Merge branch 'develop' into pr/ThatOneCalculator/8954

packages/backend/.madgerc

@@ -0,0 +1,3 @@
+{
+	"tsConfig": "./tsconfig.json"
+}

packages/backend/.mocharc.json

@@ -1,10 +0,0 @@
-{
-	"extension": ["ts","js","cjs","mjs"],
-	"node-option": [
-		"experimental-specifier-resolution=node",
-		"loader=./test/loader.js"
-	],
-	"slow": 1000,
-	"timeout": 30000,
-	"exit": true
-}

packages/backend/.npmrc

@@ -1,2 +0,0 @@
-save-exact = true
-package-lock = false

packages/backend/.swcrc

@@ -0,0 +1,15 @@
+{
+  "$schema": "https://json.schemastore.org/swcrc",
+  "jsc": {
+    "parser": {
+      "syntax": "typescript",
+      "dynamicImport": true,
+      "decorators": true
+    },
+    "transform": {
+      "legacyDecorator": true,
+      "decoratorMetadata": true
+    }
+  },
+  "minify": false
+}

packages/backend/.yarnrc

@@ -1 +0,0 @@
-network-timeout 600000

packages/backend/README.md

@@ -0,0 +1,2 @@
+# Misskey Backend
+![](../../assets/backend.png)

packages/backend/assets/notification-badges/LICENSE

@@ -1,5 +0,0 @@
-Font Awesome Icons
--------------------------
-
-Ⓒ Font Awesome
-CC BY 4.0 (https://creativecommons.org/licenses/by/4.0/)

packages/backend/assets/tabler-badges/LICENSE

@@ -0,0 +1,24 @@
+Tabler Icons  
+https://github.com/tabler/tabler-icons/blob/master/LICENSE
+====
+MIT License
+
+Copyright (c) 2020-2022 Paweł Kuna
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

packages/backend/jest-resolver.cjs

@@ -0,0 +1,14 @@
+// https://github.com/facebook/jest/issues/12270#issuecomment-1194746382
+
+const nativeModule = require('node:module');
+
+function resolver(module, options) {
+  const { basedir, defaultResolver } = options;
+  try {
+    return defaultResolver(module, options);
+  } catch (error) {
+    return nativeModule.createRequire(basedir).resolve(module);
+  }
+}
+
+module.exports = resolver;

packages/backend/jest.config.cjs

@@ -0,0 +1,202 @@
+/*
+* For a detailed explanation regarding each configuration property and type check, visit:
+* https://jestjs.io/docs/en/configuration.html
+*/
+
+module.exports = {
+	// All imported modules in your tests should be mocked automatically
+	// automock: false,
+
+	// Stop running tests after `n` failures
+	// bail: 0,
+
+	// The directory where Jest should store its cached dependency information
+	// cacheDirectory: "C:\\Users\\ai\\AppData\\Local\\Temp\\jest",
+
+	// Automatically clear mock calls and instances between every test
+	// clearMocks: false,
+
+	// Indicates whether the coverage information should be collected while executing the test
+	// collectCoverage: false,
+
+	// An array of glob patterns indicating a set of files for which coverage information should be collected
+	collectCoverageFrom: ['src/**/*.ts'],
+
+	// The directory where Jest should output its coverage files
+	coverageDirectory: "coverage",
+
+	// An array of regexp pattern strings used to skip coverage collection
+	// coveragePathIgnorePatterns: [
+	//   "\\\\node_modules\\\\"
+	// ],
+
+	// Indicates which provider should be used to instrument code for coverage
+	coverageProvider: "v8",
+
+	// A list of reporter names that Jest uses when writing coverage reports
+	// coverageReporters: [
+	//   "json",
+	//   "text",
+	//   "lcov",
+	//   "clover"
+	// ],
+
+	// An object that configures minimum threshold enforcement for coverage results
+	// coverageThreshold: undefined,
+
+	// A path to a custom dependency extractor
+	// dependencyExtractor: undefined,
+
+	// Make calling deprecated APIs throw helpful error messages
+	// errorOnDeprecated: false,
+
+	// Force coverage collection from ignored files using an array of glob patterns
+	// forceCoverageMatch: [],
+
+	// A path to a module which exports an async function that is triggered once before all test suites
+	// globalSetup: undefined,
+
+	// A path to a module which exports an async function that is triggered once after all test suites
+	// globalTeardown: undefined,
+
+	// A set of global variables that need to be available in all test environments
+	globals: {
+	},
+
+	// The maximum amount of workers used to run your tests. Can be specified as % or a number. E.g. maxWorkers: 10% will use 10% of your CPU amount + 1 as the maximum worker number. maxWorkers: 2 will use a maximum of 2 workers.
+	// maxWorkers: "50%",
+
+	// An array of directory names to be searched recursively up from the requiring module's location
+	// moduleDirectories: [
+	//   "node_modules"
+	// ],
+
+	// An array of file extensions your modules use
+	// moduleFileExtensions: [
+	//   "js",
+	//   "json",
+	//   "jsx",
+	//   "ts",
+	//   "tsx",
+	//   "node"
+	// ],
+
+	// A map from regular expressions to module names or to arrays of module names that allow to stub out resources with a single module
+	moduleNameMapper: {
+		"^@/(.*?).js": "<rootDir>/src/$1.ts",
+		'^(\\.{1,2}/.*)\\.js$': '$1',
+	},
+
+	// An array of regexp pattern strings, matched against all module paths before considered 'visible' to the module loader
+	// modulePathIgnorePatterns: [],
+
+	// Activates notifications for test results
+	// notify: false,
+
+	// An enum that specifies notification mode. Requires { notify: true }
+	// notifyMode: "failure-change",
+
+	// A preset that is used as a base for Jest's configuration
+	//preset: "ts-jest/presets/js-with-ts-esm",
+
+	// Run tests from one or more projects
+	// projects: undefined,
+
+	// Use this configuration option to add custom reporters to Jest
+	// reporters: undefined,
+
+	// Automatically reset mock state between every test
+	// resetMocks: false,
+
+	// Reset the module registry before running each individual test
+	// resetModules: false,
+
+	// A path to a custom resolver
+	resolver: './jest-resolver.cjs',
+
+	// Automatically restore mock state between every test
+	restoreMocks: true,
+
+	// The root directory that Jest should scan for tests and modules within
+	// rootDir: undefined,
+
+	// A list of paths to directories that Jest should use to search for files in
+	roots: [
+		"<rootDir>"
+	],
+
+	// Allows you to use a custom runner instead of Jest's default test runner
+	// runner: "jest-runner",
+
+	// The paths to modules that run some code to configure or set up the testing environment before each test
+	// setupFiles: [],
+
+	// A list of paths to modules that run some code to configure or set up the testing framework before each test
+	// setupFilesAfterEnv: [],
+
+	// The number of seconds after which a test is considered as slow and reported as such in the results.
+	// slowTestThreshold: 5,
+
+	// A list of paths to snapshot serializer modules Jest should use for snapshot testing
+	// snapshotSerializers: [],
+
+	// The test environment that will be used for testing
+	testEnvironment: "node",
+
+	// Options that will be passed to the testEnvironment
+	// testEnvironmentOptions: {},
+
+	// Adds a location field to test results
+	// testLocationInResults: false,
+
+	// The glob patterns Jest uses to detect test files
+	testMatch: [
+		"<rootDir>/test/unit/**/*.ts",
+		//"<rootDir>/test/e2e/**/*.ts"
+	],
+
+	// An array of regexp pattern strings that are matched against all test paths, matched tests are skipped
+	// testPathIgnorePatterns: [
+	//   "\\\\node_modules\\\\"
+	// ],
+
+	// The regexp pattern or array of patterns that Jest uses to detect test files
+	// testRegex: [],
+
+	// This option allows the use of a custom results processor
+	// testResultsProcessor: undefined,
+
+	// This option allows use of a custom test runner
+	// testRunner: "jasmine2",
+
+	// This option sets the URL for the jsdom environment. It is reflected in properties such as location.href
+	// testURL: "http://localhost",
+
+	// Setting this value to "fake" allows the use of fake timers for functions such as "setTimeout"
+	// timers: "real",
+
+	// A map from regular expressions to paths to transformers
+	transform: {
+		"^.+\\.(t|j)sx?$": ["@swc/jest"],
+	},
+
+	// An array of regexp pattern strings that are matched against all source file paths, matched files will skip transformation
+	// transformIgnorePatterns: [
+	//   "\\\\node_modules\\\\",
+	//   "\\.pnp\\.[^\\\\]+$"
+	// ],
+
+	// An array of regexp pattern strings that are matched against all modules before the module loader will automatically return a mock for them
+	// unmockedModulePathPatterns: undefined,
+
+	// Indicates whether each individual test should be reported during the run
+	// verbose: undefined,
+
+	// An array of regexp patterns that are matched against all source file paths before re-running tests in watch mode
+	// watchPathIgnorePatterns: [],
+
+	// Whether to use watchman for file crawling
+	// watchman: true,
+
+	extensionsToTreatAsEsm: ['.ts'],
+};

packages/backend/migration/1651224615271-foreign-key.js

@@ -28,11 +28,11 @@ export class foreignKeyReports1651224615271 {
 
             queryRunner.query(`CREATE INDEX "IDX_315c779174fe8247ab324f036e" ON "drive_file" ("isLink")`),
             queryRunner.query(`CREATE INDEX "IDX_f22169eb10657bded6d875ac8f" ON "note" ("channelId")`),
-            queryRunner.query(`CREATE INDEX "IDX_a9021cc2e1feb5f72d3db6e9f5" ON "abuse_user_report" ("targetUserId")`),
+            //queryRunner.query(`CREATE INDEX "IDX_a9021cc2e1feb5f72d3db6e9f5" ON "abuse_user_report" ("targetUserId")`),
 
-            queryRunner.query(`DELETE FROM "abuse_user_report" WHERE "targetUserId" NOT IN (SELECT "id" FROM "user")`).then(() => {
-                queryRunner.query(`ALTER TABLE "abuse_user_report" ADD CONSTRAINT "FK_a9021cc2e1feb5f72d3db6e9f5f" FOREIGN KEY ("targetUserId") REFERENCES "user"("id") ON DELETE CASCADE ON UPDATE NO ACTION`);
-            }),
+            //queryRunner.query(`DELETE FROM "abuse_user_report" WHERE "targetUserId" NOT IN (SELECT "id" FROM "user")`).then(() => {
+            //    queryRunner.query(`ALTER TABLE "abuse_user_report" ADD CONSTRAINT "FK_a9021cc2e1feb5f72d3db6e9f5f" FOREIGN KEY ("targetUserId") REFERENCES "user"("id") ON DELETE CASCADE ON UPDATE NO ACTION`);
+            //}),
 
             queryRunner.query(`ALTER TABLE "poll" ADD CONSTRAINT "UQ_da851e06d0dfe2ef397d8b1bf1b" UNIQUE ("noteId")`),
             queryRunner.query(`ALTER TABLE "user_keypair" ADD CONSTRAINT "UQ_f4853eb41ab722fe05f81cedeb6" UNIQUE ("userId")`),

packages/backend/migration/1655368940105-nsfw-detection.js

@@ -0,0 +1,23 @@
+export class nsfwDetection1655368940105 {
+    name = 'nsfwDetection1655368940105'
+
+    async up(queryRunner) {
+        await queryRunner.query(`ALTER TABLE "drive_file" ADD "forceIsSensitive" boolean NOT NULL DEFAULT false`);
+        await queryRunner.query(`ALTER TABLE "drive_file" ADD "predictedIsSensitive" boolean NOT NULL DEFAULT false`);
+        await queryRunner.query(`COMMENT ON COLUMN "drive_file"."predictedIsSensitive" IS 'Whether the DriveFile is NSFW. (predict)'`);
+        await queryRunner.query(`CREATE TYPE "public"."meta_sensitiveimagedetection_enum" AS ENUM('none', 'all', 'local', 'remote')`);
+        await queryRunner.query(`ALTER TABLE "meta" ADD "sensitiveImageDetection" "public"."meta_sensitiveimagedetection_enum" NOT NULL DEFAULT 'none'`);
+        await queryRunner.query(`ALTER TABLE "meta" ADD "forceIsSensitiveWhenPredicted" boolean NOT NULL DEFAULT true`);
+        await queryRunner.query(`CREATE INDEX "IDX_fc2d74a6d7d8b11292a851d8f8" ON "drive_file" ("predictedIsSensitive") `);
+    }
+
+    async down(queryRunner) {
+        await queryRunner.query(`DROP INDEX "public"."IDX_fc2d74a6d7d8b11292a851d8f8"`);
+        await queryRunner.query(`ALTER TABLE "meta" DROP COLUMN "forceIsSensitiveWhenPredicted"`);
+        await queryRunner.query(`ALTER TABLE "meta" DROP COLUMN "sensitiveImageDetection"`);
+        await queryRunner.query(`DROP TYPE "public"."meta_sensitiveimagedetection_enum"`);
+        await queryRunner.query(`COMMENT ON COLUMN "drive_file"."predictedIsSensitive" IS 'Whether the DriveFile is NSFW. (predict)'`);
+        await queryRunner.query(`ALTER TABLE "drive_file" DROP COLUMN "predictedIsSensitive"`);
+        await queryRunner.query(`ALTER TABLE "drive_file" DROP COLUMN "forceIsSensitive"`);
+    }
+}

packages/backend/migration/1655371960534-nsfw-detection-2.js

@@ -0,0 +1,15 @@
+export class nsfwDetection21655371960534 {
+    name = 'nsfwDetection21655371960534'
+
+    async up(queryRunner) {
+        await queryRunner.query(`CREATE TYPE "public"."meta_sensitiveimagedetectionsensitivity_enum" AS ENUM('medium', 'low', 'high')`);
+        await queryRunner.query(`ALTER TABLE "meta" ADD "sensitiveImageDetectionSensitivity" "public"."meta_sensitiveimagedetectionsensitivity_enum" NOT NULL DEFAULT 'medium'`);
+        await queryRunner.query(`ALTER TABLE "meta" ADD "disallowUploadWhenPredictedAsPorn" boolean NOT NULL DEFAULT false`);
+    }
+
+    async down(queryRunner) {
+        await queryRunner.query(`ALTER TABLE "meta" DROP COLUMN "disallowUploadWhenPredictedAsPorn"`);
+        await queryRunner.query(`ALTER TABLE "meta" DROP COLUMN "sensitiveImageDetectionSensitivity"`);
+        await queryRunner.query(`DROP TYPE "public"."meta_sensitiveimagedetectionsensitivity_enum"`);
+    }
+}

packages/backend/migration/1655388169582-nsfw-detection-3.js

@@ -0,0 +1,21 @@
+export class nsfwDetection31655388169582 {
+    name = 'nsfwDetection31655388169582'
+
+    async up(queryRunner) {
+        await queryRunner.query(`ALTER TYPE "public"."meta_sensitiveimagedetectionsensitivity_enum" RENAME TO "meta_sensitiveimagedetectionsensitivity_enum_old"`);
+        await queryRunner.query(`CREATE TYPE "public"."meta_sensitiveimagedetectionsensitivity_enum" AS ENUM('medium', 'low', 'high', 'veryLow', 'veryHigh')`);
+        await queryRunner.query(`ALTER TABLE "meta" ALTER COLUMN "sensitiveImageDetectionSensitivity" DROP DEFAULT`);
+        await queryRunner.query(`ALTER TABLE "meta" ALTER COLUMN "sensitiveImageDetectionSensitivity" TYPE "public"."meta_sensitiveimagedetectionsensitivity_enum" USING "sensitiveImageDetectionSensitivity"::"text"::"public"."meta_sensitiveimagedetectionsensitivity_enum"`);
+        await queryRunner.query(`ALTER TABLE "meta" ALTER COLUMN "sensitiveImageDetectionSensitivity" SET DEFAULT 'medium'`);
+        await queryRunner.query(`DROP TYPE "public"."meta_sensitiveimagedetectionsensitivity_enum_old"`);
+    }
+
+    async down(queryRunner) {
+        await queryRunner.query(`CREATE TYPE "public"."meta_sensitiveimagedetectionsensitivity_enum_old" AS ENUM('medium', 'low', 'high')`);
+        await queryRunner.query(`ALTER TABLE "meta" ALTER COLUMN "sensitiveImageDetectionSensitivity" DROP DEFAULT`);
+        await queryRunner.query(`ALTER TABLE "meta" ALTER COLUMN "sensitiveImageDetectionSensitivity" TYPE "public"."meta_sensitiveimagedetectionsensitivity_enum_old" USING "sensitiveImageDetectionSensitivity"::"text"::"public"."meta_sensitiveimagedetectionsensitivity_enum_old"`);
+        await queryRunner.query(`ALTER TABLE "meta" ALTER COLUMN "sensitiveImageDetectionSensitivity" SET DEFAULT 'medium'`);
+        await queryRunner.query(`DROP TYPE "public"."meta_sensitiveimagedetectionsensitivity_enum"`);
+        await queryRunner.query(`ALTER TYPE "public"."meta_sensitiveimagedetectionsensitivity_enum_old" RENAME TO "meta_sensitiveimagedetectionsensitivity_enum"`);
+    }
+}

packages/backend/migration/1655393015659-nsfw-detection-4.js

@@ -0,0 +1,25 @@
+export class nsfwDetection41655393015659 {
+    name = 'nsfwDetection41655393015659'
+
+    async up(queryRunner) {
+        await queryRunner.query(`ALTER TABLE "meta" DROP COLUMN "sensitiveImageDetection"`);
+        await queryRunner.query(`DROP TYPE "public"."meta_sensitiveimagedetection_enum"`);
+        await queryRunner.query(`ALTER TABLE "meta" DROP COLUMN "sensitiveImageDetectionSensitivity"`);
+        await queryRunner.query(`DROP TYPE "public"."meta_sensitiveimagedetectionsensitivity_enum"`);
+        await queryRunner.query(`CREATE TYPE "public"."meta_sensitivemediadetection_enum" AS ENUM('none', 'all', 'local', 'remote')`);
+        await queryRunner.query(`ALTER TABLE "meta" ADD "sensitiveMediaDetection" "public"."meta_sensitivemediadetection_enum" NOT NULL DEFAULT 'none'`);
+        await queryRunner.query(`CREATE TYPE "public"."meta_sensitivemediadetectionsensitivity_enum" AS ENUM('medium', 'low', 'high', 'veryLow', 'veryHigh')`);
+        await queryRunner.query(`ALTER TABLE "meta" ADD "sensitiveMediaDetectionSensitivity" "public"."meta_sensitivemediadetectionsensitivity_enum" NOT NULL DEFAULT 'medium'`);
+    }
+
+    async down(queryRunner) {
+        await queryRunner.query(`ALTER TABLE "meta" DROP COLUMN "sensitiveMediaDetectionSensitivity"`);
+        await queryRunner.query(`DROP TYPE "public"."meta_sensitivemediadetectionsensitivity_enum"`);
+        await queryRunner.query(`ALTER TABLE "meta" DROP COLUMN "sensitiveMediaDetection"`);
+        await queryRunner.query(`DROP TYPE "public"."meta_sensitivemediadetection_enum"`);
+        await queryRunner.query(`CREATE TYPE "public"."meta_sensitiveimagedetectionsensitivity_enum" AS ENUM('medium', 'low', 'high', 'veryLow', 'veryHigh')`);
+        await queryRunner.query(`ALTER TABLE "meta" ADD "sensitiveImageDetectionSensitivity" "public"."meta_sensitiveimagedetectionsensitivity_enum" NOT NULL DEFAULT 'medium'`);
+        await queryRunner.query(`CREATE TYPE "public"."meta_sensitiveimagedetection_enum" AS ENUM('none', 'all', 'local', 'remote')`);
+        await queryRunner.query(`ALTER TABLE "meta" ADD "sensitiveImageDetection" "public"."meta_sensitiveimagedetection_enum" NOT NULL DEFAULT 'none'`);
+    }
+}

packages/backend/migration/1656251734807-nsfw-detection-5.js

@@ -0,0 +1,33 @@
+export class nsfwDetection51656251734807 {
+    name = 'nsfwDetection51656251734807'
+
+    async up(queryRunner) {
+        await queryRunner.query(`DROP INDEX "public"."IDX_fc2d74a6d7d8b11292a851d8f8"`);
+        await queryRunner.query(`ALTER TABLE "drive_file" DROP COLUMN "forceIsSensitive"`);
+        await queryRunner.query(`ALTER TABLE "drive_file" DROP COLUMN "predictedIsSensitive"`);
+        await queryRunner.query(`ALTER TABLE "meta" DROP COLUMN "forceIsSensitiveWhenPredicted"`);
+        await queryRunner.query(`ALTER TABLE "meta" DROP COLUMN "disallowUploadWhenPredictedAsPorn"`);
+        await queryRunner.query(`ALTER TABLE "drive_file" ADD "maybeSensitive" boolean NOT NULL DEFAULT false`);
+        await queryRunner.query(`COMMENT ON COLUMN "drive_file"."maybeSensitive" IS 'Whether the DriveFile is NSFW. (predict)'`);
+        await queryRunner.query(`ALTER TABLE "drive_file" ADD "maybePorn" boolean NOT NULL DEFAULT false`);
+        await queryRunner.query(`ALTER TABLE "meta" ADD "setSensitiveFlagAutomatically" boolean NOT NULL DEFAULT false`);
+        await queryRunner.query(`ALTER TABLE "user_profile" ADD "autoSensitive" boolean NOT NULL DEFAULT false`);
+        await queryRunner.query(`CREATE INDEX "IDX_3b33dff77bb64b23c88151d23e" ON "drive_file" ("maybeSensitive") `);
+        await queryRunner.query(`CREATE INDEX "IDX_8bdcd3dd2bddb78014999a16ce" ON "drive_file" ("maybePorn") `);
+    }
+
+    async down(queryRunner) {
+        await queryRunner.query(`DROP INDEX "public"."IDX_8bdcd3dd2bddb78014999a16ce"`);
+        await queryRunner.query(`DROP INDEX "public"."IDX_3b33dff77bb64b23c88151d23e"`);
+        await queryRunner.query(`ALTER TABLE "user_profile" DROP COLUMN "autoSensitive"`);
+        await queryRunner.query(`ALTER TABLE "meta" DROP COLUMN "setSensitiveFlagAutomatically"`);
+        await queryRunner.query(`ALTER TABLE "drive_file" DROP COLUMN "maybePorn"`);
+        await queryRunner.query(`COMMENT ON COLUMN "drive_file"."maybeSensitive" IS 'Whether the DriveFile is NSFW. (predict)'`);
+        await queryRunner.query(`ALTER TABLE "drive_file" DROP COLUMN "maybeSensitive"`);
+        await queryRunner.query(`ALTER TABLE "meta" ADD "disallowUploadWhenPredictedAsPorn" boolean NOT NULL DEFAULT false`);
+        await queryRunner.query(`ALTER TABLE "meta" ADD "forceIsSensitiveWhenPredicted" boolean NOT NULL DEFAULT true`);
+        await queryRunner.query(`ALTER TABLE "drive_file" ADD "predictedIsSensitive" boolean NOT NULL DEFAULT false`);
+        await queryRunner.query(`ALTER TABLE "drive_file" ADD "forceIsSensitive" boolean NOT NULL DEFAULT false`);
+        await queryRunner.query(`CREATE INDEX "IDX_fc2d74a6d7d8b11292a851d8f8" ON "drive_file" ("predictedIsSensitive") `);
+    }
+}

packages/backend/migration/1656408772602-nsfw-detection-6.js

@@ -0,0 +1,11 @@
+export class nsfwDetection61656408772602 {
+    name = 'nsfwDetection61656408772602'
+
+    async up(queryRunner) {
+				await queryRunner.query(`ALTER TABLE "meta" ADD "enableSensitiveMediaDetectionForVideos" boolean NOT NULL DEFAULT false`);
+    }
+
+    async down(queryRunner) {
+			await queryRunner.query(`ALTER TABLE "meta" DROP COLUMN "enableSensitiveMediaDetectionForVideos"`);
+    }
+}

packages/backend/migration/1657346559800-active-email-validation.js

@@ -0,0 +1,11 @@
+export class activeEmailValidation1657346559800 {
+    name = 'activeEmailValidation1657346559800'
+
+    async up(queryRunner) {
+        await queryRunner.query(`ALTER TABLE "meta" ADD "enableActiveEmailValidation" boolean NOT NULL DEFAULT true`);
+    }
+
+    async down(queryRunner) {
+        await queryRunner.query(`ALTER TABLE "meta" DROP COLUMN "enableActiveEmailValidation"`);
+    }
+}

