From 97890831db2f2a65e70e07b508f260ae50961030 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Sun, 15 Jan 2023 20:08:59 -0500 Subject: [PATCH 001/146] Create Dockerfile --- container/Dockerfile | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 container/Dockerfile diff --git a/container/Dockerfile b/container/Dockerfile new file mode 100644 index 0000000..b67624d --- /dev/null +++ b/container/Dockerfile @@ -0,0 +1,17 @@ +# Use the official lightweight Python image. +# https://hub.docker.com/_/python +FROM python:slim-bullseye + +# Copy local code to the container image. +ENV APP_HOME /app +WORKDIR $APP_HOME +COPY .. ./ + +# Install production dependencies. +RUN pip install . + +# Run the web service on container startup. Here we use the gunicorn +# webserver, with one worker process and 8 threads. +# For environments with multiple CPU cores, increase the number of workers +# to be equal to the cores available. +ENTRYPOINT ["fediblock-sync"] From ed40843cb9af1d1329a62ef51e4bd3c1b656b989 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Sun, 15 Jan 2023 20:13:13 -0500 Subject: [PATCH 002/146] Create .dockerignore --- container/.dockerignore | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 container/.dockerignore diff --git a/container/.dockerignore b/container/.dockerignore new file mode 100644 index 0000000..8c89c00 --- /dev/null +++ b/container/.dockerignore @@ -0,0 +1,6 @@ +Dockerfile +README.md +*.pyc +*.pyo +*.pyd +__pycache__ From 0f2339b481612e6e82c00691ff3d93b9bf62740b Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Sun, 15 Jan 2023 21:41:50 -0500 Subject: [PATCH 003/146] Create .dockerignore --- .dockerignore | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 .dockerignore diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..8c89c00 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,6 @@ +Dockerfile +README.md +*.pyc +*.pyo +*.pyd +__pycache__ From 49da3f192867fa07bdf32ee8f33df6c2de353102 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Sun, 15 Jan 2023 21:42:15 -0500 Subject: [PATCH 004/146] Delete .dockerignore --- container/.dockerignore | 6 ------ 1 file changed, 6 deletions(-) delete mode 100644 container/.dockerignore diff --git a/container/.dockerignore b/container/.dockerignore deleted file mode 100644 index 8c89c00..0000000 --- a/container/.dockerignore +++ /dev/null @@ -1,6 +0,0 @@ -Dockerfile -README.md -*.pyc -*.pyo -*.pyd -__pycache__ From b13a57d81c9faa8c48cc09fe2eb30941b23f345e Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Sun, 15 Jan 2023 21:43:15 -0500 Subject: [PATCH 005/146] Create Dockerfile --- Dockerfile | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 Dockerfile diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..9052aa3 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,17 @@ +# Use the official lightweight Python image. +# https://hub.docker.com/_/python +FROM python:slim-bullseye + +# Copy local code to the container image. +ENV APP_HOME /app +WORKDIR $APP_HOME +COPY . ./ + +# Install production dependencies. +RUN pip install . + +# Run the web service on container startup. Here we use the gunicorn +# webserver, with one worker process and 8 threads. +# For environments with multiple CPU cores, increase the number of workers +# to be equal to the cores available. +ENTRYPOINT ["fediblock-sync"] From 9a8f594afacf0856f966b73ca6f36e4fee4ce787 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Sun, 15 Jan 2023 21:43:38 -0500 Subject: [PATCH 006/146] Delete Dockerfile --- container/Dockerfile | 17 ----------------- 1 file changed, 17 deletions(-) delete mode 100644 container/Dockerfile diff --git a/container/Dockerfile b/container/Dockerfile deleted file mode 100644 index b67624d..0000000 --- a/container/Dockerfile +++ /dev/null @@ -1,17 +0,0 @@ -# Use the official lightweight Python image. -# https://hub.docker.com/_/python -FROM python:slim-bullseye - -# Copy local code to the container image. -ENV APP_HOME /app -WORKDIR $APP_HOME -COPY .. ./ - -# Install production dependencies. -RUN pip install . - -# Run the web service on container startup. Here we use the gunicorn -# webserver, with one worker process and 8 threads. -# For environments with multiple CPU cores, increase the number of workers -# to be equal to the cores available. -ENTRYPOINT ["fediblock-sync"] From ef53dee43dd5973d976c82358be2bc1e3759422d Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Sun, 15 Jan 2023 21:46:59 -0500 Subject: [PATCH 007/146] Update .dockerignore --- .dockerignore | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.dockerignore b/.dockerignore index 8c89c00..a78e7f7 100644 --- a/.dockerignore +++ b/.dockerignore @@ -1,5 +1,5 @@ Dockerfile -README.md +#README.md *.pyc *.pyo *.pyd From c0e6c6c0281e330b3e922a88082d6b546e71c5aa Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Sun, 15 Jan 2023 21:52:21 -0500 Subject: [PATCH 008/146] Update Dockerfile --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 9052aa3..a0ca53f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -5,7 +5,7 @@ FROM python:slim-bullseye # Copy local code to the container image. ENV APP_HOME /app WORKDIR $APP_HOME -COPY . ./ +COPY ./ ./ # Install production dependencies. RUN pip install . From ced460146b20558c220afadb1ab86159ee16a516 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Sun, 15 Jan 2023 21:57:48 -0500 Subject: [PATCH 009/146] Update Dockerfile --- Dockerfile | 1 + 1 file changed, 1 insertion(+) diff --git a/Dockerfile b/Dockerfile index a0ca53f..d75ef10 100644 --- a/Dockerfile +++ b/Dockerfile @@ -10,6 +10,7 @@ COPY ./ ./ # Install production dependencies. RUN pip install . +USER 1001 # Run the web service on container startup. Here we use the gunicorn # webserver, with one worker process and 8 threads. # For environments with multiple CPU cores, increase the number of workers From 6ec4c918d500b198ce3c316b1920dd7cf9574131 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 16 Jan 2023 10:36:37 -0500 Subject: [PATCH 010/146] Update Dockerfile --- Dockerfile | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index d75ef10..e6f2b9f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,18 +1,18 @@ # Use the official lightweight Python image. # https://hub.docker.com/_/python -FROM python:slim-bullseye +FROM python:slim # Copy local code to the container image. ENV APP_HOME /app WORKDIR $APP_HOME -COPY ./ ./ +#COPY ./ ./ # Install production dependencies. -RUN pip install . +RUN pip install fediblockhole USER 1001 # Run the web service on container startup. Here we use the gunicorn # webserver, with one worker process and 8 threads. # For environments with multiple CPU cores, increase the number of workers # to be equal to the cores available. -ENTRYPOINT ["fediblock-sync"] +#ENTRYPOINT ["fediblock-sync"] From 76db6295e12c80884a24d77333e14ca9235dba34 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 16 Jan 2023 16:00:47 -0500 Subject: [PATCH 011/146] Create .dockerignore --- container/.dockerignore | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 container/.dockerignore diff --git a/container/.dockerignore b/container/.dockerignore new file mode 100644 index 0000000..a78e7f7 --- /dev/null +++ b/container/.dockerignore @@ -0,0 +1,6 @@ +Dockerfile +#README.md +*.pyc +*.pyo +*.pyd +__pycache__ From 6501ad8c7c881a6e076b92735440ff7f1ba6464d Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 16 Jan 2023 16:01:48 -0500 Subject: [PATCH 012/146] Create Dockerfile --- container/Dockerfile | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 container/Dockerfile diff --git a/container/Dockerfile b/container/Dockerfile new file mode 100644 index 0000000..179d24d --- /dev/null +++ b/container/Dockerfile @@ -0,0 +1,17 @@ +# Use the official lightweight Python image. +# https://hub.docker.com/_/python +FROM python:slim + +# Copy local code to the container image. +ENV APP_HOME /app +WORKDIR $APP_HOME + +# Install production dependencies. +RUN pip install fediblockhole + +USER 1001 +# Run the web service on container startup. Here we use the gunicorn +# webserver, with one worker process and 8 threads. +# For environments with multiple CPU cores, increase the number of workers +# to be equal to the cores available. +ENTRYPOINT ["fediblock-sync"] From cb55a2850b126d56d331f5919576550686a8003d Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 16 Jan 2023 16:02:08 -0500 Subject: [PATCH 013/146] Delete .dockerignore --- .dockerignore | 6 ------ 1 file changed, 6 deletions(-) delete mode 100644 .dockerignore diff --git a/.dockerignore b/.dockerignore deleted file mode 100644 index a78e7f7..0000000 --- a/.dockerignore +++ /dev/null @@ -1,6 +0,0 @@ -Dockerfile -#README.md -*.pyc -*.pyo -*.pyd -__pycache__ From 5e0ac23df802d02a7e1e9d1683741072df48d7e5 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 16 Jan 2023 16:02:20 -0500 Subject: [PATCH 014/146] Delete Dockerfile --- Dockerfile | 18 ------------------ 1 file changed, 18 deletions(-) delete mode 100644 Dockerfile diff --git a/Dockerfile b/Dockerfile deleted file mode 100644 index e6f2b9f..0000000 --- a/Dockerfile +++ /dev/null @@ -1,18 +0,0 @@ -# Use the official lightweight Python image. -# https://hub.docker.com/_/python -FROM python:slim - -# Copy local code to the container image. -ENV APP_HOME /app -WORKDIR $APP_HOME -#COPY ./ ./ - -# Install production dependencies. -RUN pip install fediblockhole - -USER 1001 -# Run the web service on container startup. Here we use the gunicorn -# webserver, with one worker process and 8 threads. -# For environments with multiple CPU cores, increase the number of workers -# to be equal to the cores available. -#ENTRYPOINT ["fediblock-sync"] From 70b1ff32ff1f1fde3589fbf60ed5ef8756d02cd5 Mon Sep 17 00:00:00 2001 From: Justin Warren Date: Tue, 17 Jan 2023 09:04:34 +1100 Subject: [PATCH 015/146] Support a merge threshold level. Added a Blocklist object. Refactored tests to match changed code. --- src/fediblockhole/__init__.py | 70 +++++++++++++------ .../{blocklist_parser.py => blocklists.py} | 44 ++++++++++-- src/fediblockhole/const.py | 4 +- tests/test_mergeplan.py | 9 ++- tests/test_parser_csv.py | 54 +++++++------- tests/test_parser_json.py | 41 ++++++----- tests/test_parser_rapidblockcsv.py | 12 ++-- tests/test_parser_rapidblockjson.py | 32 ++++----- 8 files changed, 165 insertions(+), 101 deletions(-) rename src/fediblockhole/{blocklist_parser.py => blocklists.py} (87%) diff --git a/src/fediblockhole/__init__.py b/src/fediblockhole/__init__.py index 945e29c..893787d 100755 --- a/src/fediblockhole/__init__.py +++ b/src/fediblockhole/__init__.py @@ -11,7 +11,7 @@ import os.path import sys import urllib.request as urlr -from .blocklist_parser import parse_blocklist +from .blocklists import Blocklist, parse_blocklist from .const import DomainBlock, BlockSeverity from importlib.metadata import version @@ -178,41 +178,71 @@ def fetch_from_instances(blocklists: dict, sources: dict, save_intermediate_blocklist(blocklists[itemsrc], domain, savedir, export_fields) return blocklists -def merge_blocklists(blocklists: dict, mergeplan: str='max') -> dict: +def merge_blocklists(blocklists: list[Blocklist], mergeplan: str='max', threshold: int=0) -> dict: """Merge fetched remote blocklists into a bulk update @param blocklists: A dict of lists of DomainBlocks, keyed by source. Each value is a list of DomainBlocks @param mergeplan: An optional method of merging overlapping block definitions 'max' (the default) uses the highest severity block found 'min' uses the lowest severity block found + @param threshold: An integer percentage [0-100]. + If a domain is not present in this pct or more of the blocklists, + it will not get merged into the final list. @param returns: A dict of DomainBlocks keyed by domain """ merged = {} - for key, blist in blocklists.items(): - log.debug(f"processing blocklist from: {key} ...") - for newblock in blist: - domain = newblock.domain - # If the domain has two asterisks in it, it's obfuscated - # and we can't really use it, so skip it and do the next one - if '*' in domain: + num_blocklists = len(blocklists) + + # Create a domain keyed list of blocks for each domain + domain_blocks = {} + + for bl in blocklists: + for block in bl.values(): + if '*' in block.domain: log.debug(f"Domain '{domain}' is obfuscated. Skipping it.") continue - - elif domain in merged: - log.debug(f"Overlapping block for domain {domain}. Merging...") - blockdata = apply_mergeplan(merged[domain], newblock, mergeplan) - + elif block.domain in domain_blocks: + domain_blocks[block.domain].append(block) else: - # New block - blockdata = newblock + domain_blocks[block.domain] = [block,] - # end if - log.debug(f"blockdata is: {blockdata}") - merged[domain] = blockdata - # end for + # Only merge items if there are more than `threshold` pct of them + for domain in domain_blocks: + pct = len(domain_blocks[domain]) / num_blocklists + if pct >= threshold: + # Add first block in the list to merged + merged[domain] = domain_blocks[domain][0] + # Merge the others with this record + for block in domain_blocks[domain][1:]: + merged[domain] = apply_mergeplan(merged[domain], block, mergeplan) + return merged + # for key, blist in blocklists.items(): + # log.debug(f"processing blocklist from: {key} ...") + # for newblock in blist: + # domain = newblock.domain + # # If the domain has two asterisks in it, it's obfuscated + # # and we can't really use it, so skip it and do the next one + # if '*' in domain: + # log.debug(f"Domain '{domain}' is obfuscated. Skipping it.") + # continue + + # elif domain in merged: + # log.debug(f"Overlapping block for domain {domain}. Merging...") + # blockdata = apply_mergeplan(merged[domain], newblock, mergeplan) + + # else: + # # New block + # blockdata = newblock + + # # end if + # log.debug(f"blockdata is: {blockdata}") + # merged[domain] = blockdata + # # end for + # return merged + def apply_mergeplan(oldblock: DomainBlock, newblock: DomainBlock, mergeplan: str='max') -> dict: """Use a mergeplan to decide how to merge two overlapping block definitions diff --git a/src/fediblockhole/blocklist_parser.py b/src/fediblockhole/blocklists.py similarity index 87% rename from src/fediblockhole/blocklist_parser.py rename to src/fediblockhole/blocklists.py index d5d8394..33b71a2 100644 --- a/src/fediblockhole/blocklist_parser.py +++ b/src/fediblockhole/blocklists.py @@ -1,14 +1,42 @@ """Parse various blocklist data formats """ -from typing import Iterable -from .const import DomainBlock, BlockSeverity - import csv import json +from typing import Iterable +from dataclasses import dataclass, field + +from .const import DomainBlock, BlockSeverity import logging log = logging.getLogger('fediblockhole') +@dataclass +class Blocklist: + """ A Blocklist object + + A Blocklist is a list of DomainBlocks from an origin + """ + origin: str = None + blocks: dict[str, DomainBlock] = field(default_factory=dict) + + def __len__(self): + return len(self.blocks) + + def __class_getitem__(cls, item): + return dict[str, DomainBlock] + + def __getitem__(self, item): + return self.blocks[item] + + def __iter__(self): + return self.blocks.__iter__() + + def items(self): + return self.blocks.items() + + def values(self): + return self.blocks.values() + class BlocklistParser(object): """ Base class for parsing blocklists @@ -30,7 +58,7 @@ class BlocklistParser(object): """ raise NotImplementedError - def parse_blocklist(self, blockdata) -> dict[DomainBlock]: + def parse_blocklist(self, blockdata, origin:str=None) -> Blocklist: """Parse an iterable of blocklist items @param blocklist: An Iterable of blocklist items @returns: A dict of DomainBlocks, keyed by domain @@ -38,9 +66,10 @@ class BlocklistParser(object): if self.preparse: blockdata = self.preparse(blockdata) - parsed_list = [] + parsed_list = Blocklist(origin) for blockitem in blockdata: - parsed_list.append(self.parse_item(blockitem)) + block = self.parse_item(blockitem) + parsed_list.blocks[block.domain] = block return parsed_list def parse_item(self, blockitem) -> DomainBlock: @@ -178,6 +207,7 @@ FORMAT_PARSERS = { # helper function to select the appropriate Parser def parse_blocklist( blockdata, + origin, format="csv", import_fields: list=['domain', 'severity'], max_severity: str='suspend'): @@ -185,4 +215,4 @@ def parse_blocklist( """ parser = FORMAT_PARSERS[format](import_fields, max_severity) log.debug(f"parsing {format} blocklist with import_fields: {import_fields}...") - return parser.parse_blocklist(blockdata) \ No newline at end of file + return parser.parse_blocklist(blockdata, origin) \ No newline at end of file diff --git a/src/fediblockhole/const.py b/src/fediblockhole/const.py index 93cf2ef..7ed9f48 100644 --- a/src/fediblockhole/const.py +++ b/src/fediblockhole/const.py @@ -123,7 +123,8 @@ class DomainBlock(object): reject_media: bool=False, reject_reports: bool=False, obfuscate: bool=False, - id: int=None): + id: int=None, + count: int=0): """Initialize the DomainBlock """ self.domain = domain @@ -134,6 +135,7 @@ class DomainBlock(object): self.reject_reports = reject_reports self.obfuscate = obfuscate self.id = id + self.count = 0 @property def severity(self): diff --git a/tests/test_mergeplan.py b/tests/test_mergeplan.py index 55f3914..42d2816 100644 --- a/tests/test_mergeplan.py +++ b/tests/test_mergeplan.py @@ -1,7 +1,7 @@ """Various mergeplan tests """ -from fediblockhole.blocklist_parser import parse_blocklist +from fediblockhole.blocklists import parse_blocklist from fediblockhole import merge_blocklists, merge_comments, apply_mergeplan from fediblockhole.const import SeverityLevel, DomainBlock @@ -22,20 +22,19 @@ import_fields = [ def load_test_blocklist_data(datafiles): - blocklists = {} + blocklists = [] for df in datafiles: with open(df) as fp: data = fp.read() - bl = parse_blocklist(data, 'csv', import_fields) - blocklists[df] = bl + bl = parse_blocklist(data, df, 'csv', import_fields) + blocklists.append(bl) return blocklists def test_mergeplan_max(): """Test 'max' mergeplan""" blocklists = load_test_blocklist_data([datafile01, datafile02]) - bl = merge_blocklists(blocklists, 'max') assert len(bl) == 13 diff --git a/tests/test_parser_csv.py b/tests/test_parser_csv.py index c817e16..703fe95 100644 --- a/tests/test_parser_csv.py +++ b/tests/test_parser_csv.py @@ -1,22 +1,24 @@ """Tests of the CSV parsing """ -from fediblockhole.blocklist_parser import BlocklistParserCSV, parse_blocklist -from fediblockhole.const import DomainBlock, BlockSeverity, SeverityLevel +from fediblockhole.blocklists import BlocklistParserCSV, parse_blocklist +from fediblockhole.const import SeverityLevel def test_single_line(): csvdata = "example.org" + origin = "csvfile" parser = BlocklistParserCSV() - bl = parser.parse_blocklist(csvdata) + bl = parser.parse_blocklist(csvdata, origin) assert len(bl) == 0 def test_header_only(): csvdata = "domain,severity,public_comment" + origin = "csvfile" parser = BlocklistParserCSV() - bl = parser.parse_blocklist(csvdata) + bl = parser.parse_blocklist(csvdata, origin) assert len(bl) == 0 def test_2_blocks(): @@ -24,12 +26,13 @@ def test_2_blocks(): example.org,silence example2.org,suspend """ + origin = "csvfile" parser = BlocklistParserCSV() - bl = parser.parse_blocklist(csvdata) + bl = parser.parse_blocklist(csvdata, origin) assert len(bl) == 2 - assert bl[0].domain == 'example.org' + assert 'example.org' in bl def test_4_blocks(): csvdata = """domain,severity,public_comment @@ -38,20 +41,21 @@ example2.org,suspend,"test 2" example3.org,noop,"test 3" example4.org,suspend,"test 4" """ + origin = "csvfile" parser = BlocklistParserCSV() - bl = parser.parse_blocklist(csvdata) + bl = parser.parse_blocklist(csvdata, origin) assert len(bl) == 4 - assert bl[0].domain == 'example.org' - assert bl[1].domain == 'example2.org' - assert bl[2].domain == 'example3.org' - assert bl[3].domain == 'example4.org' + assert 'example.org' in bl + assert 'example2.org' in bl + assert 'example3.org' in bl + assert 'example4.org' in bl - assert bl[0].severity.level == SeverityLevel.SILENCE - assert bl[1].severity.level == SeverityLevel.SUSPEND - assert bl[2].severity.level == SeverityLevel.NONE - assert bl[3].severity.level == SeverityLevel.SUSPEND + assert bl['example.org'].severity.level == SeverityLevel.SILENCE + assert bl['example2.org'].severity.level == SeverityLevel.SUSPEND + assert bl['example3.org'].severity.level == SeverityLevel.NONE + assert bl['example4.org'].severity.level == SeverityLevel.SUSPEND def test_ignore_comments(): csvdata = """domain,severity,public_comment,private_comment @@ -60,18 +64,18 @@ example2.org,suspend,"test 2","ignote me also" example3.org,noop,"test 3","and me" example4.org,suspend,"test 4","also me" """ + origin = "csvfile" parser = BlocklistParserCSV() - bl = parser.parse_blocklist(csvdata) + bl = parser.parse_blocklist(csvdata, origin) assert len(bl) == 4 - assert bl[0].domain == 'example.org' - assert bl[1].domain == 'example2.org' - assert bl[2].domain == 'example3.org' - assert bl[3].domain == 'example4.org' + assert 'example.org' in bl + assert 'example2.org' in bl + assert 'example3.org' in bl + assert 'example4.org' in bl - assert bl[0].public_comment == '' - assert bl[0].private_comment == '' - - assert bl[2].public_comment == '' - assert bl[2].private_comment == '' \ No newline at end of file + assert bl['example.org'].public_comment == '' + assert bl['example.org'].private_comment == '' + assert bl['example3.org'].public_comment == '' + assert bl['example4.org'].private_comment == '' \ No newline at end of file diff --git a/tests/test_parser_json.py b/tests/test_parser_json.py index 8bf17df..b2fb0a1 100644 --- a/tests/test_parser_json.py +++ b/tests/test_parser_json.py @@ -1,8 +1,8 @@ """Tests of the CSV parsing """ -from fediblockhole.blocklist_parser import BlocklistParserJSON, parse_blocklist -from fediblockhole.const import DomainBlock, BlockSeverity, SeverityLevel +from fediblockhole.blocklists import BlocklistParserJSON, parse_blocklist +from fediblockhole.const import SeverityLevel datafile = 'data-mastodon.json' @@ -14,33 +14,32 @@ def test_json_parser(): data = load_data() parser = BlocklistParserJSON() - bl = parser.parse_blocklist(data) + bl = parser.parse_blocklist(data, 'test_json') assert len(bl) == 10 - assert bl[0].domain == 'example.org' - assert bl[1].domain == 'example2.org' - assert bl[2].domain == 'example3.org' - assert bl[3].domain == 'example4.org' + assert 'example.org' in bl + assert 'example2.org' in bl + assert 'example3.org' in bl + assert 'example4.org' in bl - assert bl[0].severity.level == SeverityLevel.SUSPEND - assert bl[1].severity.level == SeverityLevel.SILENCE - assert bl[2].severity.level == SeverityLevel.SUSPEND - assert bl[3].severity.level == SeverityLevel.NONE + assert bl['example.org'].severity.level == SeverityLevel.SUSPEND + assert bl['example2.org'].severity.level == SeverityLevel.SILENCE + assert bl['example3.org'].severity.level == SeverityLevel.SUSPEND + assert bl['example4.org'].severity.level == SeverityLevel.NONE def test_ignore_comments(): data = load_data() parser = BlocklistParserJSON() - bl = parser.parse_blocklist(data) + bl = parser.parse_blocklist(data, 'test_json') assert len(bl) == 10 - assert bl[0].domain == 'example.org' - assert bl[1].domain == 'example2.org' - assert bl[2].domain == 'example3.org' - assert bl[3].domain == 'example4.org' + assert 'example.org' in bl + assert 'example2.org' in bl + assert 'example3.org' in bl + assert 'example4.org' in bl - assert bl[0].public_comment == '' - assert bl[0].private_comment == '' - - assert bl[2].public_comment == '' - assert bl[2].private_comment == '' \ No newline at end of file + assert bl['example.org'].public_comment == '' + assert bl['example.org'].private_comment == '' + assert bl['example3.org'].public_comment == '' + assert bl['example4.org'].private_comment == '' \ No newline at end of file diff --git a/tests/test_parser_rapidblockcsv.py b/tests/test_parser_rapidblockcsv.py index edb8d1e..65d579d 100644 --- a/tests/test_parser_rapidblockcsv.py +++ b/tests/test_parser_rapidblockcsv.py @@ -1,7 +1,7 @@ """Tests of the Rapidblock CSV parsing """ -from fediblockhole.blocklist_parser import RapidBlockParserCSV, parse_blocklist +from fediblockhole.blocklists import RapidBlockParserCSV, parse_blocklist from fediblockhole.const import DomainBlock, BlockSeverity, SeverityLevel csvdata = """example.org\r\nsubdomain.example.org\r\nanotherdomain.org\r\ndomain4.org\r\n""" @@ -11,13 +11,13 @@ def test_basic_rapidblock(): bl = parser.parse_blocklist(csvdata) assert len(bl) == 4 - assert bl[0].domain == 'example.org' - assert bl[1].domain == 'subdomain.example.org' - assert bl[2].domain == 'anotherdomain.org' - assert bl[3].domain == 'domain4.org' + assert 'example.org' in bl + assert 'subdomain.example.org' in bl + assert 'anotherdomain.org' in bl + assert 'domain4.org' in bl def test_severity_is_suspend(): bl = parser.parse_blocklist(csvdata) - for block in bl: + for block in bl.values(): assert block.severity.level == SeverityLevel.SUSPEND \ No newline at end of file diff --git a/tests/test_parser_rapidblockjson.py b/tests/test_parser_rapidblockjson.py index 8ccca0f..ad13811 100644 --- a/tests/test_parser_rapidblockjson.py +++ b/tests/test_parser_rapidblockjson.py @@ -1,6 +1,6 @@ """Test parsing the RapidBlock JSON format """ -from fediblockhole.blocklist_parser import parse_blocklist +from fediblockhole.blocklists import parse_blocklist from fediblockhole.const import SeverityLevel @@ -9,26 +9,26 @@ rapidblockjson = "data-rapidblock.json" def test_parse_rapidblock_json(): with open(rapidblockjson) as fp: data = fp.read() - bl = parse_blocklist(data, 'rapidblock.json') + bl = parse_blocklist(data, 'pytest', 'rapidblock.json') - assert bl[0].domain == '101010.pl' - assert bl[0].severity.level == SeverityLevel.SUSPEND - assert bl[0].public_comment == '' + assert '101010.pl' in bl + assert bl['101010.pl'].severity.level == SeverityLevel.SUSPEND + assert bl['101010.pl'].public_comment == '' - assert bl[10].domain == 'berserker.town' - assert bl[10].severity.level == SeverityLevel.SUSPEND - assert bl[10].public_comment == '' - assert bl[10].private_comment == '' + assert 'berserker.town' in bl + assert bl['berserker.town'].severity.level == SeverityLevel.SUSPEND + assert bl['berserker.town'].public_comment == '' + assert bl['berserker.town'].private_comment == '' def test_parse_with_comments(): with open(rapidblockjson) as fp: data = fp.read() - bl = parse_blocklist(data, 'rapidblock.json', ['domain', 'severity', 'public_comment', 'private_comment']) + bl = parse_blocklist(data, 'pytest', 'rapidblock.json', ['domain', 'severity', 'public_comment', 'private_comment']) - assert bl[0].domain == '101010.pl' - assert bl[0].severity.level == SeverityLevel.SUSPEND - assert bl[0].public_comment == 'cryptomining javascript, white supremacy' + assert '101010.pl' in bl + assert bl['101010.pl'].severity.level == SeverityLevel.SUSPEND + assert bl['101010.pl'].public_comment == 'cryptomining javascript, white supremacy' - assert bl[10].domain == 'berserker.town' - assert bl[10].severity.level == SeverityLevel.SUSPEND - assert bl[10].public_comment == 'freeze peach' \ No newline at end of file + assert 'berserker.town' in bl + assert bl['berserker.town'].severity.level == SeverityLevel.SUSPEND + assert bl['berserker.town'].public_comment == 'freeze peach' \ No newline at end of file From e0207c437116883aa4b022fbb447cea5b3d0fec7 Mon Sep 17 00:00:00 2001 From: Justin Warren Date: Sun, 22 Jan 2023 09:01:30 +1100 Subject: [PATCH 016/146] Remove unnecessary `count` from DomainBlock object. --- src/fediblockhole/const.py | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/src/fediblockhole/const.py b/src/fediblockhole/const.py index 7ed9f48..93cf2ef 100644 --- a/src/fediblockhole/const.py +++ b/src/fediblockhole/const.py @@ -123,8 +123,7 @@ class DomainBlock(object): reject_media: bool=False, reject_reports: bool=False, obfuscate: bool=False, - id: int=None, - count: int=0): + id: int=None): """Initialize the DomainBlock """ self.domain = domain @@ -135,7 +134,6 @@ class DomainBlock(object): self.reject_reports = reject_reports self.obfuscate = obfuscate self.id = id - self.count = 0 @property def severity(self): From c018ebdf35be73eacf71887206b393612b64fb42 Mon Sep 17 00:00:00 2001 From: Justin Warren Date: Sun, 22 Jan 2023 09:02:03 +1100 Subject: [PATCH 017/146] Add merge thresholds to merge_blocklists() --- src/fediblockhole/__init__.py | 25 +++++++++++++++++++------ 1 file changed, 19 insertions(+), 6 deletions(-) diff --git a/src/fediblockhole/__init__.py b/src/fediblockhole/__init__.py index e95aa97..9be1b78 100755 --- a/src/fediblockhole/__init__.py +++ b/src/fediblockhole/__init__.py @@ -180,16 +180,23 @@ def fetch_from_instances(blocklists: dict, sources: dict, save_intermediate_blocklist(blocklists[itemsrc], domain, savedir, export_fields) return blocklists -def merge_blocklists(blocklists: list[Blocklist], mergeplan: str='max', threshold: int=0) -> dict: +def merge_blocklists(blocklists: list[Blocklist], mergeplan: str='max', + threshold: int=0, + threshold_type: str='count') -> dict: """Merge fetched remote blocklists into a bulk update @param blocklists: A dict of lists of DomainBlocks, keyed by source. Each value is a list of DomainBlocks @param mergeplan: An optional method of merging overlapping block definitions 'max' (the default) uses the highest severity block found 'min' uses the lowest severity block found - @param threshold: An integer percentage [0-100]. - If a domain is not present in this pct or more of the blocklists, + @param threshold: An integer used in the threshold mechanism. + If a domain is not present in this number/pct or more of the blocklists, it will not get merged into the final list. + @param threshold_type: choice of ['count', 'pct'] + If `count`, threshold is met if block is present in `threshold` + or more blocklists. + If `pct`, theshold is met if block is present in + count_of_mentions / number_of_blocklists. @param returns: A dict of DomainBlocks keyed by domain """ merged = {} @@ -209,10 +216,16 @@ def merge_blocklists(blocklists: list[Blocklist], mergeplan: str='max', threshol else: domain_blocks[block.domain] = [block,] - # Only merge items if there are more than `threshold` pct of them + # Only merge items if `threshold` is met or exceeded for domain in domain_blocks: - pct = len(domain_blocks[domain]) / num_blocklists - if pct >= threshold: + if threshold_type == 'count': + domain_threshold_level = len(domain_blocks[domain]) + elif threshold_type == 'pct': + domain_threshold_level = len(domain_blocks[domain]) / num_blocklists + else: + raise ValueError(f"Unsupported threshold type '{threshold_type}'. Supported values are: 'count', 'pct'") + + if domain_threshold_level >= threshold: # Add first block in the list to merged merged[domain] = domain_blocks[domain][0] # Merge the others with this record From e2be9b730681a0746f49e556474c414a1088f85a Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Sat, 21 Jan 2023 18:55:14 -0500 Subject: [PATCH 018/146] Create cronjob-fediblockhole.yaml --- chart/templates/cronjob-fediblockhole.yaml | 34 ++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 chart/templates/cronjob-fediblockhole.yaml diff --git a/chart/templates/cronjob-fediblockhole.yaml b/chart/templates/cronjob-fediblockhole.yaml new file mode 100644 index 0000000..e4b6cc7 --- /dev/null +++ b/chart/templates/cronjob-fediblockhole.yaml @@ -0,0 +1,34 @@ +{{ if .Values.fediblockhole.cron.sync.enabled -}} +apiVersion: batch/v1 +kind: CronJob +metadata: + name: {{ include "fediblockhole.fullname" . }}-sync + labels: + {{- include "fediblockhole.labels" . | nindent 4 }} +spec: + schedule: {{ .Values.fediblockhole.cron.sync.schedule }} + jobTemplate: + spec: + template: + metadata: + name: {{ include "fediblockhole.fullname" . }}-sync + {{- with .Values.jobAnnotations }} + annotations: + {{- toYaml . | nindent 12 }} + {{- end }} + spec: + restartPolicy: OnFailure + containers: + - name: {{ include "fediblockhole.fullname" . }}-sync + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} +# command: +# - fediblock +# - -c +# - remove + envFrom: + - configMapRef: + name: {{ include "fediblockhole.fullname" . }}-env + - secretRef: + name: {{ template "fediblockhole.secretName" . }} +{{- end }} From 3a567a7f9e0175ca363959119abf7a0eadee189c Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Sat, 21 Jan 2023 18:56:35 -0500 Subject: [PATCH 019/146] Create cronjob-fediblock-sync.yaml --- chart/templates/cronjob-fediblock-sync.yaml | 34 +++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 chart/templates/cronjob-fediblock-sync.yaml diff --git a/chart/templates/cronjob-fediblock-sync.yaml b/chart/templates/cronjob-fediblock-sync.yaml new file mode 100644 index 0000000..e4b6cc7 --- /dev/null +++ b/chart/templates/cronjob-fediblock-sync.yaml @@ -0,0 +1,34 @@ +{{ if .Values.fediblockhole.cron.sync.enabled -}} +apiVersion: batch/v1 +kind: CronJob +metadata: + name: {{ include "fediblockhole.fullname" . }}-sync + labels: + {{- include "fediblockhole.labels" . | nindent 4 }} +spec: + schedule: {{ .Values.fediblockhole.cron.sync.schedule }} + jobTemplate: + spec: + template: + metadata: + name: {{ include "fediblockhole.fullname" . }}-sync + {{- with .Values.jobAnnotations }} + annotations: + {{- toYaml . | nindent 12 }} + {{- end }} + spec: + restartPolicy: OnFailure + containers: + - name: {{ include "fediblockhole.fullname" . }}-sync + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} +# command: +# - fediblock +# - -c +# - remove + envFrom: + - configMapRef: + name: {{ include "fediblockhole.fullname" . }}-env + - secretRef: + name: {{ template "fediblockhole.secretName" . }} +{{- end }} From 74ab98c4730596bc962159fabcff29d907054ed2 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Sat, 21 Jan 2023 18:56:50 -0500 Subject: [PATCH 020/146] Delete cronjob-fediblockhole.yaml --- chart/templates/cronjob-fediblockhole.yaml | 34 ---------------------- 1 file changed, 34 deletions(-) delete mode 100644 chart/templates/cronjob-fediblockhole.yaml diff --git a/chart/templates/cronjob-fediblockhole.yaml b/chart/templates/cronjob-fediblockhole.yaml deleted file mode 100644 index e4b6cc7..0000000 --- a/chart/templates/cronjob-fediblockhole.yaml +++ /dev/null @@ -1,34 +0,0 @@ -{{ if .Values.fediblockhole.cron.sync.enabled -}} -apiVersion: batch/v1 -kind: CronJob -metadata: - name: {{ include "fediblockhole.fullname" . }}-sync - labels: - {{- include "fediblockhole.labels" . | nindent 4 }} -spec: - schedule: {{ .Values.fediblockhole.cron.sync.schedule }} - jobTemplate: - spec: - template: - metadata: - name: {{ include "fediblockhole.fullname" . }}-sync - {{- with .Values.jobAnnotations }} - annotations: - {{- toYaml . | nindent 12 }} - {{- end }} - spec: - restartPolicy: OnFailure - containers: - - name: {{ include "fediblockhole.fullname" . }}-sync - image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} -# command: -# - fediblock -# - -c -# - remove - envFrom: - - configMapRef: - name: {{ include "fediblockhole.fullname" . }}-env - - secretRef: - name: {{ template "fediblockhole.secretName" . }} -{{- end }} From 2ae713f2285008a18ca6622c9ef8ff629c112aef Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Sat, 21 Jan 2023 19:09:08 -0500 Subject: [PATCH 021/146] Create values.yaml --- chart/values.yaml | 70 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 70 insertions(+) create mode 100644 chart/values.yaml diff --git a/chart/values.yaml b/chart/values.yaml new file mode 100644 index 0000000..dee498d --- /dev/null +++ b/chart/values.yaml @@ -0,0 +1,70 @@ +image: + repository: ghcr.io/cunningpike/fediblockhole + # https://hub.docker.com/r/tootsuite/mastodon/tags + # + # alternatively, use `latest` for the latest release or `edge` for the image + # built from the most recent commit + # + # tag: latest + tag: "" + # use `Always` when using `latest` tag + pullPolicy: IfNotPresent + +fediblockhole: + cron: + # -- run `tootctl media remove` every week + sync: + # @ignored + enabled: false + # @ignored + schedule: "0 * * * *" + # these must be set manually; autogenerated keys are rotated on each upgrade + secrets: + secret_key_base: "" + otp_secret: "" + vapid: + private_key: "" + public_key: "" + # -- you can also specify the name of an existing Secret + # with keys SECRET_KEY_BASE and OTP_SECRET and + # VAPID_PRIVATE_KEY and VAPID_PUBLIC_KEY + existingSecret: "" +# if you manually change the UID/GID environment variables, ensure these values +# match: +podSecurityContext: + runAsUser: 991 + runAsGroup: 991 + fsGroup: 991 + +# @ignored +securityContext: {} + +# -- Kubernetes manages pods for jobs and pods for deployments differently, so you might +# need to apply different annotations to the two different sets of pods. The annotations +# set with podAnnotations will be added to all deployment-managed pods. +podAnnotations: {} + +# -- The annotations set with jobAnnotations will be added to all job pods. +jobAnnotations: {} + +# -- Default resources for all Deployments and jobs unless overwritten +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +# @ignored +nodeSelector: {} + +# @ignored +tolerations: [] + +# -- Affinity for all pods unless overwritten +affinity: {} From 0e0f091fbc0e8c903ab54ea134d8dd64b5686357 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Sat, 21 Jan 2023 19:10:16 -0500 Subject: [PATCH 022/146] Create .helmignore --- chart/.helmignore | 37 +++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) create mode 100644 chart/.helmignore diff --git a/chart/.helmignore b/chart/.helmignore new file mode 100644 index 0000000..0cbed47 --- /dev/null +++ b/chart/.helmignore @@ -0,0 +1,37 @@ +# A helm chart's templates and default values can be packaged into a .tgz file. +# When doing that, not everything should be bundled into the .tgz file. This +# file describes what to not bundle. +# +# Manually added by us +# -------------------- +# +dev-values.yaml +mastodon-*.tgz + + +# Boilerplate .helmignore from `helm create mastodon` +# --------------------------------------------------- +# +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ From da4cec415ef4d712cab60e5b8c58c31730d9620f Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Sat, 21 Jan 2023 19:15:09 -0500 Subject: [PATCH 023/146] Create Chart.yaml --- chart/Chart.yaml | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 chart/Chart.yaml diff --git a/chart/Chart.yaml b/chart/Chart.yaml new file mode 100644 index 0000000..b2196f9 --- /dev/null +++ b/chart/Chart.yaml @@ -0,0 +1,23 @@ +apiVersion: v2 +name: fediblockhole +description: FediBlockHole is a tool for keeping a Mastodon instance blocklist synchronised with remote lists. + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.0.1 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +appVersion: v0.4.1 From ceec807d9206c8e6caa15720a0cf69ac31e221a2 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Sat, 21 Jan 2023 19:18:24 -0500 Subject: [PATCH 024/146] Update values.yaml --- chart/values.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/chart/values.yaml b/chart/values.yaml index dee498d..43b3838 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -11,8 +11,10 @@ image: pullPolicy: IfNotPresent fediblockhole: + # location of the configuration file. Default is /etc/default/fediblockhole.conf.toml + conf_file: "" cron: - # -- run `tootctl media remove` every week + # -- run `fediblock-sync` every hour sync: # @ignored enabled: false From 51b0332873ca6ad9c6636da21965542720a661e3 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Sat, 21 Jan 2023 19:20:16 -0500 Subject: [PATCH 025/146] Update cronjob-fediblock-sync.yaml --- chart/templates/cronjob-fediblock-sync.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/chart/templates/cronjob-fediblock-sync.yaml b/chart/templates/cronjob-fediblock-sync.yaml index e4b6cc7..ed10c95 100644 --- a/chart/templates/cronjob-fediblock-sync.yaml +++ b/chart/templates/cronjob-fediblock-sync.yaml @@ -22,10 +22,10 @@ spec: - name: {{ include "fediblockhole.fullname" . }}-sync image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" imagePullPolicy: {{ .Values.image.pullPolicy }} -# command: -# - fediblock -# - -c -# - remove + command: + - fediblock + - -c + - {{ .Values.fediblockhole.conf_file }} envFrom: - configMapRef: name: {{ include "fediblockhole.fullname" . }}-env From 1bd572671be91aa5cf81aac1b3d8b9b2c29e8aed Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Sat, 21 Jan 2023 19:28:56 -0500 Subject: [PATCH 026/146] Update cronjob-fediblock-sync.yaml --- chart/templates/cronjob-fediblock-sync.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/chart/templates/cronjob-fediblock-sync.yaml b/chart/templates/cronjob-fediblock-sync.yaml index ed10c95..e3f87d1 100644 --- a/chart/templates/cronjob-fediblock-sync.yaml +++ b/chart/templates/cronjob-fediblock-sync.yaml @@ -31,4 +31,8 @@ spec: name: {{ include "fediblockhole.fullname" . }}-env - secretRef: name: {{ template "fediblockhole.secretName" . }} + volumeMounts: + - name: config + mountPath: "path/in/the/pod/where/to/mount/the/file" + subPath: file.conf {{- end }} From d7803dfd72f82283942d1d4c51456f9668b94852 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Sat, 21 Jan 2023 19:31:38 -0500 Subject: [PATCH 027/146] Update values.yaml --- chart/values.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/chart/values.yaml b/chart/values.yaml index 43b3838..88635a3 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -12,7 +12,9 @@ image: fediblockhole: # location of the configuration file. Default is /etc/default/fediblockhole.conf.toml - conf_file: "" + conf_file: + path: "" + filename: "" cron: # -- run `fediblock-sync` every hour sync: From 4492a0920adaf9ee6058d17a37e8d24db6b307cb Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Sat, 21 Jan 2023 19:44:38 -0500 Subject: [PATCH 028/146] Update cronjob-fediblock-sync.yaml --- chart/templates/cronjob-fediblock-sync.yaml | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/chart/templates/cronjob-fediblock-sync.yaml b/chart/templates/cronjob-fediblock-sync.yaml index e3f87d1..0d00df3 100644 --- a/chart/templates/cronjob-fediblock-sync.yaml +++ b/chart/templates/cronjob-fediblock-sync.yaml @@ -25,7 +25,7 @@ spec: command: - fediblock - -c - - {{ .Values.fediblockhole.conf_file }} + - {{ .Values.fediblockhole.conf_file.path }}{{ .Values.fediblockhole.conf_file.filename }} envFrom: - configMapRef: name: {{ include "fediblockhole.fullname" . }}-env @@ -33,6 +33,13 @@ spec: name: {{ template "fediblockhole.secretName" . }} volumeMounts: - name: config - mountPath: "path/in/the/pod/where/to/mount/the/file" - subPath: file.conf + mountPath: "{{ .Values.fediblockhole.conf_file.path }}" + subPath: {{ .Values.fediblockhole.conf_file.filename }} + volumes: + - name: config + configMap: + name: {{ include "fediblockhole.fullname" . }}-env + items: + - key: "{{ .Values.fediblockhole.conf_file.filename }}" + path: "{{ .Values.fediblockhole.conf_file.filename }}" {{- end }} From 71c03becaa34a12538655784781e9a98d6700d4b Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Sat, 21 Jan 2023 19:53:03 -0500 Subject: [PATCH 029/146] Create configmap-conf-toml --- chart/templates/configmap-conf-toml | 323 ++++++++++++++++++++++++++++ 1 file changed, 323 insertions(+) create mode 100644 chart/templates/configmap-conf-toml diff --git a/chart/templates/configmap-conf-toml b/chart/templates/configmap-conf-toml new file mode 100644 index 0000000..fae348e --- /dev/null +++ b/chart/templates/configmap-conf-toml @@ -0,0 +1,323 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "fediblockhole.fullname" . }}-conf-toml + labels: + {{- include "fediblockhole.labels" . | nindent 4 }} +data: + {{- if .Values.postgresql.enabled }} + DB_HOST: {{ template "mastodon.postgresql.fullname" . }} + DB_PORT: "5432" + {{- else }} + DB_HOST: {{ .Values.postgresql.postgresqlHostname }} + DB_PORT: {{ .Values.postgresql.postgresqlPort | default "5432" | quote }} + {{- end }} + DB_NAME: {{ .Values.postgresql.auth.database }} + DB_POOL: {{ include "mastodon.maxDbPool" . }} + DB_USER: {{ .Values.postgresql.auth.username }} + DEFAULT_LOCALE: {{ .Values.mastodon.locale }} + {{- if .Values.elasticsearch.enabled }} + ES_ENABLED: "true" + ES_HOST: {{ template "mastodon.elasticsearch.fullname" . }}-master-hl + ES_PORT: "9200" + {{- end }} + LOCAL_DOMAIN: {{ .Values.mastodon.local_domain }} + {{- with .Values.mastodon.web_domain }} + WEB_DOMAIN: {{ . }} + {{- end }} + {{- with .Values.mastodon.singleUserMode }} + SINGLE_USER_MODE: "true" + {{- end }} + {{- with .Values.mastodon.authorizedFetch }} + AUTHORIZED_FETCH: {{ . | quote }} + {{- end }} + # https://devcenter.heroku.com/articles/tuning-glibc-memory-behavior + MALLOC_ARENA_MAX: "2" + NODE_ENV: "production" + RAILS_ENV: "production" + {{- if .Values.redis.enabled }} + REDIS_HOST: {{ template "mastodon.redis.fullname" . }}-master + {{- else }} + REDIS_HOST: {{ required "When the redis chart is disabled .Values.redis.hostname is required" .Values.redis.hostname }} + {{- end }} + REDIS_PORT: {{ .Values.redis.port | default "6379" | quote }} + {{- if .Values.mastodon.s3.enabled }} + S3_BUCKET: {{ .Values.mastodon.s3.bucket }} + S3_ENABLED: "true" + S3_ENDPOINT: {{ .Values.mastodon.s3.endpoint }} + S3_HOSTNAME: {{ .Values.mastodon.s3.hostname }} + S3_PROTOCOL: "https" + {{- with .Values.mastodon.s3.region }} + S3_REGION: {{ . }} + {{- end }} + {{- with .Values.mastodon.s3.alias_host }} + S3_ALIAS_HOST: {{ .Values.mastodon.s3.alias_host}} + {{- end }} + {{- end }} + {{- with .Values.mastodon.smtp.auth_method }} + SMTP_AUTH_METHOD: {{ . }} + {{- end }} + {{- with .Values.mastodon.smtp.ca_file }} + SMTP_CA_FILE: {{ . }} + {{- end }} + {{- with .Values.mastodon.smtp.delivery_method }} + SMTP_DELIVERY_METHOD: {{ . }} + {{- end }} + {{- with .Values.mastodon.smtp.domain }} + SMTP_DOMAIN: {{ . }} + {{- end }} + {{- with .Values.mastodon.smtp.enable_starttls }} + SMTP_ENABLE_STARTTLS: {{ . | quote }} + {{- end }} + {{- with .Values.mastodon.smtp.enable_starttls_auto }} + SMTP_ENABLE_STARTTLS_AUTO: {{ . | quote }} + {{- end }} + {{- with .Values.mastodon.smtp.from_address }} + SMTP_FROM_ADDRESS: {{ . }} + {{- end }} + {{- with .Values.mastodon.smtp.login }} + SMTP_LOGIN: {{ . }} + {{- end }} + {{- with .Values.mastodon.smtp.openssl_verify_mode }} + SMTP_OPENSSL_VERIFY_MODE: {{ . }} + {{- end }} + {{- with .Values.mastodon.smtp.password }} + SMTP_PASSWORD: {{ . }} + {{- end }} + {{- with .Values.mastodon.smtp.port }} + SMTP_PORT: {{ . | quote }} + {{- end }} + {{- with .Values.mastodon.smtp.reply_to }} + SMTP_REPLY_TO: {{ . }} + {{- end }} + {{- with .Values.mastodon.smtp.server }} + SMTP_SERVER: {{ . }} + {{- end }} + {{- with .Values.mastodon.smtp.tls }} + SMTP_TLS: {{ . | quote }} + {{- end }} + STREAMING_CLUSTER_NUM: {{ .Values.mastodon.streaming.workers | quote }} + {{- with .Values.mastodon.streaming.base_url }} + STREAMING_API_BASE_URL: {{ . | quote }} + {{- end }} + {{- if .Values.externalAuth.oidc.enabled }} + OIDC_ENABLED: {{ .Values.externalAuth.oidc.enabled | quote }} + OIDC_DISPLAY_NAME: {{ .Values.externalAuth.oidc.display_name }} + OIDC_ISSUER: {{ .Values.externalAuth.oidc.issuer }} + OIDC_DISCOVERY: {{ .Values.externalAuth.oidc.discovery | quote }} + OIDC_SCOPE: {{ .Values.externalAuth.oidc.scope | quote }} + OIDC_UID_FIELD: {{ .Values.externalAuth.oidc.uid_field }} + OIDC_CLIENT_ID: {{ .Values.externalAuth.oidc.client_id }} + OIDC_CLIENT_SECRET: {{ .Values.externalAuth.oidc.client_secret }} + OIDC_REDIRECT_URI: {{ .Values.externalAuth.oidc.redirect_uri }} + OIDC_SECURITY_ASSUME_EMAIL_IS_VERIFIED: {{ .Values.externalAuth.oidc.assume_email_is_verified | quote }} + {{- with .Values.externalAuth.oidc.client_auth_method }} + OIDC_CLIENT_AUTH_METHOD: {{ . }} + {{- end }} + {{- with .Values.externalAuth.oidc.response_type }} + OIDC_RESPONSE_TYPE: {{ . }} + {{- end }} + {{- with .Values.externalAuth.oidc.response_mode }} + OIDC_RESPONSE_MODE: {{ . }} + {{- end }} + {{- with .Values.externalAuth.oidc.display }} + OIDC_DISPLAY: {{ . }} + {{- end }} + {{- with .Values.externalAuth.oidc.prompt }} + OIDC_PROMPT: {{ . }} + {{- end }} + {{- with .Values.externalAuth.oidc.send_nonce }} + OIDC_SEND_NONCE: {{ . }} + {{- end }} + {{- with .Values.externalAuth.oidc.send_scope_to_token_endpoint }} + OIDC_SEND_SCOPE_TO_TOKEN_ENDPOINT: {{ . | quote }} + {{- end }} + {{- with .Values.externalAuth.oidc.idp_logout_redirect_uri }} + OIDC_IDP_LOGOUT_REDIRECT_URI: {{ . }} + {{- end }} + {{- with .Values.externalAuth.oidc.http_scheme }} + OIDC_HTTP_SCHEME: {{ . }} + {{- end }} + {{- with .Values.externalAuth.oidc.host }} + OIDC_HOST: {{ . }} + {{- end }} + {{- with .Values.externalAuth.oidc.port }} + OIDC_PORT: {{ . }} + {{- end }} + {{- with .Values.externalAuth.oidc.jwks_uri }} + OIDC_JWKS_URI: {{ . }} + {{- end }} + {{- with .Values.externalAuth.oidc.auth_endpoint }} + OIDC_AUTH_ENDPOINT: {{ . }} + {{- end }} + {{- with .Values.externalAuth.oidc.token_endpoint }} + OIDC_TOKEN_ENDPOINT: {{ . }} + {{- end }} + {{- with .Values.externalAuth.oidc.user_info_endpoint }} + OIDC_USER_INFO_ENDPOINT: {{ . }} + {{- end }} + {{- with .Values.externalAuth.oidc.end_session_endpoint }} + OIDC_END_SESSION_ENDPOINT: {{ . }} + {{- end }} + {{- end }} + {{- if .Values.externalAuth.saml.enabled }} + SAML_ENABLED: {{ .Values.externalAuth.saml.enabled | quote }} + SAML_ACS_URL: {{ .Values.externalAuth.saml.acs_url }} + SAML_ISSUER: {{ .Values.externalAuth.saml.issuer }} + SAML_IDP_SSO_TARGET_URL: {{ .Values.externalAuth.saml.idp_sso_target_url }} + SAML_IDP_CERT: {{ .Values.externalAuth.saml.idp_cert | quote }} + {{- with .Values.externalAuth.saml.idp_cert_fingerprint }} + SAML_IDP_CERT_FINGERPRINT: {{ . | quote }} + {{- end }} + {{- with .Values.externalAuth.saml.name_identifier_format }} + SAML_NAME_IDENTIFIER_FORMAT: {{ . }} + {{- end }} + {{- with .Values.externalAuth.saml.cert }} + SAML_CERT: {{ . | quote }} + {{- end }} + {{- with .Values.externalAuth.saml.private_key }} + SAML_PRIVATE_KEY: {{ . | quote }} + {{- end }} + {{- with .Values.externalAuth.saml.want_assertion_signed }} + SAML_SECURITY_WANT_ASSERTION_SIGNED: {{ . | quote }} + {{- end }} + {{- with .Values.externalAuth.saml.want_assertion_encrypted }} + SAML_SECURITY_WANT_ASSERTION_ENCRYPTED: {{ . | quote }} + {{- end }} + {{- with .Values.externalAuth.saml.assume_email_is_verified }} + SAML_SECURITY_ASSUME_EMAIL_IS_VERIFIED: {{ . | quote }} + {{- end }} + {{- with .Values.externalAuth.saml.uid_attribute }} + SAML_UID_ATTRIBUTE: {{ . }} + {{- end }} + {{- with .Values.externalAuth.saml.attributes_statements.uid }} + SAML_ATTRIBUTES_STATEMENTS_UID: {{ . | quote }} + {{- end }} + {{- with .Values.externalAuth.saml.attributes_statements.email }} + SAML_ATTRIBUTES_STATEMENTS_EMAIL: {{ . | quote }} + {{- end }} + {{- with .Values.externalAuth.saml.attributes_statements.full_name }} + SAML_ATTRIBUTES_STATEMENTS_FULL_NAME: {{ . | quote }} + {{- end }} + {{- with .Values.externalAuth.saml.attributes_statements.first_name }} + SAML_ATTRIBUTES_STATEMENTS_FIRST_NAME: {{ . | quote }} + {{- end }} + {{- with .Values.externalAuth.saml.attributes_statements.last_name }} + SAML_ATTRIBUTES_STATEMENTS_LAST_NAME: {{ . | quote }} + {{- end }} + {{- with .Values.externalAuth.saml.attributes_statements.verified }} + SAML_ATTRIBUTES_STATEMENTS_VERIFIED: {{ . | quote }} + {{- end }} + {{- with .Values.externalAuth.saml.attributes_statements.verified_email }} + SAML_ATTRIBUTES_STATEMENTS_VERIFIED_EMAIL: {{ . | quote }} + {{- end }} + {{- end }} + {{- with .Values.externalAuth.oauth_global.omniauth_only }} + OMNIAUTH_ONLY: {{ . | quote }} + {{- end }} + {{- if .Values.externalAuth.cas.enabled }} + CAS_ENABLED: {{ .Values.externalAuth.cas.enabled | quote }} + CAS_URL: {{ .Values.externalAuth.cas.url }} + CAS_HOST: {{ .Values.externalAuth.cas.host }} + CAS_PORT: {{ .Values.externalAuth.cas.port }} + CAS_SSL: {{ .Values.externalAuth.cas.ssl | quote }} + {{- with .Values.externalAuth.cas.validate_url }} + CAS_VALIDATE_URL: {{ . }} + {{- end }} + {{- with .Values.externalAuth.cas.callback_url }} + CAS_CALLBACK_URL: {{ . }} + {{- end }} + {{- with .Values.externalAuth.cas.logout_url }} + CAS_LOGOUT_URL: {{ . }} + {{- end }} + {{- with .Values.externalAuth.cas.login_url }} + CAS_LOGIN_URL: {{ . }} + {{- end }} + {{- with .Values.externalAuth.cas.uid_field }} + CAS_UID_FIELD: {{ . | quote }} + {{- end }} + {{- with .Values.externalAuth.cas.ca_path }} + CAS_CA_PATH: {{ . }} + {{- end }} + {{- with .Values.externalAuth.cas.disable_ssl_verification }} + CAS_DISABLE_SSL_VERIFICATION: {{ . | quote }} + {{- end }} + {{- with .Values.externalAuth.cas.assume_email_is_verified }} + CAS_SECURITY_ASSUME_EMAIL_IS_VERIFIED: {{ . | quote }} + {{- end }} + {{- with .Values.externalAuth.cas.keys.uid }} + CAS_UID_KEY: {{ . | quote }} + {{- end }} + {{- with .Values.externalAuth.cas.keys.name }} + CAS_NAME_KEY: {{ . | quote }} + {{- end }} + {{- with .Values.externalAuth.cas.keys.email }} + CAS_EMAIL_KEY: {{ . | quote }} + {{- end }} + {{- with .Values.externalAuth.cas.keys.nickname }} + CAS_NICKNAME_KEY: {{ . | quote }} + {{- end }} + {{- with .Values.externalAuth.cas.keys.first_name }} + CAS_FIRST_NAME_KEY: {{ . | quote }} + {{- end }} + {{- with .Values.externalAuth.cas.keys.last_name }} + CAS_LAST_NAME_KEY: {{ . | quote }} + {{- end }} + {{- with .Values.externalAuth.cas.keys.location }} + CAS_LOCATION_KEY: {{ . | quote }} + {{- end }} + {{- with .Values.externalAuth.cas.keys.image }} + CAS_IMAGE_KEY: {{ . | quote }} + {{- end }} + {{- with .Values.externalAuth.cas.keys.phone }} + CAS_PHONE_KEY: {{ . | quote }} + {{- end }} + {{- end }} + {{- with .Values.externalAuth.pam.enabled }} + PAM_ENABLED: {{ . | quote }} + {{- with .Values.externalAuth.pam.email_domain }} + PAM_EMAIL_DOMAIN: {{ . }} + {{- end }} + {{- with .Values.externalAuth.pam.default_service }} + PAM_DEFAULT_SERVICE: {{ . }} + {{- end }} + {{- with .Values.externalAuth.pam.controlled_service }} + PAM_CONTROLLED_SERVICE: {{ . }} + {{- end }} + {{- end }} + {{- if .Values.externalAuth.ldap.enabled }} + LDAP_ENABLED: {{ .Values.externalAuth.ldap.enabled | quote }} + LDAP_HOST: {{ .Values.externalAuth.ldap.host }} + LDAP_PORT: {{ .Values.externalAuth.ldap.port }} + LDAP_METHOD: {{ .Values.externalAuth.ldap.method }} + {{- with .Values.externalAuth.ldap.base }} + LDAP_BASE: {{ . }} + {{- end }} + {{- with .Values.externalAuth.ldap.bind_on }} + LDAP_BIND_ON: {{ . }} + {{- end }} + {{- with .Values.externalAuth.ldap.password }} + LDAP_PASSWORD: {{ . }} + {{- end }} + {{- with .Values.externalAuth.ldap.uid }} + LDAP_UID: {{ . }} + {{- end }} + {{- with .Values.externalAuth.ldap.mail }} + LDAP_MAIL: {{ . }} + {{- end }} + {{- with .Values.externalAuth.ldap.search_filter }} + LDAP_SEARCH_FILTER: {{ . }} + {{- end }} + {{- with .Values.externalAuth.ldap.uid_conversion.enabled }} + LDAP_UID_CONVERSION_ENABLED: {{ . | quote }} + {{- end }} + {{- with .Values.externalAuth.ldap.uid_conversion.search }} + LDAP_UID_CONVERSION_SEARCH: {{ . }} + {{- end }} + {{- with .Values.externalAuth.ldap.uid_conversion.replace }} + LDAP_UID_CONVERSION_REPLACE: {{ . }} + {{- end }} + {{- end }} + {{- with .Values.mastodon.metrics.statsd.address }} + STATSD_ADDR: {{ . }} + {{- end }} From a111661cafa8ad315aa2d85209d428b0936287a5 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Sat, 21 Jan 2023 19:57:48 -0500 Subject: [PATCH 030/146] Update values.yaml --- chart/values.yaml | 68 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 68 insertions(+) diff --git a/chart/values.yaml b/chart/values.yaml index 88635a3..a93cf08 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -33,6 +33,74 @@ fediblockhole: # with keys SECRET_KEY_BASE and OTP_SECRET and # VAPID_PRIVATE_KEY and VAPID_PUBLIC_KEY existingSecret: "" + # List of instances to read blocklists from. + # If the instance makes its blocklist public, no authorization token is needed. + # Otherwise, `token` is a Bearer token authorised to read domain_blocks. + # If `admin` = True, use the more detailed admin API, which requires a token with a + # higher level of authorization. + # If `import_fields` are provided, only import these fields from the instance. + # Overrides the global `import_fields` setting. + blocklist_instance_sources: [ + # { domain = 'public.blocklist'}, # an instance with a public list of domain_blocks + # { domain = 'jorts.horse', token = '' }, # user accessible block list + # { domain = 'eigenmagic.net', token = '', admin = true }, # admin access required + ] + + # List of URLs to read csv blocklists from + # Format tells the parser which format to use when parsing the blocklist + # max_severity tells the parser to override any severities that are higher than this value + # import_fields tells the parser to only import that set of fields from a specific source + blocklist_url_sources: [ + # { url = 'file:///path/to/fediblockhole/samples/demo-blocklist-01.csv', format = 'csv' }, + { url = 'https://raw.githubusercontent.com/eigenmagic/fediblockhole/main/samples/demo-blocklist-01.csv', format = 'csv' }, + + ] + + ## These global allowlists override blocks from blocklists + # These are the same format and structure as blocklists, but they take precedence + allowlist_url_sources: [ + { url = 'https://raw.githubusercontent.com/eigenmagic/fediblockhole/main/samples/demo-allowlist-01.csv', format = 'csv' }, + { url = 'https://raw.githubusercontent.com/eigenmagic/fediblockhole/main/samples/demo-allowlist-02.csv', format = 'csv' }, + ] + + # List of instances to write blocklist to + blocklist_instance_destinations: [ + # { domain = 'eigenmagic.net', token = '', max_followed_severity = 'silence'}, + ] + + ## Store a local copy of the remote blocklists after we fetch them + #save_intermediate = true + + ## Directory to store the local blocklist copies + # savedir = '/tmp' + + ## File to save the fully merged blocklist into + # blocklist_savefile = '/tmp/merged_blocklist.csv' + + ## Don't push blocklist to instances, even if they're defined above + # no_push_instance = false + + ## Don't fetch blocklists from URLs, even if they're defined above + # no_fetch_url = false + + ## Don't fetch blocklists from instances, even if they're defined above + # no_fetch_instance = false + + ## Set the mergeplan to use when dealing with overlaps between blocklists + # The default 'max' mergeplan will use the harshest severity block found for a domain. + # The 'min' mergeplan will use the lightest severity block found for a domain. + # mergeplan = 'max' + + ## Set which fields we import + ## 'domain' and 'severity' are always imported, these are additional + ## + import_fields = ['public_comment', 'reject_media', 'reject_reports', 'obfuscate'] + + ## Set which fields we export + ## 'domain' and 'severity' are always exported, these are additional + ## + export_fields = ['public_comment'] + # if you manually change the UID/GID environment variables, ensure these values # match: podSecurityContext: From 7c6cfebf304f16c0b265724a9fd3f6907fbe48da Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Sat, 21 Jan 2023 19:59:54 -0500 Subject: [PATCH 031/146] Update and rename configmap-conf-toml to configmap-conf-toml.yaml --- chart/templates/configmap-conf-toml | 323 ----------------------- chart/templates/configmap-conf-toml.yaml | 74 ++++++ 2 files changed, 74 insertions(+), 323 deletions(-) delete mode 100644 chart/templates/configmap-conf-toml create mode 100644 chart/templates/configmap-conf-toml.yaml diff --git a/chart/templates/configmap-conf-toml b/chart/templates/configmap-conf-toml deleted file mode 100644 index fae348e..0000000 --- a/chart/templates/configmap-conf-toml +++ /dev/null @@ -1,323 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "fediblockhole.fullname" . }}-conf-toml - labels: - {{- include "fediblockhole.labels" . | nindent 4 }} -data: - {{- if .Values.postgresql.enabled }} - DB_HOST: {{ template "mastodon.postgresql.fullname" . }} - DB_PORT: "5432" - {{- else }} - DB_HOST: {{ .Values.postgresql.postgresqlHostname }} - DB_PORT: {{ .Values.postgresql.postgresqlPort | default "5432" | quote }} - {{- end }} - DB_NAME: {{ .Values.postgresql.auth.database }} - DB_POOL: {{ include "mastodon.maxDbPool" . }} - DB_USER: {{ .Values.postgresql.auth.username }} - DEFAULT_LOCALE: {{ .Values.mastodon.locale }} - {{- if .Values.elasticsearch.enabled }} - ES_ENABLED: "true" - ES_HOST: {{ template "mastodon.elasticsearch.fullname" . }}-master-hl - ES_PORT: "9200" - {{- end }} - LOCAL_DOMAIN: {{ .Values.mastodon.local_domain }} - {{- with .Values.mastodon.web_domain }} - WEB_DOMAIN: {{ . }} - {{- end }} - {{- with .Values.mastodon.singleUserMode }} - SINGLE_USER_MODE: "true" - {{- end }} - {{- with .Values.mastodon.authorizedFetch }} - AUTHORIZED_FETCH: {{ . | quote }} - {{- end }} - # https://devcenter.heroku.com/articles/tuning-glibc-memory-behavior - MALLOC_ARENA_MAX: "2" - NODE_ENV: "production" - RAILS_ENV: "production" - {{- if .Values.redis.enabled }} - REDIS_HOST: {{ template "mastodon.redis.fullname" . }}-master - {{- else }} - REDIS_HOST: {{ required "When the redis chart is disabled .Values.redis.hostname is required" .Values.redis.hostname }} - {{- end }} - REDIS_PORT: {{ .Values.redis.port | default "6379" | quote }} - {{- if .Values.mastodon.s3.enabled }} - S3_BUCKET: {{ .Values.mastodon.s3.bucket }} - S3_ENABLED: "true" - S3_ENDPOINT: {{ .Values.mastodon.s3.endpoint }} - S3_HOSTNAME: {{ .Values.mastodon.s3.hostname }} - S3_PROTOCOL: "https" - {{- with .Values.mastodon.s3.region }} - S3_REGION: {{ . }} - {{- end }} - {{- with .Values.mastodon.s3.alias_host }} - S3_ALIAS_HOST: {{ .Values.mastodon.s3.alias_host}} - {{- end }} - {{- end }} - {{- with .Values.mastodon.smtp.auth_method }} - SMTP_AUTH_METHOD: {{ . }} - {{- end }} - {{- with .Values.mastodon.smtp.ca_file }} - SMTP_CA_FILE: {{ . }} - {{- end }} - {{- with .Values.mastodon.smtp.delivery_method }} - SMTP_DELIVERY_METHOD: {{ . }} - {{- end }} - {{- with .Values.mastodon.smtp.domain }} - SMTP_DOMAIN: {{ . }} - {{- end }} - {{- with .Values.mastodon.smtp.enable_starttls }} - SMTP_ENABLE_STARTTLS: {{ . | quote }} - {{- end }} - {{- with .Values.mastodon.smtp.enable_starttls_auto }} - SMTP_ENABLE_STARTTLS_AUTO: {{ . | quote }} - {{- end }} - {{- with .Values.mastodon.smtp.from_address }} - SMTP_FROM_ADDRESS: {{ . }} - {{- end }} - {{- with .Values.mastodon.smtp.login }} - SMTP_LOGIN: {{ . }} - {{- end }} - {{- with .Values.mastodon.smtp.openssl_verify_mode }} - SMTP_OPENSSL_VERIFY_MODE: {{ . }} - {{- end }} - {{- with .Values.mastodon.smtp.password }} - SMTP_PASSWORD: {{ . }} - {{- end }} - {{- with .Values.mastodon.smtp.port }} - SMTP_PORT: {{ . | quote }} - {{- end }} - {{- with .Values.mastodon.smtp.reply_to }} - SMTP_REPLY_TO: {{ . }} - {{- end }} - {{- with .Values.mastodon.smtp.server }} - SMTP_SERVER: {{ . }} - {{- end }} - {{- with .Values.mastodon.smtp.tls }} - SMTP_TLS: {{ . | quote }} - {{- end }} - STREAMING_CLUSTER_NUM: {{ .Values.mastodon.streaming.workers | quote }} - {{- with .Values.mastodon.streaming.base_url }} - STREAMING_API_BASE_URL: {{ . | quote }} - {{- end }} - {{- if .Values.externalAuth.oidc.enabled }} - OIDC_ENABLED: {{ .Values.externalAuth.oidc.enabled | quote }} - OIDC_DISPLAY_NAME: {{ .Values.externalAuth.oidc.display_name }} - OIDC_ISSUER: {{ .Values.externalAuth.oidc.issuer }} - OIDC_DISCOVERY: {{ .Values.externalAuth.oidc.discovery | quote }} - OIDC_SCOPE: {{ .Values.externalAuth.oidc.scope | quote }} - OIDC_UID_FIELD: {{ .Values.externalAuth.oidc.uid_field }} - OIDC_CLIENT_ID: {{ .Values.externalAuth.oidc.client_id }} - OIDC_CLIENT_SECRET: {{ .Values.externalAuth.oidc.client_secret }} - OIDC_REDIRECT_URI: {{ .Values.externalAuth.oidc.redirect_uri }} - OIDC_SECURITY_ASSUME_EMAIL_IS_VERIFIED: {{ .Values.externalAuth.oidc.assume_email_is_verified | quote }} - {{- with .Values.externalAuth.oidc.client_auth_method }} - OIDC_CLIENT_AUTH_METHOD: {{ . }} - {{- end }} - {{- with .Values.externalAuth.oidc.response_type }} - OIDC_RESPONSE_TYPE: {{ . }} - {{- end }} - {{- with .Values.externalAuth.oidc.response_mode }} - OIDC_RESPONSE_MODE: {{ . }} - {{- end }} - {{- with .Values.externalAuth.oidc.display }} - OIDC_DISPLAY: {{ . }} - {{- end }} - {{- with .Values.externalAuth.oidc.prompt }} - OIDC_PROMPT: {{ . }} - {{- end }} - {{- with .Values.externalAuth.oidc.send_nonce }} - OIDC_SEND_NONCE: {{ . }} - {{- end }} - {{- with .Values.externalAuth.oidc.send_scope_to_token_endpoint }} - OIDC_SEND_SCOPE_TO_TOKEN_ENDPOINT: {{ . | quote }} - {{- end }} - {{- with .Values.externalAuth.oidc.idp_logout_redirect_uri }} - OIDC_IDP_LOGOUT_REDIRECT_URI: {{ . }} - {{- end }} - {{- with .Values.externalAuth.oidc.http_scheme }} - OIDC_HTTP_SCHEME: {{ . }} - {{- end }} - {{- with .Values.externalAuth.oidc.host }} - OIDC_HOST: {{ . }} - {{- end }} - {{- with .Values.externalAuth.oidc.port }} - OIDC_PORT: {{ . }} - {{- end }} - {{- with .Values.externalAuth.oidc.jwks_uri }} - OIDC_JWKS_URI: {{ . }} - {{- end }} - {{- with .Values.externalAuth.oidc.auth_endpoint }} - OIDC_AUTH_ENDPOINT: {{ . }} - {{- end }} - {{- with .Values.externalAuth.oidc.token_endpoint }} - OIDC_TOKEN_ENDPOINT: {{ . }} - {{- end }} - {{- with .Values.externalAuth.oidc.user_info_endpoint }} - OIDC_USER_INFO_ENDPOINT: {{ . }} - {{- end }} - {{- with .Values.externalAuth.oidc.end_session_endpoint }} - OIDC_END_SESSION_ENDPOINT: {{ . }} - {{- end }} - {{- end }} - {{- if .Values.externalAuth.saml.enabled }} - SAML_ENABLED: {{ .Values.externalAuth.saml.enabled | quote }} - SAML_ACS_URL: {{ .Values.externalAuth.saml.acs_url }} - SAML_ISSUER: {{ .Values.externalAuth.saml.issuer }} - SAML_IDP_SSO_TARGET_URL: {{ .Values.externalAuth.saml.idp_sso_target_url }} - SAML_IDP_CERT: {{ .Values.externalAuth.saml.idp_cert | quote }} - {{- with .Values.externalAuth.saml.idp_cert_fingerprint }} - SAML_IDP_CERT_FINGERPRINT: {{ . | quote }} - {{- end }} - {{- with .Values.externalAuth.saml.name_identifier_format }} - SAML_NAME_IDENTIFIER_FORMAT: {{ . }} - {{- end }} - {{- with .Values.externalAuth.saml.cert }} - SAML_CERT: {{ . | quote }} - {{- end }} - {{- with .Values.externalAuth.saml.private_key }} - SAML_PRIVATE_KEY: {{ . | quote }} - {{- end }} - {{- with .Values.externalAuth.saml.want_assertion_signed }} - SAML_SECURITY_WANT_ASSERTION_SIGNED: {{ . | quote }} - {{- end }} - {{- with .Values.externalAuth.saml.want_assertion_encrypted }} - SAML_SECURITY_WANT_ASSERTION_ENCRYPTED: {{ . | quote }} - {{- end }} - {{- with .Values.externalAuth.saml.assume_email_is_verified }} - SAML_SECURITY_ASSUME_EMAIL_IS_VERIFIED: {{ . | quote }} - {{- end }} - {{- with .Values.externalAuth.saml.uid_attribute }} - SAML_UID_ATTRIBUTE: {{ . }} - {{- end }} - {{- with .Values.externalAuth.saml.attributes_statements.uid }} - SAML_ATTRIBUTES_STATEMENTS_UID: {{ . | quote }} - {{- end }} - {{- with .Values.externalAuth.saml.attributes_statements.email }} - SAML_ATTRIBUTES_STATEMENTS_EMAIL: {{ . | quote }} - {{- end }} - {{- with .Values.externalAuth.saml.attributes_statements.full_name }} - SAML_ATTRIBUTES_STATEMENTS_FULL_NAME: {{ . | quote }} - {{- end }} - {{- with .Values.externalAuth.saml.attributes_statements.first_name }} - SAML_ATTRIBUTES_STATEMENTS_FIRST_NAME: {{ . | quote }} - {{- end }} - {{- with .Values.externalAuth.saml.attributes_statements.last_name }} - SAML_ATTRIBUTES_STATEMENTS_LAST_NAME: {{ . | quote }} - {{- end }} - {{- with .Values.externalAuth.saml.attributes_statements.verified }} - SAML_ATTRIBUTES_STATEMENTS_VERIFIED: {{ . | quote }} - {{- end }} - {{- with .Values.externalAuth.saml.attributes_statements.verified_email }} - SAML_ATTRIBUTES_STATEMENTS_VERIFIED_EMAIL: {{ . | quote }} - {{- end }} - {{- end }} - {{- with .Values.externalAuth.oauth_global.omniauth_only }} - OMNIAUTH_ONLY: {{ . | quote }} - {{- end }} - {{- if .Values.externalAuth.cas.enabled }} - CAS_ENABLED: {{ .Values.externalAuth.cas.enabled | quote }} - CAS_URL: {{ .Values.externalAuth.cas.url }} - CAS_HOST: {{ .Values.externalAuth.cas.host }} - CAS_PORT: {{ .Values.externalAuth.cas.port }} - CAS_SSL: {{ .Values.externalAuth.cas.ssl | quote }} - {{- with .Values.externalAuth.cas.validate_url }} - CAS_VALIDATE_URL: {{ . }} - {{- end }} - {{- with .Values.externalAuth.cas.callback_url }} - CAS_CALLBACK_URL: {{ . }} - {{- end }} - {{- with .Values.externalAuth.cas.logout_url }} - CAS_LOGOUT_URL: {{ . }} - {{- end }} - {{- with .Values.externalAuth.cas.login_url }} - CAS_LOGIN_URL: {{ . }} - {{- end }} - {{- with .Values.externalAuth.cas.uid_field }} - CAS_UID_FIELD: {{ . | quote }} - {{- end }} - {{- with .Values.externalAuth.cas.ca_path }} - CAS_CA_PATH: {{ . }} - {{- end }} - {{- with .Values.externalAuth.cas.disable_ssl_verification }} - CAS_DISABLE_SSL_VERIFICATION: {{ . | quote }} - {{- end }} - {{- with .Values.externalAuth.cas.assume_email_is_verified }} - CAS_SECURITY_ASSUME_EMAIL_IS_VERIFIED: {{ . | quote }} - {{- end }} - {{- with .Values.externalAuth.cas.keys.uid }} - CAS_UID_KEY: {{ . | quote }} - {{- end }} - {{- with .Values.externalAuth.cas.keys.name }} - CAS_NAME_KEY: {{ . | quote }} - {{- end }} - {{- with .Values.externalAuth.cas.keys.email }} - CAS_EMAIL_KEY: {{ . | quote }} - {{- end }} - {{- with .Values.externalAuth.cas.keys.nickname }} - CAS_NICKNAME_KEY: {{ . | quote }} - {{- end }} - {{- with .Values.externalAuth.cas.keys.first_name }} - CAS_FIRST_NAME_KEY: {{ . | quote }} - {{- end }} - {{- with .Values.externalAuth.cas.keys.last_name }} - CAS_LAST_NAME_KEY: {{ . | quote }} - {{- end }} - {{- with .Values.externalAuth.cas.keys.location }} - CAS_LOCATION_KEY: {{ . | quote }} - {{- end }} - {{- with .Values.externalAuth.cas.keys.image }} - CAS_IMAGE_KEY: {{ . | quote }} - {{- end }} - {{- with .Values.externalAuth.cas.keys.phone }} - CAS_PHONE_KEY: {{ . | quote }} - {{- end }} - {{- end }} - {{- with .Values.externalAuth.pam.enabled }} - PAM_ENABLED: {{ . | quote }} - {{- with .Values.externalAuth.pam.email_domain }} - PAM_EMAIL_DOMAIN: {{ . }} - {{- end }} - {{- with .Values.externalAuth.pam.default_service }} - PAM_DEFAULT_SERVICE: {{ . }} - {{- end }} - {{- with .Values.externalAuth.pam.controlled_service }} - PAM_CONTROLLED_SERVICE: {{ . }} - {{- end }} - {{- end }} - {{- if .Values.externalAuth.ldap.enabled }} - LDAP_ENABLED: {{ .Values.externalAuth.ldap.enabled | quote }} - LDAP_HOST: {{ .Values.externalAuth.ldap.host }} - LDAP_PORT: {{ .Values.externalAuth.ldap.port }} - LDAP_METHOD: {{ .Values.externalAuth.ldap.method }} - {{- with .Values.externalAuth.ldap.base }} - LDAP_BASE: {{ . }} - {{- end }} - {{- with .Values.externalAuth.ldap.bind_on }} - LDAP_BIND_ON: {{ . }} - {{- end }} - {{- with .Values.externalAuth.ldap.password }} - LDAP_PASSWORD: {{ . }} - {{- end }} - {{- with .Values.externalAuth.ldap.uid }} - LDAP_UID: {{ . }} - {{- end }} - {{- with .Values.externalAuth.ldap.mail }} - LDAP_MAIL: {{ . }} - {{- end }} - {{- with .Values.externalAuth.ldap.search_filter }} - LDAP_SEARCH_FILTER: {{ . }} - {{- end }} - {{- with .Values.externalAuth.ldap.uid_conversion.enabled }} - LDAP_UID_CONVERSION_ENABLED: {{ . | quote }} - {{- end }} - {{- with .Values.externalAuth.ldap.uid_conversion.search }} - LDAP_UID_CONVERSION_SEARCH: {{ . }} - {{- end }} - {{- with .Values.externalAuth.ldap.uid_conversion.replace }} - LDAP_UID_CONVERSION_REPLACE: {{ . }} - {{- end }} - {{- end }} - {{- with .Values.mastodon.metrics.statsd.address }} - STATSD_ADDR: {{ . }} - {{- end }} diff --git a/chart/templates/configmap-conf-toml.yaml b/chart/templates/configmap-conf-toml.yaml new file mode 100644 index 0000000..335611e --- /dev/null +++ b/chart/templates/configmap-conf-toml.yaml @@ -0,0 +1,74 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "fediblockhole.fullname" . }}-conf-toml + labels: + {{- include "fediblockhole.labels" . | nindent 4 }} +data: + # List of instances to read blocklists from. + # If the instance makes its blocklist public, no authorization token is needed. + # Otherwise, `token` is a Bearer token authorised to read domain_blocks. + # If `admin` = True, use the more detailed admin API, which requires a token with a + # higher level of authorization. + # If `import_fields` are provided, only import these fields from the instance. + # Overrides the global `import_fields` setting. + blocklist_instance_sources = [ + # { domain = 'public.blocklist'}, # an instance with a public list of domain_blocks + # { domain = 'jorts.horse', token = '' }, # user accessible block list + # { domain = 'eigenmagic.net', token = '', admin = true }, # admin access required + ] + + # List of URLs to read csv blocklists from + # Format tells the parser which format to use when parsing the blocklist + # max_severity tells the parser to override any severities that are higher than this value + # import_fields tells the parser to only import that set of fields from a specific source + blocklist_url_sources = [ + # { url = 'file:///path/to/fediblockhole/samples/demo-blocklist-01.csv', format = 'csv' }, + { url = 'https://raw.githubusercontent.com/eigenmagic/fediblockhole/main/samples/demo-blocklist-01.csv', format = 'csv' }, + + ] + + ## These global allowlists override blocks from blocklists + # These are the same format and structure as blocklists, but they take precedence + allowlist_url_sources = [ + { url = 'https://raw.githubusercontent.com/eigenmagic/fediblockhole/main/samples/demo-allowlist-01.csv', format = 'csv' }, + { url = 'https://raw.githubusercontent.com/eigenmagic/fediblockhole/main/samples/demo-allowlist-02.csv', format = 'csv' }, + ] + + # List of instances to write blocklist to + blocklist_instance_destinations = [ + # { domain = 'eigenmagic.net', token = '', max_followed_severity = 'silence'}, + ] + + ## Store a local copy of the remote blocklists after we fetch them + #save_intermediate = true + + ## Directory to store the local blocklist copies + # savedir = '/tmp' + + ## File to save the fully merged blocklist into + # blocklist_savefile = '/tmp/merged_blocklist.csv' + + ## Don't push blocklist to instances, even if they're defined above + # no_push_instance = false + + ## Don't fetch blocklists from URLs, even if they're defined above + # no_fetch_url = false + + ## Don't fetch blocklists from instances, even if they're defined above + # no_fetch_instance = false + + ## Set the mergeplan to use when dealing with overlaps between blocklists + # The default 'max' mergeplan will use the harshest severity block found for a domain. + # The 'min' mergeplan will use the lightest severity block found for a domain. + # mergeplan = 'max' + + ## Set which fields we import + ## 'domain' and 'severity' are always imported, these are additional + ## + import_fields = ['public_comment', 'reject_media', 'reject_reports', 'obfuscate'] + + ## Set which fields we export + ## 'domain' and 'severity' are always exported, these are additional + ## + export_fields = ['public_comment'] From abc53c9148fd0d5f5b293e56eec301121da768bb Mon Sep 17 00:00:00 2001 From: Justin Warren Date: Sun, 22 Jan 2023 13:03:32 +1100 Subject: [PATCH 032/146] Updated documentation and examples for allowlists. --- README.md | 2 ++ samples/demo-allowlist-01.csv | 5 +++-- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 44a9864..882fca8 100644 --- a/README.md +++ b/README.md @@ -41,6 +41,8 @@ appropriate. - Provides (hopefully) sensible defaults to minimise first-time setup. - Global and fine-grained configuration options available for those complex situations that crop up sometimes. + - Allowlists to override blocks in blocklists to ensure you never block instances you want to keep. + - Blocklist thresholds if you want to only block when an instance shows up in multiple blocklists. ## Installing diff --git a/samples/demo-allowlist-01.csv b/samples/demo-allowlist-01.csv index 6ee7744..665ff6a 100644 --- a/samples/demo-allowlist-01.csv +++ b/samples/demo-allowlist-01.csv @@ -1,3 +1,4 @@ "domain","severity","private_comment","public_comment","reject_media","reject_reports","obfuscate" -"eigenmagic.net","noop","Never block me","Only the domain field matters",False,False,False -"example.org","noop","Never block me either","The severity is ignored as are all other fields",False,False,False +"eigenmagic.net","noop","Never block me","Only the domain field matters for allowlists",False,False,False +"example.org","noop","Never block me either","The severity is ignored in allowlists as are all other fields",False,False,False +"demo01.example.org","noop","Never block me either","But you can use them to leave yourself or others notes on why the item is here",False,False,False From 3b4cdcbcdf964a71bfe15e2299c84b08b6e77bb5 Mon Sep 17 00:00:00 2001 From: Justin Warren Date: Sun, 22 Jan 2023 13:05:44 +1100 Subject: [PATCH 033/146] Refactored the code to use Blocklist data structure for allowlists. Fixed bug in parse_blocklist() for preparse selection. Updated test cases for allowlists. Removed some code that is no longer needed. --- src/fediblockhole/__init__.py | 163 ++++++++++++++------------------ src/fediblockhole/blocklists.py | 18 ++-- tests/test_allowlist.py | 37 ++++---- 3 files changed, 100 insertions(+), 118 deletions(-) diff --git a/src/fediblockhole/__init__.py b/src/fediblockhole/__init__.py index 9be1b78..67b1f06 100755 --- a/src/fediblockhole/__init__.py +++ b/src/fediblockhole/__init__.py @@ -59,16 +59,16 @@ def sync_blocklists(conf: argparse.Namespace): # Add extra export fields if defined in config export_fields.extend(conf.export_fields) - blocklists = {} + blocklists = [] # Fetch blocklists from URLs if not conf.no_fetch_url: - blocklists = fetch_from_urls(blocklists, conf.blocklist_url_sources, - import_fields, conf.save_intermediate, conf.savedir, export_fields) + blocklists.extend(fetch_from_urls(conf.blocklist_url_sources, + import_fields, conf.save_intermediate, conf.savedir, export_fields)) # Fetch blocklists from remote instances if not conf.no_fetch_instance: - blocklists = fetch_from_instances(blocklists, conf.blocklist_instance_sources, - import_fields, conf.save_intermediate, conf.savedir, export_fields) + blocklists.extend(fetch_from_instances(conf.blocklist_instance_sources, + import_fields, conf.save_intermediate, conf.savedir, export_fields)) # Merge blocklists into an update dict merged = merge_blocklists(blocklists, conf.mergeplan) @@ -80,48 +80,48 @@ def sync_blocklists(conf: argparse.Namespace): # Save the final mergelist, if requested if conf.blocklist_savefile: log.info(f"Saving merged blocklist to {conf.blocklist_savefile}") - save_blocklist_to_file(merged.values(), conf.blocklist_savefile, export_fields) + save_blocklist_to_file(merged, conf.blocklist_savefile, export_fields) # Push the blocklist to destination instances if not conf.no_push_instance: log.info("Pushing domain blocks to instances...") for dest in conf.blocklist_instance_destinations: - domain = dest['domain'] + target = dest['domain'] token = dest['token'] scheme = dest.get('scheme', 'https') max_followed_severity = BlockSeverity(dest.get('max_followed_severity', 'silence')) - push_blocklist(token, domain, merged.values(), conf.dryrun, import_fields, max_followed_severity, scheme) + push_blocklist(token, target, merged, conf.dryrun, import_fields, max_followed_severity, scheme) -def apply_allowlists(merged: dict, conf: argparse.Namespace, allowlists: dict): +def apply_allowlists(merged: Blocklist, conf: argparse.Namespace, allowlists: dict): """Apply allowlists """ # Apply allows specified on the commandline for domain in conf.allow_domains: log.info(f"'{domain}' allowed by commandline, removing any blocks...") - if domain in merged: - del merged[domain] + if domain in merged.blocks: + del merged.blocks[domain] # Apply allows from URLs lists log.info("Removing domains from URL allowlists...") - for key, alist in allowlists.items(): - log.debug(f"Processing allows from '{key}'...") - for allowed in alist: + for alist in allowlists: + log.debug(f"Processing allows from '{alist.origin}'...") + for allowed in alist.blocks.values(): domain = allowed.domain log.debug(f"Removing allowlisted domain '{domain}' from merged list.") - if domain in merged: - del merged[domain] + if domain in merged.blocks: + del merged.blocks[domain] return merged -def fetch_allowlists(conf: argparse.Namespace) -> dict: +def fetch_allowlists(conf: argparse.Namespace) -> Blocklist: """ """ if conf.allowlist_url_sources: - allowlists = fetch_from_urls({}, conf.allowlist_url_sources, ALLOWLIST_IMPORT_FIELDS) + allowlists = fetch_from_urls(conf.allowlist_url_sources, ALLOWLIST_IMPORT_FIELDS, conf.save_intermediate, conf.savedir) return allowlists - return {} + return Blocklist() -def fetch_from_urls(blocklists: dict, url_sources: dict, +def fetch_from_urls(url_sources: dict, import_fields: list=IMPORT_FIELDS, save_intermediate: bool=False, savedir: str=None, export_fields: list=EXPORT_FIELDS) -> dict: @@ -131,7 +131,7 @@ def fetch_from_urls(blocklists: dict, url_sources: dict, @returns: A dict of blocklists, same as input, but (possibly) modified """ log.info("Fetching domain blocks from URLs...") - + blocklists = [] for item in url_sources: url = item['url'] # If import fields are provided, they override the global ones passed in @@ -144,14 +144,14 @@ def fetch_from_urls(blocklists: dict, url_sources: dict, listformat = item.get('format', 'csv') with urlr.urlopen(url) as fp: rawdata = fp.read(URL_BLOCKLIST_MAXSIZE).decode('utf-8') - blocklists[url] = parse_blocklist(rawdata, listformat, import_fields, max_severity) - - if save_intermediate: - save_intermediate_blocklist(blocklists[url], url, savedir, export_fields) + bl = parse_blocklist(rawdata, url, listformat, import_fields, max_severity) + blocklists.append(bl) + if save_intermediate: + save_intermediate_blocklist(bl, savedir, export_fields) return blocklists -def fetch_from_instances(blocklists: dict, sources: dict, +def fetch_from_instances(sources: dict, import_fields: list=IMPORT_FIELDS, save_intermediate: bool=False, savedir: str=None, export_fields: list=EXPORT_FIELDS) -> dict: @@ -161,12 +161,13 @@ def fetch_from_instances(blocklists: dict, sources: dict, @returns: A dict of blocklists, same as input, but (possibly) modified """ log.info("Fetching domain blocks from instances...") + blocklists = [] for item in sources: domain = item['domain'] admin = item.get('admin', False) token = item.get('token', None) scheme = item.get('scheme', 'https') - itemsrc = f"{scheme}://{domain}/api" + # itemsrc = f"{scheme}://{domain}/api" # If import fields are provided, they override the global ones passed in source_import_fields = item.get('import_fields', None) @@ -174,15 +175,15 @@ def fetch_from_instances(blocklists: dict, sources: dict, # Ensure we always use the default fields import_fields = IMPORT_FIELDS.extend(source_import_fields) - # Add the blocklist with the domain as the source key - blocklists[itemsrc] = fetch_instance_blocklist(domain, token, admin, import_fields, scheme) + bl = fetch_instance_blocklist(domain, token, admin, import_fields, scheme) + blocklists.append(bl) if save_intermediate: - save_intermediate_blocklist(blocklists[itemsrc], domain, savedir, export_fields) + save_intermediate_blocklist(bl, savedir, export_fields) return blocklists def merge_blocklists(blocklists: list[Blocklist], mergeplan: str='max', threshold: int=0, - threshold_type: str='count') -> dict: + threshold_type: str='count') -> Blocklist: """Merge fetched remote blocklists into a bulk update @param blocklists: A dict of lists of DomainBlocks, keyed by source. Each value is a list of DomainBlocks @@ -199,7 +200,7 @@ def merge_blocklists(blocklists: list[Blocklist], mergeplan: str='max', count_of_mentions / number_of_blocklists. @param returns: A dict of DomainBlocks keyed by domain """ - merged = {} + merged = Blocklist('fediblockhole.merge_blocklists') num_blocklists = len(blocklists) @@ -209,7 +210,7 @@ def merge_blocklists(blocklists: list[Blocklist], mergeplan: str='max', for bl in blocklists: for block in bl.values(): if '*' in block.domain: - log.debug(f"Domain '{domain}' is obfuscated. Skipping it.") + log.debug(f"Domain '{block.domain}' is obfuscated. Skipping it.") continue elif block.domain in domain_blocks: domain_blocks[block.domain].append(block) @@ -224,40 +225,17 @@ def merge_blocklists(blocklists: list[Blocklist], mergeplan: str='max', domain_threshold_level = len(domain_blocks[domain]) / num_blocklists else: raise ValueError(f"Unsupported threshold type '{threshold_type}'. Supported values are: 'count', 'pct'") - + if domain_threshold_level >= threshold: # Add first block in the list to merged - merged[domain] = domain_blocks[domain][0] + block = domain_blocks[domain][0] # Merge the others with this record - for block in domain_blocks[domain][1:]: - merged[domain] = apply_mergeplan(merged[domain], block, mergeplan) - + for newblock in domain_blocks[domain][1:]: + block = apply_mergeplan(block, newblock, mergeplan) + merged.blocks[block.domain] = block + return merged - # for key, blist in blocklists.items(): - # log.debug(f"processing blocklist from: {key} ...") - # for newblock in blist: - # domain = newblock.domain - # # If the domain has two asterisks in it, it's obfuscated - # # and we can't really use it, so skip it and do the next one - # if '*' in domain: - # log.debug(f"Domain '{domain}' is obfuscated. Skipping it.") - # continue - - # elif domain in merged: - # log.debug(f"Overlapping block for domain {domain}. Merging...") - # blockdata = apply_mergeplan(merged[domain], newblock, mergeplan) - - # else: - # # New block - # blockdata = newblock - - # # end if - # log.debug(f"blockdata is: {blockdata}") - # merged[domain] = blockdata - # # end for - # return merged - def apply_mergeplan(oldblock: DomainBlock, newblock: DomainBlock, mergeplan: str='max') -> dict: """Use a mergeplan to decide how to merge two overlapping block definitions @@ -282,10 +260,10 @@ def apply_mergeplan(oldblock: DomainBlock, newblock: DomainBlock, mergeplan: str # How do we override an earlier block definition? if mergeplan in ['max', None]: # Use the highest block level found (the default) - log.debug(f"Using 'max' mergeplan.") + # log.debug(f"Using 'max' mergeplan.") if newblock.severity > oldblock.severity: - log.debug(f"New block severity is higher. Using that.") + # log.debug(f"New block severity is higher. Using that.") blockdata['severity'] = newblock.severity # For 'reject_media', 'reject_reports', and 'obfuscate' if @@ -314,7 +292,7 @@ def apply_mergeplan(oldblock: DomainBlock, newblock: DomainBlock, mergeplan: str else: raise NotImplementedError(f"Mergeplan '{mergeplan}' not implemented.") - log.debug(f"Block severity set to {blockdata['severity']}") + # log.debug(f"Block severity set to {blockdata['severity']}") return DomainBlock(**blockdata) @@ -396,17 +374,19 @@ def fetch_instance_blocklist(host: str, token: str=None, admin: bool=False, url = f"{scheme}://{host}{api_path}" - blocklist = [] + blockdata = [] link = True - while link: response = requests.get(url, headers=headers, timeout=REQUEST_TIMEOUT) if response.status_code != 200: log.error(f"Cannot fetch remote blocklist: {response.content}") raise ValueError("Unable to fetch domain block list: %s", response) - blocklist.extend( parse_blocklist(response.content, parse_format, import_fields) ) - + # Each block of returned data is a JSON list of dicts + # so we parse them and append them to the fetched list + # of JSON data we need to parse. + + blockdata.extend(json.loads(response.content.decode('utf-8'))) # Parse the link header to find the next url to fetch # This is a weird and janky way of doing pagination but # hey nothing we can do about it we just have to deal @@ -424,6 +404,8 @@ def fetch_instance_blocklist(host: str, token: str=None, admin: bool=False, urlstring, rel = next.split('; ') url = urlstring.strip('<').rstrip('>') + blocklist = parse_blocklist(blockdata, url, parse_format, import_fields) + return blocklist def delete_block(token: str, host: str, id: int, scheme: str='https'): @@ -513,13 +495,9 @@ def update_known_block(token: str, host: str, block: DomainBlock, scheme: str='h """Update an existing domain block with information in blockdict""" api_path = "/api/v1/admin/domain_blocks/" - try: - id = block.id - blockdata = block._asdict() - del blockdata['id'] - except KeyError: - import pdb - pdb.set_trace() + id = block.id + blockdata = block._asdict() + del blockdata['id'] url = f"{scheme}://{host}{api_path}{id}" @@ -553,7 +531,7 @@ def add_block(token: str, host: str, blockdata: DomainBlock, scheme: str='https' raise ValueError(f"Something went wrong: {response.status_code}: {response.content}") -def push_blocklist(token: str, host: str, blocklist: list[dict], +def push_blocklist(token: str, host: str, blocklist: list[DomainBlock], dryrun: bool=False, import_fields: list=['domain', 'severity'], max_followed_severity:BlockSeverity=BlockSeverity('silence'), @@ -561,8 +539,7 @@ def push_blocklist(token: str, host: str, blocklist: list[dict], ): """Push a blocklist to a remote instance. - Merging the blocklist with the existing list the instance has, - updating existing entries if they exist. + Updates existing entries if they exist, creates new blocks if they don't. @param token: The Bearer token for OAUTH API authentication @param host: The instance host, FQDN or IP @@ -577,15 +554,16 @@ def push_blocklist(token: str, host: str, blocklist: list[dict], serverblocks = fetch_instance_blocklist(host, token, True, import_fields, scheme) # # Convert serverblocks to a dictionary keyed by domain name - knownblocks = {row.domain: row for row in serverblocks} + # knownblocks = {row.domain: row for row in serverblocks} - for newblock in blocklist: + for newblock in blocklist.values(): log.debug(f"Processing block: {newblock}") - oldblock = knownblocks.get(newblock.domain, None) - if oldblock: + if newblock.domain in serverblocks: log.debug(f"Block already exists for {newblock.domain}, checking for differences...") + oldblock = serverblocks[newblock.domain] + change_needed = is_change_needed(oldblock, newblock, import_fields) # Is the severity changing? @@ -644,15 +622,14 @@ def load_config(configfile: str): conf = toml.load(configfile) return conf -def save_intermediate_blocklist( - blocklist: list[dict], source: str, - filedir: str, +def save_intermediate_blocklist(blocklist: Blocklist, filedir: str, export_fields: list=['domain','severity']): """Save a local copy of a blocklist we've downloaded """ # Invent a filename based on the remote source # If the source was a URL, convert it to something less messy # If the source was a remote domain, just use the name of the domain + source = blocklist.origin log.debug(f"Saving intermediate blocklist from {source}") source = source.replace('/','-') filename = f"{source}.csv" @@ -660,7 +637,7 @@ def save_intermediate_blocklist( save_blocklist_to_file(blocklist, filepath, export_fields) def save_blocklist_to_file( - blocklist: list[DomainBlock], + blocklist: Blocklist, filepath: str, export_fields: list=['domain','severity']): """Save a blocklist we've downloaded from a remote source @@ -670,18 +647,22 @@ def save_blocklist_to_file( @param export_fields: Which fields to include in the export. """ try: - blocklist = sorted(blocklist, key=lambda x: x.domain) + sorted_list = sorted(blocklist.blocks.items()) except KeyError: log.error("Field 'domain' not found in blocklist.") - log.debug(f"blocklist is: {blocklist}") + log.debug(f"blocklist is: {sorted_list}") + except AttributeError: + log.error("Attribute error!") + import pdb + pdb.set_trace() log.debug(f"export fields: {export_fields}") with open(filepath, "w") as fp: writer = csv.DictWriter(fp, export_fields, extrasaction='ignore') writer.writeheader() - for item in blocklist: - writer.writerow(item._asdict()) + for key, value in sorted_list: + writer.writerow(value) def augment_args(args, tomldata: str=None): """Augment commandline arguments with config file parameters diff --git a/src/fediblockhole/blocklists.py b/src/fediblockhole/blocklists.py index f79f3d2..7a9e44f 100644 --- a/src/fediblockhole/blocklists.py +++ b/src/fediblockhole/blocklists.py @@ -41,7 +41,7 @@ class BlocklistParser(object): """ Base class for parsing blocklists """ - preparse = False + do_preparse = False def __init__(self, import_fields: list=['domain', 'severity'], max_severity: str='suspend'): @@ -63,7 +63,7 @@ class BlocklistParser(object): @param blocklist: An Iterable of blocklist items @returns: A dict of DomainBlocks, keyed by domain """ - if self.preparse: + if self.do_preparse: blockdata = self.preparse(blockdata) parsed_list = Blocklist(origin) @@ -82,12 +82,13 @@ class BlocklistParser(object): class BlocklistParserJSON(BlocklistParser): """Parse a JSON formatted blocklist""" - preparse = True + do_preparse = True def preparse(self, blockdata) -> Iterable: - """Parse the blockdata as JSON - """ - return json.loads(blockdata) + """Parse the blockdata as JSON if needed""" + if type(blockdata) == type(''): + return json.loads(blockdata) + return blockdata def parse_item(self, blockitem: dict) -> DomainBlock: # Remove fields we don't want to import @@ -131,7 +132,7 @@ class BlocklistParserCSV(BlocklistParser): The parser expects the CSV data to include a header with the field names. """ - preparse = True + do_preparse = True def preparse(self, blockdata) -> Iterable: """Use a csv.DictReader to create an iterable from the blockdata @@ -237,6 +238,7 @@ def parse_blocklist( max_severity: str='suspend'): """Parse a blocklist in the given format """ - parser = FORMAT_PARSERS[format](import_fields, max_severity) log.debug(f"parsing {format} blocklist with import_fields: {import_fields}...") + + parser = FORMAT_PARSERS[format](import_fields, max_severity) return parser.parse_blocklist(blockdata, origin) \ No newline at end of file diff --git a/tests/test_allowlist.py b/tests/test_allowlist.py index 902b301..ddd53b9 100644 --- a/tests/test_allowlist.py +++ b/tests/test_allowlist.py @@ -4,6 +4,7 @@ import pytest from util import shim_argparse from fediblockhole.const import DomainBlock +from fediblockhole.blocklists import Blocklist from fediblockhole import fetch_allowlists, apply_allowlists def test_cmdline_allow_removes_domain(): @@ -11,17 +12,13 @@ def test_cmdline_allow_removes_domain(): """ conf = shim_argparse(['-A', 'removeme.org']) - merged = { + merged = Blocklist('test_allowlist.merged', { 'example.org': DomainBlock('example.org'), 'example2.org': DomainBlock('example2.org'), 'removeme.org': DomainBlock('removeme.org'), 'keepblockingme.org': DomainBlock('keepblockingme.org'), - } + }) - # allowlists = { - # 'testlist': [ DomainBlock('removeme.org', 'noop'), ] - # } - merged = apply_allowlists(merged, conf, {}) with pytest.raises(KeyError): @@ -32,16 +29,18 @@ def test_allowlist_removes_domain(): """ conf = shim_argparse() - merged = { + merged = Blocklist('test_allowlist.merged', { 'example.org': DomainBlock('example.org'), 'example2.org': DomainBlock('example2.org'), 'removeme.org': DomainBlock('removeme.org'), 'keepblockingme.org': DomainBlock('keepblockingme.org'), - } + }) - allowlists = { - 'testlist': [ DomainBlock('removeme.org', 'noop'), ] - } + allowlists = [ + Blocklist('test_allowlist', { + 'removeme.org': DomainBlock('removeme.org', 'noop'), + }) + ] merged = apply_allowlists(merged, conf, allowlists) @@ -53,19 +52,19 @@ def test_allowlist_removes_tld(): """ conf = shim_argparse() - merged = { + merged = Blocklist('test_allowlist.merged', { '.cf': DomainBlock('.cf'), 'example.org': DomainBlock('example.org'), '.tk': DomainBlock('.tk'), 'keepblockingme.org': DomainBlock('keepblockingme.org'), - } + }) - allowlists = { - 'list1': [ - DomainBlock('.cf', 'noop'), - DomainBlock('.tk', 'noop'), - ] - } + allowlists = [ + Blocklist('test_allowlist.list1', { + '.cf': DomainBlock('.cf', 'noop'), + '.tk': DomainBlock('.tk', 'noop'), + }) + ] merged = apply_allowlists(merged, conf, allowlists) From 1afd1265def3e943655b46fbcda9eb2f59075f87 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Sat, 21 Jan 2023 21:55:37 -0500 Subject: [PATCH 034/146] Update configmap-conf-toml.yaml --- chart/templates/configmap-conf-toml.yaml | 106 +++++++++-------------- 1 file changed, 39 insertions(+), 67 deletions(-) diff --git a/chart/templates/configmap-conf-toml.yaml b/chart/templates/configmap-conf-toml.yaml index 335611e..d07f25d 100644 --- a/chart/templates/configmap-conf-toml.yaml +++ b/chart/templates/configmap-conf-toml.yaml @@ -5,70 +5,42 @@ metadata: labels: {{- include "fediblockhole.labels" . | nindent 4 }} data: - # List of instances to read blocklists from. - # If the instance makes its blocklist public, no authorization token is needed. - # Otherwise, `token` is a Bearer token authorised to read domain_blocks. - # If `admin` = True, use the more detailed admin API, which requires a token with a - # higher level of authorization. - # If `import_fields` are provided, only import these fields from the instance. - # Overrides the global `import_fields` setting. - blocklist_instance_sources = [ - # { domain = 'public.blocklist'}, # an instance with a public list of domain_blocks - # { domain = 'jorts.horse', token = '' }, # user accessible block list - # { domain = 'eigenmagic.net', token = '', admin = true }, # admin access required - ] - - # List of URLs to read csv blocklists from - # Format tells the parser which format to use when parsing the blocklist - # max_severity tells the parser to override any severities that are higher than this value - # import_fields tells the parser to only import that set of fields from a specific source - blocklist_url_sources = [ - # { url = 'file:///path/to/fediblockhole/samples/demo-blocklist-01.csv', format = 'csv' }, - { url = 'https://raw.githubusercontent.com/eigenmagic/fediblockhole/main/samples/demo-blocklist-01.csv', format = 'csv' }, - - ] - - ## These global allowlists override blocks from blocklists - # These are the same format and structure as blocklists, but they take precedence - allowlist_url_sources = [ - { url = 'https://raw.githubusercontent.com/eigenmagic/fediblockhole/main/samples/demo-allowlist-01.csv', format = 'csv' }, - { url = 'https://raw.githubusercontent.com/eigenmagic/fediblockhole/main/samples/demo-allowlist-02.csv', format = 'csv' }, - ] - - # List of instances to write blocklist to - blocklist_instance_destinations = [ - # { domain = 'eigenmagic.net', token = '', max_followed_severity = 'silence'}, - ] - - ## Store a local copy of the remote blocklists after we fetch them - #save_intermediate = true - - ## Directory to store the local blocklist copies - # savedir = '/tmp' - - ## File to save the fully merged blocklist into - # blocklist_savefile = '/tmp/merged_blocklist.csv' - - ## Don't push blocklist to instances, even if they're defined above - # no_push_instance = false - - ## Don't fetch blocklists from URLs, even if they're defined above - # no_fetch_url = false - - ## Don't fetch blocklists from instances, even if they're defined above - # no_fetch_instance = false - - ## Set the mergeplan to use when dealing with overlaps between blocklists - # The default 'max' mergeplan will use the harshest severity block found for a domain. - # The 'min' mergeplan will use the lightest severity block found for a domain. - # mergeplan = 'max' - - ## Set which fields we import - ## 'domain' and 'severity' are always imported, these are additional - ## - import_fields = ['public_comment', 'reject_media', 'reject_reports', 'obfuscate'] - - ## Set which fields we export - ## 'domain' and 'severity' are always exported, these are additional - ## - export_fields = ['public_comment'] + {{- with .Values.fediblockhole.blocklist_instance_sources }} + blocklist_instance_sources: {{ . }} + {{- end }} + {{- with .Values.fediblockhole.blocklist_url_sources }} + blocklist_url_sources: {{ . }} + {{- end }} + {{- with .Values.fediblockhole.allowlist_url_sources }} + allowlist_url_sources: {{ . }} + {{- end }} + {{- with .Values.fediblockhole.blocklist_instance_destinations }} + blocklist_instance_destinations: {{ . }} + {{- end }} + {{- with .Values.fediblockhole.save_intermediate }} + save_intermediate: {{ . }} + {{- end }} + {{- with .Values.fediblockhole.savedir }} + savedir: {{ . }} + {{- end }} + {{- with .Values.fediblockhole.blocklist_savefile }} + blocklist_savefile: {{ . }} + {{- end }} + {{- with .Values.fediblockhole.no_push_instance }} + no_push_instance: {{ . }} + {{- end }} + {{- with .Values.fediblockhole.no_fetch_url }} + no_fetch_url: {{ . }} + {{- end }} + {{- with .Values.fediblockhole.no_fetch_instance }} + no_fetch_instance: {{ . }} + {{- end }} + {{- with .Values.fediblockhole.mergplan }} + mergeplan: {{ . }} + {{- end }} + {{- with .Values.fediblockhole.import_fields }} + import_fields: {{ . }} + {{- end }} + {{- with .Values.fediblockhole.export_fields }} + export_fields: {{ . }} + {{- end }} From 42838731b9ecb294ca86c1131dc06305597c2440 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Sat, 21 Jan 2023 21:58:11 -0500 Subject: [PATCH 035/146] Update cronjob-fediblock-sync.yaml --- chart/templates/cronjob-fediblock-sync.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chart/templates/cronjob-fediblock-sync.yaml b/chart/templates/cronjob-fediblock-sync.yaml index 0d00df3..9196383 100644 --- a/chart/templates/cronjob-fediblock-sync.yaml +++ b/chart/templates/cronjob-fediblock-sync.yaml @@ -28,7 +28,7 @@ spec: - {{ .Values.fediblockhole.conf_file.path }}{{ .Values.fediblockhole.conf_file.filename }} envFrom: - configMapRef: - name: {{ include "fediblockhole.fullname" . }}-env + name: {{ include "fediblockhole.fullname" . }}-conf-toml - secretRef: name: {{ template "fediblockhole.secretName" . }} volumeMounts: From eec6386e905b34b4924cc6b6c9a1d7047a6e4c31 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Sat, 21 Jan 2023 22:02:14 -0500 Subject: [PATCH 036/146] Update values.yaml --- chart/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chart/values.yaml b/chart/values.yaml index a93cf08..f4c4c8c 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -1,6 +1,6 @@ image: repository: ghcr.io/cunningpike/fediblockhole - # https://hub.docker.com/r/tootsuite/mastodon/tags + # https://github.com/cunningpike/fediblockhole/pkgs/container/fediblockhole/versions # # alternatively, use `latest` for the latest release or `edge` for the image # built from the most recent commit From bd1a4eca7e4d9243bfd3081203f79616c15fd8cf Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Sat, 21 Jan 2023 22:41:01 -0500 Subject: [PATCH 037/146] Update values.yaml --- chart/values.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/chart/values.yaml b/chart/values.yaml index f4c4c8c..5de058c 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -94,12 +94,12 @@ fediblockhole: ## Set which fields we import ## 'domain' and 'severity' are always imported, these are additional ## - import_fields = ['public_comment', 'reject_media', 'reject_reports', 'obfuscate'] + import_fields: ['public_comment', 'reject_media', 'reject_reports', 'obfuscate'] ## Set which fields we export ## 'domain' and 'severity' are always exported, these are additional ## - export_fields = ['public_comment'] + export_fields: ['public_comment'] # if you manually change the UID/GID environment variables, ensure these values # match: From a9628a9a564e099793ad6a0614a3f46d7c846eda Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Sat, 21 Jan 2023 22:53:10 -0500 Subject: [PATCH 038/146] Update values.yaml --- chart/values.yaml | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/chart/values.yaml b/chart/values.yaml index 5de058c..5386af1 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -41,9 +41,9 @@ fediblockhole: # If `import_fields` are provided, only import these fields from the instance. # Overrides the global `import_fields` setting. blocklist_instance_sources: [ - # { domain = 'public.blocklist'}, # an instance with a public list of domain_blocks - # { domain = 'jorts.horse', token = '' }, # user accessible block list - # { domain = 'eigenmagic.net', token = '', admin = true }, # admin access required + # { domain: 'public.blocklist'}, # an instance with a public list of domain_blocks + # { domain: 'jorts.horse', token = '' }, # user accessible block list + # { domain: 'eigenmagic.net', token = '', admin = true }, # admin access required ] # List of URLs to read csv blocklists from @@ -51,45 +51,45 @@ fediblockhole: # max_severity tells the parser to override any severities that are higher than this value # import_fields tells the parser to only import that set of fields from a specific source blocklist_url_sources: [ - # { url = 'file:///path/to/fediblockhole/samples/demo-blocklist-01.csv', format = 'csv' }, - { url = 'https://raw.githubusercontent.com/eigenmagic/fediblockhole/main/samples/demo-blocklist-01.csv', format = 'csv' }, + # { url: 'file:///path/to/fediblockhole/samples/demo-blocklist-01.csv', format = 'csv' }, + { url: 'https://raw.githubusercontent.com/eigenmagic/fediblockhole/main/samples/demo-blocklist-01.csv', format = 'csv' }, ] ## These global allowlists override blocks from blocklists # These are the same format and structure as blocklists, but they take precedence allowlist_url_sources: [ - { url = 'https://raw.githubusercontent.com/eigenmagic/fediblockhole/main/samples/demo-allowlist-01.csv', format = 'csv' }, - { url = 'https://raw.githubusercontent.com/eigenmagic/fediblockhole/main/samples/demo-allowlist-02.csv', format = 'csv' }, + { url: 'https://raw.githubusercontent.com/eigenmagic/fediblockhole/main/samples/demo-allowlist-01.csv', format = 'csv' }, + { url: 'https://raw.githubusercontent.com/eigenmagic/fediblockhole/main/samples/demo-allowlist-02.csv', format = 'csv' }, ] # List of instances to write blocklist to blocklist_instance_destinations: [ - # { domain = 'eigenmagic.net', token = '', max_followed_severity = 'silence'}, + # { domain: 'eigenmagic.net', token = '', max_followed_severity = 'silence'}, ] ## Store a local copy of the remote blocklists after we fetch them - #save_intermediate = true + #save_intermediate: true ## Directory to store the local blocklist copies - # savedir = '/tmp' + # savedir: '/tmp' ## File to save the fully merged blocklist into - # blocklist_savefile = '/tmp/merged_blocklist.csv' + # blocklist_savefile: '/tmp/merged_blocklist.csv' ## Don't push blocklist to instances, even if they're defined above - # no_push_instance = false + # no_push_instance: false ## Don't fetch blocklists from URLs, even if they're defined above - # no_fetch_url = false + # no_fetch_url: false ## Don't fetch blocklists from instances, even if they're defined above - # no_fetch_instance = false + # no_fetch_instance: false ## Set the mergeplan to use when dealing with overlaps between blocklists # The default 'max' mergeplan will use the harshest severity block found for a domain. # The 'min' mergeplan will use the lightest severity block found for a domain. - # mergeplan = 'max' + # mergeplan: 'max' ## Set which fields we import ## 'domain' and 'severity' are always imported, these are additional From c12c739fc0bde53a26914d62002c068b4ad43f99 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Sat, 21 Jan 2023 22:56:44 -0500 Subject: [PATCH 039/146] Update values.yaml --- chart/values.yaml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/chart/values.yaml b/chart/values.yaml index 5386af1..458244e 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -42,8 +42,8 @@ fediblockhole: # Overrides the global `import_fields` setting. blocklist_instance_sources: [ # { domain: 'public.blocklist'}, # an instance with a public list of domain_blocks - # { domain: 'jorts.horse', token = '' }, # user accessible block list - # { domain: 'eigenmagic.net', token = '', admin = true }, # admin access required + # { domain: 'jorts.horse', token: '' }, # user accessible block list + # { domain: 'eigenmagic.net', token: '', admin = true }, # admin access required ] # List of URLs to read csv blocklists from @@ -52,20 +52,20 @@ fediblockhole: # import_fields tells the parser to only import that set of fields from a specific source blocklist_url_sources: [ # { url: 'file:///path/to/fediblockhole/samples/demo-blocklist-01.csv', format = 'csv' }, - { url: 'https://raw.githubusercontent.com/eigenmagic/fediblockhole/main/samples/demo-blocklist-01.csv', format = 'csv' }, + { url: 'https://raw.githubusercontent.com/eigenmagic/fediblockhole/main/samples/demo-blocklist-01.csv', format: 'csv' }, ] ## These global allowlists override blocks from blocklists # These are the same format and structure as blocklists, but they take precedence allowlist_url_sources: [ - { url: 'https://raw.githubusercontent.com/eigenmagic/fediblockhole/main/samples/demo-allowlist-01.csv', format = 'csv' }, - { url: 'https://raw.githubusercontent.com/eigenmagic/fediblockhole/main/samples/demo-allowlist-02.csv', format = 'csv' }, + { url: 'https://raw.githubusercontent.com/eigenmagic/fediblockhole/main/samples/demo-allowlist-01.csv', format: 'csv' }, + { url: 'https://raw.githubusercontent.com/eigenmagic/fediblockhole/main/samples/demo-allowlist-02.csv', format: 'csv' }, ] # List of instances to write blocklist to blocklist_instance_destinations: [ - # { domain: 'eigenmagic.net', token = '', max_followed_severity = 'silence'}, + # { domain: 'eigenmagic.net', token: '', max_followed_severity: 'silence'}, ] ## Store a local copy of the remote blocklists after we fetch them From f8389e138d7920383dec39684e7349052ff2073d Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Sat, 21 Jan 2023 22:58:01 -0500 Subject: [PATCH 040/146] Update values.yaml --- chart/values.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/chart/values.yaml b/chart/values.yaml index 458244e..de53c5c 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -43,7 +43,7 @@ fediblockhole: blocklist_instance_sources: [ # { domain: 'public.blocklist'}, # an instance with a public list of domain_blocks # { domain: 'jorts.horse', token: '' }, # user accessible block list - # { domain: 'eigenmagic.net', token: '', admin = true }, # admin access required + # { domain: 'eigenmagic.net', token: '', admin: true }, # admin access required ] # List of URLs to read csv blocklists from @@ -51,7 +51,7 @@ fediblockhole: # max_severity tells the parser to override any severities that are higher than this value # import_fields tells the parser to only import that set of fields from a specific source blocklist_url_sources: [ - # { url: 'file:///path/to/fediblockhole/samples/demo-blocklist-01.csv', format = 'csv' }, + # { url: 'file:///path/to/fediblockhole/samples/demo-blocklist-01.csv', format: 'csv' }, { url: 'https://raw.githubusercontent.com/eigenmagic/fediblockhole/main/samples/demo-blocklist-01.csv', format: 'csv' }, ] From 05f9f828f9cd1ebcd3a01270d47bdf1be4ca895b Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Sun, 22 Jan 2023 21:23:23 -0500 Subject: [PATCH 041/146] Create _helpers.tpl --- chart/templates/_helpers.tpl | 92 ++++++++++++++++++++++++++++++++++++ 1 file changed, 92 insertions(+) create mode 100644 chart/templates/_helpers.tpl diff --git a/chart/templates/_helpers.tpl b/chart/templates/_helpers.tpl new file mode 100644 index 0000000..2fa1df7 --- /dev/null +++ b/chart/templates/_helpers.tpl @@ -0,0 +1,92 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "fediblockhole.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "fediblockhole.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "fediblockhole.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "fediblockhole.labels" -}} +helm.sh/chart: {{ include "fediblockhole.chart" . }} +{{ include "fediblockhole.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "fediblockhole.selectorLabels" -}} +app.kubernetes.io/name: {{ include "fediblockhole.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Rolling pod annotations +*/}} +{{- define "fediblockhole.rollingPodAnnotations" -}} +rollme: {{ .Release.Revision | quote }} +checksum/config-secrets: {{ include ( print $.Template.BasePath "/secrets.yaml" ) . | sha256sum | quote }} +checksum/config-configmap: {{ include ( print $.Template.BasePath "/configmap-env.yaml" ) . | sha256sum | quote }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "fediblockhole.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "fediblockhole.