10 files changed, 450 insertions, 4 deletions
diff --git a/docs/configuration/accounts.md b/docs/configuration/accounts.md
new file mode 100644
index 000000000..e77bc92fc
--- /dev/null
+++ b/docs/configuration/accounts.md
@@ -0,0 +1,27 @@
+# Accounts
+
+## Settings
+
+```yaml
+###########################
+##### ACCOUNTS CONFIG #####
+###########################
+
+# Config pertaining to creation and maintenance of accounts on the server, as well as defaults for new accounts.
+accounts:
+
+  # Bool. Do we want people to be able to just submit sign up requests, or do we want invite only?
+  # Options: [true, false]
+  # Default: true
+  openRegistration: true
+
+  # Bool. Do sign up requests require approval from an admin/moderator before an account can sign in/use the server?
+  # Options: [true, false]
+  # Default: true
+  requireApproval: true
+
+  # Bool. Are sign up requests required to submit a reason for the request (eg., an explanation of why they want to join the instance)?
+  # Options: [true, false]
+  # Default: true
+  reasonRequired: true
+```
diff --git a/docs/configuration/database.md b/docs/configuration/database.md
new file mode 100644
index 000000000..0c6cf692e
--- /dev/null
+++ b/docs/configuration/database.md
@@ -0,0 +1,98 @@
+# Database
+
+GoToSocial stores statuses, accounts, etc, in a database. This can be either [SQLite](https://sqlite.org/index.html) or [Postgres](https://www.postgresql.org/).
+
+By default, GoToSocial will use Postgres, but this is easy to change.
+
+## SQLite
+
+SQLite, as the name implies, is the lightest database type that GoToSocial can use. It stores entries in a simple file format, usually in the same directory as the GoToSocial binary itself. SQLite is great for small instances and lower-powered machines like Raspberry Pi, where a dedicated database would be overkill.
+
+To configure GoToSocial to use SQLite, change `db.type` to `sqlite`. The `address` setting will then be a filename instead of an address, so you might want to change it to `sqlite.db` or something similar.
+
+Note that the `:memory:` setting will use an *in-memory database* which will be wiped when your GoToSocial instance stops running. This is for testing only and is absolutely not suitable for running a proper instance, so *don't do this*.
+
+## Postgres
+
+Postgres is a heavier database format, which is useful for larger instances where you need to scale performance, or where you need to run your database on a dedicated machine separate from your GoToSocial instance (or do funky stuff like run a database cluster).
+
+GoToSocial supports connecting to Postgres using SSL/TLS. If you're running Postgres on a different machine from GoToSocial, and connecting to it via an IP address or hostname (as opposed to just running on localhost), then SSL/TLS is **CRUCIAL** to avoid leaking data all over the place!
+
+When you're using Postgres, GoToSocial expects whatever you've set for `db.user` to already be created in the database, and to have ownership of whatever you've set for `db.database`.
+
+For example, if you set:
+
+```text
+db:
+  [...]
+  user: "gotosocial"
+  password: "some_really_good_password"
+  database: "gotosocial"  
+```
+
+Then you should have already created database `gotosocial` in Postgres, and given ownership of it to the `gotosocial` user.
+
+The psql commands to do this will look something like:
+
+```psql
+create database gotosocial;
+create user gotosocial with password 'some_really_good_password';
+grant all privileges on database gotosocial to gotosocial;
+```
+
+## Settings
+
+```yaml
+############################
+##### DATABASE CONFIG ######
+############################
+
+# Config pertaining to the Gotosocial database connection
+db:
+
+  # String. Database type.
+  # Options: ["postgres","sqlite"]
+  # Default: "postgres"
+  type: "postgres"
+
+  # String. Database address or parameters.
+  # Examples: ["localhost","my.db.host","127.0.0.1","192.111.39.110",":memory:"]
+  # Default: "localhost"
+  address: "127.0.0.1"
+
+  # Int. Port for database connection.
+  # Examples: [5432, 1234, 6969]
+  # Default: 5432
+  port: 5432
+
+  # String. Username for the database connection.
+  # Examples: ["mydbuser","postgres","gotosocial"]
+  # Default: "postgres"
+  user: "postgres"
+
+  # REQUIRED
+  # String. Password to use for the database connection
+  # Examples: ["password123","verysafepassword","postgres"]
+  # Default: "postgres"
+  password: "postgres"
+
+  # String. Name of the database to use within the provided database type.
+  # Examples: ["mydb","postgres","gotosocial"]
+  # Default: "postgres"
+  database: "postgres"
+
+  # String. Disable, enable, or require SSL/TLS connection to the database.
+  # If "disable" then no TLS connection will be attempted.
+  # If "enable" then TLS will be tried, but the database certificate won't be checked (for self-signed certs).
+  # If "require" then TLS will be required to make a connection, and a valid certificate must be presented.
+  # Options: ["disable", "enable", "require"]
+  # Default: "disable"
+  tlsMode: "disable"
+
+  # String. Path to a CA certificate on the host machine for db certificate validation.
+  # If this is left empty, just the host certificates will be used.
+  # If filled in, the certificate will be loaded and added to host certificates.
+  # Examples: ["/path/to/some/cert.crt"]
+  # Default: ""
+  tlsCACert: ""
+```
diff --git a/docs/configuration/general.md b/docs/configuration/general.md
index ea60a311b..4bb5f76d1 100644
--- a/docs/configuration/general.md
+++ b/docs/configuration/general.md
@@ -1,3 +1,67 @@
 # General
 
-TODO
+The top-level configuration for GoToSocial, including basic things like host and transport protocol.
+
+The only things you *really* need to set here are `host`, which should be the hostname where your instance is reachable, and probably `port`.
+
+## Settings
+
+```yaml
+###########################
+##### GENERAL CONFIG ######
+###########################
+
+# String. Log level to use throughout the application. Must be lower-case.
+# Options: ["trace","debug","info","warn","error","fatal"]
+# Default: "info"
+logLevel: "info"
+
+# String. Application name to use internally.
+# Examples: ["My Application","gotosocial"]
+# Default: "gotosocial"
+applicationName: "gotosocial"
+
+# String. Hostname that this server will be reachable at. Defaults to localhost for local testing,
+# but you should *definitely* change this when running for real, or your server won't work at all.
+# DO NOT change this after your server has already run once, or you will break things!
+# Examples: ["gts.example.org","some.server.com"]
+# Default: "localhost"
+host: "localhost"
+
+# String. Domain to use when federating profiles. This is useful when you want your server to be at
+# eg., "gts.example.org", but you want the domain on accounts to be "example.org" because it looks better
+# or is just shorter/easier to remember.
+# To make this setting work properly, you need to redirect requests at "example.org/.well-known/webfinger"
+# to "gts.example.org/.well-known/webfinger" so that GtS can handle them properly.
+# You should also redirect requests at "example.org/.well-known/nodeinfo" in the same way.
+# An empty string (ie., not set) means that the same value as 'host' will be used.
+# DO NOT change this after your server has already run once, or you will break things!
+# Examples: ["example.org","server.com"]
+# Default: ""
+accountDomain: ""
+
+# String. Protocol to use for the server. Only change to http for local testing!
+# This should be the protocol part of the URI that your server is actually reachable on. So even if you're
+# running GoToSocial behind a reverse proxy that handles SSL certificates for you, instead of using built-in
+# letsencrypt, it should still be https.
+# Options: ["http","https"]
+# Default: "https"
+protocol: "https"
+
+# Int. Listen port for the GoToSocial webserver + API. If you're running behind a reverse proxy and/or in a docker,
+# container, just set this to whatever you like (or leave the default), and make sure it's forwarded properly.
+# If you are running with built-in letsencrypt enabled, and running GoToSocial directly on a host machine, you will
+# probably want to set this to 443 (standard https port), unless you have other services already using that port.
+# This *MUST NOT* be the same as the letsencrypt port specified below, unless letsencrypt is turned off.
+# Examples: [443, 6666, 8080]
+# Default: 8080
+port: 8080
+
+# Array of string. CIDRs or IP addresses of proxies that should be trusted when determining real client IP from behind a reverse proxy.
+# If you're running inside a Docker container behind Traefik or Nginx, for example, add the subnet of your docker network,
+# or the gateway of the docker network, and/or the address of the reverse proxy (if it's not running on the host network).
+# Example: ["127.0.0.1/32", "172.20.0.1"]
+# Default: ["127.0.0.1/32"] (localhost)
+trustedProxies:
+  - "127.0.0.1/32"
+```
diff --git a/docs/configuration/index.md b/docs/configuration/index.md
new file mode 100644
index 000000000..ef27a0725
--- /dev/null
+++ b/docs/configuration/index.md
@@ -0,0 +1,73 @@
+# Configuration Overview
+
+GoToSocial aims to be as configurable as possible, to fit lots of different use cases.
+
+We try to provide sensible defaults wherever possible, but you can't run a GoToSocial instance without managing *some* configuration.
+
+In this section, we describe the different methods available for configuring GoToSocial, 
+
+## Configuration Methods
+
+There are three different methods for configuring a GoToSocial instance, which can be combined depending on your setup.
+
+### Configuration File
+
+The easiest way to configure GoToSocial is to pass a configuration file to to the `gotosocial server start` command, for example:
+
+```bash
+gotosocial --config-path ./config.yaml server start
+```
+
+The command expects a file in [YAML](https://en.wikipedia.org/wiki/YAML) format.
+
+An example configuration file, with an explanation of each of the config fields, with default and example values, can be found [here](https://github.com/superseriousbusiness/gotosocial/blob/main/example/config.yaml).
+
+This example file is included with release downloads, so you can just copy it and edit it to your needs without having to worry too much about what the hell YAML is.
+
+### Environment Variables
+
+You can also configure GoToSocial by setting [environment variables](https://en.wikipedia.org/wiki/Environment_variable). These environment variables generally follow the format:
+
+```text
+GTS_[CONFIG_SECTION]_[FIELD_NAME]
+```
+
+So for example, instead of setting `media.maxImageSize` to `2097152` in your config.yaml, you could set the environment variable:
+
+```text
+GTS_MEDIA_MAX_IMAGE_SIZE=2097152
+```
+
+If you're in doubt about any of the names of these environment variables, just check `gotosocial --help`. They're all listed there.
+
+### Command Line Flags
+
+Finally, you can set configuration values using command-line flags, which you pass directly when you're running a `gotosocial` command. For example, instead of setting `media.maxImageSize` in your config.yaml, or with an environment variable, you can pass the value directly through the command line:
+
+```bash
+gotosocial --media-max-image-size 2097152 server start
+```
+
+Note the weird order of the above command; `gotosocial` first, then all global variables (like the ones in the config.yaml), then the command you want to execute.
+
+If you're in doubt about which flags are available, check `gotosocial --help`.
+
+## Priority
+
+The above configuration methods override each other in the order in which they were listed.
+
+```text
+command line flags > environment variables > config file
+```
+
+That is, if you set `media.maxImageSize` to `2097152` in your config file, but then *ALSO* set the environment variable `GTS_MEDIA_MAX_IMAGE_SIZE=9999999`, then the final value will be `9999999`, because environment variables have a *higher priority* than values set in config.yaml.
+
+Command line flags have the highest priority, so if you set `--media-max-image-size 13121312`, then the final value will be `13121312` regardless of what you've set elsewhere.
+
+This means in cases where you want to just try changing one thing, but don't want to edit your config file, you can temporarily use an environment variable or a command line flag to set that one thing.
+
+## Default Values
+
+Reasonable default values are provided for *most* of the configuration parameters, except in cases where a custom value is absolutely required.
+
+See the [example config file](https://github.com/superseriousbusiness/gotosocial/blob/main/example/config.yaml) for the default values, or run `gotosocial --help`.
diff --git a/docs/configuration/letsencrypt.md b/docs/configuration/letsencrypt.md
new file mode 100644
index 000000000..05953cbb7
--- /dev/null
+++ b/docs/configuration/letsencrypt.md
@@ -0,0 +1,43 @@
+# LetsEncrypt
+
+## Settings
+
+```yaml
+##############################
+##### LETSENCRYPT CONFIG #####
+##############################
+
+# Config pertaining to the automatic acquisition and use of LetsEncrypt HTTPS certificates.
+letsEncrypt:
+
+  # Bool. Whether or not letsencrypt should be enabled for the server.
+  # If false, the rest of the settings here will be ignored.
+  # You should only change this if you want to serve GoToSocial behind a reverse proxy
+  # like Traefik, HAProxy, or Nginx.
+  # Options: [true, false]
+  # Default: true
+  enabled: true
+
+  # Int. Port to listen for letsencrypt certificate challenges on.
+  # If letsencrypt is enabled, this port must be reachable or you won't be able to obtain certs.
+  # If letsencrypt is disabled, this port will not be used.
+  # This *must not* be the same as the webserver/API port specified above.
+  # Examples: [80, 8000, 1312]
+  # Default: 80
+  port: 80
+
+  # String. Directory in which to store LetsEncrypt certificates.
+  # It is a good move to make this a sub-path within your storage directory, as it makes
+  # backup easier, but you might wish to move them elsewhere if they're also accessed by other services.
+  # In any case, make sure GoToSocial has permissions to write to / read from this directory.
+  # Examples: ["/home/gotosocial/storage/certs", "/acmecerts"]
+  # Default: "/gotosocial/storage/certs"
+  certDir: "/gotosocial/storage/certs"
+
+  # String. Email address to use when registering LetsEncrypt certs.
+  # Most likely, this will be the email address of the instance administrator.
+  # LetsEncrypt will send notifications about expiring certificates etc to this address.
+  # Examples: ["admin@example.org"]
+  # Default: ""
+  emailAddress: ""
+```
diff --git a/docs/configuration/media.md b/docs/configuration/media.md
new file mode 100644
index 000000000..2c5e778f7
--- /dev/null
+++ b/docs/configuration/media.md
@@ -0,0 +1,32 @@
+# Media
+
+## Settings
+
+```yaml
+########################
+##### MEDIA CONFIG #####
+########################
+
+# Config pertaining to user media uploads (videos, image, image descriptions).
+media:
+
+  # Int. Maximum allowed image upload size in bytes.
+  # Examples: [2097152, 10485760]
+  # Default: 2097152 -- aka 2MB
+  maxImageSize: 2097152
+
+  # Int. Maximum allowed video upload size in bytes.
+  # Examples: [2097152, 10485760]
+  # Default: 10485760 -- aka 10MB
+  maxVideoSize: 10485760
+
+  # Int. Minimum amount of characters required as an image or video description.
+  # Examples: [500, 1000, 1500]
+  # Default: 0 (not required)
+  minDescriptionChars: 0
+
+  # Int. Maximum amount of characters permitted in an image or video description.
+  # Examples: [500, 1000, 1500]
+  # Default: 500
+  maxDescriptionChars: 500
+```
diff --git a/docs/configuration/overview.md b/docs/configuration/overview.md
deleted file mode 100644
index 4c7d803a7..000000000
--- a/docs/configuration/overview.md
+++ /dev/null
@@ -1,3 +0,0 @@
-# Overview
-
-TODO
diff --git a/docs/configuration/statuses.md b/docs/configuration/statuses.md
new file mode 100644
index 000000000..606776a83
--- /dev/null
+++ b/docs/configuration/statuses.md
@@ -0,0 +1,45 @@
+# Statuses
+
+## Settings
+
+```yaml
+##########################
+##### STORAGE CONFIG #####
+##########################
+
+# Config pertaining to storage of user-created uploads (videos, images, etc).
+storage:
+
+  # String. Type of storage backend to use.
+  # Examples: ["local", "s3"]
+  # Default: "local" (storage on local disk)
+  # NOTE: s3 storage is not yet supported!
+  backend: "local"
+
+  # String. Directory to use as a base path for storing files.
+  # Make sure whatever user/group gotosocial is running as has permission to access
+  # this directly, and create new subdirectories and files with in.
+  # Examples: ["/home/gotosocial/storage", "/opt/gotosocial/datastorage"]
+  # Default: "/gotosocial/storage"
+  basePath: "/gotosocial/storage"
+
+  # String. Protocol to use for serving stored files.
+  # It's very unlikely that you'll need to change this ever, but there might be edge cases.
+  # Examples: ["http", "https"]
+  serveProtocol: "https"
+
+  # String. Host for serving stored files.
+  # If you're using local storage, this should be THE SAME as the value you've set for Host, above.
+  # It should only be a different value if you're serving stored files from a host
+  # other than the one your instance is running on.
+  # Examples: ["localhost", "example.org"]
+  # Default: "localhost" -- you should absolutely change this.
+  serveHost: "localhost"
+
+  # String. Base path for serving stored files. This will be added to serveHost and serveProtocol
+  # to form the prefix url of your stored files. Eg., https://example.org/fileserver/.....
+  # It's unlikely that you will need to change this.
+  # Examples: ["/fileserver", "/media"]
+  # Default: "/fileserver"
+  serveBasePath: "/fileserver"
+```
diff --git a/docs/configuration/storage.md b/docs/configuration/storage.md
new file mode 100644
index 000000000..f62d59581
--- /dev/null
+++ b/docs/configuration/storage.md
@@ -0,0 +1,45 @@
+# Storage
+
+## Settings
+
+```yaml
+##########################
+##### STORAGE CONFIG #####
+##########################
+
+# Config pertaining to storage of user-created uploads (videos, images, etc).
+storage:
+
+  # String. Type of storage backend to use.
+  # Examples: ["local", "s3"]
+  # Default: "local" (storage on local disk)
+  # NOTE: s3 storage is not yet supported!
+  backend: "local"
+
+  # String. Directory to use as a base path for storing files.
+  # Make sure whatever user/group gotosocial is running as has permission to access
+  # this directly, and create new subdirectories and files with in.
+  # Examples: ["/home/gotosocial/storage", "/opt/gotosocial/datastorage"]
+  # Default: "/gotosocial/storage"
+  basePath: "/gotosocial/storage"
+
+  # String. Protocol to use for serving stored files.
+  # It's very unlikely that you'll need to change this ever, but there might be edge cases.
+  # Examples: ["http", "https"]
+  serveProtocol: "https"
+
+  # String. Host for serving stored files.
+  # If you're using local storage, this should be THE SAME as the value you've set for Host, above.
+  # It should only be a different value if you're serving stored files from a host
+  # other than the one your instance is running on.
+  # Examples: ["localhost", "example.org"]
+  # Default: "localhost" -- you should absolutely change this.
+  serveHost: "localhost"
+
+  # String. Base path for serving stored files. This will be added to serveHost and serveProtocol
+  # to form the prefix url of your stored files. Eg., https://example.org/fileserver/.....
+  # It's unlikely that you will need to change this.
+  # Examples: ["/fileserver", "/media"]
+  # Default: "/fileserver"
+  serveBasePath: "/fileserver"
+```
+\ No newline at end of file
diff --git a/docs/configuration/template.md b/docs/configuration/template.md
new file mode 100644
index 000000000..2c0fd5a61
--- /dev/null
+++ b/docs/configuration/template.md
@@ -0,0 +1,22 @@
+# Template
+
+## Settings
+
+```yaml
+###############################
+##### WEB TEMPLATE CONFIG #####
+###############################
+
+# Config pertaining to templating of web pages/email notifications and the like
+template:
+
+  # String. Directory from which gotosocial will attempt to load html templates (.tmpl files).
+  # Examples: ["/some/absolute/path/", "./relative/path/", "../../some/weird/path/"]
+  # Default: "./web/template/"
+  baseDir: "./web/template/"
+
+  # String. Directory from which gotosocial will attempt to serve static web assets (images, scripts).
+  # Examples: ["/some/absolute/path/", "./relative/path/", "../../some/weird/path/"]
+  # Default: "./web/assets/"
+  assetBaseDir: "./web/assets/"
+```