Merge branch 'develop' into feature/matstodon-statuses-by-name

2019-07-15 17:10:27 -05:00 · 2019-07-15 17:10:27 -05:00 · ffb4eb9779
commit ffb4eb9779
parent e912f81c82 03bcb40883
872 changed files with 19751 additions and 4409 deletions
--- a/docs/api/admin_api.md
+++ b/docs/api/admin_api.md
@ -38,7 +38,9 @@ Authentication is required and the user must be an admin.
        "moderator": bool
      },
      "local": bool,
-      "tags": array
+      "tags": array,
+      "avatar": string,
+      "display_name": string
    },
    ...
  ]
@ -174,13 +176,13 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret
  - `nickname`
  - `status` BOOLEAN field, false value means deactivation.

-## `/api/pleroma/admin/users/:nickname`
+## `/api/pleroma/admin/users/:nickname_or_id`

 ### Retrive the details of a user

 - Method: `GET`
 - Params:
-  - `nickname`
+  - `nickname` or `id`
 - Response:
  - On failure: `Not found`
  - On success: JSON of the user
@ -289,7 +291,7 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret
  - `limit`: optional, the number of records to retrieve
  - `since_id`: optional, returns results that are more recent than the specified id
  - `max_id`: optional, returns results that are older than the specified id
- Response: 
+- Response:
  - On failure: 403 Forbidden error `{"error": "error_msg"}` when requested by anonymous or non-admin
  - On success: JSON, returns a list of reports, where:
    - `account`: the user who has been reported
@ -331,6 +333,7 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret
          "pleroma": {},
          "sensitive": false
        },
+        "tags": ["force_unlisted"],
        "statuses_count": 3,
        "url": "https://pleroma.example.org/users/user",
        "username": "user"
@ -366,6 +369,7 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret
          "pleroma": {},
          "sensitive": false
        },
+        "tags": ["force_unlisted"],
        "statuses_count": 1,
        "url": "https://pleroma.example.org/users/lain",
        "username": "lain"
@ -443,7 +447,7 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret
 - Params:
  - `id`
 - Response:
-  - On failure: 
+  - On failure:
    - 403 Forbidden `{"error": "error_msg"}`
    - 404 Not Found `"Not found"`
  - On success: JSON, Report object (see above)
@ -454,8 +458,8 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret
 - Params:
  - `id`
  - `state`: required, the new state. Valid values are `open`, `closed` and `resolved`
- Response: 
-  - On failure: 
+- Response:
+  - On failure:
    - 400 Bad Request `"Unsupported state"`
    - 403 Forbidden `{"error": "error_msg"}`
    - 404 Not Found `"Not found"`
@ -467,10 +471,10 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret
 - Params:
  - `id`
  - `status`: required, the message
- Response: 
-  - On failure: 
-    - 400 Bad Request `"Invalid parameters"` when `status` is missing 
-    - 403 Forbidden `{"error": "error_msg"}` 
+- Response:
+  - On failure:
+    - 400 Bad Request `"Invalid parameters"` when `status` is missing
+    - 403 Forbidden `{"error": "error_msg"}`
    - 404 Not Found `"Not found"`
  - On success: JSON, created Mastodon Status entity

@ -540,10 +544,10 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret
  - `id`
  - `sensitive`: optional, valid values are `true` or `false`
  - `visibility`: optional, valid values are `public`, `private` and `unlisted`
- Response: 
-  - On failure: 
+- Response:
+  - On failure:
    - 400 Bad Request `"Unsupported visibility"`
-    - 403 Forbidden `{"error": "error_msg"}` 
+    - 403 Forbidden `{"error": "error_msg"}`
    - 404 Not Found `"Not found"`
  - On success: JSON, Mastodon Status entity

@ -552,8 +556,99 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret
 - Method `DELETE`
 - Params:
  - `id`
- Response: 
-  - On failure: 
-    - 403 Forbidden `{"error": "error_msg"}` 
+- Response:
+  - On failure:
+    - 403 Forbidden `{"error": "error_msg"}`
    - 404 Not Found `"Not found"`
  - On success: 200 OK `{}`
+
+## `/api/pleroma/admin/config`
+### List config settings
+- Method `GET`
+- Params: none
+- Response:
+
+```json
+{
+  configs: [
+    {
+      "group": string,
+      "key": string or string with leading `:` for atoms,
+      "value": string or {} or [] or {"tuple": []}
+     }
+  ]
+}
+```
+
+## `/api/pleroma/admin/config`
+### Update config settings
+Module name can be passed as string, which starts with `Pleroma`, e.g. `"Pleroma.Upload"`.
+Atom keys and values can be passed with `:` in the beginning, e.g. `":upload"`.
+Tuples can be passed as `{"tuple": ["first_val", Pleroma.Module, []]}`.
+`{"tuple": ["some_string", "Pleroma.Some.Module", []]}` will be converted to `{"some_string", Pleroma.Some.Module, []}`.
+Keywords can be passed as lists with 2 child tuples, e.g.
+`[{"tuple": ["first_val", Pleroma.Module]}, {"tuple": ["second_val", true]}]`.
+
+Compile time settings (need instance reboot):
+- all settings by this keys:
+  - `:hackney_pools`
+  - `:chat`
+  - `Pleroma.Web.Endpoint`
+  - `Pleroma.Repo`
+- part settings:
+  - `Pleroma.Captcha` -> `:seconds_valid`
+  - `Pleroma.Upload` -> `:proxy_remote`
+  - `:instance` -> `:upload_limit`
+
+- Method `POST`
+- Params:
+  - `configs` => [
+    - `group` (string)
+    - `key` (string or string with leading `:` for atoms)
+    - `value` (string, [], {} or {"tuple": []})
+    - `delete` = true (optional, if parameter must be deleted)
+  ]
+
+- Request (example):
+
+```json
+{
+  configs: [
+    {
+      "group": "pleroma",
+      "key": "Pleroma.Upload",
+      "value": [
+        {"tuple": [":uploader", "Pleroma.Uploaders.Local"]},
+        {"tuple": [":filters", ["Pleroma.Upload.Filter.Dedupe"]]},
+        {"tuple": [":link_name", true]},
+        {"tuple": [":proxy_remote", false]},
+        {"tuple": [":proxy_opts", [
+          {"tuple": [":redirect_on_failure", false]},
+          {"tuple": [":max_body_length", 1048576]},
+          {"tuple": [":http": [
+            {"tuple": [":follow_redirect", true]},
+            {"tuple": [":pool", ":upload"]},
+          ]]}
+        ]
+        ]},
+        {"tuple": [":dispatch", {
+          "tuple": ["/api/v1/streaming", "Pleroma.Web.MastodonAPI.WebsocketHandler", []]
+        }]}
+      ]
+    }
+  ]
+}
+
+- Response:
+
+```json
+{
+  configs: [
+    {
+      "group": string,
+      "key": string or string with leading `:` for atoms,
+      "value": string or {} or [] or {"tuple": []}
+     }
+  ]
+}
+```
--- a/docs/api/differences_in_mastoapi_responses.md
+++ b/docs/api/differences_in_mastoapi_responses.md
@ -16,9 +16,11 @@ Adding the parameter `with_muted=true` to the timeline queries will also return

