zelo72
/
documentation
mirror of https://github.com/mastodon/documentation
1
0
Fork 0
Code Issues 6 Releases Wiki Activity

Merge branch 'master' into spelling-fixes

This commit is contained in:
Frigyes 2023-12-07 10:08:01 -08:00 committed by GitHub
parent c7cd653ddd 0982664688
commit a21e47ba5e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
29 changed files with 377 additions and 52 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
content/en/admin/config.md
View File

@ -387,7 +387,7 @@ See the [Elasticsearch setup page for details on each setting](../elasticsearch#
#### `ES_HOST`
Host of the Elasticsearch server. Defaults to `localhost`
Host of the Elasticsearch server. Defaults to `localhost`. If using TLS, prepend the hostname with `https://`. For example: `https://elastic.example.com`.
#### `ES_PORT`
@ -578,6 +578,15 @@ You must serve the files with CORS headers, otherwise some functions of Mastodon
#### `OMNIAUTH_ONLY`
#### `ONE_CLICK_SSO_LOGIN`
Enables the `Login or Register` button.
Useful for instances where all authentication takes place using a single
external provider (CAS, SAML or OIDC).
Enabling this will prevent caching for anonymous sessions.
And, when using OIDC discovery, the identity provider has to be available
before Mastodon starts.
### LDAP {#ldap}
#### `LDAP_ENABLED`
@ -821,3 +830,4 @@ Defaults to `512`.
#### `GITHUB_API_TOKEN`
Used in a rake task for generating AUTHORS.md from GitHub commit history.

2
content/en/admin/elasticsearch.md
View File

@ -71,6 +71,8 @@ ES_PRESET= # single_node_cluster, small_cluster or large_cluster
# ES_PASS=
```
_Note_: If using TLS, prepend the hostname with `https://`. For example: `https://elastic.example.com`.
### Choosing the correct preset
The value for `ES_PRESET` depends on the size of your Elasticsearch and will be used to set the number of shards and replicas for your indices to the best value for your setup:

1
content/en/admin/install.md
View File

@ -74,7 +74,6 @@ And proceed to install rbenv and rbenv-build:
```bash
git clone https://github.com/rbenv/rbenv.git ~/.rbenv
cd ~/.rbenv && src/configure && make -C src
echo 'export PATH="$HOME/.rbenv/bin:$PATH"' >> ~/.bashrc
echo 'eval "$(rbenv init -)"' >> ~/.bashrc
exec bash

