X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;f=docs%2Fdocs%2Fconfiguration%2Fcheatsheet.md;h=d812750434229ee93a1522c213aa2ab2caa3d805;hb=fd2f03f80a88978048f6ff7d8ede1906c2b078dd;hp=517fd1993282d81fb169644d3a5cc7753684fbe0;hpb=2fd45e0cb68c60769bf4a6c63ca0213536cfe79e;p=akkoma diff --git a/docs/docs/configuration/cheatsheet.md b/docs/docs/configuration/cheatsheet.md index 517fd1993..d81275043 100644 --- a/docs/docs/configuration/cheatsheet.md +++ b/docs/docs/configuration/cheatsheet.md @@ -33,7 +33,8 @@ To add configuration to your config file, you can copy it from the base config. * `federation_incoming_replies_max_depth`: Max. depth of reply-to activities fetching on incoming federation, to prevent out-of-memory situations while fetching very long threads. If set to `nil`, threads of any depth will be fetched. Lower this value if you experience out-of-memory crashes. * `federation_reachability_timeout_days`: Timeout (in days) of each external federation target being unreachable prior to pausing federating to it. * `allow_relay`: Permits remote instances to subscribe to all public posts of your instance. This may increase the visibility of your instance. -* `public`: Makes the client API in authenticated mode-only except for user-profiles. Useful for disabling the Local Timeline and The Whole Known Network. Note that there is a dependent setting restricting or allowing unauthenticated access to specific resources, see `restrict_unauthenticated` for more details. +* `public`: Allows unauthenticated access to public resources on your instance. This is essentially used as the default value for `:restrict_unauthenticated`. + See `restrict_unauthenticated` for more details. * `quarantined_instances`: *DEPRECATED* ActivityPub instances where activities will not be sent. They can still reach there via other means, we just won't send them. * `allowed_post_formats`: MIME-type list of formats allowed to be posted (transformed into HTML). * `extended_nickname_format`: Set to `true` to use extended local nicknames format (allows underscores/dashes). This will break federation with @@ -220,11 +221,6 @@ Notes: - The hashtags in the configuration do not have a leading `#`. - This MRF Policy is always enabled, if you want to disable it you have to set empty lists -#### :mrf_follow_bot - -* `follower_nickname`: The name of the bot account to use for following newly discovered users. Using `followbot` or similar is strongly suggested. - - ### :activitypub * `unfollow_blocked`: Whether blocks result in people getting unfollowed * `outgoing_blocks`: Whether to federate blocks to other instances @@ -532,54 +528,6 @@ Available caches: * `user_agent`: what user agent should we use? (default: `:default`), must be string or `:default` * `adapter`: array of adapter options -### :hackney_pools - -Advanced. Tweaks Hackney (http client) connections pools. - -There's three pools used: - -* `:federation` for the federation jobs. - You may want this pool max_connections to be at least equal to the number of federator jobs + retry queue jobs. -* `:media` for rich media, media proxy -* `:upload` for uploaded media (if using a remote uploader and `proxy_remote: true`) - -For each pool, the options are: - -* `max_connections` - how much connections a pool can hold -* `timeout` - retention duration for connections - - -### :connections_pool - -*For `gun` adapter* - -Settings for HTTP connection pool. - -* `:connection_acquisition_wait` - Timeout to acquire a connection from pool.The total max time is this value multiplied by the number of retries. -* `connection_acquisition_retries` - Number of attempts to acquire the connection from the pool if it is overloaded. Each attempt is timed `:connection_acquisition_wait` apart. -* `:max_connections` - Maximum number of connections in the pool. -* `:connect_timeout` - Timeout to connect to the host. -* `:reclaim_multiplier` - Multiplied by `:max_connections` this will be the maximum number of idle connections that will be reclaimed in case the pool is overloaded. - -### :pools - -*For `gun` adapter* - -Settings for request pools. These pools are limited on top of `:connections_pool`. - -There are four pools used: - -* `:federation` for the federation jobs. You may want this pool's max_connections to be at least equal to the number of federator jobs + retry queue jobs. -* `:media` - for rich media, media proxy. -* `:upload` - for proxying media when a remote uploader is used and `proxy_remote: true`. -* `:default` - for other requests. - -For each pool, the options are: - -* `:size` - limit to how much requests can be concurrently executed. -* `:recv_timeout` - timeout while `gun` will wait for response -* `:max_waiting` - limit to how much requests can be waiting for others to finish, after this is reached, subsequent requests will be dropped. - ## Captcha ### Pleroma.Captcha @@ -837,17 +785,8 @@ config :logger, :ex_syslogger, level: :info, ident: "pleroma", format: "$metadata[$level] $message" - -config :quack, - level: :warn, - meta: [:all], - webhook_url: "https://hooks.slack.com/services/YOUR-API-KEY-HERE" ``` -See the [Quack Github](https://github.com/azohra/quack) for more details - - - ## Database options ### RUM indexing for full text search @@ -1094,7 +1033,7 @@ config :pleroma, :database_config_whitelist, [ ### :restrict_unauthenticated -Restrict access for unauthenticated users to timelines (public and federated), user profiles and statuses. +Restrict access for unauthenticated users to timelines (public and federated), user profiles and posts. * `timelines`: public and federated timelines * `local`: public timeline @@ -1102,13 +1041,24 @@ Restrict access for unauthenticated users to timelines (public and federated), u * `profiles`: user profiles * `local` * `remote` -* `activities`: statuses +* `activities`: posts * `local` * `remote` -Note: when `:instance, :public` is set to `false`, all `:restrict_unauthenticated` items be effectively set to `true` by default. If you'd like to allow unauthenticated access to specific API endpoints on a private instance, please explicitly set `:restrict_unauthenticated` to non-default value in `config/prod.secret.exs`. +#### When :instance, :public is `true` + +When your instance is in "public" mode, all public resources (users, posts, timelines) are accessible to unauthenticated users. + +Turning any of the `:restrict_unauthenticated` options to `true` will restrict access to the corresponding resources. + +#### When :instance, :public is `false` + +When `:instance, :public` is set to `false`, all of the `:restrict_unauthenticated` options will effectively be set to `true` by default, +meaning that only authenticated users will be able to access the corresponding resources. + +If you'd like to allow unauthenticated access to specific resources, you can turn these settings to `false`. -Note: setting `restrict_unauthenticated/timelines/local` to `true` has no practical sense if `restrict_unauthenticated/timelines/federated` is set to `false` (since local public activities will still be delivered to unauthenticated users as part of federated timeline). +**Note**: setting `restrict_unauthenticated/timelines/local` to `true` has no practical sense if `restrict_unauthenticated/timelines/federated` is set to `false` (since local public activities will still be delivered to unauthenticated users as part of federated timeline). ## Pleroma.Web.ApiSpec.CastAndValidate