 ## Statuses

+- `visibility`: has an additional possible value `list`
+
 Has these additional fields under the `pleroma` object:

- `local`: true if the post was made on the local instance.
+- `local`: true if the post was made on the local instance
 - `conversation_id`: the ID of the conversation the status is associated with (if any)
 - `in_reply_to_account_acct`: the `acct` property of User entity for replied user (if any)
 - `content`: a map consisting of alternate representations of the `content` property with the key being it's mimetype. Currently the only alternate representation supported is `text/plain`
@ -46,6 +48,8 @@ Has these additional fields under the `pleroma` object:
 - `confirmation_pending`: boolean, true if a new user account is waiting on email confirmation to be activated
 - `hide_followers`: boolean, true when the user has follower hiding enabled
 - `hide_follows`: boolean, true when the user has follow hiding enabled
+- `settings_store`: A generic map of settings for frontends. Opaque to the backend. Only returned in `verify_credentials` and `update_credentials`
+- `chat_token`: The token needed for Pleroma chat. Only returned in `verify_credentials`

 ### Source

@ -72,6 +76,8 @@ Additional parameters can be added to the JSON body/Form data:

 - `preview`: boolean, if set to `true` the post won't be actually posted, but the status entitiy would still be rendered back. This could be useful for previewing rich text/custom emoji, for example.
 - `content_type`: string, contain the MIME type of the status, it is transformed into HTML by the backend. You can get the list of the supported MIME types with the nodeinfo endpoint.
+- `to`: A list of nicknames (like `lain@soykaf.club` or `lain` on the local server) that will be used to determine who is going to be addressed by this post. Using this will disable the implicit addressing by mentioned names in the `status` body, only the people in the `to` list will be addressed. The normal rules for for post visibility are not affected by this and will still apply.
+- `visibility`: string, besides standard MastoAPI values (`direct`, `private`, `unlisted` or `public`) it can be used to address a List by setting it to `list:LIST_ID`.

 ## PATCH `/api/v1/update_credentials`

@ -83,6 +89,16 @@ Additional parameters can be added to the JSON body/Form data:
 - `hide_favorites` - if true, user's favorites timeline will be hidden
 - `show_role` - if true, user's role (e.g admin, moderator) will be exposed to anyone in the API
 - `default_scope` - the scope returned under `privacy` key in Source subentity
+- `pleroma_settings_store` - Opaque user settings to be saved on the backend.
+- `skip_thread_containment` - if true, skip filtering out broken threads
+- `pleroma_background_image` - sets the background image of the user.
+
+### Pleroma Settings Store
+Pleroma has mechanism that allows frontends to save blobs of json for each user on the backend. This can be used to save frontend-specific settings for a user that the backend does not need to know about.
+
+The parameter should have a form of `{frontend_name: {...}}`, with `frontend_name` identifying your type of client, e.g. `pleroma_fe`. It will overwrite everything under this property, but will not overwrite other frontend's settings.
+
+This information is returned in the `verify_credentials` endpoint.

 ## Authentication

--- a/docs/api/pleroma_api.md
+++ b/docs/api/pleroma_api.md
@ -126,20 +126,6 @@ Request parameters can be passed via [query strings](https://en.wikipedia.org/wi
 ## `/api/pleroma/admin/`…
 See [Admin-API](Admin-API.md)

