Merge branch 'master' into live

So we don't have to consider it for reverse proxies etc.

Dockerfile

@@ -1,18 +1,11 @@
 # syntax=docker/dockerfile:1
-FROM debian:bullseye-slim as base
+FROM ruby:3.3.4
 
 SHELL ["/bin/bash", "-o", "pipefail", "-c"]
 
-# TODO Remove when upstream Ruby works properly on Apple silicon
+RUN apt-get update -qq && apt-get install -y --no-install-recommends curl \
-RUN apt update && apt install -y build-essential wget autoconf libpq-dev pkg-config
+      ldap-utils tini libvips
-RUN wget https://github.com/postmodern/ruby-install/releases/download/v0.9.3/ruby-install-0.9.3.tar.gz \
-  && tar -xzvf ruby-install-0.9.3.tar.gz \
-  && cd ruby-install-0.9.3/ \
-  && make install
-RUN ruby-install -p https://github.com/ruby/ruby/pull/9371.diff ruby 3.3.0
-ENV PATH="/opt/rubies/ruby-3.3.0/bin:${PATH}"
 
-RUN apt-get install -y --no-install-recommends curl ldap-utils tini libvips
 RUN curl -fsSL https://deb.nodesource.com/setup_lts.x | bash -
 RUN apt-get update && apt-get install -y nodejs
 

app/controllers/webfinger_controller.rb

@@ -1,8 +1,6 @@
-class WebfingerController < ApplicationController
+class WebfingerController < WellKnownController
   before_action :allow_cross_origin_requests, only: [:show]
 
-  layout false
-
   def show
     resource = params[:resource]
 
@@ -91,10 +89,4 @@ class WebfingerController < ApplicationController
       }
     }
   end
-
-  def allow_cross_origin_requests
-    return unless Rails.env.development?
-    headers['Access-Control-Allow-Origin'] = "*"
-    headers['Access-Control-Allow-Methods'] = "GET"
-  end
 end

app/controllers/well_known_controller.rb

@@ -1,5 +1,8 @@
 class WellKnownController < ApplicationController
   before_action :require_nostr_enabled, only: [ :nostr ]
+  before_action :allow_cross_origin_requests, only: [ :nostr ]
+
+  layout false
 
   def nostr
     http_status :unprocessable_entity and return if params[:name].blank?
@@ -30,4 +33,9 @@ class WellKnownController < ApplicationController
     def require_nostr_enabled
       http_status :not_found unless Setting.nostr_enabled?
     end
+
+    def allow_cross_origin_requests
+      headers['Access-Control-Allow-Origin'] = "*"
+      headers['Access-Control-Allow-Methods'] = "GET"
+    end
 end

app/models/setting.rb

@@ -222,6 +222,6 @@ class Setting < RailsSettings::Base
 
   def self.default_services
     # TODO Make configurable from respective service settings page
-    %w[ discourse gitea mastodon mediawiki xmpp ]
+    %w[ discourse gitea mastodon mediawiki remotestorage xmpp ]
   end
 end

app/views/admin/users/show.html.erb

@@ -205,7 +205,9 @@
             ) %>
           </td>
           <td class="text-right">
+            <% if @user.nostr_pubkey.present? %>
             <%= link_to "Open profile", "https://njump.me/#{@user.nostr_pubkey_bech32}", class: "btn-sm btn-gray" %>
+            <% end %>
           </td>
         </tr>
         <% end %>

app/views/services/remotestorage/show.html.erb

@@ -14,7 +14,8 @@
     <p class="mb-6">
       In order to connect an app to your storage account, give it your address:
     </p>
-    <p data-controller="clipboard" class="flex gap-1 sm:w-2/5">
+    <p data-controller="clipboard" class="flex items-center gap-1 sm:w-2/5">
+      <img src="/img/logos/icon_remotestorage.svg" class="inline-block h-6 w-6 mr-1">
       <input type="text" id="user_address" class="grow"
              value=<%= current_user.address %> disabled="disabled"
              data-clipboard-target="source" />
@@ -31,6 +32,24 @@
     </p>
   </section>
 
