From 6926e374af73f828ef3895f8c9ce60b2ac25db15 Mon Sep 17 00:00:00 2001 From: bread Date: Mon, 7 Oct 2024 23:48:24 +0000 Subject: [PATCH 1/6] Upgrade nginx configuration to a better state --- docs/nginx.md | 259 +++++++++++++++++++++++++++++++++----------------- 1 file changed, 174 insertions(+), 85 deletions(-) diff --git a/docs/nginx.md b/docs/nginx.md index 8693559..71bd878 100644 --- a/docs/nginx.md +++ b/docs/nginx.md @@ -1,103 +1,192 @@ -# Install on NGINX +

Installation of 4get in NGINX

->I do NOT recommend following this guide, only follow this if you *really* need to use nginx. I recommend you use the apache2 steps instead. +
-Login as root. +> NOTE: As the previous version stated, it is better to follow the Apache2 guide instead of the Nginx one. -Create a file in `/etc/nginx/sites-avaliable/` called `4get.conf` or any name you want and put this into the file: +> NOTE: This is going to guess that you're using either a Arch-based system or a Debian-based system, although you can still follow it with minor issues. -``` -server { - # DO YOU REALLY NEED TO LOG SEARCHES? - access_log /dev/null; - error_log /dev/null; - # Change this if you have 4get in other folder. - root /var/www/4get; - # Change yourdomain by your domain lol - server_name www.yourdomain.com yourdomain.com; +
- location @php { - try_files $uri.php $uri/index.php =404; - # Change the unix socket address if it's different for you. - fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock; - fastcgi_index index.php; - # Change this to `fastcgi_params` if you use a debian based distro. - include fastcgi.conf; - fastcgi_intercept_errors on; - } +1. Login as root. +2. Upgrade your system: + * On Arch-based, run `pacman -Syu`. + * On Debian-based, run `apt update`, then `apt upgrade`. +3. Install the following dependencies: + * `git`: So you can clone this repository. + * `nginx`: So you can run Nginx. If using a non-systemd distribution, go to + * `php-fpm`: This is what allows Nginx to run *(and show)* PHP files. + * `php-imagick`, `imagemagick`: Image manipulation. + * `php-apcu`: Caching module. + * `php-curl`, `curl`: Transferring data with URLs. + * `php-mbstring`: String utils. + * `certbot`, `certbot-nginx`: ACME client. Used to create SSL certificates. + * In Arch-based distributions: + * `pacman -S nginx certbot php-imagick imagemagick curl php-apcu git` + * In Debian-based distributions: + * `apt install php-mbstring nginx certbot php-imagick imagemagick php-curl curl php-apcu git` - location / { - try_files $uri @php; - } +
- location ~* ^(.*)\.php$ { - return 301 $1; - } +> IMPORTANT: `php-curl`, `php-mbstring` might be a Debian-only package, but this needs further fact checking. +> IMPORTANT: `php-apcu` is known to not work on Artix[^1]. + +
+ +4. `cd` to `/etc/nginx` and make the `conf.d/` if it doesn't exist: + * Again, this guesses you're logged in as root. + ```sh + cd /etc/nginx + ls -l conf.d/ # If ls shows conf.d, then it means it exists. + # If it does not, run: + mkdir conf.d + ``` +5. Make a file inside `conf.d/` called `4get.conf` and place the following content: + * First run `touch conf.d/4get.conf` then `nano conf.d/4get.conf` to open the nano editor: *(Install it if it is not, or use another editor.)* + ```sh + server { + access_log /dev/null; # Search log file. Do you really need to? + error_log /dev/null; # Error log file. + + # Change this if you have 4get in another folder. + root /var/www/4get; + # Change 'yourdomain' to your domain. + server_name www.yourdomain.com yourdomain.com; + # Port to listen to. listen 80; -} -``` -That is a very basic config so you will need to adapt it to your needs in case you have a more complicated nginx configuration. Anyways, you can see a real world example [here](https://git.zzls.xyz/Fijxu/etc-configs/src/branch/selfhost/nginx/sites-available/4get.zzls.xyz.conf) + location @php { + try_files $uri.php $uri/index.php =404; + # Change the unix socket address if it's different for you. + fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock; + fastcgi_index index.php; + # Change this to `fastcgi_params` if you use a debian based distribution. + include fastcgi.conf; + fastcgi_intercept_errors on; + } -After you save the file you will need to do a symlink of the `4get.conf` file to `/etc/nignx/sites-enabled/`, you can do it with this command: + location / { + try_files $uri @php; + } -```sh -ln -s /etc/nginx/sites-available/4get.conf /etc/nginx/sites-available/4get.conf -``` + location ~* ^(.