packages/backend/migration/1664694635394-turnstile.js

@@ -0,0 +1,15 @@
+export class turnstile1664694635394 {
+    name = 'turnstile1664694635394'
+
+    async up(queryRunner) {
+        await queryRunner.query(`ALTER TABLE "meta" ADD "enableTurnstile" boolean NOT NULL DEFAULT false`);
+        await queryRunner.query(`ALTER TABLE "meta" ADD "turnstileSiteKey" character varying(64)`);
+        await queryRunner.query(`ALTER TABLE "meta" ADD "turnstileSecretKey" character varying(64)`);
+    }
+
+    async down(queryRunner) {
+        await queryRunner.query(`ALTER TABLE "meta" DROP COLUMN "turnstileSecretKey"`);
+        await queryRunner.query(`ALTER TABLE "meta" DROP COLUMN "turnstileSiteKey"`);
+        await queryRunner.query(`ALTER TABLE "meta" DROP COLUMN "enableTurnstile"`);
+    }
+}

packages/backend/migration/1669138716634-whetherPushNotifyToSendReadMessage.js

@@ -0,0 +1,11 @@
+export class whetherPushNotifyToSendReadMessage1669138716634 {
+    name = 'whetherPushNotifyToSendReadMessage1669138716634'
+
+    async up(queryRunner) {
+        await queryRunner.query(`ALTER TABLE "sw_subscription" ADD "sendReadMessage" boolean NOT NULL DEFAULT false`);
+    }
+
+    async down(queryRunner) {
+        await queryRunner.query(`ALTER TABLE "sw_subscription" DROP COLUMN "sendReadMessage"`);
+    }
+}

packages/backend/migration/1671924750884-RetentionAggregation.js

@@ -0,0 +1,13 @@
+export class RetentionAggregation1671924750884 {
+    name = 'RetentionAggregation1671924750884'
+
+    async up(queryRunner) {
+        await queryRunner.query(`CREATE TABLE "retention_aggregation" ("id" character varying(32) NOT NULL, "createdAt" TIMESTAMP WITH TIME ZONE NOT NULL, "userIds" character varying(32) array NOT NULL, "data" jsonb NOT NULL DEFAULT '{}', CONSTRAINT "PK_22aad3e8640b15fb3b90ee02d18" PRIMARY KEY ("id")); COMMENT ON COLUMN "retention_aggregation"."createdAt" IS 'The created date of the Note.'`);
+        await queryRunner.query(`CREATE INDEX "IDX_09f4e5b9e4a2f268d3e284e4b3" ON "retention_aggregation" ("createdAt") `);
+    }
+
+    async down(queryRunner) {
+        await queryRunner.query(`DROP INDEX "public"."IDX_09f4e5b9e4a2f268d3e284e4b3"`);
+        await queryRunner.query(`DROP TABLE "retention_aggregation"`);
+    }
+}

packages/backend/migration/1671926422832-RetentionAggregation2.js

@@ -0,0 +1,15 @@
+export class RetentionAggregation21671926422832 {
+    name = 'RetentionAggregation21671926422832'
+
+    async up(queryRunner) {
+        await queryRunner.query(`ALTER TABLE "retention_aggregation" ADD "updatedAt" TIMESTAMP WITH TIME ZONE NOT NULL`);
+        await queryRunner.query(`COMMENT ON COLUMN "retention_aggregation"."updatedAt" IS 'The updated date of the GalleryPost.'`);
+        await queryRunner.query(`ALTER TABLE "retention_aggregation" ADD "usersCount" integer NOT NULL`);
+    }
+
+    async down(queryRunner) {
+        await queryRunner.query(`ALTER TABLE "retention_aggregation" DROP COLUMN "usersCount"`);
+        await queryRunner.query(`COMMENT ON COLUMN "retention_aggregation"."updatedAt" IS 'The updated date of the GalleryPost.'`);
+        await queryRunner.query(`ALTER TABLE "retention_aggregation" DROP COLUMN "updatedAt"`);
+    }
+}

packages/backend/migration/1672562400597-PerUserPvChart.js

@@ -0,0 +1,17 @@
+export class PerUserPvChart1672562400597 {
+    name = 'PerUserPvChart1672562400597'
+
+    async up(queryRunner) {
+        await queryRunner.query(`CREATE TABLE "__chart__per_user_pv" ("id" SERIAL NOT NULL, "date" integer NOT NULL, "group" character varying(128) NOT NULL, "unique_temp___upv_user" character varying array NOT NULL DEFAULT '{}', "___upv_user" smallint NOT NULL DEFAULT '0', "___pv_user" smallint NOT NULL DEFAULT '0', "unique_temp___upv_visitor" character varying array NOT NULL DEFAULT '{}', "___upv_visitor" smallint NOT NULL DEFAULT '0', "___pv_visitor" smallint NOT NULL DEFAULT '0', CONSTRAINT "UQ_f2a56da57921ca8439f45c1d95f" UNIQUE ("date", "group"), CONSTRAINT "PK_3c938a24f0203b5bd13fab51059" PRIMARY KEY ("id"))`);
+        await queryRunner.query(`CREATE UNIQUE INDEX "IDX_f2a56da57921ca8439f45c1d95" ON "__chart__per_user_pv" ("date", "group") `);
+        await queryRunner.query(`CREATE TABLE "__chart_day__per_user_pv" ("id" SERIAL NOT NULL, "date" integer NOT NULL, "group" character varying(128) NOT NULL, "unique_temp___upv_user" character varying array NOT NULL DEFAULT '{}', "___upv_user" smallint NOT NULL DEFAULT '0', "___pv_user" smallint NOT NULL DEFAULT '0', "unique_temp___upv_visitor" character varying array NOT NULL DEFAULT '{}', "___upv_visitor" smallint NOT NULL DEFAULT '0', "___pv_visitor" smallint NOT NULL DEFAULT '0', CONSTRAINT "UQ_f221e45cfac5bea0ce0f3149fbb" UNIQUE ("date", "group"), CONSTRAINT "PK_0085d7542f6772e99b9dcfb0a9c" PRIMARY KEY ("id"))`);
+        await queryRunner.query(`CREATE UNIQUE INDEX "IDX_f221e45cfac5bea0ce0f3149fb" ON "__chart_day__per_user_pv" ("date", "group") `);
+    }
+
+    async down(queryRunner) {
+        await queryRunner.query(`DROP INDEX "public"."IDX_f221e45cfac5bea0ce0f3149fb"`);
+        await queryRunner.query(`DROP TABLE "__chart_day__per_user_pv"`);
+        await queryRunner.query(`DROP INDEX "public"."IDX_f2a56da57921ca8439f45c1d95"`);
+        await queryRunner.query(`DROP TABLE "__chart__per_user_pv"`);
+    }
+}

packages/backend/migration/1672703171386-remove-latestRequestSentAt.js

@@ -0,0 +1,11 @@
+export class removeLatestRequestSentAt1672703171386 {
+    name = 'removeLatestRequestSentAt1672703171386'
+
+    async up(queryRunner) {
+        await queryRunner.query(`ALTER TABLE "instance" DROP COLUMN "latestRequestSentAt"`);
+    }
+
+    async down(queryRunner) {
+        await queryRunner.query(`ALTER TABLE "instance" ADD "latestRequestSentAt" TIMESTAMP WITH TIME ZONE`);
+    }
+}

packages/backend/migration/1672704017999-remove-lastCommunicatedAt.js

@@ -0,0 +1,11 @@
+export class removeLastCommunicatedAt1672704017999 {
+    name = 'removeLastCommunicatedAt1672704017999'
+
+    async up(queryRunner) {
+        await queryRunner.query(`ALTER TABLE "instance" DROP COLUMN "lastCommunicatedAt"`);
+    }
+
+    async down(queryRunner) {
+        await queryRunner.query(`ALTER TABLE "instance" ADD "lastCommunicatedAt" TIMESTAMP WITH TIME ZONE NOT NULL`);
+    }
+}

packages/backend/migration/1672704136584-remove-latestStatus.js

@@ -0,0 +1,11 @@
+export class removeLatestStatus1672704136584 {
+    name = 'removeLatestStatus1672704136584'
+
+    async up(queryRunner) {
+        await queryRunner.query(`ALTER TABLE "instance" DROP COLUMN "latestStatus"`);
+    }
+
+    async down(queryRunner) {
+        await queryRunner.query(`ALTER TABLE "instance" ADD "latestStatus" integer`);
+    }
+}

packages/backend/migration/1672822262496-Flash.js

@@ -0,0 +1,29 @@
+export class Flash1672822262496 {
+    name = 'Flash1672822262496'
+
+    async up(queryRunner) {
+        await queryRunner.query(`CREATE TABLE "flash" ("id" character varying(32) NOT NULL, "createdAt" TIMESTAMP WITH TIME ZONE NOT NULL, "updatedAt" TIMESTAMP WITH TIME ZONE NOT NULL, "title" character varying(256) NOT NULL, "summary" character varying(1024) NOT NULL, "userId" character varying(32) NOT NULL, "script" character varying(16384) NOT NULL, "permissions" character varying(256) array NOT NULL DEFAULT '{}', "likedCount" integer NOT NULL DEFAULT '0', CONSTRAINT "PK_0c01a2c1c5f2266942dd1b3fdbc" PRIMARY KEY ("id")); COMMENT ON COLUMN "flash"."createdAt" IS 'The created date of the Flash.'; COMMENT ON COLUMN "flash"."updatedAt" IS 'The updated date of the Flash.'; COMMENT ON COLUMN "flash"."userId" IS 'The ID of author.'`);
+        await queryRunner.query(`CREATE INDEX "IDX_149d2e44785707548c82999b01" ON "flash" ("createdAt") `);
+        await queryRunner.query(`CREATE INDEX "IDX_3aa8ea9a8f15214ad91638c0a7" ON "flash" ("updatedAt") `);
+        await queryRunner.query(`CREATE INDEX "IDX_9b88250fc2fd009b8f1b5623ed" ON "flash" ("userId") `);
+        await queryRunner.query(`CREATE TABLE "flash_like" ("id" character varying(32) NOT NULL, "createdAt" TIMESTAMP WITH TIME ZONE NOT NULL, "userId" character varying(32) NOT NULL, "flashId" character varying(32) NOT NULL, CONSTRAINT "PK_d110109ee310588d63d6183b233" PRIMARY KEY ("id"))`);
+        await queryRunner.query(`CREATE INDEX "IDX_60c4af1c19a7a75f1592f93b28" ON "flash_like" ("userId") `);
+        await queryRunner.query(`CREATE UNIQUE INDEX "IDX_cfbfeeccb0cbedcd660b17eb07" ON "flash_like" ("userId", "flashId") `);
+        await queryRunner.query(`ALTER TABLE "flash" ADD CONSTRAINT "FK_9b88250fc2fd009b8f1b5623ed5" FOREIGN KEY ("userId") REFERENCES "user"("id") ON DELETE CASCADE ON UPDATE NO ACTION`);
+        await queryRunner.query(`ALTER TABLE "flash_like" ADD CONSTRAINT "FK_60c4af1c19a7a75f1592f93b287" FOREIGN KEY ("userId") REFERENCES "user"("id") ON DELETE CASCADE ON UPDATE NO ACTION`);
+        await queryRunner.query(`ALTER TABLE "flash_like" ADD CONSTRAINT "FK_6c16fe0e93b7a1951eca624b76a" FOREIGN KEY ("flashId") REFERENCES "flash"("id") ON DELETE CASCADE ON UPDATE NO ACTION`);
+    }
+
+    async down(queryRunner) {
+        await queryRunner.query(`ALTER TABLE "flash_like" DROP CONSTRAINT "FK_6c16fe0e93b7a1951eca624b76a"`);
+        await queryRunner.query(`ALTER TABLE "flash_like" DROP CONSTRAINT "FK_60c4af1c19a7a75f1592f93b287"`);
+        await queryRunner.query(`ALTER TABLE "flash" DROP CONSTRAINT "FK_9b88250fc2fd009b8f1b5623ed5"`);
+        await queryRunner.query(`DROP INDEX "public"."IDX_cfbfeeccb0cbedcd660b17eb07"`);
+        await queryRunner.query(`DROP INDEX "public"."IDX_60c4af1c19a7a75f1592f93b28"`);
+        await queryRunner.query(`DROP TABLE "flash_like"`);
+        await queryRunner.query(`DROP INDEX "public"."IDX_9b88250fc2fd009b8f1b5623ed"`);
+        await queryRunner.query(`DROP INDEX "public"."IDX_3aa8ea9a8f15214ad91638c0a7"`);
+        await queryRunner.query(`DROP INDEX "public"."IDX_149d2e44785707548c82999b01"`);
+        await queryRunner.query(`DROP TABLE "flash"`);
+    }
+}

packages/backend/migration/1673336077243-PollChoiceLength.js

@@ -0,0 +1,11 @@
+export class PollChoiceLength1673336077243 {
+    name = 'PollChoiceLength1673336077243'
+
+    async up(queryRunner) {
+				await queryRunner.query(`ALTER TABLE "poll" ALTER COLUMN "choices" TYPE character varying(256) array`);
+    }
+
+    async down(queryRunner) {
+			await queryRunner.query(`ALTER TABLE "poll" ALTER COLUMN "choices" TYPE character varying(128) array`);
+    }
+}

packages/backend/migration/1673500412259-Role.js

@@ -0,0 +1,37 @@
+export class Role1673500412259 {
+    name = 'Role1673500412259'
+
+    async up(queryRunner) {
+        await queryRunner.query(`CREATE TABLE "role" ("id" character varying(32) NOT NULL, "createdAt" TIMESTAMP WITH TIME ZONE NOT NULL, "updatedAt" TIMESTAMP WITH TIME ZONE NOT NULL, "name" character varying(256) NOT NULL, "description" character varying(1024) NOT NULL, "isPublic" boolean NOT NULL DEFAULT false, "isModerator" boolean NOT NULL DEFAULT false, "isAdministrator" boolean NOT NULL DEFAULT false, "options" jsonb NOT NULL DEFAULT '{}', CONSTRAINT "PK_b36bcfe02fc8de3c57a8b2391c2" PRIMARY KEY ("id")); COMMENT ON COLUMN "role"."createdAt" IS 'The created date of the Role.'; COMMENT ON COLUMN "role"."updatedAt" IS 'The updated date of the Role.'`);
+        await queryRunner.query(`CREATE TABLE "role_assignment" ("id" character varying(32) NOT NULL, "createdAt" TIMESTAMP WITH TIME ZONE NOT NULL, "userId" character varying(32) NOT NULL, "roleId" character varying(32) NOT NULL, CONSTRAINT "PK_7e79671a8a5db18936173148cb4" PRIMARY KEY ("id")); COMMENT ON COLUMN "role_assignment"."createdAt" IS 'The created date of the RoleAssignment.'; COMMENT ON COLUMN "role_assignment"."userId" IS 'The user ID.'; COMMENT ON COLUMN "role_assignment"."roleId" IS 'The role ID.'`);
+        await queryRunner.query(`CREATE INDEX "IDX_db5b72c16227c97ca88734d5c2" ON "role_assignment" ("userId") `);
+        await queryRunner.query(`CREATE INDEX "IDX_f0de67fd09cd3cd0aabca79994" ON "role_assignment" ("roleId") `);
+        await queryRunner.query(`CREATE UNIQUE INDEX "IDX_0953deda7ce6e1448e935859e5" ON "role_assignment" ("userId", "roleId") `);
+				await queryRunner.query(`ALTER TABLE "user" RENAME COLUMN "isAdmin" TO "isRoot"`);
+				await queryRunner.query(`ALTER TABLE "user" DROP COLUMN "isModerator"`);
+        await queryRunner.query(`ALTER TABLE "user" DROP COLUMN "driveCapacityOverrideMb"`);
+        await queryRunner.query(`ALTER TABLE "meta" DROP COLUMN "disableLocalTimeline"`);
+        await queryRunner.query(`ALTER TABLE "meta" DROP COLUMN "disableGlobalTimeline"`);
+        await queryRunner.query(`ALTER TABLE "meta" DROP COLUMN "localDriveCapacityMb"`);
+        await queryRunner.query(`ALTER TABLE "meta" ADD "defaultRoleOverride" jsonb NOT NULL DEFAULT '{}'`);
+        await queryRunner.query(`ALTER TABLE "role_assignment" ADD CONSTRAINT "FK_db5b72c16227c97ca88734d5c2b" FOREIGN KEY ("userId") REFERENCES "user"("id") ON DELETE CASCADE ON UPDATE NO ACTION`);
+        await queryRunner.query(`ALTER TABLE "role_assignment" ADD CONSTRAINT "FK_f0de67fd09cd3cd0aabca79994d" FOREIGN KEY ("roleId") REFERENCES "role"("id") ON DELETE CASCADE ON UPDATE NO ACTION`);
+    }
+
+    async down(queryRunner) {
+        await queryRunner.query(`ALTER TABLE "role_assignment" DROP CONSTRAINT "FK_f0de67fd09cd3cd0aabca79994d"`);
+        await queryRunner.query(`ALTER TABLE "role_assignment" DROP CONSTRAINT "FK_db5b72c16227c97ca88734d5c2b"`);
+        await queryRunner.query(`ALTER TABLE "meta" DROP COLUMN "defaultRoleOverride"`);
+        await queryRunner.query(`ALTER TABLE "meta" ADD "localDriveCapacityMb" integer NOT NULL DEFAULT '1024'`);
+        await queryRunner.query(`ALTER TABLE "meta" ADD "disableGlobalTimeline" boolean NOT NULL DEFAULT false`);
+        await queryRunner.query(`ALTER TABLE "meta" ADD "disableLocalTimeline" boolean NOT NULL DEFAULT false`);
+        await queryRunner.query(`ALTER TABLE "user" ADD "driveCapacityOverrideMb" integer`);
+				await queryRunner.query(`ALTER TABLE "user" ADD "isModerator" boolean NOT NULL DEFAULT false`);
+				await queryRunner.query(`ALTER TABLE "user" RENAME COLUMN "isRoot" TO "isAdmin"`);
+        await queryRunner.query(`DROP INDEX "public"."IDX_0953deda7ce6e1448e935859e5"`);
+        await queryRunner.query(`DROP INDEX "public"."IDX_f0de67fd09cd3cd0aabca79994"`);
+        await queryRunner.query(`DROP INDEX "public"."IDX_db5b72c16227c97ca88734d5c2"`);
+        await queryRunner.query(`DROP TABLE "role_assignment"`);
+        await queryRunner.query(`DROP TABLE "role"`);
+    }
+}

packages/backend/migration/1673515526953-RoleColor.js

@@ -0,0 +1,11 @@
+export class RoleColor1673515526953 {
+    name = 'RoleColor1673515526953'
+
+    async up(queryRunner) {
+        await queryRunner.query(`ALTER TABLE "role" ADD "color" character varying(256)`);
+    }
+
+    async down(queryRunner) {
+        await queryRunner.query(`ALTER TABLE "role" DROP COLUMN "color"`);
+    }
+}

packages/backend/migration/1673522856499-RoleIroiro.js

@@ -0,0 +1,13 @@
+export class RoleIroiro1673522856499 {
+    name = 'RoleIroiro1673522856499'
+
+    async up(queryRunner) {
+        await queryRunner.query(`ALTER TABLE "user" DROP COLUMN "isSilenced"`);
+        await queryRunner.query(`ALTER TABLE "role" ADD "canEditMembersByModerator" boolean NOT NULL DEFAULT false`);
+    }
+
+    async down(queryRunner) {
+        await queryRunner.query(`ALTER TABLE "role" DROP COLUMN "canEditMembersByModerator"`);
+        await queryRunner.query(`ALTER TABLE "user" ADD "isSilenced" boolean NOT NULL DEFAULT false`);
+    }
+}

packages/backend/migration/1673524604156-RoleLastUsedAt.js

@@ -0,0 +1,13 @@
+export class RoleLastUsedAt1673524604156 {
+    name = 'RoleLastUsedAt1673524604156'
+
+    async up(queryRunner) {
+        await queryRunner.query(`ALTER TABLE "role" ADD "lastUsedAt" TIMESTAMP WITH TIME ZONE NOT NULL`);
+        await queryRunner.query(`COMMENT ON COLUMN "role"."lastUsedAt" IS 'The last used date of the Role.'`);
+    }
+
+    async down(queryRunner) {
+        await queryRunner.query(`COMMENT ON COLUMN "role"."lastUsedAt" IS 'The last used date of the Role.'`);
+        await queryRunner.query(`ALTER TABLE "role" DROP COLUMN "lastUsedAt"`);
+    }
+}

packages/backend/migration/1673570377815-RoleConditional.js

@@ -0,0 +1,15 @@
+export class RoleConditional1673570377815 {
+    name = 'RoleConditional1673570377815'
+
+    async up(queryRunner) {
+        await queryRunner.query(`CREATE TYPE "public"."role_target_enum" AS ENUM('manual', 'conditional')`);
+        await queryRunner.query(`ALTER TABLE "role" ADD "target" "public"."role_target_enum" NOT NULL DEFAULT 'manual'`);
+        await queryRunner.query(`ALTER TABLE "role" ADD "condFormula" jsonb NOT NULL DEFAULT '{}'`);
+    }
+
+    async down(queryRunner) {
+        await queryRunner.query(`ALTER TABLE "role" DROP COLUMN "condFormula"`);
+        await queryRunner.query(`ALTER TABLE "role" DROP COLUMN "target"`);
+        await queryRunner.query(`DROP TYPE "public"."role_target_enum"`);
+    }
+}

packages/backend/migration/1673575973645-MetaClean.js

@@ -0,0 +1,11 @@
+export class MetaClean1673575973645 {
+    name = 'MetaClean1673575973645'
+
+    async up(queryRunner) {
+        await queryRunner.query(`ALTER TABLE "meta" DROP COLUMN "remoteDriveCapacityMb"`);
+    }
+
+    async down(queryRunner) {
+        await queryRunner.query(`ALTER TABLE "meta" ADD "remoteDriveCapacityMb" integer NOT NULL DEFAULT '32'`);
+    }
+}

packages/backend/migration/1673783015567-Policies.js

@@ -0,0 +1,13 @@
+export class Policies1673783015567 {
+    name = 'Policies1673783015567'
+
+    async up(queryRunner) {
+        await queryRunner.query(`ALTER TABLE "role" RENAME COLUMN "options" TO "policies"`);
+				await queryRunner.query(`ALTER TABLE "meta" RENAME COLUMN "defaultRoleOverride" TO "policies"`);
+    }
+
+    async down(queryRunner) {
+				await queryRunner.query(`ALTER TABLE "meta" RENAME COLUMN "policies" TO "defaultRoleOverride"`);
+        await queryRunner.query(`ALTER TABLE "role" RENAME COLUMN "policies" TO "options"`);
+    }
+}

packages/backend/migration/1673812883772-firstRetrievedAt.js

@@ -0,0 +1,11 @@
+export class firstRetrievedAt1673812883772 {
+    name = 'firstRetrievedAt1673812883772'
+
+    async up(queryRunner) {
+        await queryRunner.query(`ALTER TABLE "instance" RENAME COLUMN "caughtAt" TO "firstRetrievedAt"`);
+    }
+
+    async down(queryRunner) {
+        await queryRunner.query(`ALTER TABLE "instance" RENAME COLUMN "firstRetrievedAt" TO "caughtAt"`);
+    }
+}

packages/backend/ormconfig.js

@@ -1,6 +1,8 @@
 import { DataSource } from 'typeorm';
-import config from './built/config/index.js';
-import { entities } from './built/db/postgre.js';
+import { loadConfig } from './built/config.js';
+import { entities } from './built/postgre.js';
+
+const config = loadConfig();
 
