diff --git a/roles/gotosocial/defaults/main.yml b/roles/gotosocial/defaults/main.yml index 62c9366..3104a9a 100644 --- a/roles/gotosocial/defaults/main.yml +++ b/roles/gotosocial/defaults/main.yml @@ -9,14 +9,122 @@ gotosocial_version: "0.12.0" gotosocial_release_url: | https://github.com/superseriousbusiness/gotosocial/releases/download/v{{ gotosocial_version }}/gotosocial_{{ gotosocial_version }}_linux_amd64.tar.gz -gotosocial_letsencrypt_enabled: false -# gotosocial_letsencrypt_email: admin@example.com # required if letsencrypt is enabled -# -gotosocial_http_port: 80 -gotosocial_https_port: 443 - gotosocial_admin_users: [] # gotosocial_admin_users: # - name: username # - email: example@example.com # - password: SECRET +# + +gotosocial_log_level: "info" +gotosocial_log_db_queries: false +gotosocial_log_client_ip: true +gotosocial_timestamp_format: "02/01/2006 15:04:05.000" +gotosocial_landing_page_user: "" +gotosocial_hostname: "" +gotosocial_account_domain: "" +gotosocial_protocol: "https" # 'https' or 'http' +gotosocial_bind_address: "0.0.0.0" +gotosocial_port: 8080 +gotosocial_trusted_proxies: ["127.0.0.1/32", "::1"] + + +gotosocial_db_type: "sqlite" # Either 'sqlite' or 'postgres' +gotosocial_db_address: "{{ gotosocial_base_dir }}/gotosocial.db" + +gotosocial_db_port: 5432 +gotosocial_db_user: "" +gotosocial_db_password: "" +gotosocial_db_database: "gotosocial" +gotosocial_db_tls_mode: "disable" # One of 'disable', 'enable' or 'required' +gotosocial_db_tls_ca_cert: "" +gotosocial_db_max_open_conns_multiplier: 8 + +# See: https://www.sqlite.org/pragma.html#pragma_journal_mode +gotosocial_db_sqlite_journal_mode: "WAL" +gotosocial_db_sqlite_synchronous: "NORMAL" +gotosocial_db_sqlite_cache_size: "8MiB" +gotosocial_db_sqlite_busy_timeout: "30m" + +gotosocial_cache_memory_target: "100MiB" + +gotosocial_federation_mode: "blocklist" # One of 'blocklist' or 'allowlist' +gotosocial_expose_peers: false +gotosocial_expose_suspended: false +gotosocial_expose_suspended_web: false +gotosocial_expose_public_timeline: false +gotosocial_deliver_to_shared_inboxes: true +gotosocial_inject_mastodon_version: false + +gotosocial_registration_open: true +gotosocial_accounts_approval_required: true +gotosocial_accounts_reason_required: true + +gotosocial_accounts_allow_custom_css: false +gotosocial_accounts_custom_css_length: 10000 + +gotosocial_media_image_max_size: 10485760 +gotosocial_media_video_max_size: 41943040 + +gotosocial_media_description_min_chars: 0 +gotosocial_media_description_max_chars: 500 + +gotosocial_media_remote_cache_days: 7 +gotosocial_media_emoji_local_max_size: 51200 +gotosocial_media_emoji_remote_max_size: 102400 + +gotosocial_storage_backend: "local" # One of 'local' or 's3' +gotosocial_storage_base_path: "{{ gotosocial_base_dir }}/storage" +gotosocial_storage_s3_endpoint: "" +gotosocial_storage_s3_proxy: false +gotosocial_storage_s3_use_ssl: true +gotosocial_storage_s3_access_key: "" +gotosocial_storage_s3_secret_key: "" +gotosocial_storage_s3_bucket: "" + +gotosocial_statuses_max_chars: 69420 +gotosocial_cw_max_chars: 100 +gotosocial_poll_max_options: 6 +gotosocial_poll_option_max_chars: 50 +gotosocial_statuses_media_max_files: 6 + +gotosocial_letsencrypt_enabled: false +gotosocial_letsencrypt_port: 80 +gotosocial_letsencrypt_cert_dir: "{{ gotosocial_base_dir }}/storage/certs" +gotosocial_letsencrypt_email_address: "" + +gotosocial_tls_certificate_chain: "" +gotosocial_tls_certificate_key: "" + +gotosocial_oidc_enabled: false +gotosocial_oidc_idp_name: "" +gotosocial_oidc_skip_verification: false +gotosocial_oidc_issuer: "" +gotosocial_oidc_client_id: "" +gotosocial_oidc_client_secret: "" +gotosocial_oidc_scopes: ["openid", "email", "profile", "groups"] +gotosocial_oidc_link_existing: falseA +gotosocial_oidc_admin_groups: [] + +gotosocial_smtp_host: "" +gotosocial_smtp_port: 0 +gotosocial_smtp_username: "" +gotosocial_smtp_password: "" +gotosocial_smtp_from: "" +gotosocial_smtp_disclose_recipients: false + +gotosocial_syslog_enabled: false +gotosocial_syslog_protocol: "udp" +gotosocial_syslog_address: "localhost:514" + +gotosocial_request_id_header: "X-Request-Id" +gotosocial_tracing_enabled: false +gotosocial_tracing_transport: "grpc" +gotosocial_tracing_endpoint: "localhost:4317" +gotosocial_insecure_transport: false + +gotosocial_http_client_timeout: "10s" +gotosocial_http_allow_ips: [] +gotosocial_http_block_ips: [] +gotosocial_tls_insecure_skip_verify: false + diff --git a/roles/gotosocial/templates/config.yaml.j2 b/roles/gotosocial/templates/config.yaml.j2 index f45a8fb..32a3174 100644 --- a/roles/gotosocial/templates/config.yaml.j2 +++ b/roles/gotosocial/templates/config.yaml.j2 @@ -1,47 +1,343 @@ -# This file is managed by Ansible # -log-level: "{{ gotosocial_log_level | default('info') }}" +# This file is managed by Ansible +# GoToSocial +# Copyright (C) 2021-2023 GoToSocial Authors admin@gotosocial.org -log-db-queries: false +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. -log-client-ip: true +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. -log-timestamp-format: "02/01/2006 15:04:05.000" +# You should have received a copy of the GNU Affero General Public License +# along with this program. If not, see . +########################### +##### GENERAL CONFIG ###### +########################### + +# String. Log level to use throughout the application. Must be lower-case. +# Options: ["trace","debug","info","warn","error","fatal"] +# Default: "info" +log-level: "{{ gotosocial_log_level }}" + +# Bool. Log database queries when log-level is set to debug or trace. +# This setting produces verbose logs, so it's better to only enable it +# when you're trying to track an issue down. +# Options: [true, false] +# Default: false +log-db-queries: {{ gotosocial_log_db_queries }} + +# Bool. Include the client IP in the emitted log lines +# Options: [true, false] +# Default: true +log-client-ip: {{ gotosocial_log_client_ip }} + +# String. Format to use for the timestamp in log lines. +# If set to the empty string, the timestamp will be +# ommitted from the logs entirely. +# +# The format must be compatible with Go's time.Layout, as +# documented on https://pkg.go.dev/time#pkg-constants. +# +# Examples: [true, false] +# Default: "02/01/2006 15:04:05.000" +log-timestamp-format: "{{ gotosocial_timestamp_format }}" + +# String. Application name to use internally. +# Examples: ["My Application","gotosocial"] +# Default: "gotosocial" application-name: "gotosocial" -landing-page-user: "{{ gotosocial_landing_page_user | default('') }}" +# String. The user that will be shown instead of the landing page. if no user is set, the landing page will be shown. +# Examples: "admin" +# Default: "" +landing-page-user: "{{ gotosocial_landing_page_user }}" +# String. Hostname that this server will be reachable at. Defaults to localhost for local testing, +# but you should *definitely* change this when running for real, or your server won't work at all. +# DO NOT change this after your server has already run once, or you will break things! +# Examples: ["gts.example.org","some.server.com"] +# Default: "localhost" host: "{{ gotosocial_hostname }}" -account-domain: "{{ gotosocial_account_domain | default('') }}" +# String. Domain to use when federating profiles. This is useful when you want your server to be at +# eg., "gts.example.org", but you want the domain on accounts to be "example.org" because it looks better +# or is just shorter/easier to remember. +# +# To make this setting work properly, you need to redirect requests at "example.org/.well-known/webfinger" +# to "gts.example.org/.well-known/webfinger" so that GtS can handle them properly. +# +# You should also redirect requests at "example.org/.well-known/nodeinfo" in the same way. +# +# You should also redirect requests at "example.org/.well-known/host-meta" in the same way. This endpoint +# is used by a number of clients to discover the API endpoint to use when the host and account domain are +# different. +# +# An empty string (ie., not set) means that the same value as 'host' will be used. +# +# DO NOT change this after your server has already run once, or you will break things! +# +# Please read the appropriate section of the installation guide before you go messing around with this setting: +# https://docs.gotosocial.org/en/latest/advanced/host-account-domain/ +# +# Examples: ["example.org","server.com"] +# Default: "" +account-domain: "{{ gotosocial_account_domain }}" -protocol: "https" +# String. Protocol to use for the server. Only change to http for local testing! +# This should be the protocol part of the URI that your server is actually reachable on. So even if you're +# running GoToSocial behind a reverse proxy that handles SSL certificates for you, instead of using built-in +# letsencrypt, it should still be https. +# Options: ["http","https"] +# Default: "https" +protocol: "{{ gotosocial_protocol }}" -bind-address: "{{ gotosocial_bind_address | default('0.0.0.0') }}" +# String. Address to bind the GoToSocial server to. +# This can be an IPv4 address or an IPv6 address (surrounded in square brackets), or a hostname. +# The default value will bind to all interfaces, which makes the server +# accessible by other machines. For most setups there is no need to change this. +# If you are using GoToSocial in a reverse proxy setup with the proxy running on +# the same machine, you will want to set this to "localhost" or an equivalent, +# so that the proxy can't be bypassed. +# Examples: ["0.0.0.0", "172.128.0.16", "localhost", "[::]", "[2001:db8::fed1]"] +# Default: "0.0.0.0" +bind-address: "{{ gotosocial_bind_address }}" -port: {{ gotosocial_https_port | default(8080) }} +# Int. Listen port for the GoToSocial webserver + API. If you're running behind a reverse proxy and/or in a docker, +# container, just set this to whatever you like (or leave the default), and make sure it's forwarded properly. +# If you are running with built-in letsencrypt enabled, and running GoToSocial directly on a host machine, you will +# probably want to set this to 443 (standard https port), unless you have other services already using that port. +# This *MUST NOT* be the same as the letsencrypt port specified below, unless letsencrypt is turned off. +# Examples: [443, 6666, 8080] +# Default: 8080 +port: {{ gotosocial_port }} -trusted-proxies: {{ gotosocial_trusted_proxies | default(['127.0.0.1/32', '::1']) }} +# Array of string. CIDRs or IP addresses of proxies that should be trusted when determining real client IP from behind a reverse proxy. +# If you're running inside a Docker container behind Traefik or Nginx, for example, add the subnet of your docker network, +# or the gateway of the docker network, and/or the address of the reverse proxy (if it's not running on the host network). +# Example: ["127.0.0.1/32", "172.20.0.1"] +# Default: ["127.0.0.1/32", "::1"] (localhost ipv4 + ipv6) +trusted-proxies: {{ gotosocial_trusted_proxies }} -db-type: "sqlite" -db-address: "gotosocial.db" -db-sqlite-journal-mode: "WAL" -db-sqlite-synchronous: "NORMAL" -db-sqlite-cache-size: "8MiB" -db-sqlite-busy-timeout: "30m" +############################ +##### DATABASE CONFIG ###### +############################ + +# Config pertaining to the Gotosocial database connection + +# String. Database type. +# Options: ["postgres","sqlite"] +# Default: "postgres" +db-type: "{{ gotosocial_db_type }}" + +# String. Database address or parameters. +# +# For Postgres, this should be the address or socket at which the database can be reached. +# +# For Sqlite, this should be the path to your sqlite database file. Eg., /opt/gotosocial/sqlite.db. +# If the file doesn't exist at the specified path, it will be created. +# If just a filename is provided (no directory) then the database will be created in the same directory +# as the GoToSocial binary. +# If address is set to :memory: then an in-memory database will be used (no file). +# WARNING: :memory: should NOT BE USED except for testing purposes. +# +# Examples: ["localhost","my.db.host","127.0.0.1","192.111.39.110",":memory:", "sqlite.db"] +# Default: "" +db-address: "{{ gotosocial_db_address }}" + +# Int. Port for database connection. +# Examples: [5432, 1234, 6969] +# Default: 5432 +db-port: {{ gotosocial_db_port }} + +# String. Username for the database connection. +# Examples: ["mydbuser","postgres","gotosocial"] +# Default: "" +db-user: "{{ gotosocial_db_user }}" + +# String. Password to use for the database connection +# Examples: ["password123","verysafepassword","postgres"] +# Default: "" +db-password: "{{ gotosocial_db_password }}" + +# String. Name of the database to use within the provided database type. +# Examples: ["mydb","postgres","gotosocial"] +# Default: "gotosocial" +db-database: "{{ gotosocial_db_database }}" + +# String. Disable, enable, or require SSL/TLS connection to the database. +# If "disable" then no TLS connection will be attempted. +# If "enable" then TLS will be tried, but the database certificate won't be checked (for self-signed certs). +# If "require" then TLS will be required to make a connection, and a valid certificate must be presented. +# Options: ["disable", "enable", "require"] +# Default: "disable" +db-tls-mode: "{{ gotosocial_db_tls_mode }}" + +# String. Path to a CA certificate on the host machine for db certificate validation. +# If this is left empty, just the host certificates will be used. +# If filled in, the certificate will be loaded and added to host certificates. +# Examples: ["/path/to/some/cert.crt"] +# Default: "" +db-tls-ca-cert: "{{ gotosocial_db_tls_ca_cert }}" + +# Int. Number to multiply by CPU count to set permitted total of open database connections (in-use and idle). +# You can use this setting to tune your database connection behavior, though most admins won't need to touch it. +# +# Example values for multiplier 8: +# +# 1 cpu = 08 open connections +# 2 cpu = 16 open connections +# 4 cpu = 32 open connections +# +# Example values for multiplier 4: +# +# 1 cpu = 04 open connections +# 2 cpu = 08 open connections +# 4 cpu = 16 open connections +# +# A multiplier of 8 is a sensible default, but you may wish to increase this for instances +# running on very performant hardware, or decrease it for instances using v. slow CPUs. +# +# If you set the multiplier to less than 1, only one open connection will be used regardless of cpu count. +# +# Examples: [16, 8, 10, 2] +# Default: 8 +db-max-open-conns-multiplier: {{ gotosocial_db_max_open_conns_multiplier }} + +# String. SQLite journaling mode. +# SQLite only -- unused otherwise. +# If set to empty string, the sqlite default will be used. +# See: https://www.sqlite.org/pragma.html#pragma_journal_mode +# Examples: ["DELETE", "TRUNCATE", "PERSIST", "MEMORY", "WAL", "OFF"] +# Default: "WAL" +db-sqlite-journal-mode: "{{ gotosocial_db_sqlite_journal_mode }}" + +# String. SQLite synchronous mode. +# SQLite only -- unused otherwise. +# If set to empty string, the sqlite default will be used. +# See: https://www.sqlite.org/pragma.html#pragma_synchronous +# Examples: ["OFF", "NORMAL", "FULL", "EXTRA"] +# Default: "NORMAL" +db-sqlite-synchronous: "{{ gotosocial_db_sqlite_synchronous }}" + +# Byte size. SQlite cache size. +# SQLite only -- unused otherwise. +# If set to empty string or zero, the sqlite default (2MiB) will be used. +# See: https://www.sqlite.org/pragma.html#pragma_cache_size +# Examples: ["0", "2MiB", "8MiB", "64MiB"] +# Default: "8MiB" +db-sqlite-cache-size: "{{ gotosocial_db_sqlite_cache_size }}" + +# Duration. SQlite busy timeout. +# SQLite only -- unused otherwise. +# If set to empty string or zero, the sqlite default will be used. +# See: https://www.sqlite.org/pragma.html#pragma_busy_timeout +# Examples: ["0s", "1s", "30s", "1m", "5m"] +# Default: "30m" +db-sqlite-busy-timeout: "{{ gotosocial_db_sqlite_busy_timeout }}" cache: - memory-target: "100MiB" + # cache.memory-target sets a target limit that + # the application will try to keep it's caches + # within. This is based on estimated sizes of + # in-memory objects, and so NOT AT ALL EXACT. + # Examples: ["100MiB", "200MiB", "500MiB", "1GiB"] + # Default: "100MiB" + memory-target: "{{ gotosocial_cache_memory_target }}" +###################### +##### WEB CONFIG ##### +###################### + +# Config pertaining to templating and serving of web pages/email notifications and the like + +# String. Directory from which gotosocial will attempt to load html templates (.tmpl files). +# Examples: ["/some/absolute/path/", "./relative/path/", "../../some/weird/path/"] +# Default: "./web/template/" +web-template-base-dir: "./web/template/" + +# String. Directory from which gotosocial will attempt to serve static web assets (images, scripts). +# Examples: ["/some/absolute/path/", "./relative/path/", "../../some/weird/path/"] +# Default: "./web/assets/" web-asset-base-dir: "./web/assets/" -instance-federation-mode: "blocklist" -instance-expose-peers: false -instance-expose-suspended: false -instance-expose-suspended-web: false -instance-expose-public-timeline: false -instance-deliver-to-shared-inboxes: true -instance-inject-mastodon-version: false +########################### +##### INSTANCE CONFIG ##### +########################### + +# Config pertaining to instance federation settings, pages to hide/expose, etc. + +# String. Federation mode to use for this instance. +# +# "blocklist" -- open federation by default. Only instances that are explicitly +# blocked will be denied (unless they are also explicitly allowed). +# +# "allowlist" -- closed federation by default. Only instances that are explicitly +# allowed will be able to interact with this instance. +# +# For more details on blocklist and allowlist modes, check the documentation at: +# https://docs.gotosocial.org/en/latest/admin/federation_modes +# +# Options: ["blocklist", "allowlist"] +# Default: "blocklist" +instance-federation-mode: "{{ gotosocial_federation_mode }}" + +# Bool. Allow unauthenticated users to make queries to /api/v1/instance/peers?filter=open in order +# to see a list of instances that this instance 'peers' with. Even if set to 'false', then authenticated +# users (members of the instance) will still be able to query the endpoint. +# Options: [true, false] +# Default: false +instance-expose-peers: {{ gotosocial_expose_peers }} + +# Bool. Allow unauthenticated users to make queries to /api/v1/instance/peers?filter=suspended in order +# to see a list of instances that this instance blocks/suspends. Even if set to 'false', then authenticated +# users (members of the instance) will still be able to query the endpoint. +# +# WARNING: Setting this variable to 'true' may result in your instance being scraped by blocklist scrapers. +# See: https://docs.gotosocial.org/en/latest/admin/domain_blocks/#block-announce-bots +# +# Options: [true, false] +# Default: false +instance-expose-suspended: {{ gotosocial_expose_suspended }} + +# Bool. Allow unauthenticated users to view /about/suspended, +# showing the HTML rendered list of instances that this instance blocks/suspends. +# Options: [true, false] +# Default: false +instance-expose-suspended-web: {{ gotosocial_expose_suspended_web }} + +# Bool. Allow unauthenticated users to make queries to /api/v1/timelines/public in order +# to see a list of public posts on this server. Even if set to 'false', then authenticated +# users (members of the instance) will still be able to query the endpoint. +# Options: [true, false] +# Default: false +instance-expose-public-timeline: {{ gotosocial_expose_public_timeline }} + +# Bool. This flag tweaks whether GoToSocial will deliver ActivityPub messages +# to the shared inbox of a recipient, if one is available, instead of delivering +# each message to each actor who should receive a message individually. +# +# Shared inbox delivery can significantly reduce network load when delivering +# to multiple recipients share an inbox (eg., on large Mastodon instances). +# +# See: https://www.w3.org/TR/activitypub/#shared-inbox-delivery +# +# Options: [true, false] +# Default: true +instance-deliver-to-shared-inboxes: {{ gotosocial_deliver_to_shared_inboxes }} + +# Bool. This flag will inject a Mastodon version into the version field that +# is included in /api/v1/instance. This version is often used by Mastodon clients +# to do API feature detection. By injecting a Mastodon compatible version, it is +# possible to cajole those clients to behave correctly with GoToSocial. +# +# Options: [true, false] +# Default: false +instance-inject-mastodon-version: {{ gotosocial_inject_mastodon_version }} ########################### ##### ACCOUNTS CONFIG ##### @@ -49,87 +345,629 @@ instance-inject-mastodon-version: false # Config pertaining to creation and maintenance of accounts on the server, as well as defaults for new accounts. -accounts-registration-open: {{ gotosocial_registration_open | default(false) }} -accounts-approval-required: {{ gotosocial_account_approvel | default(true) }} -accounts-reason-required: true +# Bool. Do we want people to be able to just submit sign up requests, or do we want invite only? +# Options: [true, false] +# Default: true +accounts-registration-open: {{ gotosocial_registration_open }} -accounts-allow-custom-css: false -accounts-custom-css-length: 10000 +# Bool. Do sign up requests require approval from an admin/moderator before an account can sign in/use the server? +# Options: [true, false] +# Default: true +accounts-approval-required: {{ gotosocial_accounts_approval_required }} -media-image-max-size: 10485760 -media-video-max-size: 41943040 -media-description-min-chars: 0 -media-description-max-chars: 500 -media-remote-cache-days: 7 -media-emoji-local-max-size: 51200 -media-emoji-remote-max-size: 102400 +# Bool. Are sign up requests required to submit a reason for the request (eg., an explanation of why they want to join the instance)? +# Options: [true, false] +# Default: true +accounts-reason-required: {{ gotosocial_accounts_reason_required }} -storage-backend: "local" -storage-local-base-path: "{{ gotosocial_base_dir }}/storage" -storage-s3-endpoint: "" -storage-s3-proxy: false -storage-s3-use-ssl: true -storage-s3-access-key: "" -storage-s3-secret-key: "" -storage-s3-bucket: "" +# Bool. Allow accounts on this instance to set custom CSS for their profile pages and statuses. +# Enabling this setting will allow accounts to upload custom CSS via the /user settings page, +# which will then be rendered on the web view of the account's profile and statuses. +# +# For instances with public sign ups, it is **HIGHLY RECOMMENDED** to leave this setting on 'false', +# since setting it to true allows malicious accounts to make their profile pages misleading, unusable +# or even dangerous to visitors. In other words, you should only enable this setting if you trust +# the users on your instance not to produce harmful CSS. +# +# Regardless of what this value is set to, any uploaded CSS will not be federated to other instances, +# it will only be shown on profiles and statuses on *this* instance. +# +# Options: [true, false] +# Default: false +accounts-allow-custom-css: {{ gotosocial_accounts_allow_custom_css }} -statuses-max-chars: 5000 -statuses-cw-max-chars: 100 -statuses-poll-max-options: 6 -statuses-poll-option-max-chars: 50 -statuses-media-max-files: 6 +# Int. If accounts-allow-custom-css is true, this is the permitted length in characters for +# CSS uploaded by accounts on this instance. No effect if accounts-allow-custom-css is false. +# +# Examples: [500, 5000, 9999] +# Default: 10000 +accounts-custom-css-length: {{ gotosocial_accounts_custom_css_length }} -letsencrypt-enabled: {{ gotosocial_letsencrypt_enabled }} -letsencrypt-port: {{ gotosocial_http_port | default(80) }} -letsencrypt-cert-dir: "{{ gotosocial_base_dir }}/storage/certs" -letsencrypt-email-address: "{{ gotosocial_letsencrypt_email }}" +######################## +##### MEDIA CONFIG ##### +######################## +# Config pertaining to media uploads (videos, image, image descriptions, emoji). +# Int. Maximum allowed image upload size in bytes. +# Examples: [2097152, 10485760] +# Default: 10485760 -- aka 10MB +media-image-max-size: {{ gotosocial_media_image_max_size }} -oidc-enabled: false -oidc-idp-name: "" -oidc-skip-verification: false -oidc-issuer: "" -oidc-client-id: "" -oidc-client-secret: "" -oidc-scopes: - - "openid" - - "email" - - "profile" - - "groups" -oidc-link-existing: false -oidc-admin-groups: [] +# Int. Maximum allowed video upload size in bytes. +# Examples: [2097152, 10485760] +# Default: 41943040 -- aka 40MB +media-video-max-size: {{ gotosocial_media_video_max_size }} -smtp-host: "" -smtp-port: 0 -smtp-username: "" -smtp-password: "" -smtp-from: "" -smtp-disclose-recipients: false +# Int. Minimum amount of characters required as an image or video description. +# Examples: [500, 1000, 1500] +# Default: 0 (not required) +media-description-min-chars: {{ gotosocial_media_description_min_chars }} -syslog-enabled: false -syslog-protocol: "udp" -syslog-address: "localhost:514" +# Int. Maximum amount of characters permitted in an image or video description. +# Examples: [500, 1000, 1500] +# Default: 500 +media-description-max-chars: {{ gotosocial_media_description_max_chars }} -request-id-header: "X-Request-Id" -tracing-enabled: false -tracing-transport: "grpc" -tracing-endpoint: "" -tracing-insecure-transport: false +# Int. Number of days to cache media from remote instances before they are removed from the cache. +# A job will run every day at midnight to clean up any remote media older than the given amount of days. +# +# When remote media is removed from the cache, it is deleted from storage but the database entries for the media +# are kept so that it can be fetched again if requested by a user. +# +# If this is set to 0, then media from remote instances will be cached indefinitely. +# Examples: [30, 60, 7, 0] +# Default: 7 +media-remote-cache-days: {{ gotosocial_media_remote_cache_days }} +# Int. Max size in bytes of emojis uploaded to this instance via the admin API. +# The default is the same as the Mastodon size limit for emojis (50kb), which allows +# for good interoperability. Raising this limit may cause issues with federation +# of your emojis to other instances, so beware. +# Examples: [51200, 102400] +# Default: 51200 +media-emoji-local-max-size: {{ gotosocial_media_emoji_local_max_size }} + +# Int. Max size in bytes of emojis to download from other instances. +# By default this is 100kb, or twice the size of the default for media-emoji-local-max-size. +# This strikes a good balance between decent interoperability with instances that have +# higher emoji size limits, and not taking up too much space in storage. +# Examples: [51200, 102400] +# Default: 102400 +media-emoji-remote-max-size: {{ gotosocial_media_emoji_remote_max_size }} + +########################## +##### STORAGE CONFIG ##### +########################## + +# Config pertaining to storage of user-created uploads (videos, images, etc). + +# String. Type of storage backend to use. +# Examples: ["local", "s3"] +# Default: "local" (storage on local disk) +storage-backend: "{{ gotosocial_storage_backend }}" + +# String. Directory to use as a base path for storing files. +# Make sure whatever user/group gotosocial is running as has permission to access +# this directory, and create new subdirectories and files within it. +# Only required when running with the local storage backend. +# Examples: ["/home/gotosocial/storage", "/opt/gotosocial/datastorage"] +# Default: "/gotosocial/storage" +storage-local-base-path: "{{ gotosocial_storage_base_path }}" + +# String. API endpoint of the S3 compatible service. +# Only required when running with the s3 storage backend. +# Examples: ["minio:9000", "s3.nl-ams.scw.cloud", "s3.us-west-002.backblazeb2.com"] +# GoToSocial uses "DNS-style" when accessing buckets. +# If you are using Scaleways object storage, please remove the "bucket name" from the endpoint address +# Default: "" +storage-s3-endpoint: "{{ gotosocial_storage_s3_endpoint }}" + +# Bool. If data stored in S3 should be proxied through GoToSocial instead of redirecting to a presigned URL. +# +# Default: false +storage-s3-proxy: {{ gotosocial_storage_s3_proxy }} + +# Bool. Use SSL for S3 connections. +# +# Only set this to 'false' when testing locally. +# +# Default: true +storage-s3-use-ssl: {{ gotosocial_storage_s3_use_ssl }} + +# String. Access key part of the S3 credentials. +# Consider setting this value using environment variables to avoid leaking it via the config file +# Only required when running with the s3 storage backend. +# Examples: ["AKIAJSIE27KKMHXI3BJQ","miniouser"] +# Default: "" +storage-s3-access-key: "{{ gotosocial_storage_s3_access_key }}" + +# String. Secret key part of the S3 credentials. +# Consider setting this value using environment variables to avoid leaking it via the config file +# Only required when running with the s3 storage backend. +# Examples: ["5bEYu26084qjSFyclM/f2pz4gviSfoOg+mFwBH39","miniopassword"] +# Default: "" +storage-s3-secret-key: "{{ gotosocial_storage_s3_secret_key }}" + +# String. Name of the storage bucket. +# +# If you have already encoded your bucket name in the storage-s3-endpoint, this +# value will be used as a directory containing your data. +# +# The bucket must exist prior to starting GoToSocial +# +# Only required when running with the s3 storage backend. +# Examples: ["gts","cool-instance"] +# Default: "" +storage-s3-bucket: "{{ gotosocial_storage_s3_bucket }}" + +########################### +##### STATUSES CONFIG ##### +########################### + +# Config pertaining to the creation of statuses/posts, and permitted limits. + +# Int. Maximum amount of characters permitted for a new status. +# Note that going way higher than the default might break federation. +# Examples: [140, 500, 5000] +# Default: 5000 +statuses-max-chars: {{ gotosocial_statuses_max_chars }} + +# Int. Maximum amount of characters allowed in the CW/subject header of a status. +# Note that going way higher than the default might break federation. +# Examples: [100, 200] +# Default: 100 +statuses-cw-max-chars: {{ gotosocial_cw_max_chars }} + +# Int. Maximum amount of options to permit when creating a new poll. +# Note that going way higher than the default might break federation. +# Examples: [4, 6, 10] +# Default: 6 +statuses-poll-max-options: {{ gotosocial_poll_max_options }} + +# Int. Maximum amount of characters to permit per poll option when creating a new poll. +# Note that going way higher than the default might break federation. +# Examples: [50, 100, 150] +# Default: 50 +statuses-poll-option-max-chars: {{ gotosocial_poll_option_max_chars }} + +# Int. Maximum amount of media files that can be attached to a new status. +# Note that going way higher than the default might break federation. +# Examples: [4, 6, 10] +# Default: 6 +statuses-media-max-files: {{ gotosocial_statuses_media_max_files }} + +############################## +##### LETSENCRYPT CONFIG ##### +############################## + +# Config pertaining to the automatic acquisition and use of LetsEncrypt HTTPS certificates. + +# Bool. Whether or not letsencrypt should be enabled for the server. +# If false, the rest of the settings here will be ignored. +# If you serve GoToSocial behind a reverse proxy like nginx or traefik, leave this turned off. +# If you don't, then turn it on so that you can use https. +# Options: [true, false] +# Default: false +letsencrypt-enabled: {{ gotosocial_letsencrypt_enabled }} + +# Int. Port to listen for letsencrypt certificate challenges on. +# If letsencrypt is enabled, this port must be reachable or you won't be able to obtain certs. +# If letsencrypt is disabled, this port will not be used. +# This *must not* be the same as the webserver/API port specified above. +# Examples: [80, 8000, 1312] +# Default: 80 +letsencrypt-port: {{ gotosocial_letsencrypt_port }} + +# String. Directory in which to store LetsEncrypt certificates. +# It is a good move to make this a sub-path within your storage directory, as it makes +# backup easier, but you might wish to move them elsewhere if they're also accessed by other services. +# In any case, make sure GoToSocial has permissions to write to / read from this directory. +# Examples: ["/home/gotosocial/storage/certs", "/acmecerts"] +# Default: "/gotosocial/storage/certs" +letsencrypt-cert-dir: "{{ gotosocial_letsencrypt_cert_dir }}" + +# String. Email address to use when registering LetsEncrypt certs. +# Most likely, this will be the email address of the instance administrator. +# LetsEncrypt will send notifications about expiring certificates etc to this address. +# Examples: ["admin@example.org"] +# Default: "" +letsencrypt-email-address: "{{ gotosocial_letsencrypt_email_address }}" + +############################## +##### MANUAL TLS CONFIG ##### +############################## + +# String. Path to a PEM-encoded file on disk that includes the certificate chain +# and the public key +# Examples: ["/gotosocial/storage/certs/chain.pem"] +# Default: "" +tls-certificate-chain: "{{ gotosocial_tls_certificate_chain }}" + +# String. Path to a PEM-encoded file on disk containing the private key for the +# associated tls-certificate-chain +# Examples: ["/gotosocial/storage/certs/private.pem"] +# Default: "" +tls-certificate-key: "{{ gotosocial_tls_certificate_key }}" + +####################### +##### OIDC CONFIG ##### +####################### + +# Config for authentication with an external OIDC provider (Dex, Google, Auth0, etc). + +# Bool. Enable authentication with external OIDC provider. If set to true, then +# the other OIDC options must be set as well. If this is set to false, then the standard +# internal oauth flow will be used, where users sign in to GtS with username/password. +# Options: [true, false] +# Default: false +oidc-enabled: {{ gotosocial_oidc_enabled }} + +# String. Name of the oidc idp (identity provider). This will be shown to users when +# they log in. +# Examples: ["Google", "Dex", "Auth0"] +# Default: "" +oidc-idp-name: "{{ gotosocial_oidc_idp_name }}" + +# Bool. Skip the normal verification flow of tokens returned from the OIDC provider, ie., +# don't check the expiry or signature. This should only be used in debugging or testing, +# never ever in a production environment as it's extremely unsafe! +# Options: [true, false] +# Default: false +oidc-skip-verification: {{ gotosocial_oidc_skip_verification }} + +# String. The OIDC issuer URI. This is where GtS will redirect users to for login. +# Typically this will look like a standard web URL. +# Examples: ["https://auth.example.org", "https://example.org/auth"] +# Default: "" +oidc-issuer: "{{ gotosocial_oidc_issuer }}" + +# String. The ID for this client as registered with the OIDC provider. +# Examples: ["some-client-id", "fda3772a-ad35-41c9-9a59-f1943ad18f54"] +# Default: "" +oidc-client-id: "{{ gotosocial_oidc_client_id }}" + +# String. The secret for this client as registered with the OIDC provider. +# Examples: ["super-secret-business", "79379cf5-8057-426d-bb83-af504d98a7b0"] +# Default: "" +oidc-client-secret: "{{ gotosocial_oidc_client_secret }}" + +# Array of string. Scopes to request from the OIDC provider. The returned values will be used to +# populate users created in GtS as a result of the authentication flow. 'openid' and 'email' are required. +# 'profile' is used to extract a username for the newly created user. +# 'groups' is optional and can be used to determine if a user is an admin based on oidc-admin-groups. +# Examples: See eg., https://auth0.com/docs/scopes/openid-connect-scopes +# Default: ["openid", "email", "profile", "groups"] +oidc-scopes: {{ gotosocial_oidc_scopes }} + +# Bool. Link OIDC authenticated users to existing ones based on their email address. +# This is mostly intended for migration purposes if you were running previous versions of GTS +# which only correlated users with their email address. Should be set to false for most usecases. +# Options: [true, false] +# Default: false +oidc-link-existing: {{ gotosocial_oidc_link_existing }} + +# Array of string. If the returned ID token contains a 'groups' claim that matches one of the +# groups in oidc-admin-groups, then this user will be granted admin rights on the GtS instance +# Default: [] +oidc-admin-groups: {{ gotosocial_oidc_admin_groups }} + +####################### +##### SMTP CONFIG ##### +####################### + +# Config for sending emails via an smtp server. See https://en.wikipedia.org/wiki/Simple_Mail_Transfer_Protocol + +# String. The hostname of the smtp server you want to use. +# If this is not set, smtp will not be used to send emails, and you can ignore the other settings. +# Examples: ["mail.example.org", "localhost"] +# Default: "" +smtp-host: "{{ gotosocial_smtp_host }}" + +# Int. Port to use to connect to the smtp server. +# Examples: [] +# Default: 0 +smtp-port: {{ gotosocial_smtp_port }} + +# String. Username to use when authenticating with the smtp server. +# This should have been provided to you by your smtp host. +# This is often, but not always, an email address. +# Examples: ["maillord@example.org"] +# Default: "" +smtp-username: "{{ gotosocial_smtp_username }}" + +# String. Password to use when authenticating with the smtp server. +# This should have been provided to you by your smtp host. +# Examples: ["1234", "password"] +# Default: "" +smtp-password: "{{ gotosocial_smtp_password }}" + +# String. 'From' address for sent emails. +# Examples: ["mail@example.org"] +# Default: "" +smtp-from: "{{ gotosocial_smtp_from }}" + +# Bool. If true, when an email is sent that has multiple recipients, each recipient +# will be included in the To field, so that each recipient can see who else got the +# email, and they can 'reply all' to the other recipients if they want to. +# +# If false, email will be sent to Undisclosed Recipients, and each recipient will not +# be able to see who else received the email. +# +# It might be useful to change this setting to 'true' if you want to be able to discuss +# new moderation reports with other admins by 'replying-all' to the notification email. +# Default: false +smtp-disclose-recipients: {{ gotosocial_smtp_disclose_recipients }} + +######################### +##### SYSLOG CONFIG ##### +######################### + +# Config for additional syslog log hooks. See https://en.wikipedia.org/wiki/Syslog, +# and https://github.com/sirupsen/logrus/tree/master/hooks/syslog. +# +# These settings are useful when one wants to daemonize GoToSocial and send logs +# to a specific place, either a local location or a syslog server. Most users will +# not need to touch these settings. + +# Bool. Enable the syslog logging hook. Logs will be mirrored to the configured destination. +# Options: [true, false] +# Default: false +syslog-enabled: {{ gotosocial_syslog_enabled }} + +# String. Protocol to use when directing logs to syslog. Leave empty to connect to local syslog. +# Options: ["udp", "tcp", ""] +# Default: "udp" +syslog-protocol: "{{ gotosocial_syslog_protocol }}" + +# String. Address:port to send syslog logs to. Leave empty to connect to local syslog. +# Default: "localhost:514" +syslog-address: "{{ gotosocial_syslog_address }}" + +################################## +##### OBSERVABILITY SETTINGS ##### +################################## + +# String. Header name to use to extract a request or trace ID from. Typically set by a +# loadbalancer or proxy. +# Default: "X-Request-Id" +request-id-header: "{{ gotosocial_request_id_header }}" + +# Bool. Enable OpenTelemetry based tracing support. +# Default: false +tracing-enabled: {{ gotosocial_tracing_enabled }} + +# String. Set the transport protocol for the tracing system. Can either be "grpc" +# for OTLP gRPC, or "http" for OTLP HTTP. +# Options: ["grpc", "http"] +# Default: "grpc" +tracing-transport: "{{ gotosocial_tracing_transport }}" + +# String. Endpoint of the trace ingester. When using the gRPC or HTTP based transports, +# provide the endpoint as a single address/port combination without a protocol scheme. +# Examples: ["localhost:4317"] +# Default: "" +tracing-endpoint: "{{ gotosocial_tracing_endpoint }}" + +# Bool. Disable TLS for the gRPC and HTTP transport protocols. +# Default: false +tracing-insecure-transport: {{ gotosocial_insecure_transport }} + +################################ +##### HTTP CLIENT SETTINGS ##### +################################ + +# Settings for OUTGOING http client connections used by GoToSocial to make +# requests to remote resources (status GETs, media GETs, inbox POSTs, etc). http-client: - timeout: "10s" - allow-ips: [] - block-ips: [] - tls-insecure-skip-verify: false + # Duration. Timeout to use for outgoing HTTP requests. If the timeout + # is exceeded, the connection to the remote server will be dropped. + # A value of 0s indicates no timeout: this is not advised! + # Examples: ["5s", "10s", "0s"] + # Default: "10s" + timeout: "{{ gotosocial_http_client_timeout }}" + ######################################## + #### RESERVED IP RANGE EXCEPTIONS ###### + ######################################## + # + # Explicitly allow or block outgoing dialing within the provided IPv4/v6 CIDR ranges. + # + # By default, as a basic security precaution, GoToSocial blocks outgoing dialing within most "special-purpose" + # IP ranges. However, it may be desirable for admins with more exotic setups (proxies, funky NAT, etc) to + # explicitly override one or more of these otherwise blocked ranges. + # + # Each of the below allow/block config options accepts an array of IPv4 and/or IPv6 CIDR strings. + # For example, to override the hardcoded block of IPv4 and IPv6 dialing to localhost, set: + # + # allow-ips: ["127.0.0.1/32", "::1/128"]. + # + # You can also use YAML multi-line arrays to define these, but be diligent with indentation. + # + # When dialing, GoToSocial will first check if the destination falls within explicitly allowed IP ranges, + # then explicitly blocked IP ranges, then the default (hardcoded) blocked IP ranges, returning OK on the + # first allowed match, not OK on the first blocked match, or just defaulting to OK if nothing is matched. + # + # As with all security settings, it is better to start too restrictive and then ease off depending on + # your use case, than to start too permissive and try to close the stable door after the horse has + # already bolted. With this in mind: + # - Don't touch these settings unless you have a good reason to, and only if you know what you're doing. + # - When adding explicitly allowed exceptions, use the narrowest possible CIDR for your use case. + # + # For reserved / special ranges, see: + # - https://www.iana.org/assignments/iana-ipv4-special-registry/iana-ipv4-special-registry.xhtml + # - https://www.iana.org/assignments/iana-ipv6-special-registry/iana-ipv6-special-registry.xhtml + # + # Both allow-ips and block-ips default to an empty array. + allow-ips: {{ gotosocial_http_allow_ips }} + block-ips: {{ gotosocial_http_block_ips }} + + # Bool. Disable verification of TLS certificates of remote servers. + # With this set to 'true', GoToSocial will not error when a remote + # server presents an invalid or self-signed certificate. + # + # THIS SETTING SHOULD BE USED FOR TESTING ONLY! IF YOU TURN THIS + # ON WHILE RUNNING IN PRODUCTION YOU ARE LEAVING YOUR SERVER WIDE + # OPEN TO MAN IN THE MIDDLE ATTACKS! DO NOT CHANGE THIS SETTING + # UNLESS YOU KNOW EXACTLY WHAT YOU'RE DOING AND WHY YOU'RE DOING IT. + # + # Default: false + tls-insecure-skip-verify: {{ gotosocial_tls_insecure_skip_verify }} + +############################# +##### ADVANCED SETTINGS ##### +############################# + +# Advanced settings pertaining to http timeouts, security, cookies, and more. +# +# ONLY ADJUST THESE SETTINGS IF YOU KNOW WHAT YOU ARE DOING! +# +# Most users will not need to (and should not) touch these settings, since +# they are set to sensible defaults, and may break if they are changed. +# +# Nevertheless, they are provided for the sake of allowing server admins to +# tweak their instance for performance or security reasons. + +# String. Value of the SameSite attribute of cookies set by GoToSocial. +# Defaults to 'lax' to ensure that the OIDC flow does not break, which is +# fine in most cases. If you want to harden your instance against CSRF attacks +# and don't mind if some login-related things might break, you can set this +# to 'strict' instead. +# +# For an overview of what this does, see: +# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite +# +# Options: ["lax", "strict"] +# Default: "lax" advanced-cookies-samesite: "lax" -advanced-rate-limit-requests: 300 -advanced-rate-limit-exceptions: [] -advanced-throttling-multiplier: 8 -advanced-throttling-retry-after: "30s" -advanced-sender-multiplier: 2 -advanced-csp-extra-uris: [] +# Int. Amount of requests to permit per router grouping from a single IP address within +# a span of 5 minutes. If this amount is exceeded, a 429 HTTP error code will be returned. +# +# If you find yourself adjusting this limit because it's regularly being exceeded, +# you should first verify that your settings for `trusted-proxies` (above) are correct. +# In many cases, when the rate limit is exceeded it is because your instance sees all +# incoming requests as coming from the *same IP address* (you can verify this by looking +# at the client IPs in your instance logs). If this is the case, try adding that IP +# address to your `trusted-proxies` *BEFORE* you go adjusting this rate limit setting! +# +# If you set this to 0 or less, rate limiting will be disabled entirely. +# +# Examples: [1000, 500, 0] +# Default: 300 +advanced-rate-limit-requests: 300 + +# Array of string. CIDRs to except from rate limit restrictions. +# Any IPs inside the CIDR range(s) will not have rate limiting +# applied on their requests, and rate limit headers will not be +# set for those requests. +# +# This can be useful in the following example cases (and probably +# a bunch of others as well): +# +# 1. You've set up an automated service that uses the API, and +# it keeps getting rate limited, even though you trust it's +# not abusing the instance. +# +# 2. You live with multiple people who use the same instance, +# and you're all using the same router/NAT, so you all have +# the same IP address, and you keep rate limiting each other. +# +# 3. You mostly use your own home internet to access your instance, +# and you want to exempt your home internet from rate limiting. +# +# You should be careful when adjusting this setting, since you +# might inadvertently make rate limiting useless if you set too +# wide a range. If in doubt, be too restrictive rather than too +# lenient, and adjust as you go. +# +# Example: ["192.168.0.0/16"] +# Default: [] +advanced-rate-limit-exceptions: [] + +# Int. Amount of open requests to permit per CPU, per router grouping, before applying http +# request throttling. Any requests beyond the calculated limit are held in a backlog queue for +# up to 30 seconds before either being processed or timing out. Requests that don't fit in the backlog +# queue will have status 503 returned to them, and the header 'Retry-After' will be set to 30 seconds. +# +# Open request limit is available CPUs * multiplier; backlog queue limit is limit * multiplier. +# +# Example values for multiplier 8: +# +# 1 cpu = 08 open, 064 backlog +# 2 cpu = 16 open, 128 backlog +# 4 cpu = 32 open, 256 backlog +# +# Example values for multiplier 4: +# +# 1 cpu = 04 open, 016 backlog +# 2 cpu = 08 open, 032 backlog +# 4 cpu = 16 open, 064 backlog +# +# A multiplier of 8 is a sensible default, but you may wish to increase this for instances +# running on very performant hardware, or decrease it for instances using v. slow CPUs. +# +# If you set this to 0 or less, http request throttling will be disabled entirely. +# +# Examples: [8, 4, 9, 0] +# Default: 8 +advanced-throttling-multiplier: 8 + +# Duration. Time period to use as the "retry-after" header value in response to throttled requests. +# Minimum resolution is 1 second. +# +# Examples: [30s, 10s, 5s, 1m] +# Default: "30s" +advanced-throttling-retry-after: "30s" + +# Int. CPU multiplier for the amount of goroutines to spawn in order to send messages via ActivityPub. +# Messages will be batched so that at most multiplier * CPU count messages will be sent out at once. +# This can be tuned to limit concurrent POSTing to remote inboxes, preventing your instance CPU +# usage from skyrocketing when an account with many followers posts a new status. +# +# Messages are split among available senders, and each sender processes its assigned messages in serial. +# For example, say a user with 1000 followers is on an instance with 2 CPUs. With the default multiplier +# of 2, this means 4 senders would be in process at once on this instance. When the user creates a new post, +# each sender would end up iterating through about 250 Create messages + delivering them to remote instances. +# +# If you set this to 0 or less, only 1 sender will be used regardless of CPU count. This may be +# useful in cases where you are working with very tight network or CPU constraints. +# +# Example values for multiplier 2 (default): +# +# 1 cpu = 2 concurrent senders +# 2 cpu = 4 concurrent senders +# 4 cpu = 8 concurrent senders +# +# Example values for multiplier 4: +# +# 1 cpu = 4 concurrent senders +# 2 cpu = 8 concurrent senders +# 4 cpu = 16 concurrent senders +# +# Example values for multiplier <1: +# +# 1 cpu = 1 concurrent sender +# 2 cpu = 1 concurrent sender +# 4 cpu = 1 concurrent sender +advanced-sender-multiplier: 2 + +# Array of string. Extra URIs to add to 'img-src' and 'media-src' +# when building the Content-Security-Policy header for your instance. +# +# This can be used to allow the browser to load resources from additional +# sources like S3 buckets and so on when viewing your instance's pages +# and profiles in the browser. +# +# Since non-proxying S3 storage will be probed on instance launch to +# generate a correct Content-Security-Policy, you probably won't need +# to ever touch this setting, but it's included in the 'spirit of more +# configurable (usually) means more good'. +# +# See: https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP +# +# Example: ["s3.example.org", "some-bucket-name.s3.example.org"] +# Default: [] +advanced-csp-extra-uris: []