thohlt/archtika
1
0
Fork 0
mirror of https://github.com/thiloho/archtika.git synced 2025-11-22 02:41:35 +01:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: thohlt:v1.0.0
Branches Tags
thohlt:main thohlt:devel
thohlt:v1.2.3 thohlt:v1.2.2 thohlt:v1.2.1 thohlt:v1.2.0 thohlt:v1.1.0 thohlt:v1.0.1 thohlt:v1.0.0
...
compare: thohlt:v1.2.1
Branches Tags
thohlt:main thohlt:devel
thohlt:v1.2.3 thohlt:v1.2.2 thohlt:v1.2.1 thohlt:v1.2.0 thohlt:v1.1.0 thohlt:v1.0.1 thohlt:v1.0.0

41 Commits
v1.0.0 ... v1.2.1

Author SHA1 Message Date
Thilo Hohlt
084ab000bb Merge pull request #32 from archtika/devel 
Update npm dependencies
 2025-03-23 17:37:47 +01:00
thiloho
d06664931a Update npm deps hash 2025-03-23 17:27:25 +01:00
thiloho
9d06ab96cc Update npm dependencies 2025-03-23 17:17:21 +01:00
Thilo Hohlt
d8b471764c Merge pull request #31 from archtika/devel 
Render line breaks in change log and add more usernames to the blacklist
 2025-03-23 15:43:24 +01:00
thiloho
3f59fd4c58 Add more usernames to the blacklist 2025-03-23 14:49:13 +01:00
thiloho
20bcd84d7e Render line breaks in change lot HTML representation 2025-03-23 14:25:15 +01:00
Thilo Hohlt
09f1b1c533 Merge pull request #30 from archtika/devel 
Update flake and use remote Nix module from nixpkgs
 2025-03-09 17:37:05 +01:00
thiloho
f85a7b3023 Update NPM deps hash 2025-03-09 17:24:50 +01:00
thiloho
f5125e11ba Use remote Nix flake module for archtika instead of local one 2025-03-09 16:52:05 +01:00
thiloho
4afd58c24d Update flake 2025-03-09 16:37:01 +01:00
thiloho
c76c5cc0a3 Allow the postgres user to connect to the postgres database 2025-02-07 04:13:50 +01:00
thiloho
c7f912947a Restrict module postgres settings to archtika database 2025-02-07 03:55:28 +01:00
Thilo Hohlt
33acb2578c Merge pull request #29 from archtika/devel 
Refactoring and small improvements
 2025-01-30 00:36:47 +01:00
thiloho
c97347e760 Update Nix module 2025-01-30 00:16:50 +01:00
thiloho
fba3aef8aa Update nix module, add resizing to WebsiteEditor and make preview load without JS 2025-01-29 19:53:38 +01:00
Thilo Hohlt
2757ddb774 Merge pull request #28 from archtika/devel 
Set custom domains for docs and portfolio
 2025-01-12 14:37:43 +01:00
thiloho
c6111fd247 Set custom domains for docs and portfolio 2025-01-12 14:16:22 +01:00
Thilo Hohlt
94c1f46d0c Merge pull request #27 from archtika/devel 
Allow removing images and wrap tables with scroll container
 2025-01-11 21:15:04 +01:00
thiloho
24d81a8e4d Allow removing images and wrap tables with scroll container 2025-01-11 20:59:36 +01:00
Thilo Hohlt
eba317f8de Merge pull request #26 from archtika/devel 
Refactoring
 2025-01-07 19:53:15 +01:00
thiloho
d570fb6906 Update SSH public keys for servers 2025-01-07 19:33:26 +01:00
thiloho
32a3e7f694 Adjust playwright config options back to localhost 2025-01-04 20:47:29 +01:00
thiloho
4af15717f4 Refactor flake api package and adjust prod nix config 2025-01-04 20:33:00 +01:00
thiloho
f0ebb94d82 Give read permissions to restricted postgres service in module 2025-01-03 17:28:02 +01:00
thiloho
dd59e995e8 Update module 2025-01-03 16:02:16 +01:00
thiloho
8bb4549fa4 Update dev vm and module 2025-01-03 15:58:12 +01:00
thiloho
79a41f7e49 Update flake nixpkgs commit 2025-01-03 11:44:53 +01:00
thiloho
7d79d60132 Refactor NixOS module 2025-01-03 11:29:48 +01:00
Thilo Hohlt
741ec830a8 Merge pull request #25 from archtika/devel 
Make nav logo image auto adjust to width
 2024-12-20 16:33:01 +01:00
thiloho
56646e8d61 Make nav logo image auto adjustable to width 2024-12-20 16:17:21 +01:00
Thilo Hohlt
567f7b0e1c Merge pull request #24 from archtika/devel 
Set z-index for template nav and create basic files for community sta…
 2024-12-13 17:49:45 +01:00
thiloho
7fddfbee95 Set z-index for template nav and create basic files for community standards 2024-12-13 17:38:21 +01:00
Thilo Hohlt
d26b0e756b Update issue templates 2024-12-13 17:08:30 +01:00
Thilo Hohlt
572c0924b1 Update README.md 2024-12-13 16:51:29 +01:00
Thilo Hohlt
420da199f1 Update index.html 2024-12-12 20:06:11 +01:00
Thilo Hohlt
8531578d43 Create CNAME 2024-12-12 18:30:31 +01:00
Thilo Hohlt
59a0967ec3 Update index.html 2024-12-12 18:20:36 +01:00
Thilo Hohlt
3545253719 Create static.yml 2024-12-12 18:08:47 +01:00
Thilo Hohlt
ed8351966b Merge pull request #23 from archtika/devel 
Add website and update description texts
 2024-12-12 17:56:32 +01:00
Thilo Hohlt
49c4aeb228 Update package.nix 2024-12-12 17:39:41 +01:00
thiloho
53d1ef06f1 Add website and update descriptions 2024-12-12 17:29:14 +01:00
41 changed files with 1692 additions and 1737 deletions
Expand all files Collapse all files

38
.github/ISSUE_TEMPLATE/bug_report.md vendored Normal file
View File

@@ -0,0 +1,38 @@
---
name: Bug report
about: Create a report to help us improve
title: ''
labels: ''
assignees: ''
---
**Describe the bug**
A clear and concise description of what the bug is.
**To Reproduce**
Steps to reproduce the behavior:
1. Go to '...'
2. Click on '....'
3. Scroll down to '....'
4. See error
**Expected behavior**
A clear and concise description of what you expected to happen.
**Screenshots**
If applicable, add screenshots to help explain your problem.
**Desktop (please complete the following information):**
- OS: [e.g. iOS]
- Browser [e.g. chrome, safari]
- Version [e.g. 22]
**Smartphone (please complete the following information):**
- Device: [e.g. iPhone6]
- OS: [e.g. iOS8.1]
- Browser [e.g. stock browser, safari]
- Version [e.g. 22]
**Additional context**
Add any other context about the problem here.

20
.github/ISSUE_TEMPLATE/feature_request.md vendored Normal file
View File

@@ -0,0 +1,20 @@
---
name: Feature request
about: Suggest an idea for this project
title: ''
labels: ''
assignees: ''
---
**Is your feature request related to a problem? Please describe.**
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
**Describe the solution you'd like**
A clear and concise description of what you want to happen.
**Describe alternatives you've considered**
A clear and concise description of any alternative solutions or features you've considered.
**Additional context**
Add any other context or screenshots about the feature request here.

