning of the lines, unless it calls a user like `sudo -Hu pleroma`; in this case, use `su -l <username> -s $SHELL -c 'command'` instead.

### Required packages

@@ -20,12 +22,13 @@ This guide is a step-by-step installation guide for Alpine Linux. It also assume

### Prepare the system

* First make sure to have the community repository enabled:
* The community repository must be enabled in `/etc/apk/repositories`. Depending on which version and mirror you use this looks like `http://alpine.42.fr/v3.10/community`. If you autogenerated the mirror during installation:

```shell
echo "https://nl.alpinelinux.org/alpine/latest-stable/community" | sudo tee -a /etc/apk/repository
awk 'NR==2' /etc/apk/repositories | sed 's/main/community/' | tee -a /etc/apk/repositories
```


* Then update the system, if not already done:

```shell
@@ -77,7 +80,8 @@ sudo rc-update add postgresql
* Add a new system user for the Pleroma service:

```shell
sudo adduser -S -s /bin/false -h /opt/pleroma -H pleroma
sudo addgroup pleroma
sudo adduser -S -s /bin/false -h /opt/pleroma -H -G pleroma pleroma
```

**Note**: To execute a single command as the Pleroma system user, use `sudo -Hu pleroma command`. You can also switch to a shell by using `sudo -Hu pleroma $SHELL`. If you don’t have and want `sudo` on your system, you can use `su` as root user (UID 0) for a single command by using `su -l pleroma -s $SHELL -c 'command'` and `su -l pleroma -s $SHELL` for starting a shell.
@@ -164,7 +168,26 @@ If that doesn’t work, make sure, that nginx is not already running. If it stil
sudo cp /opt/pleroma/installation/pleroma.nginx /etc/nginx/conf.d/pleroma.conf
```

* Before starting nginx edit the configuration and change it to your needs (e.g. change servername, change cert paths)
* Before starting nginx edit the configuration and change it to your needs. You must change change `server_name` and the paths to the certificates. You can use `nano` (install with `apk add nano` if missing).

```
server {
server_name your.domain;
listen 80;
...
}

server {
server_name your.domain;
listen 443 ssl http2;
...
ssl_trusted_certificate /etc/letsencrypt/live/your.domain/chain.pem;
ssl_certificate /etc/letsencrypt/live/your.domain/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/your.domain/privkey.pem;
...
}
```

* Enable and start nginx:

```shell
@@ -202,12 +225,10 @@ sudo -Hu pleroma MIX_ENV=prod mix pleroma.user new <username> <your@emailaddress

#### Further reading

* [Backup your instance](backup.html)
* [Configuration tips](general-tips-for-customizing-pleroma-fe.html)
* [Hardening your instance](hardening.html)
* [How to activate mediaproxy](howto_mediaproxy.html)
* [Small Pleroma-FE customizations](small_customizations.html)
* [Updating your instance](updating.html)
* [Backup your instance](../administration/backup.md)
* [Hardening your instance](../configuration/hardening.md)
* [How to activate mediaproxy](../configuration/howto_mediaproxy.md)
* [Updating your instance](../administration/updating.md)

## Questions



+ 4
- 6
docs/installation/arch_linux_en.md View File

@@ -200,12 +200,10 @@ sudo -Hu pleroma MIX_ENV=prod mix pleroma.user new <username> <your@emailaddress

#### Further reading

* [Backup your instance](backup.html)
* [Configuration tips](general-tips-for-customizing-pleroma-fe.html)
* [Hardening your instance](hardening.html)
* [How to activate mediaproxy](howto_mediaproxy.html)
* [Small Pleroma-FE customizations](small_customizations.html)
* [Updating your instance](updating.html)
* [Backup your instance](../administration/backup.md)
* [Hardening your instance](../configuration/hardening.md)
* [How to activate mediaproxy](../configuration/howto_mediaproxy.md)
* [Updating your instance](../administration/updating.md)

## Questions



+ 4
- 6
docs/installation/centos7_en.md View File

@@ -264,12 +264,10 @@ sudo -Hu pleroma MIX_ENV=prod mix pleroma.user new <username> <your@emailaddress

#### Further reading

* [Backup your instance](backup.html)
* [Configuration tips](general-tips-for-customizing-pleroma-fe.html)
* [Hardening your instance](hardening.html)
* [How to activate mediaproxy](howto_mediaproxy.html)
* [Small Pleroma-FE customizations](small_customizations.html)
* [Updating your instance](updating.html)
* [Backup your instance](../administration/backup.md)
* [Hardening your instance](../configuration/hardening.md)
* [How to activate mediaproxy](../configuration/howto_mediaproxy.md)
* [Updating your instance](../administration/updating.md)

## Questions



+ 4
- 6
docs/installation/debian_based_en.md View File

@@ -190,12 +190,10 @@ sudo -Hu pleroma MIX_ENV=prod mix pleroma.user new <username> <your@emailaddress

#### Further reading

* [Backup your instance](backup.html)
* [Configuration tips](general-tips-for-customizing-pleroma-fe.html)
* [Hardening your instance](hardening.html)
* [How to activate mediaproxy](howto_mediaproxy.html)
* [Small Pleroma-FE customizations](small_customizations.html)
* [Updating your instance](updating.html)
* [Backup your instance](../administration/backup.md)
* [Hardening your instance](../configuration/hardening.md)
* [How to activate mediaproxy](../configuration/howto_mediaproxy.md)
* [Updating your instance](../administration/updating.md)

## Questions



+ 71
- 74
docs/installation/debian_based_jp.md View File

@@ -5,187 +5,184 @@

## インストール

このガイドはDebian Stretchを仮定しています。Ubuntu 16.04でも可能です
このガイドはDebian Stretchを利用することを想定しています。Ubuntu 16.04や18.04でもおそらく動作します。また、ユーザはrootもしくはsudoにより管理者権限を持っていることを前提とします。もし、以下の操作をrootユーザで行う場合は、 `sudo` を無視してください。ただし、`sudo -Hu pleroma` のようにユーザを指定している場合には `su <username> -s $SHELL -c 'command'` を代わりに使ってください

### 必要なソフトウェア

- PostgreSQL 9.6+ (postgresql-contrib-9.6 または他のバージョンの PSQL をインストールしてください)
- Elixir 1.5 以上 ([Debianのリポジトリからインストールしないこと!!! ここからインストールすること!](https://elixir-lang.org/install.html#unix-and-unix-like))。または [asdf](https://github.com/asdf-vm/asdf) を pleroma ユーザーでインストール。
- erlang-dev
- PostgreSQL 9.6以上 (Ubuntu16.04では9.5しか提供されていないので,[](https://www.postgresql.org/download/linux/ubuntu/)こちらから新しいバージョンを入手してください)
- postgresql-contrib 9.6以上 (同上)
- Elixir 1.5 以上 ([Debianのリポジトリからインストールしないこと!!! ここからインストールすること!](https://elixir-lang.org/install.html#unix-and-unix-like)。または [asdf](https://github.com/asdf-vm/asdf) をpleromaユーザーでインストールしてください)
- erlang-dev
- erlang-tools
- erlang-parsetools
- erlang-eldap (LDAP認証を有効化するときのみ必要)
- erlang-ssh
- erlang-xmerl (Jessieではバックポートからインストールすること!)
- erlang-xmerl
- git
- build-essential
- openssh
- openssl
- nginx prefered (Apacheも動くかもしれませんが、誰もテストしていません!)
- certbot (または何らかのACME Let's encryptクライアント)

#### このガイドで利用している追加パッケージ

- nginx (おすすめです。他のリバースプロキシを使う場合は、参考となる設定をこのリポジトリから探してください)
- certbot (または何らかのLet's Encrypt向けACMEクライアント)

### システムを準備する

* まずシステムをアップデートしてください。
```
apt update && apt dist-upgrade
sudo apt update
sudo apt full-upgrade
```

* 複数のツールとpostgresqlをインストールします。あとで必要になるので
* 上記に挙げたパッケージをインストールしておきます
```
apt install git build-essential openssl ssh sudo postgresql-9.6 postgresql-contrib-9.6
sudo apt install git build-essential postgresql postgresql-contrib
```
(postgresqlのバージョンは、あなたのディストロにあわせて変えてください。または、バージョン番号がいらないかもしれません。)

### ElixirとErlangをインストールします

* Erlangのリポジトリをダウンロードおよびインストールします。
```
wget -P /tmp/ https://packages.erlang-solutions.com/erlang-solutions_1.0_all.deb && sudo dpkg -i /tmp/erlang-solutions_1.0_all.deb
wget -P /tmp/ https://packages.erlang-solutions.com/erlang-solutions_1.0_all.deb
sudo dpkg -i /tmp/erlang-solutions_1.0_all.deb
```

* ElixirとErlangをインストールします、
```
apt update && apt install elixir erlang-dev erlang-parsetools erlang-xmerl erlang-tools erlang-ssh
sudo apt update
sudo apt install elixir erlang-dev erlang-parsetools erlang-xmerl erlang-tools erlang-ssh
```

### Pleroma BE (バックエンド) をインストールします

* 新しいユーザーを作ります。
```
adduser pleroma
```
(Give it any password you want, make it STRONG)
* Pleroma用に新しいユーザーを作ります。

* 新しいユーザーをsudoグループに入れます。
```
usermod -aG sudo pleroma
sudo useradd -r -s /bin/false -m -d /var/lib/pleroma -U pleroma
```

* 新しいユーザーに変身し、ホームディレクトリに移動します。
```
su pleroma
cd ~
```
**注意**: Pleromaユーザとして単発のコマンドを実行したい場合はは、`sudo -Hu pleroma command` を使ってください。シェルを使いたい場合は `sudo -Hu pleroma $SHELL`です。もし `sudo` を使わない場合は、rootユーザで `su -l pleroma -s $SHELL -c 'command'` とすることでコマンドを、`su -l pleroma -s $SHELL` とすることでシェルを開始できます。

* Gitリポジトリをクローンします。
```
git clone -b master https://git.pleroma.social/pleroma/pleroma
sudo mkdir -p /opt/pleroma
sudo chown -R pleroma:pleroma /opt/pleroma
sudo -Hu pleroma git clone -b master https://git.pleroma.social/pleroma/pleroma /opt/pleroma
```

* 新しいディレクトリに移動します。
```
cd pleroma/
cd /opt/pleroma
```

* Pleromaが依存するパッケージをインストールします。Hexをインストールしてもよいか聞かれたら、yesを入力してください。
```
mix deps.get
sudo -Hu pleroma mix deps.get
```

* コンフィギュレーションを生成します。
```
mix pleroma.instance gen
sudo -Hu pleroma mix pleroma.instance gen
```
* rebar3をインストールしてもよいか聞かれたら、yesを入力してください。
* この処理には時間がかかります。私もよく分かりませんが、何らかのコンパイルが行われているようです。
* あなたのインスタンスについて、いくつかの質問があります。その回答は `config/generated_config.exs` というコンフィギュレーションファイルに保存されます。
* このときにpleromaの一部がコンパイルされるため、この処理には時間がかかります。
* あなたのインスタンスについて、いくつかの質問されます。この質問により `config/generated_config.exs` という設定ファイルが生成されます。

**注意**: メディアプロクシを有効にすると回答して、なおかつ、キャッシュのURLは空欄のままにしている場合は、`generated_config.exs` を編集して、`base_url` で始まる行をコメントアウトまたは削除してください。そして、上にある行の `true` の後にあるコンマを消してください。

* コンフィギュレーションを確認して、もし問題なければ、ファイル名を変更してください。
```
mv config/{generated_config.exs,prod.secret.exs}
```

* これまでのコマンドで、すでに `config/setup_db.psql` というファイルが作られています。このファイルをもとに、データベースを作成します。
* 先程のコマンドで、すでに `config/setup_db.psql` というファイルが作られています。このファイルをもとに、データベースを作成します。
```
sudo su postgres -c 'psql -f config/setup_db.psql'
sudo -Hu pleroma mix pleroma.instance gen
```

* そして、データベースのグレーションを実行します。
* そして、データベースのマイグレーションを実行します。
```
MIX_ENV=prod mix ecto.migrate
sudo -Hu pleroma MIX_ENV=prod mix ecto.migrate
```

* Pleromaを起動できるようになりました。
* これでPleromaを起動できるようになりました。
```
MIX_ENV=prod mix phx.server
sudo -Hu pleroma MIX_ENV=prod mix phx.server
```

### インストールを終わらせる
### インストールの最終段階

あなたの新しいインスタンスを世界に向けて公開するには、nginxまたは何らかのウェブサーバー (プロクシ) を使用する必要があります。また、Pleroma のためにシステムサービスファイルを作成する必要があります。
あなたの新しいインスタンスを世界に向けて公開するには、nginx等のWebサーバやプロキシサーバをPleromaの前段に使用する必要があります。また、Pleroma のためにシステムサービスファイルを作成する必要があります。

#### Nginx

* まだインストールしていないなら、nginxをインストールします。
```
apt install nginx
sudo apt install nginx
```

* SSLをセットアップします。他の方法でもよいですが、ここではcertbotを説明します。
certbotを使うならば、まずそれをインストールします。
```
apt install certbot
sudo apt install certbot
```
そしてセットアップします。
```
mkdir -p /var/lib/letsencrypt/.well-known
% certbot certonly --email your@emailaddress --webroot -w /var/lib/letsencrypt/ -d yourdomain
sudo mkdir -p /var/lib/letsencrypt/
sudo certbot certonly --email <your@emailaddress> -d <yourdomain> --standalone
```
もしうまくいかないときは、先にnginxを設定してください。ssl "on" を "off" に変えてから再試行してください。
もしうまくいかないときは、nginxが正しく動いていない可能性があります。先にnginxを設定してください。ssl "on" を "off" に変えてから再試行してください。

---

* nginxコンフィギュレーションの例をnginxフォルダーにコピーします。
* nginxの設定ファイルサンプルをnginxフォルダーにコピーします。
```
cp /home/pleroma/pleroma/installation/pleroma.nginx /etc/nginx/sites-enabled/pleroma.nginx
sudo cp /opt/pleroma/installation/pleroma.nginx /etc/nginx/sites-available/pleroma.nginx
sudo ln -s /etc/nginx/sites-available/pleroma.nginx /etc/nginx/sites-enabled/pleroma.nginx
```

* nginxを起動する前に、コンフィギュレーションを編集してください。例えば、サーバー名、証明書のパスなどを変更する必要があります。
* nginxを起動する前に、設定ファイルを編集してください。例えば、サーバー名、証明書のパスなどを変更する必要があります。
* nginxを再起動します。
```
systemctl reload nginx.service
sudo systemctl enable --now nginx.service
```

#### Systemd サービス
もし証明書を更新する必要が出てきた場合には、nginxの関連するlocationブロックのコメントアウトを外し、以下のコマンドを動かします。