# copy example custompages for rules and faq and edit
@ -159,6 +159,7 @@ $ gulp #run default gulp task
EITHER:
- Install docker and run torproxy in a container: https://github.com/dperson/torproxy (of course, audit the docker image yourself). This is the easiest, free way to get a proxy setup and means you can also follow .onions in your webring list since requests will go through tor.
- Use the socks proxy already provided by the tor daemon
- Use your own socks proxy
Edit configs/webring.json with your proxy address and set enabled: true
@ -170,8 +171,6 @@ Edit configs/webring.json with your proxy address and set enabled: true
$ git pull
#install dependencies again in case any have updated or changed
$ npm install
#diff the config files to see if anything changed and edit accordingly. OR backup your config, replace it with the fresh example, and update it with whatever settings you want to keep from your backup.
update global manage settings pug template (idea: show names of perm levels)
---
callback for perms level check to delete board
call gulp tasks for images, captcha, css, html, (e.g. change captcha type, clear html) etc from within chan or build-worker probs build worker. in the globalmanagesettings model? actually DUH just make the gulp tasks exported as a map then pass a build task with task name
uhhh, need to make the defaults built into the db, i guess part of gulp reset,
AND a migration for existing sites to import from configs/main (since the options structure not changing yet)
set max, min, maxlength, etc in views/pages/globalmanagesettings
make perm levels everywhere into an enum (if they dont exist just freeze an object)
proper validation for dnsbl URL/ips
proper validation for extra mimetypes < probably kinda important
refactor every controller to the new format.. holy FUCK
proper validation for thumbnail file extension
allow regex for filterFileNames
refactor every controller to the new format.. holy FUCK. The schema could be mate even shorter, 2 ideas:
1. dont include expected if its false, since thats the default
2. make the errors smartly generated to a point, and the 'error' can be provided optional for special cases
//enable secure cookies, only use with https/not tor
secureCookies: true,
//check referrer to prevent some CSRF attack
refererCheck: true,
refererCheck: false,
//list of allowed host for checking referrer
allowedHosts: ['domain.com', 'www.domain.com'],
allowedHosts: [],
//header for country codes
countryCodeHeader: 'x-country-code',
@ -35,35 +15,27 @@ module.exports = {
//data used in opengraph meta tags. used to generate link previews in e.g. discord, twitter, etc
meta: {
siteName: 'imageboard',
url: 'https://domain.com'
siteName: '',
url: ''
},
//settings for captchas
captchaOptions: {
type: 'grid', //"text", "grid", "hcaptcha" or "google". If using google/hcaptcha, make sure your CSP header in nginx config allows the google/hcaptcha domain.
generateLimit: 1000, //max number of captchas to have generated at any time, prevent mass unsolved captcha spam, especially on TOR.
google: { //options for google captcha, when captcha type is google
/* dnsbl, will add a small delay for uncached requests. You could also install some
/* dnsbl, will add a small delay for uncached requests. You could also install some
kind of dns cache e.g. unbound to improve performance. DNSBL only checked for posting */
dnsbl: {
enabled: false,
@ -74,8 +46,7 @@ module.exports = {
//disable file posting over anonymizers globally, overrides any board setting.
disableAnonymizerFilePosting: false,
/* count "IP"s (bypass ids) for anonymizers as "users" in stats. if set to false, anonymous users are counted as a single user. doesnt affect pph stat.
you can use this setting to prevent spam over anonymizers from inflating user stats */
//count anon posters (e.g. loki, tor .onion) as "users" in stats. if set to false, all .onion is counted as a single user. doesnt affect pph stat.
statsCountAnonymizers: true,
floodTimers: { //basic delays to stop flooding, in ms. 0 to disable
@ -86,9 +57,9 @@ module.exports = {
//block bypasses
blockBypass: {
enabled: false,
forceAnonymizers: true, //option to override blockbypass setting for .onion users
expireAfterUses: 40, //however many (attempted) posts per block bypass captcha
enabled: true,
forceAnonymizers: true,
expireAfterUses: 50, //however many (attempted) posts per block bypass captcha
expireAfterTime: 86400000, //expiry in ms regardless if the limit was reached, default 1 day
bypassDnsbl: false,
},
@ -101,7 +72,10 @@ module.exports = {
/* delete files immediately rather than pruning later. usually disabled to prevent re-thumbnailing and processing commonly
uploaded files, but deleting immediately is better if you are concerned about "deleted" content not being immediately removed */
pruneImmediately: false,
pruneImmediately: true,
//do not use
hashImages: false,
rateLimitCost: { //Cost out of 100 per minute e.g. cost of 25 means 4 per minute. Cost is separate for each.
captcha: 10,
@ -112,28 +86,25 @@ module.exports = {
//how many threads to show on overboard index view
overboardLimit: 20,
//how many threads to show on overboard catalog view
overboardCatalogLimit: 50,
overboardCatalogLimit: 100,
//cache templates in memory. disable only if editing templates and doing dev work
cacheTemplates: true,
//log extra info for debugging
debugLogs: true,
//max wait time in ms for obtaining locks for saving files
lockWait: 3000,
//optionally prune modlog entries older than x days, false to disable (prunes when newer modlog entries are generated i.e. dead boards wont have older logs pruned)
//optionally prune modlog entries older than x days
pruneModlogs: 30,
//option to prune ips on posts older than x days, false to disable
pruneIps: false,
//option to prune ips on posts older than x days
pruneIps: 0,
//enable the webring (also copy configs/webring.json.example -> configs/webring.json and edit)
enableWebring: false,
//let all users create new boards
enableUserBoardCreation: true,
enableUserBoardCreation: false,
//let all users register new accounts
enableUserAccountCreation: true,
@ -141,12 +112,11 @@ module.exports = {
thumbExtension: '.jpg',
//.gif images > thumbnail size will have animated .gif thumbnails, overriding thumbExtension
animatedGifThumbnails: false,
/* Recommended if animatedGifThumbnails is true. Uses ffmpeg for faster animated gif thumbnailing. Requires ffmpeg
>=4.3.x to handle transparent gifs properly. You can install from debian testing repo, or compile from source. */
ffmpegGifThumbnails: true,
//generate waveform thumbnails for audio
audioThumbnails: false,
audioThumbnails: true,
/* if animatedGifThumbnails is true, use ffmpeg for better animated gif thumbnailing. Recommended.
requires ffmpeg >=4.3.x. You can install from debian testing repo, or compile from source. */
ffmpegGifThumbnails: true,
//max thumb dimensions (square) in px
thumbSize: 250,
@ -155,12 +125,12 @@ module.exports = {
videoThumbPercentage: 5,
/* extra mime types for files to be uploaded as attachments (no thumbnails) e.g. text files/archives
NOTE: appropriate extensions will need to be added to nginx configuration, and uncomment the provided
NOTE: appropriate extensions will need to be added to nginx configuration, and uncommend the provided
"other files" section which includes an example configuration for .txt files to match this default config.
mime types and file extension does not always correspond exactly this cant be done automatically. */
mime types and file extention does not always correspond exactly this cant be done automatically. */
otherMimeTypes: [
'text/plain',
'application/pdf'
'application/pdf',
],
//check the real mime type of uploaded files
@ -174,8 +144,8 @@ module.exports = {
//max number of quotes that will be linked in a post. 0 for unlimited (not recommended)
quoteLimit: 25,
//apply global filters more aggressively, trying against extra text that strips diacritics and some ZWS chars
strictFiltering: false,
//aply global filters more aggressively, trying against extra text that strips diacritics and some ZWS chars
strictFiltering: true,
//how many replies to show on index pages under each OP
previewReplies: 5,
@ -189,7 +159,7 @@ module.exports = {
early404Replies: 5,
//how many of the most recent newsposts to show on the homepage
maxRecentNews: 3,
maxRecentNews: 5,
/* filter filenames on posts and banners
false=no filtering
@ -245,14 +215,14 @@ module.exports = {
},
replyLimit: { //number of replies to a thread, thread is locked after this limit is reached
min: 10,
max: 500
max: 1000
},
bumpLimit: { //number of replies to a thread before it wont get bumped anymore
min: 10,
max: 500
max: 1000
},
postFiles: { //number of files in a post
max: 3
max: 5
},
postFilesSize: { //in bytes, 10MB default
max: 10485760
@ -261,8 +231,8 @@ module.exports = {
width: 300, //banner image max width in px
height: 100, //banner image max height in px
forceAspectRatio: true, //enforce 3:1 aspect ratio
max: 10, //max number of banners uploadable at once
total: 100, //max number of banners for a board in total
max: 10, //number of banners uploadable in one request
total: 100, //max number of banners for a board
},
bannerFilesSize: { //in bytes, 10MB default
max: 10485760
@ -276,7 +246,7 @@ module.exports = {
email: 100,
subject: 100,
postpassword: 100,
message: 4000,
message: 20000,
//reports/post actions
report_reason: 100,
ban_reason: 100,
@ -304,21 +274,22 @@ module.exports = {
]
},
customPages: {
max: 5, //max number of custom pages per board
max: 10, //max number of custom pages per board
maxLength: 10000, //max number of characters to allow per page
}
},
//default frontend script settings
frontendScriptDefault: {
heightUnlimit: false, //allow images to expand taller than window height
embedsEnabled: true, //show [embed] toggle next to embeddable video links
heightUnlimit: false, //allow images taller than window height