Browse Source

Disable federation by default (#20045)

pull/18165/merge
Gusted 2 weeks ago committed by GitHub
parent
commit
02d745827b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 14
      custom/conf/app.example.ini
  2. 2
      docs/content/doc/advanced/config-cheat-sheet.en-us.md
  3. 34
      integrations/api_activitypub_person_test.go
  4. 13
      integrations/api_nodeinfo_test.go
  5. 2
      modules/setting/federation.go

14
custom/conf/app.example.ini

@ -2249,27 +2249,27 @@ PATH =
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;;
;; Enable/Disable federation capabilities
; ENABLED = true
;ENABLED = false
;;
;; Enable/Disable user statistics for nodeinfo if federation is enabled
; SHARE_USER_STATISTICS = true
;SHARE_USER_STATISTICS = true
;;
;; Maximum federation request and response size (MB)
; MAX_SIZE = 4
;MAX_SIZE = 4
;;
;; WARNING: Changing the settings below can break federation.
;;
;; HTTP signature algorithms
; ALGORITHMS = rsa-sha256, rsa-sha512, ed25519
;ALGORITHMS = rsa-sha256, rsa-sha512, ed25519
;;
;; HTTP signature digest algorithm
; DIGEST_ALGORITHM = SHA-256
;DIGEST_ALGORITHM = SHA-256
;;
;; GET headers for federation requests
; GET_HEADERS = (request-target), Date
;GET_HEADERS = (request-target), Date
;;
;; POST headers for federation requests
; POST_HEADERS = (request-target), Date, Digest
;POST_HEADERS = (request-target), Date, Digest
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

2
docs/content/doc/advanced/config-cheat-sheet.en-us.md

@ -1088,7 +1088,7 @@ Task queue configuration has been moved to `queue.task`. However, the below conf
## Federation (`federation`)
- `ENABLED`: **true**: Enable/Disable federation capabilities
- `ENABLED`: **false**: Enable/Disable federation capabilities
- `SHARE_USER_STATISTICS`: **true**: Enable/Disable user statistics for nodeinfo if federation is enabled
- `MAX_SIZE`: **4**: Maximum federation request and response size (MB)

34
integrations/api_activitypub_person_test.go

@ -15,18 +15,21 @@ import (
user_model "code.gitea.io/gitea/models/user"
"code.gitea.io/gitea/modules/activitypub"
"code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/routers"
ap "github.com/go-ap/activitypub"
"github.com/stretchr/testify/assert"
)
func TestActivityPubPerson(t *testing.T) {
onGiteaRun(t, func(*testing.T, *url.URL) {
setting.Federation.Enabled = true
defer func() {
setting.Federation.Enabled = false
}()
setting.Federation.Enabled = true
c = routers.NormalRoutes()
defer func() {
setting.Federation.Enabled = false
c = routers.NormalRoutes()
}()
onGiteaRun(t, func(*testing.T, *url.URL) {
username := "user2"
req := NewRequestf(t, "GET", fmt.Sprintf("/api/v1/activitypub/user/%s", username))
resp := MakeRequest(t, req, http.StatusOK)
@ -56,12 +59,14 @@ func TestActivityPubPerson(t *testing.T) {
}
func TestActivityPubMissingPerson(t *testing.T) {
onGiteaRun(t, func(*testing.T, *url.URL) {
setting.Federation.Enabled = true
defer func() {
setting.Federation.Enabled = false
}()
setting.Federation.Enabled = true
c = routers.NormalRoutes()
defer func() {
setting.Federation.Enabled = false
c = routers.NormalRoutes()
}()
onGiteaRun(t, func(*testing.T, *url.URL) {
req := NewRequestf(t, "GET", "/api/v1/activitypub/user/nonexistentuser")
resp := MakeRequest(t, req, http.StatusNotFound)
assert.Contains(t, resp.Body.String(), "user redirect does not exist")
@ -69,15 +74,20 @@ func TestActivityPubMissingPerson(t *testing.T) {
}
func TestActivityPubPersonInbox(t *testing.T) {
setting.Federation.Enabled = true
c = routers.NormalRoutes()
defer func() {
setting.Federation.Enabled = false
c = routers.NormalRoutes()
}()
srv := httptest.NewServer(c)
defer srv.Close()
onGiteaRun(t, func(*testing.T, *url.URL) {
appURL := setting.AppURL
setting.Federation.Enabled = true
setting.AppURL = srv.URL
defer func() {
setting.Federation.Enabled = false
setting.Database.LogSQL = false
setting.AppURL = appURL
}()

13
integrations/api_nodeinfo_test.go

@ -11,17 +11,20 @@ import (
"code.gitea.io/gitea/modules/setting"
api "code.gitea.io/gitea/modules/structs"
"code.gitea.io/gitea/routers"
"github.com/stretchr/testify/assert"
)
func TestNodeinfo(t *testing.T) {
onGiteaRun(t, func(*testing.T, *url.URL) {
setting.Federation.Enabled = true
defer func() {
setting.Federation.Enabled = false
}()
setting.Federation.Enabled = true
c = routers.NormalRoutes()
defer func() {
setting.Federation.Enabled = false
c = routers.NormalRoutes()
}()
onGiteaRun(t, func(*testing.T, *url.URL) {
req := NewRequestf(t, "GET", "/api/v1/nodeinfo")
resp := MakeRequest(t, req, http.StatusOK)
var nodeinfo api.NodeInfo

2
modules/setting/federation.go

@ -21,7 +21,7 @@ var (
GetHeaders []string
PostHeaders []string
}{
Enabled: true,
Enabled: false,
ShareUserStatistics: true,
MaxSize: 4,
Algorithms: []string{"rsa-sha256", "rsa-sha512", "ed25519"},

Loading…
Cancel
Save