226
content/en/admin/moderation.md
View File

@ -90,3 +90,229 @@ sudo iptables -I INPUT 1 -m set --match-set spambots src -j DROP
```
Be careful not to lock yourself out of your machine.
### Webhooks for moderation-level events {#report-events-webhook}
Webhooks can be created to facilitate automation through the moderation API by notifying applications about system events in real-time. This also enables integrations with chat apps like Discord, IRC and Slack, helping moderator coordination.
The X-Hub-Signature header adopted from the WebSub spec can be optionally used to verify that the payloads are authentic.
Events currently supported:
* account.approved
* account.created
* account.updated
* report.created
* report.updated
* status.created
* status.updated
#### Example payload:
```json
{
"event":"report.created",
"created_at":"2023-10-26T13:34:00.351Z",
"object":{
"id":"8437",
"action_taken":false,
"action_taken_at":null,
"category":"violation",
"comment":"",
"forwarded":true,
"created_at":"2023-10-26T13:34:00.348Z",
"updated_at":"2023-10-26T13:34:00.348Z",
"account":{
"id":"123456789",
"username":"bobisaburger",
"domain":null,
"created_at":"2023-07-13T04:39:22.493Z",
"email":"bobisaburger@emailservice.com",
"ip":"12.34.56.78",
"confirmed":true,
"suspended":false,
"silenced":false,
"sensitized":false,
"disabled":false,
"approved":true,
"locale":"en",
"invite_request":"I would love to be a member of your instance!",
"ips":[
{
"ip":"12.34.56.78",
"used_at":"2023-07-13T04:45:31.835Z"
},
{
"ip":"98.76.54.32",
"used_at":"2023-07-13T04:39:22.722Z"
}
],
"account":{
"id":"123456789",
"username":"bobisaburger",
"acct":"bobisaburger",
"display_name":"bobisaburger",
"locked":false,
"bot":false,
"discoverable":null,
"group":false,
"created_at":"2023-07-13T00:00:00.000Z",
"note":"",
"url":"https://mastodonwebsite/@bobisaburger",
"uri":"https://mastodonwebsite/users/bobisaburger",
"avatar":"https://locationofavatar.com/image.jpg",
"avatar_static":"https://locationofavatar.com/image.jpg",
"header":"locationofheader.com/image.jpg",
"header_static":"locationofheader.com/image.jpg",
"followers_count":100,
"following_count":200,
"statuses_count":9,
"last_status_at":"2023-08-05",
"noindex":true,
"emojis":[
],
"roles":[
],
"fields":[
]
},
"role":{
"id":"-99",
"name":"",
"permissions":"65536",
"color":"",
"highlighted":false
}
},
"target_account":{
"id":"123454321",
"username":"cheeseperson",
"domain":"someothermastodonsite.com",
"created_at":"2023-08-20T00:00:00.000Z",
"email":null,
"ip":null,
"confirmed":null,
"suspended":false,
"silenced":false,
"sensitized":false,
"disabled":null,
"approved":null,
"locale":null,
"invite_request":null,
"ips":null,
"account":{
"id":"123454321",
"username":"cheeseperson",
"acct":"cheeseperson@someothermastodonsite.com",
"display_name":"cheeseperson",
"locked":false,
"bot":false,
"discoverable":false,
"group":false,
"created_at":"2023-08-20T00:00:00.000Z",
"note":"",
"url":"https://someothermastodonsite.com/@cheeseperson",
"uri":"https://someothermastodonsite.com/users/cheeseperson",
"avatar":"https://someothermastadonsite.com/avatars/original/missing.png",
"avatar_static":"https://someothermastadonsite.com/avatars/original/missing.png",
"header":"locationofheader.com/image.jpg",
"header_static":"locationofheader.com/image.jpg",
"followers_count":2,
"following_count":2,
"statuses_count":95,
"last_status_at":"2023-10-26",
"emojis":[
],
"fields":[
]
},
"role":null
},
"assigned_account":null,
"action_taken_by_account":null,
"statuses":[
{
"id":"12345678987654321",
"created_at":"2023-10-26T11:29:13.000Z",
"in_reply_to_id":"1918282746465",
"in_reply_to_account_id":"101010101010",
"sensitive":false,
"spoiler_text":"",
"visibility":"public",
"language":"de",
"uri":"https://someothermastodonsite.com/users/cheeseperson/statuses/111301083360371621",
"url":"https://someothermastodonsite.com/@cheeseperson/111301083360371621",
"replies_count":0,
"reblogs_count":0,
"favourites_count":0,
"edited_at":"2023-10-26T11:30:31.000Z",
"content":"<p>Here is some content</p>",
"reblog":null,
"account":{
"id":"123454321",
"username":"cheeseperson",
"acct":"cheeseperson@someothermastodonsite.com",
"display_name":"cheeseperson",
"locked":false,
"bot":false,
"discoverable":false,
"group":false,
"created_at":"2023-08-20T00:00:00.000Z",
"note":"",
"url":"https://someothermastodonsite.com/@cheeseperson",
"uri":"https://someothermastodonsite.com/users/cheeseperson",
"avatar":"https://someothermastadonsite.com/avatars/original/missing.png",
"avatar_static":"https://someothermastadonsite.com/avatars/original/missing.png",
"header":"locationofheader.com/image.jpg",
"header_static":"locationofheader.com/image.jpg",
"followers_count":2,
"following_count":2,
"statuses_count":95,
"last_status_at":"2023-10-26",
"emojis":[
],
"fields":[
]
},
"media_attachments":[
],
"mentions":[
{
"id":"101010101010",
"username":"thirdperson",
"url":"https://thirdpersonsinstance.com/@thirdperson",
"acct":"thirdperson@emailwebsite.com"
}
],
"tags":[
],
"emojis":[
],
"card":null,
"poll":null
}
],
"rules":[
{
"id":"2",
"text":"Don't be a meanie!"
}
]
}
}
```

100
content/en/admin/scaling.md
View File

@ -36,17 +36,16 @@ The streaming API handles long-lived HTTP and WebSockets connections, through wh
- `PORT` controls the port the streaming server will listen on, by default 4000. The `BIND` and `SOCKET` environment variables are also able to be used.
- Additionally, the shared [database](/admin/config#postgresql) and [redis](/admin/config#redis) environment variables are used.
The streaming API can use a different subdomain if you want to by setting `STREAMING_API_BASE_URL`, this allows you to have one load balancer for streaming and one for web/API requests.
The streaming API can use a different subdomain if you want to by setting `STREAMING_API_BASE_URL`. This allows you to have one load balancer for streaming and one for web/API requests. However, this also requires applications to correctly request the streaming URL from the [instance endpoint](/methods/instance/#v2), instead of assuming that it's hosted on the same host as the Web API.
{{< hint style="warning" >}}
Previous versions of Mastodon had a `STREAMING_CLUSTER_NUM` environment variable that made the streaming server use clustering, which started multiple processes (workers) and used node.js to load balance them.
One process of the streaming server can handle a reasonably high number of connections and throughput, but if you find that a single process isn't handling your instance's load, you can run multiple processes by varying the `PORT` number of each, and then using nginx to load balance traffic to each of those instances. For example, a community of about 50,000 accounts with 10,000-20,000 monthly active accounts, you'll typically have an average concurrent load of about 800-1200 streaming connections.
This interacted with the other settings in ways that made capacity planning difficult, especially when it came to database connections and CPU resources. By default, the streaming server would consume resources on all available CPUs which could cause contention with other software running on that server. Another common issue was that misconfiguring the `STREAMING_CLUSTER_NUM` would exhaust your database connections by opening up a connection pool per cluster worker process, so a `STREAMING_CLUSTER_NUM` of `5` and `DB_POOL` of `10` would potentially consume 50 database connections.
The streaming server also exposes a [Prometheus](https://prometheus.io/) endpoint on `/metrics` with a lot of metrics to help you understand the current load on your mastodon streaming server, some key metrics are:
Now a single streaming server process will only use at maximum `DB_POOL` PostgreSQL connections, and scaling is handled by running more instances of the streaming server.
{{< /hint >}}
One process can handle a reasonably high number of connections and throughput, but if you find that a single streaming server process isn't handling your instance's load, you can run multiple processes by varying the `PORT` number of each and then using nginx to load balance traffic to each of those instances.
* `mastodon_streaming_connected_clients`: This is the number of connected clients, tagged by client type (websocket or eventsource)
* `mastodon_streaming_connected_channels`: This is the number of "channels" that are currently subscribed (note that this is much higher than connected clients due to how our internal "system" channels currently work)
* `mastodon_streaming_messages_sent_total`: This is the total number of messages sent to clients since last restart.
* `mastodon_streaming_redis_messages_received_total`: This is the number of messages received from Redis pubsub, and intended to complement [monitoring Redis directly](https://sysdig.com/blog/redis-prometheus/).
{{< hint style="info" >}}
The more streaming server processes that you run, the more database connections will be consumed on PostgreSQL, so you'll likely want to use PgBouncer, as documented below.
@ -63,6 +62,24 @@ upstream streaming {
}
```
If you're using the distributed systemd files, then you can start up multiple streaming servers with the following commands:
```
$ sudo systemctl start mastodon-streaming@4000.service
$ sudo systemctl start mastodon-streaming@4001.service
$ sudo systemctl start mastodon-streaming@4002.service
```
By default, `sudo systemctl start mastodon-streaming` starts just one process on port 4000, equivalent to running `sudo systemctl start mastodon-streaming@4000.service`.
{{< hint style="warning" >}}
Previous versions of Mastodon had a `STREAMING_CLUSTER_NUM` environment variable that made the streaming server use clustering, which started mulitple workers processes and used node.js to load balance them.
This interacted with the other settings in ways which made capacity planning difficult, especially when it comes to database connections and CPU resources. By default the streaming server would consume resources on all available CPUs which could cause contention with other software running on that server. Another common issue was that misconfiguring the `STREAMING_CLUSTER_NUM` would exhaust your database connections by opening up a connection pool per cluster worker process, so a `STREAMING_CLUSTER_NUM` of `5` and `DB_POOL` of `10` would potentially consume 50 database connections.
Now a single streaming server process will only use at maximum `DB_POOL` PostgreSQL connections, and scaling is handled by running more instances of the streaming server.
{{< /hint >}}
### Background processing (Sidekiq) {#sidekiq}
Many tasks in Mastodon are delegated to background processing to ensure the HTTP requests are fast, and to prevent HTTP request aborts from affecting the execution of those tasks. Sidekiq is a single process, with a configurable number of threads.
@ -287,7 +304,7 @@ Then use `\q` to quit.
## Separate Redis for cache {#redis}
Redis plays a vital role in Mastodon, but some uses are more critical than others. Key features like home feeds, list feeds, Sidekiq queues, and the streaming API rely on Redis for important data storage, which you should strive to protect, though its loss is less catastrophic compared to losing the PostgreSQL database.
Redis is used widely throughout the application, but some uses are more important than others. Home feeds, list feeds, and Sidekiq queues as well as the streaming API are backed by Redis and thats important data you wouldnt want to lose (even though the loss can be survived, unlike the loss of the PostgreSQL database - never lose that!). However, Redis is also used for volatile cache. If you are at a stage of scaling up where you are worried about whether your Redis can handle everything, you can use a different Redis database for the cache. In the environment, you can specify `CACHE_REDIS_URL` or individual parts like `CACHE_REDIS_HOST`, `CACHE_REDIS_PORT` etc. Unspecified parts fallback to the same values as without the cache prefix.
Additionally, Redis is used for volatile caching. If you're scaling up and concerned about Redis's capacity to handle the load, you can allocate a separate Redis database specifically for caching. To do this, set `CACHE_REDIS_URL` in the environment, or define individual components such as `CACHE_REDIS_HOST`, `CACHE_REDIS_PORT`, etc.
@ -295,12 +312,73 @@ Unspecified components will default to their values without the cache prefix.
When configuring the Redis database for caching, it's possible to disable background saving to disk, as data loss on restart is not critical in this context, and this can save some disk I/O. Additionally, consider setting a maximum memory limit and implementing a key eviction policy. For more details on these configurations, refer to this guide:[Using Redis as an LRU cache](https://redis.io/topics/lru-cache)
## Seperate Redis for Sidekiq {#redis-sidekiq}
Redis is used in Sidekiq to keep track of its locks and queue. Although in general the performance gain is not that big, some instances may benefit from having a seperate Redis instance for Sidekiq.
In the environment file, you can specify `SIDEKIQ_REDIS_URL` or individual parts like `SIDEKIQ_REDIS_HOST`, `SIDEKIQ_REDIS_PORT` etc. Unspecified parts fallback to the same values as without the `SIDEKIQ_` prefix.
Creating a seperate Redis instance for Sidekiq is relatively simple:
Start by making a copy of the default redis systemd service:
```bash
cp /etc/systemd/system/redis.service /etc/systemd/system/redis-sidekiq.service
```
In the `redis-sidekiq.service` file, change the following values:
```bash
ExecStart=/usr/bin/redis-server /etc/redis/redis-sidekiq.conf --supervised systemd --daemonize no
PIDFile=/run/redis/redis-server-sidekiq.pid
ReadWritePaths=-/var/lib/redis-sidekiq
Alias=redis-sidekiq.service
```
Make a copy of the Redis configuration file for the new Sidekiq Redis instance
```bash
cp /etc/redis/redis.conf /etc/redis/redis-sidekiq.conf
```
In this `redis-sidekiq.conf` file, change the following values:
```bash
port 6479
pidfile /var/run/redis/redis-server-sidekiq.pid
logfile /var/log/redis/redis-server-sidekiq.log
dir /var/lib/redis-sidekiq
```
Before starting the new Redis instance, create a data directory:
```bash
mkdir /var/lib/redis-sidekiq
chown redis /var/lib/redis-sidekiq
```
Start the new Redis instance:
```bash
systemctl enable --now redis-sidekiq
```
Update your environment, add the following line:
```bash
SIDEKIQ_REDIS_URL=redis://127.0.0.1:6479/
```
Restart Mastodon to use the new Redis instance, make sure to restart both web and Sidekiq (otherwise, one of them will still be working from the wrong instance):
```bash
systemctl restart mastodon-web.service
systemctl restart redis-sidekiq.service
```
## Read-replicas {#read-replicas}
To reduce the load on your PostgreSQL server, you may wish to set up hot streaming replication (read replica). [See this guide for an example](https://cloud.google.com/community/tutorials/setting-up-postgres-hot-standby). You can make use of the replica in Mastodon in these ways:
- The streaming API server does not issue writes at all, so you can connect it straight to the replica. But its not querying the database very often anyway so the impact of this is little.
- Use the Makara driver in the web processes, so that writes go to the primary database, while reads go to the replica. Lets talk about that.
* The streaming API server does not issue writes at all, so you can connect it straight to the replica (it is not querying the database very often anyway, so the impact of this is small).
* Use the Makara driver in the web and Sidekiq processes, so that writes go to the master database, while reads go to the replica. Lets talk about that.
{{< hint style="warning" >}}
Read replicas are currently not supported for the Sidekiq processes, and using them will lead to failing jobs and data loss.