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} + +{{/* +Get the fediblockhole secret. +*/}} +{{- define "fediblockhole.secretName" -}} +{{- if .Values.fediblockhole.secrets.existingSecret }} + {{- printf "%s" (tpl .Values.fediblockhole.secrets.existingSecret $) -}} +{{- else -}} + {{- printf "%s" (include "common.names.fullname" .) -}} +{{- end -}} +{{- end -}} + +{{/* +Return true if a fediblockhole secret object should be created +*/}} +{{- define "fediblockhole.createSecret" -}} +{{- if (not .Values.mastodon.secrets.existingSecret) -}} + {{- true -}} +{{- end -}} +{{- end -}} From 536659bee62eaabcdf41e821236ffe645c4e9d87 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Sun, 22 Jan 2023 21:31:44 -0500 Subject: [PATCH 042/146] Create secrets.yaml --- chart/templates/secrets.yaml | 38 ++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 chart/templates/secrets.yaml diff --git a/chart/templates/secrets.yaml b/chart/templates/secrets.yaml new file mode 100644 index 0000000..b4da9ea --- /dev/null +++ b/chart/templates/secrets.yaml @@ -0,0 +1,38 @@ +{{- if (include "fediblockhole.createSecret" .) -}} +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "fediblockhole.fullname" . }} + labels: + {{- include "fediblockhole.labels" . | nindent 4 }} +type: Opaque +data: + {{- if .Values.fediblockhole.s3.enabled }} + {{- if not .Values.fediblockhole.s3.existingSecret }} + AWS_ACCESS_KEY_ID: "{{ .Values.fediblockhole.s3.access_key | b64enc }}" + AWS_SECRET_ACCESS_KEY: "{{ .Values.fediblockhole.s3.access_secret | b64enc }}" + {{- end }} + {{- end }} + {{- if not .Values.fediblockhole.secrets.existingSecret }} + {{- if not (empty .Values.fediblockhole.secrets.secret_key_base) }} + SECRET_KEY_BASE: "{{ .Values.fediblockhole.secrets.secret_key_base | b64enc }}" + {{- else }} + SECRET_KEY_BASE: {{ required "secret_key_base is required" .Values.fediblockhole.secrets.secret_key_base }} + {{- end }} + {{- if not (empty .Values.fediblockhole.secrets.otp_secret) }} + OTP_SECRET: "{{ .Values.fediblockhole.secrets.otp_secret | b64enc }}" + {{- else }} + OTP_SECRET: {{ required "otp_secret is required" .Values.fediblockhole.secrets.otp_secret }} + {{- end }} + {{- if not (empty .Values.fediblockhole.secrets.vapid.private_key) }} + VAPID_PRIVATE_KEY: "{{ .Values.fediblockhole.secrets.vapid.private_key | b64enc }}" + {{- else }} + VAPID_PRIVATE_KEY: {{ required "vapid.private_key is required" .Values.fediblockhole.secrets.vapid.private_key }} + {{- end }} + {{- if not (empty .Values.fediblockhole.secrets.vapid.public_key) }} + VAPID_PUBLIC_KEY: "{{ .Values.fediblockhole.secrets.vapid.public_key | b64enc }}" + {{- else }} + VAPID_PUBLIC_KEY: {{ required "vapid.public_key is required" .Values.fediblockhole.secrets.vapid.public_key }} + {{- end }} + {{- end }} +{{- end }} From bc775098ffcf7b6b602fa32cff9bd8fb61909213 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Sun, 22 Jan 2023 21:36:49 -0500 Subject: [PATCH 043/146] Update secrets.yaml --- chart/templates/secrets.yaml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/chart/templates/secrets.yaml b/chart/templates/secrets.yaml index b4da9ea..064e1b0 100644 --- a/chart/templates/secrets.yaml +++ b/chart/templates/secrets.yaml @@ -7,12 +7,6 @@ metadata: {{- include "fediblockhole.labels" . | nindent 4 }} type: Opaque data: - {{- if .Values.fediblockhole.s3.enabled }} - {{- if not .Values.fediblockhole.s3.existingSecret }} - AWS_ACCESS_KEY_ID: "{{ .Values.fediblockhole.s3.access_key | b64enc }}" - AWS_SECRET_ACCESS_KEY: "{{ .Values.fediblockhole.s3.access_secret | b64enc }}" - {{- end }} - {{- end }} {{- if not .Values.fediblockhole.secrets.existingSecret }} {{- if not (empty .Values.fediblockhole.secrets.secret_key_base) }} SECRET_KEY_BASE: "{{ .Values.fediblockhole.secrets.secret_key_base | b64enc }}" From 80f9fbdbd3530a9b6d2a62c9ab8fce364741dc8d Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 23 Jan 2023 10:37:19 -0500 Subject: [PATCH 044/146] Update _helpers.tpl --- chart/templates/_helpers.tpl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chart/templates/_helpers.tpl b/chart/templates/_helpers.tpl index 2fa1df7..fe1b144 100644 --- a/chart/templates/_helpers.tpl +++ b/chart/templates/_helpers.tpl @@ -86,7 +86,7 @@ Get the fediblockhole secret. Return true if a fediblockhole secret object should be created */}} {{- define "fediblockhole.createSecret" -}} -{{- if (not .Values.mastodon.secrets.existingSecret) -}} +{{- if (not .Values.fediblockhole.secrets.existingSecret) -}} {{- true -}} {{- end -}} {{- end -}} From 8d1a417ba6b9d78acfc669f805f2f3318791ac44 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 23 Jan 2023 10:47:19 -0500 Subject: [PATCH 045/146] Update _helpers.tpl --- chart/templates/_helpers.tpl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chart/templates/_helpers.tpl b/chart/templates/_helpers.tpl index fe1b144..3712d2b 100644 --- a/chart/templates/_helpers.tpl +++ b/chart/templates/_helpers.tpl @@ -57,7 +57,7 @@ Rolling pod annotations {{- define "fediblockhole.rollingPodAnnotations" -}} rollme: {{ .Release.Revision | quote }} checksum/config-secrets: {{ include ( print $.Template.BasePath "/secrets.yaml" ) . | sha256sum | quote }} -checksum/config-configmap: {{ include ( print $.Template.BasePath "/configmap-env.yaml" ) . | sha256sum | quote }} +checksum/config-configmap: {{ include ( print $.Template.BasePath "/configmap-conf-toml.yaml" ) . | sha256sum | quote }} {{- end }} {{/* From e1ea3e441a24e94a471e173895931a79d453d18d Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 23 Jan 2023 10:48:37 -0500 Subject: [PATCH 046/146] Update _helpers.tpl --- chart/templates/_helpers.tpl | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/chart/templates/_helpers.tpl b/chart/templates/_helpers.tpl index 3712d2b..d2b8332 100644 --- a/chart/templates/_helpers.tpl +++ b/chart/templates/_helpers.tpl @@ -60,17 +60,6 @@ checksum/config-secrets: {{ include ( print $.Template.BasePath "/secrets.yaml" checksum/config-configmap: {{ include ( print $.Template.BasePath "/configmap-conf-toml.yaml" ) . | sha256sum | quote }} {{- end }} -{{/* -Create the name of the service account to use -*/}} -{{- define "fediblockhole.serviceAccountName" -}} -{{- if .Values.serviceAccount.create }} -{{- default (include "fediblockhole.fullname" .) .Values.serviceAccount.name }} -{{- else }} -{{- default "default" .Values.serviceAccount.name }} -{{- end }} -{{- end }} - {{/* Get the fediblockhole secret. */}} From 4d12395d96c5d46c611964fc24378273d931fc88 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 23 Jan 2023 11:02:40 -0500 Subject: [PATCH 047/146] Update Chart.yaml --- chart/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chart/Chart.yaml b/chart/Chart.yaml index b2196f9..2b488f6 100644 --- a/chart/Chart.yaml +++ b/chart/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.1 +version: 0.0.2 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to From 0a433084ef5bbfef46542f5066b870a73f50f82f Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 23 Jan 2023 11:22:59 -0500 Subject: [PATCH 048/146] Update values.yaml --- chart/values.yaml | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/chart/values.yaml b/chart/values.yaml index de53c5c..e299e67 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -22,17 +22,6 @@ fediblockhole: enabled: false # @ignored schedule: "0 * * * *" - # these must be set manually; autogenerated keys are rotated on each upgrade - secrets: - secret_key_base: "" - otp_secret: "" - vapid: - private_key: "" - public_key: "" - # -- you can also specify the name of an existing Secret - # with keys SECRET_KEY_BASE and OTP_SECRET and - # VAPID_PRIVATE_KEY and VAPID_PUBLIC_KEY - existingSecret: "" # List of instances to read blocklists from. # If the instance makes its blocklist public, no authorization token is needed. # Otherwise, `token` is a Bearer token authorised to read domain_blocks. From 743e6b4dc08062049c855ff5f128d3f11d0d63cf Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 23 Jan 2023 11:24:21 -0500 Subject: [PATCH 049/146] Update cronjob-fediblock-sync.yaml --- chart/templates/cronjob-fediblock-sync.yaml | 2 -- 1 file changed, 2 deletions(-) diff --git a/chart/templates/cronjob-fediblock-sync.yaml b/chart/templates/cronjob-fediblock-sync.yaml index 9196383..1785c25 100644 --- a/chart/templates/cronjob-fediblock-sync.yaml +++ b/chart/templates/cronjob-fediblock-sync.yaml @@ -29,8 +29,6 @@ spec: envFrom: - configMapRef: name: {{ include "fediblockhole.fullname" . }}-conf-toml - - secretRef: - name: {{ template "fediblockhole.secretName" . }} volumeMounts: - name: config mountPath: "{{ .Values.fediblockhole.conf_file.path }}" From df4d4232c0249198657ccfa9b92d9af5bb0b345c Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 23 Jan 2023 11:24:52 -0500 Subject: [PATCH 050/146] Delete secrets.yaml --- chart/templates/secrets.yaml | 32 -------------------------------- 1 file changed, 32 deletions(-) delete mode 100644 chart/templates/secrets.yaml diff --git a/chart/templates/secrets.yaml b/chart/templates/secrets.yaml deleted file mode 100644 index 064e1b0..0000000 --- a/chart/templates/secrets.yaml +++ /dev/null @@ -1,32 +0,0 @@ -{{- if (include "fediblockhole.createSecret" .) -}} -apiVersion: v1 -kind: Secret -metadata: - name: {{ template "fediblockhole.fullname" . }} - labels: - {{- include "fediblockhole.labels" . | nindent 4 }} -type: Opaque -data: - {{- if not .Values.fediblockhole.secrets.existingSecret }} - {{- if not (empty .Values.fediblockhole.secrets.secret_key_base) }} - SECRET_KEY_BASE: "{{ .Values.fediblockhole.secrets.secret_key_base | b64enc }}" - {{- else }} - SECRET_KEY_BASE: {{ required "secret_key_base is required" .Values.fediblockhole.secrets.secret_key_base }} - {{- end }} - {{- if not (empty .Values.fediblockhole.secrets.otp_secret) }} - OTP_SECRET: "{{ .Values.fediblockhole.secrets.otp_secret | b64enc }}" - {{- else }} - OTP_SECRET: {{ required "otp_secret is required" .Values.fediblockhole.secrets.otp_secret }} - {{- end }} - {{- if not (empty .Values.fediblockhole.secrets.vapid.private_key) }} - VAPID_PRIVATE_KEY: "{{ .Values.fediblockhole.secrets.vapid.private_key | b64enc }}" - {{- else }} - VAPID_PRIVATE_KEY: {{ required "vapid.private_key is required" .Values.fediblockhole.secrets.vapid.private_key }} - {{- end }} - {{- if not (empty .Values.fediblockhole.secrets.vapid.public_key) }} - VAPID_PUBLIC_KEY: "{{ .Values.fediblockhole.secrets.vapid.public_key | b64enc }}" - {{- else }} - VAPID_PUBLIC_KEY: {{ required "vapid.public_key is required" .Values.fediblockhole.secrets.vapid.public_key }} - {{- end }} - {{- end }} -{{- end }} From c6a4bbd17052b8bfe2c5df49a49213b165f1cc78 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 23 Jan 2023 11:26:14 -0500 Subject: [PATCH 051/146] Update _helpers.tpl --- chart/templates/_helpers.tpl | 21 --------------------- 1 file changed, 21 deletions(-) diff --git a/chart/templates/_helpers.tpl b/chart/templates/_helpers.tpl index d2b8332..bf47fd3 100644 --- a/chart/templates/_helpers.tpl +++ b/chart/templates/_helpers.tpl @@ -56,26 +56,5 @@ Rolling pod annotations */}} {{- define "fediblockhole.rollingPodAnnotations" -}} rollme: {{ .Release.Revision | quote }} -checksum/config-secrets: {{ include ( print $.Template.BasePath "/secrets.yaml" ) . | sha256sum | quote }} checksum/config-configmap: {{ include ( print $.Template.BasePath "/configmap-conf-toml.yaml" ) . | sha256sum | quote }} {{- end }} - -{{/* -Get the fediblockhole secret. -*/}} -{{- define "fediblockhole.secretName" -}} -{{- if .Values.fediblockhole.secrets.existingSecret }} - {{- printf "%s" (tpl .Values.fediblockhole.secrets.existingSecret $) -}} -{{- else -}} - {{- printf "%s" (include "common.names.fullname" .) -}} -{{- end -}} -{{- end -}} - -{{/* -Return true if a fediblockhole secret object should be created -*/}} -{{- define "fediblockhole.createSecret" -}} -{{- if (not .Values.fediblockhole.secrets.existingSecret) -}} - {{- true -}} -{{- end -}} -{{- end -}} From 85b6d8b0e06e3605c6e6e1b8b5e28f13dfdbe5af Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 23 Jan 2023 11:26:56 -0500 Subject: [PATCH 052/146] Update Chart.yaml --- chart/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chart/Chart.yaml b/chart/Chart.yaml index 2b488f6..322c786 100644 --- a/chart/Chart.yaml +++ b/chart/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.2 +version: 0.0.3 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to From 00d3cb80bff896696283c91d6ac3f33f9ec2de24 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 23 Jan 2023 12:01:33 -0500 Subject: [PATCH 053/146] Update configmap-conf-toml.yaml --- chart/templates/configmap-conf-toml.yaml | 40 +----------------------- 1 file changed, 1 insertion(+), 39 deletions(-) diff --git a/chart/templates/configmap-conf-toml.yaml b/chart/templates/configmap-conf-toml.yaml index d07f25d..f320b67 100644 --- a/chart/templates/configmap-conf-toml.yaml +++ b/chart/templates/configmap-conf-toml.yaml @@ -5,42 +5,4 @@ metadata: labels: {{- include "fediblockhole.labels" . | nindent 4 }} data: - {{- with .Values.fediblockhole.blocklist_instance_sources }} - blocklist_instance_sources: {{ . }} - {{- end }} - {{- with .Values.fediblockhole.blocklist_url_sources }} - blocklist_url_sources: {{ . }} - {{- end }} - {{- with .Values.fediblockhole.allowlist_url_sources }} - allowlist_url_sources: {{ . }} - {{- end }} - {{- with .Values.fediblockhole.blocklist_instance_destinations }} - blocklist_instance_destinations: {{ . }} - {{- end }} - {{- with .Values.fediblockhole.save_intermediate }} - save_intermediate: {{ . }} - {{- end }} - {{- with .Values.fediblockhole.savedir }} - savedir: {{ . }} - {{- end }} - {{- with .Values.fediblockhole.blocklist_savefile }} - blocklist_savefile: {{ . }} - {{- end }} - {{- with .Values.fediblockhole.no_push_instance }} - no_push_instance: {{ . }} - {{- end }} - {{- with .Values.fediblockhole.no_fetch_url }} - no_fetch_url: {{ . }} - {{- end }} - {{- with .Values.fediblockhole.no_fetch_instance }} - no_fetch_instance: {{ . }} - {{- end }} - {{- with .Values.fediblockhole.mergplan }} - mergeplan: {{ . }} - {{- end }} - {{- with .Values.fediblockhole.import_fields }} - import_fields: {{ . }} - {{- end }} - {{- with .Values.fediblockhole.export_fields }} - export_fields: {{ . }} - {{- end }} + {{ (.Files.Glob "fediblockhole.conf.toml").AsConfig | nindent 4 }} From ef2814540c50148bcd01e5184218405fa64e58d4 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 23 Jan 2023 12:02:43 -0500 Subject: [PATCH 054/146] Create fediblockhole.conf.toml --- chart/templates/fediblockhole.conf.toml | 67 +++++++++++++++++++++++++ 1 file changed, 67 insertions(+) create mode 100644 chart/templates/fediblockhole.conf.toml diff --git a/chart/templates/fediblockhole.conf.toml b/chart/templates/fediblockhole.conf.toml new file mode 100644 index 0000000..e377e97 --- /dev/null +++ b/chart/templates/fediblockhole.conf.toml @@ -0,0 +1,67 @@ +# List of instances to read blocklists from. +# If the instance makes its blocklist public, no authorization token is needed. +# Otherwise, `token` is a Bearer token authorised to read domain_blocks. +# If `admin` = True, use the more detailed admin API, which requires a token with a +# higher level of authorization. +# If `import_fields` are provided, only import these fields from the instance. +# Overrides the global `import_fields` setting. +blocklist_instance_sources = [ + # { domain = 'public.blocklist'}, # an instance with a public list of domain_blocks + # { domain = 'jorts.horse', token = '' }, # user accessible block list + # { domain = 'eigenmagic.net', token = '', admin = true }, # admin access required +] + +# List of URLs to read csv blocklists from +# Format tells the parser which format to use when parsing the blocklist +# max_severity tells the parser to override any severities that are higher than this value +# import_fields tells the parser to only import that set of fields from a specific source +blocklist_url_sources = [ + # { url = 'file:///path/to/fediblockhole/samples/demo-blocklist-01.csv', format = 'csv' }, + { url = 'https://raw.githubusercontent.com/eigenmagic/fediblockhole/main/samples/demo-blocklist-01.csv', format = 'csv' }, + +] + +## These global allowlists override blocks from blocklists +# These are the same format and structure as blocklists, but they take precedence +allowlist_url_sources = [ + { url = 'https://raw.githubusercontent.com/eigenmagic/fediblockhole/main/samples/demo-allowlist-01.csv', format = 'csv' }, + { url = 'https://raw.githubusercontent.com/eigenmagic/fediblockhole/main/samples/demo-allowlist-02.csv', format = 'csv' }, +] + +# List of instances to write blocklist to +blocklist_instance_destinations = [ + # { domain = 'eigenmagic.net', token = '', max_followed_severity = 'silence'}, +] + +## Store a local copy of the remote blocklists after we fetch them +#save_intermediate = true + +## Directory to store the local blocklist copies +# savedir = '/tmp' + +## File to save the fully merged blocklist into +# blocklist_savefile = '/tmp/merged_blocklist.csv' + +## Don't push blocklist to instances, even if they're defined above +# no_push_instance = false + +## Don't fetch blocklists from URLs, even if they're defined above +# no_fetch_url = false + +## Don't fetch blocklists from instances, even if they're defined above +# no_fetch_instance = false + +## Set the mergeplan to use when dealing with overlaps between blocklists +# The default 'max' mergeplan will use the harshest severity block found for a domain. +# The 'min' mergeplan will use the lightest severity block found for a domain. +# mergeplan = 'max' + +## Set which fields we import +## 'domain' and 'severity' are always imported, these are additional +## +import_fields = ['public_comment', 'reject_media', 'reject_reports', 'obfuscate'] + +## Set which fields we export +## 'domain' and 'severity' are always exported, these are additional +## +export_fields = ['public_comment'] From 885bbcca0caa8087af9795de2756b40972ccc415 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 23 Jan 2023 12:07:15 -0500 Subject: [PATCH 055/146] Update values.yaml --- chart/values.yaml | 67 ----------------------------------------------- 1 file changed, 67 deletions(-) diff --git a/chart/values.yaml b/chart/values.yaml index e299e67..0aa310f 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -22,73 +22,6 @@ fediblockhole: enabled: false # @ignored schedule: "0 * * * *" - # List of instances to read blocklists from. - # If the instance makes its blocklist public, no authorization token is needed. - # Otherwise, `token` is a Bearer token authorised to read domain_blocks. - # If `admin` = True, use the more detailed admin API, which requires a token with a - # higher level of authorization. - # If `import_fields` are provided, only import these fields from the instance. - # Overrides the global `import_fields` setting. - blocklist_instance_sources: [ - # { domain: 'public.blocklist'}, # an instance with a public list of domain_blocks - # { domain: 'jorts.horse', token: '' }, # user accessible block list - # { domain: 'eigenmagic.net', token: '', admin: true }, # admin access required - ] - - # List of URLs to read csv blocklists from - # Format tells the parser which format to use when parsing the blocklist - # max_severity tells the parser to override any severities that are higher than this value - # import_fields tells the parser to only import that set of fields from a specific source - blocklist_url_sources: [ - # { url: 'file:///path/to/fediblockhole/samples/demo-blocklist-01.csv', format: 'csv' }, - { url: 'https://raw.githubusercontent.com/eigenmagic/fediblockhole/main/samples/demo-blocklist-01.csv', format: 'csv' }, - - ] - - ## These global allowlists override blocks from blocklists - # These are the same format and structure as blocklists, but they take precedence - allowlist_url_sources: [ - { url: 'https://raw.githubusercontent.com/eigenmagic/fediblockhole/main/samples/demo-allowlist-01.csv', format: 'csv' }, - { url: 'https://raw.githubusercontent.com/eigenmagic/fediblockhole/main/samples/demo-allowlist-02.csv', format: 'csv' }, - ] - - # List of instances to write blocklist to - blocklist_instance_destinations: [ - # { domain: 'eigenmagic.net', token: '', max_followed_severity: 'silence'}, - ] - - ## Store a local copy of the remote blocklists after we fetch them - #save_intermediate: true - - ## Directory to store the local blocklist copies - # savedir: '/tmp' - - ## File to save the fully merged blocklist into - # blocklist_savefile: '/tmp/merged_blocklist.csv' - - ## Don't push blocklist to instances, even if they're defined above - # no_push_instance: false - - ## Don't fetch blocklists from URLs, even if they're defined above - # no_fetch_url: false - - ## Don't fetch blocklists from instances, even if they're defined above - # no_fetch_instance: false - - ## Set the mergeplan to use when dealing with overlaps between blocklists - # The default 'max' mergeplan will use the harshest severity block found for a domain. - # The 'min' mergeplan will use the lightest severity block found for a domain. - # mergeplan: 'max' - - ## Set which fields we import - ## 'domain' and 'severity' are always imported, these are additional - ## - import_fields: ['public_comment', 'reject_media', 'reject_reports', 'obfuscate'] - - ## Set which fields we export - ## 'domain' and 'severity' are always exported, these are additional - ## - export_fields: ['public_comment'] # if you manually change the UID/GID environment variables, ensure these values # match: From e2d95aab4d50f3239c4bfcb30a012761055404de Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 23 Jan 2023 12:10:34 -0500 Subject: [PATCH 056/146] Update cronjob-fediblock-sync.yaml --- chart/templates/cronjob-fediblock-sync.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chart/templates/cronjob-fediblock-sync.yaml b/chart/templates/cronjob-fediblock-sync.yaml index 1785c25..817af22 100644 --- a/chart/templates/cronjob-fediblock-sync.yaml +++ b/chart/templates/cronjob-fediblock-sync.yaml @@ -36,7 +36,7 @@ spec: volumes: - name: config configMap: - name: {{ include "fediblockhole.fullname" . }}-env + name: {{ include "fediblockhole.fullname" . }}-conf-toml items: - key: "{{ .Values.fediblockhole.conf_file.filename }}" path: "{{ .Values.fediblockhole.conf_file.filename }}" From 5eb8cf103216ddc994799232aca45fc767b7b45c Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 23 Jan 2023 12:28:11 -0500 Subject: [PATCH 057/146] Update configmap-conf-toml.yaml --- chart/templates/configmap-conf-toml.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/chart/templates/configmap-conf-toml.yaml b/chart/templates/configmap-conf-toml.yaml index f320b67..53afe70 100644 --- a/chart/templates/configmap-conf-toml.yaml +++ b/chart/templates/configmap-conf-toml.yaml @@ -5,4 +5,6 @@ metadata: labels: {{- include "fediblockhole.labels" . | nindent 4 }} data: + conf_file_path: {{ .Values.fediblockhole.conf_file.path | default "/etc/default/" | quote }} + conf_file_filename: {{ .Values.fediblockhole.conf_file.filename | default "fediblockhole.conf.toml" | quote }} {{ (.Files.Glob "fediblockhole.conf.toml").AsConfig | nindent 4 }} From 85ed0a2de057d11492785840b1142aa47f30e5d5 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 23 Jan 2023 12:30:25 -0500 Subject: [PATCH 058/146] Update cronjob-fediblock-sync.yaml --- chart/templates/cronjob-fediblock-sync.yaml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/chart/templates/cronjob-fediblock-sync.yaml b/chart/templates/cronjob-fediblock-sync.yaml index 817af22..bcbf286 100644 --- a/chart/templates/cronjob-fediblock-sync.yaml +++ b/chart/templates/cronjob-fediblock-sync.yaml @@ -25,19 +25,19 @@ spec: command: - fediblock - -c - - {{ .Values.fediblockhole.conf_file.path }}{{ .Values.fediblockhole.conf_file.filename }} + - {{ .Values.fediblockhole.conf_file_path }}{{ .Values.fediblockhole.conf_file_filename }} envFrom: - configMapRef: name: {{ include "fediblockhole.fullname" . }}-conf-toml volumeMounts: - name: config - mountPath: "{{ .Values.fediblockhole.conf_file.path }}" - subPath: {{ .Values.fediblockhole.conf_file.filename }} + mountPath: "{{ .Values.fediblockhole.conf_file_path }}" + subPath: {{ .Values.fediblockhole.conf_file_filename }} volumes: - name: config configMap: name: {{ include "fediblockhole.fullname" . }}-conf-toml items: - - key: "{{ .Values.fediblockhole.conf_file.filename }}" - path: "{{ .Values.fediblockhole.conf_file.filename }}" + - key: "{{ .Values.fediblockhole.conf_file_filename }}" + path: "{{ .Values.fediblockhole.conf_file_filename }}" {{- end }} From a0d307081ae1c12e39bb480139436ac13b84e764 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 23 Jan 2023 12:31:09 -0500 Subject: [PATCH 059/146] Update configmap-conf-toml.yaml --- chart/templates/configmap-conf-toml.yaml | 2 -- 1 file changed, 2 deletions(-) diff --git a/chart/templates/configmap-conf-toml.yaml b/chart/templates/configmap-conf-toml.yaml index 53afe70..f320b67 100644 --- a/chart/templates/configmap-conf-toml.yaml +++ b/chart/templates/configmap-conf-toml.yaml @@ -5,6 +5,4 @@ metadata: labels: {{- include "fediblockhole.labels" . | nindent 4 }} data: - conf_file_path: {{ .Values.fediblockhole.conf_file.path | default "/etc/default/" | quote }} - conf_file_filename: {{ .Values.fediblockhole.conf_file.filename | default "fediblockhole.conf.toml" | quote }} {{ (.Files.Glob "fediblockhole.conf.toml").AsConfig | nindent 4 }} From a301adae99c08e7af40793b528600e8806584e7b Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 23 Jan 2023 12:38:42 -0500 Subject: [PATCH 060/146] Update _helpers.tpl --- chart/templates/_helpers.tpl | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/chart/templates/_helpers.tpl b/chart/templates/_helpers.tpl index bf47fd3..fcd2e18 100644 --- a/chart/templates/_helpers.tpl +++ b/chart/templates/_helpers.tpl @@ -58,3 +58,21 @@ Rolling pod annotations rollme: {{ .Release.Revision | quote }} checksum/config-configmap: {{ include ( print $.Template.BasePath "/configmap-conf-toml.yaml" ) . | sha256sum | quote }} {{- end }} + +{{/* +Create the default conf file path and filename +*/}} +{{- define "fediblockhole.conf_file_path" -}} +{{- if .Values.fediblockhole.conf_file.path }} +{{- default .Values.fediblockhole.conf_file.path }} +{{- else }} +{{- default "default" "/etc/default/" }} +{{- end }} +{{- end }} +{{- define "fediblockhole.conf_file_filename" -}} +{{- if .Values.fediblockhole.conf_file.filename }} +{{- default .Values.fediblockhole.conf_file.filename }} +{{- else }} +{{- default "default" "fediblockhole.conf.toml" }} +{{- end }} +{{- end }} From ca011825d19f90d80cad19cd5d7c3b1b724450d7 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 23 Jan 2023 12:39:26 -0500 Subject: [PATCH 061/146] Update Chart.yaml --- chart/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chart/Chart.yaml b/chart/Chart.yaml index 322c786..4d6468e 100644 --- a/chart/Chart.yaml +++ b/chart/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.3 +version: 0.0.4 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to From f393a2cf044dd8c99d92319ff85fe70a88b5fdcf Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 23 Jan 2023 12:43:55 -0500 Subject: [PATCH 062/146] Update cronjob-fediblock-sync.yaml --- chart/templates/cronjob-fediblock-sync.yaml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/chart/templates/cronjob-fediblock-sync.yaml b/chart/templates/cronjob-fediblock-sync.yaml index bcbf286..8be3992 100644 --- a/chart/templates/cronjob-fediblock-sync.yaml +++ b/chart/templates/cronjob-fediblock-sync.yaml @@ -25,19 +25,19 @@ spec: command: - fediblock - -c - - {{ .Values.fediblockhole.conf_file_path }}{{ .Values.fediblockhole.conf_file_filename }} + - {{- include "fediblockhole.conf_file_path" . }}{{- include "fediblockhole.conf_file_filename" . }} envFrom: - configMapRef: name: {{ include "fediblockhole.fullname" . }}-conf-toml volumeMounts: - name: config - mountPath: "{{ .Values.fediblockhole.conf_file_path }}" - subPath: {{ .Values.fediblockhole.conf_file_filename }} + mountPath: {{- "include fediblockhole.conf_file_path" . | quote }} + subPath: {{- include "fediblockhole.conf_file_filename" . }} volumes: - name: config configMap: name: {{ include "fediblockhole.fullname" . }}-conf-toml items: - - key: "{{ .Values.fediblockhole.conf_file_filename }}" - path: "{{ .Values.fediblockhole.conf_file_filename }}" + - key: {{- include "fediblockhole.conf_file_filename" . | quote }} + path: {{- include "fediblockhole.conf_file_filename" . | quote }} {{- end }} From cec5d6e8151474b8ca5e2bc3fb8712efa5fd1c0c Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 23 Jan 2023 12:44:15 -0500 Subject: [PATCH 063/146] Update Chart.yaml --- chart/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chart/Chart.yaml b/chart/Chart.yaml index 4d6468e..2424b0b 100644 --- a/chart/Chart.yaml +++ b/chart/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.4 +version: 0.0.5 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to From f8ad543e2d4084e99424583d9dfcac579dc250c4 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 23 Jan 2023 13:04:40 -0500 Subject: [PATCH 064/146] Update cronjob-fediblock-sync.yaml --- chart/templates/cronjob-fediblock-sync.