luto
commented
1 year ago Thanks! :) I added a few notes.
Closed franok closed 1 year ago
luto
commented
1 year ago Thanks! :) I added a few notes.
franok
commented
1 year ago @luto thanks for the review, I replied to one of your comments and addressed all other requested changes
noave
commented
1 year ago hey, like suggested in the comment I would propose to do it like this with moving the app folders:
[noaguide@perseus noaguide]$ pwd
/var/www/virtual/noaguide
[noaguide@perseus noaguide]$ mkdir privatebin
[noaguide@perseus noaguide]$ mv -t privatebin html/cfg/ html/lib/ html/tpl/ html/vendor/so you have a folder structure like here
[noaguide@perseus noaguide]$ tree -L 2
.
├── html
│ ├── bin
│ ├── browserconfig.xml
│ ├── CHANGELOG.md
│ ├── CREDITS.md
│ ├── css
│ ├── i18n
│ ├── img
│ ├── index.php
│ ├── INSTALL.md
│ ├── js
│ ├── LICENSE.md
│ ├── manifest.json
│ ├── nocontent.html
│ ├── Procfile
│ ├── README.md
│ ├── robots.txt
│ └── SECURITY.md
└── privatebin
├── cfg
├── lib
├── tpl
└── vendorthis would rather be consistent with the other guides. But i must admit, I am a bit surprised, that privatebin does not have a real clean public folder like it is usual in other apps.
But anyway, I was able to install it this way
franok
commented
1 year ago hey, like suggested in the comment I would propose to do it like this with moving the app folders: [...] this would rather be consistent with the other guides. But i must admit, I am a bit surprised, that privatebin does not have a real clean public folder like it is usual in other apps.
The latest comment by @SalocinHB suggests something different: https://github.com/Uberspace/lab/pull/1516#discussion_r1172365440
which is why Nextcloud keeps it's data directory in $HOME.
But anyway, I was able to install it this way
I updated this guide according to my setup on my own uberspace. As you were able to install it with my instructions, I do not really see a reason, why it couldn't be merged this way. In case you have any objections, please let me know.
franok
commented
1 year ago As I do not see any further functional Todo for this PR, I set it back from "Draft" state, to "Ready for Review". Please reconsider, if this update/enhancement can be merged in current state. Thank you :)
noave
commented
1 year ago The latest comment by @SalocinHB suggests something different:
nextcloud only stores the static data files in the home folder, which is a good and clean approach. But the all the code files reside in /var/www. Most frameworks nowadays usually have a specific public folder (like symfony etc.).
However, here you named the folder privatebin-data which is not really correct why I chose just privatebin where I moved the codefiles and changed the path like you suggested. Then with the first note one creates, the app creates a folder data within there. I thought about using a symlink from /var/www/virtual/username/privatebin/data to ~/privatebin-data. Then code, public folder, data would have been separated. But the apps also creates php code files within the data folder :smile: so its all mixed up again anyways.
So, since there is this little tiny security afford of storing the data files in ~/home I would for now follow your approach using the ~/privatebin folder (but with this naming, not privatebin-data). Even if this means storing php code files in ~/home which is not the usual way here.
The cleanest approach would be using a mysql database, since we have everything on board on a Uberspace I guess there is no reason to depend on storing the data in files at all. But for now I will add this only as an issue.
noave
commented
1 year ago looks like you did not allow pushing to your branch, so I will first merge here and rename privatebin-data to privatebin afterwards
noave
commented
1 year ago thanks in any case :)
franok
commented
1 year ago So, since there is this little tiny security afford of storing the data files in
~/homeI would for now follow your approach using the ~/privatebin folder (but with this naming, not privatebin-data). Even if this means storing php code files in ~/home which is not the usual way here.
Sure, I'm also fine with ~/privatebin.
The cleanest approach would be using a mysql database, since we have everything on board on a Uberspace I guess there is no reason to depend on storing the data in files at all. But for now I will add this only as an issue.
Yes, I guess it can be tackled in a separate PR to enhance the guide with instructions for using MySQL.
looks like you did not allow pushing to your branch, so I will first merge here and rename privatebin-data to privatebin afterwards
Ah, sorry, did not remember I restricted edits by maintainers.
Thank you for following up on the naming and thank you for the review & merging of the PR 🙂👍
Enhance guide by instructions for read-only access for non-authenticated users using Basic Auth restriction for POST requests in .htaccess file.
I successfully implemented a "read-only" restriction on my instance of PrivateBin and would like to share my knowledge in the lab guide.