mirror of
https://github.com/privacyguides/privacyguides.org
synced 2024-11-30 15:03:32 +01:00
Remove server things from repo (#2475)
Signed-off-by: Daniel Gray <dngray@privacyguides.org>
This commit is contained in:
parent
04c37b9cdf
commit
ce7896c07f
25
.github/CODEOWNERS
vendored
25
.github/CODEOWNERS
vendored
@ -1,27 +1,5 @@
|
||||
# Copyright (c) 2019-2023 Jonah Aragon <jonah@triplebit.net>
|
||||
|
||||
# Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
# of this software and associated documentation files (the "Software"), to
|
||||
# deal in the Software without restriction, including without limitation the
|
||||
# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
|
||||
# sell copies of the Software, and to permit persons to whom the Software is
|
||||
# furnished to do so, subject to the following conditions:
|
||||
|
||||
# The above copyright notice and this permission notice shall be included in
|
||||
# all copies or substantial portions of the Software.
|
||||
|
||||
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
|
||||
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
|
||||
# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
|
||||
# IN THE SOFTWARE.
|
||||
|
||||
# Additional Co-Owners are added to the TOP of this file
|
||||
|
||||
# High-traffic pages
|
||||
/docs/index.en.md @jonaharagon @dngray
|
||||
/docs/index.md @jonaharagon @dngray
|
||||
/theme/overrides/ @jonaharagon
|
||||
|
||||
# Org
|
||||
@ -35,4 +13,3 @@ README.md @jonaharagon @dngray
|
||||
/Pipfile @jonaharagon
|
||||
/Pipfile.lock @jonaharagon
|
||||
/.github/ @jonaharagon
|
||||
/.well-known/ @jonaharagon
|
||||
|
93
.github/workflows/build-offline.yml
vendored
Normal file
93
.github/workflows/build-offline.yml
vendored
Normal file
@ -0,0 +1,93 @@
|
||||
name: Build Offline Website
|
||||
|
||||
on:
|
||||
workflow_call:
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
build:
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
persist-credentials: "false"
|
||||
|
||||
- uses: actions/download-artifact@v4
|
||||
with:
|
||||
pattern: repo-*
|
||||
path: modules
|
||||
|
||||
- run: |
|
||||
rmdir modules/mkdocs-material
|
||||
mv modules/repo-mkdocs-material-insiders modules/mkdocs-material
|
||||
rmdir theme/assets/brand
|
||||
mv modules/repo-brand theme/assets/brand
|
||||
|
||||
- name: Python setup
|
||||
uses: actions/setup-python@v5
|
||||
with:
|
||||
cache: "pipenv"
|
||||
|
||||
- uses: actions/cache/restore@v4.0.2
|
||||
with:
|
||||
key: site-cache-${{ github.repository }}-en-${{ github.ref }}-${{ hashfiles('.cache/**') }}
|
||||
path: .cache
|
||||
restore-keys: |
|
||||
site-cache-${{ github.repository }}-en-${{ github.ref }}-
|
||||
site-cache-${{ github.repository }}-en-
|
||||
|
||||
- name: Install Python dependencies
|
||||
run: |
|
||||
pip install pipenv
|
||||
pipenv install
|
||||
sudo apt install pngquant
|
||||
|
||||
- name: Build website
|
||||
env:
|
||||
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
CARDS: false
|
||||
run: |
|
||||
pipenv run mkdocs build --config-file config/mkdocs-offline.yml
|
||||
pipenv run mkdocs --version
|
||||
|
||||
- name: Package website
|
||||
run: |
|
||||
tar -czvf offline.tar.gz site
|
||||
zip -r -q offline.zip site
|
||||
|
||||
- uses: actions/cache/save@v4.0.2
|
||||
with:
|
||||
key: site-cache-${{ github.repository }}-en-${{ github.ref }}-${{ hashfiles('.cache/**') }}
|
||||
path: .cache
|
||||
|
||||
- name: Upload tar.gz file
|
||||
uses: actions/upload-artifact@v4
|
||||
with:
|
||||
name: offline.tar.gz
|
||||
path: offline.tar.gz
|
||||
|
||||
- name: Upload zip file
|
||||
uses: actions/upload-artifact@v4
|
||||
with:
|
||||
name: offline.zip
|
||||
path: offline.zip
|
||||
|
||||
- name: Create ZIM File
|
||||
uses: addnab/docker-run-action@v3
|
||||
with:
|
||||
image: ghcr.io/openzim/zim-tools:3.1.3
|
||||
options: -v ${{ github.workspace }}:/data
|
||||
run: |
|
||||
zimwriterfs -w index.html -I assets/brand/logos/png/square/pg-yellow.png -l eng -t "Privacy Guides" -d "Your central privacy and security resource to protect yourself online." -c "Privacy Guides" -p "Jonah Aragon" -n "Privacy Guides" -e "https://github.com/privacyguides/privacyguides.org" /data/site /data/offline-privacy_guides.zim
|
||||
|
||||
- name: Upload ZIM file
|
||||
uses: actions/upload-artifact@v4
|
||||
with:
|
||||
name: offline-privacy_guides.zim
|
||||
path: offline-privacy_guides.zim
|
114
.github/workflows/build.yml
vendored
Normal file
114
.github/workflows/build.yml
vendored
Normal file
@ -0,0 +1,114 @@
|
||||
name: Build Website
|
||||
|
||||
on:
|
||||
workflow_call:
|
||||
inputs:
|
||||
ref:
|
||||
required: true
|
||||
type: string
|
||||
repo:
|
||||
required: true
|
||||
type: string
|
||||
lang:
|
||||
type: string
|
||||
default: en
|
||||
context:
|
||||
type: string
|
||||
default: deploy-preview
|
||||
continue-on-error:
|
||||
type: boolean
|
||||
default: true
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
build:
|
||||
runs-on: ubuntu-latest
|
||||
continue-on-error: ${{ inputs.continue-on-error }}
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
with:
|
||||
repository: ${{ inputs.repo }}
|
||||
ref: ${{ inputs.ref }}
|
||||
persist-credentials: "false"
|
||||
fetch-depth: 0
|
||||
|
||||
- uses: actions/download-artifact@v4
|
||||
with:
|
||||
pattern: repo-*
|
||||
path: modules
|
||||
|
||||
- run: |
|
||||
rmdir modules/mkdocs-material
|
||||
mv modules/repo-mkdocs-material-insiders modules/mkdocs-material
|
||||
rmdir theme/assets/brand
|
||||
mv modules/repo-brand theme/assets/brand
|
||||
|
||||
- if: inputs.lang != 'en'
|
||||
run: |
|
||||
cp -rl modules/repo-i18n/i18n .
