2016-02-14 18:10:21 +09:00
|
|
|
# Values formatted like "_env:ENV_VAR_NAME:default_value" can be overridden by
|
|
|
|
# the specified environment variable. See the Yesod wiki, Configuration page.
|
2016-02-13 12:35:30 +09:00
|
|
|
|
2018-02-25 18:25:24 +09:00
|
|
|
###############################################################################
|
|
|
|
# HTTP server
|
|
|
|
###############################################################################
|
|
|
|
|
2016-02-14 18:10:21 +09:00
|
|
|
# any IPv4 host
|
|
|
|
host: "_env:HOST:*4"
|
|
|
|
|
|
|
|
# The port `yesod devel` uses is distinct from this value. Set the
|
|
|
|
# `yesod devel` port from the command line.
|
2016-03-05 12:56:25 +09:00
|
|
|
http-port: "_env:PORT:3000"
|
2016-02-14 18:10:21 +09:00
|
|
|
|
2016-02-13 12:35:30 +09:00
|
|
|
ip-from-header: "_env:IP_FROM_HEADER:false"
|
|
|
|
|
2019-03-17 02:15:31 +09:00
|
|
|
# The instance's host (e.g. "dev.angeley.es"). Used for determining which
|
|
|
|
# requests are federated and which are for this instance, and for generating
|
|
|
|
# URLs. The database relies on this value, and you shouldn't change it once
|
|
|
|
# you deploy an instance.
|
2019-10-22 17:26:49 +09:00
|
|
|
instance-host: "_env:INSTANCE_HOST:localhost"
|
2019-03-04 18:06:23 +09:00
|
|
|
|
2018-07-01 17:15:23 +09:00
|
|
|
# Encryption key file for encrypting the session cookie sent to clients
|
|
|
|
client-session-key: config/client_session_key.aes
|
|
|
|
|
|
|
|
# How much time after the last request it takes for the session cookie to
|
|
|
|
# expire
|
|
|
|
client-session-timeout:
|
|
|
|
amount: 2
|
|
|
|
unit: hours
|
|
|
|
|
2019-01-15 07:08:44 +09:00
|
|
|
# Maximal accepted time difference between request date and current time, when
|
|
|
|
# performing this check during HTTP signature verification
|
|
|
|
request-time-limit:
|
|
|
|
amount: 5
|
2019-01-19 10:06:09 +09:00
|
|
|
unit: minutes
|
2019-01-15 07:08:44 +09:00
|
|
|
|
|
|
|
# How often to generate a new actor key for HTTP-signing requests
|
|
|
|
actor-key-rotation:
|
|
|
|
amount: 1
|
2019-02-08 08:28:39 +09:00
|
|
|
unit: days
|
2019-01-15 07:08:44 +09:00
|
|
|
|
Improve the AP async HTTP delivery API and per-actor key support
New iteration of the ActivityPub delivery implementation and interface.
Advantages over previous interface:
* When sending a ByteString body, the sender is explicitly passed as a
parameter instead of JSON-parsing it out of the ByteString
* Clear 3 operations provided: Send, Resend and Forward
* Support for per-actor keys
* Actor-type-specific functions (e.g. deliverRemoteDB_D) removed
* Only the most high-level API is exposed to Activity handler code, making
handler code more concise and clear
Also added in this patch:
* Foundation for per-actor key support
* 1 key per actor allowed in DB
* Disabled C2S and S2S handlers now un-exported for clarity
* Audience and capability parsing automatically done for all C2S handlers
* Audience and activity composition automatically done for Vervis.Client
builder functions
Caveats:
* Actor documents still don't link to their per-actor keys; that should be the
last piece to complete per-actor key support
* No moderation and anti-spam tools yet
* Delivery API doesn't yet have good integration of persistence layer, e.g.
