* Add basic support for hostname binding
Signed-off-by: Pierre-Alain TORET <pierre-alain.toret@protonmail.com>
* Make production example a bit more secure
Signed-off-by: Pierre-Alain TORET <pierre-alain.toret@protonmail.com>
* Make example config files compatible with hostname binding modification
Signed-off-by: Pierre-Alain TORET <pierre-alain.toret@protonmail.com>
* Fix typo
Signed-off-by: Pierre-Alain TORET <pierre-alain.toret@protonmail.com>
* Bind on 127.0.0.1 by default
Signed-off-by: Pierre-Alain TORET <pierre-alain.toret@protonmail.com>
* Update Docker configuration with hostname binding
Signed-off-by: Pierre-Alain TORET <pierre-alain.toret@protonmail.com>
Provides rss 2.0, atom 1.0 and json 1.0 feeds for videos (instance and account-wide) on listings and video-watch views.
* still lacks redis caching
* still lacks lastBuildDate support
* still lacks channel-wide support
* still lacks semantic annotation (for licenses, NSFW warnings, etc.)
* still lacks love ( ˘ ³˘)
* RSS: has MRSS support for torrent lists!
* RSS: includes the first torrent in an enclosure
* JSON: lists all torrents in the 'attachments' object
* ATOM: lacking torrent listing support
Advances #23
Partial implementation for the accountId generation in the client, which will need a hotfix to add a way to get the proper account id.
Changing the link for ffmpeg toward a tutorial with an actual mirror of ffmpeg, and with less hassle.
Adding the deendencies to devtoolset-6 and centos-release-scl to provide a C++11 compatible G++
In order to build properly rdf-canonize node nativ module gcc > 5 is needed. Tested on Ubuntu 14.04 with gcc 4.8, it didn't work. I had to install a newer gcc version and it was OK.
* add import-youtube guide inside documentation
* safer to use unlink instead of rm to delete symbolic link, avoid risk of deleting entire directories in case of syntax error
* spelling mistake corrections
* anonymise URLs
* git also needed as dependencies to run yarn install
- added precisions and suggestions about how to generate Let's Encrypt certificates. Users have reported their installations didn't work when the problem came from missing certificates (false positives).
- security defaults of Nginx follow the basic robustness principle "be conservative in what you send, be liberal in what you accept", which isn't enough with modern security standards, so we should be picky with the cipher suites we use, among other things. Extra comments (especially for the TLS1.3 protocol support parameter) make the requirement of a recent Nginx installation obvious, and the downgrade alternative remains clear to the system administrator.
All in all, we should aknowledge users will most often copy and paste the configuration files. Making them secure by default may force a few users to read their configuration, but on the long run we are making the fediverse more secure.
Since I've come to modify a bit the Nginx config in `support/doc/production.md`, I've merged it with the template so that they stay consistent.
on ubuntu `sudo -u` doesn't set homedirectory of the targeted user althought debian does. it requires the option `-H`. I think with this option it works in both case.
* First pass at a (swarm-compatible) docker image
Uses an existing traefik server as a https reverse proxy.
* Add example config for a Docker swarm deployment
* Point to traefik config for docker compose setup
* Clarify that traefik is needed for the example config
* Use node:8-stretch base image and don't install yarn
(The base image already contains yarn.)
* Initial commit for an Alpine Docker image
* Fix docker volume path
* Merge #213 and #225 and move files around
* Remove unnecessary dependencies from the alpine build
* Update Dockerfiles to match install path, config path, etc.
* Update the configuration in the example compose file
* Update the configuration in the example swarm file
* Remove the declared networks and volumes from the compose example, which are not strictly required
* Update attachment path in the documentation
* Display traefik as a suggestion and not a required dependency
* Update the Docker ignored files
* Fix typos reported in #225
* Move production Dockerfiles to a production directory
* Add the redis configuration settings
* Add Docker files to the dockerignore
* Make the signup limit configurable