-## `/api/v1/pleroma/flavour/:flavour`
-* Method `POST`
-* Authentication: required
-* Response: JSON string. Returns the user flavour or the default one on success, otherwise returns `{"error": "error_msg"}`
-* Example response: "glitch"
-* Note: This is intended to be used only by mastofe
-
-## `/api/v1/pleroma/flavour`
-* Method `GET`
-* Authentication: required
-* Response: JSON string. Returns the user flavour or the default one.
-* Example response: "glitch"
-* Note: This is intended to be used only by mastofe
-
 ## `/api/pleroma/notifications/read`
 ### Mark a single notification as read
 * Method `POST`
@ -252,6 +238,13 @@ See [Admin-API](Admin-API.md)
 ]
 ```

+## `/api/v1/pleroma/accounts/update_*`
+### Set and clear account avatar, banner, and background
+
+- PATCH `/api/v1/pleroma/accounts/update_avatar`: Set/clear user avatar image
+- PATCH `/api/v1/pleroma/accounts/update_banner`: Set/clear user banner image
+- PATCH `/api/v1/pleroma/accounts/update_background`: Set/clear user background image
+
 ## `/api/v1/pleroma/mascot`
 ### Gets user mascot image
 * Method `GET`
--- a/docs/clients.md
+++ b/docs/clients.md
@ -49,13 +49,6 @@ Feel free to contact us to be added to this list!
 - Platforms: iOS, Android
 - Features: No Streaming

-### Tootdon
- Homepage: <http://tootdon.club/>, <http://blog.mastodon-tootdon.com/>
- Source Code: ???
- Contact: [@tootdon@mstdn.jp](https://mstdn.jp/users/tootdon)
- Platforms: Android, iOS
- Features: No Streaming
-
 ### Tusky
 - Homepage: <https://tuskyapp.github.io/>
 - Source Code: <https://github.com/tuskyapp/Tusky>
--- a/docs/config.md
+++ b/docs/config.md
@ -16,6 +16,13 @@ Note: `strip_exif` has been replaced by `Pleroma.Upload.Filter.Mogrify`.
 ## Pleroma.Uploaders.Local
 * `uploads`: Which directory to store the user-uploads in, relative to pleroma’s working directory

+## Pleroma.Uploaders.S3
+* `bucket`: S3 bucket name
+* `public_endpoint`: S3 endpoint that the user finally accesses(ex. "https://s3.dualstack.ap-northeast-1.amazonaws.com")
+* `truncated_namespace`: If you use S3 compatible service such as Digital Ocean Spaces or CDN, set folder name or "" etc.
+For example, when using CDN to S3 virtual host format, set "".
+At this time, write CNAME to CDN in public_endpoint.
+
 ## Pleroma.Upload.Filter.Mogrify

 * `args`: List of actions for the `mogrify` command like `"strip"` or `["strip", "auto-orient", {"impode", "1"}]`.
@ -29,11 +36,12 @@ No specific configuration.
 This filter replaces the filename (not the path) of an upload. For complete obfuscation, add
 `Pleroma.Upload.Filter.Dedupe` before AnonymizeFilename.

-* `text`: Text to replace filenames in links. If empty, `{random}.extension` will be used.
+* `text`: Text to replace filenames in links. If empty, `{random}.extension` will be used. You can get the original filename extension by using `{extension}`, for example `custom-file-name.{extension}`.

 ## Pleroma.Emails.Mailer
 * `adapter`: one of the mail adapters listed in [Swoosh readme](https://github.com/swoosh/swoosh#adapters), or `Swoosh.Adapters.Local` for in-memory mailbox.
 * `api_key` / `password` and / or other adapter-specific settings, per the above documentation.
+* `enabled`: Allows enable/disable send  emails. Default: `false`.

 An example for Sendgrid adapter:

@ -71,23 +79,34 @@ config :pleroma, Pleroma.Emails.Mailer,
 * `avatar_upload_limit`: File size limit of user’s profile avatars
 * `background_upload_limit`: File size limit of user’s profile backgrounds
 * `banner_upload_limit`: File size limit of user’s profile banners
+* `poll_limits`: A map with poll limits for **local** polls
+  * `max_options`: Maximum number of options
+  * `max_option_chars`: Maximum number of characters per option
+  * `min_expiration`: Minimum expiration time (in seconds)
+  * `max_expiration`: Maximum expiration time (in seconds)
 * `registrations_open`: Enable registrations for anyone, invitations can be enabled when false.
 * `invites_enabled`: Enable user invitations for admins (depends on `registrations_open: false`).
 * `account_activation_required`: Require users to confirm their emails before signing in.
 * `federating`: Enable federation with other instances
+* `federation_incoming_replies_max_depth`: Max. depth of reply-to activities fetching on incoming federation, to prevent out-of-memory situations while fetching very long threads. If set to `nil`, threads of any depth will be fetched. Lower this value if you experience out-of-memory crashes.
 * `federation_reachability_timeout_days`: Timeout (in days) of each external federation target being unreachable prior to pausing federating to it.
 * `allow_relay`: Enable Pleroma’s Relay, which makes it possible to follow a whole instance
 * `rewrite_policy`: Message Rewrite Policy, either one or a list. Here are the ones available by default:
  * `Pleroma.Web.ActivityPub.MRF.NoOpPolicy`: Doesn’t modify activities (default)
  * `Pleroma.Web.ActivityPub.MRF.DropPolicy`: Drops all activities. It generally doesn’t makes sense to use in production
  * `Pleroma.Web.ActivityPub.MRF.SimplePolicy`: Restrict the visibility of activities from certains instances (See ``:mrf_simple`` section)
+  * `Pleroma.Web.ActivityPub.MRF.TagPolicy`: Applies policies to individual users based on tags, which can be set using pleroma-fe/admin-fe/any other app that supports Pleroma Admin API. For example it allows marking posts from individual users nsfw (sensitive)
+  * `Pleroma.Web.ActivityPub.MRF.SubchainPolicy`: Selectively runs other MRF policies when messages match (see ``:mrf_subchain`` section)
  * `Pleroma.Web.ActivityPub.MRF.RejectNonPublic`: Drops posts with non-public visibility settings (See ``:mrf_rejectnonpublic`` section)
  * `Pleroma.Web.ActivityPub.MRF.EnsureRePrepended`: Rewrites posts to ensure that replies to posts with subjects do not have an identical subject and instead begin with re:.
+  * `Pleroma.Web.ActivityPub.MRF.AntiLinkSpamPolicy`: Rejects posts from likely spambots by rejecting posts from new users that contain links.
+  * `Pleroma.Web.ActivityPub.MRF.MediaProxyWarmingPolicy`: Crawls attachments using their MediaProxy URLs so that the MediaProxy cache is primed.
 * `public`: Makes the client API in authentificated mode-only except for user-profiles. Useful for disabling the Local Timeline and The Whole Known Network.
 * `quarantined_instances`: List of ActivityPub instances where private(DMs, followers-only) activities will not be send.
 * `managed_config`: Whenether the config for pleroma-fe is configured in this config or in ``static/config.json``
 * `allowed_post_formats`: MIME-type list of formats allowed to be posted (transformed into HTML)
 * `mrf_transparency`: Make the content of your Message Rewrite Facility settings public (via nodeinfo).
+* `mrf_transparency_exclusions`: Exclude specific instance names from MRF transparency.  The use of the exclusions feature will be disclosed in nodeinfo as a boolean value.
 * `scope_copy`: Copy the scope (private/unlisted/public) in replies to posts by default.
 * `subject_line_behavior`: Allows changing the default behaviour of subject lines in replies. Valid values:
  * "email": Copy and preprend re:, as in email.
@ -102,15 +121,15 @@ config :pleroma, Pleroma.Emails.Mailer,
 * `welcome_message`: A message that will be send to a newly registered users as a direct message.
 * `welcome_user_nickname`: The nickname of the local user that sends the welcome message.
 * `max_report_comment_size`: The maximum size of the report comment (Default: `1000`)
-* `safe_dm_mentions`: If set to true, only mentions at the beginning of a post will be used to address people in direct messages. This is to prevent accidental mentioning of people when talking about them (e.g. "@friend hey i really don't like @enemy"). (Default: `false`)
-* `healthcheck`: if set to true, system data will be shown on ``/api/pleroma/healthcheck``.
-* `remote_post_retention_days`: the default amount of days to retain remote posts when pruning the database
+* `safe_dm_mentions`: If set to true, only mentions at the beginning of a post will be used to address people in direct messages. This is to prevent accidental mentioning of people when talking about them (e.g. "@friend hey i really don't like @enemy"). Default: `false`.
+* `healthcheck`: If set to true, system data will be shown on ``/api/pleroma/healthcheck``.
+* `remote_post_retention_days`: The default amount of days to retain remote posts when pruning the database.
+* `skip_thread_containment`: Skip filter out broken threads. The default is `false`.
+* `limit_to_local_content`: Limit unauthenticated users to search for local statutes and users only. Possible values: `:unauthenticated`, `:all` and `false`. The default is `:unauthenticated`.
+* `dynamic_configuration`: Allow transferring configuration to DB with the subsequent customization from Admin api.
+* `external_user_synchronization`: Enabling following/followers counters synchronization for external users.
+

-## :app_account_creation
-REST API for creating an account settings
-* `enabled`: Enable/disable registration
-* `max_requests`: Number of requests allowed for creating accounts
-* `interval`: Interval for restricting requests for one ip (seconds)

 ## :logger
 * `backends`: `:console` is used to send logs to stdout, `{ExSyslogger, :ex_syslogger}` to log to syslog, and `Quack.Logger` to log to Slack
@ -224,6 +243,21 @@ relates to mascots on the mastodon frontend
 * `avatar_removal`: List of instances to strip avatars from
 * `banner_removal`: List of instances to strip banners from

+## :mrf_subchain
+This policy processes messages through an alternate pipeline when a given message matches certain criteria.
+All criteria are configured as a map of regular expressions to lists of policy modules.
+
+* `match_actor`: Matches a series of regular expressions against the actor field.
+
+Example:
+
+```
+config :pleroma, :mrf_subchain,
+  match_actor: %{
+    ~r/https:\/\/example.com/s => [Pleroma.Web.ActivityPub.MRF.DropPolicy]
+  }
+```
+
 ## :mrf_rejectnonpublic
 * `allow_followersonly`: whether to allow followers-only posts
 * `allow_direct`: whether to allow direct messages
@ -251,7 +285,7 @@ relates to mascots on the mastodon frontend

 ## Pleroma.Web.Endpoint
 `Phoenix` endpoint configuration, all configuration options can be viewed [here](https://hexdocs.pm/phoenix/Phoenix.Endpoint.html#module-dynamic-configuration), only common options are listed here
-* `http` - a list containing http protocol configuration, all configuration options can be viewed [here](https://hexdocs.pm/plug_cowboy/Plug.Cowboy.html#module-options), only common options are listed here
+* `http` - a list containing http protocol configuration, all configuration options can be viewed [here](https://hexdocs.pm/plug_cowboy/Plug.Cowboy.html#module-options), only common options are listed here. For deployment using docker, you need to set this to `[ip: {0,0,0,0}, port: 4000]` to make pleroma accessible from other containers (such as your nginx server).
  - `ip` - a tuple consisting of 4 integers
  - `port`
 * `url` - a list containing the configuration for generating urls, accepts
@ -389,6 +423,9 @@ This config contains two queues: `federator_incoming` and `federator_outgoing`.

 ## :rich_media
 * `enabled`: if enabled the instance will parse metadata from attached links to generate link previews
+* `ignore_hosts`: list of hosts which will be ignored by the metadata parser. For example `["accounts.google.com", "xss.website"]`, defaults to `[]`.
+* `ignore_tld`: list TLDs (top-level domains) which will ignore for parse metadata. default is ["local", "localdomain", "lan"]
+* `parsers`: list of Rich Media parsers

 ## :fetch_initial_posts
 * `enabled`: if enabled, when a new user is federated with, fetch some of their latest posts
@ -492,7 +529,7 @@ Authentication / authorization settings.

 * `auth_template`: authentication form template. By default it's `show.html` which corresponds to `lib/pleroma/web/templates/o_auth/o_auth/show.html.eex`.
 * `oauth_consumer_template`: OAuth consumer mode authentication form template. By default it's `consumer.html` which corresponds to `lib/pleroma/web/templates/o_auth/o_auth/consumer.html.eex`.
-* `oauth_consumer_strategies`: the list of enabled OAuth consumer strategies; by default it's set by OAUTH_CONSUMER_STRATEGIES environment variable.
+* `oauth_consumer_strategies`: the list of enabled OAuth consumer strategies; by default it's set by `OAUTH_CONSUMER_STRATEGIES` environment variable. Each entry in this space-delimited string should be of format `<strategy>` or `<strategy>:<dependency>` (e.g. `twitter` or `keycloak:ueberauth_keycloak_strategy` in case dependency is named differently than `ueberauth_<strategy>`).

 ## OAuth consumer mode

@ -545,6 +582,24 @@ config :ueberauth, Ueberauth,
  providers: [
    microsoft: {Ueberauth.Strategy.Microsoft, [callback_params: []]}
  ]
+
+# Keycloak
+# Note: make sure to add `keycloak:ueberauth_keycloak_strategy` entry to `OAUTH_CONSUMER_STRATEGIES` environment variable
+keycloak_url = "https://publicly-reachable-keycloak-instance.org:8080"
+
+config :ueberauth, Ueberauth.Strategy.Keycloak.OAuth,
+  client_id: System.get_env("KEYCLOAK_CLIENT_ID"),
+  client_secret: System.get_env("KEYCLOAK_CLIENT_SECRET"),
+  site: keycloak_url,
+  authorize_url: "#{keycloak_url}/auth/realms/master/protocol/openid-connect/auth",
+  token_url: "#{keycloak_url}/auth/realms/master/protocol/openid-connect/token",
+  userinfo_url: "#{keycloak_url}/auth/realms/master/protocol/openid-connect/userinfo",
+  token_method: :post
+
+config :ueberauth, Ueberauth,
+  providers: [
+    keycloak: {Ueberauth.Strategy.Keycloak, [uid_field: :email]}
+  ]
 ```

 ## OAuth 2.0 provider - :oauth2
@ -558,6 +613,7 @@ Configure OAuth 2 provider capabilities:

 ## :emoji
 * `shortcode_globs`: Location of custom emoji files. `*` can be used as a wildcard. Example `["/emoji/custom/**/*.png"]`
+* `pack_extensions`: A list of file extensions for emojis, when no emoji.txt for a pack is present. Example `[".png", ".gif"]`
 * `groups`: Emojis are ordered in groups (tags). This is an array of key-value pairs where the key is the groupname and the value the location or array of locations. `*` can be used as a wildcard. Example `[Custom: ["/emoji/*.png", "/emoji/custom/*.png"]]`
 * `default_manifest`: Location of the JSON-manifest. This manifest contains information about the emoji-packs you can download. Currently only one manifest can be added (no arrays).

@ -575,3 +631,21 @@ To enable them, both the `rum_enabled` flag has to be set and the following spec
 `mix ecto.migrate --migrations-path priv/repo/optional_migrations/rum_indexing/`

 This will probably take a long time.
+
+## :rate_limit
+
+A keyword list of rate limiters where a key is a limiter name and value is the limiter configuration. The basic configuration is a tuple where:
+
+* The first element: `scale` (Integer). The time scale in milliseconds.
+* The second element: `limit` (Integer). How many requests to limit in the time scale provided.
+
+It is also possible to have different limits for unauthenticated and authenticated users: the keyword value must be a list of two tuples where the first one is a config for unauthenticated users and the second one is for authenticated.
+
+See [`Pleroma.Plugs.RateLimiter`](Pleroma.Plugs.RateLimiter.html) documentation for examples.
+
+Supported rate limiters:
+
+* `:search` for the search requests (account & status search etc.)
+* `:app_account_creation` for registering user accounts from the same IP address
+* `:statuses_actions` for create / delete / fav / unfav / reblog / unreblog actions on any statuses
+* `:status_id_action` for fav / unfav or reblog / unreblog actions on the same status by the same user
--- a/docs/config/howto_user_recomendation.md
+++ b/docs/config/howto_user_recomendation.md
@ -9,8 +9,8 @@ config :pleroma, :suggestions,
  third_party_engine:
    "http://vinayaka.distsn.org/cgi-bin/vinayaka-user-match-suggestions-api.cgi?{{host}}+{{user}}",
  timeout: 300_000,
-  limit: 23,
-  web: "https://vinayaka.distsn.org/?{{host}}+{{user}}"
+  limit: 40,
+  web: "https://vinayaka.distsn.org"

 ```

@ -26,6 +26,6 @@ config :pleroma, :suggestions,
  third_party_engine:
    "http://vinayaka.distsn.org/cgi-bin/vinayaka-user-new-suggestions-api.cgi?{{host}}+{{user}}",
  timeout: 60_000,
-  limit: 23,
+  limit: 40,
  web: "https://vinayaka.distsn.org/user-new.html"
 ```
--- a/docs/installation/alpine_linux_en.md
+++ b/docs/installation/alpine_linux_en.md
@ -87,7 +87,7 @@ sudo adduser -S -s /bin/false -h /opt/pleroma -H pleroma
 ```shell
 sudo mkdir -p /opt/pleroma
 sudo chown -R pleroma:pleroma /opt/pleroma
-sudo -Hu pleroma git clone https://git.pleroma.social/pleroma/pleroma /opt/pleroma
+sudo -Hu pleroma git clone -b master https://git.pleroma.social/pleroma/pleroma /opt/pleroma
 ```

 * Change to the new directory:
@ -202,13 +202,12 @@ sudo -Hu pleroma MIX_ENV=prod mix pleroma.user new <username> <your@emailaddress

 #### Further reading

-* [Admin tasks](Admin tasks)
-* [Backup your instance](Backup-your-instance)
-* [Configuration tips](General tips for customizing pleroma fe)
-* [Hardening your instance](Hardening-your-instance)
-* [How to activate mediaproxy](How-to-activate-mediaproxy)
-* [Small Pleroma-FE customizations](Small customizations)
-* [Updating your instance](Updating-your-instance)
+* [Backup your instance](backup.html)
+* [Configuration tips](general-tips-for-customizing-pleroma-fe.html)
+* [Hardening your instance](hardening.html)
+* [How to activate mediaproxy](howto_mediaproxy.html)
+* [Small Pleroma-FE customizations](small_customizations.html)
+* [Updating your instance](updating.html)

 ## Questions

--- a/docs/installation/arch_linux_en.md
+++ b/docs/installation/arch_linux_en.md
@ -66,7 +66,7 @@ sudo useradd -r -s /bin/false -m -d /var/lib/pleroma -U pleroma
 ```shell
 sudo mkdir -p /opt/pleroma
 sudo chown -R pleroma:pleroma /opt/pleroma
-sudo -Hu pleroma git clone https://git.pleroma.social/pleroma/pleroma /opt/pleroma
+sudo -Hu pleroma git clone -b master https://git.pleroma.social/pleroma/pleroma /opt/pleroma
 ```

 * Change to the new directory:
@ -200,13 +200,12 @@ sudo -Hu pleroma MIX_ENV=prod mix pleroma.user new <username> <your@emailaddress

 #### Further reading

-* [Admin tasks](Admin tasks)
-* [Backup your instance](Backup-your-instance)
-* [Configuration tips](General tips for customizing pleroma fe)
-* [Hardening your instance](Hardening-your-instance)
-* [How to activate mediaproxy](How-to-activate-mediaproxy)
-* [Small Pleroma-FE customizations](Small customizations)
-* [Updating your instance](Updating-your-instance)
+* [Backup your instance](backup.html)
+* [Configuration tips](general-tips-for-customizing-pleroma-fe.html)
+* [Hardening your instance](hardening.html)
+* [How to activate mediaproxy](howto_mediaproxy.html)
+* [Small Pleroma-FE customizations](small_customizations.html)
+* [Updating your instance](updating.html)

 ## Questions

--- a/docs/installation/centos7_en.md
+++ b/docs/installation/centos7_en.md
@ -143,7 +143,7 @@ sudo useradd -r -s /bin/false -m -d /var/lib/pleroma -U pleroma
 ```shell
 sudo mkdir -p /opt/pleroma
 sudo chown -R pleroma:pleroma /opt/pleroma
-sudo -Hu pleroma git clone https://git.pleroma.social/pleroma/pleroma /opt/pleroma
+sudo -Hu pleroma git clone -b master https://git.pleroma.social/pleroma/pleroma /opt/pleroma
 ```

 * Change to the new directory:
@ -264,13 +264,12 @@ sudo -Hu pleroma MIX_ENV=prod mix pleroma.user new <username> <your@emailaddress

 #### Further reading

-* [Admin tasks](Admin tasks)
-* [Backup your instance](Backup-your-instance)
-* [Configuration tips](General tips for customizing pleroma fe)
-* [Hardening your instance](Hardening-your-instance)
-* [How to activate mediaproxy](How-to-activate-mediaproxy)
-* [Small Pleroma-FE customizations](Small customizations)
-* [Updating your instance](Updating-your-instance)
+* [Backup your instance](backup.html)
+* [Configuration tips](general-tips-for-customizing-pleroma-fe.html)
+* [Hardening your instance](hardening.html)
+* [How to activate mediaproxy](howto_mediaproxy.html)
+* [Small Pleroma-FE customizations](small_customizations.html)
+* [Updating your instance](updating.html)

 ## Questions

--- a/docs/installation/debian_based_en.md
+++ b/docs/installation/debian_based_en.md
@ -68,7 +68,7 @@ sudo useradd -r -s /bin/false -m -d /var/lib/pleroma -U pleroma
 ```shell
 sudo mkdir -p /opt/pleroma
 sudo chown -R pleroma:pleroma /opt/pleroma
-sudo -Hu pleroma git clone https://git.pleroma.social/pleroma/pleroma /opt/pleroma
+sudo -Hu pleroma git clone -b master https://git.pleroma.social/pleroma/pleroma /opt/pleroma
 ```

 * Change to the new directory:
@ -190,13 +190,12 @@ sudo -Hu pleroma MIX_ENV=prod mix pleroma.user new <username> <your@emailaddress

 #### Further reading

-* [Admin tasks](Admin tasks)
-* [Backup your instance](Backup-your-instance)
-* [Configuration tips](General tips for customizing pleroma fe)
-* [Hardening your instance](Hardening-your-instance)
-* [How to activate mediaproxy](How-to-activate-mediaproxy)
-* [Small Pleroma-FE customizations](Small customizations)
-* [Updating your instance](Updating-your-instance)
+* [Backup your instance](backup.html)
+* [Configuration tips](general-tips-for-customizing-pleroma-fe.html)
+* [Hardening your instance](hardening.html)
+* [How to activate mediaproxy](howto_mediaproxy.html)
+* [Small Pleroma-FE customizations](small_customizations.html)
+* [Updating your instance](updating.html)

 ## Questions

--- a/docs/installation/debian_based_jp.md
+++ b/docs/installation/debian_based_jp.md
@ -69,7 +69,7 @@ cd ~

 *  Gitリポジトリをクローンします。
 ```
-git clone https://git.pleroma.social/pleroma/pleroma
+git clone -b master https://git.pleroma.social/pleroma/pleroma
 ```

 *  新しいディレクトリに移動します。
@ -180,9 +180,12 @@ mix set_moderator username [true|false]

 #### コンフィギュレーションとカスタマイズ

-* [Configuration tips](General tips for customizing pleroma fe)
-* [Small Pleroma-FE customizations](Small customizations)
-* [Admin tasks](Admin tasks)
+* [Backup your instance](backup.html)
+* [Configuration tips](general-tips-for-customizing-pleroma-fe.html)
+* [Hardening your instance](hardening.html)
+* [How to activate mediaproxy](howto_mediaproxy.html)
+* [Small Pleroma-FE customizations](small_customizations.html)
+* [Updating your instance](updating.html)

 ## 質問ある？

--- a/docs/installation/gentoo_en.md
+++ b/docs/installation/gentoo_en.md
@ -106,7 +106,7 @@ It is highly recommended you use your own fork for the `https://path/to/repo` pa

 ```shell
 pleroma$ cd ~
- pleroma$ git clone https://path/to/repo
+ pleroma$ git clone -b master https://path/to/repo
 ```

 * Change to the new directory:
@ -283,13 +283,12 @@ If you opted to allow sudo for the `pleroma` user but would like to remove the a

 #### Further reading

-* [Admin tasks](Admin tasks)
-* [Backup your instance](Backup-your-instance)
-* [Configuration tips](General tips for customizing pleroma fe)
-* [Hardening your instance](Hardening-your-instance)
-* [How to activate mediaproxy](How-to-activate-mediaproxy)
-* [Small Pleroma-FE customizations](Small customizations)
-* [Updating your instance](Updating-your-instance)
+* [Backup your instance](backup.html)
+* [Configuration tips](general-tips-for-customizing-pleroma-fe.html)
+* [Hardening your instance](hardening.html)
+* [How to activate mediaproxy](howto_mediaproxy.html)
+* [Small Pleroma-FE customizations](small_customizations.html)
+* [Updating your instance](updating.html)

 ## Questions

--- a/docs/installation/migrating_from_source_otp_en.md
+++ b/docs/installation/migrating_from_source_otp_en.md
@ -0,0 +1,153 @@
+# Switching a from-source install to OTP releases
+## What are OTP releases?
+OTP releases are as close as you can get to binary releases with Erlang/Elixir. The release is self-contained, and provides everything needed to boot it, it is easily administered via the provided shell script to open up a remote console, start/stop/restart the release, start in the background, send remote commands, and more.
+### Can I still run the develop branch if I decide to use them?
+Yes, we produce builds for every commit in `develop`. However `develop` is considered unstable, please don't use it in production because of faster access to new features, unless you need them as an app developer.
+## Why would one want to switch?
+Benefits of OTP releases over from-source installs include:
+* **Less space used.** OTP releases come without source code, build tools, have docs and debug symbols stripped from the compiled bytecode and do not cointain tests, docs, revision history.
+* **Minimal system dependencies.** Excluding the database and reverse proxy, only `curl`, `unzip` and `ncurses` are needed to download and run the release. Because Erlang runtime and Elixir are shipped with Pleroma, one can use the latest BEAM optimizations and Pleroma features, without having to worry about outdated system repos or a missing `erlang-*` package.
+* **Potentially less bugs and better performance.** This extends on the previous point, because we have control over exactly what gets shipped, we can tweak the VM arguments and forget about weird bugs due to Erlang/Elixir version mismatches.
+* **Faster and less bug-prone mix tasks.** On a from-source install one has to wait untill a new Pleroma node is started for each mix task and they execute outside of the instance context (for example if a user was deleted via a mix task, the instance will have no knowledge of that and continue to display status count and follows before the cache expires). Mix tasks in OTP releases are executed by calling into a running instance via RPC, which solves both of these problems.
+
+### Sounds great, how do I switch?
+Currently we support Linux machines with GNU (e.g. Debian, Ubuntu) or musl (e.g. Alpine) libc and `x86_64`, `aarch64` or `armv7l` CPUs. If you are unsure, check the [Detecting flavour](otp_en.html#detecting-flavour) section in OTP install guide. If your platform is supported, proceed with the guide, if not check the [My platform is not supported](#my-platform-is-not-supported) section.
+### I don't think it is worth the effort, can I stay on a from-source install?
+Yes, currently there are no plans to deprecate them.
+
+### My platform is not supported
+If you think your platform is a popular choice for running Pleroma instances, or has the potential to become one, you can [file an issue on our Gitlab](https://git.pleroma.social/pleroma/pleroma/issues/new). If not, guides on how to build and update releases by yourself will be available soon.
+## Pre-requisites
+You will be running commands as root. If you aren't root already, please elevate your priviledges by executing `sudo su`/`su`.
+
+The system needs to have `curl` and `unzip` installed for downloading and unpacking release builds.
+
+Debian/Ubuntu:
+```sh
+apt install curl unzip
+```
+Alpine:
+```
+apk add curl unzip
+
+```
+## Moving content out of the application directory
+When using OTP releases the application directory changes with every version so it would be a bother to keep content there (and also dangerous unless `--no-rm` option is used when updating). Fortunately almost all paths in Pleroma are configurable, so it is possible to move them out of there.
+
+Pleroma should be stopped before proceeding.
+
+### Moving uploads/custom public files directory
+```sh
+# Create uploads directory and set proper permissions (skip if using a remote uploader)
+# Note: It does not have to be `/var/lib/pleroma/uploads`, you can configure it to be something else later
+mkdir -p /var/lib/pleroma/uploads
+chown -R pleroma /var/lib/pleroma
+
+# Create custom public files directory
+# Note: It does not have to be `/var/lib/pleroma/static`, you can configure it to be something else later
+mkdir -p /var/lib/pleroma/static
+chown -R pleroma /var/lib/pleroma
+
+# If you use the local uploader with default settings your uploads should be located in `~pleroma/uploads`
+mv ~pleroma/uploads/* /var/lib/pleroma/uploads
+
+# If you have created the custom public files directory with default settings it should be located in `~pleroma/instance/static`
+mv ~pleroma/instance/static /var/lib/pleroma/static
+```
+
+### Moving emoji
+Assuming you have all emojis in subdirectories of `priv/static/emoji` moving them can be done with
+```sh
+mkdir /var/lib/pleroma/static/emoji
+ls -d ~pleroma/priv/static/emoji/*/ | xargs -i sh -c 'mv "{}" "/var/lib/pleroma/static/emoji/$(basename {})"'
+```
+
+But, if for some reason you have custom emojis in the root directory you should copy the whole directory instead.
+```sh
+mv ~pleroma/priv/static/emoji /var/lib/pleroma/static/emoji
+```
+and then copy custom emojis to `/var/lib/pleroma/static/emoji/custom`. 
+
+This is needed because storing custom emojis in the root directory is deprecated, but if you just move them to `/var/lib/pleroma/static/emoji/custom` it will break emoji urls on old posts.
+
+Note that globs have been replaced with `pack_extensions`, so if your emojis are not in png/gif you should [modify the default value](config.html#emoji).
+
+### Moving the config
+```sh
+# Create the config directory
+# The default path for Pleroma config is /etc/pleroma/config.exs
+# but it can be set via PLEROMA_CONFIG_PATH environment variable
+mkdir -p /etc/pleroma
+
+# Move the config file
+mv ~pleroma/config/prod.secret.exs /etc/pleroma/config.exs
+
+# Change `use Mix.Config` at the top to `import Config`
+$EDITOR /etc/pleroma/config.exs
+```
+## Installing the release
+Before proceeding, get the flavour from [Detecting flavour](otp_en.html#detecting-flavour) section in OTP installation guide.
+```sh
+# Delete all files in pleroma user's directory
+rm -r ~pleroma/*
+
+# Set the flavour environment variable to the string you got in Detecting flavour section.
+# For example if the flavour is `arm64-musl` the command will be
+export FLAVOUR="arm64-musl"
+
+# Clone the release build into a temporary directory and unpack it
+# Replace `master` with `develop` if you want to run the develop branch
+su pleroma -s $SHELL -lc "
+curl 'https://git.pleroma.social/api/v4/projects/2/jobs/artifacts/master/download?job=$FLAVOUR' -o /tmp/pleroma.zip
+unzip /tmp/pleroma.zip -d /tmp/
+"
+
+# Move the release to the home directory and delete temporary files
+su pleroma -s $SHELL -lc "
+mv /tmp/release/* ~pleroma/
+rmdir /tmp/release
+rm /tmp/pleroma.zip
+"
+
+# Start the instance to verify that everything is working as expected
+su pleroma -s $SHELL -lc "./bin/pleroma daemon"
+
+# Wait for about 20 seconds and query the instance endpoint, if it shows your uri, name and email correctly, you are configured correctly
+sleep 20 && curl http://localhost:4000/api/v1/instance
+
+# Stop the instance
+su pleroma -s $SHELL -lc "./bin/pleroma stop"
+```
+
+## Setting up a system service
+OTP releases have different service files than from-source installs so they need to be copied over again.
+
+**Warning:** The service files assume pleroma user's home directory is `/opt/pleroma`, please make sure all paths fit your installation.
+
+Debian/Ubuntu:
+```sh
+# Copy the service into a proper directory
+cp ~pleroma/installation/pleroma.service /etc/systemd/system/pleroma.service
+
+# Reload service files
+systemctl daemon-reload
+
+# Reenable pleroma to start on boot
+systemctl reenable pleroma
+
+# Start pleroma
+systemctl start pleroma
+```
+
+Alpine:
+```sh
+# Copy the service into a proper directory
+cp -f ~pleroma/installation/init.d/pleroma /etc/init.d/pleroma
+
+# Start pleroma
+rc-service pleroma start
+```
+## Running mix tasks
+Refer to [Running mix tasks](otp_en.html#running-mix-tasks) section from OTP release installation guide.
+## Updating
+Refer to [Updating](otp_en.html#updating) section from OTP release installation guide.
--- a/docs/installation/netbsd_en.md
+++ b/docs/installation/netbsd_en.md
@ -58,7 +58,7 @@ Clone the repository:

 ```
 $ cd /home/pleroma
-$ git clone https://git.pleroma.social/pleroma/pleroma.git
+$ git clone -b master https://git.pleroma.social/pleroma/pleroma.git
 ```

