diff options
22 files changed, 85 insertions, 59 deletions
diff --git a/.mailmap b/.mailmap new file mode 100644 index 000000000..e066fd34a --- /dev/null +++ b/.mailmap @@ -0,0 +1,3 @@ +Starfall <us@starfall.systems> Starfall <admin@plural.cafe> +Starfall <us@starfall.systems> <root@starfall.blue> + diff --git a/Dockerfile b/Dockerfile index fa6abad5a..78e4daf9e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -125,13 +125,21 @@ ENV NODE_ENV="production" ENV RAILS_SERVE_STATIC_FILES="true" ENV BIND="0.0.0.0" -# Set the run user USER mastodon +ARG SOURCE_COMMIT +ENV SOURCE_TAG $SOURCE_COMMIT + # Precompile assets -RUN cd ~ && \ - OTP_SECRET=precompile_placeholder SECRET_KEY_BASE=precompile_placeholder rails assets:precompile && \ - yarn cache clean +RUN cd ~ && OTP_SECRET=_ SECRET_KEY_BASE=_ rails assets:precompile --trace && yarn cache clean + +# Empty temporary files +USER root + +RUN rm -rf /opt/mastodon/tmp/* + +# Set the run user +USER mastodon # Set the work dir and the container entry point WORKDIR /opt/mastodon diff --git a/README.md b/README.md index 470e379dc..502e0d8db 100644 --- a/README.md +++ b/README.md @@ -1,12 +1,33 @@ -# Mastodon Glitch Edition # + +======== -> Now with automated deploys! +[](https://hub.docker.com/repository/docker/pluralcafe/mastodon) [](https://plural.cafe) -[][circleci] +Mastodon is a **free, open-source social network server** based on **open web protocols** like ActivityPub and OStatus. The social focus of the project is a viable decentralized alternative to commercial social media silos that returns the control of the content distribution channels to the people. The technical focus of the project is a good user interface, a clean REST API for 3rd party apps and robust anti-abuse tools. -[circleci]: https://circleci.com/gh/glitch-soc/mastodon +**Ruby on Rails** is used for the back-end, while **React.js** and Redux are used for the dynamic front-end. A static front-end for public resources (profiles and statuses) is also provided. -So here's the deal: we all work on this code, and then it runs on dev.glitch.social and anyone who uses that does so absolutely at their own risk. can you dig it? +This repository specifically is for [Plural Café](https://plural.cafe) and has three branches: -- You can view documentation for this project at [glitch-soc.github.io/docs/](https://glitch-soc.github.io/docs/). -- And contributing guidelines are available [here](CONTRIBUTING.md) and [here](https://glitch-soc.github.io/docs/contributing/). +* **main** (**edge** on Docker Hub) for all development and staging work, +* **glitch** for all commits from upstream that will automatically be synched to this repository, and +* **production** (**latest** on Docker Hub) for what goes onto the main website. + +In addition, there are several repositories in this GitHub organization: + +* **pluralcafe/mastodon** is this repository and is the codebase for what Plural Café runs, +* [**pluralcafe/utils**](https://github.com/pluralcafe/utils) are an assortment of scripts and tutorials to help in Mastodon system administration or general helper files this instance uses, +* [**pluralcafe/barkeep**](https://github.com/pluralcafe/barkeep) is forked from [mbilokonsky/ambassador](https://github.com/mbilokonsky/ambassador) and serves as the Ambassador bot that is run on the instance. + +This instance is a fork of a fork: this has the [Mastodon Glitch Edition](https://github.com/glitch-soc/mastodon) commits. Documentation for Mastodon Glitch Edition [can be found here](https://glitch-soc.github.io/docs/). Anyone wishing to use Glitch Edition in a Docker image for their own site can use the `pluralcafe/mastodon:glitch` image. + +--- + +## Notable changes from upstream + +See output of `git log glitch..main --oneline | grep -v '[mM]erge' | less` for a (more) complete history. + +* <ol> margin issue fixed so numbered lists aren't cut off a few pixels shy of 1 number +* HTML summary/details tags are allowed in toots +* gemini protocol links are supported (not yet supported: automatically marking gemini:// text as links) +* authentication required for account api endpoints to block some naive scrapers diff --git a/app/controllers/api/v1/accounts/follower_accounts_controller.rb b/app/controllers/api/v1/accounts/follower_accounts_controller.rb index 2277067c9..ff7478618 100644 --- a/app/controllers/api/v1/accounts/follower_accounts_controller.rb +++ b/app/controllers/api/v1/accounts/follower_accounts_controller.rb @@ -25,7 +25,7 @@ class Api::V1::Accounts::FollowerAccountsController < Api::BaseController end def hide_results? - (@account.hides_followers? && current_account&.id != @account.id) || (current_account && @account.blocking?(current_account)) + !user_signed_in? || (@account.hides_followers? && current_account&.id != @account.id) || (current_account && @account.blocking?(current_account)) end def default_accounts diff --git a/app/controllers/api/v1/accounts/following_accounts_controller.rb b/app/controllers/api/v1/accounts/following_accounts_controller.rb index 93d4bd3a4..64e1bd2cd 100644 --- a/app/controllers/api/v1/accounts/following_accounts_controller.rb +++ b/app/controllers/api/v1/accounts/following_accounts_controller.rb @@ -25,7 +25,7 @@ class Api::V1::Accounts::FollowingAccountsController < Api::BaseController end def hide_results? - (@account.hides_following? && current_account&.id != @account.id) || (current_account && @account.blocking?(current_account)) + !user_signed_in? || (@account.hides_following? && current_account&.id != @account.id) || (current_account && @account.blocking?(current_account)) end def default_accounts diff --git a/app/controllers/api/v1/accounts/relationships_controller.rb b/app/controllers/api/v1/accounts/relationships_controller.rb index 1d3992a28..865529e25 100644 --- a/app/controllers/api/v1/accounts/relationships_controller.rb +++ b/app/controllers/api/v1/accounts/relationships_controller.rb @@ -5,10 +5,14 @@ class Api::V1::Accounts::RelationshipsController < Api::BaseController before_action :require_user! def index - accounts = Account.where(id: account_ids).select('id') - # .where doesn't guarantee that our results are in the same order - # we requested them, so return the "right" order to the requestor. - @accounts = accounts.index_by(&:id).values_at(*account_ids).compact + if user_signed_in? + accounts = Account.where(id: account_ids).select('id') + # .where doesn't guarantee that our results are in the same order + # we requested them, so return the "right" order to the requestor. + @accounts = accounts.index_by(&:id).values_at(*account_ids).compact + else + @accounts = Account.none + end render json: @accounts, each_serializer: REST::RelationshipSerializer, relationships: relationships end diff --git a/app/controllers/api/v1/accounts/search_controller.rb b/app/controllers/api/v1/accounts/search_controller.rb index 3061fcb7e..aa8745931 100644 --- a/app/controllers/api/v1/accounts/search_controller.rb +++ b/app/controllers/api/v1/accounts/search_controller.rb @@ -12,6 +12,7 @@ class Api::V1::Accounts::SearchController < Api::BaseController private def account_search + return Account.none unless user_signed_in? AccountSearchService.new.call( params[:q], current_account, diff --git a/app/controllers/api/v1/accounts/statuses_controller.rb b/app/controllers/api/v1/accounts/statuses_controller.rb index 114ee0a82..fe932f93c 100644 --- a/app/controllers/api/v1/accounts/statuses_controller.rb +++ b/app/controllers/api/v1/accounts/statuses_controller.rb @@ -26,6 +26,8 @@ class Api::V1::Accounts::StatusesController < Api::BaseController end def account_statuses + return Status.none unless user_signed_in? + statuses = truthy_param?