2
content/en/admin/tootctl.md
View File

@ -669,7 +669,7 @@ Removes locally cached copies of media attachments, avatars or profile headers f
**Version history:**\
2.5.0 - added\
2.6.2 - show freed disk space
2.6.2 - show freed disk space\
4.1.0 - added --prune-profiles, --remove-headers, and --include-follows.

2
content/en/client/intro.md
View File

@ -113,7 +113,7 @@ As JSON, hashes are formatted like so:
{
"source": {
"privacy": "public",
"language", "en"
"language": "en"
}
}
```

2
content/en/entities/Admin_DomainAllow.md
View File

@ -53,4 +53,4 @@ aliases: [
{{< page-relref page="methods/admin/domain_allows" caption="admin/domain_allows API methods" >}}
{{< caption-link url="https://github.com/mastodon/mastodon/blob/main/app/serializers/rest/admin/domain_allows_serializer.rb" caption="app/serializers/rest/admin/domain_allows_serializer.rb" >}}
{{< caption-link url="https://github.com/mastodon/mastodon/blob/main/app/serializers/rest/admin/domain_allow_serializer.rb" caption="app/serializers/rest/admin/domain_allow_serializer.rb" >}}

2
content/en/entities/Admin_DomainBlock.md
View File

@ -104,4 +104,4 @@ aliases: [
{{< page-relref page="methods/admin/domain_blocks" caption="admin/domain_blocks API methods" >}}
{{< caption-link url="https://github.com/mastodon/mastodon/blob/main/app/serializers/rest/admin/domain_blocks_serializer.rb" caption="app/serializers/rest/admin/domain_blocks_serializer.rb" >}}
{{< caption-link url="https://github.com/mastodon/mastodon/blob/main/app/serializers/rest/admin/domain_block_serializer.rb" caption="app/serializers/rest/admin/domain_block_serializer.rb" >}}

2
content/en/entities/Admin_EmailDomainBlock.md
View File

@ -118,4 +118,4 @@ aliases: [
{{< page-relref page="methods/admin/email_domain_blocks" caption="admin/email_domain_blocks API methods" >}}
{{< caption-link url="https://github.com/mastodon/mastodon/blob/main/app/serializers/rest/admin/email_domain_blocks_serializer.rb" caption="app/serializers/rest/admin/email_domain_blocks_serializer.rb" >}}
{{< caption-link url="https://github.com/mastodon/mastodon/blob/main/app/serializers/rest/admin/email_domain_block_serializer.rb" caption="app/serializers/rest/admin/email_domain_block_serializer.rb" >}}

2
content/en/entities/Admin_IpBlock.md
View File

@ -80,4 +80,4 @@ aliases: [
{{< page-relref page="methods/admin/ip_blocks" caption="admin/ip_blocks API methods" >}}
{{< caption-link url="https://github.com/mastodon/mastodon/blob/main/app/serializers/rest/admin/ip_blocks_serializer.rb" caption="app/serializers/rest/admin/ip_blocks_serializer.rb" >}}
{{< caption-link url="https://github.com/mastodon/mastodon/blob/main/app/serializers/rest/admin/ip_block_serializer.rb" caption="app/serializers/rest/admin/ip_block_serializer.rb" >}}

2
content/en/entities/MediaAttachment.md
View File

@ -212,7 +212,7 @@ More importantly, there may be another topl-level `focus` Hash object on images
### `description` {#description}
**Description:** Alternate text that describes what is in the media attachment, to be used for the visually impaired or when media attachments do not load.\
**Type:** String\
**Type:** {{<nullable>}} String, or null if alternate text was not provided for the media attachment\
**Version history:**\
2.0.0 - added

2
content/en/methods/accounts.md
View File

@ -1952,7 +1952,7 @@ Authorization
##### Query parameters
id[]
: Array. Check relationships for the provided account IDs.
: Array of String. Check relationships for the provided account IDs.
with_suspended
: Boolean. Whether relationships should be returned for suspended users, defaults to false.

2
content/en/methods/admin/accounts.md
View File

@ -686,7 +686,7 @@ POST /api/v1/admin/accounts/:id/action HTTP/1.1
Perform an action against an account and log this action in the moderation history. Also resolves any open reports against this account.
**Returns:** empty object\
**Returns:** Empty\
**OAuth:** User token + `admin:write:accounts`\
**Permissions:** Manage Users, Manage Reports\
**Version history:**\

2
content/en/methods/conversations.md
View File

@ -128,7 +128,7 @@ DELETE /api/v1/conversations/:id HTTP/1.1
Removes a conversation from your list of conversations.
**Returns:** empty object\
**Returns:** Empty\
**OAuth:** User token + `write:conversations`\
**Version history:**\
2.6.0 - added

4
content/en/methods/domain_blocks.md
View File

@ -90,7 +90,7 @@ Block a domain to:
- remove all followers from it
- prevent following new users from it (but does not remove existing follows)
**Returns:** empty object\
**Returns:** Empty\
**OAuth:** User token + `write:blocks` or `follow`\
**Version:**\
1.4.0 - added
@ -154,7 +154,7 @@ DELETE /api/v1/domain_blocks HTTP/1.1
Remove a domain block, if it exists in the user's array of blocked domains.
**Returns:** empty object\
**Returns:** Empty\
**OAuth:** User token + `write:blocks` or `follow`\
**Version history:**\
1.4.0 - added

2
content/en/methods/emails.md
View File

@ -24,7 +24,7 @@ aliases: [
POST /api/v1/emails/confirmations HTTP/1.1
```
**Returns:** Empty object\
**Returns:** Empty\
**OAuth:** User token issued to the client that created the unconfirmed user\
**Version history:**\
3.4.0 - added

