Merge pull request #96 from immers-space/ignore-junk
Efficiency and compatibility updates
This commit is contained in:
commit
7f1da8594b
5 changed files with 2973 additions and 2014 deletions
|
@ -1,3 +1,11 @@
|
||||||
|
## v1.5.1 (2023-06-23)
|
||||||
|
Efficiency and compatibility updates
|
||||||
|
### Fixed
|
||||||
|
* Detect and bail out on irrelevant activities earlier in the flow to save work (several softwares seem to be spamming every known guppe actor with all their public activity)
|
||||||
|
* Fix cache retrieval of actor keys during signature verification
|
||||||
|
* Detect and bail out on unverifiable deletes before trying to fetch the actor
|
||||||
|
* Fix real ip address not logged behind reverse proxy
|
||||||
|
* Increase log storage
|
||||||
## v1.5.0 (2023-05-26)
|
## v1.5.0 (2023-05-26)
|
||||||
|
|
||||||
### Added
|
### Added
|
||||||
|
|
|
@ -9,13 +9,23 @@ services:
|
||||||
- "node.labels.web==true"
|
- "node.labels.web==true"
|
||||||
restart: always
|
restart: always
|
||||||
ports:
|
ports:
|
||||||
- 80:80
|
- mode: host
|
||||||
- 443:443
|
protocol: tcp
|
||||||
|
published: 80
|
||||||
|
target: 80
|
||||||
|
- mode: host
|
||||||
|
protocol: tcp
|
||||||
|
published: 443
|
||||||
|
target: 443
|
||||||
volumes:
|
volumes:
|
||||||
- ssl_data:/etc/resty-auto-ssl
|
- ssl_data:/etc/resty-auto-ssl
|
||||||
depends_on:
|
depends_on:
|
||||||
- guppe
|
- guppe
|
||||||
env_file: '.env'
|
env_file: '.env'
|
||||||
|
logging:
|
||||||
|
driver: local
|
||||||
|
options:
|
||||||
|
max-size: '100m'
|
||||||
guppe:
|
guppe:
|
||||||
image: datatitian/guppe
|
image: datatitian/guppe
|
||||||
deploy:
|
deploy:
|
||||||
|
@ -34,7 +44,7 @@ services:
|
||||||
logging:
|
logging:
|
||||||
driver: local
|
driver: local
|
||||||
options:
|
options:
|
||||||
max-size: '10m'
|
max-size: '100m'
|
||||||
healthcheck:
|
healthcheck:
|
||||||
test: ["CMD", "curl", "-f", "http://localhost:8085"]
|
test: ["CMD", "curl", "-f", "http://localhost:8085"]
|
||||||
interval: 1m30s
|
interval: 1m30s
|
||||||
|
@ -60,7 +70,7 @@ services:
|
||||||
logging:
|
logging:
|
||||||
driver: local
|
driver: local
|
||||||
options:
|
options:
|
||||||
max-size: '10m'
|
max-size: '100m'
|
||||||
|
|
||||||
mongodb:
|
mongodb:
|
||||||
image: mongo:4.2
|
image: mongo:4.2
|
||||||
|
@ -76,7 +86,7 @@ services:
|
||||||
logging:
|
logging:
|
||||||
driver: local
|
driver: local
|
||||||
options:
|
options:
|
||||||
max-size: '10m'
|
max-size: '100m'
|
||||||
|
|
||||||
volumes:
|
volumes:
|
||||||
mongo-data:
|
mongo-data:
|
||||||
|
|
25
index.js
25
index.js
|
@ -56,7 +56,7 @@ const apex = ActivitypubExpress({
|
||||||
})
|
})
|
||||||
|
|
||||||
app.use(
|
app.use(
|
||||||
morgan(':remote-addr - :remote-user [:date[clf]] ":method :url HTTP/:http-version" :status Accepts ":req[accept]" ":referrer" ":user-agent"'),
|
morgan(':remote-addr - :remote-user [:date[clf]] ":method :url HTTP/:http-version" :status ":referrer" ":user-agent"'),
|
||||||
express.json({ type: apex.consts.jsonldTypes }),
|
express.json({ type: apex.consts.jsonldTypes }),
|
||||||
apex,
|
apex,
|
||||||
function checkAdminKey (req, res, next) {
|
function checkAdminKey (req, res, next) {
|
||||||
|
@ -92,6 +92,24 @@ async function actorOnDemand (req, res, next) {
|
||||||
} catch (err) { return next(err) }
|
} catch (err) { return next(err) }
|
||||||
next()
|
next()
|
||||||
}
|
}
|
||||||
|
// Lots of servers are delivering inappropriate activities to Guppe, move the filtering up earlier in the process to save work
|
||||||
|
apex.net.inbox.post.slice(
|
||||||
|
// just after standardizing the jsonld
|
||||||
|
apex.net.inbox.post.indexOf(apex.net.validators.jsonld) + 1,
|
||||||
|
0,
|
||||||
|
function (req, res, next) {
|
||||||
|
try {
|
||||||
|
const groupIRI = apex.utils.usernameToIRI(apex.actorParam)
|
||||||
|
if (!apex.audienceFromActivity(req.body).includes(groupIRI) && !req.body.object?.[0] === groupIRI) {
|
||||||
|
console.log('Ignoring irrelevant activity', req.body)
|
||||||
|
return res.status(202).send('Irrelevant activity ignored')
|
||||||
|
}
|
||||||
|
} catch (err) {
|
||||||
|
console.warn('Error performing prefilter:', err)
|
||||||
|
}
|
||||||
|
next()
|
||||||
|
}
|
||||||
|
)
|
||||||
// Do not boost posts from servers who abuse the service.
|
// Do not boost posts from servers who abuse the service.
|
||||||
apex.net.inbox.post.splice(
|
apex.net.inbox.post.splice(
|
||||||
// Blocked domain check is inserted into apex inbox route right after the sender is verified
|
// Blocked domain check is inserted into apex inbox route right after the sender is verified
|
||||||
|
@ -145,11 +163,6 @@ app.on('apex-inbox', async ({ actor, activity, recipient, object }) => {
|
||||||
switch (activity.type.toLowerCase()) {
|
switch (activity.type.toLowerCase()) {
|
||||||
// automatically reshare incoming posts
|
// automatically reshare incoming posts
|
||||||
case 'create': {
|
case 'create': {
|
||||||
// check audience to ignore forwarded messages not adddressed to group
|
|
||||||
const audience = apex.audienceFromActivity(activity)
|
|
||||||
if (!audience.includes(recipient.id) || !activity.object?.length) {
|
|
||||||
return
|
|
||||||
}
|
|
||||||
const to = [
|
const to = [
|
||||||
recipient.followers[0],
|
recipient.followers[0],
|
||||||
apex.consts.publicAddress
|
apex.consts.publicAddress
|
||||||
|
|
4930
package-lock.json
generated
4930
package-lock.json
generated
File diff suppressed because it is too large
Load diff
|
@ -5,7 +5,7 @@
|
||||||
"main": "index.js",
|
"main": "index.js",
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
"@small-tech/auto-encrypt": "^3.1.0",
|
"@small-tech/auto-encrypt": "^3.1.0",
|
||||||
"activitypub-express": "^4.3.0",
|
"activitypub-express": "^4.4.0",
|
||||||
"connect-history-api-fallback": "^2.0.0",
|
"connect-history-api-fallback": "^2.0.0",
|
||||||
"cors": "^2.8.4",
|
"cors": "^2.8.4",
|
||||||
"dotenv": "^16.0.3",
|
"dotenv": "^16.0.3",
|
||||||
|
|
Loading…
Reference in a new issue