|
||||
cp -rl modules/repo-i18n/includes .
|
||||
cp -rl modules/repo-i18n/theme .
|
||||
|
||||
- uses: actions/setup-python@v5
|
||||
with:
|
||||
cache: "pipenv"
|
||||
|
||||
- uses: actions/cache/restore@v4.0.2
|
||||
with:
|
||||
key: site-cache-${{ inputs.repo }}-${{ inputs.ref }}-${{ hashfiles('.cache/**') }}
|
||||
path: .cache
|
||||
restore-keys: |
|
||||
site-cache-${{ inputs.repo }}-${{ inputs.ref }}-
|
||||
site-cache-${{ inputs.repo }}-
|
||||
|
||||
- uses: actions/cache/restore@v4.0.2
|
||||
with:
|
||||
key: card-cache-${{ inputs.repo }}-${{ inputs.lang }}-${{ inputs.ref }}-${{ hashfiles('config/.cache/plugin/social/manifest.json') }}
|
||||
path: |
|
||||
config/.cache/plugin/social/manifest.json
|
||||
config/.cache/plugin/social/assets
|
||||
restore-keys: |
|
||||
card-cache-${{ inputs.repo }}-${{ inputs.lang }}-${{ inputs.ref }}-
|
||||
card-cache-${{ inputs.repo }}-${{ inputs.lang }}-
|
||||
|
||||
- run: |
|
||||
pip install pipenv
|
||||
pipenv install
|
||||
sudo apt install pngquant
|
||||
|
||||
- uses: falti/dotenv-action@v1.1
|
||||
with:
|
||||
path: includes/strings.${{ inputs.lang }}.env
|
||||
export-variables: true
|
||||
keys-case: bypass
|
||||
|
||||
- env:
|
||||
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
CONTEXT: ${{ inputs.context }}
|
||||
PRODUCTION: true
|
||||
run: |
|
||||
pipenv run mkdocs build --config-file config/mkdocs.${{ inputs.lang }}.yml
|
||||
pipenv run mkdocs --version
|
||||
tar -czvf site-build-${{ inputs.lang }}.tar.gz site
|
||||
|
||||
- uses: actions/cache/save@v4.0.2
|
||||
with:
|
||||
key: site-cache-${{ inputs.repo }}-${{ inputs.ref }}-${{ hashfiles('.cache/**') }}
|
||||
path: .cache
|
||||
|
||||
- uses: actions/cache/save@v4.0.2
|
||||
with:
|
||||
key: card-cache-${{ inputs.repo }}-${{ inputs.lang }}-${{ inputs.ref }}-${{ hashfiles('config/.cache/plugin/social/manifest.json') }}
|
||||
path: |
|
||||
config/.cache/plugin/social/manifest.json
|
||||
config/.cache/plugin/social/assets
|
||||
|
||||
- uses: actions/upload-artifact@v4
|
||||
with:
|
||||
name: site-build-${{ inputs.lang }}.tar.gz
|
||||
path: site-build-${{ inputs.lang }}.tar.gz
|
51
.github/workflows/deploy-all.yml
vendored
51
.github/workflows/deploy-all.yml
vendored
@ -1,51 +0,0 @@
|
||||
name: Deploy Website Build
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
pages: write
|
||||
id-token: write
|
||||
|
||||
on:
|
||||
workflow_call:
|
||||
inputs:
|
||||
netlify_production:
|
||||
type: boolean
|
||||
default: true
|
||||
github_pages:
|
||||
type: boolean
|
||||
default: true
|
||||
minio_production:
|
||||
type: boolean
|
||||
default: true
|
||||
outputs:
|
||||
netlify_preview_address:
|
||||
value: ${{ jobs.netlify.outputs.address }}
|
||||
secrets:
|
||||
NETLIFY_TOKEN:
|
||||
PROD_MINIO_KEY_ID:
|
||||
PROD_MINIO_SECRET_KEY:
|
||||
|
||||
jobs:
|
||||
netlify:
|
||||
if: inputs.netlify_production
|
||||
uses: privacyguides/.github/.github/workflows/deploy-netlify.yml@main
|
||||
with:
|
||||
netlify_site_id: ${{ vars.PROD_NETLIFY_SITE }}
|
||||
environment: production
|
||||
secrets:
|
||||
NETLIFY_TOKEN: ${{ secrets.NETLIFY_TOKEN }}
|
||||
|
||||
minio:
|
||||
if: inputs.minio_production
|
||||
uses: privacyguides/.github/.github/workflows/deploy-minio.yml@main
|
||||
with:
|
||||
environment: production
|
||||
secrets:
|
||||
PROD_MINIO_KEY_ID: ${{ secrets.PROD_MINIO_KEY_ID }}
|
||||
PROD_MINIO_SECRET_KEY: ${{ secrets.PROD_MINIO_SECRET_KEY }}
