From 410c4735471b4fdac6d37802eb873450bdf449d3 Mon Sep 17 00:00:00 2001 From: Hendrik L Date: Thu, 12 Dec 2024 20:43:20 +0100 Subject: [PATCH 1/5] add modlog to the admin tools --- app/templates/admin/_nav.html | 1 + app/templates/base.html | 3 ++- app/templates/modlog.html | 2 +- 3 files changed, 4 insertions(+), 2 deletions(-) diff --git a/app/templates/admin/_nav.html b/app/templates/admin/_nav.html index e04d0b84..dea6efd2 100644 --- a/app/templates/admin/_nav.html +++ b/app/templates/admin/_nav.html @@ -15,6 +15,7 @@ {{ _('Newsletter') }} | {{ _('Permissions') }} | {{ _('Activities') }} + {{ _('Modlog') }} {% if debug_mode %} | {{ _('Dev Tools') }} {% endif%} diff --git a/app/templates/base.html b/app/templates/base.html index 718d1d83..a7467df1 100644 --- a/app/templates/base.html +++ b/app/templates/base.html @@ -228,8 +228,9 @@
  • {{ _('Federation') }}
  • {{ _('Instances') }}
  • {{ _('Newsletter') }}
    • -
  • {{ _('Activities') }}
  • {{ _('Permissions') }}
    • +
  • {{ _('Activities') }}
    • +
  • {{ _('Modlog') }}
    • {% if debug_mode %}
  • {{ _('Dev Tools') }}
    • {% endif %} diff --git a/app/templates/modlog.html b/app/templates/modlog.html index 7c905546..1068f169 100644 --- a/app/templates/modlog.html +++ b/app/templates/modlog.html @@ -4,7 +4,7 @@ {% extends "base.html" -%} {% endif -%} -%} {% from 'bootstrap5/form.html' import render_form -%} -{% set active_child = 'list_communities' -%} +{% set active_child = 'modlog' -%} {% block app_content -%}

    {{ _('Moderation log') }}

    From fb1b35757684fee76387e58568bd71a8e91aa469 Mon Sep 17 00:00:00 2001 From: rimu <3310831+rimu@users.noreply.github.com> Date: Mon, 16 Dec 2024 11:27:55 +1300 Subject: [PATCH 2/5] add pf_network and depends_on to docker compose file --- compose.yaml | 32 +++++++++++++++++++++++++++++--- entrypoint.sh | 0 entrypoint_celery.sh | 0 3 files changed, 29 insertions(+), 3 deletions(-) mode change 100644 => 100755 entrypoint.sh mode change 100644 => 100755 entrypoint_celery.sh diff --git a/compose.yaml b/compose.yaml index 4e0b63e8..d6a62160 100644 --- a/compose.yaml +++ b/compose.yaml @@ -1,4 +1,5 @@ services: + db: shm_size: 128mb image: postgres @@ -6,37 +7,62 @@ services: - ./.env.docker volumes: - ./pgdata:/var/lib/postgresql/data + networks: + - pf_network + redis: image: redis env_file: - ./.env.docker + networks: + - pf_network + celery: build: context: . target: builder + container_name: piefed_celery1 + depends_on: + - db + - redis env_file: - ./.env.docker entrypoint: ./entrypoint_celery.sh volumes: - ./media/:/app/app/static/media/ - web: + networks: + - pf_network + + web: build: context: . target: builder + container_name: piefed_app1 depends_on: - db - redis env_file: - ./.env.docker volumes: - - ./.gunicorn.conf.py:/app/gunicorn.conf.py + - ./gunicorn.conf.py:/app/gunicorn.conf.py - ./media/:/app/app/static/media/ ports: - - '8080:5000' + - '8030:5000' + networks: + - pf_network + adminer: image: adminer restart: always ports: - 8888:8080 + depends_on: + - db + networks: + - pf_network +networks: + pf_network: + name: pf_network + external: false diff --git a/entrypoint.sh b/entrypoint.sh old mode 100644 new mode 100755 diff --git a/entrypoint_celery.sh b/entrypoint_celery.sh old mode 100644 new mode 100755 From 317e33fc2ab95f152061f0dfde9f773f7d41b0a8 Mon Sep 17 00:00:00 2001 From: rimu <3310831+rimu@users.noreply.github.com> Date: Mon, 16 Dec 2024 11:30:28 +1300 Subject: [PATCH 3/5] sample docker config --- env.docker.sample | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 env.docker.sample diff --git a/env.docker.sample b/env.docker.sample new file mode 100644 index 00000000..45bd0606 --- /dev/null +++ b/env.docker.sample @@ -0,0 +1,24 @@ +SECRET_KEY='change this to random characters' + +SERVER_NAME='your_domain_here' + +POSTGRES_USER='piefed' +POSTGRES_PASSWORD='piefed' +POSTGRES_DB='piefed' + +DATABASE_URL=postgresql+psycopg2://piefed:piefed@db/piefed + +CACHE_TYPE='RedisCache' +CACHE_REDIS_DB=1 +CACHE_REDIS_URL='redis://redis:6379/0' +CELERY_BROKER_URL='redis://redis:6379/1' + +MODE='production' +FULL_AP_CONTEXT=0 + +SPICY_UNDER_10 = 2.5 +SPICY_UNDER_30 = 1.85 +SPICY_UNDER_60 = 1.25 + + + From d73c12d4c761b95f34c1b7c957aa6c6bda6b852a Mon Sep 17 00:00:00 2001 From: rimu <3310831+rimu@users.noreply.github.com> Date: Mon, 16 Dec 2024 20:49:43 +1300 Subject: [PATCH 4/5] remove moviepy and ffmpeg dependency --- Dockerfile | 2 +- app/activitypub/util.py | 217 ++++++++++++++++------------------------ app/models.py | 2 +- app/utils.py | 47 --------- requirements.txt | 1 - 5 files changed, 89 insertions(+), 180 deletions(-) diff --git a/Dockerfile b/Dockerfile index 08a9130c..b10e111b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -4,7 +4,7 @@ FROM --platform=$BUILDPLATFORM python:3-alpine AS builder RUN apk update RUN apk add pkgconfig -RUN apk add --virtual build-deps gcc python3-dev musl-dev tesseract-ocr tesseract-ocr-data-eng ffmpeg +RUN apk add --virtual build-deps gcc python3-dev musl-dev tesseract-ocr tesseract-ocr-data-eng WORKDIR /app COPY . /app diff --git a/app/activitypub/util.py b/app/activitypub/util.py index c4aa0014..2fefb9ef 100644 --- a/app/activitypub/util.py +++ b/app/activitypub/util.py @@ -10,7 +10,6 @@ import httpx import redis from flask import current_app, request, g, url_for, json from flask_babel import _ -from requests import JSONDecodeError from sqlalchemy import text, func, desc from sqlalchemy.exc import IntegrityError @@ -29,7 +28,7 @@ import pytesseract from app.utils import get_request, allowlist_html, get_setting, ap_datetime, markdown_to_html, \ is_image_url, domain_from_url, gibberish, ensure_directory_exists, head_request, \ shorten_string, remove_tracking_from_link, \ - microblog_content_to_title, generate_image_from_video_url, is_video_url, \ + microblog_content_to_title, is_video_url, \ notification_subscribers, communities_banned_from, actor_contains_blocked_words, \ html_to_text, add_to_modlog_activitypub, joined_communities, \ moderating_communities, get_task_session, is_video_hosting_site, opengraph_parse @@ -1009,148 +1008,106 @@ def make_image_sizes_async(file_id, thumbnail_width, medium_width, directory, to session = get_task_session() file: File = session.query(File).get(file_id) if file and file.source_url: - # Videos (old code. not invoked because file.source_url won't end .mp4 or .webm) - if file.source_url.endswith('.mp4') or file.source_url.endswith('.webm'): - new_filename = gibberish(15) - - # set up the storage directory - directory = f'app/static/media/{directory}/' + new_filename[0:2] + '/' + new_filename[2:4] - ensure_directory_exists(directory) - - # file path and names to store the resized images on disk - final_place = os.path.join(directory, new_filename + '.jpg') - final_place_thumbnail = os.path.join(directory, new_filename + '_thumbnail.webp') - try: - generate_image_from_video_url(file.source_url, final_place) - except Exception as e: - return - - if final_place: - image = Image.open(final_place) - img_width = image.width - - # Resize the image to medium - if medium_width: - if img_width > medium_width: - image.thumbnail((medium_width, medium_width)) - image.save(final_place) - file.file_path = final_place - file.width = image.width - file.height = image.height - - # Resize the image to a thumbnail (webp) - if thumbnail_width: - if img_width > thumbnail_width: - image.thumbnail((thumbnail_width, thumbnail_width)) - image.save(final_place_thumbnail, format="WebP", quality=93) - file.thumbnail_path = final_place_thumbnail - file.thumbnail_width = image.width - file.thumbnail_height = image.height - - session.commit() - - # Images + try: + source_image_response = get_request(file.source_url) + except: + pass else: - try: - source_image_response = get_request(file.source_url) - except: - pass - else: - if source_image_response.status_code == 404 and '/api/v3/image_proxy' in file.source_url: - source_image_response.close() - # Lemmy failed to retrieve the image but we might have better luck. Example source_url: https://slrpnk.net/api/v3/image_proxy?url=https%3A%2F%2Fi.guim.co.uk%2Fimg%2Fmedia%2F24e87cb4d730141848c339b3b862691ca536fb26%2F0_164_3385_2031%2Fmaster%2F3385.jpg%3Fwidth%3D1200%26height%3D630%26quality%3D85%26auto%3Dformat%26fit%3Dcrop%26overlay-align%3Dbottom%252Cleft%26overlay-width%3D100p%26overlay-base64%3DL2ltZy9zdGF0aWMvb3ZlcmxheXMvdGctZGVmYXVsdC5wbmc%26enable%3Dupscale%26s%3D0ec9d25a8cb5db9420471054e26cfa63 - # The un-proxied image url is the query parameter called 'url' - parsed_url = urlparse(file.source_url) - query_params = parse_qs(parsed_url.query) - if 'url' in query_params: - url_value = query_params['url'][0] - source_image_response = get_request(url_value) - else: - source_image_response = None - if source_image_response and source_image_response.status_code == 200: - content_type = source_image_response.headers.get('content-type') - if content_type: - if content_type.startswith('image') or (content_type == 'application/octet-stream' and file.source_url.endswith('.avif')): - source_image = source_image_response.content - source_image_response.close() + if source_image_response.status_code == 404 and '/api/v3/image_proxy' in file.source_url: + source_image_response.close() + # Lemmy failed to retrieve the image but we might have better luck. Example source_url: https://slrpnk.net/api/v3/image_proxy?url=https%3A%2F%2Fi.guim.co.uk%2Fimg%2Fmedia%2F24e87cb4d730141848c339b3b862691ca536fb26%2F0_164_3385_2031%2Fmaster%2F3385.jpg%3Fwidth%3D1200%26height%3D630%26quality%3D85%26auto%3Dformat%26fit%3Dcrop%26overlay-align%3Dbottom%252Cleft%26overlay-width%3D100p%26overlay-base64%3DL2ltZy9zdGF0aWMvb3ZlcmxheXMvdGctZGVmYXVsdC5wbmc%26enable%3Dupscale%26s%3D0ec9d25a8cb5db9420471054e26cfa63 + # The un-proxied image url is the query parameter called 'url' + parsed_url = urlparse(file.source_url) + query_params = parse_qs(parsed_url.query) + if 'url' in query_params: + url_value = query_params['url'][0] + source_image_response = get_request(url_value) + else: + source_image_response = None + if source_image_response and source_image_response.status_code == 200: + content_type = source_image_response.headers.get('content-type') + if content_type: + if content_type.startswith('image') or (content_type == 'application/octet-stream' and file.source_url.endswith('.avif')): + source_image = source_image_response.content + source_image_response.close() - content_type_parts = content_type.split('/') - if content_type_parts: - # content type headers often are just 'image/jpeg' but sometimes 'image/jpeg;charset=utf8' + content_type_parts = content_type.split('/') + if content_type_parts: + # content type headers often are just 'image/jpeg' but sometimes 'image/jpeg;charset=utf8' - # Remove ;charset=whatever - main_part = content_type.split(';')[0] + # Remove ;charset=whatever + main_part = content_type.split(';')[0] - # Split the main part on the '/' character and take the second part - file_ext = '.' + main_part.split('/')[1] - file_ext = file_ext.strip() # just to be sure + # Split the main part on the '/' character and take the second part + file_ext = '.' + main_part.split('/')[1] + file_ext = file_ext.strip() # just to be sure - if file_ext == '.jpeg': - file_ext = '.jpg' - elif file_ext == '.svg+xml': - return # no need to resize SVG images - elif file_ext == '.octet-stream': - file_ext = '.avif' - else: - file_ext = os.path.splitext(file.source_url)[1] - file_ext = file_ext.replace('%3f', '?') # sometimes urls are not decoded properly - if '?' in file_ext: - file_ext = file_ext.split('?')[0] + if file_ext == '.jpeg': + file_ext = '.jpg' + elif file_ext == '.svg+xml': + return # no need to resize SVG images + elif file_ext == '.octet-stream': + file_ext = '.avif' + else: + file_ext = os.path.splitext(file.source_url)[1] + file_ext = file_ext.replace('%3f', '?') # sometimes urls are not decoded properly + if '?' in file_ext: + file_ext = file_ext.split('?')