From a8a86e8bbff63dfdefc70dc905fff61af688c52d Mon Sep 17 00:00:00 2001 From: Madeline <46743919+MaddyUnderStars@users.noreply.github.com> Date: Sat, 8 Apr 2023 15:00:42 +1000 Subject: [PATCH] Prettier! --- .github/workflows/build.yml | 2 +- .vscode/settings.json | 7 +- docs/assets/extra.css | 2 +- docs/contributing/conduct.md | 40 +-- docs/contributing/index.md | 18 +- docs/contributing/instances.md | 12 +- docs/contributing/server/migrations.md | 5 +- docs/setup/bots/index.md | 12 +- docs/setup/clients/index.md | 34 +-- docs/setup/server/configuration/env.md | 32 +-- docs/setup/server/configuration/imagor.md | 2 +- docs/setup/server/configuration/index.md | 258 +++++++++---------- docs/setup/server/configuration/userFlags.md | 2 +- docs/setup/server/email.md | 26 +- docs/setup/server/index.md | 18 +- docs/setup/server/maintenance/restart.md | 18 +- docs/setup/server/security/limits.md | 24 +- docs/setup/server/security/regTokens.md | 16 +- 18 files changed, 262 insertions(+), 266 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 87143e0..b57fdde 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -12,7 +12,7 @@ jobs: - uses: actions/setup-python@v2 with: python-version: 3.x - - run: python3 -m pip install mkdocs-material mkdocs-swagger-ui-tag mkdocs-section-index mkdocs-macros-plugin + - run: python3 -m pip install mkdocs-material mkdocs-swagger-ui-tag mkdocs-section-index mkdocs-macros-plugin - run: mkdocs build - run: echo docs.spacebar.chat >> site/CNAME - name: Deploy 🚀 diff --git a/.vscode/settings.json b/.vscode/settings.json index ff11880..3a496b2 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -1,8 +1,3 @@ { - "cSpell.words": [ - "landingpage", - "Middlewares", - "Roadmap", - "screenshare" - ] + "cSpell.words": ["landingpage", "Middlewares", "Roadmap", "screenshare"] } diff --git a/docs/assets/extra.css b/docs/assets/extra.css index 9d6f319..88009d5 100644 --- a/docs/assets/extra.css +++ b/docs/assets/extra.css @@ -23,4 +23,4 @@ display: grid; grid-template-columns: repeat(auto-fit, minmax(250px, 1fr)); margin-bottom: 15px; -} \ No newline at end of file +} diff --git a/docs/contributing/conduct.md b/docs/contributing/conduct.md index fb73031..9519461 100644 --- a/docs/contributing/conduct.md +++ b/docs/contributing/conduct.md @@ -12,32 +12,32 @@ By contributing to any {{ project.name }} projects (for example, through pull re ### Desirable Behaviour -- If possible, provide assistance with {{ project.name }} projects to other users. -- Be respectful toward other's opinions and viewpoints. -- Accepting responsibility and apologizing to those affected for our mistakes. +- If possible, provide assistance with {{ project.name }} projects to other users. +- Be respectful toward other's opinions and viewpoints. +- Accepting responsibility and apologizing to those affected for our mistakes. ### Prohibited Behaviour -- Sharing leaked, proprietary source code from Discord Inc -- Homophobia, transphobia, etc, misgendering, deadnaming, assuming gender. You should use singular they/them when in doubt. -- Threats of violence -- Harassment -- Spreading hateful, violent, or discriminatory ideologies or conspiracy theories, via media or text (including avatars and nicknames) -- Trolling. Intentionally derailing conversations or producing discussions on non-issues. -- Doxing. Disclosing other's private information without their consent. -- Spamming. This includes sending advertisements, repeatedly sending meaningless content, sending server invites unrequested. -- Sharing media that may cause harm or be triggering to others, such as flashing imagery or gore. -- Undesired automation of services that may lead to a reduction in service quality. For example, API spam of a {{ project.name }} instance. -- Ban evasion. Creation of additional accounts used to join a community after being banned from that community. -- Posting content that is illegal to publish or distribute in Germany. -- Abusing loopholes in this code of conduct, or being in conflict with the goals of this code of conduct. +- Sharing leaked, proprietary source code from Discord Inc +- Homophobia, transphobia, etc, misgendering, deadnaming, assuming gender. You should use singular they/them when in doubt. +- Threats of violence +- Harassment +- Spreading hateful, violent, or discriminatory ideologies or conspiracy theories, via media or text (including avatars and nicknames) +- Trolling. Intentionally derailing conversations or producing discussions on non-issues. +- Doxing. Disclosing other's private information without their consent. +- Spamming. This includes sending advertisements, repeatedly sending meaningless content, sending server invites unrequested. +- Sharing media that may cause harm or be triggering to others, such as flashing imagery or gore. +- Undesired automation of services that may lead to a reduction in service quality. For example, API spam of a {{ project.name }} instance. +- Ban evasion. Creation of additional accounts used to join a community after being banned from that community. +- Posting content that is illegal to publish or distribute in Germany. +- Abusing loopholes in this code of conduct, or being in conflict with the goals of this code of conduct. ### Consequences of Violation -- Written warnings, followed by kicks or bans if repeated. -- If a violation is particularly egregious, an immediate kick or ban may be issued. -- Offending content may be removed -- Kicks and bans apply to all communities administered by the {{ project.name }} maintainers group. +- Written warnings, followed by kicks or bans if repeated. +- If a violation is particularly egregious, an immediate kick or ban may be issued. +- Offending content may be removed +- Kicks and bans apply to all communities administered by the {{ project.name }} maintainers group. ### Reporting problems diff --git a/docs/contributing/index.md b/docs/contributing/index.md index 345f793..aa1f312 100644 --- a/docs/contributing/index.md +++ b/docs/contributing/index.md @@ -4,13 +4,13 @@ ## Style and a note on etiquette -- We use [prettier](https://www.npmjs.com/package/prettier) for code formatting. We have a `.prettierrc` file in {{ project.name.lower() }}-server's root +- We use [prettier](https://www.npmjs.com/package/prettier) for code formatting. We have a `.prettierrc` file in {{ project.name.lower() }}-server's root and use a git precommit hook to autorun it. -- Try to stay consistent with the rest of the project -- Try to keep each commit to a single feature or idea, with descriptions of what it is and why it is done. No "Large refactor" commits that touch every file, +- Try to stay consistent with the rest of the project +- Try to keep each commit to a single feature or idea, with descriptions of what it is and