Compare commits

...

5 commits

Author SHA1 Message Date
Izalia Mae 815053c06f fix the convert command 2024-01-24 01:20:23 -05:00
Izalia Mae e66be009a6 use the right name for the domain_bans table 2024-01-24 01:20:00 -05:00
Izalia Mae 09e7a8f404 update docs for new commands and config file 2024-01-24 00:48:15 -05:00
Izalia Mae fc8738afab update relay.service file to use run command 2024-01-23 22:04:07 -05:00
Izalia Mae cdb10547ec remove extra whitespace in relay.nginx 2024-01-23 22:03:44 -05:00
6 changed files with 87 additions and 76 deletions

View file

@ -3,11 +3,8 @@
There are a number of commands to manage your relay's database and config. You can add `--help` to There are a number of commands to manage your relay's database and config. You can add `--help` to
any category or command to get help on that specific option (ex. `activityrelay inbox --help`). any category or command to get help on that specific option (ex. `activityrelay inbox --help`).
Note: Unless specified, it is recommended to run any commands while the relay is shutdown. Note: `activityrelay` is only available via pip or pipx if `~/.local/bin` is in `$PATH`. If not,
use `python3 -m relay` if installed via pip or `~/.local/bin/activityrelay` if installed via pipx.
Note 2: `activityrelay` is only available via pip or pipx if `~/.local/bin` is in `$PATH`. If it
isn't, use `python3 -m relay` if installed via pip or `~/.local/bin/activityrelay` if installed
via pipx
## Run ## Run
@ -24,6 +21,22 @@ Run the setup wizard to configure your relay.
activityrelay setup activityrelay setup
## Convert
Convert the old config and jsonld to the new config and SQL backend. If the old config filename is
not specified, the config will get backed up as `relay.backup.yaml` before converting.
activityrelay convert --old-config relaycfg.yaml
## Edit Config
Open the config file in a text editor. If an editor is not specified with `--editor`, the default
editor will be used.
activityrelay edit-config --editor micro
## Config ## Config
Manage the relay config Manage the relay config
@ -120,7 +133,7 @@ Remove a domain from the whitelist.
### Import ### Import
Add all current inboxes to the whitelist Add all current inboxes to the whitelist.
activityrelay whitelist import activityrelay whitelist import
@ -132,15 +145,15 @@ Manage the instance ban list.
### List ### List
List the currently banned instances List the currently banned instances.
activityrelay instance list activityrelay instance list
### Ban ### Ban
Add an instance to the ban list. If the instance is currently subscribed, remove it from the Add an instance to the ban list. If the instance is currently subscribed, it will be removed from
database. the inbox list.
activityrelay instance ban <domain> activityrelay instance ban <domain>
@ -152,10 +165,17 @@ Remove an instance from the ban list.
activityrelay instance unban <domain> activityrelay instance unban <domain>
### Update
Update the ban reason or note for an instance ban.
activityrelay instance update bad.example.com --reason "the baddest reason"
## Software ## Software
Manage the software ban list. To get the correct name, check the software's nodeinfo endpoint. Manage the software ban list. To get the correct name, check the software's nodeinfo endpoint.
You can find it at nodeinfo\['software']\['name']. You can find it at `nodeinfo['software']['name']`.
### List ### List
@ -186,4 +206,12 @@ name via nodeinfo.
If the name is `RELAYS` (case-sensitive), remove all known relay software names from the list. If the name is `RELAYS` (case-sensitive), remove all known relay software names from the list.
activityrelay unban [-f/--fetch-nodeinfo] <name, domain, or RELAYS> activityrelay software unban [-f/--fetch-nodeinfo] <name, domain, or RELAYS>
### Update
Update the ban reason or note for a software ban. Either `--reason` and/or `--note` must be
specified.
activityrelay software update relay.example.com --reason "begone relay"

View file

@ -2,41 +2,23 @@
## General ## General
### DB ### Domain
The path to the database. It contains the relay actor private key and all subscribed Hostname the relay will be hosted on.
instances. If the path is not absolute, it is relative to the working directory.
db: relay.jsonld domain: relay.example.com
### Listener ### Listener
The address and port the relay will listen on. If the reverse proxy (nginx, apache, caddy, etc) The address and port the relay will listen on. If the reverse proxy (nginx, apache, caddy, etc)
is running on the same host, it is recommended to change `listen` to `localhost` is running on the same host, it is recommended to change `listen` to `localhost` if the reverse
proxy is on the same host.
listen: 0.0.0.0 listen: 0.0.0.0
port: 8080 port: 8080
### Note
A small blurb to describe your relay instance. This will show up on the relay's home page.
note: "Make a note about your instance here."
### Post Limit
The maximum number of messages to send out at once. For each incoming message, a message will be
sent out to every subscribed instance minus the instance which sent the message. This limit
is to prevent too many outgoing connections from being made, so adjust if necessary.
Note: If the `workers` option is set to anything above 0, this limit will be per worker.
push_limit: 512
### Push Workers ### Push Workers
The relay can be configured to use threads to push messages out. For smaller relays, this isn't The relay can be configured to use threads to push messages out. For smaller relays, this isn't
@ -46,60 +28,59 @@ threads.
workers: 0 workers: 0
### JSON GET cache limit ### Database type
JSON objects (actors, nodeinfo, etc) will get cached when fetched. This will set the max number of SQL database backend to use. Valid values are `sqlite` or `postgres`.
objects to keep in the cache.
json_cache: 1024 database_type: sqlite
## AP ### Sqlite File Path
Various ActivityPub-related settings Path to the sqlite database file. If the path is not absolute, it is relative to the config file.
directory.
sqlite_path: relay.jsonld
## Postgresql
In order to use the Postgresql backend, the user and database need to be created first.
sudo -u postgres psql -c "CREATE USER activityrelay"
sudo -u postgres psql -c "CREATE DATABASE activityrelay OWNER activityrelay"
### Database Name
Name of the database to use.
name: activityrelay
### Host ### Host
The domain your relay will use to identify itself. Hostname, IP address, or unix socket the server is hosted on.
host: relay.example.com host: /var/run/postgresql
### Whitelist Enabled ### Port
If set to `true`, only instances in the whitelist can follow the relay. Any subscribed instances Port number the server is listening on.
not in the whitelist will be removed from the inbox list on startup.
whitelist_enabled: false port: 5432
### Whitelist ### Username
A list of domains of instances which are allowed to subscribe to your relay. User to use when logging into the server.
whitelist: user: null
- bad-instance.example.com
- another-bad-instance.example.com
### Blocked Instances ### Password
A list of instances which are unable to follow the instance. If a subscribed instance is added to Password for the specified user.
the block list, it will be removed from the inbox list on startup.
blocked_instances: pass: null
- bad-instance.example.com
- another-bad-instance.example.com
### Blocked Software
A list of ActivityPub software which cannot follow your relay. This list is empty by default, but
setting this to the below list will block all other relays and prevent relay chains
blocked_software:
- activityrelay
- aoderelay
- social.seattle.wa.us-relay
- unciarelay

View file

@ -28,14 +28,14 @@ server {
# logging, mostly for debug purposes. Disable if you wish. # logging, mostly for debug purposes. Disable if you wish.
access_log /srv/www/relay.<yourdomain>/logs/access.log; access_log /srv/www/relay.<yourdomain>/logs/access.log;
error_log /srv/www/relay.<yourdomain>/logs/error.log; error_log /srv/www/relay.<yourdomain>/logs/error.log;
ssl_protocols TLSv1.2; ssl_protocols TLSv1.2;
ssl_ciphers EECDH+AESGCM:EECDH+AES; ssl_ciphers EECDH+AESGCM:EECDH+AES;
ssl_ecdh_curve secp384r1; ssl_ecdh_curve secp384r1;
ssl_prefer_server_ciphers on; ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m; ssl_session_cache shared:SSL:10m;
# ssl certs. # ssl certs.
ssl_certificate /usr/local/etc/letsencrypt/live/relay.<yourdomain>/fullchain.pem; ssl_certificate /usr/local/etc/letsencrypt/live/relay.<yourdomain>/fullchain.pem;
ssl_certificate_key /usr/local/etc/letsencrypt/live/relay.<yourdomain>/privkey.pem; ssl_certificate_key /usr/local/etc/letsencrypt/live/relay.<yourdomain>/privkey.pem;
@ -48,7 +48,7 @@ server {
# sts, change if you care. # sts, change if you care.
# add_header Strict-Transport-Security "max-age=31536000; includeSubDomains"; # add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
# uncomment this to use a static page in your webroot for your root page. # uncomment this to use a static page in your webroot for your root page.
#location = / { #location = / {
# index index.html; # index index.html;

View file

@ -3,7 +3,7 @@ Description=ActivityPub Relay
[Service] [Service]
WorkingDirectory=/home/relay/relay WorkingDirectory=/home/relay/relay
ExecStart=/usr/bin/python3 -m relay ExecStart=/usr/bin/python3 -m relay run
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target

View file

@ -33,7 +33,7 @@ TABLES: list[Table] = [
Column('created', 'timestamp') Column('created', 'timestamp')
), ),
Table( Table(
'instance_bans', 'domain_bans',
Column('domain', 'text', primary_key = True, unique = True, nullable = True), Column('domain', 'text', primary_key = True, unique = True, nullable = True),
Column('reason', 'text'), Column('reason', 'text'),
Column('note', 'text'), Column('note', 'text'),

View file

@ -189,7 +189,7 @@ def cli_run(ctx: click.Context) -> None:
def cli_convert(ctx: click.Context, old_config: str) -> None: def cli_convert(ctx: click.Context, old_config: str) -> None:
'Convert an old config and jsonld database to the new format.' 'Convert an old config and jsonld database to the new format.'
old_config = Path(old_config).expanduser().resolve() old_config = Path(old_config).expanduser().resolve() if old_config else ctx.obj.config.path
backup = ctx.obj.config.path.parent.joinpath(f'{ctx.obj.config.path.stem}.backup.yaml') backup = ctx.obj.config.path.parent.joinpath(f'{ctx.obj.config.path.stem}.backup.yaml')
if str(old_config) == str(ctx.obj.config.path) and not backup.exists(): if str(old_config) == str(ctx.obj.config.path) and not backup.exists():
@ -206,6 +206,8 @@ def cli_convert(ctx: click.Context, old_config: str) -> None:
ctx.obj.config.set('port', config['port']) ctx.obj.config.set('port', config['port'])
ctx.obj.config.set('workers', config['workers']) ctx.obj.config.set('workers', config['workers'])
ctx.obj.config.set('sq_path', config['db'].replace('jsonld', 'sqlite3')) ctx.obj.config.set('sq_path', config['db'].replace('jsonld', 'sqlite3'))
ctx.obj.config.set('domain', config['host'])
ctx.obj.config.save()
with get_database(ctx.obj.config) as db: with get_database(ctx.obj.config) as db:
with db.connection() as conn: with db.connection() as conn: