X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=README;h=9b4147645b5fe1ce0f67a117480ad5f62402cbf2;hb=509c8fc51589a4cc6a3281e012ce759ab9bed532;hp=841423b7cba3f517376a5e3af5c5e4014a2dc60b;hpb=cf199a9b739eafea7a27eff947327befdcf001be;p=quix0rs-gnu-social.git diff --git a/README b/README index 841423b7cb..9b4147645b 100644 --- a/README +++ b/README @@ -2,8 +2,8 @@ README ------ -StatusNet 0.8.2 ("Life and How to Live It") -1 Nov 2009 +StatusNet 0.9.0 ("Stand") Beta 5 +1 Feb 2010 This is the README file for StatusNet (formerly Laconica), the Open Source microblogging platform. It includes installation instructions, @@ -16,10 +16,10 @@ About StatusNet (formerly Laconica) is a Free and Open Source microblogging platform. It helps people in a community, company or group to exchange -short (140 character) messages over the Web. Users can choose which -people to "follow" and receive only their friends' or colleagues' -status messages. It provides a similar service to sites like Twitter, -Jaiku, Yammer, and Plurk. +short (140 characters, by default) messages over the Web. Users can +choose which people to "follow" and receive only their friends' or +colleagues' status messages. It provides a similar service to sites +like Twitter, Jaiku, Yammer, and Plurk. With a little work, status messages can be sent to mobile phones, instant messenger programs (GTalk/Jabber), and specially-designed @@ -77,80 +77,203 @@ for additional terms. New this version ================ -This is a minor feature and bugfix release since version 0.8.1, -released Aug 26 2009. Notable changes this version: - -- New script for deleting user accounts. Not particularly safe or - community-friendly. Better for deleting abusive accounts than for - users who are 'retiring'. -- Improved detection of URLs in notices, specifically for punctuation - chars like ~, :, $, _, -, +, !, @, and %. -- Removed some extra
semantic HTML code. -- Correct error in status-network database ini file (having multiple - statusnet sites with a single codebase) -- Fixed error output for Twitter posting failures. -- Fixed bug in Twitter queue handler that requeued inapplicable - notices ad infinitum. -- Improve FOAF output for remote users. -- new commands to join and leave groups. -- Fixed bug in which you cannot turn off importing friends timelines - flag. -- Better error handling in Twitter posting. -- Show oEmbed data for XHTML files as well as plain HTML. -- Updated bug database link in README. -- require HTML tidy extension. -- add support for HTTP Basic Auth in PHP CGI or FastCGI (e.g. GoDaddy). -- autofocus input to selected entry elements depending on page. -- updated layout for filter-by-tag form. -- better layout for inbox and outbox pages. -- fix highlighting search terms in attributes of notice list elements. -- Correctly handle errors in linkback plugin. -- Updated biz theme. -- Updated cloudy theme. -- Don't match '::' as an IPv6 address. -- Use the same decision logic for deciding whether to mark an - attachment as an enclosure in RSS or as a paperclip item in Web - output. -- Fixed a bug in the Piwik plugin that hard-coded the site ID. -- Add a param, inreplyto, to notice/new to allow an explicit response - to another notice. -- Show username in subject of emails. -- Check if avatar exists before trying to delete it. -- Correctly add omb_version to response for request token in OMB. -- Add a few more SMS carriers. -- Add a few more notice sources. -- Vary: header. -- Improvements to the AutoCompletePlugin. -- Check for 'dl' before using it. -- Make it impossible to delete self-subscriptions via the API. -- Fix pagination of tagged user pages. -- Make PiwikAnalyticsPlugin work with addPlugin(). -- Removed trailing single space in user nicknames in notice lists. -- Show context link if a notice starts a conversation. -- blacklist all files and directories in install dir. -- handle GoDaddy-style PATH_INFO, including script name. -- add home_timeline synonym for friends_timeline. -- Add a popup window for the realtime plugin. -- Add some more streams for the realtime plugin. -- Fix a bug that overwrote group creation timestamp on every edit. -- Moved HTTP error code strings to a class variable. -- The Twitter API now returns server errors in the correct format. -- Reset the doctype for HTML output. -- Fixed a number of notices. -- Don't show search suggestions for private sites. -- Some corrections to FBConnect nav overrides. -- Slightly less database-intensive session management. -- Updated name of software in installer script. -- Include long-form attachment URLs if url-shortener is disabled. -- Include updated localisations for Polish, Greek, Hebrew, Icelandic, - Norwegian, and Chinese. -- Include upstream fixes to gettext.php. -- Correct for regression in Facebook API for updates. -- Ignore "Sent from my iPhone" (and similar) in mail updates. -- Use the NICKNAME_FMT constant for detecting nicknames. -- Check for site servername config'd. -- Compatibility fix for empty status updates with Twitter API. -- Option to show files privately (EXPERIMENTAL! Use with caution.) +This is a major feature release since version 0.8.2, released Nov 1 2009. +It is also a security release since 0.9.0beta4 January 27 2010. Beta +users are strongly encouraged to upgrade to deal with a security alert. + +http://status.net/wiki/Security_alert_0000002 + +Notable changes this version: + +- Records of deleted notices are stored without the notice content. +- Much of the optional core featureset has been moved to plugins. +- OpenID support moved from core to a plugin. Helps test the strength of + our plugin architecture and makes it easy to disable this + functionality for e.g. intranet sites. +- Many additional hook events (see EVENTS.txt for details). +- OMB 0.1 support re-implemented using libomb. +- Re-structure database so notices, messages, bios and group + descriptions can be over 140 characters. Limit defined by + site administrator as configuration option; can be unlimited. +- Configuration data now optionally stored in the database, which + overrides any settings in config files. +- Twitter integration re-implemented as a plugin. +- Facebook integration re-implemented as a plugin. +- Role-based authorization framework. Users can have named roles, and + roles can have rights (e.g., to delete notices, change configuration + data, or ban uncooperative users). Default roles 'admin' (for + configuration) and 'moderator' (for community management) added. +- Plugin for PubSubHubBub (PuSH) support. +- Considerable code style cleanup to meet PEAR code standards. +- Made a common library for HTTP-client access which uses available + HTTP libraries where possible. +- Added statuses/home_timeline method to API. +- Hooks for plugins to handle notices offline, either by defining + their own queue handler scripts or to use a default plugin queue + handler script. +- Plugins can now modify the database schema, adding their own tables + or modifying existing ones. +- Groups API. +- Twitter API supports Web caching for some methods. +- Twitter API refactored into one-action-per-method. +- Realtime plugin supports a tear-off window. +- FOAF for groups. +- Moved all JavaScript tags to just before by default, + significantly speeding up apparent page load time. +- Added a Realtime plugin for Orbited server. +- Added a mobile plugin to give a more mobile-phone-friendly layout + when a mobile browser is detected. +- Use CSS sprites for most common icons. +- Fixes for images and buttons on Web output. +- New plugin requires that users validate their email before posting. +- New plugin UserFlag lets users flag other profiles for review. +- Considerably better i18n support. Use TranslateWiki to update + translations. +- Notices and profiles now store location information. +- New plugin, Geonames, for turning location names and lat/long pairs + into structured IDs and vice versa. Architecture reusable for other + systems. +- Better check of license compatibility between site licenses. +- Some improvements in XMPP output. +- Media upload in the API. +- Replies appear in the user's inbox. +- Improved the UI on the bookmarklet. +- StatusNet identities can be used as OpenID identities. +- Script to register a user. +- Script to make someone a group admin. +- Script to make someone a site admin or moderator. +- 'login' command. +- Pluggable authentication. +- LDAP authentication plugin. +- Script for console interaction with the site (!). +- Users don't see group posts from people they've blocked. +- Admin panel interface for changing site configuration. +- Users can be sandboxed (limited contributions) or silenced + (no contributions) by moderators. +- Many changes to make language usage more consistent. +- Sphinx search moved to a plugin. +- GeoURL plugin. +- Profile and group lists support hAtom. +- Massive refactoring of util.js. +- Mapstraction plugin to show maps on inbox and profile pages. +- Play/pause buttons for realtime notices. +- Support for geo microformat. +- Partial support for feed subscriptions, RSSCloud, PubSubHubBub. +- Support for geolocation in browser (Chrome, Firefox). +- Quit trying to negotiate HTML format. Always use text/html. + We lose, and so do Web standards. Boo. +- Better logging of request info. +- Better output for errors in Web interface. +- No longer store .mo files; these need to be generated. +- Minify plugin. +- Events to allow pluginizing logger. +- New framework for plugin localization. +- Gravatar plugin. +- Add support for "repeats" (similar to Twitter's "retweets"). +- Support for repeats in Twitter API. +- Better notification of direct messages. +- New plugin to add "powered by StatusNet" to logo. +- Returnto works for private sites. +- Localisation updates, including new Persian translation. +- CAS authentication plugin +- Get rid of DB_DataObject native cache (big memory leaker) +- setconfig.php script to set configuration variables +- Blacklist plugin, to blacklist URLs and nicknames +- Users can set flag whether they want to share location + both in notice form (for one notice) and profile settings + (any notice) +- notice inboxes moved from normalized notice_inbox table to + denormalized inbox table +- Automatic compression of Memcache +- Memory caching pluginized +- Memcache, XCache, APC and Diskcache plugins +- A script to update user locations +- cache empty query results +- A sample plugin to show best plugin practices +- CacheLog plugin to debug cache accesses +- Require users to login to view attachments on private sites +- Plugin to use Mollom spam detection service +- Plugin for RSSCloud +- Add an array of default plugins +- A version action to give credit to contributors and plugin + developers +- Daemon to read IMAP mailbox instead of using a mailbox script +- Pass session information between SSL and non-SSL server + when SSL set to 'sometimes' +- Major refactoring of queue handlers to manage very + large hosting site (like status.net) +- SubscriptionThrottle plugin to prevent subscription spamming +- Don't enqueue into plugin or SMS queues when disabled (breaks unqueuehandler if SMS queue isn't attached) +- Improve name validation checks on local File references +- fix local file include vulnerability in doc.php +- Reusing fixed selector name for 'processing' in util.js +- Removed hAtom pattern from registration page. +- restructuring of User::registerNew() lost password munging +- Add a script to clear the cache for a given key +- buggy fetch for site owner +- Added missing concat of in Realtime response +- Updated XHR binded events to work better in jQuery 1.4.1. Using .live() for event delegation instead of jQuery.data() and checking to see if an element was previously binded. +- Updated jQuery Form Plugin from v2.17 to v2.36 +- Updated jQuery JavaScript Library from v1.3.2 to v1.4.1 +- move schema.type.php to typeschema.php like other files +- Add Really Simple Discovery (RSD) support +- Add a robots.txt URL to the site root +- error clearing tags for profiles from memcached +- on exceptions, stomp logs the error and reenqueues +- add lat, lon, location and remove closing tag from geocode.php +- Use passed-in lat long in geocode.php +- better handling of null responses from geonames.org +- Globalized form notice data geo values +- Using jQuery chaining in FormNoticeXHR +- Using form object instead of form_id and find(). Slightly faster and easier to read. +- removed describeTable from base class, and fixed it up in pgsql +- getTableDef() mostly working in postgres +- move the schema DDL sql off into seperate files for each db we support +- plugin to limit number of registered users +- add hooks for user registration +- live fast, die young in bash scripts +- for single-user mode, retrieve either site owner or defined nickname +- method to get the site owner +- define a constant for the 'owner' role of a site +- add simple cache getter/setter static functions to Memcached_DataObject +- Adds notice author's name to @title in Realtime response +- Hides .author from XHR response in showstream +- Hides .author from XHR response in showstream +- Fix more fatal errors in queue edge cases +- Don't attempt to resend XMPP messages that can't be broadcast due to the profile being deleted. +- Wrap each bit of distrib queue handler's saving operation in a try/catch; log exceptions but let everything else continue. +- Log exceptions from queuedaemon.php if they're not already caught +- Move sessions settings to its own panel +- Fixes for status_network db object .ini and tag setter script +- Add a script to set tags for sites +- Adjust API authentication