Created
July 29, 2020 11:07
-
-
Save zhoreeq/0a5394f5ad048a9832bb95d0309a0dc4 to your computer and use it in GitHub Desktop.
Pleroma config for yggdrasil
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Pleroma instance configuration | |
# NOTE: This file should not be committed to a repo or otherwise made public | |
# without removing sensitive information. | |
import Config | |
config :pleroma, Pleroma.Web.Endpoint, | |
url: [host: "pl.aiazfnqgic2a2p7g5l25ufa67q.ygg", scheme: "http", port: 80], | |
http: [ip: {127, 0, 0, 1}, port: 4000], | |
secret_key_base: "aShQBGBVwFpfeYl0q8LdPz02wTbAZBHfxcX0267wQLVNjUra+l+QRFWoOGm32weE", | |
signing_salt: "bmIlD11G", | |
check_origin: false | |
config :pleroma, :instance, | |
name: "Ancapistan", | |
email: "zhoreeq@protonmail.com", | |
notify_email: "zhoreeq@protonmail.com", | |
limit: 5000, | |
registrations_open: true | |
config :pleroma, :media_proxy, | |
enabled: false, | |
redirect_on_failure: true | |
#base_url: "https://cache.pleroma.social" | |
config :pleroma, Pleroma.Repo, | |
adapter: Ecto.Adapters.Postgres, | |
username: "pleroma", | |
password: "aOTiMurwxMVPjupdt14l+qOkL9KvQnrPlsj/HRsw93Q+MEEm1RB70NSzMQ2QfbfJ", | |
database: "pleroma", | |
hostname: "localhost", | |
pool_size: 10 | |
# Configure web push notifications | |
config :web_push_encryption, :vapid_details, | |
subject: "mailto:zhoreeq@protonmail.com", | |
public_key: "BIFqFEuFrFvR-B_z36viN5B7aw1buTi7gkDY87VGnacdSvXHBgodmqDFuftaxHE5MGPqDq1EqOUMNErYCyORFak", | |
private_key: "wdsR6AWGJ6Z6yOoZVAWLz_sKVjk2hYGgPSghW7wd6Bs" | |
config :pleroma, :database, rum_enabled: true | |
config :pleroma, :instance, static_dir: "/var/lib/pleroma/static" | |
config :pleroma, Pleroma.Uploaders.Local, uploads: "/var/lib/pleroma/uploads" | |
# Enable Strict-Transport-Security once SSL is working: | |
config :pleroma, :http_security, | |
enabled: false, | |
sts: false | |
# Configure S3 support if desired. | |
# The public S3 endpoint is different depending on region and provider, | |
# consult your S3 provider's documentation for details on what to use. | |
# | |
# config :pleroma, Pleroma.Uploaders.S3, | |
# bucket: "some-bucket", | |
# public_endpoint: "https://s3.amazonaws.com" | |
# | |
# Configure S3 credentials: | |
# config :ex_aws, :s3, | |
# access_key_id: "xxxxxxxxxxxxx", | |
# secret_access_key: "yyyyyyyyyyyy", | |
# region: "us-east-1", | |
# scheme: "https://" | |
# | |
# For using third-party S3 clones like wasabi, also do: | |
# config :ex_aws, :s3, | |
# host: "s3.wasabisys.com" | |
config :joken, default_signer: "LJZXd8gPKOergBqba7EIStdK3QCcrj9EmlC0Y55Pq3PD/Jd7NFR+6QzUxS0pspd/" | |
config :pleroma, configurable_from_database: true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# default nginx site config for Pleroma | |
# | |
# Simple installation instructions: | |
# 1. Install your TLS certificate, possibly using Let's Encrypt. | |
# 2. Replace 'example.tld' with your instance's domain wherever it appears. | |
# 3. Copy this file to /etc/nginx/sites-available/ and then add a symlink to it | |
# in /etc/nginx/sites-enabled/ and run 'nginx -s reload' or restart nginx. | |
proxy_cache_path /tmp/pleroma-media-cache levels=1:2 keys_zone=pleroma_media_cache:10m max_size=10g | |
inactive=720m use_temp_path=off; | |
server { | |
server_name pl.aiazfnqgic2a2p7g5l25ufa67q.ygg ancap.istan.to [201:92b6:640:b40d:3fe6:eaf5:da14:1efc]; | |
listen 80; | |
listen [::]:80; | |
gzip_vary on; | |
gzip_proxied any; | |
gzip_comp_level 6; | |
gzip_buffers 16 8k; | |
gzip_http_version 1.1; | |
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript application/activity+json application/atom+xml; | |
# the nginx default is 1m, not enough for large media uploads | |
client_max_body_size 16m; | |
location / { | |
# Fix images | |
sub_filter '"http://pl.aiazfnqgic2a2p7g5l25ufa67q.ygg"' '"http://$host"'; | |
sub_filter http://pl.aiazfnqgic2a2p7g5l25ufa67q.ygg/media/ http://$host/media/; | |
sub_filter http://pl.aiazfnqgic2a2p7g5l25ufa67q.ygg/images/ http://$host/images/; | |
sub_filter ws://pl.aiazfnqgic2a2p7g5l25ufa67q.ygg ws://$host; | |
sub_filter_once off; | |
sub_filter_types application/json; | |
proxy_http_version 1.1; | |
proxy_set_header Upgrade $http_upgrade; | |
proxy_set_header Connection "upgrade"; | |
proxy_set_header Host $http_host; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
# this is explicitly IPv4 since Pleroma.Web.Endpoint binds on IPv4 only | |
# and `localhost.` resolves to [::0] on some systems: see issue #930 | |
proxy_pass http://127.0.0.1:4000; | |
client_max_body_size 16m; | |
} | |
location ~ ^/(media|proxy) { | |
proxy_cache pleroma_media_cache; | |
slice 1m; | |
proxy_cache_key $host$uri$is_args$args$slice_range; | |
proxy_set_header Range $slice_range; | |
proxy_http_version 1.1; | |
proxy_cache_valid 200 206 301 304 1h; | |
proxy_cache_lock on; | |
proxy_ignore_client_abort on; | |
proxy_buffering on; | |
chunked_transfer_encoding on; | |
proxy_pass http://127.0.0.1:4000; | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment