mirror of
https://github.com/versia-pub/server.git
synced 2025-12-06 16:38:19 +01:00
330 lines
8.3 KiB
TOML
330 lines
8.3 KiB
TOML
# Lysand Config
|
|
# All of these values can be changed via the CLI (they will be saved in a file named config.internal.toml
|
|
# in the same directory as this one)
|
|
# Changing this file does not require a restart, but might take a few seconds to apply
|
|
# This file will be merged with the CLI configuration, taking precedence over it
|
|
|
|
[database]
|
|
# Main PostgreSQL database connection
|
|
host = "localhost"
|
|
port = 5432
|
|
username = "lysand"
|
|
password = "lysand"
|
|
database = "lysand"
|
|
|
|
[redis.queue]
|
|
# Redis instance for storing the federation queue
|
|
# Required for federation
|
|
host = "localhost"
|
|
port = 6379
|
|
password = ""
|
|
database = 0
|
|
|
|
[redis.cache]
|
|
# Redis instance to be used as a timeline cache
|
|
# Optional, can be the same as the queue instance
|
|
host = "localhost"
|
|
port = 6379
|
|
password = ""
|
|
database = 1
|
|
enabled = false
|
|
|
|
[meilisearch]
|
|
# If Meilisearch is not configured, search will not be enabled
|
|
host = "localhost"
|
|
port = 7700
|
|
api_key = "______________________________"
|
|
enabled = false
|
|
|
|
[signups]
|
|
# URL of your Terms of Service
|
|
tos_url = "https://my-site.com/tos"
|
|
# Whether to enable registrations or not
|
|
registration = true
|
|
rules = [
|
|
"Do not harass others",
|
|
"Be nice to people",
|
|
"Don't spam",
|
|
"Don't post illegal content",
|
|
]
|
|
|
|
# Delete this section if you don't want to use custom OAuth providers
|
|
# This is an example configuration
|
|
# The provider MUST support OpenID Connect with .well-known discovery
|
|
# Most notably, GitHub does not support this
|
|
[[oidc.providers]]
|
|
# Test with custom Authentik instance
|
|
name = "CPlusPatch ID"
|
|
id = "cpluspatch-id"
|
|
url = "https://id.cpluspatch.com/application/o/lysand-testing/"
|
|
client_id = "______________________________"
|
|
client_secret = "__________________________________"
|
|
icon = "https://cpluspatch.com/images/icons/logo.svg"
|
|
|
|
[http]
|
|
# The full URL Lysand will be reachable by (paths are not supported)
|
|
base_url = "https://lysand.social"
|
|
# Address to bind to
|
|
bind = "0.0.0.0"
|
|
bind_port = "8080"
|
|
|
|
# Bans IPv4 or IPv6 IPs (wildcards, networks and ranges are supported)
|
|
banned_ips = []
|
|
# Banned user agents, regex format
|
|
banned_user_agents = [
|
|
# "curl\/7.68.0",
|
|
# "wget\/1.20.3",
|
|
]
|
|
|
|
[http.bait]
|
|
# Enable the bait feature (sends fake data to those who are flagged)
|
|
enabled = false
|
|
# Path to file of bait data (if not provided, Lysand will send the entire Bee Movie script)
|
|
send_file = ""
|
|
# IPs to send bait data to (wildcards, networks and ranges are supported)
|
|
bait_ips = ["127.0.0.1", "::1"]
|
|
# User agents to send bait data to (regex format)
|
|
bait_user_agents = ["curl", "wget"]
|
|
|
|
[smtp]
|
|
# SMTP server to use for sending emails
|
|
server = "smtp.example.com"
|
|
port = 465
|
|
username = "test@example.com"
|
|
password = "____________"
|
|
tls = true
|
|
# Disable all email functions (this will allow people to sign up without verifying
|
|
# their email)
|
|
