The new home of the ThreadR Forum Engine https://threadr.lostcave.ddnss.de
 
 
 
 
 
Go to file
BodgeMaster 3c338ce26c changed colors to code variables 2020-03-13 23:13:22 +01:00
policies moved a file to make the name better suit its purpose 2020-03-13 22:53:57 +01:00
threadr changed colors to code variables 2020-03-13 23:13:22 +01:00
README.md yay moar tododododododododo [Jan.exe has stopped working. Would you like to restart him now or later?] 2020-03-12 23:57:54 +01:00
admin.php request client to not use caching 2020-03-02 14:10:27 +01:00
banner_cookies.template error is not here 2020-03-10 19:29:36 +01:00
commands_git.conf force deployment-script being executable 2020-03-08 18:12:59 +01:00
commands_ondemand.conf improved readability 2020-02-12 06:02:49 +01:00
commands_status.conf added apache error log to status page 2020-03-08 17:55:22 +01:00
default.html duplicated redirect page and changed paths to %CONTENT_DIR% 2020-02-19 04:07:26 +01:00
deployment-script.sh added css files to the variable replacement system 2020-03-13 22:57:18 +01:00
icon.png Initial commit of various files 2020-01-02 12:33:49 +01:00
index.html duplicated redirect page and changed paths to %CONTENT_DIR% 2020-02-19 04:07:26 +01:00
internal.css added separate stylesheet for internal status page 2020-03-04 21:44:38 +01:00
navbar.template tinkering with icon size 2020-03-10 20:25:38 +01:00
run-once-script.sh removing some files in preparation for a change in the deployment script 2020-03-08 18:05:34 +01:00
strassenkind.php poking at a problem 2020-03-05 10:52:03 +01:00
variable_grabbler.pass0.json added cookie banner variable 2020-03-09 12:09:49 +01:00
variable_grabbler.pass1.json fixed typo 2020-03-08 17:49:23 +01:00
variable_grabbler.pass2.json changed colors to code variables 2020-03-13 23:13:22 +01:00
variable_grabbler.py enforced capitalized variables 2020-03-07 19:46:34 +01:00

README.md

Git based automatic web deployment system

This repository will be automagically pulled by the web server each time something is pushed by a user.

Dear Developers, Please use the ToDo list below. You do not need need to create your own lists. This will allow others to work on things without collecting all the ToDos first. Thank you.

The following files and directories are linked to areas where they can be accessed by the web server:

  • index.html*/common/index.html (http redirect)
  • icon.png*/common/icon.png (unused)
  • threadr/*/common/threadr/ (everything else acessible by the web server)
  • default.htmllostcave.ddnss.de/index.html (http redirect)
  • admin.phpadmin.strassenkind.ip/index.php (future management page, maybe for services, available sites, users, etc?)
  • strassenkind.phpstrassenkind.ip/index.php (status page)
  • commands_status.confstrassenkind.ip/commands_status.conf
  • commands_ondemand.confstrassenkind.ip/commands_ondemand.conf
  • internal.cssstrassenkind.ip/style.css

Variables handled by the deployment script

Here is the place for variables that will be replaced automatically on the server. Using them is encouraged. Using the paths is DISCOURAGED. This way, it is possible to change folder names around and fix the URLs in one place for all files simultaneously.

This section has moved. Look in the files or their documentation below.

Some server variables that might turn out to be useful (example):

{
  "HTTP_USER_AGENT":"Mozilla\/5.0 (X11; Ubuntu; Linux x86_64; rv:73.0) Gecko\/20100101 Firefox\/73.0",
  "REMOTE_ADDR":"10.1.1.3"
}

TODO:

  • cookie policy and eula
  • signup redirect: add check for existing users
  • signup redirect: return redirect header, handling highlighting of affected boxes
  • userhome: setting for users that use VPNs/Proxies (because IP duh)
  • frontend: dropdown menus?
  • internal status site: add fail2ban status ← how?
  • add reverse proxy or similar to admin tools to a user account locked external page
  • email verification
  • recruit some people
  • redirect back to login if user tries to acces restricted content without being logged in
  • allow caching of some files
  • make logout function a variable
  • put the profile and logout links in a dropdown menu
  • change cookie storage to either an encrypted cookie or a database
  • add a feed of some sort
  • direct msg
  • connect thread tables to PHP
  • replacement variable for PDO
  • variable arguments
  • Groups
  • add %EMPTY_NAVBAR% variable for verify-email.php
  • add %FAVICON% variable
  • add missing READMEs
  • escape every user string (after loading from db, before echoing)
  • make the descriptions of all files more elaborate
    • list dependencies
    • list _GET and _POST variables, describe their usage
    • describe what each site does
  • put ToDos on issues

