README: update
This commit is contained in:
parent
ef8eebdbaa
commit
78b9e5e043
92
README.md
92
README.md
@ -1,80 +1,84 @@
|
|||||||
# qswiki
|
# qswiki
|
||||||
|
|
||||||
About
|
## About
|
||||||
====
|
qswiki is a wiki software, intended for my needs. Originally implemented in C, it's now written in C++.
|
||||||
qswiki is a wiki software, intended for small wikis. Originally
|
|
||||||
implemented in C, it's now written in C++.
|
|
||||||
|
|
||||||
History
|
## Dude... why?
|
||||||
====
|
|
||||||
A couple of years ago, I wanted to setup a personal wiki on my raspberry
|
tl;dr: It was a playground, an experiment (taken too far). I guess at some point I couldn't stop, because I've already
|
||||||
pi. However, the distribution I used back then did not have a PHP package
|
started.
|
||||||
|
|
||||||
|
### History
|
||||||
|
Several years ago, I wanted to setup a personal wiki on my raspberry
|
||||||
|
pi. However, the distribution I used back then did not have a PHP package
|
||||||
for ARM. So instead of switching distributions or searching for other
|
for ARM. So instead of switching distributions or searching for other
|
||||||
wikis that I could use, I decided I would write one in C. Yes,
|
wikis that I could use, I simply decided I would write one in C. Yes,
|
||||||
that's an odd way to approach the problem and indeed, I may have had too
|
that's an odd way to approach the problem and indeed, I may have had too
|
||||||
much time back then. Also, I wanted to see how it's like to write a
|
much time back then. Also, I wanted to see how it's like to write a
|
||||||
"web app" in C and wanted to sharpen my C skills a little bit.
|
"web app" in C and wanted to sharpen my C skills a little bit.
|
||||||
|
|
||||||
Of course, it's pretty straightforward at first. No really: Just use CGI.
|
Of course, it's pretty straightforward at first. No really: Just use CGI
|
||||||
And indeed, that would have been more than enough for my use cases.
|
and print your HTML to stdout.And indeed, that would have been more than enough for my use cases.
|
||||||
Then I decided to play around and started using FastCGI (with the official
|
|
||||||
|
But then I decided to play around and started using FastCGI (with the official
|
||||||
library from now defunct fastcgi.com) and created a multi-threaded version.
|
library from now defunct fastcgi.com) and created a multi-threaded version.
|
||||||
It initially used a "pile of files database", but that became too painful,
|
It initially used a "pile of files database", but that became too painful,
|
||||||
so then I started using sqlite.
|
so then I started using sqlite.
|
||||||
|
|
||||||
C++
|
C++
|
||||||
---
|
---
|
||||||
Eventually, since it was mostly a playground for me, the code became
|
Eventually, since it was mostly a playground for me, the code became
|
||||||
unmaintainable. Furthermore, I wanted something quick and given that
|
unmaintainable. Furthermore, I initially wanted something quick and given that
|
||||||
it was CGI, I didn't bother taking care of memory leaks.
|
it was CGI, I didn't bother taking care of memory leaks.
|
||||||
After initiating a FastCGI interface, they became an issue and then the
|
After initiating a FastCGI interface, they became an issue and then the
|
||||||
task of avoiding memory leaks became too annoying. And of course, C does n
|
task of avoiding memory leaks became too annoying. And of course, C does n
|
||||||
ot include any "batteries" and while I could manage, this too was another
|
ot include any "batteries" and while I could manage, this too was another
|
||||||
good reason.
|
good reason.
|
||||||
|
|
||||||
Overall, I am just continuing the experiment with C++17 now. It's not
|
Overall, I am just continuing the experiment with >=C++17 now. It's not
|
||||||
nearly as bad as you would expect perhaps. Some things are surprisingly
|
nearly as bad as you would expect perhaps. Some things are surprisingly
|
||||||
convenient even. Still, the standard library is lacking and
|
convenient even. Still, the standard library is lacking and
|
||||||
I would hope for a some better built-in Unicode support in future C++
|
I would hope for a some better built-in Unicode support in future C++
|
||||||
standards.
