diff --git a/config b/config index 4d405dc..12990fc 160000 --- a/config +++ b/config @@ -1 +1 @@ -Subproject commit 4d405dcd2ddf6598c13bbdbc3a82590f4c26d0a8 +Subproject commit 12990fc1ed88499a55d8b3656828236be2b736ff diff --git a/templates/gotosocial/config.yaml.gotmpl b/templates/gotosocial/config.yaml.gotmpl index 80512e2..88bc929 100644 --- a/templates/gotosocial/config.yaml.gotmpl +++ b/templates/gotosocial/config.yaml.gotmpl @@ -230,8 +230,8 @@ db-sqlite-cache-size: "8MiB" # If set to empty string or zero, the sqlite default will be used. # See: https://www.sqlite.org/pragma.html#pragma_busy_timeout # Examples: ["0s", "1s", "30s", "1m", "5m"] -# Default: "5s" -db-sqlite-busy-timeout: "5m" +# Default: "30m" +db-sqlite-busy-timeout: "30m" cache: # Cache configuration options: @@ -264,7 +264,7 @@ cache: account-ttl: "30m" account-sweep-freq: "1m" - block-max-size: 100 + block-max-size: 1000 block-ttl: "30m" block-sweep-freq: "1m" @@ -288,6 +288,18 @@ cache: follow-request-ttl: "30m" follow-request-sweep-freq: "1m" + instance-max-size: 2000 + instance-ttl: "30m" + instance-sweep-freq: "1m" + + list-max-size: 2000 + list-ttl: "30m" + list-sweep-freq: "1m" + + list-entry-max-size: 2000 + list-entry-ttl: "30m" + list-entry-sweep-freq: "1m" + media-max-size: 1000 media-ttl: "30m" media-sweep-freq: "1m" @@ -322,7 +334,7 @@ cache: webfinger-max-size: 250 webfinger-ttl: "24h" - webfinger-sweep-freq: "1m" + webfinger-sweep-freq: "15m" ###################### ##### WEB CONFIG ##### @@ -424,6 +436,13 @@ accounts-reason-required: true # Default: false accounts-allow-custom-css: {{ .GoToSocial.AccountsAllowCustomCss }} +# Int. If accounts-allow-custom-css is true, this is the permitted length in characters for +# CSS uploaded by accounts on this instance. No effect if accounts-allow-custom-css is false. +# +# Examples: [500, 5000, 9999] +# Default: 10000 +accounts-custom-css-length: 10000 + ######################## ##### MEDIA CONFIG ##### ######################## @@ -474,7 +493,7 @@ media-emoji-local-max-size: 51200 # This strikes a good balance between decent interoperability with instances that have # higher emoji size limits, and not taking up too much space in storage. # Examples: [51200, 102400] -# Default: 51200 +# Default: 102400 media-emoji-remote-max-size: 102400 ########################## @@ -508,6 +527,7 @@ storage-s3-endpoint: "" # # Default: false storage-s3-proxy: false + # Bool. Use SSL for S3 connections. # # Only set this to 'false' when testing locally. @@ -521,12 +541,14 @@ storage-s3-use-ssl: true # Examples: ["AKIAJSIE27KKMHXI3BJQ","miniouser"] # Default: "" storage-s3-access-key: "" + # String. Secret key part of the S3 credentials. # Consider setting this value using environment variables to avoid leaking it via the config file # Only required when running with the s3 storage backend. # Examples: ["5bEYu26084qjSFyclM/f2pz4gviSfoOg+mFwBH39","miniopassword"] # Default: "" storage-s3-secret-key: "" + # String. Name of the storage bucket. # # If you have already encoded your bucket name in the storage-s3-endpoint, this @@ -759,7 +781,7 @@ syslog-enabled: false # String. Protocol to use when directing logs to syslog. Leave empty to connect to local syslog. # Options: ["udp", "tcp", ""] -# Default: "tcp" +# Default: "udp" syslog-protocol: "udp" # String. Address:port to send syslog logs to. Leave empty to connect to local syslog. @@ -797,6 +819,57 @@ tracing-endpoint: "" # Default: false tracing-insecure-transport: false +################################ +##### HTTP CLIENT SETTINGS ##### +################################ + +# Settings for OUTGOING http client connections used by GoToSocial to make +# requests to remote resources (status GETs, media GETs, inbox POSTs, etc). + +http-client: + + # Duration. Timeout to use for outgoing HTTP requests. If the timeout + # is exceeded, the connection to the remote