diff --git a/.install/templates/gchangepod/elasticsearch.yml b/.install/templates/gchangepod/elasticsearch.yml new file mode 100644 index 000000000..3bdb252c3 --- /dev/null +++ b/.install/templates/gchangepod/elasticsearch.yml @@ -0,0 +1,398 @@ +# ======================== Elasticsearch Configuration ========================= +# +# NOTE: Elasticsearch comes with reasonable defaults for most settings. +# Before you set out to tweak and tune the configuration, make sure you +# understand what are you trying to accomplish and the consequences. +# +# The primary way of configuring a node is via this file. This template lists +# the most important settings you may want to configure for a production cluster. +# +# Please see the documentation for further information on configuration options: +# +# +# ---------------------------------- Cluster ----------------------------------- +# +# Use a descriptive name for your cluster: +# +cluster.name: gchange-pod-g1 +# +# Host for remote access to the cluster - used by P2P and share modules (default: = not accessible) +# +cluster.remote.host: aries.copylaradio.com +# +# Port for remote access to the cluster (Default: 80) +# +cluster.remote.port: 443 +# +# Does remote access need SSL ? (default: 'true' if port=443, 'false' otherwise) +# +cluster.remote.useSsl: true +# +# ------------------------------------ Node ------------------------------------ +# +# Use a descriptive name for the node: (default: will be generated) +# +node.name: aries +# +# Add custom attributes to the node: (Default: none) +# +# node.rack: r1 +# +# ----------------------------------- Paths ------------------------------------ +# +# Path to directory where to store the data (separate multiple locations by comma): +# +# path.data: /path/to/data +# +# Path to log files: +# +# path.logs: /path/to/logs +# +# ----------------------------------- Memory ----------------------------------- +# +# Lock the memory on startup: +# +# bootstrap.mlockall: true +# +# Make sure that the `ES_HEAP_SIZE` environment variable is set to about half the memory +# available on the system and that the owner of the process is allowed to use this limit. +# +# Elasticsearch performs poorly when the system is swapping the memory. +# +# ---------------------------------- Network ----------------------------------- +# +# Set the bind address to a specific IP (IPv4 or IPv6): +# +network.host: 127.0.0.1 +# +# Set a custom port for HTTP: +# +http.port: 9200 + +http.cors.allow-origin: "/.*/" +http.cors.enabled: true +# +#http.compression: true +# +# Internal transport layer +# +# transport.tcp.port: 9210-9220 +# +# For more information, see the documentation at: +# +# +# --------------------------------- Discovery ---------------------------------- +# +# Pass an initial list of hosts to perform discovery when new node is started: +# The default list of hosts is ["127.0.0.1", "[::1]"] +# +# discovery.zen.ping.unicast.hosts: ["host1", "host2"] +# discovery.zen.ping.unicast.hosts: ["127.0.0.1"] +# +# Prevent the "split brain" by configuring the majority of nodes (total number of nodes / 2 + 1): +# +# discovery.zen.minimum_master_nodes: 3 +# +# For more information, see the documentation at: +# +# +# ---------------------------------- Gateway ----------------------------------- +# +# Block initial recovery after a full cluster restart until N nodes are started: +# +# gateway.recover_after_nodes: 3 +# +# For more information, see the documentation at: +# +# +# ---------------------------------- Various ----------------------------------- +# +# Disable starting multiple nodes on a single system: +# +# node.max_local_storage_nodes: 1 +# +# Require explicit names when deleting indices: +# +# action.destructive_requires_name: true +# +# Security to isolate plugin classpath - /!