*)\.php$ { + return 301 $1; + } -Now test the nginx config with `nginx -t`, if it says that everything is good, restart nginx using `systemctl restart nginx` - -# Encryption setup - -Generate a certificate for the domain using: - -```sh -certbot --nginx --key-type ecdsa -d www.yourdomain.com -d yourdomain.com -``` -(Remember to install the nginx certbot plugin!!!) - -After doing that certbot should deploy the certificate automatically into your 4get nginx config file. It should be ready to use at that point. - -# Tor setup on NGINX - -Important Note: Tor onion addresses are significantly longer than traditional domain names. Before proceeding with Nginx configuration, ensure you increase the `server_names_hash_bucket_size` value in your `nginx.conf` file. This setting in your Nginx configuration controls the internal data structure used to manage multiple server names (hostnames) associated with your web server. Each hostname requires a certain amount of memory within this structure. If the size is insufficient, Nginx will encounter errors. - -1. Open your `nginx.conf` file (that is under `/etc/nginx/nginx.conf`). -2. Find the line containing `# server_names_hash_bucket_size 64;`. -3. Uncomment the line and adjust the value. Start with 64, but if you encounter issues, incrementally increase it (e.g., 128, 256) until it accommodates your configuration. - -Open your current 4get NGINX config (that is under `/etc/nginx/sites-available/`) and append this to the end of the file: - -``` -server { - access_log /dev/null; - error_log /dev/null; - - listen 80; - server_name ; - root /var/www/4get; - - location @php { - try_files $uri.php $uri/index.php =404; - # Change the unix socket address if it's different for you. - fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock; - fastcgi_index index.php; - # Change this to `fastcgi_params` if you use a debian based distro. - include fastcgi.conf; - fastcgi_intercept_errors on; } + ``` + * The above is a very basic configuration and thus will need tweaking to your personal needs. It should still work as-is, though. A 'real world' example is present in [^2]. + * After saving the file, check that the `nginx.conf` file inside the main directory includes files inside `conf.d/`: + * It should be inside the the http block: *(The following is an example! Don't just Copy and Paste it!)* + ```sh + http { + include mime.types; + include conf.d/*.conf; + types_hash_max_size 4096; + # ... + } + ``` + * Now, test your configuration with `nginx -t`, if it says that everything is good, restart *(or start)* the Nginx daemon: + * This depends on the init manager, most distributions use `systemd`, but it's better practice to include most. + ```sh + # systemd + systemctl stop nginx + systemctl start nginxt + # or + systemctl restart nginx - location / { - try_files $uri @php; - } + # openrc + rc-service nginx stop + rc-service nginx start + # or + rc-service nginx restart - location ~* ^(.*)\.php$ { - return 301 $1; - } -} -``` + # runit + sv down nginx + sv up nginx + # or + sv restart nginx -Obviously replace `` by the onion address of `/var/lib/tor/4get/hostname` and then check if the nginx config is valid with `nginx -t` if yes, then restart the nginx service and try opening the onion address into the Tor Browser. You can see a real world example [here](https://git.zzls.xyz/Fijxu/etc-configs/src/branch/selfhost/nginx/sites-available/4get.zzls.xyz.conf) + # s6 + s6-rc -d change nginx + s6-rc -u change nginx + # or + s6-svc -r /run/service/nginx -Once you did the above, refer to this tor guide to setup your onionsite. + # dinit + dinitctl stop nginx + dinitctl start nginx + # or + dinitctl restart nginx + ``` +6. Clone the repository to `/var/www`: + * `git clone --depth 1 https://git.lolcat.ca/lolcat/4get 4get` - It clones the repository with the depth of one commit *(so it takes less time to download)* and saves the cloned repository as '4get'. +7. That should be it! There are some extra steps you can take, but it really just depends on you. + +

