mirror/ditto
mirror/ditto
1
0
Fork 0
mirror of https://gitlab.com/soapbox-pub/ditto.git synced 2025-12-06 11:29:46 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
ditto/packages/conf/DittoConf.ts
Alex Gleason 65846d062a
Rewrite literally everything
2025-02-16 23:27:13 -06:00

486 lines
15 KiB
TypeScript
Raw Blame History

import Module from 'node:module';
import os from 'node:os';
import path from 'node:path';
import ISO6391, { type LanguageCode } from 'iso-639-1';
import { getPublicKey, nip19 } from 'nostr-tools';
import { decodeBase64 } from '@std/encoding/base64';
import { encodeBase64Url } from '@std/encoding/base64url';
import { getEcdsaPublicKey } from './utils/crypto.ts';
import { optionalBooleanSchema, optionalNumberSchema } from './utils/schema.ts';
import { mergeURLPath } from './utils/url.ts';
/** Ditto application-wide configuration. */
export class DittoConf {
constructor(private env: { get(key: string): string | undefined }) {}
/** Cached parsed admin pubkey value. */
private _pubkey: string | undefined;
/** Cached parsed VAPID public key value. */
private _vapidPublicKey: Promise<string | undefined> | undefined;
/** Ditto admin secret key in nip19 format. This is the way it's configured by an admin. */
get nsec(): `nsec1${string}` {
const value = this.env.get('DITTO_NSEC');
if (!value) {
throw new Error('Missing DITTO_NSEC');
}
if (!value.startsWith('nsec1')) {
throw new Error('Invalid DITTO_NSEC');
}
return value as `nsec1${string}`;
}
/** Ditto admin secret key in hex format. */
get seckey(): Uint8Array {
return nip19.decode(this.nsec).data;
}
/** Ditto admin public key in hex format. */
get pubkey(): string {
if (!this._pubkey) {
this._pubkey = getPublicKey(this.seckey);
}
return this._pubkey;
}
/** Port to use when serving the HTTP server. */
get port(): number {
return parseInt(this.env.get('PORT') || '4036');
}
/** IP addresses not affected by rate limiting. */
get ipWhitelist(): string[] {
return this.env.get('IP_WHITELIST')?.split(',') || [];
}
/** Relay URL to the Ditto server's relay. */
get relay(): `wss://${string}` | `ws://${string}` {
const { protocol, host } = this.url;
return `${protocol === 'https:' ? 'wss:' : 'ws:'}//${host}/relay`;
}
/** Relay to use for NIP-50 `search` queries. */
get searchRelay(): string | undefined {
return this.env.get('SEARCH_RELAY');
}
/** Origin of the Ditto server, including the protocol and port. */
get localDomain(): string {
return this.env.get('LOCAL_DOMAIN') || `http://localhost:${this.port}`;
}
/** Link to an external nostr viewer. */
get externalDomain(): string {
return this.env.get('NOSTR_EXTERNAL') || 'https://njump.me';
}
/** Get a link to a nip19-encoded entity in the configured external viewer. */
external(path: string): string {
return new URL(path, this.externalDomain).toString();
}
/**
* Heroku-style database URL. This is used in production to connect to the
* database.
