mirror of
https://github.com/superseriousbusiness/gotosocial.git
synced 2024-11-14 13:31:03 +00:00
183eaa5b29
* love like winter! wohoah, wohoah * domain allow side effects * tests! logging! unallow! * document federation modes * linty linterson * test * further adventures in documentation * finish up domain block documentation (i think) * change wording a wee little bit * docs, example * consolidate shared domainPermission code * call mode once * fetch federation mode within domain blocked func * read domain perm import in streaming manner * don't use pointer to slice for domain perms * don't bother copying blocks + allows before deleting * admonish! * change wording just a scooch * update docs
978 lines
39 KiB
YAML
978 lines
39 KiB
YAML
# GoToSocial
|
|
# Copyright (C) 2021-2023 GoToSocial Authors admin@gotosocial.org
|
|
|
|
# This program is free software: you can redistribute it and/or modify
|
|
# it under the terms of the GNU Affero General Public License as published by
|
|
# the Free Software Foundation, either version 3 of the License, or
|
|
# (at your option) any later version.
|
|
|
|
# This program is distributed in the hope that it will be useful,
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
# GNU Affero General Public License for more details.
|
|
|
|
# You should have received a copy of the GNU Affero General Public License
|
|
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
###########################
|
|
##### GENERAL CONFIG ######
|
|
###########################
|
|
|
|
# String. Log level to use throughout the application. Must be lower-case.
|
|
# Options: ["trace","debug","info","warn","error","fatal"]
|
|
# Default: "info"
|
|
log-level: "info"
|
|
|
|
# Bool. Log database queries when log-level is set to debug or trace.
|
|
# This setting produces verbose logs, so it's better to only enable it
|
|
# when you're trying to track an issue down.
|
|
# Options: [true, false]
|
|
# Default: false
|
|
log-db-queries: false
|
|
|
|
# Bool. Include the client IP in the emitted log lines
|
|
# Options: [true, false]
|
|
# Default: true
|
|
log-client-ip: true
|
|
|
|
# String. Format to use for the timestamp in log lines.
|
|
# If set to the empty string, the timestamp will be
|
|
# ommitted from the logs entirely.
|
|
#
|
|
# The format must be compatible with Go's time.Layout, as
|
|
# documented on https://pkg.go.dev/time#pkg-constants.
|
|
#
|
|
# Examples: [true, false]
|
|
# Default: "02/01/2006 15:04:05.000"
|
|
log-timestamp-format: "02/01/2006 15:04:05.000"
|
|
|
|
# String. Application name to use internally.
|
|
# Examples: ["My Application","gotosocial"]
|
|
# Default: "gotosocial"
|
|
application-name: "gotosocial"
|
|
|
|
# String. The user that will be shown instead of the landing page. if no user is set, the landing page will be shown.
|
|
# Examples: "admin"
|
|
# Default: ""
|
|
landing-page-user: ""
|
|
|
|
# String. Hostname that this server will be reachable at. Defaults to localhost for local testing,
|
|
# but you should *definitely* change this when running for real, or your server won't work at all.
|
|
# DO NOT change this after your server has already run once, or you will break things!
|
|
# Examples: ["gts.example.org","some.server.com"]
|
|
# Default: "localhost"
|
|
host: "localhost"
|
|
|
|
# String. Domain to use when federating profiles. This is useful when you want your server to be at
|
|
# eg., "gts.example.org", but you want the domain on accounts to be "example.org" because it looks better
|
|
# or is just shorter/easier to remember.
|
|
#
|
|
# To make this setting work properly, you need to redirect requests at "example.org/.well-known/webfinger"
|
|
# to "gts.example.org/.well-known/webfinger" so that GtS can handle them properly.
|
|
#
|
|
# You should also redirect requests at "example.org/.well-known/nodeinfo" in the same way.
|
|
#
|
|
# You should also redirect requests at "example.org/.well-known/host-meta" in the same way. This endpoint
|
|
# is used by a number of clients to discover the API endpoint to use when the host and account domain are
|
|
# different.
|
|
#
|
|
# An empty string (ie., not set) means that the same value as 'host' will be used.
|
|
#
|
|
# DO NOT change this after your server has already run once, or you will break things!
|
|
#
|
|
# Please read the appropriate section of the installation guide before you go messing around with this setting:
|
|
# https://docs.gotosocial.org/en/latest/advanced/host-account-domain/
|
|
#
|
|
# Examples: ["example.org","server.com"]
|
|
# Default: ""
|
|
account-domain: ""
|
|
|
|
# String. Protocol to use for the server. Only change to http for local testing!
|
|
# This should be the protocol part of the URI that your server is actually reachable on. So even if you're
|
|
# running GoToSocial behind a reverse proxy that handles SSL certificates for you, instead of using built-in
|
|
# letsencrypt, it should still be https.
|
|
# Options: ["http","https"]
|
|
# Default: "https"
|
|
protocol: "https"
|
|
|
|
# String. Address to bind the GoToSocial server to.
|
|
# This can be an IPv4 address or an IPv6 address (surrounded in square brackets), or a hostname.
|
|
# The default value will bind to all interfaces, which makes the server
|
|
# accessible by other machines. For most setups there is no need to change this.
|
|
# If you are using GoToSocial in a reverse proxy setup with the proxy running on
|
|
# the same machine, you will want to set this to "localhost" or an equivalent,
|
|
# so that the proxy can't be bypassed.
|
|
# Examples: ["0.0.0.0", "172.128.0.16", "localhost", "[::]", "[2001:db8::fed1]"]
|
|
# Default: "0.0.0.0"
|
|
bind-address: "0.0.0.0"
|
|
|
|
# Int. Listen port for the GoToSocial webserver + API. If you're running behind a reverse proxy and/or in a docker,
|
|
# container, just set this to whatever you like (or leave the default), and make sure it's forwarded properly.
|
|
# If you are running with built-in letsencrypt enabled, and running GoToSocial directly on a host machine, you will
|
|
# probably want to set this to 443 (standard https port), unless you have other services already using that port.
|
|
# This *MUST NOT* be the same as the letsencrypt port specified below, unless letsencrypt is turned off.
|
|
# Examples: [443, 6666, 8080]
|
|
# Default: 8080
|
|
port: 8080
|
|
|
|
# Array of string. CIDRs or IP addresses of proxies that should be trusted when determining real client IP from behind a reverse proxy.
|
|
# If you're running inside a Docker container behind Traefik or Nginx, for example, add the subnet of your docker network,
|
|
# or the gateway of the docker network, and/or the address of the reverse proxy (if it's not running on the host network).
|
|
# Example: ["127.0.0.1/32", "172.20.0.1"]
|
|
# Default: ["127.0.0.1/32", "::1"] (localhost ipv4 + ipv6)
|
|
trusted-proxies:
|
|
- "127.0.0.1/32"
|
|
- "::1"
|
|
|
|
############################
|
|
##### DATABASE CONFIG ######
|
|
############################
|
|
|
|
# Config pertaining to the Gotosocial database connection
|
|
|
|
# String. Database type.
|
|
# Options: ["postgres","sqlite"]
|
|
# Default: "postgres"
|
|
db-type: "postgres"
|
|
|
|
# String. Database address or parameters.
|
|
#
|
|
# For Postgres, this should be the address or socket at which the database can be reached.
|
|
#
|
|
# For Sqlite, this should be the path to your sqlite database file. Eg., /opt/gotosocial/sqlite.db.
|
|
# If the file doesn't exist at the specified path, it will be created.
|
|
# If just a filename is provided (no directory) then the database will be created in the same directory
|
|
# as the GoToSocial binary.
|
|
# If address is set to :memory: then an in-memory database will be used (no file).
|
|
# WARNING: :memory: should NOT BE USED except for testing purposes.
|
|
#
|
|
# Examples: ["localhost","my.db.host","127.0.0.1","192.111.39.110",":memory:", "sqlite.db"]
|
|
# Default: ""
|
|
db-address: ""
|
|
|
|
# Int. Port for database connection.
|
|
# Examples: [5432, 1234, 6969]
|
|
# Default: 5432
|
|
db-port: 5432
|
|
|
|
# String. Username for the database connection.
|
|
# Examples: ["mydbuser","postgres","gotosocial"]
|
|
# Default: ""
|
|
db-user: ""
|
|
|
|
# String. Password to use for the database connection
|
|
# Examples: ["password123","verysafepassword","postgres"]
|
|
# Default: ""
|
|
db-password: ""
|
|
|
|
# String. Name of the database to use within the provided database type.
|
|
# Examples: ["mydb","postgres","gotosocial"]
|
|
# Default: "gotosocial"
|
|
db-database: "gotosocial"
|
|
|
|
# String. Disable, enable, or require SSL/TLS connection to the database.
|
|
# If "disable" then no TLS connection will be attempted.
|
|
# If "enable" then TLS will be tried, but the database certificate won't be checked (for self-signed certs).
|
|
# If "require" then TLS will be required to make a connection, and a valid certificate must be presented.
|
|
# Options: ["disable", "enable", "require"]
|
|
# Default: "disable"
|
|
db-tls-mode: "disable"
|
|
|
|
# String. Path to a CA certificate on the host machine for db certificate validation.
|
|
# If this is left empty, just the host certificates will be used.
|
|
# If filled in, the certificate will be loaded and added to host certificates.
|
|
# Examples: ["/path/to/some/cert.crt"]
|
|
# Default: ""
|
|
db-tls-ca-cert: ""
|
|
|
|
# Int. Number to multiply by CPU count to set permitted total of open database connections (in-use and idle).
|
|
# You can use this setting to tune your database connection behavior, though most admins won't need to touch it.
|
|
#
|
|
# Example values for multiplier 8:
|
|
#
|
|
# 1 cpu = 08 open connections
|
|
# 2 cpu = 16 open connections
|
|
# 4 cpu = 32 open connections
|
|
#
|
|
# Example values for multiplier 4:
|
|
#
|
|
# 1 cpu = 04 open connections
|
|
# 2 cpu = 08 open connections
|
|
# 4 cpu = 16 open connections
|
|
#
|
|
# A multiplier of 8 is a sensible default, but you may wish to increase this for instances
|
|
# running on very performant hardware, or decrease it for instances using v. slow CPUs.
|
|
#
|
|
# If you set the multiplier to less than 1, only one open connection will be used regardless of cpu count.
|
|
#
|
|
# Examples: [16, 8, 10, 2]
|
|
# Default: 8
|
|
db-max-open-conns-multiplier: 8
|
|
|
|
# String. SQLite journaling mode.
|
|
# SQLite only -- unused otherwise.
|
|
# If set to empty string, the sqlite default will be used.
|
|
# See: https://www.sqlite.org/pragma.html#pragma_journal_mode
|
|
# Examples: ["DELETE", "TRUNCATE", "PERSIST", "MEMORY", "WAL", "OFF"]
|
|
# Default: "WAL"
|
|
db-sqlite-journal-mode: "WAL"
|
|
|
|
# String. SQLite synchronous mode.
|
|
# SQLite only -- unused otherwise.
|
|
# If set to empty string, the sqlite default will be used.
|
|
# See: https://www.sqlite.org/pragma.html#pragma_synchronous
|
|
# Examples: ["OFF", "NORMAL", "FULL", "EXTRA"]
|
|
# Default: "NORMAL"
|
|
db-sqlite-synchronous: "NORMAL"