to also check for OAuth protocol params in the HTTP Authorization header, as defined in OAuth HTTP Authorization Scheme. +- Last-chance distribution if enqueueing fails +- Manual failover for stomp queues. +- lost config in index.php made all traffic go to master +- "Revert "move RW setup above user get in index.php so remember_me works"" +- Revert "move RW setup above user get in index.php so remember_me works" +- move RW setup above user get in index.php so remember_me works +- hide most DB_DataObject errors +- always set up database_rw, regardless, so cached sessions work +- update mysqltimestamps on insert and update +- additional debugging data for Sessions +- 'Sign in with Twitter' button img +- Update to biz theme +- Remove redundant session token field from form (was already being added by base class). +- 'Sign in with Twitter' button img +- Can now set $config['queue']['stomp_persistent'] = false; to explicitly disable persistence when we queue items +- Showing processing indicator for form_repeat on submit instead of form +- Removed avatar from repeat of username (matches noticelist) +- Removed unused variable assignment for avatar URL and added missing fn +- Don't preemptively close existing DB connections for web views (needed to keep # of conns from going insane on multi-site queue daemons, so just doing for CLI) May, or may not, help with mystery session problems +- dropping the setcookie() call from common_ensure_session() since we're pretty sure it's unnecessary +- append '/' on cookie path for now (may still need some refactoring) +- set session cookie correctly +- Fix for Mapstraction plugin's zoomed map links +- debug log line for control channel sub +- Move faceboookapp.js to the Facebook plugin +- fix for fix for bad realtime JS load +- default 24-hour expiry on Memcached objects where not specified. Prerequisites ============= @@ -177,7 +300,6 @@ Your PHP installation must include the following PHP extensions: - GD. For scaling down avatar images. - mbstring. For handling Unicode (UTF-8) encoded strings. - gettext. For multiple languages. Default on many PHP installs. -- tidy. Used to clean up HTML/URLs for the URL shortener to consume. For some functionality, you will also need the following extensions: @@ -358,7 +480,7 @@ It's possible to configure the software so it looks like this instead: These "fancy URLs" are more readable and memorable for users. To use fancy URLs, you must either have Apache 2.x with .htaccess enabled and -mod_redirect enabled, -OR- know how to configure "url redirection" in +mod_rewrite enabled, -OR- know how to configure "url redirection" in your server. 1. Copy the htaccess.sample file to .htaccess in your StatusNet @@ -384,23 +506,31 @@ like: If you changed your HTTP server configuration, you may need to restart the server first. +If it doesn't work, double-check that AllowOverride for the StatusNet +directory is 'All' in your Apache configuration file. This is usually +/etc/httpd.conf, /etc/apache/httpd.conf, or (on Debian and Ubuntu) +/etc/apache2/sites-available/default. See the Apache documentation for +.htaccess files for more details: + + http://httpd.apache.org/docs/2.2/howto/htaccess.html + +Also, check that mod_rewrite is installed and enabled: + + http://httpd.apache.org/docs/2.2/mod/mod_rewrite.html + Sphinx ------ -To use a Sphinx server to search users and notices, you also need -to install, compile and enable the sphinx pecl extension for php on the -client side, which itself depends on the sphinx development files. -"pecl install sphinx" should take care of that. Add "extension=sphinx.so" -to your php.ini and reload apache to enable it. +To use a Sphinx server to search users and notices, you'll need to +enable the SphinxSearch plugin. Add to your config.php: + + addPlugin('SphinxSearch'); + $config['sphinx']['server'] = 'searchhost.local'; -You can update your MySQL or Postgresql databases to drop their fulltext -search indexes, since they're now provided by sphinx. +You also need to install, compile and enable the sphinx pecl extension for +php on the client side, which itself depends on the sphinx development files. -On the sphinx server side, a script reads the main database and build -the keyword index. A cron job reads the database and keeps the sphinx -indexes up to date. scripts/sphinx-cron.sh should be called by cron -every 5 minutes, for example. scripts/sphinx.sh is an init.d script -to start and stop the sphinx search daemon. +See plugins/SphinxSearch/README for more details and server