enabled = false
|
|
|
|
[media]
|
|
# Can be "s3" or "local", where "local" uploads the file to the local filesystem
|
|
# If you need to change this value after setting up your instance, you must move all the files
|
|
# from one backend to the other manually (the CLI will have an option to do this later)
|
|
# TODO: Add CLI command to move files
|
|
backend = "local"
|
|
# Whether to check the hash of media when uploading to avoid duplication
|
|
deduplicate_media = true
|
|
# If media backend is "local", this is the folder where the files will be stored
|
|
# Can be any path
|
|
local_uploads_folder = "uploads"
|
|
|
|
[media.conversion]
|
|
# Whether to automatically convert images to another format on upload
|
|
convert_images = false
|
|
# Can be: "jxl", "webp", "avif", "png", "jpg", "heif"
|
|
# JXL support will likely not work
|
|
convert_to = "webp"
|
|
|
|
[s3]
|
|
# Can be left blank if you don't use the S3 media backend
|
|
endpoint = "myhostname.banana.com"
|
|
access_key = "_____________"
|
|
secret_access_key = "_________________"
|
|
region = ""
|
|
bucket_name = "lysand"
|
|
public_url = "https://cdn.test.com"
|
|
|
|
[email]
|
|
# Sends an email to moderators when a report is received
|
|
send_on_report = false
|
|
# Sends an email to moderators when a user is suspended
|
|
send_on_suspend = false
|
|
# Sends an email to moderators when a user is unsuspended
|
|
send_on_unsuspend = false
|
|
# Verify user emails when signing up (except via OIDC)
|
|
verify_email = false
|
|
|
|
[validation]
|
|
# Checks user data
|
|
# Does not retroactively apply to previously entered data
|
|
max_displayname_size = 50
|
|
max_bio_size = 160
|
|
max_note_size = 5000
|
|
max_avatar_size = 5_000_000
|
|
max_header_size = 5_000_000
|
|
max_media_size = 40_000_000
|
|
max_media_attachments = 10
|
|
max_media_description_size = 1000
|
|
max_poll_options = 20
|
|
max_poll_option_size = 500
|
|
min_poll_duration = 60
|
|
max_poll_duration = 1893456000
|
|
max_username_size = 30
|
|
# Forbidden usernames, defaults are from Akkoma
|
|
username_blacklist = [
|
|
".well-known",
|
|
"~",
|
|
"about",
|
|
"activities",
|
|
"api",
|
|
"auth",
|
|
"dev",
|
|
"inbox",
|
|
"internal",
|
|
"main",
|
|
"media",
|
|
"nodeinfo",
|
|
"notice",
|
|
"oauth",
|
|
"objects",
|
|
"proxy",
|
|
"push",
|
|
"registration",
|
|
"relay",
|
|
"settings",
|
|
"status",
|
|
"tag",
|
|
"users",
|
|
"web",
|
|
"search",
|
|
"mfa",
|
|
]
|
|
# Whether to blacklist known temporary email providers
|
|
blacklist_tempmail = false
|
|
# Additional email providers to blacklist (list of domains)
|
|
email_blacklist = []
|
|
# Valid URL schemes, otherwise the URL is parsed as text
|
|
url_scheme_whitelist = [
|
|
"http",
|
|
"https",
|
|
"ftp",
|
|
"dat",
|
|
"dweb",
|
|
"gopher",
|
|
"hyper",
|
|
"ipfs",
|
|
"ipns",
|
|
"irc",
|
|
"xmpp",
|
|
"ircs",
|
|
"magnet",
|
|
"mailto",
|
|
"mumble",
|
|
"ssb",
|
|
"gemini",
|
|
]
|
|
# Only allow those MIME types of data to be uploaded
|
|
# This can easily be spoofed, but if it is spoofed it will appear broken
|
|
# to normal clients until despoofed
|
|
enforce_mime_types = false
|
|
allowed_mime_types = [
|
|
"image/jpeg",
|
|
"image/png",
|
|
"image/gif",
|
|
"image/heic",
|
|
"image/heif",
|
|
"image/webp",
|
|
