diff --git a/README.md b/README.md index 3aa13fe..c5c8f20 100644 --- a/README.md +++ b/README.md @@ -5,7 +5,7 @@ It shall NOT be edited by hand. # Diaspora for YunoHost -[![Integration level](https://dash.yunohost.org/integration/diaspora.svg)](https://dash.yunohost.org/appci/app/diaspora) ![Working status](https://ci-apps.yunohost.org/ci/badges/diaspora.status.svg) ![Maintenance status](https://ci-apps.yunohost.org/ci/badges/diaspora.maintain.svg) +[![Integration level](https://dash.yunohost.org/integration/diaspora.svg)](https://ci-apps.yunohost.org/ci/apps/diaspora/) ![Working status](https://ci-apps.yunohost.org/ci/badges/diaspora.status.svg) ![Maintenance status](https://ci-apps.yunohost.org/ci/badges/diaspora.maintain.svg) [![Install Diaspora with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=diaspora) @@ -18,7 +18,7 @@ It shall NOT be edited by hand. Distributed social networking service -**Shipped version:** 0.7.18.2~ynh3 +**Shipped version:** 0.9.0.0~ynh1 ## Screenshots diff --git a/README_es.md b/README_es.md index 46b51f5..63f0f23 100644 --- a/README_es.md +++ b/README_es.md @@ -5,7 +5,7 @@ No se debe editar a mano. # Diaspora para Yunohost -[![Nivel de integración](https://dash.yunohost.org/integration/diaspora.svg)](https://dash.yunohost.org/appci/app/diaspora) ![Estado funcional](https://ci-apps.yunohost.org/ci/badges/diaspora.status.svg) ![Estado En Mantención](https://ci-apps.yunohost.org/ci/badges/diaspora.maintain.svg) +[![Nivel de integración](https://dash.yunohost.org/integration/diaspora.svg)](https://ci-apps.yunohost.org/ci/apps/diaspora/) ![Estado funcional](https://ci-apps.yunohost.org/ci/badges/diaspora.status.svg) ![Estado En Mantención](https://ci-apps.yunohost.org/ci/badges/diaspora.maintain.svg) [![Instalar Diaspora con Yunhost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=diaspora) @@ -18,7 +18,7 @@ No se debe editar a mano. -**Versión actual:** 0.7.18.2~ynh3 +**Versión actual:** 0.9.0.0~ynh1 ## Capturas diff --git a/README_eu.md b/README_eu.md index a95aa44..ea46448 100644 --- a/README_eu.md +++ b/README_eu.md @@ -5,7 +5,7 @@ EZ editatu eskuz. # Diaspora YunoHost-erako -[![Integrazio maila](https://dash.yunohost.org/integration/diaspora.svg)](https://dash.yunohost.org/appci/app/diaspora) ![Funtzionamendu egoera](https://ci-apps.yunohost.org/ci/badges/diaspora.status.svg) ![Mantentze egoera](https://ci-apps.yunohost.org/ci/badges/diaspora.maintain.svg) +[![Integrazio maila](https://dash.yunohost.org/integration/diaspora.svg)](https://ci-apps.yunohost.org/ci/apps/diaspora/) ![Funtzionamendu egoera](https://ci-apps.yunohost.org/ci/badges/diaspora.status.svg) ![Mantentze egoera](https://ci-apps.yunohost.org/ci/badges/diaspora.maintain.svg) [![Instalatu Diaspora YunoHost-ekin](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=diaspora) @@ -18,7 +18,7 @@ EZ editatu eskuz. -**Paketatutako bertsioa:** 0.7.18.2~ynh3 +**Paketatutako bertsioa:** 0.9.0.0~ynh1 ## Pantaila-argazkiak diff --git a/README_fr.md b/README_fr.md index bb8dad2..f4913ef 100644 --- a/README_fr.md +++ b/README_fr.md @@ -5,7 +5,7 @@ Il NE doit PAS être modifié à la main. # Diaspora pour YunoHost -[![Niveau d’intégration](https://dash.yunohost.org/integration/diaspora.svg)](https://dash.yunohost.org/appci/app/diaspora) ![Statut du fonctionnement](https://ci-apps.yunohost.org/ci/badges/diaspora.status.svg) ![Statut de maintenance](https://ci-apps.yunohost.org/ci/badges/diaspora.maintain.svg) +[![Niveau d’intégration](https://dash.yunohost.org/integration/diaspora.svg)](https://ci-apps.yunohost.org/ci/apps/diaspora/) ![Statut du fonctionnement](https://ci-apps.yunohost.org/ci/badges/diaspora.status.svg) ![Statut de maintenance](https://ci-apps.yunohost.org/ci/badges/diaspora.maintain.svg) [![Installer Diaspora avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=diaspora) @@ -18,7 +18,7 @@ Il NE doit PAS être modifié à la main. Service de réseau social distribué -**Version incluse :** 0.7.18.2~ynh3 +**Version incluse :** 0.9.0.0~ynh1 ## Captures d’écran diff --git a/README_gl.md b/README_gl.md index b73cc66..97a407e 100644 --- a/README_gl.md +++ b/README_gl.md @@ -5,7 +5,7 @@ NON debe editarse manualmente. # Diaspora para YunoHost -[![Nivel de integración](https://dash.yunohost.org/integration/diaspora.svg)](https://dash.yunohost.org/appci/app/diaspora) ![Estado de funcionamento](https://ci-apps.yunohost.org/ci/badges/diaspora.status.svg) ![Estado de mantemento](https://ci-apps.yunohost.org/ci/badges/diaspora.maintain.svg) +[![Nivel de integración](https://dash.yunohost.org/integration/diaspora.svg)](https://ci-apps.yunohost.org/ci/apps/diaspora/) ![Estado de funcionamento](https://ci-apps.yunohost.org/ci/badges/diaspora.status.svg) ![Estado de mantemento](https://ci-apps.yunohost.org/ci/badges/diaspora.maintain.svg) [![Instalar Diaspora con YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=diaspora) @@ -18,7 +18,7 @@ NON debe editarse manualmente. -**Versión proporcionada:** 0.7.18.2~ynh3 +**Versión proporcionada:** 0.9.0.0~ynh1 ## Capturas de pantalla diff --git a/README_zh_Hans.md b/README_zh_Hans.md index 9199583..8c3c0cf 100644 --- a/README_zh_Hans.md +++ b/README_zh_Hans.md @@ -5,7 +5,7 @@ # YunoHost 上的 Diaspora -[![集成程度](https://dash.yunohost.org/integration/diaspora.svg)](https://dash.yunohost.org/appci/app/diaspora) ![工作状态](https://ci-apps.yunohost.org/ci/badges/diaspora.status.svg) ![维护状态](https://ci-apps.yunohost.org/ci/badges/diaspora.maintain.svg) +[![集成程度](https://dash.yunohost.org/integration/diaspora.svg)](https://ci-apps.yunohost.org/ci/apps/diaspora/) ![工作状态](https://ci-apps.yunohost.org/ci/badges/diaspora.status.svg) ![维护状态](https://ci-apps.yunohost.org/ci/badges/diaspora.maintain.svg) [![使用 YunoHost 安装 Diaspora](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=diaspora) @@ -18,7 +18,7 @@ -**分发版本:** 0.7.18.2~ynh3 +**分发版本:** 0.9.0.0~ynh1 ## 截图 diff --git a/conf/diaspora.toml b/conf/diaspora.toml new file mode 100644 index 0000000..1edf511 --- /dev/null +++ b/conf/diaspora.toml @@ -0,0 +1,598 @@ +## Some notes about this file: +## - All comments start with a double # +## - All settings are commented out with a single # +## To change the default settings, you need both to uncomment the lines +## AND, in most cases, to change the value that is given. +## - Take care to keep proper quoting. All " must have a matching " at +## the end of the same line. The same goes for ' +## - The values true, false and numbers should have no quote marks. +## Everything else should. +## +## You can set and/or override all these settings through environment variables +## with the following conversion rules: +## - Strip the top level namespace (configuration, production, etc.) +## - Build the path to the setting, for example environment.s3.enable +## - Replace the dots with underscores: environment_s3_enable +## - Convert to upper case: ENVIRONMENT_S3_ENABLE +## - Specify lists/arrays as comma-separated values +## +## - For example, on Heroku: +## heroku config:set SERVICES_TWITTER_KEY=yourkey SERVICES_TWITTER_SECRET=yoursecret + +## You need to change or at least review the settings in this section +## in order for your pod to work. +[configuration.environment] + +## Set the hostname of the machine you're running Diaspora on, as seen +## from the internet. This should be the URL you want to use to +## access the pod. So if you plan to use a reverse proxy, it should be +## the URL the proxy listens on. DO NOT CHANGE THIS AFTER INITIAL SETUP! +## However changing http to https is okay and has no consequences. +## If you do change the URL, you will have to start again as the URL +## will be hardcoded into the database. +url = "https://__DOMAIN__" + +## Set the bundle of certificate authorities (CA) certificates. +## This is specific to your operating system. +## Examples (uncomment the relevant one or add your own): +## For Debian, Ubuntu, Archlinux, Gentoo (package ca-certificates): +certificate_authorities = "/etc/ssl/certs/ca-certificates.crt" +## For CentOS, Fedora: +# certificate_authorities = "/etc/pki/tls/certs/ca-bundle.crt" + +## URL for a remote Redis (default="localhost"). +## Don't forget to restrict IP access if you uncomment these! +#redis = "redis://example_host" +#redis = "redis://username:password@host:6379/0" +#redis = "unix:///tmp/redis.sock" + +## Require SSL (default=true). +## When set, your pod will force the use of HTTPS in production mode. +## Since OAuth2 requires SSL, Diaspora's future API might not work if +## you're not using SSL. Also there is no guarantee that posting to +## services will be possible if SSL is disabled. +## Do not change this default unless you are sure! +#require_ssl = true + +## Set redirect URL for an external image host (Amazon S3 or other). +## If hosting images for your pod on an external server (even your own), +## add its URL here. All requests made to images under /uploads/images +## will be redirected to https://images.example.org/uploads/images/ +#image_redirect_url = "https://images.example.org" + +## Pubsub server (default="https://pubsubhubbub.appspot.com/""). +## Diaspora is only tested against the default pubsub server. +## You probably don't want to uncomment or change this. +#pubsub_server = "https://pubsubhubbub.appspot.com/" + +## Sidekiq - background processing +[configuration.environment.sidekiq] + +## Number of parallel threads Sidekiq uses (default=5). +## If you touch this, please set the pool setting in your database.yml +## to a value that's at minimum close to this! You can safely increase +## it to 25 and more on a medium-sized pod. This applies per started +## Sidekiq worker, so if you set it to 25 and start two workers, you'll +## process up to 50 jobs in parallel. +#concurrency = 5 + +## Number of times a job is retried (default=10). +## There's an exponential effect to this: if you set this too high you +## might get too many jobs building up in the queue. +## Set it to 0 to disable it completely. +#retry = 10 + +## Lines of backtrace that are stored on failure (default=15). +## Set n to the required value. Set this to false to reduce Redis memory +## usage (and log size) if you're not interested in this data. +#backtrace = 15 + +## Number of jobs to keep in the dead queue (default=5000). +## Jobs get into the dead queue after they failed and exhausted all retries. +## Increasing this setting will increase the memory usage of Redis. +## Once gone from the dead queue, a failed job is permanently lost and +## cannot be retried manually. +#dead_jobs_limit = 1000 + +## Number of seconds a job remains in the dead queue (default=3628800 (six weeks)). +## Jobs get into the dead queue after they failed and exhausted all retries. +## Increasing this setting will increase the memory usage of Redis. +## Once gone from the dead queue, a failed job is permanently lost and +## cannot be retried manually. +#dead_jobs_timeout = 15552000 # 6 months + +## Log file for Sidekiq (default="log/sidekiq.log") +#log = "log/sidekiq.log" + +## Use Amazon S3 instead of your local filesystem +## to handle uploaded pictures (disabled by default). +[configuration.environment.s3] + +#enable = true +#key = "change_me" +#secret = "change_me" +#bucket = "my_photos" +#region = "us-east-1" + +## Use max-age header on Amazon S3 resources (default=true). +## When true, this allows locally cached images to be served for up to +## one year. This can improve load speed and save requests to the image +## host. Set to false to revert to browser defaults (usually less than +## one year). +#cache = true + +[configuration.environment.assets] + +## Serve static assets via the appserver (default=false). +## This is highly discouraged for production use. Let your reverse +## proxy/webserver do it by serving the files under public/ directly. +#serve = false + +## Upload your assets to S3 (default=false). +#upload = false + +## Specify an asset host. Ensure it does not have a trailing slash (/). +#host = "http://cdn.example.org/diaspora" + +## Logger configuration +[configuration.environment.logging] + +## Roll the application log on a daily basis (default=true). +#logrotate.enable = true + +## The number of days to keep (default=7) +#logrotate.days = 7 + +## Enables the debug-logging for SQL (default=false) +## This logs every SQL-statement! +#debug.sql = true + +## Enables the federation-debug-log (default=false) +## This logs all XMLs that are used for the federation +#debug.federation = true + +## Settings affecting how ./script/server behaves. +[configuration.server] + +## Where the appserver should listen to (default="unix://tmp/diaspora.sock") +#listen = "unix://tmp/diaspora.sock" +listen = "unix:///run/__APP__/diaspora.sock" +#listen = "tcp://127.0.0.1:3000" + +## Set the path for the PID file of the web master process (default=tmp/pids/web.pid) +pid = "/run/__APP__/diaspora.pid" + +## Rails environment (default="development"). +## The environment in which the server should be started by default. +## Change this to "production" if you wish to run a production environment. +rails_environment = "production" + +## Write web stderr and stdout log. +stderr_log = "log/web-stderr.log" +stdout_log = "log/web-stdout.log" + +## Number of seconds before a request is aborted (default=90). +## Increase if you get empty responses, or if large image uploads fail. +## Decrease if you're under heavy load and don't care if some +## requests fail. +#web_timeout = 90 + +## Number of Sidekiq worker processes (default=1). +## In most cases it is better to +## increase environment.sidekiq.concurrency instead! +#sidekiq_workers = 1 + +## Displays the location of a post in a map. +## If you enable this setting you use the map tiles of https://www.mapbox.com +## which is reliable. There you have to create an account to get +## an access token which is limited. If you want to get an unlimited account +## you can write an email to team@diasporafoundation.org. +## Please enable mapbox and fill out your access_token. +[configuration.map.mapbox] + +#enabled = false +#access_token = "youraccesstoken" +#style = "mapbox/streets-v11" + +## Settings potentially affecting the privacy of your users. +[configuration.privacy] + +## Include jQuery from jquery.com's CDN (default=false). +## Enabling this can reduce traffic and speed up load time since most +## clients already have this one cached. When set to false (the default), +## the jQuery library will be loaded from your pod's own resources. +#jquery_cdn = false + +## Google Analytics (disabled by default). +## Provide a key to enable tracking by Google Analytics. +#google_analytics_key = "yourkey" + +## Piwik Tracking (disabled by default). +## Provide a site ID and the host piwik is running on to enable +## tracking through Piwik. +#piwik.enable = true +#piwik.host = "stats.example.org" +#piwik.site_id = 1 + +## Statistics +## Your pod will report its name, software version and whether +## or not registrations are open via /statistics and NodeInfo. +## Uncomment the options below to enable more statistics. +[configuration.privacy.statistics] + +## Local user total and 6 month active counts. +#user_counts = true + +## Local post total count. +#post_counts = true +#comment_counts = true + +## Use Camo to proxy embedded remote images. +## Do not enable this setting unless you have a working Camo setup. Using +## camo to proxy embedded images will improve the privacy and security of +## your pod's frontend, but it will increase the traffic on your server. +## Check out https://wiki.diasporafoundation.org/Installation/Camo for +## more details and installation instructions. +[configuration.privacy.camo] + +## Proxy images embedded via markdown (default=false). +## Embedded images are quite often from non-SSL sites and may cause a +## partial content warning, so this is recommended. +#proxy_markdown_images = true + +## Proxy Open Graph thumbnails (default=false). +## Open Graph thumbnails may or may not be encrypted and loaded from +## servers outside the network. Recommended. +#proxy_opengraph_thumbnails = true + +## Proxy remote pod's images (default=false). +## Profile pictures and photos from other pods usually are encrypted, +## so enabling this is only useful if you want to avoid