setup. SMS --- @@ -543,30 +673,19 @@ server is probably a good idea for high-volume sites. needs as a parameter the install path; if you run it from the StatusNet dir, "." should suffice. -This will run eight (for now) queue handlers: +This will run the queue handlers: +* queuedaemon.php - polls for queued items for inbox processing and + pushing out to OMB, SMS, XMPP, etc. * xmppdaemon.php - listens for new XMPP messages from users and stores - them as notices in the database. -* jabberqueuehandler.php - sends queued notices in the database to - registered users who should receive them. -* publicqueuehandler.php - sends queued notices in the database to - public feed listeners. -* ombqueuehandler.php - sends queued notices to OpenMicroBlogging - recipients on foreign servers. -* smsqueuehandler.php - sends queued notices to SMS-over-email addresses - of registered users. -* xmppconfirmhandler.php - sends confirmation messages to registered - users. -* twitterqueuehandler.php - sends queued notices to Twitter for user - who have opted to set up Twitter bridging. -* facebookqueuehandler.php - sends queued notices to Facebook for users - of the built-in Facebook application. - -Note that these queue daemons are pretty raw, and need your care. In -particular, they leak memory, and you may want to restart them on a -regular (daily or so) basis with a cron job. Also, if they lose -the connection to the XMPP server for too long, they'll simply die. It -may be a good idea to use a daemon-monitoring service, like 'monit', + them as notices in the database; also pulls queued XMPP output from + queuedaemon.php to push out to clients. + +These two daemons will automatically restart in most cases of failure +including memory leaks (if a memory_limit is set), but may still die +or behave oddly if they lose connections to the XMPP or queue servers. + +It may be a good idea to use a daemon-monitoring service, like 'monit', to check their status and keep them running. All the daemons write their process IDs (pids) to /var/run/ by @@ -576,102 +695,7 @@ daemons. Since version 0.8.0, it's now possible to use a STOMP server instead of our kind of hacky home-grown DB-based queue solution. See the "queues" config section below for how to configure to use STOMP. As of this -writing, the software has been tested with ActiveMQ ( - -Twitter Bridge --------------- - -* OAuth - -As of 0.8.1, OAuth is used to to access protected resources on Twitter -instead of HTTP Basic Auth. To use Twitter bridging you will need -to register your instance of StatusNet as an application on Twitter -(http://twitter.com/apps), and update the following variables in your -config.php with the consumer key and secret Twitter generates for you: - - $config['twitter']['consumer_key'] = 'YOURKEY'; - $config['twitter']['consumer_secret'] = 'YOURSECRET'; - -When registering your application with Twitter set the type to "Browser" -and your Callback URL to: - - http://example.org/mublog/twitter/authorization - -The default access type should be, "Read & Write". - -* Importing statuses from Twitter - -To allow your users to import their friends' Twitter statuses, you will -need to enable the bidirectional Twitter bridge in config.php: - - $config['twitterbridge']['enabled'] = true; - -and run the TwitterStatusFetcher daemon (scripts/twitterstatusfetcher.php). -Additionally, you will want to set the integration source variable, -which will keep notices posted to Twitter via StatusNet from looping -back. The integration source should be set to the name of your -application, exactly as you specified it on the settings page for your -StatusNet application on Twitter, e.g.: - - $config['integration']['source'] = 'YourApp'; - -* Twitter Friends Syncing - -Users may set a flag in their settings ("Subscribe to my Twitter friends -here" under the Twitter tab) to have StatusNet attempt to locate and -subscribe to "friends" (people they "follow") on Twitter who also have -accounts on your StatusNet system, and who have previously set up a link -for automatically posting notices to Twitter. - -As of 0.8.0, this is no longer accomplished via a cron job. Instead you -must run the SyncTwitterFriends daemon (scripts/synctwitterfreinds.php). - -Built-in Facebook Application ------------------------------ - -StatusNet's Facebook application allows your users to automatically -update their Facebook statuses with their latest notices, invite -their friends to use the app (and thus your site), view their notice -timelines, and post notices -- all from within