Archived
1
0

update docs

This commit is contained in:
Jeff Becker 2017-04-04 09:01:43 -04:00
parent 08aaac492e
commit fa66537f9e
13 changed files with 145 additions and 221 deletions

View File

@ -4,7 +4,7 @@ NNTPChan Documentation
Hey, welcome to the documentation. This will help you use and develop with NNTPChan. Hey, welcome to the documentation. This will help you use and develop with NNTPChan.
##End-user related ## End-user related
1. [Building NNTPChan](building.md) - Building the source code 1. [Building NNTPChan](building.md) - Building the source code
2. [Setting up NNTPChan](setting-up.md) - Configuring the node 2. [Setting up NNTPChan](setting-up.md) - Configuring the node
@ -13,7 +13,7 @@ Hey, welcome to the documentation. This will help you use and develop with NNTPC
5. [Moderating NNTPChan](moderation.md) - Keep your node clean 5. [Moderating NNTPChan](moderation.md) - Keep your node clean
5. [Configuring your news reader for NNTPChan](extras/configure-newsreader.md) - Setup **Mozilla Thunderbird** or **Pan** to send and receive articles from your NNTPChan node of choice. 5. [Configuring your news reader for NNTPChan](extras/configure-newsreader.md) - Setup **Mozilla Thunderbird** or **Pan** to send and receive articles from your NNTPChan node of choice.
##Developer related ## Developer related
1. [Protocol](developer/protocol.md) - NNTPChan's protocol specification 1. [Protocol](developer/protocol.md) - NNTPChan's protocol specification
2. [JSON-RPC API](developer/api.md) - NNTPChan's JSON-RPC API 2. [JSON-RPC API](developer/api.md) - NNTPChan's JSON-RPC API

View File

@ -20,12 +20,12 @@ Download the golang tarball, extract it to `/usr/local`, and add it to the globa
``` ```
cd /opt cd /opt
wget https://storage.googleapis.com/golang/go1.7.3.linux-amd64.tar.gz wget https://storage.googleapis.com/golang/go1.8.linux-amd64.tar.gz
tar -C /usr/local/ -xvzf go1.7.3.linux-amd64.tar.gz tar -C /usr/local/ -xvzf go1.8.linux-amd64.tar.gz
echo 'export PATH="$PATH:/usr/local/go/bin"' >> /etc/profile echo 'export PATH="$PATH:/usr/local/go/bin"' >> /etc/profile
``` ```
Your `PATH` is set at login, so log out and back in before proceeding. Your `PATH` is set at login, so log out and back in before proceeding.
## Install nntpchan ## Install nntpchan
@ -33,7 +33,7 @@ Your `PATH` is set at login, so log out and back in before proceeding.
cd /opt cd /opt
git clone https://github.com/majestrate/nntpchan.git git clone https://github.com/majestrate/nntpchan.git
cd nntpchan cd nntpchan
./build.sh make
``` ```
Now you can proceed with [setting up NNTPChan](setting-up.md). When you get to the "set paths to external programs" step, you should change the ffmpeg path to `/usr/bin/avconv`. Now you can proceed with [setting up NNTPChan](setting-up.md). When you get to the "set paths to external programs" step, you should change the ffmpeg path to `/usr/bin/avconv`.

View File

@ -2,7 +2,7 @@ Install the initial dependencies:
# apt-get -y --no-install-recommends install imagemagick libsodium-dev sox git ca-certificates \ # apt-get -y --no-install-recommends install imagemagick libsodium-dev sox git ca-certificates \
libav-tools build-essential tcl8.5 postgresql postgresql-contrib golang-go libav-tools build-essential tcl8.5 postgresql postgresql-contrib golang-go
Configure PostgreSQL: Configure PostgreSQL:
# su - postgres -c "createuser --pwprompt --encrypted srnd" # su - postgres -c "createuser --pwprompt --encrypted srnd"
@ -13,4 +13,4 @@ Install nntpchan:
# cd /opt # cd /opt
# git clone https://github.com/majestrate/nntpchan.git # git clone https://github.com/majestrate/nntpchan.git
# cd nntpchan # cd nntpchan
# ./build.sh # make

View File

@ -3,7 +3,7 @@ Building NNPTChan
This document will help you build the NNTPChan software from the source code. This document will help you build the NNTPChan software from the source code.
##Requirements ## Requirements
NNTPChan can run on the following operating systems: NNTPChan can run on the following operating systems:
@ -17,68 +17,50 @@ Dependancies:
* imagemagick * imagemagick
* ffmpeg * ffmpeg
* sox * sox
* go _1.6_ or _higher_ **with redis driver** * go _1.6_ or higher
* go _1.3_ or _higher_ **without redis driver** * GNU make
##Debian instructions ## Debian instructions
These are installation instructions for Debian. These are installation instructions for Debian.
###Install Go ### Install Go
Install the Go programming language version _1.6_ from the [Go website](https://golang.org/dl/). Install the Go programming language version _1.6_ from the [Go website](https://golang.org/dl/).
###Install the dependancies ### Install the dependancies
sudo apt-get update sudo apt-get update
sudo apt-get --no-install-recommends install imagemagick libsodium-dev ffmpeg sox build-essential git ca-certificates sudo apt-get --no-install-recommends install imagemagick libsodium-dev ffmpeg sox build-essential git ca-certificates postgresql postgresql-client
###Installing Redis ### Get the NNTPChan source
Run this to install Redis - if you want to use Redis.
su
apt-get install redis-server
###Installing Postgres (WIP)
Run this to install Postgres - if you want to use Postgres.
