chore(gts): upgrade GTS to v0.7.1

- Upgrade GTS to v0.7.1.
- Update GTS configuration to align with the 0.7.x releases.

config

@@ -1 +1 @@
-Subproject commit 9d75346be36d2a0384ad3be44dc4ebc06dbff5ce
+Subproject commit 7febd989d2b8c0e099cd19a40254bb55c8db6d76

templates/gotosocial/config.yaml.gotmpl

@@ -34,6 +34,10 @@ log-db-queries: false
 # Examples: ["My Application","gotosocial"]
 # Default: "gotosocial"
 application-name: "{{ .GoToSocial.Name }}"
+# String. The user that will be shown instead of the landing page. if no user is set, the landing page will be shown.
+# Examples: "admin"
+# Default: ""
+landing-page-user: "dan"
 
 # String. Hostname that this server will be reachable at. Defaults to localhost for local testing,
 # but you should *definitely* change this when running for real, or your server won't work at all.
@@ -45,11 +49,18 @@ host: "{{ .GoToSocial.Subdomain }}.{{ .RootDomain }}"
 # String. Domain to use when federating profiles. This is useful when you want your server to be at
 # eg., "gts.example.org", but you want the domain on accounts to be "example.org" because it looks better
 # or is just shorter/easier to remember.
+#
 # To make this setting work properly, you need to redirect requests at "example.org/.well-known/webfinger"
 # to "gts.example.org/.well-known/webfinger" so that GtS can handle them properly.
+#
 # You should also redirect requests at "example.org/.well-known/nodeinfo" in the same way.
 # An empty string (ie., not set) means that the same value as 'host' will be used.
+#
 # DO NOT change this after your server has already run once, or you will break things!
+#
+# Please read the appropriate section of the installation guide before you go messing around with this setting:
+# https://docs.gotosocial.org/installation_guide/advanced/#can-i-host-my-instance-at-fediexampleorg-but-have-just-exampleorg-in-my-username
+#
 # Examples: ["example.org","server.com"]
 # Default: ""
 account-domain: ""
@@ -64,9 +75,11 @@ protocol: "https"
 
 # String. Address to bind the GoToSocial server to.
 # This can be an IPv4 address or an IPv6 address (surrounded in square brackets), or a hostname.
-# Default value will bind to all interfaces.
+# The default value will bind to all interfaces, which makes the server
-# You probably won't need to change this unless you're setting GoToSocial up in some fancy way or
+# accessible by other machines. For most setups there is no need to change this.
-# you have specific networking requirements.
+# If you are using GoToSocial in a reverse proxy setup with the proxy running on
+# the same machine, you will want to set this to "localhost" or an equivalent,
+# so that the proxy can't be bypassed.
 # Examples: ["0.0.0.0", "172.128.0.16", "localhost", "[::]", "[2001:db8::fed1]"]
 # Default: "0.0.0.0"
 bind-address: "{{ .GoToSocial.ContainerIpv4Address }}"
@@ -149,6 +162,125 @@ db-tls-mode: "disable"
 # Default: ""
 db-tls-ca-cert: ""
 
