Version bump and changelog for 0.20
This commit is contained in:
Eliot Berriot
parent
f29daefa76
commit
34ffab2707
325
CHANGELOG
325
CHANGELOG
|
|
@ -10,6 +10,331 @@ This changelog is viewable on the web at https://docs.funkwhale.audio/changelog.
|
|||
|
||||
.. towncrier
|
||||
|
||||
0.20 (2019-10-04)
|
||||
-----------------
|
||||
|
||||
Upgrade instructions are available at
|
||||
https://docs.funkwhale.audio/index.html
|
||||
|
||||
|
||||
Support for genres via tags
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
One of our most requested missing features is now available!
|
||||
|
||||
Starting with Funkwhale 0.20,
|
||||
Funkwhale will automatically extract genre information from uploaded files and associate it
|
||||
with the corresponding tracks in the form of tags (similar to Mastodon or Twitter hashtags).
|
||||
Please refer to `our tagging documentation <https://docs.funkwhale.audio/users/upload.html#tagging-files>`_
|
||||
for more information regarding the tagging process.
|
||||
|
||||
Tags can also be associated with artists and albums, and updated after upload through the UI using
|
||||
the edit system released in Funkwhale 0.19. Tags are also fetched when retrieving content
|
||||
via federation.
|
||||
|
||||
Tags are used in various places to enhance user experience:
|
||||
|
||||
- Tags are listed on tracks, albums and artist profiles
|
||||
- Each tag has a dedicated page were you can browse corresponding content and quickly start a radio
|
||||
- The custom radio builder now supports using tags
|
||||
- Subsonic apps that support genres - such as DSub or Ultrasonic - should display this information as well
|
||||
|
||||
If you are a pod admin and want to extract tags from already uploaded content, you run `this snippet <https://dev.funkwhale.audio/funkwhale/funkwhale/snippets/43>`_
|
||||
and `this snippet <https://dev.funkwhale.audio/funkwhale/funkwhale/snippets/44>`_ in a ``python manage.py shell``.
|
||||
|
||||
Content and account reports
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
It is now possible to report content, such as artists, tracks or libraries, as well as user accounts. Such reports are forwarded to the pod moderators,
|
||||
who can review it and delete reported content, block accounts or take any other action they deem necessary.
|
||||
|
||||
By default, both anonymous and authenticated users can submit these reports. This makes sure moderators can receive and handle
|
||||
takedown requests and other reports for illegal content that may be sent by third-parties without an account on the pod. However,
|
||||
you can disable anonymous reports completely via your pod settings.
|
||||
|
||||
Federation of the reports will be supported in a future release.
|
||||
|
||||
For more information about this feature, please check out our documentation:
|
||||
|
||||
- `User documentation <https://docs.funkwhale.audio/moderator/reports.html>`_
|
||||
- `Moderator documentation <https://docs.funkwhale.audio/users/reports.html>`_
|
||||
|
||||
Account deletion
|
||||
^^^^^^^^^^^^^^^^
|
||||
|
||||
Users can now delete their account themselves, without involving an administrator.
|
||||
|
||||
The deletion process will remove any local data and objects associated with the account,
|
||||
but the username won't be able to new users to avoid impersonation. Deletion is also broadcasted
|
||||
to other known servers on the federation.
|
||||
|
||||
For more information about this feature, please check out our documentation:
|
||||
|
||||
- `User documentation <https://docs.funkwhale.audio/users/account.html>`_
|
||||
|
||||
Landing and about page redesign [Manual action suggested]
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
In this release, we've completely redesigned the landing and about page, by making it more useful and adapted to your pod
|
||||
configuration. Among other things, the landing page will now include:
|
||||
|
||||
- your pod and an excerpt from your pod's description
|
||||
- your pod banner image, if any
|
||||
- your contact email, if any
|
||||
- the login form
|
||||
- the signup form (if registrations are open on your pod)
|
||||
- some basic statistics about your pod
|
||||
- a widget including recently uploaded albums, if anonymous access is enabled
|
||||
|
||||
The landing page will still include some information about Funkwhale, but in a less intrusive and proeminent way than before.
