pleroma/docs/config.md
Ekaterina Vaartis 336e37d98f Make captcha (kocaptcha) stateless
Also rename seconds_retained to seconds_valid since that's how it is
now. Put it down from 180 to 20 seconds. The answer data is now
stored in an encrypted text transfered to the client and back, so no
ETS is needed
2018-12-21 09:55:47 +03:00

9.7 KiB
Raw Blame History

Configuration

This file describe the configuration, it is recommended to edit the relevant *.secret.exs file instead of the others founds in the config directory. If you run Pleroma with MIX_ENV=prod the file is prod.secret.exs, otherwise it is dev.secret.exs.

Pleroma.Upload

  • uploader: Select which Pleroma.Uploaders to use
  • filters: List of Pleroma.Upload.Filter to use.
  • base_url: The base URL to access a user-uploaded file. Useful when you want to proxy the media files via another host.
  • proxy_remote: If you're using a remote uploader, Pleroma will proxy media requests instead of redirecting to it.
  • proxy_opts: Proxy options, see Pleroma.ReverseProxy documentation.

Note: strip_exif has been replaced by Pleroma.Upload.Filter.Mogrify.

Pleroma.Uploaders.Local

  • uploads: Which directory to store the user-uploads in, relative to pleromas working directory

Pleroma.Upload.Filter.Mogrify

  • args: List of actions for the mogrify command like "strip" or ["strip", {"impode", "1"}].

Pleroma.Upload.Filter.Dedupe

No specific configuration.

Pleroma.Upload.Filter.AnonymizeFilename

This filter replaces the filename (not the path) of an upload. For complete obfuscation, add Pleroma.Upload.Filter.Dedupe before AnonymizeFilename.

  • text: Text to replace filenames in links. If empty, {random}.extension will be used.

Pleroma.Mailer

  • adapter: one of the mail adapters listed in Swoosh readme, or Swoosh.Adapters.Local for in-memory mailbox.
  • api_key / password and / or other adapter-specific settings, per the above documentation.

An example for Sendgrid adapter:

config :pleroma, Pleroma.Mailer,
  adapter: Swoosh.Adapters.Sendgrid,
  api_key: "YOUR_API_KEY"

An example for SMTP adapter:

config :pleroma, Pleroma.Mailer,
  adapter: Swoosh.Adapters.SMTP,
  relay: "smtp.gmail.com",
  username: "YOUR_USERNAME@gmail.com",
  password: "YOUR_SMTP_PASSWORD",
  port: 465,
  ssl: true,
  tls: :always,
  auth: :always

:uri_schemes

  • valid_schemes: List of the scheme part that is considered valid to be an URL

:instance

  • name: The instances name
  • email: Email used to reach an Administrator/Moderator of the instance
  • description: The instances description, can be seen in nodeinfo and /api/v1/instance
  • limit: Posts character limit (CW/Subject included in the counter)
  • upload_limit: File size limit of uploads (except for avatar, background, banner)
  • avatar_upload_limit: File size limit of users profile avatars
  • background_upload_limit: File size limit of users profile backgrounds
  • banner_upload_limit: File size limit of users profile banners
  • registrations_open: Enable registrations for anyone, invitations can be enabled when false.
  • invites_enabled: Enable user invitations for admins (depends on registrations_open: false).
  • account_activation_required: Require users to confirm their emails before signing in.
  • federating: Enable federation with other instances
  • allow_relay: Enable Pleromas Relay, which makes it possible to follow a whole instance
  • rewrite_policy: Message Rewrite Policy, either one or a list. Here are the ones available by default:
    • Pleroma.Web.ActivityPub.MRF.NoOpPolicy: Doesnt modify activities (default)
    • Pleroma.Web.ActivityPub.MRF.DropPolicy: Drops all activities. It generally doesnt makes sense to use in production
    • Pleroma.Web.ActivityPub.MRF.SimplePolicy: Restrict the visibility of activities from certains instances (See :mrf_simple section)
    • Pleroma.Web.ActivityPub.MRF.RejectNonPublic: Drops posts with non-public visibility settings (See :mrf_rejectnonpublic section)
    • Pleroma.Web.ActivityPub.MRF.EnsureRePrepended: Rewrites posts to ensure that replies to posts with subjects do not have an identical subject and instead begin with re:.
  • public: Makes the client API in authentificated mode-only except for user-profiles. Useful for disabling the Local Timeline and The Whole Known Network.
  • quarantined_instances: List of ActivityPub instances where private(DMs, followers-only) activities will not be send.
  • managed_config: Whenether the config for pleroma-fe is configured in this config or in static/config.json
  • allowed_post_formats: MIME-type list of formats allowed to be posted (transformed into HTML)
  • finmoji_enabled: Whenether to enable the finmojis in the custom emojis.
  • mrf_transparency: Make the content of your Message Rewrite Facility settings public (via nodeinfo).
  • scope_copy: Copy the scope (private/unlisted/public) in replies to posts by default.
  • subject_line_behavior: Allows changing the default behaviour of subject lines in replies. Valid values:
    • "email": Copy and preprend re:, as in email.
    • "masto": Copy verbatim, as in Mastodon.
    • "noop": Don't copy the subject.
  • always_show_subject_input: When set to false, auto-hide the subject field when it's empty.
  • extended_nickname_format: Set to true to use extended local nicknames format (allows underscores/dashes). This will break federation with older software for theses nicknames.