*
* Follows the format:
*
* ```txt
* protocol://username:password@host:port/database_name
* ```
*/
get databaseUrl(): string {
return this.env.get('DATABASE_URL') ?? 'file://data/pgdata';
}
/** PGlite debug level. 0 disables logging. */
get pgliteDebug(): 0 | 1 | 2 | 3 | 4 | 5 {
return Number(this.env.get('PGLITE_DEBUG') || 0) as 0 | 1 | 2 | 3 | 4 | 5;
}
get vapidPublicKey(): Promise<string | undefined> {
if (!this._vapidPublicKey) {
this._vapidPublicKey = (async () => {
const keys = await this.vapidKeys;
if (keys) {
const { publicKey } = keys;
const bytes = await crypto.subtle.exportKey('raw', publicKey);
return encodeBase64Url(bytes);
}
})();
}
return this._vapidPublicKey;
}
get vapidKeys(): Promise<CryptoKeyPair | undefined> {
return (async () => {
const encoded = this.env.get('VAPID_PRIVATE_KEY');
if (!encoded) {
return;
}
const keyData = decodeBase64(encoded);
const privateKey = await crypto.subtle.importKey(
'pkcs8',
keyData,
{ name: 'ECDSA', namedCurve: 'P-256' },
true,
['sign'],
);
const publicKey = await getEcdsaPublicKey(privateKey, true);
return { privateKey, publicKey };
})();
}
get db(): { timeouts: { default: number; relay: number; timelines: number } } {
const env = this.env;
return {
/** Database query timeout configurations. */
timeouts: {
/** Default query timeout when another setting isn't more specific. */
get default(): number {
return Number(env.get('DB_TIMEOUT_DEFAULT') || 5_000);
},
/** Timeout used for queries made through the Nostr relay. */
get relay(): number {
return Number(env.get('DB_TIMEOUT_RELAY') || 1_000);
},
/** Timeout used for timelines such as home, notifications, hashtag, etc. */
get timelines(): number {
return Number(env.get('DB_TIMEOUT_TIMELINES') || 15_000);
},
},
};
}
/** Time-to-live for captchas in milliseconds. */
get captchaTTL(): number {
return Number(this.env.get('CAPTCHA_TTL') || 5 * 60 * 1000);
}
/** Character limit to enforce for posts made through Mastodon API. */
get postCharLimit(): number {
return Number(this.env.get('POST_CHAR_LIMIT') || 5000);
}
/** S3 media storage configuration. */
get s3(): {
endPoint?: string;
region?: string;
accessKey?: string;
secretKey?: string;
bucket?: string;
pathStyle?: boolean;
port?: number;
sessionToken?: string;
useSSL?: boolean;
} {
const env = this.env;
return {
get endPoint(): string | undefined {
return env.get('S3_ENDPOINT');
},
get region(): string | undefined {
return env.get('S3_REGION');
},
get accessKey(): string | undefined {
return env.get('S3_ACCESS_KEY');
},
get secretKey(): string | undefined {
return env.get('S3_SECRET_KEY');
},
get bucket(): string | undefined {
return env.get('S3_BUCKET');
},
get pathStyle(): boolean | undefined {
return optionalBooleanSchema.parse(env.get('S3_PATH_STYLE'));
},
get port(): number | undefined {
return optionalNumberSchema.parse(env.get('S3_PORT'));
},
get sessionToken(): string | undefined {
return env.get('S3_SESSION_TOKEN');
},
get useSSL(): boolean | undefined {
return optionalBooleanSchema.parse(env.get('S3_USE_SSL'));
},
};
}
/** IPFS uploader configuration. */
get ipfs(): { apiUrl: string } {
const env = this.env;
return {
/** Base URL for private IPFS API calls. */
get apiUrl(): string {
return env.get('IPFS_API_URL') || 'http://localhost:5001';
},
};
}
/** nostr.build API endpoint when the `nostrbuild` uploader is used. */
get nostrbuildEndpoint(): string {
return this.env.get('NOSTRBUILD_ENDPOINT') || 'https://nostr.build/api/v2/upload/files';
}
/** Default Blossom servers to use when the `blossom` uploader is set. */
get blossomServers(): string[] {
return this.env.get('BLOSSOM_SERVERS')?.split(',') || ['https://blossom.primal.net/'];
}
/** Module to upload files with. */
get uploader(): string | undefined {
return this.env.get('DITTO_UPLOADER');
}
/** Location to use for local uploads. */
get uploadsDir(): string {
return this.env.get('UPLOADS_DIR') || 'data/uploads';
}
/** Media base URL for uploads. */
get mediaDomain(): string {
const value = this.env.get('MEDIA_DOMAIN');
if (!value) {
const url = this.url;
url.host = `media.${url.host}`;
return url.toString();
}
return value;
}
/**
* Whether to analyze media metadata with [blurhash](https://www.npmjs.com/package/blurhash) and [sharp](https://www.npmjs.com/package/sharp).
* This is prone to security vulnerabilities, which is why it's not enabled by default.
*/
get mediaAnalyze(): boolean {
return optionalBooleanSchema.parse(this.env.get('MEDIA_ANALYZE')) ?? false;
}
/** Max upload size for files in number of bytes. Default 100MiB. */
get maxUploadSize(): number {
return Number(this.env.get('MAX_UPLOAD_SIZE') || 100 * 1024 * 1024);
}
/** Usernames that regular users cannot sign up with. */
get forbiddenUsernames(): string[] {
return this.env.get('FORBIDDEN_USERNAMES')?.split(',') || [
'_',
'admin',
'administrator',
'root',
'sysadmin',
'system',
];
}
/** Domain of the Ditto server as a `URL` object, for easily grabbing the `hostname`, etc. */
get url(): URL {
return new URL(this.localDomain);
}
/** Merges the path with the localDomain. */
local(path: string): string {
return mergeURLPath(this.localDomain, path);
}
/** URL to send Sentry errors to. */
get sentryDsn(): string | undefined {
return this.env.get('SENTRY_DSN');
}
/** Postgres settings. */
get pg(): { poolSize: number } {
const env = this.env;
return {
/** Number of connections to use in the pool. */
get poolSize(): number {
return Number(env.get('PG_POOL_SIZE') ?? 20);
},
};
}
/** Whether to enable requesting events from known relays. */
get firehoseEnabled(): boolean {
return optionalBooleanSchema.parse(this.env.get('FIREHOSE_ENABLED')) ?? true;
}
/** Number of events the firehose is allowed to process at one time before they have to wait in a queue. */
get firehoseConcurrency(): number {
return Math.ceil(Number(this.env.get('FIREHOSE_CONCURRENCY') ?? 1));
}
/** Nostr event kinds of events to listen for on the firehose. */
get firehoseKinds(): number[] {
return (this.env.get('FIREHOSE_KINDS') ?? '0, 1, 3, 5, 6, 7, 20, 9735, 10002')
.split(/[, ]+/g)
.map(Number);
}
/** Whether to perform prechecks when Ditto is starting. Setting this to `false` can suppress errors, but is not recommended. */
get precheck(): boolean {
return optionalBooleanSchema.parse(this.env.get('DITTO_PRECHECK')) ?? true;
}
/**
* Whether Ditto should subscribe to Nostr events from the Postgres database itself.
* This would make Nostr events inserted directly into Postgres available to the streaming API and relay.
*/
get notifyEnabled(): boolean {
return optionalBooleanSchema.parse(this.env.get('NOTIFY_ENABLED')) ?? true;
}
/** Whether to enable Ditto cron jobs. */
get cronEnabled(): boolean {
return optionalBooleanSchema.parse(this.env.get('CRON_ENABLED')) ?? true;
}
/** User-Agent to use when fetching link previews. Pretend to be Facebook by default. */
get fetchUserAgent(): string {
return this.env.get('DITTO_FETCH_USER_AGENT') ?? 'facebookexternalhit';
}
/** Path to the custom policy module. Must be an absolute path, https:, npm:, or jsr: URI. */
get policy(): string {
return this.env.get('DITTO_POLICY') || path.join(this.dataDir, 'policy.ts');
}
/** Absolute path to the data directory used by Ditto. */
get dataDir(): string {
return this.env.get('DITTO_DATA_DIR') || path.join(cwd(), 'data');
}
/** Directory to serve the frontend from. */
get publicDir(): string {
return this.env.get('DITTO_PUBLIC_DIR') || path.join(this.dataDir, 'public');
}
/** Absolute path of the Deno directory. */
get denoDir(): string {
