commit
ffb4eb9779
@ -0,0 +1 @@
|
||||
https://github.com/hashnuke/heroku-buildpack-elixir
|
@ -0,0 +1,2 @@
|
||||
Ariadne Conill <ariadne@dereferenced.org> <nenolod@dereferenced.org>
|
||||
Ariadne Conill <ariadne@dereferenced.org> <nenolod@gmail.com>
|
@ -1,403 +0,0 @@
|
||||
Attribution-NonCommercial-NoDerivatives 4.0 International
|
||||
|
||||
=======================================================================
|
||||
|
||||
Creative Commons Corporation ("Creative Commons") is not a law firm and
|
||||
does not provide legal services or legal advice. Distribution of
|
||||
Creative Commons public licenses does not create a lawyer-client or
|
||||
other relationship. Creative Commons makes its licenses and related
|
||||
information available on an "as-is" basis. Creative Commons gives no
|
||||
warranties regarding its licenses, any material licensed under their
|
||||
terms and conditions, or any related information. Creative Commons
|
||||
disclaims all liability for damages resulting from their use to the
|
||||
fullest extent possible.
|
||||
|
||||
Using Creative Commons Public Licenses
|
||||
|
||||
Creative Commons public licenses provide a standard set of terms and
|
||||
conditions that creators and other rights holders may use to share
|
||||
original works of authorship and other material subject to copyright
|
||||
and certain other rights specified in the public license below. The
|
||||
following considerations are for informational purposes only, are not
|
||||
exhaustive, and do not form part of our licenses.
|
||||
|
||||
Considerations for licensors: Our public licenses are
|
||||
intended for use by those authorized to give the public
|
||||
permission to use material in ways otherwise restricted by
|
||||
copyright and certain other rights. Our licenses are
|
||||
irrevocable. Licensors should read and understand the terms
|
||||
and conditions of the license they choose before applying it.
|
||||
Licensors should also secure all rights necessary before
|
||||
applying our licenses so that the public can reuse the
|
||||
material as expected. Licensors should clearly mark any
|
||||
material not subject to the license. This includes other CC-
|
||||
licensed material, or material used under an exception or
|
||||
limitation to copyright. More considerations for licensors:
|
||||
wiki.creativecommons.org/Considerations_for_licensors
|
||||
|
||||
Considerations for the public: By using one of our public
|
||||
licenses, a licensor grants the public permission to use the
|
||||
licensed material under specified terms and conditions. If
|
||||
the licensor's permission is not necessary for any reason--for
|
||||
example, because of any applicable exception or limitation to
|
||||
copyright--then that use is not regulated by the license. Our
|
||||
licenses grant only permissions under copyright and certain
|
||||
other rights that a licensor has authority to grant. Use of
|
||||
the licensed material may still be restricted for other
|
||||
reasons, including because others have copyright or other
|
||||
rights in the material. A licensor may make special requests,
|
||||
such as asking that all changes be marked or described.
|
||||
Although not required by our licenses, you are encouraged to
|
||||
respect those requests where reasonable. More considerations
|
||||
for the public:
|
||||
wiki.creativecommons.org/Considerations_for_licensees
|
||||
|
||||
=======================================================================
|
||||
|
||||
Creative Commons Attribution-NonCommercial-NoDerivatives 4.0
|
||||
International Public License
|
||||
|
||||
By exercising the Licensed Rights (defined below), You accept and agree
|
||||
to be bound by the terms and conditions of this Creative Commons
|
||||
Attribution-NonCommercial-NoDerivatives 4.0 International Public
|
||||
License ("Public License"). To the extent this Public License may be
|
||||
interpreted as a contract, You are granted the Licensed Rights in
|
||||
consideration of Your acceptance of these terms and conditions, and the
|
||||
Licensor grants You such rights in consideration of benefits the
|
||||
Licensor receives from making the Licensed Material available under
|
||||
these terms and conditions.
|
||||
|
||||
|
||||
Section 1 -- Definitions.
|
||||
|
||||
a. Adapted Material means material subject to Copyright and Similar
|
||||
Rights that is derived from or based upon the Licensed Material
|
||||
and in which the Licensed Material is translated, altered,
|
||||
arranged, transformed, or otherwise modified in a manner requiring
|
||||
permission under the Copyright and Similar Rights held by the
|
||||
Licensor. For purposes of this Public License, where the Licensed
|
||||
Material is a musical work, performance, or sound recording,
|
||||
Adapted Material is always produced where the Licensed Material is
|
||||
synched in timed relation with a moving image.
|
||||
|
||||
b. Copyright and Similar Rights means copyright and/or similar rights
|
||||
closely related to copyright including, without limitation,
|
||||
performance, broadcast, sound recording, and Sui Generis Database
|
||||
Rights, without regard to how the rights are labeled or
|
||||
categorized. For purposes of this Public License, the rights
|
||||
specified in Section 2(b)(1)-(2) are not Copyright and Similar
|
||||
Rights.
|
||||
|
||||
c. Effective Technological Measures means those measures that, in the
|
||||
absence of proper authority, may not be circumvented under laws
|
||||
fulfilling obligations under Article 11 of the WIPO Copyright
|
||||
Treaty adopted on December 20, 1996, and/or similar international
|
||||
agreements.
|
||||
|
||||
d. Exceptions and Limitations means fair use, fair dealing, and/or
|
||||
any other exception or limitation to Copyright and Similar Rights
|
||||
that applies to Your use of the Licensed Material.
|
||||
|
||||
e. Licensed Material means the artistic or literary work, database,
|
||||
or other material to which the Licensor applied this Public
|
||||
License.
|
||||
|
||||
f. Licensed Rights means the rights granted to You subject to the
|
||||
terms and conditions of this Public License, which are limited to
|
||||
all Copyright and Similar Rights that apply to Your use of the
|
||||
Licensed Material and that the Licensor has authority to license.
|
||||
|
||||
g. Licensor means the individual(s) or entity(ies) granting rights
|
||||
under this Public License.
|
||||
|
||||
h. NonCommercial means not primarily intended for or directed towards
|
||||
commercial advantage or monetary compensation. For purposes of
|
||||
this Public License, the exchange of the Licensed Material for
|
||||
other material subject to Copyright and Similar Rights by digital
|
||||
file-sharing or similar means is NonCommercial provided there is
|
||||
no payment of monetary compensation in connection with the
|
||||
exchange.
|
||||
|
||||
i. Share means to provide material to the public by any means or
|
||||
process that requires permission under the Licensed Rights, such
|
||||
as reproduction, public display, public performance, distribution,
|
||||
dissemination, communication, or importation, and to make material
|
||||
available to the public including in ways that members of the
|
||||
public may access the material from a place and at a time
|
||||
individually chosen by them.
|
||||
|
||||
j. Sui Generis Database Rights means rights other than copyright
|
||||
resulting from Directive 96/9/EC of the European Parliament and of
|
||||
the Council of 11 March 1996 on the legal protection of databases,
|
||||
as amended and/or succeeded, as well as other essentially
|
||||
equivalent rights anywhere in the world.
|
||||
|
||||
k. You means the individual or entity exercising the Licensed Rights
|
||||
under this Public License. Your has a corresponding meaning.
|
||||
|
||||
|
||||
Section 2 -- Scope.
|
||||
|
||||
a. License grant.
|
||||
|
||||
1. Subject to the terms and conditions of this Public License,
|
||||
the Licensor hereby grants You a worldwide, royalty-free,
|
||||
non-sublicensable, non-exclusive, irrevocable license to
|
||||
exercise the Licensed Rights in the Licensed Material to:
|
||||
|
||||
a. reproduce and Share the Licensed Material, in whole or
|
||||
in part, for NonCommercial purposes only; and
|
||||
|
||||
b. produce and reproduce, but not Share, Adapted Material
|
||||
for NonCommercial purposes only.
|
||||
|
||||
2. Exceptions and Limitations. For the avoidance of doubt, where
|
||||
Exceptions and Limitations apply to Your use, this Public
|
||||
License does not apply, and You do not need to comply with
|
||||
its terms and conditions.
|
||||
|
||||
3. Term. The term of this Public License is specified in Section
|
||||
6(a).
|
||||
|
||||
4. Media and formats; technical modifications allowed. The
|
||||
Licensor authorizes You to exercise the Licensed Rights in
|
||||
all media and formats whether now known or hereafter created,
|
||||
and to make technical modifications necessary to do so. The
|
||||
Licensor waives and/or agrees not to assert any right or
|
||||
authority to forbid You from making technical modifications
|
||||
necessary to exercise the Licensed Rights, including
|
||||
technical modifications necessary to circumvent Effective
|
||||
Technological Measures. For purposes of this Public License,
|
||||
simply making modifications authorized by this Section 2(a)
|
||||
(4) never produces Adapted Material.
|
||||
|
||||
5. Downstream recipients.
|
||||
|
||||
a. Offer from the Licensor -- Licensed Material. Every
|
||||
recipient of the Licensed Material automatically
|
||||
receives an offer from the Licensor to exercise the
|
||||
Licensed Rights under the terms and conditions of this
|
||||
Public License.
|
||||
|
||||
b. No downstream restrictions. You may not offer or impose
|
||||
any additional or different terms or conditions on, or
|
||||
apply any Effective Technological Measures to, the
|
||||
Licensed Material if doing so restricts exercise of the
|
||||
Licensed Rights by any recipient of the Licensed
|
||||
Material.
|
||||
|
||||
6. No endorsement. Nothing in this Public License constitutes or
|
||||
may be construed as permission to assert or imply that You
|
||||
are, or that Your use of the Licensed Material is, connected
|
||||
with, or sponsored, endorsed, or granted official status by,
|
||||
the Licensor or others designated to receive attribution as
|
||||
provided in Section 3(a)(1)(A)(i).
|
||||
|
||||
b. Other rights.
|
||||
|
||||
1. Moral rights, such as the right of integrity, are not
|
||||
licensed under this Public License, nor are publicity,
|
||||
privacy, and/or other similar personality rights; however, to
|
||||
the extent possible, the Licensor waives and/or agrees not to
|
||||
assert any such rights held by the Licensor to the limited
|
||||
extent necessary to allow You to exercise the Licensed
|
||||
Rights, but not otherwise.
|
||||
|
||||
2. Patent and trademark rights are not licensed under this
|
||||
Public License.
|
||||
|
||||
3. To the extent possible, the Licensor waives any right to
|
||||
collect royalties from You for the exercise of the Licensed
|
||||
Rights, whether directly or through a collecting society
|
||||
under any voluntary or waivable statutory or compulsory
|
||||
licensing scheme. In all other cases the Licensor expressly
|
||||
reserves any right to collect such royalties, including when
|
||||
the Licensed Material is used other than for NonCommercial
|
||||
purposes.
|
||||
|
||||
|
||||
Section 3 -- License Conditions.
|
||||
|
||||
Your exercise of the Licensed Rights is expressly made subject to the
|
||||
following conditions.
|
||||
|
||||
a. Attribution.
|
||||
|
||||
1. If You Share the Licensed Material, You must:
|
||||
|
||||
a. retain the following if it is supplied by the Licensor
|
||||
with the Licensed Material:
|
||||
|
||||
i. identification of the creator(s) of the Licensed
|
||||
Material and any others designated to receive
|
||||
attribution, in any reasonable manner requested by
|
||||
the Licensor (including by pseudonym if
|
||||
designated);
|
||||
|
||||
ii. a copyright notice;
|
||||
|
||||
iii. a notice that refers to this Public License;
|
||||
|
||||
iv. a notice that refers to the disclaimer of
|
||||
warranties;
|
||||
|
||||
v. a URI or hyperlink to the Licensed Material to the
|
||||
extent reasonably practicable;
|
||||
|
||||
b. indicate if You modified the Licensed Material and
|
||||
retain an indication of any previous modifications; and
|
||||
|
||||
c. indicate the Licensed Material is licensed under this
|
||||
Public License, and include the text of, or the URI or
|
||||
hyperlink to, this Public License.
|
||||
|
||||
For the avoidance of doubt, You do not have permission under
|
||||
this Public License to Share Adapted Material.
|
||||
|
||||
2. You may satisfy the conditions in Section 3(a)(1) in any
|
||||
reasonable manner based on the medium, means, and context in
|
||||
which You Share the Licensed Material. For example, it may be
|
||||
reasonable to satisfy the conditions by providing a URI or
|
||||
hyperlink to a resource that includes the required
|
||||
information.
|
||||
|
||||
3. If requested by the Licensor, You must remove any of the
|
||||
information required by Section 3(a)(1)(A) to the extent
|
||||
reasonably practicable.
|
||||
|
||||
|
||||
Section 4 -- Sui Generis Database Rights.
|
||||
|
||||
Where the Licensed Rights include Sui Generis Database Rights that
|
||||
apply to Your use of the Licensed Material:
|
||||
|
||||
a. for the avoidance of doubt, Section 2(a)(1) grants You the right
|
||||
to extract, reuse, reproduce, and Share all or a substantial
|
||||
portion of the contents of the database for NonCommercial purposes
|
||||
only and provided You do not Share Adapted Material;
|
||||
|
||||
b. if You include all or a substantial portion of the database
|
||||
contents in a database in which You have Sui Generis Database
|
||||
Rights, then the database in which You have Sui Generis Database
|
||||
Rights (but not its individual contents) is Adapted Material; and
|
||||
|
||||
c. You must comply with the conditions in Section 3(a) if You Share
|
||||
all or a substantial portion of the contents of the database.
|
||||
|
||||
For the avoidance of doubt, this Section 4 supplements and does not
|
||||
replace Your obligations under this Public License where the Licensed
|
||||
Rights include other Copyright and Similar Rights.
|
||||
|
||||
|
||||
Section 5 -- Disclaimer of Warranties and Limitation of Liability.
|
||||
|
||||
a. UNLESS OTHERWISE SEPARATELY UNDERTAKEN BY THE LICENSOR, TO THE
|
||||
EXTENT POSSIBLE, THE LICENSOR OFFERS THE LICENSED MATERIAL AS-IS
|
||||
AND AS-AVAILABLE, AND MAKES NO REPRESENTATIONS OR WARRANTIES OF
|
||||
ANY KIND CONCERNING THE LICENSED MATERIAL, WHETHER EXPRESS,
|
||||
IMPLIED, STATUTORY, OR OTHER. THIS INCLUDES, WITHOUT LIMITATION,
|
||||
WARRANTIES OF TITLE, MERCHANTABILITY, FITNESS FOR A PARTICULAR
|
||||
PURPOSE, NON-INFRINGEMENT, ABSENCE OF LATENT OR OTHER DEFECTS,
|
||||
ACCURACY, OR THE PRESENCE OR ABSENCE OF ERRORS, WHETHER OR NOT
|
||||
KNOWN OR DISCOVERABLE. WHERE DISCLAIMERS OF WARRANTIES ARE NOT
|
||||
ALLOWED IN FULL OR IN PART, THIS DISCLAIMER MAY NOT APPLY TO YOU.
|
||||
|
||||
b. TO THE EXTENT POSSIBLE, IN NO EVENT WILL THE LICENSOR BE LIABLE
|
||||
TO YOU ON ANY LEGAL THEORY (INCLUDING, WITHOUT LIMITATION,
|
||||
NEGLIGENCE) OR OTHERWISE FOR ANY DIRECT, SPECIAL, INDIRECT,
|
||||
INCIDENTAL, CONSEQUENTIAL, PUNITIVE, EXEMPLARY, OR OTHER LOSSES,
|
||||
COSTS, EXPENSES, OR DAMAGES ARISING OUT OF THIS PUBLIC LICENSE OR
|
||||
USE OF THE LICENSED MATERIAL, EVEN IF THE LICENSOR HAS BEEN
|
||||
ADVISED OF THE POSSIBILITY OF SUCH LOSSES, COSTS, EXPENSES, OR
|
||||
DAMAGES. WHERE A LIMITATION OF LIABILITY IS NOT ALLOWED IN FULL OR
|
||||
IN PART, THIS LIMITATION MAY NOT APPLY TO YOU.
|
||||
|
||||
c. The disclaimer of warranties and limitation of liability provided
|
||||
above shall be interpreted in a manner that, to the extent
|
||||
possible, most closely approximates an absolute disclaimer and
|
||||
waiver of all liability.
