[docs] Add AppArmor profile for Debian and Ubuntu installations (#1183)

* Enable the 'admonitions' Markdown extension for Mkdocs. The admonitions extension to Python-Markdown allows you to include rST-style "admonitions" to Markdown documents, for instance, !!! note Here's an important note to keep in mind! In general, the current documentation uses bold text to try to achieve the same effect, which is a bit harder to notice and makes it difficult to differentiate between "here's something useful to know" versus "here there be dragons". * Add AppArmor profile and documentation for LSM-related sandboxing This commit adds an AppArmor profile for gotosocial in examples/apparmor/gotosocial. This will (hopefully) serve as a helpful security mitigation for people are planning on deploying GTS on a Debian-family Linux distribution. I've also updates the documentation to include some information about deploying GTS with either AppArmor or SELinux (moving the documentation for the former out of the "binary installation guide" docs).
2025-06-05 21:59:39 +02:00 · 2022-11-30 17:09:26 -05:00
parent 3a11861ac6
commit 1652633d93
4 changed files with 145 additions and 4 deletions
--- a/docs/installation_guide/binary.md
+++ b/docs/installation_guide/binary.md
@@ -141,7 +141,3 @@ sudo systemctl enable --now gotosocial.service

 If you want to run other webservers on port 443 or want to add an additional layer of security you might want to use [nginx](./nginx.md), [Caddy](./caddy.md) or [Apache httpd](./apache-httpd.md) as reverse proxy

-## 8. SELinux (optional)
-
-If SELinux is available on your system, you can optionally install [SELinux policy](https://github.com/lzap/gotosocial-selinux) to further improve security.
-