|
standards.
|
||||||
|
|
||||||
Features
|
|
||||||
========
|
## Features
|
||||||
To be fair, at this point it doesn't even have a "diff" between revisions
|
Some essential features are lacking, such as a diff between revisions,
|
||||||
yet and does not have features that would make you prefer it over other
|
user registration UI, etc.
|
||||||
wikis.
|
|
||||||
|
It doesn't compete with any other software anyway.
|
||||||
|
|
||||||
- CGI
|
- CGI
|
||||||
- HTTP server using the header only library cpp-httplib. It's more
|
- HTTP server using the header only library [cpp-httplib](https://github.com/yhirose/cpp-httplib). It's more
|
||||||
portable and more "future-proof" than FastCGI (since the official website
|
portable and more "future-proof" than FastCGI (since the official website
|
||||||
disappeared, the library's future appears to be uncertain).
|
disappeared, the library's future appears to be uncertain).
|
||||||
- Support for user accounts. Passwords are stored using PBKDF2.
|
- Support for user accounts. Passwords are stored using PBKDF2.
|
||||||
sqlite database, but not too much of an effort to add other types of
|
sqlite database, but not too much of an effort to add other types of
|
||||||
storage backends. sqlite is using the great header only library
|
storage backends. sqlite is using the great header only library
|
||||||
sqlite_modern_cpp
|
[sqlite_modern_cpp](https://github.com/SqliteModernCpp)
|
||||||
- Relatively fine-grained permission system.
|
- Relatively fine-grained permission system.
|
||||||
- Categories
|
- Categories
|
||||||
- Templates
|
- Templates
|
||||||
- FTS search
|
- FTS search
|
||||||
- Caching
|
- Caching
|
||||||
|
- Blog-like functionality
|
||||||
|
- RSS/Atom feeds
|
||||||
|
|
||||||
Security
|
## Security
|
||||||
========
|
[exile.h](https://github.com/quitesimpleorg/exile.h) is used
|
||||||
On Linux namespaces are used to restrict the process to only access
|
to restrict access to the files the wiki needs. It doesn't have access to other paths
|
||||||
files it needs. It doesn't have access to other paths in the system.
|
in the system and the system calls that the qswiki process can make are restricted.
|
||||||
In addition, Seccomp is used to restrict the syscalls the qswiki process
|
|
||||||
can call. As for "web security", all POST requests are centrally
|
As for "web security", all POST requests are centrally protected against CSRF attacks and all input is escaped against XSS
|
||||||
protected against CSRF attacks and all input is escaped against XSS
|
|
||||||
attacks.
|
attacks.
|
||||||
|
|
||||||
Building
|
## Building
|
||||||
========
|
|
||||||
Dependencies:
|
Dependencies:
|
||||||
- cpp-httplib: https://github.com/yhirose/cpp-httplib
|
- cpp-httplib: https://github.com/yhirose/cpp-httplib
|
||||||
- SqliteModernCpp: https://github.com/SqliteModernCpp
|
- SqliteModernCpp: https://github.com/SqliteModernCpp
|
||||||
- exile.h: https://gitea.quitesimple.org/crtxcr/exile.h
|
- exile.h: https://gitea.quitesimple.org/crtxcr/exile.h
|
||||||
- sqlite3: https://sqlite.org/index.html
|
- sqlite3: https://sqlite.org/index.html
|
||||||
|
|
||||||
The first three are header-only libraries that are included as a git submodule. The others must
|
The first three are header-only libraries that are included as a git submodule. The others must
|
||||||
be installed, e. g. by using your distributions standard method.
|
be installed, e. g. by using your distributions standard method.
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user