+  <section>
+    <h3>Compatible Apps</h3>
+    <p>
+      Your Storage account is based on a new open standard called
+      <a href="https://remotestorage.io" target="_blank">
+        <img src="/img/logos/icon_remotestorage.svg" class="h-4 w-4 inline">
+        <strong>remoteStorage</strong>
+      </a>, which is not yet widely supported.  Look
+      for the remoteStorage icon, or check the Sync settings in apps.
+    </p>
+    <p>
+      If you want your favorite apps to support syncing data with your own
+      Storage account, let the developers know! All relevant information is
+      available on the <a href="https://remotestorage.io"
+        target="_blank" class="ks-text-link">remoteStorage website</a>.
+    </p>
+  </section>
+
   <section>
     <h3>Recommended Apps</h3>
     <div data-controller="tabs"

config/sidekiq.yml

@@ -1,4 +1,6 @@
 :concurrency: 2
+production:
+  :concurrency: 10
 :queues:
   - default
   - mailers

doc/integrations/strfry.md

@@ -1,29 +0,0 @@
-# strfry (nostr relay)
-
-## LDAP policy
-
-...
-
-## Useful scripts
-
-### Syncing events for all local nostr users from a remote relay
-
-You can sync all events of all local users with a pubkey stored in LDAP from a
-specified remote relay to the local relay with the `strfry-sync.ts` script:
-
-    deno run -A /opt/strfry-sync.ts wss://relay.example.com
-
-Doing the same with Docker Compose (great for seeding data to your local relay
-in development):
-
-    docker compose run strfry deno run -A /opt/strfry-sync.ts wss://relay.example.com
-
-## Docker image
-
-In order to use the LDAP policy with Docker, you will need
-[Deno](https://deno.com/) installed in your strfry container. We provide a
-custom Docker image for strfry with Deno included (which we use in
-development):
-
-* Registry: https://gitea.kosmos.org/kosmos/-/packages/container/strfry-deno/1.1.1
-* Source: https://github.com/raucao/strfry/blob/docker_deno/ubuntu.Dockerfile

spec/models/user_spec.rb

@@ -178,7 +178,7 @@ RSpec.describe User, type: :model do
     after { clear_enqueued_jobs }
 
     it "enables default services" do
-      expect(user).to receive(:enable_service).with(%w[ discourse gitea mastodon mediawiki xmpp ])
+      expect(user).to receive(:enable_service).with(%w[ discourse gitea mastodon mediawiki remotestorage xmpp ])
       user.send :devise_after_confirmation
     end
 

spec/requests/webfinger_spec.rb

@@ -94,6 +94,12 @@ RSpec.describe "WebFinger", type: :request do
           oauth_url = rs_link["properties"]["http://tools.ietf.org/html/rfc6749#section-4.2"]
           expect(oauth_url).to eql("http://www.example.com/rs/oauth/tony")
         end
+
+        it "returns CORS headers" do
+          get "/.well-known/nostr.json?name=bobdylan"
+          expect(response.headers['Access-Control-Allow-Origin']).to eq("*")
+          expect(response.headers['Access-Control-Allow-Methods']).to eq('GET')
+        end
       end
 
       context "remoteStorage not enabled for user" do

spec/requests/well_known_spec.rb

@@ -46,6 +46,12 @@ RSpec.describe "Well-known URLs", type: :request do
         expect(res["names"]["bobdylan"]).to eq(user.nostr_pubkey)
       end
 
+      it "returns CORS headers" do
+        get "/.well-known/nostr.json?name=bobdylan"
+        expect(response.headers['Access-Control-Allow-Origin']).to eq("*")
+        expect(response.headers['Access-Control-Allow-Methods']).to eq('GET')
+      end
+
       context "without relay configured" do
         before do
           Setting.nostr_relay_url = ""