From e89346c9fdaa61df17058cf483399c5476c0e125 Mon Sep 17 00:00:00 2001 From: famfo Date: Thu, 3 Apr 2025 17:38:45 +0200 Subject: [PATCH] cheatsheet: document new/renamed federation settings --- docs/admin/config-cheat-sheet.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/docs/admin/config-cheat-sheet.md b/docs/admin/config-cheat-sheet.md index 6fd04655..00831245 100644 --- a/docs/admin/config-cheat-sheet.md +++ b/docs/admin/config-cheat-sheet.md @@ -1220,11 +1220,12 @@ If the rule is defined above the renderer ini section or the name does not match - `ENABLED`: **false**: Enable/Disable federation capabilities - `SHARE_USER_STATISTICS`: **true**: Enable/Disable user statistics for nodeinfo if federation is enabled -- `MAX_SIZE`: **4**: Maximum federation request and response size (MB) +- `MAX_SIZE`: **4**: Maximum federation request and response size in MB +- `SIGNATURE_ENFORCED`: **true**: Enable/Disable validation of HTTP signatures. This is similar to Mastodon's `AUTHORIZED_FETCH`, also called "secure mode". This setting requires all incoming requests to be signed by the originating server. It is recommended to keep this setting enabled. WARNING: Changing the settings below can break federation. -- `ALGORITHMS`: **rsa-sha256, rsa-sha512, ed25519**: HTTP signature algorithms +- `SIGNATURE_ALGORITHMS`: **rsa-sha256, rsa-sha512, ed25519**: HTTP signature algorithms - `DIGEST_ALGORITHM`: **SHA-256**: HTTP signature digest algorithm - `GET_HEADERS`: **(request-target), Date**: GET headers for federation requests - `POST_HEADERS`: **(request-target), Date, Digest**: POST headers for federation requests