 export default new DataSource({
 	type: 'postgres',

packages/backend/package.json

@@ -1,177 +1,186 @@
 {
+	"name": "backend",
 	"main": "./index.js",
 	"private": true,
 	"type": "module",
 	"scripts": {
+		"start": "node ./built/index.js",
+		"start:test": "NODE_ENV=test node ./built/index.js",
+		"migrate": "pnpm typeorm migration:run -d ormconfig.js",
 		"build": "tsc -p tsconfig.json || echo done. && tsc-alias -p tsconfig.json",
 		"watch": "node watch.mjs",
-		"lint": "eslint --quiet \"src/**/*.ts\"",
-		"mocha": "cross-env NODE_ENV=test TS_NODE_FILES=true TS_NODE_TRANSPILE_ONLY=true TS_NODE_PROJECT=\"./test/tsconfig.json\" mocha",
-		"test": "npm run mocha"
+		"lint": "tsc --noEmit && eslint --quiet \"src/**/*.ts\"",
+		"jest": "cross-env NODE_ENV=test node --experimental-vm-modules --experimental-import-meta-resolve node_modules/jest/bin/jest.js --forceExit --runInBand",
+		"jest-and-coverage": "cross-env NODE_ENV=test node --experimental-vm-modules --experimental-import-meta-resolve node_modules/jest/bin/jest.js --coverage --forceExit --runInBand",
+		"jest-clear": "cross-env NODE_ENV=test node --experimental-vm-modules --experimental-import-meta-resolve node_modules/jest/bin/jest.js --clearCache",
+		"test": "pnpm jest",
+		"test-and-coverage": "pnpm jest-and-coverage"
 	},
-	"resolutions": {
-		"chokidar": "^3.3.1",
-		"lodash": "^4.17.21"
+	"optionalDependencies": {
+		"@tensorflow/tfjs": "^4.1.0",
+		"@tensorflow/tfjs-node": "4.1.0"
 	},
 	"dependencies": {
-		"@bull-board/koa": "4.0.0",
+		"@bull-board/api": "^4.10.2",
+		"@bull-board/fastify": "^4.10.2",
+		"@bull-board/ui": "^4.10.2",
 		"@discordapp/twemoji": "14.0.2",
-		"@elastic/elasticsearch": "7.11.0",
-		"@koa/cors": "3.1.0",
-		"@koa/multer": "3.0.0",
-		"@koa/router": "9.0.1",
-		"@peertube/http-signature": "1.6.0",
-		"@sinonjs/fake-timers": "9.1.2",
-		"@syuilo/aiscript": "0.11.1",
-		"abort-controller": "3.0.0",
-		"ajv": "8.11.0",
+		"@fastify/accepts": "4.1.0",
+		"@fastify/cookie": "^8.3.0",
+		"@fastify/cors": "8.2.0",
+		"@fastify/http-proxy": "^8.4.0",
+		"@fastify/multipart": "7.4.0",
+		"@fastify/static": "6.6.1",
+		"@fastify/view": "7.4.0",
+		"@nestjs/common": "9.2.1",
+		"@nestjs/core": "9.2.1",
+		"@nestjs/testing": "9.2.1",
+		"@peertube/http-signature": "1.7.0",
+		"@sinonjs/fake-timers": "10.0.2",
+		"accepts": "^1.3.8",
+		"ajv": "8.12.0",
 		"archiver": "5.3.1",
-		"autobind-decorator": "2.4.0",
 		"autwh": "0.1.0",
-		"aws-sdk": "2.1165.0",
+		"aws-sdk": "2.1295.0",
 		"bcryptjs": "2.4.3",
-		"blurhash": "1.1.5",
-		"bull": "4.8.4",
-		"cacheable-lookup": "6.0.4",
+		"blurhash": "2.0.4",
+		"bull": "4.10.2",
+		"cacheable-lookup": "6.1.0",
 		"cbor": "8.1.0",
-		"chalk": "5.0.1",
+		"chalk": "5.2.0",
 		"chalk-template": "0.4.0",
+		"chokidar": "3.5.3",
 		"cli-highlight": "2.1.11",
 		"color-convert": "2.0.1",
 		"content-disposition": "0.5.4",
-		"date-fns": "2.28.0",
+		"date-fns": "2.29.3",
 		"deep-email-validator": "0.1.21",
 		"escape-regexp": "0.0.1",
+		"fastify": "4.11.0",
 		"feed": "4.2.2",
-		"file-type": "17.1.2",
+		"file-type": "18.1.0",
 		"fluent-ffmpeg": "2.1.2",
-		"got": "12.1.0",
-		"hpagent": "0.1.2",
+		"form-data": "^4.0.0",
+		"got": "12.5.3",
+		"hpagent": "1.2.0",
 		"ioredis": "4.28.5",
-		"ip-cidr": "3.0.10",
+		"ip-cidr": "3.0.11",
 		"is-svg": "4.3.2",
 		"js-yaml": "4.1.0",
-		"jsdom": "20.0.0",
-		"json5": "2.2.1",
+		"jsdom": "21.0.0",
+		"json5": "2.2.3",
 		"json5-loader": "4.0.1",
-		"jsonld": "6.0.0",
-		"jsrsasign": "10.5.25",
-		"koa": "2.13.4",
-		"koa-bodyparser": "4.3.0",
-		"koa-favicon": "2.1.0",
-		"koa-json-body": "5.3.0",
-		"koa-logger": "3.2.1",
-		"koa-mount": "4.0.0",
-		"koa-send": "5.0.1",
-		"koa-slow": "2.1.0",
-		"koa-views": "7.0.2",
-		"mfm-js": "0.22.1",
+		"jsonld": "8.1.0",
+		"jsrsasign": "10.6.1",
+		"mfm-js": "0.23.3",
 		"mime-types": "2.1.35",
 		"misskey-js": "0.0.14",
-		"mocha": "10.0.0",
 		"ms": "3.0.0-canary.1",
-		"multer": "1.4.4",
 		"nested-property": "4.0.0",
-		"node-fetch": "3.2.6",
-		"nodemailer": "6.7.6",
+		"nodemailer": "6.9.0",
+		"nsfwjs": "2.4.2",
+		"oauth": "^0.10.0",
 		"os-utils": "0.0.14",
-		"parse5": "7.0.0",
-		"pg": "8.7.3",
-		"private-ip": "2.3.3",
+		"parse5": "7.1.2",
+		"pg": "8.8.0",
+		"private-ip": "3.0.0",
 		"probe-image-size": "7.2.3",
 		"promise-limit": "2.7.0",
 		"pug": "3.0.2",
-		"punycode": "2.1.1",
-		"pureimage": "0.3.14",
-		"qrcode": "1.5.0",
+		"punycode": "2.2.0",
+		"pureimage": "0.3.15",
+		"qrcode": "1.5.1",
 		"random-seed": "0.3.0",
 		"ratelimiter": "3.4.1",
-		"re2": "1.17.7",
+		"re2": "1.18.0",
 		"redis-lock": "0.1.4",
 		"reflect-metadata": "0.1.13",
 		"rename": "1.0.4",
-		"require-all": "3.0.0",
 		"rndstr": "1.0.0",
 		"rss-parser": "3.12.0",
+		"rxjs": "7.8.0",
 		"s-age": "1.1.2",
-		"sanitize-html": "2.7.0",
-		"semver": "7.3.7",
-		"sharp": "0.29.3",
+		"sanitize-html": "2.8.1",
+		"seedrandom": "^3.0.5",
+		"semver": "7.3.8",
+		"sharp": "0.31.3",
 		"speakeasy": "2.0.0",
 		"strict-event-emitter-types": "2.0.0",
 		"stringz": "2.1.0",
-		"style-loader": "3.3.1",
-		"summaly": "2.6.0",
-		"syslog-pro": "1.0.0",
-		"systeminformation": "5.11.22",
-		"tinycolor2": "1.4.2",
+		"summaly": "2.7.0",
+		"syslog-pro": "git+https://github.com/misskey-dev/SyslogPro#0.2.9-misskey.2",
+		"systeminformation": "5.17.3",
+		"tinycolor2": "1.5.2",
 		"tmp": "0.2.1",
-		"ts-loader": "9.3.1",
-		"ts-node": "10.8.1",
-		"tsc-alias": "1.6.11",
-		"tsconfig-paths": "4.0.0",
+		"tsc-alias": "1.8.2",
+		"tsconfig-paths": "4.1.2",
 		"twemoji-parser": "14.0.0",
-		"typeorm": "0.3.7",
+		"typeorm": "0.3.11",
+		"typescript": "4.9.4",
 		"ulid": "2.3.0",
+		"undici": "^5.15.0",
 		"unzipper": "0.10.11",
-		"uuid": "8.3.2",
+		"uuid": "9.0.0",
+		"vary": "1.1.2",
 		"web-push": "3.5.0",
 		"websocket": "1.0.34",
-		"ws": "8.8.0",
+		"ws": "8.12.0",
 		"xev": "3.0.2"
 	},
 	"devDependencies": {
-		"@redocly/openapi-core": "1.0.0-beta.97",
+		"@redocly/openapi-core": "1.0.0-beta.120",
+		"@swc/core": "1.3.26",
+		"@swc/jest": "0.2.24",
+		"@types/accepts": "1.3.5",
+		"@types/archiver": "5.3.1",
 		"@types/bcryptjs": "2.4.2",
-		"@types/bull": "3.15.8",
+		"@types/bull": "4.10.0",
 		"@types/cbor": "6.0.0",
+		"@types/color-convert": "^2.0.0",
+		"@types/content-disposition": "^0.5.5",
 		"@types/escape-regexp": "0.0.1",
 		"@types/fluent-ffmpeg": "2.1.20",
-		"@types/is-url": "1.2.30",
+		"@types/ioredis": "4.28.10",
+		"@types/jest": "29.2.5",
 		"@types/js-yaml": "4.0.5",
-		"@types/jsdom": "16.2.14",
-		"@types/jsonld": "1.5.6",
-		"@types/jsrsasign": "10.5.1",
-		"@types/koa": "2.13.4",
-		"@types/koa-bodyparser": "4.3.7",
-		"@types/koa-cors": "0.0.2",
-		"@types/koa-favicon": "2.0.21",
-		"@types/koa-logger": "3.1.2",
-		"@types/koa-mount": "4.0.1",
-		"@types/koa-send": "4.1.3",
-		"@types/koa-views": "7.0.0",
-		"@types/koa__cors": "3.1.1",
-		"@types/koa__multer": "2.0.4",
-		"@types/koa__router": "8.0.11",
-		"@types/mocha": "9.1.1",
-		"@types/node": "18.0.0",
+		"@types/jsdom": "20.0.1",
+		"@types/jsonld": "1.5.8",
+		"@types/jsrsasign": "10.5.4",
+		"@types/mime-types": "2.1.1",
+		"@types/node": "18.11.18",
 		"@types/node-fetch": "3.0.3",
-		"@types/nodemailer": "6.4.4",
+		"@types/nodemailer": "6.4.7",
 		"@types/oauth": "0.9.1",
+		"@types/pg": "8.6.6",
 		"@types/pug": "2.0.6",
 		"@types/punycode": "2.1.0",
-		"@types/qrcode": "1.4.2",
+		"@types/qrcode": "1.5.0",
 		"@types/random-seed": "0.3.3",
-		"@types/ratelimiter": "3.4.3",
+		"@types/ratelimiter": "3.4.4",
 		"@types/redis": "4.0.11",
 		"@types/rename": "1.0.4",
-		"@types/sanitize-html": "2.6.2",
-		"@types/semver": "7.3.10",
-		"@types/sharp": "0.30.4",
+		"@types/sanitize-html": "2.8.0",
+		"@types/semver": "7.3.13",
+		"@types/sharp": "0.31.1",
 		"@types/sinonjs__fake-timers": "8.1.2",
 		"@types/speakeasy": "2.0.7",
+		"@types/syslog-pro": "^1.0.0",
 		"@types/tinycolor2": "1.4.3",
 		"@types/tmp": "0.2.3",
-		"@types/uuid": "8.3.4",
+		"@types/unzipper": "0.10.5",
+		"@types/uuid": "9.0.0",
+		"@types/vary": "1.1.0",
 		"@types/web-push": "3.3.2",
 		"@types/websocket": "1.0.5",
-		"@types/ws": "8.5.3",
-		"@typescript-eslint/eslint-plugin": "5.30.0",
-		"@typescript-eslint/parser": "5.30.0",
+		"@types/ws": "8.5.4",
+		"@typescript-eslint/eslint-plugin": "5.48.1",
+		"@typescript-eslint/parser": "5.48.1",
 		"cross-env": "7.0.3",
-		"eslint": "8.18.0",
-		"eslint-plugin-import": "2.26.0",
+		"eslint": "8.31.0",
+		"eslint-plugin-import": "2.27.4",
 		"execa": "6.1.0",
-		"typescript": "4.7.4"
+		"jest": "29.3.1",
+		"jest-mock": "^29.3.1",
+		"node-fetch": "3.3.0"
 	}
 }

packages/backend/src/@types/http-signature.d.ts

@@ -1,5 +1,5 @@
 declare module '@peertube/http-signature' {
-	import { IncomingMessage, ClientRequest } from 'node:http';
+	import type { IncomingMessage, ClientRequest } from 'node:http';
 
 	interface ISignature {
 		keyId: string;

packages/backend/src/@types/koa-json-body.d.ts

@@ -1,15 +0,0 @@
-declare module 'koa-json-body' {
-	import { Middleware } from 'koa';
-
-	interface IKoaJsonBodyOptions {
-		strict: boolean;
-		limit: string;
-		fallback: boolean;
-	}
-
-	function koaJsonBody(opt?: IKoaJsonBodyOptions): Middleware;
-
-	namespace koaJsonBody {} // Hack
-
-	export = koaJsonBody;
-}

packages/backend/src/@types/koa-slow.d.ts

@@ -1,14 +0,0 @@
-declare module 'koa-slow' {
-	import { Middleware } from 'koa';
-
-	interface ISlowOptions {
-		url?: RegExp;
-		delay?: number;
-	}
-
-	function slow(options?: ISlowOptions): Middleware;
-
-	namespace slow {} // Hack
-
-	export = slow;
-}

packages/backend/src/@types/probe-image-size.d.ts

@@ -1,5 +1,5 @@
 declare module 'probe-image-size' {
-	import { ReadStream } from 'node:fs';
+	import type { ReadStream } from 'node:fs';
 
 	type ProbeOptions = {
 		retries: 1;

packages/backend/src/GlobalModule.ts

@@ -0,0 +1,66 @@
+import { Global, Inject, Module } from '@nestjs/common';
+import Redis from 'ioredis';
+import { DataSource } from 'typeorm';
+import { createRedisConnection } from '@/redis.js';
+import { DI } from './di-symbols.js';
+import { loadConfig } from './config.js';
+import { createPostgreDataSource } from './postgre.js';
+import { RepositoryModule } from './models/RepositoryModule.js';
+import type { Provider, OnApplicationShutdown } from '@nestjs/common';
+
+const config = loadConfig();
+
+const $config: Provider = {
+	provide: DI.config,
+	useValue: config,
+};
+
+const $db: Provider = {
+	provide: DI.db,
+	useFactory: async (config) => {
+		const db = createPostgreDataSource(config);
+		return await db.initialize();
+	},
+	inject: [DI.config],
+};
+
+const $redis: Provider = {
+	provide: DI.redis,
+	useFactory: (config) => {
+		const redisClient = createRedisConnection(config);
+		return redisClient;
+	},
+	inject: [DI.config],
+};
+
+const $redisSubscriber: Provider = {
+	provide: DI.redisSubscriber,
+	useFactory: (config) => {
+		const redisSubscriber = createRedisConnection(config);
+		redisSubscriber.subscribe(config.host);
+		return redisSubscriber;
+	},
+	inject: [DI.config],
+};
+
+@Global()
+@Module({
+	imports: [RepositoryModule],
+	providers: [$config, $db, $redis, $redisSubscriber],
+	exports: [$config, $db, $redis, $redisSubscriber, RepositoryModule],
+})
+export class GlobalModule implements OnApplicationShutdown {
+	constructor(
+		@Inject(DI.db) private db: DataSource,
+		@Inject(DI.redis) private redisClient: Redis.Redis,
+		@Inject(DI.redisSubscriber) private redisSubscriber: Redis.Redis,
+	) {}
+
+	async onApplicationShutdown(signal: string): Promise<void> {
+		await Promise.all([
+			this.db.destroy(),
+			this.redisClient.disconnect(),
+			this.redisSubscriber.disconnect(),
+		]);
+	}
+}

packages/backend/src/NestLogger.ts

@@ -0,0 +1,49 @@
+import { LoggerService } from '@nestjs/common';
+import Logger from '@/logger.js';
+
+const logger = new Logger('core', 'cyan');
+const nestLogger = logger.createSubLogger('nest', 'green', false);
+
+export class NestLogger implements LoggerService {
+	/**
+   * Write a 'log' level log.
+   */
+	log(message: any, ...optionalParams: any[]) {
+		const ctx = optionalParams[0];
+		nestLogger.info(ctx + ': ' + message);
+	}
+
+	/**
+   * Write an 'error' level log.
+   */
+	error(message: any, ...optionalParams: any[]) {
+		const ctx = optionalParams[0];
+		nestLogger.error(ctx + ': ' + message);
+	}
+
+	/**
+   * Write a 'warn' level log.
+   */
+	warn(message: any, ...optionalParams: any[]) {
+		const ctx = optionalParams[0];
+		nestLogger.warn(ctx + ': ' + message);
+	}
+
+	/**
+   * Write a 'debug' level log.
+   */
+	debug?(message: any, ...optionalParams: any[]) {
+		if (process.env.NODE_ENV === 'production') return;
+		const ctx = optionalParams[0];
+		nestLogger.debug(ctx + ': ' + message);
+	}
+
+	/**
+   * Write a 'verbose' level log.
+   */
+	verbose?(message: any, ...optionalParams: any[]) {
+		if (process.env.NODE_ENV === 'production') return;
+		const ctx = optionalParams[0];
+		nestLogger.debug(ctx + ': ' + message);
+	}
+}

packages/backend/src/RootModule.ts

@@ -0,0 +1,13 @@
+import { Module } from '@nestjs/common';
+import { ServerModule } from '@/server/ServerModule.js';
+import { GlobalModule } from '@/GlobalModule.js';
+import { QueueProcessorModule } from '@/queue/QueueProcessorModule.js';
+
+@Module({
+	imports: [
+		GlobalModule,
+		ServerModule,
+		QueueProcessorModule,
+	],
+})
+export class RootModule {}

packages/backend/src/boot/index.ts

@@ -1,44 +1,28 @@
+
+/**
+ * Misskey Entry Point!
+ */
+
 import cluster from 'node:cluster';
+import { EventEmitter } from 'node:events';
 import chalk from 'chalk';
 import Xev from 'xev';
-
-import Logger from '@/services/logger.js';
+import Logger from '@/logger.js';
 import { envOption } from '../env.js';
-
-// for typeorm
-import 'reflect-metadata';
 import { masterMain } from './master.js';
 import { workerMain } from './worker.js';
 
+import 'reflect-metadata';
+
+process.title = `Misskey (${cluster.isPrimary ? 'master' : 'worker'})`;
+
+Error.stackTraceLimit = Infinity;
+EventEmitter.defaultMaxListeners = 128;
+
 const logger = new Logger('core', 'cyan');
 const clusterLogger = logger.createSubLogger('cluster', 'orange', false);
 const ev = new Xev();
 
-/**
- * Init process
- */
-export default async function() {
-	process.title = `Misskey (${cluster.isPrimary ? 'master' : 'worker'})`;
-
-	if (cluster.isPrimary || envOption.disableClustering) {
-		await masterMain();
-
-		if (cluster.isPrimary) {
-			ev.mount();
-		}
-	}
-
-	if (cluster.isWorker || envOption.disableClustering) {
-		await workerMain();
-	}
-
-	// ユニットテスト時にMisskeyが子プロセスで起動された時のため
-	// それ以外のときは process.send は使えないので弾く
-	if (process.send) {
-		process.send('ok');
-	}
-}
-
 //#region Events
 
 // Listen new workers
@@ -68,6 +52,7 @@ if (!envOption.quiet) {
 process.on('uncaughtException', err => {
 	try {
 		logger.error(err);
+		console.trace(err);
 	} catch { }
 });
 
@@ -77,3 +62,21 @@ process.on('exit', code => {
 });
 
 //#endregion
+
+if (cluster.isPrimary || envOption.disableClustering) {
+	await masterMain();
+
+	if (cluster.isPrimary) {
+		ev.mount();
+	}
+}
+
+if (cluster.isWorker || envOption.disableClustering) {
+	await workerMain();
+}
+
+// ユニットテスト時にMisskeyが子プロセスで起動された時のため
+// それ以外のときは process.send は使えないので弾く
+if (process.send) {
+	process.send('ok');
+}

packages/backend/src/boot/master.ts

@@ -6,14 +6,18 @@ import cluster from 'node:cluster';
 import chalk from 'chalk';
 import chalkTemplate from 'chalk-template';
 import semver from 'semver';
-
-import Logger from '@/services/logger.js';
-import loadConfig from '@/config/load.js';
-import { Config } from '@/config/types.js';
-import { lessThan } from '@/prelude/array.js';
-import { envOption } from '../env.js';
+import { NestFactory } from '@nestjs/core';
+import Logger from '@/logger.js';
+import { loadConfig } from '@/config.js';
+import type { Config } from '@/config.js';
+import { lessThan } from '@/misc/prelude/array.js';
 import { showMachineInfo } from '@/misc/show-machine-info.js';
-import { db, initDb } from '../db/postgre.js';
+import { DaemonModule } from '@/daemons/DaemonModule.js';
+import { JanitorService } from '@/daemons/JanitorService.js';
+import { QueueStatsService } from '@/daemons/QueueStatsService.js';
+import { ServerStatsService } from '@/daemons/ServerStatsService.js';
+import { NestLogger } from '@/NestLogger.js';
+import { envOption } from '../env.js';
 
 const _filename = fileURLToPath(import.meta.url);
 const _dirname = dirname(_filename);
@@ -60,7 +64,7 @@ export async function masterMain() {
 		await showMachineInfo(bootLogger);
 		showNodejsVersion();
 		config = loadConfigBoot();
-		await connectDb();
+		//await connectDb();
 	} catch (e) {
 		bootLogger.error('Fatal error occurred during initialization', null, true);
 		process.exit(1);
@@ -75,9 +79,13 @@ export async function masterMain() {
 	bootLogger.succ(`Now listening on port ${config.port} on ${config.url}`, null, true);
 
 	if (!envOption.noDaemons) {
-		import('../daemons/server-stats.js').then(x => x.default());
-		import('../daemons/queue-stats.js').then(x => x.default());
-		import('../daemons/janitor.js').then(x => x.default());
+		const daemons = await NestFactory.createApplicationContext(DaemonModule, {
+			logger: new NestLogger(),
+		});
+		daemons.enableShutdownHooks();
+		daemons.get(JanitorService).start();
+		daemons.get(QueueStatsService).start();
+		daemons.get(ServerStatsService).start();
 	}
 }
 
@@ -114,8 +122,7 @@ function loadConfigBoot(): Config {
 		if (typeof exception === 'string') {
 			configLogger.error(exception);
 			process.exit(1);
-		}
-		if (exception.code === 'ENOENT') {
+		} else if ((exception as any).code === 'ENOENT') {
 			configLogger.error('Configuration file not found', null, true);
 			process.exit(1);
 		}
@@ -127,6 +134,7 @@ function loadConfigBoot(): Config {
 	return config;
 }
 
+/*
 async function connectDb(): Promise<void> {
 	const dbLogger = bootLogger.createSubLogger('db');
 
@@ -136,14 +144,15 @@ async function connectDb(): Promise<void> {
 		await initDb();
 		const v = await db.query('SHOW server_version').then(x => x[0].server_version);
 		dbLogger.succ(`Connected: v${v}`);
-	} catch (e) {
+	} catch (err) {
 		dbLogger.error('Cannot connect', null, true);
-		dbLogger.error(e);
+		dbLogger.error(err);
 		process.exit(1);
 	}
 }
+*/
 
-async function spawnWorkers(limit: number = 1) {
+async function spawnWorkers(limit = 1) {
 	const workers = Math.min(limit, os.cpus().length);
 	bootLogger.info(`Starting ${workers} worker${workers === 1 ? '' : 's'}...`);
 	await Promise.all([...Array(workers)].map(spawnWorker));
@@ -155,7 +164,7 @@ function spawnWorker(): Promise<void> {
 		const worker = cluster.fork();
 		worker.on('message', message => {
 			if (message === 'listenFailed') {
-				bootLogger.error(`The server Listen failed due to the previous error.`);
+				bootLogger.error('The server Listen failed due to the previous error.');
 				process.exit(1);
 			}
 			if (message !== 'ready') return;

packages/backend/src/boot/worker.ts

@@ -1,17 +1,32 @@
 import cluster from 'node:cluster';
-import { initDb } from '../db/postgre.js';
+import { NestFactory } from '@nestjs/core';
+import { envOption } from '@/env.js';
+import { ChartManagementService } from '@/core/chart/ChartManagementService.js';
+import { ServerService } from '@/server/ServerService.js';
+import { QueueProcessorService } from '@/queue/QueueProcessorService.js';
+import { NestLogger } from '@/NestLogger.js';
+import { RootModule } from '../RootModule.js';
 
