Commit Graph

497 Commits

Author SHA1 Message Date
Cassolotl 1156ed4cc0 Update for "private" posts info on User-guide.md
My understanding is that private is now "followers only" and people on other instances can see those posts now.
2017-05-03 13:58:47 +01:00
Eugen Rochko 9120661118 Merge pull request #199 from ThibG/patch-2
Add note on PuSH issue with Mastodon v1.3.2
2017-05-03 13:53:41 +02:00
ThibG 01c5d5a29c Add note on PuSH issue with Mastodon v1.3.2 2017-05-03 09:32:18 +02:00
Eugen Rochko d24effb162 Sponsors as of May 1st 2017-05-02 15:29:23 +02:00
wxcafé fed4ab2d3a fix typo in link to mastonet 2017-05-01 17:16:01 +02:00
Guillaume Lacasa 7e994bf4ad Added .NET Standard library (#157) 2017-05-01 17:07:47 +02:00
Tom McAtee e363bef584 Adding FAQ regarding default upload size limit (#187)
Addressing #153

Should this be part of the FAQ or should it be under the 'running Mastodon' documentation tree?
2017-05-01 17:00:24 +02:00
jeroenpraat 448906e217 Prerequisites and cronjobs (#183)
* Prerequisites and cronjobs

* We probably we don't even support Windows and Mac
2017-05-01 16:59:28 +02:00
Nolan Lawson 718daad4a8 Add photos and avatars to static/immutable cache (#184) 2017-05-01 16:57:16 +02:00
Lemonnier e67e623405 Adding umrc to Apps.md (#185) 2017-05-01 16:54:25 +02:00
ThibG 9430d2e2d9 Document how to use WEB_DOMAIN along with common pitfalls (#149)
* Create Serving_a_different_domain.md

Add extensive documentation for WEB_DOMAIN, as the feature is ill-documented and may be confusing.

* Fix Serving_a_different_domain.md

* Webfinger discovery workaround has made its way to v1.3.0
2017-05-01 16:45:18 +02:00
Ornithologist Coder abe6929d8b Adds table for libraries (#182)
This commit changes the list of available libraries to a table, similar to the one used for the list of apps in documentation/Apps.md. Soon more libraries for the same language will appear and a table will handle it better. It also sorts the libraries in ascending order (case insensitive) by language.
2017-05-01 16:41:05 +02:00
Mikael Berthe 166ffa23e6 Add Golang library (#179) 2017-05-01 16:37:55 +02:00
Mikael Berthe 1bddadcbbb Add madonctl cross-platform CLI app (#180) 2017-05-01 16:36:28 +02:00
Nolan Lawson f0a863feec Recommend HTTP/2 in the nginx config (#178) 2017-05-01 16:35:16 +02:00
Noëlle Anthony befab7b7c3 Include explicit production environment (#172)
These tasks sometimes fail under non-Docker installations when the administrator tries to run them without explicitly requesting the production environment.
2017-05-01 16:32:47 +02:00
Gonzalo Alcalde dd196ab2ee Adding twidere to the apps (#177) 2017-05-01 16:32:06 +02:00
Eugen Rochko 1d2b6479fa Patrons list as processed on April 1st 2017 2017-04-30 20:58:02 +02:00
Bjarni Rúnar Einarsson 72ed10378f Avoid hard-coding ciphers into configuration (#171)
* Avoid hard-coding ciphers into configuration

This change allows OpenSSL to choose the most appropriate available cipher(s) from the HIGH cipher suite. This is sufficient to get an A on the SSLLabs.com tests suite. If MEDIUM is allowed as well, the grade drops to a B which is still more than adequate for most deployments.

This type of configuration would prevent problems such as the current inability of Tusky on Android 7 devices to connect to some Mastodon instances.

The main benefit though, is this delegates the decisions about which ciphers are "good" and which ciphers are "bad" to the experts; the distribution security teams and the OpenSSL developers. If a weakness is found in a particular cipher it will get moved from HIGH to one of the lower classes (or removed entirely) and this will get deployed just like any other security update. Similarly, if new stronger ciphers are standardized (such as Curve 25519) - these will immediately become available without needing to change the configuration.

Hope this helps!

Note: I have not been able to test this change with Mastodon myself. I am using these settings in production elsewhere though, and they work quite well. Alternately, if people don't want to trust the OpenSSL definitions, please consider taking a look at https://wiki.mozilla.org/Security/Server_Side_TLS and implementing the recommendations from there.

* Also avoid SHA1

As requested during review. :)

* Fix a typo in the ssl_ciphers line

I wrote !SHA1, should have written just !SHA. Very sorry about the noise.
2017-04-27 22:25:39 +02:00
Nolan Lawson 79f58d8b13 Fix typo in BgBouncer-guide.md (#168) 2017-04-27 22:24:59 +02:00
YOU 2ba068a7db Added iOS App for pawoo (#169) 2017-04-27 22:23:38 +02:00
wxcafé 938575a679 Revert "Avoid hard-coding ciphers into configuration (#122)" (#170)
This reverts commit fc79d23ad0.
2017-04-27 22:15:37 +02:00
Bjarni Rúnar Einarsson fc79d23ad0 Avoid hard-coding ciphers into configuration (#122)
* Avoid hard-coding ciphers into configuration

This change allows OpenSSL to choose the most appropriate available cipher(s) from the HIGH cipher suite. This is sufficient to get an A on the SSLLabs.com tests suite. If MEDIUM is allowed as well, the grade drops to a B which is still more than adequate for most deployments.

This type of configuration would prevent problems such as the current inability of Tusky on Android 7 devices to connect to some Mastodon instances.

The main benefit though, is this delegates the decisions about which ciphers are "good" and which ciphers are "bad" to the experts; the distribution security teams and the OpenSSL developers. If a weakness is found in a particular cipher it will get moved from HIGH to one of the lower classes (or removed entirely) and this will get deployed just like any other security update. Similarly, if new stronger ciphers are standardized (such as Curve 25519) - these will immediately become available without needing to change the configuration.

Hope this helps!

Note: I have not been able to test this change with Mastodon myself. I am using these settings in production elsewhere though, and they work quite well. Alternately, if people don't want to trust the OpenSSL definitions, please consider taking a look at https://wiki.mozilla.org/Security/Server_Side_TLS and implementing the recommendations from there.

* Also avoid SHA1

As requested during review. :)
2017-04-27 22:13:27 +02:00
Nolan Lawson 0282f3d7e4 Update Tuning.md to mention `STREAMING_CLUSTER_NUM` (#151)
* Update Tuning.md to mention `STREAMING_CLUSTER_NUM`

This is a new option as documented here: bb04a9be52/.env.production.sample (L90-L92)

* note number of cores - 1
2017-04-27 20:02:47 +02:00
Eugen Rochko 930175e7e9 Merge pull request #167 from nolanlawson/pgbouncer-guide
Add PgBouncer guide
2017-04-27 16:59:51 +02:00
Nolan Lawson 5f371e9264 Fix typo 2017-04-27 07:37:52 -07:00
Nolan Lawson dcc2945e59 Add a bit more about logging 2017-04-27 07:37:02 -07:00
Nolan Lawson cd3d3f9fa0 Add PgBouncer guide 2017-04-27 07:29:44 -07:00
Mingye Wang acb91537d8 Translating: add devise email templates, fix #123 (#159) 2017-04-27 12:32:59 +02:00
Mingye Wang 3ae4b71cd9 Translating: add devise/doorkeeper i18n sources (#126)
* Translating: add devise/doorkeeper i18n sources

The two links mentioned here are mostly official places for parking these libraries' translations. Pointing translators there should save them some time.

* fixup rephrase (squash this)
2017-04-27 11:51:53 +02:00
zorun 371864c39e Development: Fix bundle install instructions and expand on running rails (#133) 2017-04-27 11:15:53 +02:00
happycoloredbanana 00103cbf95 Mark all APIs that do not require authentication (#142) 2017-04-27 11:15:33 +02:00
Michael Deeb 115f73f005 Added quick documentation on forking/pulling/pushing/submiting a PR (#163) 2017-04-27 11:04:33 +02:00
mattn ebe8688720 add Mstdn CLI (#166) 2017-04-27 10:58:23 +02:00
wxcafé 64a1c834b2 Docker-guide consistency 2017-04-27 10:56:41 +02:00
Eugen Rochko ff345e578a Merge pull request #164 from ashfurrow/patch-4
Adds note about running off master.
2017-04-26 15:16:49 +02:00
Eugen Rochko fb85d00923 Merge pull request #161 from consomme/consomme-patch-1
Add Pawoo Android app to Apps.md
2017-04-26 15:16:33 +02:00
Ash Furrow f63a83bc7b Adds note about running off master. 2017-04-26 10:52:13 +02:00
consomme a0574410a8 Add Pawoo Android app to Apps.md 2017-04-26 15:30:11 +09:00
Eugen Rochko fc9f124290 Merge pull request #152 from upsided/master
FAQ: The Embiggening (with Dariusk's comments integrated)
2017-04-26 00:22:53 +02:00
upsided 2cde2b5739 FAQ: Gargron's fixes
Changed privacy table, “can I import my followers” question (it’s
“people I follow”), and removed the “still see posts from blocked
people” question, because it’s been fixed.
2017-04-25 13:43:05 -05:00
Eugen Rochko d2325ce119 Merge pull request #155 from decors/master
Add a Crystal library
2017-04-25 17:00:29 +02:00
Eugen Rochko 8048ec966e Merge branch 'master' into master 2017-04-25 17:00:23 +02:00
Eugen Rochko d9e67db907 Merge pull request #144 from yamachu/master
Add library C#
2017-04-25 16:14:42 +02:00
Eugen Rochko da3063fbbc Merge pull request #154 from expenses/patch-2
Gender-neutral pronoun for admins in FAQ
2017-04-25 16:13:30 +02:00
Decors 734885cb57 Add a Crystal library 2017-04-25 22:57:06 +09:00
Yusuke Yamada 4c66280f11 Merge branch 'master' into master 2017-04-25 15:15:02 +09:00
Ashley 41ecf7d4e0 Gender-neutral pronoun for admins 2017-04-25 16:46:37 +12:00
upsided 95ac2690c5 FAQ: clarity editing through dariusk's comments
Small edits incorporating comments from
[dariusk](https://github.com/dariusk)
2017-04-24 19:41:21 -05:00
Eugen fe8b87e978 Merge pull request #147 from syucream/hslib
Add a Haskell lib
2017-04-24 17:43:10 +02:00