(:pinned) ? pinned_scope : permitted_account_statuses statuses.merge!(only_media_scope) if truthy_param?(:only_media) diff --git a/app/javascript/flavours/glitch/features/getting_started/components/trends.js b/app/javascript/flavours/glitch/features/getting_started/components/trends.js index 0734ec72b..c60f78f7e 100644 --- a/app/javascript/flavours/glitch/features/getting_started/components/trends.js +++ b/app/javascript/flavours/glitch/features/getting_started/components/trends.js @@ -38,7 +38,7 @@ export default class Trends extends ImmutablePureComponent { <div className='getting-started__trends'> <h4><FormattedMessage id='trends.trending_now' defaultMessage='Trending now' /></h4> - {trends.take(3).map(hashtag => <Hashtag key={hashtag.get('name')} hashtag={hashtag} />)} + {trends.take(1).map(hashtag => <Hashtag key={hashtag.get('name')} hashtag={hashtag} />)} </div> ); } diff --git a/app/javascript/flavours/glitch/features/ui/components/link_footer.js b/app/javascript/flavours/glitch/features/ui/components/link_footer.js index 4d7fc36c2..d26bbe9f8 100644 --- a/app/javascript/flavours/glitch/features/ui/components/link_footer.js +++ b/app/javascript/flavours/glitch/features/ui/components/link_footer.js @@ -58,9 +58,10 @@ class LinkFooter extends React.PureComponent { <p> <FormattedMessage id='getting_started.open_source_notice' - defaultMessage='Glitchsoc is open source software, a friendly fork of {Mastodon}. You can contribute or report issues on GitHub at {github}.' + defaultMessage='GlitchCafe is open source software, based on {Glitchsoc} which is a friendly fork of {Mastodon}. You can contribute or report issues on GitHub at {github}.' values={{ - github: <span><a href='https://github.com/glitch-soc/mastodon' rel='noopener noreferrer' target='_blank'>glitch-soc/mastodon</a> (v{version})</span>, + github: <span><a href='https://github.com/pluralcafe/mastodon' rel='noopener noreferrer' target='_blank'>pluralcafe/mastodon</a> (v{version})</span>, + Glitchsoc: <a href='https://github.com/glitch-soc/mastodon' rel='noopener noreferrer' target='_blank'>glitch-soc/mastodon</a>, Mastodon: <a href='https://github.com/tootsuite/mastodon' rel='noopener noreferrer' target='_blank'>Mastodon</a> }} /> </p> diff --git a/app/javascript/flavours/glitch/features/ui/containers/status_list_container.js b/app/javascript/flavours/glitch/features/ui/containers/status_list_container.js index bd2d2eb4e..abcbf13db 100644 --- a/app/javascript/flavours/glitch/features/ui/containers/status_list_container.js +++ b/app/javascript/flavours/glitch/features/ui/containers/status_list_container.js @@ -33,8 +33,6 @@ const makeGetStatusIds = (pending = false) => createSelector([ const statusForId = statuses.get(id); let showStatus = true; - if (statusForId.get('account') === me) return true; - if (columnSettings.getIn(['shows', 'reblog']) === false) { showStatus = showStatus && statusForId.get('reblog') === null; } diff --git a/app/javascript/flavours/glitch/locales/en.js b/app/javascript/flavours/glitch/locales/en.js index 90e924d4a..528875e45 100644 --- a/app/javascript/flavours/glitch/locales/en.js +++ b/app/javascript/flavours/glitch/locales/en.js @@ -1,7 +1,7 @@ import inherited from 'mastodon/locales/en.json'; const messages = { - 'getting_started.open_source_notice': 'Glitchsoc is free open source software forked from {Mastodon}. You can contribute or report issues on GitHub at {github}.', + 'getting_started.open_source_notice': 'GlitchCafe is free open source software forked from {Glitchsoc} and {Mastodon}. You can contribute or report issues on GitHub at {github}.', 'layout.auto': 'Auto', 'layout.current_is': 'Your