|
||||
|
||||
|
||||
Section 6 -- Term and Termination.
|
||||
|
||||
a. This Public License applies for the term of the Copyright and
|
||||
Similar Rights licensed here. However, if You fail to comply with
|
||||
this Public License, then Your rights under this Public License
|
||||
terminate automatically.
|
||||
|
||||
b. Where Your right to use the Licensed Material has terminated under
|
||||
Section 6(a), it reinstates:
|
||||
|
||||
1. automatically as of the date the violation is cured, provided
|
||||
it is cured within 30 days of Your discovery of the
|
||||
violation; or
|
||||
|
||||
2. upon express reinstatement by the Licensor.
|
||||
|
||||
For the avoidance of doubt, this Section 6(b) does not affect any
|
||||
right the Licensor may have to seek remedies for Your violations
|
||||
of this Public License.
|
||||
|
||||
c. For the avoidance of doubt, the Licensor may also offer the
|
||||
Licensed Material under separate terms or conditions or stop
|
||||
distributing the Licensed Material at any time; however, doing so
|
||||
will not terminate this Public License.
|
||||
|
||||
d. Sections 1, 5, 6, 7, and 8 survive termination of this Public
|
||||
License.
|
||||
|
||||
|
||||
Section 7 -- Other Terms and Conditions.
|
||||
|
||||
a. The Licensor shall not be bound by any additional or different
|
||||
terms or conditions communicated by You unless expressly agreed.
|
||||
|
||||
b. Any arrangements, understandings, or agreements regarding the
|
||||
Licensed Material not stated herein are separate from and
|
||||
independent of the terms and conditions of this Public License.
|
||||
|
||||
|
||||
Section 8 -- Interpretation.
|
||||
|
||||
a. For the avoidance of doubt, this Public License does not, and
|
||||
shall not be interpreted to, reduce, limit, restrict, or impose
|
||||
conditions on any use of the Licensed Material that could lawfully
|
||||
be made without permission under this Public License.
|
||||
|
||||
b. To the extent possible, if any provision of this Public License is
|
||||
deemed unenforceable, it shall be automatically reformed to the
|
||||
minimum extent necessary to make it enforceable. If the provision
|
||||
cannot be reformed, it shall be severed from this Public License
|
||||
without affecting the enforceability of the remaining terms and
|
||||
conditions.
|
||||
|
||||
c. No term or condition of this Public License will be waived and no
|
||||
failure to comply consented to unless expressly agreed to by the
|
||||
Licensor.
|
||||
|
||||
d. Nothing in this Public License constitutes or may be interpreted
|
||||
as a limitation upon, or waiver of, any privileges and immunities
|
||||
that apply to the Licensor or You, including from the legal
|
||||
processes of any jurisdiction or authority.
|
||||
|
||||
=======================================================================
|
||||
|
||||
Creative Commons is not a party to its public
|
||||
licenses. Notwithstanding, Creative Commons may elect to apply one of
|
||||
its public licenses to material it publishes and in those instances
|
||||
will be considered the “Licensor.” The text of the Creative Commons
|
||||
public licenses is dedicated to the public domain under the CC0 Public
|
||||
Domain Dedication. Except for the limited purpose of indicating that
|
||||
material is shared under a Creative Commons public license or as
|
||||
otherwise permitted by the Creative Commons policies published at
|
||||
creativecommons.org/policies, Creative Commons does not authorize the
|
||||
use of the trademark "Creative Commons" or any other trademark or logo
|
||||
of Creative Commons without its prior written consent including,
|
||||
without limitation, in connection with any unauthorized modifications
|
||||
to any of its public licenses or any other arrangements,
|
||||
understandings, or agreements concerning use of licensed material. For
|
||||
the avoidance of doubt, this paragraph does not form part of the
|
||||
public licenses.
|
||||
|
||||
Creative Commons may be contacted at creativecommons.org.
|
||||
|
@ -0,0 +1,25 @@
|
||||
use Mix.Config
|
||||
|
||||
config :pleroma, Pleroma.Web.Endpoint,
|
||||
http: [
|
||||
port: String.to_integer(System.get_env("PORT") || "4000"),
|
||||
protocol_options: [max_request_line_length: 8192, max_header_value_length: 8192]
|
||||
],
|
||||
protocol: "http",
|
||||
secure_cookie_flag: false,
|
||||
url: [host: System.get_env("APP_HOST"), scheme: "https", port: 443],
|
||||
secret_key_base: "+S+ULgf7+N37c/lc9K66SMphnjQIRGklTu0BRr2vLm2ZzvK0Z6OH/PE77wlUNtvP"
|
||||
|
||||
database_url =
|
||||
System.get_env("DATABASE_URL") ||
|
||||
raise """
|
||||
environment variable DATABASE_URL is missing.
|
||||
For example: ecto://USER:PASS@HOST/DATABASE
|
||||
"""
|
||||
|
||||
config :pleroma, Pleroma.Repo,
|
||||
# ssl: true,
|
||||
url: database_url,
|
||||
pool_size: String.to_integer(System.get_env("POOL_SIZE") || "10")
|
||||
|
||||
config :pleroma, :instance, name: "#{System.get_env("APP_NAME")} CI Instance"
|
@ -0,0 +1,19 @@
|
||||
import Config
|
||||
|
||||
config :pleroma, :instance, static_dir: "/var/lib/pleroma/static"
|
||||
config :pleroma, Pleroma.Uploaders.Local, uploads: "/var/lib/pleroma/uploads"
|
||||
|
||||
config_path = System.get_env("PLEROMA_CONFIG_PATH") || "/etc/pleroma/config.exs"
|
||||
|
||||
if File.exists?(config_path) do
|
||||
import_config config_path
|
||||
else
|
||||
warning = [
|
||||
IO.ANSI.red(),
|
||||
IO.ANSI.bright(),
|
||||
"!!! #{config_path} not found! Please ensure it exists and that PLEROMA_CONFIG_PATH is unset or points to an existing file",
|
||||
IO.ANSI.reset()
|
||||
]
|
||||
|
||||
IO.puts(warning)
|
||||
end
|
@ -0,0 +1,153 @@
|
||||
# Switching a from-source install to OTP releases
|
||||
## What are OTP releases?
|
||||
OTP releases are as close as you can get to binary releases with Erlang/Elixir. The release is self-contained, and provides everything needed to boot it, it is easily administered via the provided shell script to open up a remote console, start/stop/restart the release, start in the background, send remote commands, and more.
|
||||
### Can I still run the develop branch if I decide to use them?
|
||||
Yes, we produce builds for every commit in `develop`. However `develop` is considered unstable, please don't use it in production because of faster access to new features, unless you need them as an app developer.
|
||||
## Why would one want to switch?
|
||||
Benefits of OTP releases over from-source installs include:
|
||||
* **Less space used.** OTP releases come without source code, build tools, have docs and debug symbols stripped from the compiled bytecode and do not cointain tests, docs, revision history.
|
||||
* **Minimal system dependencies.** Excluding the database and reverse proxy, only `curl`, `unzip` and `ncurses` are needed to download and run the release. Because Erlang runtime and Elixir are shipped with Pleroma, one can use the latest BEAM optimizations and Pleroma features, without having to worry about outdated system repos or a missing `erlang-*` package.
|
||||
* **Potentially less bugs and better performance.** This extends on the previous point, because we have control over exactly what gets shipped, we can tweak the VM arguments and forget about weird bugs due to Erlang/Elixir version mismatches.
|
||||
* **Faster and less bug-prone mix tasks.** On a from-source install one has to wait untill a new Pleroma node is started for each mix task and they execute outside of the instance context (for example if a user was deleted via a mix task, the instance will have no knowledge of that and continue to display status count and follows before the cache expires). Mix tasks in OTP releases are executed by calling into a running instance via RPC, which solves both of these problems.
|
||||
|
||||
### Sounds great, how do I switch?
|
||||
Currently we support Linux machines with GNU (e.g. Debian, Ubuntu) or musl (e.g. Alpine) libc and `x86_64`, `aarch64` or `armv7l` CPUs. If you are unsure, check the [Detecting flavour](otp_en.html#detecting-flavour) section in OTP install guide. If your platform is supported, proceed with the guide, if not check the [My platform is not supported](#my-platform-is-not-supported) section.
|
||||
### I don't think it is worth the effort, can I stay on a from-source install?
|
||||
Yes, currently there are no plans to deprecate them.
|
||||
|
||||
### My platform is not supported
|
||||
If you think your platform is a popular choice for running Pleroma instances, or has the potential to become one, you can [file an issue on our Gitlab](https://git.pleroma.social/pleroma/pleroma/issues/new). If not, guides on how to build and update releases by yourself will be available soon.
|
||||
## Pre-requisites
|
||||
You will be running commands as root. If you aren't root already, please elevate your priviledges by executing `sudo su`/`su`.
|
||||
|
||||
The system needs to have `curl` and `unzip` installed for downloading and unpacking release builds.
|
||||
|
||||
Debian/Ubuntu:
|
||||
```sh
|
||||
apt install curl unzip
|
||||
```
|
||||
Alpine:
|
||||
```
|
||||
apk add curl unzip
|
||||
|
||||
```
|
||||
## Moving content out of the application directory
|
||||
When using OTP releases the application directory changes with every version so it would be a bother to keep content there (and also dangerous unless `--no-rm` option is used when updating). Fortunately almost all paths in Pleroma are configurable, so it is possible to move them out of there.
|
||||
|
||||
Pleroma should be stopped before proceeding.
|
||||
|
||||
### Moving uploads/custom public files directory
|
||||
```sh
|
||||
# Create uploads directory and set proper permissions (skip if using a remote uploader)
|
||||
# Note: It does not have to be `/var/lib/pleroma/uploads`, you can configure it to be something else later
|
||||
mkdir -p /var/lib/pleroma/uploads
|
||||
chown -R pleroma /var/lib/pleroma
|
||||
|
||||
# Create custom public files directory
|
||||
# Note: It does not have to be `/var/lib/pleroma/static`, you can configure it to be something else later
|
||||
mkdir -p /var/lib/pleroma/static
|
||||
chown -R pleroma /var/lib/pleroma
|
||||
|
||||
# If you use the local uploader with default settings your uploads should be located in `~pleroma/uploads`
|
||||
mv ~pleroma/uploads/* /var/lib/pleroma/uploads
|
||||
|
||||
# If you have created the custom public files directory with default settings it should be located in `~pleroma/instance/static`
|
||||
mv ~pleroma/instance/static /var/lib/pleroma/static
|
||||
```
|
||||
|
||||
### Moving emoji
|
||||
Assuming you have all emojis in subdirectories of `priv/static/emoji` moving them can be done with
|
||||
```sh
|
||||
mkdir /var/lib/pleroma/static/emoji
|
||||
ls -d ~pleroma/priv/static/emoji/*/ | xargs -i sh -c 'mv "{}" "/var/lib/pleroma/static/emoji/$(basename {})"'
|
||||
```
|
||||
|
||||
But, if for some reason you have custom emojis in the root directory you should copy the whole directory instead.
|
||||
```sh
|
||||
mv ~pleroma/priv/static/emoji /var/lib/pleroma/static/emoji
|
||||
```
|
||||
and then copy custom emojis to `/var/lib/pleroma/static/emoji/custom`.
|
||||
|
||||
This is needed because storing custom emojis in the root directory is deprecated, but if you just move them to `/var/lib/pleroma/static/emoji/custom` it will break emoji urls on old posts.
|
||||
|
||||
Note that globs have been replaced with `pack_extensions`, so if your emojis are not in png/gif you should [modify the default value](config.html#emoji).
|
||||
|
||||
### Moving the config
|
||||
```sh
|
||||
# Create the config directory
|
||||
# The default path for Pleroma config is /etc/pleroma/config.exs
|
||||
# but it can be set via PLEROMA_CONFIG_PATH environment variable
|
||||
mkdir -p /etc/pleroma
|
||||
|
||||
# Move the config file
|
||||
mv ~pleroma/config/prod.secret.exs /etc/pleroma/config.exs
|
||||
|
||||
# Change `use Mix.Config` at the top to `import Config`
|
||||
$EDITOR /etc/pleroma/config.exs
|
||||
```
|
||||
## Installing the release
|
||||
Before proceeding, get the flavour from [Detecting flavour](otp_en.html#detecting-flavour) section in OTP installation guide.
|
||||
```sh
|
||||
# Delete all files in pleroma user's directory
|
||||
rm -r ~pleroma/*
|
||||
|
||||
# Set the flavour environment variable to the string you got in Detecting flavour section.
|
||||
# For example if the flavour is `arm64-musl` the command will be
|
||||
export FLAVOUR="arm64-musl"
|
||||
|
||||
# Clone the release build into a temporary directory and unpack it
|
||||
# Replace `master` with `develop` if you want to run the develop branch
|
||||
su pleroma -s $SHELL -lc "
|
||||
curl 'https://git.pleroma.social/api/v4/projects/2/jobs/artifacts/master/download?job=$FLAVOUR' -o /tmp/pleroma.zip
|
||||
unzip /tmp/pleroma.zip -d /tmp/
|
||||
"
|
||||
|
||||
# Move the release to the home directory and delete temporary files
|
||||
su pleroma -s $SHELL -lc "
|
||||
mv /tmp/release/* ~pleroma/
|
||||
rmdir /tmp/release
|
||||
rm /tmp/pleroma.zip
|
||||
"
|
||||
|
||||
# Start the instance to verify that everything is working as expected
|
||||
su pleroma -s $SHELL -lc "./bin/pleroma daemon"
|
||||
|
||||
# Wait for about 20 seconds and query the instance endpoint, if it shows your uri, name and email correctly, you are configured correctly
|
||||
sleep 20 && curl http://localhost:4000/api/v1/instance
|
||||
|
||||
# Stop the instance
|
||||
su pleroma -s $SHELL -lc "./bin/pleroma stop"
|
||||
```
|
||||
|
||||
## Setting up a system service
|
||||
OTP releases have different service files than from-source installs so they need to be copied over again.
|
||||
|
||||
**Warning:** The service files assume pleroma user's home directory is `/opt/pleroma`, please make sure all paths fit your installation.
|
||||
|
||||
Debian/Ubuntu:
|
||||
```sh
|
||||
# Copy the service into a proper directory
|
||||
cp ~pleroma/installation/pleroma.service /etc/systemd/system/pleroma.service
|
||||
|
||||
# Reload service files
|
||||
systemctl daemon-reload
|
||||
|
||||
# Reenable pleroma to start on boot
|
||||
systemctl reenable pleroma
|
||||
|
||||
# Start pleroma
|
||||
systemctl start pleroma
|
||||
```
|
||||
|
||||
Alpine:
|
||||
```sh
|
||||
# Copy the service into a proper directory
|
||||
cp -f ~pleroma/installation/init.d/pleroma /etc/init.d/pleroma
|
||||
|
||||
# Start pleroma
|
||||
rc-service pleroma start
|
||||
```
|
||||
## Running mix tasks
|
||||
Refer to [Running mix tasks](otp_en.html#running-mix-tasks) section from OTP release installation guide.
|
||||
## Updating
|
||||
Refer to [Updating](otp_en.html#updating) section from OTP release installation guide.
|
@ -0,0 +1,261 @@
|
||||
# Installing on Linux using OTP releases
|
||||
|
||||
## Pre-requisites
|
||||
* A machine running Linux with GNU (e.g. Debian, Ubuntu) or musl (e.g. Alpine) libc and `x86_64`, `aarch64` or `armv7l` CPU, you have root access to. If you are not sure if it's compatible see [Detecting flavour section](#detecting-flavour) below
|
||||
* A (sub)domain pointed to the machine
|
||||
|
||||
You will be running commands as root. If you aren't root already, please elevate your priviledges by executing `sudo su`/`su`.
|
||||
|
||||
While in theory OTP releases are possbile to install on any compatible machine, for the sake of simplicity this guide focuses only on Debian/Ubuntu/Alpine.
|
||||
|
||||
### Detecting flavour
|
||||
|
||||
Paste the following into the shell:
|
||||
```sh
|
||||
arch="$(uname -m)";if [ "$arch" = "x86_64" ];then arch="amd64";elif [ "$arch" = "armv7l" ];then arch="arm";elif [ "$arch" = "aarch64" ];then arch="arm64";else echo "Unsupported arch: $arch">&2;fi;if getconf GNU_LIBC_VERSION>/dev/null;then libc_postfix="";elif [ "$(ldd 2>&1|head -c 9)" = "musl libc" ];then libc_postfix="-musl";elif [ "$(find /lib/libc.musl*|wc -l)" ];then libc_postfix="-musl";else echo "Unsupported libc">&2;fi;echo "$arch$libc_postfix"
|
||||
```
|
||||
|
||||
If your platform is supported the output will contain the flavour string, you will need it later. If not, this just means that we don't build releases for your platform, you can still try installing from source.
|
||||
|
||||
### Installing the required packages
|
||||
|
||||
Other than things bundled in the OTP release Pleroma depends on:
|
||||
* curl (to download the release build)
|
||||
* unzip (needed to unpack release builds)
|
||||
* ncurses (ERTS won't run without it)
|
||||
* PostgreSQL (also utilizes extensions in postgresql-contrib)
|
||||
* nginx (could be swapped with another reverse proxy but this guide covers only it)
|
||||
* certbot (for Let's Encrypt certificates, could be swapped with another ACME client, but this guide covers only it)
|
||||
|
||||
Debian/Ubuntu:
|
||||
```sh
|
||||
apt install curl unzip libncurses5 postgresql postgresql-contrib nginx certbot
|
||||
```
|
||||
Alpine:
|
||||
|
||||
```sh
|
||||
echo "http://nl.alpinelinux.org/alpine/latest-stable/community" >> /etc/apk/repositories
|
||||
apk update
|
||||
apk add curl unzip ncurses postgresql postgresql-contrib nginx certbot
|
||||
```
|
||||
|
||||
## Setup
|
||||
### Configuring PostgreSQL
|
||||
#### (Optional) Installing RUM indexes
|
||||
RUM indexes are an alternative indexing scheme that is not included in PostgreSQL by default. You can read more about them on the [Configuration page](config.html#rum-indexing-for-full-text-search). They are completely optional and most of the time are not worth it, especially if you are running a single user instance (unless you absolutely need ordered search results).
|
||||
|
||||
Debian/Ubuntu (available only on Buster/19.04):
|
||||
```sh
|
||||
apt install postgresql-11-rum
|
||||
```
|
||||
Alpine:
|
||||
```sh
|
||||
apk add git build-base postgresql-dev
|
||||
git clone https://github.com/postgrespro/rum /tmp/rum
|
||||
cd /tmp/rum
|
||||
make USE_PGXS=1
|
||||
make USE_PGXS=1 install
|
||||
cd
|
||||
rm -r /tmp/rum
|
||||
```
|
||||
#### (Optional) Performance configuration
|
||||
For optimal performance, you may use [PGTune](https://pgtune.leopard.in.ua), don't forget to restart postgresql after editing the configuration
|
||||
|
||||
Debian/Ubuntu:
|
||||
```sh
|
||||
systemctl restart postgresql
|
||||
```
|
||||
Alpine:
|
||||
```sh
|
||||
rc-service postgresql restart
|
||||
```
|
||||
### Installing Pleroma
|
||||
```sh
|
||||
# Create the Pleroma user
|
||||
adduser --system --shell /bin/false --home /opt/pleroma pleroma
|
||||
|
||||
# Set the flavour environment variable to the string you got in Detecting flavour section.
|
||||
# For example if the flavour is `arm64-musl` the command will be
|
||||
export FLAVOUR="arm64-musl"
|
||||
|
||||
# Clone the release build into a temporary directory and unpack it
|
||||
su pleroma -s $SHELL -lc "
|
||||
curl 'https://git.pleroma.social/api/v4/projects/2/jobs/artifacts/master/download?job=$FLAVOUR' -o /tmp/pleroma.zip
|
||||
unzip /tmp/pleroma.zip -d /tmp/
|
||||
"
|
||||
|
||||
# Move the release to the home directory and delete temporary files
|
||||
su pleroma -s $SHELL -lc "
|
||||
mv /tmp/release/* /opt/pleroma
|
||||
rmdir /tmp/release
|
||||
rm /tmp/pleroma.zip
|
||||
"
|
||||
# Create uploads directory and set proper permissions (skip if planning to use a remote uploader)
|
||||
# Note: It does not have to be `/var/lib/pleroma/uploads`, the config generator will ask about the upload directory later
|
||||
|
||||
mkdir -p /var/lib/pleroma/uploads
|
||||
chown -R pleroma /var/lib/pleroma
|
||||
|
||||
# Create custom public files directory (custom emojis, frontend bundle overrides, robots.txt, etc.)
|
||||
# Note: It does not have to be `/var/lib/pleroma/static`, the config generator will ask about the custom public files directory later
|
||||
mkdir -p /var/lib/pleroma/static
|
||||
chown -R pleroma /var/lib/pleroma
|
||||
|
||||
# Create a config directory
|
||||
mkdir -p /etc/pleroma
|
||||
chown -R pleroma /etc/pleroma
|
||||
|
||||
# Run the config generator
|
||||
su pleroma -s $SHELL -lc "./bin/pleroma_ctl instance gen --output /etc/pleroma/config.exs --output-psql /tmp/setup_db.psql"
|
||||
|
||||
# Create the postgres database
|
||||
su postgres -s $SHELL -lc "psql -f /tmp/setup_db.psql"
|
||||
|
||||
# Create the database schema
|
||||
su pleroma -s $SHELL -lc "./bin/pleroma_ctl migrate"
|
||||
|
||||
# If you have installed RUM indexes uncommend and run
|
||||
# su pleroma -s $SHELL -lc "./bin/pleroma_ctl migrate --migrations-path priv/repo/optional_migrations/rum_indexing/"
|
||||
|
||||
# Start the instance to verify that everything is working as expected
|
||||
su pleroma -s $SHELL -lc "./bin/pleroma daemon"
|
||||
|
||||
# Wait for about 20 seconds and query the instance endpoint, if it shows your uri, name and email correctly, you are configured correctly
|
||||
sleep 20 && curl http://localhost:4000/api/v1/instance
|
||||
|
||||
# Stop the instance
|
||||
su pleroma -s $SHELL -lc "./bin/pleroma stop"
|
||||
```
|
||||
|
||||
### Setting up nginx and getting Let's Encrypt SSL certificaties
|
||||
|
||||
```sh
|
||||
# Get a Let's Encrypt certificate
|
||||
certbot certonly --standalone --preferred-challenges http -d yourinstance.tld
|
||||
|
||||
# Copy the Pleroma nginx configuration to the nginx folder
|
||||
# The location of nginx configs is dependent on the distro
|
||||
|
||||
# For Debian/Ubuntu:
|
||||
cp /opt/pleroma/installation/pleroma.nginx /etc/nginx/sites-available/pleroma.nginx
|
||||
ln -s /etc/nginx/sites-available/pleroma.nginx /etc/nginx/sites-enabled/pleroma.nginx
|
||||
# For Alpine:
|
||||
cp /opt/pleroma/installation/pleroma.nginx /etc/nginx/conf.d/pleroma.conf
|
||||
# If your distro does not have either of those you can append
|
||||
# `include /etc/nginx/pleroma.conf` to the end of the http section in /etc/nginx/nginx.conf and
|
||||
cp /opt/pleroma/installation/pleroma.nginx /etc/nginx/pleroma.conf
|
||||
|
||||
# Edit the nginx config replacing example.tld with your (sub)domain
|
||||
$EDITOR path-to-nginx-config
|
||||
|
||||
# Verify that the config is valid
|
||||
nginx -t
|
||||
|
||||
# Start nginx
|
||||
# For Debian/Ubuntu:
|
||||
systemctl start nginx
|
||||
# For Alpine:
|
||||
rc-service nginx start
|
||||
```
|
||||
|
||||
At this point if you open your (sub)domain in a browser you should see a 502 error, that's because pleroma is not started yet.
|
||||
|
||||
### Setting up a system service
|
||||
Debian/Ubuntu:
|
||||
```sh
|
||||
# Copy the service into a proper directory
|
||||
cp /opt/pleroma/installation/pleroma.service /etc/systemd/system/pleroma.service
|
||||
|
||||
# Start pleroma and enable it on boot
|
||||
systemctl start pleroma
|
||||
systemctl enable pleroma
|
||||
```
|
||||
Alpine:
|
||||
```sh
|
||||
# Copy the service into a proper directory
|
||||
cp /opt/pleroma/installation/init.d/pleroma /etc/init.d/pleroma
|
||||
|
||||
# Start pleroma and enable it on boot
|
||||
rc-service pleroma start
|
||||
rc-update add pleroma
|
||||
```
|
||||
|
||||
If everything worked, you should see Pleroma-FE when visiting your domain. If that didn't happen, try reviewing the installation steps, starting Pleroma in the foreground and seeing if there are any errrors.
|
||||
|
||||
Still doesn't work? Feel free to contact us on [#pleroma on freenode](https://webchat.freenode.net/?channels=%23pleroma) or via matrix at <https://matrix.heldscal.la/#/room/#freenode_#pleroma:matrix.org>, you can also [file an issue on our Gitlab](https://git.pleroma.social/pleroma/pleroma/issues/new)
|
||||
|
||||
## Post installation
|
||||
|
||||
### Setting up auto-renew Let's Encrypt certificate
|
||||
```sh
|
||||
# Create the directory for webroot challenges
|
||||
mkdir -p /var/lib/letsencrypt
|
||||
|
||||
# Uncomment the webroot method
|
||||
$EDITOR path-to-nginx-config
|
||||
|
||||
# Verify that the config is valid
|
||||
nginx -t
|
||||
```
|
||||
Debian/Ubuntu:
|
||||
```sh
|
||||
# Restart nginx
|
||||
systemctl restart nginx
|
||||
|
||||
# Ensure the webroot menthod and post hook is working
|
||||
certbot renew --cert-name yourinstance.tld --webroot -w /var/lib/letsencrypt/ --dry-run --post-hook 'systemctl nginx reload'
|
||||
|
||||
# Add it to the daily cron
|
||||
echo '#!/bin/sh
|
||||
certbot renew --cert-name yourinstance.tld --webroot -w /var/lib/letsencrypt/ --post-hook "systemctl reload nginx"
|
||||
' > /etc/cron.daily/renew-pleroma-cert
|
||||
chmod +x /etc/cron.daily/renew-pleroma-cert
|
||||
|
||||
# If everything worked the output should contain /etc/cron.daily/renew-pleroma-cert
|
||||
run-parts --test /etc/cron.daily
|
||||
```
|
||||
Alpine:
|
||||
```sh
|
||||
# Restart nginx
|
||||
rc-service nginx restart
|
||||
|
||||
# Start the cron daemon and make it start on boot
|
||||
rc-service crond start
|
||||
rc-update add crond
|
||||
|
||||
# Ensure the webroot menthod and post hook is working
|
||||
certbot renew --cert-name yourinstance.tld --webroot -w /var/lib/letsencrypt/ --dry-run --post-hook 'rc-service nginx reload'
|
||||
|
||||
# Add it to the daily cron
|
||||
echo '#!/bin/sh
|
||||
certbot renew --cert-name yourinstance.tld --webroot -w /var/lib/letsencrypt/ --post-hook "rc-service nginx reload"
|
||||
' > /etc/periodic/daily/renew-pleroma-cert
|
||||
chmod +x /etc/periodic/daily/renew-pleroma-cert
|
||||
|
||||
# If everything worked this should output /etc/periodic/daily/renew-pleroma-cert
|
||||
run-parts --test /etc/periodic/daily
|
||||
```
|
||||
### Running mix tasks
|
||||
Throughout the wiki and guides there is a lot of references to mix tasks. Since `mix` is a build tool, you can't just call `mix pleroma.task`, instead you should call `pleroma_ctl` stripping pleroma/ecto namespace.
|
||||
|
||||
So for example, if the task is `mix pleroma.user set admin --admin`, you should run it like this:
|
||||
```sh
|
||||
su pleroma -s $SHELL -lc "./bin/pleroma_ctl user set admin --admin"
|
||||
```
|
||||
### Updating
|
||||
Generally, doing the following is enough:
|
||||
```sh
|
||||
# Download the new release
|
||||
su pleroma -s $SHELL -lc "./bin/pleroma_ctl update"
|
||||
|
||||
# Migrate the database, you are advised to stop the instance before doing that
|
||||
su pleroma -s $SHELL -lc "./bin/pleroma_ctl migrate"
|
||||
```
|
||||
But you should **always check the release notes/changelog** in case there are config deprecations, special update steps, etc.
|
||||
|
||||
## Further reading
|
||||
* [Configuration](config.html)
|
||||
* [Pleroma's base config.exs](https://git.pleroma.social/pleroma/pleroma/blob/master/config/config.exs)
|
||||
* [Hardening your instance](hardening.html)
|
||||
* [Pleroma Clients](clients.html)
|
||||
* [Emoji pack manager](Mix.Tasks.Pleroma.Emoji.html)
|
@ -0,0 +1,2 @@
|
||||
elixir_version=1.8.2
|
||||
erlang_version=21.3.7
|
@ -0,0 +1,932 @@
|
||||
%%%
|
||||
%%% ejabberd configuration file
|
||||
%%%
|
||||
%%%'
|
||||
|
||||
%%% The parameters used in this configuration file are explained in more detail
|
||||
%%% in the ejabberd Installation and Operation Guide.
|
||||
%%% Please consult the Guide in case of doubts, it is included with
|
||||
%%% your copy of ejabberd, and is also available online at
|
||||
%%% http://www.process-one.net/en/ejabberd/docs/
|
||||
|
||||
%%% This configuration file contains Erlang terms.
|
||||
%%% In case you want to understand the syntax, here are the concepts:
|
||||
%%%
|
||||
%%% - The character to comment a line is %
|
||||
%%%
|
||||
%%% - Each term ends in a dot, for example:
|
||||
%%% override_global.
|
||||
%%%
|
||||
%%% - A tuple has a fixed definition, its elements are
|
||||
%%% enclosed in {}, and separated with commas:
|
||||
%%% {loglevel, 4}.
|
||||
%%%
|
||||
%%% - A list can have as many elements as you want,
|
||||
%%% and is enclosed in [], for example:
|
||||
%%% [http_poll, web_admin, tls]
|
||||
%%%
|
||||
%%% Pay attention that list elements are delimited with commas,
|
||||
%%% but no comma is allowed after the last list element. This will
|
||||
%%% give a syntax error unlike in more lenient languages (e.g. Python).
|
||||
%%%
|
||||
%%% - A keyword of ejabberd is a word in lowercase.
|
||||
%%% Strings are enclosed in "" and can contain spaces, dots, ...
|
||||
%%% {language, "en"}.
|
||||
%%% {ldap_rootdn, "dc=example,dc=com"}.
|
||||
%%%
|
||||
%%% - This term includes a tuple, a keyword, a list, and two strings:
|
||||
%%% {hosts, ["jabber.example.net", "im.example.com"]}.
|
||||
%%%
|
||||
%%% - This config is preprocessed during release generation by a tool which
|
||||
%%% interprets double curly braces as substitution markers, so avoid this
|
||||
%%% syntax in this file (though it's valid Erlang).
|
||||
%%%
|
||||
%%% So this is OK (though arguably looks quite ugly):
|
||||
%%% { {s2s_addr, "example-host.net"}, {127,0,0,1} }.
|
||||
%%%
|
||||
%%% And I can't give an example of what's not OK exactly because
|
||||
%%% of this rule.
|
||||
%%%
|
||||
|
||||
|
||||
%%%. =======================
|
||||
%%%' OVERRIDE STORED OPTIONS
|
||||
|
||||
%%
|
||||
%% Override the old values stored in the database.
|
||||
%%
|
||||
|
||||
%%
|
||||
%% Override global options (shared by all ejabberd nodes in a cluster).
|
||||
%%
|
||||
%%override_global.
|
||||
|
||||
%%
|
||||
%% Override local options (specific for this particular ejabberd node).
|
||||
%%
|
||||
%%override_local.
