update xssbook to work with crimson updates

6 files changed, 96 insertions, 55 deletions

diff --git a/.env b/.env
deleted file mode 100644
index 5c21f53..0000000
--- a/.env
+++ /dev/null
@@ -1,44 +0,0 @@
-# ============================= GENERAL ==
-
-# project directory (absolute path)
-# WARNING: CHANGE ME!!!
-PROJECT_DIR="<CHANGE ME!>"
-
-# project name
-PROJECT_NAME="xssbook"
-SOURCE="$PROJECT_DIR/src"
-DATA="$PROJECT_DIR/data"
-
-# production or devlopment
-ENVIRONMENT="production"
-
-# ================================= WEB ==
-
-# What port to listen on
-HTTP_PORT=80
-HTTP_BIND=127.0.0.1
-
-# ============================ DATABASE ==
-
-# Do we want the postgres database enabled
-POSTGRES_ENABLED=true
-
-# Database authentication
-POSTGRES_DB=xssbook
-POSTGRES_USER=xssbook
-POSTGRES_PASSWORD=xssbook
-
-# ================================= API ==
-
-# Do we want the postgrest api enabled
-API_ENABLED=true
-
-# API Jwt Secret
-# WARNING: CHANGE ME!!!
-API_SECRET="809d5fca7979a5fbe184fae76fc53c5c587fd521bf06eb34585fd5d6a3fcbc10573aaf88a2a52fa5457223f78e3a6df4cd3135e0d0b60e84d49b28f634cb19c5ca29c9da88bd46b8f1b639bfde4b9515829031503debce3e85cf07bb224a9a3efa29b26adfeec42abf345eaf2fe828648a14b9e6b7e9a48a9bdc8607b8172251d3bdfa2dcf0c7f4368350e00a7b4bc3c975d37e5f8db031d32ec329c869f562c39358748926a9e26efd28bb15085c14de8b064ea2f8f8c58606c7dfe19721a1a0ad7deb2d5f5cc6f96fa0bdaf624cdfa196fcb802fc508b9e0328207897a7071857f87f89147d065d5c712fc7c7cc4dd1743a55a42dade16e3e86f905cf2ca28"
-
-# API Anonymous role
-API_ROLE="rest_anon"
-
-# API schema
-API_SCHEMA="api"
diff --git a/.gitignore b/.gitignore
index ee70994..5d6f458 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,4 @@
+.env
 data
 src/public/css/*
 src/scss/_variables.scss
diff --git a/README.md b/README.md
index f291e21..5afcf94 100644
--- a/README.md
+++ b/README.md
@@ -16,22 +16,35 @@ To get the checkout run:
 ```sh
 git clone https://g.freya.cat/freya/xssbook2 xssbook2
 cd xssbook2
+git submodule update --init
 ```
 
-XSSBook v2 runs in docker compose. To run, you MUST do ALL of the following:
+XSSBook v2 runs in docker compose. Do ALL of the following:
 
-    - Update PROJECT_DIR in .env to be an absolute path to your current directory
-    - Build all css source from sass by running `make`
-    - Use `site/compose` instead of docker compose
+- MUST Copy `example.env` to `.env`
+- MUST update the following settings in `.env`
+  - `API_SECRET` - Your own private JWT secret
+  - `XSSBOOK_*` - Domain info for XSSBook is being hosted
+    - NOT REQUIRED in [development](https://g.freya.cat/freya/crimson/src/branch/main/src/config.php#L20) mode
+- MAY want to update the following settings in `.env`
+  - `HTTP_BIND` - The addresses XSSBook will listen on
+  - `HTTP_PORT` - The port XSSBook will listen on
+  - `ENVIRONMENT` - If you want to test XSSBook in [development] mode
+- MUST build the following assets by running `make`
+  - CSS files. MUST have `sassc` installed
+- MUST use `site/bin/compose` instead of `docker compose`
 
-Finally, to build the images and start, run:
+Once XSSBook is configured properly. Run the following to build the container
+images and start up the compose stack for XSSBook.
 
 ```sh
-./site/compose build --pull
-./site/compose up -d
+./site/bin/compose build --pull
+./site/bin/compose up -d
 ```
 
-> NOTE: You many want to change is HTTP_PORT and HTTP_BIND in .env.
+> NOTE: XSSBook needs all docker volumes to be owned by uid 1000 gid 1000. If
+  you are NOT the root user or user 1000:1000, the compose script will ask for
+  sudo access to be able to set the volume permissions.
 
