forked from mstdn/mastodon
cabdbb7f9c
* If an Update is signed with known key, skip re-following procedure Because it means the remote actor did *not* lose their database * Add CLI method for rotating keys bin/tootctl accounts rotate [USERNAME] Generates a new RSA key per account and sends out an Update activity signed with the old key. * Key rotation: Space out Update fan-outs every 5 minutes per 1000 accounts * Skip suspended accounts in key rotation
41 lines
1022 B
Ruby
41 lines
1022 B
Ruby
# frozen_string_literal: true
|
|
|
|
class ActivityPub::UpdateDistributionWorker
|
|
include Sidekiq::Worker
|
|
|
|
sidekiq_options queue: 'push'
|
|
|
|
def perform(account_id, options = {})
|
|
@options = options.with_indifferent_access
|
|
@account = Account.find(account_id)
|
|
|
|
ActivityPub::DeliveryWorker.push_bulk(inboxes) do |inbox_url|
|
|
[signed_payload, @account.id, inbox_url]
|
|
end
|
|
|
|
ActivityPub::DeliveryWorker.push_bulk(Relay.enabled.pluck(:inbox_url)) do |inbox_url|
|
|
[signed_payload, @account.id, inbox_url]
|
|
end
|
|
rescue ActiveRecord::RecordNotFound
|
|
true
|
|
end
|
|
|
|
private
|
|
|
|
def inboxes
|
|
@inboxes ||= @account.followers.inboxes
|
|
end
|
|
|
|
def signed_payload
|
|
@signed_payload ||= Oj.dump(ActivityPub::LinkedDataSignature.new(payload).sign!(@account, sign_with: @options[:sign_with]))
|
|
end
|
|
|
|
def payload
|
|
@payload ||= ActiveModelSerializers::SerializableResource.new(
|
|
@account,
|
|
serializer: ActivityPub::UpdateSerializer,
|
|
adapter: ActivityPub::Adapter
|
|
).as_json
|
|
end
|
|
end
|