diff --git a/modules2/default.nix b/modules2/default.nix index f709a6d..ecad53a 100644 --- a/modules2/default.nix +++ b/modules2/default.nix @@ -223,7 +223,11 @@ in recommendedOptimisation = true; recommendedProxySettings = true; recommendedTlsSettings = true; - sslCiphers = "AES256+EECDH:AES256+EDH:!aNULL"; + sslProtocols = "TLSv1.2 TLSv1.3"; + # sslCiphers = "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305"; + sslCiphers = "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:AES256+EECDH:AES256+EDH"; +# sslCiphers = "ECDHE-ARIA128-GCM-SHA256"; +# sslCiphers = "AES256+EECDH:AES256+EDH:!aNULL"; }; users.users.nginx.extraGroups = [ "acme" ]; diff --git a/modules2/mastodon.nix b/modules2/mastodon.nix index 9a1ad5b..9ed06b5 100644 --- a/modules2/mastodon.nix +++ b/modules2/mastodon.nix @@ -1,4 +1,4 @@ -{ config, ... }: +{ config, pkgs, ... }: let inherit (config.serverConfig) vhosts; inherit (config.networking) domain; @@ -13,5 +13,6 @@ in fromAddress = "noreply@${domain}"; }; extraConfig.SINGLE_USER_MODE = "true"; + package = pkgs.mastodon.override { patches = [ ../patches/mastodon_post_size.patch ]; }; }; } diff --git a/patches/mastodon_post_size.patch b/patches/mastodon_post_size.patch new file mode 100644 index 0000000..ab9c43c --- /dev/null +++ b/patches/mastodon_post_size.patch @@ -0,0 +1,12 @@ +diff --git a/app/validators/status_length_validator.rb b/app/validators/status_length_validator.rb +index dc841ded3..9cb1ec94b 100644 +--- a/app/validators/status_length_validator.rb ++++ b/app/validators/status_length_validator.rb +@@ -1,7 +1,7 @@ + # frozen_string_literal: true + + class StatusLengthValidator < ActiveModel::Validator +- MAX_CHARS = 500 ++ MAX_CHARS = 5000 + URL_PLACEHOLDER_CHARS = 23 + URL_PLACEHOLDER = 'x' * 23