mirror of https://gitlab.com/bashrc2/epicyon
Merge branch 'main' of gitlab.com:bashrc2/epicyon
commit
11ff873705
Binary file not shown.
After Width: | Height: | Size: 57 KiB |
Binary file not shown.
|
@ -417,6 +417,23 @@ confident in an erroneous conclusion. Setting a city somewhere near to
|
|||
your <a href="https://en.wikipedia.org/wiki/Time_zone">time zone</a> is
|
||||
preferable, so that it matches your typical pattern of daily posting
|
||||
activity without giving away your real location.</p>
|
||||
<h3 id="verifying-your-website-or-blog">Verifying your website or
|
||||
blog</h3>
|
||||
<p>It is possible to indicate that a website of blog belongs to you by
|
||||
linking it to your profile screen. Within the <em>head</em> html section
|
||||
of your website or blog index page include a line similar to:</p>
|
||||
<div class="sourceCode" id="cb18"><pre
|
||||
class="sourceCode html"><code class="sourceCode html"><span id="cb18-1"><a href="#cb18-1" aria-hidden="true" tabindex="-1"></a><span class="kw"><link</span> <span class="er">rel</span><span class="ot">=</span><span class="st">"me"</span> <span class="er">href</span><span class="ot">=</span><span class="st">"https://YourEpicyonDomain/@YourNickname"</span> <span class="kw">/></span></span></code></pre></div>
|
||||
<p>If you edit and then publish your profile, with the <em>website</em>
|
||||
and/or <em>blog</em> fields completed then if the above link is found
|
||||
your sites will be indicated to be verified on your profile screen. When
|
||||
verified they will appear in green with a tick.</p>
|
||||
<figure>
|
||||
<img src="manual-verified-website.jpg"
|
||||
alt="Profile screen showing verified website" />
|
||||
<figcaption aria-hidden="true">Profile screen showing verified
|
||||
website</figcaption>
|
||||
</figure>
|
||||
<h2 id="roles">Roles</h2>
|
||||
<p>If you are the administrator then within your profile settings you
|
||||
can also specify roles for other accounts on the instance. A small
|
||||
|
|
|
@ -51,32 +51,32 @@ sudo apt install -y tor python3-socks imagemagick python3-setuptools python3-cry
|
|||
The following instructions install Epicyon to the **/opt** directory. It's not essential that it be installed there, and it could be in any other preferred directory.
|
||||
|
||||
Clone the repo, or if you downloaded the tarball then extract it into the **/opt** directory.
|
||||
```bash
|
||||
``` bash
|
||||
cd /opt
|
||||
git clone https://gitlab.com/bashrc2/epicyon
|
||||
```
|
||||
## Set permissions
|
||||
Create a user for the server to run as:
|
||||
```bash
|
||||
``` bash
|
||||
sudo su
|
||||
adduser --system --home=/opt/epicyon --group epicyon
|
||||
chown -R epicyon:epicyon /opt/epicyon
|
||||
```
|
||||
## News mirrors
|
||||
The content for RSS feed links can be downloaded and mirrored, so that even if the original sources go offline the content remains readable. Link the RSS/newswire mirrors with.
|
||||
```bash
|
||||
``` bash
|
||||
mkdir /var/www/YOUR_DOMAIN
|
||||
mkdir -p /opt/epicyon/accounts/newsmirror
|
||||
ln -s /opt/epicyon/accounts/newsmirror /var/www/YOUR_DOMAIN/newsmirror
|
||||
```
|
||||
## Create daemon
|
||||
Typically the server will run from a *systemd* daemon. It can be set up as follows:
|
||||
```bash
|
||||
``` bash
|
||||
nano /etc/systemd/system/epicyon.service
|
||||
```
|
||||
|
||||
Paste the following:
|
||||
```bash
|
||||
``` bash
|
||||
[Unit]
|
||||
Description=epicyon
|
||||
After=syslog.target
|
||||
|
@ -119,13 +119,13 @@ WantedBy=multi-user.target
|
|||
```
|
||||
|
||||
Activate the daemon:
|
||||
```bash
|
||||
``` bash
|
||||
systemctl enable epicyon
|
||||
systemctl start epicyon
|
||||
```
|
||||
## Web server setup
|
||||
Create a web server configuration.
|
||||
```bash
|
||||
``` bash
|
||||
nano /etc/nginx/sites-available/YOUR_DOMAIN
|
||||
```
|
||||
|
||||
|
@ -220,7 +220,7 @@ server {
|
|||
```
|
||||
|
||||
Enable the site:
|
||||
```bash
|
||||
``` bash
|
||||
ln -s /etc/nginx/sites-available/YOUR_DOMAIN /etc/nginx/sites-enabled/
|
||||
```
|
||||
|
||||
|
@ -228,14 +228,14 @@ ln -s /etc/nginx/sites-available/YOUR_DOMAIN /etc/nginx/sites-enabled/
|
|||
Forward port 443 from your internet router to your server. If you have dynamic DNS make sure its configured.
|
||||
|
||||
## Obtain a TLS certificate
|
||||
```bash
|
||||
``` bash
|
||||
systemctl stop nginx
|
||||
certbot certonly -n --server https://acme-v02.api.letsencrypt.org/directory --standalone -d YOUR_DOMAIN --renew-by-default --agree-tos --email YOUR_EMAIL
|
||||
systemctl start nginx
|
||||
```
|
||||
|
||||
## Restart the web server
|
||||
```bash
|
||||
``` bash
|
||||
systemctl restart nginx
|
||||
```
|
||||
|
||||
|
@ -270,7 +270,7 @@ Please be aware that such installations will not federate with ordinary fedivers
|
|||
|
||||
# Upgrading
|
||||
Unlike some other instance types, Epicyon is really easy to upgrade. It only requires a git pull to obtain the changes from the upstream repo, then set permissions and restart the daemon.