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chart/templates/cronjob-fediblock-sync.yaml b/chart/templates/cronjob-fediblock-sync.yaml index 8be3992..c01596c 100644 --- a/chart/templates/cronjob-fediblock-sync.yaml +++ b/chart/templates/cronjob-fediblock-sync.yaml @@ -31,7 +31,7 @@ spec: name: {{ include "fediblockhole.fullname" . }}-conf-toml volumeMounts: - name: config - mountPath: {{- "include fediblockhole.conf_file_path" . | quote }} + mountPath: {{- include "fediblockhole.conf_file_path" . | quote }} subPath: {{- include "fediblockhole.conf_file_filename" . }} volumes: - name: config From a5da3641450fb3dbb8884ebc2b846ce8a717861b Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 23 Jan 2023 13:04:58 -0500 Subject: [PATCH 065/146] Update Chart.yaml --- chart/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chart/Chart.yaml b/chart/Chart.yaml index 2424b0b..df1c656 100644 --- a/chart/Chart.yaml +++ b/chart/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.5 +version: 0.0.6 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to From 4051e26caa20bf35215d79be8191a7947331119c Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 23 Jan 2023 13:09:03 -0500 Subject: [PATCH 066/146] Update cronjob-fediblock-sync.yaml --- chart/templates/cronjob-fediblock-sync.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/chart/templates/cronjob-fediblock-sync.yaml b/chart/templates/cronjob-fediblock-sync.yaml index c01596c..34a60e6 100644 --- a/chart/templates/cronjob-fediblock-sync.yaml +++ b/chart/templates/cronjob-fediblock-sync.yaml @@ -23,9 +23,9 @@ spec: image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" imagePullPolicy: {{ .Values.image.pullPolicy }} command: - - fediblock + - fediblock-sync - -c - - {{- include "fediblockhole.conf_file_path" . }}{{- include "fediblockhole.conf_file_filename" . }} + - "{{- include "fediblockhole.conf_file_path" . }}{{- include "fediblockhole.conf_file_filename" . }}" envFrom: - configMapRef: name: {{ include "fediblockhole.fullname" . }}-conf-toml From 5b94030dbe7107081a3e3e3c7d0daf6965c36c50 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 23 Jan 2023 13:09:21 -0500 Subject: [PATCH 067/146] Update Chart.yaml --- chart/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chart/Chart.yaml b/chart/Chart.yaml index df1c656..69bcb25 100644 --- a/chart/Chart.yaml +++ b/chart/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.6 +version: 0.0.7 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to From c86864d94080f5998b3a923d6de41032eb3ed5a8 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 23 Jan 2023 13:15:33 -0500 Subject: [PATCH 068/146] Update _helpers.tpl --- chart/templates/_helpers.tpl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/chart/templates/_helpers.tpl b/chart/templates/_helpers.tpl index fcd2e18..d69232e 100644 --- a/chart/templates/_helpers.tpl +++ b/chart/templates/_helpers.tpl @@ -66,13 +66,13 @@ Create the default conf file path and filename {{- if .Values.fediblockhole.conf_file.path }} {{- default .Values.fediblockhole.conf_file.path }} {{- else }} -{{- default "default" "/etc/default/" }} +{{- default "/etc/default/" }} {{- end }} {{- end }} {{- define "fediblockhole.conf_file_filename" -}} {{- if .Values.fediblockhole.conf_file.filename }} {{- default .Values.fediblockhole.conf_file.filename }} {{- else }} -{{- default "default" "fediblockhole.conf.toml" }} +{{- default "fediblockhole.conf.toml" }} {{- end }} {{- end }} From f59295a28fa4846c81c40fba887f6471d419031d Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 23 Jan 2023 13:16:24 -0500 Subject: [PATCH 069/146] Update cronjob-fediblock-sync.yaml --- chart/templates/cronjob-fediblock-sync.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chart/templates/cronjob-fediblock-sync.yaml b/chart/templates/cronjob-fediblock-sync.yaml index 34a60e6..b1e1e4e 100644 --- a/chart/templates/cronjob-fediblock-sync.yaml +++ b/chart/templates/cronjob-fediblock-sync.yaml @@ -25,7 +25,7 @@ spec: command: - fediblock-sync - -c - - "{{- include "fediblockhole.conf_file_path" . }}{{- include "fediblockhole.conf_file_filename" . }}" + - {{- include "fediblockhole.conf_file_path" . }}{{- include "fediblockhole.conf_file_filename" . }} envFrom: - configMapRef: name: {{ include "fediblockhole.fullname" . }}-conf-toml From 3fe133a54417361b6619c7afbd6a66ffd0f36c85 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 23 Jan 2023 13:16:42 -0500 Subject: [PATCH 070/146] Update Chart.yaml --- chart/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chart/Chart.yaml b/chart/Chart.yaml index 69bcb25..d730629 100644 --- a/chart/Chart.yaml +++ b/chart/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.7 +version: 0.0.8 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to From b0166262be6e3ea942e01a3debb70616fafd1ad4 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 23 Jan 2023 13:22:04 -0500 Subject: [PATCH 071/146] Update Chart.yaml --- chart/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chart/Chart.yaml b/chart/Chart.yaml index d730629..6bcf8a1 100644 --- a/chart/Chart.yaml +++ b/chart/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.8 +version: 0.0.9 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to From 2c55d3139709630ffb8b4969c5c9704c0af3dafa Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 23 Jan 2023 13:40:55 -0500 Subject: [PATCH 072/146] Update _helpers.tpl --- chart/templates/_helpers.tpl | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/chart/templates/_helpers.tpl b/chart/templates/_helpers.tpl index d69232e..d42cc60 100644 --- a/chart/templates/_helpers.tpl +++ b/chart/templates/_helpers.tpl @@ -64,15 +64,15 @@ Create the default conf file path and filename */}} {{- define "fediblockhole.conf_file_path" -}} {{- if .Values.fediblockhole.conf_file.path }} -{{- default .Values.fediblockhole.conf_file.path }} +{{- .Values.fediblockhole.conf_file.path }} {{- else }} -{{- default "/etc/default/" }} +{{- "/etc/default/" }} {{- end }} {{- end }} {{- define "fediblockhole.conf_file_filename" -}} {{- if .Values.fediblockhole.conf_file.filename }} -{{- default .Values.fediblockhole.conf_file.filename }} +{{- .Values.fediblockhole.conf_file.filename }} {{- else }} -{{- default "fediblockhole.conf.toml" }} +{{- "fediblockhole.conf.toml" }} {{- end }} {{- end }} From 7710c5d7dc4ceebedb1b068c7a9d1ab3b82f68fe Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 23 Jan 2023 13:41:14 -0500 Subject: [PATCH 073/146] Update Chart.yaml --- chart/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chart/Chart.yaml b/chart/Chart.yaml index 6bcf8a1..b22acfa 100644 --- a/chart/Chart.yaml +++ b/chart/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.9 +version: 0.0.10 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to From 75a5a6a55b3b333cc7164eae18e25f1f043e1170 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 23 Jan 2023 13:55:08 -0500 Subject: [PATCH 074/146] Update _helpers.tpl --- chart/templates/_helpers.tpl | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-) diff --git a/chart/templates/_helpers.tpl b/chart/templates/_helpers.tpl index d42cc60..78e6610 100644 --- a/chart/templates/_helpers.tpl +++ b/chart/templates/_helpers.tpl @@ -63,16 +63,8 @@ checksum/config-configmap: {{ include ( print $.Template.BasePath "/configmap-co Create the default conf file path and filename */}} {{- define "fediblockhole.conf_file_path" -}} -{{- if .Values.fediblockhole.conf_file.path }} -{{- .Values.fediblockhole.conf_file.path }} -{{- else }} -{{- "/etc/default/" }} -{{- end }} +{{- default "/etc/default/" .Values.fediblockhole.conf_file.path }} {{- end }} {{- define "fediblockhole.conf_file_filename" -}} -{{- if .Values.fediblockhole.conf_file.filename }} -{{- .Values.fediblockhole.conf_file.filename }} -{{- else }} -{{- "fediblockhole.conf.toml" }} -{{- end }} +{{- default "fediblockhole.conf.toml" .Values.fediblockhole.conf_file.filename }} {{- end }} From a17461aafc5adc0bc1b6ffe7165a37d5b6fee868 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 23 Jan 2023 13:57:05 -0500 Subject: [PATCH 075/146] Update Chart.yaml --- chart/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chart/Chart.yaml b/chart/Chart.yaml index b22acfa..107a1e7 100644 --- a/chart/Chart.yaml +++ b/chart/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.10 +version: 0.0.11 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to From facb997fcec5c4593451d44cdb4633359b2b302c Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 23 Jan 2023 14:25:11 -0500 Subject: [PATCH 076/146] Update cronjob-fediblock-sync.yaml --- chart/templates/cronjob-fediblock-sync.yaml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/chart/templates/cronjob-fediblock-sync.yaml b/chart/templates/cronjob-fediblock-sync.yaml index b1e1e4e..b3d6975 100644 --- a/chart/templates/cronjob-fediblock-sync.yaml +++ b/chart/templates/cronjob-fediblock-sync.yaml @@ -25,19 +25,19 @@ spec: command: - fediblock-sync - -c - - {{- include "fediblockhole.conf_file_path" . }}{{- include "fediblockhole.conf_file_filename" . }} + - {{ include "fediblockhole.conf_file_path" . }}{{ include "fediblockhole.conf_file_filename" . }} envFrom: - configMapRef: name: {{ include "fediblockhole.fullname" . }}-conf-toml volumeMounts: - name: config - mountPath: {{- include "fediblockhole.conf_file_path" . | quote }} - subPath: {{- include "fediblockhole.conf_file_filename" . }} + mountPath: {{ include "fediblockhole.conf_file_path" . | quote }} + subPath: {{ include "fediblockhole.conf_file_filename" . }} volumes: - name: config configMap: name: {{ include "fediblockhole.fullname" . }}-conf-toml items: - - key: {{- include "fediblockhole.conf_file_filename" . | quote }} - path: {{- include "fediblockhole.conf_file_filename" . | quote }} + - key: {{ include "fediblockhole.conf_file_filename" . | quote }} + path: {{ include "fediblockhole.conf_file_filename" . | quote }} {{- end }} From 5ea33252c78727e64bd78f874c074c15541dcfc6 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 23 Jan 2023 14:25:39 -0500 Subject: [PATCH 077/146] Update Chart.yaml --- chart/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chart/Chart.yaml b/chart/Chart.yaml index 107a1e7..a2853df 100644 --- a/chart/Chart.yaml +++ b/chart/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.11 +version: 0.0.12 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to From a98bce23d8079e089d9bb6e7aa913e9690aeb047 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 23 Jan 2023 14:56:16 -0500 Subject: [PATCH 078/146] Update cronjob-fediblock-sync.yaml --- chart/templates/cronjob-fediblock-sync.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/chart/templates/cronjob-fediblock-sync.yaml b/chart/templates/cronjob-fediblock-sync.yaml index b3d6975..26a957b 100644 --- a/chart/templates/cronjob-fediblock-sync.yaml +++ b/chart/templates/cronjob-fediblock-sync.yaml @@ -26,9 +26,9 @@ spec: - fediblock-sync - -c - {{ include "fediblockhole.conf_file_path" . }}{{ include "fediblockhole.conf_file_filename" . }} - envFrom: - - configMapRef: - name: {{ include "fediblockhole.fullname" . }}-conf-toml + # envFrom: + # - configMapRef: + # name: {{ include "fediblockhole.fullname" . }}-conf-toml volumeMounts: - name: config mountPath: {{ include "fediblockhole.conf_file_path" . | quote }} From 0d8c0b88a88132603f5b84ea543901da09211e5f Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 23 Jan 2023 14:56:34 -0500 Subject: [PATCH 079/146] Update Chart.yaml --- chart/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chart/Chart.yaml b/chart/Chart.yaml index a2853df..6cc4b54 100644 --- a/chart/Chart.yaml +++ b/chart/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.12 +version: 0.0.13 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to From 5e1b3c34276e9f3571fc4281aadcb8a256c7f66e Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 23 Jan 2023 16:18:42 -0500 Subject: [PATCH 080/146] Update Chart.yaml --- chart/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chart/Chart.yaml b/chart/Chart.yaml index 6cc4b54..cae81c0 100644 --- a/chart/Chart.yaml +++ b/chart/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.13 +version: 0.0.14 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to From 776856ac831e0a26db85ed0763469cea93df68de Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 23 Jan 2023 19:54:25 -0500 Subject: [PATCH 081/146] Update cronjob-fediblock-sync.yaml --- chart/templates/cronjob-fediblock-sync.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chart/templates/cronjob-fediblock-sync.yaml b/chart/templates/cronjob-fediblock-sync.yaml index 26a957b..d623553 100644 --- a/chart/templates/cronjob-fediblock-sync.yaml +++ b/chart/templates/cronjob-fediblock-sync.yaml @@ -25,7 +25,7 @@ spec: command: - fediblock-sync - -c - - {{ include "fediblockhole.conf_file_path" . }}{{ include "fediblockhole.conf_file_filename" . }} + - {{- include "fediblockhole.conf_file_path" . -}}{{- include "fediblockhole.conf_file_filename" . -}} # envFrom: # - configMapRef: # name: {{ include "fediblockhole.fullname" . }}-conf-toml From e48eba9be30645b12e4cba868791e7fc75799a26 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 23 Jan 2023 19:54:50 -0500 Subject: [PATCH 082/146] Update Chart.yaml --- chart/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chart/Chart.yaml b/chart/Chart.yaml index cae81c0..88cc242 100644 --- a/chart/Chart.yaml +++ b/chart/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.14 +version: 0.0.15 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to From 3c60fd2b37f669f6b6c87e718346bd4a23df37ce Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 23 Jan 2023 20:02:44 -0500 Subject: [PATCH 083/146] Update cronjob-fediblock-sync.yaml --- chart/templates/cronjob-fediblock-sync.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chart/templates/cronjob-fediblock-sync.yaml b/chart/templates/cronjob-fediblock-sync.yaml index d623553..fb36669 100644 --- a/chart/templates/cronjob-fediblock-sync.yaml +++ b/chart/templates/cronjob-fediblock-sync.yaml @@ -25,7 +25,7 @@ spec: command: - fediblock-sync - -c - - {{- include "fediblockhole.conf_file_path" . -}}{{- include "fediblockhole.conf_file_filename" . -}} + - {{- include "fediblockhole.conf_file_path" . -}}{{- include "fediblockhole.conf_file_filename" . }} # envFrom: # - configMapRef: # name: {{ include "fediblockhole.fullname" . }}-conf-toml From 456a303de26211897173373fcf5e0fb55e1096eb Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 23 Jan 2023 20:03:01 -0500 Subject: [PATCH 084/146] Update Chart.yaml --- chart/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chart/Chart.yaml b/chart/Chart.yaml index 88cc242..08577f0 100644 --- a/chart/Chart.yaml +++ b/chart/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.15 +version: 0.0.16 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to From 2bb802f2e3fa97d8d7b87043679bd32968e220e6 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 23 Jan 2023 20:59:30 -0500 Subject: [PATCH 085/146] Update cronjob-fediblock-sync.yaml --- chart/templates/cronjob-fediblock-sync.yaml | 3 --- 1 file changed, 3 deletions(-) diff --git a/chart/templates/cronjob-fediblock-sync.yaml b/chart/templates/cronjob-fediblock-sync.yaml index fb36669..408bb84 100644 --- a/chart/templates/cronjob-fediblock-sync.yaml +++ b/chart/templates/cronjob-fediblock-sync.yaml @@ -26,9 +26,6 @@ spec: - fediblock-sync - -c - {{- include "fediblockhole.conf_file_path" . -}}{{- include "fediblockhole.conf_file_filename" . }} - # envFrom: - # - configMapRef: - # name: {{ include "fediblockhole.fullname" . }}-conf-toml volumeMounts: - name: config mountPath: {{ include "fediblockhole.conf_file_path" . | quote }} From dceef35e9d89795645cf463e021f06dcc029bf70 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 23 Jan 2023 20:59:50 -0500 Subject: [PATCH 086/146] Update Chart.yaml --- chart/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chart/Chart.yaml b/chart/Chart.yaml index 08577f0..8a2085c 100644 --- a/chart/Chart.yaml +++ b/chart/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.16 +version: 0.0.17 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to From 65d82b01a3bf8861d102e00d9cfda91007458633 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Tue, 24 Jan 2023 10:44:19 -0500 Subject: [PATCH 087/146] Update .helmignore --- chart/.helmignore | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/chart/.helmignore b/chart/.helmignore index 0cbed47..cc86fd7 100644 --- a/chart/.helmignore +++ b/chart/.helmignore @@ -5,9 +5,7 @@ # Manually added by us # -------------------- # -dev-values.yaml -mastodon-*.tgz - +*.toml # Boilerplate .helmignore from `helm create mastodon` # --------------------------------------------------- From 05ce67f42e264c86c7312c5c7705fde4be0797ed Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Tue, 24 Jan 2023 10:50:09 -0500 Subject: [PATCH 088/146] Update Chart.yaml --- chart/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chart/Chart.yaml b/chart/Chart.yaml index 8a2085c..17ed129 100644 --- a/chart/Chart.yaml +++ b/chart/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.17 +version: 0.0.18 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to From 5c903e534c65dc38c5adf912926ab5776e7b473e Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Tue, 24 Jan 2023 11:55:18 -0500 Subject: [PATCH 089/146] Rename chart/templates/fediblockhole.conf.toml to chart/fediblockhole.conf.toml --- chart/{templates => }/fediblockhole.conf.toml | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename chart/{templates => }/fediblockhole.conf.toml (100%) diff --git a/chart/templates/fediblockhole.conf.toml b/chart/fediblockhole.conf.toml similarity index 100% rename from chart/templates/fediblockhole.conf.toml rename to chart/fediblockhole.conf.toml From cdd7c277debab804bf71388ab367710335cb6fb8 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Tue, 24 Jan 2023 11:55:40 -0500 Subject: [PATCH 090/146] Update .helmignore --- chart/.helmignore | 1 - 1 file changed, 1 deletion(-) diff --git a/chart/.helmignore b/chart/.helmignore index cc86fd7..c47a352 100644 --- a/chart/.helmignore +++ b/chart/.helmignore @@ -5,7 +5,6 @@ # Manually added by us # -------------------- # -*.toml # Boilerplate .helmignore from `helm create mastodon` # --------------------------------------------------- From 3eb8fe5e911f6a9b479fee226fe318f2f90b75d0 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Tue, 24 Jan 2023 11:56:13 -0500 Subject: [PATCH 091/146] Update Chart.yaml --- chart/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chart/Chart.yaml b/chart/Chart.yaml index 17ed129..7bcf1b7 100644 --- a/chart/Chart.yaml +++ b/chart/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.18 +version: 0.0.19 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to From afdb355bad2f772bd0c0464fc007e0cdef874583 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Tue, 24 Jan 2023 12:38:18 -0500 Subject: [PATCH 092/146] Update cronjob-fediblock-sync.yaml --- chart/templates/cronjob-fediblock-sync.yaml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/chart/templates/cronjob-fediblock-sync.yaml b/chart/templates/cronjob-fediblock-sync.yaml index 408bb84..3a026d0 100644 --- a/chart/templates/cronjob-fediblock-sync.yaml +++ b/chart/templates/cronjob-fediblock-sync.yaml @@ -25,16 +25,16 @@ spec: command: - fediblock-sync - -c - - {{- include "fediblockhole.conf_file_path" . -}}{{- include "fediblockhole.conf_file_filename" . }} - volumeMounts: - - name: config - mountPath: {{ include "fediblockhole.conf_file_path" . | quote }} - subPath: {{ include "fediblockhole.conf_file_filename" . }} + - "{{- include "fediblockhole.conf_file_path" . -}}{{- include "fediblockhole.conf_file_filename" . -}}" + volumeMounts: + - name: config + mountPath: {{ include "fediblockhole.conf_file_path" . | quote }} + subPath: {{ include "fediblockhole.conf_file_filename" . }} volumes: - name: config configMap: name: {{ include "fediblockhole.fullname" . }}-conf-toml items: - key: {{ include "fediblockhole.conf_file_filename" . | quote }} - path: {{ include "fediblockhole.conf_file_filename" . | quote }} + path: {{ include "fediblockhole.conf_file_filename" . | quote }} {{- end }} From ed280ed6f88f88d1b6869a1b27ec5ccb18bf1062 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Tue, 24 Jan 2023 12:38:39 -0500 Subject: [PATCH 093/146] Update Chart.yaml --- chart/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chart/Chart.yaml b/chart/Chart.yaml index 7bcf1b7..a70ad58 100644 --- a/chart/Chart.yaml +++ b/chart/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.19 +version: 0.0.20 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to From 934db7b71bbefb35433a5df4d76f033afd4f234d Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Tue, 24 Jan 2023 13:11:19 -0500 Subject: [PATCH 094/146] Update Chart.yaml --- chart/Chart.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/chart/Chart.yaml b/chart/Chart.yaml index a70ad58..4f0ddcb 100644 --- a/chart/Chart.yaml +++ b/chart/Chart.yaml @@ -15,9 +15,9 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.20 +version: 0.0.21 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. -appVersion: v0.4.1 +appVersion: 0.4.1 From dc1bf6f9a030394c8c9d953d16b01354ce508446 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Tue, 24 Jan 2023 13:37:56 -0500 Subject: [PATCH 095/146] Update cronjob-fediblock-sync.yaml --- chart/templates/cronjob-fediblock-sync.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chart/templates/cronjob-fediblock-sync.yaml b/chart/templates/cronjob-fediblock-sync.yaml index 3a026d0..3f34b8d 100644 --- a/chart/templates/cronjob-fediblock-sync.yaml +++ b/chart/templates/cronjob-fediblock-sync.yaml @@ -29,7 +29,7 @@ spec: volumeMounts: - name: config mountPath: {{ include "fediblockhole.conf_file_path" . | quote }} - subPath: {{ include "fediblockhole.conf_file_filename" . }} + # subPath: {{ include "fediblockhole.conf_file_filename" . }} volumes: - name: config configMap: From 12113af4bbfdd39c62cbcc6f6709233365c49ff6 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Tue, 24 Jan 2023 13:38:17 -0500 Subject: [PATCH 096/146] Update Chart.yaml --- chart/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chart/Chart.yaml b/chart/Chart.yaml index 4f0ddcb..8111c04 100644 --- a/chart/Chart.yaml +++ b/chart/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.21 +version: 0.0.22 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to From 0e67cd3fdbfda02ad74d1eb36f19981e034d59e5 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Tue, 24 Jan 2023 22:22:46 -0500 Subject: [PATCH 097/146] Update cronjob-fediblock-sync.yaml --- chart/templates/cronjob-fediblock-sync.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/chart/templates/cronjob-fediblock-sync.yaml b/chart/templates/cronjob-fediblock-sync.yaml index 3f34b8d..b19302b 100644 --- a/chart/templates/cronjob-fediblock-sync.yaml +++ b/chart/templates/cronjob-fediblock-sync.yaml @@ -29,7 +29,6 @@ spec: volumeMounts: - name: config mountPath: {{ include "fediblockhole.conf_file_path" . | quote }} - # subPath: {{ include "fediblockhole.conf_file_filename" . }} volumes: - name: config configMap: From 88ae33aa0ddd85bdc5be6b03e8184d71bffac4f9 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Tue, 24 Jan 2023 22:23:02 -0500 Subject: [PATCH 098/146] Update Chart.yaml --- chart/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chart/Chart.yaml b/chart/Chart.yaml index 8111c04..1f6a770 100644 --- a/chart/Chart.yaml +++ b/chart/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.22 +version: 0.0.23 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to From fa407cafb77cb15fc951cdda166f264830077e3b Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Wed, 25 Jan 2023 14:36:42 -0500 Subject: [PATCH 099/146] Update Chart.yaml --- chart/Chart.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/chart/Chart.yaml b/chart/Chart.yaml index 1f6a770..85e47e7 100644 --- a/chart/Chart.yaml +++ b/chart/Chart.yaml @@ -15,9 +15,9 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.23 +version: 1.0.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. -appVersion: 0.4.1 +appVersion: 0.4.2 From 769b3fd3d61fbdcb6743d01c0647f0ce921ec5bd Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 6 Feb 2023 11:42:53 -0500 Subject: [PATCH 100/146] Removed static reference to conf file --- chart/templates/_helpers.tpl | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/chart/templates/_helpers.tpl b/chart/templates/_helpers.tpl index 78e6610..a416d2d 100644 --- a/chart/templates/_helpers.tpl +++ b/chart/templates/_helpers.tpl @@ -51,14 +51,6 @@ app.kubernetes.io/name: {{ include "fediblockhole.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} {{- end }} -{{/* -Rolling pod annotations -*/}} -{{- define "fediblockhole.rollingPodAnnotations" -}} -rollme: {{ .Release.Revision | quote }} -checksum/config-configmap: {{ include ( print $.Template.BasePath "/configmap-conf-toml.yaml" ) . | sha256sum | quote }} -{{- end }} - {{/* Create the default conf file path and filename */}} @@ -68,3 +60,11 @@ Create the default conf file path and filename {{- define "fediblockhole.conf_file_filename" -}} {{- default "fediblockhole.conf.toml" .Values.fediblockhole.conf_file.filename }} {{- end }} + +{{/* +Rolling pod annotations +*/}} +{{- define "fediblockhole.rollingPodAnnotations" -}} +rollme: {{ .Release.Revision | quote }} +checksum/config-configmap: {{- include "fediblockhole.conf_file_path" . -}}{{- include "fediblockhole.conf_file_filename" . -}} | sha256sum | quote }} +{{- end }} From 56fbe062bb7b59b3bcf5906397948ad7d6fc092a Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Mon, 6 Feb 2023 11:57:17 -0500 Subject: [PATCH 101/146] Reverted previous change --- chart/templates/_helpers.tpl | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/chart/templates/_helpers.tpl b/chart/templates/_helpers.tpl index a416d2d..78e6610 100644 --- a/chart/templates/_helpers.tpl +++ b/chart/templates/_helpers.tpl @@ -51,6 +51,14 @@ app.kubernetes.io/name: {{ include "fediblockhole.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} {{- end }} +{{/* +Rolling pod annotations +*/}} +{{- define "fediblockhole.rollingPodAnnotations" -}} +rollme: {{ .Release.Revision | quote }} +checksum/config-configmap: {{ include ( print $.Template.BasePath "/configmap-conf-toml.yaml" ) . | sha256sum | quote }} +{{- end }} + {{/* Create the default conf file path and filename */}} @@ -60,11 +68,3 @@ Create the default conf file path and filename {{- define "fediblockhole.conf_file_filename" -}} {{- default "fediblockhole.conf.toml" .Values.fediblockhole.conf_file.filename }} {{- end }} - -{{/* -Rolling pod annotations -*/}} -{{- define "fediblockhole.rollingPodAnnotations" -}} -rollme: {{ .Release.Revision | quote }} -checksum/config-configmap: {{- include "fediblockhole.conf_file_path" . -}}{{- include "fediblockhole.conf_file_filename" . -}} | sha256sum | quote }} -{{- end }} From e15b9005729216e6b4c896342234699e3a873285 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Wed, 8 Feb 2023 14:28:19 -0500 Subject: [PATCH 102/146] Added history limits --- chart/values.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/chart/values.yaml b/chart/values.yaml index 0aa310f..ab8b3f4 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -22,6 +22,8 @@ fediblockhole: enabled: false # @ignored schedule: "0 * * * *" + failedJobsHistoryLimit: 1 + successfulJobsHistoryLimit: 3 # if you manually change the UID/GID environment variables, ensure these values # match: From c601d02f9325002b31160570c90593ab351929c9 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Wed, 8 Feb 2023 14:29:49 -0500 Subject: [PATCH 103/146] Update cronjob-fediblock-sync.yaml --- chart/templates/cronjob-fediblock-sync.