kitsune/config.example.toml

# Configuration for Kitsune
#
# This is where you enter pretty much all configuration essential to running a Kitsune service

# Cache configuration
#
# Kitsune offers the following caching solutions:
# - "none": Caching is fully disabled
# - "in-memory": Information is cached in an in-memory caching solution
# - "redis": Information is cached inside a Redis instance
#
# The cache solution is switched by setting the "type" parameter to the above values
#
# Redis requires additional parameters:
# - "url": URL of the Redis instance Kitsune is supposed to connect to
[cache]
type = "in-memory"

# Captcha configuration
#
# To mitigate spam, Kitsune offers the option to require a captcha on sign-up
#
# We offer support for the following captcha services:
# - "hcaptcha": The widely known and used hCaptcha service
# - "mcaptcha": The lesser known self-hostable captcha service. 
#               It operates on proof-of-work, so it's not *really* a captcha but can mitigate serious spam attacks.
#
#[captcha]
#type = ""
#
# hCaptcha configuration:
#verify-url = ""
#site-key = ""
#secret-key = ""
#
# mCaptcha configuration:
#widget-link = ""
#site-key = ""
#secret-key = ""
#verify-url = ""

# Database configuration
#
# Kitsune uses a PostgreSQL database to store its data
[database]
# Database URL
#
# This URL has to contain all the information necessary to connect to the database
# i.e. username, password, host, port, database name, etc.
url = "postgres://localhost/kitsune"
# Max connections
#
# This is the maximum size of the database connection pool
# Increase this if you notice that a lot of time is spent on waiting for connections
max-connections = 20

# Email configuration
#
# If this configuration is present, Kitsune will require accounts to be confirmed via a link sent to the user's inbox
#
#[email]
#from-address = ""
#host = ""
#username = ""
#password = ""
#starttls = false # Usually servers support TLS natively. However, if they only support STARTTLS set this to "true" and Kitsune will attempt to use STARTTLS

# Embed configuration
#
# Kitsune can fetch oembed data and show it on your posts
# For this we need a small external service that fetches the pages, parses them open, and gives us the data we need
#
# We use Lantern Chat's `embed-service` microservice for this purpose: <https://github.com/Lantern-chat/embed-service/>
#
#[embed]
#service-url = ""

# Instance configuration
#
# These are all the values you can use to customize your instance
# Stuff like the name of your server, description, character limit, configuration, etc.
[instance]
# Allow users to create accounts with non-ASCII usernames
#
# These usernames can, for example, contains Hangul, umlauts, etc.
# We use a technique to prevent some impersonation cases by making Kitsune consider, for example, "a" and "ä" as the same character
#
# This is set to "false" by default since we are not quite sure yet how this interacts with other software
allow-non-ascii-usernames = false
# Name of your instance
#
# This name is shown on the front page, in Mastodon clients, and will show up on statistics scrapers
name = "Kitsune"
# Description of your instance
#
# This is an extended description of your instance, allowing you to describe the audience,
# and rules of your instance.
#
# While not guaranteed for other clients, the Kitsune frontend will interpret this as raw HTML.
description = "https://www.youtube.com/watch?v=6lnnPnr_0SU"
# Character limit of your instance
#
# This is the maximum length of posts that can be posted on your instance
# On Mastodon it's 500, on most other implementations it's freely configurable
character-limit = 5000
# Registrations open
#
# This signals to clients whether your registrations are currently open or not.
# It will also hard-enforce the closed signups inside of Kitsune, returning an error when a signup is attempted.
registrations-open = true

# Federation filters
#
# Federation filters are used to limit the federation to other instances.
# You can use this to block possible bad actors from interacting with your instance.
#
# The filters have two general modi:
# - "deny": The domains inside of the "domains" variable are not allowed to interact with your instance
# - "allow": *Only* the domains inside the "domains" variable are allowed to interact with your instance
#
# Choose the modus you want to use for your community.
[instance.federation-filter]
type = "deny"
# This list accepts wildcards (and general `glob` syntax. Reference: https://en.wikipedia.org/wiki/Glob_(programming)#Syntax)
# You can use this to deny access from entire domains or even entire TLDs
domains = []

[job-queue]
redis-url = "redis://localhost"
num-workers = 20

[language-detection]
backend = "whatlang"
default-language = "en"

[messaging]
type = "in-process"

[mrf]
module-dir = "mrf-modules"

[mrf.storage]
type = "fs"
path = "./mrf-storage"

# OIDC configuration
#
# Kitsune can use an OIDC service to manage logins
# This is useful if Kitsune is ran as part of a larger network of services
#
#[oidc]
#server-url = ""
#client-id = ""
#client-secret = ""

# OpenTelemetry configuration
#
# Kitsune supports exporting traces via the OpenTelemetry Protocol (OTLP, for short)
# It's by now the de-facto standard wire protocol for exporting telemetry data
#
#[opentelemetry]
#tracing-transport = "http" # "grpc" or "http"
#tracing-endpoint = "http://localhost:4317"

# Server configuration
#
# This configuration changes the general behaviour that you'd mostly attribute to the underlying HTTP server
[server]
# Setting to deny browsers with the Brave User-Agent
#
# Brave is a company financed by cryptocurrency scams, founded by a queerphobic bigot
# All the "privacy advantages" of Brave, you can get by getting a Firefox + uBlock Origin + DuckDuckGo installation
#
# When this setting is enabled, all browsers with the Brave User-Agent are redirected to an article
# explaining the hateful background of Brave Inc.
deny-brave-browsers = true
# Values for the `X-Clacks-Overhead` header
# You can use this as a sort of silent memorial
# clacks-overhead = ["Natalie Nguyen", "John \"Soap\" MacTavish"]
# Path the frontend you want to use is located at
# Note: This path is not canonicalized and does not support Unix shortcuts such as the tilde (~)
frontend-dir = "./kitsune-fe/dist"
# Maximum upload size
#
# This is the limit of data that the HTTP server accepts before it returns an HTTP 413 error
max-upload-size = "5MiB"
# Enable the media proxy
#
# The media proxy will relay all of the media streams through the backend, enabling two important properties:
# - IP masking: Remote servers will never receive the IP addresses of you users
# - Caching: You can cache remote content via your reverse proxy, lowering the load on the remote server
media-proxy-enabled = false
# Port on which Kitsune will listen
#
# This is the port you'd use in your reverse proxy configuration
# You shouldn't run Kitsune without a reverse proxy
port = 5000
# Time until the request is aborted and the client receives a 408 HTTP error message
#
# The unit of this setting is seconds
request-timeout-secs = 60

[search]
type = "sql"

[storage]
type = "fs"
upload-dir = "./uploads"

[url]
scheme = "http"
domain = "localhost:5000"