 ### migrating from xssbook v1
 
diff --git a/example.env b/example.env
new file mode 100644
index 0000000..9e76dc6
--- /dev/null
+++ b/example.env
@@ -0,0 +1,71 @@
+### CRIMSON --- A simple PHP framework.
+### XSSBook --- Post posts postfully.
+### Copyright © 2024 Freya Murphy <contact@freyacat.org>
+###
+### This file is part of CRIMSON.
+### This file is part of XSSBook.
+
+# ===================================================================== INFO ==
+# This is the CRIMSON configuration file. Copy this file as `.env` in your
+# project checkout to override default crimson configuration values.
+#
+# This is XSSBooks example `.env` file. Most settings in here SHOULD NOT BE
+# CHANGED. Doing so MAY result in issues.
+#
+# NOTE: Options labeled "CHANGE ME!" MUST be modified.
+
+# ================================================================== GENERAL ==
+# Contains options for project metadata.
+# PROJECT_NAME - Sets the project name in the docker compose stack.
+#                i.e: crimson-web-1
+PROJECT_NAME="xssbook"
+
+# ============================================================== DEVELOPMENT ==
+# Sets if CRIMSON should run in "production" or "development" mode. Read
+# `src/config.php` in crimson for more information.
+ENVIRONMENT="production"
+
+# ====================================================================== WEB ==
+# Sets what port and bind that nginx will listen on. This is how you will
+# externally access your app.
+#
+HTTP_BIND=127.0.0.1
+HTTP_PORT=80
+
+# ================================================================= DATABASE ==
+# If POSTGRES_ENABLED is set to `true`, then the crimson postgres database will
+# be enabled. Configure the below settings for the connetions options to this
+# database.
+#
+# WARNING: Do NOT change these values after the fist run.
+#
+POSTGRES_ENABLED=true
+POSTGRES_DB=xssbook
+POSTGRES_USER=xssbook
+POSTGRES_PASSWORD=xssbook
+
+# ====================================================================== API ==
+# If API_ENABLED is set to `true`, then the crimson postgrest container will be
+# enabled. Postgres uses JWTs to do verification, so you MUST set a API_SECRET
+# if the api is enabled. API_ROLE sets which role will unauthenticated api
+# users will be inside postgres. API_SCHEMA sets which postgres schema that
+# postgrest will use.
+#
+# For more information about postgres: <https://docs.postgrest.org/en/v12/>.
+#
+# WARNING: POSTGRES_ENABLED must be set to `true` if the API is also enabled.
+#
+API_ENABLED=true
+API_SECRET="" # CHANGE ME!
+API_ROLE="rest_anon"
+API_SCHEMA="api"
+
+# ================================================================== XSSBOOK ==
+# These settings tell XSSBook where you are hosting your site. This is required
+# since all links in XSSBook are generated using these values.
+#
+# CHANGE ME!
+#
+XSSBOOK_HOST="xssbook.com"
+XSSBOOK_ALLOWED_HOSTS="www.xssbook.com xssbook.com"
+XSSBOOK_BASE_PATH="/"
diff --git a/site b/site
-Subproject acfd47748d1da62ac976fba8450277c88b40211
+Subproject 45b58da72187a7b1ed4d75fc25bf5dd59a86a9c
diff --git a/src/web/config.php b/src/web/config.php
index 3ca2bbd..c09e923 100644
--- a/src/web/config.php
+++ b/src/web/config.php
@@ -23,9 +23,9 @@
 //
 define('SITE_CONFIG', array(
 	/* core settings */
-	'domain' => 'xssbook.com',
-	'allowed_hosts' => ['xssbook.com'],
-	'base_path' => '/',
+	'domain' => getenv("XSSBOOK_HOST"),
+	'allowed_hosts' => explode(" ", getenv("XSSBOOK_ALLOWED_HOSTS")),
+	'base_path' => getenv("XSSBOOK_BASE_PATH"),
 	'theme_color' => '#1778f2',
 	/* route overides */
 	'routes' => array(