 /**
  * Init worker process
  */
 export async function workerMain() {
-	await initDb();
+	const app = await NestFactory.createApplicationContext(RootModule, {
+		logger: new NestLogger(),
+	});
+	app.enableShutdownHooks();
 
 	// start server
-	await import('../server/index.js').then(x => x.default());
+	const serverService = app.get(ServerService);
+	serverService.launch();
 
 	// start job queue
-	import('../queue/index.js').then(x => x.default());
+	if (!envOption.onlyServer) {
+		const queueProcessorService = app.get(QueueProcessorService);
+		queueProcessorService.start();
+	}
+
+	app.get(ChartManagementService).run();
 
 	if (cluster.isWorker) {
 		// Send a 'ready' message to parent process

packages/backend/src/config.ts

@@ -0,0 +1,154 @@
+/**
+ * Config loader
+ */
+
+import * as fs from 'node:fs';
+import { fileURLToPath } from 'node:url';
+import { dirname } from 'node:path';
+import * as yaml from 'js-yaml';
+
+/**
+ * ユーザーが設定する必要のある情報
+ */
+export type Source = {
+	repository_url?: string;
+	feedback_url?: string;
+	url: string;
+	port: number;
+	disableHsts?: boolean;
+	db: {
+		host: string;
+		port: number;
+		db: string;
+		user: string;
+		pass: string;
+		disableCache?: boolean;
+		extra?: { [x: string]: string };
+	};
+	redis: {
+		host: string;
+		port: number;
+		family?: number;
+		pass: string;
+		db?: number;
+		prefix?: string;
+	};
+	elasticsearch: {
+		host: string;
+		port: number;
+		ssl?: boolean;
+		user?: string;
+		pass?: string;
+		index?: string;
+	};
+
+	proxy?: string;
+	proxySmtp?: string;
+	proxyBypassHosts?: string[];
+
+	allowedPrivateNetworks?: string[];
+
+	maxFileSize?: number;
+
+	accesslog?: string;
+
+	clusterLimit?: number;
+
+	id: string;
+
+	outgoingAddressFamily?: 'ipv4' | 'ipv6' | 'dual';
+
+	deliverJobConcurrency?: number;
+	inboxJobConcurrency?: number;
+	deliverJobPerSec?: number;
+	inboxJobPerSec?: number;
+	deliverJobMaxAttempts?: number;
+	inboxJobMaxAttempts?: number;
+
+	syslog: {
+		host: string;
+		port: number;
+	};
+
+	mediaProxy?: string;
+	proxyRemoteFiles?: boolean;
+
+	signToActivityPubGet?: boolean;
+};
+
+/**
+ * Misskeyが自動的に(ユーザーが設定した情報から推論して)設定する情報
+ */
+export type Mixin = {
+	version: string;
+	host: string;
+	hostname: string;
+	scheme: string;
+	wsScheme: string;
+	apiUrl: string;
+	wsUrl: string;
+	authUrl: string;
+	driveUrl: string;
+	userAgent: string;
+	clientEntry: string;
+	clientManifestExists: boolean;
+};
+
+export type Config = Source & Mixin;
+
+const _filename = fileURLToPath(import.meta.url);
+const _dirname = dirname(_filename);
+
+/**
+ * Path of configuration directory
+ */
+const dir = `${_dirname}/../../../.config`;
+
+/**
+ * Path of configuration file
+ */
+const path = process.env.NODE_ENV === 'test'
+	? `${dir}/test.yml`
+	: `${dir}/default.yml`;
+
+export function loadConfig() {
+	const meta = JSON.parse(fs.readFileSync(`${_dirname}/../../../built/meta.json`, 'utf-8'));
+	const clientManifestExists = fs.existsSync(_dirname + '/../../../built/_vite_/manifest.json')
+	const clientManifest = clientManifestExists ?
+		JSON.parse(fs.readFileSync(`${_dirname}/../../../built/_vite_/manifest.json`, 'utf-8'))
+		: { 'src/init.ts': { file: 'src/init.ts' } };
+	const config = yaml.load(fs.readFileSync(path, 'utf-8')) as Source;
+
+	const mixin = {} as Mixin;
+
+	const url = tryCreateUrl(config.url);
+
+	config.url = url.origin;
+
+	config.port = config.port ?? parseInt(process.env.PORT ?? '', 10);
+
+	mixin.version = meta.version;
+	mixin.host = url.host;
+	mixin.hostname = url.hostname;
+	mixin.scheme = url.protocol.replace(/:$/, '');
+	mixin.wsScheme = mixin.scheme.replace('http', 'ws');
+	mixin.wsUrl = `${mixin.wsScheme}://${mixin.host}`;
+	mixin.apiUrl = `${mixin.scheme}://${mixin.host}/api`;
+	mixin.authUrl = `${mixin.scheme}://${mixin.host}/auth`;
+	mixin.driveUrl = `${mixin.scheme}://${mixin.host}/files`;
+	mixin.userAgent = `Misskey/${meta.version} (${config.url})`;
+	mixin.clientEntry = clientManifest['src/init.ts'];
+	mixin.clientManifestExists = clientManifestExists;
+
+	if (!config.redis.prefix) config.redis.prefix = mixin.host;
+
+	return Object.assign(config, mixin);
+}
+
+function tryCreateUrl(url: string) {
+	try {
+		return new URL(url);
+	} catch (e) {
+		throw `url="${url}" is not a valid URL.`;
+	}
+}

packages/backend/src/config/index.ts

@@ -1,3 +0,0 @@
-import load from './load.js';
-
-export default load();

packages/backend/src/config/load.ts

@@ -1,62 +0,0 @@
-/**
- * Config loader
- */
-
-import * as fs from 'node:fs';
-import { fileURLToPath } from 'node:url';
-import { dirname } from 'node:path';
-import * as yaml from 'js-yaml';
-import { Source, Mixin } from './types.js';
-
-const _filename = fileURLToPath(import.meta.url);
-const _dirname = dirname(_filename);
-
-/**
- * Path of configuration directory
- */
-const dir = `${_dirname}/../../../../.config`;
-
-/**
- * Path of configuration file
- */
-const path = process.env.NODE_ENV === 'test'
-	? `${dir}/test.yml`
-	: `${dir}/default.yml`;
-
-export default function load() {
-	const meta = JSON.parse(fs.readFileSync(`${_dirname}/../../../../built/meta.json`, 'utf-8'));
-	const clientManifest = JSON.parse(fs.readFileSync(`${_dirname}/../../../../built/_client_dist_/manifest.json`, 'utf-8'));
-	const config = yaml.load(fs.readFileSync(path, 'utf-8')) as Source;
-
-	const mixin = {} as Mixin;
-
-	const url = tryCreateUrl(config.url);
-
-	config.url = url.origin;
-
-	config.port = config.port || parseInt(process.env.PORT || '', 10);
-
-	mixin.version = meta.version;
-	mixin.host = url.host;
-	mixin.hostname = url.hostname;
-	mixin.scheme = url.protocol.replace(/:$/, '');
-	mixin.wsScheme = mixin.scheme.replace('http', 'ws');
-	mixin.wsUrl = `${mixin.wsScheme}://${mixin.host}`;
-	mixin.apiUrl = `${mixin.scheme}://${mixin.host}/api`;
-	mixin.authUrl = `${mixin.scheme}://${mixin.host}/auth`;
-	mixin.driveUrl = `${mixin.scheme}://${mixin.host}/files`;
-	mixin.userAgent = `Misskey/${meta.version} (${config.url})`;
-	mixin.clientEntry = clientManifest['src/init.ts'];
-
-	if (!config.redis.prefix) config.redis.prefix = mixin.host;
-
-	return Object.assign(config, mixin);
-}
-
-function tryCreateUrl(url: string) {
-	try {
-		return new URL(url);
-	} catch (e) {
-		throw `url="${url}" is not a valid URL.`;
-	}
-}

packages/backend/src/config/types.ts

@@ -1,87 +0,0 @@
-/**
- * ユーザーが設定する必要のある情報
- */
-export type Source = {
-	repository_url?: string;
-	feedback_url?: string;
-	url: string;
-	port: number;
-	disableHsts?: boolean;
-	db: {
-		host: string;
-		port: number;
-		db: string;
-		user: string;
-		pass: string;
-		disableCache?: boolean;
-		extra?: { [x: string]: string };
-	};
-	redis: {
-		host: string;
-		port: number;
-		family?: number;
-		pass: string;
-		db?: number;
-		prefix?: string;
-	};
-	elasticsearch: {
-		host: string;
-		port: number;
-		ssl?: boolean;
-		user?: string;
-		pass?: string;
-		index?: string;
-	};
-
-	proxy?: string;
-	proxySmtp?: string;
-	proxyBypassHosts?: string[];
-
-	allowedPrivateNetworks?: string[];
-
-	maxFileSize?: number;
-
-	accesslog?: string;
-
-	clusterLimit?: number;
-
-	id: string;
-
-	outgoingAddressFamily?: 'ipv4' | 'ipv6' | 'dual';
-
-	deliverJobConcurrency?: number;
-	inboxJobConcurrency?: number;
-	deliverJobPerSec?: number;
-	inboxJobPerSec?: number;
-	deliverJobMaxAttempts?: number;
-	inboxJobMaxAttempts?: number;
-
-	syslog: {
-		host: string;
-		port: number;
-	};
-
-	mediaProxy?: string;
-	proxyRemoteFiles?: boolean;
-
-	signToActivityPubGet?: boolean;
-};
-
-/**
- * Misskeyが自動的に(ユーザーが設定した情報から推論して)設定する情報
- */
-export type Mixin = {
-	version: string;
-	host: string;
-	hostname: string;
-	scheme: string;
-	wsScheme: string;
-	apiUrl: string;
-	wsUrl: string;
-	authUrl: string;
-	driveUrl: string;
-	userAgent: string;
-	clientEntry: string;
-};
-
-export type Config = Source & Mixin;

packages/backend/src/const.ts

@@ -3,6 +3,22 @@ export const MAX_NOTE_TEXT_LENGTH = 3000;
 export const USER_ONLINE_THRESHOLD = 1000 * 60 * 10; // 10min
 export const USER_ACTIVE_THRESHOLD = 1000 * 60 * 60 * 24 * 3; // 3days
 
+//#region hard limits
+// If you change DB_* values, you must also change the DB schema.
+
+/**
+ * Maximum note text length that can be stored in DB.
+ * Surrogate pairs count as one
+ */
+export const DB_MAX_NOTE_TEXT_LENGTH = 8192;
+
+/**
+ * Maximum image description length that can be stored in DB.
+ * Surrogate pairs count as one
+ */
+export const DB_MAX_IMAGE_COMMENT_LENGTH = 512;
+//#endregion
+
 // ブラウザで直接表示することを許可するファイルの種類のリスト
 // ここに含まれないものは application/octet-stream としてレスポンスされる
 // SVGはXSSを生むので許可しない
@@ -12,6 +28,7 @@ export const FILE_TYPE_BROWSERSAFE = [
 	'image/gif',
 	'image/jpeg',
 	'image/webp',
+	'image/avif',
 	'image/apng',
 	'image/bmp',
 	'image/tiff',

packages/backend/src/core/AccountUpdateService.ts

@@ -0,0 +1,40 @@
+import { Inject, Injectable } from '@nestjs/common';
+import { DI } from '@/di-symbols.js';
+import type { UsersRepository } from '@/models/index.js';
+import type { Config } from '@/config.js';
+import type { User } from '@/models/entities/User.js';
+import { ApRendererService } from '@/core/activitypub/ApRendererService.js';
+import { RelayService } from '@/core/RelayService.js';
+import { ApDeliverManagerService } from '@/core/activitypub/ApDeliverManagerService.js';
+import { UserEntityService } from '@/core/entities/UserEntityService.js';
+import { bindThis } from '@/decorators.js';
+
+@Injectable()
+export class AccountUpdateService {
+	constructor(
+		@Inject(DI.config)
+		private config: Config,
+
+		@Inject(DI.usersRepository)
+		private usersRepository: UsersRepository,
+
+		private userEntityService: UserEntityService,
+		private apRendererService: ApRendererService,
+		private apDeliverManagerService: ApDeliverManagerService,
+		private relayService: RelayService,
+	) {
+	}
+
+	@bindThis
+	public async publishToFollowers(userId: User['id']) {
+		const user = await this.usersRepository.findOneBy({ id: userId });
+		if (user == null) throw new Error('user not found');
+	
+		// フォロワーがリモートユーザーかつ投稿者がローカルユーザーならUpdateを配信
+		if (this.userEntityService.isLocalUser(user)) {
+			const content = this.apRendererService.renderActivity(this.apRendererService.renderUpdate(await this.apRendererService.renderPerson(user), user));
+			this.apDeliverManagerService.deliverToFollowers(user, content);
+			this.relayService.deliverToRelays(user, content);
+		}
+	}
+}

packages/backend/src/core/AiService.ts

@@ -0,0 +1,63 @@
+import * as fs from 'node:fs';
+import { fileURLToPath } from 'node:url';
+import { dirname } from 'node:path';
+import { Inject, Injectable } from '@nestjs/common';
+import * as nsfw from 'nsfwjs';
+import si from 'systeminformation';
+import type { Config } from '@/config.js';
+import { DI } from '@/di-symbols.js';
+import { bindThis } from '@/decorators.js';
+
+const _filename = fileURLToPath(import.meta.url);
+const _dirname = dirname(_filename);
+
+const REQUIRED_CPU_FLAGS = ['avx2', 'fma'];
+let isSupportedCpu: undefined | boolean = undefined;
+
+@Injectable()
+export class AiService {
+	private model: nsfw.NSFWJS;
+
+	constructor(
+		@Inject(DI.config)
+		private config: Config,
+	) {
+	}
+
+	@bindThis
+	public async detectSensitive(path: string): Promise<nsfw.predictionType[] | null> {
+		try {
+			if (isSupportedCpu === undefined) {
+				const cpuFlags = await this.getCpuFlags();
+				isSupportedCpu = REQUIRED_CPU_FLAGS.every(required => cpuFlags.includes(required));
+			}
+	
+			if (!isSupportedCpu) {
+				console.error('This CPU cannot use TensorFlow.');
+				return null;
+			}
+	
+			const tf = await import('@tensorflow/tfjs-node');
+	
+			if (this.model == null) this.model = await nsfw.load(`file://${_dirname}/../../nsfw-model/`, { size: 299 });
+	
+			const buffer = await fs.promises.readFile(path);
+			const image = await tf.node.decodeImage(buffer, 3) as any;
+			try {
+				const predictions = await this.model.classify(image);
+				return predictions;
+			} finally {
+				image.dispose();
+			}
+		} catch (err) {
+			console.error(err);
+			return null;
+		}
+	}
+
+	@bindThis
+	private async getCpuFlags(): Promise<string[]> {
+		const str = await si.cpuFlags();
+		return str.split(/\s+/);
+	}
+}

packages/backend/src/core/AntennaService.ts

@@ -0,0 +1,237 @@
+import { Inject, Injectable } from '@nestjs/common';
+import Redis from 'ioredis';
+import type { Antenna } from '@/models/entities/Antenna.js';
+import type { Note } from '@/models/entities/Note.js';
+import type { User } from '@/models/entities/User.js';
+import { NoteEntityService } from '@/core/entities/NoteEntityService.js';
+import { AntennaEntityService } from '@/core/entities/AntennaEntityService.js';
+import { IdService } from '@/core/IdService.js';
+import { isUserRelated } from '@/misc/is-user-related.js';
+import { GlobalEventService } from '@/core/GlobalEventService.js';
+import { PushNotificationService } from '@/core/PushNotificationService.js';
+import * as Acct from '@/misc/acct.js';
+import { Cache } from '@/misc/cache.js';
+import type { Packed } from '@/misc/schema.js';
+import { DI } from '@/di-symbols.js';
+import type { MutingsRepository, BlockingsRepository, NotesRepository, AntennaNotesRepository, AntennasRepository, UserGroupJoiningsRepository, UserListJoiningsRepository } from '@/models/index.js';
+import { UtilityService } from '@/core/UtilityService.js';
+import { bindThis } from '@/decorators.js';
+import { StreamMessages } from '@/server/api/stream/types.js';
+import type { OnApplicationShutdown } from '@nestjs/common';
+
+@Injectable()
+export class AntennaService implements OnApplicationShutdown {
+	private antennasFetched: boolean;
+	private antennas: Antenna[];
+	private blockingCache: Cache<User['id'][]>;
+
+	constructor(
+		@Inject(DI.redisSubscriber)
+		private redisSubscriber: Redis.Redis,
+
+		@Inject(DI.mutingsRepository)
+		private mutingsRepository: MutingsRepository,
+
+		@Inject(DI.blockingsRepository)
+		private blockingsRepository: BlockingsRepository,
+
+		@Inject(DI.notesRepository)
+		private notesRepository: NotesRepository,
+
+		@Inject(DI.antennaNotesRepository)
+		private antennaNotesRepository: AntennaNotesRepository,
+
+		@Inject(DI.antennasRepository)
+		private antennasRepository: AntennasRepository,
+
+		@Inject(DI.userGroupJoiningsRepository)
+		private userGroupJoiningsRepository: UserGroupJoiningsRepository,
+
+		@Inject(DI.userListJoiningsRepository)
+		private userListJoiningsRepository: UserListJoiningsRepository,
+
+		private utilityService: UtilityService,
+		private idService: IdService,
+		private globalEventServie: GlobalEventService,
+		private pushNotificationService: PushNotificationService,
+		private noteEntityService: NoteEntityService,
+		private antennaEntityService: AntennaEntityService,
+	) {
+		this.antennasFetched = false;
+		this.antennas = [];
+		this.blockingCache = new Cache<User['id'][]>(1000 * 60 * 5);
+
+		this.redisSubscriber.on('message', this.onRedisMessage);
+	}
+
+	@bindThis
+	public onApplicationShutdown(signal?: string | undefined) {
+		this.redisSubscriber.off('message', this.onRedisMessage);
+	}
+
+	@bindThis
+	private async onRedisMessage(_: string, data: string): Promise<void> {
+		const obj = JSON.parse(data);
+
+		if (obj.channel === 'internal') {
+			const { type, body } = obj.message as StreamMessages['internal']['payload'];
+			switch (type) {
+				case 'antennaCreated':
+					this.antennas.push(body);
+					break;
+				case 'antennaUpdated':
+					this.antennas[this.antennas.findIndex(a => a.id === body.id)] = body;
+					break;
+				case 'antennaDeleted':
+					this.antennas = this.antennas.filter(a => a.id !== body.id);
+					break;
+				default:
+					break;
+			}
+		}
+	}
+
+	@bindThis
+	public async addNoteToAntenna(antenna: Antenna, note: Note, noteUser: { id: User['id']; }): Promise<void> {
+		// 通知しない設定になっているか、自分自身の投稿なら既読にする
+		const read = !antenna.notify || (antenna.userId === noteUser.id);
+	
+		this.antennaNotesRepository.insert({
+			id: this.idService.genId(),
+			antennaId: antenna.id,
+			noteId: note.id,
+			read: read,
+		});
+	
+		this.globalEventServie.publishAntennaStream(antenna.id, 'note', note);
+	
+		if (!read) {
+			const mutings = await this.mutingsRepository.find({
+				where: {
+					muterId: antenna.userId,
+				},
+				select: ['muteeId'],
+			});
+	
+			// Copy
+			const _note: Note = {
+				...note,
+			};
+	
+			if (note.replyId != null) {
+				_note.reply = await this.notesRepository.findOneByOrFail({ id: note.replyId });
+			}
+			if (note.renoteId != null) {
+				_note.renote = await this.notesRepository.findOneByOrFail({ id: note.renoteId });
+			}
+	
+			if (isUserRelated(_note, new Set<string>(mutings.map(x => x.muteeId)))) {
+				return;
+			}
+	
+			// 2秒経っても既読にならなかったら通知
+			setTimeout(async () => {
+				const unread = await this.antennaNotesRepository.findOneBy({ antennaId: antenna.id, read: false });
+				if (unread) {
+					this.globalEventServie.publishMainStream(antenna.userId, 'unreadAntenna', antenna);
+					this.pushNotificationService.pushNotification(antenna.userId, 'unreadAntennaNote', {
+						antenna: { id: antenna.id, name: antenna.name },
+						note: await this.noteEntityService.pack(note),
+					});
+				}
+			}, 2000);
+		}
+	}
+
+	// NOTE: フォローしているユーザーのノート、リストのユーザーのノート、グループのユーザーのノート指定はパフォーマンス上の理由で無効になっている
+
+	@bindThis
+	public async checkHitAntenna(antenna: Antenna, note: (Note | Packed<'Note'>), noteUser: { id: User['id']; username: string; host: string | null; }): Promise<boolean> {
+		if (note.visibility === 'specified') return false;
+		if (note.visibility === 'followers') return false;
+
+		// アンテナ作成者がノート作成者にブロックされていたらスキップ
+		const blockings = await this.blockingCache.fetch(noteUser.id, () => this.blockingsRepository.findBy({ blockerId: noteUser.id }).then(res => res.map(x => x.blockeeId)));
+		if (blockings.some(blocking => blocking === antenna.userId)) return false;
+	
+		if (!antenna.withReplies && note.replyId != null) return false;
+	
+		if (antenna.src === 'home') {
+			// TODO
+		} else if (antenna.src === 'list') {
+			const listUsers = (await this.userListJoiningsRepository.findBy({
+				userListId: antenna.userListId!,
+			})).map(x => x.userId);
+	
+			if (!listUsers.includes(note.userId)) return false;
+		} else if (antenna.src === 'group') {
+			const joining = await this.userGroupJoiningsRepository.findOneByOrFail({ id: antenna.userGroupJoiningId! });
+	
+			const groupUsers = (await this.userGroupJoiningsRepository.findBy({
+				userGroupId: joining.userGroupId,
+			})).map(x => x.userId);
+	
+			if (!groupUsers.includes(note.userId)) return false;
+		} else if (antenna.src === 'users') {
+			const accts = antenna.users.map(x => {
+				const { username, host } = Acct.parse(x);
+				return this.utilityService.getFullApAccount(username, host).toLowerCase();
+			});
+			if (!accts.includes(this.utilityService.getFullApAccount(noteUser.username, noteUser.host).toLowerCase())) return false;
+		}
+	
+		const keywords = antenna.keywords
+			// Clean up
+			.map(xs => xs.filter(x => x !== ''))
+			.filter(xs => xs.length > 0);
+	
+		if (keywords.length > 0) {
+			if (note.text == null) return false;
+	
+			const matched = keywords.some(and =>
+				and.every(keyword =>
+					antenna.caseSensitive
+						? note.text!.includes(keyword)
+						: note.text!.toLowerCase().includes(keyword.toLowerCase()),
+				));
+	
+			if (!matched) return false;
+		}
+	
+		const excludeKeywords = antenna.excludeKeywords
+			// Clean up
+			.map(xs => xs.filter(x => x !== ''))
+			.filter(xs => xs.length > 0);
+	
+		if (excludeKeywords.length > 0) {
+			if (note.text == null) return false;
+	
+			const matched = excludeKeywords.some(and =>
+				and.every(keyword =>
+					antenna.caseSensitive
+						? note.text!.includes(keyword)
+						: note.text!.toLowerCase().includes(keyword.toLowerCase()),
+				));
+	
+			if (matched) return false;
+		}
+	
+		if (antenna.withFile) {
+			if (note.fileIds && note.fileIds.length === 0) return false;
+		}
+	
+		// TODO: eval expression
+	
+		return true;
+	}
+
+	@bindThis
+	public async getAntennas() {
+		if (!this.antennasFetched) {
+			this.antennas = await this.antennasRepository.find();
+			this.antennasFetched = true;
+		}
+	
+		return this.antennas;
+	}
+}

