dansup
commented
4 years ago @hellcp The challenge with this is securing the install page, it should require a token from a CLI command to ensure you are the only one that can configure your instance.
Open hellcp opened 4 years ago
dansup
commented
4 years ago @hellcp The challenge with this is securing the install page, it should require a token from a CLI command to ensure you are the only one that can configure your instance.
hellcp
commented
4 years ago Absolutely, it's a good way to ensure the person setting up the admin stuff is the owner of the server. And for more UI centric implementation by potential 3rd party, getting that key programmatically and passing it to the user with another method (still ensuring user owns the server) would be easy.
hellcp
commented
4 years ago Think VPS providers, they could retrieve the key on their side and send it to you via email, and you would be the only person that could still setup the instance.
Env file while great, isn't particularly accessible. With some packages on some distros, some services are as easy to set up as installing and then opening a web browser with a certain url. Take for example nextcloud:
It would be cool to approach Pixelfed setup the same way, with a short setup wizard, without going into a text file and changing strings.
Consider adding a file for vendor preset, so we can have defaults in the wizard set according to the way the vendor shipping a package intended it to be used.