Encryption setup

+ +1. Generate a certificate for the domain you're using with: + * Note that `certbot-nginx` is needed. + ```sh + certbot --nginx --key-type ecdsa -d www.yourdomain.com -d yourdomain.com + ``` +2. After that, certbot will deploy the certificate automatically to your 4get conf file; It should be ready to use from there. + +

Tor Setup

+ +
+ +> IMPORTANT: Tor onion addresses are very long compared to traditional domains, so, Before doing anything, edit `nginx.conf` and increase server_names_hash_bucket_size to your needs. + +
+ +1. `cd` to `/etc/nginx` *(if you haven't)* and open your `nginx.conf` file. +2. Find the line containing `# server_names_hash_bucket_size 64;` inside said file. +3. Uncomment the line and adjust the value; start with 64, but if you encounter issues, incrementally increase it *(e.g., 128, 256)* until it accommodates your configuration. +4. Open *(or duplicate the configuration)* and edit it: + * Example configuration, again: + ```sh + server { + access_log /dev/null; # Search log file. Do you really need to? + error_log /dev/null; # Error log file. + + # Change this if you have 4get in another folder. + root /var/www/4get; + # Change 'onionadress.onion' to your onion link. + server_name onionadress.onion; + # Port to listen to. + listen 80; + + location @php { + try_files $uri.php $uri/index.php =404; + # Change the unix socket address if it's different for you. + fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock; + fastcgi_index index.php; + # Change this to `fastcgi_params` if you use a debian based distribution. + include fastcgi.conf; + fastcgi_intercept_errors on; + } + + location / { + try_files $uri @php; + } + + location ~* ^(.*)\.php$ { + return 301 $1; + } + + } + ``` + A real world example is present in [^2]. +5. Once done, check the configuration with `nginx -t`. If everything's fine and dandy, refer to the Tor guide to setup your onion site. + +

Other important things

+1. Configuration guide: Things to do after setup. +2. Apache2 guide: Fallback to this if you couldn't get Nginx to work, or you don't know something. + +

Known issues

+1. `php-apcu` not working in Artix[^1], this might be because of it being a systemd daemon, but the binary isn't present. This might apply to Arch Linux as well, since it is from where the package was gotten. Read more in the issue. + +[^1]: lolcat/4get#40, It might be needed to create a boot entry, but the binary is unknown. +[^2]: git.nadeko.net nadeko.net's 4get instance configuration. \ No newline at end of file From 155a38d45464c0f8a1c344032047d4407596f088 Mon Sep 17 00:00:00 2001 From: bread Date: Tue, 8 Oct 2024 19:19:01 +0000 Subject: [PATCH 2/6] things I missed --- docs/nginx.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/nginx.md b/docs/nginx.md index 71bd878..f4366ad 100644 --- a/docs/nginx.md +++ b/docs/nginx.md @@ -14,7 +14,7 @@ * On Debian-based, run `apt update`, then `apt upgrade`. 3. Install the following dependencies: * `git`: So you can clone this repository. - * `nginx`: So you can run Nginx. If using a non-systemd distribution, go to + * `nginx`: So you can run Nginx. * `php-fpm`: This is what allows Nginx to run *(and show)* PHP files. * `php-imagick`, `imagemagick`: Image manipulation. * `php-apcu`: Caching module. @@ -22,9 +22,9 @@ * `php-mbstring`: String utils. * `certbot`, `certbot-nginx`: ACME client. Used to create SSL certificates. * In Arch-based distributions: - * `pacman -S nginx certbot php-imagick imagemagick curl php-apcu git` + * `pacman -S nginx certbot php-imagick certbot-nginx imagemagick curl php-apcu git` * In Debian-based distributions: - * `apt install php-mbstring nginx certbot php-imagick imagemagick php-curl curl php-apcu git` + * `apt install php-mbstring nginx certbot-nginx certbot php-imagick imagemagick php-curl curl php-apcu git`
@@ -183,7 +183,7 @@

Other important things

1. Configuration guide: Things to do after setup. -2. Apache2 guide: Fallback to this if you couldn't get Nginx to work, or you don't know something. +2. Apache2 guide: Fallback to this if you couldn't get something to work, or you don't know something.

Known issues

1. `php-apcu` not working in Artix[^1], this might be because of it being a systemd daemon, but the binary isn't present. This might apply to Arch Linux as well, since it is from where the package was gotten. Read more in the issue. From 19f82a85364f07c4ad29c074434992b1e9a483ec Mon Sep 17 00:00:00 2001 From: bread Date: Tue, 8 Oct 2024 19:22:38 +0000 Subject: [PATCH 3/6] even more little things I missed (polish!) --- docs/nginx.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/nginx.md b/docs/nginx.md index f4366ad..2ea2138 100644 --- a/docs/nginx.md +++ b/docs/nginx.md @@ -34,7 +34,7 @@
-4. `cd` to `/etc/nginx` and make the `conf.d/` if it doesn't exist: +4. `cd` to `/etc/nginx` and make the `conf.d/` directory if it doesn't exist: * Again, this guesses you're logged in as root. ```sh cd /etc/nginx @@ -183,6 +183,7 @@

Other important things

1. Configuration guide: Things to do after setup. + 2. Apache2 guide: Fallback to this if you couldn't get something to work, or you don't know something.

Known issues

From d709d121113c90910b6383611166d28d1cec8ac4 Mon Sep 17 00:00:00 2001 From: bread Date: Thu, 10 Oct 2024 04:45:06 +0000 Subject: [PATCH 4/6] fix html making md look bad --- docs/nginx.md | 57 ++++++++++++++++++++++++++------------------------- 1 file changed, 29 insertions(+), 28 deletions(-) diff --git a/docs/nginx.md b/docs/nginx.md index 2ea2138..fa56c1a 100644 --- a/docs/nginx.md +++ b/docs/nginx.md @@ -147,46 +147,47 @@ 4. Open *(or duplicate the configuration)* and edit it: * Example configuration, again: ```sh - server { - access_log /dev/null; # Search log file. Do you really need to? - error_log /dev/null; # Error log file. + server { + access_log /dev/null; # Search log file. Do you really need to? + error_log /dev/null; # Error log file. - # Change this if you have 4get in another folder. - root /var/www/4get; - # Change 'onionadress.onion' to your onion link. - server_name onionadress.onion; - # Port to listen to. - listen 80; - - location @php { - try_files $uri.php $uri/index.php =404; - # Change the unix socket address if it's different for you. - fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock; - fastcgi_index index.php; - # Change this to `fastcgi_params` if you use a debian based distribution. - include fastcgi.conf; - fastcgi_intercept_errors on; - } - - location / { - try_files $uri @php; - } - - location ~* ^(.*)\.php$ { - return 301 $1; - } + # Change this if you have 4get in another folder. + root /var/www/4get; + # Change 'onionadress.onion' to your onion link. + server_name onionadress.onion; + # Port to listen to. + listen 80; + location @php { + try_files $uri.php $uri/index.php =404; + # Change the unix socket address if it's different for you. + fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock; + fastcgi_index index.php; + # Change this to `fastcgi_params` if you use a debian based distribution. + include fastcgi.conf; + fastcgi_intercept_errors on; } + + location / { + try_files $uri @php; + } + + location ~* ^(.*)\.php$ { + return 301 $1; + } + + } ``` A real world example is present in [^2]. 5. Once done, check the configuration with `nginx -t`. If everything's fine and dandy, refer to the Tor guide to setup your onion site.