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/chart/templates/cronjob-fediblock-sync.yaml b/chart/templates/cronjob-fediblock-sync.yaml index b19302b..41ef63b 100644 --- a/chart/templates/cronjob-fediblock-sync.yaml +++ b/chart/templates/cronjob-fediblock-sync.yaml @@ -7,6 +7,8 @@ metadata: {{- include "fediblockhole.labels" . | nindent 4 }} spec: schedule: {{ .Values.fediblockhole.cron.sync.schedule }} + failedJobsHistoryLimit: {{ .Values.fediblockhole.cron.sync.failedJobsHistoryLimit }} + successfulJobsHistoryLimit: {{ .Values.fediblockhole.cron.sync.successfulJobsHistoryLimit }} jobTemplate: spec: template: From e1511acde00654fa7455761c348d57dff4ef63f8 Mon Sep 17 00:00:00 2001 From: Justin Warren Date: Sun, 12 Feb 2023 16:30:48 +1100 Subject: [PATCH 104/146] Prepare for release of v0.4.3 --- CHANGELOG.md | 18 ++++++++++++++++++ pyproject.toml | 2 +- 2 files changed, 19 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0ac7b51..211b866 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,24 @@ This project uses [Semantic Versioning] and generally follows the conventions of ## [Unreleased] +## [v0.4.3] - 2023-02-12 + +### Added + +- Blockdata var already converted to _asdict() (8d3b9da) +- Added Mastodon public API parser type because #33 (9fe9342) +- Added ability to set scheme when talking to instances (9fe9342) +- Added tests of comment merging. (fb3a7ec) + +### Changed + +- Don't merge comments if new comment is empty. (b8aa11e) +- Tweaked comment merging to pass tests. (fb3a7ec) + +## [v0.4.1] - 2023-01-15 + +Allowlist support. + - Planning to add allowlist thresholds as noted in #28 ## [v0.4.2] - 2023-01-19 diff --git a/pyproject.toml b/pyproject.toml index 4fddc2b..ec1669d 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,6 +1,6 @@ [project] name = "fediblockhole" -version = "0.4.2" +version = "0.4.3" description = "Federated blocklist management for Mastodon" readme = "README.md" license = {file = "LICENSE"} From df3c16f24d61529ab3e14f5d5c58f6fbed28a4aa Mon Sep 17 00:00:00 2001 From: Justin Warren Date: Sun, 12 Feb 2023 16:32:56 +1100 Subject: [PATCH 105/146] Dropped minimum Python version to 3.6 --- pyproject.toml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/pyproject.toml b/pyproject.toml index ec1669d..2736623 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -4,7 +4,7 @@ version = "0.4.3" description = "Federated blocklist management for Mastodon" readme = "README.md" license = {file = "LICENSE"} -requires-python = ">=3.10" +requires-python = ">=3.6" keywords = ["mastodon", "fediblock"] authors = [ {name = "Justin Warren"}, {email = "justin@eigenmagic.com"} @@ -17,6 +17,10 @@ classifiers = [ "Natural Language :: English", "Programming Language :: Python :: 3", "Programming Language :: Python :: 3.10", + "Programming Language :: Python :: 3.9", + "Programming Language :: Python :: 3.8", + "Programming Language :: Python :: 3.7", + "Programming Language :: Python :: 3.6", ] dependencies = [ "requests", From b63f03669e067a61ef5185c89157f448a1295f9a Mon Sep 17 00:00:00 2001 From: Justin Warren Date: Sun, 12 Feb 2023 16:38:13 +1100 Subject: [PATCH 106/146] Update changelog with Python version change. --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 211b866..4b7b88d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -17,6 +17,7 @@ This project uses [Semantic Versioning] and generally follows the conventions of ### Changed +- Dropped minimum Python version to 3.6 (df3c16f) - Don't merge comments if new comment is empty. (b8aa11e) - Tweaked comment merging to pass tests. (fb3a7ec) From b67ff0c47174b66996e19ab4ba335d67fa49fac7 Mon Sep 17 00:00:00 2001 From: Justin Warren Date: Sun, 12 Feb 2023 17:53:26 +1100 Subject: [PATCH 107/146] Merging domain above threshold needs to be in the threshold check block. Added debugging statements for threshold merging. --- src/fediblockhole/__init__.py | 8 +- tests/test_merge_thresholds.py | 153 +++++++++++++++++++++++++++++++++ 2 files changed, 159 insertions(+), 2 deletions(-) create mode 100644 tests/test_merge_thresholds.py diff --git a/src/fediblockhole/__init__.py b/src/fediblockhole/__init__.py index f1bc354..465b08d 100755 --- a/src/fediblockhole/__init__.py +++ b/src/fediblockhole/__init__.py @@ -222,17 +222,21 @@ def merge_blocklists(blocklists: list[Blocklist], mergeplan: str='max', if threshold_type == 'count': domain_threshold_level = len(domain_blocks[domain]) elif threshold_type == 'pct': - domain_threshold_level = len(domain_blocks[domain]) / num_blocklists + domain_threshold_level = len(domain_blocks[domain]) / num_blocklists * 100 + # log.debug(f"domain threshold level: {domain_threshold_level}") else: raise ValueError(f"Unsupported threshold type '{threshold_type}'. Supported values are: 'count', 'pct'") + log.debug(f"Checking if {domain_threshold_level} >= {threshold} for {domain}") if domain_threshold_level >= threshold: # Add first block in the list to merged block = domain_blocks[domain][0] + log.debug(f"Yes. Merging block: {block}") + # Merge the others with this record for newblock in domain_blocks[domain][1:]: block = apply_mergeplan(block, newblock, mergeplan) - merged.blocks[block.domain] = block + merged.blocks[block.domain] = block return merged diff --git a/tests/test_merge_thresholds.py b/tests/test_merge_thresholds.py new file mode 100644 index 0000000..4cde03e --- /dev/null +++ b/tests/test_merge_thresholds.py @@ -0,0 +1,153 @@ +"""Test merge with thresholds +""" + +from fediblockhole.blocklists import Blocklist, parse_blocklist +from fediblockhole import merge_blocklists, apply_mergeplan + +from fediblockhole.const import SeverityLevel, DomainBlock + +datafile01 = "data-suspends-01.csv" +datafile02 = "data-silences-01.csv" +datafile03 = "data-noop-01.csv" + +import_fields = [ + 'domain', + 'severity', + 'public_comment', + 'private_comment', + 'reject_media', + 'reject_reports', + 'obfuscate' +] + +def load_test_blocklist_data(datafiles): + + blocklists = [] + + for df in datafiles: + with open(df) as fp: + data = fp.read() + bl = parse_blocklist(data, df, 'csv', import_fields) + blocklists.append(bl) + + return blocklists + +def test_mergeplan_count_2(): + """Only merge a block if present in 2 or more lists + """ + + bl_1 = Blocklist('test01', { + 'onemention.example.org': DomainBlock('onemention.example.org', 'suspend', '', '', True, True, True), + 'twomention.example.org': DomainBlock('twomention.example.org', 'suspend', '', '', True, True, True), + 'threemention.example.org': DomainBlock('threemention.example.org', 'suspend', '', '', True, True, True), + }) + + bl_2 = Blocklist('test2', { + 'twomention.example.org': DomainBlock('twomention.example.org', 'suspend', '', '', True, True, True), + 'threemention.example.org': DomainBlock('threemention.example.org', 'suspend', '', '', True, True, True), + }) + + bl_3 = Blocklist('test3', { + 'threemention.example.org': DomainBlock('threemention.example.org', 'suspend', '', '', True, True, True), + 'threemention.example.org': DomainBlock('threemention.example.org', 'suspend', '', '', True, True, True), + }) + + ml = merge_blocklists([bl_1, bl_2, bl_3], 'max', threshold=2) + + assert 'onemention.example.org' not in ml + assert 'twomention.example.org' in ml + assert 'threemention.example.org' in ml + +def test_mergeplan_count_3(): + """Only merge a block if present in 3 or more lists + """ + + bl_1 = Blocklist('test01', { + 'onemention.example.org': DomainBlock('onemention.example.org', 'suspend', '', '', True, True, True), + 'twomention.example.org': DomainBlock('twomention.example.org', 'suspend', '', '', True, True, True), + 'threemention.example.org': DomainBlock('threemention.example.org', 'suspend', '', '', True, True, True), + }) + + bl_2 = Blocklist('test2', { + 'twomention.example.org': DomainBlock('twomention.example.org', 'suspend', '', '', True, True, True), + 'threemention.example.org': DomainBlock('threemention.example.org', 'suspend', '', '', True, True, True), + }) + + bl_3 = Blocklist('test3', { + 'threemention.example.org': DomainBlock('threemention.example.org', 'suspend', '', '', True, True, True), + 'threemention.example.org': DomainBlock('threemention.example.org', 'suspend', '', '', True, True, True), + }) + + ml = merge_blocklists([bl_1, bl_2, bl_3], 'max', threshold=3) + + assert 'onemention.example.org' not in ml + assert 'twomention.example.org' not in ml + assert 'threemention.example.org' in ml + +def test_mergeplan_pct_30(): + """Only merge a block if present in 2 or more lists + """ + + bl_1 = Blocklist('test01', { + 'onemention.example.org': DomainBlock('onemention.example.org', 'suspend', '', '', True, True, True), + 'twomention.example.org': DomainBlock('twomention.example.org', 'suspend', '', '', True, True, True), + 'fourmention.example.org': DomainBlock('fourmention.example.org', 'suspend', '', '', True, True, True), + + }) + + bl_2 = Blocklist('test2', { + 'twomention.example.org': DomainBlock('twomention.example.org', 'suspend', '', '', True, True, True), + 'threemention.example.org': DomainBlock('threemention.example.org', 'suspend', '', '', True, True, True), + 'fourmention.example.org': DomainBlock('fourmention.example.org', 'suspend', '', '', True, True, True), + }) + + bl_3 = Blocklist('test3', { + 'threemention.example.org': DomainBlock('threemention.example.org', 'suspend', '', '', True, True, True), + 'fourmention.example.org': DomainBlock('fourmention.example.org', 'suspend', '', '', True, True, True), + }) + + bl_4 = Blocklist('test4', { + 'threemention.example.org': DomainBlock('threemention.example.org', 'suspend', '', '', True, True, True), + 'fourmention.example.org': DomainBlock('fourmention.example.org', 'suspend', '', '', True, True, True), + }) + + ml = merge_blocklists([bl_1, bl_2, bl_3, bl_4], 'max', threshold=30, threshold_type='pct') + + assert 'onemention.example.org' not in ml + assert 'twomention.example.org' in ml + assert 'threemention.example.org' in ml + assert 'fourmention.example.org' in ml + +def test_mergeplan_pct_55(): + """Only merge a block if present in 2 or more lists + """ + + bl_1 = Blocklist('test01', { + 'onemention.example.org': DomainBlock('onemention.example.org', 'suspend', '', '', True, True, True), + 'twomention.example.org': DomainBlock('twomention.example.org', 'suspend', '', '', True, True, True), + 'fourmention.example.org': DomainBlock('fourmention.example.org', 'suspend', '', '', True, True, True), + + }) + + bl_2 = Blocklist('test2', { + 'twomention.example.org': DomainBlock('twomention.example.org', 'suspend', '', '', True, True, True), + 'threemention.example.org': DomainBlock('threemention.example.org', 'suspend', '', '', True, True, True), + 'fourmention.example.org': DomainBlock('fourmention.example.org', 'suspend', '', '', True, True, True), + }) + + bl_3 = Blocklist('test3', { + 'threemention.example.org': DomainBlock('threemention.example.org', 'suspend', '', '', True, True, True), + 'fourmention.example.org': DomainBlock('fourmention.example.org', 'suspend', '', '', True, True, True), + }) + + bl_4 = Blocklist('test4', { + 'threemention.example.org': DomainBlock('threemention.example.org', 'suspend', '', '', True, True, True), + 'fourmention.example.org': DomainBlock('fourmention.example.org', 'suspend', '', '', True, True, True), + }) + + ml = merge_blocklists([bl_1, bl_2, bl_3, bl_4], 'max', threshold=55, threshold_type='pct') + + assert 'onemention.example.org' not in ml + assert 'twomention.example.org' not in ml + assert 'threemention.example.org' in ml + assert 'fourmention.example.org' in ml \ No newline at end of file From bb1d89e8bea39ca278b23ae2876cbfa3935e4f19 Mon Sep 17 00:00:00 2001 From: Justin Warren Date: Sun, 12 Feb 2023 18:06:07 +1100 Subject: [PATCH 108/146] Added blocklist threshold config params. Added tests for threshold config params. Actually using the config values in merge_blocklists() --- src/fediblockhole/__init__.py | 10 +++++++++- tests/test_configfile.py | 30 ++++++++++++++++++++++++++++++ 2 files changed, 39 insertions(+), 1 deletion(-) diff --git a/src/fediblockhole/__init__.py b/src/fediblockhole/__init__.py index 465b08d..8a0823c 100755 --- a/src/fediblockhole/__init__.py +++ b/src/fediblockhole/__init__.py @@ -71,7 +71,7 @@ def sync_blocklists(conf: argparse.Namespace): import_fields, conf.save_intermediate, conf.savedir, export_fields)) # Merge blocklists into an update dict - merged = merge_blocklists(blocklists, conf.mergeplan) + merged = merge_blocklists(blocklists, conf.mergeplan, conf.merge_threshold, conf.merge_threshold_type) # Remove items listed in allowlists, if any allowlists = fetch_allowlists(conf) @@ -710,6 +710,12 @@ def augment_args(args, tomldata: str=None): if not args.mergeplan: args.mergeplan = conf.get('mergeplan', 'max') + if not args.merge_threshold: + args.merge_threshold = conf.get('merge_threshold', 0) + + if not args.merge_threshold_type: + args.merge_threshold_type = conf.get('merge_threshold_type', 'count') + args.blocklist_url_sources = conf.get('blocklist_url_sources', []) args.blocklist_instance_sources = conf.get('blocklist_instance_sources', []) args.allowlist_url_sources = conf.get('allowlist_url_sources', []) @@ -731,6 +737,8 @@ def setup_argparse(): ap.add_argument('-S', '--save-intermediate', dest="save_intermediate", action='store_true', help="Save intermediate blocklists we fetch to local files.") ap.add_argument('-D', '--savedir', dest="savedir", help="Directory path to save intermediate lists.") ap.add_argument('-m', '--mergeplan', choices=['min', 'max'], help="Set mergeplan.") + ap.add_argument('--merge-threshold', type=int, help="Merge threshold value") + ap.add_argument('--merge-threshold-type', choices=['count', 'pct'], help="Type of merge threshold to use.") ap.add_argument('-I', '--import-field', dest='import_fields', action='append', help="Extra blocklist fields to import.") ap.add_argument('-E', '--export-field', dest='export_fields', action='append', help="Extra blocklist fields to export.") diff --git a/tests/test_configfile.py b/tests/test_configfile.py index 4b2c1e7..9e31c9d 100644 --- a/tests/test_configfile.py +++ b/tests/test_configfile.py @@ -49,3 +49,33 @@ allowlist_url_sources = [ { url='file:///path/to/allowlist', format='csv'} ] 'url': 'file:///path/to/allowlist', 'format': 'csv', }] + +def test_set_merge_thresold_default(): + tomldata = """ +""" + args = shim_argparse([], tomldata) + + assert args.mergeplan == 'max' + assert args.merge_threshold_type == 'count' + +def test_set_merge_thresold_count(): + tomldata = """# Add a merge threshold +merge_threshold_type = 'count' +merge_threshold = 2 +""" + args = shim_argparse([], tomldata) + + assert args.mergeplan == 'max' + assert args.merge_threshold_type == 'count' + assert args.merge_threshold == 2 + +def test_set_merge_thresold_pct(): + tomldata = """# Add a merge threshold +merge_threshold_type = 'pct' +merge_threshold = 35 +""" + args = shim_argparse([], tomldata) + + assert args.mergeplan == 'max' + assert args.merge_threshold_type == 'pct' + assert args.merge_threshold == 35 From 2a5873261f08e458ef459157213e2cfa9a61f6a7 Mon Sep 17 00:00:00 2001 From: Justin Warren Date: Mon, 13 Feb 2023 08:51:19 +1100 Subject: [PATCH 109/146] Updated changelog in prep for release. --- CHANGELOG.md | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 4b7b88d..16984f5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,14 +6,15 @@ This project uses [Semantic Versioning] and generally follows the conventions of ## [Unreleased] -## [v0.4.3] - 2023-02-12 +## [v0.4.3] - 2023-02-13 ### Added -- Blockdata var already converted to _asdict() (8d3b9da) - Added Mastodon public API parser type because #33 (9fe9342) - Added ability to set scheme when talking to instances (9fe9342) - Added tests of comment merging. (fb3a7ec) +- Added blocklist thresholds. (bb1d89e) +- Added logging to help debug threshold-based merging. (b67ff0c) ### Changed @@ -21,12 +22,6 @@ This project uses [Semantic Versioning] and generally follows the conventions of - Don't merge comments if new comment is empty. (b8aa11e) - Tweaked comment merging to pass tests. (fb3a7ec) -## [v0.4.1] - 2023-01-15 - -Allowlist support. - -- Planning to add allowlist thresholds as noted in #28 - ## [v0.4.2] - 2023-01-19 ### Fixed From b92dd21377168d8b8b690194b8e819fe5fd9a87b Mon Sep 17 00:00:00 2001 From: Justin Warren Date: Mon, 13 Feb 2023 08:59:08 +1100 Subject: [PATCH 110/146] Updated documentation to reflect Mastodon v4.1.0 changes to the application scopes screen. --- README.md | 25 ++++++++++++++----------- 1 file changed, 14 insertions(+), 11 deletions(-) diff --git a/README.md b/README.md index 882fca8..5db678f 100644 --- a/README.md +++ b/README.md @@ -81,17 +81,16 @@ admin to add a new Application at `https:///settings/applications/` and then tell you the access token. -The application needs the `admin:read:domain_blocks` OAuth scope, but -unfortunately this scope isn't available in the current application screen -(v4.0.2 of Mastodon at time of writing, but this has been fixed in the main -branch). +The application needs the `admin:read:domain_blocks` OAuth scope. You can allow +full `admin:read` access, but be aware that this authorizes someone to read all +the data in the instance. That's asking a lot of a remote instance admin who +just wants to share domain_blocks with you. -You can allow full `admin:read` access, but be aware that this authorizes -someone to read all the data in the instance. That's asking a lot of a remote -instance admin who just wants to share domain_blocks with you. +The `admin:read:domain_blocks` scope is available as of Mastodon v4.1.0, but for +earlier versions admins will need to use the manual method described below. -For now, you can ask the instance admin to update the scope in the database -directly like this: +You can update the scope for your application in the database directly like +this: ``` UPDATE oauth_applications as app @@ -136,8 +135,12 @@ chmod o-r ``` You can also grant full `admin:write` scope to the application, but if you'd -prefer to keep things more tightly secured you'll need to use SQL to set the -scopes in the database and then regenerate the token: +prefer to keep things more tightly secured, limit the scope to +`admin:read:domain_blocks`. + +Again, this scope is only available in the application config screen as of +Mastodon v4.1.0. If your instance is on an earlier version, you'll need to use +SQL to set the scopes in the database and then regenerate the token: ``` UPDATE oauth_applications as app From 6c72af86666991cfc5a9f1d971fe3cdead570d7f Mon Sep 17 00:00:00 2001 From: Justin Warren Date: Mon, 13 Feb 2023 09:06:27 +1100 Subject: [PATCH 111/146] Added extra documentation on configuring thresholds. --- etc/sample.fediblockhole.conf.toml | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/etc/sample.fediblockhole.conf.toml b/etc/sample.fediblockhole.conf.toml index e377e97..bd93663 100644 --- a/etc/sample.fediblockhole.conf.toml +++ b/etc/sample.fediblockhole.conf.toml @@ -56,6 +56,24 @@ blocklist_instance_destinations = [ # The 'min' mergeplan will use the lightest severity block found for a domain. # mergeplan = 'max' +## Optional threshold-based merging. +# Only merge in domain blocks if the domain is mentioned in +# at least `threshold` blocklists. +# `merge_thresold` is an integer, with a default value of 0. +# The `merge_threshold_type` can be `count` or `pct`. +# If `count` type is selected, the threshold is reached when the domain +# is mentioned in at least `merge_threshold` blocklists. The default value +# of 0 means that every block in every list will be merged in. +# If `pct` type is selected, `merge_threshold` is interpreted as a percentage, +# i.e. if `merge_threshold` = 20, blocks will only be merged in if the domain +# is present in at least 20% of blocklists. +# Percentage calculated as number_of_mentions / total_number_of_blocklists. +# The percentage method is more flexibile, but also more complicated, so take care +# when using it. +# +# merge_threshold_type = 'count' +# merge_threshold = 0 + ## Set which fields we import ## 'domain' and 'severity' are always imported, these are additional ## From 68c04fa5ce4065ea3cc4e8bbb9e0d989629e38dc Mon Sep 17 00:00:00 2001 From: Justin Warren Date: Mon, 13 Feb 2023 09:21:45 +1100 Subject: [PATCH 112/146] Changelog updates pre-release. --- CHANGELOG.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 16984f5..c4841a9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -15,6 +15,8 @@ This project uses [Semantic Versioning] and generally follows the conventions of - Added tests of comment merging. (fb3a7ec) - Added blocklist thresholds. (bb1d89e) - Added logging to help debug threshold-based merging. (b67ff0c) +- Added extra documentation on configuring thresholds. (6c72af8) +- Updated documentation to reflect Mastodon v4.1.0 changes to the application scopes screen. (b92dd21) ### Changed From 9f95f143df63fdf18d165530674cd0fa11f6ed28 Mon Sep 17 00:00:00 2001 From: Justin Warren Date: Mon, 13 Feb 2023 10:22:33 +1100 Subject: [PATCH 113/146] Added parser for Mastodon 4.1 blocklist CSV format --- src/fediblockhole/blocklists.py | 19 ++++++++ tests/test_parser_csv_mastodon.py | 81 +++++++++++++++++++++++++++++++ 2 files changed, 100 insertions(+) create mode 100644 tests/test_parser_csv_mastodon.py diff --git a/src/fediblockhole/blocklists.py b/src/fediblockhole/blocklists.py index 7a9e44f..1edf886 100644 --- a/src/fediblockhole/blocklists.py +++ b/src/fediblockhole/blocklists.py @@ -160,6 +160,24 @@ class BlocklistParserCSV(BlocklistParser): block.severity = self.max_severity return block +class BlocklistParserMastodonCSV(BlocklistParserCSV): + """ Parse Mastodon CSV formatted blocklists + + The Mastodon v4.1.x domain block CSV export prefixes its + field names with a '#' character because… reasons? + """ + do_preparse = True + + def parse_item(self, blockitem: dict) -> DomainBlock: + """Build a new blockitem dict with new un-#ed keys + """ + newdict = {} + for key in blockitem: + newkey = key.lstrip('#') + newdict[newkey] = blockitem[key] + + return super().parse_item(newdict) + class RapidBlockParserCSV(BlocklistParserCSV): """ Parse RapidBlock CSV blocklists @@ -223,6 +241,7 @@ def str2bool(boolstring: str) -> bool: FORMAT_PARSERS = { 'csv': BlocklistParserCSV, + 'mastodon_csv': BlocklistParserMastodonCSV, 'json': BlocklistParserJSON, 'mastodon_api_public': BlocklistParserMastodonAPIPublic, 'rapidblock.csv': RapidBlockParserCSV, diff --git a/tests/test_parser_csv_mastodon.py b/tests/test_parser_csv_mastodon.py new file mode 100644 index 0000000..6e85c71 --- /dev/null +++ b/tests/test_parser_csv_mastodon.py @@ -0,0 +1,81 @@ +"""Tests of the CSV parsing +""" + +from fediblockhole.blocklists import BlocklistParserMastodonCSV +from fediblockhole.const import SeverityLevel + + +def test_single_line(): + csvdata = "example.org" + origin = "csvfile" + + parser = BlocklistParserMastodonCSV() + bl = parser.parse_blocklist(csvdata, origin) + assert len(bl) == 0 + +def test_header_only(): + csvdata = "#domain,#severity,#public_comment" + origin = "csvfile" + + parser = BlocklistParserMastodonCSV() + bl = parser.parse_blocklist(csvdata, origin) + assert len(bl) == 0 + +def test_2_blocks(): + csvdata = """domain,severity +example.org,silence +example2.org,suspend +""" + origin = "csvfile" + + parser = BlocklistParserMastodonCSV() + bl = parser.parse_blocklist(csvdata, origin) + + assert len(bl) == 2 + assert 'example.org' in bl + +def test_4_blocks(): + csvdata = """domain,severity,public_comment +example.org,silence,"test 1" +example2.org,suspend,"test 2" +example3.org,noop,"test 3" +example4.org,suspend,"test 4" +""" + origin = "csvfile" + + parser = BlocklistParserMastodonCSV() + bl = parser.parse_blocklist(csvdata, origin) + + assert len(bl) == 4 + assert 'example.org' in bl + assert 'example2.org' in bl + assert 'example3.org' in bl + assert 'example4.org' in bl + + assert bl['example.org'].severity.level == SeverityLevel.SILENCE + assert bl['example2.org'].severity.level == SeverityLevel.SUSPEND + assert bl['example3.org'].severity.level == SeverityLevel.NONE + assert bl['example4.org'].severity.level == SeverityLevel.SUSPEND + +def test_ignore_comments(): + csvdata = """domain,severity,public_comment,private_comment +example.org,silence,"test 1","ignore me" +example2.org,suspend,"test 2","ignote me also" +example3.org,noop,"test 3","and me" +example4.org,suspend,"test 4","also me" +""" + origin = "csvfile" + + parser = BlocklistParserMastodonCSV() + bl = parser.parse_blocklist(csvdata, origin) + + assert len(bl) == 4 + assert 'example.org' in bl + assert 'example2.org' in bl + assert 'example3.org' in bl + assert 'example4.org' in bl + + assert bl['example.org'].public_comment == '' + assert bl['example.org'].private_comment == '' + assert bl['example3.org'].public_comment == '' + assert bl['example4.org'].private_comment == '' \ No newline at end of file From 77e7921e6392146751be52c569620c2090b0eaa2 Mon Sep 17 00:00:00 2001 From: Justin Warren Date: Mon, 13 Feb 2023 10:28:05 +1100 Subject: [PATCH 114/146] Updated documentation with Mastodon CSV format --- README.