176 lines
6.2 KiB
Markdown
176 lines
6.2 KiB
Markdown
# Brew Server Blocklist
|
|
|
|
Friendica publishes the server wide blocklists for other servers in the
|
|
Fediverse. This script will collect the blocklists of servers of your
|
|
choice and create a merged blocklist from them that you can then import
|
|
into your own Friendica server.
|
|
|
|
To make certain that you don't block just any instance in the Fediverse
|
|
because $somebody has it on their blocklist you assign _trust levels_ to
|
|
the correctness of the blocklists of the other servers. Only when a server
|
|
is blocked with a total trust level that is above a confidence level, it
|
|
will be added to resulting blocklist automatically. Otherwise you will be
|
|
ask if you want to add a node to the blocklist or not.
|
|
|
|
And just to state the obvious: You should never blindly trust the blocklists
|
|
of your peers but do your own investications about in block when in doubt.
|
|
|
|
## Config file
|
|
|
|
To use the script you have to create a config file. The structure of the
|
|
file is the following
|
|
|
|
```
|
|
[soc1.example.com]
|
|
trust = 40
|
|
|
|
[soc2.example.com]
|
|
trust = 50
|
|
|
|
[soc3.example.com]
|
|
trust = 50
|
|
|
|
[soc4.example.com]
|
|
trust = 90
|
|
```
|
|
|
|
it assigns _trust_ values to nodes in the network. The node domain names
|
|
are given in the `[]`. These are the nodes that the script will collect
|
|
the server blocklists from.
|
|
|
|
Trust levels can be negative. Once their summed value does reach a value of
|
|
100 the blocklist entry is trusted automatically without user interaction.
|
|
|
|
## Installation
|
|
|
|
You can install the script with [pipx](https://github.com/pypa/pipx) by running
|
|
|
|
```
|
|
pipx install git+https://git.friendi.ca/tobias/brewserverblocklist.git
|
|
```
|
|
|
|
Assuming pipx was installed correctly the script `brewserverblocklist` is now
|
|
available on your system (or for your user) to be executed.
|
|
|
|
## Usage
|
|
|
|
### Creating a config file
|
|
|
|
Before you can use the script, you have to define a configuration file.
|
|
For details of the format of the file, see the section above. You might
|
|
want to enter your own Friendica node and assigning it a trust value of 100.
|
|
|
|
Trust values can have negative values. If you know an admin that has the
|
|
opposite preference on their blocklist, you can add their node and assign
|
|
a trust value of -100 to it.
|
|
|
|
An example config file (lets call it `test.config`) might look like:
|
|
|
|
```
|
|
[myfriendicanode.com]
|
|
trust = 100
|
|
|
|
[coolnode.net]
|
|
trust = 60
|
|
|
|
[nicenode.net]
|
|
trust = 40
|
|
|
|
[othernicenode.com]
|
|
trust = 30
|
|
|
|
[bullshitnode.com]
|
|
trust = -50
|
|
```
|
|
|
|
You can also add a list of protected nodes to the config file. To do so add a
|
|
section `[safe harbor]` to the config file. This section has only one entry
|
|
called `domains` and the value of this entry is a comma separated list of domains
|
|
that should never get on your blocklist.
|
|
|
|
For example
|
|
|
|
```
|
|
[safe harbor]
|
|
domains = friendica.example.com
|
|
```
|
|
|
|
You can also add Mastodon instances you trust. In addition to the configuration
|
|
needed for Friendica nodes you have to add the `type = mastodon` entry to the
|
|
config section. *Please note* that the used API endpoint is not available on
|
|
all Mastodon instances.
|
|
|
|
Please note only suspended entries from the Mastodon blocklist will be added to
|
|
the blocklist. Silenced entries will be ignored.
|
|
|
|
### Running the script
|
|
|
|
You have to supply the file name of the configuration file on the command
|
|
line when you run the script. This is done using the `-c` parameter.
|
|
|
|
The script will then collect all the blocklists from the Friendica nodes in
|
|
the configuration file and merge the lists. While merging, each entry in the
|
|
combined blocklist is assigned a trust value that is equal to the trust values
|
|
of the node that have the entry in their blocklist.
|
|
|
|
Say `coolnode.net` and `othernicenode.com` both have `example.com` on their
|
|
blocklists. Their combined trust level to block the node would be `60 + 30 = 90`.
|
|
This combined value is compared to the *confidence level* that by default is 100.
|
|
In this example `example.com` has a lower combined trust level then the confidence
|
|
level - so the script will ask you about your opinion - do you want to include the
|
|
entry in your new blocklist or not.
|
|
|
|
Another node is on the blocklists of `coolnode.net` and `nicenode.net` thus has
|
|
a combined trust level of 100 which is equal to the confidence level. So the
|
|
script will automatically assume that this node should be included on the new
|
|
blocklist.
|
|
|
|
If you and the admin of `bullshitnode.com` both add a node on the blocklist the
|
|
combined trust level for automatically blocking it would be `50`.
|
|
|
|
### Other parameters
|
|
|
|
* `-o filename` will cause the script to write the list into the passed file
|
|
* `-C N` will set the confidence level to the value N
|
|
* `-y` and `-n` activate the auto-mode of the script, either accepting or discarding all entries to the blocklist with a trust level smaller then the confidence level
|
|
|
|
## Author
|
|
|
|
* Tobias Diekershoff <tobias(dot)diekershoff(att)gmx(dot)net>
|
|
|
|
## LICENSE
|
|
|
|
berewserverblocklist Copyright (C) 2023 Tobias Diekershoff
|
|
|
|
This program is free software: you can redistribute it and/or modify
|
|
it under the terms of the GNU General Public License as published by
|
|
the Free Software Foundation, either version 3 of the License, or (at
|
|
your option) any later version.
|
|
|
|
This program is distributed in the hope that it will be useful, but
|
|
WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
|
or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
|
for more details.
|
|
|
|
You should have received a copy of the GNU General Public License along
|
|
with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
### REUSE compliance
|
|
|
|
[![REUSE status](https://api.reuse.software/badge/git.friendi.ca/tobias/brewserverblocklist)](https://api.reuse.software/info/git.friendi.ca/tobias/brewserverblocklist)
|
|
|
|
This project uses [REUSE](https://reuse.software/) to ensure that all components
|
|
are release under a FLOSS compatible license. If you contribute to the project,
|
|
please ensure that your contribution is REUSE compliant.
|
|
|
|
This can be done by adding the following to your `.git/hooks/pre-commit` hook.
|
|
|
|
``` shell
|
|
#!/usr/bin/env bash
|
|
reuse lint
|
|
```
|
|
|
|
## Credits
|
|
|
|
`brewserverblocklist` was created with [`cookiecutter`](https://cookiecutter.readthedocs.io/en/latest/) and the `py-pkgs-cookiecutter` [template](https://github.com/py-pkgs/py-pkgs-cookiecutter).
|