3.2 KiB
qswiki
About
qswiki is a wiki software, intended for small wikis. Originally implemented in C, it's now written in C++.
History
A couple of years ago, I wanted to setup a personal wiki on my raspberry pi. However, the distribution I used back then did not have a PHP package for ARM. So instead of switching distributions or searching for other wikis that I could use, I decided I would write one in C. Yes, that's an odd way to approach the problem and indeed, I may have had too much time back then. Also, I wanted to see how it's like to write a "web app" in C and wanted to sharpen my C skills a little bit.
Of course, it's pretty straightforward at first. No really: Just use CGI. And indeed, that would have been more than enough for my use cases. Then I decided to play around and started using FastCGI (with the official library from now defunct fastcgi.com) and created a multi-threaded version. It initially used a "pile of files database", but that became too painful, so then I started using sqlite.
C++
Eventually, since it was mostly a playground for me, the code became unmaintainable. Furthermore, I wanted something quick and given that it was CGI, I didn't bother taking care of memory leaks. After initiating a FastCGI interface, they became an issue and then the task of avoiding memory leaks became too annoying. And of course, C does n ot include any "batteries" and while I could manage, this too was another good reason.
Overall, I am just continuing the experiment with C++17 now. It's not nearly as bad as you would expect perhaps. Some things are surprisingly convenient even. Still, the standard library is lacking and I would hope for a some better built-in Unicode support in future C++ standards.
Features
To be fair, at this point it doesn't even have a "diff" between revisions yet and does not have features that would make you prefer it over other wikis.
- CGI
- HTTP server using the header only library cpp-httplib. It's more portable and more "future-proof" than FastCGI (since the official website disappeared, the library's future appears to be uncertain).
- Support for user accounts. Passwords are stored using PBKDF2. sqlite database, but not too much of an effort to add other types of storage backends. sqlite is using the great header only library sqlite_modern_cpp
- Relatively fine-grained permission system.
- Categories
- Templates
- FTS search
- Caching
Security
On Linux namespaces are used to restrict the process to only access files it needs. It doesn't have access to other paths in the system. In addition, Seccomp is used to restrict the syscalls the qswiki process can call. As for "web security", all POST requests are centrally protected against CSRF attacks and all input is escaped against XSS attacks.
Building
Dependencies:
- cpp-httplib: https://github.com/yhirose/cpp-httplib
- SqliteModernCpp: https://github.com/SqliteModernCpp
- libseccomp: https://github.com/seccomp/libseccomp
- sqlite3: https://sqlite.org/index.html
The first two are header-only libraries that are already included here.
If all dependencies are available, run:
make release
Setup
To be written