 Configure Pleroma. Note that you need a domain name at this point:
--- a/docs/installation/openbsd_en.md
+++ b/docs/installation/openbsd_en.md
@ -29,7 +29,7 @@ This creates a "pleroma" login class and sets higher values than default for dat
 Create the \_pleroma user, assign it the pleroma login class and create its home directory (/home/\_pleroma/): `useradd -m -L pleroma _pleroma`

 #### Clone pleroma's directory
-Enter a shell as the \_pleroma user. As root, run `su _pleroma -;cd`. Then clone the repository with `git clone https://git.pleroma.social/pleroma/pleroma.git`. Pleroma is now installed in /home/\_pleroma/pleroma/, it will be configured and started at the end of this guide.
+Enter a shell as the \_pleroma user. As root, run `su _pleroma -;cd`. Then clone the repository with `git clone -b master https://git.pleroma.social/pleroma/pleroma.git`. Pleroma is now installed in /home/\_pleroma/pleroma/, it will be configured and started at the end of this guide.

 #### Postgresql
 Start a shell as the \_postgresql user (as root run `su _postgresql -` then run the `initdb` command to initialize postgresql:  
--- a/docs/installation/openbsd_fi.md
+++ b/docs/installation/openbsd_fi.md
@ -44,7 +44,7 @@ Vaihda pleroma-käyttäjään ja mene kotihakemistoosi:

 Lataa pleroman lähdekoodi:

-`$ git clone https://git.pleroma.social/pleroma/pleroma.git`
+`$ git clone -b master https://git.pleroma.social/pleroma/pleroma.git`