|
||||
|
||||
pages:
|
||||
if: inputs.github_pages
|
||||
uses: privacyguides/.github/.github/workflows/deploy-pages.yml@main
|
||||
with:
|
||||
environment: github-pages
|
6
.github/workflows/publish-pr.yml
vendored
6
.github/workflows/publish-pr.yml
vendored
@ -60,7 +60,7 @@ jobs:
|
||||
fail-fast: false
|
||||
permissions:
|
||||
contents: read
|
||||
uses: privacyguides/.github/.github/workflows/build.yml@main
|
||||
uses: ./.github/workflows/build.yml
|
||||
with:
|
||||
ref: ${{github.event.pull_request.head.ref}}
|
||||
repo: ${{github.event.pull_request.head.repo.full_name}}
|
||||
@ -71,7 +71,7 @@ jobs:
|
||||
needs: build
|
||||
permissions:
|
||||
contents: read
|
||||
uses: privacyguides/.github/.github/workflows/deploy-netlify-preview.yml@main
|
||||
uses: privacyguides/webserver/.github/workflows/deploy-netlify-preview.yml@main
|
||||
with:
|
||||
netlify_alias: ${{ github.event.pull_request.head.sha }}
|
||||
netlify_site_id: ${{ vars.NETLIFY_SITE }}
|
||||
@ -84,7 +84,7 @@ jobs:
|
||||
needs: deploy
|
||||
runs-on: ubuntu-latest
|
||||
env:
|
||||
address: ${{ needs.deploy.outputs.netlify_preview_address }}
|
||||
address: ${{ needs.deploy.outputs.address }}
|
||||
steps:
|
||||
- uses: thollander/actions-comment-pull-request@v2.5.0
|
||||
with:
|
||||
|
12
.github/workflows/publish-release.yml
vendored
12
.github/workflows/publish-release.yml
vendored
@ -48,7 +48,7 @@ jobs:
|
||||
lang: [en, es, fr, he, it, nl, ru, zh-Hant]
|
||||
permissions:
|
||||
contents: read
|
||||
uses: privacyguides/.github/.github/workflows/build.yml@main
|
||||
uses: ./.github/workflows/build.yml
|
||||
with:
|
||||
ref: ${{ github.ref }}
|
||||
repo: ${{ github.repository }}
|
||||
@ -60,7 +60,7 @@ jobs:
|
||||
needs: submodule
|
||||
permissions:
|
||||
contents: read
|
||||
uses: privacyguides/.github/.github/workflows/build-offline.yml@main
|
||||
uses: ./.github/workflows/build-offline.yml
|
||||
|
||||
release:
|
||||
name: Create release notes
|
||||
@ -84,15 +84,13 @@ jobs:
|
||||
|
||||
deploy:
|
||||
needs: build
|
||||
uses: ./.github/workflows/deploy-all.yml
|
||||
with:
|
||||
netlify_production: true
|
||||
github_pages: true
|
||||
minio_production: true
|
||||
uses: privacyguides/webserver/.github/workflows/deploy-all.yml@main
|
||||
secrets:
|
||||
NETLIFY_TOKEN: ${{ secrets.NETLIFY_TOKEN }}
|
||||
PROD_MINIO_KEY_ID: ${{ secrets.PROD_MINIO_KEY_ID }}
|
||||
PROD_MINIO_SECRET_KEY: ${{ secrets.PROD_MINIO_SECRET_KEY }}
|
||||
CF_API_TOKEN: ${{ secrets.CF_API_TOKEN }}
|
||||
CF_ACCOUNT_ID: ${{ secrets.CF_ACCOUNT_ID }}
|
||||
|
||||
cleanup:
|
||||
if: ${{ always() }}
|
||||
|
4
.github/workflows/test-build.yml
vendored
4
.github/workflows/test-build.yml
vendored
@ -45,7 +45,7 @@ jobs:
|
||||
fail-fast: false
|
||||
permissions:
|
||||
contents: read
|
||||
uses: privacyguides/.github/.github/workflows/build.yml@main
|
||||
uses: ./.github/workflows/build.yml
|
||||
with:
|
||||
ref: ${{ github.ref }}
|
||||
repo: ${{ github.repository }}
|
||||
@ -56,7 +56,7 @@ jobs:
|
||||
needs: submodule
|
||||
permissions:
|
||||
contents: read
|
||||
uses: privacyguides/.github/.github/workflows/build-offline.yml@main
|
||||
uses: ./.github/workflows/build-offline.yml
|
||||
|
||||
cleanup:
|
||||
if: ${{ always() }}
|
||||
|
4
.github/workflows/test-lint.yml
vendored
4
.github/workflows/test-lint.yml
vendored
@ -35,7 +35,7 @@ concurrency:
|
||||
cancel-in-progress: true
|
||||
|
||||
env:
|
||||