Individual documentation for each file

policies [DIR]

This folder contains the documents from which our policy pages (privacy policy, TOS, etc) will be built in the future.

threadr [DIR]

This folder contains all the files that are parts of ThreadR directly

admin.php

This is the file that is shown on the internal admin page. It will contain a list of users, forums, threads, etc. At the moment, it is just a convenient way to access the other internal administration tools. This is not directly a part of ThreadR.

default.html

The main index.html on the server. It redirects to ThreadR.

deployment_script.sh

This script is executed each time (well... if Gitea decides to actually run the WebHook) the repository gets pushed. It contains the commands to execute the code variable replcement system and some other useful tasks. Its working directory is the root of the git repository. If you want to know more: It is commented. Just look at it.

icon.png

Well, thats a story about developers looking at the documentation and realizing what this is for... I (Jan) intended it as the icon file for the tab icon but some folks put another icon elsewhere. Just ignore it. Maybe, one time, I will find a use for it.

index.html

This was originally intended to be our index file. Turns out, we even need PHP on our index, so this one became another redirect to the new ThreadR index.php.

strassenkind.php, internal.css, commands_status.conf, commands_ondemand.conf, commands_git.conf

The internal status page. strassenkind.php is the index, internal.css is the stylesheet strassenkind.php uses and the .conf files are lists of commands to be executed by the status page. The status page auto-refreshes to display up-to-date information on the commands in commands_status.conf. It is advised to put commands that have a high disk usage or start/stop/restart/reload system services etc. on the commands_ondemand.conf file as the ondemand status page does not auto-refresh. The file commands_git.conf contains the commands that would be executed by the deployment WebHook. These are there to provide a fast and simple backup solution. The alternative to foce-updating ThreadR via the status page would be:

ssh <user>@<strassenkind.ip|lostcave.ddnss.de>
cd /var/www/git
sudo -u www-data -s
rm -rf ./web-deployment
git clone <ssh git repository link>
cd web-deployment
./deployment-script
exit
logout

README.md

this file

run-once-script.sh

This script will be executed each time it is altered and pushed. Make sure to remove everything the previous user added before using it to not run these commands again. Leave the bang (#! comment) and the bottom part that has been commented to instruct you to leave it there.

variable_grabbler.py

This is the code variable replacer. It takes two arguments: The configuration file to be used and the file to be worked on. The configuration file contains a json which defines replacement string for each code variable in the format "<VARNAME>":"<String>". Code variables are preceeded and followed by a % sign in code but this is not the case in the configuration. Also, they must be capitalized in code. An alternative option to providing a string in the config is to add arrays defining files or commands (Commands are not implemented yet.). Format: `"":["<file|exec>","<filepath|command>"] Read the source code for further information.

variable_grabbler.pass*.json

These are the the config files for variable_grabbler.py. A short description of what the variables do and where they should go:

  • %NAVBAR% (in HTML part of PHP file) → the Navbar, also includes an automatic logout-function if the user is in a place where they should never be logged in (triggered by absence of the $login variable)
  • %SET_LOGIN_VARIABLE% (in PHP code) → sets the $login variable in PHP by detecting if the user has a valid logged in session
  • %NO_CHEAP_LOGIN_STEALING% (in PHP code, before any non-header data is sent to client) → prevents the most primitive cookie stealing attempts, nothing advanced though
  • %BANNER_COOKIES% (in HTML part of PHP file) → the cookie banner that every web page has
  • %PLEAZE_NO_CACHE% (in PHP code, before any non-header data is sent to client) → requests the browser to not cache this page
  • %FORCE_LOGOUT% (in PHP code) → logout immediately (obviously less common than the other variables...)
  • %CONTENT_DIR% (anywhere in code) → the path to the ThreadR directory (without domain name)
  • %STYLESHEET% (in HTML) → adds the tag linking the stylesheet
  • %REQUIRE_LOGIN% (in PHP code, before any non-header data is sent to client) → sends users to the login page if they are not logged in

navbar.template, banner_cookies.template

file templates for variables from the code variable replacement system