Commit graph

618 commits

Author SHA1 Message Date
William Pitcock
04efe7f909 scalingo guide: major improvements
- better limitation docs
- add instructions for adding custom domains
- add upgrading instructions
2017-05-05 22:35:05 -05:00
Eugen Rochko
5d9994a4c2 Fix Node.js installation recommendation, also use 6.x 2017-05-06 04:38:01 +02:00
suoko
7f5258ce84 Updated Administration-guide.md
This way you can assign admininistration priviledges to users on some configurations
2017-05-05 21:05:34 +02:00
Eugen Rochko
d75b3d41c6 Merge pull request #207 from d6rkaiz/patch-3
Instructions for installing on CentOS
2017-05-05 02:01:05 +02:00
Eugen Rochko
be7b16d4f8 Merge pull request #205 from abcang/update_vagrant_guide
update how to launch application with vagrant
2017-05-05 02:00:23 +02:00
Isao Sugimoto
a3097c94e5 Instructions for installing on CentOS
related: #13
2017-05-05 04:33:04 +09:00
ABCanG
efefa29739 update how to launch application with vagrant 2017-05-04 16:45:37 +09:00
Nolan Lawson
5bd6d4de27 update image-src/media-src to be more lax 2017-05-03 22:39:33 -07:00
Wolfyshy LeLoupe
38ddc33afc Update Apache configuration a bit
This is the configuration we use on https://generous.horse and it includes the Cache-Control and Referrer-Policy headers.
2017-05-03 19:28:56 -05:00
Eugen Rochko
8a55d95390 Merge pull request #200 from Cassolotl/patch-1
Update for "private" posts info on User-guide.md
2017-05-03 16:58:30 +02:00
Cassolotl
1156ed4cc0 Update for "private" posts info on User-guide.md
My understanding is that private is now "followers only" and people on other instances can see those posts now.
2017-05-03 13:58:47 +01:00
Eugen Rochko
9120661118 Merge pull request #199 from ThibG/patch-2
Add note on PuSH issue with Mastodon v1.3.2
2017-05-03 13:53:41 +02:00
ThibG
01c5d5a29c Add note on PuSH issue with Mastodon v1.3.2 2017-05-03 09:32:18 +02:00
tzmfreedom
a747b23a21 Add apex salesforce library 2017-05-03 14:40:18 +09:00
Akihiko Odaki
cab815878c Use "sudo -u" instead of "sudo su"
"sudo su" limits the capability of sudo to log the operations. -u option is
more straightforward and has better logging.
2017-05-03 11:02:55 +09:00
Yeung Yiu Hung
a4f68b9148 Adding Mastodon-iOS to Apps.md 2017-05-02 21:58:12 +08:00
Eugen Rochko
d24effb162 Sponsors as of May 1st 2017-05-02 15:29:23 +02:00
Alifian Mahardhika
e564f507a3 Update Vagrant-guide.md 2017-05-02 13:04:35 +09:00
Alex Schroeder
b6de33484d Fix various instances of "Maximum number of"
The text always specified "Maximum number of accounts" instead of
naming the object that was actually being retrieved such as statuses
or blocks.
2017-05-01 23:13:04 +02:00
Ornithologist Coder
014ec91ba3 Reformates all tables
Because of my OCD.
2017-05-01 20:01:32 +02:00
Ornithologist Coder
cda33062e8 Adds tables for form data and query parameters
And adds a new column to make explicit which parameters are required and which are optional.
2017-05-01 19:13:17 +02:00
wxcafé
fed4ab2d3a fix typo in link to mastonet 2017-05-01 17:16:01 +02:00
Guillaume Lacasa
7e994bf4ad Added .NET Standard library (#157) 2017-05-01 17:07:47 +02:00
Tom McAtee
e363bef584 Adding FAQ regarding default upload size limit (#187)
Addressing #153

Should this be part of the FAQ or should it be under the 'running Mastodon' documentation tree?
2017-05-01 17:00:24 +02:00
jeroenpraat
448906e217 Prerequisites and cronjobs (#183)
* Prerequisites and cronjobs

* We probably we don't even support Windows and Mac
2017-05-01 16:59:28 +02:00
Nolan Lawson
718daad4a8 Add photos and avatars to static/immutable cache (#184) 2017-05-01 16:57:16 +02:00
Lemonnier
e67e623405 Adding umrc to Apps.md (#185) 2017-05-01 16:54:25 +02:00
ThibG
9430d2e2d9 Document how to use WEB_DOMAIN along with common pitfalls (#149)
* Create Serving_a_different_domain.md

Add extensive documentation for WEB_DOMAIN, as the feature is ill-documented and may be confusing.

* Fix Serving_a_different_domain.md

* Webfinger discovery workaround has made its way to v1.3.0
2017-05-01 16:45:18 +02:00
Ornithologist Coder
abe6929d8b Adds table for libraries (#182)
This commit changes the list of available libraries to a table, similar to the one used for the list of apps in documentation/Apps.md. Soon more libraries for the same language will appear and a table will handle it better. It also sorts the libraries in ascending order (case insensitive) by language.
2017-05-01 16:41:05 +02:00
Mikael Berthe
166ffa23e6 Add Golang library (#179) 2017-05-01 16:37:55 +02:00
Mikael Berthe
1bddadcbbb Add madonctl cross-platform CLI app (#180) 2017-05-01 16:36:28 +02:00
Nolan Lawson
f0a863feec Recommend HTTP/2 in the nginx config (#178) 2017-05-01 16:35:16 +02:00
Noëlle Anthony
befab7b7c3 Include explicit production environment (#172)
These tasks sometimes fail under non-Docker installations when the administrator tries to run them without explicitly requesting the production environment.
2017-05-01 16:32:47 +02:00
Gonzalo Alcalde
dd196ab2ee Adding twidere to the apps (#177) 2017-05-01 16:32:06 +02:00
Eugen Rochko
1d2b6479fa Patrons list as processed on April 1st 2017 2017-04-30 20:58:02 +02:00
Bjarni Rúnar Einarsson
72ed10378f Avoid hard-coding ciphers into configuration (#171)
* Avoid hard-coding ciphers into configuration

This change allows OpenSSL to choose the most appropriate available cipher(s) from the HIGH cipher suite. This is sufficient to get an A on the SSLLabs.com tests suite. If MEDIUM is allowed as well, the grade drops to a B which is still more than adequate for most deployments.

This type of configuration would prevent problems such as the current inability of Tusky on Android 7 devices to connect to some Mastodon instances.

The main benefit though, is this delegates the decisions about which ciphers are "good" and which ciphers are "bad" to the experts; the distribution security teams and the OpenSSL developers. If a weakness is found in a particular cipher it will get moved from HIGH to one of the lower classes (or removed entirely) and this will get deployed just like any other security update. Similarly, if new stronger ciphers are standardized (such as Curve 25519) - these will immediately become available without needing to change the configuration.

Hope this helps!

Note: I have not been able to test this change with Mastodon myself. I am using these settings in production elsewhere though, and they work quite well. Alternately, if people don't want to trust the OpenSSL definitions, please consider taking a look at https://wiki.mozilla.org/Security/Server_Side_TLS and implementing the recommendations from there.

* Also avoid SHA1

As requested during review. :)

* Fix a typo in the ssl_ciphers line

I wrote !SHA1, should have written just !SHA. Very sorry about the noise.
2017-04-27 22:25:39 +02:00
Nolan Lawson
79f58d8b13 Fix typo in BgBouncer-guide.md (#168) 2017-04-27 22:24:59 +02:00
YOU
2ba068a7db Added iOS App for pawoo (#169) 2017-04-27 22:23:38 +02:00
wxcafé
938575a679 Revert "Avoid hard-coding ciphers into configuration (#122)" (#170)
This reverts commit fc79d23ad0.
2017-04-27 22:15:37 +02:00
Bjarni Rúnar Einarsson
fc79d23ad0 Avoid hard-coding ciphers into configuration (#122)
* Avoid hard-coding ciphers into configuration

This change allows OpenSSL to choose the most appropriate available cipher(s) from the HIGH cipher suite. This is sufficient to get an A on the SSLLabs.com tests suite. If MEDIUM is allowed as well, the grade drops to a B which is still more than adequate for most deployments.

This type of configuration would prevent problems such as the current inability of Tusky on Android 7 devices to connect to some Mastodon instances.

The main benefit though, is this delegates the decisions about which ciphers are "good" and which ciphers are "bad" to the experts; the distribution security teams and the OpenSSL developers. If a weakness is found in a particular cipher it will get moved from HIGH to one of the lower classes (or removed entirely) and this will get deployed just like any other security update. Similarly, if new stronger ciphers are standardized (such as Curve 25519) - these will immediately become available without needing to change the configuration.

Hope this helps!

Note: I have not been able to test this change with Mastodon myself. I am using these settings in production elsewhere though, and they work quite well. Alternately, if people don't want to trust the OpenSSL definitions, please consider taking a look at https://wiki.mozilla.org/Security/Server_Side_TLS and implementing the recommendations from there.

* Also avoid SHA1

As requested during review. :)
2017-04-27 22:13:27 +02:00
Nolan Lawson
0282f3d7e4 Update Tuning.md to mention STREAMING_CLUSTER_NUM (#151)
* Update Tuning.md to mention `STREAMING_CLUSTER_NUM`

This is a new option as documented here: bb04a9be52/.env.production.sample (L90-L92)

* note number of cores - 1
2017-04-27 20:02:47 +02:00
Eugen Rochko
930175e7e9 Merge pull request #167 from nolanlawson/pgbouncer-guide
Add PgBouncer guide
2017-04-27 16:59:51 +02:00
Nolan Lawson
5f371e9264 Fix typo 2017-04-27 07:37:52 -07:00
Nolan Lawson
dcc2945e59 Add a bit more about logging 2017-04-27 07:37:02 -07:00
Nolan Lawson
cd3d3f9fa0 Add PgBouncer guide 2017-04-27 07:29:44 -07:00
Mingye Wang
acb91537d8 Translating: add devise email templates, fix #123 (#159) 2017-04-27 12:32:59 +02:00
Mingye Wang
3ae4b71cd9 Translating: add devise/doorkeeper i18n sources (#126)
* Translating: add devise/doorkeeper i18n sources

The two links mentioned here are mostly official places for parking these libraries' translations. Pointing translators there should save them some time.

* fixup rephrase (squash this)
2017-04-27 11:51:53 +02:00
zorun
371864c39e Development: Fix bundle install instructions and expand on running rails (#133) 2017-04-27 11:15:53 +02:00
happycoloredbanana
00103cbf95 Mark all APIs that do not require authentication (#142) 2017-04-27 11:15:33 +02:00
Michael Deeb
115f73f005 Added quick documentation on forking/pulling/pushing/submiting a PR (#163) 2017-04-27 11:04:33 +02:00