|
||||
|
||||
Additionally, the about page now includes:
|
||||
|
||||
- your pod name, description, rules and terms
|
||||
- your pod banner image, if any
|
||||
- your contact email, if any
|
||||
- comprehensive statistics about your pod
|
||||
- some info about your pod configuration, such as registration and federation status or the default upload quota for new users
|
||||
|
||||
With this redesign, we've added a handful of additional pod settings:
|
||||
|
||||
- Pod banner image
|
||||
- Contact email
|
||||
- Rules
|
||||
- Terms of service
|
||||
|
||||
We recommend taking a few moments to fill these accordingly to your needs, by visiting ``/manage/settings``.
|
||||
|
||||
Allow-list to restrict federation to trusted domains
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
The Allow-Listing feature grants pod moderators
|
||||
and administrators greater control over federation
|
||||
by allowing you to create a pod-wide allow-list.
|
||||
|
||||
When allow-listing is enabled, your pod's users will only
|
||||
be able to interact with pods included in the allow-list.
|
||||
Any messages, activity, uploads, or modifications to
|
||||
libraries and playlists will only be shared with pods
|
||||
on the allow-list. Pods which are not included in the
|
||||
allow-list will not have access to your pod's content
|
||||
or messages and will not be able to send anything to
|
||||
your pod.
|
||||
|
||||
If you want to enable this feature on your pod, or learn more, please refer to `our documentation <https://docs.funkwhale.audio/moderator/listing.html>`_!
|
||||
|
||||
Periodic message to incite people to support their pod and Funkwhale
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
Users will now be reminded on a regular basis that they can help Funkwhale by donating or contributing.
|
||||
|
||||
If specified by the pod admin, a separate and custom message will also be displayed in a similar way to provide instructions and links to support the pod.
|
||||
|
||||
Both messages will appear for the first time 15 days after signup, in the notifications tab. For each message, users can schedule a reminder for a later time, or disable the messages entirely.
|
||||
|
||||
|
||||
Replaced Daphne by Gunicorn/Uvicorn [manual action required, non-docker only]
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
To improve the performance, stability and reliability of Funkwhale's web processes,
|
||||
we now recommend using Gunicorn and Uvicorn instead of Daphne. This combination unlock new use cases such as:
|
||||
|
||||
- zero-downtime upgrades
|
||||
- configurable number of web worker processes
|
||||
|
||||
Based on our benchmarks, Gunicorn/Unicorn is also faster and more stable under higher workloads compared to Daphne.
|
||||
|
||||
To benefit from this enhancement on existing instances, you need to add ``FUNKWHALE_WEB_WORKERS=1`` in your ``.env`` file
|
||||
(use a higher number if you want to have more web worker processes).
|
||||
|
||||
Then, edit your ``/etc/systemd/system/funkwhale-server.service`` and replace the ``ExecStart=`` line with
|
||||
``ExecStart=/srv/funkwhale/virtualenv/bin/gunicorn config.asgi:application -w ${FUNKWHALE_WEB_WORKERS} -k uvicorn.workers.UvicornWorker -b ${FUNKWHALE_API_IP}:${FUNKWHALE_API_PORT}``
|
||||
|
||||
Then reload the configuration change with ``sudo systemctl daemon-reload`` and ``sudo systemctl restart funkwhale-server``.
|
||||
|
||||
|
||||
Content-Security-Policy and additional security headers [manual action suggested]
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
To improve the security and reduce the attack surface in case of a successfull exploit, we suggest
|
||||
you add the following Content-Security-Policy to your nginx configuration.
|
||||
|
||||
..note::
|
||||
|
||||
If you are using an S3-compatible store to serve music, you will need to specify the URL of your S3 store in the ``media-src`` and ``img-src`` headers
|
||||
|
||||
.. code-block::
|
||||
|
||||
add_header Content-Security-Policy "...img-src 'self' https://<your-s3-URL> data:;...media-src https://<your-s3-URL> 'self' data:";
|
||||
|
||||
**On non-docker setups**, in ``/etc/nginx/sites-available/funkwhale.conf``::
|
||||
|
||||
server {
|
||||
|
||||
add_header Content-Security-Policy "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:; object-src 'none'; media-src 'self' data:";
|
||||
add_header Referrer-Policy "strict-origin-when-cross-origin";
|
||||
|
||||
location /front/ {
|
||||
add_header Content-Security-Policy "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:; object-src 'none'; media-src 'self' data:";
|
||||
add_header Referrer-Policy "strict-origin-when-cross-origin";
|
||||
add_header X-Frame-Options "SAMEORIGIN";
|
||||
# … existing content here
|
||||
}
|
||||
|
||||
# Also create a new location for the embeds to ensure external iframes work
|
||||
# Simply copy-paste the /front/ location, but replace the following lines:
|
||||
location /front/embed.html {
|
||||
add_header X-Frame-Options "ALLOW";
|
||||
alias ${FUNKWHALE_FRONTEND_PATH}/embed.html;
|
||||
}
|
||||
}
|
||||
|
||||
Then reload nginx with ``systemctl reload nginx``.