+# Int. Number to multiply by CPU count to set permitted total of open database connections (in-use and idle).
+# You can use this setting to tune your database connection behavior, though most admins won't need to touch it.
+#
+# Example values for multiplier 8:
+#
+# 1 cpu = 08 open connections
+# 2 cpu = 16 open connections
+# 4 cpu = 32 open connections
+#
+# Example values for multiplier 4:
+#
+# 1 cpu = 04 open connections
+# 2 cpu = 08 open connections
+# 4 cpu = 16 open connections
+#
+# A multiplier of 8 is a sensible default, but you may wish to increase this for instances
+# running on very performant hardware, or decrease it for instances using v. slow CPUs.
+#
+# If you set the multiplier to less than 1, only one open connection will be used regardless of cpu count.
+#
+# PLEASE NOTE!!: This setting currently only applies for Postgres. SQLite will always use 1 connection regardless
+# of what is set here. This behavior will change in future when we implement better SQLITE_BUSY handling.
+# See https://github.com/superseriousbusiness/gotosocial/issues/1407 for more details.
+#
+# Examples: [16, 8, 10, 2]
+# Default: 8
+db-max-open-conns-multiplier: 8
+
+# String. SQLite journaling mode.
+# SQLite only -- unused otherwise.
+# If set to empty string, the sqlite default will be used.
+# See: https://www.sqlite.org/pragma.html#pragma_journal_mode
+# Examples: ["DELETE", "TRUNCATE", "PERSIST", "MEMORY", "WAL", "OFF"]
+# Default: "WAL"
+db-sqlite-journal-mode: "WAL"
+
+# String. SQLite synchronous mode.
+# SQLite only -- unused otherwise.
+# If set to empty string, the sqlite default will be used.
+# See: https://www.sqlite.org/pragma.html#pragma_synchronous
+# Examples: ["OFF", "NORMAL", "FULL", "EXTRA"]
+# Default: "NORMAL"
+db-sqlite-synchronous: "NORMAL"
+
+# Byte size. SQlite cache size.
+# SQLite only -- unused otherwise.
+# If set to empty string or zero, the sqlite default (2MiB) will be used.
+# See: https://www.sqlite.org/pragma.html#pragma_cache_size
+# Examples: ["0", "2MiB", "8MiB", "64MiB"]
+# Default: "8MiB"
+db-sqlite-cache-size: "8MiB"
+
+# Duration. SQlite busy timeout.
+# SQLite only -- unused otherwise.
+# If set to empty string or zero, the sqlite default will be used.
+# See: https://www.sqlite.org/pragma.html#pragma_busy_timeout
+# Examples: ["0s", "1s", "30s", "1m", "5m"]
+# Default: "5s"
+db-sqlite-busy-timeout: "5m"
+
+cache:
+  gts:
+    ###########################
+    #### DATABASE CACHES ######
+    ###########################
+    #
+    # Database cache configuration:
+    #
+    # Allows configuration of caches used
+    # when loading GTS models from the database.
+    #
+    # max-size   = maximum cached objects count
+    # ttl        = cached object lifetime
+    # sweep-freq = frequency to look for stale cache objects
+
+    account-max-size: 100
+    account-ttl: "5m"
+    account-sweep-freq: "10s"
+
+    block-max-size: 100
+    block-ttl: "5m"
+    block-sweep-freq: "10s"
+
+    domain-block-max-size: 1000
+    domain-block-ttl: "24h"
+    domain-block-sweep-freq: "1m"
+
+    emoji-max-size: 500
+    emoji-ttl: "5m"
+    emoji-sweep-freq: "10s"
+
+    emoji-category-max-size: 100
+    emoji-category-ttl: "5m"
+    emoji-category-sweep-freq: "10s"
+
+    mention-max-size: 500
+    mention-ttl: "5m"
+    mention-sweep-freq: "10s"
+
+    notification-max-size: 500
+    notification-ttl: "5m"
+    notification-sweep-freq: "10s"
+
+    report-max-size: 100
+    report-ttl: "5m"
+    report-sweep-freq: "10s"
+
+    status-max-size: 500
+    status-ttl: "5m"
+    status-sweep-freq: "10s"
+
+    tombstone-max-size: 100
+    tombstone-ttl: "5m"
+    tombstone-sweep-freq: "10s"
+
+    user-max-size: 100
+    user-ttl: "5m"
+    user-sweep-freq: "10s"
+
 ######################
 ##### WEB CONFIG #####
 ######################
@@ -186,6 +318,19 @@ instance-expose-peers: false
 # Default: false
 instance-expose-suspended: false
 
+# Bool. Allow unauthenticated users to view /about/suspended,
+# showing the HTML rendered list of instances that this instance blocks/suspends.
+# Options: [true, false]
+# Default: false
+instance-expose-suspended-web: false
+
+# Bool. Allow unauthenticated users to make queries to /api/v1/timelines/public in order
+# to see a list of public posts on this server. Even if set to 'false', then authenticated
+# users (members of the instance) will still be able to query the endpoint.
+# Options: [true, false]
+# Default: false
+instance-expose-public-timeline: false
+
 # Bool. This flag tweaks whether GoToSocial will deliver ActivityPub messages
 # to the shared inbox of a recipient, if one is available, instead of delivering
 # each message to each actor who should receive a message individually.
@@ -311,9 +456,22 @@ storage-local-base-path: "{{ .GoToSocial.DataContainerDirectory }}/storage"
 # String. API endpoint of the S3 compatible service.
 # Only required when running with the s3 storage backend.
 # Examples: ["minio:9000", "s3.nl-ams.scw.cloud", "s3.us-west-002.backblazeb2.com"]
+# GoToSocial uses "DNS-style" when accessing buckets. 
+# If you are using Scaleways object storage, please remove the "bucket name" from the endpoint address
 # Default: ""
 storage-s3-endpoint: ""
 
+# Bool. If data stored in S3 should be proxied through GoToSocial instead of redirecting to a presigned URL.
+#
+# Default: false
+storage-s3-proxy: false
+# Bool. Use SSL for S3 connections.
+#
+# Only set this to 'false' when testing locally.
+#
+# Default: true
+storage-s3-use-ssl: true
+
 # String. Access key part of the S3 credentials.
 # Consider setting this value using environment variables to avoid leaking it via the config file
 # Only required when running with the s3 storage backend.
@@ -460,10 +618,17 @@ oidc-client-secret: ""
 # Examples: See eg., https://auth0.com/docs/scopes/openid-connect-scopes
 # Default: ["openid", "email", "profile", "groups"]
 oidc-scopes:
-- "openid"
+  - "openid"
-- "email"
+  - "email"
-- "profile"
+  - "profile"
-- "groups"
+  - "groups"
+
+# Bool. Link OIDC authenticated users to existing ones based on their email address.
+# This is mostly intended for migration purposes if you were running previous versions of GTS
+# which only correlated users with their email address. Should be set to false for most usecases.
+# Options: [true, false]
+# Default: false
+oidc-link-existing: false
 
 #######################
 ##### SMTP CONFIG #####
@@ -525,6 +690,15 @@ syslog-protocol: "udp"
 # Default: "localhost:514"
 syslog-address: "localhost:514"
 
+##################################
+##### OBSERVABILITY SETTINGS #####
+##################################
+
+# String. Header name to use to extract a request or trace ID from. Typically set by a
+# loadbalancer or proxy.
+# Default: "X-Request-Id"
+request-id-header: "X-Request-Id"
+
 #############################
 ##### ADVANCED SETTINGS #####
 #############################
@@ -551,3 +725,54 @@ syslog-address: "localhost:514"
 # Options: ["lax", "strict"]
 # Default: "lax"
 advanced-cookies-samesite: "lax"
+
+# Int. Amount of requests to permit per router grouping from a single IP address within
+# a span of 5 minutes. If this amount is exceeded, a 429 HTTP error code will be returned.
+#
+# If you find yourself adjusting this limit because it's regularly being exceeded,
+# you should first verify that your settings for `trusted-proxies` (above) are correct.
+# In many cases, when the rate limit is exceeded it is because your instance sees all
+# incoming requests as coming from the *same IP address* (you can verify this by looking
+# at the client IPs in your instance logs). If this is the case, try adding that IP
+# address to your `trusted-proxies` *BEFORE* you go adjusting this rate limit setting!
+#
+# If you set this to 0 or less, rate limiting will be disabled entirely.
+#
+# Examples: [1000, 500, 0]
+# Default: 300
+advanced-rate-limit-requests: 300
+
+# Int. Amount of open requests to permit per CPU, per router grouping, before applying http
+# request throttling. Any requests beyond the calculated limit are held in a backlog queue for
+# up to 30 seconds before either being processed or timing out. Requests that don't fit in the backlog
+# queue will have status 503 returned to them, and the header 'Retry-After' will be set to 30 seconds.
+#
+# Open request limit is available CPUs * multiplier; backlog queue limit is limit * multiplier.
+#
+# Example values for multiplier 8:
+#
+# 1 cpu = 08 open, 064 backlog
+# 2 cpu = 16 open, 128 backlog
+# 4 cpu = 32 open, 256 backlog
+#
+# Example values for multiplier 4:
+#
+# 1 cpu = 04 open, 016 backlog
+# 2 cpu = 08 open, 032 backlog
+# 4 cpu = 16 open, 064 backlog
+#
+# A multiplier of 8 is a sensible default, but you may wish to increase this for instances
+# running on very performant hardware, or decrease it for instances using v. slow CPUs.
+#
+# If you set this to 0 or less, http request throttling will be disabled entirely.
+#
+# Examples: [8, 4, 9, 0]
+# Default: 8
+advanced-throttling-multiplier: 8
+
+# Duration. Time period to use as the "retry-after" header value in response to throttled requests.
+# Minimum resolution is 1 second.
+#
+# Examples: [30s, 10s, 5s, 1m]
+# Default: 30s
+advanced-throttling-retry-after: "30s"