why it is done. No "Large refactor" commits that touch every file, unless absolutely required due to the nature of change. -- Leave comments in your code about why something is done when appropriate, not just what it is doing. -- If you're working on a feature, please announce that you're working on it (in the relevant GH issue or our Discord, preferably both), +- Leave comments in your code about why something is done when appropriate, not just what it is doing. +- If you're working on a feature, please announce that you're working on it (in the relevant GH issue or our Discord, preferably both), so that we can work more effectively and minimise conflicting change attempts. Additionally, please do not try to snipe features that others are working on. @@ -18,10 +18,10 @@ {{ project.name }} is written in Typescript and is comprised of 4 main parts: -- REST HTTP API server -- Websocket Gateway server for realtime communication with clients -- HTTP CDN server for storing user file content. -- `utils` module to separate our database models, schemas, and other things from the above 3 components. +- REST HTTP API server +- Websocket Gateway server for realtime communication with clients +- HTTP CDN server for storing user file content. +- `utils` module to separate our database models, schemas, and other things from the above 3 components. ## Implementing endpoints, opcodes, etc diff --git a/docs/contributing/instances.md b/docs/contributing/instances.md index 3d52001..2207f07 100644 --- a/docs/contributing/instances.md +++ b/docs/contributing/instances.md @@ -8,7 +8,7 @@ Your instance: 1. Rules must be in line with our [Code of Conduct](conduct.md). 2. Must not contain any Discord Inc. branding, such as including "cord" in the name or the Discord logo in promotional material. 3. Must not host the Discord Inc. client in any capacity. -4. Must be moderated for *at least* publically accessible guilds. This includes guilds accessible from Discovery or a 'guild directory' channel in an auto join guild. +4. Must be moderated for _at least_ publically accessible guilds. This includes guilds accessible from Discovery or a 'guild directory' channel in an auto join guild. 5. Must have at least regular uptime, meaning it is available at a consistent time of day. 6. Must have a valid and monitored [`general_correspondenceEmail` config](/setup/server/configuration) set. 7. must not have default [rights](/setup/server/security/rights) that include operator or other administrative rights. @@ -16,8 +16,8 @@ Your instance: We recommend (not required) that you: -- Enable [Email verification](/setup/server/email), for anti-spam purposes -- Enable [Captcha](/setup/server/security/captcha), for anti-spam purposes -- Run your instance under [SystemD](/setup/server/systemd) or a similar system in your distro, for automatic restarting -- Provide some mechanism for users to report content. This may be as simple as more openly advertising your correspondence email (i.e. outside `GET /api/policies/instance` or `/api/ping`) -- Provide some mechanism for instance status, such as [Grafana](https://grafana.com/). \ No newline at end of file +- Enable [Email verification](/setup/server/email), for anti-spam purposes +- Enable [Captcha](/setup/server/security/captcha), for anti-spam purposes +- Run your instance under [SystemD](/setup/server/systemd) or a similar system in your distro, for automatic restarting +- Provide some mechanism for users to report content. This may be as simple as more openly advertising your correspondence email (i.e. outside `GET /api/policies/instance` or `/api/ping`) +- Provide some mechanism for instance status, such as [Grafana](https://grafana.com/). diff --git a/docs/contributing/server/migrations.md b/docs/contributing/server/migrations.md index 6abd582..c196c63 100644 --- a/docs/contributing/server/migrations.md +++ b/docs/contributing/server/migrations.md @@ -2,8 +2,8 @@ ## What you need to know -- SQL -- Preferably the various syntax of SQL used by MariaDB/MySQL and Postgres. +- SQL +- Preferably the various syntax of SQL used by MariaDB/MySQL and Postgres. Although if you only write the migration for one, making a PR so others can is good enough. ## Generating Migrations @@ -20,6 +20,7 @@ To generate a database migration in {{ project.name.lower() }}-server: where `:dbms:` is the db you use, and `:migrationName:` is whatever you wish to call it. The migration must be named a valid Javascript class name. + 3. The generated file is what TypeORM will do if you were to run `npm run sync:db`. Obviously, this is not always what you want. Edit it to preserve as much of the original data as possible. diff --git a/docs/setup/bots/index.md b/docs/setup/bots/index.md index a8476af..a99d11a 100644 --- a/docs/setup/bots/index.md +++ b/docs/setup/bots/index.md @@ -18,12 +18,12 @@ the endpoints used. const { Client } = require("discord.js"); const client = new Client({ - http: { - version: 9, - api: "https://api.{{ project.domain }}", - cdn: "https://cdn.{{ project.domain }}", - invite: "https://{{ project.domain }}/invite", - }, + http: { + version: 9, + api: "https://api.{{ project.domain }}", + cdn: "https://cdn.{{ project.domain }}", + invite: "https://{{ project.domain }}/invite", + }, }); client.login("your token here"); diff --git a/docs/setup/clients/index.md b/docs/setup/clients/index.md index b7e4d9b..c93c1e7 100644 --- a/docs/setup/clients/index.md +++ b/docs/setup/clients/index.md @@ -14,13 +14,13 @@ or you can use it to connect to your own by editing your local storage to includ ```json { - "api":"https://staging.{{ project.domain }}/api/v9", - "cdn":"https://cdn.staging.{{ project.domain }}", - "gateway":"wss://gateway.staging.{{ project.domain }}", - "invite":"https://staging.{{ project.domain }}/invite", - "template":"https://staging.{{ project.domain }}/template", - "gift":"https://staging.{{ project.domain }}/gift", - "scheduledEvent":"https://staging.{{ project.domain }}/events" + "api": "https://staging.{{ project.domain }}/api/v9", + "cdn": "https://cdn.staging.{{ project.domain }}", + "gateway": "wss://gateway.staging.{{ project.domain }}", + "invite": "https://staging.{{ project.domain }}/invite", + "template": "https://staging.{{ project.domain }}/template", + "gift": "https://staging.{{ project.domain }}/gift", + "scheduledEvent": "https://staging.