Commit graph

520 commits

Author SHA1 Message Date
Aral Balkan
c84f141e22
Add Mac development environment setup instructions. Closes #250 2017-05-16 16:04:50 +02:00
Tim Miller
63cc7d8849 Add WinMasto to Apps.md 2017-05-06 21:41:57 -04:00
Eugen Rochko
1f202dedc1 Merge pull request #203 from wolfyshy/master
Update Apache configuration a bit
2017-05-07 00:51:34 +02:00
Eugen Rochko
a8da345a79 Merge pull request #209 from suoko/patch-1
Updated Administration-guide.md
2017-05-07 00:45:13 +02:00
Eugen Rochko
530ce36181 Merge pull request #212 from suoko/patch-2
Update Administration-guide.md
2017-05-07 00:43:43 +02:00
Eugen Rochko
223ab10a15 Merge pull request #198 from tzmfreedom/add_apex_salesforce_library
Add apex salesforce library
2017-05-07 00:42:55 +02:00
Eugen Rochko
3ce153f540 Merge pull request #194 from darkcl/master
Adding Mastodon-iOS to Apps.md
2017-05-07 00:42:42 +02:00
Eugen Rochko
07309d26dd Merge pull request #202 from takayamaki/fix_pgbouncer_guide
fix section "Configuring userlist.txt" of PgBouncer-guide.md
2017-05-07 00:42:03 +02:00
Eugen Rochko
7a434962c8 Merge pull request #192 from kensanata/master
Fix various instances of "Maximum number of"
2017-05-07 00:41:45 +02:00
takayamaki
0b79565316 fix section "Configuring userlist.txt" of PgBouncer-guide.md
fix order of username and password when generating hash with md5sum
https://pgbouncer.github.io/config.html#authentication-file-format
2017-05-07 05:09:42 +09:00
Eugen Rochko
69d747b890 Merge pull request #211 from kaniini/master
scalingo guide: major improvements
2017-05-06 17:09:16 +02:00
suoko
fd3927b956 Update Administration-guide.md
Update for those using docker
2017-05-06 13:53:15 +02:00
William Pitcock
04efe7f909 scalingo guide: major improvements
- better limitation docs
- add instructions for adding custom domains
- add upgrading instructions
2017-05-05 22:35:05 -05:00
suoko
7f5258ce84 Updated Administration-guide.md
This way you can assign admininistration priviledges to users on some configurations
2017-05-05 21:05:34 +02:00
Eugen Rochko
d75b3d41c6 Merge pull request #207 from d6rkaiz/patch-3
Instructions for installing on CentOS
2017-05-05 02:01:05 +02:00
Eugen Rochko
be7b16d4f8 Merge pull request #205 from abcang/update_vagrant_guide
update how to launch application with vagrant
2017-05-05 02:00:23 +02:00
Isao Sugimoto
a3097c94e5 Instructions for installing on CentOS
related: #13
2017-05-05 04:33:04 +09:00
ABCanG
efefa29739 update how to launch application with vagrant 2017-05-04 16:45:37 +09:00
Wolfyshy LeLoupe
38ddc33afc Update Apache configuration a bit
This is the configuration we use on https://generous.horse and it includes the Cache-Control and Referrer-Policy headers.
2017-05-03 19:28:56 -05:00
Eugen Rochko
8a55d95390 Merge pull request #200 from Cassolotl/patch-1
Update for "private" posts info on User-guide.md
2017-05-03 16:58:30 +02:00
Cassolotl
1156ed4cc0 Update for "private" posts info on User-guide.md
My understanding is that private is now "followers only" and people on other instances can see those posts now.
2017-05-03 13:58:47 +01:00
Eugen Rochko
9120661118 Merge pull request #199 from ThibG/patch-2
Add note on PuSH issue with Mastodon v1.3.2
2017-05-03 13:53:41 +02:00
ThibG
01c5d5a29c Add note on PuSH issue with Mastodon v1.3.2 2017-05-03 09:32:18 +02:00
tzmfreedom
a747b23a21 Add apex salesforce library 2017-05-03 14:40:18 +09:00
Yeung Yiu Hung
a4f68b9148 Adding Mastodon-iOS to Apps.md 2017-05-02 21:58:12 +08:00
Eugen Rochko
d24effb162 Sponsors as of May 1st 2017-05-02 15:29:23 +02:00
Alex Schroeder
b6de33484d Fix various instances of "Maximum number of"
The text always specified "Maximum number of accounts" instead of
naming the object that was actually being retrieved such as statuses
or blocks.
2017-05-01 23:13:04 +02:00
wxcafé
fed4ab2d3a fix typo in link to mastonet 2017-05-01 17:16:01 +02:00
Guillaume Lacasa
7e994bf4ad Added .NET Standard library (#157) 2017-05-01 17:07:47 +02:00
Tom McAtee
e363bef584 Adding FAQ regarding default upload size limit (#187)
Addressing #153

Should this be part of the FAQ or should it be under the 'running Mastodon' documentation tree?
2017-05-01 17:00:24 +02:00
jeroenpraat
448906e217 Prerequisites and cronjobs (#183)
* Prerequisites and cronjobs

* We probably we don't even support Windows and Mac
2017-05-01 16:59:28 +02:00
Nolan Lawson
718daad4a8 Add photos and avatars to static/immutable cache (#184) 2017-05-01 16:57:16 +02:00
Lemonnier
e67e623405 Adding umrc to Apps.md (#185) 2017-05-01 16:54:25 +02:00
ThibG
9430d2e2d9 Document how to use WEB_DOMAIN along with common pitfalls (#149)
* Create Serving_a_different_domain.md

Add extensive documentation for WEB_DOMAIN, as the feature is ill-documented and may be confusing.

* Fix Serving_a_different_domain.md

* Webfinger discovery workaround has made its way to v1.3.0
2017-05-01 16:45:18 +02:00
Ornithologist Coder
abe6929d8b Adds table for libraries (#182)
This commit changes the list of available libraries to a table, similar to the one used for the list of apps in documentation/Apps.md. Soon more libraries for the same language will appear and a table will handle it better. It also sorts the libraries in ascending order (case insensitive) by language.
2017-05-01 16:41:05 +02:00
Mikael Berthe
166ffa23e6 Add Golang library (#179) 2017-05-01 16:37:55 +02:00
Mikael Berthe
1bddadcbbb Add madonctl cross-platform CLI app (#180) 2017-05-01 16:36:28 +02:00
Nolan Lawson
f0a863feec Recommend HTTP/2 in the nginx config (#178) 2017-05-01 16:35:16 +02:00
Noëlle Anthony
befab7b7c3 Include explicit production environment (#172)
These tasks sometimes fail under non-Docker installations when the administrator tries to run them without explicitly requesting the production environment.
2017-05-01 16:32:47 +02:00
Gonzalo Alcalde
dd196ab2ee Adding twidere to the apps (#177) 2017-05-01 16:32:06 +02:00
Eugen Rochko
1d2b6479fa Patrons list as processed on April 1st 2017 2017-04-30 20:58:02 +02:00
Bjarni Rúnar Einarsson
72ed10378f Avoid hard-coding ciphers into configuration (#171)
* Avoid hard-coding ciphers into configuration

This change allows OpenSSL to choose the most appropriate available cipher(s) from the HIGH cipher suite. This is sufficient to get an A on the SSLLabs.com tests suite. If MEDIUM is allowed as well, the grade drops to a B which is still more than adequate for most deployments.

This type of configuration would prevent problems such as the current inability of Tusky on Android 7 devices to connect to some Mastodon instances.

The main benefit though, is this delegates the decisions about which ciphers are "good" and which ciphers are "bad" to the experts; the distribution security teams and the OpenSSL developers. If a weakness is found in a particular cipher it will get moved from HIGH to one of the lower classes (or removed entirely) and this will get deployed just like any other security update. Similarly, if new stronger ciphers are standardized (such as Curve 25519) - these will immediately become available without needing to change the configuration.

Hope this helps!

Note: I have not been able to test this change with Mastodon myself. I am using these settings in production elsewhere though, and they work quite well. Alternately, if people don't want to trust the OpenSSL definitions, please consider taking a look at https://wiki.mozilla.org/Security/Server_Side_TLS and implementing the recommendations from there.

* Also avoid SHA1

As requested during review. :)

* Fix a typo in the ssl_ciphers line

I wrote !SHA1, should have written just !SHA. Very sorry about the noise.
2017-04-27 22:25:39 +02:00
Nolan Lawson
79f58d8b13 Fix typo in BgBouncer-guide.md (#168) 2017-04-27 22:24:59 +02:00
YOU
2ba068a7db Added iOS App for pawoo (#169) 2017-04-27 22:23:38 +02:00
wxcafé
938575a679 Revert "Avoid hard-coding ciphers into configuration (#122)" (#170)
This reverts commit fc79d23ad0.
2017-04-27 22:15:37 +02:00
Bjarni Rúnar Einarsson
fc79d23ad0 Avoid hard-coding ciphers into configuration (#122)
* Avoid hard-coding ciphers into configuration

This change allows OpenSSL to choose the most appropriate available cipher(s) from the HIGH cipher suite. This is sufficient to get an A on the SSLLabs.com tests suite. If MEDIUM is allowed as well, the grade drops to a B which is still more than adequate for most deployments.

This type of configuration would prevent problems such as the current inability of Tusky on Android 7 devices to connect to some Mastodon instances.

The main benefit though, is this delegates the decisions about which ciphers are "good" and which ciphers are "bad" to the experts; the distribution security teams and the OpenSSL developers. If a weakness is found in a particular cipher it will get moved from HIGH to one of the lower classes (or removed entirely) and this will get deployed just like any other security update. Similarly, if new stronger ciphers are standardized (such as Curve 25519) - these will immediately become available without needing to change the configuration.

Hope this helps!

Note: I have not been able to test this change with Mastodon myself. I am using these settings in production elsewhere though, and they work quite well. Alternately, if people don't want to trust the OpenSSL definitions, please consider taking a look at https://wiki.mozilla.org/Security/Server_Side_TLS and implementing the recommendations from there.

* Also avoid SHA1

As requested during review. :)
2017-04-27 22:13:27 +02:00
Nolan Lawson
0282f3d7e4 Update Tuning.md to mention STREAMING_CLUSTER_NUM (#151)
* Update Tuning.md to mention `STREAMING_CLUSTER_NUM`

This is a new option as documented here: bb04a9be52/.env.production.sample (L90-L92)

* note number of cores - 1
2017-04-27 20:02:47 +02:00
Eugen Rochko
930175e7e9 Merge pull request #167 from nolanlawson/pgbouncer-guide
Add PgBouncer guide
2017-04-27 16:59:51 +02:00
Nolan Lawson
5f371e9264 Fix typo 2017-04-27 07:37:52 -07:00
Nolan Lawson
dcc2945e59 Add a bit more about logging 2017-04-27 07:37:02 -07:00