# install as root
su
apt-get install --no-install-recommends postgresql postgresql-client
###Get the NNTPChan source
git clone https://github.com/majestrate/nntpchan --depth=1 git clone https://github.com/majestrate/nntpchan --depth=1
cd nntpchan cd nntpchan
###Now compile! ### Now compile!
If you want to compile with Redis support (recommended - Redis is easy to use) then run: Run `make`:
./build.sh make
If you want to build without support for Redis then build with the `--no-redis` flag:
./build.sh --no-redis ## Trisquel instructions (WIP)
##Trisquel instructions (WIP)
These are installation instructions for Trisquel. These are installation instructions for Trisquel.
###Install Go ### Install Go
Run this to install Go. Run this to install Go.
sudo apt-get update sudo apt-get update
sudo apt-get install golang-1.6 sudo apt-get install golang-1.6
###Installing dependancies (standard) ### Installing dependancies (standard)
sudo apt-get --no-install-recommends install imagemagick libsodium-dev sox build-essential git ca-certificates sudo apt-get --no-install-recommends install imagemagick libsodium-dev sox build-essential git ca-certificates postgresql postgresql-client
###Installing dependancies (`ffmpeg` is not available in Trisquel repos - there must be compiled) ### Installing dependancies (`ffmpeg` is not available in Trisquel repos - there must be compiled)
This will install `ffmpeg` to `/usr/local/bin/ffmpeg`: This will install `ffmpeg` to `/usr/local/bin/ffmpeg`:
@ -90,29 +72,13 @@ This will install `ffmpeg` to `/usr/local/bin/ffmpeg`:
cd .. cd ..
rm -rf ffmpeg rm -rf ffmpeg
###Installing Redis ### Get the NNTPChan source
Run this to install Redis - if you want to use Redis.
sudo apt-get install redis-server
###Installing Postgres (WIP)
Run this to install Postgres - if you want to use Postgres.
sudo apt-get install --no-install-recommends postgresql postgresql-client
###Get the NNTPChan source
git clone https://github.com/majestrate/nntpchan --depth=1 git clone https://github.com/majestrate/nntpchan --depth=1
cd nntpchan cd nntpchan
###Now compile! ### Now compile!
If you want to compile with Redis support (recommended - Redis is easy to use) then run: run `make`
./build.sh make
If you want to build without support for Redis then build with the `--no-redis` flag:
./build.sh --no-redis

View File

@ -1,37 +1,43 @@
#Command-line interface # Command-line interface
**srndv2** comes with a selection of command-line arguments for managing your node. **srndv2** comes with a selection of command-line arguments for managing your node.
##Rebuild all thumbnails ## Rebuild all thumbnails
To rebuild all thumbnails run: To rebuild all thumbnails run:
./srndv2 tool rethumb ./srndv2 tool rethumb
##Generate a new tripcode keypair (prints to stdout) ## Generate a new tripcode keypair (prints to stdout)
./srndv2 tool keygen ./srndv2 tool keygen
##Add a public key to moderation trust ## Add a public key to moderation trust
Where `publickey` is the public key to be added. Where `publickey` is the public key to be added.
./srndv2 tool mod add publickey ./srndv2 tool mod add publickey
##Remove a public key from moderation trust ## Remove a public key from moderation trust
Where `publickey` is the public key to be removed. Where `publickey` is the public key to be removed.
./srndv2 tool mod del publickey ./srndv2 tool mod del publickey
##Add a new NNTP user ## Add a new NNTP user
Where `username` is the username and `password` is the user's password for the new uer. Where `username` is the username and `password` is the user's password for the new uer.
./srndv2 tool nntp add-login username password ./srndv2 tool nntp add-login username password
##Remove an existing NNTP user ## Remove an existing NNTP user
Where `username` is the username of the user to be deleted. Where `username` is the username of the user to be deleted.
./srndv2 tool nntp del-login username ./srndv2 tool nntp del-login username
## Moderator shell
commandline interface for moderator actions
./srndv2 tool mod do

View File

@ -3,11 +3,11 @@ Configuring Postgres database
These are instructions for setting up NNTPChan with Postgres as the data-storage system. These are instructions for setting up NNTPChan with Postgres as the data-storage system.
##Configuring Postgres ## Configuring Postgres
A user with sufficient privileges to run su is required (hint: you can use root). This command switches to the Postgres user, creates a Postgres role called `srnd`, and prompts for a password. For illustrative purposes, we will use `srnd` as the password. A user with sufficient privileges to run su is required (hint: you can use root). This command switches to the Postgres user, creates a Postgres role called `srnd`, and prompts for a password. For illustrative purposes, we will use `srnd` as the password.
# su - postgres -c "createuser --pwprompt --createdb --encrypted srnd" # su - postgres -c "createuser --pwprompt --createdb --encrypted srnd"
###Important ### Important
It's easiest to connect to Postgres using role-based authentication. In this case, our Linux user `srnd` matches up with our Postgres role `srnd`, so role-based authentication can take place. If you're running SRNDv2 as a different user (e.g. `nntpchan`), you will need to create a role that matches that user using the command above. It's easiest to connect to Postgres using role-based authentication. In this case, our Linux user `srnd` matches up with our Postgres role `srnd`, so role-based authentication can take place. If you're running SRNDv2 as a different user (e.g. `nntpchan`), you will need to create a role that matches that user using the command above.

View File

@ -1,20 +0,0 @@
Configuring Redis database
==========================
These are instructions for setting up NNTPChan with Redis as the data-storage system.
