docs/honk.8 (view raw)
1.\"
2.\" Copyright (c) 2019 Ted Unangst
3.\"
4.\" Permission to use, copy, modify, and distribute this software for any
5.\" purpose with or without fee is hereby granted, provided that the above
6.\" copyright notice and this permission notice appear in all copies.
7.\"
8.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15.\"
16.Dd $Mdocdate$
17.Dt HONK 8
18.Os
19.Sh NAME
20.Nm honk
21.Nd honk administration
22.Sh DESCRIPTION
23The
24.Nm
25daemon processes messages from other federated servers.
26This is the admin manual.
27For user operation, see
28.Xr honk 1 .
29.Ss SETUP
30.Pp
31Set up a TLS reverse proxy.
32.Nm
33can listen on TCP or unix sockets, but will not terminate TLS.
34https is a required component for federation.
35.Pp
36Make sure to pass the Host header, if necessary (as for nginx).
37.Bd -literal -offset indent
38proxy_set_header Host $http_host;
39.Ed
40.Ss BUILD
41Building
42.Nm
43requires a go compiler and libsqlite.
44On
45.Ox
46this is the go and sqlite3 packages.
47Other platforms may require additional development libraries or headers
48to be installed.
49Run make.
50Please be patient.
51Even on fast machines, building from source can take several seconds.
52.Ss INIT
53Run the
54.Ic init
55command.
56.Dl ./honk init
57This will create the database and ask four questions, as well as creating
58the initial user.
59.Bd -literal -offset indent
60username: (desired username)
61password: (desired password)
62listenaddr: (tcp or unix: localhost:31337, /var/www/honk.sock, etc.)
63servername: (public DNS name: honk.example.com)
64.Ed
65.Ss OPERATION
66Run honk.
67.Dl date; ./honk >> log 2>&1
68Log messages are sent to stderr and should probably be redirected to a file.
69.Ss CUSTOMIZATION
70Add custom memes (stickers) to the
71.Pa memes
72directory.
73Image and video files are supported.
74.Pp
75Add custom emus (emoji) to the
76.Pa emus
77directory.
78Image files are supported.
79.Pp
80Site CSS may be overridden by creating a
81.Pa views/local.css
82file.
83.Pp
84Custom messages may be set by editing the database.
85(Sorry.)
86.Dl update config set value = 'message' where key = 'servermsg';
87.Dl update config set value = 'message' where key = 'aboutmsg';
88.Dl update config set value = 'message' where key = 'loginmsg';
89.Pp
90.Ss ADMIN
91New users can be added with the
92.Ic adduser
93command.
94This is discouraged.
95.Dl ./honk adduser
96.Pp
97Passwords may be reset with the
98.Ic chpass
99command.
100.Dl ./honk chpass username
101.Ss MAINTENANCE
102The database may grow large over time.
103The
104.Ic cleanup
105command exists to purge old data, by default 30 days.
106.Ss UPGRADE
107Stop the old honk process.
108.Dl pkill honk
109Backup the database.
110.Dl cp honk.db backup.db
111Perform the upgrade with the
112.Ic upgrade
113command.
114.Dl ./honk upgrade
115Restart.
116.Dl ./honk
117.Pp
118There's also a
119.Pa blob.db
120file which is important to backup and restore.
121.Sh SECURITY
122.Nm
123is not currently hardened against SSRF, server side request forgery.
124Be mindful of what other services may be exposed via localhost or the
125local network.
126.Sh DEBUG
127Debug mode may be enabled or disabled by running
128.Ic debug Ar on|off .
129In debug mode, secure cookies are disabled and templates are reloaded
130every request.
131.Sh ENVIRONMENT
132Image processing and scaling requires considerable memory.
133It is recommended to adjust the datasize ulimit to at least 1GB.
134.Sh SEE ALSO
135.Xr intro 1 ,
136.Xr honk 1
137.Sh CAVEATS
138There's no online upgrade capability.
139Upgrades may result in minutes of downtime.