Merge pull request #8 from offen/development

Add sitemap, update environment setup
2024-12-26 14:50:20 +01:00 · 2019-10-24 13:37:28 +02:00 · 2019-10-24 13:37:28 +02:00 · 927a97902e
commit 927a97902e
parent cb36d77787 fefd7cebc7
10 changed files with 40 additions and 12 deletions
--- a/Dockerrun.aws.json.production
+++ b/Dockerrun.aws.json.production
@ -30,7 +30,7 @@
    },
    {
      "name": "server",
-      "image": "offen/offen:stable",
+      "image": "offen/offen@sha256:fe55ba1c183eb8bb4dd19143e6fe1133d6d3b9115c94cc2150620b27adef18fc",
      "essential": true,
      "memory": 256,
      "command": ["serve"]
--- a/Dockerrun.aws.json.staging
+++ b/Dockerrun.aws.json.staging
@ -23,7 +23,7 @@
    },
    {
      "name": "server",
-      "image": "offen/offen:latest",
+      "image": "offen/offen@sha256:fe55ba1c183eb8bb4dd19143e6fe1133d6d3b9115c94cc2150620b27adef18fc",
      "essential": true,
      "memory": 256,
      "command": ["serve"]
--- a/3
+++ b/3
@ -14,6 +14,9 @@ setup: dev-build update howto
 dev-build:
 	@docker-compose build

+up:
+	@docker-compose up
+
 howto:
 	@echo "Successfully built containers and installed dependencies."
 	@echo "If this is your initial setup, you can run 'make bootstrap' next"
--- a/README.md
+++ b/README.md
@ -26,7 +26,7 @@ $ make bootstrap
 You can test your setup by starting the application:

 ```sh
-$ docker-compose up
+$ make up
 ```

 which should enable you to access the homepage at <http://localhost:8000/> and use the wrapped `auditorium` at <http://localhost:8000/auditorium>
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -12,18 +12,19 @@ services:
      - server

  server:
-    image: offen/offen:latest
+    image: offen/offen@sha256:fe55ba1c183eb8bb4dd19143e6fe1133d6d3b9115c94cc2150620b27adef18fc
    command: serve
    volumes:
      - ./bootstrap.yml:/bootstrap.yml
+      - database:/data
    environment:
-      POSTGRES_CONNECTION_STRING: postgres://postgres:develop@server_database:5432/postgres?sslmode=disable
-      DEVELOPMENT: '1'
-      PORT: 8080
-      COOKIE_EXCHANGE_SECRET: 8jeKYbbnywoYIZznu4HffQ==
-      EVENT_RETENTION_PERIOD: 4464h
-      ACCOUNT_USER_EMAIL_SALT: eypctS7SVKM1Ureb61db5Q==
-      SECURE_COOKIE: 'off'
+      OFFEN_APP_EVENTRETENTIONPERIOD: 4464h
+      OFFEN_APP_DEVELOPMENT: '1'
+      OFFEN_APP_DISABLESECURECOOKIE: '1'
+      OFFEN_DATABASE_CONNECTIONSTRING: /data/offen.db
+      OFFEN_SERVER_PORT: 8080
+      OFFEN_SECRETS_COOKIEEXCHANGE: 8jeKYbbnywoYIZznu4HffQ==
+      OFFEN_SECRETS_EMAILSALT: eypctS7SVKM1Ureb61db5Q==
    depends_on:
      - server_database

@ -46,3 +47,4 @@ services:

 volumes:
  homepagedeps:
+  database:
--- a/homepage/content/pages/404.md
+++ b/homepage/content/pages/404.md
@ -3,6 +3,7 @@ description: offen is a free and open source analytics software for websites and
 save_as: 404.html
 href: /404.html
 no_stats: true
+exclude_from_sitemap: true


 ![Page not Found](/theme/images/content-404.webp){:class="image-text-560-315"}
--- a/homepage/content/pages/opt-out.md
+++ b/homepage/content/pages/opt-out.md
@ -1,6 +1,7 @@
 Title: Opt-out | offen
 description: offen is a free and open source analytics software for websites and web applications that allows respectful handling of data.
 save_as: opt-out/index.html
+exclude_from_sitemap: true

 ## You are opted out

--- a/homepage/pelicanconf.py
+++ b/homepage/pelicanconf.py
@ -18,6 +18,8 @@ TRANSLATION_FEED_ATOM = None
 AUTHOR_FEED_ATOM = None
 AUTHOR_FEED_RSS = None

+SITEURL = 'http://localhost:8000'
+
 # pagination
 DEFAULT_PAGINATION = False

@ -33,7 +35,8 @@ CATEGORIES_SAVE_AS = None
 TAGS_SAVE_AS = None

 # keep this for access to page variable
-DIRECT_TEMPLATES = []
+DIRECT_TEMPLATES = ['sitemap']
+SITEMAP_SAVE_AS = 'sitemap.xml'

 PLUGIN_PATHS = ['./plugins']
 PLUGINS = ['assets']
--- a/homepage/theme/templates/sitemap.html
+++ b/homepage/theme/templates/sitemap.html
@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">
+{% for page in pages %}
+  {% if not page.exclude_from_sitemap %}
+    <url>
+      <loc>{{ SITEURL }}{{ page.href }}</loc>
+      <priority>{{ page.sitemap_priority or 1.0 }}</priority>
+    </url>
+  {% endif %}
+{% endfor %}
+</urlset>
--- a/nginx.conf
+++ b/nginx.conf
@ -25,11 +25,18 @@ http {
 	server {
 		listen 80;
 		expires $expires;
+		proxy_hide_header Content-Security-Policy;
 		add_header Content-Security-Policy $csp;
+		proxy_hide_header Strict-Transport-Security;
+		add_header Strict-Transport-Security 'max-age=604800; includeSubDomains';
+		proxy_hide_header Referrer-Policy;
 		add_header Referrer-Policy 'origin-when-cross-origin';
+		proxy_hide_header X-Content-Type-Options;
 		add_header X-Content-Type-Options 'nosniff';
+		proxy_hide_header X-XSS-Protection;
 		add_header X-XSS-Protection '1; mode=block';

+
 		location /api/ {
 			proxy_pass http://server;
 			proxy_redirect off;