HTTP requests to +## third-party servers. This will create a lot of traffic on your camo +## instance. You have been warned. +#proxy_remote_pod_images = true + +## Root of your Camo installation +#root = "https://example.com/camo/" + +## Shared key of your Camo installation +#key = "example123example456example!" + +## General settings +[configuration.settings] + +## Pod name (default="diaspora*") +## The pod name displayed in various locations, including the header. +#pod_name = "diaspora*" + +## Allow registrations (default=true) +## Set this to false to prevent people from signing up to your pod +## without an invitation. Note that this needs to be set to true +## (or commented out) to enable the first registration (you). +enable_registrations = false + +## Show local posts stream (default="disabled") +## If any other setting than disabled local public posts +## created on this pod can be shown. +## Setting this to admins shows the local posts stream only to users with the admin role. +## Setting this to moderators shows the local posts stream only to users with the moderator or admin role. +## Setting this to everyone shows the local posts stream to all users. +# enable_local_posts_stream= "disabled"|"admins"|"moderators"|"everyone" + +## Auto-follow on sign-up (default=true) +## Users will automatically follow a specified account on creation. +## Set this to false if you don't want your users to automatically +## follow an account upon creation. +#autofollow_on_join = true + +## Auto-follow account (default="hq@pod.diaspora.software") +## The diaspora* HQ account keeps users up to date with news about Diaspora. +## If you set another auto-follow account (for example your podmin account), +## please consider resharing diaspora* HQ's posts for your pod's users! +#autofollow_on_join_user = "hq@pod.diaspora.software" + +## Liberapay.com is a free platform which allow donations like patreon +## Set your username to include your Liberapay button +#liberapay_username = "change_me" + +## Bitcoin donations +## You can provide a bitcoin address here to allow your users to provide +## donations towards the running of their pod. +#bitcoin_address = "change_me" + +## Source code URL +## URL to the source code your pod is currently running. +## If not set your pod will provide a downloadable archive. +source_url = "https://github.com/diaspora/diaspora" + +## Changelog URL +## URL to the changelog of the diaspora-version your pod is currently running. +## If not set an auto-generated url to github is used. +#changelog_url = "https://github.com/diaspora/diaspora/blob/master/Changelog.md" + +## Default color theme +## You can change which color theme is displayed when a user is not signed in +## or has not selected any color theme from the available ones. You simply have +## to enter the name of the theme's folder in "app/assets/stylesheets/color_themes/". +## ("original" for the theme in "app/assets/stylesheets/color_themes/original/", for +## example). +#default_color_theme = "original" + +## CURL debug (default=false) +## Turn on extra verbose output when sending stuff. Note: you +## don't need to touch this unless explicitly told to. +#typhoeus_verbose = false + +## Maximum number of parallel HTTP requests made to other pods (default=20) +## Be careful, raising this setting will heavily increase the memory usage +## of your Sidekiq workers. +#typhoeus_concurrency = 20 + +## Maximum number of parallel user data import/export jobs (default=1) +## Be careful, imports and exports of big/old profiles can use a lot of memory, +## running many of them in parallel can be a problem for small servers. +#archive_jobs_concurrency = 1 + +## Welcome Message settings +[configuration.settings.welcome_message] + +## Welcome Message on registration (default=false) +## Send a message to new users after registration +## to tell them about your pod and how things +## are handled on it. +#enabled = false + +## Welcome Message subject (default="Welcome Message") +## The subject of the conversation that is started +## by your welcome message. +#subject = "Welcome Message" + +## Welcome Message text (default="Hello %{username}, welcome to diaspora*.") +## The content of your welcome message. +## The placeholder "%{username}" will be replaced by the username +## of the new user. +#text = "Hello %{username}, welcome to diaspora*." + +## Invitation settings +[configuration.settings.invitations] + +## Enable invitations (default=true) +## Set this to false if you don't want users to be able to send invites. +#open = true + +## Number of invitations per invite link (default=25) +## Every user will see such a link if you have enabled +## invitations on your pod. +#count = 25 + +## Paypal donations (disabled by default) +## You can set details for a Paypal button here to allow donations +## towards running the pod. +## First, enable the function, then set the currency in which you +## wish to receive donations, and **either** a hosted button id +## **or** an encrypted key for an unhosted button. +[configuration.settings.paypal_donations] +#enable = false + +## Currency used (USD, EUR...) +#currency = "USD" + +## Hosted Paypal button ID +#paypal_hosted_button_id = "change_me" + +## OR encrypted key of unhosted button +#paypal_unhosted_button_encrypted = "-----BEGIN PKCS7-----" + +## Community spotlight (disabled by default) +## The community spotlight shows new users public posts from people you +## think are interesting in Diaspora's community. To add an account +## to the community spotlight add the "spotlight" role to it. +[configuration.settings.community_spotlight] +#enable = true + +## E-mail address to which users can make suggestions about who +## should be in the community spotlight (optional). +#suggest_email = "admin@example.org" + +## Captcha settings +[configuration.settings.captcha] + +## Enable captcha (default=true) +## Set this to false if you don't want to use captcha for signup process. +#enable = true + +## Captcha image size (default="120x20") +#image_size = "120x20" + +## Length of captcha text (default=5)(max=12) +#captcha_length = 5 + +## Captcha image style (default="simply_green") +## Available options for captcha image styles are: "simply_blue", +## "simply_red" "simply_green", "charcoal_grey", "embossed_silver", +## "all_black", "distorted_black", "almost_invisible", "random". +#image_style = "simply_green" + +## Captcha image distortion (default="low") +## Sets the level of image distortion used in the captcha. +## Available options are: "low", "medium", "high", "random". +#distortion = "low" + +## Terms of Service +## Show a default or customized terms of service for users. +## You can create a custom Terms of Service by placing a template +## as app/views/terms/terms.haml or app/views/terms/terms.erb +## The default terms of service that can be extended is +## at app/views/terms/default.haml +## NOTE! The default terms have not been checked over by a lawyer and +## thus are unlikely to provide full legal protection for all situations +## for a podmin using them. They are also not specific to all countries +## and jurisdictions. If you are unsure, please check with a lawyer. +## We provide these for podmins as some basic rules that podmins +## can communicate to users easily via the diaspora* server software. +## Uncomment to enable this feature. +[configuration.settings.terms] + +## First enable it by uncommenting below. +#enable = true + +## Important! If you enable the terms, you should always +## set a location under which laws any disputes are governed +## under. For example, country or state/country, depending +## on the country in question. +## If this is not set, the whole paragraph about governing +## laws *is not shown* in the terms page. +#jurisdiction = "" + +## Age limit for signups. +## Set a number to activate this setting. This age limit is shown +## in the default ToS document. +#minimum_age = false + +## Maintenance +## Various pod maintenance related settings are controlled from here. +[configuration.settings.maintenance] + +## Removing old inactive users can be done automatically by background +## processing. The amount of inactivity is set by `after_days`. A warning +## email will be sent to the user and after an additional `warn_days`, the +## account will be automatically closed. +## This maintenance is not enabled by default. +#remove_old_users.enable = true +#remove_old_users.after_days = 730 +#remove_old_users.warn_days = 30 +#remove_old_users.limit_removals_to_per_day = 100 ## Limit queuing for removal per day. + + + +## Default meta tags +## You can change here the default meta tags content included on the pages of your pod. +## Title will be used for the opengraph og:site_name property while description will be used +## for description and og:description. +[configuration.settings.default_metas] +#title = "diaspora* social network" +#description = "diaspora* is the online social world where you are in control." + +## CSP (Content Security Policy) header +## CSP allows limiting origins from where resources are allowed to be loaded. This +## improves security, since it helps to detect and mitigate cross-site scripting +## and data injection attacks. The default policy of diaspora* allows all third +## party domains from services that are included in diaspora*, like OEmbed +## scripts, so you can safely activate it by setting `report_only` to false. If +## you customized diaspora* (edited templates or added own JS), additional work +## may be required. You can test the policy with the `report_uri`. Our default CSP +## does not work with Google analytics or Piwik, because they inject JS code that +## is blocked by CSP. +[configuration.settings.csp] + +## Report-Only header (default=false) +## By default diaspora* adds a "Content-Security-Policy" header. If you set +## this to true, the "Content-Security-Policy-Report-Only" header is added instead. +#report_only = true + +## CSP report URI +## You can set an URI here, where the user agent reports violations as JSON document via a POST request. +#report_uri = "/csp_violation_reports" + +## Posting from Diaspora to external services (all are disabled by default). +[configuration.services] + +## OAuth credentials for Twitter +#twitter.enable = true +#twitter.key = "change_me" +#twitter.secret = "change_me" + +## OAuth credentials for Tumblr +#tumblr.enable = true +#tumblr.key = "change_me" +#tumblr.secret = "change_me" + +## OAuth credentials for Wordpress +#wordpress.enable = true +#wordpress.client_id = "change_me" +#wordpress.secret = "change_me" + +## Allow your pod to send emails for notifications, password recovery +## and other purposes (disabled by default). +[configuration.mail] + +## First you need to enable it. +enable = true + +## Sender address used in mail sent by Diaspora. +sender_address = "no-reply@__DOMAIN__" + +## This selects which mailer should be used. Use "smtp" for a smtp +## connection or "sendmail" to use the sendmail binary. +method = "smtp" + +## Ignored if method isn't "smtp". +[configuration.mail.smtp] + +## Host and port of the smtp server handling outgoing mail. +## This should match the common name of the certificate sent by +## the SMTP server, if it sends one. (default port=587) +host = "localhost" +port = 25 + +## Authentication required to send mail (default="plain"). +## Use one of "plain", "login" or "cram_md5". Use "none" +## if server does not support authentication. +authentication = "plain" + +## Credentials to log in to the SMTP server. +## May be necessary if authentication is not "none". +username = "__APP__" +password = "__MAIL_PWD__" + +## Automatically enable TLS (default=true). +## Leave this commented out if authentication is set to "none". +#starttls_auto = true + +## The domain for the HELO command, if needed. +domain = "__DOMAIN__" + +## OpenSSL verify mode used when connecting to a SMTP server with TLS (default="peer"). +## Set this to "none" if and only if you have a self-signed certificate. +## Possible values: "none", "peer". +openssl_verify_mode = "none" + +## Ignored if method isn't "sendmail". +[configuration.mail.sendmail] + +## The path to the sendmail binary (default="/usr/sbin/sendmail") +#location = "/usr/sbin/sendmail" + +## Use exim and sendmail (default=false) +#exim_fix = false + +## Administrator settings +[configuration.admins] + +## Set the admin account. +## This doesn't make the user an admin but is used when a generic +## admin contact is needed, much like the postmaster role in mail +## systems. Set only the username, NOT the full ID. +account = "__ADMIN__" + +## E-mail address via which the administrator can be contacted. +podmin_email = "__ADMIN_MAIL__" + +## Advanced - ignore unless you know better + +## You can override settings defined above if you need +## them to be different in different environments. "configuration" +## in the namespaces above refers to all environments, replace it with a +## specific environment here. + +[production] +#environment.redis = "redis://production.example.org:6379" + +[production.mail.sendmail] +#location = "/usr/local/bin/sendmail" + +[development] +#environment.redis = "redis://dev.example.org:6379" + +[development.mail.sendmail] +#location = "/opt/bin/sendmail" diff --git a/conf/diaspora.yml b/conf/diaspora.yml deleted file mode 100644 index a3caa92..0000000 --- a/conf/diaspora.yml +++ /dev/null @@ -1,657 +0,0 @@ -## Some notes about this file: -## - All comments start with a double # -## - All settings are commented out with a single # -## To change the default settings, you need both to uncomment the lines -## AND, in most cases, to change the value that is given. -## - Take care to keep proper indentation, that is by simply deleting -## the original #, with no additional space before the setting's name. -## - Take care to keep proper quoting. All ' must have a matching ' at -## the end of the same line. The same goes for " -## - Lines containing "## Section" are section headings. Do not edit them! -## - Lists need the space after the - -## - The values true, false and numbers should have no quote marks. -## Single words don't need quote marks, but it doesn't do any harm to have them. -## -## You can set and/or override all these settings through environment variables -## with the following conversion rules: -## - Strip the top level namespace (configuration, production, etc.) -## - Build the path to the setting, for example environment.s3.enable -## - Replace the dots with underscores: environment_s3_enable -## - Convert to upper case: ENVIRONMENT_S3_ENABLE -## - Specify lists/arrays as comma-separated values -## -## - For example, on Heroku: -## heroku config:set SERVICES_TWITTER_KEY=yourkey SERVICES_TWITTER_SECRET=yoursecret - -configuration: ## Section - - ## You need to change or at least review the settings in this section - ## in order for your pod to work. - environment: ## Section - - ## Set the hostname of the machine you're running Diaspora on, as seen - ## from the internet. This should be the URL you want to use to - ## access the pod. So if you plan to use a reverse proxy, it should be - ## the URL the proxy listens on. DO NOT CHANGE THIS AFTER INITIAL SETUP! - ## However changing http to https is okay and has no consequences. - ## If you do change the URL, you will have to start again as the URL - ## will be hardcoded into the database. - url: "https://__DOMAIN__" - - ## Set the bundle of certificate authorities (CA) certificates. - ## This is specific to your operating system. - ## Examples (uncomment the relevant one or add your own): - ## For Debian, Ubuntu, Archlinux, Gentoo (package ca-certificates): - certificate_authorities: '/etc/ssl/certs/ca-certificates.crt' - ## For CentOS, Fedora: - #certificate_authorities: '/etc/pki/tls/certs/ca-bundle.crt' - - ## URL for a remote Redis (default=localhost). - ## Don't forget to restrict IP access if you uncomment these! - #redis: 'redis://example_host' - #redis: 'redis://username:password@host:6379/0' - #redis: 'unix:///tmp/redis.sock' - - ## Require SSL (default=true). - ## When set, your pod will force the use of HTTPS in production mode. - ## Since OAuth2 requires SSL, Diaspora's future API might not