mirror of https://gitlab.com/bashrc2/epicyon
Merge branch 'main' of gitlab.com:bashrc2/epicyon
commit
11ff873705
Binary file not shown.
After Width: | Height: | Size: 57 KiB |
Binary file not shown.
|
@ -417,6 +417,23 @@ confident in an erroneous conclusion. Setting a city somewhere near to
|
||||||
your <a href="https://en.wikipedia.org/wiki/Time_zone">time zone</a> is
|
your <a href="https://en.wikipedia.org/wiki/Time_zone">time zone</a> is
|
||||||
preferable, so that it matches your typical pattern of daily posting
|
preferable, so that it matches your typical pattern of daily posting
|
||||||
activity without giving away your real location.</p>
|
activity without giving away your real location.</p>
|
||||||
|
<h3 id="verifying-your-website-or-blog">Verifying your website or
|
||||||
|
blog</h3>
|
||||||
|
<p>It is possible to indicate that a website of blog belongs to you by
|
||||||
|
linking it to your profile screen. Within the <em>head</em> html section
|
||||||
|
of your website or blog index page include a line similar to:</p>
|
||||||
|
<div class="sourceCode" id="cb18"><pre
|
||||||
|
class="sourceCode html"><code class="sourceCode html"><span id="cb18-1"><a href="#cb18-1" aria-hidden="true" tabindex="-1"></a><span class="kw"><link</span> <span class="er">rel</span><span class="ot">=</span><span class="st">"me"</span> <span class="er">href</span><span class="ot">=</span><span class="st">"https://YourEpicyonDomain/@YourNickname"</span> <span class="kw">/></span></span></code></pre></div>
|
||||||
|
<p>If you edit and then publish your profile, with the <em>website</em>
|
||||||
|
and/or <em>blog</em> fields completed then if the above link is found
|
||||||
|
your sites will be indicated to be verified on your profile screen. When
|
||||||
|
verified they will appear in green with a tick.</p>
|
||||||
|
<figure>
|
||||||
|
<img src="manual-verified-website.jpg"
|
||||||
|
alt="Profile screen showing verified website" />
|
||||||
|
<figcaption aria-hidden="true">Profile screen showing verified
|
||||||
|
website</figcaption>
|
||||||
|
</figure>
|
||||||
<h2 id="roles">Roles</h2>
|
<h2 id="roles">Roles</h2>
|
||||||
<p>If you are the administrator then within your profile settings you
|
<p>If you are the administrator then within your profile settings you
|
||||||
can also specify roles for other accounts on the instance. A small
|
can also specify roles for other accounts on the instance. A small
|
||||||
|
|
|
@ -51,32 +51,32 @@ sudo apt install -y tor python3-socks imagemagick python3-setuptools python3-cry
|
||||||
The following instructions install Epicyon to the **/opt** directory. It's not essential that it be installed there, and it could be in any other preferred directory.
|
The following instructions install Epicyon to the **/opt** directory. It's not essential that it be installed there, and it could be in any other preferred directory.
|
||||||
|
|
||||||
Clone the repo, or if you downloaded the tarball then extract it into the **/opt** directory.
|
Clone the repo, or if you downloaded the tarball then extract it into the **/opt** directory.
|
||||||
```bash
|
``` bash
|
||||||
cd /opt
|
cd /opt
|
||||||
git clone https://gitlab.com/bashrc2/epicyon
|
git clone https://gitlab.com/bashrc2/epicyon
|
||||||
```
|
```
|
||||||
## Set permissions
|
## Set permissions
|
||||||
Create a user for the server to run as:
|
Create a user for the server to run as:
|
||||||
```bash
|
``` bash
|
||||||
sudo su
|
sudo su
|
||||||
adduser --system --home=/opt/epicyon --group epicyon
|
adduser --system --home=/opt/epicyon --group epicyon
|
||||||
chown -R epicyon:epicyon /opt/epicyon
|
chown -R epicyon:epicyon /opt/epicyon
|
||||||
```
|
```
|
||||||
## News mirrors
|
## News mirrors
|
||||||
The content for RSS feed links can be downloaded and mirrored, so that even if the original sources go offline the content remains readable. Link the RSS/newswire mirrors with.
|
The content for RSS feed links can be downloaded and mirrored, so that even if the original sources go offline the content remains readable. Link the RSS/newswire mirrors with.
|
||||||
```bash
|
``` bash
|
||||||
mkdir /var/www/YOUR_DOMAIN
|
mkdir /var/www/YOUR_DOMAIN
|
||||||
mkdir -p /opt/epicyon/accounts/newsmirror
|
mkdir -p /opt/epicyon/accounts/newsmirror
|
||||||
ln -s /opt/epicyon/accounts/newsmirror /var/www/YOUR_DOMAIN/newsmirror
|
ln -s /opt/epicyon/accounts/newsmirror /var/www/YOUR_DOMAIN/newsmirror
|
||||||
```
|
```
|
||||||
## Create daemon
|
## Create daemon
|
||||||
Typically the server will run from a *systemd* daemon. It can be set up as follows:
|
Typically the server will run from a *systemd* daemon. It can be set up as follows:
|
||||||
```bash
|
``` bash
|
||||||
nano /etc/systemd/system/epicyon.service
|
nano /etc/systemd/system/epicyon.service
|
||||||
```
|
```
|
||||||
|
|
||||||
Paste the following:
|
Paste the following:
|
||||||
```bash
|
``` bash
|
||||||
[Unit]
|
[Unit]
|
||||||
Description=epicyon
|
Description=epicyon
|
||||||
After=syslog.target
|
After=syslog.target
|
||||||
|
@ -119,13 +119,13 @@ WantedBy=multi-user.target
|
||||||
```
|
```
|
||||||
|
|
||||||
Activate the daemon:
|
Activate the daemon:
|
||||||
```bash
|
``` bash
|
||||||
systemctl enable epicyon
|
systemctl enable epicyon
|
||||||
systemctl start epicyon
|
systemctl start epicyon
|
||||||
```
|
```
|
||||||
## Web server setup
|
## Web server setup
|
||||||
Create a web server configuration.
|
Create a web server configuration.
|
||||||
```bash
|
``` bash
|
||||||
nano /etc/nginx/sites-available/YOUR_DOMAIN
|
nano /etc/nginx/sites-available/YOUR_DOMAIN
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -220,7 +220,7 @@ server {
|
||||||
```
|
```
|
||||||
|
|
||||||
Enable the site:
|
Enable the site:
|
||||||
```bash
|
``` bash
|
||||||
ln -s /etc/nginx/sites-available/YOUR_DOMAIN /etc/nginx/sites-enabled/
|
ln -s /etc/nginx/sites-available/YOUR_DOMAIN /etc/nginx/sites-enabled/
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -228,14 +228,14 @@ ln -s /etc/nginx/sites-available/YOUR_DOMAIN /etc/nginx/sites-enabled/
|
||||||
Forward port 443 from your internet router to your server. If you have dynamic DNS make sure its configured.
|
Forward port 443 from your internet router to your server. If you have dynamic DNS make sure its configured.
|
||||||
|
|
||||||
## Obtain a TLS certificate
|
## Obtain a TLS certificate
|
||||||
```bash
|
``` bash
|
||||||
systemctl stop nginx
|
systemctl stop nginx
|
||||||
certbot certonly -n --server https://acme-v02.api.letsencrypt.org/directory --standalone -d YOUR_DOMAIN --renew-by-default --agree-tos --email YOUR_EMAIL
|
certbot certonly -n --server https://acme-v02.api.letsencrypt.org/directory --standalone -d YOUR_DOMAIN --renew-by-default --agree-tos --email YOUR_EMAIL
|
||||||
systemctl start nginx
|
systemctl start nginx
|
||||||
```
|
```
|
||||||
|
|
||||||
## Restart the web server
|
## Restart the web server
|
||||||
```bash
|
``` bash
|
||||||
systemctl restart nginx
|
systemctl restart nginx
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -270,7 +270,7 @@ Please be aware that such installations will not federate with ordinary fedivers
|
||||||
|
|
||||||
# Upgrading
|
# Upgrading
|
||||||
Unlike some other instance types, Epicyon is really easy to upgrade. It only requires a git pull to obtain the changes from the upstream repo, then set permissions and restart the daemon.