MAIN_BRANCH: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }}
|
||||
MAIN_BRANCH: ${{ github.event_name == 'push' }}
|
||||
|
||||
jobs:
|
||||
megalinter:
|
||||
@ -45,7 +45,7 @@ jobs:
|
||||
- if: ${{ env.MAIN_BRANCH }}
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- if: ${{ !env.MAIN_BRANCH }}
|
||||
- if: ${{ env.MAIN_BRANCH == 0 }}
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
|
1
.vscode/extensions.json
vendored
1
.vscode/extensions.json
vendored
@ -24,7 +24,6 @@
|
||||
"DavidAnson.vscode-markdownlint",
|
||||
"wholroyd.jinja",
|
||||
"mikestead.dotenv",
|
||||
"matthewpi.caddyfile-support",
|
||||
"redhat.vscode-yaml",
|
||||
"ecmel.vscode-html-css",
|
||||
"yzhang.markdown-all-in-one"
|
||||
|
17
.vscode/settings.json
vendored
17
.vscode/settings.json
vendored
@ -21,20 +21,9 @@
|
||||
{
|
||||
"git.ignoreLimitWarning": true,
|
||||
"ltex.diagnosticSeverity": "hint",
|
||||
"[markdown]": {
|
||||
"editor.unicodeHighlight.ambiguousCharacters": true,
|
||||
"editor.unicodeHighlight.invisibleCharacters": true
|
||||
},
|
||||
"[caddyfile]": {
|
||||
"editor.defaultFormatter": "matthewpi.caddyfile-support",
|
||||
"editor.formatOnSave": true
|
||||
},
|
||||
"files.associations": {
|
||||
"*.caddy": "caddyfile",
|
||||
"*.example-caddy": "caddyfile"
|
||||
},
|
||||
"editor.unicodeHighlight.invisibleCharacters": true,
|
||||
"editor.defaultFormatter": "DavidAnson.vscode-markdownlint",
|
||||
"editor.unicodeHighlight.ambiguousCharacters": true,
|
||||
"editor.unicodeHighlight.invisibleCharacters": true,
|
||||
"editor.defaultFormatter": "DavidAnson.vscode-markdownlint",
|
||||
"[yaml]": {
|
||||
"editor.defaultFormatter": "redhat.vscode-yaml",
|
||||
"editor.quickSuggestions": {
|
||||
|
@ -1,50 +0,0 @@
|
||||
(pg-umami-config) {
|
||||
umami {
|
||||
event_endpoint https://stats.jonaharagon.net/api/send
|
||||
website_uuid 30b92047-7cbb-4800-9815-2e075a293e0a
|
||||
# bit of a hack to get umami working properly, nothing to do with cloudflare
|
||||
client_ip_header CF-Connecting-IP
|
||||
trusted_ip_header X-Real-IP
|
||||
cookie_consent umami
|
||||
cookie_resolution resolution
|
||||
debug
|
||||
}
|
||||
}
|
||||
|
||||
www.privacyguides.org {
|
||||
import vars
|
||||
import common/*.caddy
|
||||
import production/*.caddy
|
||||
}
|
||||
|
||||
http://www.xoe4vn5uwdztif6goazfbmogh6wh5jc4up35bqdflu6bkdc5cas5vjqd.onion {
|
||||
import vars
|
||||
import common/*.caddy
|
||||
import production/minio.caddy
|
||||
}
|
||||
|
||||
http://*.xoe4vn5uwdztif6goazfbmogh6wh5jc4up35bqdflu6bkdc5cas5vjqd.onion {
|
||||
@hostnames header_regexp hostname Host (\S+)\.xoe4vn5uwdztif6goazfbmogh6wh5jc4up35bqdflu6bkdc5cas5vjqd\.onion
|
||||
handle @hostnames {
|
||||
reverse_proxy {re.hostname.1}.privacyguides.org:443 {
|
||||
header_up Host {re.hostname.1}.privacyguides.org
|
||||
transport http {
|
||||
tls
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
privacyguides.org {
|
||||
import vars
|
||||
import production/matrix.caddy
|
||||
|
||||
handle {
|
||||
import production/https.caddy
|
||||
redir https://www.privacyguides.org{uri}
|
||||
}
|
||||
}
|
||||
|
||||
http://xoe4vn5uwdztif6goazfbmogh6wh5jc4up35bqdflu6bkdc5cas5vjqd.onion {
|
||||
redir http://www.xoe4vn5uwdztif6goazfbmogh6wh5jc4up35bqdflu6bkdc5cas5vjqd.onion{uri}
|
||||
}
|
@ -1,13 +0,0 @@
|
||||
# Caddy Webserver Config
|
||||
|
||||
Requires a build of Caddy with [jonaharagon/caddy-umami](https://github.com/jonaharagon/caddy-umami) installed.