|
||||
|
||||
%%
|
||||
%% Remove the Access Control Lists before new ones are added.
|
||||
%%
|
||||
%%override_acls.
|
||||
|
||||
|
||||
%%%. =========
|
||||
%%%' DEBUGGING
|
||||
|
||||
%%
|
||||
%% loglevel: Verbosity of log files generated by ejabberd.
|
||||
%% 0: No ejabberd log at all (not recommended)
|
||||
%% 1: Critical
|
||||
%% 2: Error
|
||||
%% 3: Warning
|
||||
%% 4: Info
|
||||
%% 5: Debug
|
||||
%%
|
||||
{loglevel, 3}.
|
||||
|
||||
%%%. ================
|
||||
%%%' SERVED HOSTNAMES
|
||||
|
||||
%%
|
||||
%% hosts: Domains served by ejabberd.
|
||||
%% You can define one or several, for example:
|
||||
%% {hosts, ["example.net", "example.com", "example.org"]}.
|
||||
%%
|
||||
{hosts, ["pleroma.soykaf.com"] }.
|
||||
|
||||
%%
|
||||
%% route_subdomains: Delegate subdomains to other XMPP servers.
|
||||
%% For example, if this ejabberd serves example.org and you want
|
||||
%% to allow communication with an XMPP server called im.example.org.
|
||||
%%
|
||||
%%{route_subdomains, s2s}.
|
||||
|
||||
|
||||
%%%. ===============
|
||||
%%%' LISTENING PORTS
|
||||
|
||||
%%
|
||||
%% listen: The ports ejabberd will listen on, which service each is handled
|
||||
%% by and what options to start it with.
|
||||
%%
|
||||
{listen,
|
||||
[
|
||||
%% BOSH and WS endpoints over HTTP
|
||||
{ 5280, ejabberd_cowboy, [
|
||||
{num_acceptors, 10},
|
||||
{transport_options, [{max_connections, 1024}]},
|
||||
{modules, [
|
||||
|
||||
{"_", "/http-bind", mod_bosh},
|
||||
{"_", "/ws-xmpp", mod_websockets, [{ejabberd_service, [
|
||||
{access, all},
|
||||
{shaper_rule, fast},
|
||||
{ip, {127, 0, 0, 1}},
|
||||
{password, "secret"}]}
|
||||
%% Uncomment to enable connection dropping or/and server-side pings
|
||||
%{timeout, 600000}, {ping_rate, 2000}
|
||||
]}
|
||||
%% Uncomment to serve static files
|
||||
%{"_", "/static/[...]", cowboy_static,
|
||||
% {dir, "/var/www", [{mimetypes, cow_mimetypes, all}]}
|
||||
%},
|
||||
|
||||
%% Example usage of mod_revproxy
|
||||
|
||||
%% {"_", "/[...]", mod_revproxy, [{timeout, 5000},
|
||||
%% % time limit for upstream to respond
|
||||
%% {body_length, 8000000},
|
||||
%% % maximum body size (may be infinity)
|
||||
%% {custom_headers, [{<<"header">>,<<"value">>}]}
|
||||
%% % list of extra headers that are send to upstream
|
||||
%% ]}
|
||||
|
||||
%% Example usage of mod_cowboy
|
||||
|
||||
%% {"_", "/[...]", mod_cowboy, [{http, mod_revproxy,
|
||||
%% [{timeout, 5000},
|
||||
%% % time limit for upstream to respond
|
||||
%% {body_length, 8000000},
|
||||
%% % maximum body size (may be infinity)
|
||||
%% {custom_headers, [{<<"header">>,<<"value">>}]}
|
||||
%% % list of extra headers that are send to upstream
|
||||
%% ]},
|
||||
%% {ws, xmpp, mod_websockets}
|
||||
%% ]}
|
||||
]}
|
||||
]},
|
||||
|
||||
%% BOSH and WS endpoints over HTTPS
|
||||
{ 5285, ejabberd_cowboy, [
|
||||
{num_acceptors, 10},
|
||||
{transport_options, [{max_connections, 1024}]},
|
||||
{ssl, [{certfile, "priv/ssl/fullchain.pem"}, {keyfile, "priv/ssl/privkey.pem"}, {password, ""}]},
|
||||
{modules, [
|
||||
{"_", "/http-bind", mod_bosh},
|
||||
{"_", "/ws-xmpp", mod_websockets, [
|
||||
%% Uncomment to enable connection dropping or/and server-side pings
|
||||
%{timeout, 600000}, {ping_rate, 60000}
|
||||
]}
|
||||
%% Uncomment to serve static files
|
||||
%{"_", "/static/[...]", cowboy_static,
|
||||
% {dir, "/var/www", [{mimetypes, cow_mimetypes, all}]}
|
||||
%},
|
||||
]}
|
||||
]},
|
||||
|
||||
%% MongooseIM HTTP API it's important to start it on localhost
|
||||
%% or some private interface only (not accessible from the outside)
|
||||
%% At least start it on different port which will be hidden behind firewall
|
||||
|
||||
{ {8088, "127.0.0.1"} , ejabberd_cowboy, [
|
||||
{num_acceptors, 10},
|
||||
{transport_options, [{max_connections, 1024}]},
|
||||
{modules, [
|
||||
{"localhost", "/api", mongoose_api_admin, []}
|
||||
]}
|
||||
]},
|
||||
|
||||
{ 8089 , ejabberd_cowboy, [
|
||||
{num_acceptors, 10},
|
||||
{transport_options, [{max_connections, 1024}]},
|
||||
{protocol_options, [{compress, true}]},
|
||||
{ssl, [{certfile, "priv/ssl/fullchain.pem"}, {keyfile, "priv/ssl/privkey.pem"}, {password, ""}]},
|
||||
{modules, [
|
||||
{"_", "/api/sse", lasse_handler, [mongoose_client_api_sse]},
|
||||
{"_", "/api/messages/[:with]", mongoose_client_api_messages, []},
|
||||
{"_", "/api/contacts/[:jid]", mongoose_client_api_contacts, []},
|
||||
{"_", "/api/rooms/[:id]", mongoose_client_api_rooms, []},
|
||||
{"_", "/api/rooms/[:id]/config", mongoose_client_api_rooms_config, []},
|
||||
{"_", "/api/rooms/:id/users/[:user]", mongoose_client_api_rooms_users, []},
|
||||
{"_", "/api/rooms/[:id]/messages", mongoose_client_api_rooms_messages, []}
|
||||
]}
|
||||
]},
|
||||
|
||||
%% Following HTTP API is deprected, the new one abouve should be used instead
|
||||
|
||||
{ {5288, "127.0.0.1"} , ejabberd_cowboy, [
|
||||
{num_acceptors, 10},
|
||||
{transport_options, [{max_connections, 1024}]},
|
||||
{modules, [
|
||||
{"localhost", "/api", mongoose_api, [{handlers, [mongoose_api_metrics,
|
||||
mongoose_api_users]}]}
|
||||
]}
|
||||
]},
|
||||
|
||||
{ 5222, ejabberd_c2s, [
|
||||
|
||||
%%
|
||||
%% If TLS is compiled in and you installed a SSL
|
||||
%% certificate, specify the full path to the
|
||||
%% file and uncomment this line:
|
||||
%%
|
||||
{certfile, "priv/ssl/both.pem"}, starttls,
|
||||
|
||||
%%{zlib, 10000},
|
||||
%% https://www.openssl.org/docs/apps/ciphers.html#CIPHER_STRINGS
|
||||
%% {ciphers, "DEFAULT:!EXPORT:!LOW:!SSLv2"},
|
||||
{access, c2s},
|
||||
{shaper, c2s_shaper},
|
||||
{max_stanza_size, 65536},
|
||||
{protocol_options, ["no_sslv3"]}
|
||||
|
||||
]},
|
||||
|
||||
|
||||
|
||||
%%
|
||||
%% To enable the old SSL connection method on port 5223:
|
||||
%%
|
||||
%%{5223, ejabberd_c2s, [
|
||||
%% {access, c2s},
|
||||
%% {shaper, c2s_shaper},
|
||||
%% {certfile, "/path/to/ssl.pem"}, tls,
|
||||
%% {max_stanza_size, 65536}
|
||||
%% ]},
|
||||
|
||||
{ 5269, ejabberd_s2s_in, [
|
||||
{shaper, s2s_shaper},
|
||||
{max_stanza_size, 131072},
|
||||
{protocol_options, ["no_sslv3"]}
|
||||
|
||||
]}
|
||||
|
||||
%%
|
||||
%% ejabberd_service: Interact with external components (transports, ...)
|
||||
%%
|
||||
,{8888, ejabberd_service, [
|
||||
{access, all},
|
||||
{shaper_rule, fast},
|
||||
{ip, {127, 0, 0, 1}},
|
||||
{password, "secret"}
|
||||
]}
|
||||
|
||||
%%
|
||||
%% ejabberd_stun: Handles STUN Binding requests
|
||||
%%
|
||||
%%{ {3478, udp}, ejabberd_stun, []}
|
||||
|
||||
]}.
|
||||
|
||||
%%
|
||||
%% s2s_use_starttls: Enable STARTTLS + Dialback for S2S connections.
|
||||
%% Allowed values are: false optional required required_trusted
|
||||
%% You must specify a certificate file.
|
||||
%%
|
||||
{s2s_use_starttls, optional}.
|
||||
%%
|
||||
%% s2s_certfile: Specify a certificate file.
|
||||
%%
|
||||
{s2s_certfile, "priv/ssl/both.pem"}.
|
||||
|
||||
%% https://www.openssl.org/docs/apps/ciphers.html#CIPHER_STRINGS
|
||||
%% {s2s_ciphers, "DEFAULT:!EXPORT:!LOW:!SSLv2"}.
|
||||
|
||||
%%
|
||||
%% domain_certfile: Specify a different certificate for each served hostname.
|
||||
%%
|
||||
%%{domain_certfile, "example.org", "/path/to/example_org.pem"}.
|
||||
%%{domain_certfile, "example.com", "/path/to/example_com.pem"}.
|
||||
|
||||
%%
|
||||
%% S2S whitelist or blacklist
|
||||
%%
|
||||
%% Default s2s policy for undefined hosts.
|
||||
%%
|
||||
{s2s_default_policy, deny }.
|
||||
|
||||
%%
|
||||
%% Allow or deny communication with specific servers.
|
||||
%%
|
||||
%%{ {s2s_host, "goodhost.org"}, allow}.
|
||||
%%{ {s2s_host, "badhost.org"}, deny}.
|
||||
|
||||
{outgoing_s2s_port, 5269 }.
|
||||
|
||||
%%
|
||||
%% IP addresses predefined for specific hosts to skip DNS lookups.
|
||||
%% Ports defined here take precedence over outgoing_s2s_port.
|
||||
%% Examples:
|
||||
%%
|
||||
%% { {s2s_addr, "example-host.net"}, {127,0,0,1} }.
|
||||
%% { {s2s_addr, "example-host.net"}, { {127,0,0,1}, 5269 } }.
|
||||
%% { {s2s_addr, "example-host.net"}, { {127,0,0,1}, 5269 } }.
|
||||
|
||||
%%
|
||||
%% Outgoing S2S options
|
||||
%%
|
||||
%% Preferred address families (which to try first) and connect timeout
|
||||
%% in milliseconds.
|
||||
%%
|
||||
%%{outgoing_s2s_options, [ipv4, ipv6], 10000}.
|
||||
%%
|
||||
%%%. ==============
|
||||
%%%' SESSION BACKEND
|
||||
|
||||
%%{sm_backend, {mnesia, []}}.
|
||||
|
||||
%% Requires {redis, global, default, ..., ...} outgoing pool
|
||||
%%{sm_backend, {redis, []}}.
|
||||
|
||||
{sm_backend, {mnesia, []} }.
|
||||
|
||||
|
||||
%%%. ==============
|
||||
%%%' AUTHENTICATION
|
||||
|
||||
%% Advertised SASL mechanisms
|
||||
{sasl_mechanisms, [cyrsasl_plain]}.
|
||||
|
||||
%%
|
||||
%% auth_method: Method used to authenticate the users.
|
||||
%% The default method is the internal.
|
||||
%% If you want to use a different method,
|
||||
%% comment this line and enable the correct ones.
|
||||
%%
|
||||
%% {auth_method, internal }.
|
||||
{auth_method, http }.
|
||||
{auth_opts, [
|
||||
{http, global, auth, [{workers, 50}], [{server, "https://pleroma.soykaf.com"}]},
|
||||
{password_format, plain} % default
|
||||
%% {password_format, scram}
|
||||
|
||||
%% {scram_iterations, 4096} % default
|
||||
|
||||
%%
|
||||
%% For auth_http:
|
||||
%% {basic_auth, "user:password"}
|
||||
%% {path_prefix, "/"} % default
|
||||
%% auth_http requires {http, Host | global, auth, ..., ...} outgoing pool.
|
||||
%%
|
||||
%% For auth_external
|
||||
%%{extauth_program, "/path/to/authentication/script"}.
|
||||
%%
|
||||
%% For auth_jwt
|
||||
%% {jwt_secret_source, "/path/to/file"},
|
||||
%% {jwt_algorithm, "RS256"},
|
||||
%% {jwt_username_key, user}
|
||||
%% For cyrsasl_external
|
||||
%% {authenticate_with_cn, false}
|
||||
{cyrsasl_external, standard}
|
||||
]}.
|
||||
|
||||
%%
|
||||
%% Authentication using external script
|
||||
%% Make sure the script is executable by ejabberd.
|
||||
%%
|
||||
%%{auth_method, external}.
|
||||
|
||||
%%
|
||||
%% Authentication using RDBMS
|
||||
%% Remember to setup a database in the next section.
|
||||
%%
|
||||
%%{auth_method, rdbms}.
|
||||
|
||||
%%
|
||||
%% Authentication using LDAP
|
||||
%%
|
||||
%%{auth_method, ldap}.
|
||||
%%
|
||||
|
||||
%% List of LDAP servers:
|
||||
%%{ldap_servers, ["localhost"]}.
|
||||
%%
|
||||
%% Encryption of connection to LDAP servers:
|
||||
%%{ldap_encrypt, none}.
|
||||
%%{ldap_encrypt, tls}.
|
||||
%%
|
||||
%% Port to connect to on LDAP servers:
|
||||
%%{ldap_port, 389}.
|
||||
%%{ldap_port, 636}.
|
||||
%%
|
||||
%% LDAP manager:
|
||||
%%{ldap_rootdn, "dc=example,dc=com"}.
|
||||
%%
|
||||
%% Password of LDAP manager:
|
||||
%%{ldap_password, "******"}.
|
||||
%%
|
||||
%% Search base of LDAP directory:
|
||||
%%{ldap_base, "dc=example,dc=com"}.
|
||||
%%
|
||||
%% LDAP attribute that holds user ID:
|
||||
%%{ldap_uids, [{"mail", "%u@mail.example.org"}]}.
|
||||
%%
|
||||
%% LDAP filter:
|
||||
%%{ldap_filter, "(objectClass=shadowAccount)"}.
|
||||
|
||||
%%
|
||||
%% Anonymous login support:
|
||||
%% auth_method: anonymous
|
||||
%% anonymous_protocol: sasl_anon | login_anon | both
|
||||
%% allow_multiple_connections: true | false
|
||||
%%
|
||||
%%{host_config, "public.example.org", [{auth_method, anonymous},
|
||||
%% {allow_multiple_connections, false},
|
||||
%% {anonymous_protocol, sasl_anon}]}.
|
||||
%%
|
||||
%% To use both anonymous and internal authentication:
|
||||
%%
|
||||
%%{host_config, "public.example.org", [{auth_method, [internal, anonymous]}]}.
|
||||
|
||||
|
||||
%%%. ==============
|
||||
%%%' OUTGOING CONNECTIONS (e.g. DB)
|
||||
|
||||
%% Here you may configure all outgoing connections used by MongooseIM,
|
||||
%% e.g. to RDBMS (such as MySQL), Riak or external HTTP components.
|
||||
%% Default MongooseIM configuration uses only Mnesia (non-Mnesia extensions are disabled),
|
||||
%% so no options here are uncommented out of the box.