 `$ cd pleroma`

--- a/docs/installation/otp_en.md
+++ b/docs/installation/otp_en.md
@ -0,0 +1,261 @@
+# Installing on Linux using OTP releases
+
+## Pre-requisites
+* A machine running Linux with GNU (e.g. Debian, Ubuntu) or musl (e.g. Alpine) libc and `x86_64`, `aarch64` or `armv7l` CPU, you have root access to. If you are not sure if it's compatible see [Detecting flavour section](#detecting-flavour) below
+* A (sub)domain pointed to the machine
+
+You will be running commands as root. If you aren't root already, please elevate your priviledges by executing `sudo su`/`su`.
+
+While in theory OTP releases are possbile to install on any compatible machine, for the sake of simplicity this guide focuses only on Debian/Ubuntu/Alpine.
+
+### Detecting flavour
+
+Paste the following into the shell:
+```sh
+arch="$(uname -m)";if [ "$arch" = "x86_64" ];then arch="amd64";elif [ "$arch" = "armv7l" ];then arch="arm";elif [ "$arch" = "aarch64" ];then arch="arm64";else echo "Unsupported arch: $arch">&2;fi;if getconf GNU_LIBC_VERSION>/dev/null;then libc_postfix="";elif [ "$(ldd 2>&1|head -c 9)" = "musl libc" ];then libc_postfix="-musl";elif [ "$(find /lib/libc.musl*|wc -l)" ];then libc_postfix="-musl";else echo "Unsupported libc">&2;fi;echo "$arch$libc_postfix"
+```
+
+If your platform is supported the output will contain the flavour string, you will need it later. If not, this just means that we don't build releases for your platform, you can still try installing from source.
+
+### Installing the required packages
+
+Other than things bundled in the OTP release Pleroma depends on:
+* curl (to download the release build)
+* unzip (needed to unpack release builds)
+* ncurses (ERTS won't run without it)
+* PostgreSQL (also utilizes extensions in postgresql-contrib)
+* nginx (could be swapped with another reverse proxy but this guide covers only it)
+* certbot (for Let's Encrypt certificates, could be swapped with another ACME client, but this guide covers only it)
+
+Debian/Ubuntu:
+```sh
+apt install curl unzip libncurses5 postgresql postgresql-contrib nginx certbot
+```
+Alpine:
+
+```sh
+echo "http://nl.alpinelinux.org/alpine/latest-stable/community" >> /etc/apk/repositories
+apk update
+apk add curl unzip ncurses postgresql postgresql-contrib nginx certbot
+```
+
+## Setup
+### Configuring PostgreSQL
+#### (Optional) Installing RUM indexes
+RUM indexes are an alternative indexing scheme that is not included in PostgreSQL by default. You can read more about them on the [Configuration page](config.html#rum-indexing-for-full-text-search). They are completely optional and most of the time are not worth it, especially if you are running a single user instance (unless you absolutely need ordered search results).
+
+Debian/Ubuntu (available only on Buster/19.04):
+```sh
+apt install postgresql-11-rum
+```
+Alpine:
+```sh
+apk add git build-base postgresql-dev
+git clone https://github.com/postgrespro/rum /tmp/rum
+cd /tmp/rum
+make USE_PGXS=1
+make USE_PGXS=1 install
+cd
+rm -r /tmp/rum
+```
+#### (Optional) Performance configuration
+For optimal performance, you may use [PGTune](https://pgtune.leopard.in.ua), don't forget to restart postgresql after editing the configuration
+
+Debian/Ubuntu:
+```sh
+systemctl restart postgresql
+```
+Alpine:
+```sh
+rc-service postgresql restart
+```
+### Installing Pleroma
+```sh
+# Create the Pleroma user
+adduser --system --shell  /bin/false --home /opt/pleroma pleroma
+
+# Set the flavour environment variable to the string you got in Detecting flavour section. 
+# For example if the flavour is `arm64-musl` the command will be
+export FLAVOUR="arm64-musl"
+
+# Clone the release build into a temporary directory and unpack it
+su pleroma -s $SHELL -lc "
+curl 'https://git.pleroma.social/api/v4/projects/2/jobs/artifacts/master/download?job=$FLAVOUR' -o /tmp/pleroma.zip
+unzip /tmp/pleroma.zip -d /tmp/
+"
+
+# Move the release to the home directory and delete temporary files
+su pleroma -s $SHELL -lc "
+mv /tmp/release/* /opt/pleroma
+rmdir /tmp/release
+rm /tmp/pleroma.zip
+"
+# Create uploads directory and set proper permissions (skip if planning to use a remote uploader)
+# Note: It does not have to be `/var/lib/pleroma/uploads`, the config generator will ask about the upload directory later
+
+mkdir -p /var/lib/pleroma/uploads
+chown -R pleroma /var/lib/pleroma
+
+# Create custom public files directory (custom emojis, frontend bundle overrides, robots.txt, etc.)
+# Note: It does not have to be `/var/lib/pleroma/static`, the config generator will ask about the custom public files directory later
+mkdir -p /var/lib/pleroma/static
+chown -R pleroma /var/lib/pleroma
+
+# Create a config directory
+mkdir -p /etc/pleroma
+chown -R pleroma /etc/pleroma
+
+# Run the config generator
+su pleroma -s $SHELL -lc "./bin/pleroma_ctl instance gen --output /etc/pleroma/config.exs --output-psql /tmp/setup_db.psql"
+
+# Create the postgres database
+su postgres -s $SHELL -lc "psql -f /tmp/setup_db.psql"
+
+# Create the database schema
+su pleroma -s $SHELL -lc "./bin/pleroma_ctl migrate"
+
+# If you have installed RUM indexes uncommend and run
+# su pleroma -s $SHELL -lc "./bin/pleroma_ctl migrate --migrations-path priv/repo/optional_migrations/rum_indexing/"
+
+# Start the instance to verify that everything is working as expected
+su pleroma -s $SHELL -lc "./bin/pleroma daemon"
+
+# Wait for about 20 seconds and query the instance endpoint, if it shows your uri, name and email correctly, you are configured correctly
+sleep 20 && curl http://localhost:4000/api/v1/instance
+
+# Stop the instance
+su pleroma -s $SHELL -lc "./bin/pleroma stop"
+```
+
+### Setting up nginx and getting Let's Encrypt SSL certificaties
+
+```sh
+# Get a Let's Encrypt certificate
+certbot certonly --standalone --preferred-challenges http -d yourinstance.tld
+
+# Copy the Pleroma nginx configuration to the nginx folder
+# The location of nginx configs is dependent on the distro
+
+# For Debian/Ubuntu:
+cp /opt/pleroma/installation/pleroma.nginx /etc/nginx/sites-available/pleroma.nginx
+ln -s /etc/nginx/sites-available/pleroma.nginx /etc/nginx/sites-enabled/pleroma.nginx
+# For Alpine:
+cp /opt/pleroma/installation/pleroma.nginx /etc/nginx/conf.d/pleroma.conf
+# If your distro does not have either of those you can append
+# `include /etc/nginx/pleroma.conf` to the end of the http section in /etc/nginx/nginx.conf and
+cp /opt/pleroma/installation/pleroma.nginx /etc/nginx/pleroma.conf
+
+# Edit the nginx config replacing example.tld with your (sub)domain
+$EDITOR path-to-nginx-config
+
+# Verify that the config is valid
+nginx -t
+
+# Start nginx
+# For Debian/Ubuntu:
+systemctl start nginx
+# For Alpine:
+rc-service nginx start
+```
+
+At this point if you open your (sub)domain in a browser you should see a 502 error, that's because pleroma is not started yet.
+
+### Setting up a system service
+Debian/Ubuntu:
+```sh
+# Copy the service into a proper directory
+cp /opt/pleroma/installation/pleroma.service /etc/systemd/system/pleroma.service
+
+# Start pleroma and enable it on boot
+systemctl start pleroma
+systemctl enable pleroma
+```
+Alpine:
+```sh
+# Copy the service into a proper directory
+cp /opt/pleroma/installation/init.d/pleroma /etc/init.d/pleroma
+
+# Start pleroma and enable it on boot
+rc-service pleroma start
+rc-update add pleroma
+```
+
+If everything worked, you should see Pleroma-FE when visiting your domain. If that didn't happen, try reviewing the installation steps, starting Pleroma in the foreground and seeing if there are any errrors. 
+
+Still doesn't work? Feel free to contact us on [#pleroma on freenode](https://webchat.freenode.net/?channels=%23pleroma) or via matrix at <https://matrix.heldscal.la/#/room/#freenode_#pleroma:matrix.org>, you can also [file an issue on our Gitlab](https://git.pleroma.social/pleroma/pleroma/issues/new)
+
+## Post installation
+
+### Setting up auto-renew Let's Encrypt certificate
+```sh
+# Create the directory for webroot challenges
+mkdir -p /var/lib/letsencrypt
+
+# Uncomment the webroot method
+$EDITOR path-to-nginx-config
+
+# Verify that the config is valid
+nginx -t
+```
+Debian/Ubuntu:
+```sh
+# Restart nginx
+systemctl restart nginx
+
+# Ensure the webroot menthod and post hook is working
+certbot renew --cert-name yourinstance.tld --webroot -w /var/lib/letsencrypt/ --dry-run --post-hook 'systemctl nginx reload'
+
+# Add it to the daily cron
+echo '#!/bin/sh
+certbot renew --cert-name yourinstance.tld --webroot -w /var/lib/letsencrypt/ --post-hook "systemctl reload nginx"
+' > /etc/cron.daily/renew-pleroma-cert
+chmod +x /etc/cron.daily/renew-pleroma-cert
+
+# If everything worked the output should contain /etc/cron.daily/renew-pleroma-cert
+run-parts --test /etc/cron.daily
+```
+Alpine:
+```sh
+# Restart nginx
+rc-service nginx restart
+
+# Start the cron daemon and make it start on boot
+rc-service crond start
+rc-update add crond
+
+# Ensure the webroot menthod and post hook is working
+certbot renew --cert-name yourinstance.tld --webroot -w /var/lib/letsencrypt/ --dry-run --post-hook 'rc-service nginx reload'
+
+# Add it to the daily cron
+echo '#!/bin/sh
+certbot renew --cert-name yourinstance.tld --webroot -w /var/lib/letsencrypt/ --post-hook "rc-service nginx reload"
+' > /etc/periodic/daily/renew-pleroma-cert
+chmod +x /etc/periodic/daily/renew-pleroma-cert
+
+# If everything worked this should output /etc/periodic/daily/renew-pleroma-cert
+run-parts --test /etc/periodic/daily
+```
+### Running mix tasks
+Throughout the wiki and guides there is a lot of references to mix tasks. Since `mix` is a build tool, you can't just call `mix pleroma.task`, instead you should call `pleroma_ctl` stripping pleroma/ecto namespace.
+
+So for example, if the task is `mix pleroma.user set admin --admin`, you should run it like this:
+```sh
+su pleroma -s $SHELL -lc "./bin/pleroma_ctl user set admin --admin"
+```
+### Updating
+Generally, doing the following is enough:
+```sh
+# Download the new release
+su pleroma -s $SHELL -lc "./bin/pleroma_ctl update"
+
+# Migrate the database, you are advised to stop the instance before doing that
+su pleroma -s $SHELL -lc "./bin/pleroma_ctl migrate"
+```
+But you should **always check the release notes/changelog** in case there are config deprecations, special update steps, etc.
+
+## Further reading
+* [Configuration](config.html)
+* [Pleroma's base config.exs](https://git.pleroma.social/pleroma/pleroma/blob/master/config/config.exs)
+* [Hardening your instance](hardening.html)
+* [Pleroma Clients](clients.html)
+* [Emoji pack manager](Mix.Tasks.Pleroma.Emoji.html)