|
||||
|
||||
## Variables
|
||||
|
||||
These variables are set on the server, and can be accessed like `{vars.variable_name}`:
|
||||
|
||||
- `minio_hostname`
|
||||
- `pg_minio_bucket`
|
||||
- `pg_matrix_webserver`
|
||||
- `pg_umami_website_uuid`
|
||||
- `umami_hostname`
|
@ -1,34 +0,0 @@
|
||||
@static {
|
||||
path *.ico *.css *.js *.gif *.webp *.avif *.jpg *.jpeg *.png *.svg *.woff *.woff2
|
||||
}
|
||||
|
||||
@en path /en/*
|
||||
@es path /es/*
|
||||
@fr path /fr/*
|
||||
@he path /he/*
|
||||
@it path /it/*
|
||||
@nl path /nl/*
|
||||
@ru path /ru/*
|
||||
@zh-Hant path /zh-Hant/*
|
||||
|
||||
@es-header {
|
||||
header Accept-Language es*
|
||||
}
|
||||
@fr-header {
|
||||
header Accept-Language fr*
|
||||
}
|
||||
@he-header {
|
||||
header Accept-Language he*
|
||||
}
|
||||
@it-header {
|
||||
header Accept-Language it*
|
||||
}
|
||||
@nl-header {
|
||||
header Accept-Language nl*
|
||||
}
|
||||
@ru-header {
|
||||
header Accept-Language ru*
|
||||
}
|
||||
@zh-Hant-header {
|
||||
header Accept-Language zh-Hant*
|
||||
}
|
@ -1,42 +0,0 @@
|
||||
handle_errors {
|
||||
@errors `{err.status_code} in [404]`
|
||||
handle @errors {
|
||||
handle @es {
|
||||
try_files /i18n/{err.status_code}.es.html i18n/{err.status_code}.en.html
|
||||
file_server
|
||||
}
|
||||
handle @fr {
|
||||
try_files i18n/{err.status_code}.fr.html i18n/{err.status_code}.en.html
|
||||
file_server
|
||||
}
|
||||
handle @he {
|
||||
try_files i18n/{err.status_code}.he.html i18n/{err.status_code}.en.html
|
||||
file_server
|
||||
}
|
||||
handle @it {
|
||||
try_files i18n/{err.status_code}.it.html i18n/{err.status_code}.en.html
|
||||
file_server
|
||||
}
|
||||
handle @nl {
|
||||
try_files i18n/{err.status_code}.nl.html i18n/{err.status_code}.en.html
|
||||
file_server
|
||||
}
|
||||
handle @ru {
|
||||
try_files i18n/{err.status_code}.ru.html i18n/{err.status_code}.en.html
|
||||
file_server
|
||||
}
|
||||
handle @zh-Hant {
|
||||
try_files i18n/{err.status_code}.zh-Hant.html i18n/{err.status_code}.en.html
|
||||
file_server
|
||||
}
|
||||
handle {
|
||||
try_files i18n/{err.status_code}.en.html
|
||||
file_server
|
||||
}
|
||||
}
|
||||
|
||||
# Handle all other webserver errors with a simple text response
|
||||
handle {
|
||||
respond "{err.status_code} {err.status_text}"
|
||||
}
|
||||
}
|
@ -1,16 +0,0 @@
|
||||
header X-Frame-Options SAMEORIGIN
|
||||
header X-Content-Type-Options nosniff
|
||||
header X-XSS-Protection 0
|
||||
|
||||
vars pg_csp_self "https://www.privacyguides.org https://cdn.privacyguides.org 'self'"
|
||||
# You can check whether a CSP directive will fall back to default-src on MDN.
|
||||
# Add CSP directives WITH a default-src fallback here:
|
||||
header +Content-Security-Policy "default-src 'none'; script-src {vars.pg_csp_self} 'unsafe-inline'; style-src {vars.pg_csp_self} 'unsafe-inline'; font-src {vars.pg_csp_self} data:; img-src data: {vars.pg_csp_self}; connect-src https://api.github.com https://*.privacyguides.net {vars.pg_csp_self}; frame-src https://*.privacyguides.net https://snowflake.torproject.org {vars.pg_csp_self}"
|
||||
# Add CSP directives WITHOUT a default-src fallback here:
|
||||
header +Content-Security-Policy "form-action 'self'; frame-ancestors 'none'; base-uri 'none'; sandbox allow-scripts allow-popups allow-same-origin;"
|
||||
|
||||
header Permissions-Policy "browsing-topics=(), conversion-measurement=(), interest-cohort=(), accelerometer=(), ambient-light-sensor=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), usb=()"
|
||||
|
||||
header Access-Control-Allow-Origin "*"
|
||||
|
||||
header @static Cache-Control max-age=2592000
|
@ -1,4 +0,0 @@
|
||||
redir /kb* /en/basics/why-privacy-matters/
|
||||
redir /license* https://github.com/privacyguides/privacyguides.org/tree/main/README.md#license
|
||||
redir /coc* /en/CODE_OF_CONDUCT/
|
||||
redir /team* /en/about/
|
@ -1,30 +0,0 @@
|
||||
route / {
|
||||
header Cache-Control no-store
|
||||
|
||||
redir @es-header /es
|
||||
redir @fr-header /fr
|
||||
redir @he-header /he
|
||||
redir @it-header /it
|
||||
redir @nl-header /nl
|
||||
redir @ru-header /ru
|
||||
redir @zh-Hant-header /zh-Hant
|
||||
|
||||
# default case
|
||||
handle {
|
||||
redir * /en/
|
||||
}
|
||||
}
|
||||
|
||||
@kb {
|
||||
path */kb */kb/*
|
||||
}
|
||||
route @kb {
|
||||
redir @es /es/basics/why-privacy-matters/
|
||||
redir @fr /fr/basics/why-privacy-matters/
|
||||
redir @he /he/basics/why-privacy-matters/
|
||||
redir @it /it/basics/why-privacy-matters/
|
||||
redir @nl /nl/basics/why-privacy-matters/
|
||||
redir @ru /ru/basics/why-privacy-matters/
|
||||
redir @zh-Hant /zh-Hant/basics/why-privacy-matters/
|
||||