\ WARNING: should always be DISABLE +# +security.manager.enabled: false +# +# ---------------------------------- Cesium+ Pod --------------------------------- +# +# Enable Cesium+ pod core plugin (default: true) +# +duniter.enable: true +# +# Endpoint API for core module (indices on blockchain, peers, etc) (default: ES_CORE_API) +# +duniter.core.api: GCHANGE_API +# +# Delete then create all indices at startup - /!\ WARNING: DO NOT set to true in production +# +# duniter.indices.reload: true +# +# Default string analyzer +# +duniter.string.analyzer: french +# +# Enabling blockchain synchronization (default: true) +# +duniter.blockchain.enable: false +# +# Enabling blockchain movement indexation ? (default: ${duniter.blockchain.enable}) +# +# duniter.blockchain.movement.enable: false +# +# Include/exclude blockchain movement, using regexp on `TX.comment` (default: ) +# +duniter.blockchain.movement.includes.comment: ["GCHANGE:*"] +# +# duniter.blockchain.movement.excludes.comment: [] +# +# Enabling blockchain peers indexation ? (default: ${duniter.blockchain.enable}) +# /!\ WARNING: should always be DISABLE for gchange-pod +# +duniter.blockchain.peer.enable: false +# +# Enabling pending memberships indexation ? (default: ${duniter.blockchain.enable}) +# /!\ WARNING: should always be DISABLE for gchange-pod +# +duniter.blockchain.membership.pending.enable: false +# +# Enable user event on blockchain ? (default: true) +# /!\ WARNING: should always be DISABLE for gchange-pod +# +duniter.blockchain.event.user.enable: false +# +# Enable events for the node admin (e.g. node start/stop) (default: true) +# +# duniter.blockchain.event.admin.enable: false +# +# Force blockchain full synchronization - /!\ WARNING: all user events will be reset to 'unread' +# +# duniter.blockchain.reload: true +# duniter.blockchain.reload.from: 18900 +# duniter.blockchain.reload.to: 19000 +# +# Duniter node address +# +duniter.host: g1.presles.fr +duniter.port: 443 +duniter.useSsl: true +# +# Network timeout, in millisecond (default: 20000 = 20s) +# +# duniter.network.timeout: 5000 +# +# Compute statistics on indices (each hour) ? (default: true) +# +# duniter.stats.enable: false +# +# Software name (used when calling GET request on /node/summary) (default: 'cesium-plus-pod') +# +duniter.software.name: gchange-pod +# +# ---------------------------------- Cesium+ Pod > security module ------------------- +# +# Keyring, use to sign emitted documents (user events, subscription, etc.). +# If not set, random keys will be generated. +# +# duniter.keyring.salt: +# duniter.keyring.password: +# +# Enable security - will restrict HTTP access to only known ES indices +# /!\ WARNING: should be enable for production use +# +duniter.security.enable: true +# +# ---------------------------------- Cesium+ Pod > P2P module ------------------------- +# +# Enable P2P synchronize between ES peers ? (default: true) +# +# duniter.p2p.enable: false +# +# Enable P2P synchronisation using websocket ? (default: true) +# +# duniter.p2p.ws.enable: false +# +# Time delay (in seconds) to request last documents to peer (e.g. if peer's clock is late). (default: 3600s = 1h) +# +# duniter.p2p.peerTimeOffset: 3600 +# +# Enable discovery on network peers, to