qswiki/README.md

91 lines
3.3 KiB
Markdown

# qswiki
About
====
qswiki is a wiki software, intended for small wikis. Originally
implemented in C, it's now written in C++.
History
====
A couple of years ago, I wanted to setup a personal wiki on my raspberry
pi. However, the distribution I used back then did not have a PHP package
for ARM. So instead of switching distributions or searching for other
wikis that I could use, I decided I would write one in C. Yes,
that's an odd way to approach the problem and indeed, I may have had too
much time back then. Also, I wanted to see how it's like to write a
"web app" in C and wanted to sharpen my C skills a little bit.
Of course, it's pretty straightforward at first. No really: Just use CGI.
And indeed, that would have been more than enough for my use cases.
Then I decided to play around and started using FastCGI (with the official
library from now defunct fastcgi.com) and created a multi-threaded version.
It initially used a "pile of files database", but that became too painful,
so then I started using sqlite.
C++
---
Eventually, since it was mostly a playground for me, the code became
unmaintainable. Furthermore, I wanted something quick and given that
it was CGI, I didn't bother taking care of memory leaks.
After initiating a FastCGI interface, they became an issue and then the
task of avoiding memory leaks became too annoying. And of course, C does n
ot include any "batteries" and while I could manage, this too was another
good reason.
Overall, I am just continuing the experiment with C++17 now. It's not
nearly as bad as you would expect perhaps. Some things are surprisingly
convenient even. Still, the standard library is lacking and
I would hope for a some better built-in Unicode support in future C++
standards.
Features
========
To be fair, at this point it doesn't even have a "diff" between revisions
yet and does not have features that would make you prefer it over other
wikis.
- CGI
- HTTP server using the header only library cpp-httplib. It's more
portable and more "future-proof" than FastCGI (since the official website
disappeared, the library's future appears to be uncertain).
- Support for user accounts. Passwords are stored using PBKDF2.
sqlite database, but not too much of an effort to add other types of
storage backends. sqlite is using the great header only library
sqlite_modern_cpp
- Relatively fine-grained permission system.
- Categories
- Templates
- FTS search
- Caching
Security
========
On Linux namespaces are used to restrict the process to only access
files it needs. It doesn't have access to other paths in the system.
In addition, Seccomp is used to restrict the syscalls the qswiki process
can call. As for "web security", all POST requests are centrally
protected against CSRF attacks and all input is escaped against XSS
attacks.
Building
========
Dependencies:
- cpp-httplib: https://github.com/yhirose/cpp-httplib
- SqliteModernCpp: https://github.com/SqliteModernCpp
- exile.h: https://gitea.quitesimple.org/crtxcr/exile.h
- sqlite3: https://sqlite.org/index.html
The first three are header-only libraries that are included as a git submodule. The others must
be installed, e. g. by using your distributions standard method.
If all dependencies are available, run:
```
git submodule init
git submodule update
make release
```
Setup
=====
To be written