|
Unlike some other instance types, Epicyon is really easy to upgrade. It only requires a git pull to obtain the changes from the upstream repo, then set permissions and restart the daemon.
|
||||||
```bash
|
``` bash
|
||||||
cd /opt/epicyon
|
cd /opt/epicyon
|
||||||
git pull
|
git pull
|
||||||
chown -R epicyon:epicyon *
|
chown -R epicyon:epicyon *
|
||||||
|
@ -281,14 +281,14 @@ systemctl restart epicyon
|
||||||
To avoid running out of disk space you will want to clear down old inbox posts. Posts from your instance outboxes will be unaffected.
|
To avoid running out of disk space you will want to clear down old inbox posts. Posts from your instance outboxes will be unaffected.
|
||||||
|
|
||||||
Create an archive script **/usr/bin/epicyon-archive**:
|
Create an archive script **/usr/bin/epicyon-archive**:
|
||||||
```bash
|
``` bash
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
cd /opt/epicyon || exit 0
|
cd /opt/epicyon || exit 0
|
||||||
/usr/bin/python3 epicyon.py --archive none --archiveweeks 4 --maxposts 32000
|
/usr/bin/python3 epicyon.py --archive none --archiveweeks 4 --maxposts 32000
|
||||||
```
|
```
|
||||||
|
|
||||||
You can adjust the maximum number of weeks and the maximum number of inbox posts as needed. Then add it as a cron entry.
|
You can adjust the maximum number of weeks and the maximum number of inbox posts as needed. Then add it as a cron entry.
|
||||||
```bash
|
``` bash
|
||||||
echo "*/60 * * * * root /usr/bin/epicyon-archive" >> /etc/crontab
|
echo "*/60 * * * * root /usr/bin/epicyon-archive" >> /etc/crontab
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -338,6 +338,15 @@ If you want to block particular fediverse accounts or instances then you can ent
|
||||||
### Geolocation spoofing
|
### Geolocation spoofing
|
||||||
Within the *filtering and blocking* section you can also set a city which will be used for geolocation spoofing. When you post a photo, instead of removing all metadata spoofed metadata will be added in order to consistently fool the machine learning systems behind web crawlers or scrapers, and create a [confirmation bias](https://en.wikipedia.org/wiki/Confirmation_bias) effect where the surveillance systems become increasingly confident in an erroneous conclusion. Setting a city somewhere near to your [time zone](https://en.wikipedia.org/wiki/Time_zone) is preferable, so that it matches your typical pattern of daily posting activity without giving away your real location.
|
Within the *filtering and blocking* section you can also set a city which will be used for geolocation spoofing. When you post a photo, instead of removing all metadata spoofed metadata will be added in order to consistently fool the machine learning systems behind web crawlers or scrapers, and create a [confirmation bias](https://en.wikipedia.org/wiki/Confirmation_bias) effect where the surveillance systems become increasingly confident in an erroneous conclusion. Setting a city somewhere near to your [time zone](https://en.wikipedia.org/wiki/Time_zone) is preferable, so that it matches your typical pattern of daily posting activity without giving away your real location.
|
||||||
|
|
||||||
|
### Verifying your website or blog
|
||||||
|
It is possible to indicate that a website of blog belongs to you by linking it to your profile screen. Within the *head* html section of your website or blog index page include a line similar to:
|
||||||
|
``` html
|
||||||
|
<link rel="me" href="https://YourEpicyonDomain/@YourNickname" />
|
||||||
|
```
|
||||||
|
If you edit and then publish your profile, with the *website* and/or *blog* fields completed then if the above link is found your sites will be indicated to be verified on your profile screen. When verified they will appear in green with a tick.