:fe

This section is used to configure Pleroma-FE, unless :managed_config in :instance is set to false.

  • theme: Which theme to use, they are defined in styles.json
  • logo: URL of the logo, defaults to Pleromas logo
  • logo_mask: Whenether to mask the logo
  • logo_margin: What margin to use around the logo
  • background: URL of the background, unless viewing a user profile with a background that is set
  • redirect_root_no_login: relative URL which indicates where to redirect when a user isnt logged in.
  • redirect_root_login: relative URL which indicates where to redirect when a user is logged in.
  • show_instance_panel: Whenether to show the instances specific panel.
  • scope_options_enabled: Enable setting an notice visibility and subject/CW when posting
  • formatting_options_enabled: Enable setting a formatting different than plain-text (ie. HTML, Markdown) when posting, relates to :instance, allowed_post_formats
  • collapse_message_with_subjects: When a message has a subject(aka Content Warning), collapse it by default
  • hide_post_stats: Hide notices statistics(repeats, favorites, …)
  • hide_user_stats: Hide profile statistics(posts, posts per day, followers, followings, …)

:mrf_simple

  • media_removal: List of instances to remove medias from
  • media_nsfw: List of instances to put medias as NSFW(sensitive) from
  • federated_timeline_removal: List of instances to remove from Federated (aka The Whole Known Network) Timeline
  • reject: List of instances to reject any activities from
  • accept: List of instances to accept any activities from

:mrf_rejectnonpublic

  • allow_followersonly: whether to allow followers-only posts
  • allow_direct: whether to allow direct messages

:media_proxy

  • enabled: Enables proxying of remote media to the instances proxy
  • base_url: The base URL to access a user-uploaded file. Useful when you want to proxy the media files via another host/CDN fronts.
  • proxy_opts: All options defined in Pleroma.ReverseProxy documentation, defaults to [max_body_length: (25*1_048_576)].

:gopher

  • enabled: Enables the gopher interface
  • ip: IP address to bind to
  • port: Port to bind to

:activitypub

  • accept_blocks: Whether to accept incoming block activities from other instances
  • unfollow_blocked: Whether blocks result in people getting unfollowed
  • outgoing_blocks: Whether to federate blocks to other instances
  • deny_follow_blocked: Whether to disallow following an account that has blocked the user in question

:http_security

  • enabled: Whether the managed content security policy is enabled
  • sts: Whether to additionally send a Strict-Transport-Security header
  • sts_max_age: The maximum age for the Strict-Transport-Security header if sent
  • ct_max_age: The maximum age for the Expect-CT header if sent
  • referrer_policy: The referrer policy to use, either "same-origin" or "no-referrer".

:mrf_user_allowlist

The keys in this section are the domain names that the policy should apply to. Each key should be assigned a list of users that should be allowed through by their ActivityPub ID.

An example:

config :pleroma, :mrf_user_allowlist,
  "example.org": ["https://example.org/users/admin"]

:web_push_encryption, :vapid_details

Web Push Notifications configuration. You can use the mix task mix web_push.gen.keypair to generate it.

  • subject: a mailto link for the administrative contact. Its best if this email is not a personal email address, but rather a group email so that if a person leaves an organization, is unavailable for an extended period, or otherwise cant respond, someone else on the list can.
  • public_key: VAPID public key
  • private_key: VAPID private key

Pleroma.Captcha

  • enabled: Whether the captcha should be shown on registration
  • method: The method/service to use for captcha
  • seconds_valid: The time in seconds for which the captcha is valid

Pleroma.Captcha.Kocaptcha

Kocaptcha is a very simple captcha service with a single API endpoint, the source code is here: https://github.com/koto-bank/kocaptcha. The default endpoint https://captcha.kotobank.ch is hosted by the developer.

  • endpoint: the kocaptcha endpoint to use

:admin_token

Allows to set a token that can be used to authenticate with the admin api without using an actual user by giving it as the 'admin_token' parameter. Example:

config :pleroma, :admin_token, "somerandomtoken"

You can then do

curl "http://localhost:4000/api/pleroma/admin/invite_token?admin_token=somerandomtoken"