indymedia
/
epicyon
mirror of https://gitlab.com/bashrc2/epicyon
7
4
Fork 1
Code Issues 14 Releases Wiki Activity

Merge

main
Bob Mottram 2021-10-17 14:13:01 +01:00
parent 77455fe83b 82507d418e
commit 0349f366a5
5 changed files with 867 additions and 810 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
README.md
View File

@ -130,6 +130,16 @@ server {
listen 443 ssl; listen 443 ssl;
server_name YOUR_DOMAIN; server_name YOUR_DOMAIN;
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_min_length 1024;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types text/plain text/css application/json application/ld+json application/javascript text/xml application/xml application/rdf+xml application/xml+rss text/javascript;
ssl_stapling off; ssl_stapling off;
ssl_stapling_verify off; ssl_stapling_verify off;
ssl on; ssl on;
@ -137,19 +147,19 @@ server {
ssl_certificate_key /etc/letsencrypt/live/YOUR_DOMAIN/privkey.pem; ssl_certificate_key /etc/letsencrypt/live/YOUR_DOMAIN/privkey.pem;
#ssl_dhparam /etc/ssl/certs/YOUR_DOMAIN.dhparam; #ssl_dhparam /etc/ssl/certs/YOUR_DOMAIN.dhparam;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_session_timeout 60m;
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1.2 TLSv1.3; ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS'; ssl_ciphers HIGH:!MEDIUM:!LOW:!aNULL:!NULL:!SHA;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_tickets off;
add_header Content-Security-Policy "default-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline'";
add_header X-Frame-Options DENY; add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff; add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block"; add_header X-XSS-Protection "1; mode=block";
add_header X-Download-Options noopen; add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none; add_header X-Permitted-Cross-Domain-Policies none;
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload" always;
add_header X-Robots-Tag "noindex, nofollow, nosnippet, noarchive";
add_header Strict-Transport-Security max-age=15768000;
access_log /dev/null; access_log /dev/null;
error_log /dev/null; error_log /dev/null;