21
.github/PULL_REQUEST_TEMPLATE.md vendored Normal file
View File

@@ -0,0 +1,21 @@
#### Change description
<!--
Please provide a description above.
-->
#### Checklist
<!-- Remove items that do not apply. For completed items, change [ ] to [x]. -->
Web application changes:
- [ ] Run `npm run lint` to check code style
- [ ] Run `npm run format` to format code
- [ ] Run `npm run test` to verify end-to-end tests pass
Database changes:
- [ ] Run `npm run gents` if database structure was modified
- [ ] Run `formatsql` command to format SQL migrations (requires `nix develop .#api`)
Nix changes:
- [ ] Run `nix fmt` if files in `nix` directory were modified

43
.github/workflows/static.yml vendored Normal file
View File

@@ -0,0 +1,43 @@
# Simple workflow for deploying static content to GitHub Pages
name: Deploy static content to Pages
on:
# Runs on pushes targeting the default branch
push:
branches: ["main"]
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
# Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages
permissions:
contents: read
pages: write
id-token: write
# Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued.
# However, do NOT cancel in-progress runs as we want to allow these production deployments to complete.
concurrency:
group: "pages"
cancel-in-progress: false
jobs:
# Single deploy job since we're just deploying
deploy:
environment:
name: github-pages
url: ${{ steps.deployment.outputs.page_url }}
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup Pages
uses: actions/configure-pages@v5
- name: Upload artifact
uses: actions/upload-pages-artifact@v3
with:
# Upload entire repository
path: './website'
- name: Deploy to GitHub Pages
id: deployment
uses: actions/deploy-pages@v4

6
.github/workflows/test.yml vendored
View File

@@ -23,7 +23,7 @@ jobs:
run: |
wait_for_postgres() {
echo "Waiting for PostgreSQL to be ready..."
while ! nix shell nixpkgs#postgresql_16 -c pg_isready -h localhost -p 15432 -U postgres; do
while ! nix shell nixpkgs#postgresql -c pg_isready -h 127.0.0.1 -p 15432 -U postgres; do
sleep 1
done
echo "PostgreSQL is ready."
@@ -31,10 +31,10 @@ jobs:
wait_for_postgrest() {
echo "Waiting for PostgREST to be live and ready..."
while ! curl -s -I "http://localhost:3001/live" | grep "OK"; do
while ! curl -s -I "http://127.0.0.1:3001/live" | grep "OK"; do
sleep 1
done
while ! curl -s -I "http://localhost:3001/ready" | grep "OK"; do
while ! curl -s -I "http://127.0.0.1:3001/ready" | grep "OK"; do
sleep 1
done
echo "PostgREST is live and ready."

128
CODE_OF_CONDUCT.md Normal file
View File

@@ -0,0 +1,128 @@
# Contributor Covenant Code of Conduct
## Our Pledge
We as members, contributors, and leaders pledge to make participation in our
community a harassment-free experience for everyone, regardless of age, body
size, visible or invisible disability, ethnicity, sex characteristics, gender
identity and expression, level of experience, education, socio-economic status,
nationality, personal appearance, race, religion, or sexual identity
and orientation.
We pledge to act and interact in ways that contribute to an open, welcoming,
diverse, inclusive, and healthy community.
## Our Standards
Examples of behavior that contributes to a positive environment for our
community include:
* Demonstrating empathy and kindness toward other people
* Being respectful of differing opinions, viewpoints, and experiences
* Giving and gracefully accepting constructive feedback
* Accepting responsibility and apologizing to those affected by our mistakes,
and learning from the experience
* Focusing on what is best not just for us as individuals, but for the
overall community
Examples of unacceptable behavior include:
* The use of sexualized language or imagery, and sexual attention or
advances of any kind
* Trolling, insulting or derogatory comments, and personal or political attacks
* Public or private harassment
* Publishing others' private information, such as a physical or email
address, without their explicit permission
* Other conduct which could reasonably be considered inappropriate in a
professional setting
## Enforcement Responsibilities
Community leaders are responsible for clarifying and enforcing our standards of
acceptable behavior and will take appropriate and fair corrective action in
response to any behavior that they deem inappropriate, threatening, offensive,
or harmful.
Community leaders have the right and responsibility to remove, edit, or reject
comments, commits, code, wiki edits, issues, and other contributions that are
not aligned to this Code of Conduct, and will communicate reasons for moderation
decisions when appropriate.
## Scope
This Code of Conduct applies within all community spaces, and also applies when
an individual is officially representing the community in public spaces.
Examples of representing our community include using an official e-mail address,
posting via an official social media account, or acting as an appointed
representative at an online or offline event.
## Enforcement
Instances of abusive, harassing, or otherwise unacceptable behavior may be
reported to the community leaders responsible for enforcement at
contact@archtika.com.
All complaints will be reviewed and investigated promptly and fairly.
All community leaders are obligated to respect the privacy and security of the
reporter of any incident.
## Enforcement Guidelines
Community leaders will follow these Community Impact Guidelines in determining
the consequences for any action they deem in violation of this Code of Conduct:
### 1. Correction
**Community Impact**: Use of inappropriate language or other behavior deemed
unprofessional or unwelcome in the community.
**Consequence**: A private, written warning from community leaders, providing
clarity around the nature of the violation and an explanation of why the
behavior was inappropriate. A public apology may be requested.
### 2. Warning
**Community Impact**: A violation through a single incident or series
of actions.
**Consequence**: A warning with consequences for continued behavior. No
interaction with the people involved, including unsolicited interaction with
those enforcing the Code of Conduct, for a specified period of time. This
includes avoiding interactions in community spaces as well as external channels
like social media. Violating these terms may lead to a temporary or
permanent ban.
### 3. Temporary Ban
**Community Impact**: A serious violation of community standards, including
sustained inappropriate behavior.
**Consequence**: A temporary ban from any sort of interaction or public
communication with the community for a specified period of time. No public or
private interaction with the people involved, including unsolicited interaction
with those enforcing the Code of Conduct, is allowed during this period.
Violating these terms may lead to a permanent ban.
### 4. Permanent Ban
**Community Impact**: Demonstrating a pattern of violation of community
standards, including sustained inappropriate behavior, harassment of an
individual, or aggression toward or disparagement of classes of individuals.
**Consequence**: A permanent ban from any sort of public interaction within
the community.
## Attribution
This Code of Conduct is adapted from the [Contributor Covenant][homepage],
version 2.0, available at
https://www.contributor-covenant.org/version/2/0/code_of_conduct.html.
Community Impact Guidelines were inspired by [Mozilla's code of conduct
enforcement ladder](https://github.com/mozilla/diversity).
[homepage]: https://www.contributor-covenant.org
For answers to common questions about this code of conduct, see the FAQ at
https://www.contributor-covenant.org/faq. Translations are available at
https://www.contributor-covenant.org/translations.

3
CONTRIBUTING.md Normal file
View File

@@ -0,0 +1,3 @@
# How to contribute
Please refer to the [documentation article on contributing](https://archtika.demo.archtika.com/archtika-documentation/articles/contributing) for all information.

