From dc4bbd740ba5f7f2ef75c129904ba0ffa3239256 Mon Sep 17 00:00:00 2001 From: Justin Warren Date: Sun, 15 Jan 2023 13:38:07 +1100 Subject: [PATCH] Updated README to explain allowlist mechanism. --- README.md | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index a4bebde..4e28482 100644 --- a/README.md +++ b/README.md @@ -289,22 +289,21 @@ use the highest severity it finds again (if you're using the `max` mergeplan). ### Allowlists -Sometimes you might want to override the blocklist definitions and always allow -certain domains to access your instance. That's what allowlists are for. +Sometimes you might want to completely ignore the blocklist definitions for +certain domains. That's what allowlists are for. -Allowlists can be any in format supported by `blocklist_urls_sources` but will -always set the severity to 'noop'. +Allowlists remove any domain in the list from the merged list of blocks before +the merged list is saved out to a file or pushed to any instance. -An allowlist can contain just the `domain` field and a set of domains, but can -also contain other fields if you want to add public or private comments, for -example. +Allowlists can be in any format supported by `blocklist_urls_sources` but ignore +all fields that aren't `domain`. You can also allow domains on the commandline by using the `-A` or `--allow` flag and providing the domain name to allow. You can use the flag multiple times to allow multiple domains. -The allowed domains will be included in the final merged list of domains that -gets exported if you choose to save the mergelist to a file. +It is probably wise to include your own instance domain in an allowlist so you +don't accidentally defederate from yourself. ## More advanced configuration