|
||||
%% This section includes configuration examples; for comprehensive guide
|
||||
%% please consult MongooseIM documentation, page "Outgoing connections":
|
||||
%% - doc/advanced-configuration/outgoing-connections.md
|
||||
%% - https://mongooseim.readthedocs.io/en/latest/advanced-configuration/outgoing-connections/
|
||||
|
||||
|
||||
{outgoing_pools, [
|
||||
% {riak, global, default, [{workers, 5}], [{address, "127.0.0.1"}, {port, 8087}]},
|
||||
% {elastic, global, default, [], [{host, "elastic.host.com"}, {port, 9042}]},
|
||||
{http, global, auth, [{workers, 50}], [{server, "https://pleroma.soykaf.com"}]}
|
||||
% {cassandra, global, default, [{workers, 100}], [{servers, [{"server1", 9042}]}, {keyspace, "big_mongooseim"}]},
|
||||
% {rdbms, global, default, [{workers, 10}], [{server, {mysql, "server", 3306, "database", "username", "password"}}]}
|
||||
]}.
|
||||
|
||||
%% More examples that may be added to outgoing_pools list:
|
||||
%%
|
||||
%% == MySQL ==
|
||||
%% {rdbms, global, default, [{workers, 10}],
|
||||
%% [{server, {mysql, "server", 3306, "database", "username", "password"}},
|
||||
%% {keepalive_interval, 10}]},
|
||||
%% keepalive_interval is optional
|
||||
|
||||
%% == PostgreSQL ==
|
||||
%% {rdbms, global, default, [{workers, 10}],
|
||||
%% [{server, {pgsql, "server", 5432, "database", "username", "password"}}]},
|
||||
|
||||
%% == ODBC (MSSQL) ==
|
||||
%% {rdbms, global, default, [{workers, 10}],
|
||||
%% [{server, "DSN=mongooseim;UID=mongooseim;PWD=mongooseim"}]},
|
||||
|
||||
%% == Elastic Search ==
|
||||
%% {elastic, global, default, [], [{host, "elastic.host.com"}, {port, 9042}]},
|
||||
|
||||
%% == Riak ==
|
||||
%% {riak, global, default, [{workers, 20}], [{address, "127.0.0.1"}, {port, 8087}]},
|
||||
|
||||
%% == HTTP ==
|
||||
%% {http, global, conn1, [{workers, 50}], [{server, "http://server:8080"}]},
|
||||
|
||||
%% == Cassandra ==
|
||||
%% {cassandra, global, default, [{workers, 100}],
|
||||
%% [
|
||||
%% {servers, [
|
||||
%% {"cassandra_server1.example.com", 9042},
|
||||
%% {"cassandra_server2.example.com", 9042},
|
||||
%% {"cassandra_server3.example.com", 9042},
|
||||
%% {"cassandra_server4.example.com", 9042}
|
||||
%% ]},
|
||||
%% {keyspace, "big_mongooseim"}
|
||||
%% ]}
|
||||
|
||||
%% == Extra options ==
|
||||
%%
|
||||
%% If you use PostgreSQL, have a large database, and need a
|
||||
%% faster but inexact replacement for "select count(*) from users"
|
||||
%%
|
||||
%%{pgsql_users_number_estimate, true}.
|
||||
%%
|
||||
%% rdbms_server_type specifies what database is used over the RDBMS layer
|
||||
%% Can take values mssql, pgsql, mysql
|
||||
%% In some cases (for example for MAM with pgsql) it is required to set proper value.
|
||||
%%
|
||||
%% {rdbms_server_type, pgsql}.
|
||||
|
||||
%%%. ===============
|
||||
%%%' TRAFFIC SHAPERS
|
||||
|
||||
%%
|
||||
%% The "normal" shaper limits traffic speed to 1000 B/s
|
||||
%%
|
||||
{shaper, normal, {maxrate, 1000}}.
|
||||
|
||||
%%
|
||||
%% The "fast" shaper limits traffic speed to 50000 B/s
|
||||
%%
|
||||
{shaper, fast, {maxrate, 50000}}.
|
||||
|
||||
%%
|
||||
%% This option specifies the maximum number of elements in the queue
|
||||
%% of the FSM. Refer to the documentation for details.
|
||||
%%
|
||||
{max_fsm_queue, 1000}.
|
||||
|
||||
%%%. ====================
|
||||
%%%' ACCESS CONTROL LISTS
|
||||
|
||||
%%
|
||||
%% The 'admin' ACL grants administrative privileges to XMPP accounts.
|
||||
%% You can put here as many accounts as you want.
|
||||
%%
|
||||
%{acl, admin, {user, "alice", "localhost"}}.
|
||||
%{acl, admin, {user, "a", "localhost"}}.
|
||||
|
||||
%%
|
||||
%% Blocked users
|
||||
%%
|
||||
%%{acl, blocked, {user, "baduser", "example.org"}}.
|
||||
%%{acl, blocked, {user, "test"}}.
|
||||
|
||||
%%
|
||||
%% Local users: don't modify this line.
|
||||
%%
|
||||
{acl, local, {user_regexp, ""}}.
|
||||
|
||||
%%
|
||||
%% More examples of ACLs
|
||||
%%
|
||||
%%{acl, jabberorg, {server, "jabber.org"}}.
|
||||
%%{acl, aleksey, {user, "aleksey", "jabber.ru"}}.
|
||||
%%{acl, test, {user_regexp, "^test"}}.
|
||||
%%{acl, test, {user_glob, "test*"}}.
|
||||
|
||||
%%
|
||||
%% Define specific ACLs in a virtual host.
|
||||
%%
|
||||
%%{host_config, "localhost",
|
||||
%% [
|
||||
%% {acl, admin, {user, "bob-local", "localhost"}}
|
||||
%% ]
|
||||
%%}.
|
||||
|
||||
%%%. ============
|
||||
%%%' ACCESS RULES
|
||||
|
||||
%% Maximum number of simultaneous sessions allowed for a single user:
|
||||
{access, max_user_sessions, [{10, all}]}.
|
||||
|
||||
%% Maximum number of offline messages that users can have:
|
||||
{access, max_user_offline_messages, [{5000, admin}, {100, all}]}.
|
||||
|
||||
%% This rule allows access only for local users:
|
||||
{access, local, [{allow, local}]}.
|
||||
|
||||
%% Only non-blocked users can use c2s connections:
|
||||
{access, c2s, [{deny, blocked},
|
||||
{allow, all}]}.
|
||||
|
||||
%% For C2S connections, all users except admins use the "normal" shaper
|
||||
{access, c2s_shaper, [{none, admin},
|
||||
{normal, all}]}.
|
||||
|
||||
%% All S2S connections use the "fast" shaper
|
||||
{access, s2s_shaper, [{fast, all}]}.
|
||||
|
||||
%% Admins of this server are also admins of the MUC service:
|
||||
{access, muc_admin, [{allow, admin}]}.
|
||||
|
||||
%% Only accounts of the local ejabberd server can create rooms:
|
||||
{access, muc_create, [{allow, local}]}.
|
||||
|
||||
%% All users are allowed to use the MUC service:
|
||||
{access, muc, [{allow, all}]}.
|
||||
|
||||
%% In-band registration allows registration of any possible username.
|
||||
%% To disable in-band registration, replace 'allow' with 'deny'.
|
||||
{access, register, [{allow, all}]}.
|
||||
|
||||
%% By default the frequency of account registrations from the same IP
|
||||
%% is limited to 1 account every 10 minutes. To disable, specify: infinity
|
||||
{registration_timeout, infinity}.
|
||||
|
||||
%% Default settings for MAM.
|
||||
%% To set non-standard value, replace 'default' with 'allow' or 'deny'.
|
||||
%% Only user can access his/her archive by default.
|
||||
%% An online user can read room's archive by default.
|
||||
%% Only an owner can change settings and purge messages by default.
|
||||
%% Empty list (i.e. `[]`) means `[{deny, all}]`.
|
||||
{access, mam_set_prefs, [{default, all}]}.
|
||||
{access, mam_get_prefs, [{default, all}]}.
|
||||
{access, mam_lookup_messages, [{default, all}]}.
|
||||
{access, mam_purge_single_message, [{default, all}]}.
|
||||
{access, mam_purge_multiple_messages, [{default, all}]}.
|
||||
|
||||
%% 1 command of the specified type per second.
|
||||
{shaper, mam_shaper, {maxrate, 1}}.
|
||||
%% This shaper is primeraly for Mnesia overload protection during stress testing.
|
||||
%% The limit is 1000 operations of each type per second.
|
||||
{shaper, mam_global_shaper, {maxrate, 1000}}.
|
||||
|
||||
{access, mam_set_prefs_shaper, [{mam_shaper, all}]}.
|
||||
{access, mam_get_prefs_shaper, [{mam_shaper, all}]}.
|
||||
{access, mam_lookup_messages_shaper, [{mam_shaper, all}]}.
|
||||
{access, mam_purge_single_message_shaper, [{mam_shaper, all}]}.
|
||||
{access, mam_purge_multiple_messages_shaper, [{mam_shaper, all}]}.
|
||||
|
||||
{access, mam_set_prefs_global_shaper, [{mam_global_shaper, all}]}.
|
||||
{access, mam_get_prefs_global_shaper, [{mam_global_shaper, all}]}.
|
||||
{access, mam_lookup_messages_global_shaper, [{mam_global_shaper, all}]}.
|
||||
{access, mam_purge_single_message_global_shaper, [{mam_global_shaper, all}]}.
|
||||
{access, mam_purge_multiple_messages_global_shaper, [{mam_global_shaper, all}]}.
|
||||
|
||||
%%
|
||||
%% Define specific Access Rules in a virtual host.
|
||||
%%
|
||||
%%{host_config, "localhost",
|
||||
%% [
|
||||
%% {access, c2s, [{allow, admin}, {deny, all}]},
|
||||
%% {access, register, [{deny, all}]}
|
||||
%% ]
|
||||
%%}.
|
||||
|
||||
%%%. ================
|
||||
%%%' DEFAULT LANGUAGE
|
||||
|
||||
%%
|
||||
%% language: Default language used for server messages.
|
||||
%%
|
||||
{language, "en"}.
|
||||
|
||||
%%
|
||||
%% Set a different default language in a virtual host.
|
||||
%%
|
||||
%%{host_config, "localhost",
|
||||
%% [{language, "ru"}]
|
||||
%%}.
|
||||
|
||||
%%%. ================
|
||||
%%%' MISCELLANEOUS
|
||||
|
||||
{all_metrics_are_global, false }.
|
||||
|
||||
%%%. ========
|
||||
%%%' SERVICES
|
||||
|
||||
%% Unlike modules, services are started per node and provide either features which are not
|
||||
%% related to any particular host, or backend stuff which is used by modules.
|
||||
%% This is handled by `mongoose_service` module.
|
||||
|
||||
{services,
|
||||
[
|
||||
{service_admin_extra, [{submods, [node, accounts, sessions, vcard,
|
||||
roster, last, private, stanza, stats]}]}
|
||||
]
|
||||
}.
|
||||
|
||||
%%%. =======
|
||||
%%%' MODULES
|
||||
|
||||
%%
|
||||
%% Modules enabled in all mongooseim virtual hosts.
|
||||
%% For list of possible modules options, check documentation.
|
||||
%%
|
||||
{modules,
|
||||
[
|
||||
|
||||
%% The format for a single route is as follows:
|
||||
%% {Host, Path, Method, Upstream}
|
||||
%%
|
||||
%% "_" can be used as wildcard for Host, Path and Method
|
||||
%% Upstream can be either host (just http(s)://host:port) or uri
|
||||
%% The difference is that host upstreams append whole path while
|
||||
%% uri upstreams append only remainder that follows the matched Path
|
||||
%% (this behaviour is similar to nginx's proxy_pass rules)
|
||||
%%
|
||||
%% Bindings can be used to match certain parts of host or path.
|
||||
%% They will be later overlaid with parts of the upstream uri.
|
||||
%%
|
||||
%% {mod_revproxy,
|
||||
%% [{routes, [{"www.erlang-solutions.com", "/admin", "_",
|
||||
%% "https://www.erlang-solutions.com/"},
|
||||
%% {":var.com", "/:var", "_", "http://localhost:8080/"},
|
||||
%% {":domain.com", "/", "_", "http://localhost:8080/:domain"}]
|
||||
%% }]},
|
||||
|
||||
% {mod_http_upload, [
|
||||
%% Set max file size in bytes. Defaults to 10 MB.
|
||||
%% Disabled if value is `undefined`.
|
||||
% {max_file_size, 1024},
|
||||
%% Use S3 storage backend
|
||||
% {backend, s3},
|
||||
%% Set options for S3 backend
|
||||
% {s3, [
|
||||
% {bucket_url, "http://s3-eu-west-1.amazonaws.com/konbucket2"},
|
||||
% {region, "eu-west-1"},
|
||||
% {access_key_id, "AKIAIAOAONIULXQGMOUA"},
|
||||
% {secret_access_key, "dGhlcmUgYXJlIG5vIGVhc3RlciBlZ2dzIGhlcmVf"}
|
||||
% ]}
|
||||
% ]},
|
||||
|
||||
{mod_adhoc, []},
|
||||
|
||||
{mod_disco, [{users_can_see_hidden_services, false}]},
|
||||
{mod_commands, []},
|
||||
{mod_muc_commands, []},
|
||||
{mod_muc_light_commands, []},
|
||||
{mod_last, []},
|
||||
{mod_stream_management, [
|
||||
% default 100
|
||||
% size of a buffer of unacked messages
|
||||
% {buffer_max, 100}
|
||||
|
||||
% default 1 - server sends the ack request after each stanza
|
||||
% {ack_freq, 1}
|
||||
|
||||
% default: 600 seconds
|
||||
% {resume_timeout, 600}
|
||||
]},
|
||||
%% {mod_muc_light, [{host, "muclight.@HOST@"}]},
|
||||
%% {mod_muc, [{host, "muc.@HOST@"},
|
||||
%% {access, muc},
|
||||
%% {access_create, muc_create}
|
||||
%% ]},
|
||||
%% {mod_muc_log, [
|
||||
%% {outdir, "/tmp/muclogs"},
|
||||
%% {access_log, muc}
|
||||
%% ]},
|
||||
{mod_offline, [{access_max_user_messages, max_user_offline_messages}]},
|
||||
{mod_privacy, []},
|
||||
{mod_blocking, []},
|
||||
{mod_private, []},
|
||||
% {mod_private, [{backend, mnesia}]},
|
||||
% {mod_private, [{backend, rdbms}]},
|
||||
% {mod_register, [
|
||||
% %%
|
||||
% %% Set the minimum informational entropy for passwords.
|
||||
% %%
|
||||
% %%{password_strength, 32},
|
||||
%
|
||||
% %%
|
||||
% %% After successful registration, the user receives
|
||||
% %% a message with this subject and body.
|
||||
% %%
|
||||
% {welcome_message, {""}},
|
||||
%
|
||||
% %%
|
||||
% %% When a user registers, send a notification to
|
||||
% %% these XMPP accounts.
|
||||
% %%
|
||||
%
|
||||
%
|
||||
% %%
|
||||
% %% Only clients in the server machine can register accounts
|
||||
% %%
|
||||
% {ip_access, [{allow, "127.0.0.0/8"},
|
||||
% {deny, "0.0.0.0/0"}]},
|
||||
%
|
||||
% %%
|
||||
% %% Local c2s or remote s2s users cannot register accounts
|
||||
% %%
|
||||
% %%{access_from, deny},
|
||||
%
|
||||
% {access, register}
|
||||
% ]},
|
||||
{mod_roster, []},
|
||||
{mod_sic, []},
|
||||
{mod_vcard, [%{matches, 1},
|
||||
%{search, true},
|
||||
%{ldap_search_operator, 'or'}, %% either 'or' or 'and'
|
||||
%{ldap_binary_search_fields, [<<"PHOTO">>]},
|
||||
%% list of binary search fields (as in vcard after mapping)
|
||||
{host, "vjud.@HOST@"}
|
||||
]},
|
||||
{mod_bosh, []},
|
||||
{mod_carboncopy, []}
|
||||
|
||||
%%
|
||||
%% Message Archive Management (MAM, XEP-0313) for registered users and
|
||||
%% Multi-User chats (MUCs).