2
content/en/methods/featured_tags.md
View File

@ -133,7 +133,7 @@ DELETE /api/v1/featured_tags/:id HTTP/1.1
Stop promoting a hashtag on your profile.
**Returns:** empty object\
**Returns:** Empty\
**OAuth:** User token + `write:accounts`\
**Version history:**\
3.0.0 - added

11
content/en/methods/filters.md
View File

@ -403,7 +403,7 @@ DELETE /api/v2/filters/:id HTTP/1.1
Delete a filter group with the given id.
**Returns:** empty object\
**Returns:** Empty\
**OAuth:** User token + `write:filters`\
**Version history:**\
4.0.0 - added
@ -730,7 +730,7 @@ DELETE /api/v2/filters/keywords/:id HTTP/1.1
Deletes the given filter keyword.
**Returns:** empty object\
**Returns:** Empty\
**OAuth:** User token + `write:filters`\
**Version history:**\
4.0.0 - added
@ -863,6 +863,11 @@ Add a status filter to the current filter group.
Authorization
: {{<required>}} Provide this header with `Bearer <user token>` to gain authorized access to this API method.
##### Form data parameters
status_id
: {{<required>}} String. The status ID to be added to the filter group.
#### Response
##### 200: OK
@ -1344,7 +1349,7 @@ If context is not provided properly:
DELETE /api/v1/filters/:id HTTP/1.1
```
**Returns:** empty object\
**Returns:** Empty\
**OAuth:** User token + `write:filters`\
**Version history:**\
2.4.3 - added\

6
content/en/methods/lists.md
View File

@ -299,7 +299,7 @@ If the `replies_policy` is not understood:
DELETE /api/v1/lists/:id HTTP/1.1
```
**Returns:** empty object\
**Returns:** Empty\
**OAuth:** User token + `write:lists`\
**Version history:**\
2.1.0 - added
@ -461,7 +461,7 @@ POST /api/v1/lists/:id/accounts HTTP/1.1
Add accounts to the given list. Note that the user must be following these accounts.
**Returns:** empty object\
**Returns:** Empty\
**OAuth:** User token + `write:lists`\
**Version history:**\
2.1.0 - added
@ -530,7 +530,7 @@ DELETE /api/v1/lists/:id/accounts HTTP/1.1
Remove accounts from the given list.
**Returns:** empty object\
**Returns:** Empty\
**OAuth:** User token + `write:lists`\
**Version history:**\
2.1.0 - added

6
content/en/methods/notifications.md
View File

@ -262,7 +262,7 @@ POST /api/v1/notifications/clear HTTP/1.1
Clear all notifications from the server.
**Returns:** empty object\
**Returns:** Empty\
**OAuth:** User token + `write:notifications`\
**Version history:**\
0.0.0 - added
@ -303,7 +303,7 @@ POST /api/v1/notifications/:id/dismiss HTTP/1.1
Dismiss a single notification from the server.
**Returns:** empty object\
**Returns:** Empty\
**OAuth:** User token + `write:notifications`\
**Version history:**\
1.3.0 - added
@ -350,7 +350,7 @@ POST /api/v1/notifications/dismiss HTTP/1.1
Dismiss a single notification from the server.
**Returns:** empty object\
**Returns:** Empty\
**OAuth:** User token + `write:notifications`\
**Version history**:\
0.0.0 - available\

