Verified Commit 238d8492 authored by Eliot Berriot's avatar Eliot Berriot
Browse files

Can now disable SSL cerification for external requests

parent 6c0a43a0
...@@ -273,3 +273,11 @@ we will default to node1 as the name of your instance. ...@@ -273,3 +273,11 @@ we will default to node1 as the name of your instance.
Assuming your project name is ``node1``, your server will be reachable Assuming your project name is ``node1``, your server will be reachable
at ``https://node1.funkwhale.test/``. Not that you'll have to trust at ``https://node1.funkwhale.test/``. Not that you'll have to trust
the SSL Certificate as it's self signed. the SSL Certificate as it's self signed.
When working on federation with traefik, ensure you have this in your ``env``::
# This will ensure we don't bind any port on the host, and thus enable
# multiple instances of funkwhale to be spawned concurrently.
WEBPACK_DEVSERVER_PORT_BINDING=
# This disable certificate verification
EXTERNAL_REQUESTS_VERIFY_SSL=false
...@@ -3,6 +3,8 @@ import json ...@@ -3,6 +3,8 @@ import json
import requests_http_signature import requests_http_signature
import uuid import uuid
from django.conf import settings
from funkwhale_api.common import session from funkwhale_api.common import session
from . import models from . import models
...@@ -74,6 +76,7 @@ def deliver(activity, on_behalf_of, to=[]): ...@@ -74,6 +76,7 @@ def deliver(activity, on_behalf_of, to=[]):
json=activity, json=activity,
url=recipient_actor.inbox_url, url=recipient_actor.inbox_url,
timeout=5, timeout=5,
verify=settings.EXTERNAL_REQUESTS_VERIFY_SSL,
headers={ headers={
'Content-Type': 'application/activity+json' 'Content-Type': 'application/activity+json'
} }
......
...@@ -32,6 +32,7 @@ def get_actor_data(actor_url): ...@@ -32,6 +32,7 @@ def get_actor_data(actor_url):
response = session.get_session().get( response = session.get_session().get(
actor_url, actor_url,
timeout=5, timeout=5,
verify=settings.EXTERNAL_REQUESTS_VERIFY_SSL,
headers={ headers={
'Accept': 'application/activity+json', 'Accept': 'application/activity+json',
} }
......
import requests import requests
from django.conf import settings
from funkwhale_api.common import session from funkwhale_api.common import session
from . import actors from . import actors
...@@ -69,6 +71,7 @@ def get_library_data(library_url): ...@@ -69,6 +71,7 @@ def get_library_data(library_url):
library_url, library_url,
auth=auth, auth=auth,
timeout=5, timeout=5,
verify=settings.EXTERNAL_REQUESTS_VERIFY_SSL,
headers={ headers={
'Content-Type': 'application/activity+json' 'Content-Type': 'application/activity+json'
} }
......
...@@ -47,7 +47,10 @@ def get_resource(resource_string): ...@@ -47,7 +47,10 @@ def get_resource(resource_string):
username, hostname = clean_acct(resource, ensure_local=False) username, hostname = clean_acct(resource, ensure_local=False)
url = 'https://{}/.well-known/webfinger?resource={}'.format( url = 'https://{}/.well-known/webfinger?resource={}'.format(
hostname, resource_string) hostname, resource_string)
response = session.get_session().get(url, timeout=5) response = session.get_session().get(
url,
verify=settings.EXTERNAL_REQUESTS_VERIFY_SSL,
timeout=5)
response.raise_for_status() response.raise_for_status()
serializer = serializers.ActorWebfingerSerializer(data=response.json()) serializer = serializers.ActorWebfingerSerializer(data=response.json())
serializer.is_valid(raise_exception=True) serializer.is_valid(raise_exception=True)
......
...@@ -219,6 +219,7 @@ class TrackFileViewSet(viewsets.ReadOnlyModelViewSet): ...@@ -219,6 +219,7 @@ class TrackFileViewSet(viewsets.ReadOnlyModelViewSet):
auth=auth, auth=auth,
stream=True, stream=True,
timeout=20, timeout=20,
verify=settings.EXTERNAL_REQUESTS_VERIFY_SSL,
headers={ headers={
'Content-Type': 'application/activity+json' 'Content-Type': 'application/activity+json'
}) })
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment