fix(gotosocial): add configuration options for instance

gotosocial/Chart.yaml

@@ -3,7 +3,7 @@ name: gotosocial
 description: With GoToSocial, you can keep in touch with your friends, post, read, and share images and articles. All without being tracked or advertised to!
 icon: https://docs.gotosocial.org/en/latest/assets/sloth.png
 type: application
-version: 0.2.0
+version: 0.2.1
 # renovate: image=docker.io/superseriousbusiness/gotosocial
 appVersion: "0.16.0"
 maintainers:

gotosocial/README.adoc

@@ -2,7 +2,7 @@
 
 = gotosocial
 
-image::https://img.shields.io/badge/Version-0.2.0-informational?style=flat-square[Version: 0.2.0]
+image::https://img.shields.io/badge/Version-0.2.1-informational?style=flat-square[Version: 0.2.1]
 image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application]
 image::https://img.shields.io/badge/AppVersion-0.16.0-informational?style=flat-square[AppVersion: 0.16.0]
 == Maintainers
@@ -167,6 +167,51 @@ helm uninstall gotosocial-release
 | `"localhost"`
 |
 
+| gotosocial.instance.deliverToSharedInboxes
+| bool
+| `true`
+| This flag tweaks whether GoToSocial will deliver ActivityPub messages to the shared inbox of a recipient, if one is available, instead of delivering each message to each actor who should receive a message individually.  Shared inbox delivery can significantly reduce network load when delivering to multiple recipients share an inbox (eg., on large Mastodon instances).  See: https://www.w3.org/TR/activitypub/#shared-inbox-delivery
+
+| gotosocial.instance.expose.peers
+| bool
+| `false`
+| Allow unauthenticated users to make queries to /api/v1/instance/peers?filter=open in order to see a list of instances that this instance 'peers' with. Even if set to 'false', then authenticated users (members of the instance) will still be able to query the endpoint.
+
+| gotosocial.instance.expose.publicTimeline
+| bool
+| `false`
+| This flag tweaks whether GoToSocial will deliver ActivityPub messages to the shared inbox of a recipient, if one is available, instead of delivering each message to each actor who should receive a message individually.  Shared inbox delivery can significantly reduce network load when delivering to multiple recipients share an inbox (eg., on large Mastodon instances).  See: https://www.w3.org/TR/activitypub/#shared-inbox-delivery
+
+| gotosocial.instance.expose.suspended
+| bool
+| `false`
+| Allow unauthenticated users to make queries to /api/v1/instance/peers?filter=suspended in order to see a list of instances that this instance blocks/suspends. Even if set to 'false', then authenticated users (members of the instance) will still be able to query the endpoint.  WARNING: Setting this variable to 'true' may result in your instance being scraped by blocklist scrapers. See: https://docs.gotosocial.org/en/latest/admin/domain_blocks/#block-announce-bots
+
+| gotosocial.instance.expose.suspendedWeb
+| bool
+| `false`
+| Allow unauthenticated users to view /about/suspended, showing the HTML rendered list of instances that this instance blocks/suspends.
+
+| gotosocial.instance.federation.mode
+| string
+| `"blocklist"`
+| Federation mode to use for this instance.  "blocklist" -- open federation by default. Only instances that are explicitly                blocked will be denied (unless they are also explicitly allowed).  "allowlist" -- closed federation by default. Only instances that are explicitly                allowed will be able to interact with this instance.  For more details on blocklist and allowlist modes, check the documentation at: https://docs.gotosocial.org/en/latest/admin/federation_modes  Options: ["blocklist", "allowlist"]
+
+| gotosocial.instance.federation.spamFilter
+| bool
+| `false`
+| Enable spam filtering heuristics for messages entering your instance via the federation API. Regardless of what you set here, basic checks for message relevancy will still be performed, but you can try enabling this setting if you are being spammed with unwanted messages from other instances, and want to more strictly filter out spam messages.  THIS IS CURRENTLY AN EXPERIMENTAL SETTING, AND MAY FILTER OUT LEGITIMATE MESSAGES, OR FAIL TO FILTER OUT SPAMMY MESSAGES. It is recommended to only enable this setting when the fediverse is in the midst of a spam wave, and you need to batten down the hatches to keep your instance usable.  The decision of whether a message counts as spam or not is made based on the following heuristics, in order, where receiver = the account on your instance that received a message in their inbox, and requester = the account on a remote instance that sent the message.  First, basic relevancy checks   1. Receiver follows requester. Return OK.  2. Statusable doesn't mention receiver. Return NotRelevant.  If instance-federation-spam-filter = false, then return OK now. Otherwise check:   3. Receiver is locked and is followed by requester. Return OK.  4. Five or more people are mentioned. Return Spam.  5. Receiver follow (requests) a mentioned account. Return OK.  6. Statusable has a media attachment. Return Spam.  7. Statusable contains non-mention, non-hashtag links. Return Spam.  Messages identified as spam will be dropped from your instance, and not inserted into the database, or into home timelines or notifications.
+
+| gotosocial.instance.injectMastodonVersion
+| bool
+| `false`
+| This flag will inject a Mastodon version into the version field that is included in /api/v1/instance. This version is often used by Mastodon clients to do API feature detection. By injecting a Mastodon compatible version, it is possible to cajole those clients to behave correctly with GoToSocial.
+
+| gotosocial.instance.languages
+| list
+| `[]`
+| BCP47 language tags to indicate preferred languages of users on this instance.  If you provide these, you should provide these in order from most-preferred to least-preferred, but note that leaving out a language from this array doesn't mean it can't be used on this instance, it only means it won't be advertised as a preferred instance language.  It is valid to provide no entries here; your instance will then have no particular preferred language.  See here for commonly-used tags: https://en.wikipedia.org/wiki/IETF_language_tag#List_of_common_primary_language_subtags See here for all current tags: https://www.iana.org/assignments/language-subtag-registry/language-subtag-registry  Example: ["nl", "en-gb", "fr"]
+
 | gotosocial.landingPageUser
 | string
 | `""`

