RewriteRule ^(.git|doxygen|vendor) - [F]
# Forward the "Authorization" HTTP header
+# fixes JWT token not correctly forwarded on some Apache/FastCGI setups
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]
matrix:
include:
+ # jobs for each supported php version
- language: php
php: 7.4
- language: php
php: 7.2
- language: php
php: 7.1
+ # jobs for frontend builds
- language: node_js
node_js: 8
cache:
yarn: true
directories:
- $HOME/.cache/yarn
-
install:
- yarn install
-
before_script:
- PATH=${PATH//:\.\/node_modules\/\.bin/}
-
script:
- - yarn run build # Just to be sure that the build isn't broken
- - make eslint
- - make sasslint
+ - yarn run build # verify successful frontend builds
+ - make eslint # javascript static analysis
+ - make sasslint # linter for SASS syntax
+ # jobs for documentation builds
- language: python
python: 3.6
cache:
- $HOME/.composer/cache
install:
+ # install/update composer and php dependencies
- composer install --prefer-dist
before_script:
+++ /dev/null
-## CSS
-
-- Yahoo UI [CSS Reset](http://yuilibrary.com/yui/docs/cssreset/) - standardize cross-browser rendering
-
-## Javascript
-
-- [Awesomeplete](https://leaverou.github.io/awesomplete/) ([GitHub](https://github.com/LeaVerou/awesomplete)) - autocompletion in input forms
-- [bLazy](http://dinbror.dk/blazy/) ([GitHub](https://github.com/dinbror/blazy)) - lazy loading for thumbnails
-- [qr.js](http://neocotic.com/qr.js/) ([GitHub](https://github.com/neocotic/qr.js)) - QR code generation
-
-## PHP
-
-- [RainTPL](https://github.com/rainphp/raintpl) - HTML templating for PHP
-
-### Composer
-
-Library | Usage
----|---
-[`shaarli/netscape-bookmark-parser`](https://packagist.org/packages/shaarli/netscape-bookmark-parser) | Import bookmarks from Netscape files
-[`erusev/parsedown`](https://packagist.org/packages/erusev/parsedown) | Parse MarkDown syntax for the MarkDown plugin
-[`slim/slim`](https://packagist.org/packages/slim/slim) | Handle routes and middleware for the REST API
--- /dev/null
+## Backup and restore
+
+All data and [configuration](Shaarli-configuration.md) is kept in the `data` directory. Backup this directory:
+
+```bash
+rsync -avzP my.server.com:/var/www/shaarli.mydomain.org/data ~/backups/shaarli-data-$(date +%Y-%m-%d_%H%M)
+```
+
+It is strongly recommended to do periodic, automatic backups to a seperate machine. You can automate the command above using a cron job or full-featured backup solutions such as [rsnapshot](https://rsnapshot.org/)
+
+To restore a backup, simply put back the `data/` directory in place, owerwriting any existing files.
\ No newline at end of file
+++ /dev/null
-## Plain text search
-
-Use the `Search text` field to search in _any_ of the fields of all links (Title, URL, Description...)
-
-**Exclude text/tags:** Use the `-` operator before a word or tag (example `-uninteresting`) to prevent entries containing (or tagged) `uninteresting` from showing up in the search results.
-
-**Exact text search:** Use double-quotes (example `"exact search"`) to search for the exact expression.
-
-Both exclude patterns and exact searches can be combined with normal searches (example `"exact search" term otherterm -notthis "very exact" stuff -notagain`)
-
-## Tags search
-
-Use the `Filter by tags` field to restrict displayed links to entries tagged with one or multiple tags (use space to separate tags).
-
-**Hidden tags:** Tags starting with a dot `.` (example `.secret`) are private. They can only be seen and searched when logged in.
-
-### Tag cloud
-
-The `Tag cloud` page diplays a "cloud" view of all tags in your Shaarli.
-
- * The most frequently used tags are displayed with a bigger font size.
- * When sorting by `Most used` or `Alphabetical`, tags are displayed as a _list_, along with counters and edit/delete buttons for each tag.
- * Clicking on any tag will display a list of all Shaares matching this tag.
- * Clicking on the counter next to a tag `example`, will filter the tag cloud to only display tags found in Shaares tagged `example`. Repeat this any number of times to further filter the tag cloud. Click `List all links with those tags` to display Shaares matching your current tag filter.
-
-## Filtering RSS feeds/Picture wall
-
-RSS feeds can also be restricted to only return items matching a text/tag search: see [RSS feeds](RSS-feeds).
-
-## Filter buttons
-
-Filter buttons can be found at the top left of the link list. They allow you to apply different filters to the list:
-
- * **Private links:** When this toggle button is enabled, only shaares set to `private` will be shown.
- * **Untagged links:** When the this toggle button is enabled (top left of the link list), only shaares _without any tags_ will be shown in the link list.
-
-Filter buttons are only available when logged in.
+# Community & related software
+
_Unofficial but related work on Shaarli. If you maintain one of these,
please get in touch with us to help us find a way to adapt your work to our fork._
-## Related software
+## Related software
### REST API clients
See [REST API](REST-API) for a list of official and community clients.
### Third party plugins
-- [autosave](https://github.com/kalvn/shaarli-plugin-autosave) by [@kalvn](https://github.com/kalvn): Automatically saves data when editing a link to avoid any loss in case of crash or unexpected shutdown.
+
+- [autosave](https://github.com/kalvn/shaarli-plugin-autosave) by [@kalvn](https://github.com/kalvn): Automatically saves data when editing a Shaare to avoid any loss in case of crash or unexpected shutdown.
- [Code Coloration](https://github.com/ArthurHoaro/code-coloration) by [@ArthurHoaro](https://github.com/ArthurHoaro): client side code syntax highlighter.
- [Disqus](https://github.com/kalvn/shaarli-plugin-disqus) by [@kalvn](https://github.com/kalvn): Adds Disqus comment system to your Shaarli.
- [google analytics](https://github.com/ericjuden/Shaarli-Google-Analytics-Plugin) by [@ericjuden](http://github.com/ericjuden): Adds Google Analytics tracking support
- [launch](https://github.com/ArthurHoaro/launch-plugin) - Launch Plugin is a plugin designed to enhance and customize Launch Theme for Shaarli.
-- [markdown-toolbar](https://github.com/immanuelfodor/shaarli-markdown-toolbar) by [@immanuelfodor](https://github.com/immanuelfodor) - Easily insert markdown syntax into the Description field when editing a link.
-- [related](https://github.com/ilesinge/shaarli-related) by [@ilesinge](https://github.com/ilesinge) - Show related links based on the number of identical tags.
+- [markdown-toolbar](https://github.com/immanuelfodor/shaarli-markdown-toolbar) by [@immanuelfodor](https://github.com/immanuelfodor) - Easily insert markdown syntax into the Description field when editing a Shaare.
+- [related](https://github.com/ilesinge/shaarli-related) by [@ilesinge](https://github.com/ilesinge) - Show related Shaares based on the number of identical tags.
- [social](https://github.com/alexisju/social) by [@alexisju](https://github.com/alexisju): share links to social networks.
-- [shaarli2twitter](https://github.com/ArthurHoaro/shaarli2twitter) by [@ArthurHoaro](https://github.com/ArthurHoaro) - Automatically tweet your shared links from Shaarli
+- [shaarli2twitter](https://github.com/ArthurHoaro/shaarli2twitter) by [@ArthurHoaro](https://github.com/ArthurHoaro) - Automatically tweet your Shaares from Shaarli
- [shaarli2mastodon](https://github.com/kalvn/shaarli2mastodon) by [@kalvn](https://github.com/kalvn) - This Shaarli plugin allows you to automatically publish links you post on your Mastodon timeline.
-- [shaarli-descriptor](https://github.com/immanuelfodor/shaarli-descriptor) by [@immanuelfodor](https://github.com/immanuelfodor) - Customize the default height/number of rows of the Description field when editing a link.
+- [shaarli-descriptor](https://github.com/immanuelfodor/shaarli-descriptor) by [@immanuelfodor](https://github.com/immanuelfodor) - Customize the default height/number of rows of the Description field when editing a Shaare.