|
||||
|
||||
**On docker setups**, in ``/srv/funkwhalenginx/funkwhale.template``::
|
||||
|
||||
server {
|
||||
|
||||
add_header Content-Security-Policy "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:; object-src 'none'; media-src 'self' data:";
|
||||
add_header Referrer-Policy "strict-origin-when-cross-origin";
|
||||
|
||||
location /front/ {
|
||||
add_header Content-Security-Policy "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:; object-src 'none'; media-src 'self' data:";
|
||||
add_header Referrer-Policy "strict-origin-when-cross-origin";
|
||||
add_header X-Frame-Options "SAMEORIGIN";
|
||||
# … existing content here
|
||||
}
|
||||
|
||||
# Also create a new location for the embeds to ensure external iframes work
|
||||
# Simply copy-paste the /front/ location, but replace the following lines:
|
||||
location /front/embed.html {
|
||||
add_header X-Frame-Options "ALLOW";
|
||||
alias /frontent/embed.html;
|
||||
}
|
||||
}
|
||||
|
||||
Then reload nginx with ``docker-compose restart nginx``.
|
||||
|
||||
Rate limiting
|
||||
^^^^^^^^^^^^^
|
||||
|
||||
With this release, rate-limiting on the API is enabled by default, with high enough limits to ensure
|
||||
regular users of the app aren't affected. Requests beyond allowed limits are answered with a 429 HTTP error.
|
||||
|
||||
For anonymous requests, the limit is applied to the IP adress of the client, and for authenticated requests, the limit
|
||||
is applied to the corresponding user account. By default, anonymous requests get a lower limit than authenticated requests.
|
||||
|
||||
You can disable the rate-limiting feature by adding `THROTTLING_ENABLED=false` to your ``.env`` file and restarting the
|
||||
services. If you are using the Funkwhale API in your project or app and want to know more about the limits, please consult https://docs.funkwhale.audio/swagger/.
|
||||
|
||||
Broken audio streaming when using S3/Minio and DSub [manual action required]
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
Some Subsonic clients, such as DSub, are sending an Authorization headers which was forwarded
|
||||
to the S3 storage when streaming, causing some issues. If you are using S3 or a compatible storage
|
||||
such as Minio, please add the following in your nginx ``~ /_protected/media/(.+)`` location::
|
||||
|
||||
# Needed to ensure DSub auth isn't forwarded to S3/Minio, see #932
|
||||
proxy_set_header Authorization "";
|
||||
|
||||
And reload your nginx process.
|
||||
|
||||
Detail
|
||||
^^^^^^
|
||||
|
||||
Features:
|
||||
|
||||
- Added periodical message to incite people to support their pod and Funkwhale (#839)
|
||||
- Admins can now add custom CSS from their pod settings (#879)
|
||||
- Allow-list to restrict federation to trusted domains (#853)
|
||||
- Content and account reports (#890)
|
||||
- Dark theme (#756)
|
||||
- Enforce a configurable rate limit on the API to mitigate abuse (#261)
|
||||
- Redesign of the landing and about pages (#872)
|
||||
- Support for genres, via tags (#432)
|
||||
- Users can now delete their account without admin intervention (#852)
|
||||
|
||||
|
||||
Enhancements:
|
||||
|
||||
- Added a info message on embed wizard when anonymous access to content is disabled (#878)
|
||||
- Added Catalan translation files
|
||||
- Added Czech translation (#844)
|
||||
- Added field to manage user upload quota in Django backend (#903)
|
||||
