forked from root/threadr.lostcave.ddnss.de
Jakob 55977fcf05 | ||
---|---|---|
policies | ||
threadr | ||
.mailboxerer.sh.swp | ||
README.md | ||
admin.php | ||
commands_git.conf | ||
commands_ondemand.conf | ||
commands_status.conf | ||
default.html | ||
deployment-script.sh | ||
icon.png | ||
index.html | ||
internal.css | ||
navbar.template | ||
run-once-script.sh | ||
strassenkind.php | ||
variable_grabbler.pass0.json | ||
variable_grabbler.pass1.json | ||
variable_grabbler.pass2.json | ||
variable_grabbler.py |
README.md
Git based automatic web deployment system
This repository will be automagically pulled by the web server each time something is pushed by a user.
Dear Developers, Please use the ToDo list below. You do not need need to create your own lists. Thank you.
Symlinks
The following files and directories are linked to areas where they can be accessed by the web server:
index.html
→*/common/index.html
(http redirect)icon.png
→*/common/icon.png
(unused)threadr/
→*/common/threadr/
(everything else acessible by the web server)default.html
→lostcave.ddnss.de/index.html
(http redirect)admin.php
→admin.strassenkind.ip/index.php
(future management page, maybe for services, available sites, users, etc?)strassenkind.php
→strassenkind.ip/index.php
(status page)commands_status.conf
→strassenkind.ip/commands_status.conf
commands_ondemand.conf
→strassenkind.ip/commands_ondemand.conf
internal.css
→strassenkind.ip/style.css
Variables handled by the deployment script
Here is the place for variables that will be replaced automatically on the server. Using them is encouraged. Using the paths is DISCOURAGED. This way, it is possible to change folder names around and fix the URLs in one place for all files simultaneously.
Pass 0:
%NAVBAR%
→ the code used to build the navbar, should remain in pass 0 as it may contain other variables
Pass 1:
Looks quite empty at this point
Pass 2:
%CONTENT_DIR%
→ The part of the URL between the domain name and the destination (e.g. https://lostcave.ddnss.de**/common/threadr/**about/), should remain in the last pass%NO_CHEAP_SESSION_STEALING%
→ checks the request origin against the values stored in the session cookie, add this before any actual data is transmitted (as in before any HTML code or echo commands because this affects the HTTP header)%PLEAZE_NO_CACHE%
→ adds header information, same as above goes here
Some server variables that might turn out to be useful (example):
{ "HTTP_USER_AGENT":"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:73.0) Gecko/20100101 Firefox/73.0", "REMOTE_ADDR":"10.1.1.3" }
TODO:
- cookie policy and eula
- signup redirect: add check for existing users
- signup redirect: return redirect header, handling highlighting of affected boxes
- userhome: setting for users that use VPNs/Proxies (because IP duh)
- frontend: dropdown menus?
- internal status site: add fail2ban status ← how?
- add reverse proxy or similar to admin tools to a user account locked external page
- email verification
- recruit some people
- redirect back to login if user tries to acces restricted content without being logged in
- allow caching of some files
- make logout function a variable
- put the profile and logout links in a dropdown menu
- change cookie storage to either an encrypted cookie or a database
- add a feed of some sort
- direct msg
- connect thread tables to PHP
- replacement variable for PDO
- variable arguments
- Groups
- add %EMPTY_NAVBAR% variable for verify-email.php