|
||||
%%
|
||||
|
||||
% {mod_mam_meta, [
|
||||
%% Use RDBMS backend (default)
|
||||
% {backend, rdbms},
|
||||
|
||||
%% Do not store user preferences (default)
|
||||
% {user_prefs_store, false},
|
||||
%% Store user preferences in RDBMS
|
||||
% {user_prefs_store, rdbms},
|
||||
%% Store user preferences in Mnesia (recommended).
|
||||
%% The preferences store will be called each time, as a message is routed.
|
||||
%% That is why Mnesia is better suited for this job.
|
||||
% {user_prefs_store, mnesia},
|
||||
|
||||
%% Enables a pool of asynchronous writers. (default)
|
||||
%% Messages will be grouped together based on archive id.
|
||||
% {async_writer, true},
|
||||
|
||||
%% Cache information about users (default)
|
||||
% {cache_users, true},
|
||||
|
||||
%% Enable archivization for private messages (default)
|
||||
% {pm, [
|
||||
%% Top-level options can be overriden here if needed, for example:
|
||||
% {async_writer, false}
|
||||
% ]},
|
||||
|
||||
%%
|
||||
%% Message Archive Management (MAM) for multi-user chats (MUC).
|
||||
%% Enable XEP-0313 for "muc.@HOST@".
|
||||
%%
|
||||
% {muc, [
|
||||
% {host, "muc.@HOST@"}
|
||||
%% As with pm, top-level options can be overriden for MUC archive
|
||||
% ]},
|
||||
%
|
||||
%% Do not use a <stanza-id/> element (by default stanzaid is used)
|
||||
% no_stanzaid_element,
|
||||
% ]},
|
||||
|
||||
|
||||
%%
|
||||
%% MAM configuration examples
|
||||
%%
|
||||
|
||||
%% Only MUC, no user-defined preferences, good performance.
|
||||
% {mod_mam_meta, [
|
||||
% {backend, rdbms},
|
||||
% {pm, false},
|
||||
% {muc, [
|
||||
% {host, "muc.@HOST@"}
|
||||
% ]}
|
||||
% ]},
|
||||
|
||||
%% Only archives for c2c messages, good performance.
|
||||
% {mod_mam_meta, [
|
||||
% {backend, rdbms},
|
||||
% {pm, [
|
||||
% {user_prefs_store, mnesia}
|
||||
% ]}
|
||||
% ]},
|
||||
|
||||
%% Basic configuration for c2c messages, bad performance, easy to debug.
|
||||
% {mod_mam_meta, [
|
||||
% {backend, rdbms},
|
||||
% {async_writer, false},
|
||||
% {cache_users, false}
|
||||
% ]},
|
||||
|
||||
%% Cassandra archive for c2c and MUC conversations.
|
||||
%% No custom settings supported (always archive).
|
||||
% {mod_mam_meta, [
|
||||
% {backend, cassandra},
|
||||
% {user_prefs_store, cassandra},
|
||||
% {muc, [{host, "muc.@HOST@"}]}
|
||||
% ]}
|
||||
|
||||
% {mod_event_pusher, [
|
||||
% {backends, [
|
||||
% %%
|
||||
% %% Configuration for Amazon SNS notifications.
|
||||
% %%
|
||||
% {sns, [
|
||||
% %% AWS credentials, region and host configuration
|
||||
% {access_key_id, "AKIAJAZYHOIPY6A2PESA"},
|
||||
% {secret_access_key, "c3RvcCBsb29raW5nIGZvciBlYXN0ZXIgZWdncyxr"},
|
||||
% {region, "eu-west-1"},
|
||||
% {account_id, "251423380551"},
|
||||
% {region, "eu-west-1"},
|
||||
% {sns_host, "sns.eu-west-1.amazonaws.com"},
|
||||
%
|
||||
% %% Messages from this MUC host will be sent to the SNS topic
|
||||
% {muc_host, "muc.@HOST@"},
|
||||
%
|
||||
% %% Plugin module for defining custom message attributes and user identification
|
||||
% {plugin_module, mod_event_pusher_sns_defaults},
|
||||
%
|
||||
% %% Topic name configurations. Removing a topic will disable this specific SNS notification
|
||||
% {presence_updates_topic, "user_presence_updated-dev-1"}, %% For presence updates
|
||||
% {pm_messages_topic, "user_message_sent-dev-1"}, %% For private chat messages
|
||||
% {muc_messages_topic, "user_messagegroup_sent-dev-1"} %% For group chat messages
|
||||
%
|
||||
% %% Pool options
|
||||
% {pool_size, 100}, %% Worker pool size for publishing notifications
|
||||
% {publish_retry_count, 2}, %% Retry count in case of publish error
|
||||
% {publish_retry_time_ms, 50} %% Base exponential backoff time (in ms) for publish errors
|
||||
% ]}
|
||||
% ]}
|
||||
|
||||
]}.
|
||||
|
||||
|
||||
%%
|
||||
%% Enable modules with custom options in a specific virtual host
|
||||
%%
|
||||
%%{host_config, "localhost",
|
||||
%% [{ {add, modules},
|
||||
%% [
|
||||
%% {mod_some_module, []}
|
||||
%% ]
|
||||
%% }
|
||||
%% ]}.
|
||||
|
||||
%%%.
|
||||
%%%'
|
||||
|
||||
%%% $Id$
|
||||
|
||||
%%% Local Variables:
|
||||
%%% mode: erlang
|
||||
%%% End:
|
||||
%%% vim: set filetype=erlang tabstop=8 foldmarker=%%%',%%%. foldmethod=marker:
|
||||
%%%.
|
@ -0,0 +1,67 @@
|
||||
# Pleroma: A lightweight social networking server
|
||||
# Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
|
||||
# SPDX-License-Identifier: AGPL-3.0-only
|
||||
|
||||
defmodule Mix.Pleroma do
|
||||
@doc "Common functions to be reused in mix tasks"
|
||||
def start_pleroma do
|
||||
Application.put_env(:phoenix, :serve_endpoints, false, persistent: true)
|
||||
{:ok, _} = Application.ensure_all_started(:pleroma)
|
||||
end
|
||||
|
||||
def load_pleroma do
|
||||
Application.load(:pleroma)
|
||||
end
|
||||
|
||||
def get_option(options, opt, prompt, defval \\ nil, defname \\ nil) do
|
||||
Keyword.get(options, opt) || shell_prompt(prompt, defval, defname)
|
||||
end
|
||||
|
||||
def shell_prompt(prompt, defval \\ nil, defname \\ nil) do
|
||||
prompt_message = "#{prompt} [#{defname || defval}] "
|
||||
|
||||
input =
|
||||
if mix_shell?(),
|
||||
do: Mix.shell().prompt(prompt_message),
|
||||
else: :io.get_line(prompt_message)
|
||||
|
||||
case input do
|
||||
"\n" ->
|
||||
case defval do
|
||||
nil ->
|
||||
shell_prompt(prompt, defval, defname)
|
||||
|
||||
defval ->
|
||||
defval
|
||||
end
|
||||
|
||||
input ->
|
||||
String.trim(input)
|
||||
end
|
||||
end
|
||||
|
||||
def shell_yes?(message) do
|
||||
if mix_shell?(),
|
||||
do: Mix.shell().yes?("Continue?"),
|
||||
else: shell_prompt(message, "Continue?") in ~w(Yn Y y)
|
||||
end
|
||||
|
||||
def shell_info(message) do
|
||||
if mix_shell?(),
|
||||
do: Mix.shell().info(message),
|
||||
else: IO.puts(message)
|
||||
end
|
||||
|
||||
def shell_error(message) do
|
||||
if mix_shell?(),
|
||||
do: Mix.shell().error(message),
|
||||
else: IO.puts(:stderr, message)
|
||||
end
|
||||
|
||||
@doc "Performs a safe check whether `Mix.shell/0` is available (does not raise if Mix is not loaded)"
|
||||
def mix_shell?, do: :erlang.function_exported(Mix, :shell, 0)
|
||||
|
||||
def escape_sh_path(path) do
|
||||
~S(') <> String.replace(path, ~S('), ~S(\')) <> ~S(')
|
||||
end
|
||||
end
|
@ -1,19 +1,23 @@
|
||||
# Pleroma: A lightweight social networking server
|
||||
# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
|
||||
# SPDX-License-Identifier: AGPL-3.0-only
|
||||
|
||||
defmodule Mix.Tasks.Pleroma.Benchmark do
|
||||
import Mix.Pleroma
|
||||
use Mix.Task
|
||||
alias Mix.Tasks.Pleroma.Common
|
||||
|
||||
def run(["search"]) do
|
||||
Common.start_pleroma()
|
||||
start_pleroma()
|
||||
|
||||
Benchee.run(%{
|
||||
"search" => fn ->
|
||||
Pleroma.Web.MastodonAPI.MastodonAPIController.status_search(nil, "cofe")
|
||||
Pleroma.Activity.search(nil, "cofe")
|
||||
end
|
||||
})
|
||||
end
|
||||
|
||||
def run(["tag"]) do
|
||||
Common.start_pleroma()
|
||||
start_pleroma()
|
||||
|
||||
Benchee.run(%{
|
||||
"tag" => fn ->
|
@ -1,28 +0,0 @@
|
||||
# Pleroma: A lightweight social networking server
|
||||
# Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
|
||||
# SPDX-License-Identifier: AGPL-3.0-only
|
||||
|
||||
defmodule Mix.Tasks.Pleroma.Common do
|
||||
@doc "Common functions to be reused in mix tasks"
|
||||
def start_pleroma do
|
||||
Mix.Task.run("app.start")
|
||||
end
|
||||
|
||||
def get_option(options, opt, prompt, defval \\ nil, defname \\ nil) do
|
||||
Keyword.get(options, opt) ||
|
||||
case Mix.shell().prompt("#{prompt} [#{defname || defval}]") do
|
||||
"\n" ->
|
||||
case defval do
|
||||
nil -> get_option(options, opt, prompt, defval)
|
||||
defval -> defval
|
||||
end
|
||||
|
||||
opt ->
|
||||
opt |> String.trim()
|
||||
end
|
||||
end
|
||||
|
||||
def escape_sh_path(path) do
|
||||
~S(') <> String.replace(path, ~S('), ~S(\')) <> ~S(')
|
||||
end
|
||||
end
|
@ -0,0 +1,83 @@
|
||||
# Pleroma: A lightweight social networking server
|
||||
# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
|
||||
# SPDX-License-Identifier: AGPL-3.0-only
|
||||
|
||||
defmodule Mix.Tasks.Pleroma.Config do
|
||||
use Mix.Task
|
||||
import Mix.Pleroma
|
||||
alias Pleroma.Repo
|
||||
alias Pleroma.Web.AdminAPI.Config
|
||||
@shortdoc "Manages the location of the config"
|
||||
@moduledoc """
|
||||
Manages the location of the config.
|
||||
|
||||
## Transfers config from file to DB.
|
||||
|
||||
mix pleroma.config migrate_to_db
|
||||
|
||||
## Transfers config from DB to file.
|
||||
|
||||
mix pleroma.config migrate_from_db ENV
|
||||
"""
|
||||
|
||||
def run(["migrate_to_db"]) do
|
||||
start_pleroma()
|
||||
|
||||
if Pleroma.Config.get([:instance, :dynamic_configuration]) do
|
||||
Application.get_all_env(:pleroma)
|
||||
|> Enum.reject(fn {k, _v} -> k in [Pleroma.Repo, :env] end)
|
||||
|> Enum.each(fn {k, v} ->
|
||||
key = to_string(k) |> String.replace("Elixir.", "")
|
||||
|
||||
key =
|
||||
if String.starts_with?(key, "Pleroma.") do
|
||||
key
|
||||
else
|
||||
":" <> key
|
||||
end
|
||||
|
||||
{:ok, _} = Config.update_or_create(%{group: "pleroma", key: key, value: v})
|
||||
Mix.shell().info("#{key} is migrated.")
|
||||
end)
|
||||
|
||||
Mix.shell().info("Settings migrated.")
|
||||
else
|
||||
Mix.shell().info(
|
||||
"Migration is not allowed by config. You can change this behavior in instance settings."
|
||||
)
|
||||
end
|
||||
end
|
||||
|
||||
def run(["migrate_from_db", env, delete?]) do
|
||||
start_pleroma()
|
||||
|
||||
delete? = if delete? == "true", do: true, else: false
|
||||
|
||||
if Pleroma.Config.get([:instance, :dynamic_configuration]) do
|
||||
config_path = "config/#{env}.exported_from_db.secret.exs"
|
||||
|
||||
{:ok, file} = File.open(config_path, [:write])
|
||||
IO.write(file, "use Mix.Config\r\n")
|
||||
|
||||
Repo.all(Config)
|
||||
|> Enum.each(fn config ->
|
||||
IO.write(
|
||||
file,
|
||||
"config :#{config.group}, #{config.key}, #{inspect(Config.from_binary(config.value))}\r\n\r\n"
|
||||
)
|
||||
|
||||
if delete? do
|
||||
{:ok, _} = Repo.delete(config)
|
||||
Mix.shell().info("#{config.key} deleted from DB.")
|
||||
end
|
||||
end)
|
||||
|
||||
File.close(file)
|
||||
System.cmd("mix", ["format", config_path])
|
||||
else
|
||||
Mix.shell().info(
|
||||
"Migration is not allowed by config. You can change this behavior in instance settings."
|
||||
)
|
||||
end
|
||||
end
|
||||
end
|
@ -0,0 +1,50 @@
|
||||
# Pleroma: A lightweight social networking server
|
||||
# Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
|
||||
# SPDX-License-Identifier: AGPL-3.0-onl
|
||||
|
||||
defmodule Mix.Tasks.Pleroma.Ecto do
|
||||
@doc """
|
||||
Ensures the given repository's migrations path exists on the file system.
|
||||
"""
|
||||
@spec ensure_migrations_path(Ecto.Repo.t(), Keyword.t()) :: String.t()
|
||||
def ensure_migrations_path(repo, opts) do
|
||||
path = opts[:migrations_path] || Path.join(source_repo_priv(repo), "migrations")
|
||||
|
||||
path =
|
||||
case Path.type(path) do
|
||||
:relative ->
|
||||
Path.join(Application.app_dir(:pleroma), path)
|
||||
|
||||
:absolute ->
|
||||
path
|
||||
end
|
||||
|
||||
if not File.dir?(path) do
|
||||
raise_missing_migrations(Path.relative_to_cwd(path), repo)
|
||||
end
|
||||
|
||||
path
|
||||
end
|
||||
|
||||
@doc """
|
||||
Returns the private repository path relative to the source.
|
||||
"""
|
||||
def source_repo_priv(repo) do
|
||||
config = repo.config()
|
||||
priv = config[:priv] || "priv/#{repo |> Module.split() |> List.last() |> Macro.underscore()}"
|
||||
Path.join(Application.app_dir(:pleroma), priv)
|
||||
end
|
||||
|
||||
defp raise_missing_migrations(path, repo) do
|
||||
raise("""
|
||||
Could not find migrations directory #{inspect(path)}
|
||||
for repo #{inspect(repo)}.
|
||||
This may be because you are in a new project and the
|
||||
migration directory has not been created yet. Creating an
|
||||
empty directory at the path above will fix this error.
|
||||
If you expected existing migrations to be found, please
|
||||
make sure your repository has been properly configured
|
||||
and the configured path exists.
|
||||
""")
|
||||
end
|
||||
end
|
@ -0,0 +1,63 @@
|
||||
# Pleroma: A lightweight social networking server
|
||||
# Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
|
||||
# SPDX-License-Identifier: AGPL-3.0-onl
|
||||
|
||||
defmodule Mix.Tasks.Pleroma.Ecto.Migrate do
|
||||
use Mix.Task
|
||||
import Mix.Pleroma
|
||||
require Logger
|
||||
|
||||
@shortdoc "Wrapper on `ecto.migrate` task."
|
||||
|
||||
@aliases [
|
||||
n: :step,
|
||||
v: :to
|
||||
]
|
||||
|
||||
@switches [
|
||||
all: :boolean,
|
||||
step: :integer,
|
||||
to: :integer,
|
||||
quiet: :boolean,
|
||||
log_sql: :boolean,
|
||||
strict_version_order: :boolean,
|
||||
migrations_path: :string
|
||||
]
|
||||
|
||||
@moduledoc """
|
||||
Changes `Logger` level to `:info` before start migration.
|
||||
Changes level back when migration ends.
|
||||
|
||||
## Start migration
|
||||
|
||||
mix pleroma.ecto.migrate [OPTIONS]
|
||||
|
||||
Options:
|
||||
- see https://hexdocs.pm/ecto/2.0.0/Mix.Tasks.Ecto.Migrate.html
|
||||
"""
|
||||
|
||||
@impl true
|
||||
def run(args \\ []) do
|
||||
load_pleroma()
|
||||
{opts, _} = OptionParser.parse!(args, strict: @switches, aliases: @aliases)
|
||||
|
||||
opts =
|
||||
if opts[:to] || opts[:step] || opts[:all],
|
||||
do: opts,
|
||||
else: Keyword.put(opts, :all, true)
|
||||
|
||||
opts =
|
||||
if opts[:quiet],
|
||||
do: Keyword.merge(opts, log: false, log_sql: false),
|
||||
else: opts
|
||||
|
||||
path = Mix.Tasks.Pleroma.Ecto.ensure_migrations_path(Pleroma.Repo, opts)
|
||||
|
||||
level = Logger.level()
|
||||
Logger.configure(level: :info)
|
||||
|
||||
{:ok, _, _} = Ecto.Migrator.with_repo(Pleroma.Repo, &Ecto.Migrator.run(&1, path, :up, opts))
|
||||
|
||||
Logger.configure(level: level)
|
||||
end
|
||||
end
|
@ -0,0 +1,67 @@
|
||||
# Pleroma: A lightweight social networking server
|
||||
# Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
|
||||
# SPDX-License-Identifier: AGPL-3.0-onl
|
||||
|
||||
defmodule Mix.Tasks.Pleroma.Ecto.Rollback do
|
||||
use Mix.Task
|
||||
import Mix.Pleroma
|
||||
require Logger
|
||||
@shortdoc "Wrapper on `ecto.rollback` task"
|
||||
|
||||
@aliases [
|
||||
n: :step,
|
||||
v: :to
|
||||
]
|
||||
|
||||
@switches [
|
||||
all: :boolean,
|
||||
step: :integer,
|
||||
to: :integer,
|
||||
start: :boolean,
|
||||
quiet: :boolean,
|
||||
log_sql: :boolean,
|
||||
migrations_path: :string
|
||||
]
|
||||
|
||||
@moduledoc """
|
||||
Changes `Logger` level to `:info` before start rollback.
|
||||
Changes level back when rollback ends.
|
||||
|
||||
## Start rollback
|
||||
|
||||
mix pleroma.ecto.rollback
|
||||
|
||||
Options:
|
||||
- see https://hexdocs.pm/ecto/2.0.0/Mix.Tasks.Ecto.Rollback.html
|
||||
"""
|
||||
|
||||
@impl true
|
||||
def run(args \\ []) do
|
||||
load_pleroma()
|
||||
{opts, _} = OptionParser.parse!(args, strict: @switches, aliases: @aliases)
|
||||
|
||||
opts =
|
||||
if opts[:to] || opts[:step] || opts[:all],
|
||||
do: opts,
|
||||
else: Keyword.put(opts, :step, 1)
|
||||
|
||||
opts =
|
||||
if opts[:quiet],
|
||||
do: Keyword.merge(opts, log: false, log_sql: false),
|
||||
else: opts
|
||||
|
||||
path = Mix.Tasks.Pleroma.Ecto.ensure_migrations_path(Pleroma.Repo, opts)
|
||||
|
||||
level = Logger.level()
|
||||
Logger.configure(level: :info)
|
||||
|
||||
if Pleroma.Config.get(:env) == :test do
|
||||
Logger.info("Rollback succesfully")
|
||||
else
|
||||
{:ok, _, _} =
|
||||
Ecto.Migrator.with_repo(Pleroma.Repo, &Ecto.Migrator.run(&1, path, :down, opts))
|
||||
end
|
||||
|
||||
Logger.configure(level: level)
|
||||
end
|
||||
end
|
@ -0,0 +1,92 @@
|
||||
# Pleroma: A lightweight social networking server
|
||||
# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
|
||||
# SPDX-License-Identifier: AGPL-3.0-only
|
||||
|
||||
defmodule Pleroma.Activity.Search do
|
||||
alias Pleroma.Activity
|
||||
alias Pleroma.Object.Fetcher
|
||||
alias Pleroma.Pagination
|
||||
alias Pleroma.User
|
||||
alias Pleroma.Web.ActivityPub.Visibility
|
||||
|
||||
import Ecto.Query
|
||||
|
||||
def search(user, search_query, options \\ []) do
|
||||
index_type = if Pleroma.Config.get([:database, :rum_enabled]), do: :rum, else: :gin
|
||||
limit = Enum.min([Keyword.get(options, :limit), 40])
|
||||
offset = Keyword.get(options, :offset, 0)
|
||||
author = Keyword.get(options, :author)
|
||||
|
||||
Activity
|
||||
|> Activity.with_preloaded_object()
|
||||
|> Activity.restrict_deactivated_users()
|
||||
|> restrict_public()
|
||||
|> query_with(index_type, search_query)
|
||||
|> maybe_restrict_local(user)
|
||||
|> maybe_restrict_author(author)
|
||||
|> Pagination.fetch_paginated(%{"offset" => offset, "limit" => limit}, :offset)
|
||||
|> maybe_fetch(user, search_query)
|
||||
end
|
||||
|
||||
def maybe_restrict_author(query, %User{} = author) do
|
||||
from([a, o] in query,
|
||||
where: a.actor == ^author.ap_id
|
||||
)
|
||||
end
|
||||
|
||||
def maybe_restrict_author(query, _), do: query
|
||||
|
||||
defp restrict_public(q) do
|
||||
from([a, o] in q,
|
||||
where: fragment("?->>'type' = 'Create'", a.data),
|
||||
where: "https://www.w3.org/ns/activitystreams#Public" in a.recipients
|
||||
)
|
||||
end
|
||||
|
||||
defp query_with(q, :gin, search_query) do
|
||||
from([a, o] in q,
|
||||
where:
|
||||
fragment(
|
||||
"to_tsvector('english', ?->>'content') @@ plainto_tsquery('english', ?)",
|
||||
o.data,
|
||||
^search_query
|
||||
)
|
||||
)
|
||||
end
|
||||
|
||||
defp query_with(q, :rum, search_query) do
|
||||
from([a, o] in q,
|
||||
where:
|
||||
fragment(
|
||||
"? @@ plainto_tsquery('english', ?)",
|
||||
o.fts_content,
|
||||
^search_query
|
||||
),
|
||||
order_by: [fragment("? <=> now()::date", o.inserted_at)]
|
||||
)
|
||||
end
|
||||
|
||||
defp maybe_restrict_local(q, user) do
|
||||
limit = Pleroma.Config.get([:instance, :limit_to_local_content], :unauthenticated)
|
||||
|
||||
case {limit, user} do
|
||||
{:all, _} -> restrict_local(q)
|
||||
{:unauthenticated, %User{}} -> q
|
||||
{:unauthenticated, _} -> restrict_local(q)
|
||||
{false, _} -> q
|
||||
end
|
||||
end
|
||||
|
||||
defp restrict_local(q), do: where(q, local: true)
|
||||
|
||||
defp maybe_fetch(activities, user, search_query) do
|
||||
with true <- Regex.match?(~r/https?:/, search_query),
|
||||
{:ok, object} <- Fetcher.fetch_object_from_id(search_query),
|
||||
%Activity{} = activity <- Activity.get_create_by_object_ap_id(object.data["id"]),
|
||||
true <- Visibility.visible_for_user?(activity, user) do
|
||||
activities ++ [activity]
|
||||
else
|
||||
_ -> activities
|
||||
end
|
||||
end
|
||||
end
|
@ -0,0 +1,59 @@
|
||||
# Pleroma: A lightweight social networking server
|
||||
# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
|
||||
# SPDX-License-Identifier: AGPL-3.0-only
|
||||
|
||||
defmodule Pleroma.Config.TransferTask do
|
||||
use Task
|
||||
alias Pleroma.Web.AdminAPI.Config
|
||||
|
||||
def start_link do
|
||||
load_and_update_env()
|
||||
if Pleroma.Config.get(:env) == :test, do: Ecto.Adapters.SQL.Sandbox.checkin(Pleroma.Repo)
|
||||
:ignore
|
||||
end
|
||||
|
||||
def load_and_update_env do
|
||||
if Pleroma.Config.get([:instance, :dynamic_configuration]) and
|
||||
Ecto.Adapters.SQL.table_exists?(Pleroma.Repo, "config") do
|
||||
for_restart =
|
||||
Pleroma.Repo.all(Config)
|
||||
|> Enum.map(&update_env(&1))
|
||||
|
||||
# We need to restart applications for loaded settings take effect
|
||||
for_restart
|
||||
|> Enum.reject(&(&1 in [:pleroma, :ok]))
|
||||
|> Enum.each(fn app ->
|
||||
Application.stop(app)
|
||||
:ok = Application.start(app)
|
||||
end)
|
||||
end
|
||||
end
|
||||
|
||||
defp update_env(setting) do
|
||||
try do
|
||||
key =
|
||||
if String.starts_with?(setting.key, "Pleroma.") do
|
||||
"Elixir." <> setting.key
|
||||
else
|
||||
String.trim_leading(setting.key, ":")
|
||||
end
|
||||
|
||||
group = String.to_existing_atom(setting.group)
|
||||
|
||||
Application.put_env(
|
||||
group,
|
||||
String.to_existing_atom(key),
|
||||
Config.from_binary(setting.value)
|
||||
)
|
||||
|
||||
group
|
||||
rescue
|
||||
e ->
|
||||
require Logger
|
||||
|
||||
Logger.warn(
|
||||
"updating env causes error, key: #{inspect(setting.key)}, error: #{inspect(e)}"
|
||||
)
|
||||
end
|
||||
end
|
||||
end
|
@ -0,0 +1,27 @@
|
||||
# Pleroma: A lightweight social networking server
|
||||
# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
|
||||
# SPDX-License-Identifier: AGPL-3.0-only
|
||||
|
||||
defmodule Pleroma.Helpers.UriHelper do
|
||||
def append_uri_params(uri, appended_params) do
|
||||
uri = URI.parse(uri)
|
||||
appended_params = for {k, v} <- appended_params, into: %{}, do: {to_string(k), v}
|
||||
existing_params = URI.query_decoder(uri.query || "") |> Enum.into(%{})
|
||||
updated_params_keys = Enum.uniq(Map.keys(existing_params) ++ Map.keys(appended_params))
|
||||
|
||||
updated_params =
|
||||
for k <- updated_params_keys, do: {k, appended_params[k] || existing_params[k]}
|
||||
|
||||
uri
|
||||
|> Map.put(:query, URI.encode_query(updated_params))
|
||||
|> URI.to_string()
|
||||
end
|
||||
|
||||
def append_param_if_present(%{} = params, param_name, param_value) do
|
||||
if param_value do
|
||||
Map.put(params, param_name, param_value)
|
||||
else
|
||||
params
|
||||
end
|
||||
end
|
||||
end
|
@ -0,0 +1,84 @@
|
||||
# Pleroma: A lightweight social networking server
|
||||
# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
|
||||
# SPDX-License-Identifier: AGPL-3.0-only
|
||||
|
||||
defmodule Pleroma.Plugs.IdempotencyPlug do
|
||||
import Phoenix.Controller, only: [json: 2]
|
||||
import Plug.Conn
|
||||
|
||||
@behaviour Plug
|
||||
|
||||
@impl true
|
||||
def init(opts), do: opts
|
||||
|
||||
# Sending idempotency keys in `GET` and `DELETE` requests has no effect
|
||||
# and should be avoided, as these requests are idempotent by definition.
|
||||
|
||||
@impl true
|
||||
def call(%{method: method} = conn, _) when method in ["POST", "PUT", "PATCH"] do
|
||||
case get_req_header(conn, "idempotency-key") do
|
||||
[key] -> process_request(conn, key)
|
||||
_ -> conn
|
||||
end
|
||||
end
|
||||
|
||||
def call(conn, _), do: conn
|
||||
|
||||
def process_request(conn, key) do
|
||||
case Cachex.get(:idempotency_cache, key) do
|
||||
{:ok, nil} ->
|
||||
cache_resposnse(conn, key)
|
||||
|
||||
{:ok, record} ->
|
||||
send_cached(conn, key, record)
|
||||
|
||||
{atom, message} when atom in [:ignore, :error] ->
|
||||
render_error(conn, message)
|
||||
end
|
||||
end
|
||||
|
||||
defp cache_resposnse(conn, key) do
|
||||
register_before_send(conn, fn conn ->
|
||||
[request_id] = get_resp_header(conn, "x-request-id")
|
||||
content_type = get_content_type(conn)
|
||||
|
||||
record = {request_id, content_type, conn.status, conn.resp_body}
|
||||
{:ok, _} = Cachex.put(:idempotency_cache, key, record)
|
||||
|
||||
conn
|
||||
|> put_resp_header("idempotency-key", key)
|
||||
|> put_resp_header("x-original-request-id", request_id)
|
||||
end)
|
||||
end
|
||||
|
||||
defp send_cached(conn, key, record) do
|
||||
{request_id, content_type, status, body} = record
|
||||
|
||||
conn
|
||||
|> put_resp_header("idempotency-key", key)
|
||||
|> put_resp_header("idempotent-replayed", "true")
|
||||
|> put_resp_header("x-original-request-id", request_id)
|
||||
|> put_resp_content_type(content_type)
|
||||
|> send_resp(status, body)
|
||||
|> halt()
|
||||
end
|
||||
|
||||
defp render_error(conn, message) do
|
||||
conn
|
||||
|> put_status(:unprocessable_entity)
|
||||
|> json(%{error: message})
|
||||
|> halt()
|
||||
end
|
||||
|
||||
defp get_content_type(conn) do
|
||||
[content_type] = get_resp_header(conn, "content-type")
|
||||
|
||||
if String.contains?(content_type, ";") do
|
||||
content_type
|
||||
|> String.split(";")
|
||||
|> hd()
|
||||
else
|
||||
content_type
|
||||
end
|
||||
end
|
||||
end
|
@ -1,36 +0,0 @@
|
||||
# Pleroma: A lightweight social networking server
|
||||
# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
|
||||
# SPDX-License-Identifier: AGPL-3.0-only
|
||||
|
||||
defmodule Pleroma.Plugs.RateLimitPlug do
|
||||
import Phoenix.Controller, only: [json: 2]
|
||||
import Plug.Conn
|
||||
|
||||
def init(opts), do: opts
|
||||
|
||||
def call(conn, opts) do
|
||||
enabled? = Pleroma.Config.get([:app_account_creation, :enabled])
|
||||
|
||||
case check_rate(conn, Map.put(opts, :enabled, enabled?)) do
|
||||
{:ok, _count} -> conn
|
||||
{:error, _count} -> render_error(conn)
|
||||
%Plug.Conn{} = conn -> conn
|
||||
end
|
||||
end
|
||||
|
||||
defp check_rate(conn, %{enabled: true} = opts) do
|
||||
max_requests = opts[:max_requests]
|
||||
bucket_name = conn.remote_ip |> Tuple.to_list() |> Enum.join(".")
|
||||
|
||||
ExRated.check_rate(bucket_name, opts[:interval] * 1000, max_requests)
|
||||
end
|
||||
|
||||
defp check_rate(conn, _), do: conn
|
||||
|
||||
defp render_error(conn) do
|
||||
conn
|
||||
|> put_status(:forbidden)
|
||||
|> json(%{error: "Rate limit exceeded."})
|
||||
|> halt()
|
||||
end
|
||||
end
|
@ -0,0 +1,131 @@
|
||||
# Pleroma: A lightweight social networking server
|
||||
# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
|
||||
# SPDX-License-Identifier: AGPL-3.0-only
|
||||
|
||||
defmodule Pleroma.Plugs.RateLimiter do
|
||||
@moduledoc """
|
||||
|
||||
## Configuration
|
||||
|
||||
A keyword list of rate limiters where a key is a limiter name and value is the limiter configuration. The basic configuration is a tuple where:
|
||||
|
||||
* The first element: `scale` (Integer). The time scale in milliseconds.
|
||||
* The second element: `limit` (Integer). How many requests to limit in the time scale provided.
|
||||
|
||||
It is also possible to have different limits for unauthenticated and authenticated users: the keyword value must be a list of two tuples where the first one is a config for unauthenticated users and the second one is for authenticated.
|
||||
|
||||
To disable a limiter set its value to `nil`.
|
||||
|
||||
### Example
|
||||
|
||||
config :pleroma, :rate_limit,
|
||||
one: {1000, 10},
|
||||
two: [{10_000, 10}, {10_000, 50}],
|
||||
foobar: nil
|
||||
|
||||
Here we have three limiters:
|
||||
|
||||
* `one` which is not over 10req/1s
|
||||
* `two` which has two limits: 10req/10s for unauthenticated users and 50req/10s for authenticated users
|
||||
* `foobar` which is disabled
|
||||
|
||||
## Usage
|
||||
|
||||
AllowedSyntax:
|
||||
|
||||
plug(Pleroma.Plugs.RateLimiter, :limiter_name)
|
||||
plug(Pleroma.Plugs.RateLimiter, {:limiter_name, options})
|
||||
|
||||
Allowed options:
|
||||
|
||||
* `bucket_name` overrides bucket name (e.g. to have a separate limit for a set of actions)
|
||||
* `params` appends values of specified request params (e.g. ["id"]) to bucket name
|
||||
|
||||
Inside a controller:
|
||||
|
||||
plug(Pleroma.Plugs.RateLimiter, :one when action == :one)
|
||||
plug(Pleroma.Plugs.RateLimiter, :two when action in [:two, :three])
|
||||
|
||||
plug(
|
||||
Pleroma.Plugs.RateLimiter,
|
||||
{:status_id_action, bucket_name: "status_id_action:fav_unfav", params: ["id"]}
|
||||
when action in ~w(fav_status unfav_status)a
|
||||
)
|
||||
|
||||
or inside a router pipeline:
|
||||
|
||||
pipeline :api do
|
||||
...
|
||||
plug(Pleroma.Plugs.RateLimiter, :one)
|
||||
...
|
||||
end
|
||||
"""
|
||||
import Pleroma.Web.TranslationHelpers
|
||||
import Plug.Conn
|
||||
|
||||
alias Pleroma.User
|
||||
|
||||
def init(limiter_name) when is_atom(limiter_name) do
|
||||
init({limiter_name, []})
|
||||
end
|
||||
|
||||
def init({limiter_name, opts}) do
|
||||
case Pleroma.Config.get([:rate_limit, limiter_name]) do
|
||||
nil -> nil
|
||||
config -> {limiter_name, config, opts}
|
||||
end
|
||||
end
|
||||
|
||||
# Do not limit if there is no limiter configuration
|
||||
def call(conn, nil), do: conn
|
||||
|
||||
def call(conn, settings) do
|
||||
case check_rate(conn, settings) do
|
||||
{:ok, _count} ->
|
||||
conn
|
||||
|
||||
{:error, _count} ->
|
||||
render_throttled_error(conn)
|
||||
end
|
||||
end
|
||||
|
||||
defp bucket_name(conn, limiter_name, opts) do
|
||||
bucket_name = opts[:bucket_name] || limiter_name
|
||||
|
||||
if params_names = opts[:params] do
|
||||
params_values = for p <- Enum.sort(params_names), do: conn.params[p]
|
||||
Enum.join([bucket_name] ++ params_values, ":")
|
||||
else
|
||||
bucket_name
|
||||
end
|
||||
end
|
||||
|
||||
defp check_rate(
|
||||
%{assigns: %{user: %User{id: user_id}}} = conn,
|
||||
{limiter_name, [_, {scale, limit}], opts}
|
||||
) do
|
||||
bucket_name = bucket_name(conn, limiter_name, opts)
|
||||
ExRated.check_rate("#{bucket_name}:#{user_id}", scale, limit)
|
||||
end
|
||||
|
||||
defp check_rate(conn, {limiter_name, [{scale, limit} | _], opts}) do
|
||||
bucket_name = bucket_name(conn, limiter_name, opts)
|
||||
ExRated.check_rate("#{bucket_name}:#{ip(conn)}", scale, limit)
|
||||
end
|
||||
|
||||
defp check_rate(conn, {limiter_name, {scale, limit}, opts}) do
|
||||
check_rate(conn, {limiter_name, [{scale, limit}, {scale, limit}], opts})
|
||||
end
|
||||
|
||||
def ip(%{remote_ip: remote_ip}) do
|
||||
remote_ip
|
||||
|> Tuple.to_list()
|
||||
|> Enum.join(".")
|
||||
end
|
||||
|
||||
defp render_throttled_error(conn) do
|
||||
conn
|
||||
|> render_error(:too_many_requests, "Throttled")
|
||||
|> halt()
|
||||
end
|
||||
end
|
@ -0,0 +1,63 @@
|
||||
# Pleroma: A lightweight social networking server
|
||||
# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
|
||||
# SPDX-License-Identifier: AGPL-3.0-only
|
||||
|
||||
# NOTE: this module is based on https://github.com/smeevil/set_locale
|
||||
defmodule Pleroma.Plugs.SetLocalePlug do
|
||||
import Plug.Conn, only: [get_req_header: 2, assign: 3]
|
||||
|
||||
def init(_), do: nil
|
||||
|
||||
def call(conn, _) do
|
||||
locale = get_locale_from_header(conn) || Gettext.get_locale()
|
||||
Gettext.put_locale(locale)
|
||||
assign(conn, :locale, locale)
|
||||
end
|
||||
|
||||
defp get_locale_from_header(conn) do
|
||||
conn
|
||||
|> extract_accept_language()
|
||||
|> Enum.find(&supported_locale?/1)
|
||||
end
|
||||
|
||||
defp extract_accept_language(conn) do
|
||||
case get_req_header(conn, "accept-language") do
|
||||
[value | _] ->
|
||||
value
|
||||
|> String.split(",")
|
||||
|> Enum.map(&parse_language_option/1)
|
||||
|> Enum.sort(&(&1.quality > &2.quality))
|
||||
|> Enum.map(& &1.tag)
|
||||
|> Enum.reject(&is_nil/1)
|
||||
|> ensure_language_fallbacks()
|
||||
|
||||
_ ->
|
||||
[]
|
||||
end
|
||||
end
|
||||
|
||||
defp supported_locale?(locale) do
|
||||
Pleroma.Web.Gettext
|
||||
|> Gettext.known_locales()
|
||||
|> Enum.member?(locale)
|
||||
end
|
||||
|
||||
defp parse_language_option(string) do
|
||||
captures = Regex.named_captures(~r/^\s?(?<tag>[\w\-]+)(?:;q=(?<quality>[\d\.]+))?$/i, string)
|
||||
|
||||
quality =
|
||||
case Float.parse(captures["quality"] || "1.0") do
|
||||
{val, _} -> val
|
||||
:error -> 1.0
|
||||
end
|
||||
|
||||
%{tag: captures["tag"], quality: quality}
|
||||
end
|
||||
|
||||
defp ensure_language_fallbacks(tags) do
|
||||
Enum.flat_map(tags, fn tag ->
|
||||
[language | _] = String.split(tag, "-")
|
||||
if Enum.member?(tags, language), do: [tag], else: [tag, language]
|
||||
end)
|
||||
end
|
||||
end
|
@ -0,0 +1,66 @@
|
||||
# Pleroma: A lightweight social networking server
|
||||
# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
|
||||
# SPDX-License-Identifier: AGPL-3.0-only
|
||||
|
||||
defmodule Pleroma.ReleaseTasks do
|
||||
@repo Pleroma.Repo
|
||||
|
||||
def run(args) do
|
||||
[task | args] = String.split(args)
|
||||
|
||||
case task do
|
||||
"migrate" -> migrate(args)
|
||||
"create" -> create()
|
||||
"rollback" -> rollback(args)
|
||||
task -> mix_task(task, args)
|
||||
end
|
||||
end
|
||||
|
||||
defp mix_task(task, args) do
|
||||
Application.load(:pleroma)
|
||||
{:ok, modules} = :application.get_key(:pleroma, :modules)
|
||||
|
||||
module =
|
||||
Enum.find(modules, fn module ->
|
||||
module = Module.split(module)
|
||||
|
||||
match?(["Mix", "Tasks", "Pleroma" | _], module) and
|
||||
String.downcase(List.last(module)) == task
|
||||
end)
|
||||
|
||||
if module do
|
||||
module.run(args)
|
||||
else
|
||||
IO.puts("The task #{task} does not exist")
|
||||
end
|
||||
end
|
||||
|
||||
def migrate(args) do
|
||||
Mix.Tasks.Pleroma.Ecto.Migrate.run(args)
|
||||
end
|
||||
|
||||
def rollback(args) do
|
||||
Mix.Tasks.Pleroma.Ecto.Rollback.run(args)
|
||||
end
|
||||
|
||||
def create do
|
||||
Application.load(:pleroma)
|
||||
|
||||
case @repo.__adapter__.storage_up(@repo.config) do
|
||||
:ok ->
|
||||
IO.puts("The database for #{inspect(@repo)} has been created")
|
||||
|
||||
{:error, :already_up} ->
|
||||
IO.puts("The database for #{inspect(@repo)} has already been created")
|
||||
|
||||
{:error, term} when is_binary(term) ->
|
||||
IO.puts(:stderr, "The database for #{inspect(@repo)} couldn't be created: #{term}")
|
||||
|
||||
{:error, term} ->
|
||||
IO.puts(
|
||||
:stderr,
|
||||
"The database for #{inspect(@repo)} couldn't be created: #{inspect(term)}"
|
||||
)
|
||||
end
|
||||
end
|
||||
end
|
@ -0,0 +1,34 @@
|
||||
# Pleroma: A lightweight social networking server
|
||||
# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
|
||||
# SPDX-License-Identifier: AGPL-3.0-only
|
||||
|
||||
defmodule Pleroma.RepoStreamer do
|
||||
alias Pleroma.Repo
|
||||
import Ecto.Query
|
||||
|
||||
def chunk_stream(query, chunk_size) do
|
||||
Stream.unfold(0, fn
|
||||
:halt ->
|
||||
{[], :halt}
|
||||
|
||||
last_id ->
|
||||
query
|
||||
|> order_by(asc: :id)
|
||||
|> where([r], r.id > ^last_id)
|
||||
|> limit(^chunk_size)
|
||||
|> Repo.all()
|
||||
|> case do
|
||||
[] ->
|
||||
{[], :halt}
|
||||
|
||||
records ->
|
||||
last_id = List.last(records).id
|
||||
{records, last_id}
|
||||
end
|
||||
end)
|
||||
|> Stream.take_while(fn
|
||||
[] -> false
|
||||
_ -> true
|
||||
end)
|
||||
end
|
||||
end
|
@ -0,0 +1,28 @@
|
||||
# Pleroma: A lightweight social networking server
|
||||
# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
|
||||
# SPDX-License-Identifier: AGPL-3.0-only
|
||||
|
||||
defmodule Pleroma.ReverseProxy.Client do
|
||||
@callback request(atom(), String.t(), [tuple()], String.t(), list()) ::
|
||||
{:ok, pos_integer(), [tuple()], reference() | map()}
|
||||
| {:ok, pos_integer(), [tuple()]}
|
||||
| {:ok, reference()}
|
||||
| {:error, term()}
|
||||
|
||||
@callback stream_body(reference() | pid() | map()) ::
|
||||
{:ok, binary()} | :done | {:error, String.t()}
|
||||
|
||||
@callback close(reference() | pid() | map()) :: :ok
|
||||
|
||||
def request(method, url, headers, "", opts \\ []) do
|
||||
client().request(method, url, headers, "", opts)
|
||||
end
|
||||
|
||||
def stream_body(ref), do: client().stream_body(ref)
|
||||
|
||||
def close(ref), do: client().close(ref)
|
||||
|
||||
defp client do
|
||||
Pleroma.Config.get([Pleroma.ReverseProxy.Client], :hackney)
|
||||
end
|
||||
end
|
@ -1,51 +0,0 @@
|
||||
# Pleroma: A lightweight social networking server
|
||||
# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
|
||||
# SPDX-License-Identifier: AGPL-3.0-only
|
||||
|
||||
defmodule Pleroma.Uploaders.Swift.Keystone do
|
||||
use HTTPoison.Base
|
||||
|
||||
def process_url(url) do
|
||||
Enum.join(
|
||||
[Pleroma.Config.get!([Pleroma.Uploaders.Swift, :auth_url]), url],
|
||||
"/"
|
||||
)
|
||||
end
|
||||
|
||||
def process_response_body(body) do
|
||||
body
|
||||
|> Jason.decode!()
|
||||
end
|
||||
|
||||
def get_token do
|
||||
settings = Pleroma.Config.get(Pleroma.Uploaders.Swift)
|
||||
username = Keyword.fetch!(settings, :username)
|
||||
password = Keyword.fetch!(settings, :password)
|
||||
tenant_id = Keyword.fetch!(settings, :tenant_id)
|
||||
|
||||
case post(
|
||||
"/tokens",
|
||||
make_auth_body(username, password, tenant_id),
|
||||
["Content-Type": "application/json"],
|
||||
hackney: [:insecure]
|
||||
) do
|
||||
{:ok, %Tesla.Env{status: 200, body: body}} ->
|
||||
body["access"]["token"]["id"]
|
||||
|
||||
{:ok, %Tesla.Env{status: _}} ->
|
||||
""
|
||||
end
|
||||
end
|
||||
|
||||
def make_auth_body(username, password, tenant) do
|
||||
Jason.encode!(%{
|
||||
:auth => %{
|
||||
:passwordCredentials => %{
|
||||
:username => username,
|
||||
:password => password
|
||||
},
|
||||
:tenantId => tenant
|
||||
}
|
||||
})
|
||||
end
|
||||
end
|
@ -1,29 +0,0 @@
|
||||
# Pleroma: A lightweight social networking server
|
||||
# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
|
||||
# SPDX-License-Identifier: AGPL-3.0-only
|
||||
|
||||
defmodule Pleroma.Uploaders.Swift.Client do
|
||||
use HTTPoison.Base
|
||||
|
||||
def process_url(url) do
|
||||
Enum.join(
|
||||
[Pleroma.Config.get!([Pleroma.Uploaders.Swift, :storage_url]), url],
|
||||
"/"
|
||||
)
|
||||
end
|
||||
|
||||
def upload_file(filename, body, content_type) do
|
||||
token = Pleroma.Uploaders.Swift.Keystone.get_token()
|
||||
|
||||
case put("#{filename}", body, "X-Auth-Token": token, "Content-Type": content_type) do
|
||||
{:ok, %Tesla.Env{status: 201}} ->
|
||||
{:ok, {:file, filename}}
|
||||
|
||||
{:ok, %Tesla.Env{status: 401}} ->
|
||||
{:error, "Unauthorized, Bad Token"}
|
||||
|
||||
{:error, _} ->
|
||||
{:error, "Swift Upload Error"}
|
||||
end
|
||||
end
|
||||
end
|
@ -1,19 +0,0 @@
|
||||
# Pleroma: A lightweight social networking server
|
||||
# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
|
||||
# SPDX-License-Identifier: AGPL-3.0-only
|
||||
|
||||
defmodule Pleroma.Uploaders.Swift do
|
||||
@behaviour Pleroma.Uploaders.Uploader
|
||||
|
||||
def get_file(name) do
|
||||
{:ok, {:url, Path.join([Pleroma.Config.get!([__MODULE__, :object_url]), name])}}
|
||||
end
|
||||
|
||||
def put_file(upload) do
|
||||
Pleroma.Uploaders.Swift.Client.upload_file(
|
||||
upload.path,
|
||||
File.read!(upload.tmpfile),
|
||||
upload.content_type
|
||||
)
|
||||
end
|
||||
end
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in new issue