From 89d67eed8cf247c70868da71176ae51422c240b7 Mon Sep 17 00:00:00 2001
From: Alex <caskd@420blaze.it>
Date: Sat, 13 Jun 2020 22:17:44 +0200
Subject: [PATCH] Change ownership and ToS and fix some stuff around

---
 files/priv/static/static/terms-of-service.html |  8 ++++----
 tasks/main.yml                                 | 13 +++++++++++--
 templates/config.exs.j2                        |  3 ++-
 templates/mrf.exs.j2                           |  6 +++++-
 4 files changed, 22 insertions(+), 8 deletions(-)

diff --git a/files/priv/static/static/terms-of-service.html b/files/priv/static/static/terms-of-service.html
index 5e3d611..9c6a945 100644
--- a/files/priv/static/static/terms-of-service.html
+++ b/files/priv/static/static/terms-of-service.html
@@ -2,10 +2,10 @@
 	<body>
 		<h4>Terms of Service</h4>
 		<ol>
-			<li>Anything against German law is disallowed.</li>
-			<li>No child porn.</li>
-			<li>No taking advantage of exploits.</li>
-			<li>Have common sense.</li>
+			<li>All sensitive or pornographic content should be tagged as such</li>
+			<li>Spambots or advertisement bots are not allowed</li>
+			<li>No private information or targeted harassment (aka doxxing)</li>
+			<li>Exploiting security weaknesses to gain information or cause harm is stricly forbidden</li>
 		</ol>
 	</body>
 </html>
diff --git a/tasks/main.yml b/tasks/main.yml
index a0443f7..0641238 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -37,14 +37,20 @@
         dest: '/home/repositories/pleroma/{{ item }}'
   tags:
         - pleroma
-        - build
 - name: Build pleroma
   shell:
         chdir: "/home/repositories/pleroma/"
-        cmd: "MIX_ENV=prod mix release --path {{ pleroma.root }}"
+        cmd: "MIX_ENV=prod mix release --path {{ pleroma.root }} --force"
   tags:
         - pleroma
         - build
+- name: Change ownership of build output
+  shell:
+        chdir: "/etc/pleroma"
+        cmd: "chown -R nobody:root ."
+        warn: false
+  tags:
+        - pleroma
 - name: Copy configuration files
   loop:
         - "config.exs"
@@ -53,6 +59,9 @@
         src: "{{ item }}.j2"
         dest: "/etc/pleroma/{{ item }}"
         follow: yes
+        owner: "nobody"
+        group: "root"
+        mode: "700"
   tags:
         - pleroma
 - name: Copy secrets
diff --git a/templates/config.exs.j2 b/templates/config.exs.j2
index 6ca843c..38e0b0f 100644
--- a/templates/config.exs.j2
+++ b/templates/config.exs.j2
@@ -20,7 +20,8 @@ config :pleroma, :frontend_configurations,
     theme: "{{ pleroma.instance.frontend.theme }}",
     logo: "{{ pleroma.instance.frontend.logo }}",
     logoMask: {{ pleroma.instance.frontend.logomask }},
-    background: "{{ pleroma.instance.frontend.bg }}"
+    background: "{{ pleroma.instance.frontend.bg }}",
+    showFeaturesPanel: false
   }
 
 config :pleroma, :media_proxy, enabled: {{ pleroma.instance.media_proxy }}
diff --git a/templates/mrf.exs.j2 b/templates/mrf.exs.j2
index 635f3fb..dd6c69d 100644
--- a/templates/mrf.exs.j2
+++ b/templates/mrf.exs.j2
@@ -1,7 +1,11 @@
 import Config
 
 config :pleroma, :instance,
-  rewrite_policy: "Pleroma.Web.ActivityPub.MRF.NoOpPolicy"
+  rewrite_policy: [
+    Pleroma.Web.ActivityPub.MRF.NoOpPolicy,
+    Pleroma.Web.ActivityPub.MRF.AntiLinkSpamPolicy,
+    Pleroma.Web.ActivityPub.MRF.TagPolicy
+  ]
 
 config :pleroma, :mrf_simple,
   media_nsfw: ["stereophonic.space"]