- Elixir 87.5%
- HTML 9.5%
- CSS 1.7%
- JavaScript 1.1%
- Shell 0.1%
| assets | show reading status of each board from the hall | |
| config | linkify uri in body when it is an allowed scheme | |
| lib | linkify uri in body when it is an allowed scheme | |
| priv | fix flaw at the core of read cursors | |
| rel/overlays/bin | add OTP release material | |
| test | linkify uri in body when it is an allowed scheme | |
| .formatter.exs | /dev/null | |
| .gitignore | a user can register and login via SSH | |
| LICENCE | /dev/null | |
| mix.exs | linkify uri in body when it is an allowed scheme | |
| mix.lock | wipe mailing and clustering capabilities | |
| README.md | linkify uri in body when it is an allowed scheme | |
BBoard
Bulletin Board, or more commonly named Forum, project.
This is not really meant to be something run by anyone, but feel free doing it, nothing nor anyone can stop you.
Documentation
This is very crude, but should give a hint on how to doing it.
Installation
You will need the following dependencies: elixir argon2, as well as PostgreSQL for the database (postgresql-contrib or equivalent should be installed to have the citext extension).
mkdir -p /opt/bboard
git clone https://codeberg.org/fungal/bboard /opt/bboad
cd /opt/bboard
mix deps.get --only=prod
MIX_ENV=prod mix compile
MIX_ENV=prod mix assets.deploy
MIX_ENV=prod mix release
Running the service
The following systemd unit is enough for running Bboard as a daemon (/usr/lib/systemd/system/bboard.service):
[Unit]
Description = Bboard service - https://codeberg.org/fungal/bboard
After = network.target
Requires = network.target
[Install]
WantedBy = multi-user.target
[Service]
DynamicUser = yes
EnvironmentFile = /etc/bboard/env
ExecStart = /opt/bboard/_build/prod/rel/bboard/bin/bboard start
PrivateDevices = true
PrivateIPC = yes
PrivateTmp = yes
ProtectClock = true
ProtectControlGroups = true
ProtectHome = true
ProtectHostname = true
ProtectKernelLogs = true
ProtectKernelModules = true
ProtectKernelTunables = true
RestrictRealtime = true
StateDirectory = bboard
Type = exec
Create the /etc/bboard directory, with the file /etc/bboard/env containing the configuration (see Configuration for the available options).
Since it will contain secrets, don't forget to make it owned by root and changing its permissions to 400.
If you have selinux with enforce mode (which you should do), you would have to change the context of the directory:
chcon -Rt bin_t /opt/bboard/
Bootstraping the first user
The database way
By design a user can't register without an invitation code, which can only be generated by a user. The solution to this chicken-egg problem is to create the first user with a database insertion query.
First, generate a password using argon2:
echo "meow_password" | argon2 $RANDOM$RANDOM
Type: Argon2i
Iterations: 3
Memory: 4096 KiB
Parallelism: 1
Hash: 6dc5d4b00d3ea8a34084af279e427970e5e642e98cff653d7406355a46495dbd
Encoded: $argon2i$v=19$m=4096,t=3,p=1$MTQwMzI0NjA5$bcXUsA0+qKNAhK8nnkJ5cOXmQumM/2U9dAY1WkZJXb0
0.012 seconds
Verification ok
The output that interest us here is the value associated to "Encoded": $argon2i$v=19$m=4096,t=3,p=1$MTQwMzI0NjA5$bcXUsA0+qKNAhK8nnkJ5cOXmQumM/2U9dAY1WkZJXb0.
Feel free to change the password "meow_password" for something more secure (and change it once logged in anyway).
Then connect to the Bboard database and execute the following insertion (don't forget to change the hash by yours!):
insertintousers(name,hashed_password,inserted_at,updated_at)values('change_my_name','i am not a valid hash, change me!',now(),now());If you changed the name to something to your liking as well as the password and Bboard is running, you should be able to login in. You can still change your name and the password once authenticated.
This procedure can be used to create any account without an invitation code, if this is desired.
The witch way
Another option of creating a user is to connect to the server when running and calling the right code.
It has the following shape: first /opt/bboard/_build/prod/rel/bboard/bin/bboard remote, which will bring you to the Bboard REPL.
Be careful as any silly action will have consequences! (it is basically a shell in the program)
Then once in the REPL, run the following command: Bboard.Accounts.register_password(%{name: "username!", password: "the_password!"}).
Read the output, it will indicate you if it succeed or failed.
Configuration
Bboard can be using environment variables.
PHX_SERVER: if set, runs the HTTP serverMIX_ENV: defines the kind of environment- "prod":
DATABASE_URL: how to connect to the database, e.g.ecto://USER:PASS@HOST/DATABASEECTO_IPV6: iftrueor1, will use IPv6 to connect to the databasePOOL_SIZE: the database connection pool (you likely don't have to configure this)SECRET_KEY_BASE: secret used to sign the cookies, should be at least 32 charactersPHX_HOST: the used hostname for creating url, e.g. "example.com"PORT: the port on which the HTTP server will listen to
- "prod":
ADMINS: comma separated user id assigned to the group admin, e.g. "1,42"ALLOWED_SCHEMES: comma separated schemes allowed to be recognised as a link, e.g. "http,irc,ftp", default: "http,https,mailto"MODS: comma separated user id assigned to the group mod, e.g. "1,69"MAX_INVITES: defines how many invitations a user may generated, default: 4
LICENCE
EUPL 1.2