|
|
|
|
# Byte size. SQlite cache size.
|
|
# SQLite only -- unused otherwise.
|
|
# If set to empty string or zero, the sqlite default (2MiB) will be used.
|
|
# See: https://www.sqlite.org/pragma.html#pragma_cache_size
|
|
# Examples: ["0", "2MiB", "8MiB", "64MiB"]
|
|
# Default: "8MiB"
|
|
db-sqlite-cache-size: "8MiB"
|
|
|
|
# Duration. SQlite busy timeout.
|
|
# SQLite only -- unused otherwise.
|
|
# If set to empty string or zero, the sqlite default will be used.
|
|
# See: https://www.sqlite.org/pragma.html#pragma_busy_timeout
|
|
# Examples: ["0s", "1s", "30s", "1m", "5m"]
|
|
# Default: "30m"
|
|
db-sqlite-busy-timeout: "30m"
|
|
|
|
cache:
|
|
# cache.memory-target sets a target limit that
|
|
# the application will try to keep it's caches
|
|
# within. This is based on estimated sizes of
|
|
# in-memory objects, and so NOT AT ALL EXACT.
|
|
# Examples: ["100MiB", "200MiB", "500MiB", "1GiB"]
|
|
# Default: "100MiB"
|
|
memory-target: "100MiB"
|
|
|
|
######################
|
|
##### WEB CONFIG #####
|
|
######################
|
|
|
|
# Config pertaining to templating and serving of web pages/email notifications and the like
|
|
|
|
# String. Directory from which gotosocial will attempt to load html templates (.tmpl files).
|
|
# Examples: ["/some/absolute/path/", "./relative/path/", "../../some/weird/path/"]
|
|
# Default: "./web/template/"
|
|
web-template-base-dir: "./web/template/"
|
|
|
|
# String. Directory from which gotosocial will attempt to serve static web assets (images, scripts).
|
|
# Examples: ["/some/absolute/path/", "./relative/path/", "../../some/weird/path/"]
|
|
# Default: "./web/assets/"
|
|
web-asset-base-dir: "./web/assets/"
|
|
|
|
###########################
|
|
##### INSTANCE CONFIG #####
|
|
###########################
|
|
|
|
# Config pertaining to instance federation settings, pages to hide/expose, etc.
|
|
|
|
# String. Federation mode to use for this instance.
|
|
#
|
|
# "blocklist" -- open federation by default. Only instances that are explicitly
|
|
# blocked will be denied (unless they are also explicitly allowed).
|
|
#
|
|
# "allowlist" -- closed federation by default. Only instances that are explicitly
|
|
# allowed will be able to interact with this instance.
|
|
#
|
|
# For more details on blocklist and allowlist modes, check the documentation at:
|
|
# https://docs.gotosocial.org/en/latest/admin/federation_modes
|
|
#
|
|
# Options: ["blocklist", "allowlist"]
|
|
# Default: "blocklist"
|
|
instance-federation-mode: "blocklist"
|
|
|
|
# Bool. Allow unauthenticated users to make queries to /api/v1/instance/peers?filter=open in order
|
|
# to see a list of instances that this instance 'peers' with. Even if set to 'false', then authenticated
|
|
# users (members of the instance) will still be able to query the endpoint.
|
|
# Options: [true, false]
|
|
# Default: false
|
|
instance-expose-peers: false
|
|
|
|
# Bool. Allow unauthenticated users to make queries to /api/v1/instance/peers?filter=suspended in order
|
|
# to see a list of instances that this instance blocks/suspends. Even if set to 'false', then authenticated
|
|
# users (members of the instance) will still be able to query the endpoint.
|
|
#
|
|
# WARNING: Setting this variable to 'true' may result in your instance being scraped by blocklist scrapers.
|
|
# See: https://docs.gotosocial.org/en/latest/admin/domain_blocks/#block-announce-bots
|
|
#
|
|
# Options: [true, false]
|
|
# Default: false
|
|
instance-expose-suspended: false
|
|
|
|
# Bool. Allow unauthenticated users to view /about/suspended,
|
|
# showing the HTML rendered list of instances that this instance blocks/suspends.
|
|
# Options: [true, false]
|
|
# Default: false
|
|
instance-expose-suspended-web: false
|
|
|
|
# Bool. Allow unauthenticated users to make queries to /api/v1/timelines/public in order
|
|
# to see a list of public posts on this server. Even if set to 'false', then authenticated
|
|
# users (members of the instance) will still be able to query the endpoint.
|
|
# Options: [true, false]
|
|
# Default: false
|
|
instance-expose-public-timeline: false
|
|
|
|
# Bool. This flag tweaks whether GoToSocial will deliver ActivityPub messages
|
|
# to the shared inbox of a recipient, if one is available, instead of delivering
|
|
# each message to each actor who should receive a message individually.
|
|
#
|
|
# Shared inbox delivery can significantly reduce network load when delivering
|
|
# to multiple recipients share an inbox (eg., on large Mastodon instances).
|
|
#
|
|
# See: https://www.w3.org/TR/activitypub/#shared-inbox-delivery
|
|
#
|
|
# Options: [true, false]
|
|
# Default: true
|
|
instance-deliver-to-shared-inboxes: true
|
|
|
|
# Bool. This flag will inject a Mastodon version into the version field that
|
|
# is included in /api/v1/instance. This version is often used by Mastodon clients
|
|
# to do API feature detection. By injecting a Mastodon compatible version, it is
|
|
# possible to cajole those clients to behave correctly with GoToSocial.
|
|
#
|
|
# Options: [true, false]
|
|
# Default: false
|
|
instance-inject-mastodon-version: false
|
|
|
|
###########################
|
|
##### ACCOUNTS CONFIG #####
|
|
###########################
|
|
|
|
# Config pertaining to creation and maintenance of accounts on the server, as well as defaults for new accounts.
|
|
|
|
# Bool. Do we want people to be able to just submit sign up requests, or do we want invite only?
|
|
# Options: [true, false]
|
|
# Default: true
|
|
accounts-registration-open: true
|
|
|
|
# Bool. Do sign up requests require approval from an admin/moderator before an account can sign in/use the server?
|
|
# Options: [true, false]
|
|
# Default: true
|
|
accounts-approval-required: true
|
|
|
|
# Bool. Are sign up requests required to submit a reason for the request (eg., an explanation of why they want to join the instance)?