- Added the option to replace the queue's current contents with a selected album or track (#761)
|
||||
- Artists with no albums will now show track count on artist card (#895)
|
||||
- Ensure API urls answer with and without a trailing slash (#877)
|
||||
- Hardcoded list of supported browsers to avoid unexpected regressions (#854)
|
||||
- Hardened security thanks to CSP and additional HTTP headers (#880)
|
||||
- Improve display of search results by including artist and album data
|
||||
- Increase the security of JWT token generation by using DJANGO_SECRET_KEY as well as user-specific salt for the signature
|
||||
- Mods can now change a library visibility through the admin UI (#548)
|
||||
- New keyboard shortcuts added for enhanced control over audio player (#866)
|
||||
- Now refetch remote ActivityPub artists, albums and tracks to avoid local stale data
|
||||
- Numbers on the stats page will now be formatted in a human readable way and will update with the locale (#873)
|
||||
- Pickup folder.png and folder.jpg files for cover art when importing from CLI (#898)
|
||||
- Prevent usage of too weak passwords (#883)
|
||||
- Reduced CSS size by 30% using purgecss
|
||||
- Replaced Daphne by Gunicorn/Uvicorn to improve stability, flexibility and performance (#862)
|
||||
- Simplified embedded docker reverse proxy IP configuration (#834)
|
||||
- Support embeds on public playlists
|
||||
- Support for M4A/AAC files (#661)
|
||||
- Switched from Semantic-UI to Fomentic-UI
|
||||
- Add dropdown menu to track table (#531)
|
||||
- Display placeholder on homepage when there are no playlists (#892)
|
||||
- Make album cards height independent (#710)
|
||||
|
||||
|
||||
Bugfixes:
|
||||
|
||||
- Added context strings to en_GB translations so that picking the language changes the interface as expected
|
||||
- Ensure selected locale is not reset to browser default when refreshing app
|
||||
- Fix missing license information on track details page (#913)
|
||||
- Fix regression to quota bar color (#897)
|
||||
- Fixed a responsive display issues on 1024px wide screens (#904)
|
||||
- Fixed album art not being retrieved from Ogg/Opus files
|
||||
- Fixed broken embedded player layout after dependency update (#875)
|
||||
- Fixed broken external HTTPS request under some scenarios, because of missing PyOpenSSL
|
||||
- Fixed broken less listened radio (#912)
|
||||
- Fixed broken URL to artist and album on album and track pages (#871)
|
||||
- Fixed empty contentType causing client crash in some Subsonic payloads (#893)
|
||||
- Fixed import crashing with empty cover file or too long values on some fields
|
||||
- Fixed in-place imported files not playing under nginx when filename contains ? or % (#924)
|
||||
- Fixed remaining transcoding issue with Subsonic API (#867)
|
||||
- Fixed search usability issue when browsing artists, albums, radios and playlists (#902)
|
||||
- Improved performance of /artists, /albums and /tracks API endpoints by a factor 2 (#865)
|
||||
- Updated docs to ensure streaming works when using Minio/S3 and DSub (#932)
|
||||
|
||||
Contributors to this release (translation, development, documentation, reviews, design):
|
||||
|
||||
- Amaranthe
|
||||
- ButterflyOfFire
|
||||
- Ciarán Ainsworth
|
||||
- Eliot Berriot
|
||||
- Esteban
|
||||
- Francesc Galí
|
||||
- Freyja Wildes
|
||||
- hellekin
|
||||
- IISergII
|
||||
- jiri-novacek
|
||||
- Johannes H.