33
README.md
View File

@@ -2,35 +2,8 @@
## About
archtika is a FLOSS, modern, performant and lightweight CMS (Content Mangement System) in the form of a web application. It allows you to easily create, manage and publish minimal, responsive and SEO friendly blogging and documentation websites with official, professionally designed templates.
archtika is a FLOSS, modern, performant, lightweight and self-hosted CMS (Content Mangement System) in the form of a web application. It allows you to easily create, manage and publish minimal, responsive and SEO friendly blogging and documentation websites using the templates provided. Contributors can also be added to a website, allowing multiple people to work on a project.
It is also possible to add contributors to your sites, which is very useful for larger projects where, for example, several people are constantly working on the documentation.
## Preview
## How it works
For the backend, PostgreSQL is used in combination with PostgREST to create a RESTful API. JSON web tokens along with row-level security control authentication and authorisation flows.
The web application uses SvelteKit with SSR (Server Side Rendering) and Svelte version 5, currently in beta.
NGINX is used to deploy the websites, serving the static site files from the `/var/www/archtika-websites` directory. The static files can be found in this directory via the path `<user_id>/<website_id>`, which is dynamically created by the web application.
## Virtual machine for local development
The website directory used by the virtual machine needs to be created and the NodeJS process, which typically runs as the default system user, needs permission to write to this directory.
This can be achieved using the following commands:
```bash
sudo mkdir -p /var/www/archtika-websites
```
```bash
sudo chown $USER:$(id -gn) /var/www/archtika-websites
```
```bash
nix run .#dev-vm
```
For production, a separate `node` user can be created to run the systemd service for the node process; this user would have only the essential permissions to maintain the principle of least privilege.
[archtika-video-preview.webm](https://github.com/user-attachments/assets/7a43931c-6d9e-484a-8238-29e3d9bfb603)

3
SECURITY.md Normal file
View File

@@ -0,0 +1,3 @@
# Reporting Security Issues
To report a security issue, please use the GitHub Security Advisory ["Report a Vulnerability"](https://github.com/archtika/archtika/security/advisories/new) tab.

6
flake.lock generated
View File

@@ -2,11 +2,11 @@
"nodes": {
"nixpkgs": {
"locked": {
"lastModified": 1729256560,
"narHash": "sha256-/uilDXvCIEs3C9l73JTACm4quuHUsIHcns1c+cHUJwA=",
"lastModified": 1741379970,
"narHash": "sha256-Wh7esNh7G24qYleLvgOSY/7HlDUzWaL/n4qzlBePpiw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "4c2fcb090b1f3e5b47eaa7bd33913b574a11e0a0",
"rev": "36fd87baa9083f34f7f5027900b62ee6d09b1f2f",
"type": "github"
},
"original": {

45
flake.nix
View File

@@ -14,6 +14,8 @@
];
forAllSystems = nixpkgs.lib.genAttrs allSystems;
dbUrl = user: "postgres://${user}@127.0.0.1:15432/archtika";
in
{
devShells = forAllSystems (
@@ -24,19 +26,19 @@
{
api = pkgs.mkShell {
packages = with pkgs; [
postgresql_16
postgresql
postgrest
];
shellHook = ''
alias dbmate="${pkgs.dbmate}/bin/dbmate --no-dump-schema --url postgres://postgres@localhost:15432/archtika?sslmode=disable"
alias dbmate="${pkgs.dbmate}/bin/dbmate --no-dump-schema --url ${dbUrl "postgres"}?sslmode=disable"
alias formatsql="${pkgs.pgformatter}/bin/pg_format -s 2 -f 2 -U 2 -i db/migrations/*.sql"
alias dbconnect="${pkgs.postgresql_16}/bin/psql postgres://postgres@localhost:15432/archtika"
alias dbconnect="${pkgs.postgresql}/bin/psql ${dbUrl "postgres"}"
'';
};
web = pkgs.mkShell {
packages = with pkgs; [ nodejs_22 ];
packages = with pkgs; [ nodejs ];
shellHook = ''
export PLAYWRIGHT_BROWSERS_PATH=${pkgs.playwright-driver.browsers}
export PLAYWRIGHT_BROWSERS_PATH=${pkgs.playwright.browsers}
export PLAYWRIGHT_SKIP_VALIDATE_HOST_REQUIREMENTS=true
'';
};
@@ -65,18 +67,31 @@
{
api = {
type = "app";
program = "${pkgs.writeShellScriptBin "api-setup" ''
JWT_SECRET=$(tr -dc 'A-Za-z0-9' < /dev/urandom | head -c64)
WEBSITE_MAX_STORAGE_SIZE=100
WEBSITE_MAX_NUMBER_USER=3
program =
let
settings = {
maxStorage = 100;
maxWebsites = 3;
};
jwtSecret = "BMlgCY9fEzmf7jhQpNnxlS6TM8E6xk2vS08C3ukm5LM2aTooaF5PfxT3o2K9uKzq";
in
"${pkgs.writeShellScriptBin "api-setup" ''
${pkgs.postgresql}/bin/psql ${dbUrl "postgres"} \
-c "ALTER DATABASE archtika SET \"app.jwt_secret\" TO '${jwtSecret}'" \
-c "ALTER DATABASE archtika SET \"app.website_max_storage_size\" TO ${toString settings.maxStorage}" \
-c "ALTER DATABASE archtika SET \"app.website_max_number_user\" TO ${toString settings.maxWebsites}"
${pkgs.postgresql_16}/bin/psql postgres://postgres@localhost:15432/archtika -c "ALTER DATABASE archtika SET \"app.jwt_secret\" TO '$JWT_SECRET'"
${pkgs.postgresql_16}/bin/psql postgres://postgres@localhost:15432/archtika -c "ALTER DATABASE archtika SET \"app.website_max_storage_size\" TO $WEBSITE_MAX_STORAGE_SIZE"
${pkgs.postgresql_16}/bin/psql postgres://postgres@localhost:15432/archtika -c "ALTER DATABASE archtika SET \"app.website_max_number_user\" TO $WEBSITE_MAX_NUMBER_USER"
${pkgs.dbmate}/bin/dbmate --no-dump-schema \
--url ${dbUrl "postgres"}?sslmode=disable \
--migrations-dir ${self.outPath}/rest-api/db/migrations up
${pkgs.dbmate}/bin/dbmate --url postgres://postgres@localhost:15432/archtika?sslmode=disable --migrations-dir ${self.outPath}/rest-api/db/migrations up
PGRST_ADMIN_SERVER_PORT=3001 PGRST_DB_SCHEMAS="api" PGRST_DB_ANON_ROLE="anon" PGRST_OPENAPI_MODE="ignore-privileges" PGRST_DB_URI="postgres://authenticator@localhost:15432/archtika" PGRST_JWT_SECRET="$JWT_SECRET" ${pkgs.postgrest}/bin/postgrest
PGRST_ADMIN_SERVER_PORT=3001 \
PGRST_DB_SCHEMAS="api" \
PGRST_DB_ANON_ROLE="anon" \
PGRST_OPENAPI_MODE="ignore-privileges" \
PGRST_DB_URI="${dbUrl "authenticator"}" \
PGRST_JWT_SECRET="${jwtSecret}" \
${pkgs.postgrest}/bin/postgrest
''}/bin/api-setup";
};
}

