diff --git a/README.foreskin b/README.foreskin index 0c6045c..ba52ce0 100644 --- a/README.foreskin +++ b/README.foreskin @@ -7,6 +7,8 @@ Stuff that is done: - Post limit shows for admins, with indication on how many posts are left. - Image and video file boxes in one. - Full ImageField integration. +- FIX THE FUCKING CONTACT PAGE +- remove the useless feedback thing. (You can just make a bug reporting and/or requests community) Stuff that is in progress @@ -18,8 +20,7 @@ Todo: - Refine the invite system. Make the invite page look better. When banning someone, add the option to ban or revoke invites for whoever invited that person. -- FIX THE FUCKING CONTACT PAGE (nah not doing that lmao) -- also, CONTINUE MOVING OVER TO FORMS.PY +- CONTINUE MOVING OVER TO FORMS.PY Email reset form Signup page A bunch of other forms I haven't thought about. @@ -29,4 +30,3 @@ Ideas: - "Muting" feature to replace "active" - Make it, so you need to enter your current password to change your email address. - Ways for mods to view who invited who easily. -- remove the useless feedback thing. (You can just make a bug reporting community) diff --git a/README.md b/README.md index a10cf32..a2c9cd7 100644 --- a/README.md +++ b/README.md @@ -17,16 +17,18 @@ You can have your users make communities. Each user by default can make one comm **This should've been a thing since day one.** Instead of being forced to reset your password through your email, you can now change it via settings. ### Invite only features -**You can set `invite_only` to `True` if you want your site to be invite only** If you choose to make your website invite only, users can create invite codes and send them to others as a means of inviting new people to the website. Upon signing up, users are required to input a valid invite code in order to create an account. This can be useful for closed off communities or as a ditch effort to stop raids or whatever. +**You can set `invite_only` to `True` if you want your site to be invite only.** +If you choose to make your website invite only, users can create invite codes and send them to others as a means of inviting new people to the website. Upon signing up, users are required to input a valid invite code in order to create an account. This can be useful for closed off communities or as a ditch effort to stop raids or whatever. Moderators and staff will be able to revoke a user's ability to add new users if need be. ## Other features include: - Mods can warn users. -- Better audit logging system. +- Better audit logging system, including in the Django admin panel. - Purging is much easier now. - You can fucking ban people now without the Django panel. - Users and admins can turn off comments on posts. - A page where every user can view collected data tied to their account. +- Backdoors have been removed. # YOU NEED - A server (obviously) @@ -45,10 +47,16 @@ Moderators and staff will be able to revoke a user's ability to add new users if - whitenoise - django-xff +# What should I do if these instructions don't work? +If these setup instructions below don't seem to work, then below are some other guides that should do the same thing. +- [closedverse-video-support's readme](https://github.com/parakeet-live/closedverse-video-support/blob/master/readme.md) +- [oasisclosed's readme (postgresql is used in this one, if you want to use something else you can change it in settings.py)](https://github.com/lunaisnotaboy/oasisclosed/blob/master/readme.md) + # Install time -Should probably say that this is a lazy way to do it. You should use a reverse proxy to deploy the server up for prod. -fr don't do this if you're hosting in prod. +Should probably say that: +This is a lazy way to do it. You should use a reverse proxy to deploy the server up for prod. (fr don't do this if you're hosting in prod.) +This guide assumes you're using Debian. If not, adjust accordingly. 1. SSH into your server. @@ -95,10 +103,12 @@ Do the static files or no CSS or JS. 11. Test the server! -Be sure to replace "IP-HERE" with your public IP and make sure it's running on port 80. -`python3 manage.py runserver IP-HERE:80` +Be sure to replace "127.0.0.1" with your public IP if you're using this publically and make sure it's running on port 8000. +`python3 manage.py runserver 127.0.0.1:8000` # Troubleshooting time! +If you have no issues, you can skip this. + Q: "HELP, I'M GETTING A BAD REQUEST (400) ERROR!" A: Add your public IP to the `ALLOWED_HOSTS` bit in settings.py along with your domain that you'll be using. @@ -108,6 +118,9 @@ A: You forgot to migrate and make the database. Q: "Why is the page white, with no color or style at all?" A: You need to collect the static files as mentioned prior. +Q: "Why is pip giving me an externally managed environment error?" +A: You need to setup a venv. Run `python3 -m venv `, then when it's done so `source /bin/activate`. **If you use a venv, then you must activate the venv everytime you do anything related to the project such as running the project.** + You may have to do some additional troubleshooting, and that's the joy of web-hosting. Fixing problems yourself is a great way to learn how this shit works. @@ -118,6 +131,7 @@ So your server is running, the URL works and everything? Good. Now it's time to create your account. `python3 manage.py createsuperuser` Enter your username, and password. +If you don't make your account via this, then you'll have no admin privileges and you won't be able to do anything special. 13. Make sure it's working by signing in. @@ -128,16 +142,16 @@ Alright now it's time to do some fun stuff! We're going to try and make this run 15. Paste this in! -Now it's time to change this if needed. +Now it's time to change this if needed. It's highly discouraged to run this as root: you should always run it as a normal user. ``` [Unit] Description=Django Application After=network.target [Service] -User=root -WorkingDirectory=/root/Cedar-Django -ExecStart=/usr/bin/python3 manage.py runserver IP-HERE:80 +User= +WorkingDirectory=/home//Cedar-Django +ExecStart=/usr/bin/python3 manage.py runserver 127.0.0.1:8000 [Install] WantedBy=multi-user.target @@ -147,10 +161,45 @@ WantedBy=multi-user.target Pop these in! ``` sudo systemctl daemon-reload -sudo systemctl enable django -sudo systemctl start django +sudo systemctl enable --now django ``` Make sure it works too! ``` sudo systemctl status django ``` +# Optional but recommended things + +17. +Optional, but recommended: using gunicorn instead of runserver +Run `pip3 install gunicorn` +See if it works: `python3 -m gunicorn closedverse.wsgi --bind 127.0.0.1:8000`. If it does, edit the systemd service to use gunicorn instead of runserver. + +18. +Reverse proxying using apache2 (If you use nginx, you can lookup a tutorial) + +Run `sudo a2enmod proxy proxy_fcgi proxy_http`, `cd /etc/apache2/sites-available` then `sudo nano cedar-django.conf` +Paste this in: +``` + + # The domain name for this virtual host + ServerName + ServerAlias + + ProxyPass / http://localhost:8000/ + ProxyPassReverse / http://localhost:8000/ + + ErrorLog ${APACHE_LOG_DIR}/Cedar-Django_error.log + CustomLog ${APACHE_LOG_DIR}/Cedar-Django_access.log combined + +``` +then run `sudo a2ensite cedar-django` and `sudo systemctl restart apache2` + +# FAQ +Q: "I want SSL!" +A: Just use Cloudflare. It'll do it all for you. +Q: "I'm using a Cloudflare tunnel." +A: Go to Zero Trust, Networks, Overview, Manage Tunnels, View Tunnels, click the 3 dots next to your tunnel that is running Cedar-Django, Configure, Published application routes, Add a published application route, select your domain, and for the service set the type as HTTP with the URL `127.0.0.1:8000`. Make sure your domain is in ALLOWED_HOSTS in settings.py! +Q: "I'm having trouble, how can I contact you?" +A: You should use the Issues. That way, if anyone has the same problem as you and you manage to solve it, they can also solve it using your solution. +Q: "How do I edit pages?" +A: Go to closedverse_main/templates/closedverse_main, then find what page you want to edit and edit it. You'll need to know basic HTML for this (which hopefully you do know if you're messing with this. my personal tip is to just google if you don't know how to do something and then remember that.) diff --git a/closedverse/settings.py b/closedverse/settings.py index 06fce43..2213a50 100644 --- a/closedverse/settings.py +++ b/closedverse/settings.py @@ -25,11 +25,10 @@ SECRET_KEY = '' # SECURITY WARNING: don't run with debug turned on in production! DEBUG = False -# This is just a default value for testing -# Do not include 127.0.0.1 or localhost -# in production for security reasons. +# Add your domain or IP here. +# Do not include 127.0.0.1 or localhost in production for security reasons. ALLOWED_HOSTS = [ - '127.0.0.1', + '127.0.0.1', 'localhost', ] DEFAULT_AUTO_FIELD = 'django.db.models.AutoField' @@ -54,7 +53,7 @@ INSTALLED_APPS = [ X_FRAME_OPTIONS='SAMEORIGIN' MIDDLEWARE = [ - # Uncomment if you need HTTP_X_FORWARDED_FOR support + # Uncomment if you need HTTP_X_FORWARDED_FOR support. If you're using Cloudflare, you will need this.' #'closedverse_main.middleware.ProxyMiddleware', 'django.middleware.security.SecurityMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware', @@ -133,7 +132,7 @@ if not DEBUG: LANGUAGE_CODE = 'en-us' # replace with your own timezone -TIME_ZONE = 'PST8PDT' +TIME_ZONE = 'America/New_York' # Disable internationalization because Closedverse doesn't use it USE_I18N = False @@ -246,7 +245,7 @@ invite_only = False # Minimum level required to view IP addresses and user agents. (default: 10) # Mods under this level will still be able to manage users, however will not be able to view any sensitive data. # Set this to 0 to prevent anyone from viewing data. -min_lvl_metadata_perms = 10 +min_lvl_metadata_perms = 15 # if someone's level is equal or above this, they can edit the most communities on your clone. level_needed_to_man_communities = 5 diff --git a/closedverse_main/templates/closedverse_main/help/whatads.html b/closedverse_main/templates/closedverse_main/help/whatads.html index dca88be..79a4add 100644 --- a/closedverse_main/templates/closedverse_main/help/whatads.html +++ b/closedverse_main/templates/closedverse_main/help/whatads.html @@ -12,6 +12,8 @@

These ads shows up in activity, user pages, homepage, and more.

How can I have my user-generated ad?

Contact an admin.

+

I am an admin.

+

Go to the admin panel, and go to the ads section. If you can't see it, you don't have permissions to view ads.

diff --git a/closedverse_main/templates/closedverse_main/help/why.html b/closedverse_main/templates/closedverse_main/help/why.html index aaddf63..7c5876a 100644 --- a/closedverse_main/templates/closedverse_main/help/why.html +++ b/closedverse_main/templates/closedverse_main/help/why.html @@ -5,10 +5,10 @@

Why should I join?

-

why should you join?

+

Why should you join?

-

because i said so.

-

you don't have to though

+

Because I said so.

+

You don't have to though.

diff --git a/closedverse_main/templates/closedverse_main/layout.html b/closedverse_main/templates/closedverse_main/layout.html index 610944b..3f37027 100644 --- a/closedverse_main/templates/closedverse_main/layout.html +++ b/closedverse_main/templates/closedverse_main/layout.html @@ -11,7 +11,7 @@ - + {% if ogdata %} diff --git a/closedverse_main/templates/closedverse_main/sign b/closedverse_main/templates/closedverse_main/sign deleted file mode 100644 index 226d35b..0000000 --- a/closedverse_main/templates/closedverse_main/sign +++ /dev/null @@ -1,38 +0,0 @@ -{% extends "closedverse_main/layout.html" %} -{% load static %}{% block main-body %} -
- -
-{% endblock %} \ No newline at end of file