Other important things

-1. Configuration guide: Things to do after setup. +1. Configuration guide: Things to do after setup. 2. Apache2 guide: Fallback to this if you couldn't get something to work, or you don't know something.

Known issues

+ 1. `php-apcu` not working in Artix[^1], this might be because of it being a systemd daemon, but the binary isn't present. This might apply to Arch Linux as well, since it is from where the package was gotten. Read more in the issue. [^1]: lolcat/4get#40, It might be needed to create a boot entry, but the binary is unknown. From 85246cc7ec30fdb1264087f4785667641f616d5a Mon Sep 17 00:00:00 2001 From: bread Date: Sat, 19 Oct 2024 01:12:41 +0000 Subject: [PATCH 5/6] 194 lines of mark(down) --- docs/nginx.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/nginx.md b/docs/nginx.md index fa56c1a..82fc434 100644 --- a/docs/nginx.md +++ b/docs/nginx.md @@ -30,7 +30,7 @@ > IMPORTANT: `php-curl`, `php-mbstring` might be a Debian-only package, but this needs further fact checking. -> IMPORTANT: `php-apcu` is known to not work on Artix[^1]. +> IMPORTANT: If having issues with `php-apcu` or `libsodium`, go to [^1]. @@ -188,7 +188,7 @@

Known issues

-1. `php-apcu` not working in Artix[^1], this might be because of it being a systemd daemon, but the binary isn't present. This might apply to Arch Linux as well, since it is from where the package was gotten. Read more in the issue. +1. https://git.lolcat.ca/lolcat/4get/issues -[^1]: lolcat/4get#40, It might be needed to create a boot entry, but the binary is unknown. +[^1]: lolcat/4get#40, If having issues with `libsodium`, or `php-apcu`. [^2]: git.nadeko.net nadeko.net's 4get instance configuration. \ No newline at end of file From c422abbdc65329e4f3a8eccdeac2a2e560cdff03 Mon Sep 17 00:00:00 2001 From: bread Date: Mon, 21 Oct 2024 14:15:34 +0000 Subject: [PATCH 6/6] add css via copy and paste (slightly edited to not require a lot from my shithole) --- static/themes/Wine.css | 40 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) create mode 100644 static/themes/Wine.css diff --git a/static/themes/Wine.css b/static/themes/Wine.css new file mode 100644 index 0000000..2d79f02 --- /dev/null +++ b/static/themes/Wine.css @@ -0,0 +1,40 @@ +:root +{ + --accent : #f79e98; + --1d2021 : #180d0c; + --282828 : #180d0c; + --3c3836 : #251615; + --504945 : #251615; + --928374 : var(--accent); + --a89984 : #d8c5c4; + --bdae93 : #d8c5c4; + --8ec07c : var(--accent); + --ebdbb2 : #d8c5c4; + --comment: #928374; + --default: #DCC9BC; + --keyword: #F07342; + --string : var(--accent); + --green : #959A6B; + --yellow : #E39C45; + --red : #CF223E; + --white : var(--a89984); + --black : var(--1d2021); + --hover : #b18884 +} + + a.link, a { color: var(--accent); text-decoration: none; } + .searchbox { width: 23%; } + .filters filter select { color: #E39C45; } + .web .separator::before { color: var(--white) } + .searchbox input[type="text"]::placeholder { color: var(--white); } + a.link:hover + { + color: var(--hover); + text-shadow: 0 0 .2rem var(--hover); + } + .code-inline + { border-color: var(--default); font-family: monospace;} + .home #center a + { color: var(--accent); } + .home .subtext + { color: var(--white); }