|
||||
- Keunes
|
||||
- Koen
|
||||
- Manuel Cortez
|
||||
- Mehdi
|
||||
- Mélanie Chauvel
|
||||
- nouts
|
||||
- Quentí
|
||||
- Reg
|
||||
- Rodrigo Leite
|
||||
- Romain Failliot
|
||||
- SpcCw
|
||||
- Sylke Vicious
|
||||
- Tobias Reisinger
|
||||
- Xaloc
|
||||
- Xosé M
|
||||
|
||||
|
||||
0.19.1 (2019-06-28)
|
||||
-------------------
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
# -*- coding: utf-8 -*-
|
||||
__version__ = "0.20.0-rc1"
|
||||
__version__ = "0.20.0"
|
||||
__version_info__ = tuple(
|
||||
[
|
||||
int(num) if num.isdigit() else num
|
||||
|
|
|
|||
|
|
@ -1 +0,0 @@
|
|||
Enforce a configurable rate limit on the API to mitigate abuse (#261)
|
||||
|
|
@ -1 +0,0 @@
|
|||
Support for genres, via tags (#432)
|
||||
|
|
@ -1 +0,0 @@
|
|||
Mods can now change a library visibility through the admin UI (#548)
|
||||
|
|
@ -1 +0,0 @@
|
|||
Support for M4A/AAC files (#661)
|
||||
|
|
@ -1 +0,0 @@
|
|||
Add dropdown menu to track table (#531)
|
||||
|
|
@ -1 +0,0 @@
|
|||
Make album cards height independent (#710)
|
||||
|
|
@ -1 +0,0 @@
|
|||
Dark theme (#756)
|
||||
|
|
@ -1 +0,0 @@
|
|||
Added the option to replace the queue's current contents with a selected album or track (#761)
|
||||
|
|
@ -1 +0,0 @@
|
|||
Simplified embedded docker reverse proxy IP configuration (#834)
|
||||
|
|
@ -1 +0,0 @@
|
|||
Added periodical message to incite people to support their pod and Funkwhale (#839)
|
||||
|
|
@ -1 +0,0 @@
|
|||
Added Czech translation (#844)
|
||||
|
|
@ -1 +0,0 @@
|
|||
Added Catalan translation files
|
||||
|
|
@ -1 +0,0 @@
|
|||
Added context strings to en_GB translations so that picking the language changes the interface as expected
|
||||
|
|
@ -1 +0,0 @@
|
|||
Users can now delete their account without admin intervention (#852)
|
||||
|
|
@ -1 +0,0 @@
|
|||
Allow-list to restrict federation to trusted domains (#853)
|
||||
|
|
@ -1 +0,0 @@
|
|||
Hardcoded list of supported browsers to avoid unexpected regressions (#854)
|
||||
|
|
@ -1 +0,0 @@
|
|||
Replaced Daphne by Gunicorn/Uvicorn to improve stability, flexibility and performance (#862)
|
||||
|
|
@ -1 +0,0 @@
|
|||
Improved performance of /artists, /albums and /tracks API endpoints by a factor 2 (#865)
|
||||
|
|
@ -1 +0,0 @@
|
|||
New keyboard shortcuts added for enhanced control over audio player (#866)
|
||||
|
|
@ -1 +0,0 @@
|
|||
Fixed remaining transcoding issue with Subsonic API (#867)
|
||||
|
|
@ -1 +0,0 @@
|
|||
Fixed broken URL to artist and album on album and track pages (#871)
|
||||
|
|
@ -1 +0,0 @@
|
|||
Redesign of the landing and about pages (#872)
|
||||
|
|
@ -1 +0,0 @@
|
|||
Numbers on the stats page will now be formatted in a human readable way and will update with the locale (#873)
|
||||
|
|
@ -1 +0,0 @@
|
|||
Fixed broken embedded player layout after dependency update (#875)
|
||||
|
|
@ -1 +0,0 @@
|
|||
Ensure API urls answer with and without a trailing slash (#877)
|
||||
|
|
@ -1 +0,0 @@
|
|||
Added a info message on embed wizard when anonymous access to content is disabled (#878)
|
||||
|
|
@ -1 +0,0 @@
|
|||
Admins can now add custom CSS from their pod settings (#879)
|
||||
|
|
@ -1 +0,0 @@
|
|||
Hardened security thanks to CSP and additional HTTP headers (#880)
|
||||
|
|
@ -1 +0,0 @@
|
|||
Prevent usage of too weak passwords (#883)
|
||||
|
|
@ -1 +0,0 @@
|
|||
Content and account reports (#890)
|
||||
|
|
@ -1 +0,0 @@
|
|||
Display placeholder on homepage when there are no playlists (#892)
|
||||
|
|
@ -1 +0,0 @@
|
|||
Fixed empty contentType causing client crash in some Subsonic payloads (#893)
|
||||
|
|
@ -1 +0,0 @@
|
|||
Artists with no albums will now show track count on artist card (#895)
|
||||
|
|
@ -1 +0,0 @@
|
|||
Fix regression to quota bar color (#897)
|
||||
|
|
@ -1 +0,0 @@
|
|||
Pickup folder.png and folder.jpg files for cover art when importing from CLI (#898)
|
||||
|
|
@ -1 +0,0 @@
|
|||
Fixed search usability issue when browsing artists, albums, radios and playlists (#902)
|
||||
|
|
@ -1 +0,0 @@
|
|||
Added field to manage user upload quota in Django backend (#903)
|
||||
|
|
@ -1 +0,0 @@
|
|||
Fixed a responsive display issues on 1024px wide screens (#904)
|
||||
|
|
@ -1 +0,0 @@
|
|||
Fixed broken less listened radio (#912)