[0] - new_filename = gibberish(15) + new_filename = gibberish(15) - # set up the storage directory - directory = f'app/static/media/{directory}/' + new_filename[0:2] + '/' + new_filename[2:4] - ensure_directory_exists(directory) + # set up the storage directory + directory = f'app/static/media/{directory}/' + new_filename[0:2] + '/' + new_filename[2:4] + ensure_directory_exists(directory) - # file path and names to store the resized images on disk - final_place = os.path.join(directory, new_filename + file_ext) - final_place_thumbnail = os.path.join(directory, new_filename + '_thumbnail.webp') + # file path and names to store the resized images on disk + final_place = os.path.join(directory, new_filename + file_ext) + final_place_thumbnail = os.path.join(directory, new_filename + '_thumbnail.webp') - if file_ext == '.avif': # this is quite a big plugin so we'll only load it if necessary - import pillow_avif + if file_ext == '.avif': # this is quite a big plugin so we'll only load it if necessary + import pillow_avif - # Load image data into Pillow - Image.MAX_IMAGE_PIXELS = 89478485 - image = Image.open(BytesIO(source_image)) - image = ImageOps.exif_transpose(image) - img_width = image.width - img_height = image.height + # Load image data into Pillow + Image.MAX_IMAGE_PIXELS = 89478485 + image = Image.open(BytesIO(source_image)) + image = ImageOps.exif_transpose(image) + img_width = image.width + img_height = image.height - # Resize the image to medium - if medium_width: - if img_width > medium_width: - image.thumbnail((medium_width, medium_width)) - image.save(final_place) - file.file_path = final_place - file.width = image.width - file.height = image.height + # Resize the image to medium + if medium_width: + if img_width > medium_width: + image.thumbnail((medium_width, medium_width)) + image.save(final_place) + file.file_path = final_place + file.width = image.width + file.height = image.height - # Resize the image to a thumbnail (webp) - if thumbnail_width: - if img_width > thumbnail_width: - image.thumbnail((thumbnail_width, thumbnail_width)) - image.save(final_place_thumbnail, format="WebP", quality=93) - file.thumbnail_path = final_place_thumbnail - file.thumbnail_width = image.width - file.thumbnail_height = image.height + # Resize the image to a thumbnail (webp) + if thumbnail_width: + if img_width > thumbnail_width: + image.thumbnail((thumbnail_width, thumbnail_width)) + image.save(final_place_thumbnail, format="WebP", quality=93) + file.thumbnail_path = final_place_thumbnail + file.thumbnail_width = image.width + file.thumbnail_height = image.height - session.commit() + session.commit() - # Alert regarding fascist meme content - if toxic_community and img_width < 2000: # images > 2000px tend to be real photos instead of 4chan screenshots. - try: - image_text = pytesseract.image_to_string(Image.open(BytesIO(source_image)).convert('L'), timeout=30) - except Exception as e: - image_text = '' - if 'Anonymous' in image_text and ('No.' in image_text or ' N0' in image_text): # chan posts usually contain the text 'Anonymous' and ' No.12345' - post = Post.query.filter_by(image_id=file.id).first() - notification = Notification(title='Review this', - user_id=1, - author_id=post.user_id, - url=url_for('activitypub.post_ap', post_id=post.id)) - session.add(notification) - session.commit() + # Alert regarding fascist meme content + if toxic_community and img_width < 2000: # images > 2000px tend to be real photos instead of 4chan screenshots. + try: + image_text = pytesseract.image_to_string(Image.open(BytesIO(source_image)).convert('L'), timeout=30) + except Exception as e: + image_text = '' + if 'Anonymous' in image_text and ('No.' in image_text or ' N0' in image_text): # chan posts usually contain the text 'Anonymous' and ' No.12345' + post = Post.query.filter_by(image_id=file.id).first() + notification = Notification(title='Review this', + user_id=1, + author_id=post.user_id, + url=url_for('activitypub.post_ap', post_id=post.id)) + session.add(notification) + session.commit() def find_reply_parent(in_reply_to: str) -> Tuple[int, int, int]: diff --git a/app/models.py b/app/models.py index ceae4a4a..1c8c3f26 100644 --- a/app/models.py +++ b/app/models.py @@ -1364,7 +1364,7 @@ class Post(db.Model): i += 1 db.session.commit() - if post.image_id: + if post.image_id and not post.type == constants.POST_TYPE_VIDEO: make_image_sizes(post.image_id, 170, 512, 'posts', community.low_quality) # the 512 sized image is for masonry view diff --git a/app/utils.py b/app/utils.py index 14bfdc06..45b50df1 100644 --- a/app/utils.py +++ b/app/utils.py @@ -4,7 +4,6 @@ import bisect import hashlib import mimetypes import random -import tempfile import urllib from collections import defaultdict from datetime import datetime, timedelta, date @@ -13,11 +12,9 @@ from typing import List, Literal, Union import httpx import markdown2 -import math from urllib.parse import urlparse, parse_qs, urlencode from functools import wraps import flask -import requests from bs4 import BeautifulSoup, MarkupResemblesLocatorWarning import warnings import jwt @@ -34,7 +31,6 @@ from wtforms.fields import SelectField, SelectMultipleField from wtforms.widgets import Select, html_params, ListWidget, CheckboxInput from app import db, cache, httpx_client import re -from moviepy.editor import VideoFileClip from PIL import Image, ImageOps from app.models import Settings, Domain, Instance, BannedInstances, User, Community, DomainBlock, ActivityPubLog, IpBan, \ @@ -1109,49 +1105,6 @@ def in_sorted_list(arr, target): return index < len(arr) and arr[index] == target -# Makes a still image from a video url, without downloading the whole video file -def generate_image_from_video_url(video_url, output_path, length=2): - - response = requests.get(video_url, stream=True, timeout=5, - headers={'User-Agent': 'Mozilla/5.0 (X11; Linux x86_64; rv:127.0) Gecko/20100101 Firefox/127.0'}) # Imgur requires a user agent - content_type = response.headers.get('Content-Type') - if content_type: - if 'video/mp4' in content_type: - temp_file_extension = '.mp4' - elif 'video/webm' in content_type: - temp_file_extension = '.webm' - else: - raise ValueError("Unsupported video format") - else: - raise ValueError("Content-Type not found in response headers") - - # Generate a random temporary file name - temp_file_name = gibberish(15) + temp_file_extension - temp_file_path = os.path.join(tempfile.gettempdir(), temp_file_name) - - # Write the downloaded data to a temporary file - with open(temp_file_path, 'wb') as f: - for chunk in response.iter_content(chunk_size=4096): - f.write(chunk) - if os.path.getsize(temp_file_path) >= length * 1024 * 1024: - break - - # Generate thumbnail from the temporary file - try: - clip = VideoFileClip(temp_file_path) - except Exception as e: - os.unlink(temp_file_path) - raise e - thumbnail = clip.get_frame(0) - clip.close() - - # Save the image - thumbnail_image = Image.fromarray(thumbnail) - thumbnail_image.save(output_path) - - os.remove(temp_file_path) - - @cache.memoize(timeout=600) def recently_upvoted_posts(user_id) -> List[int]: post_ids = db.session.execute(text('SELECT post_id FROM "post_vote" WHERE user_id = :user_id AND effect > 0 ORDER BY id DESC LIMIT 1000'), diff --git a/requirements.txt b/requirements.txt index 3f0cbefd..d2a5bcca 100644 --- a/requirements.txt +++ b/requirements.txt @@ -32,4 +32,3 @@ Werkzeug==2.3.3 pytesseract==0.3.10 sentry-sdk==1.40.6 python-slugify==8.0.4 -moviepy==1.0.3 From f2fff4e00e2eacbc23b1d1c241e5e6949ec0072f Mon Sep 17 00:00:00 2001 From: rimu <3310831+rimu@users.noreply.github.com> Date: Mon, 16 Dec 2024 20:50:40 +1300 Subject: [PATCH 5/5] added docker instructions --- INSTALL.md | 111 +++++++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 108 insertions(+), 3 deletions(-) diff --git a/INSTALL.md b/INSTALL.md index d29e7830..31732fb3 100644 --- a/INSTALL.md +++ b/INSTALL.md @@ -1,7 +1,8 @@ # Contents -* [Setup Database](#setup-database) -* [Install Python Libraries](#install-python-libraries) +* [Choose your path - easy way or hard way](#choose-path) +* [Setup Database](#setup-database) +* [Install Python Libraries](#install-python-libraries) * [Install additional requirements](#install-additional-requirements) * [Setup pyfedi](#setup-pyfedi) * [Setup .env file](#setup-env-file) @@ -14,6 +15,110 @@ * [Notes for Windows (WSL2)](#notes-for-windows-wsl2) * [Notes for Pip Package Management](#notes-for-pip-package-management) +
