Commit Graph

138 Commits

Author SHA1 Message Date
Dominik Süß
199b685f43
[feature] overhaul the oidc system (#961)
* [feature] overhaul the oidc system

this allows for more flexible username handling and prevents account
takeover using old email addresses

* [feature] add migration path for old OIDC users

* [feature] nicer error reporting for users

* [docs] document the new OIDC flow

* [fix] return early on oidc error

* [docs]: add comments on the finalization logic
2022-12-06 14:15:56 +01:00
f0x52
f9e5ec99bd
[docs] Remove filesystem logging directives from example systemd unit config (#1206)
* remove filesystem logging directives from example systemd unit config

* [docs] Update docs to reflect new systemd config

Co-authored-by: tsmethurst <tobi.smethurst@protonmail.com>
2022-12-05 11:10:13 +01:00
kernelmethod
1652633d93
[docs] Add AppArmor profile for Debian and Ubuntu installations (#1183)
* Enable the 'admonitions' Markdown extension for Mkdocs.

The admonitions extension to Python-Markdown allows you to include
rST-style "admonitions" to Markdown documents, for instance,

    !!! note
        Here's an important note to keep in mind!

In general, the current documentation uses bold text to try to achieve
the same effect, which is a bit harder to notice and makes it difficult
to differentiate between "here's something useful to know" versus "here
there be dragons".

* Add AppArmor profile and documentation for LSM-related sandboxing

This commit adds an AppArmor profile for gotosocial in
examples/apparmor/gotosocial. This will (hopefully) serve as a helpful
security mitigation for people are planning on deploying GTS on a
Debian-family Linux distribution.

I've also updates the documentation to include some information about
deploying GTS with either AppArmor or SELinux (moving the documentation
for the former out of the "binary installation guide" docs).
2022-11-30 23:09:26 +01:00
Phil Hagelberg
8b0c92ec41
[docs] Explain that before 0.6.0, account confirm was necessary. (#1149)
Since the documentation site only shows the latest version of the
docs, we need the docs to explain how to use the latest stable
release, not just the latest git version.
2022-11-25 18:56:01 +01:00
tobi
13e9abd02a
[feature] Add admin media prune orphaned CLI command (#1146)
* add FilePath regex

* add `admin media prune orphaned` command

* add prune orphaned function to media manager

* don't mark flag as required

* document admin media prune orphaned cmd

* oh envparsing.sh you coy minx
2022-11-25 17:23:42 +00:00
Phil Hagelberg
9e18c7f996
[bugfix] Change emailVerified to true for admin account create (#1140)
The NewSignup method was already being called with
requireApproval=false, but it had emailVerified=false as well, which
meant that it was required to use the `admin account confirm` command
to verify the email before the newly-created user could log in.

I think that was probably an oversight; effectively it did require
approval anyway. Changing emailVerified to true allows you to just
create the account and log in immediately, reducing the opportunity
for manual error to sneak in.

Also updated the docs to remove the mention of needing to confirm new
accounts. However, I've left the confirmation command alone because I
think once we have web signups, it will be needed in that context.
2022-11-25 16:44:27 +01:00
tobi
b6dbe21026
[feature] PATCH /api/v1/admin/custom_emojis/{id} endpoint (#1061)
* start adding admin emoji PATCH stuff

* updating works OK, now how about copying

* allow emojis to be copied

* update swagger docs

* update admin processer to use non-interface storage driver

* remove shortcode updating for local emojis

* go fmt

Co-authored-by: f0x52 <f0x@cthu.lu>
2022-11-24 18:12:07 +00:00
dx
8942a70856
[docs] Clarify that reverse proxy setups need trusted-proxies (#1127)
* [docs] Clarify that reverse proxy setups need trusted-proxies

* Remove the jq usage
2022-11-23 16:10:56 +01:00
tobi
90bbcf1bcf
[docs] Document http/s/socks5 proxy use (#1118) 2022-11-22 17:51:51 +01:00
Phil Hagelberg
b153808472
[docs] Add first draft of FAQ (#1086)
* Clarify that gotosocial doesn't use recommendation algorithms

It uses lots of algorithms.

