- Rust 85.3%
- CSS 8.8%
- HTML 2.8%
- JavaScript 2.4%
- Shell 0.7%
meep!
meep is designed to be a personal (asocial) microblogging "platform"
another way to think of it is a way to store one's own personal thoughts as they occur to them throughout their day
the difference between this and existing microblogging (twitter or even mastodon or other fediverse platforms) is that instead of posting to followers, one posts to onesself
however, it might evolve to be more social
it is a fork of mb, which stores posts in redb instead of markdown
design goals
- markdown, no database: not a use case where a relational database is necessary
- furthermore, for the moment the idea is to create/add to a mkdocs-compatible system utilizing frontmatter for metadata such as datetime
- local with git optional: being asocial means not having to worry about how it is made accessible
- but being able to "sync" it with a git repo is highly desirable; might add support for generic hooks
- app-less: for the moment, simple enough to not need a native app
- but it can be "installed" to a system as a pwa
- single executable: by utilizing a compiled language, no need to have whatever scripting language installed
- (default) themes and static assets will be bundled with the binary and extracted if needed
- rust chosen because i want to learn it more and because it was either that or go or v
- simple web: bare minimum javascript, simple standard html
<form>- because why overcomplicate it?
- see docs/JAVASCRIPT.md for all usages and explanations of javascript usage
customization
when meep is first run, it extracts files that can then be modified to customize the look and feel of your meep instance
you can create your own icon to replace public/theme/favicon.svg and modify the styles in public/theme/default.css to suite your fancy
the templates\*.tera files are extracted primarily as a reference for customizing the css, but they can also be customized for even further personalization - but it's on you if you break stuff
also be sure to take a look at all the possible config values for further customization (e.g. title, description, page_size)
changes from mb
meep is a fork of mb with significant changes:
- filesystem storage instead of redb database - posts are individual markdown files
- session-based authentication with login form, plus http basic auth for api access and optional read-only credentials
- full markdown rendering with commonmark (tables, strikethrough, footnotes, etc.)
- git integration - optional auto-commit and push on post changes
- comprehensive security - rate limiting, ip lockout, argon2 password hashing, encrypted session cookies, scanner detection
- enhanced ui - dark/light theme toggle, mobile responsive, pwa support
- admin interfaces -
/aboutfor system info,/logsfor web-based log viewer - embedded assets - templates and static files bundled in binary
- daily log rotation - new log file each day with colorized web viewer
- cli commands -
gen-config,hash-password,version
for a detailed comparison of all changes, see the example post
security
almost immediately upon hosting meep in a digitalocean droplet, it started to receive strange requests from bots, looking for vulnerabilities
therefore, meep includes comprehensive security features including:
- session-based authentication - encrypted cookies, login forms, proper logout
- rate limiting - per-IP limits on authentication, posting, and API endpoints
- ip-based lockout - temporary bans after repeated failed login attempts
- argon2 password hashing - memory-hard algorithm resistant to gpu/asic attacks
- scanner detection - identifies and logs automated vulnerability scanners
- security headers - hsts, frame-deny, and other protective headers
note: session cookies use auto-generated keys and do not persist across server restarts. for a personal microblog with 1-2 users, this simplicity trade-off is intentional.
see docs/SECURITY.md for complete security documentation