packages/backend/src/core/AppLockService.ts

@@ -0,0 +1,44 @@
+import { promisify } from 'node:util';
+import { Inject, Injectable } from '@nestjs/common';
+import redisLock from 'redis-lock';
+import Redis from 'ioredis';
+import { DI } from '@/di-symbols.js';
+import { bindThis } from '@/decorators.js';
+
+/**
+ * Retry delay (ms) for lock acquisition
+ */
+const retryDelay = 100;
+
+@Injectable()
+export class AppLockService {
+	private lock: (key: string, timeout?: number) => Promise<() => void>;
+
+	constructor(
+		@Inject(DI.redis)
+		private redisClient: Redis.Redis,
+	) {
+		this.lock = promisify(redisLock(this.redisClient, retryDelay));
+	}
+
+	/**
+	 * Get AP Object lock
+	 * @param uri AP object ID
+	 * @param timeout Lock timeout (ms), The timeout releases previous lock.
+	 * @returns Unlock function
+	 */
+	@bindThis
+	public getApLock(uri: string, timeout = 30 * 1000): Promise<() => void> {
+		return this.lock(`ap-object:${uri}`, timeout);
+	}
+
+	@bindThis
+	public getFetchInstanceMetadataLock(host: string, timeout = 30 * 1000): Promise<() => void> {
+		return this.lock(`instance:${host}`, timeout);
+	}
+
+	@bindThis
+	public getChartInsertLock(lockKey: string, timeout = 30 * 1000): Promise<() => void> {
+		return this.lock(`chart-insert:${lockKey}`, timeout);
+	}
+}

packages/backend/src/core/CaptchaService.ts

@@ -0,0 +1,92 @@
+import { Injectable } from '@nestjs/common';
+import { HttpRequestService } from '@/core/HttpRequestService.js';
+import { bindThis } from '@/decorators.js';
+
+type CaptchaResponse = {
+	success: boolean;
+	'error-codes'?: string[];
+};
+
+@Injectable()
+export class CaptchaService {
+	constructor(
+		private httpRequestService: HttpRequestService,
+	) {
+	}
+
+	@bindThis
+	private async getCaptchaResponse(url: string, secret: string, response: string): Promise<CaptchaResponse> {
+		const params = new URLSearchParams({
+			secret,
+			response,
+		});
+	
+		const res = await this.httpRequestService.fetch(
+			url,
+			{
+				method: 'POST',
+				body: params,
+			},
+			{
+				noOkError: true,
+			}
+		).catch(err => {
+			throw `${err.message ?? err}`;
+		});
+	
+		if (!res.ok) {
+			throw `${res.status}`;
+		}
+	
+		return await res.json() as CaptchaResponse;
+	}	
+	
+	@bindThis
+	public async verifyRecaptcha(secret: string, response: string | null | undefined): Promise<void> {
+		if (response == null) {
+			throw 'recaptcha-failed: no response provided';
+		}
+
+		const result = await this.getCaptchaResponse('https://www.recaptcha.net/recaptcha/api/siteverify', secret, response).catch(err => {
+			throw `recaptcha-request-failed: ${err}`;
+		});
+
+		if (result.success !== true) {
+			const errorCodes = result['error-codes'] ? result['error-codes'].join(', ') : '';
+			throw `recaptcha-failed: ${errorCodes}`;
+		}
+	}
+
+	@bindThis
+	public async verifyHcaptcha(secret: string, response: string | null | undefined): Promise<void> {
+		if (response == null) {
+			throw 'hcaptcha-failed: no response provided';
+		}
+
+		const result = await this.getCaptchaResponse('https://hcaptcha.com/siteverify', secret, response).catch(err => {
+			throw `hcaptcha-request-failed: ${err}`;
+		});
+
+		if (result.success !== true) {
+			const errorCodes = result['error-codes'] ? result['error-codes'].join(', ') : '';
+			throw `hcaptcha-failed: ${errorCodes}`;
+		}
+	}
+
+	@bindThis
+	public async verifyTurnstile(secret: string, response: string | null | undefined): Promise<void> {
+		if (response == null) {
+			throw 'turnstile-failed: no response provided';
+		}
+	
+		const result = await this.getCaptchaResponse('https://challenges.cloudflare.com/turnstile/v0/siteverify', secret, response).catch(err => {
+			throw `turnstile-request-failed: ${err}`;
+		});
+
+		if (result.success !== true) {
+			const errorCodes = result['error-codes'] ? result['error-codes'].join(', ') : '';
+			throw `turnstile-failed: ${errorCodes}`;
+		}
+	}
+}
+

packages/backend/src/core/CoreModule.ts

@@ -0,0 +1,736 @@
+import { Module } from '@nestjs/common';
+import { DI } from '../di-symbols.js';
+import { AccountUpdateService } from './AccountUpdateService.js';
+import { AiService } from './AiService.js';
+import { AntennaService } from './AntennaService.js';
+import { AppLockService } from './AppLockService.js';
+import { CaptchaService } from './CaptchaService.js';
+import { CreateNotificationService } from './CreateNotificationService.js';
+import { CreateSystemUserService } from './CreateSystemUserService.js';
+import { CustomEmojiService } from './CustomEmojiService.js';
+import { DeleteAccountService } from './DeleteAccountService.js';
+import { DownloadService } from './DownloadService.js';
+import { DriveService } from './DriveService.js';
+import { EmailService } from './EmailService.js';
+import { FederatedInstanceService } from './FederatedInstanceService.js';
+import { FetchInstanceMetadataService } from './FetchInstanceMetadataService.js';
+import { GlobalEventService } from './GlobalEventService.js';
+import { HashtagService } from './HashtagService.js';
+import { HttpRequestService } from './HttpRequestService.js';
+import { IdService } from './IdService.js';
+import { ImageProcessingService } from './ImageProcessingService.js';
+import { InstanceActorService } from './InstanceActorService.js';
+import { InternalStorageService } from './InternalStorageService.js';
+import { MessagingService } from './MessagingService.js';
+import { MetaService } from './MetaService.js';
+import { MfmService } from './MfmService.js';
+import { ModerationLogService } from './ModerationLogService.js';
+import { NoteCreateService } from './NoteCreateService.js';
+import { NoteDeleteService } from './NoteDeleteService.js';
+import { NotePiningService } from './NotePiningService.js';
+import { NoteReadService } from './NoteReadService.js';
+import { NotificationService } from './NotificationService.js';
+import { PollService } from './PollService.js';
+import { PushNotificationService } from './PushNotificationService.js';
+import { QueryService } from './QueryService.js';
+import { ReactionService } from './ReactionService.js';
+import { RelayService } from './RelayService.js';
+import { RoleService } from './RoleService.js';
+import { S3Service } from './S3Service.js';
+import { SignupService } from './SignupService.js';
+import { TwoFactorAuthenticationService } from './TwoFactorAuthenticationService.js';
+import { UserBlockingService } from './UserBlockingService.js';
+import { UserCacheService } from './UserCacheService.js';
+import { UserFollowingService } from './UserFollowingService.js';
+import { UserKeypairStoreService } from './UserKeypairStoreService.js';
+import { UserListService } from './UserListService.js';
+import { UserMutingService } from './UserMutingService.js';
+import { UserSuspendService } from './UserSuspendService.js';
+import { VideoProcessingService } from './VideoProcessingService.js';
+import { WebhookService } from './WebhookService.js';
+import { ProxyAccountService } from './ProxyAccountService.js';
+import { UtilityService } from './UtilityService.js';
+import { FileInfoService } from './FileInfoService.js';
+import { ChartLoggerService } from './chart/ChartLoggerService.js';
+import FederationChart from './chart/charts/federation.js';
+import NotesChart from './chart/charts/notes.js';
+import UsersChart from './chart/charts/users.js';
+import ActiveUsersChart from './chart/charts/active-users.js';
+import InstanceChart from './chart/charts/instance.js';
+import PerUserNotesChart from './chart/charts/per-user-notes.js';
+import PerUserPvChart from './chart/charts/per-user-pv.js';
+import DriveChart from './chart/charts/drive.js';
+import PerUserReactionsChart from './chart/charts/per-user-reactions.js';
+import HashtagChart from './chart/charts/hashtag.js';
+import PerUserFollowingChart from './chart/charts/per-user-following.js';
+import PerUserDriveChart from './chart/charts/per-user-drive.js';
+import ApRequestChart from './chart/charts/ap-request.js';
+import { ChartManagementService } from './chart/ChartManagementService.js';
+import { AbuseUserReportEntityService } from './entities/AbuseUserReportEntityService.js';
+import { AntennaEntityService } from './entities/AntennaEntityService.js';
+import { AppEntityService } from './entities/AppEntityService.js';
+import { AuthSessionEntityService } from './entities/AuthSessionEntityService.js';
+import { BlockingEntityService } from './entities/BlockingEntityService.js';
+import { ChannelEntityService } from './entities/ChannelEntityService.js';
+import { ClipEntityService } from './entities/ClipEntityService.js';
+import { DriveFileEntityService } from './entities/DriveFileEntityService.js';
+import { DriveFolderEntityService } from './entities/DriveFolderEntityService.js';
+import { EmojiEntityService } from './entities/EmojiEntityService.js';
+import { FollowingEntityService } from './entities/FollowingEntityService.js';
+import { FollowRequestEntityService } from './entities/FollowRequestEntityService.js';
+import { GalleryLikeEntityService } from './entities/GalleryLikeEntityService.js';
+import { GalleryPostEntityService } from './entities/GalleryPostEntityService.js';
+import { HashtagEntityService } from './entities/HashtagEntityService.js';
+import { InstanceEntityService } from './entities/InstanceEntityService.js';
+import { MessagingMessageEntityService } from './entities/MessagingMessageEntityService.js';
+import { ModerationLogEntityService } from './entities/ModerationLogEntityService.js';
+import { MutingEntityService } from './entities/MutingEntityService.js';
+import { NoteEntityService } from './entities/NoteEntityService.js';
+import { NoteFavoriteEntityService } from './entities/NoteFavoriteEntityService.js';
+import { NoteReactionEntityService } from './entities/NoteReactionEntityService.js';
+import { NotificationEntityService } from './entities/NotificationEntityService.js';
+import { PageEntityService } from './entities/PageEntityService.js';
+import { PageLikeEntityService } from './entities/PageLikeEntityService.js';
+import { SigninEntityService } from './entities/SigninEntityService.js';
+import { UserEntityService } from './entities/UserEntityService.js';
+import { UserGroupEntityService } from './entities/UserGroupEntityService.js';
+import { UserGroupInvitationEntityService } from './entities/UserGroupInvitationEntityService.js';
+import { UserListEntityService } from './entities/UserListEntityService.js';
+import { FlashEntityService } from './entities/FlashEntityService.js';
+import { FlashLikeEntityService } from './entities/FlashLikeEntityService.js';
+import { RoleEntityService } from './entities/RoleEntityService.js';
+import { ApAudienceService } from './activitypub/ApAudienceService.js';
+import { ApDbResolverService } from './activitypub/ApDbResolverService.js';
+import { ApDeliverManagerService } from './activitypub/ApDeliverManagerService.js';
+import { ApInboxService } from './activitypub/ApInboxService.js';
+import { ApLoggerService } from './activitypub/ApLoggerService.js';
+import { ApMfmService } from './activitypub/ApMfmService.js';
+import { ApRendererService } from './activitypub/ApRendererService.js';
+import { ApRequestService } from './activitypub/ApRequestService.js';
+import { ApResolverService } from './activitypub/ApResolverService.js';
+import { LdSignatureService } from './activitypub/LdSignatureService.js';
+import { RemoteLoggerService } from './RemoteLoggerService.js';
+import { RemoteUserResolveService } from './RemoteUserResolveService.js';
+import { WebfingerService } from './WebfingerService.js';
+import { ApImageService } from './activitypub/models/ApImageService.js';
+import { ApMentionService } from './activitypub/models/ApMentionService.js';
+import { ApNoteService } from './activitypub/models/ApNoteService.js';
+import { ApPersonService } from './activitypub/models/ApPersonService.js';
+import { ApQuestionService } from './activitypub/models/ApQuestionService.js';
+import { QueueModule } from './QueueModule.js';
+import { QueueService } from './QueueService.js';
+import { LoggerService } from './LoggerService.js';
+import type { Provider } from '@nestjs/common';
+
+//#region 文字列ベースでのinjection用(循環参照対応のため)
+const $LoggerService: Provider = { provide: 'LoggerService', useExisting: LoggerService };
+const $AccountUpdateService: Provider = { provide: 'AccountUpdateService', useExisting: AccountUpdateService };
+const $AiService: Provider = { provide: 'AiService', useExisting: AiService };
+const $AntennaService: Provider = { provide: 'AntennaService', useExisting: AntennaService };
+const $AppLockService: Provider = { provide: 'AppLockService', useExisting: AppLockService };
+const $CaptchaService: Provider = { provide: 'CaptchaService', useExisting: CaptchaService };
+const $CreateNotificationService: Provider = { provide: 'CreateNotificationService', useExisting: CreateNotificationService };
+const $CreateSystemUserService: Provider = { provide: 'CreateSystemUserService', useExisting: CreateSystemUserService };
+const $CustomEmojiService: Provider = { provide: 'CustomEmojiService', useExisting: CustomEmojiService };
+const $DeleteAccountService: Provider = { provide: 'DeleteAccountService', useExisting: DeleteAccountService };
+const $DownloadService: Provider = { provide: 'DownloadService', useExisting: DownloadService };
+const $DriveService: Provider = { provide: 'DriveService', useExisting: DriveService };
+const $EmailService: Provider = { provide: 'EmailService', useExisting: EmailService };
+const $FederatedInstanceService: Provider = { provide: 'FederatedInstanceService', useExisting: FederatedInstanceService };
+const $FetchInstanceMetadataService: Provider = { provide: 'FetchInstanceMetadataService', useExisting: FetchInstanceMetadataService };
+const $GlobalEventService: Provider = { provide: 'GlobalEventService', useExisting: GlobalEventService };
+const $HashtagService: Provider = { provide: 'HashtagService', useExisting: HashtagService };
+const $HttpRequestService: Provider = { provide: 'HttpRequestService', useExisting: HttpRequestService };
+const $IdService: Provider = { provide: 'IdService', useExisting: IdService };
+const $ImageProcessingService: Provider = { provide: 'ImageProcessingService', useExisting: ImageProcessingService };
+const $InstanceActorService: Provider = { provide: 'InstanceActorService', useExisting: InstanceActorService };
+const $InternalStorageService: Provider = { provide: 'InternalStorageService', useExisting: InternalStorageService };
+const $MessagingService: Provider = { provide: 'MessagingService', useExisting: MessagingService };
+const $MetaService: Provider = { provide: 'MetaService', useExisting: MetaService };
+const $MfmService: Provider = { provide: 'MfmService', useExisting: MfmService };
+const $ModerationLogService: Provider = { provide: 'ModerationLogService', useExisting: ModerationLogService };
+const $NoteCreateService: Provider = { provide: 'NoteCreateService', useExisting: NoteCreateService };
+const $NoteDeleteService: Provider = { provide: 'NoteDeleteService', useExisting: NoteDeleteService };
+const $NotePiningService: Provider = { provide: 'NotePiningService', useExisting: NotePiningService };
+const $NoteReadService: Provider = { provide: 'NoteReadService', useExisting: NoteReadService };
+const $NotificationService: Provider = { provide: 'NotificationService', useExisting: NotificationService };
+const $PollService: Provider = { provide: 'PollService', useExisting: PollService };
+const $ProxyAccountService: Provider = { provide: 'ProxyAccountService', useExisting: ProxyAccountService };
+const $PushNotificationService: Provider = { provide: 'PushNotificationService', useExisting: PushNotificationService };
+const $QueryService: Provider = { provide: 'QueryService', useExisting: QueryService };
+const $ReactionService: Provider = { provide: 'ReactionService', useExisting: ReactionService };
+const $RelayService: Provider = { provide: 'RelayService', useExisting: RelayService };
+const $RoleService: Provider = { provide: 'RoleService', useExisting: RoleService };
+const $S3Service: Provider = { provide: 'S3Service', useExisting: S3Service };
+const $SignupService: Provider = { provide: 'SignupService', useExisting: SignupService };
+const $TwoFactorAuthenticationService: Provider = { provide: 'TwoFactorAuthenticationService', useExisting: TwoFactorAuthenticationService };
+const $UserBlockingService: Provider = { provide: 'UserBlockingService', useExisting: UserBlockingService };
+const $UserCacheService: Provider = { provide: 'UserCacheService', useExisting: UserCacheService };
+const $UserFollowingService: Provider = { provide: 'UserFollowingService', useExisting: UserFollowingService };
+const $UserKeypairStoreService: Provider = { provide: 'UserKeypairStoreService', useExisting: UserKeypairStoreService };
+const $UserListService: Provider = { provide: 'UserListService', useExisting: UserListService };
+const $UserMutingService: Provider = { provide: 'UserMutingService', useExisting: UserMutingService };
+const $UserSuspendService: Provider = { provide: 'UserSuspendService', useExisting: UserSuspendService };
+const $VideoProcessingService: Provider = { provide: 'VideoProcessingService', useExisting: VideoProcessingService };
+const $WebhookService: Provider = { provide: 'WebhookService', useExisting: WebhookService };
+const $UtilityService: Provider = { provide: 'UtilityService', useExisting: UtilityService };
+const $FileInfoService: Provider = { provide: 'FileInfoService', useExisting: FileInfoService };
+const $ChartLoggerService: Provider = { provide: 'ChartLoggerService', useExisting: ChartLoggerService };
+const $FederationChart: Provider = { provide: 'FederationChart', useExisting: FederationChart };
+const $NotesChart: Provider = { provide: 'NotesChart', useExisting: NotesChart };
+const $UsersChart: Provider = { provide: 'UsersChart', useExisting: UsersChart };
+const $ActiveUsersChart: Provider = { provide: 'ActiveUsersChart', useExisting: ActiveUsersChart };
+const $InstanceChart: Provider = { provide: 'InstanceChart', useExisting: InstanceChart };
+const $PerUserNotesChart: Provider = { provide: 'PerUserNotesChart', useExisting: PerUserNotesChart };
+const $PerUserPvChart: Provider = { provide: 'PerUserPvChart', useExisting: PerUserPvChart };
+const $DriveChart: Provider = { provide: 'DriveChart', useExisting: DriveChart };
+const $PerUserReactionsChart: Provider = { provide: 'PerUserReactionsChart', useExisting: PerUserReactionsChart };
+const $HashtagChart: Provider = { provide: 'HashtagChart', useExisting: HashtagChart };
+const $PerUserFollowingChart: Provider = { provide: 'PerUserFollowingChart', useExisting: PerUserFollowingChart };
+const $PerUserDriveChart: Provider = { provide: 'PerUserDriveChart', useExisting: PerUserDriveChart };
+const $ApRequestChart: Provider = { provide: 'ApRequestChart', useExisting: ApRequestChart };
+const $ChartManagementService: Provider = { provide: 'ChartManagementService', useExisting: ChartManagementService };
+
+const $AbuseUserReportEntityService: Provider = { provide: 'AbuseUserReportEntityService', useExisting: AbuseUserReportEntityService };
+const $AntennaEntityService: Provider = { provide: 'AntennaEntityService', useExisting: AntennaEntityService };
+const $AppEntityService: Provider = { provide: 'AppEntityService', useExisting: AppEntityService };
+const $AuthSessionEntityService: Provider = { provide: 'AuthSessionEntityService', useExisting: AuthSessionEntityService };
+const $BlockingEntityService: Provider = { provide: 'BlockingEntityService', useExisting: BlockingEntityService };
+const $ChannelEntityService: Provider = { provide: 'ChannelEntityService', useExisting: ChannelEntityService };
+const $ClipEntityService: Provider = { provide: 'ClipEntityService', useExisting: ClipEntityService };
+const $DriveFileEntityService: Provider = { provide: 'DriveFileEntityService', useExisting: DriveFileEntityService };
+const $DriveFolderEntityService: Provider = { provide: 'DriveFolderEntityService', useExisting: DriveFolderEntityService };
+const $EmojiEntityService: Provider = { provide: 'EmojiEntityService', useExisting: EmojiEntityService };
+const $FollowingEntityService: Provider = { provide: 'FollowingEntityService', useExisting: FollowingEntityService };
+const $FollowRequestEntityService: Provider = { provide: 'FollowRequestEntityService', useExisting: FollowRequestEntityService };
+const $GalleryLikeEntityService: Provider = { provide: 'GalleryLikeEntityService', useExisting: GalleryLikeEntityService };
+const $GalleryPostEntityService: Provider = { provide: 'GalleryPostEntityService', useExisting: GalleryPostEntityService };
+const $HashtagEntityService: Provider = { provide: 'HashtagEntityService', useExisting: HashtagEntityService };
+const $InstanceEntityService: Provider = { provide: 'InstanceEntityService', useExisting: InstanceEntityService };
+const $MessagingMessageEntityService: Provider = { provide: 'MessagingMessageEntityService', useExisting: MessagingMessageEntityService };
+const $ModerationLogEntityService: Provider = { provide: 'ModerationLogEntityService', useExisting: ModerationLogEntityService };
+const $MutingEntityService: Provider = { provide: 'MutingEntityService', useExisting: MutingEntityService };
+const $NoteEntityService: Provider = { provide: 'NoteEntityService', useExisting: NoteEntityService };
+const $NoteFavoriteEntityService: Provider = { provide: 'NoteFavoriteEntityService', useExisting: NoteFavoriteEntityService };
+const $NoteReactionEntityService: Provider = { provide: 'NoteReactionEntityService', useExisting: NoteReactionEntityService };
+const $NotificationEntityService: Provider = { provide: 'NotificationEntityService', useExisting: NotificationEntityService };
+const $PageEntityService: Provider = { provide: 'PageEntityService', useExisting: PageEntityService };
+const $PageLikeEntityService: Provider = { provide: 'PageLikeEntityService', useExisting: PageLikeEntityService };
+const $SigninEntityService: Provider = { provide: 'SigninEntityService', useExisting: SigninEntityService };
+const $UserEntityService: Provider = { provide: 'UserEntityService', useExisting: UserEntityService };
+const $UserGroupEntityService: Provider = { provide: 'UserGroupEntityService', useExisting: UserGroupEntityService };
+const $UserGroupInvitationEntityService: Provider = { provide: 'UserGroupInvitationEntityService', useExisting: UserGroupInvitationEntityService };
+const $UserListEntityService: Provider = { provide: 'UserListEntityService', useExisting: UserListEntityService };
+const $FlashEntityService: Provider = { provide: 'FlashEntityService', useExisting: FlashEntityService };
+const $FlashLikeEntityService: Provider = { provide: 'FlashLikeEntityService', useExisting: FlashLikeEntityService };
+const $RoleEntityService: Provider = { provide: 'RoleEntityService', useExisting: RoleEntityService };
+
+const $ApAudienceService: Provider = { provide: 'ApAudienceService', useExisting: ApAudienceService };
+const $ApDbResolverService: Provider = { provide: 'ApDbResolverService', useExisting: ApDbResolverService };
+const $ApDeliverManagerService: Provider = { provide: 'ApDeliverManagerService', useExisting: ApDeliverManagerService };
+const $ApInboxService: Provider = { provide: 'ApInboxService', useExisting: ApInboxService };
+const $ApLoggerService: Provider = { provide: 'ApLoggerService', useExisting: ApLoggerService };
+const $ApMfmService: Provider = { provide: 'ApMfmService', useExisting: ApMfmService };
+const $ApRendererService: Provider = { provide: 'ApRendererService', useExisting: ApRendererService };
+const $ApRequestService: Provider = { provide: 'ApRequestService', useExisting: ApRequestService };
+const $ApResolverService: Provider = { provide: 'ApResolverService', useExisting: ApResolverService };
+const $LdSignatureService: Provider = { provide: 'LdSignatureService', useExisting: LdSignatureService };
+const $RemoteLoggerService: Provider = { provide: 'RemoteLoggerService', useExisting: RemoteLoggerService };
+const $RemoteUserResolveService: Provider = { provide: 'RemoteUserResolveService', useExisting: RemoteUserResolveService };
+const $WebfingerService: Provider = { provide: 'WebfingerService', useExisting: WebfingerService };
+const $ApImageService: Provider = { provide: 'ApImageService', useExisting: ApImageService };
+const $ApMentionService: Provider = { provide: 'ApMentionService', useExisting: ApMentionService };
+const $ApNoteService: Provider = { provide: 'ApNoteService', useExisting: ApNoteService };
+const $ApPersonService: Provider = { provide: 'ApPersonService', useExisting: ApPersonService };
+const $ApQuestionService: Provider = { provide: 'ApQuestionService', useExisting: ApQuestionService };
+//#endregion
+
+@Module({
+	imports: [
+		QueueModule,
+	],
+	providers: [
+		LoggerService,
+		AccountUpdateService,
+		AiService,
+		AntennaService,
+		AppLockService,
+		CaptchaService,
+		CreateNotificationService,
+		CreateSystemUserService,
+		CustomEmojiService,
+		DeleteAccountService,
+		DownloadService,
+		DriveService,
+		EmailService,
+		FederatedInstanceService,
+		FetchInstanceMetadataService,
+		GlobalEventService,
+		HashtagService,
+		HttpRequestService,
+		IdService,
+		ImageProcessingService,
+		InstanceActorService,
+		InternalStorageService,
+		MessagingService,
+		MetaService,
+		MfmService,
+		ModerationLogService,
+		NoteCreateService,
+		NoteDeleteService,
+		NotePiningService,
+		NoteReadService,
+		NotificationService,
+		PollService,
+		ProxyAccountService,
+		PushNotificationService,
+		QueryService,
+		ReactionService,
+		RelayService,
+		RoleService,
+		S3Service,
+		SignupService,
+		TwoFactorAuthenticationService,
+		UserBlockingService,
+		UserCacheService,
+		UserFollowingService,
+		UserKeypairStoreService,
+		UserListService,
+		UserMutingService,
+		UserSuspendService,
+		VideoProcessingService,
+		WebhookService,
+		UtilityService,
+		FileInfoService,
+		ChartLoggerService,
+		FederationChart,
+		NotesChart,
+		UsersChart,
+		ActiveUsersChart,
+		InstanceChart,
+		PerUserNotesChart,
+		PerUserPvChart,
+		DriveChart,
+		PerUserReactionsChart,
+		HashtagChart,
+		PerUserFollowingChart,
+		PerUserDriveChart,
+		ApRequestChart,
+		ChartManagementService,
+		AbuseUserReportEntityService,
+		AntennaEntityService,
+		AppEntityService,
+		AuthSessionEntityService,
+		BlockingEntityService,
+		ChannelEntityService,
+		ClipEntityService,
+		DriveFileEntityService,
+		DriveFolderEntityService,
+		EmojiEntityService,
+		FollowingEntityService,
+		FollowRequestEntityService,
+		GalleryLikeEntityService,
+		GalleryPostEntityService,
+		HashtagEntityService,
+		InstanceEntityService,
+		MessagingMessageEntityService,
+		ModerationLogEntityService,
+		MutingEntityService,
+		NoteEntityService,
+		NoteFavoriteEntityService,
+		NoteReactionEntityService,
+		NotificationEntityService,
+		PageEntityService,
+		PageLikeEntityService,
+		SigninEntityService,
+		UserEntityService,
+		UserGroupEntityService,
+		UserGroupInvitationEntityService,
+		UserListEntityService,
+		FlashEntityService,
+		FlashLikeEntityService,
+		RoleEntityService,
+		ApAudienceService,
+		ApDbResolverService,
+		ApDeliverManagerService,
+		ApInboxService,
+		ApLoggerService,
+		ApMfmService,
+		ApRendererService,
+		ApRequestService,
+		ApResolverService,
+		LdSignatureService,
+		RemoteLoggerService,
+		RemoteUserResolveService,
+		WebfingerService,
+		ApImageService,
+		ApMentionService,
+		ApNoteService,
+		ApPersonService,
+		ApQuestionService,
+		QueueService,
+
+		//#region 文字列ベースでのinjection用(循環参照対応のため)
+		$LoggerService,
+		$AccountUpdateService,
+		$AiService,
+		$AntennaService,
+		$AppLockService,
+		$CaptchaService,
+		$CreateNotificationService,
+		$CreateSystemUserService,
+		$CustomEmojiService,
+		$DeleteAccountService,
+		$DownloadService,
+		$DriveService,
+		$EmailService,
+		$FederatedInstanceService,
+		$FetchInstanceMetadataService,
+		$GlobalEventService,
+		$HashtagService,
+		$HttpRequestService,
+		$IdService,
+		$ImageProcessingService,
+		$InstanceActorService,
+		$InternalStorageService,
+		$MessagingService,
+		$MetaService,
+		$MfmService,
+		$ModerationLogService,
+		$NoteCreateService,
+		$NoteDeleteService,
+		$NotePiningService,
+		$NoteReadService,
+		$NotificationService,
+		$PollService,
+		$ProxyAccountService,
+		$PushNotificationService,
+		$QueryService,
+		$ReactionService,
+		$RelayService,
+		$RoleService,
+		$S3Service,
+		$SignupService,
+		$TwoFactorAuthenticationService,
+		$UserBlockingService,
+		$UserCacheService,
+		$UserFollowingService,
+		$UserKeypairStoreService,
+		$UserListService,
+		$UserMutingService,
+		$UserSuspendService,
+		$VideoProcessingService,
+		$WebhookService,
+		$UtilityService,
+		$FileInfoService,
+		$ChartLoggerService,
+		$FederationChart,
+		$NotesChart,
+		$UsersChart,
+		$ActiveUsersChart,
+		$InstanceChart,
+		$PerUserNotesChart,
+		$PerUserPvChart,
+		$DriveChart,
+		$PerUserReactionsChart,
+		$HashtagChart,
+		$PerUserFollowingChart,
+		$PerUserDriveChart,
+		$ApRequestChart,
+		$ChartManagementService,
+		$AbuseUserReportEntityService,
+		$AntennaEntityService,
+		$AppEntityService,
+		$AuthSessionEntityService,
+		$BlockingEntityService,
+		$ChannelEntityService,
+		$ClipEntityService,
+		$DriveFileEntityService,
+		$DriveFolderEntityService,
+		$EmojiEntityService,
+		$FollowingEntityService,
+		$FollowRequestEntityService,
+		$GalleryLikeEntityService,
+		$GalleryPostEntityService,
+		$HashtagEntityService,
+		$InstanceEntityService,
+		$MessagingMessageEntityService,
+		$ModerationLogEntityService,
+		$MutingEntityService,
+		$NoteEntityService,
+		$NoteFavoriteEntityService,
+		$NoteReactionEntityService,
+		$NotificationEntityService,
+		$PageEntityService,
+		$PageLikeEntityService,
+		$SigninEntityService,
+		$UserEntityService,
+		$UserGroupEntityService,
+		$UserGroupInvitationEntityService,
+		$UserListEntityService,
+		$FlashEntityService,
+		$FlashLikeEntityService,
+		$RoleEntityService,
+		$ApAudienceService,
+		$ApDbResolverService,
+		$ApDeliverManagerService,
+		$ApInboxService,
+		$ApLoggerService,
+		$ApMfmService,
+		$ApRendererService,
+		$ApRequestService,
+		$ApResolverService,
+		$LdSignatureService,
+		$RemoteLoggerService,
+		$RemoteUserResolveService,
+		$WebfingerService,
+		$ApImageService,
+		$ApMentionService,
+		$ApNoteService,
+		$ApPersonService,
+		$ApQuestionService,
+		//#endregion
+	],
+	exports: [
+		QueueModule,
+		LoggerService,
+		AccountUpdateService,
+		AiService,
+		AntennaService,
+		AppLockService,
+		CaptchaService,
+		CreateNotificationService,
+		CreateSystemUserService,
+		CustomEmojiService,
+		DeleteAccountService,
+		DownloadService,
+		DriveService,
+		EmailService,
+		FederatedInstanceService,
+		FetchInstanceMetadataService,
+		GlobalEventService,
+		HashtagService,
+		HttpRequestService,
+		IdService,
+		ImageProcessingService,
+		InstanceActorService,
+		InternalStorageService,
+		MessagingService,
+		MetaService,
+		MfmService,
+		ModerationLogService,
+		NoteCreateService,
+		NoteDeleteService,
+		NotePiningService,
+		NoteReadService,
+		NotificationService,
+		PollService,
+		ProxyAccountService,
+		PushNotificationService,
+		QueryService,
+		ReactionService,
+		RelayService,
+		RoleService,
+		S3Service,
+		SignupService,
+		TwoFactorAuthenticationService,
+		UserBlockingService,
+		UserCacheService,
+		UserFollowingService,
+		UserKeypairStoreService,
+		UserListService,
+		UserMutingService,
+		UserSuspendService,
+		VideoProcessingService,
+		WebhookService,
+		UtilityService,
+		FileInfoService,
+		FederationChart,
+		NotesChart,
+		UsersChart,
+		ActiveUsersChart,
+		InstanceChart,
+		PerUserNotesChart,
+		PerUserPvChart,
+		DriveChart,
+		PerUserReactionsChart,
+		HashtagChart,
+		PerUserFollowingChart,
+		PerUserDriveChart,
+		ApRequestChart,
+		ChartManagementService,
+		AbuseUserReportEntityService,
+		AntennaEntityService,
+		AppEntityService,
+		AuthSessionEntityService,
+		BlockingEntityService,
+		ChannelEntityService,
+		ClipEntityService,
+		DriveFileEntityService,
+		DriveFolderEntityService,
+		EmojiEntityService,
+		FollowingEntityService,
+		FollowRequestEntityService,
+		GalleryLikeEntityService,
+		GalleryPostEntityService,
+		HashtagEntityService,
+		InstanceEntityService,
+		MessagingMessageEntityService,
+		ModerationLogEntityService,
+		MutingEntityService,
+		NoteEntityService,
+		NoteFavoriteEntityService,
+		NoteReactionEntityService,
+		NotificationEntityService,
+		PageEntityService,
+		PageLikeEntityService,
+		SigninEntityService,
+		UserEntityService,
+		UserGroupEntityService,
+		UserGroupInvitationEntityService,
+		UserListEntityService,
+		FlashEntityService,
+		FlashLikeEntityService,
+		RoleEntityService,
+		ApAudienceService,
+		ApDbResolverService,
+		ApDeliverManagerService,
+		ApInboxService,
+		ApLoggerService,
+		ApMfmService,
+		ApRendererService,
+		ApRequestService,
+		ApResolverService,
+		LdSignatureService,
+		RemoteLoggerService,
+		RemoteUserResolveService,
+		WebfingerService,
+		ApImageService,
+		ApMentionService,
+		ApNoteService,
+		ApPersonService,
+		ApQuestionService,
+		QueueService,
+
+		//#region 文字列ベースでのinjection用(循環参照対応のため)
+		$LoggerService,
+		$AccountUpdateService,
+		$AiService,
+		$AntennaService,
+		$AppLockService,
+		$CaptchaService,
+		$CreateNotificationService,
+		$CreateSystemUserService,
+		$CustomEmojiService,
+		$DeleteAccountService,
+		$DownloadService,
+		$DriveService,
+		$EmailService,
+		$FederatedInstanceService,
+		$FetchInstanceMetadataService,
+		$GlobalEventService,
+		$HashtagService,
+		$HttpRequestService,
+		$IdService,
+		$ImageProcessingService,
+		$InstanceActorService,
+		$InternalStorageService,
+		$MessagingService,
+		$MetaService,
+		$MfmService,
+		$ModerationLogService,
+		$NoteCreateService,
+		$NoteDeleteService,
+		$NotePiningService,
+		$NoteReadService,
+		$NotificationService,
+		$PollService,
+		$ProxyAccountService,
+		$PushNotificationService,
+		$QueryService,
+		$ReactionService,
+		$RelayService,
+		$RoleService,
+		$S3Service,
+		$SignupService,
+		$TwoFactorAuthenticationService,
+		$UserBlockingService,
+		$UserCacheService,
+		$UserFollowingService,
+		$UserKeypairStoreService,
+		$UserListService,
+		$UserMutingService,
+		$UserSuspendService,
+		$VideoProcessingService,
+		$WebhookService,
+		$UtilityService,
+		$FileInfoService,
+		$FederationChart,
+		$NotesChart,
+		$UsersChart,
+		$ActiveUsersChart,
+		$InstanceChart,
+		$PerUserNotesChart,
+		$PerUserPvChart,
+		$DriveChart,
+		$PerUserReactionsChart,
+		$HashtagChart,
+		$PerUserFollowingChart,
+		$PerUserDriveChart,
+		$ApRequestChart,
+		$ChartManagementService,
+		$AbuseUserReportEntityService,
+		$AntennaEntityService,
+		$AppEntityService,
+		$AuthSessionEntityService,
+		$BlockingEntityService,
+		$ChannelEntityService,
+		$ClipEntityService,
+		$DriveFileEntityService,
+		$DriveFolderEntityService,
+		$EmojiEntityService,
+		$FollowingEntityService,
+		$FollowRequestEntityService,
+		$GalleryLikeEntityService,
+		$GalleryPostEntityService,
+		$HashtagEntityService,
+		$InstanceEntityService,
+		$MessagingMessageEntityService,
+		$ModerationLogEntityService,
+		$MutingEntityService,
+		$NoteEntityService,
+		$NoteFavoriteEntityService,
+		$NoteReactionEntityService,
+		$NotificationEntityService,
+		$PageEntityService,
+		$PageLikeEntityService,
+		$SigninEntityService,
+		$UserEntityService,
+		$UserGroupEntityService,
+		$UserGroupInvitationEntityService,
+		$UserListEntityService,
+		$FlashEntityService,
+		$FlashLikeEntityService,
+		$RoleEntityService,
+		$ApAudienceService,
+		$ApDbResolverService,
+		$ApDeliverManagerService,
+		$ApInboxService,
+		$ApLoggerService,
+		$ApMfmService,
+		$ApRendererService,
+		$ApRequestService,
+		$ApResolverService,
+		$LdSignatureService,
+		$RemoteLoggerService,
+		$RemoteUserResolveService,
+		$WebfingerService,
+		$ApImageService,
+		$ApMentionService,
+		$ApNoteService,
+		$ApPersonService,
+		$ApQuestionService,
+		//#endregion
+	],
+})
+export class CoreModule {}

packages/backend/src/core/CreateNotificationService.ts

@@ -0,0 +1,118 @@
+import { Inject, Injectable } from '@nestjs/common';
+import type { MutingsRepository, NotificationsRepository, UserProfilesRepository, UsersRepository } from '@/models/index.js';
+import type { User } from '@/models/entities/User.js';
+import type { Notification } from '@/models/entities/Notification.js';
+import { GlobalEventService } from '@/core/GlobalEventService.js';
+import { IdService } from '@/core/IdService.js';
+import { DI } from '@/di-symbols.js';
+import { NotificationEntityService } from '@/core/entities/NotificationEntityService.js';
+import { PushNotificationService } from '@/core/PushNotificationService.js';
+import { bindThis } from '@/decorators.js';
+
+@Injectable()
+export class CreateNotificationService {
+	constructor(
+		@Inject(DI.usersRepository)
+		private usersRepository: UsersRepository,
+
+		@Inject(DI.userProfilesRepository)
+		private userProfilesRepository: UserProfilesRepository,
+
+		@Inject(DI.notificationsRepository)
+		private notificationsRepository: NotificationsRepository,
+
+		@Inject(DI.mutingsRepository)
+		private mutingsRepository: MutingsRepository,
+
+		private notificationEntityService: NotificationEntityService,
+		private idService: IdService,
+		private globalEventServie: GlobalEventService,
+		private pushNotificationService: PushNotificationService,
+	) {
+	}
+
+	@bindThis
+	public async createNotification(
+		notifieeId: User['id'],
+		type: Notification['type'],
+		data: Partial<Notification>,
+	): Promise<Notification | null> {
+		if (data.notifierId && (notifieeId === data.notifierId)) {
+			return null;
+		}
+	
+		const profile = await this.userProfilesRepository.findOneBy({ userId: notifieeId });
+	
+		const isMuted = profile?.mutingNotificationTypes.includes(type);
+	
+		// Create notification
+		const notification = await this.notificationsRepository.insert({
+			id: this.idService.genId(),
+			createdAt: new Date(),
+			notifieeId: notifieeId,
+			type: type,
+			// 相手がこの通知をミュートしているようなら、既読を予めつけておく
+			isRead: isMuted,
+			...data,
+		} as Partial<Notification>)
+			.then(x => this.notificationsRepository.findOneByOrFail(x.identifiers[0]));
+	
+		const packed = await this.notificationEntityService.pack(notification, {});
+	
+		// Publish notification event
+		this.globalEventServie.publishMainStream(notifieeId, 'notification', packed);
+	
+		// 2秒経っても(今回作成した)通知が既読にならなかったら「未読の通知がありますよ」イベントを発行する
+		setTimeout(async () => {
+			const fresh = await this.notificationsRepository.findOneBy({ id: notification.id });
+			if (fresh == null) return; // 既に削除されているかもしれない
+			if (fresh.isRead) return;
+	
+			//#region ただしミュートしているユーザーからの通知なら無視
+			const mutings = await this.mutingsRepository.findBy({
+				muterId: notifieeId,
+			});
+			if (data.notifierId && mutings.map(m => m.muteeId).includes(data.notifierId)) {
+				return;
+			}
+			//#endregion
+	
+			this.globalEventServie.publishMainStream(notifieeId, 'unreadNotification', packed);
+			this.pushNotificationService.pushNotification(notifieeId, 'notification', packed);
+	
+			if (type === 'follow') this.emailNotificationFollow(notifieeId, await this.usersRepository.findOneByOrFail({ id: data.notifierId! }));
+			if (type === 'receiveFollowRequest') this.emailNotificationReceiveFollowRequest(notifieeId, await this.usersRepository.findOneByOrFail({ id: data.notifierId! }));
+		}, 2000);
+	
+		return notification;
+	}
+
+	// TODO
+	//const locales = await import('../../../../locales/index.js');
+
+	// TODO: locale ファイルをクライアント用とサーバー用で分けたい
+
+	@bindThis
+	private async emailNotificationFollow(userId: User['id'], follower: User) {
+		/*
+		const userProfile = await UserProfiles.findOneByOrFail({ userId: userId });
+		if (!userProfile.email || !userProfile.emailNotificationTypes.includes('follow')) return;
+		const locale = locales[userProfile.lang ?? 'ja-JP'];
+		const i18n = new I18n(locale);
+		// TODO: render user information html
+		sendEmail(userProfile.email, i18n.t('_email._follow.title'), `${follower.name} (@${Acct.toString(follower)})`, `${follower.name} (@${Acct.toString(follower)})`);
+		*/
+	}
+	
+	@bindThis
+	private async emailNotificationReceiveFollowRequest(userId: User['id'], follower: User) {
+		/*
+		const userProfile = await UserProfiles.findOneByOrFail({ userId: userId });
+		if (!userProfile.email || !userProfile.emailNotificationTypes.includes('receiveFollowRequest')) return;
+		const locale = locales[userProfile.lang ?? 'ja-JP'];
+		const i18n = new I18n(locale);
+		// TODO: render user information html
+		sendEmail(userProfile.email, i18n.t('_email._receiveFollowRequest.title'), `${follower.name} (@${Acct.toString(follower)})`, `${follower.name} (@${Acct.toString(follower)})`);
+		*/
+	}
+}

packages/backend/src/core/CreateSystemUserService.ts

@@ -0,0 +1,82 @@
+import { Inject, Injectable } from '@nestjs/common';
+import bcrypt from 'bcryptjs';
+import { v4 as uuid } from 'uuid';
+import { IsNull, DataSource } from 'typeorm';
+import { genRsaKeyPair } from '@/misc/gen-key-pair.js';
+import { User } from '@/models/entities/User.js';
+import { UserProfile } from '@/models/entities/UserProfile.js';
+import { IdService } from '@/core/IdService.js';
+import { UserKeypair } from '@/models/entities/UserKeypair.js';
+import { UsedUsername } from '@/models/entities/UsedUsername.js';
+import { DI } from '@/di-symbols.js';
+import generateNativeUserToken from '@/misc/generate-native-user-token.js';
+import { bindThis } from '@/decorators.js';
+
+@Injectable()
+export class CreateSystemUserService {
+	constructor(
+		@Inject(DI.db)
+		private db: DataSource,
+
+		private idService: IdService,
+	) {
+	}
+
+	@bindThis
+	public async createSystemUser(username: string): Promise<User> {
+		const password = uuid();
+	
+		// Generate hash of password
+		const salt = await bcrypt.genSalt(8);
+		const hash = await bcrypt.hash(password, salt);
+	
+		// Generate secret
+		const secret = generateNativeUserToken();
+	
+		const keyPair = await genRsaKeyPair(4096);
+	
+		let account!: User;
+	
+		// Start transaction
+		await this.db.transaction(async transactionalEntityManager => {
+			const exist = await transactionalEntityManager.findOneBy(User, {
+				usernameLower: username.toLowerCase(),
+				host: IsNull(),
+			});
+	
+			if (exist) throw new Error('the user is already exists');
+	
+			account = await transactionalEntityManager.insert(User, {
+				id: this.idService.genId(),
+				createdAt: new Date(),
+				username: username,
+				usernameLower: username.toLowerCase(),
+				host: null,
+				token: secret,
+				isRoot: false,
+				isLocked: true,
+				isExplorable: false,
+				isBot: true,
+			}).then(x => transactionalEntityManager.findOneByOrFail(User, x.identifiers[0]));
+	
+			await transactionalEntityManager.insert(UserKeypair, {
+				publicKey: keyPair.publicKey,
+				privateKey: keyPair.privateKey,
+				userId: account.id,
+			});
+	
+			await transactionalEntityManager.insert(UserProfile, {
+				userId: account.id,
+				autoAcceptFollowed: false,
+				password: hash,
+			});
+	
+			await transactionalEntityManager.insert(UsedUsername, {
+				createdAt: new Date(),
+				username: username.toLowerCase(),
+			});
+		});
+	
+		return account;
+	}
+}

packages/backend/src/core/CustomEmojiService.ts

@@ -0,0 +1,47 @@
+import { Inject, Injectable } from '@nestjs/common';
+import { DataSource, In, IsNull } from 'typeorm';
+import { DI } from '@/di-symbols.js';
+import { IdService } from '@/core/IdService.js';
+import type { DriveFile } from '@/models/entities/DriveFile.js';
+import type { Emoji } from '@/models/entities/Emoji.js';
+import type { EmojisRepository } from '@/models/index.js';
+import { bindThis } from '@/decorators.js';
+
+@Injectable()
+export class CustomEmojiService {
+	constructor(
+		@Inject(DI.db)
+		private db: DataSource,
+
+		@Inject(DI.emojisRepository)
+		private emojisRepository: EmojisRepository,
+
+		private idService: IdService,
+	) {
+	}
+
+	@bindThis
+	public async add(data: {
+		driveFile: DriveFile;
+		name: string;
+		category: string | null;
+		aliases: string[];
+		host: string | null;
+	}): Promise<Emoji> {
+		const emoji = await this.emojisRepository.insert({
+			id: this.idService.genId(),
+			updatedAt: new Date(),
+			name: data.name,
+			category: data.category,
+			host: data.host,
+			aliases: data.aliases,
+			originalUrl: data.driveFile.url,
+			publicUrl: data.driveFile.webpublicUrl ?? data.driveFile.url,
+			type: data.driveFile.webpublicType ?? data.driveFile.type,
+		}).then(x => this.emojisRepository.findOneByOrFail(x.identifiers[0]));
+
+		await this.db.queryResultCache!.remove(['meta_emojis']);
+
+		return emoji;
+	}
+}

packages/backend/src/core/DeleteAccountService.ts

@@ -0,0 +1,43 @@
+import { Inject, Injectable } from '@nestjs/common';
+import type { UsersRepository } from '@/models/index.js';
+import { QueueService } from '@/core/QueueService.js';
+import { UserSuspendService } from '@/core/UserSuspendService.js';
+import { GlobalEventService } from '@/core/GlobalEventService.js';
+import { DI } from '@/di-symbols.js';
+import { bindThis } from '@/decorators.js';
+
+@Injectable()
+export class DeleteAccountService {
+	constructor(
+		@Inject(DI.usersRepository)
+		private usersRepository: UsersRepository,
+
+		private userSuspendService: UserSuspendService,
+		private queueService: QueueService,
+		private globalEventServie: GlobalEventService,
+	) {
+	}
+
+	@bindThis
+	public async deleteAccount(user: {
+		id: string;
+		host: string | null;
+	}): Promise<void> {
+		const _user = await this.usersRepository.findOneByOrFail({ id: user.id });
+		if (_user.isRoot) throw new Error('cannot delete a root account');
+
+		// 物理削除する前にDelete activityを送信する
+		await this.userSuspendService.doPostSuspend(user).catch(e => {});
+	
+		this.queueService.createDeleteAccountJob(user, {
+			soft: false,
+		});
+	
+		await this.usersRepository.update(user.id, {
+			isDeleted: true,
+		});
+	
+		// Terminate streaming
+		this.globalEventServie.publishUserEvent(user.id, 'terminate', {});
+	}
+}

packages/backend/src/core/DownloadService.ts

@@ -0,0 +1,103 @@
+import * as fs from 'node:fs';
+import * as stream from 'node:stream';
+import * as util from 'node:util';
+import { Inject, Injectable } from '@nestjs/common';
+import IPCIDR from 'ip-cidr';
+import PrivateIp from 'private-ip';
+import got, * as Got from 'got';
+import chalk from 'chalk';
+import { DI } from '@/di-symbols.js';
+import type { Config } from '@/config.js';
+import { HttpRequestService, UndiciFetcher } from '@/core/HttpRequestService.js';
+import { createTemp } from '@/misc/create-temp.js';
+import { StatusError } from '@/misc/status-error.js';
+import { LoggerService } from '@/core/LoggerService.js';
+import type Logger from '@/logger.js';
+import { buildConnector } from 'undici';
+
+const pipeline = util.promisify(stream.pipeline);
+import { bindThis } from '@/decorators.js';
+
+@Injectable()
+export class DownloadService {
+	private logger: Logger;
+	private undiciFetcher: UndiciFetcher;
+
+	constructor(
+		@Inject(DI.config)
+		private config: Config,
+
+		private httpRequestService: HttpRequestService,
+		private loggerService: LoggerService,
+	) {
+		this.logger = this.loggerService.getLogger('download');
+
+		this.undiciFetcher = new UndiciFetcher(this.httpRequestService.getStandardUndiciFetcherOption(
+			{
+				connect: process.env.NODE_ENV === 'development' ?
+					this.httpRequestService.clientDefaults.connect
+					:
+					this.httpRequestService.getConnectorWithIpCheck(
+						buildConnector({
+							...this.httpRequestService.clientDefaults.connect,
+						}),
+						(ip) => !this.isPrivateIp(ip)
+					),
+				bodyTimeout: 30 * 1000,
+			},
+			{
+				connect: this.httpRequestService.clientDefaults.connect,
+			}
+		), this.logger);
+	}
+
+	@bindThis
+	public async downloadUrl(url: string, path: string): Promise<void> {
+		this.logger.info(`Downloading ${chalk.cyan(url)} to ${chalk.cyanBright(path)} ...`);
+
+		const timeout = 30 * 1000;
+		const operationTimeout = 60 * 1000;
+		const maxSize = this.config.maxFileSize ?? 262144000;
+
+		const response = await this.undiciFetcher.fetch(url);
+
+		if (response.body === null) {
+			throw new StatusError('No body', 400, 'No body');
+		}
+
+		await pipeline(stream.Readable.fromWeb(response.body), fs.createWriteStream(path));
+
+		this.logger.succ(`Download finished: ${chalk.cyan(url)}`);
+	}
+
+	@bindThis
+	public async downloadTextFile(url: string): Promise<string> {
+		// Create temp file
+		const [path, cleanup] = await createTemp();
+	
+		this.logger.info(`text file: Temp file is ${path}`);
+	
+		try {
+			// write content at URL to temp file
+			await this.downloadUrl(url, path);
+	
+			const text = await util.promisify(fs.readFile)(path, 'utf8');
+	
+			return text;
+		} finally {
+			cleanup();
+		}
+	}
+
+	@bindThis
+	private isPrivateIp(ip: string): boolean {
+		for (const net of this.config.allowedPrivateNetworks ?? []) {
+			const cidr = new IPCIDR(net);
+			if (cidr.contains(ip)) {
+				return false;
+			}
+		}
+
+		return PrivateIp(ip) ?? false;
+	}
+}

packages/backend/src/core/DriveService.ts

@@ -0,0 +1,762 @@
+import * as fs from 'node:fs';
+import { Inject, Injectable } from '@nestjs/common';
+import { v4 as uuid } from 'uuid';
+import sharp from 'sharp';
+import { IsNull } from 'typeorm';
+import { DI } from '@/di-symbols.js';
+import type { DriveFilesRepository, UsersRepository, DriveFoldersRepository, UserProfilesRepository } from '@/models/index.js';
+import type { Config } from '@/config.js';
+import Logger from '@/logger.js';
+import type { IRemoteUser, User } from '@/models/entities/User.js';
+import { MetaService } from '@/core/MetaService.js';
+import { DriveFile } from '@/models/entities/DriveFile.js';
+import { IdService } from '@/core/IdService.js';
+import { isDuplicateKeyValueError } from '@/misc/is-duplicate-key-value-error.js';
+import { FILE_TYPE_BROWSERSAFE } from '@/const.js';
+import { IdentifiableError } from '@/misc/identifiable-error.js';
+import { contentDisposition } from '@/misc/content-disposition.js';
+import { GlobalEventService } from '@/core/GlobalEventService.js';
+import { VideoProcessingService } from '@/core/VideoProcessingService.js';
+import { ImageProcessingService } from '@/core/ImageProcessingService.js';
+import type { IImage } from '@/core/ImageProcessingService.js';
+import { QueueService } from '@/core/QueueService.js';
+import type { DriveFolder } from '@/models/entities/DriveFolder.js';
+import { createTemp } from '@/misc/create-temp.js';
+import DriveChart from '@/core/chart/charts/drive.js';
+import PerUserDriveChart from '@/core/chart/charts/per-user-drive.js';
+import InstanceChart from '@/core/chart/charts/instance.js';
+import { DownloadService } from '@/core/DownloadService.js';
+import { S3Service } from '@/core/S3Service.js';
+import { InternalStorageService } from '@/core/InternalStorageService.js';
+import { DriveFileEntityService } from '@/core/entities/DriveFileEntityService.js';
+import { UserEntityService } from '@/core/entities/UserEntityService.js';
+import { FileInfoService } from '@/core/FileInfoService.js';
+import { bindThis } from '@/decorators.js';
+import { RoleService } from '@/core/RoleService.js';
+import type S3 from 'aws-sdk/clients/s3.js';
+
+type AddFileArgs = {
+	/** User who wish to add file */
+	user: { id: User['id']; host: User['host'] } | null;
+	/** File path */
+	path: string;
+	/** Name */
+	name?: string | null;
+	/** Comment */
+	comment?: string | null;
+	/** Folder ID */
+	folderId?: any;
+	/** If set to true, forcibly upload the file even if there is a file with the same hash. */
+	force?: boolean;
+	/** Do not save file to local */
+	isLink?: boolean;
+	/** URL of source (URLからアップロードされた場合(ローカル/リモート)の元URL) */
+	url?: string | null;
+	/** URL of source (リモートインスタンスのURLからアップロードされた場合の元URL) */
+	uri?: string | null;
+	/** Mark file as sensitive */
+	sensitive?: boolean | null;
+
+	requestIp?: string | null;
+	requestHeaders?: Record<string, string> | null;
+};
+
+type UploadFromUrlArgs = {
+	url: string;
+	user: { id: User['id']; host: User['host'] } | null;
+	folderId?: DriveFolder['id'] | null;
+	uri?: string | null;
+	sensitive?: boolean;
+	force?: boolean;
+	isLink?: boolean;
+	comment?: string | null;
+	requestIp?: string | null;
+	requestHeaders?: Record<string, string> | null;
+};
+
+@Injectable()
+export class DriveService {
+	private registerLogger: Logger;
+	private downloaderLogger: Logger;
+
+	constructor(
+		@Inject(DI.config)
+		private config: Config,
+
+		@Inject(DI.usersRepository)
+		private usersRepository: UsersRepository,
+
+		@Inject(DI.userProfilesRepository)
+		private userProfilesRepository: UserProfilesRepository,
+
+		@Inject(DI.driveFilesRepository)
+		private driveFilesRepository: DriveFilesRepository,
+
+		@Inject(DI.driveFoldersRepository)
+		private driveFoldersRepository: DriveFoldersRepository,
+
+		private fileInfoService: FileInfoService,
+		private userEntityService: UserEntityService,
+		private driveFileEntityService: DriveFileEntityService,
+		private idService: IdService,
+		private metaService: MetaService,
+		private downloadService: DownloadService,
+		private internalStorageService: InternalStorageService,
+		private s3Service: S3Service,
+		private imageProcessingService: ImageProcessingService,
+		private videoProcessingService: VideoProcessingService,
+		private globalEventService: GlobalEventService,
+		private queueService: QueueService,
+		private roleService: RoleService,
+		private driveChart: DriveChart,
+		private perUserDriveChart: PerUserDriveChart,
+		private instanceChart: InstanceChart,
+	) {
+		const logger = new Logger('drive', 'blue');
+		this.registerLogger = logger.createSubLogger('register', 'yellow');
+		this.downloaderLogger = logger.createSubLogger('downloader');
+	}
+
+	/***
+	 * Save file
+	 * @param path Path for original
+	 * @param name Name for original
+	 * @param type Content-Type for original
+	 * @param hash Hash for original
+	 * @param size Size for original
+	 */
+	@bindThis
+	private async save(file: DriveFile, path: string, name: string, type: string, hash: string, size: number): Promise<DriveFile> {
+	// thunbnail, webpublic を必要なら生成
+		const alts = await this.generateAlts(path, type, !file.uri);
+
+		const meta = await this.metaService.fetch();
+
+		if (meta.useObjectStorage) {
+		//#region ObjectStorage params
+			let [ext] = (name.match(/\.([a-zA-Z0-9_-]+)$/) ?? ['']);
+
+			if (ext === '') {
+				if (type === 'image/jpeg') ext = '.jpg';
+				if (type === 'image/png') ext = '.png';
+				if (type === 'image/webp') ext = '.webp';
+				if (type === 'image/avif') ext = '.avif';
+				if (type === 'image/apng') ext = '.apng';
+				if (type === 'image/vnd.mozilla.apng') ext = '.apng';
+			}
+
+			// 拡張子からContent-Typeを設定してそうな挙動を示すオブジェクトストレージ (upcloud?) も存在するので、
+			// 許可されているファイル形式でしか拡張子をつけない
+			if (!FILE_TYPE_BROWSERSAFE.includes(type)) {
+				ext = '';
+			}
+
+			const baseUrl = meta.objectStorageBaseUrl
+				?? `${ meta.objectStorageUseSSL ? 'https' : 'http' }://${ meta.objectStorageEndpoint }${ meta.objectStoragePort ? `:${meta.objectStoragePort}` : '' }/${ meta.objectStorageBucket }`;
+
+			// for original
+			const key = `${meta.objectStoragePrefix}/${uuid()}${ext}`;
+			const url = `${ baseUrl }/${ key }`;
+
+			// for alts
+			let webpublicKey: string | null = null;
+			let webpublicUrl: string | null = null;
+			let thumbnailKey: string | null = null;
+			let thumbnailUrl: string | null = null;
+			//#endregion
+
+			//#region Uploads
+			this.registerLogger.info(`uploading original: ${key}`);
+			const uploads = [
+				this.upload(key, fs.createReadStream(path), type, name),
+			];
+
+			if (alts.webpublic) {
+				webpublicKey = `${meta.objectStoragePrefix}/webpublic-${uuid()}.${alts.webpublic.ext}`;
+				webpublicUrl = `${ baseUrl }/${ webpublicKey }`;
+
+				this.registerLogger.info(`uploading webpublic: ${webpublicKey}`);
+				uploads.push(this.upload(webpublicKey, alts.webpublic.data, alts.webpublic.type, name));
+			}
+
+			if (alts.thumbnail) {
+				thumbnailKey = `${meta.objectStoragePrefix}/thumbnail-${uuid()}.${alts.thumbnail.ext}`;
+				thumbnailUrl = `${ baseUrl }/${ thumbnailKey }`;
+
+				this.registerLogger.info(`uploading thumbnail: ${thumbnailKey}`);
+				uploads.push(this.upload(thumbnailKey, alts.thumbnail.data, alts.thumbnail.type));
+			}
+
+			await Promise.all(uploads);
+			//#endregion
+
+			file.url = url;
+			file.thumbnailUrl = thumbnailUrl;
+			file.webpublicUrl = webpublicUrl;
+			file.accessKey = key;
+			file.thumbnailAccessKey = thumbnailKey;
+			file.webpublicAccessKey = webpublicKey;
+			file.webpublicType = alts.webpublic?.type ?? null;
+			file.name = name;
+			file.type = type;
+			file.md5 = hash;
+			file.size = size;
+			file.storedInternal = false;
+
+			return await this.driveFilesRepository.insert(file).then(x => this.driveFilesRepository.findOneByOrFail(x.identifiers[0]));
+		} else { // use internal storage
+			const accessKey = uuid();
+			const thumbnailAccessKey = 'thumbnail-' + uuid();
+			const webpublicAccessKey = 'webpublic-' + uuid();
+
+			const url = this.internalStorageService.saveFromPath(accessKey, path);
+
+			let thumbnailUrl: string | null = null;
+			let webpublicUrl: string | null = null;
+
+			if (alts.thumbnail) {
+				thumbnailUrl = this.internalStorageService.saveFromBuffer(thumbnailAccessKey, alts.thumbnail.data);
+				this.registerLogger.info(`thumbnail stored: ${thumbnailAccessKey}`);
+			}
+
+			if (alts.webpublic) {
+				webpublicUrl = this.internalStorageService.saveFromBuffer(webpublicAccessKey, alts.webpublic.data);
+				this.registerLogger.info(`web stored: ${webpublicAccessKey}`);
+			}
+
+			file.storedInternal = true;
+			file.url = url;
+			file.thumbnailUrl = thumbnailUrl;
+			file.webpublicUrl = webpublicUrl;
+			file.accessKey = accessKey;
+			file.thumbnailAccessKey = thumbnailAccessKey;
+			file.webpublicAccessKey = webpublicAccessKey;
+			file.webpublicType = alts.webpublic?.type ?? null;
+			file.name = name;
+			file.type = type;
+			file.md5 = hash;
+			file.size = size;
+
+			return await this.driveFilesRepository.insert(file).then(x => this.driveFilesRepository.findOneByOrFail(x.identifiers[0]));
+		}
+	}
+
+	/**
+	 * Generate webpublic, thumbnail, etc
+	 * @param path Path for original
+	 * @param type Content-Type for original
+	 * @param generateWeb Generate webpublic or not
+	 */
+	@bindThis
+	public async generateAlts(path: string, type: string, generateWeb: boolean) {
+		if (type.startsWith('video/')) {
+			try {
+				const thumbnail = await this.videoProcessingService.generateVideoThumbnail(path);
+				return {
+					webpublic: null,
+					thumbnail,
+				};
+			} catch (err) {
+				this.registerLogger.warn(`GenerateVideoThumbnail failed: ${err}`);
+				return {
+					webpublic: null,
+					thumbnail: null,
+				};
+			}
+		}
+
+		if (!['image/jpeg', 'image/png', 'image/webp', 'image/avif', 'image/svg+xml'].includes(type)) {
+			this.registerLogger.debug('web image and thumbnail not created (not an required file)');
+			return {
+				webpublic: null,
+				thumbnail: null,
+			};
+		}
+
+		let img: sharp.Sharp | null = null;
+		let satisfyWebpublic: boolean;
+
+		try {
+			img = sharp(path);
+			const metadata = await img.metadata();
+			const isAnimated = metadata.pages && metadata.pages > 1;
+
+			// skip animated
+			if (isAnimated) {
+				return {
+					webpublic: null,
+					thumbnail: null,
+				};
+			}
+
+			satisfyWebpublic = !!(
+				type !== 'image/svg+xml' && type !== 'image/webp' && type !== 'image/avif' &&
+			!(metadata.exif ?? metadata.iptc ?? metadata.xmp ?? metadata.tifftagPhotoshop) &&
+			metadata.width && metadata.width <= 2048 &&
+			metadata.height && metadata.height <= 2048
+			);
+		} catch (err) {
+			this.registerLogger.warn(`sharp failed: ${err}`);
+			return {
+				webpublic: null,
+				thumbnail: null,
+			};
+		}
+
+		// #region webpublic
+		let webpublic: IImage | null = null;
+
+		if (generateWeb && !satisfyWebpublic) {
+			this.registerLogger.info('creating web image');
+
+			try {
+				if (['image/jpeg', 'image/webp', 'image/avif'].includes(type)) {
+					webpublic = await this.imageProcessingService.convertSharpToJpeg(img, 2048, 2048);
+				} else if (['image/png'].includes(type)) {
+					webpublic = await this.imageProcessingService.convertSharpToPng(img, 2048, 2048);
+				} else if (['image/svg+xml'].includes(type)) {
+					webpublic = await this.imageProcessingService.convertSharpToPng(img, 2048, 2048);
+				} else {
+					this.registerLogger.debug('web image not created (not an required image)');
+				}
+			} catch (err) {
+				this.registerLogger.warn('web image not created (an error occured)', err as Error);
+			}
+		} else {
+			if (satisfyWebpublic) this.registerLogger.info('web image not created (original satisfies webpublic)');
+			else this.registerLogger.info('web image not created (from remote)');
+		}
+		// #endregion webpublic
+
+		// #region thumbnail
+		let thumbnail: IImage | null = null;
+
+		try {
+			if (['image/jpeg', 'image/webp', 'image/avif', 'image/png', 'image/svg+xml'].includes(type)) {
+				thumbnail = await this.imageProcessingService.convertSharpToWebp(img, 498, 280);
+			} else {
+				this.registerLogger.debug('thumbnail not created (not an required file)');
+			}
+		} catch (err) {
+			this.registerLogger.warn('thumbnail not created (an error occured)', err as Error);
+		}
+		// #endregion thumbnail
+
+		return {
+			webpublic,
+			thumbnail,
+		};
+	}
+
+	/**
+	 * Upload to ObjectStorage
+	 */
+	@bindThis
+	private async upload(key: string, stream: fs.ReadStream | Buffer, type: string, filename?: string) {
+		if (type === 'image/apng') type = 'image/png';
+		if (!FILE_TYPE_BROWSERSAFE.includes(type)) type = 'application/octet-stream';
+
+		const meta = await this.metaService.fetch();
+
+		const params = {
+			Bucket: meta.objectStorageBucket,
+			Key: key,
+			Body: stream,
+			ContentType: type,
+			CacheControl: 'max-age=31536000, immutable',
+		} as S3.PutObjectRequest;
+
+		if (filename) params.ContentDisposition = contentDisposition('inline', filename);
+		if (meta.objectStorageSetPublicRead) params.ACL = 'public-read';
+
+		const s3 = this.s3Service.getS3(meta);
+
+		const upload = s3.upload(params, {
+			partSize: s3.endpoint.hostname === 'storage.googleapis.com' ? 500 * 1024 * 1024 : 8 * 1024 * 1024,
+		});
+
+		await upload.promise()
+			.then(
+				result => {
+					if (result) {
+						this.registerLogger.debug(`Uploaded: ${result.Bucket}/${result.Key} => ${result.Location}`);
+					} else {
+						this.registerLogger.error(`Upload Result Empty: key = ${key}, filename = ${filename}`);
+					}
+				},
+				err => {
+					this.registerLogger.error(`Upload Failed: key = ${key}, filename = ${filename}`, err);
+				},
+			);
+	}
+
+	@bindThis
+	private async deleteOldFile(user: IRemoteUser) {
+		const q = this.driveFilesRepository.createQueryBuilder('file')
+			.where('file.userId = :userId', { userId: user.id })
+			.andWhere('file.isLink = FALSE');
+
+		if (user.avatarId) {
+			q.andWhere('file.id != :avatarId', { avatarId: user.avatarId });
+		}
+
+		if (user.bannerId) {
+			q.andWhere('file.id != :bannerId', { bannerId: user.bannerId });
+		}
+
+		q.orderBy('file.id', 'ASC');
+
+		const oldFile = await q.getOne();
+
+		if (oldFile) {
+			this.deleteFile(oldFile, true);
+		}
+	}
+
+	/**
+	 * Add file to drive
+	 *
+	 */
+	@bindThis
+	public async addFile({
+		user,
+		path,
+		name = null,
+		comment = null,
+		folderId = null,
+		force = false,
+		isLink = false,
+		url = null,
+		uri = null,
+		sensitive = null,
+		requestIp = null,
+		requestHeaders = null,
+	}: AddFileArgs): Promise<DriveFile> {
+		let skipNsfwCheck = false;
+		const instance = await this.metaService.fetch();
+		if (user == null) skipNsfwCheck = true;
+		if (instance.sensitiveMediaDetection === 'none') skipNsfwCheck = true;
+		if (user && instance.sensitiveMediaDetection === 'local' && this.userEntityService.isRemoteUser(user)) skipNsfwCheck = true;
+		if (user && instance.sensitiveMediaDetection === 'remote' && this.userEntityService.isLocalUser(user)) skipNsfwCheck = true;
+
+		const info = await this.fileInfoService.getFileInfo(path, {
+			skipSensitiveDetection: skipNsfwCheck,
+			sensitiveThreshold: // 感度が高いほどしきい値は低くすることになる
+			instance.sensitiveMediaDetectionSensitivity === 'veryHigh' ? 0.1 :
+			instance.sensitiveMediaDetectionSensitivity === 'high' ? 0.3 :
+			instance.sensitiveMediaDetectionSensitivity === 'low' ? 0.7 :
+			instance.sensitiveMediaDetectionSensitivity === 'veryLow' ? 0.9 :
+			0.5,
+			sensitiveThresholdForPorn: 0.75,
+			enableSensitiveMediaDetectionForVideos: instance.enableSensitiveMediaDetectionForVideos,
+		});
+		this.registerLogger.info(`${JSON.stringify(info)}`);
+
+		// 現状 false positive が多すぎて実用に耐えない
+		//if (info.porn && instance.disallowUploadWhenPredictedAsPorn) {
+		//	throw new IdentifiableError('282f77bf-5816-4f72-9264-aa14d8261a21', 'Detected as porn.');
+		//}
+
+		// detect name
+		const detectedName = name ?? (info.type.ext ? `untitled.${info.type.ext}` : 'untitled');
+
+		if (user && !force) {
+		// Check if there is a file with the same hash
+			const much = await this.driveFilesRepository.findOneBy({
+				md5: info.md5,
+				userId: user.id,
+			});
+
+			if (much) {
+				this.registerLogger.info(`file with same hash is found: ${much.id}`);
+				return much;
+			}
+		}
+
+		this.registerLogger.debug(`ADD DRIVE FILE: user ${user?.id ?? 'not set'}, name ${detectedName}, tmp ${path}`);
+
+		//#region Check drive usage
+		if (user && !isLink) {
+			const usage = await this.driveFileEntityService.calcDriveUsageOf(user);
+
+			const policies = await this.roleService.getUserPolicies(user.id);
+			const driveCapacity = 1024 * 1024 * policies.driveCapacityMb;
+			this.registerLogger.debug('drive capacity override applied');
+			this.registerLogger.debug(`overrideCap: ${driveCapacity}bytes, usage: ${usage}bytes, u+s: ${usage + info.size}bytes`);
+
+			this.registerLogger.debug(`drive usage is ${usage} (max: ${driveCapacity})`);
+
+			// If usage limit exceeded
+			if (usage + info.size > driveCapacity) {
+				if (this.userEntityService.isLocalUser(user)) {
+					throw new IdentifiableError('c6244ed2-a39a-4e1c-bf93-f0fbd7764fa6', 'No free space.');
+				} else {
+				// (アバターまたはバナーを含まず)最も古いファイルを削除する
+					this.deleteOldFile(await this.usersRepository.findOneByOrFail({ id: user.id }) as IRemoteUser);
+				}
+			}
+		}
+		//#endregion
+
+		const fetchFolder = async () => {
+			if (!folderId) {
+				return null;
+			}
+
+			const driveFolder = await this.driveFoldersRepository.findOneBy({
+				id: folderId,
+				userId: user ? user.id : IsNull(),
+			});
+
+			if (driveFolder == null) throw new Error('folder-not-found');
+
+			return driveFolder;
+		};
+
+		const properties: {
+		width?: number;
+		height?: number;
+		orientation?: number;
+	} = {};
+
+		if (info.width) {
+			properties['width'] = info.width;
+			properties['height'] = info.height;
+		}
+		if (info.orientation != null) {
+			properties['orientation'] = info.orientation;
+		}
+
+		const profile = user ? await this.userProfilesRepository.findOneBy({ userId: user.id }) : null;
+
+		const folder = await fetchFolder();
+
+		let file = new DriveFile();
+		file.id = this.idService.genId();
+		file.createdAt = new Date();
+		file.userId = user ? user.id : null;
+		file.userHost = user ? user.host : null;
+		file.folderId = folder !== null ? folder.id : null;
+		file.comment = comment;
+		file.properties = properties;
+		file.blurhash = info.blurhash ?? null;
+		file.isLink = isLink;
+		file.requestIp = requestIp;
+		file.requestHeaders = requestHeaders;
+		file.maybeSensitive = info.sensitive;
+		file.maybePorn = info.porn;
+		file.isSensitive = user
+			? this.userEntityService.isLocalUser(user) && profile!.alwaysMarkNsfw ? true :
+			(sensitive !== null && sensitive !== undefined)
+				? sensitive
+				: false
+			: false;
+
+		if (info.sensitive && profile!.autoSensitive) file.isSensitive = true;
+		if (info.sensitive && instance.setSensitiveFlagAutomatically) file.isSensitive = true;
+
+		if (url !== null) {
+			file.src = url;
+
+			if (isLink) {
+				file.url = url;
+				// ローカルプロキシ用
+				file.accessKey = uuid();
+				file.thumbnailAccessKey = 'thumbnail-' + uuid();
+				file.webpublicAccessKey = 'webpublic-' + uuid();
+			}
+		}
+
+		if (uri !== null) {
+			file.uri = uri;
+		}
+
+		if (isLink) {
+			try {
+				file.size = 0;
+				file.md5 = info.md5;
+				file.name = detectedName;
+				file.type = info.type.mime;
+				file.storedInternal = false;
+
+				file = await this.driveFilesRepository.insert(file).then(x => this.driveFilesRepository.findOneByOrFail(x.identifiers[0]));
+			} catch (err) {
+			// duplicate key error (when already registered)
+				if (isDuplicateKeyValueError(err)) {
+					this.registerLogger.info(`already registered ${file.uri}`);
+
+					file = await this.driveFilesRepository.findOneBy({
+						uri: file.uri!,
+						userId: user ? user.id : IsNull(),
+					}) as DriveFile;
+				} else {
+					this.registerLogger.error(err as Error);
+					throw err;
+				}
+			}
+		} else {
+			file = await (this.save(file, path, detectedName, info.type.mime, info.md5, info.size));
+		}
+
+		this.registerLogger.succ(`drive file has been created ${file.id}`);
+
+		if (user) {
+			this.driveFileEntityService.pack(file, { self: true }).then(packedFile => {
+			// Publish driveFileCreated event
+				this.globalEventService.publishMainStream(user.id, 'driveFileCreated', packedFile);
+				this.globalEventService.publishDriveStream(user.id, 'fileCreated', packedFile);
+			});
+		}
+
+		// 統計を更新
+		this.driveChart.update(file, true);
+		this.perUserDriveChart.update(file, true);
+		if (file.userHost !== null) {
+			this.instanceChart.updateDrive(file, true);
+		}
+
+		return file;
+	}
+
+	@bindThis
+	public async deleteFile(file: DriveFile, isExpired = false) {
+		if (file.storedInternal) {
+			this.internalStorageService.del(file.accessKey!);
+
+			if (file.thumbnailUrl) {
+				this.internalStorageService.del(file.thumbnailAccessKey!);
+			}
+
+			if (file.webpublicUrl) {
+				this.internalStorageService.del(file.webpublicAccessKey!);
+			}
+		} else if (!file.isLink) {
+			this.queueService.createDeleteObjectStorageFileJob(file.accessKey!);
+
+			if (file.thumbnailUrl) {
+				this.queueService.createDeleteObjectStorageFileJob(file.thumbnailAccessKey!);
+			}
+
+			if (file.webpublicUrl) {
+				this.queueService.createDeleteObjectStorageFileJob(file.webpublicAccessKey!);
+			}
+		}
+
+		this.deletePostProcess(file, isExpired);
+	}
+
+	@bindThis
+	public async deleteFileSync(file: DriveFile, isExpired = false) {
+		if (file.storedInternal) {
+			this.internalStorageService.del(file.accessKey!);
+
+			if (file.thumbnailUrl) {
+				this.internalStorageService.del(file.thumbnailAccessKey!);
+			}
+
+			if (file.webpublicUrl) {
+				this.internalStorageService.del(file.webpublicAccessKey!);
+			}
+		} else if (!file.isLink) {
+			const promises = [];
+
+			promises.push(this.deleteObjectStorageFile(file.accessKey!));
+
+			if (file.thumbnailUrl) {
+				promises.push(this.deleteObjectStorageFile(file.thumbnailAccessKey!));
+			}
+
+			if (file.webpublicUrl) {
+				promises.push(this.deleteObjectStorageFile(file.webpublicAccessKey!));
+			}
+
+			await Promise.all(promises);
+		}
+
+		this.deletePostProcess(file, isExpired);
+	}
+
+	@bindThis
+	private async deletePostProcess(file: DriveFile, isExpired = false) {
+	// リモートファイル期限切れ削除後は直リンクにする
+		if (isExpired && file.userHost !== null && file.uri != null) {
+			this.driveFilesRepository.update(file.id, {
+				isLink: true,
+				url: file.uri,
+				thumbnailUrl: null,
+				webpublicUrl: null,
+				storedInternal: false,
+				// ローカルプロキシ用
+				accessKey: uuid(),
+				thumbnailAccessKey: 'thumbnail-' + uuid(),
+				webpublicAccessKey: 'webpublic-' + uuid(),
+			});
+		} else {
+			this.driveFilesRepository.delete(file.id);
+		}
+
+		// 統計を更新
+		this.driveChart.update(file, false);
+		this.perUserDriveChart.update(file, false);
+		if (file.userHost !== null) {
+			this.instanceChart.updateDrive(file, false);
+		}
+	}
+
+	@bindThis
+	public async deleteObjectStorageFile(key: string) {
+		const meta = await this.metaService.fetch();
+
+		const s3 = this.s3Service.getS3(meta);
+
+		await s3.deleteObject({
+			Bucket: meta.objectStorageBucket!,
+			Key: key,
+		}).promise();
+	}
+
+	@bindThis
+	public async uploadFromUrl({
+		url,
+		user,
+		folderId = null,
+		uri = null,
+		sensitive = false,
+		force = false,
+		isLink = false,
+		comment = null,
+		requestIp = null,
+		requestHeaders = null,
+	}: UploadFromUrlArgs): Promise<DriveFile> {
+		let name = new URL(url).pathname.split('/').pop() ?? null;
+		if (name == null || !this.driveFileEntityService.validateFileName(name)) {
+			name = null;
+		}
+	
+		// If the comment is same as the name, skip comment
+		// (image.name is passed in when receiving attachment)
+		if (comment !== null && name === comment) {
+			comment = null;
+		}
+	
+		// Create temp file
+		const [path, cleanup] = await createTemp();
+	
+		try {
+			// write content at URL to temp file
+			await this.downloadService.downloadUrl(url, path);
+	
+			const driveFile = await this.addFile({ user, path, name, comment, folderId, force, isLink, url, uri, sensitive, requestIp, requestHeaders });
+			this.downloaderLogger.succ(`Got: ${driveFile.id}`);
+			return driveFile!;
+		} catch (err) {
+			this.downloaderLogger.error(`Failed to create drive file: ${err}`, {
+				url: url,
+				e: err,
+			});
+			throw err;
+		} finally {
+			cleanup();
+		}
+	}
+}

