Compare commits

..

No commits in common. "815053c06faffcebca438056610a971f1f4033bc" and "7a9d346642263623748bc3a37490df040af657f6" have entirely different histories.

6 changed files with 76 additions and 87 deletions

View file

@ -3,8 +3,11 @@
There are a number of commands to manage your relay's database and config. You can add `--help` to There are a number of commands to manage your relay's database and config. You can add `--help` to
any category or command to get help on that specific option (ex. `activityrelay inbox --help`). any category or command to get help on that specific option (ex. `activityrelay inbox --help`).
Note: `activityrelay` is only available via pip or pipx if `~/.local/bin` is in `$PATH`. If not, Note: Unless specified, it is recommended to run any commands while the relay is shutdown.
use `python3 -m relay` if installed via pip or `~/.local/bin/activityrelay` if installed via pipx.
Note 2: `activityrelay` is only available via pip or pipx if `~/.local/bin` is in `$PATH`. If it
isn't, use `python3 -m relay` if installed via pip or `~/.local/bin/activityrelay` if installed
via pipx
## Run ## Run
@ -21,22 +24,6 @@ Run the setup wizard to configure your relay.
activityrelay setup activityrelay setup
## Convert
Convert the old config and jsonld to the new config and SQL backend. If the old config filename is
not specified, the config will get backed up as `relay.backup.yaml` before converting.
activityrelay convert --old-config relaycfg.yaml
## Edit Config
Open the config file in a text editor. If an editor is not specified with `--editor`, the default
editor will be used.
activityrelay edit-config --editor micro
## Config ## Config
Manage the relay config Manage the relay config
@ -133,7 +120,7 @@ Remove a domain from the whitelist.
### Import ### Import
Add all current inboxes to the whitelist. Add all current inboxes to the whitelist
activityrelay whitelist import activityrelay whitelist import
@ -145,15 +132,15 @@ Manage the instance ban list.
### List ### List
List the currently banned instances. List the currently banned instances
activityrelay instance list activityrelay instance list
### Ban ### Ban
Add an instance to the ban list. If the instance is currently subscribed, it will be removed from Add an instance to the ban list. If the instance is currently subscribed, remove it from the
the inbox list. database.
activityrelay instance ban <domain> activityrelay instance ban <domain>
@ -165,17 +152,10 @@ Remove an instance from the ban list.
activityrelay instance unban <domain> activityrelay instance unban <domain>
### Update
Update the ban reason or note for an instance ban.
activityrelay instance update bad.example.com --reason "the baddest reason"
## Software ## Software
Manage the software ban list. To get the correct name, check the software's nodeinfo endpoint. Manage the software ban list. To get the correct name, check the software's nodeinfo endpoint.
You can find it at `nodeinfo['software']['name']`. You can find it at nodeinfo\['software']\['name'].
### List ### List
@ -206,12 +186,4 @@ name via nodeinfo.
If the name is `RELAYS` (case-sensitive), remove all known relay software names from the list. If the name is `RELAYS` (case-sensitive), remove all known relay software names from the list.
activityrelay software unban [-f/--fetch-nodeinfo] <name, domain, or RELAYS> activityrelay unban [-f/--fetch-nodeinfo] <name, domain, or RELAYS>
### Update
Update the ban reason or note for a software ban. Either `--reason` and/or `--note` must be
specified.
activityrelay software update relay.example.com --reason "begone relay"

View file

@ -2,23 +2,41 @@
## General ## General
### Domain ### DB
Hostname the relay will be hosted on. The path to the database. It contains the relay actor private key and all subscribed
instances. If the path is not absolute, it is relative to the working directory.
domain: relay.example.com db: relay.jsonld
### Listener ### Listener
The address and port the relay will listen on. If the reverse proxy (nginx, apache, caddy, etc) The address and port the relay will listen on. If the reverse proxy (nginx, apache, caddy, etc)
is running on the same host, it is recommended to change `listen` to `localhost` if the reverse is running on the same host, it is recommended to change `listen` to `localhost`
proxy is on the same host.
listen: 0.0.0.0 listen: 0.0.0.0
port: 8080 port: 8080
### Note
A small blurb to describe your relay instance. This will show up on the relay's home page.
note: "Make a note about your instance here."
### Post Limit
The maximum number of messages to send out at once. For each incoming message, a message will be
sent out to every subscribed instance minus the instance which sent the message. This limit
is to prevent too many outgoing connections from being made, so adjust if necessary.
Note: If the `workers` option is set to anything above 0, this limit will be per worker.
push_limit: 512
### Push Workers ### Push Workers
The relay can be configured to use threads to push messages out. For smaller relays, this isn't The relay can be configured to use threads to push messages out. For smaller relays, this isn't
@ -28,59 +46,60 @@ threads.
workers: 0 workers: 0
### Database type ### JSON GET cache limit
SQL database backend to use. Valid values are `sqlite` or `postgres`. JSON objects (actors, nodeinfo, etc) will get cached when fetched. This will set the max number of
objects to keep in the cache.
database_type: sqlite json_cache: 1024
### Sqlite File Path ## AP
Path to the sqlite database file. If the path is not absolute, it is relative to the config file. Various ActivityPub-related settings
directory.
sqlite_path: relay.jsonld
## Postgresql
In order to use the Postgresql backend, the user and database need to be created first.
sudo -u postgres psql -c "CREATE USER activityrelay"
sudo -u postgres psql -c "CREATE DATABASE activityrelay OWNER activityrelay"
### Database Name
Name of the database to use.
name: activityrelay
### Host ### Host
Hostname, IP address, or unix socket the server is hosted on. The domain your relay will use to identify itself.
host: /var/run/postgresql host: relay.example.com
### Port ### Whitelist Enabled
Port number the server is listening on. If set to `true`, only instances in the whitelist can follow the relay. Any subscribed instances
not in the whitelist will be removed from the inbox list on startup.
port: 5432 whitelist_enabled: false
### Username ### Whitelist
User to use when logging into the server. A list of domains of instances which are allowed to subscribe to your relay.
user: null whitelist:
- bad-instance.example.com
- another-bad-instance.example.com
### Password ### Blocked Instances
Password for the specified user. A list of instances which are unable to follow the instance. If a subscribed instance is added to
the block list, it will be removed from the inbox list on startup.
pass: null blocked_instances:
- bad-instance.example.com
- another-bad-instance.example.com
### Blocked Software
A list of ActivityPub software which cannot follow your relay. This list is empty by default, but
setting this to the below list will block all other relays and prevent relay chains
blocked_software:
- activityrelay
- aoderelay
- social.seattle.wa.us-relay
- unciarelay

