2022-08-26 04:21:46 +00:00
|
|
|
# nonshy website
|
2022-08-10 05:10:47 +00:00
|
|
|
|
2022-08-26 04:21:46 +00:00
|
|
|
This is the source code to the main [nonshy.com](https://www.nonshy.com/)
|
|
|
|
website. It is written in Go and released under the GNU General Public
|
|
|
|
License.
|
|
|
|
|
|
|
|
This website is open source and if you'd like to help work on it (fix bugs
|
|
|
|
or contribute new features), you may sign up an account on the
|
2022-08-26 05:03:39 +00:00
|
|
|
[code.nonshy.com](https://code.nonshy.com/) server. See the
|
2022-08-26 04:21:46 +00:00
|
|
|
[CONTRIBUTING.md](CONTRIBUTING.md) file for details.
|
|
|
|
|
|
|
|
## Dependencies
|
|
|
|
|
|
|
|
You may need to run the following services along with this app:
|
|
|
|
|
|
|
|
* A **Redis cache** server: [redis.io](https://redis.io)
|
|
|
|
* (Optional) a **PostgreSQL database:** [postgresql.org](https://www.postgresql.org/)
|
|
|
|
|
|
|
|
The website can also run out of a local SQLite database which is convenient
|
|
|
|
for local development. The production server runs on PostgreSQL and the
|
|
|
|
web app is primarily designed for that.
|
|
|
|
|
|
|
|
## Building the App
|
2022-08-10 05:10:47 +00:00
|
|
|
|
2022-08-26 05:03:39 +00:00
|
|
|
This app is written in Go: [go.dev](https://go.dev). You can probably
|
|
|
|
get it from your package manager, e.g.
|
|
|
|
|
|
|
|
* macOS: `brew install golang` with homebrew: [brew.sh](https://brew.sh)
|
|
|
|
* Linux: it's in your package manager, e.g. `apt install golang`
|
|
|
|
|
|
|
|
Use the Makefile (with GNU `make` or similar):
|
2022-08-10 05:10:47 +00:00
|
|
|
|
|
|
|
* `make setup`: install Go dependencies
|
2022-08-26 04:21:46 +00:00
|
|
|
* `make build`: builds the program to ./nonshy
|
2022-08-10 05:10:47 +00:00
|
|
|
* `make run`: run the app from Go sources in debug mode
|
|
|
|
|
2022-08-26 05:03:39 +00:00
|
|
|
Or read the Makefile to see what the underlying `go` commands are,
|
|
|
|
e.g. `go run cmd/nonshy/main.go web`
|
|
|
|
|
2022-08-10 05:10:47 +00:00
|
|
|
## Configuring
|
|
|
|
|
|
|
|
On first run it will generate a `settings.json` file in the current
|
|
|
|
working directory (which is intended to be the root of the git clone,
|
|
|
|
with the ./web folder). Edit it to configure mail settings or choose
|
|
|
|
a database.
|
|
|
|
|
|
|
|
For simple local development, just set `"UseSQLite": true` and the
|
|
|
|
app will run with a SQLite database.
|
|
|
|
|
|
|
|
## Usage
|
|
|
|
|
2022-08-26 04:21:46 +00:00
|
|
|
The `nonshy` binary has sub-commands to either run the web server
|
2022-08-10 05:10:47 +00:00
|
|
|
or perform maintenance tasks such as creating admin user accounts.
|
|
|
|
|
2022-08-26 04:21:46 +00:00
|
|
|
Run `nonshy --help` for its documentation.
|
2022-08-10 05:10:47 +00:00
|
|
|
|
2022-08-26 04:21:46 +00:00
|
|
|
Run `nonshy web` to start the web server.
|
2022-08-10 05:10:47 +00:00
|
|
|
|
2022-08-27 18:42:48 +00:00
|
|
|
```bash
|
|
|
|
nonshy web --host 0.0.0.0 --port 8080 --debug
|
|
|
|
```
|
|
|
|
|
2022-08-10 05:10:47 +00:00
|
|
|
## Create Admin User Accounts
|
|
|
|
|
2022-08-26 04:21:46 +00:00
|
|
|
Use the `nonshy user add` command like so:
|
2022-08-10 05:10:47 +00:00
|
|
|
|
|
|
|
```bash
|
2022-08-26 04:21:46 +00:00
|
|
|
$ nonshy user add --admin \
|
2022-08-10 05:10:47 +00:00
|
|
|
--email name@domain.com \
|
|
|
|
--password secret \
|
|
|
|
--username admin
|
|
|
|
```
|
|
|
|
|
|
|
|
Shorthand options `-e`, `-p` and `-u` can work in place of the longer
|
|
|
|
options `--email`, `--password` and `--username` respectively.