|
||||
|
|
@ -1 +0,0 @@
|
|||
Fix missing license information on track details page (#913)
|
||||
|
|
@ -1 +0,0 @@
|
|||
Fixed in-place imported files not playing under nginx when filename contains ? or % (#924)
|
||||
|
|
@ -1 +0,0 @@
|
|||
Updated docs to ensure streaming works when using Minio/S3 and DSub (#932)
|
||||
|
|
@ -1 +0,0 @@
|
|||
Switched from Semantic-UI to Fomentic-UI
|
||||
|
|
@ -1 +0,0 @@
|
|||
Fixed import crashing with empty cover file or too long values on some fields
|
||||
|
|
@ -1 +0,0 @@
|
|||
Increase the security of JWT token generation by using DJANGO_SECRET_KEY as well as user-specific salt for the signature
|
||||
|
|
@ -1 +0,0 @@
|
|||
Ensure selected locale is not reset to browser default when refreshing app
|
||||
|
|
@ -1 +0,0 @@
|
|||
Fixed album art not being retrieved from Ogg/Opus files
|
||||
|
|
@ -1 +0,0 @@
|
|||
Support embeds on public playlists
|
||||
|
|
@ -1 +0,0 @@
|
|||
Reduced CSS size by 30% using purgecss
|
||||
|
|
@ -1 +0,0 @@
|
|||
Now refetch remote ActivityPub artists, albums and tracks to avoid local stale data
|
||||
|
|
@ -1 +0,0 @@
|
|||
Improve display of search results by including artist and album data
|
||||
|
|
@ -1 +0,0 @@
|
|||
Fixed broken external HTTPS request under some scenarios, because of missing PyOpenSSL
|
||||
|
|
@ -5,226 +5,3 @@ Next release notes
|
|||
|
||||
Those release notes refer to the current development branch and are reset
|
||||
after each release.
|
||||
|
||||
|
||||
Support for genres via tags
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
One of our most requested missing features is now available!
|
||||
|
||||
Starting with Funkwhale 0.20,
|
||||
Funkwhale will automatically extract genre information from uploaded files and associate it
|
||||
with the corresponding tracks in the form of tags (similar to Mastodon or Twitter hashtags).
|
||||
Please refer to `our tagging documentation <https://docs.funkwhale.audio/users/upload.html#tagging-files>`_
|
||||
for more information regarding the tagging process.
|
||||
|
||||
Tags can also be associated with artists and albums, and updated after upload through the UI using
|
||||
the edit system released in Funkwhale 0.19. Tags are also fetched when retrieving content
|
||||
via federation.
|
||||
|
||||
Tags are used in various places to enhance user experience:
|
||||
|
||||
- Tags are listed on tracks, albums and artist profiles
|
||||
- Each tag has a dedicated page were you can browse corresponding content and quickly start a radio
|
||||
- The custom radio builder now supports using tags
|
||||
- Subsonic apps that support genres - such as DSub or Ultrasonic - should display this information as well
|
||||
|
||||
If you are a pod admin and want to extract tags from already uploaded content, you run `this snippet <https://dev.funkwhale.audio/funkwhale/funkwhale/snippets/43>`_
|
||||
and `this snippet <https://dev.funkwhale.audio/funkwhale/funkwhale/snippets/44>`_ in a ``python manage.py shell``.
|
||||
|
||||
Content and account reports
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
It is now possible to report content, such as artists, tracks or libraries, as well as user accounts. Such reports are forwarded to the pod moderators,
|
||||
who can review it and delete reported content, block accounts or take any other action they deem necessary.
|
||||
|
||||
By default, both anonymous and authenticated users can submit these reports. This makes sure moderators can receive and handle
|
||||
takedown requests and other reports for illegal content that may be sent by third-parties without an account on the pod. However,
|
||||
you can disable anonymous reports completely via your pod settings.
|
||||
|
||||
Federation of the reports will be supported in a future release.
|
||||
|
||||
For more information about this feature, please check out our documentation:
|
||||
|
||||
- `User documentation <https://docs.funkwhale.audio/moderator/reports.html>`_
|
||||
- `Moderator documentation <https://docs.funkwhale.audio/users/reports.html>`_
|
||||
|
||||
Account deletion
|
||||
^^^^^^^^^^^^^^^^
|
||||
|
||||
Users can now delete their account themselves, without involving an administrator.