Facebook. The application -is built into StatusNet and runs on your host. For automatic Facebook -status updating to work you will need to enable queuing and run the -facebookqueuehandler.php daemon (see the "Queues and daemons" section -above). - -Quick setup instructions*: - -Install the Facebook Developer application on Facebook: - - http://www.facebook.com/developers/ - -Use it to create a new application and generate an API key and secret. -Uncomment the Facebook app section of your config.php and copy in the -key and secret, e.g.: - - # Config section for the built-in Facebook application - $config['facebook']['apikey'] = 'APIKEY'; - $config['facebook']['secret'] = 'SECRET'; - -In Facebook's application editor, specify the following URLs for your app: - -- Canvas Callback URL: http://example.net/mublog/facebook/ -- Post-Remove Callback URL: http://example.net/mublog/facebook/remove -- Post-Add Redirect URL: http://apps.facebook.com/yourapp/ -- Canvas Page URL: http://apps.facebook.com/yourapp/ - -(Replace 'example.net' with your host's URL, 'mublog' with the path -to your StatusNet installation, and 'yourapp' with the name of the -Facebook application you created.) - -Additionally, Choose "Web" for Application type in the Advanced tab. -In the "Canvas setting" section, choose the "FBML" for Render Method, -"Smart Size" for IFrame size, and "Full width (760px)" for Canvas Width. -Everything else can be left with default values. - -*For more detailed instructions please see the installation guide on the -StatusNet wiki: - - http://status.net/trac/wiki/FacebookApplication +writing, the software has been tested with ActiveMQ. Sitemaps -------- @@ -757,10 +781,12 @@ subdirectory to add a new language to your system. You'll need to compile the ".po" files into ".mo" files, however. Contributions of translation information to StatusNet are very easy: -you can use the Web interface at http://status.net/pootle/ to add one +you can use the Web interface at TranslateWiki.net to add one or a few or lots of new translations -- or even new languages. You can also download more up-to-date .po files there, if you so desire. +For info on helping with translations, see http://status.net/wiki/Translations + Backups ------- @@ -786,11 +812,21 @@ private site, but users of the private site may be able to subscribe to users on a remote site. (Or not... it's not well tested.) The "proper behaviour" hasn't been defined here, so handle with care. -If fancy URLs is enabled, access to file attachments can also be -restricted to logged-in users only. Uncomment the appropriate rewrite -rule in .htaccess or your server's httpd.conf. (This most likely will -not work if you are using a virtual server for attachments, so consider -the performance/security tradeoff.) +Access to file attachments can also be restricted to logged-in users only. +1. Add a directory outside the web root where your file uploads will be + stored. Usually a command like this will work: + + mkdir /var/www/mublog-files + +2. Make the file uploads directory writeable by the web server. An + insecure way to do this is: + + chmod a+x /var/www/mublog-files + +3. Tell StatusNet to use this directory for file uploads. Add a line + like this to your config.php: + + $config['attachments']['dir'] = '/var/www/mublog-files'; Upgrading ========= @@ -876,40 +912,8 @@ to update it. Notice inboxes -------------- -Before version 0.6.2, the page showing all notices from people the -user is subscribed to ("so-and-so with friends") was calculated at run -time. Starting with 0.6.2, we have a new data structure for holding a -user's "notice inbox". (Note: distinct from the "message inbox", which -is the "inbox" tab in the UI. The notice inbox appears under the -"Personal" tab.) - -Notices are added to the inbox when they're created. This speeds up -the query considerably, and also allows us the opportunity, in the -future, to add different kind of notices to an inbox -- like @-replies -or subscriptions to search terms or hashtags. - -Notice inboxes are enabled by default for new installations. If you -are upgrading an existing site, this means that your users will see -empty "Personal" pages. The following steps will help you fix the -problem. - -0. $config['inboxes']['enabled'] can be set to one of three values. If - you set it to 'false', the site will work as before. Support for this - will probably be dropped in future versions. -1. Setting the flag to 'transitional' means that you're in transition. - In this mode, the code will run the "new