redir * /en/basics/why-privacy-matters/
|
||||
}
|
@ -1,50 +0,0 @@
|
||||
redir /browsers /en/desktop-browsers/
|
||||
redir /blog https://blog.privacyguides.org
|
||||
redir /basics/dns-overview /en/advanced/dns-overview/
|
||||
redir /basics/tor-overview /en/advanced/tor-overview/
|
||||
redir /real-time-communication/communication-network-types /en/advanced/communication-network-types
|
||||
redir /advanced/real-time-communication /en/advanced/communication-network-types
|
||||
redir /android/overview /en/os/android-overview/
|
||||
redir /linux-desktop/overview /en/os/linux-overview/
|
||||
redir /android/grapheneos-vs-calyxos https://blog.privacyguides.org/2022/04/21/grapheneos-or-calyxos/
|
||||
redir /ios/configuration https://blog.privacyguides.org/2022/10/22/ios-configuration-guide/
|
||||
redir /linux-desktop/hardening https://blog.privacyguides.org/2022/04/22/linux-system-hardening/
|
||||
redir /linux-desktop/sandboxing https://blog.privacyguides.org/2022/04/22/linux-application-sandboxing/
|
||||
redir /advanced/signal-configuration-hardening https://blog.privacyguides.org/2022/07/07/signal-configuration-and-hardening/
|
||||
redir /real-time-communication/signal-configuration-hardening https://blog.privacyguides.org/2022/07/07/signal-configuration-and-hardening/
|
||||
redir /advanced/integrating-metadata-removal https://blog.privacyguides.org/2022/04/09/integrating-metadata-removal/
|
||||
redir /advanced/erasing-data https://blog.privacyguides.org/2022/05/25/secure-data-erasure/
|
||||
redir /operating-systems /en/desktop/
|
||||
redir /threat-modeling /en/basics/threat-modeling/
|
||||
redir /self-contained-networks /en/tor/
|
||||
redir /privacy-policy /en/about/privacy-policy/
|
||||
redir /metadata-removal-tools /en/data-redaction/
|
||||
redir /basics /en/kb
|
||||
redir /software/file-encryption /en/encryption/
|
||||
redir /providers /en/tools/#service-providers
|
||||
redir /software/calendar-contacts /en/calendar/
|
||||
redir /calendar-contacts /en/calendar/
|
||||
redir /software/metadata-removal-tools /en/data-redaction/
|
||||
redir /contact /en/about/
|
||||
redir /welcome-to-privacy-guides https://blog.privacyguides.org/2021/09/14/welcome-to-privacy-guides/
|
||||
redir /software/email /en/email-clients/
|
||||
redir /providers/paste /en/tools/
|
||||
redir /blog/2019/10/05/understanding-vpns https://www.jonaharagon.com/posts/understanding-vpns/
|
||||
redir /terms-and-notices /en/about/notices/
|
||||
redir /software/networks /en/tor/
|
||||
redir /social-news-aggregator /en/news-aggregators/
|
||||
redir /basics/erasing-data https://blog.privacyguides.org/2022/05/25/secure-data-erasure/
|
||||
redir /linux-desktop /en/desktop/
|
||||
|
||||
handle_path /providers/* {
|
||||
redir * /en/{uri}
|
||||
}
|
||||
handle_path /software/* {
|
||||
redir * /en/{uri}
|
||||
}
|
||||
handle_path /blog/* {
|
||||
redir * https://blog.privacyguides.org/{uri}
|
||||
}
|
||||
handle_path /assets/* {
|
||||
redir * /en/assets/{uri}
|
||||
}
|
@ -1,6 +0,0 @@
|
||||
@canonicalPath {
|
||||
path */
|
||||
}
|
||||
route @canonicalPath {
|
||||
rewrite @canonicalPath {http.request.orig_uri.path}index.html
|
||||
}
|
@ -1,2 +0,0 @@
|
||||
header ?Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
|
||||
header +Content-Security-Policy upgrade-insecure-requests;
|
@ -1,13 +0,0 @@
|
||||
@matrix {
|
||||
path /.well-known/matrix/*
|
||||
}
|
||||
|
||||
handle @matrix {
|
||||
reverse_proxy 10.163.5.51:81 {
|
||||
header_up Host matrix.privacyguides.org
|
||||
header_up X-Forwarded-Port {http.request.port}
|
||||
header_up X-Forwarded-TlsProto {tls_protocol}
|
||||
header_up X-Forwarded-TlsCipher {tls_cipher}
|
||||
header_up X-Forwarded-HttpsProto {proto}
|
||||
}
|
||||
}
|
@ -1,31 +0,0 @@
|
||||
cache
|
||||
encode zstd gzip
|
||||
reverse_proxy http://10.163.3.10:9000 {
|
||||
header_up Host privacyguides-org-production.stor1-minio.jonaharagon.net
|
||||
header_down -Server
|
||||
header_down -Vary
|
||||
header_down -X-*
|
||||
|
||||
@200ok status 2xx 304
|
||||
handle_response @200ok {
|
||||
import pg-umami-config
|
||||
copy_response
|
||||
copy_response_headers
|
||||
}
|
||||
|
||||
@error404 status 404
|
||||
handle_response @error404 {
|
||||
@addSlash {
|
||||
expression !{path}.endsWith("/")
|
||||
}
|
||||
redir @addSlash {http.request.orig_uri.path}/
|
||||
}
|
||||
|
||||
@error400 status 400
|
||||
handle_response @error400 {
|
||||
@real404 {
|
||||
path *//index.html
|
||||
}
|
||||
respond @real404 404
|
||||
}
|
||||
}
|
@ -105,8 +105,8 @@ extra:
|
||||
name: Self-Hosted Analytics
|
||||
checked: true
|
||||
github:
|
||||
name: GitHub
|
||||
checked: false
|
||||
name: GitHub API
|
||||
checked: true
|
||||
actions:
|
||||
- reject
|
||||
- accept
|
||||
|
104
netlify.toml
104
netlify.toml
@ -1,104 +0,0 @@
|
||||
# Copyright (c) 2022-2024 Jonah Aragon <jonah@triplebit.net>
|
||||
|
||||
# Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
# of this software and associated documentation files (the "Software"), to
|
||||
# deal in the Software without restriction, including without limitation the
|
||||
# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
|
||||
# sell copies of the Software, and to permit persons to whom the Software is
|
||||
# furnished to do so, subject to the following conditions:
|
||||
|
||||
# The above copyright notice and this permission notice shall be included in
|
||||
# all copies or substantial portions of the Software.
|
||||
|
||||
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
|
||||
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
|
||||
# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
|
||||
# IN THE SOFTWARE.
|
||||
|
||||
[build]
|
||||
publish = "site/"
|
||||
command = "mkdocs build --config-file config/mkdocs.en.yml && cp -r static/* site/"
|
||||
|
||||
[context.production]
|
||||
command = "rm -rf i18n-download || true && git clone https://github.com/privacyguides/i18n i18n-download && cp -rl i18n-download/i18n . && cp -rl i18n-download/includes . && cp -rl i18n-download/theme . && mkdocs build --config-file config/mkdocs.en.yml && mkdocs build --config-file config/mkdocs.es.yml && mkdocs build --config-file config/mkdocs.fr.yml && mkdocs build --config-file config/mkdocs.he.yml && mkdocs build --config-file config/mkdocs.it.yml && mkdocs build --config-file config/mkdocs.nl.yml && mkdocs build --config-file config/mkdocs.zh-Hant.yml && mkdocs build --config-file config/mkdocs.ru.yml && cp -r static/* site/"
|
||||
|
||||
[context.branch-deploy]
|
||||
command = "crowdin download && for i in config/mkdocs.*.yml; do mkdocs build --config-file $i; done && cp -r static/* site/"
|
||||
|
||||
[[headers]]
|
||||
for = "/*"
|
||||
[headers.values]
|
||||
X-Frame-Options = "DENY"
|
||||
X-XSS-Protection = "0"
|
||||
X-Content-Type-Options = "nosniff"
|
||||
Strict-Transport-Security = "max-age=63072000; includeSubDomains; preload"
|
||||
Content-Security-Policy = "default-src 'none'; script-src https://www.privacyguides.org 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self' data:; img-src data: 'self'; connect-src https://api.github.com https://*.privacyguides.net 'self'; frame-src https://*.privacyguides.net; frame-ancestors 'none'"
|
||||
Permissions-Policy = "browsing-topics=(), conversion-measurement=(), interest-cohort=(), accelerometer=(), ambient-light-sensor=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), usb=()"
|
||||
|
||||
[[headers]]
|
||||
for = "/:lang/about/donate/"
|
||||
[headers.values]
|
||||
Content-Security-Policy = "default-src 'none'; script-src https://opencollective.com https://www.privacyguides.org 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self' data:; img-src https://opencollective.com data: 'self'; connect-src https://api.github.com https://*.privacyguides.net 'self'; frame-src https://opencollective.com; frame-ancestors 'none'"
|
||||
|
||||
[[headers]]
|
||||
for = "/:lang/tor/"
|
||||
[headers.values]
|
||||
Content-Security-Policy = "default-src 'none'; script-src https://www.privacyguides.org 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self' data:; img-src data: 'self'; connect-src https://api.github.com https://*.privacyguides.net 'self'; frame-src https://snowflake.torproject.org; frame-ancestors 'none'"
|
||||
|
||||
[[redirects]]
|
||||
from = "/es/*"
|
||||
to = "/i18n/404.es.html"
|
||||
status = 404
|
||||
|
||||
[[redirects]]
|
||||
from = "/fr/*"
|
||||
to = "/i18n/404.fr.html"
|
||||
status = 404
|
||||
|
||||
[[redirects]]
|
||||
from = "/he/*"
|
||||
to = "/i18n/404.he.html"
|
||||
status = 404
|
||||
|
||||
[[redirects]]
|
||||
from = "/it/*"
|
||||
to = "/i18n/404.it.html"
|
||||
status = 404
|
||||
|
||||
[[redirects]]
|
||||
from = "/nl/*"
|
||||
to = "/i18n/404.nl.html"
|
||||
status = 404
|
||||
|
||||
[[redirects]]
|
||||
from = "/zh-hant/*"
|
||||
to = "/i18n/404.zh-Hant.html"
|
||||
status = 404
|
||||
|
||||
[[redirects]]
|
||||
from = "/ru/*"
|
||||
to = "/i18n/404.ru.html"
|
||||
status = 404
|
||||
|
||||
[[redirects]]
|
||||
from = "/*"
|
||||
to = "/i18n/404.en.html"
|
||||
status = 404
|
||||
|
||||
[[plugins]]
|
||||
package = "@netlify/plugin-lighthouse"
|
||||
|
||||
[[plugins.inputs.audits]]
|
||||
path = "en"
|
||||
|
||||
[[plugins.inputs.audits]]
|
||||
path = "en/tools"
|
||||
|
||||
[[plugins.inputs.audits]]
|
||||
path = "en/basics/why-privacy-matters"
|
||||
|
||||
[[plugins.inputs.audits]]
|
||||
path = "en/vpn"