##Configuring Redis
In `srnd.ini` the database sections should look like this:
[database]
type=redis
schema=single
host=localhost
port=6379
user=
password=
##Securing Redis (optional)
Read [Securing Redis](securing-redis.md) for adding password authentication to your Redis server.

View File

@ -1,15 +0,0 @@
Securing Redis
==============
This document provides a good tip for securing your Redis server, just to be 100% happy with the security.
##Adding an authentication password for commands
This will allow you to add a password to your Redis server that must be used before any other commands can be issued to your Redis server.
* Remember choose a strong password with lower-case, upper-case, numbers and other symbols.
* Make sure there are no spaces. (need to still test this #6969)
Then take your password, `x` and run this command (with `sudo` if needed).
echo "requirepass x" >> /path/to/your/redis.conf

View File

@ -3,15 +3,15 @@ Protocol
Documentation of the NNTPChan protocol. Documentation of the NNTPChan protocol.
##Preface ## Preface
NNTPChan is a newsgroup meant to be served on web frontends in an effort to create a decentralized imageboard. Moderation takes place on each frontend itself. Message and image transport is using MIME multipart messages and Base64 as encoding for Images. All messages need to be valid NNTP messages, the transport of messages need to follow NNTP specifications. It is possible to use an existing NNTP daemon like INN or to implement the NNTP sync part as well. NNTPChan is a newsgroup meant to be served on web frontends in an effort to create a decentralized imageboard. Moderation takes place on each frontend itself. Message and image transport is using MIME multipart messages and Base64 as encoding for Images. All messages need to be valid NNTP messages, the transport of messages need to follow NNTP specifications. It is possible to use an existing NNTP daemon like INN or to implement the NNTP sync part as well.
##Sync Protocol (NNTP) ## Sync Protocol (NNTP)
###Article Format ### Article Format
####Monopart #### Monopart
Message without images can be sent without delimiting the message. Message without images can be sent without delimiting the message.
@ -30,7 +30,7 @@ Message without images can be sent without delimiting the message.
some visible message text some visible message text
####Multipart #### Multipart
This is necessary for posting files. This is necessary for posting files.
@ -68,11 +68,11 @@ Where ``$identifier`` should be a rather long random string (at least 0-9, a-z,
In ~~2013~~ 2015 we can send UTF-8 messages, although this is not part of the old testament. In ~~2013~~ 2015 we can send UTF-8 messages, although this is not part of the old testament.
####Date #### Date
It is recommend to use ``UTC (+0000)`` as timezone for new messages. If a received message is not already in UTC, the date may be converted to UTC for display purposes. It is recommend to use ``UTC (+0000)`` as timezone for new messages. If a received message is not already in UTC, the date may be converted to UTC for display purposes.
####Message-ID: (see RFC 3977) #### Message-ID: (see RFC 3977)
"A message-id MUST begin with "<", end with ">", and MUST NOT contain the latter except at the end." "A message-id MUST begin with "<", end with ">", and MUST NOT contain the latter except at the end."
"A message-id MUST be between 3 and 250 octets in length." "A message-id MUST be between 3 and 250 octets in length."
@ -84,30 +84,30 @@ It is recommend to use ``UTC (+0000)`` as timezone for new messages. If a receiv
Which would result in ``jbUdn73KxN1369733675@web.hschan.ano`` This format makes it easier to block massive spam/inapropiate content based on the frontend and a timespan. Which would result in ``jbUdn73KxN1369733675@web.hschan.ano`` This format makes it easier to block massive spam/inapropiate content based on the frontend and a timespan.
####References #### References
If reference is not given or empty, the message is considered an original (root) post. If reference is not given or empty, the message is considered an original (root) post.
####X-Sage #### X-Sage
If ``X-Sage`` is given, the message shall not bump the corresponding thread. If ``X-Sage`` is given, the message shall not bump the corresponding thread.
###Transport Format ### Transport Format
NNTP requires line endings with ``\r\n`` NNTP requires line endings with ``\r\n``
####Sending #### Sending
if a line in the message body starts with `.` in needs another `.` prepended. the last line must be a single `.\r\n` if a line in the message body starts with `.` in needs another `.` prepended. the last line must be a single `.\r\n`
####Receiving: #### Receiving:
If a line in the message body starts with `.` but is not `.\r\n` the `.` needs to be removed. If a line in the message body starts with `.` but is not `.\r\n` the `.` needs to be removed.
##Frontend ## Frontend
###Postnumbers ### Postnumbers
The first ten characters of a sha1sum of field message-id. The probability for a unique post number (at time of generation) on a board with a maximum of 30k messages is: The first ten characters of a sha1sum of field message-id. The probability for a unique post number (at time of generation) on a board with a maximum of 30k messages is:
@ -117,7 +117,7 @@ In case of several message forgers exhaust obscure post numbers, it will become
There was a hash collision on October 13 2015, the post hash has been bumped from 10 to 18 bytes. There was a hash collision on October 13 2015, the post hash has been bumped from 10 to 18 bytes.
####Quotes #### Quotes
Quotes reference postnumbers and work across all boards on overchan. The comment field may contain serveral lines such as: Quotes reference postnumbers and work across all boards on overchan. The comment field may contain serveral lines such as:
@ -127,16 +127,16 @@ to quote someone.
Valid quotes match this regex: `>+ ?[0-9a-f]+` Valid quotes match this regex: `>+ ?[0-9a-f]+`
#####Optional ##### Optional
* Resolve quotes to corresponding articles and append them to references - this will aid newsreaders. * Resolve quotes to corresponding articles and append them to references - this will aid newsreaders.
