Commit Graph

135 Commits

Author SHA1 Message Date
Mark Felder 1d8f1fe077 Add a default rule to not attempt to cache any files larger than 50MB
This fixes connection failures when trying to retrieve large files.
It is less common in typical Pleroma usage, but it's possible to encounter
this on a cloud instance with lower memory.
2021-02-05 13:35:51 -06:00
Mark Felder c6ef87d585 Note the requirement for the url_format parameter 2021-01-25 18:20:07 -06:00
Mark Felder 8373cb645b Add sudo rule, remove quoting that breaks the for loop 2021-01-25 18:15:04 -06:00
Mark Felder 003402df40 Add ability to invalidate cache entries for Apache 2021-01-21 14:20:13 -06:00
Mark Felder 3078e62488 Update Apache configuration. This has been tested. 2021-01-21 12:25:18 -06:00
Haelwenn (lanodan) Monnier c4439c630f
Bump Copyright to 2021
grep -rl '# Copyright © .* Pleroma' * | xargs sed -i 's;Copyright © .* Pleroma .*;Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>;'
2021-01-13 07:49:50 +01:00
Haelwenn (lanodan) Monnier 5c75bfc586
download-mastofe-build.sh: Proper exit when artifact is missing 2020-12-15 16:31:23 +01:00
rinpatch 2c55f7d7cb Remove FedSockets
Current FedSocket implementation has a bunch of problems. It doesn't
have proper error handling (in case of an error the server just doesn't
respond until the connection is closed, while the client doesn't match
any error messages and just assumes there has been an error after 15s)
and the code is full of bad descisions (see: fetch registry which uses
uuids for no reason and waits for a response by recursively querying a
 ets table until the value changes, or double JSON encoding).

Sometime ago I almost completed rewriting fedsockets from scrach to
adress these issues. However, while doing so, I realized that fedsockets
 are just too overkill for what they were trying to accomplish, which is
 reduce the overhead of federation by not signing every message.
This could be done without reimplementing failure states and endpoint
 logic we already have with HTTP by, for example, using TLS cert auth,
or switching to a more performant signature algorithm. I opened
https://git.pleroma.social/pleroma/pleroma/-/issues/2262 for further
discussion on alternatives to fedsockets.

From discussions I had with other Pleroma developers it seems like they
 would approve the descision to remove them as well,
therefore I am submitting this patch.
2020-11-17 17:28:30 +03:00
rinpatch cc45c69fff Remove release_env
While taking a final look at instance.gen before releasing I noticed
that the release_env task outputs messages in broken english. Upon
further inspection it seems to have even more severe issues which, in
my opinion, warrant it's at least temporary removal:
- We do not explain what it actually does, anywhere. Neither the task
 docs nor instance.gen, nor installation instructions.
- It does not respect FHS on OTP releases (uses /opt/pleroma/config even
 though we store the config in /etc/pleroma/config.exs).
- It doesn't work on OTP releases, which is the main reason it exists.
Neither systemd nor openrc service files for OTP include it.
- It is not mentioned in install guides other than the ones for Debian
and OTP releases.
2020-11-08 11:56:09 +03:00
Mark Felder e7b0840b88 NoNewPrivileges breaks ability to send email via sendmail because it restricts ability to run setuid/setgid binaries 2020-10-23 15:32:32 -05:00
Maksim Pechnikov 14054cd004 update task messages 2020-10-15 22:28:49 +03:00
Maksim Pechnikov 20e68b30f0 added generated `pleroma.env` 2020-10-15 22:28:26 +03:00
Mark Felder b3015db841 Syntax error 2020-09-30 12:49:51 -05:00
Mark Felder 49229107e8 Make it possible for Varnish logs to contain the true scheme used by clients
instead of always reporting http://
2020-09-30 12:32:54 -05:00
Mark Felder 8906f30ba1 Use an upstream for reverse proxy so future modifications are simplified 2020-09-21 16:19:08 -05:00
Mark Felder ade7fede71 Most proxy settings can be global 2020-09-21 16:13:45 -05:00
Mark Felder 2b553b8f8e Remove duplicate setting 2020-09-21 16:11:01 -05:00
Mark Felder 75f6e5e8b7 Add FedSockets config 2020-09-21 16:10:31 -05:00
Mark Felder dfcb1401c7 Improve FreeBSD rc script
Passes rclint now, $HOME is dynamic, and properly matches process name for signalling shutdown.
2020-08-18 10:24:34 -05:00
Farhan Khan 07376bd21a Adding installation documentation for FreeBSD + rc.d script 2020-08-13 18:59:13 -04:00
lain 5c4548d5e7 Revert "Merge branch 'issue/1023' into 'develop'"
This reverts merge request 
2020-08-10 13:05:13 +00:00
Maksim Pechnikov 4e0e19a706 update task messages 2020-07-16 08:52:14 +03:00
Maksim Pechnikov 3062f86613 added generated `pleroma.env` 2020-07-14 09:05:34 +03:00
Maksim Pechnikov 579763126f Merge branch 'develop' into issue/1855 2020-06-15 15:24:55 +03:00
Maksim Pechnikov 2e8a236cef fix invalidates media url's 2020-06-14 21:02:57 +03:00
normandy 122328b93a Update pleroma.nginx to support TLSv1.3
Based on SSL config from https://ssl-config.mozilla.org/
2020-06-12 02:05:49 -04:00
Maksim 376147fb82 Apply suggestion to installation/nginx-cache-purge.sh.example 2020-05-20 04:12:21 +00:00
Maksim Pechnikov b5b9d161cd update purge script 2020-05-20 06:56:04 +03:00
Maksim Pechnikov 3f8d68bdf3 added example cache purge script 2020-05-17 05:56:20 +03:00
lain a2a8c8e9e0 Merge branch 'features/openrc-console' into 'develop'
init.d/pleroma: Add option to attach an elixir console