52
nix/deploy/prod/default.nix
View File

@@ -1,9 +1,13 @@
{ pkgs, localArchtikaPackage, ... }:
let
domain = "demo.archtika.com";
docsSubdomain = "docs.archtika.com";
portfolioDomain = "thilohohlt.com";
in
{
imports = [
./hardware-configuration.nix
../shared.nix
../../module.nix
];
networking.hostName = "archtika-demo";
@@ -11,14 +15,48 @@
services.archtika = {
enable = true;
package = localArchtikaPackage;
domain = "demo.archtika.com";
acmeEmail = "thilo.hohlt@tutanota.com";
dnsProvider = "porkbun";
dnsEnvironmentFile = /var/lib/porkbun.env;
inherit domain;
settings = {
disableRegistration = true;
maxWebsiteStorageSize = 50;
maxUserWebsites = 2;
};
};
security.acme = {
acceptTerms = true;
defaults.email = "thilo.hohlt@tutanota.com";
certs."${domain}" = {
inherit domain;
extraDomainNames = [
"*.${domain}"
docsSubdomain
];
dnsProvider = "porkbun";
environmentFile = /var/lib/porkbun.env;
group = "nginx";
};
};
services.nginx.virtualHosts."${docsSubdomain}" = {
useACMEHost = domain;
forceSSL = true;
locations = {
"/" = {
root = "/var/www/archtika-websites/archtika/archtika-documentation";
index = "index.html";
tryFiles = "$uri $uri/ $uri.html =404";
};
};
};
services.nginx.virtualHosts."${portfolioDomain}" = {
enableACME = true;
forceSSL = true;
locations = {
"/" = {
root = "/var/www/archtika-websites/thiloho/thilo-hohlt";
index = "index.html";
tryFiles = "$uri $uri/ $uri.html =404";
};
};
};
}

23
nix/deploy/qs/default.nix
View File

@@ -1,9 +1,11 @@
{ pkgs, localArchtikaPackage, ... }:
let
domain = "qs.archtika.com";
in
{
imports = [
./hardware-configuration.nix
../shared.nix
../../module.nix
];
networking.hostName = "archtika-qs";
@@ -11,14 +13,21 @@
services.archtika = {
enable = true;
package = localArchtikaPackage;
domain = "qs.archtika.com";
acmeEmail = "thilo.hohlt@tutanota.com";
dnsProvider = "porkbun";
dnsEnvironmentFile = /var/lib/porkbun.env;
inherit domain;
settings = {
disableRegistration = true;
maxWebsiteStorageSize = 250;
maxUserWebsites = 3;
};
};
security.acme = {
acceptTerms = true;
defaults.email = "thilo.hohlt@tutanota.com";
certs."${domain}" = {
inherit domain;
extraDomainNames = [ "*.${domain}" ];
dnsProvider = "porkbun";
environmentFile = /var/lib/porkbun.env;
group = "nginx";
};
};
}

5
nix/deploy/shared.nix
View File

@@ -32,7 +32,7 @@
users = {
root = {
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFE42q8e7egSSTs4YJo8vQFDbRWqrGTQkR1weq8nT0Zx thiloho@pc"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFlDyJt72c/mxyN9cujc081J3uzWCyKtr4k2faBtgldD thiloho@pc"
];
hashedPassword = "$y$j9T$MuWDs5Ind6VPEM78u5VTy/$XAuRCaOPtS/8Vj8XgpxB/XX2ygftNLql2VrFWcC/sq7";
};
@@ -44,8 +44,7 @@
];
hashedPassword = "$y$j9T$Y0ffzVb7wrZSdCKbiYHin0$oahgfFqH/Eep6j6f4iKPETEfGZSOkgu74UT2eyG2uI1";
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBj6+r+vMXJyy5wvQTLyfd2rIw62WCg9eIpwsciHg4ym thiloho@pc"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIgfOa8N46PBUO2gj8UeyrV0R+MRZFnJqUzG132UjaFS thiloho@laptop"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFlDyJt72c/mxyN9cujc081J3uzWCyKtr4k2faBtgldD thiloho@pc"
];
};
};

30
nix/dev-vm.nix
View File

@@ -20,9 +20,20 @@
password = "dev";
};
systemd.tmpfiles.rules = [ "d /var/www/archtika-websites 0777 root root -" ];
systemd.tmpfiles.settings = {
"10-archtika" = {
"/var/www/archtika-websites" = {
d = {
mode = "0777";
user = "root";
group = "root";
};
};
};
};
virtualisation = {
msize = 65536;
graphics = false;
memorySize = 2048;
cores = 2;
@@ -51,23 +62,13 @@
services = {
postgresql = {
enable = true;
package = pkgs.postgresql_16;
/*
PL/Perl:
overrideAttrs (
finalAttrs: previousAttrs: {
buildInputs = previousAttrs.buildInputs ++ [ pkgs.perl ];
configureFlags = previousAttrs.configureFlags ++ [ "--with-perl" ];
}
);
*/
ensureDatabases = [ "archtika" ];
authentication = lib.mkForce ''
local all all trust
host all all all trust
'';
enableTCPIP = true;
extraPlugins = with pkgs.postgresql16Packages; [ pgjwt ];
extensions = ps: with ps; [ pgjwt ];
};
nginx = {
enable = true;
@@ -105,10 +106,13 @@
systemd.services.postgresql = {
path = with pkgs; [
# Tar and gzip are needed for tar.gz exports
gnutar
gzip
];
serviceConfig = {
ReadWritePaths = [ "/var/www/archtika-websites" ];
};
};
services.getty.autologinUser = "dev";

2
nix/docker.nix
View File

@@ -26,7 +26,7 @@ pkgs.dockerTools.buildLayeredImage {
contents = [
archtika
entrypoint
pkgs.postgresql_16
pkgs.postgresql
pkgs.nginx
pkgs.acme-sh
pkgs.bash