packages/backend/src/core/EmailService.ts

@@ -0,0 +1,180 @@
+import * as nodemailer from 'nodemailer';
+import { Inject, Injectable } from '@nestjs/common';
+import { validate as validateEmail } from 'deep-email-validator';
+import { MetaService } from '@/core/MetaService.js';
+import { DI } from '@/di-symbols.js';
+import type { Config } from '@/config.js';
+import type Logger from '@/logger.js';
+import type { UserProfilesRepository } from '@/models/index.js';
+import { LoggerService } from '@/core/LoggerService.js';
+import { bindThis } from '@/decorators.js';
+
+@Injectable()
+export class EmailService {
+	private logger: Logger;
+
+	constructor(
+		@Inject(DI.config)
+		private config: Config,
+
+		@Inject(DI.userProfilesRepository)
+		private userProfilesRepository: UserProfilesRepository,
+
+		private metaService: MetaService,
+		private loggerService: LoggerService,
+	) {
+		this.logger = this.loggerService.getLogger('email');
+	}
+
+	@bindThis
+	public async sendEmail(to: string, subject: string, html: string, text: string) {
+		const meta = await this.metaService.fetch(true);
+	
+		const iconUrl = `${this.config.url}/static-assets/mi-white.png`;
+		const emailSettingUrl = `${this.config.url}/settings/email`;
+	
+		const enableAuth = meta.smtpUser != null && meta.smtpUser !== '';
+	
+		const transporter = nodemailer.createTransport({
+			host: meta.smtpHost,
+			port: meta.smtpPort,
+			secure: meta.smtpSecure,
+			ignoreTLS: !enableAuth,
+			proxy: this.config.proxySmtp,
+			auth: enableAuth ? {
+				user: meta.smtpUser,
+				pass: meta.smtpPass,
+			} : undefined,
+		} as any);
+	
+		try {
+			// TODO: htmlサニタイズ
+			const info = await transporter.sendMail({
+				from: meta.email!,
+				to: to,
+				subject: subject,
+				text: text,
+				html: `<!doctype html>
+<html>
+	<head>
+		<meta charset="utf-8">
+		<title>${ subject }</title>
+		<style>
+			html {
+				background: #eee;
+			}
+
+			body {
+				padding: 16px;
+				margin: 0;
+				font-family: sans-serif;
+				font-size: 14px;
+			}
+
+			a {
+				text-decoration: none;
+				color: #86b300;
+			}
+			a:hover {
+				text-decoration: underline;
+			}
+
+			main {
+				max-width: 500px;
+				margin: 0 auto;
+				background: #fff;
+				color: #555;
+			}
+				main > header {
+					padding: 32px;
+					background: #86b300;
+				}
+					main > header > img {
+						max-width: 128px;
+						max-height: 28px;
+						vertical-align: bottom;
+					}
+				main > article {
+					padding: 32px;
+				}
+					main > article > h1 {
+						margin: 0 0 1em 0;
+					}
+				main > footer {
+					padding: 32px;
+					border-top: solid 1px #eee;
+				}
+
+			nav {
+				box-sizing: border-box;
+				max-width: 500px;
+				margin: 16px auto 0 auto;
+				padding: 0 32px;
+			}
+				nav > a {
+					color: #888;
+				}
+		</style>
+	</head>
+	<body>
+		<main>
+			<header>
+				<img src="${ meta.logoImageUrl ?? meta.iconUrl ?? iconUrl }"/>
+			</header>
+			<article>
+				<h1>${ subject }</h1>
+				<div>${ html }</div>
+			</article>
+			<footer>
+				<a href="${ emailSettingUrl }">${ 'Email setting' }</a>
+			</footer>
+		</main>
+		<nav>
+			<a href="${ this.config.url }">${ this.config.host }</a>
+		</nav>
+	</body>
+</html>`,
+			});
+	
+			this.logger.info(`Message sent: ${info.messageId}`);
+		} catch (err) {
+			this.logger.error(err as Error);
+			throw err;
+		}
+	}
+
+	@bindThis
+	public async validateEmailForAccount(emailAddress: string): Promise<{
+		available: boolean;
+		reason: null | 'used' | 'format' | 'disposable' | 'mx' | 'smtp';
+	}> {
+		const meta = await this.metaService.fetch();
+	
+		const exist = await this.userProfilesRepository.countBy({
+			emailVerified: true,
+			email: emailAddress,
+		});
+	
+		const validated = meta.enableActiveEmailValidation ? await validateEmail({
+			email: emailAddress,
+			validateRegex: true,
+			validateMx: true,
+			validateTypo: false, // TLDを見ているみたいだけどclubとか弾かれるので
+			validateDisposable: true, // 捨てアドかどうかチェック
+			validateSMTP: false, // 日本だと25ポートが殆どのプロバイダーで塞がれていてタイムアウトになるので
+		}) : { valid: true, reason: null };
+	
+		const available = exist === 0 && validated.valid;
+	
+		return {
+			available,
+			reason: available ? null :
+			exist !== 0 ? 'used' :
+			validated.reason === 'regex' ? 'format' :
+			validated.reason === 'disposable' ? 'disposable' :
+			validated.reason === 'mx' ? 'mx' :
+			validated.reason === 'smtp' ? 'smtp' :
+			null,
+		};
+	}
+}

packages/backend/src/core/FederatedInstanceService.ts

@@ -0,0 +1,60 @@
+import { Inject, Injectable } from '@nestjs/common';
+import type { InstancesRepository } from '@/models/index.js';
+import type { Instance } from '@/models/entities/Instance.js';
+import { Cache } from '@/misc/cache.js';
+import { IdService } from '@/core/IdService.js';
+import { DI } from '@/di-symbols.js';
+import { UtilityService } from '@/core/UtilityService.js';
+import { bindThis } from '@/decorators.js';
+
+@Injectable()
+export class FederatedInstanceService {
+	private cache: Cache<Instance>;
+
+	constructor(
+		@Inject(DI.instancesRepository)
+		private instancesRepository: InstancesRepository,
+
+		private utilityService: UtilityService,
+		private idService: IdService,
+	) {
+		this.cache = new Cache<Instance>(1000 * 60 * 60);
+	}
+
+	@bindThis
+	public async fetch(host: string): Promise<Instance> {
+		host = this.utilityService.toPuny(host);
+	
+		const cached = this.cache.get(host);
+		if (cached) return cached;
+	
+		const index = await this.instancesRepository.findOneBy({ host });
+	
+		if (index == null) {
+			const i = await this.instancesRepository.insert({
+				id: this.idService.genId(),
+				host,
+				firstRetrievedAt: new Date(),
+			}).then(x => this.instancesRepository.findOneByOrFail(x.identifiers[0]));
+	
+			this.cache.set(host, i);
+			return i;
+		} else {
+			this.cache.set(host, index);
+			return index;
+		}
+	}
+
+	@bindThis
+	public async updateCachePartial(host: string, data: Partial<Instance>): Promise<void> {
+		host = this.utilityService.toPuny(host);
+	
+		const cached = this.cache.get(host);
+		if (cached == null) return;
+	
+		this.cache.set(host, {
+			...cached,
+			...data,
+		});
+	}
+}

packages/backend/src/core/FetchInstanceMetadataService.ts

@@ -0,0 +1,296 @@
+import { URL } from 'node:url';
+import { Inject, Injectable } from '@nestjs/common';
+import { JSDOM } from 'jsdom';
+import tinycolor from 'tinycolor2';
+import type { Instance } from '@/models/entities/Instance.js';
+import type { InstancesRepository } from '@/models/index.js';
+import { AppLockService } from '@/core/AppLockService.js';
+import type Logger from '@/logger.js';
+import { DI } from '@/di-symbols.js';
+import { LoggerService } from '@/core/LoggerService.js';
+import { HttpRequestService } from '@/core/HttpRequestService.js';
+import { bindThis } from '@/decorators.js';
+import type { DOMWindow } from 'jsdom';
+
+type NodeInfo = {
+	openRegistrations?: unknown;
+	software?: {
+		name?: unknown;
+		version?: unknown;
+	};
+	metadata?: {
+		name?: unknown;
+		nodeName?: unknown;
+		nodeDescription?: unknown;
+		description?: unknown;
+		maintainer?: {
+			name?: unknown;
+			email?: unknown;
+		};
+		themeColor?: unknown;
+	};
+};
+
+@Injectable()
+export class FetchInstanceMetadataService {
+	private logger: Logger;
+
+	constructor(
+		@Inject(DI.instancesRepository)
+		private instancesRepository: InstancesRepository,
+
+		private appLockService: AppLockService,
+		private httpRequestService: HttpRequestService,
+		private loggerService: LoggerService,
+	) {
+		this.logger = this.loggerService.getLogger('metadata', 'cyan');
+	}
+
+	@bindThis
+	public async fetchInstanceMetadata(instance: Instance, force = false): Promise<void> {
+		const unlock = await this.appLockService.getFetchInstanceMetadataLock(instance.host);
+	
+		if (!force) {
+			const _instance = await this.instancesRepository.findOneBy({ host: instance.host });
+			const now = Date.now();
+			if (_instance && _instance.infoUpdatedAt && (now - _instance.infoUpdatedAt.getTime() < 1000 * 60 * 60 * 24)) {
+				unlock();
+				return;
+			}
+		}
+	
+		this.logger.info(`Fetching metadata of ${instance.host} ...`);
+	
+		try {
+			const [info, dom, manifest] = await Promise.all([
+				this.fetchNodeinfo(instance).catch(() => null),
+				this.fetchDom(instance).catch(() => null),
+				this.fetchManifest(instance).catch(() => null),
+			]);
+	
+			const [favicon, icon, themeColor, name, description] = await Promise.all([
+				this.fetchFaviconUrl(instance, dom).catch(() => null),
+				this.fetchIconUrl(instance, dom, manifest).catch(() => null),
+				this.getThemeColor(info, dom, manifest).catch(() => null),
+				this.getSiteName(info, dom, manifest).catch(() => null),
+				this.getDescription(info, dom, manifest).catch(() => null),
+			]);
+	
+			this.logger.succ(`Successfuly fetched metadata of ${instance.host}`);
+	
+			const updates = {
+				infoUpdatedAt: new Date(),
+			} as Record<string, any>;
+	
+			if (info) {
+				updates.softwareName = typeof info.software?.name === 'string' ? info.software.name.toLowerCase() : '?';
+				updates.softwareVersion = info.software?.version;
+				updates.openRegistrations = info.openRegistrations;
+				updates.maintainerName = info.metadata ? info.metadata.maintainer ? (info.metadata.maintainer.name ?? null) : null : null;
+				updates.maintainerEmail = info.metadata ? info.metadata.maintainer ? (info.metadata.maintainer.email ?? null) : null : null;
+			}
+	
+			if (name) updates.name = name;
+			if (description) updates.description = description;
+			if (icon || favicon) updates.iconUrl = icon ?? favicon;
+			if (favicon) updates.faviconUrl = favicon;
+			if (themeColor) updates.themeColor = themeColor;
+	
+			await this.instancesRepository.update(instance.id, updates);
+	
+			this.logger.succ(`Successfuly updated metadata of ${instance.host}`);
+		} catch (e) {
+			this.logger.error(`Failed to update metadata of ${instance.host}: ${e}`);
+		} finally {
+			unlock();
+		}
+	}
+
+	@bindThis
+	private async fetchNodeinfo(instance: Instance): Promise<NodeInfo> {
+		this.logger.info(`Fetching nodeinfo of ${instance.host} ...`);
+	
+		try {
+			const wellknown = await this.httpRequestService.getJson('https://' + instance.host + '/.well-known/nodeinfo')
+				.catch(err => {
+					if (err.statusCode === 404) {
+						throw 'No nodeinfo provided';
+					} else {
+						throw err.statusCode ?? err.message;
+					}
+				}) as Record<string, unknown>;
+	
+			if (wellknown.links == null || !Array.isArray(wellknown.links)) {
+				throw 'No wellknown links';
+			}
+	
+			const links = wellknown.links as any[];
+	
+			const lnik1_0 = links.find(link => link.rel === 'http://nodeinfo.diaspora.software/ns/schema/1.0');
+			const lnik2_0 = links.find(link => link.rel === 'http://nodeinfo.diaspora.software/ns/schema/2.0');
+			const lnik2_1 = links.find(link => link.rel === 'http://nodeinfo.diaspora.software/ns/schema/2.1');
+			const link = lnik2_1 ?? lnik2_0 ?? lnik1_0;
+	
+			if (link == null) {
+				throw 'No nodeinfo link provided';
+			}
+	
+			const info = await this.httpRequestService.getJson(link.href)
+				.catch(err => {
+					throw err.statusCode ?? err.message;
+				});
+	
+			this.logger.succ(`Successfuly fetched nodeinfo of ${instance.host}`);
+	
+			return info as NodeInfo;
+		} catch (err) {
+			this.logger.error(`Failed to fetch nodeinfo of ${instance.host}: ${err}`);
+	
+			throw err;
+		}
+	}
+
+	@bindThis
+	private async fetchDom(instance: Instance): Promise<DOMWindow['document']> {
+		this.logger.info(`Fetching HTML of ${instance.host} ...`);
+	
+		const url = 'https://' + instance.host;
+	
+		const html = await this.httpRequestService.getHtml(url);
+	
+		const { window } = new JSDOM(html);
+		const doc = window.document;
+	
+		return doc;
+	}
+
+	@bindThis
+	private async fetchManifest(instance: Instance): Promise<Record<string, unknown> | null> {
+		const url = 'https://' + instance.host;
+	
+		const manifestUrl = url + '/manifest.json';
+	
+		const manifest = await this.httpRequestService.getJson(manifestUrl) as Record<string, unknown>;
+	
+		return manifest;
+	}
+
+	@bindThis
+	private async fetchFaviconUrl(instance: Instance, doc: DOMWindow['document'] | null): Promise<string | null> {
+		const url = 'https://' + instance.host;
+	
+		if (doc) {
+			// https://github.com/misskey-dev/misskey/pull/8220#issuecomment-1025104043
+			const href = Array.from(doc.getElementsByTagName('link')).reverse().find(link => link.relList.contains('icon'))?.href;
+	
+			if (href) {
+				return (new URL(href, url)).href;
+			}
+		}
+	
+		const faviconUrl = url + '/favicon.ico';
+	
+		const favicon = await this.httpRequestService.fetch(faviconUrl, {}, { noOkError: true });
+	
+		if (favicon.ok) {
+			return faviconUrl;
+		}
+	
+		return null;
+	}
+
+	@bindThis
+	private async fetchIconUrl(instance: Instance, doc: DOMWindow['document'] | null, manifest: Record<string, any> | null): Promise<string | null> {
+		if (manifest && manifest.icons && manifest.icons.length > 0 && manifest.icons[0].src) {
+			const url = 'https://' + instance.host;
+			return (new URL(manifest.icons[0].src, url)).href;
+		}
+	
+		if (doc) {
+			const url = 'https://' + instance.host;
+	
+			// https://github.com/misskey-dev/misskey/pull/8220#issuecomment-1025104043
+			const links = Array.from(doc.getElementsByTagName('link')).reverse();
+			// https://github.com/misskey-dev/misskey/pull/8220/files/0ec4eba22a914e31b86874f12448f88b3e58dd5a#r796487559
+			const href = 
+				[
+					links.find(link => link.relList.contains('apple-touch-icon-precomposed'))?.href,
+					links.find(link => link.relList.contains('apple-touch-icon'))?.href,
+					links.find(link => link.relList.contains('icon'))?.href,
+				]
+					.find(href => href);
+	
+			if (href) {
+				return (new URL(href, url)).href;
+			}
+		}
+	
+		return null;
+	}
+
+	@bindThis
+	private async getThemeColor(info: NodeInfo | null, doc: DOMWindow['document'] | null, manifest: Record<string, any> | null): Promise<string | null> {
+		const themeColor = info?.metadata?.themeColor ?? doc?.querySelector('meta[name="theme-color"]')?.getAttribute('content') ?? manifest?.theme_color;
+	
+		if (themeColor) {
+			const color = new tinycolor(themeColor);
+			if (color.isValid()) return color.toHexString();
+		}
+	
+		return null;
+	}
+
+	@bindThis
+	private async getSiteName(info: NodeInfo | null, doc: DOMWindow['document'] | null, manifest: Record<string, any> | null): Promise<string | null> {
+		if (info && info.metadata) {
+			if (typeof info.metadata.nodeName === 'string') {
+				return info.metadata.nodeName;
+			} else if (typeof info.metadata.name === 'string') {
+				return info.metadata.name;
+			}
+		}
+	
+		if (doc) {
+			const og = doc.querySelector('meta[property="og:title"]')?.getAttribute('content');
+	
+			if (og) {
+				return og;
+			}
+		}
+	
+		if (manifest) {
+			return manifest.name ?? manifest.short_name;
+		}
+	
+		return null;
+	}
+
+	@bindThis
+	private async getDescription(info: NodeInfo | null, doc: DOMWindow['document'] | null, manifest: Record<string, any> | null): Promise<string | null> {
+		if (info && info.metadata) {
+			if (typeof info.metadata.nodeDescription === 'string') {
+				return info.metadata.nodeDescription;
+			} else if (typeof info.metadata.description === 'string') {
+				return info.metadata.description;
+			}
+		}
+	
+		if (doc) {
+			const meta = doc.querySelector('meta[name="description"]')?.getAttribute('content');
+			if (meta) {
+				return meta;
+			}
+	
+			const og = doc.querySelector('meta[property="og:description"]')?.getAttribute('content');
+			if (og) {
+				return og;
+			}
+		}
+	
+		if (manifest) {
+			return manifest.name ?? manifest.short_name;
+		}
+	
+		return null;
+	}
+}