|
||||
|
||||
The deletion process will remove any local data and objects associated with the account,
|
||||
but the username won't be able to new users to avoid impersonation. Deletion is also broadcasted
|
||||
to other known servers on the federation.
|
||||
|
||||
For more information about this feature, please check out our documentation:
|
||||
|
||||
- `User documentation <https://docs.funkwhale.audio/users/account.html>`_
|
||||
|
||||
Landing and about page redesign [Manual action suggested]
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
In this release, we've completely redesigned the landing and about page, by making it more useful and adapted to your pod
|
||||
configuration. Among other things, the landing page will now include:
|
||||
|
||||
- your pod and an excerpt from your pod's description
|
||||
- your pod banner image, if any
|
||||
- your contact email, if any
|
||||
- the login form
|
||||
- the signup form (if registrations are open on your pod)
|
||||
- some basic statistics about your pod
|
||||
- a widget including recently uploaded albums, if anonymous access is enabled
|
||||
|
||||
The landing page will still include some information about Funkwhale, but in a less intrusive and proeminent way than before.
|
||||
|
||||
Additionally, the about page now includes:
|
||||
|
||||
- your pod name, description, rules and terms
|
||||
- your pod banner image, if any
|
||||
- your contact email, if any
|
||||
- comprehensive statistics about your pod
|
||||
- some info about your pod configuration, such as registration and federation status or the default upload quota for new users
|
||||
|
||||
With this redesign, we've added a handful of additional pod settings:
|
||||
|
||||
- Pod banner image
|
||||
- Contact email
|
||||
- Rules
|
||||
- Terms of service
|
||||
|
||||
We recommend taking a few moments to fill these accordingly to your needs, by visiting ``/manage/settings``.
|
||||
|
||||
Allow-list to restrict federation to trusted domains
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
The Allow-Listing feature grants pod moderators
|
||||
and administrators greater control over federation
|
||||
by allowing you to create a pod-wide allow-list.
|
||||
|
||||
When allow-listing is enabled, your pod's users will only
|
||||
be able to interact with pods included in the allow-list.
|
||||
Any messages, activity, uploads, or modifications to
|
||||
libraries and playlists will only be shared with pods
|
||||
on the allow-list. Pods which are not included in the
|
||||
allow-list will not have access to your pod's content
|
||||
or messages and will not be able to send anything to
|
||||
your pod.
|
||||
|
||||
If you want to enable this feature on your pod, or learn more, please refer to `our documentation <https://docs.funkwhale.audio/moderator/listing.html>`_!
|
||||
|
||||
Periodic message to incite people to support their pod and Funkwhale
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
Users will now be reminded on a regular basis that they can help Funkwhale by donating or contributing.
|
||||
|
||||
If specified by the pod admin, a separate and custom message will also be displayed in a similar way to provide instructions and links to support the pod.
|
||||
|
||||
Both messages will appear for the first time 15 days after signup, in the notifications tab. For each message, users can schedule a reminder for a later time, or disable the messages entirely.
|
||||
|
||||
|
||||
Replaced Daphne by Gunicorn/Uvicorn [manual action required, non-docker only]
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
To improve the performance, stability and reliability of Funkwhale's web processes,
|
||||
we now recommend using Gunicorn and Uvicorn instead of Daphne. This combination unlock new use cases such as:
|
||||
|
||||
- zero-downtime upgrades
|
||||
- configurable number of web worker processes
|
||||
|
||||
Based on our benchmarks, Gunicorn/Unicorn is also faster and more stable under higher workloads compared to Daphne.
|
||||
|
||||
To benefit from this enhancement on existing instances, you need to add ``FUNKWHALE_WEB_WORKERS=1`` in your ``.env`` file
|
||||
(use a higher number if you want to have more web worker processes).
|
||||
|
||||
Then, edit your ``/etc/systemd/system/funkwhale-server.service`` and replace the ``ExecStart=`` line with
|
||||
``ExecStart=/srv/funkwhale/virtualenv/bin/gunicorn config.asgi:application -w ${FUNKWHALE_WEB_WORKERS} -k uvicorn.workers.UvicornWorker -b ${FUNKWHALE_API_IP}:${FUNKWHALE_API_PORT}``
|
||||
|
||||
Then reload the configuration change with ``sudo systemctl daemon-reload`` and ``sudo systemctl restart funkwhale-server``.
|
||||
|
||||
|
||||
Content-Security-Policy and additional security headers [manual action suggested]
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
To improve the security and reduce the attack surface in case of a successfull exploit, we suggest
|
||||
you add the following Content-Security-Policy to your nginx configuration.
|
||||
|
||||
..note::
|
||||
|
||||
If you are using an S3-compatible store to serve music, you will need to specify the URL of your S3 store in the ``media-src`` and ``img-src`` headers
|
||||
|
||||
.. code-block::
|
||||
|
||||
add_header Content-Security-Policy "...img-src 'self' https://<your-s3-URL> data:;...media-src https://<your-s3-URL> 'self' data:";
|
||||
|
||||
**On non-docker setups**, in ``/etc/nginx/sites-available/funkwhale.conf``::
|
||||
|
||||
server {
|
||||
|
||||
add_header Content-Security-Policy "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:; object-src 'none'; media-src 'self' data:";
|
||||
add_header Referrer-Policy "strict-origin-when-cross-origin";
|
||||
|
||||
location /front/ {
|
||||
add_header Content-Security-Policy "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:; object-src 'none'; media-src 'self' data:";
|
||||
add_header Referrer-Policy "strict-origin-when-cross-origin";
|
||||
add_header X-Frame-Options "SAMEORIGIN";
|
||||
# … existing content here
|
||||
}
|
||||
|
||||
# Also create a new location for the embeds to ensure external iframes work
|
||||
# Simply copy-paste the /front/ location, but replace the following lines:
|
||||
location /front/embed.html {
|
||||
add_header X-Frame-Options "ALLOW";
|
||||
alias ${FUNKWHALE_FRONTEND_PATH}/embed.html;
|
||||
}
|
||||
}
|
||||
|
||||
Then reload nginx with ``systemctl reload nginx``.
|
||||
|
||||
**On docker setups**, in ``/srv/funkwhalenginx/funkwhale.template``::
|
||||
|
||||
server {
|
||||
|
||||
add_header Content-Security-Policy "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:; object-src 'none'; media-src 'self' data:";
|
||||
add_header Referrer-Policy "strict-origin-when-cross-origin";
|
||||
|
||||
location /front/ {
|
||||
add_header Content-Security-Policy "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:; object-src 'none'; media-src 'self' data:";
|
||||
add_header Referrer-Policy "strict-origin-when-cross-origin";
|
||||
add_header X-Frame-Options "SAMEORIGIN";
|
||||
# … existing content here
|
||||
}
|
||||
|
||||
# Also create a new location for the embeds to ensure external iframes work
|
||||
# Simply copy-paste the /front/ location, but replace the following lines:
|
||||
location /front/embed.html {
|
||||
add_header X-Frame-Options "ALLOW";
|
||||
alias /frontent/embed.html;
|
||||
}
|
||||
}
|
||||
|
||||
Then reload nginx with ``docker-compose restart nginx``.
|
||||
|
||||
Rate limiting
|
||||
^^^^^^^^^^^^^
|
||||
|
||||
With this release, rate-limiting on the API is enabled by default, with high enough limits to ensure
|
||||
regular users of the app aren't affected. Requests beyond allowed limits are answered with a 429 HTTP error.
|
||||
|
||||
For anonymous requests, the limit is applied to the IP adress of the client, and for authenticated requests, the limit
|
||||
is applied to the corresponding user account. By default, anonymous requests get a lower limit than authenticated requests.
|
||||
|
||||
You can disable the rate-limiting feature by adding `THROTTLING_ENABLED=false` to your ``.env`` file and restarting the
|
||||
services. If you are using the Funkwhale API in your project or app and want to know more about the limits, please consult https://docs.funkwhale.audio/swagger/.
|
||||
|
||||
Broken audio streaming when using S3/Minio and DSub [manual action required]
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
Some Subsonic clients, such as DSub, are sending an Authorization headers which was forwarded
|
||||
to the S3 storage when streaming, causing some issues. If you are using S3 or a compatible storage
|
||||
such as Minio, please add the following in your nginx ``~ /_protected/media/(.+)`` location::
|
||||
|
||||
# Needed to ensure DSub auth isn't forwarded to S3/Minio, see #932
|
||||
proxy_set_header Authorization "";
|
||||
|
||||
And reload your nginx process.
|
||||
|
|
|
|||
Loading…
Reference in New Issue