server will be dropped. + # A value of 0s indicates no timeout: this is not advised! + # Examples: ["5s", "10s", "0s"] + # Default: "10s" + timeout: "10s" + + ######################################## + #### RESERVED IP RANGE EXCEPTIONS ###### + ######################################## + # + # Explicitly allow or block outgoing dialing within the provided IPv4/v6 CIDR ranges. + # + # By default, as a basic security precaution, GoToSocial blocks outgoing dialing within most "special-purpose" + # IP ranges. However, it may be desirable for admins with more exotic setups (proxies, funky NAT, etc) to + # explicitly override one or more of these otherwise blocked ranges. + # + # Each of the below allow/block config options accepts an array of IPv4 and/or IPv6 CIDR strings. + # For example, to override the hardcoded block of IPv4 and IPv6 dialing to localhost, set: + # + # allow-ips: ["127.0.0.1/32", "::1/128"]. + # + # You can also use YAML multi-line arrays to define these, but be diligent with indentation. + # + # When dialing, GoToSocial will first check if the destination falls within explicitly allowed IP ranges, + # then explicitly blocked IP ranges, then the default (hardcoded) blocked IP ranges, returning OK on the + # first allowed match, not OK on the first blocked match, or just defaulting to OK if nothing is matched. + # + # As with all security settings, it is better to start too restrictive and then ease off depending on + # your use case, than to start too permissive and try to close the stable door after the horse has + # already bolted. With this in mind: + # - Don't touch these settings unless you have a good reason to, and only if you know what you're doing. + # - When adding explicitly allowed exceptions, use the narrowest possible CIDR for your use case. + # + # For reserved / special ranges, see: + # - https://www.iana.org/assignments/iana-ipv4-special-registry/iana-ipv4-special-registry.xhtml + # - https://www.iana.org/assignments/iana-ipv6-special-registry/iana-ipv6-special-registry.xhtml + # + # Both allow-ips and block-ips default to an empty array. + allow-ips: [] + block-ips: [] + ############################# ##### ADVANCED SETTINGS ##### ############################# @@ -872,5 +945,37 @@ advanced-throttling-multiplier: 8 # Minimum resolution is 1 second. # # Examples: [30s, 10s, 5s, 1m] -# Default: 30s +# Default: "30s" advanced-throttling-retry-after: "30s" + +# Int. CPU multiplier for the amount of goroutines to spawn in order to send messages via ActivityPub. +# Messages will be batched so that at most multiplier * CPU count messages will be sent out at once. +# This can be tuned to limit concurrent POSTing to remote inboxes, preventing your instance CPU +# usage from skyrocketing when an account with many followers posts a new status. +# +# Messages are split among available senders, and each sender processes its assigned messages in serial. +# For example, say a user with 1000 followers is on an instance with 2 CPUs. With the default multiplier +# of 2, this means 4 senders would be in process at once on this instance. When the user creates a new post, +# each sender would end up iterating through about 250 Create messages + delivering them to remote instances. +# +# If you set this to 0 or less, only 1 sender will be used regardless of CPU count. This may be +# useful in cases where you are working with very tight network or CPU constraints. +# +# Example values for multiplier 2 (default): +# +# 1 cpu = 2 concurrent senders +# 2 cpu = 4 concurrent senders +# 4 cpu = 8 concurrent senders +# +# Example values for multiplier 4: +# +# 1 cpu = 4 concurrent senders +# 2 cpu = 8 concurrent senders +# 4 cpu = 16 concurrent senders +# +# Example values for multiplier <1: +# +# 1 cpu = 1 concurrent sender +# 2 cpu = 1 concurrent sender +# 4 cpu = 1 concurrent sender +advanced-sender-multiplier: 2