Commit graph

8 commits

Author SHA1 Message Date
fr33domlover
fbc9ad2b30 Rotate actor key once a day by default, instead of once an hour
I'm not sure what the best balance is, but once an hour may end up causing a
lot more key re-fetch requests coming from other servers. I prefer to default
to once a day for now (maybe even once a week) and tighten it later if needed.

Caveat: If an instance key is rotated once a day, there's no
change-key-right-after-toot-deletion thing for deniability. Potentially,
rotation may happen only 24 hours after that deletion, which is much more than
1 hour. On the other hand, it's a whole instance key, not personal key of the
actor.
2019-02-07 23:28:39 +00:00
fr33domlover
cd8ed9ef89 Hold a persistent server key for ocap signatures 2019-01-30 03:12:42 +00:00
fr33domlover
9adf7a2e34 Fix HTTP sig default time limit, 5 minutes not 5 seconds 2019-01-19 01:06:09 +00:00
fr33domlover
499e26db48 Periodically rotated AP actor key for signing ActivityPub requests
The actor key will be used for all actors on the server. It's held in a `TVar`
so that it can always be safely updated and safely retrieved (technically there
is a single writer so IORef and MVar could work, but they require extra care
while TVar is by design suited for this sort of thing).
2019-01-14 22:08:44 +00:00
fr33domlover
c420b8d8ea Make the cookie encryption key and timeout configurable in settings file 2018-07-01 08:15:23 +00:00
fr33domlover
ef21175ec2 Allow loading the SVG font from deployment data path 2018-05-26 10:27:05 +00:00
fr33domlover
9f77ea69cb Display commit diff for Git repos 2018-05-21 20:32:34 +00:00
fr33domlover
c664ee9468 Change filename of default settings, so that editted settings are separate 2018-03-31 22:40:32 +00:00
Renamed from config/settings.yml (Browse further)