query" or the "old query" - based on whether the user's inbox has been updated. -2. After setting the flag to "transitional", you can run the - fixup_inboxes.php script to create the inboxes. You may want to set - the memory limit high. You can re-run it without ill effect. -3. When fixup_inboxes is finished, you can set the enabled flag to - 'true'. - -NOTE: As of version 0.8.1 notice inboxes are automatically trimmed back - to ~1000 notices every once in a while. - -NOTE: we will drop support for non-inboxed sites in the 0.9.x version -of StatusNet. It's time to switch now! +Notice inboxes are now required. If you don't have inboxes enabled, +StatusNet will no longer run. UTF-8 Database -------------- @@ -981,6 +985,12 @@ locale_path: full path to the directory for locale data. Unless you store all your locale data in one place, you probably don't need to use this. language: default language for your site. Defaults to US English. + Note that this is overridden if a user is logged in and has + selected a different language. It is also overridden if the + user is NOT logged in, but their browser requests a different + langauge. Since pretty much everybody's browser requests a + language, that means that changing this setting has little or + no effect in practice. languages: A list of languages supported on your site. Typically you'd only change this if you wanted to disable support for one or another language: @@ -1005,8 +1015,6 @@ closed: If set to 'true', will disallow registration on your site. the service, *then* set this variable to 'true'. inviteonly: If set to 'true', will only allow registration if the user was invited by an existing user. -openidonly: If set to 'true', will only allow registrations and logins - through OpenID. private: If set to 'true', anonymous users will be redirected to the 'login' page. Also, API methods that normally require no authentication will require it. Note that this does not turn @@ -1034,6 +1042,9 @@ shorturllength: Length of URL at which URLs in a message exceeding 140 dupelimit: minimum time allowed for one person to say the same thing twice. Default 60s. Anything lower is considered a user or UI error. +textlimit: default max size for texts in the site. Defaults to 140. + 0 means no limit. Can be fine-tuned for notices, messages, + profile bios and group descriptions. db -- @@ -1073,6 +1084,14 @@ utf8: whether to talk to the database in UTF-8 mode. This is the default with new installations, but older sites may want to turn it off until they get their databases fixed up. See "UTF-8 database" above for details. +schemacheck: when to let plugins check the database schema to add + tables or update them. Values can be 'runtime' (default) + or 'script'. 'runtime' can be costly (plugins check the + schema on every hit, adding potentially several db + queries, some quite long), but not everyone knows how to + run a script. If you can, set this to 'script' and run + scripts/checkschema.php whenever you install or upgrade a + plugin. syslog ------ @@ -1118,6 +1137,12 @@ Creative Commons Attribution 3.0 license, which is probably the right choice for any public site. Note that some other servers will not accept notices if you apply a stricter license than this. +type: one of 'cc' (for Creative Commons licenses), 'allrightsreserved' + (default copyright), or 'private' (for private and confidential + information). +owner: for 'allrightsreserved' or 'private', an assigned copyright + holder (for example, an employer for a private site). If + not specified, will be attributed to 'contributors'. url: URL of the license, used for links. title: Title for the license, like 'Creative Commons Attribution 3.0'. image: A button shown on each page for the license. @@ -1234,14 +1259,6 @@ For configuring invites. enabled: Whether to allow users to send invites. Default true. -openid ------- - -For configuring OpenID. - -enabled: Whether to allow users to register and login using OpenID. Default - true. - tag --- @@ -1292,17 +1309,6 @@ base: memcached uses key-value pairs to store data. We build long, StatusNet site using your memcached server. port: Port to connect to; defaults to 11211. -sphinx ------- - -You can get a significant boost in performance using Sphinx Search -instead of your database server to search for users and notices. -. - -enabled: Set to true to enable. Default false. -server: a string with the hostname of the sphinx server. -port: an integer with the port number of the sphinx server. - emailpost --------- @@ -1319,24 +1325,11 @@ For SMS integration. enabled: Whether to enable SMS integration. Defaults to true. Queues should also be enabled. -twitter -------- - -For Twitter integration - -enabled: Whether to enable Twitter integration. Defaults to true. - Queues should also be enabled. - integration ----------- A catch-all for integration with other systems. -source: The name to use for the source of posts to Twitter. Defaults - to 'statusnet', but if you request your own source name from - Twitter , you can use - that here instead. Status updates on Twitter will then have - links to your site. taguri: base for tag:// URIs. Defaults to site-server + ',2009'. inboxes @@ -1344,9 +1337,8 @@ inboxes For notice inboxes. -enabled: A three-valued flag for whether to use notice inboxes (see - upgrading info above for notes about this change). Can be - 'false', 'true', or '"transitional"'. +enabled: No longer used. If you set this to something other than true, + StatusNet will no longer run. throttle -------- @@ -1368,6 +1360,8 @@ banned: an array of usernames and/or profile IDs of 'banned' profiles. The site will reject any notices by these users -- they will not be accepted at all. (Compare with blacklisted users above, whose posts just won't show up in the public stream.) +biolimit: max character length of bio; 0 means no limit; null means to use + the site text limit default. newuser ------- @@ -1464,6 +1458,9 @@ Options for group functionality. maxaliases: maximum number of aliases a group can have. Default 3. Set to 0 or less to prevent aliases in a group. +desclimit: maximum number of characters to allow in group descriptions. + null (default) means to use the site-wide text limits. 0 + means no limit. oohembed -------- @@ -1510,15 +1507,6 @@ dir: directory to write backgrounds too. Default is '/background/' path: path to backgrounds. Default is sub-path of install path; note that you may need to change this if you change site-path too. -twitterbridge -------------- - -A bi-direction bridge to Twitter (http://twitter.com/). - -enabled: default false. If true, will show user's Twitter friends' - notices in their inbox and faves pages, only to the user. You - must also run the twitterstatusfetcher.php script. - ping ---- @@ -1542,6 +1530,62 @@ linkcolor: Hex color of all links. backgroundimage: Image to use for the background. disposition: Flags for whether or not to tile the background image. +notice +------ + +Configuration options specific to notices. + +contentlimit: max length of the plain-text content of a notice. + Default is null, meaning to use the site-wide text limit. + 0 means no limit. + +message +------- + +Configuration options specific to messages. + +contentlimit: max length of the plain-text content of a message. + Default is null, meaning to use the site-wide text limit. + 0 means no limit. + +logincommand +------------ + +Configuration options for the login command. + +disabled: whether to enable this command. If enabled, users who send + the text 'login' to the site through any channel will + receive a link to login to the site automatically in return. + Possibly useful for users who primarily use an XMPP or SMS + interface and can't be bothered to remember their site + password. Note that the security implications of this are + pretty serious and have not been thoroughly tested. You + should enable it only after you've convinced yourself that + it is safe. Default is 'false'. + +singleuser +---------- + +If an installation has only one user, this can simplify a lot of the +interface. It also makes the user's profile the root URL. + +enabled: Whether to run in "single user mode". Default false. +nickname: nickname of the single user. + +robotstxt +--------- + +We put out a default robots.txt file to guide the processing of +Web crawlers. See http://www.robotstxt.org/ for more information +on the format of this file. + +crawldelay: if non-empty, this value is provided as the Crawl-Delay: + for the robots.txt file. see http://ur1.ca/l5a0 + for more information. Default is zero, no explicit delay. +disallow: Array of (virtual) directories to disallow. Default is 'main', + 'search', 'message', 'settings', 'admin'. Ignored when site + is private, in which case the entire site ('/') is disallowed. + Plugins ======= @@ -1708,6 +1752,8 @@ if anyone's been overlooked in error. * Federico Marani * Craig Andrews * mEDI +* Brett Taylor +* Brigitte Schuster Thanks also to the developers of our upstream library code and to the thousands of people who have tried out Identi.ca, installed StatusNet,