|
|
# Options: [true, false]
|
|
# Default: true
|
|
accounts-reason-required: true
|
|
|
|
# Bool. Allow accounts on this instance to set custom CSS for their profile pages and statuses.
|
|
# Enabling this setting will allow accounts to upload custom CSS via the /user settings page,
|
|
# which will then be rendered on the web view of the account's profile and statuses.
|
|
#
|
|
# For instances with public sign ups, it is **HIGHLY RECOMMENDED** to leave this setting on 'false',
|
|
# since setting it to true allows malicious accounts to make their profile pages misleading, unusable
|
|
# or even dangerous to visitors. In other words, you should only enable this setting if you trust
|
|
# the users on your instance not to produce harmful CSS.
|
|
#
|
|
# Regardless of what this value is set to, any uploaded CSS will not be federated to other instances,
|
|
# it will only be shown on profiles and statuses on *this* instance.
|
|
#
|
|
# Options: [true, false]
|
|
# Default: false
|
|
accounts-allow-custom-css: false
|
|
|
|
# Int. If accounts-allow-custom-css is true, this is the permitted length in characters for
|
|
# CSS uploaded by accounts on this instance. No effect if accounts-allow-custom-css is false.
|
|
#
|
|
# Examples: [500, 5000, 9999]
|
|
# Default: 10000
|
|
accounts-custom-css-length: 10000
|
|
|
|
########################
|
|
##### MEDIA CONFIG #####
|
|
########################
|
|
|
|
# Config pertaining to media uploads (videos, image, image descriptions, emoji).
|
|
|
|
# Int. Maximum allowed image upload size in bytes.
|
|
# Examples: [2097152, 10485760]
|
|
# Default: 10485760 -- aka 10MB
|
|
media-image-max-size: 10485760
|
|
|
|
# Int. Maximum allowed video upload size in bytes.
|
|
# Examples: [2097152, 10485760]
|
|
# Default: 41943040 -- aka 40MB
|
|
media-video-max-size: 41943040
|
|
|
|
# Int. Minimum amount of characters required as an image or video description.
|
|
# Examples: [500, 1000, 1500]
|
|
# Default: 0 (not required)
|
|
media-description-min-chars: 0
|
|
|
|
# Int. Maximum amount of characters permitted in an image or video description.
|
|
# Examples: [500, 1000, 1500]
|
|
# Default: 500
|
|
media-description-max-chars: 500
|
|
|
|
# Int. Number of days to cache media from remote instances before they are removed from the cache.
|
|
# A job will run every day at midnight to clean up any remote media older than the given amount of days.
|
|
#
|
|
# When remote media is removed from the cache, it is deleted from storage but the database entries for the media
|
|
# are kept so that it can be fetched again if requested by a user.
|
|
#
|
|
# If this is set to 0, then media from remote instances will be cached indefinitely.
|
|
# Examples: [30, 60, 7, 0]
|
|
# Default: 7
|
|
media-remote-cache-days: 7
|
|
|
|
# Int. Max size in bytes of emojis uploaded to this instance via the admin API.
|
|
# The default is the same as the Mastodon size limit for emojis (50kb), which allows
|
|
# for good interoperability. Raising this limit may cause issues with federation
|
|
# of your emojis to other instances, so beware.
|
|
# Examples: [51200, 102400]
|
|
# Default: 51200
|
|
media-emoji-local-max-size: 51200
|
|
|
|
# Int. Max size in bytes of emojis to download from other instances.
|
|
# By default this is 100kb, or twice the size of the default for media-emoji-local-max-size.
|
|
# This strikes a good balance between decent interoperability with instances that have
|
|
# higher emoji size limits, and not taking up too much space in storage.
|
|
# Examples: [51200, 102400]
|
|
# Default: 102400
|
|
media-emoji-remote-max-size: 102400
|
|
|
|
##########################
|
|
##### STORAGE CONFIG #####
|
|
##########################
|
|
|
|
# Config pertaining to storage of user-created uploads (videos, images, etc).
|
|
|
|
# String. Type of storage backend to use.
|
|
# Examples: ["local", "s3"]
|
|
# Default: "local" (storage on local disk)
|
|
storage-backend: "local"
|
|
|
|
# String. Directory to use as a base path for storing files.
|
|
# Make sure whatever user/group gotosocial is running as has permission to access
|
|
# this directory, and create new subdirectories and files within it.
|
|
# Only required when running with the local storage backend.
|
|
# Examples: ["/home/gotosocial/storage", "/opt/gotosocial/datastorage"]
|
|
# Default: "/gotosocial/storage"
|
|
storage-local-base-path: "/gotosocial/storage"
|
|
|
|
# String. API endpoint of the S3 compatible service.
|
|
# Only required when running with the s3 storage backend.
|
|
# Examples: ["minio:9000", "s3.nl-ams.scw.cloud", "s3.us-west-002.backblazeb2.com"]
|
|
# GoToSocial uses "DNS-style" when accessing buckets.
|
|
# If you are using Scaleways object storage, please remove the "bucket name" from the endpoint address
|
|
# Default: ""
|
|
storage-s3-endpoint: ""
|
|
|
|
# Bool. If data stored in S3 should be proxied through GoToSocial instead of redirecting to a presigned URL.
|
|
#
|
|
# Default: false
|
|
storage-s3-proxy: false
|
|
|
|
# Bool. Use SSL for S3 connections.
|
|
#
|
|
# Only set this to 'false' when testing locally.
|
|
#
|
|
# Default: true
|
|
storage-s3-use-ssl: true
|
|
|
|
# String. Access key part of the S3 credentials.
|
|
# Consider setting this value using environment variables to avoid leaking it via the config file
|
|
# Only required when running with the s3 storage backend.
|
|
# Examples: ["AKIAJSIE27KKMHXI3BJQ","miniouser"]
|
|
# Default: ""
|
|
storage-s3-access-key: ""
|
|
|
|
# String. Secret key part of the S3 credentials.
|
|
# Consider setting this value using environment variables to avoid leaking it via the config file
|
|
# Only required when running with the s3 storage backend.
|
|
# Examples: ["5bEYu26084qjSFyclM/f2pz4gviSfoOg+mFwBH39","miniopassword"]
|
|
# Default: ""
|
|
storage-s3-secret-key: ""
|
|
|
|
# String. Name of the storage bucket.
|
|
#
|
|
# If you have already encoded your bucket name in the storage-s3-endpoint, this
|
|
# value will be used as a directory containing your data.
|
|
#
|
|
# The bucket must exist prior to starting GoToSocial
|
|
#
|
|
# Only required when running with the s3 storage backend.
|
|
# Examples: ["gts","cool-instance"]
|
|
# Default: ""
|
|
storage-s3-bucket: ""
|
|
|
|
###########################
|
|
##### STATUSES CONFIG #####
|
|
###########################
|
|
|
|
# Config pertaining to the creation of statuses/posts, and permitted limits.
|
|
|
|
# Int. Maximum amount of characters permitted for a new status.
|
|
# Note that going way higher than the default might break federation.
|
|
# Examples: [140, 500, 5000]
|
|
# Default: 5000
|
|
statuses-max-chars: 5000
|
|
|
|
# Int. Maximum amount of characters allowed in the CW/subject header of a status.
|
|
# Note that going way higher than the default might break federation.
|
|
# Examples: [100, 200]
|
|
# Default: 100
|
|
statuses-cw-max-chars: 100
|
|
|
|
# Int. Maximum amount of options to permit when creating a new poll.
|
|
# Note that going way higher than the default might break federation.
|
|
# Examples: [4, 6, 10]
|
|
# Default: 6
|
|
statuses-poll-max-options: 6
|
|
|
|
# Int. Maximum amount of characters to permit per poll option when creating a new poll.
|
|
# Note that going way higher than the default might break federation.
|
|
# Examples: [50, 100, 150]
|
|
# Default: 50
|
|
statuses-poll-option-max-chars: 50
|
|
|
|
# Int. Maximum amount of media files that can be attached to a new status.
|
|
# Note that going way higher than the default might break federation.
|
|
# Examples: [4, 6, 10]
|
|
# Default: 6
|
|
statuses-media-max-files: 6
|
|
|
|
##############################
|
|
##### LETSENCRYPT CONFIG #####
|
|
##############################
|
|
|
|
# Config pertaining to the automatic acquisition and use of LetsEncrypt HTTPS certificates.
|
|
|
|
# Bool. Whether or not letsencrypt should be enabled for the server.
|
|
# If false, the rest of the settings here will be ignored.
|
|
# If you serve GoToSocial behind a reverse proxy like nginx or traefik, leave this turned off.
|
|
# If you don't, then turn it on so that you can use https.
|
|
# Options: [true, false]
|
|
# Default: false
|
|
letsencrypt-enabled: false
|
|
|
|
# Int. Port to listen for letsencrypt certificate challenges on.
|
|
# If letsencrypt is enabled, this port must be reachable or you won't be able to obtain certs.
|
|
# If letsencrypt is disabled, this port will not be used.
|
|
# This *must not* be the same as the webserver/API port specified above.
|
|
# Examples: [80, 8000, 1312]
|
|
# Default: 80
|
|
letsencrypt-port: 80
|
|
|
|
# String. Directory in which to store LetsEncrypt certificates.
|
|
# It is a good move to make this a sub-path within your storage directory, as it makes
|
|
# backup easier, but you might wish to move them elsewhere if they're also accessed by other services.
|
|
# In any case, make sure GoToSocial has permissions to write to / read from this directory.
|
|
# Examples: ["/home/gotosocial/storage/certs", "/acmecerts"]
|
|
# Default: "/gotosocial/storage/certs"
|
|
letsencrypt-cert-dir: "/gotosocial/storage/certs"
|
|
|
|
# String. Email address to use when registering LetsEncrypt certs.
|
|
# Most likely, this will be the email address of the instance administrator.
|
|
# LetsEncrypt will send notifications about expiring certificates etc to this address.
|
|
# Examples: ["admin@example.org"]
|
|
# Default: ""
|
|
letsencrypt-email-address: ""
|
|
|
|
##############################
|
|
##### MANUAL TLS CONFIG #####
|
|
##############################
|
|
|
|
# String. Path to a PEM-encoded file on disk that includes the certificate chain
|
|
# and the public key
|
|
# Examples: ["/gotosocial/storage/certs/chain.pem"]
|
|
# Default: ""
|
|
tls-certificate-chain: ""
|
|
|
|
# String. Path to a PEM-encoded file on disk containing the private key for the
|
|
# associated tls-certificate-chain
|
|
# Examples: ["/gotosocial/storage/certs/private.pem"]
|
|
# Default: ""
|
|
tls-certificate-key: ""
|
|
|
|
#######################
|
|
##### OIDC CONFIG #####
|
|
#######################
|
|
|
|
# Config for authentication with an external OIDC provider (Dex, Google, Auth0, etc).
|
|
|
|
# Bool. Enable authentication with external OIDC provider. If set to true, then
|
|
# the other OIDC options must be set as well. If this is set to false, then the standard
|
|
# internal oauth flow will be used, where users sign in to GtS with username/password.
|
|
# Options: [true, false]
|
|
# Default: false
|
|
oidc-enabled: false
|
|
|
|
# String. Name of the oidc idp (identity provider). This will be shown to users when
|
|
# they log in.
|
|
# Examples: ["Google", "Dex", "Auth0"]
|
|
# Default: ""
|
|
oidc-idp-name: ""
|
|
|
|
# Bool. Skip the normal verification flow of tokens returned from the OIDC provider, ie.,
|
|
# don't check the expiry or signature. This should only be used in debugging or testing,
|
|
# never ever in a production environment as it's extremely unsafe!
|
|
# Options: [true, false]
|
|
# Default: false
|
|
oidc-skip-verification: false
|
|
|
|
# String. The OIDC issuer URI. This is where GtS will redirect users to for login.
|
|
# Typically this will look like a standard web URL.
|
|
# Examples: ["https://auth.example.org", "https://example.org/auth"]
|
|
# Default: ""
|
|
oidc-issuer: ""
|
|
|
|
# String. The ID for this client as registered with the OIDC provider.
|
|
# Examples: ["some-client-id", "fda3772a-ad35-41c9-9a59-f1943ad18f54"]
|
|
# Default: ""
|
|
oidc-client-id: ""
|
|
|
|
# String. The secret for this client as registered with the OIDC provider.
|
|
# Examples: ["super-secret-business", "79379cf5-8057-426d-bb83-af504d98a7b0"]
|
|
# Default: ""
|
|
oidc-client-secret: ""
|
|
|
|
# Array of string. Scopes to request from the OIDC provider. The returned values will be used to
|
|
# populate users created in GtS as a result of the authentication flow. 'openid' and 'email' are required.
|
|
# 'profile' is used to extract a username for the newly created user.
|
|
# 'groups' is optional and can be used to determine if a user is an admin based on oidc-admin-groups.
|
|
# Examples: See eg., https://auth0.com/docs/scopes/openid-connect-scopes
|
|
# Default: ["openid", "email", "profile", "groups"]
|
|
oidc-scopes:
|
|
- "openid"
|
|
- "email"
|
|
- "profile"
|
|
- "groups"
|
|
|
|
# Bool. Link OIDC authenticated users to existing ones based on their email address.
|
|
# This is mostly intended for migration purposes if you were running previous versions of GTS
|
|
# which only correlated users with their email address. Should be set to false for most usecases.
|
|
# Options: [true, false]
|
|
# Default: false
|
|
oidc-link-existing: false
|
|
|
|
# Array of string. If the returned ID token contains a 'groups' claim that matches one of the
|
|
# groups in oidc-admin-groups, then this user will be granted admin rights on the GtS instance
|
|
# Default: []
|
|
oidc-admin-groups: []
|
|
|
|
#######################
|
|
##### SMTP CONFIG #####
|
|
#######################
|
|
|
|
# Config for sending emails via an smtp server. See https://en.wikipedia.org/wiki/Simple_Mail_Transfer_Protocol
|
|
|
|
# String. The hostname of the smtp server you want to use.
|
|
# If this is not set, smtp will not be used to send emails, and you can ignore the other settings.
|
|
# Examples: ["mail.example.org", "localhost"]
|
|
# Default: ""
|
|
smtp-host: ""
|
|
|
|
# Int. Port to use to connect to the smtp server.
|
|
# Examples: []
|
|
# Default: 0
|
|
smtp-port: 0
|
|
|
|
# String. Username to use when authenticating with the smtp server.
|
|
# This should have been provided to you by your smtp host.
|
|
# This is often, but not always, an email address.
|
|
# Examples: ["maillord@example.org"]
|
|
# Default: ""
|
|
smtp-username: ""
|
|
|
|
# String. Password to use when authenticating with the smtp server.
|
|
# This should have been provided to you by your smtp host.
|
|
# Examples: ["1234", "password"]
|
|
# Default: ""
|
|
smtp-password: ""
|
|
|
|
# String. 'From' address for sent emails.
|
|
# Examples: ["mail@example.org"]
|
|
# Default: ""
|
|
smtp-from: ""
|
|
|
|
# Bool. If true, when an email is sent that has multiple recipients, each recipient
|
|
# will be included in the To field, so that each recipient can see who else got the
|
|
# email, and they can 'reply all' to the other recipients if they want to.
|
|
#
|
|
# If false, email will be sent to Undisclosed Recipients, and each recipient will not
|
|
# be able to see who else received the email.
|
|
#
|
|
# It might be useful to change this setting to 'true' if you want to be able to discuss
|
|
# new moderation reports with other admins by 'replying-all' to the notification email.
|
|
# Default: false
|
|
smtp-disclose-recipients: false
|
|
|
|
#########################
|
|
##### SYSLOG CONFIG #####
|
|
#########################
|
|
|
|
# Config for additional syslog log hooks. See https://en.wikipedia.org/wiki/Syslog,
|
|
# and https://github.com/sirupsen/logrus/tree/master/hooks/syslog.
|
|
#
|
|
# These settings are useful when one wants to daemonize GoToSocial and send logs
|
|
# to a specific place, either a local location or a syslog server. Most users will
|
|
# not need to touch these settings.
|
|
|
|
# Bool. Enable the syslog logging hook. Logs will be mirrored to the configured destination.
|
|
# Options: [true, false]
|
|
# Default: false
|
|
syslog-enabled: false
|
|
|
|
# String. Protocol to use when directing logs to syslog. Leave empty to connect to local syslog.
|
|
# Options: ["udp", "tcp", ""]
|
|
# Default: "udp"
|
|
syslog-protocol: "udp"
|
|
|
|
# String. Address:port to send syslog logs to. Leave empty to connect to local syslog.
|
|
# Default: "localhost:514"
|
|
syslog-address: "localhost:514"
|
|
|
|
##################################
|
|
##### OBSERVABILITY SETTINGS #####
|
|
##################################
|
|
|
|
# String. Header name to use to extract a request or trace ID from. Typically set by a
|
|
# loadbalancer or proxy.
|
|
# Default: "X-Request-Id"
|
|
request-id-header: "X-Request-Id"
|
|
|
|
# Bool. Enable OpenTelemetry based tracing support.
|
|
# Default: false
|
|
tracing-enabled: false
|
|
|
|
# String. Set the transport protocol for the tracing system. Can either be "grpc"
|
|
# for OTLP gRPC, or "http" for OTLP HTTP.
|
|
# Options: ["grpc", "http"]
|
|
# Default: "grpc"
|
|
tracing-transport: "grpc"
|
|
|
|
# String. Endpoint of the trace ingester. When using the gRPC or HTTP based transports,
|
|
# provide the endpoint as a single address/port combination without a protocol scheme.
|
|
# Examples: ["localhost:4317"]
|
|
# Default: ""
|
|
tracing-endpoint: ""
|
|
|
|
# Bool. Disable TLS for the gRPC and HTTP transport protocols.
|
|
# Default: false
|
|
tracing-insecure-transport: false
|
|
|
|
################################
|
|
##### HTTP CLIENT SETTINGS #####
|
|
################################
|
|
|
|
# Settings for OUTGOING http client connections used by GoToSocial to make
|
|
# requests to remote resources (status GETs, media GETs, inbox POSTs, etc).
|
|
|
|
http-client:
|
|
|
|
# Duration. Timeout to use for outgoing HTTP requests. If the timeout
|
|
# is exceeded, the connection to the remote server will be dropped.
|
|
# A value of 0s indicates no timeout: this is not advised!
|
|
# Examples: ["5s", "10s", "0s"]
|
|
# Default: "10s"
|
|
timeout: "10s"
|
|
|
|
########################################
|
|
#### RESERVED IP RANGE EXCEPTIONS ######
|
|
########################################
|
|
#
|
|
# Explicitly allow or block outgoing dialing within the provided IPv4/v6 CIDR ranges.
|
|
#
|
|
# By default, as a basic security precaution, GoToSocial blocks outgoing dialing within most "special-purpose"
|
|
# IP ranges. However, it may be desirable for admins with more exotic setups (proxies, funky NAT, etc) to
|
|
# explicitly override one or more of these otherwise blocked ranges.
|
|
#
|
|
# Each of the below allow/block config options accepts an array of IPv4 and/or IPv6 CIDR strings.
|
|
# For example, to override the hardcoded block of IPv4 and IPv6 dialing to localhost, set:
|
|
#
|
|
# allow-ips: ["127.0.0.1/32", "::1/128"].
|
|
#
|
|
# You can also use YAML multi-line arrays to define these, but be diligent with indentation.
|
|
#
|
|
# When dialing, GoToSocial will first check if the destination falls within explicitly allowed IP ranges,
|
|
# then explicitly blocked IP ranges, then the default (hardcoded) blocked IP ranges, returning OK on the
|
|
# first allowed match, not OK on the first blocked match, or just defaulting to OK if nothing is matched.
|
|
#
|
|
# As with all security settings, it is better to start too restrictive and then ease off depending on
|
|
# your use case, than to start too permissive and try to close the stable door after the horse has
|
|
# already bolted. With this in mind:
|
|
# - Don't touch these settings unless you have a good reason to, and only if you know what you're doing.
|
|
# - When adding explicitly allowed exceptions, use the narrowest possible CIDR for your use case.
|
|
#
|
|
# For reserved / special ranges, see:
|
|
# - https://www.iana.org/assignments/iana-ipv4-special-registry/iana-ipv4-special-registry.xhtml
|
|
# - https://www.iana.org/assignments/iana-ipv6-special-registry/iana-ipv6-special-registry.xhtml
|
|
#
|
|
# Both allow-ips and block-ips default to an empty array.
|
|
allow-ips: []
|
|
block-ips: []
|
|
|
|
# Bool. Disable verification of TLS certificates of remote servers.
|
|
# With this set to 'true', GoToSocial will not error when a remote
|
|
# server presents an invalid or self-signed certificate.
|
|
#
|
|
# THIS SETTING SHOULD BE USED FOR TESTING ONLY! IF YOU TURN THIS
|
|
# ON WHILE RUNNING IN PRODUCTION YOU ARE LEAVING YOUR SERVER WIDE
|
|
# OPEN TO MAN IN THE MIDDLE ATTACKS! DO NOT CHANGE THIS SETTING
|
|
# UNLESS YOU KNOW EXACTLY WHAT YOU'RE DOING AND WHY YOU'RE DOING IT.
|
|
#
|
|
# Default: false
|
|
tls-insecure-skip-verify: false
|
|
|
|
#############################
|
|
##### ADVANCED SETTINGS #####
|
|
#############################
|
|
|
|
# Advanced settings pertaining to http timeouts, security, cookies, and more.
|
|
#
|
|
# ONLY ADJUST THESE SETTINGS IF YOU KNOW WHAT YOU ARE DOING!
|
|
#
|
|
# Most users will not need to (and should not) touch these settings, since
|
|
# they are set to sensible defaults, and may break if they are changed.
|
|
#
|
|
# Nevertheless, they are provided for the sake of allowing server admins to
|
|
# tweak their instance for performance or security reasons.
|
|
|
|
# String. Value of the SameSite attribute of cookies set by GoToSocial.
|
|
# Defaults to 'lax' to ensure that the OIDC flow does not break, which is
|
|
# fine in most cases. If you want to harden your instance against CSRF attacks
|
|
# and don't mind if some login-related things might break, you can set this
|
|
# to 'strict' instead.
|
|
#
|
|
# For an overview of what this does, see:
|
|
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
|
|
#
|
|
# Options: ["lax", "strict"]
|
|
# Default: "lax"
|
|
advanced-cookies-samesite: "lax"