|
||||
```bash
|
||||
``` bash
|
||||
cd /opt/epicyon
|
||||
git pull
|
||||
chown -R epicyon:epicyon *
|
||||
|
@ -281,14 +281,14 @@ systemctl restart epicyon
|
|||
To avoid running out of disk space you will want to clear down old inbox posts. Posts from your instance outboxes will be unaffected.
|
||||
|
||||
Create an archive script **/usr/bin/epicyon-archive**:
|
||||
```bash
|
||||
``` bash
|
||||
#!/bin/bash
|
||||
cd /opt/epicyon || exit 0
|
||||
/usr/bin/python3 epicyon.py --archive none --archiveweeks 4 --maxposts 32000
|
||||
```
|
||||
|
||||
You can adjust the maximum number of weeks and the maximum number of inbox posts as needed. Then add it as a cron entry.
|
||||
```bash
|
||||
``` bash
|
||||
echo "*/60 * * * * root /usr/bin/epicyon-archive" >> /etc/crontab
|
||||
```
|
||||
|
||||
|
@ -338,6 +338,15 @@ If you want to block particular fediverse accounts or instances then you can ent
|
|||
### Geolocation spoofing
|
||||
Within the *filtering and blocking* section you can also set a city which will be used for geolocation spoofing. When you post a photo, instead of removing all metadata spoofed metadata will be added in order to consistently fool the machine learning systems behind web crawlers or scrapers, and create a [confirmation bias](https://en.wikipedia.org/wiki/Confirmation_bias) effect where the surveillance systems become increasingly confident in an erroneous conclusion. Setting a city somewhere near to your [time zone](https://en.wikipedia.org/wiki/Time_zone) is preferable, so that it matches your typical pattern of daily posting activity without giving away your real location.
|
||||
|
||||
### Verifying your website or blog
|
||||
It is possible to indicate that a website of blog belongs to you by linking it to your profile screen. Within the *head* html section of your website or blog index page include a line similar to:
|
||||
``` html
|
||||
<link rel="me" href="https://YourEpicyonDomain/@YourNickname" />
|
||||
```
|
||||
If you edit and then publish your profile, with the *website* and/or *blog* fields completed then if the above link is found your sites will be indicated to be verified on your profile screen. When verified they will appear in green with a tick.
|
||||
|
||||

|
||||
|
||||
## Roles
|
||||
If you are the administrator then within your profile settings you can also specify roles for other accounts on the instance. A small instance is like a ship with the roles being crew positions, and all members of the crew need to work together to keep the ship afloat. The current roles are:
|
||||
|
||||
|
|
18
markdown.py
18
markdown.py
|
@ -275,6 +275,14 @@ def _markdown_replace_code(markdown: str) -> str:
|
|||
line_ctr = 0
|
||||
changed = False
|
||||
section_active = False
|
||||
urlencode = False
|
||||
html_escape_table = {
|
||||
"&": "&",
|
||||
'"': """,
|
||||
"'": "'",
|
||||
">": ">",
|
||||
"<": "<"
|
||||
}
|
||||
for line in lines:
|
||||
if not line.strip():
|
||||
# skip blank lines
|
||||
|
@ -282,13 +290,23 @@ def _markdown_replace_code(markdown: str) -> str:
|
|||
continue
|
||||
if line.startswith('```'):
|
||||
if not section_active:
|
||||
if 'html' in line or 'xml' in line or 'rdf' in line:
|
||||
urlencode = True
|
||||
start_line = line_ctr
|
||||
section_active = True
|
||||
else:
|
||||
lines[start_line] = '<code>'
|
||||
lines[line_ctr] = '</code>'
|
||||
if urlencode:
|
||||
lines[start_line] = '<pre>\n<code>'
|
||||
lines[line_ctr] = '</code>\n</pre>'
|
||||
for line_num in range(start_line + 1, line_ctr):
|
||||
lines[line_num] = \
|
||||
"".join(html_escape_table.get(char, char)
|
||||
for char in lines[line_num])
|
||||
section_active = False
|
||||
changed = True
|
||||
urlencode = False
|
||||
line_ctr += 1
|
||||
|
||||
if not changed:
|
||||
|
|
10
session.py
10
session.py
|
@ -405,12 +405,22 @@ def verify_html(session, url: str, debug: bool,
|
|||
actor = 'http://' + actor
|
||||
else:
|
||||
actor = http_prefix + '://' + actor
|
||||
|
||||
# double quotes
|
||||
link_str = ' rel="me" href="' + actor + '"'
|
||||
if link_str in verification_site_html:
|
||||
return True
|
||||
link_str = ' href="' + actor + '" rel="me"'
|
||||
if link_str in verification_site_html:
|
||||
return True
|
||||
|
||||
# single quotes
|
||||
link_str = " rel=\"me\" href='" + actor + "'"
|
||||
if link_str in verification_site_html:
|
||||
return True
|
||||
link_str = " href='" + actor + "' rel=\"me\""
|
||||
if link_str in verification_site_html:
|
||||
return True
|
||||
return False
|
||||
|
||||
|
||||
|
|
Loading…
Reference in New Issue