activity is separately encoded into bytestring for DB and for HTTP; this will
be improved in the next iteration
* Periodic delivery now done in 3 separate steps, running sequentially; it
simplifies the code, but may be changed for efficiency/robustness in the next
iterations
* Periodic delivery collects per-actor keys in a
1-DB-transaction-for-each-delivery fashion, rather than grabbing them in the
big Esqueleto query (or keeping the signed output in the DB; this isn't done
currently to allow for smooth actor key renewal)
* No support yet in the API for delivery where the actor key has already been
fetched, rather than doing a DB transaction to grab it; such support would be
just an optimization, so it's low-priority, but will be added in later
iterations
2022-10-13 01:50:11 +09:00
|
|
|
# Whether to use personal actor keys, or an instance-wide key
|
|
|
|
per-actor-keys: false
|
|
|
|
|
2018-02-25 18:25:24 +09:00
|
|
|
###############################################################################
|
|
|
|
# Development
|
|
|
|
###############################################################################
|
|
|
|
|
2016-02-13 12:35:30 +09:00
|
|
|
# Optional values with the following production defaults.
|
|
|
|
# In development, they default to the inverse.
|
|
|
|
#
|
|
|
|
# development: false
|
|
|
|
# detailed-logging: false
|
|
|
|
# should-log-all: false
|
|
|
|
# mutable-static: false
|
|
|
|
|
2018-05-26 19:27:05 +09:00
|
|
|
# load-font-from-lib-data: false
|
|
|
|
|
2018-02-25 18:25:24 +09:00
|
|
|
###############################################################################
|
|
|
|
# SQL database
|
|
|
|
###############################################################################
|
|
|
|
|
2016-02-14 18:10:21 +09:00
|
|
|
# If you need a numeric value (e.g. 123) to parse as a String, wrap it in
|
|
|
|
# single quotes (e.g. "_env:PGPASS:'123'"). See the Yesod wiki, Configuration
|
|
|
|
# page.
|
2016-02-13 12:35:30 +09:00
|
|
|
|
|
|
|
database:
|
2016-02-16 20:41:13 +09:00
|
|
|
user: "_env:PGUSER:vervis_dev"
|
|
|
|
password: "_env:PGPASS:vervis_dev_password"
|
2016-02-13 12:35:30 +09:00
|
|
|
host: "_env:PGHOST:localhost"
|
|
|
|
port: "_env:PGPORT:5432"
|
2016-02-16 20:41:13 +09:00
|
|
|
database: "_env:PGDATABASE:vervis_dev"
|
2016-02-13 12:35:30 +09:00
|
|
|
poolsize: "_env:PGPOOLSIZE:10"
|
|
|
|
|
2019-02-24 10:35:07 +09:00
|
|
|
max-instance-keys: 2
|
|
|
|
max-actor-keys: 2
|
|
|
|
|
2018-02-25 18:25:24 +09:00
|
|
|
###############################################################################
|
|
|
|
# Version control repositories
|
|
|
|
###############################################################################
|
|
|
|
|
2018-05-22 05:32:34 +09:00
|
|
|
repo-dir: repos
|
|
|
|
diff-context-lines: 5
|
2019-09-05 21:02:42 +09:00
|
|
|
#post-receive-hook: /home/joe/.local/bin/vervis-post-receive
|
2019-10-07 23:05:52 +09:00
|
|
|
#post-apply-hook: /home/joe/.local/bin/vervis-post-apply
|
2018-02-25 18:25:24 +09:00
|
|
|
|
|
|
|
###############################################################################
|
|
|
|
# SSH server
|
|
|
|
###############################################################################
|
|
|
|
|
2016-03-05 12:56:25 +09:00
|
|
|
ssh-port: 5022
|
2016-03-07 09:37:07 +09:00
|
|
|
ssh-key-file: config/ssh-host-key
|
2018-02-25 18:25:24 +09:00
|
|
|
|
|
|
|
###############################################################################
|
|
|
|
# Accounts
|
|
|
|
###############################################################################
|
|
|
|
|
2016-04-20 01:03:27 +09:00
|
|
|
registration: false
|
2016-07-28 06:46:48 +09:00
|
|
|
max-accounts: 3
|
2018-02-25 18:25:24 +09:00
|
|
|
|
2019-03-04 23:51:51 +09:00
|
|
|
# Whether to verify users' email addresses by sending them email with a
|
|
|
|
# verification link. If not set below, the default is not to verify in
|
|
|
|
# development, and to verify otherwise.
|
|
|
|
#email-verification: true
|
|
|
|
|
2018-02-25 18:25:24 +09:00
|
|
|
###############################################################################
|
|
|
|
# Mail
|
|
|
|
###############################################################################
|
|
|
|
|
|
|
|
# Optional SMTP server settings for sending email. If not provided, no email
|
|
|
|
# will be sent. The login field is optional, provide if you need SMTP
|
|
|
|
# authentication.
|
|
|
|
|
2018-03-04 06:33:59 +09:00
|
|
|
# mail:
|
|
|
|
# smtp:
|
|
|
|
# login:
|
|
|
|
# user: "_env:SMTPUSER:vervis_dev"
|
|
|
|
# password: "_env:SMTPPASS:vervis_dev_password"
|
|
|
|
# host: "_env:SMTPHOST:localhost"
|
|
|
|
# port: "_env:SMTPPORT:587"
|
|
|
|
# sender:
|
|
|
|
# name: "_env:SENDERNAME:vervis"
|
|
|
|
# email: "_env:SENDEREMAIL:vervis@vervis.vervis"
|
|
|
|
# allow-reply: false
|
2019-01-30 12:12:42 +09:00
|
|
|
|
|
|
|
###############################################################################
|
|
|
|
# Federation
|
|
|
|
###############################################################################
|
|
|
|
|
2019-03-25 09:17:24 +09:00
|
|
|
# Whether to support federation. This includes:
|
|
|
|
#
|
|
|
|
# * Accept activities from other servers in the inbox
|
|
|
|
# * Accept activities from users in the outbox
|
|
|
|
# * Deliver local activities to other servers
|
|
|
|
federation: false
|
|
|
|
|
2019-01-30 12:12:42 +09:00
|
|
|
# Signing key file for signing object capabilities sent to remote users
|
|
|
|
capability-signing-key: config/capability_signing_key
|
2019-02-09 06:54:22 +09:00
|
|
|
|
|
|
|
# Salt file for encoding and decoding hashids
|
|
|
|
hashids-salt-file: config/hashids_salt
|
2019-02-26 23:00:22 +09:00
|
|
|
|
|
|
|
# Whether to reject an HTTP signature when we want to insert a new key or usage
|
|
|
|
# record but reached the limit setting
|
|
|
|
reject-on-max-keys: true
|
2019-04-02 08:38:44 +09:00
|
|
|
|
|
|
|
# The duration of time during which a remote actor is unreachable and we
|
|
|
|
# periodically retry to deliver them activities. After that period of time, we
|
|
|
|
# stop trying to deliver and we remove them from follower lists of local
|
|
|
|
# actors.
|
|
|
|
drop-delivery-after:
|
|
|
|
amount: 25
|
|
|
|
unit: weeks
|
2019-04-18 19:38:01 +09:00
|
|
|
|
|
|
|
# How often to retry failed deliveries
|
|
|
|
retry-delivery-every:
|
|
|
|
amount: 1
|
|
|
|
unit: hours
|
2019-04-26 07:46:27 +09:00
|
|
|
|
|
|
|
# How many activities to remember in the debug report list, showing latest
|
|
|
|
# activities received in local inboxes and the result of their processing.
|
|
|
|
# 'null' means disable the report page entirely.
|
|
|
|
#activity-debug-reports: 10
|
2019-05-06 07:00:26 +09:00
|
|
|
|
|
|
|
# List of (hosts of) other known federating instances.
|
|
|
|
#instances: []
|
2019-05-28 03:30:48 +09:00
|
|
|
|
|
|
|
###############################################################################
|
|
|
|
# User interface
|
|
|
|
###############################################################################
|
|
|
|
|
|
|
|
# Default color scheme for syntax highlighing of code blocks inside rendered
|
|
|
|
# documents. The available styles are listed in the "Text.Pandoc.Highlighting"
|
|
|
|
# module documentation.
|
|
|
|
highlight-style: zenburn
|
2022-09-28 15:03:43 +09:00
|
|
|
|
|
|
|
# Color scheme to use for UI header, footer, links on pages etc., should help
|
|
|
|
# with visually identifying instances that may otherwise look very much alike.
|
|
|
|
# Any number is valid; the scheme is chosen via modulo the number of available
|
|
|
|
# schemes.
|
|
|
|
main-color: 0
|