* Parse message IDs as quotes * Parse message IDs as quotes
###Implementations ### Implementations
Because of the decentralized nature of NNTPChan, many different entry points to using the service can exist. In the following we discuss different implementations all serving from the newsgroup 'overchan'. Because of the decentralized nature of NNTPChan, many different entry points to using the service can exist. In the following we discuss different implementations all serving from the newsgroup 'overchan'.
####negromancy.ano #### negromancy.ano
negromancy.ano uses `breaking-news`, a web frontend compiler for imageboards, pastebins, etc. negromancy.ano uses `breaking-news`, a web frontend compiler for imageboards, pastebins, etc.
@ -148,19 +148,19 @@ You can visit http://boards.negromancy.ano/
for browsing the imageboard. for browsing the imageboard.
#####GET request ##### GET request
nginx will serve a static html from dir. nginx will serve a static html from dir.
#####POST request ##### POST request
nginx will reverse to the happstack web application which generates and sends a NNTP message to a local INN daemon. INNd will place the new article in dir and feed it to its configured peers. Pictures are encoded in base64 or base91a. Root posting will not work without attaching an image. nginx will reverse to the happstack web application which generates and sends a NNTP message to a local INN daemon. INNd will place the new article in dir and feed it to its configured peers. Pictures are encoded in base64 or base91a. Root posting will not work without attaching an image.
#####Generation of Html ##### Generation of Html
The daemon will poll for new articles in dir. If new files are found, it generates 10 main pages ranging from 0.html to 9.html and a html each for any altered threads. For each new article the corresponding thread, starting with the original post, will be bumped to the first page (0.html). For new posts, corresponding pictures are created and 'thumbnailed' through mogrify. The daemon will poll for new articles in dir. If new files are found, it generates 10 main pages ranging from 0.html to 9.html and a html each for any altered threads. For each new article the corresponding thread, starting with the original post, will be bumped to the first page (0.html). For new posts, corresponding pictures are created and 'thumbnailed' through mogrify.
####overchan.sfor.ano #### overchan.sfor.ano
overchan.sfor.ano uses SRNd, a complete NNTP server implemented in Python. overchan.sfor.ano uses SRNd, a complete NNTP server implemented in Python.
@ -170,39 +170,39 @@ You can visit http://overchan.sfor.ano
for browsing the imageboard and ``git clone git://git.sfor.ano/SRNd.git`` for source. for browsing the imageboard and ``git clone git://git.sfor.ano/SRNd.git`` for source.
#####GET request ##### GET request
nginx will serve a static html or image from dir. nginx will serve a static html or image from dir.
#####POST request ##### POST request
nginx will proxy to postman which generates and delivers a NNTP message to SRNd which then will notify overchan plugin about the new message and also deliver it to its configured NNTP peers (which can run SRNd or another NNTPd software like INN). Pictures are encoded in base64. nginx will proxy to postman which generates and delivers a NNTP message to SRNd which then will notify overchan plugin about the new message and also deliver it to its configured NNTP peers (which can run SRNd or another NNTPd software like INN). Pictures are encoded in base64.
#####Generation of HTML ##### Generation of HTML
Plugin overchan is notified by SRNd about new articles and (re)generates `thread-$id.html` and its parent board with up to 10 root posts for each site. For each new article without `X-sage` header the corresponding thread will be bumped to the first page. For new posts, corresponding pictures are created and thumbnailed. Plugin overchan is notified by SRNd about new articles and (re)generates `thread-$id.html` and its parent board with up to 10 root posts for each site. For each new article without `X-sage` header the corresponding thread will be bumped to the first page. For new posts, corresponding pictures are created and thumbnailed.
####NNTP News reader applications #### NNTP News reader applications
Through the use of the standard MIME format, news reader applications like Mozilla Thunderbird or Pan can also read and post directly to the chan newsserver. Each chan will appear as a root post, while additional posts will appear as replies directly to the root post. Through the use of the standard MIME format, news reader applications like Mozilla Thunderbird or Pan can also read and post directly to the chan newsserver. Each chan will appear as a root post, while additional posts will appear as replies directly to the root post.
News readers have some features the chan software may not have: multiple attachments, non-image attachments, subject, posts referencing non-root posts, HTML text. News readers have some features the chan software may not have: multiple attachments, non-image attachments, subject, posts referencing non-root posts, HTML text.
Open question: how should this be handled by the chan software for viewing? Open question: how should this be handled by the chan software for viewing?
##Extensions ## Extensions
###Control suggestion ### Control suggestion
A control suggestion is a single message containing lines with commands, message-ID and extra information separated by spaces. A control suggestion is a single message containing lines with commands, message-ID and extra information separated by spaces.
####Commands #### Commands
sticky: sticky this thread sticky: sticky this thread
delete-x-all: delete all attachments from this article delete-x-all: delete all attachments from this article
delete: delete the whole article delete: delete the whole article
####Format #### Format
Content-Type: text/plain; charset=UTF-8 Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit Content-Transfer-Encoding: 8bit
@ -220,7 +220,7 @@ A control suggestion is a single message containing lines with commands, message
Messages to control are separated by at least one line break. Messages to control are separated by at least one line break.
####Examples #### Examples
Delete all attachments from message with ID ``message-ID`` Delete all attachments from message with ID ``message-ID``
@ -230,17 +230,17 @@ Please sticky thread with OP ``message-ID`` till UNIX timestamp ``1380000000``
sticky <message-ID> unix_timestamp 1380000000 sticky <message-ID> unix_timestamp 1380000000
####Convention #### Convention
We send control suggestions to newsgroup ``ctl``. Full deletion of a root post results in removal of corresponding thread. We send control suggestions to newsgroup ``ctl``. Full deletion of a root post results in removal of corresponding thread.
####Signatures #### Signatures
As users give their secret key to the frontend they expect every form field to be verified on all ends. This includes the comment field and headers. In the following we suggest a protocol to sign optional headers. As users give their secret key to the frontend they expect every form field to be verified on all ends. This includes the comment field and headers. In the following we suggest a protocol to sign optional headers.
We sign a SHA512 hash of the message body using primitive Ed25519 as defined by SUPERCOP and libsodium. Therefore this system does not inherit any collision resilience from Ed25519, a hash collision is a signature collision. We sign a SHA512 hash of the message body using primitive Ed25519 as defined by SUPERCOP and libsodium. Therefore this system does not inherit any collision resilience from Ed25519, a hash collision is a signature collision.
Signing M vs. Signing H(M) Signing M vs. Signing H(M)
method space time method space time
@ -254,7 +254,7 @@ Signing M vs. Signing H(M)
Input for block based hashing algorithms like SHA-512 can be streamed, only keeping a fixed blocked size in memory instead of all blocks. In case of SHA-512 these message blocks are 1024 bit and the hash to sign 512 bit. Optimized ``S(H(M))`` implementations require a constant amount memory as opposed to a linear requirement in ``S(M)``. Input for block based hashing algorithms like SHA-512 can be streamed, only keeping a fixed blocked size in memory instead of all blocks. In case of SHA-512 these message blocks are 1024 bit and the hash to sign 512 bit. Optimized ``S(H(M))`` implementations require a constant amount memory as opposed to a linear requirement in ``S(M)``.
####Format for signing messages (RFC 822) #### Format for signing messages (RFC 822)
Outer headers start with ``Content-Type: message/rfc822`` when there are signed headers or at least an attachment, Outer headers start with ``Content-Type: message/rfc822`` when there are signed headers or at least an attachment,
which requires ``Content-Type: multipart/mixed`` to be signed as well as an inner header. which requires ``Content-Type: multipart/mixed`` to be signed as well as an inner header.
@ -275,7 +275,7 @@ Please include a ``Content-Type`` header in the inner message as suggested by RF
S(SK,M) function that will sign an arbitrary amount of octets M using Ed25519 with secret key SK, returning only the first 64 bytes S(SK,M) function that will sign an arbitrary amount of octets M using Ed25519 with secret key SK, returning only the first 64 bytes
take32 function that takes any amount of binary data and returns the first 32 bytes take32 function that takes any amount of binary data and returns the first 32 bytes
#####Example ##### Example
Content-Type: message/rfc822; charset=UTF-8 Content-Type: message/rfc822; charset=UTF-8
Content-Transfer-Encoding: 8bit Content-Transfer-Encoding: 8bit
@ -287,13 +287,13 @@ Please include a ``Content-Type`` header in the inner message as suggested by RF
Path: censorship.fleet Path: censorship.fleet
X-pubkey-ed25519: 37c16fa40c2bade813b53b65107a064d02becfa5635acf3241003a61cb137ea3 X-pubkey-ed25519: 37c16fa40c2bade813b53b65107a064d02becfa5635acf3241003a61cb137ea3
X-signature-ed25519-sha512: a850ccd788d71ed19de8dfa061b9f1f4f506810a01ed1391433e893a3e6305b4944168760d97f2517bcfe786aef1ccfc34fb7bb1b77531 82aebf2bdd0303150f X-signature-ed25519-sha512: a850ccd788d71ed19de8dfa061b9f1f4f506810a01ed1391433e893a3e6305b4944168760d97f2517bcfe786aef1ccfc34fb7bb1b77531 82aebf2bdd0303150f
Content-Type: text/plain; charset=UTF-8 Content-Type: text/plain; charset=UTF-8
Date: Thu, 02 May 2013 12:16:44 +0000 Date: Thu, 02 May 2013 12:16:44 +0000
delete-x-all <message-ID> delete-x-all <message-ID>
delete <message-ID> delete <message-ID>
delete <message-ID delete <message-ID
In this example header Date needs verification, too. In this example header Date needs verification, too.
@ -310,16 +310,16 @@ The following part is signed:
Above example in octets: Above example in octets:
Content-Type: text/plain; charset=UTF-8\\r\\nDate: Thu, 02 May 2013 12:16:44 +0000\\r\\n\\r\\ndelete-x-all <message-ID>\\r\\ndelete <message-ID>\\r\\n\\r\\ndelete <message-ID> Content-Type: text/plain; charset=UTF-8\\r\\nDate: Thu, 02 May 2013 12:16:44 +0000\\r\\n\\r\\ndelete-x-all <message-ID>\\r\\ndelete <message-ID>\\r\\n\\r\\ndelete <message-ID>
###RPC ### RPC
Remote procedure calls can be sent via ``ctl`` or on a group basis by using the group ``ctl.overchan.*``, where * is the group for which you want to execute a certain operation. Remote procedure calls can be sent via ``ctl`` or on a group basis by using the group ``ctl.overchan.*``, where * is the group for which you want to execute a certain operation.
####Default format #### Default format
The default format uses the MIME type ``text/plain`` where the first line of the body opens an array with ``[`` the next line is the name of the procedure you want to call, and on the lines following you can add one or more parameters. Each of these lines is terminated with `,` and indention can be added as well. The arry is closed with `]`. The default format uses the MIME type ``text/plain`` where the first line of the body opens an array with ``[`` the next line is the name of the procedure you want to call, and on the lines following you can add one or more parameters. Each of these lines is terminated with `,` and indention can be added as well. The arry is closed with `]`.
#####Example ##### Example
Content-Type: text/plain; charset=UTF-8 Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit Content-Transfer-Encoding: 8bit
@ -336,11 +336,11 @@ The default format uses the MIME type ``text/plain`` where the first line of the
350, 350,
] ]
####JSON RPC #### JSON RPC
If the MIME type is specified as ``application/json`` the body is interpreted as [JSON RPC](http://json-rpc.org/). If the MIME type is specified as ``application/json`` the body is interpreted as [JSON RPC](http://json-rpc.org/).
#####Example ##### Example
Content-Type: application/json; charset=UTF-8 Content-Type: application/json; charset=UTF-8
Content-Transfer-Encoding: 8bit Content-Transfer-Encoding: 8bit
@ -352,31 +352,31 @@ If the MIME type is specified as ``application/json`` the body is interpreted as
Path: hschan.ano Path: hschan.ano
{"method": "setSetting", "params": ["bumplimit", "350"], "id": null} {"method": "setSetting", "params": ["bumplimit", "350"], "id": null}
####Additional details #### Additional details
As described above, muliple RPC's can be sent via the multipart format. It is also expected that these articles are signed. As described above, muliple RPC's can be sent via the multipart format. It is also expected that these articles are signed.
##Glossary ## Glossary
###chan specific ### chan specific
####root post #### root post
original post original post
####OP #### OP
original post original post
####thread #### thread
a collection of messages starting with the original post followed by messages referencing it ordered by date a collection of messages starting with the original post followed by messages referencing it ordered by date
####bump #### bump
newest post will be shown first with corresponding thread newest post will be shown first with corresponding thread
###sticky ### sticky
thread is temporarily 'bumped' by the frontend and sticks there regardless of newer posts thread is temporarily 'bumped' by the frontend and sticks there regardless of newer posts

View File

@ -1,11 +1,11 @@
`feeds.ini` `feeds.ini`
=========== ===========
##Peering ## Peering
In order to actually be distributed, you need another person to sync posts with, otherwise what's the point right? In order to actually be distributed, you need another person to sync posts with, otherwise what's the point right?
###Peering over the regular internet with TLS ### Peering over the regular internet with TLS
Requirements: Requirements:
@ -29,7 +29,7 @@ If Alice owns `nntp.alice.net` and Bob owns `nntp.bob.com` and are both using po
[feed-bob] [feed-bob]
host = nntp.bob.com host = nntp.bob.com
port = 1199 port = 1199
[bob] [bob]
overchan.* = 1 overchan.* = 1
ctl = 1 ctl = 1
@ -64,13 +64,13 @@ Alice keeps `overchan-alice-nntp.alice.net.key` secret and never shares it
Bob keeps `overchan-bob-nntp.bob.com.key` secret and never shares it Bob keeps `overchan-bob-nntp.bob.com.key` secret and never shares it
###Peering Authentication with passwords ### Peering Authentication with passwords
adding / removing credentials via the command line: adding / removing credentials via the command line:
# add an nntp login via command line # add an nntp login via command line
srndv2 tool nntp add-login user-name-here pass-word-here srndv2 tool nntp add-login user-name-here pass-word-here
# remove an nntp login via command line # remove an nntp login via command line
srndv2 tool nntp del-login user-name-here srndv2 tool nntp del-login user-name-here
@ -90,9 +90,9 @@ Example `feeds.ini`:
[authenticated] [authenticated]
overchan.* = 1 overchan.* = 1
ctl = 1 ctl = 1
###Peering over Tor
### Peering over Tor
Install Tor Install Tor
@ -126,7 +126,7 @@ Then to peer with someone over tor add this to you feeds.ini
ctl=1 ctl=1
##Options ## Options
####You need one connection and one settings block for each connection ####You need one connection and one settings block for each connection
@ -157,7 +157,7 @@ Connection settings for a peer
proxy-type=socks4a proxy-type=socks4a
proxy-host=127.0.0.1 proxy-host=127.0.0.1
proxy-port=9050 proxy-port=9050
Proxy settings, straight forward. Supported proxy types are `socks4a` and `none` Proxy settings, straight forward. Supported proxy types are `socks4a` and `none`
[them.onion] [them.onion]
@ -166,7 +166,7 @@ NNTP synchronization settings
overchan=1 overchan=1
Sync all boards, use Sync all boards, use
overchan.bad=0 overchan.bad=0
@ -180,6 +180,6 @@ This WILL be the nntpchan pastebin, but it's not implemented yet
Allows you to recieve moderation notifications from other boards, it's also used for decentralized moderation Allows you to recieve moderation notifications from other boards, it's also used for decentralized moderation
##Alternative config location ## Alternative config location
If you would like to have your feeds.ini somewhere other than in the working directory, you can set the `SRND_FEEDS_INI_PATH` environment variable. For example, if you would like to use `/etc/nntpchan/meems.ini`, edit `~/.profile` and add `export SRND_FEEDS_INI_PATH=/etc/nntpchan/meems.ini`. If you would like to have your feeds.ini somewhere other than in the working directory, you can set the `SRND_FEEDS_INI_PATH` environment variable. For example, if you would like to use `/etc/nntpchan/meems.ini`, edit `~/.profile` and add `export SRND_FEEDS_INI_PATH=/etc/nntpchan/meems.ini`.

View File

@ -3,7 +3,7 @@ Moderating NNTPChan
Once you have done [the initial setup you](setting-up.md) you can grant users mod privileges. Once you have done [the initial setup you](setting-up.md) you can grant users mod privileges.
###Generate TripCode ### Generate TripCode
Navigate to http://[yourNodeURL]/mod/keygen (e.g. http://oniichanylo2tsi4.onion/mod/keygen) and save both your secret an public key. Navigate to http://[yourNodeURL]/mod/keygen (e.g. http://oniichanylo2tsi4.onion/mod/keygen) and save both your secret an public key.
@ -11,7 +11,7 @@ E.g.
![Image 0](tripcode-1.png) ![Image 0](tripcode-1.png)
###Use TripCode ### Use TripCode
If you want to be uniquely identified when posting on NNTPChan you can 'authenticate' yourself by putting in the name field name#yourprivatekey If you want to be uniquely identified when posting on NNTPChan you can 'authenticate' yourself by putting in the name field name#yourprivatekey
@ -22,7 +22,7 @@ E.g.
![Image 1](tripcode-0.png) ![Image 1](tripcode-0.png)
###Add Moderators ### Add Moderators
To add a new moderator you need to ask for his public key. Then following [Managing your NNTPChan node with the CLI](cli.md): To add a new moderator you need to ask for his public key. Then following [Managing your NNTPChan node with the CLI](cli.md):

View File

@ -3,13 +3,13 @@ Configuring NNTPChan
This document provides a step-by-step guide to configurin your NNTPChan node. This document provides a step-by-step guide to configurin your NNTPChan node.
##Configuring via web-interface (WIP) ## Configuring via web-interface (WIP)
You can configure NNTPChan via the web-interface by navigating your browser to http://127.0.0.1:18000. You can configure NNTPChan via the web-interface by navigating your browser to http://127.0.0.1:18000.
<hr> <hr>
###Selecting your data-storage system ### Selecting your data-storage system
![Image 1](http://i.imgur.com/l9iiXxB.png) ![Image 1](http://i.imgur.com/l9iiXxB.png)
@ -17,34 +17,22 @@ First your will be asked what data-storage system you would like to use. We supp
<hr> <hr>
####Redis configuration
![Image 2](http://i.imgur.com/HDp4Ddf.png) #### Postgres configuration
**First** [Install and Configure Redis database](database/redis/configure-redis.md).
**Then** fill in the fields below:
* **Hostname or IP Address** - This is the hostname or IP address of your Redis server (I would run it locally on 127.0.0.1 to be safe).
* **Port number** - The port that your Redis server is running on.
* **Password** - Optional authentication password for Redis ([Setting up a Redis password](database/redis/securing-redis.md)).
<hr>
####Postgres configuration
![Image 3](http://i.imgur.com/WPXedZB.png) ![Image 3](http://i.imgur.com/WPXedZB.png)
**First** [Install and Configure Postgres database](database/postgres/configure-postgres.md). **First** [Install and Configure Postgres database](database/postgres/configure-postgres.md).
**Then** fill in the fields below: **Then** fill in the fields below:
* **Hostname or IP Address** - This is the hostname or IP address of your Postres server (I would run it locally on 127.0.0.1 to be safe). * **Hostname or IP Address** - This is the hostname or IP address of your Postres server (I would run it locally on 127.0.0.1 to be safe).
* **Port number** - This is the port that your Postgres server is running on. * **Port number** - This is the port that your Postgres server is running on.
* **Username** - The username for Postgres. * **Username** - The username for Postgres.
* **Password** - The password for Postgres. * **Password** - The password for Postgres.
<hr> <hr>
###Configuring the NNTP server ### Configuring the NNTP server
![Image 4](http://i.imgur.com/FXxShtu.png) ![Image 4](http://i.imgur.com/FXxShtu.png)
@ -56,7 +44,7 @@ Fill in the fields required for the NNTP server.
* **Allow attachments from anonymous posters** - Check the box if you want to allow anonymous posters to add attachments to their posts. * **Allow attachments from anonymous posters** - Check the box if you want to allow anonymous posters to add attachments to their posts.
* **Require TLS for incoming connections** - Check the box if NNTP connections must be encrypted and authenticated with TLS (highly recommended). * **Require TLS for incoming connections** - Check the box if NNTP connections must be encrypted and authenticated with TLS (highly recommended).
###Configuring TLS ### Configuring TLS
![Image 5](http://i.imgur.com/EjkrjTT.png) ![Image 5](http://i.imgur.com/EjkrjTT.png)
@ -65,7 +53,7 @@ Fill in the fields required for the TLS security system.
* **Hostname or IP address** - Represents the `Common Name (CN)` in the TLS certificate * **Hostname or IP address** - Represents the `Common Name (CN)` in the TLS certificate
* **TLS keyname** - Represents the `Organization (O)` in the TLS certificate. Most nodes use `overchan`. * **TLS keyname** - Represents the `Organization (O)` in the TLS certificate. Most nodes use `overchan`.
###Set paths to external programs ### Set paths to external programs
![Image 6](http://i.imgur.com/hBXYJDo.png) ![Image 6](http://i.imgur.com/hBXYJDo.png)
@ -75,12 +63,11 @@ NNTPChan needs to know the paths to the listed programs on your system.
* **ffmpeg path** - Path to the `ffmpeg` program. * **ffmpeg path** - Path to the `ffmpeg` program.
* **sox path** - Path to the `sox` program. * **sox path** - Path to the `sox` program.
##Manual configuration (WIP) ## Manual configuration (WIP)
Check out the following in order: Check out the following in order:
1. Setting up data-storage system (choose i or ii) 1. Setting up data-storage system (choose i or ii)
1. [Setting up using Postgres](database/postgres/configure-postgres.md) 1. [Setting up using Postgres](database/postgres/configure-postgres.md)
2. [Setting up using Redis](database/redis/configure-redis.md)
2. [Setting up NNTPChan system](srnd.md) 2. [Setting up NNTPChan system](srnd.md)
3. [Setting up feeds](feeds.md) 3. [Setting up feeds](feeds.md)

View File

@ -65,78 +65,78 @@ json-api-password=seriously-fucking-change-this-value
api-secret=RTZP5JZ2XGYCY=== api-secret=RTZP5JZ2XGYCY===
```` ````
##`[nntp]` ## `[nntp]`
All NNTP server-related settings. All NNTP server-related settings.
####instance_name #### instance_name
This is the name for your NNTP server. I don't really know what the point of it is, but hey its there (FIXME). This is the name for your NNTP server. I don't really know what the point of it is, but hey its there (FIXME).
####bind #### bind
This is where you put the address and port that you would like the NNTP server to run on where `x` is the address and `y` is the port in `bind=x:y`. This is where you put the address and port that you would like the NNTP server to run on where `x` is the address and `y` is the port in `bind=x:y`.
####sync_on_start #### sync_on_start
* When this is set to `1` your NNTP server will sync articles with its peers on startup. * When this is set to `1` your NNTP server will sync articles with its peers on startup.
* When this is set to `0` then no syncing will take place on startup. * When this is set to `0` then no syncing will take place on startup.
####allow_anon #### allow_anon
* When this is set to `1`, posts made from anonymizing networks will be synced from peers. * When this is set to `1`, posts made from anonymizing networks will be synced from peers.
* When this is set to `0`, posts made from anonymizing networks will not be synced from peers. * When this is set to `0`, posts made from anonymizing networks will not be synced from peers.
####allow_anon_attachments #### allow_anon_attachments
* When this is set to `1`, attachments posted from anonymizing networks will be syncdd from peers. * When this is set to `1`, attachments posted from anonymizing networks will be syncdd from peers.
* When this is set to `0`, attachments posted from anonymizing networks will not be synced from peers. * When this is set to `0`, attachments posted from anonymizing networks will not be synced from peers.
Nodes with `allow_anon_attachments` disabled will not receive threads with images posted from anonymizing networks. Likewise, the thread replies will not sync. In the case where an anonymized user posts an image reply and the node has `allow_anon_attachments` disabled, text posts without attachments replying to the non-synced image post will appear to be "ghosted". Nodes with `allow_anon_attachments` disabled will not receive threads with images posted from anonymizing networks. Likewise, the thread replies will not sync. In the case where an anonymized user posts an image reply and the node has `allow_anon_attachments` disabled, text posts without attachments replying to the non-synced image post will appear to be "ghosted".
####allow_attachments #### allow_attachments
* When this is set to `1` posters may attach images to their posts. * When this is set to `1` posters may attach images to their posts.
* When this is set to `0` posters may not attach images to their posts. * When this is set to `0` posters may not attach images to their posts.
####require_tls #### require_tls
* When this is set to `1` then any NNTP connection to this server will need to use TLS. * When this is set to `1` then any NNTP connection to this server will need to use TLS.
* When this is set to `0` then any NNTP connection to this server will not need to use TLS (but it could? - FIXME) * When this is set to `0` then any NNTP connection to this server will not need to use TLS (but it could? - FIXME)
####anon_nntp #### anon_nntp
* When this is set to `1`, the SRNdv2 server will send unauthenticated peers its articles. * When this is set to `1`, the SRNdv2 server will send unauthenticated peers its articles.
* When this is set to `0`, peers will need to be authenticated to sync articles. * When this is set to `0`, peers will need to be authenticated to sync articles.
####feeds #### feeds
* Feeds configurations can optionally be stored in a directory of your choosing (the default is `feeds.d` in the working directory). Any ini files located in this directory will be loaded. * Feeds configurations can optionally be stored in a directory of your choosing (the default is `feeds.d` in the working directory). Any ini files located in this directory will be loaded.
####archive #### archive
* When this is set to `1`, the daemon will never expire posts. * When this is set to `1`, the daemon will never expire posts.
* When this is set to `0`, the daemon will delete old posts. FIXME: under what conditions? * When this is set to `0`, the daemon will delete old posts. FIXME: under what conditions?
##`[pprof]` ## `[pprof]`
All pprof-related settings. All pprof-related settings.
####enable #### enable
* When this is set to `1` pprof is enabled. * When this is set to `1` pprof is enabled.
* When this is set to `0` pprof is disabled. * When this is set to `0` pprof is disabled.
####bind #### bind
* Bind to an address and port for use with `go tool pprof` * Bind to an address and port for use with `go tool pprof`
##`[frontend]` ## `[frontend]`
#####minimize_html ##### minimize_html
* `0`: Do not minimize HTML * `0`: Do not minimize HTML
* `1`: Minimize HTML * `1`: Minimize HTML
##Placing configuration elsewhere ## Placing configuration elsewhere
By default, `srnd.ini` must be placed in the working directory (wherever you have the `srndv2` binary). If you want to place the `srnd.ini` config file elsewhere, you can define an environment varialbe in the `~/.profile` for the user that runs `srndv2`. By default, `srnd.ini` must be placed in the working directory (wherever you have the `srndv2` binary). If you want to place the `srnd.ini` config file elsewhere, you can define an environment varialbe in the `~/.profile` for the user that runs `srndv2`.
If you would like to use, for example, `/etc/nntpchan/my_srnd_config.ini`, simply add `export SRND_INI_PATH=/etc/nntpchan/my_srnd_config.ini` to `~/.profile`. If you would like to use, for example, `/etc/nntpchan/my_srnd_config.ini`, simply add `export SRND_INI_PATH=/etc/nntpchan/my_srnd_config.ini` to `~/.profile`.