    ~/src/gotosocial $ rgrep algorithm . | wc
        856    8971  143395

* Add first draft of the FAQ.

* Suggested FAQ changes.

Mention backfill of posts as not yet being implemented; link to FAQ
from readme/index.

Mention that GtS does serve up some UI; just not most interaction.
2022-11-21 13:19:51 +01:00
Michael Manfre
67106c9dc4
[feature] Support markdown format for Account bio/note (#1037)
* [feature] Status format also controls bio format

* test
2022-11-19 10:07:51 +01:00
Leonora Tindall
2216f253c1
[docs] Move and document logs (#1076)
Rather than a single access log and no error logging, put the logs in
/var/log/gotosocial/, and document creating and owning that directory
2022-11-19 10:06:37 +01:00
Leonora Tindall
c964856927
[docs] Remove trailing / from proxy_pass for nginx (#1077)
The trailing / can break relative URLs.
2022-11-19 10:05:31 +01:00
Jelle van der Waa
91c3489d5f
[docs] Add AUR Reference (#1054)
The AUR is the Arch unofficial repository, where users can upload PKGBUILD's for Arch Linux users to build a package.
2022-11-17 15:05:51 +01:00
tobi
c56998ff05
[docs] add account domain documentation (#1065)
* [docs] add account domain documentation

* add note about parent/subdomain
2022-11-17 15:04:35 +01:00
tobi
1852175906
[docs] Update docker.md with docker tag / version stuff (#1067) 2022-11-17 13:40:05 +01:00
Phil Hagelberg
9ab60136dd
[docs] Both HTTP proxies and NAT can cause rate limiting issues (#1053)
Also explain specifically that setting the rate limit to zero turns
off rate limiting rather than actually setting the limit to zero,
since this is not intuitive.
2022-11-15 17:31:14 +01:00
tobi
a39a664525
[feature] Serialize local account role via API, and show it via web view (#1045)
* [feature] Add 'role' field to api serialization of local accounts

* [chore] Add a bit of license text while I'm here

* [frogend] render account role on same line as username in web view of profile

* style tweaking on role badges, general profile header layout

* profile stats wrapping

* don't render standard 'user' role on web view

Co-authored-by: f0x <f0x@cthu.lu>
2022-11-15 10:19:32 +01:00
tobi
4cd00d546c
[feature] Allow newly uploaded emojis to be placed in categories (#939)
* [feature] Add emoji categories GET
Serialize emojis in appropriate categories; make it possible to get categories via the admin API

* [feature] Create (or use existing) category for new emoji uploads

* fix lint issue

* update misleading line in swagger docs
2022-11-14 22:47:27 +00:00
tobi
8c20ccd9a8
[chore] Remove unused admin account suspend action (#1047)
* [docs] clarify that admin account commands are for local accounts

* [chore] remove confusing unused `admin account suspend` command
2022-11-14 16:51:53 +01:00
Rob Sargant
d120743e8b
[feature] add instance-expose-public-timeline flag (#1039)
* Add instance-expose-public-timeline flag

Adds a config flag that allows unauthenticated access to /api/v1/timelines/public. Defaults to false to replicate existing behaviour.

* Update structure following review

* Add comment

* Fix linting
2022-11-14 10:30:01 +01:00
Mara Sophie Grosch
948e90b95a
[feature] S3: add config flag to proxy S3 media (#1014)
* S3: add config value "proxy" for not redirecting

Signed-off-by: Mara Sophie Grosch <littlefox@lf-net.org>

* S3: document new config value "proxy"

* S3: add new config value "proxy" to test scripts

Signed-off-by: Mara Sophie Grosch <littlefox@lf-net.org>
2022-11-11 12:03:18 +01:00
Lukáš Zapletal
b755906ad1
[docs] postgres collation warning (#1017) 2022-11-11 09:42:04 +01:00
EchedeyLR
847a466417
[docs] Replace old references to the previous streaming with websockets (#1015) 2022-11-10 14:41:46 +01:00
tobi
b4f7316a4c
[feature] Make instance thumbnail configurable via admin panel (#973)
* [feature] Make instance thumbnail configurable via admin panel