2
content/en/methods/oauth.md
View File

@ -156,7 +156,7 @@ POST /oauth/revoke HTTP/1.1
Revoke an access token to make it no longer valid for use.
**Returns:** empty object\
**Returns:** Empty\
**OAuth:** Public\
**Version history:**\
x.x.x - added

2
content/en/methods/push.md
View File

@ -298,7 +298,7 @@ DELETE /api/v1/push/subscription HTTP/1.1
Removes the current Web Push API subscription.
**Returns:** none\
**Returns:** Empty\
**OAuth:** User token + `push`\
**Version history:**\
2.4.0 - added

2
content/en/methods/scheduled_statuses.md
View File

@ -243,7 +243,7 @@ ScheduledStatus is not owned by you or does not exist
DELETE /api/v1/scheduled_statuses/:id HTTP/1.1
```
**Returns:** empty object\
**Returns:** Empty\
**OAuth:** User token + `write:statuses`\
**Version history:**\
2.7.0 - added

5
content/en/methods/statuses.md
View File

@ -1,3 +1,4 @@
---
title: statuses API methods
description: Publish, interact, and view information about statuses.
@ -1478,6 +1479,9 @@ language
media_ids[]
: Array of String. Include Attachment IDs to be attached as media. If provided, `status` becomes optional, and `poll` cannot be used.
media_attributes[][]
: Array of String. Each array includes id, description, and focus.
poll[options][]
: Array of String. Possible answers to the poll. If provided, `media_ids` cannot be used, and `poll[expires_in]` must be provided.
@ -1852,3 +1856,4 @@ Status does not exist or is private.
{{< caption-link url="https://github.com/mastodon/mastodon/blob/main/app/controllers/api/v1/statuses/reblogs_controller.rb" caption="app/controllers/api/v1/statuses/reblogs_controller.rb" >}}
{{< caption-link url="https://github.com/mastodon/mastodon/blob/main/app/controllers/api/v1/statuses/sources_controller.rb" caption="app/controllers/api/v1/statuses/sources_controller.rb" >}}

2
content/en/methods/suggestions.md
View File

@ -89,7 +89,7 @@ DELETE /api/v1/suggestions/:account_id HTTP/1.1
Remove an account from follow suggestions.
**Returns:** n/a\
**Returns:** Empty\
**OAuth:** User token + `read`\
**Version history:**\
2.4.3 - added

20
content/en/spec/security.md
View File

@ -16,14 +16,14 @@ menu:
For any HTTP request incoming to Mastodon, the Signature header should be attached:
```http
Signature: keyId="https://my-example.com/actor#main-key",headers="(request-target) host date",signature="Y2FiYW...IxNGRiZDk4ZA=="
Signature: keyId="https://my.example.com/actor#main-key",headers="(request-target) host date",signature="Y2FiYW...IxNGRiZDk4ZA=="
```
The three parts of the `Signature:` header can be broken down like so:
```http
Signature:
keyId="https://my-example.com/actor#main-key",
keyId="https://my.example.com/actor#main-key",
headers="(request-target) host date",
signature="Y2FiYW...IxNGRiZDk4ZA=="
```
@ -32,8 +32,8 @@ The `keyId` should correspond to the actor and the key being used to generate th
```json
"publicKey": {
"id": "https://my-example.com/actor#main-key",
"owner": "https://my-example.com/actor",
"id": "https://my.example.com/actor#main-key",
"owner": "https://my.example.com/actor",
"publicKeyPem": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXc4vkECU2/CeuSo1wtn\nFoim94Ne1jBMYxTZ9wm2YTdJq1oiZKif06I2fOqDzY/4q/S9uccrE9Bkajv1dnkO\nVm31QjWlhVpSKynVxEWjVBO5Ienue8gND0xvHIuXf87o61poqjEoepvsQFElA5ym\novljWGSA/jpj7ozygUZhCXtaS2W5AD5tnBQUpcO0lhItYPYTjnmzcc4y2NbJV8hz\n2s2G8qKv8fyimE23gY1XrPJg+cRF+g4PqFXujjlJ7MihD9oqtLGxbu7o1cifTn3x\nBfIdPythWu5b4cujNsB3m3awJjVmx+MHQ9SugkSIYXV0Ina77cTNS0M2PYiH1PFR\nTwIDAQAB\n-----END PUBLIC KEY-----\n"
},
```
@ -68,10 +68,10 @@ GET /users/username/inbox HTTP/1.1
Host: mastodon.example
Date: 18 Dec 2019 10:08:46 GMT
Accept: application/ld+json; profile="http://www.w3.org/ns/activitystreams"
Signature: keyId="https://my-example.com/actor#main-key",headers="(request-target) host date",signature="Y2FiYW...IxNGRiZDk4ZA=="
Signature: keyId="https://my.example.com/actor#main-key",headers="(request-target) host date",signature="Y2FiYW...IxNGRiZDk4ZA=="
```
This request is functionally equivalent to saying that `https://my-example.com/actor` is requesting `https://mastodon.example/users/username/inbox` and is proving that they sent this request by signing `(request-target)`, `Host:`, and `Date:` with their private key linked at `keyId`, resulting in the provided `signature`.
This request is functionally equivalent to saying that `https://my.example.com/actor` is requesting `https://mastodon.example/users/username/inbox` and is proving that they sent this request by signing `(request-target)`, `Host:`, and `Date:` with their private key linked at `keyId`, resulting in the provided `signature`.
#### Signing POST requests and the Digest header {#digest}
@ -82,12 +82,12 @@ POST /users/username/inbox HTTP/1.1
HOST: mastodon.example
Date: 18 Dec 2019 10:08:46 GMT
Digest: sha-256=hcK0GZB1BM4R0eenYrj9clYBuyXs/lemt5iWRYmIX0A=
Signature: keyId="https://my-example.com/actor#main-key",headers="(request-target) host date digest",signature="Y2FiYW...IxNGRiZDk4ZA=="
Signature: keyId="https://my.example.com/actor#main-key",headers="(request-target) host date digest",signature="Y2FiYW...IxNGRiZDk4ZA=="
Content-Type: application/ld+json; profile="http://www.w3.org/ns/activitystreams"
{
"@context": "https://www.w3.org/ns/activitystreams",
"actor": "https://example.com/actor",
"actor": "https://my.example.com/actor",
"type": "Create",
"object": {
"type": "Note",
@ -108,12 +108,12 @@ POST /users/username/inbox HTTP/1.1
Host: mastodon.example
Date: 18 Dec 2019 10:08:46 GMT
Digest: e37e179c75071a291f90a5fd4f848da87b491f1282f7bb8509ef2115b81ee0f4
Signature: keyId="https://my-example.com/actor#main-key",headers="(request-target) host date digest",signature="Y2FiYW...IxNGRiZDk4ZA=="
Signature: keyId="https://my.example.com/actor#main-key",headers="(request-target) host date digest",signature="Y2FiYW...IxNGRiZDk4ZA=="
Content-Type: application/ld+json; profile="http://www.w3.org/ns/activitystreams"
{
"@context": "https://www.w3.org/ns/activitystreams",
"actor": "https://example.com/actor",
"actor": "https://my.example.com/actor",
"type": "Create",
"object": {
"type": "Note",