|
|
|
|
# Int. Amount of requests to permit per router grouping from a single IP address within
|
|
# a span of 5 minutes. If this amount is exceeded, a 429 HTTP error code will be returned.
|
|
#
|
|
# If you find yourself adjusting this limit because it's regularly being exceeded,
|
|
# you should first verify that your settings for `trusted-proxies` (above) are correct.
|
|
# In many cases, when the rate limit is exceeded it is because your instance sees all
|
|
# incoming requests as coming from the *same IP address* (you can verify this by looking
|
|
# at the client IPs in your instance logs). If this is the case, try adding that IP
|
|
# address to your `trusted-proxies` *BEFORE* you go adjusting this rate limit setting!
|
|
#
|
|
# If you set this to 0 or less, rate limiting will be disabled entirely.
|
|
#
|
|
# Examples: [1000, 500, 0]
|
|
# Default: 300
|
|
advanced-rate-limit-requests: 300
|
|
|
|
# Array of string. CIDRs to except from rate limit restrictions.
|
|
# Any IPs inside the CIDR range(s) will not have rate limiting
|
|
# applied on their requests, and rate limit headers will not be
|
|
# set for those requests.
|
|
#
|
|
# This can be useful in the following example cases (and probably
|
|
# a bunch of others as well):
|
|
#
|
|
# 1. You've set up an automated service that uses the API, and
|
|
# it keeps getting rate limited, even though you trust it's
|
|
# not abusing the instance.
|
|
#
|
|
# 2. You live with multiple people who use the same instance,
|
|
# and you're all using the same router/NAT, so you all have
|
|
# the same IP address, and you keep rate limiting each other.
|
|
#
|
|
# 3. You mostly use your own home internet to access your instance,
|
|
# and you want to exempt your home internet from rate limiting.
|
|
#
|
|
# You should be careful when adjusting this setting, since you
|
|
# might inadvertently make rate limiting useless if you set too
|
|
# wide a range. If in doubt, be too restrictive rather than too
|
|
# lenient, and adjust as you go.
|
|
#
|
|
# Example: ["192.168.0.0/16"]
|
|
# Default: []
|
|
advanced-rate-limit-exceptions: []
|
|
|
|
# Int. Amount of open requests to permit per CPU, per router grouping, before applying http
|
|
# request throttling. Any requests beyond the calculated limit are held in a backlog queue for
|
|
# up to 30 seconds before either being processed or timing out. Requests that don't fit in the backlog
|
|
# queue will have status 503 returned to them, and the header 'Retry-After' will be set to 30 seconds.
|
|
#
|
|
# Open request limit is available CPUs * multiplier; backlog queue limit is limit * multiplier.
|
|
#
|
|
# Example values for multiplier 8:
|
|
#
|
|
# 1 cpu = 08 open, 064 backlog
|
|
# 2 cpu = 16 open, 128 backlog
|
|
# 4 cpu = 32 open, 256 backlog
|
|
#
|
|
# Example values for multiplier 4:
|
|
#
|
|
# 1 cpu = 04 open, 016 backlog
|
|
# 2 cpu = 08 open, 032 backlog
|
|
# 4 cpu = 16 open, 064 backlog
|
|
#
|
|
# A multiplier of 8 is a sensible default, but you may wish to increase this for instances
|
|
# running on very performant hardware, or decrease it for instances using v. slow CPUs.
|
|
#
|
|
# If you set this to 0 or less, http request throttling will be disabled entirely.
|
|
#
|
|
# Examples: [8, 4, 9, 0]
|
|
# Default: 8
|
|
advanced-throttling-multiplier: 8
|
|
|
|
# Duration. Time period to use as the "retry-after" header value in response to throttled requests.
|
|
# Minimum resolution is 1 second.
|
|
#
|
|
# Examples: [30s, 10s, 5s, 1m]
|
|
# Default: "30s"
|
|
advanced-throttling-retry-after: "30s"
|
|
|
|
# Int. CPU multiplier for the amount of goroutines to spawn in order to send messages via ActivityPub.
|
|
# Messages will be batched so that at most multiplier * CPU count messages will be sent out at once.
|
|
# This can be tuned to limit concurrent POSTing to remote inboxes, preventing your instance CPU
|
|
# usage from skyrocketing when an account with many followers posts a new status.
|
|
#
|
|
# Messages are split among available senders, and each sender processes its assigned messages in serial.
|
|
# For example, say a user with 1000 followers is on an instance with 2 CPUs. With the default multiplier
|
|
# of 2, this means 4 senders would be in process at once on this instance. When the user creates a new post,
|
|
# each sender would end up iterating through about 250 Create messages + delivering them to remote instances.
|
|
#
|
|
# If you set this to 0 or less, only 1 sender will be used regardless of CPU count. This may be
|
|
# useful in cases where you are working with very tight network or CPU constraints.
|
|
#
|
|
# Example values for multiplier 2 (default):
|
|
#
|
|
# 1 cpu = 2 concurrent senders
|
|
# 2 cpu = 4 concurrent senders
|
|
# 4 cpu = 8 concurrent senders
|
|
#
|
|
# Example values for multiplier 4:
|
|
#
|
|
# 1 cpu = 4 concurrent senders
|
|
# 2 cpu = 8 concurrent senders
|
|
# 4 cpu = 16 concurrent senders
|
|
#
|
|
# Example values for multiplier <1:
|
|
#
|
|
# 1 cpu = 1 concurrent sender
|
|
# 2 cpu = 1 concurrent sender
|
|
# 4 cpu = 1 concurrent sender
|
|
advanced-sender-multiplier: 2
|
|
|
|
# Array of string. Extra URIs to add to 'img-src' and 'media-src'
|
|
# when building the Content-Security-Policy header for your instance.
|
|
#
|
|
# This can be used to allow the browser to load resources from additional
|
|
# sources like S3 buckets and so on when viewing your instance's pages
|
|
# and profiles in the browser.
|
|
#
|
|
# Since non-proxying S3 storage will be probed on instance launch to
|
|
# generate a correct Content-Security-Policy, you probably won't need
|
|
# to ever touch this setting, but it's included in the 'spirit of more
|
|
# configurable (usually) means more good'.
|
|
#
|
|
# See: https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP
|
|
#
|
|
# Example: ["s3.example.org", "some-bucket-name.s3.example.org"]
|
|
# Default: []
|
|
advanced-csp-extra-uris: []
|