automatically synchronize this peers (default: true) +# +# duniter.p2p.discovery.enable: false +# +# Pass a list of hosts to always synchronize (default: ) +# +duniter.p2p.includes.endpoints: [ + "GCHANGE_API data.gchange.fr 443", + "GCHANGE_SUBSCRIPTION_API data.gchange.fr 443" +] +# +# Pass a list of pubkeys to always synchronize (default: ) +# +# duniter.p2p.includes.pubkeys: [""] +# +# Enable a full synchro. This will compare each documents from other peers. (default: false) +# +# duniter.p2p.fullResyncAtStartup: true +# +# Peer API to index (default : ["BASIC_MERKLE_API", "BMAS", "WS2P" ] UNION ${duniter.p2p.peering.targetedApis} UNION ${duniter.p2p.peering.publishedApis}) +# +duniter.p2p.peer.indexedApis: [ + "GCHANGE_API" +] +# +# Enable publishing of pod endpoints to the network (see the peer document in Duniter protocol). (Default: '${duniter.p2p.enable}') +# +duniter.p2p.peering.enable: true +# +# Define targeted API (for peers selection) where to send the peer document (if peering is enable). (Default: ["BASIC_MERKLED_API", "BMAS"]) +# This API should accept a POST request to '/network/peering' (will send a see the Duniter protocol) +# +duniter.p2p.peering.targetedApis: [ + "GCHANGE_API" +] +# +# Define cluster API to publish (if peering is enable). By default, all compatible API +# +duniter.p2p.peering.publishedApis: [ + "GCHANGE_API", "GCHANGE_SUBSCRIPTION_API" +] +# +# Interval for publishing peer document to the network, in seconds. (Default: 7200 =2h) +# +# duniter.p2p.peering.interval: 7200 +# +# Cache time for peers (GET request /network/peers and /network/peering/peers), in seconds. (Default: 600 = 10min) +# Use 0 (zero) to disable the cache +# +# duniter.p2p.peers.cache.timeToLive: 0 +# +# ---------------------------------- Cesium+ Pod > document moderation --------------- +# +# Filter too old document, if time older that 'maxPastDelta' (in seconds). (default: 7200 =2h) +# +# duniter.document.time.maxPastDelta: 7200 +# +# Filter document in the future, if time greater that 'maxFutureDelta' (in seconds). (default: 600 =10min) +# +# duniter.document.time.maxFutureDelta: 600 +# +# Allow admin (define in duniter.keyring) to delete documents ? (default: true) +# +# duniter.document.moderators.admin: false +# +# Public keys of moderators. Moderators can delete any user documents (profile, page comment, etc.) (default: ) +# +duniter.document.moderators.pubkeys: [ + 'HmH5beJqKGMeotcQUrSW7Wo5tKvAksHmfYXfiSQ9EbWz', # Admin of gchange.fr + '8PTThXiUSwwuPoqQWw3tuAn4MpvzQzpKhs6LMuiozS7Z', # B. Lavenier (gchange maintainer) + '47JpfrGkoHJWtumeu7f67fbAxkvaHYVQBNo5GszNs61Z' # B. Presles (gchange developer) +] +# +# ---------------------------------- Cesium+ Pod > Mail module ----------------------- +# +# Enable mail module ? +# +duniter.mail.enable: false +# +# Mail: SMTP server configuration (host and port) +# +# duniter.mail.smtp.host: localhost +# duniter.mail.smtp.port: 25 +# +# Mail: SMTP server SSL security +# +# duniter.mail.smtp.ssl: true +# duniter.mail.smtp.starttls: true +# +# Mail: SMTP server authentication +# +# duniter.mail.smtp.username: +# duniter.mail.smtp.password: +# +# Mail: 'from' address +# +# duniter.mail.from: no-reply@domain.com +# +# Mail: admin address +# +# duniter.mail.admin: user@domain.com +# +# Mail: subject prefix (default: '[Cesium+]') +# +duniter.mail.subject.prefix: '[Ğchange]' +# +# ---------------------------------- Cesium+ Pod > User module --------------------------- +# +# Enable user module (Allow to store User profile, private message, page, group...) (default: true) +# +# duniter.user.enable: false +# +# Endpoint API for user data (use by P2P synchronization) (default: 'ES_USER_API') +# +duniter.user.api: 'GCHANGE_API' +# +# Requirements to send abuse report on document (profile, page, etc.) (default: ['member']) +# +duniter.abuse.issuer.requirements: ['profile'] +# +# Requirements to send likes on document (profile, page, etc.) (default: empty) +# +duniter.like.issuer.requirements: ['profile'] +# +# ---------------------------------- Cesium+ Pod > Subscription module ------------------- +# +# Enable subscription module (Need to enable mail features) (default: true) +# +# duniter.subscription.enable: false +# +# Endpoint API for subscription data (use by P2P synchronization) (default: ES_SUBSCRIPTION_API) +# +duniter.subscription.api: 'GCHANGE_SUBSCRIPTION_API' +# +# Email subscription: Day of the week to trigger weekly (default: 2 = monday) +# +# duniter.subscription.email.dayOfWeek: 2 +# +# Email subscription: Hour in day to trigger daily email subscription (default: 3 AM) +# +# duniter.subscription.email.hourOfDay: 3 +# +# Email subscription: URL to a web site, for links in the email content (default: https://g1.duniter.fr) +# +duniter.subscription.email.link.url: 'https://gchange.fr' +# +# Name of the button in the email, to access to notifications (default: 'Cesium') +# +duniter.subscription.email.link.name: 'Ğchange' +# +# ---------------------------------- Cesium+ Pod > Share module ------------------- +# +# Share title: `og:site_name` (default: 'Cesium') +# +duniter.share.site.name: 'Ğchange' +# +# URL to a page (default: https://g1.duniter.fr/#/app/page/view/{id}/{title} ) +# Note: available variables are {id} and {title} +# +duniter.share.page.link.url: 'https://www.gchange.fr/#/app/page/view/{id}/{title}' +# +# URL to a user profile (default: https://g1.duniter.fr/#/app/wot/{pubkey}/{title} ) +# Note: available variables are {pubkey} and {title} +# +duniter.share.user.link.url: 'https://www.gchange.fr/#/app/wot/{pubkey}/{title}' +# +# Default image to share (min size of 200x200px) for `og:image` (default: https://g1.duniter.fr/img/logo_200px.png) +# +duniter.share.image.default.url: 'https://www.gchange.fr/img/logo_200px.png' +# +# Share market link (e.g. Ad): (default: https://gchange.fr/#/app/market/view/{id}/{title} ) +# Note: available variables are {id} and {title} +# +duniter.share.market.link.url: 'https://www.gchange.fr/#/app/market/view/{id}/{title}' +# diff --git a/.install/templates/gchangepod/elasticsearch.yml.zip b/.install/templates/gchangepod/elasticsearch.yml.zip new file mode 100644 index 000000000..f23b35a6d Binary files /dev/null and b/.install/templates/gchangepod/elasticsearch.yml.zip differ diff --git a/.install/templates/tiddlywiki/index.html b/.install/templates/tiddlywiki/index.html new file mode 100644 index 000000000..2b507253f --- /dev/null +++ b/.install/templates/tiddlywiki/index.html @@ -0,0 +1,17002 @@ + + + + + + + + + + + + + + + + + + + + +Mon TiddlyWiki — un carnet de notes web personnel et non linéaire + + + + + + + + + + + +
+ +
+ + + + + + + + + + + + + + + + + diff --git a/ISOconfig.sh b/ISOconfig.sh index c69009301..ddb7ebca9 100755 --- a/ISOconfig.sh +++ b/ISOconfig.sh @@ -267,6 +267,10 @@ ipfs config Addresses.Gateway "/ip4/127.0.0.1/tcp/8181" # RESTRICT $USER NOPASSWD sudo to fail2ban-client ONLY echo "$USER ALL=(ALL) NOPASSWD:/usr/bin/fail2ban-client" | (sudo su -c 'EDITOR="tee" visudo -f /etc/sudoers.d/fail2ban-client') +## INSTALL TiddlyWiki +[[ ! -f ~/.zen/ipfs/.${IPFSNODEID}/index.html ]] && mkdir -p ~/.zen/ipfs/.${IPFSNODEID} && cp ~/.zen/astrXbian/.install/templates/tiddlywiki/index.html ~/.zen/ipfs/.${IPFSNODEID}/index.html + + ######################################################################## # echo 'ONLY XBIAN REBOOT NOW...' ######################################################################## diff --git a/ajouter_video.sh b/ajouter_video.sh index a0c358fe3..bb182d1dd 100755 --- a/ajouter_video.sh +++ b/ajouter_video.sh @@ -96,27 +96,32 @@ echo "VIDEO" /usr/local/bin/youtube-dl -f '[height=720]/best' \ --write-info-json --write-annotations \ --no-mtime -o "${YTEMP}/%(id)s_%(title)s.%(ext)s" $YTURL -inpath="youtube" +CAT="youtube" else echo "MP3" /usr/local/bin/youtube-dl -x --audio-format mp3 \ --write-info-json --add-metadata --embed-thumbnail \ --no-mtime -o "${YTEMP}/%(id)s_%(title)s.%(ext)s" $YTURL -inpath="mp3" +CAT="mp3" fi # Get filename, extract ID, make destination dir and move copy. YFILE=$(ls -t ${YTEMP} | head -n 1) -YID=$(echo "${YFILE}" | cut -d "_" -f 1) +FILE_NAME="$(basename "${YFILE}")" -FILE_PATH="$HOME/astroport/$inpath/$YID" +YID=$(echo "${FILE_NAME}" | cut -d "_" -f 1) +YNAME=$(echo "${FILE_NAME}" | cut -d "_" -f 2) + +FILE_PATH="$HOME/astroport/$CAT/$YID" mkdir -p ${FILE_PATH} && mv ${YTEMP}/* ${FILE_PATH}/ -FILE_NAME="$(basename "${YFILE}")" TMDB=$YID +TITLE="${YNAME%.*}" +GENRES="[Youtube]" +GROUPES="${XZUID}" + rm -Rf ${YTEMP} -echo "DONE" && exit 1 ;; ######################################################################## @@ -218,15 +223,16 @@ zenity --question --width ${large} --title "CONTROLE DES INFORMATIONS - EMBARQUE ### OK MOVING FILE TO ASTROPORT #### mkdir -p ~/astroport/${CAT}/${TMDB}/ -URLENCODE_FILE_NAME=$(echo ${FILE_NAME} | jq -Rr @uri) -echo "${CAT};$TMDB;$YEAR;$TITLE;$SAISON;${GENRES};${GROUPES};$RES;/ipfs/_IPFSREPFILEID_/$URLENCODE_FILE_NAME" > ~/astroport/${CAT}/${TMDB}/ajouter_video.txt -# _IPFSREPFILEID_ is replaced later - mv "${FILE_PATH}/${FILE_NAME}" ~/astroport/${CAT}/${TMDB}/ && zenity --warning --width ${large} --text "Votre fichier est prêt ~/astroport/${CAT}/${TMDB}/${FILE_NAME} à embarquer. Cliquez sur OK puis patientez quelques minutes..." ;; esac +## TRANSMIT "ajouter_video.txt" +URLENCODE_FILE_NAME=$(echo ${FILE_NAME} | jq -Rr @uri) +echo "${CAT};$TMDB;$YEAR;$TITLE;$SAISON;${GENRES};${GROUPES};$RES;/ipfs/_IPFSREPFILEID_/$URLENCODE_FILE_NAME" > ~/astroport/${CAT}/${TMDB}/ajouter_video.txt +# _IPFSREPFILEID_ is replaced later + ######################################################################## # ADD $FILE to IPFS / ASTROPORT / KODI ######################################################################## @@ -234,4 +240,4 @@ esac ######################################################################## ######################################################################## -zenity --warning --width 300 --text "OK! Vidéo $FILE_NAME transférée dans Kodi/Vstream/Astroport" +zenity --warning --width 300 --text "OK! Votre source vidéo $cat a été transférée dans Astroport" diff --git a/zen/gchange_INIT.sh b/zen/gchange_INIT.sh index 9ee5a4e7c..f55f9c8c5 100755 --- a/zen/gchange_INIT.sh +++ b/zen/gchange_INIT.sh @@ -156,6 +156,10 @@ do sleep $((1 + RANDOM % 2)) # SLOW DOWN done +## ADD tiddlywiki #TODO REMOVE #PUT in ISOConfig for next install +[[ ! -f ~/.zen/ipfs/.${IPFSNODEID}/index.html ]] && mkdir -p ~/.zen/ipfs/.${IPFSNODEID} && cp ~/.zen/astrXbian/.install/templates/tiddlywiki/index.html ~/.zen/ipfs/.