diff options
Diffstat (limited to 'config')
-rw-r--r-- | config/application.rb | 1 | ||||
-rw-r--r-- | config/environments/production.rb | 9 | ||||
-rw-r--r-- | config/initializers/content_security_policy.rb | 14 | ||||
-rw-r--r-- | config/initializers/doorkeeper.rb | 5 | ||||
-rw-r--r-- | config/initializers/paperclip.rb | 4 | ||||
-rw-r--r-- | config/initializers/suppress_csrf_warnings.rb | 4 | ||||
-rw-r--r-- | config/locales/en.yml | 21 | ||||
-rw-r--r-- | config/locales/simple_form.en.yml | 14 | ||||
-rw-r--r-- | config/navigation.rb | 1 | ||||
-rw-r--r-- | config/routes.rb | 4 | ||||
-rw-r--r-- | config/settings.yml | 1 | ||||
-rw-r--r-- | config/sidekiq.yml | 4 |
12 files changed, 54 insertions, 28 deletions
diff --git a/config/application.rb b/config/application.rb index c911e76dc..eb2c91677 100644 --- a/config/application.rb +++ b/config/application.rb @@ -29,6 +29,7 @@ require_relative '../lib/webpacker/helper_extensions' require_relative '../lib/action_dispatch/cookie_jar_extensions' require_relative '../lib/rails/engine_extensions' require_relative '../lib/active_record/database_tasks_extensions' +require_relative '../lib/active_record/batches' Dotenv::Railtie.load diff --git a/config/environments/production.rb b/config/environments/production.rb index 8d811451c..bf6b5d88e 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -90,9 +90,12 @@ Rails.application.configure do config.action_mailer.perform_caching = false # E-mails + outgoing_email_address = ENV.fetch('SMTP_FROM_ADDRESS', 'notifications@localhost') + outgoing_mail_domain = Mail::Address.new(outgoing_email_address).domain config.action_mailer.default_options = { - from: ENV.fetch('SMTP_FROM_ADDRESS', 'notifications@localhost'), - reply_to: ENV['SMTP_REPLY_TO'] + from: outgoing_email_address, + reply_to: ENV['SMTP_REPLY_TO'], + 'Message-ID': -> { "<#{Mail.random_tag}@#{outgoing_mail_domain}>" }, } config.action_mailer.smtp_settings = { @@ -116,10 +119,10 @@ Rails.application.configure do 'X-Frame-Options' => 'DENY', 'X-Content-Type-Options' => 'nosniff', 'X-XSS-Protection' => '1; mode=block', + 'Permissions-Policy' => 'interest-cohort=()', 'Referrer-Policy' => 'same-origin', 'Strict-Transport-Security' => 'max-age=63072000; includeSubDomains; preload', 'X-Clacks-Overhead' => 'GNU Natalie Nguyen' - } config.x.otp_secret = ENV.fetch('OTP_SECRET') diff --git a/config/initializers/content_security_policy.rb b/config/initializers/content_security_policy.rb index 3a1438201..549ac3568 100644 --- a/config/initializers/content_security_policy.rb +++ b/config/initializers/content_security_policy.rb @@ -53,11 +53,13 @@ Rails.application.config.content_security_policy_nonce_generator = -> request { Rails.application.config.content_security_policy_nonce_directives = %w(style-src) -PgHero::HomeController.content_security_policy do |p| - p.script_src :self, :unsafe_inline, assets_host - p.style_src :self, :unsafe_inline, assets_host -end +Rails.application.reloader.to_prepare do + PgHero::HomeController.content_security_policy do |p| + p.script_src :self, :unsafe_inline, assets_host + p.style_src :self, :unsafe_inline, assets_host + end -PgHero::HomeController.after_action do - request.content_security_policy_nonce_generator = nil + PgHero::HomeController.after_action do + request.content_security_policy_nonce_generator = nil + end end diff --git a/config/initializers/doorkeeper.rb b/config/initializers/doorkeeper.rb index 63cff7c59..f78db8653 100644 --- a/config/initializers/doorkeeper.rb +++ b/config/initializers/doorkeeper.rb @@ -52,6 +52,11 @@ Doorkeeper.configure do # Issue access tokens with refresh token (disabled by default) # use_refresh_token + # Forbids creating/updating applications with arbitrary scopes that are + # not in configuration, i.e. `default_scopes` or `optional_scopes`. + # (Disabled by default) + enforce_configured_scopes + # Provide support for an owner to be assigned to each registered application (disabled by default) # Optional parameter :confirmation => true (default false) if you want to enforce ownership of # a registered application diff --git a/config/initializers/paperclip.rb b/config/initializers/paperclip.rb index 9ad7fd814..e2a045647 100644 --- a/config/initializers/paperclip.rb +++ b/config/initializers/paperclip.rb @@ -112,7 +112,9 @@ else ) end -Paperclip.options[:content_type_mappings] = { csv: Import::FILE_TYPES } +Rails.application.reloader.to_prepare do + Paperclip.options[:content_type_mappings] = { csv: Import::FILE_TYPES } +end # In some places in the code, we rescue this exception, but we don't always # load the S3 library, so it may be an undefined constant: diff --git a/config/initializers/suppress_csrf_warnings.rb b/config/initializers/suppress_csrf_warnings.rb index 410ab585b..b86adc6f1 100644 --- a/config/initializers/suppress_csrf_warnings.rb +++ b/config/initializers/suppress_csrf_warnings.rb @@ -1,3 +1,5 @@ # frozen_string_literal: true -ActionController::Base.log_warning_on_csrf_failure = false +Rails.application.reloader.to_prepare do + ActionController::Base.log_warning_on_csrf_failure = false +end diff --git a/config/locales/en.yml b/config/locales/en.yml index 182a8e985..88acf3164 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -315,10 +315,12 @@ en: new: create: Create announcement title: New announcement + publish: Publish published_msg: Announcement successfully published! scheduled_for: Scheduled for %{time} scheduled_msg: Announcement scheduled for publication! title: Announcements + unpublish: Unpublish unpublished_msg: Announcement successfully unpublished! updated_msg: Announcement successfully updated! custom_emojis: @@ -363,7 +365,6 @@ en: feature_profile_directory: Profile directory feature_registrations: Registrations feature_relay: Federation relay - feature_spam_check: Anti-spam feature_timeline_preview: Timeline preview features: Features hidden_service: Federation with hidden services @@ -441,6 +442,14 @@ en: create: Add domain title: Block new e-mail domain title: Blocked e-mail domains + follow_recommendations: + description_html: "<strong>Follow recommendations help new users quickly find interesting content</strong>. When a user has not interacted with others enough to form personalized follow recommendations, these accounts are recommended instead. They are re-calculated on a daily basis from a mix of accounts with the highest recent engagements and highest local follower counts for a given language." + language: For language + status: Status + suppress: Suppress follow recommendation + suppressed: Suppressed + title: Follow recommendations + unsuppress: Restore follow recommendation instances: by_domain: Domain delivery_available: Delivery is available @@ -545,8 +554,10 @@ en: updated_at: Updated rules: add_new: Add rule - description: While most claim to have read and agree to the terms of service, usually people do not read through until after a problem arises. Make it easier to see your server's rules at a glance by providing them in a flat bullet point list. Try to keep individual rules short and simple, but try not to split them up into many separate items either. + delete: Delete + description_html: While most claim to have read and agree to the terms of service, usually people do not read through until after a problem arises. <strong>Make it easier to see your server's rules at a glance by providing them in a flat bullet point list.</strong> Try to keep individual rules short and simple, but try not to split them up into many separate items either. edit: Edit rule + empty: No server rules have been defined yet. title: Server rules settings: activity_api_enabled: @@ -627,9 +638,6 @@ en: desc_html: You can write your own privacy policy, terms of service or other legalese. You can use HTML tags title: Custom terms of service site_title: Server name - spam_check_enabled: - desc_html: Mastodon can auto-report accounts that send repeated unsolicited messages. There may be false positives. - title: Anti-spam automation thumbnail: desc_html: Used for previews via OpenGraph and API. 1200x630px recommended title: Server thumbnail @@ -691,6 +699,7 @@ en: add_new: Add new delete: Delete edit_preset: Edit warning preset + empty: You haven't defined any warning presets yet. title: Manage warning presets admin_mailer: new_pending_account: @@ -1209,8 +1218,6 @@ en: relationships: Follows and followers two_factor_authentication: Two-factor Auth webauthn_authentication: Security keys - spam_check: - spam_detected: This is an automated report. Spam has been detected. statuses: attached: audio: diff --git a/config/locales/simple_form.en.yml b/config/locales/simple_form.en.yml index 97d5b3122..7146adced 100644 --- a/config/locales/simple_form.en.yml +++ b/config/locales/simple_form.en.yml @@ -30,19 +30,19 @@ en: defaults: autofollow: People who sign up through the invite will automatically follow you avatar: PNG, GIF or JPG. At most %{size}. Will be downscaled to %{dimensions}px - bot: This account mainly performs automated actions and might not be monitored + bot: Signal to others that the account mainly performs automated actions and might not be monitored context: One or multiple contexts where the filter should apply current_password: For security purposes please enter the password of the current account current_username: To confirm, please enter the username of the current account digest: Only sent after a long period of inactivity and only if you have received any personal messages in your absence - discoverable: The profile directory is another way by which your account can reach a wider audience + discoverable: Allow your account to be discovered by strangers through recommendations and other features email: You will be sent a confirmation e-mail fields: You can have up to 4 items displayed as a table on your profile header: PNG, GIF or JPG. At most %{size}. Will be downscaled to %{dimensions}px inbox_url: Copy the URL from the frontpage of the relay you want to use irreversible: Filtered toots will disappear irreversibly, even if filter is later removed locale: The language of the user interface, e-mails and push notifications - locked: Requires you to manually approve followers + locked: Manually control