working pre-update

2025-04-26 03:20:54 +02:00 · 2025-04-26 03:20:54 +02:00 · 27a1817595
commit 27a1817595
parent 2233b4a44c
20 changed files with 134 additions and 1175 deletions
--- a/.dockerignore
+++ b/.dockerignore
@ -0,0 +1,11 @@
 node_modules
 npm-debug.log
 .git
 .gitignore
 .env
 *.md
 logs
 *.log
 cookiesecret.txt
 mysql_password.txt
 views/
--- a/18
+++ b/18
@ -0,0 +1,18 @@
 FROM node:slim
 WORKDIR /app
 # Copy package files
 COPY package*.json ./
 # Install dependencies
 RUN npm install
 # Copy application code
 COPY . .
 # Expose ports
 EXPOSE 80
 # Start the application
 CMD ["node", "server.js"] 
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -0,0 +1,35 @@
 services:
  app:
    build: .
    ports:
      - "23080:80"
    environment:
      - MYSQL_HOST=db
      - MYSQL_USER=ipost
      - MYSQL_PASSWORD=ipost_password
      - MYSQL_DATABASE=ipost
    depends_on:
      - db
    volumes:
      - ./logs:/app/logs
      - ./server_config.json:/app/server_config.json
      - ./cookiesecret.txt:/app/cookiesecret.txt
      - ./mysql_password.txt:/app/mysql_password.txt
    restart: unless-stopped
  db:
    image: mysql:8.0
    environment:
      - MYSQL_ROOT_PASSWORD=root_password
      - MYSQL_DATABASE=ipost
      - MYSQL_USER=ipost
      - MYSQL_PASSWORD=ipost_password
    volumes:
      - mysql_data:/var/lib/mysql
      - ./createSchema.sql:/docker-entrypoint-initdb.d/createSchema.sql
    ports:
      - "3306:3306"
    restart: unless-stopped
 volumes:
  mysql_data: 
--- a/js/warn_message.js
+++ b/js/warn_message.js
@ -1,6 +1,6 @@
 const warn_messages = [
  ["%cDo not paste any text in here","background: red; color: yellow; font-size: x-large"],
-  ["Pasting anything in here may give others access to your account.",""]
+  ["Pasting anything in here may give others access to your account."]
 ]
 function warnmessage() {
  for (let message of warn_messages) {
--- a/package-lock.json
+++ b/package-lock.json
--- a/package.json
+++ b/package.json
@ -10,11 +10,9 @@
    "express-useragent": "^1.0.15",
    "hcaptcha": "^0.1.1",
    "hsts": "^2.2.0",
    "newrelic": "^9.15.0",
    "html-minifier-terser": "^7.2.0",
    "lru-cache": "^9.1.2",
    "mysql2": "^3.3.5",
    "newrelic": "^9.11.0",
    "sharp": "^0.30.7",
    "spdy": "^4.0.2",
    "swagger-autogen": "^2.23.1",
--- a/routes/userfiles.js
+++ b/routes/userfiles.js
@ -101,7 +101,6 @@ export const setup = function (router, con, server) {
        getChannels: get_channels,
        encryptJS: min_js(web_version().toString()).code,
        cookiebanner: `<script id="cookieyes" type="text/javascript" src="https://cdn-cookieyes.com/client_data/3cf33f6b631f3587bf83813b/script.js" async></script>`,
        newrelic: load_var("./extra_modules/newrelic_monitor.html"),
        getPID: server.global_page_variables.getPID,
        getDMPID: server.global_page_variables.getDMPID,
        unauthorized_description: "Chat now by creating an account on IPost",
--- a/server.js
+++ b/server.js
@ -1,5 +1,3 @@
 import "newrelic"
 import http from "http";
 import express,{Router} from "express";
 import useragent from "express-useragent";
@ -14,7 +12,6 @@ import { readFileSync, appendFile } from "fs";
 import { format } from "util";
 import { setup as SETUP_ROUTES} from "./routes/setup_all_routes.js"
 import { verify as verifyHCaptcha_int } from "hcaptcha"
 import hsts from "hsts"
 import { ensureExists } from "./extra_modules/ensureExists.js"
@ -263,24 +260,14 @@ app.use(fileUpload({
    }
 }));
-const hstsMiddleware = hsts({
+app.use((_req, res, next) => {
    maxAge: 31536000,
    includeSubDomains: true,
    preload: true
 })
 app.use((req, res, next) => {
    res.set("x-powered-by", "ipost");
    res.set("X-Frame-Options","DENY");
    res.set("X-XSS-Protection","1; mode=block");
    res.set("X-Content-Type-Options","nosniff");
    res.set("Referrer-Policy","no-referrer");
    if (req.secure) {
      hstsMiddleware(req, res, next)
    } else {
    next()
    }
 })
 app.use(bodyParser.default.json({ limit: "100mb" }));
@ -312,18 +299,6 @@ app.use(function (_req, res, next) {
    next();
 });
 //auto redirect to https
 app.use((req, res, next) => {
    if (req.secure) {
        //already secure
        next();
    }
    else {
        //redirect to https
        res.redirect('https://' + req.headers.host + req.url);
    }
 });
 app.use("/*", function (req, res, next) {
    for (let i = 0; i < blocked_headers.length; i++) {
        if (req.header(blocked_headers[i]) !== undefined) {
@ -394,21 +369,9 @@ const httpServer = http.createServer(app);
 httpServer.listen(config["ports"]["http"], function () {
    console.log(5, "HTTP Server is listening");
 });
 const privateKey = readFileSync(config["ssl"]["privateKey"]).toString();
 const certificate = readFileSync(config["ssl"]["certificate"]).toString();
 const credentials = { key: privateKey, cert: certificate };
 var httpsServer;
 import spdy from "spdy"
 httpsServer = spdy.createServer(credentials,app)
 //httpsServer = https.createServer(credentials, app);
 httpsServer.listen(config["ports"]["https"], function () {
    console.log(5, "HTTPS Server is listening");
 });
 wss = new WebSocket({
-    server: httpsServer,
+    server: httpServer,
    perMessageDeflate: {
        zlibDeflateOptions: {
            chunkSize: 1024,
--- a/server_config.json
+++ b/server_config.json
@ -4,8 +4,8 @@
  "only_prefer_when_ip": "::ffff:127.0.0.1",
  "mysql": {
    "connections":1000,
-    "host":"localhost",
+    "host":"db",
-    "user":"root",
+    "user":"ipost",
    "password_file":"mysql_password.txt"
  },
  "cookies": {
@ -159,8 +159,8 @@
    "certificate" : "/etc/letsencrypt/live/ipost.rocks-0002/fullchain.pem"
  },
  "ports": {
-    "http": 9999,
+    "http": 80,
-    "https": 9998
+    "https": 443
  },
  "disallow_proxies_by_headers": true,
  "hcaptcha_secret": "0x0000000000000000000000000000000000000000",
--- a/views/PrivacyPolicy.html
+++ b/views/PrivacyPolicy.html
@ -4,7 +4,7 @@
    <meta charset="utf-8">
    <title>IPost Privacy Policy</title>
    <meta name="description" content="IPosts PrivacyPolicy">
-    <%- newrelic %>
+
    <script>
      <%- warnmessagejs %>
    </script>
--- a/views/ToS.html
+++ b/views/ToS.html
@ -3,7 +3,7 @@
  <head>
    <meta charset="utf-8">
    <title>IPost Terms of Service</title>
-    <%- newrelic %>
+
    <meta name="description" content="IPosts Terms of Service">
    <script src="/js/addnavbar.js" charset="utf-8"></script>
    <script src="/js/warn_message.js" charset="utf-8"></script>
--- a/views/dms.html
+++ b/views/dms.html
@ -11,7 +11,7 @@
    <% if(user.username === undefined) { %>
      <script> document.location.href = '/no_login?r='+encodeURIComponent(document.location.pathname) </script>
    <% } %>
-    <%- newrelic %>
+
    <style>
      <%- globalcss %>
      <%- loadfile("./css/posts.css") %>
--- a/views/index.html
+++ b/views/index.html
@ -4,7 +4,6 @@
  <meta name="viewport" content="width=device-width, initial-scale=1.0">
 	<title>IPost</title>
  <meta name="description" content="<%-unauthorized_description%>">
  <%- newrelic %>
  <style>
    <%- globalcss %>
    <%- loadfile("./css/logon.css") %>
--- a/views/login.html
+++ b/views/login.html
@ -4,7 +4,7 @@
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>Login | IPost</title>
    <meta name="description" content="Chat on IPost by logging in today">
-    <%- newrelic %>
+
    <link rel="stylesheet" href="/css/logon.css">
    <script src="/js/warn_message.js" charset="utf-8"></script>
    <script src="/js/addnavbar.js" charset="utf-8"></script>
--- a/views/otheruser.html
+++ b/views/otheruser.html
@ -6,7 +6,7 @@
      <meta name="viewport" content="width=device-width, initial-scale=1.0">
      <title>USERS Page</title>
      <meta name="description" content="view other users pages on IPost today">
-      <%- newrelic %>
+  
      <link rel="stylesheet" href="/css/style.css">
      <link rel="stylesheet" href="/css/global.css">
      <script src="/js/addnavbar.js" charset="utf-8"></script>
--- a/views/posts.html
+++ b/views/posts.html
@ -9,7 +9,7 @@
      <meta name="description" content="Chat on IPost now">
    <% } %>
    <title>Posts | IPost</title>
-    <%- newrelic %>
+
    <style>
      <%- globalcss %>
      <%- loadfile("./css/posts.css") %>
--- a/views/register.html
+++ b/views/register.html
@ -1,7 +1,7 @@
 <!DOCTYPE html>
 <html lang="en" dir="ltr">
 <head>
-    <%- newrelic %>
+
    <link rel="stylesheet" href="/css/logon.css">
    <script src="/js/warn_message.js" charset="utf-8"></script>
    <script src="/js/addnavbar.js" charset="utf-8"></script>
--- a/views/search.html
+++ b/views/search.html
@ -10,7 +10,7 @@
    <% } else { %>
      <meta name="description" content="search IPost now">
    <% } %>
-    <%- newrelic %>
+
    <link rel="stylesheet" href="/css/search.css">
    <script type="text/javascript" src="/js/htmlescape.js"></script>
    <link rel="stylesheet" href="/css/global.css">
--- a/views/settings.html
+++ b/views/settings.html
@ -13,7 +13,7 @@
    <% if(user.username === undefined) { %>
      <script> document.location.href = '/no_login?r='+encodeURIComponent(document.location.pathname) </script>
    <% } %>
-    <%- newrelic %>
+
    <link rel="stylesheet" href="/css/style.css">
    <link rel="stylesheet" href="/css/global.css">
    <script src="/js/addnavbar.js" charset="utf-8"></script>
--- a/views/user.html
+++ b/views/user.html
@ -13,7 +13,7 @@
    <% if(user.username === undefined) { %>
      <script> document.location.href = '/no_login?r='+encodeURIComponent(document.location.pathname) </script>
    <% } %>
-    <%- newrelic %>
+
    <style>
      <%- globalcss %>
      <%- loadfile("./css/style.css") %>