309
nix/module.nix
View File

@@ -1,309 +0,0 @@
{
config,
lib,
pkgs,
...
}:
with lib;
let
cfg = config.services.archtika;
baseHardenedSystemdOptions = {
CapabilityBoundingSet = "";
LockPersonality = true;
NoNewPrivileges = true;
PrivateDevices = true;
PrivateTmp = true;
ProtectClock = true;
ProtectControlGroups = true;
ProtectHome = true;
ProtectHostname = true;
ProtectKernelLogs = true;
ProtectKernelModules = true;
ProtectKernelTunables = true;
ProtectSystem = "strict";
RemoveIPC = true;
RestrictNamespaces = true;
RestrictRealtime = true;
RestrictSUIDSGID = true;
SystemCallArchitectures = "native";
SystemCallFilter = [
"@system-service"
"~@privileged"
"~@resources"
];
ReadWritePaths = [ "/var/www/archtika-websites" ];
};
in
{
options.services.archtika = {
enable = mkEnableOption "archtika service";
package = mkPackageOption pkgs "archtika" { };
user = mkOption {
type = types.str;
default = "archtika";
description = "User account under which archtika runs.";
};
group = mkOption {
type = types.str;
default = "archtika";
description = "Group under which archtika runs.";
};
databaseName = mkOption {
type = types.str;
default = "archtika";
description = "Name of the PostgreSQL database for archtika.";
};
apiPort = mkOption {
type = types.port;
default = 5000;
description = "Port on which the API runs.";
};
apiAdminPort = mkOption {
type = types.port;
default = 7500;
description = "Port on which the API admin server runs.";
};
webAppPort = mkOption {
type = types.port;
default = 10000;
description = "Port on which the web application runs.";
};
domain = mkOption {
type = types.str;
default = null;
description = "Domain to use for the application.";
};
acmeEmail = mkOption {
type = types.str;
default = null;
description = "Email to notify for the SSL certificate renewal process.";
};
dnsProvider = mkOption {
type = types.str;
default = null;
description = "DNS provider for the DNS-01 challenge (required for wildcard domains).";
};
dnsEnvironmentFile = mkOption {
type = types.path;
default = null;
description = "API secrets for the DNS-01 challenge (required for wildcard domains).";
};
settings = mkOption {
type = types.submodule {
options = {
disableRegistration = mkOption {
type = types.bool;
default = false;
description = "By default any user can create an account. That behavior can be disabled by using this option.";
};
maxUserWebsites = mkOption {
type = types.int;
default = 2;
description = "Maximum number of websites allowed per user by default.";
};
maxWebsiteStorageSize = mkOption {
type = types.int;
default = 500;
description = "Maximum amount of disk space in MB allowed per user website by default.";
};
};
};
};
};
config = mkIf cfg.enable {
users.users.${cfg.user} = {
isSystemUser = true;
group = cfg.group;
};
users.groups.${cfg.group} = {
members = [
"nginx"
"postgres"
];
};
systemd.tmpfiles.rules = [
"d /var/www 0755 root root -"
"d /var/www/archtika-websites 0770 ${cfg.user} ${cfg.group} -"
];
systemd.services.archtika-api = {
description = "archtika API service";
wantedBy = [ "multi-user.target" ];
after = [
"network.target"
"postgresql.service"
];
serviceConfig = baseHardenedSystemdOptions // {
User = cfg.user;
Group = cfg.group;
Restart = "always";
WorkingDirectory = "${cfg.package}/rest-api";
RestrictAddressFamilies = [
"AF_INET"
"AF_INET6"
"AF_UNIX"
];
};
script = ''
JWT_SECRET=$(tr -dc 'A-Za-z0-9' < /dev/urandom | head -c64)
${pkgs.postgresql_16}/bin/psql postgres://postgres@localhost:5432/${cfg.databaseName} -c "ALTER DATABASE ${cfg.databaseName} SET \"app.jwt_secret\" TO '$JWT_SECRET'"
${pkgs.postgresql_16}/bin/psql postgres://postgres@localhost:5432/${cfg.databaseName} -c "ALTER DATABASE ${cfg.databaseName} SET \"app.website_max_storage_size\" TO ${toString cfg.settings.maxWebsiteStorageSize}"
${pkgs.postgresql_16}/bin/psql postgres://postgres@localhost:5432/${cfg.databaseName} -c "ALTER DATABASE ${cfg.databaseName} SET \"app.website_max_number_user\" TO ${toString cfg.settings.maxUserWebsites}"
${pkgs.dbmate}/bin/dbmate --url postgres://postgres@localhost:5432/archtika?sslmode=disable --migrations-dir ${cfg.package}/rest-api/db/migrations up
PGRST_SERVER_CORS_ALLOWED_ORIGINS="https://${cfg.domain}" PGRST_ADMIN_SERVER_PORT=${toString cfg.apiAdminPort} PGRST_SERVER_PORT=${toString cfg.apiPort} PGRST_DB_SCHEMAS="api" PGRST_DB_ANON_ROLE="anon" PGRST_OPENAPI_MODE="ignore-privileges" PGRST_DB_URI="postgres://authenticator@localhost:5432/${cfg.databaseName}" PGRST_JWT_SECRET="$JWT_SECRET" ${pkgs.postgrest}/bin/postgrest
'';
};
systemd.services.archtika-web = {
description = "archtika Web App service";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
serviceConfig = baseHardenedSystemdOptions // {
User = cfg.user;
Group = cfg.group;
Restart = "always";
WorkingDirectory = "${cfg.package}/web-app";
RestrictAddressFamilies = [
"AF_INET"
"AF_INET6"
];
};
script = ''
REGISTRATION_IS_DISABLED=${toString cfg.settings.disableRegistration} BODY_SIZE_LIMIT=10M ORIGIN=https://${cfg.domain} PORT=${toString cfg.webAppPort} ${pkgs.nodejs_22}/bin/node ${cfg.package}/web-app
'';
};
services.postgresql = {
enable = true;
package = pkgs.postgresql_16;
ensureDatabases = [ cfg.databaseName ];
authentication = lib.mkForce ''
# IPv4 local connections:
host all all 127.0.0.1/32 trust
# IPv6 local connections:
host all all ::1/128 trust
# Local socket connections:
local all all trust
'';
extraPlugins = with pkgs.postgresql16Packages; [ pgjwt ];
};
systemd.services.postgresql = {
path = with pkgs; [
# Tar and gzip are needed for tar.gz exports
gnutar
gzip
];
};
services.nginx = {
enable = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
recommendedZstdSettings = true;
recommendedOptimisation = true;
appendHttpConfig = ''
limit_req_zone $binary_remote_addr zone=requestLimit:10m rate=5r/s;
limit_req_status 429;
limit_req zone=requestLimit burst=20 nodelay;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "strict-origin-when-cross-origin" always;
add_header Permissions-Policy "accelerometer=(),autoplay=(),camera=(),cross-origin-isolated=(),display-capture=(),encrypted-media=(),fullscreen=(self),geolocation=(),gyroscope=(),keyboard-map=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(self),publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(self),usb=(),xr-spatial-tracking=(),clipboard-read=(self),clipboard-write=(self),gamepad=(),hid=(),idle-detection=(),interest-cohort=(),serial=(),unload=()" always;
map $http_cookie $auth_header {
default "";
"~*session_token=([^;]+)" "Bearer $1";
}
'';
virtualHosts = {
"${cfg.domain}" = {
useACMEHost = cfg.domain;
forceSSL = true;
locations = {
"/" = {
proxyPass = "http://localhost:${toString cfg.webAppPort}";
};
"/previews/" = {
alias = "/var/www/archtika-websites/previews/";
index = "index.html";
tryFiles = "$uri $uri/ $uri.html =404";
};
"/api/rpc/export_articles_zip" = {
proxyPass = "http://localhost:${toString cfg.apiPort}/rpc/export_articles_zip";
extraConfig = ''
default_type application/json;
proxy_set_header Authorization $auth_header;
'';
};
"/api/" = {
proxyPass = "http://localhost:${toString cfg.apiPort}/";
extraConfig = ''
default_type application/json;
'';
};
"/api/rpc/register" = mkIf cfg.settings.disableRegistration {
extraConfig = ''
deny all;
'';
};
};
};
"~^(?<subdomain>.+)\\.${cfg.domain}$" = {
useACMEHost = cfg.domain;
forceSSL = true;
locations = {
"/" = {
root = "/var/www/archtika-websites/$subdomain";
index = "index.html";
tryFiles = "$uri $uri/ $uri.html =404";
};
};
};
};
};
security.acme = {
acceptTerms = true;
defaults.email = cfg.acmeEmail;
certs."${cfg.domain}" = {
domain = cfg.domain;
extraDomainNames = [ "*.${cfg.domain}" ];
dnsProvider = cfg.dnsProvider;
environmentFile = cfg.dnsEnvironmentFile;
group = config.services.nginx.group;
};
};
};
}

18
nix/package.nix
View File

@@ -7,14 +7,10 @@
}:
let
pname = "archtika";
version = "1.0.0";
web = buildNpmPackage {
name = "web-app";
src = ../web-app;
npmDeps = importNpmLock { npmRoot = ../web-app; };
npmConfigHook = importNpmLock.npmConfigHook;
npmDepsHash = "sha256-2udi8vLLvdoZxIyRKLOCfEpEMsooxsIrM1wiua1QPAI=";
npmFlags = [ "--legacy-peer-deps" ];
installPhase = ''
mkdir -p $out/web-app
@@ -35,17 +31,11 @@ let
};
in
symlinkJoin {
name = pname;
name = "archtika";
pname = "archtika";
paths = [
web
api
];
meta = with lib; {
description = "A modern, performant and lightweight CMS";
homepage = "https://archtika.com";
license = licenses.mit;
maintainers = with maintainers; [ thiloho ];
platforms = platforms.unix;
};
}

13
rest-api/db/migrations/20250323134405_username_blocklist.sql Normal file
View File

@@ -0,0 +1,13 @@
-- migrate:up
ALTER TABLE internal.user
DROP CONSTRAINT username_not_blocked;
ALTER TABLE internal.user
ADD CONSTRAINT username_not_blocked CHECK (LOWER(username) NOT IN ('admin', 'administrator', 'api', 'auth', 'blog', 'cdn', 'docs', 'help', 'login', 'logout', 'profile', 'preview', 'previews', 'register', 'settings', 'setup', 'signin', 'signup', 'support', 'test', 'www'));
-- migrate:down
ALTER TABLE internal.user
DROP CONSTRAINT username_not_blocked;
ALTER TABLE internal.user
ADD CONSTRAINT username_not_blocked CHECK (LOWER(username) NOT IN ('admin', 'administrator', 'api', 'auth', 'blog', 'cdn', 'docs', 'help', 'login', 'logout', 'profile', 'register', 'settings', 'setup', 'signin', 'signup', 'support', 'test', 'www'));

2332
web-app/package-lock.json generated
View File

File diff suppressed because it is too large Load Diff

46
web-app/package.json
View File

@@ -11,38 +11,38 @@
"check:watch": "svelte-kit sync && svelte-check --tsconfig ./tsconfig.json --watch",
"lint": "prettier --check . && eslint .",
"format": "prettier --write .",
"gents": "pg-to-ts generate -c postgres://postgres@localhost:15432/archtika -o src/lib/db-schema.ts -s internal --datesAsStrings"
"gents": "pg-to-ts generate -c postgres://postgres@127.0.0.1:15432/archtika -o src/lib/db-schema.ts -s internal --datesAsStrings"
},
"devDependencies": {
"@playwright/test": "1.47.0",
"@sveltejs/adapter-auto": "3.2.5",
"@sveltejs/adapter-node": "5.2.3",
"@sveltejs/kit": "2.5.28",
"@sveltejs/vite-plugin-svelte": "4.0.0-next.6",
"@playwright/test": "1.50.1",
"@sveltejs/adapter-auto": "5.0.0",
"@sveltejs/adapter-node": "5.2.12",
"@sveltejs/kit": "2.20.2",
"@sveltejs/vite-plugin-svelte": "5.0.3",
"@types/diff-match-patch": "1.0.36",
"@types/eslint": "9.6.1",
"@types/eslint__js": "8.42.3",
"@types/eslint__js": "9.14.0",
"@types/eslint-config-prettier": "6.11.3",
"@types/node": "22.5.5",
"eslint": "9.15.0",
"eslint-config-prettier": "9.1.0",
"eslint-plugin-svelte": "2.44.0",
"globals": "15.9.0",
"@types/node": "22.13.11",
"eslint": "9.23.0",
"eslint-config-prettier": "10.1.1",
"eslint-plugin-svelte": "3.3.3",
"globals": "16.0.0",
"pg-to-ts": "4.1.1",
"prettier": "3.3.3",
"prettier-plugin-svelte": "3.2.6",
"svelte": "5.0.0-next.253",
"svelte-check": "4.0.2",
"typescript": "5.6.2",
"typescript-eslint": "8.6.0",
"vite": "5.4.6"
"prettier": "3.5.3",
"prettier-plugin-svelte": "3.3.3",
"svelte": "5.25.3",
"svelte-check": "4.1.5",
"typescript": "5.8.2",
"typescript-eslint": "8.27.0",
"vite": "6.2.2"
},
"dependencies": {
"diff-match-patch": "1.0.5",
"highlight.js": "11.10.0",
"isomorphic-dompurify": "2.15.0",
"marked": "14.1.2",
"marked-highlight": "2.1.4"
"highlight.js": "11.11.1",
"isomorphic-dompurify": "2.22.0",
"marked": "15.0.7",
"marked-highlight": "2.2.1"
},
"overrides": {
"cookie": "0.7.0"

2
web-app/src/lib/components/Pagination.svelte
View File

@@ -8,7 +8,7 @@
<div class="pagination">
{#snippet commonFilterInputs()}
{#each commonFilters as filter}
{#each commonFilters as filter (filter)}
<input type="hidden" name={filter} value={$page.url.searchParams.get(filter)} />
{/each}
{/snippet}

10
web-app/src/lib/components/WebsiteEditor.svelte
View File

@@ -3,6 +3,7 @@
import { md } from "$lib/utils";
import { page } from "$app/stores";
import { previewContent, textareaScrollTop } from "$lib/runes.svelte";
import { browser } from "$app/environment";
const {
id,
@@ -38,7 +39,7 @@
<nav class="operations__nav">
<ul class="unpadded">
{#each tabs.filter((tab) => (tab !== "categories" && contentType === "Blog") || contentType === "Docs") as tab}
{#each tabs.filter((tab) => (tab !== "categories" && contentType === "Blog") || contentType === "Docs") as tab (tab)}
<li>
<a
href="/website/{id}{tab === 'settings' ? '' : `/${tab}`}"
@@ -57,14 +58,14 @@
<div class="preview" bind:this={previewElement}>
{#if fullPreview}
{#if !iframeLoaded}
{#if !iframeLoaded && browser}
<p>Loading preview...</p>
{/if}
<iframe
src={previewContent.value}
title="Preview"
onload={() => (iframeLoaded = true)}
style:display={iframeLoaded ? "block" : "none"}
style:display={!browser || iframeLoaded ? "block" : "none"}
></iframe>
{:else}
{@html md(
@@ -131,6 +132,9 @@
.operations {
padding-block-start: var(--space-s);
resize: horizontal;
min-inline-size: 100%;
max-inline-size: calc(1536px - 320px);
}
.preview {

2
web-app/src/lib/db-schema.ts
View File

@@ -5,7 +5,7 @@
* AUTO-GENERATED FILE - DO NOT EDIT!
*
* This file was automatically generated by pg-to-ts v.4.1.1
* $ pg-to-ts generate -c postgres://username:password@localhost:15432/archtika -t article -t change_log -t collab -t docs_category -t footer -t header -t home -t media -t settings -t user -t website -s internal
* $ pg-to-ts generate -c postgres://username:password@127.0.0.1:15432/archtika -t article -t change_log -t collab -t docs_category -t footer -t header -t home -t media -t settings -t user -t website -s internal
*
*/

5
web-app/src/lib/server/utils.ts
View File

@@ -1,8 +1,8 @@
import { dev } from "$app/environment";
export const API_BASE_PREFIX = dev
? "http://localhost:3000"
: `${process.env.ORIGIN ? `${process.env.ORIGIN}/api` : "http://localhost:3000"}`;
? "http://127.0.0.1:3000"
: `${process.env.ORIGIN ? `${process.env.ORIGIN}/api` : "http://127.0.0.1:3000"}`;
export const REGISTRATION_IS_DISABLED = dev
? false
@@ -16,6 +16,7 @@ export const apiRequest = async (
method: "HEAD" | "GET" | "POST" | "PATCH" | "DELETE",
options: {
headers?: Record<string, string>;
// eslint-disable-next-line @typescript-eslint/no-explicit-any
body?: any;
successMessage?: string;
returnData?: boolean;