    + +## Do you want this the easy way or the hard way? + +### Easy way: docker + +Docker can be used to create an isolated environment that is separate from the host server and starts from a consistent +configuration. While it is quicker and easier, it's not to everyone's taste. + +* Clone PieFed into a new directory + +```bash +git clone https://codeberg.org/rimu/pyfedi.git +``` + +* Copy suggested docker config + +```bash +cd pyfedi +cp env.docker.sample .env.docker +``` + +* Edit docker environment file + +Open .env.docker in your text editor, set SECRET_KEY to something random and set SERVER_NAME to your domain name, +WITHOUT the https:// at the front. The database login details doesn't really need to be changed because postgres will be +locked away inside it's own docker network that only PieFed can access but if you want to change POSTGRES_PASSWORD go ahead +just be sure to update DATABASE_URL accordingly. + +Check out compose.yaml and see if it is to your liking. Note the port (8030) and volume definitions - they might need to be +tweaked. + +* First startup + +This will take a few minutes. + +```bash +export DOCKER_BUILDKIT=1 +docker-compose up --build +``` + +After a while the gibberish will stop scrolling past. If you see errors let us know at [https://piefed.social/c/piefed_help](https://piefed.social/c/piefed_help). + +* Networking + +You need to somehow to allow client connections from outside to access port 8030 on your server. The details of this is outside the scope +of this article. You could use a nginx reverse proxy, a cloudflare zero trust tunnel, tailscale, whatever. Just make sure it has SSL on +it as PieFed assumes you're making requests that start with https://your-domain. + +Once you have the networking set up, go to https://your-domain in your browser and see if the docker output in your terminal +shows signs of reacting to the request. There will be an error showing up in the console because we haven't done the next step yet. + +* Database initialization + +This must be done once and once only. Doing this will wipe all existing data in your instance so do not do it unless you have a +brand new instance. + +Open a shell inside the PieFed docker container: + +`docker exec -it piefed_app1 sh` + +Inside the container, run the initialization command: + +``` +export FLASK_APP=pyfedi.py +flask init-db +``` + +Among other things this process will get you set up with a username and password. Don't use 'admin' as the user name, script kiddies love that one. + +* The moment of truth + +Go to https://your-domain in your web browser and PieFed should appear. Log in with the username and password from the previous step. + +At this point docker is pretty much Ok so you don't need to see the terminal output as readily. Hit Ctrl + C to close down docker and then run + +```bash +docker-compose up -d +``` + +to have PieFed run in the background. + +* But wait there's more + +Until you set the right environment variables, PieFed won't be able to send email. Check out env.sample for some hints. +When you have a new value to set, add it to .env.docker and then restart docker with: + +``` +docker-compose down && docker-compose up -d +``` + +There are also regular cron jobs that need to be run. Set up cron on the host to run those scripts inside the container - see the Cron +section of this document for details. + +You probably want a Captcha on the registration form - more environment variables. + +CDN, CloudFlare. More environment variables. + +All this is explained in the bare metal guide, below. + +### Hard way: bare metal + +Read on +
    ## Setup Database @@ -77,7 +182,7 @@ sudo apt install tesseract-ocr ## Setup PyFedi -* Clone PyFedi +* Clone PieFed ```bash git clone https://codeberg.org/rimu/pyfedi.git