82
daemon.py
View File

@ -72,6 +72,7 @@ from person import removeAccount
from person import canRemovePost from person import canRemovePost
from person import personSnooze from person import personSnooze
from person import personUnsnooze from person import personUnsnooze
from posts import getOriginalPostFromAnnounceUrl
from posts import savePostToBox from posts import savePostToBox
from posts import getInstanceActorKey from posts import getInstanceActorKey
from posts import removePostInteractions from posts import removePostInteractions
@ -7365,12 +7366,22 @@ class PubServer(BaseHTTPRequestHandler):
actorLiked = path.split('?actor=')[1] actorLiked = path.split('?actor=')[1]
if '?' in actorLiked: if '?' in actorLiked:
actorLiked = actorLiked.split('?')[0] actorLiked = actorLiked.split('?')[0]
# if this is an announce then send the like to the original post
origActor, origPostUrl, origFilename = \
getOriginalPostFromAnnounceUrl(likeUrl, baseDir,
self.postToNickname, domain)
likeUrl2 = likeUrl
if origActor and origPostUrl:
actorLiked = origActor
likeUrl2 = origPostUrl
likeJson = { likeJson = {
"@context": "https://www.w3.org/ns/activitystreams", "@context": "https://www.w3.org/ns/activitystreams",
'type': 'Like', 'type': 'Like',
'actor': likeActor, 'actor': likeActor,
'to': [actorLiked], 'to': [actorLiked],
'object': likeUrl 'object': likeUrl2
} }
# send out the like to followers # send out the like to followers
@ -7378,30 +7389,19 @@ class PubServer(BaseHTTPRequestHandler):
print('Locating liked post ' + likeUrl) print('Locating liked post ' + likeUrl)
# directly like the post file # directly like the post file
likedPostJson = None
likedPostFilename = \ likedPostFilename = \
locatePost(baseDir, self.postToNickname, domain, likeUrl) locatePost(baseDir, self.postToNickname, domain, likeUrl)
if likedPostFilename: if likedPostFilename:
recentPostsCache = self.server.recentPostsCache recentPostsCache = self.server.recentPostsCache
likedPostJson = loadJson(likedPostFilename, 0, 1) likedPostJson = loadJson(likedPostFilename, 0, 1)
if likedPostJson: if origFilename and origPostUrl:
if likedPostJson.get('type'):
if likedPostJson['type'] == 'Announce' and \
likedPostJson.get('object'):
if isinstance(likedPostJson['object'], str):
announceLikeUrl = likedPostJson['object']
announceLikedFilename = \
locatePost(baseDir, self.postToNickname,
domain, announceLikeUrl)
if announceLikedFilename:
updateLikesCollection(recentPostsCache, updateLikesCollection(recentPostsCache,
baseDir, baseDir, likedPostFilename,
likedPostFilename, likeUrl, likeActor, self.postToNickname,
likeUrl,
likeActor,
self.postToNickname,
domain, debug) domain, debug)
likeUrl = announceLikeUrl likeUrl = origPostUrl
likedPostFilename = announceLikedFilename likedPostFilename = origFilename
if debug: if debug:
print('Updating likes for ' + likedPostFilename) print('Updating likes for ' + likedPostFilename)
updateLikesCollection(recentPostsCache, updateLikesCollection(recentPostsCache,
@ -7411,8 +7411,6 @@ class PubServer(BaseHTTPRequestHandler):
if debug: if debug:
print('Regenerating html post for changed likes collection') print('Regenerating html post for changed likes collection')
# clear the icon from the cache so that it gets updated # clear the icon from the cache so that it gets updated
if self.server.iconsCache.get('like.png'):
del self.server.iconsCache['like.png']
if likedPostJson: if likedPostJson:
cachedPostFilename = \ cachedPostFilename = \
getCachedPostFilename(baseDir, self.postToNickname, getCachedPostFilename(baseDir, self.postToNickname,
@ -7532,6 +7530,16 @@ class PubServer(BaseHTTPRequestHandler):
actorLiked = path.split('?actor=')[1] actorLiked = path.split('?actor=')[1]
if '?' in actorLiked: if '?' in actorLiked:
actorLiked = actorLiked.split('?')[0] actorLiked = actorLiked.split('?')[0]
# if this is an announce then send the like to the original post
origActor, origPostUrl, origFilename = \
getOriginalPostFromAnnounceUrl(likeUrl, baseDir,
self.postToNickname, domain)
likeUrl2 = likeUrl
if origActor and origPostUrl:
actorLiked = origActor
likeUrl2 = origPostUrl
undoLikeJson = { undoLikeJson = {
"@context": "https://www.w3.org/ns/activitystreams", "@context": "https://www.w3.org/ns/activitystreams",
'type': 'Undo', 'type': 'Undo',
@ -7541,7 +7549,7 @@ class PubServer(BaseHTTPRequestHandler):
'type': 'Like', 'type': 'Like',
'actor': undoActor, 'actor': undoActor,
'to': [actorLiked], 'to': [actorLiked],
'object': likeUrl 'object': likeUrl2
} }
} }
@ -7549,39 +7557,25 @@ class PubServer(BaseHTTPRequestHandler):
self._postToOutbox(undoLikeJson, self.server.projectVersion, None) self._postToOutbox(undoLikeJson, self.server.projectVersion, None)
# directly undo the like within the post file # directly undo the like within the post file
likedPostJson = None
likedPostFilename = locatePost(baseDir, likedPostFilename = locatePost(baseDir,
self.postToNickname, self.postToNickname,
domain, likeUrl) domain, likeUrl)
if likedPostFilename: if likedPostFilename:
likedPostJson = loadJson(likedPostFilename, 0, 1)
recentPostsCache = self.server.recentPostsCache recentPostsCache = self.server.recentPostsCache
if likedPostJson: likedPostJson = loadJson(likedPostFilename, 0, 1)
if likedPostJson.get('type'): if origFilename and origPostUrl:
if likedPostJson['type'] == 'Announce' and \
likedPostJson.get('object'):
if isinstance(likedPostJson['object'], str):
announceLikeUrl = likedPostJson['object']
announceLikedFilename = \
locatePost(baseDir, self.postToNickname,
domain, announceLikeUrl)
if announceLikedFilename:
undoLikesCollectionEntry(recentPostsCache, undoLikesCollectionEntry(recentPostsCache,
baseDir, baseDir, likedPostFilename,
likedPostFilename, likeUrl, undoActor, domain, debug)
likeUrl, likeUrl = origPostUrl
undoActor, domain, likedPostFilename = origFilename
debug)
likeUrl = announceLikeUrl
likedPostFilename = announceLikedFilename
if debug: if debug:
print('Removing likes for ' + likedPostFilename) print('Removing likes for ' + likedPostFilename)
undoLikesCollectionEntry(recentPostsCache, undoLikesCollectionEntry(recentPostsCache,
baseDir, baseDir,
likedPostFilename, likeUrl, likedPostFilename, likeUrl,
undoActor, domain, debug) undoActor, domain, debug)
# clear the icon from the cache so that it gets updated
if self.server.iconsCache.get('like_inactive.png'):
del self.server.iconsCache['like_inactive.png']
if debug: if debug:
print('Regenerating html post for changed likes collection') print('Regenerating html post for changed likes collection')
if likedPostJson: if likedPostJson:
@ -7618,7 +7612,9 @@ class PubServer(BaseHTTPRequestHandler):
False, True, False) False, True, False)
else: else:
print('WARN: Unliked post not found: ' + likedPostFilename) print('WARN: Unliked post not found: ' + likedPostFilename)
# clear the icon from the cache so that it gets updated
if self.server.iconsCache.get('like_inactive.png'):
del self.server.iconsCache['like_inactive.png']
self.server.GETbusy = False self.server.GETbusy = False
actorAbsolute = self._getInstalceUrl(callingDomain) + actor actorAbsolute = self._getInstalceUrl(callingDomain) + actor
actorPathStr = \ actorPathStr = \

