#━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ # Iceshrimp configuration #━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ # After starting your server, please don't change the URL! Doing so will break federation. # ┌─────┐ #───┘ URL └───────────────────────────────────────────────────── # Final accessible URL seen by a user. url: https://example.org/ # (Optional - ADVANCED) Domain used for account handles. # Only uncomment this if you want to for example have the URL be ice.example.org # and the handles to be example.org # accountDomain: example.org # ┌───────────────────────┐ #───┘ Port and TLS settings └─────────────────────────────────── # # Iceshrimp requires a reverse proxy to support HTTPS connections. # # +----- https://example.com/ ------------+ # +------+ |+-------------+ +----------------+| # | User | ---> || Proxy (443) | ---> | Iceshrimp (3000) || # +------+ |+-------------+ +----------------+| # +---------------------------------------+ # # You need to set up a reverse proxy. (e.g. nginx, caddy) # An encrypted connection with HTTPS is highly recommended # because tokens may be transferred in GET requests. # The port that your Iceshrimp server should listen on. port: 3000 # ┌──────────────────────────┐ #───┘ PostgreSQL configuration └──────────────────────────────── db: host: db port: 5432 #ssl: false # Database name db: iceshrimp # Auth user: example-iceshrimp-user pass: example-iceshrimp-pass # Whether disable Caching queries #disableCache: true # Extra Connection options #extra: # ssl: # host: localhost # rejectUnauthorized: false # ┌─────────────────────┐ #───┘ Redis configuration └───────────────────────────────────── redis: host: redis port: 6379 #tls: # host: localhost # rejectUnauthorized: false #family: 0 # 0=Both, 4=IPv4, 6=IPv6 #pass: example-pass #prefix: example-prefix #db: 1 #user: default # ┌───────────────┐ #───┘ ID generation └─────────────────────────────────────────── # No need to uncomment in most cases, but you may want to change # these settings if you plan to run a large and/or distributed server. # cuid: # # Min 16, Max 24 # length: 16 # # # Set this to a unique string across workers (e.g., machine's hostname) # # if your workers are running in multiple hosts. # fingerprint: my-fingerprint # ┌─────────────────────┐ #───┘ Other configuration └───────────────────────────────────── # Maximum length of a post (default 3000, max 100000) #maxNoteLength: 3000 # Maximum length of an image caption (default 1500, max 8192) #maxCaptionLength: 1500 # Reserved usernames that only the administrator can register with reservedUsernames: [ 'root', 'admin', 'administrator', 'me', 'system' ] # Whether disable HSTS #disableHsts: true # Number of worker processes #clusterLimit: 1 # Worker only mode #onlyQueueProcessor: 1 # Job concurrency per worker # deliverJobConcurrency: 128 # inboxJobConcurrency: 16 # Job rate limiter # deliverJobPerSec: 128 # inboxJobPerSec: 16 # Job attempts # deliverJobMaxAttempts: 12 # inboxJobMaxAttempts: 8 # IP address family used for outgoing request (ipv4, ipv6 or dual) #outgoingAddressFamily: ipv4 # Syslog option #syslog: # host: localhost # port: 514 # Proxy for HTTP/HTTPS #proxy: http://127.0.0.1:3128 #proxyBypassHosts: [ # 'web.kaiteki.app', # 'example.com', # '192.0.2.8' #] # Proxy for SMTP/SMTPS #proxySmtp: http://127.0.0.1:3128 # use HTTP/1.1 CONNECT #proxySmtp: socks4://127.0.0.1:1080 # use SOCKS4 #proxySmtp: socks5://127.0.0.1:1080 # use SOCKS5 # Media Proxy #mediaProxy: https://example.com/proxy # Proxy remote files (default: false) #proxyRemoteFiles: true # Media cleanup settings (defaults: false, 0, false, false) #mediaCleanup: # cron: true # maxAgeDays: 30 # cleanAvatars: false # cleanHeaders: false # Status code images images: info: '/static-assets/badges/info.png' notFound: '/static-assets/badges/not-found.png' error: '/static-assets/badges/error.png' # Pinned Post Limit pinLimit: 5 # Search engine (MFM) #searchEngine: 'https://duckduckgo.com/?q=' #allowedPrivateNetworks: [ # '127.0.0.1/32' #] # TWA #twa: # nameSpace: android_app # packageName: tld.domain.twa # sha256CertFingerprints: ['AB:CD:EF'] # Upload or download file size limits (bytes) #maxFileSize: 262144000 # ┌────────────────────────────────┐ #───┘ Mastodon client API HTML Cache └────────────────────────── # Caution: rendered post html content is stored in redis (in-memory cache) # for the duration of ttl, so don't set it too high if you have little system memory. # # The prewarm option causes every incoming user/note create/update event to # be rendered so the cache is always "warm". This trades background cpu load for # better request response time and better scaling, as posts won't have to be rendered # on request. # # The dbFallback option stores html data that expires into postgres, # which is more expensive than fetching it from redis, # but cheaper than re-rendering the HTML. #htmlCache: # ttl: 1h # prewarm: false # dbFallback: false # Duration hard muted notes are stored in redis for. # Increasing this trades higher memory consumption for lower cpu usage on repeated requests within the specified ttl. #wordMuteCache: # ttl: 24h #━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ # Congrats, you've reached the end of the config file needed for most deployments! # Enjoy your Iceshrimp server! #━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ #━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ # Managed hosting settings # >>> NORMAL SELF-HOSTERS, STAY AWAY! <<< # >>> YOU DON'T NEED THIS! <<< # Each category is optional, but if each item in each category is mandatory! # If you mess this up, that's on you, you've been warned... #━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ #maxUserSignups: 100 #isManagedHosting: true #deepl: # managed: true # authKey: '' # isPro: false # #email: # managed: true # address: 'example@email.com' # host: 'email.com' # port: 587 # user: 'example@email.com' # pass: '' # useImplicitSslTls: false # #objectStorage: # managed: true # baseUrl: '' # bucket: '' # prefix: '' # endpoint: '' # region: '' # accessKey: '' # secretKey: '' # useSsl: true # connnectOverProxy: false # setPublicReadOnUpload: true # s3ForcePathStyle: true # !!!!!!!!!! # >>>>>> AGAIN, NORMAL SELF-HOSTERS, STAY AWAY! <<<<<< # >>>>>> YOU DON'T NEED THIS, ABOVE SETTINGS ARE FOR MANAGED HOSTING ONLY! <<<<<< # !!!!!!!!!! # Seriously. Do NOT fill out the above settings if you're self-hosting. # They're much better off being set from the control panel.