{{ project.domain }}/events" } ``` @@ -31,9 +31,9 @@ Replace the above endpoints with your own. If your domain name is `https://whate ### Dependencies -- [Git](https://git-scm.com/) -- [NodeJS](https://nodejs.org). Version 16+ -- [yarn](https://yarnpkg.com/) (preferred) or npm +- [Git](https://git-scm.com/) +- [NodeJS](https://nodejs.org). Version 16+ +- [yarn](https://yarnpkg.com/) (preferred) or npm In your terminal: @@ -86,13 +86,13 @@ Files will be built to `web-build` To contribute: -- [Fork the repository]({{ repositories.base_url }}/{{ repositories.client }}/fork) -- Run the building instructions. -- Commit & Push. -- Pull Request & Done! +- [Fork the repository]({{ repositories.base_url }}/{{ repositories.client }}/fork) +- Run the building instructions. +- Commit & Push. +- Pull Request & Done! ### What can I contribute? -- "Core" features like settings, editing messages, dms, markdown rendering, etc. What do you think are basic features that you would want? Some of the GitHub Issues apply to this. -- Implementing other things like voice/video is fine too, though -- [This]({{ repositories.base_url }}/{{ repositories.client }}/issues/21) is a good starting point and lists the core features that are still missing from the client. +- "Core" features like settings, editing messages, dms, markdown rendering, etc. What do you think are basic features that you would want? Some of the GitHub Issues apply to this. +- Implementing other things like voice/video is fine too, though +- [This]({{ repositories.base_url }}/{{ repositories.client }}/issues/21) is a good starting point and lists the core features that are still missing from the client. diff --git a/docs/setup/server/configuration/env.md b/docs/setup/server/configuration/env.md index 8e1d9d4..0d24c24 100644 --- a/docs/setup/server/configuration/env.md +++ b/docs/setup/server/configuration/env.md @@ -4,19 +4,19 @@ Below is a list of environment variables used by {{ project.name }}. You can set environment variables easily by creating an `.env` file in the `{{ project.name.lower() }}-server` folder, with the format `NAME=VALUE` with each on new lines. -| Name | Value | Description | -| -------------------------- | -------------- | -------------------------------------------------------------------------------------------------------------------- | -| THREADS | number | Number of threads to run {{ project.name }} on when using bundle. Make sure you've enabled RabbitMQ if using more than one | -| PORT | number | Port to listen on. Used by all components, including bundle. If using bundle, all components run under the same port | -| DATABASE | string | Database connection string. Defaults to SQlite3 at project root | -| CONFIG_PATH | string | File path for JSON config, if not using `config` db table | -| WS_LOGEVENTS | boolean | If set, log websocket events except messages from gateway | -| WS_VERBOSE | boolean | If set, log websocket messages sent/received by gateway | -| WS_DUMP | boolean | If set, dump websocket messages sent/received to disk | -| CDN | string | Lowest priority value for public CDN annoucements | -| GATEWAY | string | Lowest priority value for public gateway annoucements | -| STORAGE_LOCATION | string | CDN storage location. File path or S3 bucktet | -| STORAGE_PROVIDER | "s3" or "file" | CDN storage provider | -| STORAGE_BUCKET | string | S3 bucket name | -| STORAGE_REGION | string | S3 storage region | -| DB_LOGGING | boolean | if "true" logs all SQL queries to the terminal | +| Name | Value | Description | +| ---------------- | -------------- | -------------------------------------------------------------------------------------------------------------------------- | +| THREADS | number | Number of threads to run {{ project.name }} on when using bundle. Make sure you've enabled RabbitMQ if using more than one | +| PORT | number | Port to listen on. Used by all components, including bundle. If using bundle, all components run under the same port | +| DATABASE | string | Database connection string. Defaults to SQlite3 at project root | +| CONFIG_PATH | string | File path for JSON config, if not using `config` db table | +| WS_LOGEVENTS | boolean | If set, log websocket events except messages from gateway | +| WS_VERBOSE | boolean | If set, log websocket messages sent/received by gateway | +| WS_DUMP | boolean | If set, dump websocket messages sent/received to disk | +| CDN | string | Lowest priority value for public CDN annoucements | +| GATEWAY | string | Lowest priority value for public gateway annoucements | +| STORAGE_LOCATION | string | CDN storage location. File path or S3 bucktet | +| STORAGE_PROVIDER | "s3" or "file" | CDN storage provider | +| STORAGE_BUCKET | string | S3 bucket name | +| STORAGE_REGION | string | S3 storage region | +| DB_LOGGING | boolean | if "true" logs all SQL queries to the terminal | diff --git a/docs/setup/server/configuration/imagor.md b/docs/setup/server/configuration/imagor.md index 3daa73a..0132cac 100644 --- a/docs/setup/server/configuration/imagor.md +++ b/docs/setup/server/configuration/imagor.md @@ -8,7 +8,7 @@ privacy concerns, as an attacker may be able to learn users IP addresses. ## Dependencies -- [Docker](https://www.docker.com/) +- [Docker](https://www.docker.com/) ## Setup diff --git a/docs/setup/server/configuration/index.md b/docs/setup/server/configuration/index.md index 079ccff..15c6066 100644 --- a/docs/setup/server/configuration/index.md +++ b/docs/setup/server/configuration/index.md @@ -19,137 +19,137 @@ Arrays are represented by \_[number] in a config key. For example, multiple `gui ## Available Configuration Options -| key | default | type | description | -| -------------------------------------------------- | -------------------------------------------------------- | ---------------------------------------- | --------------------------------------------------------------------- | -| gateway_endpointPrivate | null | string | Used for internal communication with gateway | -| gateway_endpointPublic | null | string | Publicly announced gateway endpoint | -| cdn_endpointPrivate | | string | See gateway_endpointPrivate | -| cdn_endpointPublic | | string | See gateway_endpointPublic | -| cdn_resizeHeightMax | 1000 | number | Maximum image resize height for embeds. | -| cdn_resizeWidthMax | 1000 | number | Maximum image resize width for embeds. | -| [cdn_imagorServerUrl](imagor.md) | null | string | Imagor instance endpoint for external image resizing. | -| api_defaultVersion | 9 | string | API version to use when not specified | -| api_activeVersions_0 | 6, 7, 8, 9 | string[] | Allowed API version numbers. [Array](#array-types). | -| api_endpointPublic | "/api" | string | See gateway_endpointPublic | +| key | default | type | description | +| -------------------------------------------------- | ------------------------------------------------------------------ | ---------------------------------------- | --------------------------------------------------------------------- | +| gateway_endpointPrivate | null | string | Used for internal communication with gateway | +| gateway_endpointPublic | null | string | Publicly announced gateway