pleroma

Gráfico de commits

Autor	SHA1	Mensaje	Fecha
shibayashi	64035201b5	Security/Drops the sysadmin privilege from the daemon	hace 5 años
scarlett	4b40e4188c	Simplify the NetBSD rc script.	hace 5 años
scarlett	9d3eda1959	Add an rc.d script for NetBSD.	hace 5 años
nonlinear	75f2177d5b	Update/add OpenBSD config files	hace 5 años
nonlinear	04513a13e0	Added init file for OpenBSD	hace 5 años
Mark Felder	d56772c813	proxy buffering still needs to be off	hace 5 años
Mark Felder	48c4f88ffd	Update proxy config to improve behavior and allow compatibility with Safari on MacOS and iOS	hace 5 años
href	97b00d366f	reverse_proxy: more headers	hace 5 años
shibayashi	124a9bb7a5	Add MIX_ENV=prod	hace 5 años
William Pitcock	e4bd5a6950	example configs: kill STS/CT headers	hace 5 años
William Pitcock	057a9017b3	example configs: remove obsolete CSP configuration	hace 5 años
William Pitcock	fd918863aa	nginx example config: remove CORS headers, now managed by CORSPlug.	hace 5 años
Hakaba Hitoyo	3ea4f9ac8d	Remove Access-Control-Allow-Origin	hace 5 años
shibayashi	800d233631	Use example.tld so a single search and replace works	hace 5 años
shibayashi	941f9a888c	Update instructions	hace 5 años
shibayashi	732d3fce73	Use the same example domain in all config examples	hace 5 años
shibayashi	56c49513e0	Use the server name as variable	hace 5 años
shibayashi	043cb7138e	Add a little bit more detail in the comments.	hace 5 años
shibayashi	0a58428de6	Add some security related directives to the systemd service example	hace 5 años
barrucadu	a32e013909	Relax form-action content security policy 'self' only allows forms submitted to the same origin, which breaks the "remote follow" form. To allow remote following, we want to allow forms to be submitted to any host.	hace 5 años
shibayashi	8a4e2f48bf	installation/pleroma-apache.conf: OCSP stapling needs to be outside of the virtualhost directive	hace 5 años
shibayashi	d027c53d75	Add frame-ancestors 'none' to all configs	hace 5 años
shibayashi	d035566116	installation/pleroma.nginx: Add 'always' to the security headers, so that they are included regardless of the status code	hace 5 años
shibayashi	64388c420a	installation/pleroma-apache.conf: Add TLS configuration and security headers	hace 5 años
shibayashi	3487e15963	installation/pleroma.vcl: Add HTTP security headers	hace 5 años
shibayashi	82e661cd07	installation/caddyfile-pleroma.example: Add Content-Security-Policy	hace 5 años
Haelwenn (lanodan) Monnier	0fd2eaf7af	installation/pleroma.nginx: Add Content-Security-Policy Closes: https://git.pleroma.social/pleroma/pleroma/issues/266	hace 5 años
shibayashi	bff5ed154f	Improve example Caddyfile	hace 5 años
vaartis	9c5ca9e15e	Add an OpenRC service	hace 5 años
Artik Banana	394d0c94c4	Add comment about TLS curves for older servers.	hace 6 años
dex	750cfbf38d	* fix nginx 1.15 warning: nginx: [warn] the "ssl" directive is deprecated, use the "listen ... ssl" directive instead	hace 6 años
Artik Banana	93c614bf13	* Removed TLSv1 and TLSv1.1 * Added OCSP Stapling * Added SSL Cache * Changed ciphers * Specified ECDH curves	hace 6 años
Artik Banana	c645a8de2b	Security upgrades: * Removed TLSv1 and TLSv1.1 * Added OCSP Stapling * Added SSL Cache * Changed ciphers * Specified ECDH curves	hace 6 años
witti	13925e0eb3	caddy config example	hace 6 años
Dominik V. Salonen	a6fd9c4b00	Update pleroma.nginx proxy_ignore_client_abort will continue to fetch from upstream even if a client aborts the connection. This is highly recommended when cache is being used. If a client leaves/refreshes the page while a user's avatar or some other media is halfway loaded, the cached copy might in some cases be broken. Leaving future requests to the same URL broken until cache expires.	hace 6 años
Niklas Poslovski	f0e8194a71	Repair some access-control headers required for third-party webclients	hace 6 años
Niklas Poslovski	d81a4e9280	Add access-control-expose-headers to Nginx default config	hace 6 años
Normandy	38f5f6f659	Remove alias directive in service file Systemd will complain otherwise.	hace 6 años
Mark Felder	a85d051675	Don't strip headers from backend for /notice/ either	hace 6 años
Mark Felder	4233b1504f	Caching notice URLs does not produce pleasant results	hace 6 años
Artik Banana	0a1fd8adf0	Added headers for a more secure default.	hace 6 años
csaurus	1c6a691570	Add info about certbot with the webroot plugin to pleroma.nginx	hace 6 años
Mark Felder	8dbb4c6c50	Remove hack for /about/more as we are doing this in Pleroma now	hace 6 años
Mark Felder	5256c712dc	Caching /objects/ URLs breaks them in Mastoweb as they don't redirect to the /notice/ Not sure why it matters if you cache it or not. What's different about this JSON blob? Perhaps it's a header that needs to be set for the redirect to happen?	hace 6 años
Mark Felder	fcb32345d7	Remove attempted caching of toots This does not work as expected. We should not attempt to be clever here. Varnish will do the right thing if we just teach Pleroma to set headers properly for content we know can be cached.	hace 6 años
Stanislas	73ca18744e	Indentation for Apache vhost	hace 6 años
nepfag	5cb3d441bc	Apache config for everything on one host.	hace 6 años
Hector A. Escobedo	7e262c2997	Fix max upload size in nginx config. The built-in nginx default does not allow users to upload images larger than 1 MB. This increases the maximum request size to match the default Pleroma config upload_limit parameter. Some helpful comments were also added.	hace 6 años
lambda	f5943f4a59	Delete Caddyfile It doesn't work correctly.	hace 6 años
William Pitcock	d8464b603e	nginx: document how to enable CORS support	hace 6 años

1 2

73 Commits (7ac152ed38267bde3e318fab82db7d7d610cdbbb)