395
defaultcategories/en.xml
View File

File diff suppressed because one or more lines are too long

50
posts.py
View File

@ -5040,3 +5040,53 @@ def editedPostFilename(baseDir: str, nickname: str, domain: str,
return '' return ''
print(id2 + ' is an edit of ' + id1) print(id2 + ' is an edit of ' + id1)
return prevConvPostFilename return prevConvPostFilename
def getOriginalPostFromAnnounceUrl(announceUrl: str, baseDir: str,
nickname: str,
domain: str) -> (str, str, str):
"""From the url of an announce this returns the actor, url and
filename (if available) of the original post being announced
"""
postFilename = locatePost(baseDir, nickname, domain, announceUrl)
if not postFilename:
return None, None, None
announcePostJson = loadJson(postFilename, 0, 1)
if not announcePostJson:
return None, None, None
if not announcePostJson.get('type'):
return None, None, None
if announcePostJson['type'] != 'Announce':
return None, None, None
if not announcePostJson.get('object'):
return None, None, None
if not isinstance(announcePostJson['object'], str):
return None, None, None
actor = url = None
# do we have the original post?
origPostId = announcePostJson['object']
origFilename = locatePost(baseDir, nickname, domain, origPostId)
if origFilename:
# we have the original post
origPostJson = loadJson(origFilename, 0, 1)
if origPostJson:
if hasObjectDict(origPostJson):
if origPostJson['object'].get('attributedTo'):
if isinstance(origPostJson['object']['attributedTo'], str):
actor = origPostJson['object']['attributedTo']
url = origPostId
elif origPostJson['object'].get('actor'):
actor = origPostJson['actor']
url = origPostId
else:
# we don't have the original post
if hasUsersPath(origPostId):
# get the actor from the original post url
origNick = getNicknameFromActor(origPostId)
origDomain, origPort = getDomainFromActor(origPostId)
if origNick and origDomain:
actor = \
origPostId.split('/' + origNick + '/')[0] + \
'/' + origNick
url = origPostId
return actor, url, origFilename

24
website/EN/index.html
View File

@ -1390,6 +1390,16 @@
listen 443 ssl;<br> listen 443 ssl;<br>
server_name YOUR_DOMAIN;<br> server_name YOUR_DOMAIN;<br>
<br> <br>
gzip on;<br>
gzip_disable "msie6";<br>
gzip_vary on;<br>
gzip_proxied any;<br>
gzip_min_length 1024;<br>
gzip_comp_level 6;<br>
gzip_buffers 16 8k;<br>
gzip_http_version 1.1;<br>
gzip_types text/plain text/css application/json application/ld+json application/javascript text/xml application/xml application/rdf+xml application/xml+rss text/javascript;<br>
<br>
ssl_stapling off;<br> ssl_stapling off;<br>
ssl_stapling_verify off;<br> ssl_stapling_verify off;<br>
ssl on;<br> ssl on;<br>
@ -1397,19 +1407,19 @@
ssl_certificate_key /etc/letsencrypt/live/YOUR_DOMAIN/privkey.pem;<br> ssl_certificate_key /etc/letsencrypt/live/YOUR_DOMAIN/privkey.pem;<br>
#ssl_dhparam /etc/ssl/certs/YOUR_DOMAIN.dhparam;<br> #ssl_dhparam /etc/ssl/certs/YOUR_DOMAIN.dhparam;<br>
<br> <br>
ssl_session_cache builtin:1000 shared:SSL:10m;<br>
ssl_session_timeout 60m;<br>
ssl_prefer_server_ciphers on;<br>
ssl_protocols TLSv1.2 TLSv1.3;<br> ssl_protocols TLSv1.2 TLSv1.3;<br>
ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS';<br> ssl_ciphers HIGH:!MEDIUM:!LOW:!aNULL:!NULL:!SHA;<br>
ssl_prefer_server_ciphers on;<br>
ssl_session_cache shared:SSL:10m;<br>
ssl_session_tickets off;<br>
<br>
add_header Content-Security-Policy "default-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline'";<br>
add_header X-Frame-Options DENY;<br> add_header X-Frame-Options DENY;<br>
add_header X-Content-Type-Options nosniff;<br> add_header X-Content-Type-Options nosniff;<br>
add_header X-XSS-Protection "1; mode=block";<br> add_header X-XSS-Protection "1; mode=block";<br>
add_header X-Download-Options noopen;<br> add_header X-Download-Options noopen;<br>
add_header X-Permitted-Cross-Domain-Policies none;<br> add_header X-Permitted-Cross-Domain-Policies none;<br>
<br> add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload" always;<br>
add_header X-Robots-Tag "noindex, nofollow, nosnippet, noarchive";<br>
add_header Strict-Transport-Security max-age=15768000;<br>
<br> <br>
access_log /dev/null;<br> access_log /dev/null;<br>
error_log /dev/null;<br> error_log /dev/null;<br>