endpoint | +| cdn_endpointPrivate | | string | See gateway_endpointPrivate | +| cdn_endpointPublic | | string | See gateway_endpointPublic | +| cdn_resizeHeightMax | 1000 | number | Maximum image resize height for embeds. | +| cdn_resizeWidthMax | 1000 | number | Maximum image resize width for embeds. | +| [cdn_imagorServerUrl](imagor.md) | null | string | Imagor instance endpoint for external image resizing. | +| api_defaultVersion | 9 | string | API version to use when not specified | +| api_activeVersions_0 | 6, 7, 8, 9 | string[] | Allowed API version numbers. [Array](#array-types). | +| api_endpointPublic | "/api" | string | See gateway_endpointPublic | | general_instanceName | {{ project.name }} Instance | string | Announced instance name | | general_instanceDescription | This is a {{ project.name }} instance made in the pre-release days | string | Announced instance description | -| general_frontPage | null | string | Announced instance front page | -| general_tosPage | null | string | Announced instance TOS page | -| general_correspondenceEmail | null | string | Announced instance correspondence email | -| general_correspondenceUserID | null | string | Announced instance correspondence ID (from this instance) | -| general_image | null | string | Announced instance image URL | -| general_instanceId | Snowflake of instance creation date | Snowflake | Announced instance ID | -| limits_user_maxGuilds | 1048576 | number | Maxmimum guilds a user can join | -| limits_user_maxUsername | 127 | number | Maximum username length | -| limits_user_maxFriends | 5000 | number | Maximum number of friends per user | -| limits_guild_maxRoles | 1000 | number | Maximum number of roles in a guild | -| limits_guild_maxEmojis | 2000 | number | Maximum number of emojis in a guild | -| limits_guild_maxMembers | 25000000 | number | Maximum number of members in a guild | -| limits_guild_maxChannels | 65535 | number | Maximum number of channels in a guild | -| limits_guild_maxChannelsInCategory | 65535 | number | Maximum number of channels per category in a guild | -| limits_message_maxCharacters | 1048576 | number | Maximum character count per message | -| limits_message_maxTTSCharacters | 160 | number | Maximum character count per text to speech messages | -| limits_message_maxReactions | 2048 | number | Maximum number of reactions per message | -| limits_message_maxAttachmentSize | 1073741824 | number | Maximum total attachment size per message | -| limits_message_maxBulkDelete | 1000 | number | Maximum number of messages deletable through bulk delete | -| limits_message_maxEmbedDownloadSize | 5242880 | number | Maximum download size of external embeddable content | -| limits_channel_maxPins | 500 | number | Maximum number of pins per channel | -| limits_channel_maxTopic | 1024 | number | Maximum channel topic character length | -| limits_channel_maxWebhooks | 100 | number | Maximum number of webhooks per channel | -| limits_rate_enabled | true | boolean | Whether rate limits are enabled | -| limits_rate_ip_count | 500 | number | Allowed number of requests per IP within window | -| limits_rate_ip_window | 5 | number | IP rate limit window, in seconds | -| limits_rate_global_count | 250 | number | Allowed number of requests globally within window | -| limits_rate_global_window | 5 | number | Global rate limit window, in seconds | -| limits_rate_error_count | 10 | number | Number of allowed errors per user within window | -| limits_rate_error_window | 5 | number | User error rate limit window, in seconds | -| limits_rate_routes_guild_count | 5 | number | Allowed number of /guild\* requests per user within window | -| limits_rate_routes_guild_window | 5 | number | User /guild\* rate limit window, in seconds | -| limits_rate_routes_webhook_count | 10 | number | Allowed number of /webhooks\* requests per user within window | -| limits_rate_routes_webhook_window | 5 | number | User /webhooks\* rate limit window, in seconds | -| limits_rate_routes_channel_count | 10 | number | Allowed number of /channel\* requests per user within window | -| limits_rate_routes_channel_window | 5 | number | User /channel\* rate limit window, in seconds | -| limits_rate_routes_auth_login_count | 5 | number | Allowed number of IP /login requests within window | -| limits_rate_routes_auth_login_window | 60 | number | IP /login rate limit window, in seconds | -| limits_rate_routes_auth_register_count | 2 | number | Allowed number of IP /register requests within window | -| limits_rate_routes_auth_register_window | 43200 | number | IP /register rate limit window, in seconds | -| limits_absoluteRate_register_limit | 25 | number | Absolute number of registrations instance-wide per window | -| limits_absoluteRate_register_window | 3600000 | number | Global /register rate limit window, in seconds | -| limits_absoluteRate_register_enabled | true | boolean | Whether absolute register rate limits are enabled | -| limits_absoluteRate_sendMessage_limit | 200 | number | Absolute number of messages instance-wide per window | -| limits_absoluteRate_sendMessage_window | 60000 | number | Global sendMessage window, in seconds | -| limits_absoluteRate_sendMessage_enabled | true | boolean | Whether absolute message sending rate limits are enabled | -| [security_captcha_enabled](../security/captcha.md) | false | boolean | Whether to enable captchas for login/register | -| security_captcha_service | null | "recaptcha"/"hcaptcha" | Which captcha service to use | -| security_captcha_sitekey | null | string | Captcha service sitekey | -| security_captcha_secret | null | string | Captcha service secret | -| security_twoFactor_generateBackupCodes | true | boolean | Whether to generate backup codes for MFA users | -| security_requestSignature | Secret secret | string | The signature required for CDN or [Imagor](imagor.md) usage | -| security_jwtSecret | Secure secret | string | The secret used for user token generation | -| [security_forwadedFor](../reverseProxy.md) | null | string | HTTP header for user's real IP. | +| general_frontPage | null | string | Announced instance front page | +| general_tosPage | null | string | Announced instance TOS page | +| general_correspondenceEmail | null | string | Announced instance correspondence email | +| general_correspondenceUserID | null | string | Announced instance correspondence ID (from this instance) | +| general_image | null | string | Announced instance image URL | +| general_instanceId | Snowflake of instance creation date | Snowflake | Announced instance ID | +| limits_user_maxGuilds | 1048576 | number | Maxmimum guilds a user can join | +| limits_user_maxUsername | 127 | number | Maximum username length | +| limits_user_maxFriends | 5000 | number | Maximum number of friends per user | +| limits_guild_maxRoles | 1000 | number | Maximum number of roles in a guild | +| limits_guild_maxEmojis | 2000 | number | Maximum number of emojis in a guild | +| limits_guild_maxMembers | 25000000 | number | Maximum number of members in a guild | +| limits_guild_maxChannels | 65535 | number | Maximum number of channels in a guild | +| limits_guild_maxChannelsInCategory | 65535 | number | Maximum number of channels per category in a guild | +| limits_message_maxCharacters | 1048576 | number | Maximum character count per message | +| limits_message_maxTTSCharacters | 160 | number | Maximum character count per text to speech messages | +| limits_message_maxReactions | 2048 | number | Maximum number of reactions per message | +| limits_message_maxAttachmentSize | 1073741824 | number | Maximum total attachment size per message | +| limits_message_maxBulkDelete | 1000 | number | Maximum number of messages deletable through bulk delete | +| limits_message_maxEmbedDownloadSize | 5242880 | number | Maximum download size of external embeddable content | +| limits_channel_maxPins | 500 | number | Maximum number of pins per channel | +| limits_channel_maxTopic | 1024 | number | Maximum channel topic character length | +| limits_channel_maxWebhooks | 100 | number | Maximum number of webhooks per channel | +| limits_rate_enabled | true | boolean | Whether rate limits are enabled | +| limits_rate_ip_count | 500 | number | Allowed number of requests per IP within window | +| limits_rate_ip_window | 5 | number | IP rate limit window, in seconds | +| limits_rate_global_count | 250 | number | Allowed number of requests globally within window | +| limits_rate_global_window | 5 | number | Global rate limit window, in seconds | +| limits_rate_error_count | 10 | number | Number of allowed errors per user within window | +| limits_rate_error_window | 5 | number | User error rate limit window, in seconds | +| limits_rate_routes_guild_count | 5 | number | Allowed number of /guild\* requests per user within window | +| limits_rate_routes_guild_window | 5 | number | User /guild\* rate limit window, in seconds | +| limits_rate_routes_webhook_count | 10 | number | Allowed number of /webhooks\* requests per user within window | +| limits_rate_routes_webhook_window | 5 | number | User /webhooks\* rate limit window, in seconds | +| limits_rate_routes_channel_count | 10 | number | Allowed number of /channel\* requests per user within window | +| limits_rate_routes_channel_window | 5 | number | User /channel\* rate limit window, in seconds | +| limits_rate_routes_auth_login_count | 5 | number | Allowed number of IP /login requests within window | +| limits_rate_routes_auth_login_window | 60 | number | IP /login rate limit window, in seconds | +| limits_rate_routes_auth_register_count | 2 | number | Allowed number of IP /register requests within window | +| limits_rate_routes_auth_register_window | 43200 | number | IP /register rate limit window, in seconds | +| limits_absoluteRate_register_limit | 25 | number | Absolute number of registrations instance-wide per window | +| limits_absoluteRate_register_window | 3600000 | number | Global /register rate limit window, in seconds | +| limits_absoluteRate_register_enabled | true | boolean | Whether absolute register rate limits are enabled | +| limits_absoluteRate_sendMessage_limit | 200 | number | Absolute number of messages instance-wide per window | +| limits_absoluteRate_sendMessage_window | 60000 | number | Global sendMessage window, in seconds | +| limits_absoluteRate_sendMessage_enabled | true | boolean | Whether absolute message sending rate limits are enabled | +| [security_captcha_enabled](../security/captcha.md) | false | boolean | Whether to enable captchas for login/register | +| security_captcha_service | null | "recaptcha"/"hcaptcha" | Which captcha service to use | +| security_captcha_sitekey | null | string | Captcha service sitekey | +| security_captcha_secret | null | string | Captcha service secret | +| security_twoFactor_generateBackupCodes | true | boolean | Whether to generate backup codes for MFA users | +| security_requestSignature | Secret secret | string | The signature required for CDN or [Imagor](imagor.md) usage | +| security_jwtSecret | Secure secret | string | The secret used for user token generation | +| [security_forwadedFor](../reverseProxy.md) | null | string | HTTP header for user's real IP. | | security_ipdataApiKey | {{ project.name }} IPdata key | string | API key used for IP geolocation and proxy detection | -| security_mfaBackupCodeCount | 10 | number | Number of MFA backup codes to generate | -| security_statsWorldReadable | true | boolean | Whether instance stats are publically accessible or require right | -| security_defaultRegistrationTokenExpiration | 604800000 | number | Seconds for [registration tokens](../security/regTokens.md) to expire | -| login_requireCaptcha | false | boolean | Whether login requires captcha verification | -| login_requireVerification | false | boolean | Whether login requires email verification | -| register_email_required | false | boolean | Whether an email is required for registration | -| register_email_allowlist | false | boolean | Whether `register_email_domains` is an allowlist | -| register_email_blocklist | true | boolean | Whether `register_email_domains` is a blocklist | -| register_email_domains | [] | string[] | The email domains list to use as a block/allow list | -| register_dateOfBirth_required | true | boolean | Whether a date of birth is required for registration | -| register_dateOfBirth_minimum | 13 | number | The minimum age of registration | -| register_password_required | false | boolean | Whether a password is required for registration | -| register_password_minLength | 8 | number | Minimum password length | -| register_password_minNumbers | 2 | number | Minimum number of number characters in passwords | -| register_password_minUpperCase | 2 | number | Minimum number of uppercase characters in passwords | -| register_password_minSymbols | 0 | number | Minimum number of symbols in passwords | -| register_disabled | false | boolean | Whether registration is disabled | -| register_requireCaptcha | true | boolean | Whether registration requires captcha verification | -| register_requireInvite | false | boolean | Whether registration requires a guild invite | -| register_guestsRequireInvite | true | boolean | Whether guests accounts require a guild invite | -| register_allowMultipleAccounts | true | boolean | Allow multiple accounts with the same client fingerprint | -| register_blockProxies | true | boolean | Whether proxies are blocked from registration | -| register_incrementingDiscriminators | false | boolean | Whether discriminators are random or