See merge request 
2020-05-14 09:27:33 +00:00
Alexander Strizhakov 3c42caa85c
apache chain issue fix 2020-05-06 16:20:47 +03:00
Mark Felder e04e16bbc0 Do not strip Cache-Control headers from media. Trust the Pleroma backend. 2020-03-13 11:31:55 -05:00
Mark Felder 05da5f5cca Update Copyrights 2020-03-03 16:44:49 -06:00
Haelwenn (lanodan) Monnier effb4a3d48
init.d/pleroma: Add option to attach an elixir console 2020-02-20 21:24:24 +01:00
minibikini f9380289eb Add `remote_ip` plug 2019-09-27 21:59:23 +00:00
feld df3feb9412 Make it obvious how to support dual stack for MongooseIM 2019-09-20 13:21:07 +00:00
kPherox 99b4847da3
Fix missing changes in 2019-08-30 21:00:50 +09:00
rinpatch 997e766929 Remove sudo in the nginx config command example 2019-06-23 07:39:23 +03:00
rinpatch c013d3f3c8 Fix the webroot method in the nginx config 2019-06-22 20:26:59 +03:00
rinpatch ddf5e6254a Fix nginx webroot method config 2019-06-21 05:46:21 +03:00
feld abedcca349 Sample Mongoose IM config.
Change domain, ensure paths to PEM files are correct, and this is good to go.
2019-05-31 20:36:33 +00:00
feld abc15b6dcc Improve Varnish config. We set sane headers from the backend now. 2019-05-28 21:20:24 +00:00
Alfie Pates 356c047759 explicitly set reverse proxy upstream to IPv4
since Pleroma.Web.Endpoint binds on IPv4 only and `localhost.` resolves to
  [::0] on some systems

  fixes .
2019-05-23 22:33:27 +01:00
lambda a58813e7a1 Merge branch 'features/download-mastofe-build' into 'develop'
installation/download-mastofe-build.sh: Add mastofe CI-artifacts download

See merge request 
2019-05-01 10:48:30 +00:00
Dominik V. Salonen 498c96d458 Add supervisord configuration 2019-04-16 07:14:44 +00:00
lambda 1b4c4d29a3 Merge branch 'ssl_trusted_cert' into 'develop'
ssl_trusted_certificate should point to chain.pem if we're demonstrating...

See merge request 
2019-04-12 08:58:46 +00:00
Haelwenn (lanodan) Monnier 378b964d8e
installation/download-mastofe-build.sh: Add copyright header
[ci skip]
2019-04-12 07:39:49 +02:00
Haelwenn (lanodan) Monnier b421dd3dd2
installation/download-mastofe-build.sh: Add mastofe CI-artifacts download
[ci skip]
2019-04-12 07:32:46 +02:00
Horsemans 10a9682596 ssl_trusted_certificate should point to chain.pem if we're demonstrating LetsEncrypt: https://community.letsencrypt.org/t/howto-ocsp-stapling-for-nginx/13611/5 2019-03-31 16:58:28 +00:00
Kenneth Zhao e1bdaaa3fe need to put back ipv4 listen instruct 2019-02-26 08:41:37 -08:00