diff options
| author | lain <lain@soykaf.club> | 2020-08-17 12:26:53 +0000 |
|---|---|---|
| committer | lain <lain@soykaf.club> | 2020-08-17 12:26:53 +0000 |
| commit | e154fcf5258879c68fd7bd9fddd56d3dcb787826 (patch) | |
| tree | 49baeee246b7493acbbeb9dc112488cbac4b69ea /docs/configuration | |
| parent | 1f2aad6fda22a3af8b475b5e4a01eae95a3438da (diff) | |
| parent | 60ac83a4c196233ed13c3da9ca296b0a4224e9a3 (diff) | |
| download | pleroma-e154fcf5258879c68fd7bd9fddd56d3dcb787826.tar.gz | |
Merge branch '2046-default-restrict-unauthenticated-basing-on-instance-privacy' into 'develop'
[#2046] Defaulted pleroma/restrict_unauthenticated basing on instance privacy
Closes #2046
See merge request pleroma/pleroma!2890
Diffstat (limited to 'docs/configuration')
| -rw-r--r-- | docs/configuration/cheatsheet.md | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index e5742bc3a..e68b6c6dc 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -38,8 +38,8 @@ To add configuration to your config file, you can copy it from the base config. * `federation_incoming_replies_max_depth`: Max. depth of reply-to activities fetching on incoming federation, to prevent out-of-memory situations while fetching very long threads. If set to `nil`, threads of any depth will be fetched. Lower this value if you experience out-of-memory crashes. * `federation_reachability_timeout_days`: Timeout (in days) of each external federation target being unreachable prior to pausing federating to it. * `allow_relay`: Enable Pleroma’s Relay, which makes it possible to follow a whole instance. -* `public`: Makes the client API in authenticated mode-only except for user-profiles. Useful for disabling the Local Timeline and The Whole Known Network. See also: `restrict_unauthenticated`. -* `quarantined_instances`: List of ActivityPub instances where private(DMs, followers-only) activities will not be send. +* `public`: Makes the client API in authenticated mode-only except for user-profiles. Useful for disabling the Local Timeline and The Whole Known Network. Note that there is a dependent setting restricting or allowing unauthenticated access to specific resources, see `restrict_unauthenticated` for more details. +* `quarantined_instances`: List of ActivityPub instances where private (DMs, followers-only) activities will not be send. * `managed_config`: Whenether the config for pleroma-fe is configured in [:frontend_configurations](#frontend_configurations) or in ``static/config.json``. * `allowed_post_formats`: MIME-type list of formats allowed to be posted (transformed into HTML). * `extended_nickname_format`: Set to `true` to use extended local nicknames format (allows underscores/dashes). This will break federation with @@ -1051,6 +1051,8 @@ Restrict access for unauthenticated users to timelines (public and federated), u * `local` * `remote` +Note: when `:instance, :public` is set to `false`, all `:restrict_unauthenticated` items be effectively set to `true` by default. If you'd like to allow unauthenticated access to specific API endpoints on a private instance, please explicitly set `:restrict_unauthenticated` to non-default value in `config/prod.secret.exs`. + Note: setting `restrict_unauthenticated/timelines/local` to `true` has no practical sense if `restrict_unauthenticated/timelines/federated` is set to `false` (since local public activities will still be delivered to unauthenticated users as part of federated timeline). ## Pleroma.Web.ApiSpec.CastAndValidate |