gotosocial/templates/secret.yaml

@@ -42,6 +42,22 @@ data:
   {{- end }}{{/* end-with .database */}}
   {{- end }}{{/* end-else-if sqlite */}}
 
+  {{- with .instance }}
+  GTS_INSTANCE_LANGUAGES: {{ .languages | join "," | b64enc }}
+  {{- with .federation }}
+  GTS_INSTANCE_FEDERATION_MODE: {{ .mode | b64enc }}
+  GTS_INSTANCE_FEDERATION_SPAM_FILTER: {{ toYaml .spamFilter | b64enc }}
+  {{- end }}{{/* end-with federation */}}
+  {{- with .expose }}
+  GTS_INSTANCE_EXPOSE_PEERS: {{ toYaml .peers | b64enc }}
+  GTS_INSTANCE_EXPOSE_SUSPENDED: {{ toYaml .suspended | b64enc }}
+  GTS_INSTANCE_EXPOSE_SUSPENDED_WEB: {{ toYaml .suspendedWeb | b64enc }}
+  GTS_INSTANCE_EXPOSE_PUBLIC_TIMELINE: {{ toYaml .publicTimeline | b64enc }}
+  {{- end }}{{/* end-with expose */}}
+  GTS_INSTANCE_DELIVER_TO_SHARED_INBOXES: {{ toYaml .deliverToSharedInboxes | b64enc }}
+  GTS_INSTANCE_INJECT_MASTODON_VERSION: {{ toYaml .injectMastodonVersion | b64enc }}
+  {{- end }}{{/* end-with instance */}}
+
   {{- with .accounts }}
   GTS_ACCOUNTS_REGISTRATION_OPEN: {{ toYaml .registrationOpen | b64enc }}
   GTS_ACCOUNTS_APPROVAL_REQUIRED: {{ toYaml .approvalRequired | b64enc }}

gotosocial/values.yaml

@@ -52,6 +52,107 @@ gotosocial:
     # If this is left empty, just the host certificates will be used.
     # If filled in, the certificate will be loaded and added to host certificates.
     tlsCACert: ""
+
+  instance:
+    # -- BCP47 language tags to indicate preferred languages of users on this instance.
+    #
+    # If you provide these, you should provide these in order from most-preferred to least-preferred,
+    # but note that leaving out a language from this array doesn't mean it can't be used on this instance,
+    # it only means it won't be advertised as a preferred instance language.
+    #
+    # It is valid to provide no entries here; your instance will then have no particular preferred language.
+    #
+    # See here for commonly-used tags: https://en.wikipedia.org/wiki/IETF_language_tag#List_of_common_primary_language_subtags
+    # See here for all current tags: https://www.iana.org/assignments/language-subtag-registry/language-subtag-registry
+    #
+    # Example: ["nl", "en-gb", "fr"]
+    languages: []
+    federation:
+      # -- Federation mode to use for this instance.
+      #
+      # "blocklist" -- open federation by default. Only instances that are explicitly
+      #                blocked will be denied (unless they are also explicitly allowed).
+      #
+      # "allowlist" -- closed federation by default. Only instances that are explicitly
+      #                allowed will be able to interact with this instance.
+      #
+      # For more details on blocklist and allowlist modes, check the documentation at:
+      # https://docs.gotosocial.org/en/latest/admin/federation_modes
+      #
+      # Options: ["blocklist", "allowlist"]
+      mode: "blocklist"
+      # -- Enable spam filtering heuristics for messages entering your instance
+      # via the federation API. Regardless of what you set here, basic checks
+      # for message relevancy will still be performed, but you can try enabling
+      # this setting if you are being spammed with unwanted messages from other
+      # instances, and want to more strictly filter out spam messages.
+      #
+      # THIS IS CURRENTLY AN EXPERIMENTAL SETTING, AND MAY FILTER OUT LEGITIMATE
+      # MESSAGES, OR FAIL TO FILTER OUT SPAMMY MESSAGES. It is recommended to
+      # only enable this setting when the fediverse is in the midst of a spam
+      # wave, and you need to batten down the hatches to keep your instance usable.
+      #
+      # The decision of whether a message counts as spam or not is made based on
+      # the following heuristics, in order, where receiver = the account on your
+      # instance that received a message in their inbox, and requester = the
+      # account on a remote instance that sent the message.
+      #
+      # First, basic relevancy checks
+      #
+      #  1. Receiver follows requester. Return OK.
+      #  2. Statusable doesn't mention receiver. Return NotRelevant.
+      #
+      # If instance-federation-spam-filter = false, then return OK now.
+      # Otherwise check:
+      #
+      #  3. Receiver is locked and is followed by requester. Return OK.
+      #  4. Five or more people are mentioned. Return Spam.
+      #  5. Receiver follow (requests) a mentioned account. Return OK.
+      #  6. Statusable has a media attachment. Return Spam.
+      #  7. Statusable contains non-mention, non-hashtag links. Return Spam.
+      #
+      # Messages identified as spam will be dropped from your instance, and not
+      # inserted into the database, or into home timelines or notifications.
+      spamFilter: false
+    expose:
+      # -- Allow unauthenticated users to make queries to /api/v1/instance/peers?filter=open in order
+      # to see a list of instances that this instance 'peers' with. Even if set to 'false', then authenticated
+      # users (members of the instance) will still be able to query the endpoint.
+      peers: false
+      # -- Allow unauthenticated users to make queries to /api/v1/instance/peers?filter=suspended in order
+      # to see a list of instances that this instance blocks/suspends. Even if set to 'false', then authenticated
+      # users (members of the instance) will still be able to query the endpoint.
+      #
+      # WARNING: Setting this variable to 'true' may result in your instance being scraped by blocklist scrapers.
+      # See: https://docs.gotosocial.org/en/latest/admin/domain_blocks/#block-announce-bots
+      suspended: false
+      # -- Allow unauthenticated users to view /about/suspended,
+      # showing the HTML rendered list of instances that this instance blocks/suspends.
+      suspendedWeb: false
+      # -- This flag tweaks whether GoToSocial will deliver ActivityPub messages
+      # to the shared inbox of a recipient, if one is available, instead of delivering
+      # each message to each actor who should receive a message individually.
+      #
+      # Shared inbox delivery can significantly reduce network load when delivering
+      # to multiple recipients share an inbox (eg., on large Mastodon instances).
+      #
+      # See: https://www.w3.org/TR/activitypub/#shared-inbox-delivery
+      publicTimeline: false
+    # -- This flag tweaks whether GoToSocial will deliver ActivityPub messages
+    # to the shared inbox of a recipient, if one is available, instead of delivering
+    # each message to each actor who should receive a message individually.
+    #
+    # Shared inbox delivery can significantly reduce network load when delivering
+    # to multiple recipients share an inbox (eg., on large Mastodon instances).
+    #
+    # See: https://www.w3.org/TR/activitypub/#shared-inbox-delivery
+    deliverToSharedInboxes: true
+    # -- This flag will inject a Mastodon version into the version field that
+    # is included in /api/v1/instance. This version is often used by Mastodon clients
+    # to do API feature detection. By injecting a Mastodon compatible version, it is
+    # possible to cajole those clients to behave correctly with GoToSocial.
+    injectMastodonVersion: false
+
   accounts:
     # -- Do we want people to be able to just submit sign up requests, or do we want invite only?
     registrationOpen: true