current layout is:', 'layout.desktop': 'Desktop', @@ -10,7 +10,7 @@ const messages = { 'getting_started.onboarding': 'Show me around', 'onboarding.page_one.federation': '{domain} is an \'instance\' of Mastodon. Mastodon is a network of independent servers joining up to make one larger social network. We call these servers instances.', 'onboarding.page_one.welcome': 'Welcome to {domain}!', - 'onboarding.page_six.github': '{domain} runs on Glitchsoc. Glitchsoc is a friendly {fork} of {Mastodon}, and is compatible with any Mastodon instance or app. Glitchsoc is entirely free and open-source. You can report bugs, request features, or contribute to the code on {github}.', + 'onboarding.page_six.github': '{domain} runs on GlitchCafe, which is based on Glitchsoc. Glitchsoc is a friendly {fork} of {Mastodon}, and is compatible with any Mastodon instance or app. GlitchCafe includes Plural Cafe-specific additions to Glitchsoc. Glitchsoc is entirely free and open-source. You can report bugs, request features, or contribute to the code on {github}.', 'settings.auto_collapse': 'Automatic collapsing', 'settings.auto_collapse_all': 'Everything', 'settings.auto_collapse_lengthy': 'Lengthy toots', diff --git a/app/javascript/flavours/glitch/styles/components/status.scss b/app/javascript/flavours/glitch/styles/components/status.scss index a65581136..76167ec60 100644 --- a/app/javascript/flavours/glitch/styles/components/status.scss +++ b/app/javascript/flavours/glitch/styles/components/status.scss @@ -132,19 +132,19 @@ } ul, ol { - margin-left: 1em; - p { margin: 0; } } ul { + margin-left: 1em; list-style-type: disc; } ol { list-style-type: decimal; + list-style-position: inside; } } diff --git a/app/lib/sanitize_config.rb b/app/lib/sanitize_config.rb index ccc3f4642..80e8f6cc7 100644 --- a/app/lib/sanitize_config.rb +++ b/app/lib/sanitize_config.rb @@ -15,6 +15,7 @@ class Sanitize ipfs ipns ssb + gemini gopher xmpp magnet @@ -83,7 +84,7 @@ class Sanitize end MASTODON_STRICT ||= freeze_config( - elements: %w(p br span a abbr del pre blockquote code b strong u sub sup i em h1 h2 h3 h4 h5 ul ol li), + elements: %w(p br span a abbr del pre blockquote code b strong u sub sup i em h1 h2 h3 h4 h5 ul ol li details summary), attributes: { 'a' => %w(href rel class title), diff --git a/config/environments/production.rb b/config/environments/production.rb index 00571a35a..d617a297a 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -105,11 +105,11 @@ Rails.application.configure do config.action_dispatch.default_headers = { 'Server' => 'Mastodon', - 'X-Frame-Options' => 'DENY', - 'X-Content-Type-Options' => 'nosniff', - 'X-XSS-Protection' => '1; mode=block', - 'Referrer-Policy' => 'same-origin', - 'Strict-Transport-Security' => 'max-age=63072000; includeSubDomains; preload', + #'X-Frame-Options' => 'DENY', + #'X-Content-Type-Options' => 'nosniff', + #'X-XSS-Protection' => '1; mode=block', + #'Referrer-Policy' => 'same-origin', + #'Strict-Transport-Security' => 'max-age=63072000; includeSubDomains; preload', 'X-Clacks-Overhead' => 'GNU Natalie Nguyen' } diff --git a/config/initializers/content_security_policy.rb b/config/initializers/content_security_policy.rb index 68d3751fc..a0d48eafd 100644 --- a/config/initializers/content_security_policy.rb +++ b/config/initializers/content_security_policy.rb @@ -33,9 +33,9 @@ if Rails.env.production? p.frame_ancestors :none p.script_src :self, assets_host p.font_src :self, assets_host - p.img_src :self, :data, :blob, *data_hosts + p.img_src :self, :data, :blob, *data_hosts, "pool.jortage.com", "blob.jortage.com", "s3-us-east-2.amazonaws.com" p.style_src :self, assets_host - p.media_src :self, :data, *data_hosts + p.media_src :self, :data, *data_hosts, "pool.jortage.com", "blob.jortage.com", "s3-us-east-2.amazonaws.com" p.frame_src :self, :https p.child_src :self, :blob, assets_host p.worker_src :self, :blob, assets_host diff --git a/config/locales/simple_form.en.yml b/config/locales/simple_form.en.yml index 0a8a6fd62..78735e9c3 100644 --- a/config/locales/simple_form.en.yml +++ b/config/locales/simple_form.en.yml @@ -64,7 +64,7 @@ en: imports: data: CSV file exported from another Mastodon server invite_request: - text: This will help us review your application + text: 'If you are interested in signing up, please put whether you are a plural system or singlet in the "Why do you want to join" box. This is purely to ward off spam bots. If this is not answered, your request to join the instance will be rejected.' sessions: otp: 'Enter the two-factor code generated by your phone app or use one of your recovery codes:' tag: diff --git a/db/migrate/20180617162849_remove_unused_indexes.rb b/db/migrate/20180617162849_remove_unused_indexes.rb deleted file mode 100644 index 61add6385..000000000 --- a/db/migrate/20180617162849_remove_unused_indexes.rb +++ /dev/null @@ -1,7 +0,0 @@ -class RemoveUnusedIndexes < ActiveRecord::Migration[5.2] - def change - remove_index :statuses, name: "index_statuses_on_conversation_id" - remove_index :users, name: "index_users_on_filtered_languages" - remove_index :backups, name: "index_backups_on_user_id" - end -end diff --git a/db/migrate/20180628181026_create_custom_filters.rb b/db/migrate/20180628181026_create_custom_filters.rb deleted file mode 100644 index d19cf2e9d..000000000 --- a/db/migrate/20180628181026_create_custom_filters.rb +++ /dev/null @@ -1,13 +0,0 @@ -class CreateCustomFilters < ActiveRecord::Migration[5.2] - def change - create_table :custom_filters do |t| - t.belongs_to :account, foreign_key: { on_delete: :cascade } - t.datetime :expires_at - t.text :phrase, null: false, default: '' - t.string :context, array: true, null: false, default: [] - t.boolean :irreversible, null: false, default: false - - t.timestamps - end - end -end diff --git a/db/migrate/20200510181721_remove_duplicated_indexes_pghero.rb b/db/migrate/20200510181721_remove_duplicated_indexes_pghero.rb index e2eaf46f1..e7f3462ae 100644 --- a/db/migrate/20200510181721_remove_duplicated_indexes_pghero.rb +++ b/db/migrate/20200510181721_remove_duplicated_indexes_pghero.rb @@ -5,7 +5,7 @@ class RemoveDuplicatedIndexesPghero < ActiveRecord::Migration[5.2] remove_index :account_pins, name: "index_account_pins_on_account_id", column: :account_id remove_index :announcement_mutes, name: "index_announcement_mutes_on_account_id", column: :account_id remove_index :announcement_reactions, name: "index_announcement_reactions_on_account_id", column: :account_id - remove_index :bookmarks, name: "index_bookmarks_on_account_id", column: :account_id + # remove_index :bookmarks, name: "index_bookmarks_on_account_id", column: :account_id remove_index :markers, name: "index_markers_on_user_id", column: :user_id end end diff --git a/hooks/build b/hooks/build new file mode 100755 index 000000000..4f7259bec --- /dev/null +++ b/hooks/build @@ -0,0 +1,3 @@ +#!/usr/bin/env bash +echo "Building from ${SOURCE_COMMIT}" +docker build --build-arg SOURCE_COMMIT=`head -c 7 <<< $SOURCE_COMMIT` -t $IMAGE_NAME . diff --git a/lib/mastodon/version.rb b/lib/mastodon/version.rb index fa85f8e37..9702018dc 100644 --- a/lib/mastodon/version.rb +++ b/lib/mastodon/version.rb @@ -13,7 +13,7 @@ module Mastodon end def patch - 4 + 5 end def flags @@ -21,7 +21,11 @@ module Mastodon end def suffix - '+glitch' + if source_tag + "+cafe.#{source_tag}" + else + "+cafe" + end end def to_a @@ -33,7 +37,7 @@ module Mastodon end def repository - ENV.fetch('GITHUB_REPOSITORY') { 'glitch-soc/mastodon' } + ENV.fetch('GITHUB_REPOSITORY') { 'pluralcafe/mastodon' } end def source_base_url |