* log db errors in InstanceToAPIInstance

* only update instance in db if necessary

* start adding tests

* finish test
2022-11-08 17:11:06 +00:00
Lukáš Zapletal
b08fd129e2
[docs] add link to SELinux policy (#993) 2022-11-08 10:36:44 +01:00
K
0d51d5c13b
[docs] refer to the latest release version (#992) 2022-11-07 14:26:41 +01:00
tobi
298a7ad21b
[docs] add note about Alpha status right at the top (#971) 2022-11-06 12:18:52 +01:00
tobi
4d66fb9603
[feature] Make rate limit requests amount configurable (#966)
* update rate limit documentation

* regenerate landingpage config helpers

* make rate limit rate configurable
2022-11-06 09:47:48 +00:00
EchedeyLR
ba46e622f1
[docs] Update apache-httpd.md (#937) 2022-11-01 10:36:10 +01:00
EchedeyLR
47de702506
[docs] Change Apache SSL setup to automatic and manual mode (#936)
* Update apache-httpd.md

* Update apache-httpd.md

* Update apache-httpd.md
2022-10-31 14:14:02 +01:00
tobi
ea90d12169
[docs] Add Apache HTTP Server without LetsEncrypt (#935) 2022-10-31 13:51:09 +01:00
tobi
972bd17aaa
[docs] Update Apache2 HTTP Server docs for websockets (#934) 2022-10-31 13:21:12 +01:00
Mia Heidenstedt
c0a2d702a3
[docs] Update swagger.md (#933)
See https://github.com/superseriousbusiness/gotosocial/blob/main/internal/api/security/security.go

```go
	s.AttachMiddleware(m.RateLimit(RateLimitOptions{
		// accept a maximum of 1000 requests in 5 minutes window
		Period: 5 * time.Minute,
		Limit:  1000,
	}))
```
2022-10-31 13:20:39 +01:00
f0x52
2a83390177
[chore] update profile screenshot (#927)
* update profile screenshot

* optipng
2022-10-25 21:47:05 +01:00
mscherer
b4a83e4b51
FIx typo (#918) 2022-10-25 08:25:42 +01:00
tobi
ccd5b34c2c
[docs] Use correct form for status submit (#915) 2022-10-17 12:54:36 +02:00
tobi
f7416d6e94
[feature] Add emoji DELETE handler at /api/v1/admin/custom_emojis (#913)
* add emoji DELETE handler

* no need to process error (thanks kim)

* don't double check if user is admin

* add missing security annotation
2022-10-14 17:30:04 +02:00
tobi
6a95f5fa67
[feature] Add /api/v1/admin/custom_emojis/{id} endpoint for single emoji GET (#910)
* fix error in prev swagger docs

* add GET for single admin emoji
2022-10-13 16:37:55 +02:00
tobi
eb85ef7325
[feature] Add /api/v1/admin/custom_emojis endpoint (#902)
* add admin emojis get path + model + docs

* stub admin emojis get processor function

* add id + disabled fields to admin emoji

* add emoji -> api admin emoji converter

* tidy up a bit

* add GetEmojis function

* finish up get emojis function

* order by shortcodedomain

* ASC

* tidy up + explain

* update to allow paging

* make admin emojis pageable

* fix mixed case paging

* normalize emoji queries a bit better

* test emoji get paging

* make limit optional

* fix incorrect path in media cleanup tests

* i have bad coder syndrome

* don't trimspace

* rename -> GetUseableEmojis

* wrap emoji query in subquery
avoid selecting more than we need

* fix a bit of sillyness teehee

* fix subquery postgres woes
2022-10-12 15:01:42 +02:00
tobi
80663061d8
[feature] Add opt-in RSS feed for account's latest Public posts (#897)
* start adding rss functionality

