Oneric
0ec62acb9d
Always insert Dedupe upload filter
...
This actually was already intended before to eradict all future
path-traversal-style exploits and to fix issues with some
characters like akkoma#610 in 0b2ec0ccee
. However, Dedupe and
AnonymizeFilename got mixed up. The latter only anonymises the name
in Content-Disposition headers GET parameters (with link_name),
_not_ the upload path.
Even without Dedupe, the upload path is prefixed by an UUID,
so it _should_ already be hard to guess for attackers. But now
we actually can be sure no path shenanigangs occur, uploads
reliably work and save some disk space.
While this makes the final path predictable, this prediction is
not exploitable. Insertion of a back-reference to the upload
itself requires pulling off a successfull preimage attack against
SHA-256, which is deemed infeasible for the foreseeable futures.
Dedupe was already included in the default list in config.exs
since 28cfb2c37a
, but this will get overridde by whatever the
config generated by the "pleroma.instance gen" task chose.
Upload+delete tests running in parallel using Dedupe might be flaky, but
this was already true before and needs its own commit to fix eventually.
2024-03-18 22:33:10 -01:00
Oneric
fef773ca35
Drop media base_url default and recommend different domain
...
Same-domain setups enabled now at least two exploits,
so they ought to be discouraged and definitely not be the default.
2024-03-18 22:33:10 -01:00
floatingghost
cdf73e0ac8
Merge pull request 'Better document database differences for Pleroma migrations' ( #699 ) from Oneric/akkoma:doc_pleroma-migration-db into develop
...
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/699
2024-02-24 04:33:43 +00:00
floatingghost
967e6b8ade
Merge pull request 'Docs: Add description for mrf_reject_newly_created_account_notes' ( #695 ) from YokaiRick/akkoma:doc_mrf_reject_acc_notes into develop
...
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/695
2024-02-24 04:31:28 +00:00
Oneric
bff2812a93
More prominently document db migrations in migrations from Pleroma
...
By now most instance will run a version past 2022-08 but the guide
only documented it for from source installs and Pleroma develop.
2024-02-23 23:54:14 +01:00
Oneric
7964272c98
Document how to avoid data loss on migration from Pleroma
2024-02-23 23:54:09 +01:00
rick
c25cfe9b7a
fixed spelling
2024-02-19 23:25:20 +01:00
Oneric
41dd37d796
doc/cheatsheet: add missing MRFs
...
Or mentions of MRFs in the main list
whose options were already documented.
2024-02-19 23:15:47 +01:00
Oneric
9830d54fa1
doc/cheatsheet: sort main MRF list alphabetically
...
It is too cumbersome to find a specific policy atm
or to check if all are docuemtned yet.
Trivial placeholder policies are excluded from this.
2024-02-19 23:15:30 +01:00
Oneric
f254e4f530
doc/cheatsheet: add missing MRF config detail docs
...
And remove “on by default” text from individual entries.
They are now laready in the “on by default” section.
2024-02-19 23:14:44 +01:00
Oneric
da4190c46e
doc/cheatsheet: split out always active MRFs
...
It doesn’t make sense to add/remove them from the policies list
2024-02-19 23:14:24 +01:00
Oneric
7a2d68c3ab
doc/cheatsheet: add link to ActivityExpiration config details
2024-02-19 23:14:07 +01:00
Oneric
8e7a89605d
doc/cheatsheet: move MRF policies key to end of section
...
This makes it easier to spot the transparency options
2024-02-19 23:13:48 +01:00
Oneric
1640d19448
doc/cheatsheet: move :activitypub section ahead
...
Else it is too easy to mistake for another MRF policy.
2024-02-19 23:13:25 +01:00
Oneric
8f1776a8a7
Purge leftovers from FollowBot MRF
...
It was dropped in 9db4c2429f
2024-02-19 23:13:05 +01:00
Oneric
1ec6e193e6
doc: clarify RejectNewlyCreated uses local account discovery
2024-02-19 23:12:41 +01:00
stefan230
b4c832471c
docs/docs/configuration/cheatsheet.md aktualisiert
...
fixed up some grammer / wording. removed a setence and made wording more in line with what I could find in Admin-FE (especially wording of "rejecting" vs. dropping)
2024-02-17 22:09:47 +00:00
rick
db49daa4a5
make it clearer what it affects
2024-02-17 22:57:56 +01:00
rick
718104117f
fix link
2024-02-17 22:34:55 +01:00
rick
12e7d0a25c
added doc for mrf_reject_newly_created_account_notes
2024-02-17 22:25:12 +01:00
Erin Shepherd
7a0e27a746
Disable busy waits in the default OTP vm.args
configuration.
...
This vastly reduces idle CPU usage, which should generally be beneficial
for most small-to-medium sized instances.