"image/avif",
|
|
"video/webm",
|
|
"video/mp4",
|
|
"video/quicktime",
|
|
"video/ogg",
|
|
"audio/wave",
|
|
"audio/wav",
|
|
"audio/x-wav",
|
|
"audio/x-pn-wave",
|
|
"audio/vnd.wave",
|
|
"audio/ogg",
|
|
"audio/vorbis",
|
|
"audio/mpeg",
|
|
"audio/mp3",
|
|
"audio/webm",
|
|
"audio/flac",
|
|
"audio/aac",
|
|
"audio/m4a",
|
|
"audio/x-m4a",
|
|
"audio/mp4",
|
|
"audio/3gpp",
|
|
"video/x-ms-asf",
|
|
]
|
|
|
|
[defaults]
|
|
# Default visibility for new notes
|
|
# Can be public, unlisted, private or direct
|
|
# Private only sends to followers, unlisted doesn't show up in timelines
|
|
visibility = "public"
|
|
# Default language for new notes (ISO code)
|
|
language = "en"
|
|
# Default avatar, must be a valid URL or "" for a placeholder avatar
|
|
avatar = ""
|
|
# Default header, must be a valid URL or "" for none
|
|
header = ""
|
|
# A style name from https://www.dicebear.com/styles
|
|
placeholder_style = "thumbs"
|
|
|
|
[federation]
|
|
# This is a list of domain names, such as "mastodon.social" or "pleroma.site"
|
|
# These changes will not retroactively apply to existing data before they were changed
|
|
# For that, please use the CLI
|
|
|
|
# These instances will not be federated with
|
|
blocked = []
|
|
# These instances' data will only be shown to followers, not in public timelines
|
|
followers_only = []
|
|
|
|
[federation.discard]
|
|
# These objects will be discarded when received from these instances
|
|
reports = []
|
|
deletes = []
|
|
updates = []
|
|
media = []
|
|
follows = []
|
|
# If instance reactions are blocked, likes will also be discarded
|
|
likes = []
|
|
reactions = []
|
|
banners = []
|
|
avatars = []
|
|
|
|
[instance]
|
|
name = "Lysand"
|
|
description = "A test instance of Lysand"
|
|
# URL to your instance logo (jpg files should be renamed to jpeg)
|
|
logo = ""
|
|
# URL to your instance banner (jpg files should be renamed to jpeg)
|
|
banner = ""
|
|
|
|
|
|
[filters]
|
|
# Regex filters for federated and local data
|
|
# Does not apply retroactively (try the CLI for that)
|
|
|
|
# Note contents
|
|
note_content = [
|
|
# "(https?://)?(www\\.)?youtube\\.com/watch\\?v=[a-zA-Z0-9_-]+",
|
|
# "(https?://)?(www\\.)?youtu\\.be/[a-zA-Z0-9_-]+",
|
|
]
|
|
emoji = []
|
|
# These will drop users matching the filters
|
|
username = []
|
|
displayname = []
|
|
bio = []
|
|
|
|
[logging]
|
|
# Log all requests (warning: this is a lot of data)
|
|
log_requests = false
|
|
# Log request and their contents (warning: this is a lot of data)
|
|
log_requests_verbose = false
|
|
# For GDPR compliance, you can disable logging of IPs
|
|
log_ip = false
|
|
|
|
# Log all filtered objects
|
|
log_filters = true
|
|
|
|
[logging.storage]
|
|
# Path to logfile for requests
|
|
requests = "logs/requests.log"
|
|
|
|
[ratelimits]
|
|
# These settings apply to every route at once
|
|
# Amount to multiply every route's duration by
|
|
duration_coeff = 1.0
|
|
# Amount to multiply every route's max requests per [duration] by
|
|
max_coeff = 1.0
|
|
|
|
[custom_ratelimits]
|
|
# Add in any API route in this style here
|
|
# Applies before the global ratelimit changes
|
|
"/api/v1/accounts/:id/block" = { duration = 30, max = 60 }
|
|
"/api/v1/timelines/public" = { duration = 60, max = 200 }
|