Pre-fill domain-related settings for tobast.fr

This commit is contained in:
Théophile Bastian 2018-08-01 15:29:34 +02:00
parent 28f56317a3
commit f9498aae7f
2 changed files with 10 additions and 41 deletions

View file

@ -55,8 +55,8 @@
<div ng-hide="connected" class="container"> <div ng-hide="connected" class="container">
<h2> <h2>
<img alt="logo" src="assets/img/glowing-bear.svg"> <img alt="logo" src="assets/img/glowing-bear.svg">
<span>Glowing Bear</span> <span>Glowing Bear — weechat.tobast.fr</span>
<small>WeeChat web frontend</small> <small>WeeChat web frontend with pre-filled settings</small>
</h2> </h2>
<div class="alert alert-warning" ng-show="show_tls_warning" ng-cloak><strong>You're using Glowing Bear over an unencrypted connection (http://). This is not recommended!</strong> We recommend using our secure hosted version at <a href="https://www.glowing-bear.org/">https://www.glowing-bear.org/</a>, or <a href="https://latest.glowing-bear.org/">https://latest.glowing-bear.org</a> for the latest development version. If your relay is on your local network, that is unfortunately impossible, but be aware of the implications.</div> <div class="alert alert-warning" ng-show="show_tls_warning" ng-cloak><strong>You're using Glowing Bear over an unencrypted connection (http://). This is not recommended!</strong> We recommend using our secure hosted version at <a href="https://www.glowing-bear.org/">https://www.glowing-bear.org/</a>, or <a href="https://latest.glowing-bear.org/">https://latest.glowing-bear.org</a> for the latest development version. If your relay is on your local network, that is unfortunately impossible, but be aware of the implications.</div>
<div class="alert alert-danger" ng-show="errorMessage" ng-cloak> <div class="alert alert-danger" ng-show="errorMessage" ng-cloak>
@ -100,14 +100,13 @@
<div class="panel-body"> <div class="panel-body">
<form class="form-signin" role="form"> <form class="form-signin" role="form">
<div class="form-group"> <div class="form-group">
<label class="control-label" for="host">WeeChat relay hostname and port number</label>
<div class="input-group"> <div class="input-group">
<div class="row no-gutter"> <div class="row no-gutter" ng-show="false">
<div class="col-sm-9"> <div class="col-sm-9">
<input type="text" class="form-control favorite-font" id="host" ng-model="settings.host" placeholder="Address" autocapitalize="off"> <input type="hidden" class="form-control favorite-font" id="host" ng-model="settings.host" placeholder="Address" autocapitalize="off">
</div> </div>
<div class="col-sm-3"> <div class="col-sm-3">
<input type="text" class="form-control favorite-font" id="port" ng-model="settings.port" placeholder="Port"> <input type="hidden" class="form-control favorite-font" id="port" ng-model="settings.port" placeholder="Port">
</div> </div>
</div> </div>
</div> </div>
@ -129,9 +128,9 @@
Automatically connect Automatically connect
</label> </label>
</div> </div>
<div class="checkbox"> <div class="checkbox" ng-show="false">
<label class="control-label" for="ssl"> <label class="control-label" for="ssl">
<input type="checkbox" id="ssl" ng-model="settings.ssl"> <input type="hidden" id="ssl" ng-model="settings.ssl">
Encryption. <strong>Strongly recommended!</strong> Need help? Check below. Encryption. <strong>Strongly recommended!</strong> Need help? Check below.
</label> </label>
</div> </div>
@ -141,36 +140,6 @@
</div> </div>
</div> </div>
</div> </div>
<div class="panel" data-state="collapsed">
<div class="panel-heading">
<h4 class="panel-title">
<a class="accordion-toggle" ng-click="toggleAccordion($event)">
Getting Started
</a>
</h4>
</div>
<div id="collapseTwo" class="panel-collapse collapse">
<div class="panel-body">
<p><span class="label label-danger">WeeChat version 0.4.2 or higher is required—we recommend at least 1.0.</p>
<p>To start using Glowing Bear, follow the instructions below to set up an encrypted relay. All communication goes directly between your browser and your WeeChat relay! This means that your server must be accessible. We never see any of your data or your password, and you don't need to trust a "cloud". All settings, including your password, are saved locally in your own browser between sessions.</p>
<div class="alert alert-warning" ng-show="show_tls_warning"><strong>You're using Glowing Bear over an unencrypted connection (http://). This is not recommended!</strong> We recommend using our secure hosted version at <a href="https://www.glowing-bear.org/">https://www.glowing-bear.org/</a>, or <a href="https://latest.glowing-bear.org/">https://latest.glowing-bear.org</a> for the latest and greatest development version. You can still follow the instructions below to set up an encrypted relay, though.</div>
<p>When using encryption, all communication between your browser and WeeChat will be securely encrypted with TLS. This means that you have to set up a certificate. While it's possible to use a self-signed cert, we recommend against it, because it's handled poorly in browsers, and may not work at all on mobile devices. If you don't already have a certificate for your domain (or you don't have a domain), we strongly encourage you to get a certificate from <a href="https://letsencrypt.org/">Let's Encrypt</a>—it's free and easy. We'll walk you through it.</p>
<p><strong>If you don't have a domain</strong> you can get a free subdomain from providers such as <a href="https://freedns.afraid.org/">afraid</a>. You'll want to set up an 'A' record to your server's IP address, and quite possibly an AAAA record to its IPv6 address. These might take a few hours to propagate, if the steps below don't work right away, try again in a few hours.</p>
<p><strong>Getting a certificate</strong> is easy. You'll need certbot—just follow the encryptions at <a href="https://certbot.eff.org/">https://certbot.eff.org</a>. If you're not serving webpages on the same server or are unsure, select "none of the above" (if you are, you can probably use that webserver to proxy your relay, and skip this—check out the <a href="https://github.com/glowing-bear/glowing-bear/wiki/Proxying-WeeChat-relay-with-a-web-server">instructions in our Wiki</a>). Next, get the certificate with <code>certbot certonly --standalone -d {{ settings.host || your.domain.com }}</code> and follow the instructions.</p>
<p>Nearly done! Now you just need to copy the files into place. To do that, use the following commands, replacing the <strong>username</strong> placeholder with your actual username:</p>
<pre>mkdir -p ~<strong>username</strong>/.weechat/ssl
cat /etc/letsencrypt/live/{{ settings.host || your.domain.com }}/{fullchain,privkey}.pem &gt; ~<strong>username</strong>/.weechat/ssl/relay.pem
chown -R <strong>username</strong>:<strong>username</strong> ~<strong>username</strong>/.weechat/ssl/</pre>
<p>Once you've got the certificate and moved it in place, you can set up an encrypted relay on port {{ settings.port || 9001 }} with these WeeChat commands:</p>
<pre>
/set relay.network.password y0ur_StRonG-pa$sw0rd:of*choice
/relay sslcertkey
/relay add ssl.weechat {{ settings.port || 9001 }}
</pre>
<p>Your certificate needs to be renewed every couple of months. Either follow the instructions for automatic renewal at <a href="https://certbot.eff.org/">https://certbot.eff.org</a>, or run <code>certbot renew</code> manually when renewal is due. <strong>Important:</strong> You'll need to follow the instructions for copying the certificate to the right place again, and re-run <code>/relay sslcertkey</code> in WeeChat.</p>
</div>
</div>
</div>
<div class="panel" data-state="collapsed"> <div class="panel" data-state="collapsed">
<div class="panel-heading"> <div class="panel-heading">
<h4 class="panel-title"> <h4 class="panel-title">

View file

@ -41,9 +41,9 @@ weechat.controller('WeechatCtrl', ['$rootScope', '$scope', '$store', '$timeout',
// or else they won't be saved to the localStorage. // or else they won't be saved to the localStorage.
settings.setDefaults({ settings.setDefaults({
'theme': 'dark', 'theme': 'dark',
'host': 'localhost', 'host': window.location.hostname,
'port': 9001, 'port': 443,
'ssl': (window.location.protocol === "https:"), 'ssl': true,
'savepassword': false, 'savepassword': false,
'autoconnect': false, 'autoconnect': false,
'nonicklist': utils.isMobileUi(), 'nonicklist': utils.isMobileUi(),