incrementing | -| [register_defaultRights](../security/rights.md) | 875069521787904 | string | The rights assigned to users _upon registration_ | -| regions_default | {{ project.name.lower() }} | string | The default voice region to use | -| regions_useDefaultAsOptimal | true | boolean | Whether to calculate closest or use default as optimal voice region | -| regions_available_0_id | {{ project.name.lower() }} | string[] | The available voice region IDs | +| security_mfaBackupCodeCount | 10 | number | Number of MFA backup codes to generate | +| security_statsWorldReadable | true | boolean | Whether instance stats are publically accessible or require right | +| security_defaultRegistrationTokenExpiration | 604800000 | number | Seconds for [registration tokens](../security/regTokens.md) to expire | +| login_requireCaptcha | false | boolean | Whether login requires captcha verification | +| login_requireVerification | false | boolean | Whether login requires email verification | +| register_email_required | false | boolean | Whether an email is required for registration | +| register_email_allowlist | false | boolean | Whether `register_email_domains` is an allowlist | +| register_email_blocklist | true | boolean | Whether `register_email_domains` is a blocklist | +| register_email_domains | [] | string[] | The email domains list to use as a block/allow list | +| register_dateOfBirth_required | true | boolean | Whether a date of birth is required for registration | +| register_dateOfBirth_minimum | 13 | number | The minimum age of registration | +| register_password_required | false | boolean | Whether a password is required for registration | +| register_password_minLength | 8 | number | Minimum password length | +| register_password_minNumbers | 2 | number | Minimum number of number characters in passwords | +| register_password_minUpperCase | 2 | number | Minimum number of uppercase characters in passwords | +| register_password_minSymbols | 0 | number | Minimum number of symbols in passwords | +| register_disabled | false | boolean | Whether registration is disabled | +| register_requireCaptcha | true | boolean | Whether registration requires captcha verification | +| register_requireInvite | false | boolean | Whether registration requires a guild invite | +| register_guestsRequireInvite | true | boolean | Whether guests accounts require a guild invite | +| register_allowMultipleAccounts | true | boolean | Allow multiple accounts with the same client fingerprint | +| register_blockProxies | true | boolean | Whether proxies are blocked from registration | +| register_incrementingDiscriminators | false | boolean | Whether discriminators are random or incrementing | +| [register_defaultRights](../security/rights.md) | 875069521787904 | string | The rights assigned to users _upon registration_ | +| regions_default | {{ project.name.lower() }} | string | The default voice region to use | +| regions_useDefaultAsOptimal | true | boolean | Whether to calculate closest or use default as optimal voice region | +| regions_available_0_id | {{ project.name.lower() }} | string[] | The available voice region IDs | | regions_available_0_name | {{ project.name }} | string[] | The available voice region names | -| regions_available_0_endpoint | 127.0.0.1:3004 | string[] | The available voice region endpoint URLs | -| regions_available_0_vip | false | boolean[] | Whether this voice region is VIP exclusive | -| regions_available_0_custom | false | boolean[] | Whether this is a custom voice region (used for events/etc) | -| regions_available_0_deprecated | false | boolean[] | Whether this is a deprecated voice region (clients avoid these) | -| guild_discovery_showAllGuilds | false | boolean | Whether guild discovery should show all guilds | -| guild_discovery_limit | 24 | number | Maximum number of guild discovery elements per page | -| guild_autoJoin_enabled | true | boolean | Whether users auto join guild(s) on registration | -| guild_autoJoin_canLeave | true | boolean | Whether users can leave the auto-joined guild(s) | -| [guild_defaultFeatures_0](guildFeatures.md) | null | string | Features automatically granted to guilds upon creation | -| gif_enabled | true | boolean | Whether GIF features are enabled | -| gif_provider | tenor | "tenor" | Which GIF service to use | -| gif_apiKey | LIVDSRZULELA | string | GIF service API key | -| [rabbitmq_host](rabbitmq.md) | null | string | RabbitMQ connection string | -| templates_enabled | true | boolean | Whether guild templates are enabled | -| templates_allowTemplateCreation | true | boolean | Whether new guild templates can be created | -| templates_allowDiscordTemplates | true | boolean | Whether guild templates from Discord.com can be fetched | -| [templates_allowRaws](/concepts/guildTemplates.md) | true | boolean | Whether raw guild templates are allowed | -| sentry_enabled | false | boolean | Whether server-side Sentry analytics is enabled | +| regions_available_0_endpoint | 127.0.0.1:3004 | string[] | The available voice region endpoint URLs | +| regions_available_0_vip | false | boolean[] | Whether this voice region is VIP exclusive | +| regions_available_0_custom | false | boolean[] | Whether this is a custom voice region (used for events/etc) | +| regions_available_0_deprecated | false | boolean[] | Whether this is a deprecated voice region (clients avoid these) | +| guild_discovery_showAllGuilds | false | boolean | Whether guild discovery should show all guilds | +| guild_discovery_limit | 24 | number | Maximum number of guild discovery elements per page | +| guild_autoJoin_enabled | true | boolean | Whether users auto join guild(s) on registration | +| guild_autoJoin_canLeave | true | boolean | Whether users can leave the auto-joined guild(s) | +| [guild_defaultFeatures_0](guildFeatures.md) | null | string | Features automatically granted to guilds upon creation | +| gif_enabled | true | boolean | Whether GIF features are enabled | +| gif_provider | tenor | "tenor" | Which GIF service to use | +| gif_apiKey | LIVDSRZULELA | string | GIF service API key | +| [rabbitmq_host](rabbitmq.md) | null | string | RabbitMQ connection string | +| templates_enabled | true | boolean | Whether guild templates are enabled | +| templates_allowTemplateCreation | true | boolean | Whether new guild templates can be created | +| templates_allowDiscordTemplates | true | boolean | Whether guild templates from Discord.com can be fetched | +| [templates_allowRaws](/concepts/guildTemplates.md) | true | boolean | Whether raw guild templates are allowed | +| sentry_enabled | false | boolean | Whether server-side Sentry analytics is enabled | | sentry_endpoint | {{ project.name }} sentry endpoint | string | Sentry endpoint | -| sentry_traceSampleRate | 1 | number | Sentry sample rate (1 means all requests) | -| sentry_environment | System hostname | string | Sentry environment name | -| defaults_user_premium | false | boolean | Whether users are given premium upon registration | -| defaults_user_premium_type | 2 | number | The premium type given to users upon registration | -| defaults_user_verified | true | boolean | Whether users get verified email upon registration | -| [external_twitter](embeds.md) | null | string | Twitter API key used for Twitter embeds | -| [email_provider](../email.md) | null | "smtp", "mailgun", "mailjet", "sendgrid" | Which email transport to use | -| email_smtp_host | null | string | SMTP Host for sending email | -| email_smtp_port | null | number | SMTP port | -| email_smtp_secure | null | boolean | Use TLS for SMTP | -| email_smtp_username | null | string | SMTP username | -| email_smtp_password | null | string | SMTP password | -| email_mailgun_apiKey | null | string | Mailgun API key | -| email_mailgun_domain | null | string | Mailgun domain | -| email_mailjet_apiKey | null | string | Mailjet API key | -| email_mailjet_apiSecret | null | string | Mailjet API secret | -| email_sendgrid_apiKey | null | string | Sendgrid API key | -| passwordReset_requireCaptcha | false | boolean | Require captcha to send password reset email | +| sentry_traceSampleRate | 1 | number | Sentry sample rate (1 means all requests) | +| sentry_environment | System hostname | string | Sentry environment name | +| defaults_user_premium | false | boolean | Whether users are given premium upon registration | +| defaults_user_premium_type | 2 | number | The premium type given to users upon registration | +| defaults_user_verified | true | boolean | Whether users get verified email upon registration | +| [external_twitter](embeds.md) | null | string | Twitter API key used for Twitter embeds | +| [email_provider](../email.md) | null | "smtp", "mailgun", "mailjet", "sendgrid" | Which email transport to use | +| email_smtp_host | null | string | SMTP Host for sending email | +| email_smtp_port | null | number | SMTP port | +| email_smtp_secure | null | boolean | Use TLS for SMTP | +| email_smtp_username | null | string | SMTP username | +| email_smtp_password | null | string | SMTP password | +| email_mailgun_apiKey | null | string | Mailgun API key | +| email_mailgun_domain | null | string | Mailgun domain | +| email_mailjet_apiKey | null | string | Mailjet API key | +| email_mailjet_apiSecret | null | string | Mailjet API secret | +| email_sendgrid_apiKey | null | string | Sendgrid API key | +| passwordReset_requireCaptcha | false | boolean | Require captcha to send password reset email | diff --git a/docs/setup/server/configuration/userFlags.md b/docs/setup/server/configuration/userFlags.md index 2d39c00..25532c5 100644 --- a/docs/setup/server/configuration/userFlags.md +++ b/docs/setup/server/configuration/userFlags.md @@ -7,4 +7,4 @@ You can assign multiple flags by simply summing the respective values. A list of all user flags implemented on Discord.com is available [here](https://github.com/Delitefully/DiscordLists/blob/master/flags.md) -Currently, the only user flag to have an effect on server-side functionality is `STAFF` ( 1 ). \ No newline at end of file +Currently, the only user flag to have an effect on server-side functionality is `STAFF` ( 1 ). diff --git a/docs/setup/server/email.md b/docs/setup/server/email.md index 5ee3f2f..e5bb0fa 100644 --- a/docs/setup/server/email.md +++ b/docs/setup/server/email.md @@ -2,31 +2,31 @@ {{ project.name }} can be configured to send email, to enable the following functionality: -- Email verification -- Password resets -- Password change notifications +- Email verification +- Password resets +- Password change notifications {{ project.name }} supports the following email transports: -- SMTP -- [Mailjet](https://www.mailjet.com/) -- [Mailgun](https://www.mailgun.com/) -- [Sendgrid](https://sendgrid.com/) +- SMTP +- [Mailjet](https://www.mailjet.com/) +- [Mailgun](https://www.mailgun.com/) +- [Sendgrid](https://sendgrid.com/) Once you have an account with one of the above services, or an SMTP service, you can begin configuring {{ project.name }} to send mail. You must edit: -- The `general_frontPage` [config](configuration/index.md) value, used to generate verification/password reset links. +- The `general_frontPage` [config](configuration/index.md) value, used to generate verification/password reset links. Be sure to set it to the {{ project.name }} web app URL. For example, `https://staging.{{ project.domain }}` -- The `general_correspondenceEmail` config value, used as the 'from' email address. - If unset, `noreply@localhost` is used, which will most likely throw an error with your email service. +- The `general_correspondenceEmail` config value, used as the 'from' email address. + If unset, `noreply@localhost` is used, which will most likely throw an error with your email service. Optionally: -- By default users are automatically verified. To change this, update the `defaults_user_verified` [config](configuration/index.md) value to `false`. -- If you would like users to be forced to verify their email before using the service, set the `login_requireVerification` config to `true`. -- You may force users to pass a CAPTCHA before requesting a password reset by setting `passwordReset_requireCaptcha` to `true` +- By default users are automatically verified. To change this, update the `defaults_user_verified` [config](configuration/index.md) value to `false`. +- If you would like users to be forced to verify their email before using the service, set the `login_requireVerification` config to `true`. +- You may force users to pass a CAPTCHA before requesting a password reset by setting `passwordReset_requireCaptcha` to `true` ## Email Config diff --git a/docs/setup/server/index.md b/docs/setup/server/index.md index e8fc544..92a91eb 100644 --- a/docs/setup/server/index.md +++ b/docs/setup/server/index.md @@ -13,12 +13,12 @@ We do not recommend using Windows to run {{ project.name }}. ## Dependencies -- [Git](https://git-scm.com/) -- [NodeJS](https://nodejs.org). Version 16+ -- [Python](https://www.python.org/). Version 3+. Make sure this is executable via `python` in your terminal. - (See: `python-is-python3` package) -- On Linux: `gcc`/`g++`. Packaged with `build-essential` on Debian/Ubuntu and `base-devel` on Arch. -- On Windows: [Visual Studio](https://visualstudio.microsoft.com/) (**NOT** VSCode) with the `Desktop development with C++` package. +- [Git](https://git-scm.com/) +- [NodeJS](https://nodejs.org). Version 16+ +- [Python](https://www.python.org/). Version 3+. Make sure this is executable via `python` in your terminal. + (See: `python-is-python3` package) +- On Linux: `gcc`/`g++`. Packaged with `build-essential` on Debian/Ubuntu and `base-devel` on Arch. +- On Windows: [Visual Studio](https://visualstudio.microsoft.com/) (**NOT** VSCode) with the `Desktop development with C++` package. You do not need the full Visual Studio install, the build tools are fine. ## Setup @@ -51,6 +51,6 @@ If you set up your server remotely, you can use `curl http://localhost:3001/api/ Well, now you can configure {{ project.name }} to your liking! -- [Skip to server configuration](configuration) -- [Skip to reverse proxy / SSL](reverseProxy.md) -- [Skip to security](security) +- [Skip to server configuration](configuration) +- [Skip to reverse proxy / SSL](reverseProxy.md) +- [Skip to security](security) diff --git a/docs/setup/server/maintenance/restart.md b/docs/setup/server/maintenance/restart.md index a647325..5dc4c56 100644 --- a/docs/setup/server/maintenance/restart.md +++ b/docs/setup/server/maintenance/restart.md @@ -2,17 +2,17 @@ {{ project.name }}-server must restart in the following cases: -- The .env file or config (database or [CONFIG_PATH](/setup/server/configuration) has changed. -- Files in the `client_test`, `preload-plugins` folders of inside `assets` have changed. -- Files inside `src` have changed (_remember to `npm run build`_). -- The `assets/schemas.json` file has changed. -- The [RabbitMQ](/setup/server/configuration/rabbitmq) connection has been lost. +- The .env file or config (database or [CONFIG_PATH](/setup/server/configuration) has changed. +- Files in the `client_test`, `preload-plugins` folders of inside `assets` have changed. +- Files inside `src` have changed (_remember to `npm run build`_). +- The `assets/schemas.json` file has changed. +- The [RabbitMQ](/setup/server/configuration/rabbitmq) connection has been lost. For all other cases, you do not need to restart the server. For example: -- Running `npm run generate:client` -- Running `npm run generate:changelog` -- Editing any table in the database other than `config`. For example, to edit a `users` [`rights`](/setup/server/configuration/rabbitmq) -- Database connection was lost (this should auto reconnect) +- Running `npm run generate:client` +- Running `npm run generate:changelog` +- Editing any table in the database other than `config`. For example, to edit a `users` [`rights`](/setup/server/configuration/rabbitmq) +- Database connection was lost (this should auto reconnect) This is not an exhaustive list. If a change you made is not applied, the first thing you should try is restarting. diff --git a/docs/setup/server/security/limits.md b/docs/setup/server/security/limits.md index 503efff..8c2dc1b 100644 --- a/docs/setup/server/security/limits.md +++ b/docs/setup/server/security/limits.md @@ -2,15 +2,15 @@ {{ project.name }} has various forms of rate limiting built in. If you are logged in, you can bypass these with the `BYPASS_RATE_LIMITS` [right](rights.md) -- Absolute rate limits, which effect all requests to a route regardless of source (`limits_absoluteRate_*`) -- User or IP specific rate limits (`limits_rate_*`) +- Absolute rate limits, which effect all requests to a route regardless of source (`limits_absoluteRate_*`) +- User or IP specific rate limits (`limits_rate_*`) ## Absolute ratelimiting There are currently two types of absolute rate limiting: -- `limits_absoluteRate_register_*` - Controls the absolute count of registrations allowed within a window. Useful for mitigating registration spam, in addition to [captchas](captcha.md) -- `limits_absoluteRate_sendMessage_*` - Controls the absolute count of messages allowed to be sent within a window. +- `limits_absoluteRate_register_*` - Controls the absolute count of registrations allowed within a window. Useful for mitigating registration spam, in addition to [captchas](captcha.md) +- `limits_absoluteRate_sendMessage_*` - Controls the absolute count of messages allowed to be sent within a window. Absolute rate limits do not consider the source of the request, only the total number of requests instance-wide. @@ -20,14 +20,14 @@ Both of the above are individually enabled. These rate limits are enabled with a single toggle (`limits_rate_enabled`) -- `limits_rate_ip_*` - Controls the count of requests to any endpoint from a single IP over some window. -- `limits_rate_global_*` - Number of requests to any endpoint for the same user and IP -- `limits_rate_error_*` - Number of errors allowed per window for an IP -- `limits_rate_routes_guild_*` - Guild related requests for same user and IP -- `limits_rate_routes_webhook_*` - Webhook related requests for same user and IP -- `limits_rate_routes_channel_*` - Channel related requests for same user and IP -- `limits_rate_routes_auth_login_*` - Login requests for same user and IP -- `limits_rate_routes_auth_register_*` - Register requests (successful only) for same IP +- `limits_rate_ip_*` - Controls the count of requests to any endpoint from a single IP over some window. +- `limits_rate_global_*` - Number of requests to any endpoint for the same user and IP +- `limits_rate_error_*` - Number of errors allowed per window for an IP +- `limits_rate_routes_guild_*` - Guild related requests for same user and IP +- `limits_rate_routes_webhook_*` - Webhook related requests for same user and IP +- `limits_rate_routes_channel_*` - Channel related requests for same user and IP +- `limits_rate_routes_auth_login_*` - Login requests for same user and IP +- `limits_rate_routes_auth_register_*` - Register requests (successful only) for same IP ## What do you mean by window and count? diff --git a/docs/setup/server/security/regTokens.md b/docs/setup/server/security/regTokens.md index 7420799..79b9065 100644 --- a/docs/setup/server/security/regTokens.md +++ b/docs/setup/server/security/regTokens.md @@ -2,14 +2,14 @@ Registration tokens are a one-time use token for allowing a new user registration to bypass various restrictions: -- Bypass `register_allowNewRegistrations = false` -- Bypass `register_disabled = true` -- Bypass [captchas](captcha.md) -- Bypass `register_allowMultipleAccounts = false` -- Bypass `register_blockProxies = true` -- Bypass `register_requireInvite = true` -- Bypass `register_guestsRequireInvite = true` -- Bypass [absolute register rate limits](limits.md) +- Bypass `register_allowNewRegistrations = false` +- Bypass `register_disabled = true` +- Bypass [captchas](captcha.md) +- Bypass `register_allowMultipleAccounts = false` +- Bypass `register_blockProxies = true` +- Bypass `register_requireInvite = true` +- Bypass `register_guestsRequireInvite = true` +- Bypass [absolute register rate limits](limits.md) To create a registration token, send a GET request to `/auth/generate-registration-tokens` as an account with `OPERATOR` [rights](rights.md).