${IPFSNODEID}/index.html + + # REFRESH IPNS SELF PUBLISH ######################################################################## ~/.zen/astrXbian/zen/ipns_self_publish.sh diff --git a/zen/ipfs_SWARM_refresh.sh b/zen/ipfs_SWARM_refresh.sh index fc0735af7..59dc67e62 100755 --- a/zen/ipfs_SWARM_refresh.sh +++ b/zen/ipfs_SWARM_refresh.sh @@ -105,6 +105,11 @@ PREFIX="A" cat ~/.zen/ipfs_swarm/.*/astroport/kodi/vstream/${PREFIX}* | sort | uniq > ~/.zen/ipfs/.${IPFSNODEID}/${PREFIX}ASTRXBIAN ######################################################################## +# REFRESH tiddlywiki index # TODO create local index from swarm wiki +######################################################################## +for wiki in $(ls ~/.zen/ipfs_swarm/.*/index.html 2>/dev/null); do echo $wiki; done + +######################################################################## ######################################################################## echo "RETRIEVING MY OWN DATA FROM IPNS TO ~/.zen/ipfs_swarm" ipfs get --output=/home/$YOU/.zen/ipfs_swarm/ /ipns/$IPFSNODEID diff --git a/zen/new_file_in_astroport.sh b/zen/new_file_in_astroport.sh index 0399d623d..3f2452130 100755 --- a/zen/new_file_in_astroport.sh +++ b/zen/new_file_in_astroport.sh @@ -40,7 +40,7 @@ CAT=$(echo "$TYPE" | awk '{ print tolower($0) }') [[ ! $CAT ]] && echo "CAT est le 5e sous-répertoire de $path" && exit 1 PREFIX=$(echo "$TYPE" | head -c 1 | awk '{ print toupper($0) }' ) # ex: F, Y, M ou Y -if [[ "$PREFIX" == "Y" ]]; then +if [[ "$PREFIX" == "Y" || "$PREFIX" == "M" ]]; then INDEXPREFIX="YOUTUBE_" REFERENCE=$(echo "$file" | cut -d "_" -f 1) # Youtube filename starts with ID_ else @@ -81,12 +81,13 @@ if [[ $KEY ]]; then touch ~/.zen/KEY/${INDEXPREFIX}${REFERENCE}/${G1PUB}/.zen # CLEAR ipfs link (is then cyphered to manage exchange regulation) echo "/ipfs/$IPFSREPFILEID/${file}" > ~/.zen/KEY/${INDEXPREFIX}${REFERENCE}/${G1PUB}/.ipfs.filelink + echo "${file}" > ~/.zen/KEY/${INDEXPREFIX}${REFERENCE}/${G1PUB}/.ipfs.filename # TRANSFERT from ajouter_video.sh "ajouter_video.txt" later used line 118 - mv ~/astroport/${CAT}/${TMDB}/ajouter_video.txt ~/.zen/KEY/${INDEXPREFIX}${REFERENCE}/${G1PUB}/ -# echo "" > ~/.zen/ipfs/.${IPFSNODEID}/KEY/${INDEXPREFIX}${REFERENCE}/ipns.html + [[ -f ~/astroport/${CAT}/${TMDB}/ajouter_video.txt ]] && mv ~/astroport/${CAT}/${TMDB}/ajouter_video.txt ~/.zen/KEY/${INDEXPREFIX}${REFERENCE}/${G1PUB}/ +# echo "" > ~/.zen/ipfs/KEY/${INDEXPREFIX}${REFERENCE}/ipns.html # TRY NATOOLS FOR SECURE SHARING # $MY_PATH/jaklis/lib/natools.py encrypt -k $G1PUB -i ~/.ipfs/keystore/$KEYFILE -o ~/.zen/ipfs/.${IPFSNODEID}/KEY/${INDEXPREFIX}${REFERENCE}/.ipns.key.encrypt.natools - $MY_PATH/tools/natools.py encrypt -p $G1PUB -i ~/.ipfs/keystore/$KEYFILE -o ~/.zen/ipfs/.${IPFSNODEID}/KEY/${INDEXPREFIX}${REFERENCE}/.ipns.key.natools.encrypt - $MY_PATH/tools/natools.py encrypt -p $G1PUB -i ~/.zen/KEY/${INDEXPREFIX}${REFERENCE}/${G1PUB}/.ipfs.filelink -o ~/.zen/ipfs/.${IPFSNODEID}/KEY/${INDEXPREFIX}${REFERENCE}/.ipfs.filelink.natools.encrypt + $MY_PATH/tools/natools.py encrypt -p $G1PUB -i ~/.ipfs/keystore/$KEYFILE -o ~/.zen/KEY/${INDEXPREFIX}${REFERENCE}/.ipns.key.natools.encrypt + $MY_PATH/tools/natools.py encrypt -p $G1PUB -i ~/.zen/KEY/${INDEXPREFIX}${REFERENCE}/${G1PUB}/.ipfs.filelink -o ~/.zen/KEY/${INDEXPREFIX}${REFERENCE}/.ipfs.filelink.natools.encrypt rm ~/.zen/KEY/${INDEXPREFIX}${REFERENCE}/${G1PUB}/.ipfs.filelink fi # IPNS index.html Redirect to ipfs streaming link (could be contract or anything !!)