12
web-app/src/lib/templates/Index.svelte
View File

@@ -54,18 +54,18 @@
</h2>
<ul class="unpadded">
{#each sortedArticles as article}
{#each sortedArticles as { id, publication_date, slug, title, meta_description } (id)}
<li>
{#if article.publication_date}
<p>{article.publication_date}</p>
{#if publication_date}
<p>{publication_date}</p>
{/if}
<p>
<strong>
<a href="./articles/{article.slug}">{article.title}</a>
<a href="./articles/{slug}">{title}</a>
</strong>
</p>
{#if article.meta_description}
<p>{article.meta_description}</p>
{#if meta_description}
<p>{meta_description}</p>
{/if}
</li>
{/each}

7
web-app/src/lib/templates/Nav.svelte
View File

@@ -55,11 +55,11 @@
<section id="docs-navigation" class="docs-navigation">
<ul>
{#each Object.keys(categorizedArticles) as key}
{#each Object.keys(categorizedArticles) as key (key)}
<li>
<strong>{key}</strong>
<ul>
{#each categorizedArticles[key] as { title, slug }}
{#each categorizedArticles[key] as { title, slug } (slug)}
<li>
<a href="{isIndexPage ? './articles' : '.'}/{slug}">{title}</a>
</li>
@@ -75,9 +75,8 @@
<strong>{websiteOverview.header.logo_text}</strong>
{:else}
<img
class="top-nav-logo"
src="{apiUrl}/rpc/retrieve_file?id={websiteOverview.header.logo_image}"
width="32"
height="32"
alt=""
/>
{/if}

13
web-app/src/lib/utils.ts
View File

@@ -1,5 +1,5 @@
import { Marked } from "marked";
import type { Renderer, Token } from "marked";
import { Marked, Renderer } from "marked";
import type { Token } from "marked";
import { markedHighlight } from "marked-highlight";
import hljs from "highlight.js";
import DOMPurify from "isomorphic-dompurify";
@@ -40,6 +40,7 @@ const slugify = (string: string) => {
const createMarkdownParser = (showToc = true) => {
const marked = new Marked();
const renderer = new Renderer();
marked.use({
async: false,
@@ -58,6 +59,14 @@ const createMarkdownParser = (showToc = true) => {
})
);
marked.use({
renderer: {
table(...args) {
return `<div class="scroll-container">${renderer.table.apply(this, args)}</div>`;
}
}
});
const gfmHeadingId = ({ prefix = "", showToc = true } = {}) => {
const headings: { text: string; level: number; id: string }[] = [];
const sectionStack: { level: number; id: string }[] = [];

2
web-app/src/routes/(authenticated)/account/+page.svelte
View File

@@ -39,7 +39,7 @@
<a href="#storage">Storage</a>
</h2>
<ul class="unpadded storage-grid">
{#each data.storageSizes.data as { website_title, storage_size_bytes, max_storage_bytes, max_storage_pretty, diff_storage_pretty }}
{#each data.storageSizes.data as { website_id, website_title, storage_size_bytes, max_storage_bytes, max_storage_pretty, diff_storage_pretty } (website_id)}
<li>
<strong>{website_title}</strong>
<label>

26
web-app/src/routes/(authenticated)/website/[websiteId]/+page.server.ts
View File

@@ -72,6 +72,19 @@ export const actions: Actions = {
}
);
},
removeFavicon: async ({ fetch, params }) => {
return await apiRequest(
fetch,
`${API_BASE_PREFIX}/settings?website_id=eq.${params.websiteId}`,
"PATCH",
{
body: {
favicon_image: null
},
successMessage: "Successfully removed favicon"
}
);
},
updateHeader: async ({ request, fetch, params }) => {
const data = await request.formData();
const logoImage = data.get("logo-image") as File;
@@ -110,6 +123,19 @@ export const actions: Actions = {
}
);
},
removeLogoImage: async ({ fetch, params }) => {
return await apiRequest(
fetch,
`${API_BASE_PREFIX}/header?website_id=eq.${params.websiteId}`,
"PATCH",
{
body: {
logo_image: null
},
successMessage: "Successfully removed logo image"
}
);
},
updateHome: async ({ request, fetch, params }) => {
const data = await request.formData();

14
web-app/src/routes/(authenticated)/website/[websiteId]/+page.svelte
View File

@@ -91,6 +91,13 @@
src={`${data.API_BASE_PREFIX}/rpc/retrieve_file?id=${data.globalSettings.favicon_image}`}
alt=""
/>
<form
method="POST"
action="?/removeFavicon"
use:enhance={enhanceForm({ reset: false, closeModal: true })}
>
<button type="submit">Remove</button>
</form>
</Modal>
{/if}
</div>
@@ -138,6 +145,13 @@
src={`${data.API_BASE_PREFIX}/rpc/retrieve_file?id=${data.header.logo_image}`}
alt=""
/>
<form
method="POST"
action="?/removeLogoImage"
use:enhance={enhanceForm({ reset: false, closeModal: true })}
>
<button type="submit">Remove</button>
</form>
</Modal>
{/if}
</div>

13
web-app/src/routes/(authenticated)/website/[websiteId]/articles/[articleId]/+page.server.ts
View File

@@ -72,6 +72,19 @@ export const actions: Actions = {
}
);
},
removeCoverImage: async ({ fetch, params }) => {
return await apiRequest(
fetch,
`${API_BASE_PREFIX}/article?id=eq.${params.articleId}`,
"PATCH",
{
body: {
cover_image: null
},
successMessage: "Successfully removed cover image"
}
);
},
pasteImage: async ({ request, fetch, params }) => {
const data = await request.formData();
const file = data.get("file") as File;

9
web-app/src/routes/(authenticated)/website/[websiteId]/articles/[articleId]/+page.svelte
View File

@@ -48,7 +48,7 @@
<label>
Category:
<select name="category">
{#each data.categories as { id, category_name }}
{#each data.categories as { id, category_name } (id)}
<option value={id} selected={id === data.article.category}>{category_name}</option>
{/each}
</select>
@@ -107,6 +107,13 @@
src={`${data.API_BASE_PREFIX}/rpc/retrieve_file?id=${data.article.cover_image}`}
alt=""
/>
<form
method="POST"
action="?/removeCoverImage"
use:enhance={enhanceForm({ reset: false, closeModal: true })}
>
<button type="submit">Remove</button>
</form>
</Modal>
{/if}
</div>

12
web-app/src/routes/(authenticated)/website/[websiteId]/logs/+page.svelte
View File