|
@ -1,89 +0,0 @@
|
||||
# Copyright (c) 2023 Jonah Aragon <jonah@triplebit.net>
|
||||
|
||||
# Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
# of this software and associated documentation files (the "Software"), to
|
||||
# deal in the Software without restriction, including without limitation the
|
||||
# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
|
||||
# sell copies of the Software, and to permit persons to whom the Software is
|
||||
# furnished to do so, subject to the following conditions:
|
||||
|
||||
# The above copyright notice and this permission notice shall be included in
|
||||
# all copies or substantial portions of the Software.
|
||||
|
||||
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
|
||||
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
|
||||
# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
|
||||
# IN THE SOFTWARE.
|
||||
|
||||
/ /en/ 302 Language=en
|
||||
/ /es/ 302 Language=es
|
||||
/ /fr/ 302 Language=fr
|
||||
/ /he/ 302 Language=he
|
||||
/ /it/ 302 Language=it
|
||||
/ /nl/ 302 Language=nl
|
||||
/ /zh-hant/ 302 Language=zh-Hant
|
||||
/ /ru/ 302 Language=ru
|
||||
/ /en/ 302
|
||||
|
||||
/.well-known/matrix/* https://matrix.privacyguides.org/.well-known/matrix/:splat 200
|
||||
/.well-known/* /well-known/:splat 200
|
||||
|
||||
/kb /en/basics/why-privacy-matters/
|
||||
/:lang/kb /:lang/basics/why-privacy-matters/
|
||||
|
||||
/coc /en/CODE_OF_CONDUCT/
|
||||
/license https://github.com/privacyguides/privacyguides.org/tree/main/README.md#license
|
||||
|
||||
/team /en/about/
|
||||
/browsers /en/desktop-browsers/
|
||||
/blog https://blog.privacyguides.org
|
||||
/basics/dns-overview /en/advanced/dns-overview/
|
||||
/basics/tor-overview /en/advanced/tor-overview/
|
||||
/real-time-communication/communication-network-types /en/advanced/communication-network-types
|
||||
/advanced/real-time-communication /en/advanced/communication-network-types
|
||||
/android/overview /en/os/android-overview/
|
||||
/linux-desktop/overview /en/os/linux-overview/
|
||||
/android/grapheneos-vs-calyxos https://blog.privacyguides.org/2022/04/21/grapheneos-or-calyxos/
|
||||
/ios/configuration https://blog.privacyguides.org/2022/10/22/ios-configuration-guide/
|
||||
/linux-desktop/hardening https://blog.privacyguides.org/2022/04/22/linux-system-hardening/
|
||||
/linux-desktop/sandboxing https://blog.privacyguides.org/2022/04/22/linux-application-sandboxing/
|
||||
/advanced/signal-configuration-hardening https://blog.privacyguides.org/2022/07/07/signal-configuration-and-hardening/
|
||||
/real-time-communication/signal-configuration-hardening https://blog.privacyguides.org/2022/07/07/signal-configuration-and-hardening/
|
||||
/advanced/integrating-metadata-removal https://blog.privacyguides.org/2022/04/09/integrating-metadata-removal/
|
||||
/advanced/erasing-data https://blog.privacyguides.org/2022/05/25/secure-data-erasure/
|
||||
/operating-systems /en/desktop/
|
||||
/threat-modeling /en/basics/threat-modeling/
|
||||
/self-contained-networks /en/tor/
|
||||
/privacy-policy /en/about/privacy-policy/
|
||||
/metadata-removal-tools /en/data-redaction/
|
||||
/basics /en/kb
|
||||
/software/file-encryption /en/encryption/
|
||||
/providers /en/tools/#service-providers
|
||||
/software/calendar-contacts /en/calendar/
|
||||
/calendar-contacts /en/calendar/
|
||||
/software/metadata-removal-tools /en/data-redaction/
|
||||
/contact /en/about/
|
||||
/welcome-to-privacy-guides https://blog.privacyguides.org/2021/09/14/welcome-to-privacy-guides/
|
||||
/software/email /en/email-clients/
|
||||
/providers/paste /en/tools/
|
||||
/blog/2019/10/05/understanding-vpns https://www.jonaharagon.com/posts/understanding-vpns/
|
||||
/terms-and-notices /en/about/notices/
|
||||
/software/networks /en/tor/
|
||||
/social-news-aggregator /en/news-aggregators/
|
||||
/basics/erasing-data https://blog.privacyguides.org/2022/05/25/secure-data-erasure/
|
||||
/linux-desktop /en/desktop/
|
||||
|
||||
/providers/:slug /en/:slug/
|
||||
/software/:slug /en/:slug/
|
||||
/blog/* https://blog.privacyguides.org/:splat
|
||||
/assets/* /en/assets/:splat
|
||||
|
||||
/:slug/ /en/:slug/
|
||||
/about/:slug/ /en/about/:slug/
|
||||
/advanced/:slug/ /en/advanced/:slug/
|
||||
/basics/:slug/ /en/basics/:slug/
|
||||
/meta/:slug/ /en/meta/:slug/
|
||||
/os/:slug/ /en/os/:slug/
|
File diff suppressed because one or more lines are too long
@ -1,5 +0,0 @@
|
||||
Contact: mailto:jonah@triplebit.net
|
||||
Expires: 2024-01-01T18:00:00.000Z
|
||||
Preferred-Languages: en
|
||||
Canonical: https://www.privacyguides.org/.well-known/security.txt
|
||||
Policy: https://github.com/privacyguides/privacyguides.org/security/policy
|
@ -22,7 +22,7 @@ function getCookie(cname) {
|
||||
|
||||
var consent = __md_get("__consent")
|
||||
if (!consent) {
|
||||
__md_set("__consent", {umami: true});
|
||||
__md_set("__consent", {"umami":true,"github":true});
|
||||
if (getCookie('resolution') == '') {
|
||||
const resolution = `${window.screen.width}x${window.screen.height}`;
|
||||
setCookie('resolution', resolution, 30);
|
||||
|
Loading…
Reference in New Issue
Block a user