Additionally update the documentation to specify how to override the vm.args
file for OTP installs
2024-02-17 13:21:56 +01:00
Oneric
e99e2407f3
Add background_removal to SimplePolicy MRF
2024-02-16 16:36:45 +01:00
FloatingGhost
0ed815b8a1
Merge branch 'followback' into develop
2024-02-16 13:27:40 +00:00
Oneric
cda597a05c
doc: fix Akkoma identification name
...
Akkoma stopped pretending to be Pleroma here when the mix project name
was changed in c07fcdbf2b
.
2024-02-15 16:25:59 +01:00
Oneric
711043f57d
Document bubble timeline API
...
It was added in cb6e7359af
.
2024-02-15 16:04:33 +01:00
Oneric
6bb455702d
Document Akkoma API
2024-02-15 16:04:33 +01:00
Oneric
7493d8f49d
Document live dashboard
2024-02-15 16:04:33 +01:00
Oneric
376f6b15ca
Add ability to auto-approve followbacks
...
Resolves: https://akkoma.dev/AkkomaGang/akkoma/issues/148
2024-02-13 15:42:37 +01:00
Oneric
13e62b4e51
Fix schema and docs for status_ttl_days and instance
...
Fixes misspelling and omission of and example in commit
0cfd5b4e89
which added the
status_ttl_property. This was the only place this commit
referred to the property as note_ttl_days.
Partially fixes the omitted schema update of the instance metadata addition
from commit b7e8ce2350
. A proper full schema
for nodeinfo is still missing.
2024-02-13 15:39:52 +01:00
floatingghost
e97d08ee98
Merge pull request 'MRF transparency: don’t forget to obfuscate short domains' ( #676 ) from Oneric/akkoma:mrf-obfuscation into develop
...
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/676
2024-02-05 08:43:43 +00:00
Oneric
3cd882528e
More prominently document MRF transparency and obfuscation
...
And point to the cheat sheet for all other MRF policies
and their configuration details.
2024-02-02 14:50:21 +00:00
Aria
a074be24ca
add bit about frontend configuration to oauth consumer docs
2023-12-17 19:36:27 +00:00
FloatingGhost
74d5e22fc5
fix robotstxt on OTP
2023-12-15 16:23:20 +00:00
floatingghost
bc22ea50ab
Merge pull request 'docs: Fixed wrong command for robots_txt CLI task' ( #632 ) from yukijoou/akkoma:docs-robotstxt-fix into develop
...
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/632
2023-12-15 16:21:17 +00:00
FloatingGhost
fb700a956a
correct link
2023-11-02 11:40:19 +00:00
yuki joou
32422a7a04
docs: Fixed wrong command for robots_txt CLI task
...
This is according to the error message displayed when trying to run the
command in the current version of the docs
2023-08-18 13:25:52 +00:00
y0nei
0617090743
Note about Docker installations in backup section
2023-08-17 16:51:53 +02:00
FloatingGhost
f7ea0a1248
bump OTP required
2023-08-16 23:01:02 +01:00
FloatingGhost
6139c3346d
Add extra rollbacks to pleroma develop
2023-08-16 22:49:23 +01:00
YokaiRick
76ba400c6d
nginx subdir is missing in otp builds
2023-08-12 22:09:32 +00:00
YokaiRick
655c282de3
update docs nginx subdir in akkoma/installation is gone
2023-08-12 21:59:30 +00:00
Norm
9a7c30fc90
Update OTP docs to mention arm64 in prerequisites
2023-08-05 10:39:03 -04:00
Sandra Snan
2556f44219
Fix typo in frontend management docs
2023-08-04 22:34:39 +01:00
FloatingGhost
8fd74548ff
Combine ubuntu and debian builds
2023-08-04 20:37:17 +01:00
FloatingGhost
6e293b9280
Bump versions in use in the docs
2023-08-04 14:19:18 +01:00
floatingghost
4fe80acf8f
Merge pull request '[docs] Improve some installation instructions' ( #607 ) from ilja/akkoma:docs_improve_some_installation_instructions into develop
...
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/607
2023-08-02 09:17:11 +00:00
ilja
8b63a17b87
In chat we often saw that people copy-pasted the "amd64" flavour while they needed another one.
...
Here we make it a generic placeholder which should make accidental copy-pasting of this command happen less.
We also had one case of someone who got errors because the SHELL variable wasn't set. This is the case for Alpine.
Here I added a line to fill it in when not set.
2023-07-31 15:56:39 +02:00
FloatingGhost
801fe9fe32
Changelog
2023-07-27 14:41:18 +01:00
FloatingGhost
800c4bc442
correct build conditions
2023-07-27 14:21:12 +01:00
FloatingGhost
b63fca2dd7
only build ARM AMD64 on develop
2023-07-27 14:19:28 +01:00