xssbook/README.md

52 lines
2.4 KiB
Markdown
Raw Permalink Normal View History

2023-01-28 18:14:53 +00:00
# xssbook
**description**
who doesn't want to run non free javascript
now with xssbook you can run as much stallman disapprovement as you want
- all inputs on the site are unfiltered
- api calls dont care what you send them as long as they are valid strings
- /console page to see everyones amazing api calls
2023-01-30 00:28:48 +00:00
- /admin page for adnim things
2023-02-03 16:42:32 +00:00
- /api for api documentation
2023-01-28 18:14:53 +00:00
**installation**
The project is written in rust, so you can build it by running
`cargo build --release`
2023-01-29 03:21:18 +00:00
Next, make sure where you are runing the binary from, that you copy the sources public folder to the same directory. The public folder is needed to server html, css, js, and font files.
2023-01-28 18:14:53 +00:00
2023-01-30 00:28:48 +00:00
Next, the /admin page is protected by a set secret. By default this is set to admin, but you should change it by setting the `SECRET` environment variable.
2023-01-28 18:15:45 +00:00
Finally, the site runs on port `8080`, so its recommended you put it behind a reverse proxy, or you could use a docker container and remap the outsite port (see below).
2023-01-28 18:14:53 +00:00
**docker**
If you want to run it in a docker container a premade dockerfile is here for you
`docker build -f deployments/docker/Dockerfile -t xssbook .`
There is also a docker-compose.yml file for your reference in the /deployments/docker folder.
2023-02-01 03:21:19 +00:00
There are two volumes you have to make for the container. First one for the database otherwise all data will be wiped upon container restart. You only should volume the database file so create the vollume with the directory below.
`touch [your directory]/xssbook.db`
2023-01-28 18:14:53 +00:00
`-v [your directory]/xssbook.db:/data/xssbook.db`
2023-02-01 03:21:19 +00:00
You have to create the database file beforehand because otherwise docker will create a folder there instead, and then the program will crash when it tries to load a folder as a database.
2023-01-28 18:14:53 +00:00
2023-02-01 03:21:19 +00:00
Finally, you have to make a volume to store custom user avatars and banners. Without this, this data too will be lost upon contaienr restart. To make the volume simply run this with your container.
2023-01-28 18:14:53 +00:00
2023-02-01 03:21:19 +00:00
`-v [another directory]:/data/public/image/custom`
2023-01-28 18:14:53 +00:00
2023-01-29 03:21:18 +00:00
**reverse proxy**
Finally if you are using docker by itself, a reverse proxy, or both, the ip send to the container likily will not be the correct ip. xssbook looks for headers `x-forwarded-for`, `x-real-ip`, and `forwarded` to check for proxies. So make sure to have those headers set. Or if your running just docker, you could also run the docker container on the host network instead of on the bridge network.
2023-01-28 18:14:53 +00:00
**license**
This amazing project is licensed under the WTFPL