|
||||||
|
|
||||||
|

|
||||||
|
|
||||||
## Roles
|
## Roles
|
||||||
If you are the administrator then within your profile settings you can also specify roles for other accounts on the instance. A small instance is like a ship with the roles being crew positions, and all members of the crew need to work together to keep the ship afloat. The current roles are:
|
If you are the administrator then within your profile settings you can also specify roles for other accounts on the instance. A small instance is like a ship with the roles being crew positions, and all members of the crew need to work together to keep the ship afloat. The current roles are:
|
||||||
|
|
||||||
|
|
18
markdown.py
18
markdown.py
|
@ -275,6 +275,14 @@ def _markdown_replace_code(markdown: str) -> str:
|
||||||
line_ctr = 0
|
line_ctr = 0
|
||||||
changed = False
|
changed = False
|
||||||
section_active = False
|
section_active = False
|
||||||
|
urlencode = False
|
||||||
|
html_escape_table = {
|
||||||
|
"&": "&",
|
||||||
|
'"': """,
|
||||||
|
"'": "'",
|
||||||
|
">": ">",
|
||||||
|
"<": "<"
|
||||||
|
}
|
||||||
for line in lines:
|
for line in lines:
|
||||||
if not line.strip():
|
if not line.strip():
|
||||||
# skip blank lines
|
# skip blank lines
|
||||||
|
@ -282,13 +290,23 @@ def _markdown_replace_code(markdown: str) -> str:
|
||||||
continue
|
continue
|
||||||
if line.startswith('```'):
|
if line.startswith('```'):
|
||||||
if not section_active:
|
if not section_active:
|
||||||
|
if 'html' in line or 'xml' in line or 'rdf' in line:
|
||||||
|
urlencode = True
|
||||||
start_line = line_ctr
|
start_line = line_ctr
|
||||||
section_active = True
|
section_active = True
|
||||||
else:
|
else:
|
||||||
lines[start_line] = '<code>'
|
lines[start_line] = '<code>'
|
||||||
lines[line_ctr] = '</code>'
|
lines[line_ctr] = '</code>'
|
||||||
|
if urlencode:
|
||||||
|
lines[start_line] = '<pre>\n<code>'
|
||||||
|
lines[line_ctr] = '</code>\n</pre>'
|
||||||
|
for line_num in range(start_line + 1, line_ctr):
|
||||||
|
lines[line_num] = \
|
||||||
|
"".join(html_escape_table.get(char, char)
|
||||||
|
for char in lines[line_num])
|
||||||
section_active = False
|
section_active = False
|
||||||
changed = True
|
changed = True
|
||||||
|
urlencode = False
|
||||||
line_ctr += 1
|
line_ctr += 1
|
||||||
|
|
||||||
if not changed:
|
if not changed:
|
||||||
|
|
10
session.py
10
session.py
|
@ -405,12 +405,22 @@ def verify_html(session, url: str, debug: bool,
|
||||||
actor = 'http://' + actor
|
actor = 'http://' + actor
|
||||||
else:
|
else:
|
||||||
actor = http_prefix + '://' + actor
|
actor = http_prefix + '://' + actor
|
||||||
|
|
||||||
|
# double quotes
|
||||||
link_str = ' rel="me" href="' + actor + '"'
|
link_str = ' rel="me" href="' + actor + '"'
|
||||||
if link_str in verification_site_html:
|
if link_str in verification_site_html:
|
||||||
return True
|
return True
|
||||||
link_str = ' href="' + actor + '" rel="me"'
|
link_str = ' href="' + actor + '" rel="me"'
|
||||||
if link_str in verification_site_html:
|
if link_str in verification_site_html:
|
||||||
return True
|
return True
|
||||||
|
|
||||||
|
# single quotes
|
||||||
|
link_str = " rel=\"me\" href='" + actor + "'"
|
||||||
|
if link_str in verification_site_html:
|
||||||
|
return True
|
||||||
|
link_str = " href='" + actor + "' rel=\"me\""
|
||||||
|
if link_str in verification_site_html:
|
||||||
|
return True
|
||||||
return False
|
return False
|
||||||
|
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue