Merge branch 'main' of https://github.com/JohnXLivingston/peertube-plugin-livechat

2024-09-05 22:17:17 -04:00
parent 18a1c2f71c 2f78b901e3
commit 7e0cfee8f1
251 changed files with 30235 additions and 6952 deletions
--- a/server/lib/prosody/config.ts
+++ b/server/lib/prosody/config.ts
@ -18,6 +18,7 @@ import { getRemoteServerInfosDir } from '../federation/storage'
 import { BotConfiguration } from '../configuration/bot'
 import { debugMucAdmins } from '../debug'
 import { ExternalAuthOIDC } from '../external-auth/oidc'
+import { listModFirewallFiles } from '../firewall/config'

 async function getWorkingDir (options: RegisterServerOptions): Promise<string> {
  const peertubeHelpers = options.peertubeHelpers
@ -102,14 +103,23 @@ async function getProsodyFilePaths (options: RegisterServerOptions): Promise<Pro
  }

  let avatarSet: AvatarSet = (settings['avatar-set'] ?? 'sepia') as AvatarSet
-  if (!['sepia', 'cat', 'bird', 'fenec', 'abstract', 'legacy', 'nctv'].includes(avatarSet)) {
-    logger.error('Invalid avatar-set setting, using sepia as default')
-    avatarSet = 'sepia'
+  let avatarsDir
+  let avatarsFiles
+  let botAvatarsDir
+  let botAvatarsFiles
+  if (avatarSet === 'none') {
+    botAvatarsDir = path.resolve(__dirname, '../../bot_avatars/', 'sepia') // fallback to default avatars for the bot
+    botAvatarsFiles = await _listAvatars(botAvatarsDir)
+  } else {
+    if (!['sepia', 'cat', 'bird', 'fenec', 'abstract', 'legacy', 'nctv'].includes(avatarSet)) {
+      logger.error('Invalid avatar-set setting, using sepia as default')
+      avatarSet = 'sepia'
+    }
+    avatarsDir = path.resolve(__dirname, '../../avatars/', avatarSet)
+    avatarsFiles = await _listAvatars(avatarsDir)
+    botAvatarsDir = path.resolve(__dirname, '../../bot_avatars/', avatarSet)
+    botAvatarsFiles = await _listAvatars(botAvatarsDir)
  }
-  const avatarsDir = path.resolve(__dirname, '../../avatars/', avatarSet)
-  const avatarsFiles = await _listAvatars(avatarsDir)
-  const botAvatarsDir = path.resolve(__dirname, '../../bot_avatars/', avatarSet)
-  const botAvatarsFiles = await _listAvatars(botAvatarsDir)

  return {
    dir: dir,
@ -130,7 +140,8 @@ async function getProsodyFilePaths (options: RegisterServerOptions): Promise<Pro
    execCtl,
    execCtlArgs,
    appImageToExtract,
-    appImageExtractPath
+    appImageExtractPath,
+    modFirewallFiles: path.resolve(dir, 'mod_firewall_config')
  }
 }

@ -176,7 +187,8 @@ async function getProsodyConfig (options: RegisterServerOptionsV5): Promise<Pros
    'auto-ban-anonymous-ip',
    'federation-dont-publish-remotely',
    'disable-channel-configuration',
-    'chat-terms'
+    'chat-terms',
+    'prosody-firewall-enabled'
  ])

  const valuesToHideInDiagnostic = new Map<string, string>()
@ -356,7 +368,9 @@ async function getProsodyConfig (options: RegisterServerOptionsV5): Promise<Pros

  config.useManageRoomsApi(apikey)
  config.usePeertubeVCards(basePeertubeUrl)
-  config.useAnonymousRandomVCards(paths.avatars, paths.avatarsFiles)
+  if (paths.avatars && paths.avatarsFiles) {
+    config.useAnonymousRandomVCards(paths.avatars, paths.avatarsFiles)
+  }

  if (useBots) {
    config.useBotsVirtualHost(paths.botAvatars, paths.botAvatarsFiles)
@ -368,6 +382,13 @@ async function getProsodyConfig (options: RegisterServerOptionsV5): Promise<Pros

  config.usePoll()

+  if (settings['prosody-firewall-enabled'] === true) {
+    const modFirewallFiles = await listModFirewallFiles(options, paths.modFirewallFiles)
+    // We load the module, even if there is no configuration file.
+    // So we will be sure that a Prosody reload is enought to take into account any change.
+    config.useModFirewall(modFirewallFiles)
+  }
+
  config.useTestModule(apikey, testApiUrl)

  const debugMucAdminJids = debugMucAdmins(options)
--- a/server/lib/prosody/config/content.ts
+++ b/server/lib/prosody/config/content.ts
@ -255,6 +255,11 @@ class ProsodyConfigContent {

    this.muc.add('modules_enabled', 'muc_moderation_delay')
    this.muc.set('moderation_delay_form_position', 118)
+
+    this.muc.add('modules_enabled', 'muc_anonymize_moderation_actions')
+    this.muc.set('anonymize_moderation_actions_form_position', 117)
+
+    this.muc.add('modules_enabled', 'muc_mam_search')
  }

  useAnonymous (autoBanIP: boolean): void {
@ -548,6 +553,15 @@ class ProsodyConfigContent {
    this.muc.set('poll_string_vote_instructions', loc('poll_vote_instructions_xmpp'))
  }

+  /**
+   * Enable mod_firewall.
+   * @param files file paths to load (ordered)
+   */
+  useModFirewall (files: string[]): void {
+    this.global.add('modules_enabled', 'firewall')
+    this.global.set('firewall_scripts', files)
+  }
+
  addMucAdmins (jids: string[]): void {
    for (const jid of jids) {
      this.muc.add('admins', jid)
--- a/server/lib/prosody/config/paths.ts
+++ b/server/lib/prosody/config/paths.ts
@ -12,8 +12,8 @@ interface ProsodyFilePaths {
  certs?: string
  certsDirIsCustom: boolean
  modules: string
-  avatars: string
-  avatarsFiles: string[]
+  avatars?: string
+  avatarsFiles?: string[]
  botAvatars: string
  botAvatarsFiles: string[]
  exec?: string
@ -22,6 +22,7 @@ interface ProsodyFilePaths {
  execCtlArgs: string[]
  appImageToExtract?: string
  appImageExtractPath: string
+  modFirewallFiles: string
 }

 export {