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/README.md b/README.md index 5db678f..a0fc832 100644 --- a/README.md +++ b/README.md @@ -197,6 +197,7 @@ Supported formats are currently: - Comma-Separated Values (CSV) - JSON + - Mastodon v4.1 flavoured CSV - RapidBlock CSV - RapidBlock JSON @@ -214,6 +215,17 @@ A CSV format blocklist must contain a header row with at least a `domain` and `s Optional fields, as listed about, may also be included. +#### Mastodon v4.1 CSV format + +As of v4.1.0, Mastodon can export domain blocks as a CSV file. However, in their +infinite wisdom, the Mastodon devs decided that field names should begin with a +`#` character in the header, unlike the field names in the JSON output via the +API… or in pretty much any other CSV file anywhere else. + +Setting the format to `mastodon_csv` will strip off the `#` character when +parsing and FediBlockHole can then use Mastodon v4.1 CSV blocklists like any +other CSV formatted blocklist. + #### JSON format JSON is also supported. It uses the same format as the JSON returned from the Mastodon API. From 3d76de04aaa98d2174eb1939ea2778f3b7bebe43 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Tue, 21 Feb 2023 14:27:41 -0500 Subject: [PATCH 115/146] Update values.yaml --- chart/values.yaml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/chart/values.yaml b/chart/values.yaml index 0aa310f..e660da9 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -15,6 +15,15 @@ fediblockhole: conf_file: path: "" filename: "" + # location of the local allowlist file. Default is /etc/default/allowlist.csv. + # This file should at a minimum contain the web_domain of your own instance. + allow_file: + path: "" + filename: "" + # location of the local blocklist file. Default is /etc/default/blocklist.csv + block_file: + path: "" + filename: "" cron: # -- run `fediblock-sync` every hour sync: From 5fb81fa227f667f958ffa78d982f31e0a50087bc Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Tue, 21 Feb 2023 14:30:14 -0500 Subject: [PATCH 116/146] Update _helpers.tpl --- chart/templates/_helpers.tpl | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/chart/templates/_helpers.tpl b/chart/templates/_helpers.tpl index 78e6610..6501d6a 100644 --- a/chart/templates/_helpers.tpl +++ b/chart/templates/_helpers.tpl @@ -68,3 +68,23 @@ Create the default conf file path and filename {{- define "fediblockhole.conf_file_filename" -}} {{- default "fediblockhole.conf.toml" .Values.fediblockhole.conf_file.filename }} {{- end }} + +{{/* +Create the default allowlist file path and filename +*/}} +{{- define "fediblockhole.allow_file_path" -}} +{{- default "/etc/default/" .Values.fediblockhole.allow_file.path }} +{{- end }} +{{- define "fediblockhole.allow_file_filename" -}} +{{- default "allowlist.csv" .Values.fediblockhole.allow_file.filename }} +{{- end }} + +{{/* +Create the default blocklist file path and filename +*/}} +{{- define "fediblockhole.block_file_path" -}} +{{- default "/etc/default/" .Values.fediblockhole.block_file.path }} +{{- end }} +{{- define "fediblockhole.block_file_filename" -}} +{{- default "blocklist.csv" .Values.fediblockhole.block_file.filename }} +{{- end }} From d1bd8dc5a238123856458beee9defa9a9c839ef7 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Tue, 21 Feb 2023 14:35:06 -0500 Subject: [PATCH 117/146] Update cronjob-fediblock-sync.yaml --- chart/templates/cronjob-fediblock-sync.yaml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/chart/templates/cronjob-fediblock-sync.yaml b/chart/templates/cronjob-fediblock-sync.yaml index b19302b..8e18aee 100644 --- a/chart/templates/cronjob-fediblock-sync.yaml +++ b/chart/templates/cronjob-fediblock-sync.yaml @@ -29,6 +29,10 @@ spec: volumeMounts: - name: config mountPath: {{ include "fediblockhole.conf_file_path" . | quote }} + - name: allow + mountPath: {{ include "fediblockhole.allow_file_path" . | quote }} + - name: block + mountPath: {{ include "fediblockhole.block_file_path" . | quote }} volumes: - name: config configMap: @@ -36,4 +40,16 @@ spec: items: - key: {{ include "fediblockhole.conf_file_filename" . | quote }} path: {{ include "fediblockhole.conf_file_filename" . | quote }} + - name: allow + configMap: + name: {{ include "fediblockhole.fullname" . }}-allow-csv + items: + - key: {{ include "fediblockhole.allow_file_filename" . | quote }} + path: {{ include "fediblockhole.allow_file_filename" . | quote }} + - name: config + configMap: + name: {{ include "fediblockhole.fullname" . }}-block-csv + items: + - key: {{ include "fediblockhole.block_file_filename" . | quote }} + path: {{ include "fediblockhole.block_file_filename" . | quote }} {{- end }} From b000b5e03a13bab0879ad95bcce80d746137fd42 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Tue, 21 Feb 2023 14:47:46 -0500 Subject: [PATCH 118/146] Update values.yaml --- chart/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chart/values.yaml b/chart/values.yaml index e660da9..3fb9ca8 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -20,7 +20,7 @@ fediblockhole: allow_file: path: "" filename: "" - # location of the local blocklist file. Default is /etc/default/blocklist.csv + # location of the local blocklist file. block_file: path: "" filename: "" From 190787a69a77585beb818e45e8999981ce79de40 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Tue, 21 Feb 2023 14:51:17 -0500 Subject: [PATCH 119/146] Update _helpers.tpl --- chart/templates/_helpers.tpl | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/chart/templates/_helpers.tpl b/chart/templates/_helpers.tpl index 6501d6a..3ee4c22 100644 --- a/chart/templates/_helpers.tpl +++ b/chart/templates/_helpers.tpl @@ -80,11 +80,13 @@ Create the default allowlist file path and filename {{- end }} {{/* -Create the default blocklist file path and filename +Create the blocklist file path and filename */}} +{{- if .Values.fediblockhole.block_file.path && .Values.fediblockhole.block_file.filename }} {{- define "fediblockhole.block_file_path" -}} -{{- default "/etc/default/" .Values.fediblockhole.block_file.path }} +{{- .Values.fediblockhole.block_file.path }} {{- end }} {{- define "fediblockhole.block_file_filename" -}} -{{- default "blocklist.csv" .Values.fediblockhole.block_file.filename }} +{{- .Values.fediblockhole.block_file.filename }} +{{- end }} {{- end }} From df052f2c0c30eeb8ca1868cd86eb547d4b6ecd2c Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Tue, 21 Feb 2023 15:00:37 -0500 Subject: [PATCH 120/146] Update cronjob-fediblock-sync.yaml --- chart/templates/cronjob-fediblock-sync.yaml | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/chart/templates/cronjob-fediblock-sync.yaml b/chart/templates/cronjob-fediblock-sync.yaml index 8e18aee..c9c6774 100644 --- a/chart/templates/cronjob-fediblock-sync.yaml +++ b/chart/templates/cronjob-fediblock-sync.yaml @@ -31,8 +31,10 @@ spec: mountPath: {{ include "fediblockhole.conf_file_path" . | quote }} - name: allow mountPath: {{ include "fediblockhole.allow_file_path" . | quote }} + {{- with fediblockhole.block_file_path }} - name: block - mountPath: {{ include "fediblockhole.block_file_path" . | quote }} + mountPath: {{ . | quote }} + {{ end }} volumes: - name: config configMap: @@ -46,10 +48,14 @@ spec: items: - key: {{ include "fediblockhole.allow_file_filename" . | quote }} path: {{ include "fediblockhole.allow_file_filename" . | quote }} - - name: config + {{- with fediblockhole.block_file_path }} + - name: block configMap: name: {{ include "fediblockhole.fullname" . }}-block-csv + {{- with fediblockhole.block_file_filename }} items: - - key: {{ include "fediblockhole.block_file_filename" . | quote }} - path: {{ include "fediblockhole.block_file_filename" . | quote }} + - key: {{ . | quote }} + path: {{ . | quote }} + {{ end }} + {{end }} {{- end }} From 1b0be929573a181842dd9287eaa2888e5b0e4d89 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Tue, 21 Feb 2023 15:51:56 -0500 Subject: [PATCH 121/146] Update Dockerfile --- container/Dockerfile | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/container/Dockerfile b/container/Dockerfile index 179d24d..3659567 100644 --- a/container/Dockerfile +++ b/container/Dockerfile @@ -10,8 +10,5 @@ WORKDIR $APP_HOME RUN pip install fediblockhole USER 1001 -# Run the web service on container startup. Here we use the gunicorn -# webserver, with one worker process and 8 threads. -# For environments with multiple CPU cores, increase the number of workers -# to be equal to the cores available. +# Set the command on start to fediblock-sync. ENTRYPOINT ["fediblock-sync"] From 4b2dc0b5c8b16b2be22b030da00c25f9b394051f Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Tue, 21 Feb 2023 16:06:51 -0500 Subject: [PATCH 122/146] Update Chart.yaml --- chart/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chart/Chart.yaml b/chart/Chart.yaml index 85e47e7..399127e 100644 --- a/chart/Chart.yaml +++ b/chart/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 1.0.0 +version: 1.0.1 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to From 7f5b9c54d90592cac20ea2c9923a15f2b43dee15 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Tue, 21 Feb 2023 16:15:48 -0500 Subject: [PATCH 123/146] Update _helpers.tpl --- chart/templates/_helpers.tpl | 2 -- 1 file changed, 2 deletions(-) diff --git a/chart/templates/_helpers.tpl b/chart/templates/_helpers.tpl index 3ee4c22..8ae0364 100644 --- a/chart/templates/_helpers.tpl +++ b/chart/templates/_helpers.tpl @@ -82,11 +82,9 @@ Create the default allowlist file path and filename {{/* Create the blocklist file path and filename */}} -{{- if .Values.fediblockhole.block_file.path && .Values.fediblockhole.block_file.filename }} {{- define "fediblockhole.block_file_path" -}} {{- .Values.fediblockhole.block_file.path }} {{- end }} {{- define "fediblockhole.block_file_filename" -}} {{- .Values.fediblockhole.block_file.filename }} {{- end }} -{{- end }} From 403a8d34164b47c9455ae0e0f0c820d2063ff4c1 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Tue, 21 Feb 2023 16:16:59 -0500 Subject: [PATCH 124/146] Update Chart.yaml --- chart/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chart/Chart.yaml b/chart/Chart.yaml index 399127e..aa3b67b 100644 --- a/chart/Chart.yaml +++ b/chart/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 1.0.1 +version: 1.0.2 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to From 5ef72706d40e70269c8b0951cde1aa041f2fb568 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Tue, 21 Feb 2023 16:40:59 -0500 Subject: [PATCH 125/146] Update _helpers.tpl --- chart/templates/_helpers.tpl | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/chart/templates/_helpers.tpl b/chart/templates/_helpers.tpl index 8ae0364..2edd816 100644 --- a/chart/templates/_helpers.tpl +++ b/chart/templates/_helpers.tpl @@ -78,13 +78,3 @@ Create the default allowlist file path and filename {{- define "fediblockhole.allow_file_filename" -}} {{- default "allowlist.csv" .Values.fediblockhole.allow_file.filename }} {{- end }} - -{{/* -Create the blocklist file path and filename -*/}} -{{- define "fediblockhole.block_file_path" -}} -{{- .Values.fediblockhole.block_file.path }} -{{- end }} -{{- define "fediblockhole.block_file_filename" -}} -{{- .Values.fediblockhole.block_file.filename }} -{{- end }} From ae17f46fd6612c72ccbc1897368fc2cd3a426b3d Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Tue, 21 Feb 2023 16:43:17 -0500 Subject: [PATCH 126/146] Update cronjob-fediblock-sync.yaml --- chart/templates/cronjob-fediblock-sync.yaml | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/chart/templates/cronjob-fediblock-sync.yaml b/chart/templates/cronjob-fediblock-sync.yaml index 2069563..bf5b390 100644 --- a/chart/templates/cronjob-fediblock-sync.yaml +++ b/chart/templates/cronjob-fediblock-sync.yaml @@ -33,9 +33,9 @@ spec: mountPath: {{ include "fediblockhole.conf_file_path" . | quote }} - name: allow mountPath: {{ include "fediblockhole.allow_file_path" . | quote }} - {{- with fediblockhole.block_file_path }} + {{- with .Values.fediblockhole.block_file }} - name: block - mountPath: {{ . | quote }} + mountPath: {{ .path | quote }} {{ end }} volumes: - name: config @@ -50,14 +50,12 @@ spec: items: - key: {{ include "fediblockhole.allow_file_filename" . | quote }} path: {{ include "fediblockhole.allow_file_filename" . | quote }} - {{- with fediblockhole.block_file_path }} + {{- with .Values.fediblockhole.block_file }} - name: block configMap: name: {{ include "fediblockhole.fullname" . }}-block-csv - {{- with fediblockhole.block_file_filename }} items: - - key: {{ . | quote }} - path: {{ . | quote }} - {{ end }} + - key: {{ .filename | quote }} + path: {{ .filename | quote }} {{end }} {{- end }} From 93c163cfc2bc0af0a853bb6f4ae1f660a0cb36d8 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Tue, 21 Feb 2023 16:43:35 -0500 Subject: [PATCH 127/146] Update Chart.yaml --- chart/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chart/Chart.yaml b/chart/Chart.yaml index aa3b67b..4f780a2 100644 --- a/chart/Chart.yaml +++ b/chart/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 1.0.2 +version: 1.0.3 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to From d957164c7631e1c6b463653ebb6c77fc129c9260 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Tue, 21 Feb 2023 16:46:18 -0500 Subject: [PATCH 128/146] Update cronjob-fediblock-sync.yaml --- chart/templates/cronjob-fediblock-sync.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chart/templates/cronjob-fediblock-sync.yaml b/chart/templates/cronjob-fediblock-sync.yaml index bf5b390..a8f0638 100644 --- a/chart/templates/cronjob-fediblock-sync.yaml +++ b/chart/templates/cronjob-fediblock-sync.yaml @@ -53,7 +53,7 @@ spec: {{- with .Values.fediblockhole.block_file }} - name: block configMap: - name: {{ include "fediblockhole.fullname" . }}-block-csv + name: fediblockhole-block-csv items: - key: {{ .filename | quote }} path: {{ .filename | quote }} From 10a624c02612d440c310dfa9b6b3516a297ce50b Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Tue, 21 Feb 2023 16:46:35 -0500 Subject: [PATCH 129/146] Update Chart.yaml --- chart/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chart/Chart.yaml b/chart/Chart.yaml index 4f780a2..c398821 100644 --- a/chart/Chart.yaml +++ b/chart/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 1.0.3 +version: 1.0.4 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to From 29ea3ad3dd33cab12aa746d2e6833b548936cedc Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Tue, 21 Feb 2023 19:29:42 -0500 Subject: [PATCH 130/146] Update cronjob-fediblock-sync.yaml --- chart/templates/cronjob-fediblock-sync.yaml | 22 ++++++++++++--------- 1 file changed, 13 insertions(+), 9 deletions(-) diff --git a/chart/templates/cronjob-fediblock-sync.yaml b/chart/templates/cronjob-fediblock-sync.yaml index a8f0638..1fd373f 100644 --- a/chart/templates/cronjob-fediblock-sync.yaml +++ b/chart/templates/cronjob-fediblock-sync.yaml @@ -31,11 +31,13 @@ spec: volumeMounts: - name: config mountPath: {{ include "fediblockhole.conf_file_path" . | quote }} + {{- with .Values.fediblockhole.allow_file.path }} - name: allow - mountPath: {{ include "fediblockhole.allow_file_path" . | quote }} - {{- with .Values.fediblockhole.block_file }} + mountPath: {{ . | quote }} + {{ end }} + {{- with .Values.fediblockhole.block_file.path }} - name: block - mountPath: {{ .path | quote }} + mountPath: {{ . | quote }} {{ end }} volumes: - name: config @@ -44,18 +46,20 @@ spec: items: - key: {{ include "fediblockhole.conf_file_filename" . | quote }} path: {{ include "fediblockhole.conf_file_filename" . | quote }} + {{- with .Values.fediblockhole.allow_file.filename }} - name: allow configMap: - name: {{ include "fediblockhole.fullname" . }}-allow-csv + name: fediblockhole-allow-csv items: - - key: {{ include "fediblockhole.allow_file_filename" . | quote }} - path: {{ include "fediblockhole.allow_file_filename" . | quote }} - {{- with .Values.fediblockhole.block_file }} + - key: {{ . | quote }} + path: {{ . | quote }} + {{ end }} + {{- with .Values.fediblockhole.block_file.filename }} - name: block configMap: name: fediblockhole-block-csv items: - - key: {{ .filename | quote }} - path: {{ .filename | quote }} + - key: {{ . | quote }} + path: {{ . | quote }} {{end }} {{- end }} From 48a3e63073413445918cfab90fb320d6ffb48ff6 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Tue, 21 Feb 2023 19:30:17 -0500 Subject: [PATCH 131/146] Update _helpers.tpl --- chart/templates/_helpers.tpl | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/chart/templates/_helpers.tpl b/chart/templates/_helpers.tpl index 2edd816..78e6610 100644 --- a/chart/templates/_helpers.tpl +++ b/chart/templates/_helpers.tpl @@ -68,13 +68,3 @@ Create the default conf file path and filename {{- define "fediblockhole.conf_file_filename" -}} {{- default "fediblockhole.conf.toml" .Values.fediblockhole.conf_file.filename }} {{- end }} - -{{/* -Create the default allowlist file path and filename -*/}} -{{- define "fediblockhole.allow_file_path" -}} -{{- default "/etc/default/" .Values.fediblockhole.allow_file.path }} -{{- end }} -{{- define "fediblockhole.allow_file_filename" -}} -{{- default "allowlist.csv" .Values.fediblockhole.allow_file.filename }} -{{- end }} From 10fa29815a45664005438f93417925a99795185c Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Tue, 21 Feb 2023 19:34:49 -0500 Subject: [PATCH 132/146] Update values.yaml --- chart/values.yaml | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/chart/values.yaml b/chart/values.yaml index 674af2b..9b60593 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -15,15 +15,17 @@ fediblockhole: conf_file: path: "" filename: "" - # location of the local allowlist file. Default is /etc/default/allowlist.csv. - # This file should at a minimum contain the web_domain of your own instance. + # Location of a local allowlist file. It is recommended that this file should at a + # minimum contain the web_domain of your own instance. allow_file: - path: "" - filename: "" - # location of the local blocklist file. - block_file: - path: "" - filename: "" + # Optionally, uncomment and set a path other than "/etc/default/" + # path: "" + # Uncomment to set the name of the file + filename: "allowlist.csv" + # Location of a local blocklist file. + # block_file: + # path: "" + # filename: "" cron: # -- run `fediblock-sync` every hour sync: From 6d0ff1b21024ed4a7793b50ce5a1a1ff438b241b Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Tue, 21 Feb 2023 19:35:07 -0500 Subject: [PATCH 133/146] Update Chart.yaml --- chart/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chart/Chart.yaml b/chart/Chart.yaml index c398821..ef8399c 100644 --- a/chart/Chart.yaml +++ b/chart/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 1.0.4 +version: 1.0.5 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to From be539ac52bced9738fd782f5773e75369ad86010 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Tue, 21 Feb 2023 19:39:54 -0500 Subject: [PATCH 134/146] Update values.yaml --- chart/values.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/chart/values.yaml b/chart/values.yaml index 9b60593..b601571 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -17,11 +17,11 @@ fediblockhole: filename: "" # Location of a local allowlist file. It is recommended that this file should at a # minimum contain the web_domain of your own instance. - allow_file: + # allow_file: # Optionally, uncomment and set a path other than "/etc/default/" # path: "" # Uncomment to set the name of the file - filename: "allowlist.csv" + # filename: "" # Location of a local blocklist file. # block_file: # path: "" From 7d7be64120d2be48f0a02db86c927274ade2628f Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Tue, 21 Feb 2023 19:42:10 -0500 Subject: [PATCH 135/146] Update Chart.yaml --- chart/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chart/Chart.yaml b/chart/Chart.yaml index ef8399c..a32d890 100644 --- a/chart/Chart.yaml +++ b/chart/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 1.0.5 +version: 1.0.6 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to From bacd24f800df5fa58fae420280c6b501a7daa96d Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Tue, 21 Feb 2023 19:47:04 -0500 Subject: [PATCH 136/146] Update values.yaml --- chart/values.yaml | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/chart/values.yaml b/chart/values.yaml index b601571..4cdbe14 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -17,15 +17,19 @@ fediblockhole: filename: "" # Location of a local allowlist file. It is recommended that this file should at a # minimum contain the web_domain of your own instance. - # allow_file: - # Optionally, uncomment and set a path other than "/etc/default/" - # path: "" - # Uncomment to set the name of the file - # filename: "" + allow_file: + # Optionally, set a path other than "/etc/default/" + path: "" + # Optionally, set the name of the file. This should match the data key in the + # associated ConfigMap + filename: "" # Location of a local blocklist file. - # block_file: - # path: "" - # filename: "" + block_file: + # Optionally, set a path other than "/etc/default/" + path: "" + # Optionally, set the name of the file. This should match the data key in the + # associated ConfigMap + filename: "" cron: # -- run `fediblock-sync` every hour sync: From 098958a916433aa85a1d02bc414f32f984b3ad77 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Tue, 21 Feb 2023 19:48:27 -0500 Subject: [PATCH 137/146] Update Chart.yaml --- chart/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chart/Chart.yaml b/chart/Chart.yaml index a32d890..d7c2d97 100644 --- a/chart/Chart.yaml +++ b/chart/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 1.0.6 +version: 1.0.7 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to From bd79f5558cc40a5d27cba13b1c6dfbb5271e95e4 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Tue, 21 Feb 2023 20:20:10 -0500 Subject: [PATCH 138/146] Update cronjob-fediblock-sync.yaml --- chart/templates/cronjob-fediblock-sync.yaml | 39 +++++++++++---------- 1 file changed, 21 insertions(+), 18 deletions(-) diff --git a/chart/templates/cronjob-fediblock-sync.yaml b/chart/templates/cronjob-fediblock-sync.yaml index 1fd373f..f738222 100644 --- a/chart/templates/cronjob-fediblock-sync.yaml +++ b/chart/templates/cronjob-fediblock-sync.yaml @@ -30,14 +30,17 @@ spec: - "{{- include "fediblockhole.conf_file_path" . -}}{{- include "fediblockhole.conf_file_filename" . -}}" volumeMounts: - name: config - mountPath: {{ include "fediblockhole.conf_file_path" . | quote }} - {{- with .Values.fediblockhole.allow_file.path }} - - name: allow - mountPath: {{ . | quote }} + mountPath: "{{- include "fediblockhole.conf_file_path" . -}}{{- include "fediblockhole.conf_file_filename" . -}}" + subPath: "{{- include "fediblockhole.conf_file_filename" . -}}" + {{ if .Values.fediblockhole.allow_file.filename }} + - name: allowfile + mountPath: "{{- include "fediblockhole.conf_file_path" . -}}{{- .Values.fediblockhole.allow_file.filename -}}" + subPath: "{{- .Values.fediblockhole.allow_file.filename -}}" {{ end }} - {{- with .Values.fediblockhole.block_file.path }} - - name: block - mountPath: {{ . | quote }} + {{ if .Values.fediblockhole.block_file.filename }} + - name: blockfile + mountPath: "{{- include "fediblockhole.conf_file_path" . -}}{{- .Values.fediblockhole.block_file.filename -}}" + subPath: "{{- .Values.fediblockhole.block_file.filename -}}" {{ end }} volumes: - name: config @@ -46,20 +49,20 @@ spec: items: - key: {{ include "fediblockhole.conf_file_filename" . | quote }} path: {{ include "fediblockhole.conf_file_filename" . | quote }} - {{- with .Values.fediblockhole.allow_file.filename }} - - name: allow + {{ if .Values.fediblockhole.allow_file.filename }} + - name: allowfile configMap: - name: fediblockhole-allow-csv + name: {{ include "fediblockhole.fullname" . }}-allow-csv items: - - key: {{ . | quote }} - path: {{ . | quote }} + - key: {{ .Values.fediblockhole.allow_file.filename | quote }} + path: {{ .Values.fediblockhole.allow_file.filename | quote }} {{ end }} - {{- with .Values.fediblockhole.block_file.filename }} - - name: block + {{ if .Values.fediblockhole.block_file.filename }} + - name: blockfile configMap: - name: fediblockhole-block-csv + name: {{ include "fediblockhole.fullname" . }}-block-csv items: - - key: {{ . | quote }} - path: {{ . | quote }} - {{end }} + - key: {{ .Values.fediblockhole.block_file.filename | quote }} + path: {{ .Values.fediblockhole.block_file.filename | quote }} + {{ end }} {{- end }} From 558bf26fc583e6c9889b5a64e6da571be002e17c Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Tue, 21 Feb 2023 20:21:20 -0500 Subject: [PATCH 139/146] Update values.yaml --- chart/values.yaml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/chart/values.yaml b/chart/values.yaml index 4cdbe14..74643c1 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -18,15 +18,11 @@ fediblockhole: # Location of a local allowlist file. It is recommended that this file should at a # minimum contain the web_domain of your own instance. allow_file: - # Optionally, set a path other than "/etc/default/" - path: "" # Optionally, set the name of the file. This should match the data key in the # associated ConfigMap filename: "" # Location of a local blocklist file. block_file: - # Optionally, set a path other than "/etc/default/" - path: "" # Optionally, set the name of the file. This should match the data key in the # associated ConfigMap filename: "" From 538c81f8244c0a70a249cc9da64a959c6dd05040 Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Tue, 21 Feb 2023 20:23:12 -0500 Subject: [PATCH 140/146] Update Chart.yaml --- chart/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chart/Chart.yaml b/chart/Chart.yaml index d7c2d97..38485de 100644 --- a/chart/Chart.yaml +++ b/chart/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 1.0.7 +version: 1.0.8 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to From ed1971ea34a174f1ac56c6a19445e6d95b3546cc Mon Sep 17 00:00:00 2001 From: cunningpike <117583036+cunningpike@users.noreply.github.com> Date: Tue, 21 Feb 2023 20:35:45 -0500 Subject: [PATCH 141/146] Added optional local files for allows and blocks The values.yaml file now contains optional allow_file and block_file filenames. These are loaded from ConfigMaps the same way as the conf.toml file is. --- chart/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chart/Chart.yaml b/chart/Chart.yaml index 38485de..1fb2e5c 100644 --- a/chart/Chart.yaml +++ b/chart/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 1.0.8 +version: 1.1.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to From a64875b78fe49e29e823a55057f55e6f1f781d20 Mon Sep 17 00:00:00 2001 From: Justin Warren Date: Thu, 4 May 2023 17:07:31 +1000 Subject: [PATCH 142/146] Added citation for creators of #Fediblock --- README.md | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index a0fc832..89062bd 100644 --- a/README.md +++ b/README.md @@ -6,15 +6,19 @@ The broad design goal for FediBlockHole is to support pulling in a list of blocklists from a set of trusted sources, merge them into a combined blocklist, and then push that merged list to a set of managed instances. -Inspired by the way PiHole works for maintaining a set of blocklists of adtech -domains. - Mastodon admins can choose who they think maintain quality lists and subscribe to them, helping to distribute the load for maintaining blocklists among a community of people. Control ultimately rests with the admins themselves so they can outsource as much, or as little, of the effort to others as they deem appropriate. +Inspired by the way PiHole works for maintaining a set of blocklists of adtech +domains. Builds on the work of +[@CaribenxMarciaX@scholar.social](https://scholar.social/@CaribenxMarciaX) and +[@gingerrroot@kitty.town](https://kitty.town/@gingerrroot) who started the +#Fediblock hashtag and did a lot of advocacy around it, often at great personal +cost. + ## Features ### Blocklist Sources From 2da57b2cb5e4e868b9d97e8c5d8a9ef90933c9e3 Mon Sep 17 00:00:00 2001 From: Justin Warren Date: Sun, 9 Jul 2023 07:29:06 +1000 Subject: [PATCH 143/146] test util no longer tries to load default config file if conf tomldata is empty. --- tests/helpers/util.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tests/helpers/util.py b/tests/helpers/util.py index faed6e1..c7c1bdf 100644 --- a/tests/helpers/util.py +++ b/tests/helpers/util.py @@ -7,5 +7,6 @@ def shim_argparse(testargv: list=[], tomldata: str=None): """ ap = setup_argparse() args = ap.parse_args(testargv) - args = augment_args(args, tomldata) + if tomldata is not None: + args = augment_args(args, tomldata) return args \ No newline at end of file From 8265639047239ffa4d412194f8030fb459518329 Mon Sep 17 00:00:00 2001 From: Justin Warren Date: Sun, 9 Jul 2023 07:33:26 +1000 Subject: [PATCH 144/146] Use __future__.annotations so type hints work with Python < 2.9 --- src/fediblockhole/__init__.py | 2 +- src/fediblockhole/blocklists.py | 1 + src/fediblockhole/const.py | 1 + 3 files changed, 3 insertions(+), 1 deletion(-) diff --git a/src/fediblockhole/__init__.py b/src/fediblockhole/__init__.py index 8a0823c..67c80ea 100755 --- a/src/fediblockhole/__init__.py +++ b/src/fediblockhole/__init__.py @@ -1,6 +1,6 @@ """A tool for managing federated Mastodon blocklists """ - +from __future__ import annotations import argparse import toml import csv diff --git a/src/fediblockhole/blocklists.py b/src/fediblockhole/blocklists.py index 1edf886..72cb804 100644 --- a/src/fediblockhole/blocklists.py +++ b/src/fediblockhole/blocklists.py @@ -1,5 +1,6 @@ """Parse various blocklist data formats """ +from __future__ import annotations import csv import json from typing import Iterable diff --git a/src/fediblockhole/const.py b/src/fediblockhole/const.py index 93cf2ef..ea35cb1 100644 --- a/src/fediblockhole/const.py +++ b/src/fediblockhole/const.py @@ -1,5 +1,6 @@ """ Constant objects used by FediBlockHole """ +from __future__ import annotations import enum from typing import NamedTuple, Optional, TypedDict from dataclasses import dataclass From ae45a74d8fe04c8ae8592f0d2dfbf0a2f861c3a5 Mon Sep 17 00:00:00 2001 From: Justin Warren Date: Sun, 9 Jul 2023 07:55:43 +1000 Subject: [PATCH 145/146] Version bump to 0.4.4 --- pyproject.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pyproject.toml b/pyproject.toml index 2736623..b863119 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,6 +1,6 @@ [project] name = "fediblockhole" -version = "0.4.3" +version = "0.4.4" description = "Federated blocklist management for Mastodon" readme = "README.md" license = {file = "LICENSE"} From c2ba012d5bf2208bca9db419b0efe29d18a51348 Mon Sep 17 00:00:00 2001 From: Justin Warren Date: Sun, 9 Jul 2023 08:16:53 +1000 Subject: [PATCH 146/146] Change log updated for v0.4.4 release --- CHANGELOG.md | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index c4841a9..215e6ef 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,19 @@ This project uses [Semantic Versioning] and generally follows the conventions of ## [Unreleased] +## [v0.4.4] - 2023-07-09 + +### Added + +- Added citation for creators of #Fediblock (a64875b) +- Added parser for Mastodon 4.1 blocklist CSV format (9f95f14) +- Added container support (76d5b61) + +### Fixed + +- Use __future__.annotations so type hints work with Python < 2.9 (8265639) +- test util no longer tries to load default config file if conf tomldata is empty. (2da57b2) + ## [v0.4.3] - 2023-02-13 ### Added