work if - ## you're not using SSL. Also there is no guarantee that posting to - ## services will be possible if SSL is disabled. - ## Do not change this default unless you are sure! - #require_ssl: true - - ## Single-process mode (default=false). - ## If set to true, Diaspora will work with just the appserver (Unicorn by - ## default) running. However, this makes it quite slow as intensive jobs - ## must be run all the time inside the request cycle. We strongly - ## recommended you leave this disabled for production setups. - ## Set to true to enable. - #single_process_mode: false - - ## Sidekiq - background processing - sidekiq: ## Section - - ## Number of parallel threads Sidekiq uses (default=5). - ## If you touch this, please set the pool setting in your database.yml - ## to a value that's at minimum close to this! You can safely increase - ## it to 25 and more on a medium-sized pod. This applies per started - ## Sidekiq worker, so if you set it to 25 and start two workers, you'll - ## process up to 50 jobs in parallel. - #concurrency: 5 - - ## Number of times a job is retried (default=10). - ## There's an exponential effect to this: if you set this too high you - ## might get too many jobs building up in the queue. - ## Set it to 0 to disable it completely. - #retry: 10 - - ## Lines of backtrace that are stored on failure (default=15). - ## Set n to the required value. Set this to false to reduce Redis memory - ## usage (and log size) if you're not interested in this data. - #backtrace: 15 - - ## Number of jobs to keep in the dead queue (default=5000). - ## Jobs get into the dead queue after they failed and exhausted all retries. - ## Increasing this setting will increase the memory usage of Redis. - ## Once gone from the dead queue, a failed job is permanently lost and - ## cannot be retried manually. - # dead_jobs_limit: 1000 - - ## Number of seconds a job remains in the dead queue (default=3628800 (six weeks)). - ## Jobs get into the dead queue after they failed and exhausted all retries. - ## Increasing this setting will increase the memory usage of Redis. - ## Once gone from the dead queue, a failed job is permanently lost and - ## cannot be retried manually. - # dead_jobs_timeout: 15552000 # 6 months - - ## Log file for Sidekiq (default="log/sidekiq.log") - #log: "log/sidekiq.log" - - ## Use Amazon S3 instead of your local filesystem - ## to handle uploaded pictures (disabled by default). - s3: ## Section - - #enable: true - #key: 'change_me' - #secret: 'change_me' - #bucket: 'my_photos' - #region: 'us-east-1' - - ## Use max-age header on Amazon S3 resources (default=true). - ## When true, this allows locally cached images to be served for up to - ## one year. This can improve load speed and save requests to the image - ## host. Set to false to revert to browser defaults (usually less than - ## one year). - #cache : true - - ## Set redirect URL for an external image host (Amazon S3 or other). - ## If hosting images for your pod on an external server (even your own), - ## add its URL here. All requests made to images under /uploads/images - ## will be redirected to https://yourhost.tld/uploads/images/ - #image_redirect_url: 'https://images.example.org' - - assets: ## Section - - ## Serve static assets via the appserver (default=false). - ## This is highly discouraged for production use. Let your reverse - ## proxy/webserver do it by serving the files under public/ directly. - #serve: false - - ## Upload your assets to S3 (default=false). - #upload: false - - ## Specify an asset host. Ensure it does not have a trailing slash (/). - #host: http://cdn.example.org/diaspora - - ## Pubsub server (default='https://pubsubhubbub.appspot.com/'). - ## Diaspora is only tested against the default pubsub server. - ## You probably don't want to uncomment or change this. - #pubsub_server: 'https://pubsubhubbub.appspot.com/' - - ## Logger configuration - logging: ## Section - - logrotate: ## Section - - ## Roll the application log on a daily basis (default=true). - #enable: true - - ## The number of days to keep (default=7) - #days: 7 - - ## Debug logging - debug: ## Section - - ## Enables the debug-logging for SQL (default=false) - ## This logs every SQL-statement! - #sql: true - - ## Enables the federation-debug-log (default=false) - ## This logs all XMLs that are used for the federation - #federation: true - - ## Settings affecting how ./script/server behaves. - server: ## Section - ## Where the appserver should listen to (default=unix:tmp/diaspora.sock) - #listen: 'unix:tmp/diaspora.sock' - #listen: 'unix:/run/diaspora/diaspora.sock' - #listen: '127.0.0.1:3000' - listen: unix:/run/__APP__/diaspora.sock - - ## Set the path for the PID file of the unicorn master process (default=tmp/pids/web.pid) - pid: '/run/__APP__/diaspora.pid' - - ## Rails environment (default='development'). - ## The environment in which the server should be started by default. - ## Change this to 'production' if you wish to run a production environment. - rails_environment: 'production' - - ## Write unicorn stderr and stdout log. - stderr_log: 'log/unicorn-stderr.log' - stdout_log: 'log/unicorn-stdout.log' - - ## Number of Unicorn worker processes (default=2). - ## Increase this if you have many users. - #unicorn_worker: 2 - - ## Number of seconds before a request is aborted (default=90). - ## Increase if you get empty responses, or if large image uploads fail. - ## Decrease if you're under heavy load and don't care if some - ## requests fail. - #unicorn_timeout: 90 - - ## Embed a Sidekiq worker inside the unicorn process (default=false). - ## Useful for minimal Heroku setups. - #embed_sidekiq_worker: false - - ## Number of Sidekiq worker processes (default=1). - ## In most cases it is better to - ## increase environment.sidekiq.concurrency instead! - #sidekiq_workers: 1 - - ## Displays the location of a post in a map. Per default we are using the map - ## tiles of the Heidelberg University (http://giscience.uni-hd.de). - ## You also have the possibility to use the map tiles of https://www.mapbox.com - ## which is probably more reliable. There you have to create an account to get - ## an access token which is limited. If you want to get an unlimited account - ## you can write an email to team@diasporafoundation.org. - ## Please enable mapbox and fill out your access_token. - map: ##Section - - mapbox: - #enabled: false - #access_token: "youraccesstoken" - #style: "mapbox/streets-v9" - - ## Settings potentially affecting the privacy of your users. - privacy: ## Section - - ## Include jQuery from jquery.com's CDN (default=false). - ## Enabling this can reduce traffic and speed up load time since most - ## clients already have this one cached. When set to false (the default), - ## the jQuery library will be loaded from your pod's own resources. - #jquery_cdn: false - - ## Google Analytics (disabled by default). - ## Provide a key to enable tracking by Google Analytics. - #google_analytics_key: - - ## Piwik Tracking (disabled by default). - ## Provide a site ID and the host piwik is running on to enable - ## tracking through Piwik. - # TODO ? Check implications... - piwik: ## Section - - #enable: true - #host: 'stats.example.org' - #site_id: 1 - - ## Statistics - ## Your pod will report its name, software version and whether - ## or not registrations are open via /statistics and NodeInfo. - ## Uncomment the options below to enable more statistics. - statistics: ## Section - - ## Local user total and 6 month active counts. - #user_counts: true - - ## Local post total count. - #post_counts: true - #comment_counts: true - - ## Use Camo to proxy embedded remote images. - ## Do not enable this setting unless you have a working Camo setup. Using - ## camo to proxy embedded images will improve the privacy and security of - ## your pod's frontend, but it will increase the traffic on your server. - ## Check out https://wiki.diasporafoundation.org/Installation/Camo for - ## more details and installation instructions. - camo: ## Section - - ## Proxy images embedded via markdown (default=false). - ## Embedded images are quite