return this.env.get('DENO_DIR') || `${os.userInfo().homedir}/.cache/deno`;
}
/** Whether zap splits should be enabled. */
get zapSplitsEnabled(): boolean {
return optionalBooleanSchema.parse(this.env.get('ZAP_SPLITS_ENABLED')) ?? false;
}
/** Languages this server wishes to highlight. Used when querying trends.*/
get preferredLanguages(): LanguageCode[] | undefined {
return this.env.get('DITTO_LANGUAGES')?.split(',')?.filter(ISO6391.validate);
}
/** Mints to be displayed in the UI when the user decides to create a wallet.*/
get cashuMints(): string[] {
return this.env.get('CASHU_MINTS')?.split(',') ?? [];
}
/** Translation provider used to translate posts. */
get translationProvider(): string | undefined {
return this.env.get('TRANSLATION_PROVIDER');
}
/** DeepL URL endpoint. */
get deeplBaseUrl(): string | undefined {
return this.env.get('DEEPL_BASE_URL');
}
/** DeepL API KEY. */
get deeplApiKey(): string | undefined {
return this.env.get('DEEPL_API_KEY');
}
/** LibreTranslate URL endpoint. */
get libretranslateBaseUrl(): string | undefined {
return this.env.get('LIBRETRANSLATE_BASE_URL');
}
/** LibreTranslate API KEY. */
get libretranslateApiKey(): string | undefined {
return this.env.get('LIBRETRANSLATE_API_KEY');
}
/** Cache settings. */
get caches(): {
nip05: { max: number; ttl: number };
favicon: { max: number; ttl: number };
linkPreview: { max: number; ttl: number };
translation: { max: number; ttl: number };
} {
const env = this.env;
return {
/** NIP-05 cache settings. */
get nip05(): { max: number; ttl: number } {
return {
max: Number(env.get('DITTO_CACHE_NIP05_MAX') || 3000),
ttl: Number(env.get('DITTO_CACHE_NIP05_TTL') || 1 * 60 * 60 * 1000),
};
},
/** Favicon cache settings. */
get favicon(): { max: number; ttl: number } {
return {
max: Number(env.get('DITTO_CACHE_FAVICON_MAX') || 500),
ttl: Number(env.get('DITTO_CACHE_FAVICON_TTL') || 1 * 60 * 60 * 1000),
};
},
/** Link preview cache settings. */
get linkPreview(): { max: number; ttl: number } {
return {
max: Number(env.get('DITTO_CACHE_LINK_PREVIEW_MAX') || 3000),
ttl: Number(env.get('DITTO_CACHE_LINK_PREVIEW_TTL') || 12 * 60 * 60 * 1000),
};
},
/** Translation cache settings. */
get translation(): { max: number; ttl: number } {
return {
max: Number(env.get('DITTO_CACHE_TRANSLATION_MAX') || 1000),
ttl: Number(env.get('DITTO_CACHE_TRANSLATION_TTL') || 6 * 60 * 60 * 1000),
};
},
};
}
/** Custom profile fields configuration. */
get profileFields(): { maxFields: number; nameLength: number; valueLength: number } {
const env = this.env;
return {
get maxFields(): number {
return Number(env.get('PROFILE_FIELDS_MAX_FIELDS') || 10);
},
get nameLength(): number {
return Number(env.get('PROFILE_FIELDS_NAME_LENGTH') || 255);
},
get valueLength(): number {
return Number(env.get('PROFILE_FIELDS_VALUE_LENGTH') || 2047);
},
};
}
/** Maximum time between events before a streak is broken, *in seconds*. */
get streakWindow(): number {
return Number(this.env.get('STREAK_WINDOW') || 129600);
}
}
/**
* HACK: get cwd without read permissions.
* https://github.com/denoland/deno/issues/27080#issuecomment-2504150155
*/
function cwd() {
// @ts-ignore Internal method, but it does exist.
return Module._nodeModulePaths('a')[0].slice(0, -15);
}
Reference in a new issue View git blame Copy permalink