who can follow you by approving follow requests password: Use at least 8 characters phrase: Will be matched regardless of casing in text or content warning of a toot scopes: Which APIs the application will be allowed to access. If you select a top-level scope, you don't need to select individual ones. @@ -51,7 +51,7 @@ en: setting_display_media_default: Hide media marked as sensitive setting_display_media_hide_all: Always hide media setting_display_media_show_all: Always show media - setting_hide_network: Who you follow and who follows you will not be shown on your profile + setting_hide_network: Who you follow and who follows you will be hidden on your profile setting_noindex: Affects your public profile and status pages setting_show_application: The application you use to toot will be displayed in the detailed view of your toots setting_use_blurhash: Gradients are based on the colors of the hidden visuals but obfuscate any details @@ -128,7 +128,7 @@ en: context: Filter contexts current_password: Current password data: Data - discoverable: List this account on the directory + discoverable: Suggest account to others display_name: Display name email: E-mail address expires_in: Expire after @@ -138,7 +138,7 @@ en: inbox_url: URL of the relay inbox irreversible: Drop instead of hide locale: Interface language - locked: Lock account + locked: Require follow requests max_uses: Max number of uses new_password: New password note: Bio @@ -160,7 +160,7 @@ en: setting_display_media_hide_all: Hide all setting_display_media_show_all: Show all setting_expand_spoilers: Always expand toots marked with content warnings - setting_hide_network: Hide your network + setting_hide_network: Hide your social graph setting_noindex: Opt-out of search engine indexing setting_reduce_motion: Reduce motion in animations setting_show_application: Disclose application used to send toots diff --git a/config/navigation.rb b/config/navigation.rb index 0bb3189c1..c626b09ee 100644 --- a/config/navigation.rb +++ b/config/navigation.rb @@ -45,6 +45,7 @@ SimpleNavigation::Configuration.run do |navigation| s.item :accounts, safe_join([fa_icon('users fw'), t('admin.accounts.title')]), admin_accounts_url, highlights_on: %r{/admin/accounts|/admin/pending_accounts} s.item :invites, safe_join([fa_icon('user-plus fw'), t('admin.invites.title')]), admin_invites_path s.item :tags, safe_join([fa_icon('hashtag fw'), t('admin.tags.title')]), admin_tags_path, highlights_on: %r{/admin/tags} + s.item :follow_recommendations, safe_join([fa_icon('user-plus fw'), t('admin.follow_recommendations.title')]), admin_follow_recommendations_path, highlights_on: %r{/admin/follow_recommendations} s.item :instances, safe_join([fa_icon('cloud fw'), t('admin.instances.title')]), admin_instances_url(limited: whitelist_mode? ? nil : '1'), highlights_on: %r{/admin/instances|/admin/domain_blocks|/admin/domain_allows}, if: -> { current_user.admin? } s.item :email_domain_blocks, safe_join([fa_icon('envelope fw'), t('admin.email_domain_blocks.title')]), admin_email_domain_blocks_url, highlights_on: %r{/admin/email_domain_blocks}, if: -> { current_user.admin? } s.item :ip_blocks, safe_join([fa_icon('ban fw'), t('admin.ip_blocks.title')]), admin_ip_blocks_url, highlights_on: %r{/admin/ip_blocks}, if: -> { current_user.admin? } diff --git a/config/routes.rb b/config/routes.rb index 8ec67113b..73d6c6618 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -3,8 +3,6 @@ require 'sidekiq_unique_jobs/web' require 'sidekiq-scheduler/web' -Sidekiq::Web.set :session_secret, Rails.application.secrets[:secret_key_base] - Rails.application.routes.draw do root 'home#index' @@ -296,6 +294,7 @@ Rails.application.routes.draw do end resources :account_moderation_notes, only: [:create, :destroy] + resource :follow_recommendations, only: [:show, :update] resources :tags, only: [:index, :show, :update] do collection do @@ -513,6 +512,7 @@ Rails.application.routes.draw do namespace :v2 do resources :media, only: [:create] get '/search', to: 'search#index', as: :search + resources :suggestions, only: [:index] end namespace :web do diff --git a/config/settings.yml b/config/settings.yml index 1d9488052..0af1a61a2 100644 --- a/config/settings.yml +++ b/config/settings.yml @@ -75,7 +75,6 @@ defaults: &defaults show_reblogs_in_public_timelines: false show_replies_in_public_timelines: false default_content_type: 'text/plain' - spam_check_enabled: true show_domain_blocks: 'disabled' show_domain_blocks_rationale: 'disabled' outgoing_spoilers: '' diff --git a/config/sidekiq.yml b/config/sidekiq.yml index 010923717..a8e4c7feb 100644 --- a/config/sidekiq.yml +++ b/config/sidekiq.yml @@ -25,6 +25,10 @@ cron: '<%= Random.rand(0..59) %> <%= Random.rand(0..2) %> * * *' class: Scheduler::FeedCleanupScheduler queue: scheduler + follow_recommendations_scheduler: + cron: '<%= Random.rand(0..59) %> <%= Random.rand(6..9) %> * * *' + class: Scheduler::FollowRecommendationsScheduler + queue: scheduler doorkeeper_cleanup_scheduler: cron: '<%= Random.rand(0..59) %> <%= Random.rand(0..2) %> * * 0' class: Scheduler::DoorkeeperCleanupScheduler |