View file

@ -28,14 +28,14 @@ server {
# logging, mostly for debug purposes. Disable if you wish. # logging, mostly for debug purposes. Disable if you wish.
access_log /srv/www/relay.<yourdomain>/logs/access.log; access_log /srv/www/relay.<yourdomain>/logs/access.log;
error_log /srv/www/relay.<yourdomain>/logs/error.log; error_log /srv/www/relay.<yourdomain>/logs/error.log;
ssl_protocols TLSv1.2; ssl_protocols TLSv1.2;
ssl_ciphers EECDH+AESGCM:EECDH+AES; ssl_ciphers EECDH+AESGCM:EECDH+AES;
ssl_ecdh_curve secp384r1; ssl_ecdh_curve secp384r1;
ssl_prefer_server_ciphers on; ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m; ssl_session_cache shared:SSL:10m;
# ssl certs. # ssl certs.
ssl_certificate /usr/local/etc/letsencrypt/live/relay.<yourdomain>/fullchain.pem; ssl_certificate /usr/local/etc/letsencrypt/live/relay.<yourdomain>/fullchain.pem;
ssl_certificate_key /usr/local/etc/letsencrypt/live/relay.<yourdomain>/privkey.pem; ssl_certificate_key /usr/local/etc/letsencrypt/live/relay.<yourdomain>/privkey.pem;
@ -48,7 +48,7 @@ server {
# sts, change if you care. # sts, change if you care.
# add_header Strict-Transport-Security "max-age=31536000; includeSubDomains"; # add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
# uncomment this to use a static page in your webroot for your root page. # uncomment this to use a static page in your webroot for your root page.
#location = / { #location = / {
# index index.html; # index index.html;

View file

@ -3,7 +3,7 @@ Description=ActivityPub Relay
[Service] [Service]
WorkingDirectory=/home/relay/relay WorkingDirectory=/home/relay/relay
ExecStart=/usr/bin/python3 -m relay run ExecStart=/usr/bin/python3 -m relay
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target

View file

@ -33,7 +33,7 @@ TABLES: list[Table] = [
Column('created', 'timestamp') Column('created', 'timestamp')
), ),
Table( Table(
'domain_bans', 'instance_bans',
Column('domain', 'text', primary_key = True, unique = True, nullable = True), Column('domain', 'text', primary_key = True, unique = True, nullable = True),
Column('reason', 'text'), Column('reason', 'text'),
Column('note', 'text'), Column('note', 'text'),

View file

@ -189,7 +189,7 @@ def cli_run(ctx: click.Context) -> None:
def cli_convert(ctx: click.Context, old_config: str) -> None: def cli_convert(ctx: click.Context, old_config: str) -> None:
'Convert an old config and jsonld database to the new format.' 'Convert an old config and jsonld database to the new format.'
old_config = Path(old_config).expanduser().resolve() if old_config else ctx.obj.config.path old_config = Path(old_config).expanduser().resolve()
backup = ctx.obj.config.path.parent.joinpath(f'{ctx.obj.config.path.stem}.backup.yaml') backup = ctx.obj.config.path.parent.joinpath(f'{ctx.obj.config.path.stem}.backup.yaml')
if str(old_config) == str(ctx.obj.config.path) and not backup.exists(): if str(old_config) == str(ctx.obj.config.path) and not backup.exists():
@ -206,8 +206,6 @@ def cli_convert(ctx: click.Context, old_config: str) -> None:
ctx.obj.config.set('port', config['port']) ctx.obj.config.set('port', config['port'])
ctx.obj.config.set('workers', config['workers']) ctx.obj.config.set('workers', config['workers'])
ctx.obj.config.set('sq_path', config['db'].replace('jsonld', 'sqlite3')) ctx.obj.config.set('sq_path', config['db'].replace('jsonld', 'sqlite3'))
ctx.obj.config.set('domain', config['host'])
ctx.obj.config.save()
with get_database(ctx.obj.config) as db: with get_database(ctx.obj.config) as db:
with db.connection() as conn: with db.connection() as conn: