Merge pull request #96 from immers-space/ignore-junk
Efficiency and compatibility updates
This commit is contained in:
commit
7f1da8594b
5 changed files with 2973 additions and 2014 deletions
|
@ -1,3 +1,11 @@
|
|||
## v1.5.1 (2023-06-23)
|
||||
Efficiency and compatibility updates
|
||||
### Fixed
|
||||
* Detect and bail out on irrelevant activities earlier in the flow to save work (several softwares seem to be spamming every known guppe actor with all their public activity)
|
||||
* Fix cache retrieval of actor keys during signature verification
|
||||
* Detect and bail out on unverifiable deletes before trying to fetch the actor
|
||||
* Fix real ip address not logged behind reverse proxy
|
||||
* Increase log storage
|
||||
## v1.5.0 (2023-05-26)
|
||||
|
||||
### Added
|
||||
|
|
|
@ -9,13 +9,23 @@ services:
|
|||
- "node.labels.web==true"
|
||||
restart: always
|
||||
ports:
|
||||
- 80:80
|
||||
- 443:443
|
||||
- mode: host
|
||||
protocol: tcp
|
||||
published: 80
|
||||
target: 80
|
||||
- mode: host
|
||||
protocol: tcp
|
||||
published: 443
|
||||
target: 443
|
||||
volumes:
|
||||
- ssl_data:/etc/resty-auto-ssl
|
||||
depends_on:
|
||||
- guppe
|
||||
env_file: '.env'
|
||||
logging:
|
||||
driver: local
|
||||
options:
|
||||
max-size: '100m'
|
||||
guppe:
|
||||
image: datatitian/guppe
|
||||
deploy:
|
||||
|
@ -34,7 +44,7 @@ services:
|
|||
logging:
|
||||
driver: local
|
||||
options:
|
||||
max-size: '10m'
|
||||
max-size: '100m'
|
||||
healthcheck:
|
||||
test: ["CMD", "curl", "-f", "http://localhost:8085"]
|
||||
interval: 1m30s
|
||||
|
@ -60,7 +70,7 @@ services:
|
|||
logging:
|
||||
driver: local
|
||||
options:
|
||||
max-size: '10m'
|
||||
max-size: '100m'
|
||||
|
||||
mongodb:
|
||||
image: mongo:4.2
|
||||
|
@ -76,7 +86,7 @@ services:
|
|||
logging:
|
||||
driver: local
|
||||
options:
|
||||
max-size: '10m'
|
||||
max-size: '100m'
|
||||
|
||||
volumes:
|
||||
mongo-data:
|
||||
|
|
25
index.js
25
index.js
|
@ -56,7 +56,7 @@ const apex = ActivitypubExpress({
|
|||
})
|
||||
|
||||
app.use(
|
||||
morgan(':remote-addr - :remote-user [:date[clf]] ":method :url HTTP/:http-version" :status Accepts ":req[accept]" ":referrer" ":user-agent"'),
|
||||
morgan(':remote-addr - :remote-user [:date[clf]] ":method :url HTTP/:http-version" :status ":referrer" ":user-agent"'),
|
||||
express.json({ type: apex.consts.jsonldTypes }),
|
||||
apex,
|
||||
function checkAdminKey (req, res, next) {
|
||||
|
@ -92,6 +92,24 @@ async function actorOnDemand (req, res, next) {
|
|||
} catch (err) { return next(err) }
|
||||
next()
|
||||
}
|
||||
// Lots of servers are delivering inappropriate activities to Guppe, move the filtering up earlier in the process to save work
|
||||
apex.net.inbox.post.slice(
|
||||
// just after standardizing the jsonld
|
||||
apex.net.inbox.post.indexOf(apex.net.validators.jsonld) + 1,
|
||||
0,
|
||||
function (req, res, next) {
|
||||
try {
|
||||
const groupIRI = apex.utils.usernameToIRI(apex.actorParam)
|
||||
if (!apex.audienceFromActivity(req.body).includes(groupIRI) && !req.body.object?.[0] === groupIRI) {
|
||||
console.log('Ignoring irrelevant activity', req.body)
|
||||
return res.status(202).send('Irrelevant activity ignored')
|
||||
}
|
||||
} catch (err) {
|
||||
console.warn('Error performing prefilter:', err)
|
||||
}
|
||||
next()
|
||||
}
|
||||
)
|
||||
// Do not boost posts from servers who abuse the service.
|
||||
apex.net.inbox.post.splice(
|
||||
// Blocked domain check is inserted into apex inbox route right after the sender is verified
|
||||
|
@ -145,11 +163,6 @@ app.on('apex-inbox', async ({ actor, activity, recipient, object }) => {
|
|||
switch (activity.type.toLowerCase()) {
|
||||
// automatically reshare incoming posts
|
||||
case 'create': {
|
||||
// check audience to ignore forwarded messages not adddressed to group
|
||||
const audience = apex.audienceFromActivity(activity)
|
||||
if (!audience.includes(recipient.id) || !activity.object?.length) {
|
||||
return
|
||||
}
|
||||
const to = [
|
||||
recipient.followers[0],
|
||||
apex.consts.publicAddress
|
||||
|
|
4932
package-lock.json
generated
4932
package-lock.json
generated
File diff suppressed because it is too large
Load diff
|
@ -5,7 +5,7 @@
|
|||
"main": "index.js",
|
||||
"dependencies": {
|
||||
"@small-tech/auto-encrypt": "^3.1.0",
|
||||
"activitypub-express": "^4.3.0",
|
||||
"activitypub-express": "^4.4.0",
|
||||
"connect-history-api-fallback": "^2.0.0",
|
||||
"cors": "^2.8.4",
|
||||
"dotenv": "^16.0.3",
|
||||
|
|
Loading…
Reference in a new issue