# qswiki

About
====
qswiki is a wiki software, intended for small wikis. Originally 
implemented in C, it's now written in C++.

History
====
A couple of years ago, I wanted to setup a personal wiki on my raspberry 
pi. However, the distribution I used back then did not have a PHP package 
for ARM. So instead of switching distributions or searching for other
wikis that I could use, I decided I would write one in C. Yes, 
that's an odd way  to approach the problem and indeed, I may have had too 
much time back  then. Also, I wanted to see how it's like to write a 
"web app" in C and wanted to sharpen my C skills a little bit.

Of course, it's pretty straightforward at first. No really: Just use CGI. 
And indeed, that would have been more than enough for my use cases. 
Then I decided to play around and started using FastCGI (with the official 
library from now  defunct fastcgi.com) and created a multi-threaded version.
It initially  used a "pile of files database", but that became too painful, 
so then I started using sqlite.

C++
---
Eventually, since it was mostly a playground for me, the code became 
unmaintainable. Furthermore, I wanted something quick and given that 
it was CGI, I didn't bother taking care of memory leaks. 
After initiating a FastCGI interface, they became an issue and then the 
task of avoiding memory leaks became too annoying. And of course, C does n
ot include any "batteries" and while I could manage, this too was another 
good reason.

Overall, I am just continuing the experiment with C++17 now. It's not 
nearly as bad as you would expect perhaps. Some things are surprisingly 
convenient even. Still, the standard library is lacking and 
I would hope for a some better built-in Unicode support in future C++ 
standards.

Features
========
To be fair, at this point it doesn't even have a "diff" between revisions 
yet and does not have features that would make you prefer it over other 
wikis.

 - CGI
 - HTTP server using the header only library cpp-httplib. It's more 
 portable and more "future-proof" than FastCGI (since the official website 
 disappeared, the library's future appears to be uncertain).
 - Support for user accounts. Passwords are stored using PBKDF2.
  sqlite database, but not too much of an effort to add other types of 
  storage backends. sqlite is using the great header only library 
  sqlite_modern_cpp
 - Relatively fine-grained permission system.
 - Categories
 - Templates
 - FTS search
 - Caching

Security
========
On Linux namespaces are used to restrict the process to only access
files it needs. It doesn't have access to other paths in the system.
In addition, Seccomp is used to restrict the syscalls the qswiki process
can call.  As for "web security", all POST requests are centrally
protected against CSRF attacks and all input is escaped against XSS 
attacks.

Building
========
Dependencies:
  - cpp-httplib: https://github.com/yhirose/cpp-httplib
  - SqliteModernCpp: https://github.com/SqliteModernCpp
  - libseccomp: https://github.com/seccomp/libseccomp
  - sqlite3: https://sqlite.org/index.html
    
The first two are header-only libraries that are already included here.

If all dependencies are available, run:
```make release```

Setup
=====
To be written