hj/pleroma
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge remote-tracking branch 'origin/develop' into shigusegubu

Browse source 
* origin/develop: (276 commits)
  Remove `poll` from `notification_type` OpenAPI spec
  credo fix
  CHANGELOG.md: mention minimal elixir version update
  Update OTP releases to official images of 1.10.3
  Chunk the notification type backfill migration
  moving custom ecto types in context folders
  Upgrade to Elixir 1.9
  naming
  fix attemps to merge map
  fix for updated hackney
  Mogrify args as custom tuples
  Fix tests
  Changelog: Add info about conversation view changes.
  Conversations: Return last dm for conversation, not last message.
  Mastodon API: ensure the notification endpoint doesn't return less than the requested amount of records unless it's the last page
  ControllerHelper: Always return id field.
  Apply suggestion to lib/pleroma/web/controller_helper.ex
  Remove use of atoms in MRF.UserAllowListPolicy
  Fix atom leak in Rich Media Parser
  Return an empty map from Pleroma.Web.RichMedia.Parsers.OGP.parse/2
  ...
This commit is contained in:
Henry Jameson 2020-06-19 15:17:00 +03:00
commit ce6f690a85
233 changed files with 11215 additions and 5027 deletions
Download patch file Download diff file Expand all files Collapse all files

11
installation/pleroma.nginx
View file

@ -37,18 +37,17 @@ server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl_session_timeout 5m;
ssl_session_timeout 1d;
ssl_session_cache shared:MozSSL:10m; # about 40000 sessions
ssl_session_tickets off;
ssl_trusted_certificate /etc/letsencrypt/live/example.tld/chain.pem;
ssl_certificate /etc/letsencrypt/live/example.tld/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.tld/privkey.pem;
# Add TLSv1.0 to support older devices
ssl_protocols TLSv1.2;
# Uncomment line below if you want to support older devices (Before Android 4.4.2, IE 8, etc.)
# ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES";
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
ssl_prefer_server_ciphers on;
ssl_prefer_server_ciphers off;
# In case of an old server with an OpenSSL version of 1.0.2 or below,
# leave only prime256v1 or comment out the following line.
ssl_ecdh_curve X25519:prime256v1:secp384r1:secp521r1;