forked from root/threadr.lostcave.ddnss.de
127 lines
7.7 KiB
Markdown
127 lines
7.7 KiB
Markdown
# Git based automatic web deployment system
|
||
This repository will be automagically pulled by the web server each time something is pushed by a user.
|
||
|
||
**Dear Developers**, Please use the ToDo list below. You do not need need to create your own lists. This will allow others to work on things without collecting all the ToDos first. **Thank you.**
|
||
|
||
## Symlinks
|
||
The following files and directories are linked to areas where they can be accessed by the web server:
|
||
* `index.html` → `*/common/index.html` (http redirect)
|
||
* `icon.png` → `*/common/icon.png` (unused)
|
||
* `threadr/` → `*/common/threadr/` (everything else acessible by the web server)
|
||
* `default.html` → `lostcave.ddnss.de/index.html` (http redirect)
|
||
* `admin.php` → `admin.strassenkind.ip/index.php` (future management page, maybe for services, available sites, users, etc?)
|
||
* `strassenkind.php` → `strassenkind.ip/index.php` (status page)
|
||
* `commands_status.conf` → `strassenkind.ip/commands_status.conf`
|
||
* `commands_ondemand.conf` → `strassenkind.ip/commands_ondemand.conf`
|
||
* `internal.css` → `strassenkind.ip/style.css`
|
||
|
||
## Variables handled by the deployment script
|
||
~~Here is the place for variables that will be replaced automatically on the server. Using them is encouraged. Using the paths is DISCOURAGED.
|
||
This way, it is possible to change folder names around and fix the URLs in one place for all files simultaneously.~~
|
||
|
||
This section has moved. Look in the files or their documentation below.
|
||
|
||
## Some server variables that might turn out to be useful (example):
|
||
```
|
||
{
|
||
"HTTP_USER_AGENT":"Mozilla\/5.0 (X11; Ubuntu; Linux x86_64; rv:73.0) Gecko\/20100101 Firefox\/73.0",
|
||
"REMOTE_ADDR":"10.1.1.3"
|
||
}
|
||
```
|
||
|
||
## TODO:
|
||
* cookie policy and ToS
|
||
* signup redirect: add check for existing users
|
||
* signup redirect: return redirect header, handling highlighting of affected boxes
|
||
* userhome: setting for users that use VPNs/Proxies (because IP duh)
|
||
* frontend: dropdown menus?
|
||
* internal status site: add fail2ban status ← how?
|
||
* add reverse proxy or similar to admin tools to a user account locked external page
|
||
* email verification
|
||
* recruit some people
|
||
* redirect back to login if user tries to acces restricted content without being logged in
|
||
* allow caching of *some* files
|
||
* make logout function a variable
|
||
* put the profile and logout links in a dropdown menu
|
||
* change cookie storage to either an encrypted cookie or a database
|
||
* add a feed of some sort
|
||
* direct msg
|
||
* connect thread tables to PHP
|
||
* replacement variable for PDO
|
||
* variable arguments
|
||
* Groups
|
||
* add %EMPTY_NAVBAR% variable for verify-email.php
|
||
* add %FAVICON% variable
|
||
* add missing READMEs
|
||
* escape every user string (after loading from db, before echoing)
|
||
* make the descriptions of all files more elaborate
|
||
* list dependencies
|
||
* list $_GET and $_POST variables, describe their usage
|
||
* describe what each site does
|
||
* put ToDos on issues
|
||
|
||
# Individual documentation for each file
|
||
### policies [DIR]
|
||
This folder contains the documents from which our policy pages (privacy policy, TOS, etc) will be built in the future.
|
||
### threadr [DIR]
|
||
This folder contains all the files that are parts of ThreadR directly
|
||
### admin.php
|
||
This is the file that is shown on the internal admin page. It will contain a list of users, forums, threads, etc.
|
||
At the moment, it is just a convenient way to access the other internal administration tools.
|
||
This is not directly a part of ThreadR.
|
||
### default.html
|
||
The main index.html on the server. It redirects to ThreadR.
|
||
### deployment_script.sh
|
||
This script is executed each time (well... if Gitea decides to actually run the WebHook) the repository gets pushed.
|
||
It contains the commands to execute the code variable replcement system and some other useful tasks.
|
||
It’s working directory is the root of the git repository.
|
||
If you want to know more: It is commented. Just look at it.
|
||
### icon.png
|
||
Well, that’s a story about developers looking at the documentation and realizing what this is for...
|
||
I (Jan) intended it as the icon file for the tab icon but some folks put another icon elsewhere. Just ignore it. Maybe, one time, I will find a use for it.
|
||
### index.html
|
||
This was originally intended to be our index file. Turns out, we even need PHP on our index, so this one became another redirect to the new ThreadR index.php.
|
||
### strassenkind.php, internal.css, commands_status.conf, commands_ondemand.conf, commands_git.conf
|
||
The internal status page. strassenkind.php is the index, internal.css is the stylesheet strassenkind.php uses
|
||
and the .conf files are lists of commands to be executed by the status page. The status page auto-refreshes to display up-to-date information on the commands in commands_status.conf.
|
||
It is advised to put commands that have a high disk usage or start/stop/restart/reload system services etc. on the commands_ondemand.conf file as the ondemand status page does not auto-refresh.
|
||
The file commands_git.conf contains the commands that would be executed by the deployment WebHook. These are there to provide a fast and simple backup solution.
|
||
The alternative to foce-updating ThreadR via the status page would be:
|
||
```
|
||
ssh <user>@<strassenkind.ip|lostcave.ddnss.de>
|
||
cd /var/www/git
|
||
sudo -u www-data -s
|
||
rm -rf ./web-deployment
|
||
git clone <ssh git repository link>
|
||
cd web-deployment
|
||
./deployment-script
|
||
exit
|
||
logout
|
||
```
|
||
### README.md
|
||
this file
|
||
### run-once-script.sh
|
||
This script will be executed each time it is altered and pushed. Make sure to remove everything the previous user added before using it to not run these commands again.
|
||
Leave the bang (#! comment) and the bottom part that has been commented to instruct you to leave it there.
|
||
### variable_grabbler.py
|
||
This is the code variable replacer. It takes two arguments: The configuration file to be used and the file to be worked on.
|
||
The configuration file contains a json which defines replacement string for each code variable in the format `"<VARNAME>":"<String>"`. Code variables are preceeded and followed by a % sign in code but this is not the case in the configuration.
|
||
Also, they must be capitalized in code.
|
||
An alternative option to providing a string in the config is to add arrays defining files or commands (Commands are not implemented yet.). Format: `"<VARNAME>":["<file|exec>","<filepath|command>"]
|
||
Read the source code for further information.
|
||
### variable_grabbler.pass*.json
|
||
These are the the config files for variable_grabbler.py.
|
||
A short description of what the variables do and where they should go:
|
||
* `%NAVBAR%` (in HTML part of PHP file) → the Navbar, also includes an automatic logout-function if the user is in a place where they should never be logged in (triggered by absence of the $login variable)
|
||
* `%SET_LOGIN_VARIABLE%` (in PHP code) → sets the $login variable in PHP by detecting if the user has a valid logged in session
|
||
* `%NO_CHEAP_LOGIN_STEALING%` (in PHP code, before any non-header data is sent to client) → prevents the most primitive cookie stealing attempts, nothing advanced though
|
||
* `%BANNER_COOKIES%` (in HTML part of PHP file) → the cookie banner that every web page has
|
||
* `%PLEAZE_NO_CACHE%` (in PHP code, before any non-header data is sent to client) → requests the browser to not cache this page
|
||
* `%FORCE_LOGOUT%` (in PHP code) → logout immediately (obviously less common than the other variables...)
|
||
* `%CONTENT_DIR%` (anywhere in code) → the path to the ThreadR directory (without domain name)
|
||
* `%STYLESHEET%` (in HTML) → adds the tag linking the stylesheet
|
||
* `%REQUIRE_LOGIN%` (in PHP code, before any non-header data is sent to client) → sends users to the login page if they are not logged in
|
||
### navbar.template, banner_cookies.template
|
||
file templates for variables from the code variable replacement system
|
||
|