often from non-SSL sites and may cause a - ## partial content warning, so this is recommended. - #proxy_markdown_images: true - - ## Proxy Open Graph thumbnails (default=false). - ## Open Graph thumbnails may or may not be encrypted and loaded from - ## servers outside the network. Recommended. - #proxy_opengraph_thumbnails: true - - ## Proxy remote pod's images (default=false). - ## Profile pictures and photos from other pods usually are encrypted, - ## so enabling this is only useful if you want to avoid HTTP requests to - ## third-party servers. This will create a lot of traffic on your camo - ## instance. You have been warned. - #proxy_remote_pod_images: true - - ## Root of your Camo installation - #root: "https://example.com/camo/" - - ## Shared key of your Camo installation - #key: "example123example456example!" - - ## General settings - settings: ## Section - - ## Pod name (default="diaspora*") - ## The pod name displayed in various locations, including the header. - #pod_name: "diaspora*" - - ## Allow registrations (default=true) - ## Set this to false to prevent people from signing up to your pod - ## without an invitation. Note that this needs to be set to true - ## (or commented out) to enable the first registration (you). - # TODO ynh settings - enable_registrations: false - - ## Auto-follow on sign-up (default=true) - ## Users will automatically follow a specified account on creation. - ## Set this to false if you don't want your users to automatically - ## follow an account upon creation. - #autofollow_on_join: true - - ## Auto-follow account (default='hq@pod.diaspora.software') - ## The diaspora* HQ account keeps users up to date with news about Diaspora. - ## If you set another auto-follow account (for example your podmin account), - ## please consider resharing diaspora* HQ's posts for your pod's users! - #autofollow_on_join_user: 'hq@pod.diaspora.software' - - ## Welcome Message settings - welcome_message: ##Section - - ## Welcome Message on registration (default=false) - ## Send a message to new users after registration - ## to tell them about your pod and how things - ## are handled on it. - #enabled: false - - ## Welcome Message subject (default='Welcome Message') - ## The subject of the conversation that is started - ## by your welcome message. - #subject: "Welcome Message" - - ## Welcome Message text (default='Hello %{username}, welcome to diaspora.') - ## The content of your welcome message. - ## The placeholder "%{username}" will be replaced by the username - ## of the new user. - #text: "Hello %{username}, welcome to diaspora." - - ## Invitation settings - invitations: ## Section - - ## Enable invitations (default=true) - ## Set this to false if you don't want users to be able to send invites. - #open: true - - ## Number of invitations per invite link (default=25) - ## Every user will see such a link if you have enabled - ## invitations on your pod. - #count: 25 - - ## Paypal donations (disabled by default) - ## You can set details for a Paypal button here to allow donations - ## towards running the pod. - ## First, enable the function, then set the currency in which you - ## wish to receive donations, and **either** a hosted button id - ## **or** an encrypted key for an unhosted button. - paypal_donations: ## Section - #enable: false - - ## Currency used (USD, EUR...) - #currency: USD - - ## hosted Paypal button id - #paypal_hosted_button_id: "change_me" - ## OR encrypted key of unhosted button - #paypal_unhosted_button_encrypted: "-----BEGIN PKCS7-----" - - ## Liberapay.com is a free platform which allow donations like patreon - ## Set your username to include your liberapay button - # liberapay_username: "change_me" - - ## Bitcoin donations - ## You can provide a bitcoin address here to allow your users to provide - ## donations towards the running of their pod. - #bitcoin_address: "change_me" - - ## Community spotlight (disabled by default) - ## The community spotlight shows new users public posts from people you - ## think are interesting in Diaspora's community. To add an account - ## to the community spotlight add the 'spotlight' role to it. - community_spotlight: ## Section - - #enable: true - - ## E-mail address to which users can make suggestions about who - ## should be in the community spotlight (optional). - #suggest_email: 'admin@example.org' - - ## CURL debug (default=false) - ## Turn on extra verbose output when sending stuff. Note: you - ## don't need to touch this unless explicitly told to. - #typhoeus_verbose: false - - ## Maximum number of parallel HTTP requests made to other pods (default=20) - ## Be careful, raising this setting will heavily increase the memory usage - ## of your Sidekiq workers. - #typhoeus_concurrency: 20 - - ## Maximum number of parallel user data export jobs (default=1) - ## Be careful, exports of big/old profiles can use a lot of memory, running - ## many of them in parallel can be a problem for small servers. - #export_concurrency: 1 - - ## Captcha settings - captcha: ## Section - - ## Enable captcha (default=true) - ## Set this to false if you don't want to use captcha for signup process. - #enable: true - - ## Captcha image size (default='120x20') - #image_size: '120x20' - - ## Length of captcha text (default=5)(max=12) - #captcha_length: 5 - - ## Captcha image style (default='simply_green') - ## Available options for captcha image styles are: 'simply_blue', - ## 'simply_red' 'simply_green', 'charcoal_grey', 'embossed_silver', - ## 'all_black', 'distorted_black', 'almost_invisible', 'random'. - #image_style: 'simply_green' - - ## Captcha image distortion (default='low') - ## Sets the level of image distortion used in the captcha. - ## Available options are: 'low', 'medium', 'high', 'random'. - #distortion: 'low' - - ## Terms of Service - ## Show a default or customized terms of service for users. - ## You can create a custom Terms of Service by placing a template - ## as app/views/terms/terms.haml or app/views/terms/terms.erb - ## The default terms of service that can be extended is - ## at app/views/terms/default.haml - ## NOTE! The default terms have not been checked over by a lawyer and - ## thus are unlikely to provide full legal protection for all situations - ## for a podmin using them. They are also not specific to all countries - ## and jurisdictions. If you are unsure, please check with a lawyer. - ## We provide these for podmins as some basic rules that podmins - ## can communicate to users easily via the diaspora* server software. - ## Uncomment to enable this feature. - terms: ## Section - - ## First enable it by uncommenting below. - #enable: true - - ## Important! If you enable the terms, you should always - ## set a location under which laws any disputes are governed - ## under. For example, country or state/country, depending - ## on the country in question. - ## If this is not set, the whole paragraph about governing - ## laws *is not shown* in the terms page. - #jurisdiction: "" - - ## Age limit for signups. - ## Set a number to activate this setting. This age limit is shown - ## in the default ToS document. - #minimum_age: false - - ## Maintenance - ## Various pod maintenance related settings are controlled from here. - maintenance: ## Section - - ## Removing old inactive users can be done automatically by background - ## processing. The amount of inactivity is set by `after_days`. A warning - ## email will be sent to the user and after an additional `warn_days`, the - ## account will be automatically closed. - ## This maintenance is not enabled by default. - remove_old_users: ## Section - - #enable: true - #after_days: 730 - #warn_days: 30 - - ## Limit queuing for removal per day. - #limit_removals_to_per_day: 100 - - ## Source code URL - ## URL to the source code your pod is currently running. - ## If not set your pod will provide a downloadable archive. - source_url: 'https://github.com/diaspora/diaspora' - - ## Changelog URL - ## URL to the changelog of the diaspora-version your pod is currently running. - ## If not set an auto-generated url to github is used. - #changelog_url: "https://github.com/diaspora/diaspora/blob/master/Changelog.md" - - ## Default color theme - ## You can change which color theme is displayed when a user is not signed in - ## or has not selected any color theme from the available ones. You simply have - ## to enter the name of the theme's folder in "app/assets/stylesheets/color_themes/". - ## ("original" for the theme in "app/assets/stylesheets/color_themes/original/", for - ## example). - #default_color_theme: "original" - - ## Default meta tags - ## You can change here the default meta tags content included on the pages of your pod. - ## Title will be used for the opengraph og:site_name property while description will be used - ## for description and og:description. - default_metas: - #title: 'diaspora* social network' - #description: 'diaspora* is the online social world where you are in control.' - - ## CSP (Content Security Policy) header - ## CSP allows limiting origins from where resources are allowed to be loaded. This - ## improves security, since it helps to detect and mitigate cross-site scripting - ## and data injection attacks. The default policy of diaspora* allows all third - ## party domains from services that are included in diaspora*, like OEmbed - ## scripts, so you can safely activate it by setting `report_only` to false. If - ## you customized diaspora* (edited templates or added own JS), additional work - ## may be required. You can test the policy with the `report_uri`. Our default CSP - ## does not work with Google analytics or Piwik, because they inject JS code that - ## is blocked by CSP. - csp: - - ## Report-Only header (default=false) - ## By default diaspora* adds a "Content-Security-Policy" header. If you set - ## this to true, the "Content-Security-Policy-Report-Only" header is added instead. - #report_only: true - - ## CSP report URI (default=) - ## You can set an URI here, where the user agent reports violations as JSON document via a POST request. - #report_uri: "/csp_violation_reports" - - ## Posting from Diaspora to external services (all are disabled by default). - services: ## Section - - ## OAuth credentials for Twitter - twitter: ## Section - - #enable: true - #key: 'abcdef' - #secret: 'change_me' - - ## OAuth credentials for Tumblr - tumblr: ## Section - - #enable: true - #key: 'abcdef' - #secret: 'change_me' - - ## OAuth credentials for Wordpress - wordpress: ## Section - - #enable: true - #client_id: 'abcdef' - #secret: 'change_me' - - ## Allow your pod to send emails for notifications, password recovery - ## and other purposes (disabled by default). - mail: ## Section - - ## First you need to enable it. - enable: true - - ## Sender address used in mail sent by Diaspora. - sender_address: 'no-reply@__DOMAIN__' - - ## This selects which mailer should be used. Use 'smtp' for a smtp - ## connection or 'sendmail' to use the sendmail binary. - method: 'smtp' - - ## Ignore if method isn't 'smtp'. - smtp: ## Section - - ## Host and port of the smtp server handling outgoing mail. - ## This should match the common name of the certificate sent by - ## the SMTP server, if it sends one. (default port=587) - # we use localhost because I don't know an easy way to determine the main domain of an ynh instance - # it forces us to disable certificate verification below though... - host: 'localhost' - port: 25 - - ## Authentication required to send mail (default='plain'). - ## Use one of 'plain', 'login' or 'cram_md5'. Use 'none' - ## if server does not support authentication. - authentication: 'plain' - - ## Credentials to log in to the SMTP server. - ## May be necessary if authentication is not 'none'. - username: '__APP__' - password: '__MAIL_PWD__' - - ## Automatically enable TLS (default=true). - ## Leave this commented out if authentication is set to 'none'. - #starttls_auto: true - - ## The domain for the HELO command, if needed. - domain: '__DOMAIN__' - - ## OpenSSL verify mode used when connecting to a SMTP server with TLS. - ## Set this to 'none' if you have a self-signed certificate. Possible - ## values: 'none', 'peer'. - # We use localhost because I don't - openssl_verify_mode: 'none' - - ## Ignore if method isn't 'sendmail' - # sendmail: ## Section - - ## The path to the sendmail binary (default='/usr/sbin/sendmail') - # location: '/usr/sbin/sendmail' - - ## Use exim and sendmail (default=false) - #exim_fix: false - - ## Administrator settings - admins: ## Section - - ## Set the admin account. - ## This doesn't make the user an admin but is used when a generic - ## admin contact is needed, much like the postmaster role in mail - ## systems. Set only the username, NOT the full ID. - account: "__ADMIN__" - - ## E-mail address to contact the administrator. - podmin_email: '__ADMIN_MAIL__' - - ## Settings related to relays - relay: ## Section - - ## Relays are applications that exist to push public posts around to - ## pods which want to subscribe to them but would not otherwise - ## receive them due to not having direct contact with the remote pods. - ## - ## See more regarding relays: https://wiki.diasporafoundation.org/Relay_servers_for_public_posts - - outbound: ## Section - ## Enable this setting to send out public posts from this pod to a relay - send: true - ## Change default remote relay url used for sending out here - #url: 'https://relay.iliketoast.net/receive/public' - - inbound: ## Section - ## Enable this to receive public posts from relays - subscribe: true - - ## Scope is either 'all' or 'tags' (default). - ## - 'all', means this pod wants to receive all public posts from a relay - ## - 'tags', means this pod wants only posts tagged with certain tags - #scope: tags - - ## If scope is 'tags', should we include tags that users on this pod follow? - ## These are added in addition to 'pod_tags', if set. - include_user_tags: true - - ## If scope is 'tags', a comma separated list of tags here can be set. - ## For example "linux,diaspora", to receive posts related to these tags - #pod_tags: - -## Here you can override settings defined above if you need -## to have them different in different environments. -production: ## Section - environment: ## Section - #redis: 'redis://production.example.org:6379' - -development: ## Section - environment: ## Section - #redis: 'redis://production.example.org:6379' diff --git a/conf/diaspora_web.service b/conf/diaspora_web.service index e7fdd4b..9088676 100644 --- a/conf/diaspora_web.service +++ b/conf/diaspora_web.service @@ -1,5 +1,5 @@ [Unit] -Description=Diaspora social network (unicorn - instance __APP__) +Description=Diaspora social network (puma - instance __APP__) PartOf=__APP__.target [Service] @@ -10,8 +10,9 @@ Environment="__LD_PRELOAD__" Environment="RAILS_ENV=production" Environment="__YNH_RUBY_LOAD_PATH__" PIDFile=/run/__APP__/diaspora.pid -ExecStart=__INSTALL_DIR__/live/bin/bundle exec unicorn -c config/unicorn.rb -E production -ExecReload=/bin/kill -USR2 $MAINPID +ExecStart=__INSTALL_DIR__/live/bin/bundle exec puma -C config/puma.rb +ExecReload=__INSTALL_DIR__/live/bin/pumactl -F config/puma.rb restart +ExecStop=__INSTALL_DIR__/live/bin/pumactl -F config/puma.rb stop Restart=always # Sandboxing options to harden security diff --git a/manifest.toml b/manifest.toml index 486e40b..81319db 100644 --- a/manifest.toml +++ b/manifest.toml @@ -7,7 +7,7 @@ name = "Diaspora" description.en = "Distributed social networking service" description.fr = "Service de réseau social distribué" -version = "0.7.18.2~ynh3" +version = "0.9.0.0~ynh1" maintainers = ["autra"] @@ -47,8 +47,8 @@ ram.runtime = "2000M" [resources] [resources.sources.main] - url = "https://github.com/diaspora/diaspora/archive/refs/tags/v0.7.18.2.tar.gz" - sha256 = "0b5828aa45af2361bfda4cd0f1e97070c322d90f1d16416bae2cba2418af9930" + url = "https://github.com/diaspora/diaspora/archive/refs/tags/v0.9.0.0.tar.gz" + sha256 = "11c79d8cc86412f0a94de62f5a8cc115428d978333c6129c96bbf44f39adc31d" autoupdate.strategy = "latest_github_release" @@ -62,15 +62,24 @@ ram.runtime = "2000M" [resources.apt] packages = [ - "cmake", - "imagemagick", - "ghostscript", + "build-essential", "curl", + "gsfonts", + "imagemagick", "libmagickwand-dev", - "git", - "libpq-dev", "redis-server", + "libssl-dev", + "libcurl4-openssl-dev", + "libxml2-dev", + "libxslt1-dev", + "libidn11-dev", + "libpq-dev", + "postgresql", + + # Is it still required? + "cmake", + "ghostscript", "libffi-dev", "libgdbm-dev", "libncurses5-dev", @@ -78,16 +87,11 @@ ram.runtime = "2000M" "pkg-config", "sqlite3", "libgmp-dev", - "libssl-dev", # For Ruby "libjemalloc-dev", - "curl", - "build-essential", "libreadline-dev", "zlib1g-dev", "libsqlite3-dev", - "libssl-dev", - "libxml2-dev", "libxslt-dev", "autoconf", "automake", @@ -95,5 +99,10 @@ ram.runtime = "2000M" "libtool", ] + [resources.apt.extras.yarn] + repo = "deb https://dl.yarnpkg.com/debian/ stable main" + key = "https://dl.yarnpkg.com/debian/pubkey.gpg" + packages = ["yarn"] + [resources.database] type = "postgresql" diff --git a/scripts/_common.sh b/scripts/_common.sh index 6bb8040..59e1d12 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -4,7 +4,7 @@ # COMMON VARIABLES #================================================= -ruby_version=2.7 +ruby_version=3.3.3 nodejs_version=14 bundler_version=2.1.4 diff --git a/scripts/change_url b/scripts/change_url index 9541f03..7b923fa 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -33,9 +33,9 @@ ynh_change_url_nginx_config #================================================= ynh_script_progression --message="Updating a configuration file..." --weight=1 -ynh_add_config --template="diaspora.yml" --destination="$install_dir/live/config/diaspora.yml" -chmod 400 "$install_dir/live/config/diaspora.yml" -chown "$app:$app" "$install_dir/live/config/diaspora.yml" +ynh_add_config --template="diaspora.toml" --destination="$install_dir/live/config/diaspora.toml" +chmod 400 "$install_dir/live/config/diaspora.toml" +chown "$app:$app" "$install_dir/live/config/diaspora.toml" #================================================= # START SYSTEMD SERVICE diff --git a/scripts/install b/scripts/install index 7eab824..b96995d 100755 --- a/scripts/install +++ b/scripts/install @@ -42,9 +42,9 @@ chown -R "$app:www-data" "$install_dir" #================================================= ynh_script_progression --message="Adding $app's configuration file..." --weight=1 -ynh_add_config --template="diaspora.yml" --destination="$install_dir/live/config/diaspora.yml" -chmod 400 "$install_dir/live/config/diaspora.yml" -chown "$app:$app" "$install_dir/live/config/diaspora.yml" +ynh_add_config --template="diaspora.toml" --destination="$install_dir/live/config/diaspora.toml" +chmod 400 "$install_dir/live/config/diaspora.toml" +chown "$app:$app" "$install_dir/live/config/diaspora.toml" ynh_add_config --template="database.yml" --destination="$install_dir/live/config/database.yml" chmod 400 "$install_dir/live/config/database.yml" @@ -60,8 +60,8 @@ pushd "$install_dir/live" ynh_use_nodejs ynh_gem install "bundler:$bundler_version" ynh_exec_warn_less ynh_exec_as "$app" "$ynh_ruby_load_path" "$ld_preload" script/configure_bundler - ynh_exec_warn_less ynh_exec_as "$app" "$ynh_ruby_load_path" "$ld_preload" bin/bundle install --full-index --with=postgresql - ynh_exec_warn_less ynh_exec_as "$app" RAILS_ENV=production "$ynh_ruby_load_path" "$ld_preload" bin/bundle exec rake db:migrate + ynh_exec_warn_less ynh_exec_as "$app" "$ynh_ruby_load_path" "$ld_preload" bin/bundle install --full-index + ynh_exec_warn_less ynh_exec_as "$app" RAILS_ENV=production "$ynh_ruby_load_path" "$ld_preload" bin/rake db:migrate ynh_exec_warn_less ynh_exec_as "$app" RAILS_ENV=production "$ynh_ruby_load_path" "$ld_preload" bin/rake assets:precompile ynh_exec_warn_less ynh_exec_as "$app" RAILS_ENV=production "$ynh_ruby_load_path" "$ld_preload" bin/bundle exec rails console << END user = User.build({username: '$admin', email: '$admin_mail', password: '$password', password_confirmation: '$password' }) @@ -85,10 +85,10 @@ ynh_add_systemd_config --service="${app}_web" --template="diaspora_web.service" # Create target unit _ynh_add_systemd_target -yunohost service add "$app.target" --description "Diaspora service (unicorn web and sidekiq)" \ +yunohost service add "$app.target" --description "Diaspora service (web and sidekiq)" \ --log "$install_dir/live/log/production.log" \ - "$install_dir/live/log/unicorn-stderr.log" \ - "$install_dir/live/log/unicorn-stdout.log" \ + "$install_dir/live/log/web-stderr.log" \ + "$install_dir/live/log/web-stdout.log" \ "$install_dir/live/log/sidekiq.log" # Create tmpfile diff --git a/scripts/restore b/scripts/restore index d7d5a99..e0b1fa2 100644 --- a/scripts/restore +++ b/scripts/restore @@ -57,10 +57,10 @@ ynh_restore_file --origin_path="/etc/systemd/system/${app}_web.service" ynh_restore_file --origin_path="/etc/systemd/system/${app}_sidekiq.service" ynh_restore_file --origin_path="/etc/systemd/system/${app}.target" systemctl enable "${app}_web" "${app}_sidekiq" "$app.target" --quiet -yunohost service add "$app.target" --description "Diaspora service (unicorn web and sidekiq)" \ +yunohost service add "$app.target" --description "Diaspora service (web and sidekiq)" \ --log "$install_dir/live/log/production.log" \ - "$install_dir/live/log/unicorn-stderr.log" \ - "$install_dir/live/log/unicorn-stdout.log" \ + "$install_dir/live/log/web-stderr.log" \ + "$install_dir/live/log/web-stdout.log" \ "$install_dir/live/log/sidekiq.log" ynh_restore_file --origin_path="/etc/tmpfiles.d/${app}.conf" diff --git a/scripts/upgrade b/scripts/upgrade index 18433d1..f250f03 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -53,6 +53,14 @@ if ! [ -d "$install_dir/live" ]; then ynh_store_file_checksum --file="$install_dir/live/config/database.yml" fi +if [ -f "$install_dir/live/config/diaspora.yml" ]; then + ynh_backup_if_checksum_is_different --file="$install_dir/live/config/diaspora.yml" + ynh_delete_file_checksum --file="$install_dir/live/config/diaspora.yml" + ynh_secure_remove --file="$install_dir/live/config/diaspora.yml" + ynh_print_warn "diaspora.yml is being migrated to diapora.toml. Please handle changes if you manually edited this file." +fi + + ynh_secure_remove "$install_dir/Experimental_helpers" if [[ -z "${admin:-}" ]]; then @@ -77,7 +85,7 @@ ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version ynh_script_progression --message="Upgrading source files..." --weight=1 # Download, check integrity, uncompress and patch the source from app.src -ynh_setup_source --dest_dir="$install_dir/live" --full_replace=1 --keep="config/diaspora.yml config/database.yml" +ynh_setup_source --dest_dir="$install_dir/live" --full_replace=1 --keep="config/diaspora.toml config/database.yml" # create upload folder and link it mkdir -p "$install_dir/uploads" @@ -91,9 +99,9 @@ chown -R "$app:www-data" "$install_dir" #================================================= ynh_script_progression --message="Updating a configuration file..." --weight=1 -ynh_add_config --template="diaspora.yml" --destination="$install_dir/live/config/diaspora.yml" -chmod 400 "$install_dir/live/config/diaspora.yml" -chown "$app:$app" "$install_dir/live/config/diaspora.yml" +ynh_add_config --template="diaspora.toml" --destination="$install_dir/live/config/diaspora.toml" +chmod 400 "$install_dir/live/config/diaspora.toml" +chown "$app:$app" "$install_dir/live/config/diaspora.toml" ynh_add_config --template="database.yml" --destination="$install_dir/live/config/database.yml" chmod 400 "$install_dir/live/config/database.yml" @@ -127,10 +135,10 @@ ynh_add_systemd_config --service="${app}_sidekiq" --template="diaspora_sidekiq.s ynh_add_systemd_config --service="${app}_web" --template="diaspora_web.service" # Create target unit _ynh_add_systemd_target -yunohost service add "$app.target" --description "Diaspora service (unicorn web and sidekiq)" \ +yunohost service add "$app.target" --description "Diaspora service (web and sidekiq)" \ --log "$install_dir/live/log/production.log" \ - "$install_dir/live/log/unicorn-stderr.log" \ - "$install_dir/live/log/unicorn-stdout.log" \ + "$install_dir/live/log/web-stderr.log" \ + "$install_dir/live/log/web-stdout.log" \ "$install_dir/live/log/sidekiq.log" # Create tmpfile