|
|
|
|
|
2022-08-27 18:42:48 +00:00
|
|
|
After the first admin user is created, you may promote other users thru
|
|
|
|
the web app by using the admin controls on their profile page.
|
|
|
|
|
|
|
|
## A Brief Tour of the Code
|
|
|
|
|
|
|
|
* `cmd/nonshy/main.go`: the entry point for the Go program.
|
|
|
|
* `pkg/webserver.go`: the entry point for the web server.
|
|
|
|
* `pkg/config`: mostly hard-coded configuration values - all of the page
|
|
|
|
sizes and business logic controls are in here, set at compile time. For
|
|
|
|
ease of local development you may want to toggle SkipEmailValidation in
|
|
|
|
here - the signup form will then directly allow full signup with a user
|
|
|
|
and password.
|
|
|
|
* `pkg/controller`: the various web endpoint controllers are here,
|
|
|
|
categorized into subpackages (account, forum, inbox, photo, etc.)
|
|
|
|
* `pkg/log`: the logging to terminal functions.
|
|
|
|
* `pkg/mail`: functions for delivering HTML email messages.
|
|
|
|
* `pkg/markdown`: functions to render GitHub Flavored Markdown.
|
|
|
|
* `pkg/middleware`: HTTP middleware functions, for things such as:
|
|
|
|
* Session cookies
|
|
|
|
* Authentication (LoginRequired, AdminRequired)
|
|
|
|
* CSRF protection
|
|
|
|
* Logging HTTP requests
|
|
|
|
* Panic recovery for unhandled server errors
|
|
|
|
* `pkg/models`: the SQL database models and query functions are here.
|
|
|
|
* `pkg/models/deletion`: the code to fully scrub wipe data for
|
|
|
|
user deletion (GDPR/CCPA compliance).
|
|
|
|
* `pkg/photo`: photo management functions: handle uploads, scale and
|
|
|
|
crop, generate URLs and deletion.
|
|
|
|
* `pkg/ratelimit`: rate limiter for login attempts etc.
|
|
|
|
* `pkg/redis`: Redis cache functions - get/set JSON values for things like
|
|
|
|
session cookie storage and temporary rate limits.
|
|
|
|
* `pkg/router`: the HTTP route URLs for the controllers are here.
|
|
|
|
* `pkg/session`: functions to read/write the user's session cookie
|
|
|
|
(log in/out, get current user, flash messages)
|
|
|
|
* `pkg/templates`: functions to handle HTTP responses - render HTML
|
|
|
|
templates, issue redirects, error pages, ...
|
|
|
|
* `pkg/utility`: miscellaneous useful functions for the app.
|
|
|
|
|
2022-10-21 04:02:30 +00:00
|
|
|
## Cron API Endpoints
|
|
|
|
|
|
|
|
In settings.json get or configure the CronAPIKey (a UUID4 value is good and
|
|
|
|
the app generates a fresh one by default). The following are the cron API
|
|
|
|
endpoints that you may want to configure to run periodic maintenance tasks
|
|
|
|
on the app, such as to remove orphaned comment photos.
|
|
|
|
|
|
|
|
### GET /v1/comment-photos/remove-orphaned
|
|
|
|
|
|
|
|
Query parameters: `apiKey` which is the CronAPIKey.
|
|
|
|
|
|
|
|
This endpoint removes orphaned CommentPhotos (photo attachments to forum
|
|
|
|
posts). An orphaned photo is one that has no CommentID and was uploaded
|
|
|
|
older than 24 hours ago; e.g. a user uploaded a picture but then did not
|
|
|
|
complete the posting of their comment.
|
|
|
|
|
|
|
|
Suggested crontab:
|
|
|
|
|
|
|
|
```cron
|
|
|
|
0 2 * * * curl "http://localhost:8080/v1/comment-photos/remove-orphaned?apiKey=X"
|
|
|
|
```
|
|
|
|
|
2022-08-10 05:10:47 +00:00
|
|
|
## License
|
|
|
|
|
2022-08-26 04:21:46 +00:00
|
|
|
GPLv3.
|