* add gorilla/feeds dependency

* first bash at building rss feed
still needs work, this is an interim commit

* tidy up a bit

* add publicOnly option to GetAccountLastPosted

* implement rss endpoint

* fix test

* add initial user docs for rss

* update rss logo

* docs update

* add rssFeed to frontend

* feed -> feed.rss

* enableRSS

* increase rss logo size a lil bit

* add rss toggle

* move emojify to text package

* fiddle with rss feed formatting

* add Text field to test statuses

* move status to rss item to typeconverter

* update bun schema for enablerss

* simplify 304 checking

* assume account not rss

* update tests

* update swagger docs

* allow more characters in title, trim nicer

* update last posted to be more consistent
2022-10-08 14:00:39 +02:00
tobi
f8528aa689
[feature] Add emoji image size to instance response (#892) 2022-10-06 12:00:53 +02:00
tobi
f0bf69d4d0
[chore] Add ipv6 localhost to trusted proxies by default (#868)
* add ipv6 localhost to trusted proxies by default

* test different trusted proxies
2022-09-29 17:08:56 +02:00
kim
a156188b3e
[chore] update dependencies, bump to Go 1.19.1 (#826)
* update dependencies, bump Go version to 1.19

* bump test image Go version

* update golangci-lint

* update gotosocial-drone-build

* sign

* linting, go fmt

* update swagger docs

* update swagger docs

* whitespace

* update contributing.md

* fuckin whoopsie doopsie

* linterino, linteroni

* fix followrequest test not starting processor

* fix other api/client tests not starting processor

* fix remaining tests where processor not started

* bump go-runners version

* don't check last-webfingered-at, processor may have updated this

* update swagger command

* update bun to latest version

* fix embed to work the same as before with new bun

Signed-off-by: kim <grufwub@gmail.com>
Co-authored-by: tsmethurst <tobi.smethurst@protonmail.com>
2022-09-28 18:30:40 +01:00
tobi
69a193dae5
[feature] Allow delivery to sharedInboxes where possible (#847)
* update Activity

* add instance-deliver-to-shared-inboxes setting

* update activity version again

* add SharedInboxURI field to accounts

* serdes for endpoints/sharedInbox

* deliver to sharedInbox if one is available

* update tests

* only assign shared inbox if shared domain

* look for shared inbox if currently nil

* go fmt

* finger to get params.RemoteAccountID if necessary

* make comments clearer

* compare dns more consistently
2022-09-23 20:27:35 +01:00
Phil Hagelberg
8c20626c51
[docs] Add --config-path to example CLI commands where needed. (#843)
Previously we had a few examples referring to --config-file (which is
not accepted) but most were missing it altogether. Put this argument
last in all the examples.

Also replaced "./example.json" with just "example.json" in the
import/export examples because the "./" was unnecessary.
2022-09-20 10:52:02 +02:00
tobi
6a10123790
[docs] Swagger document /api/v1/custom_emojis (#824) 2022-09-13 13:30:07 +02:00
tobi
b42469e4e0
[feature] Allow users to set custom css for their profiles + threads (#808)
* add custom css account property + db func to fetch

* allow account to get/set custom css

* serve custom css for an account

* go fmt

* use monospace for customcss, add link

* add custom css to account cache

* fix broken field

* add custom css docs to user guide

* add `accounts-allow-custom-css` config flag

* add allow custom css to /api/v1/instance response

* only show/set custom css if allowed to do so

* only set/serve custom account css if enabled

* update swagger docs

* chain promise

* make bool a bit clearer

* use cache for GetAccountCustomCSSByUsername
2022-09-12 13:14:29 +02:00
tobi
268f252e0d
[feature] Fetch + display custom emoji in statuses from remote instances (#807)
* start implementing remote emoji fetcher

* update status where pk

* aaa

* tidy up a little

* check size limits for emojis

* thank you linter, i love you <3

* update swagger docs

* add emoji dereference test

* make emoji max sizes configurable

* normalize db.ErrAlreadyExists
2022-09-12 13:03:23 +02:00
tobi
31639c9b80
[docs] unbreak standard css (#818) 2022-09-11 14:35:28 +02:00