@@ -63,7 +63,7 @@
/>
<datalist id="users-{data.website.id}">
<option value={data.website.user.username}></option>
{#each data.collaborators as { user: { username } }}
{#each data.collaborators as { user: { username } } (username)}
<option value={username}></option>
{/each}
</datalist>
@@ -72,7 +72,7 @@
Resource:
<select name="resource">
<option value="all">Show all</option>
{#each Object.keys(resources) as resource}
{#each Object.keys(resources) as resource (resource)}
<option
value={resource}
selected={resource === $page.url.searchParams.get("resource")}>{resource}</option
@@ -141,9 +141,13 @@
<button type="submit">Compute diff</button>
</form>
{#if form?.logId === id && form?.currentDiff}
<pre>{@html DOMPurify.sanitize(form.currentDiff, {
<pre>{@html DOMPurify.sanitize(
// .replace takes escaped text representations of line breaks and converts them to real line breaks that render correctly in HTML
form.currentDiff.replace(/\\r\\n|\\n|\\r/g, "\n"),
{
ALLOWED_TAGS: ["ins", "del"]
})}</pre>
}
)}</pre>
{/if}
{/if}

8
web-app/src/routes/(authenticated)/website/[websiteId]/publish/+page.server.ts
View File

@@ -98,17 +98,17 @@ const generateStaticFiles = async (
) => {
const websitePreviewUrl = `${
dev
? "http://localhost:18000"
? "http://127.0.0.1:18000"
: process.env.ORIGIN
? process.env.ORIGIN
: "http://localhost:18000"
: "http://127.0.0.1:18000"
}/previews/${websiteData.id}/`;
const websiteProdUrl = dev
? `http://localhost:18000/${websiteData.user.username}/${websiteData.slug}`
? `http://127.0.0.1:18000/${websiteData.user.username}/${websiteData.slug}`
: process.env.ORIGIN
? `${process.env.ORIGIN.replace("//", `//${websiteData.user.username}.`)}/${websiteData.slug}`
: `http://localhost:18000/${websiteData.user.username}/${websiteData.slug}`;
: `http://127.0.0.1:18000/${websiteData.user.username}/${websiteData.slug}`;
const fileContents = (head: string, body: string) => {
return `

2
web-app/src/routes/+layout.svelte
View File

@@ -38,7 +38,7 @@
<title>archtika | {routeName.replaceAll("/", " - ")}</title>
<meta
name="description"
content="FLOSS, modern, performant and lightweight CMS (Content Mangement System) with predefined templates"
content="FLOSS, modern, performant, lightweight and self-hosted CMS in the form of a web application"
/>
</svelte:head>

6
web-app/template-styles/blog-styles.css
View File

@@ -4,6 +4,7 @@
}
nav {
z-index: 10;
position: sticky;
block-size: var(--space-xl);
display: flex;
@@ -70,6 +71,11 @@ section {
scroll-margin-block-start: var(--space-xl);
}
.top-nav-logo {
max-block-size: var(--space-xl);
padding-block: var(--space-xs);
}
@media (min-width: 1525px) {
#table-of-contents {
position: fixed;

6
web-app/template-styles/docs-styles.css
View File

@@ -4,6 +4,7 @@
}
nav {
z-index: 10;
position: sticky;
block-size: var(--space-xl);
display: flex;
@@ -48,6 +49,11 @@ section {
scroll-margin-block-start: var(--space-xl);
}
.top-nav-logo {
max-block-size: var(--space-xl);
padding-block: var(--space-xs);
}
.docs-navigation {
display: none;
position: fixed;

1
website/CNAME Normal file
View File

@@ -0,0 +1 @@
archtika.com

69
website/archtika-logo-512x512.svg Normal file
View File

@@ -0,0 +1,69 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!-- Created with Inkscape (http://www.inkscape.org/) -->
<svg
width="512"
height="512"
viewBox="0 0 512 512"
version="1.1"
id="svg1"
xmlns="http://www.w3.org/2000/svg"
xmlns:svg="http://www.w3.org/2000/svg">
<defs
id="defs1">
<clipPath
clipPathUnits="userSpaceOnUse"
id="clipPath81">
<path
style="display:inline;fill:#808080;fill-opacity:1"
id="path81"
d="M 238.4745,221.60155 47.127052,272.87295 98.398447,81.525498 Z"
transform="matrix(1.8723891,0.38003672,-0.50170515,1.4183164,28.692837,-108.9927)" />
</clipPath>
<clipPath
clipPathUnits="userSpaceOnUse"
id="clipPath82">
<path
style="display:inline;fill:#808080;fill-opacity:1"
id="path82"
d="M 238.4745,221.60155 47.127052,272.87295 98.398447,81.525498 Z"
transform="rotate(180,159.89124,183.45477)" />
</clipPath>
<clipPath
clipPathUnits="userSpaceOnUse"
id="clipPath83">
<path
style="display:inline;fill:#808080;fill-opacity:1"
id="path83"
d="M 238.4745,221.60155 47.127052,272.87295 98.398447,81.525498 Z"
transform="rotate(180,96.108761,200.54523)" />
</clipPath>
</defs>
<g
id="layer1"
style="display:inline">
<g
id="g83"
transform="matrix(1.3333333,0,0,1.3333333,-85.333319,-8.1031545e-6)"
style="display:inline">
<path
style="fill:#4ae086;fill-opacity:1"
id="path49"
d="M 238.4745,221.60155 47.127052,272.87295 98.398447,81.525498 Z"
transform="matrix(-1.8723891,-0.5793192,0.50170515,-2.1620487,271.33842,745.26623)"
clip-path="url(#clipPath83)" />
<path
style="display:inline;fill:#00a056;fill-opacity:1"
id="path50"
d="M 238.4745,221.60155 47.127052,272.87295 98.398447,81.525498 Z"
transform="matrix(-1.8723891,-0.5793192,0.50170515,-2.1620487,527.33841,745.26623)"
clip-path="url(#clipPath82)" />
<path
id="path71"
style="display:inline;fill:#17c171;fill-opacity:1"
transform="matrix(1,0,0,1.5243769,83.968743,-67.120251)"
d="m 236.03126,128.00002 -64.00001,83.96874 -64,-83.96874 64,-83.968747 z"
clip-path="url(#clipPath81)" />
</g>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 2.3 KiB

24
website/index.html Normal file
View File

@@ -0,0 +1,24 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<script src="https://cdn.tailwindcss.com"></script>
<link
rel="icon"
href="./archtika-logo-512x512.svg"
/>
<title>archtika CMS</title>
<meta name="description" content="FLOSS, modern, performant, lightweight and self-hosted CMS in the form of a web application" />
</head>
<body class="min-h-screen bg-neutral-50 bg-[url('./archtika-logo-512x512.svg')] bg-bottom bg-no-repeat bg-blend-luminosity">
<div class="mx-auto max-w-fit bg-neutral-50 p-8">
<h1 class="text-2xl font-bold text-neutral-900 sm:text-3xl md:text-4xl lg:text-5xl xl:text-6xl 2xl:text-7xl">archtika</h1>
<p class="mt-2 text-xl text-neutral-700 sm:text-2xl">FLOSS, modern, performant, lightweight and self&#8209;hosted CMS</p>
<div class="mt-8 flex flex-wrap gap-6 sm:justify-end">
<a href="https://github.com/archtika/archtika" class="text-neutral-900 rounded-full bg-neutral-200 px-4 py-2 outline outline-1 outline-offset-4 outline-neutral-300 hover:bg-neutral-300 hover:underline focus:outline-2 focus:outline-neutral-900">GitHub</a>
<a href="https://docs.archtika.com" class="text-neutral-900 rounded-full bg-neutral-200 px-4 py-2 outline outline-1 outline-offset-4 outline-neutral-300 hover:bg-neutral-300 hover:underline focus:outline-2 focus:outline-neutral-900">Documentation</a>
</div>
</div>
</body>
</html>