2
content/en/user/moving.md
View File

@ -13,7 +13,7 @@ menu:
At any time you want, you can go to Settings &gt; Export and download a CSV file for your current followed accounts, your currently created lists, your currently blocked accounts, your currently muted accounts, and your currently blocked domains. Your following, blocking, muting, and domain-blocking lists can be imported at Settings &gt; Import, where they can either be merged or overwritten.
Requesting an archive of your posts and media can be done once every 7 days, and can be downloaded in ActivityPub JSON format. Mastodon currently does not support importing posts or media due to technical limitations, but your archive can be viewed by any software that understands how to parse ActivityPub documents.
Requesting an archive of your posts and media can be done once every 7 days, and can be downloaded in Activity Streams 2.0 JSON format. Mastodon currently does not support importing posts or media due to technical limitations, but your archive can be viewed by any software that understands how to parse Activity Streams 2.0 documents.
## Redirecting or moving your profile {#migration}

2
content/en/user/preferences.md
View File

@ -79,7 +79,7 @@ If you want to see posts that are boosted multiple times be reinserted into your
Posts default to public privacy. You can choose to default new posts as unlisted or followers-only instead. For an explanation of post privacy levels, see [Posting to your Mastodon profile &gt; Publishing levels](../posting#privacy).
By default, the language of your posts is automatically detected, but this detection is imprecise and may not be accurate. If you primarily or exclusively post in a certain language, it is a good idea to set that language here.
If you primarily or exclusively post in a certain language, it is a good idea to set that language here.
If you often post sensitive media, you can choose to always mark your media as sensitive.