- [urlextern](https://github.com/trailjeep/shaarli-urlextern) by [@trailjeep](https://github.com/trailjeep) - Shaarli plugin to open external links in a new tab/window.
-- [favicons](https://github.com/trailjeep/shaarli-favicons) by [@trailjeep](https://github.com/trailjeep) - Shaarli plugin to add favicon/filetype icons to links.
+- [favicons](https://github.com/trailjeep/shaarli-favicons) by [@trailjeep](https://github.com/trailjeep) - Shaarli plugin to add favicon/filetype icons to Shaares.
+
### Third-party themes
+
See [Theming](Theming) for a list of community-contributed themes, and an installation guide.
### Integration with other platforms
+
- [tt-rss-shaarli](https://github.com/jcsaaddupuy/tt-rss-shaarli) - [Tiny-Tiny RSS](http://tt-rss.org/) plugin that adds support for sharing articles with Shaarli
-- [octopress-shaarli](https://github.com/ahmet2mir/octopress-shaarli) - Octopress plugin to retrieve Shaarli links on the sidebar
+- [octopress-shaarli](https://github.com/ahmet2mir/octopress-shaarli) - Octopress plugin to retrieve Shaarli Shaares on the sidebar
- [Scuttle to Shaarli](https://github.com/q2apro/scuttle-to-shaarli) - Import bookmarks from Scuttle
- [Shaarli app for Cloudron](https://git.cloudron.io/cloudron/shaarli-app) - Effortlessly run Shaarli with the help of [Cloudron](https://cloudron.io/) [](https://cloudron.io/button.html?app=com.github.shaarli)
- [Shaarli_ynh](https://github.com/YunoHost-Apps/shaarli_ynh) - Shaarli is available as a [Yunohost](https://yunohost.org) app [](https://install-app.yunohost.org/?app=shaarli)
- [pelican](https://blog.getpelican.com) static blog generator plugin to auto-post articles on a Shaarli instance: [shaarli_poster](https://github.com/getpelican/pelican-plugins/tree/master/shaarli_poster)
+
### Mobile Apps
+
- [ShaarliOS](https://github.com/mro/ShaarliOS) - Apple iOS share extension.
- [Shaarli for Android](http://sebsauvage.net/links/?ZAyDzg) - Android application that adds Shaarli as a sharing provider
-- [Shaarlier for Android](https://github.com/dimtion/Shaarlier) - Android application to simply add links directly into your Shaarli
+- [Shaarlier for Android](https://github.com/dimtion/Shaarlier) - Android application to simply add Shaares directly into your Shaarli
- [Stakali for Android](https://stakali.toneiv.eu) - Stakali is a personal bookmark manager which synchronizes with Shaarli
+
### Desktop Apps
+
- [Ulauncher Extension](https://github.com/sebw/ulauncher-shaarli) - Ulauncher is an an application launcher for Linux, this extension allows research in your Shaarli
+
### Browser addons
+
- [Shaarli Firefox Extension](https://github.com/ikipatang/shaarli-web-extension) - toolbar button to share your current tab with Shaarli.
- [Shaarli Chrome Extension](https://github.com/octplane/Shiny-Shaarli) - toolbar button to share your current tab with Shaarli.
+
### Server apps
+
- [shaarchiver](https://github.com/nodiscc/shaarchiver) - Archive your Shaarli bookmarks and their content
- [shaarli-river](https://github.com/mknexen/shaarli-river) - An aggregator for shaarlis with many features
- [Shaarlo](https://github.com/DMeloni/shaarlo) - An aggregator for shaarlis with many features (a very popular running instance among French shaarliers: [shaarli.fr](http://shaarli.fr/))
- [Self dead link](https://framagit.org/qwertygc/shaarli-dev-code/blob/master/self-dead-link.php) - Detect dead links on shaarli. This version use the database of shaarli. [Another version](https://framagit.org/qwertygc/shaarli-dev-code/blob/master/dead-link.php), can be used for other shaarli instances (but is more resource consuming).
- [Bookmark Archiver](https://github.com/pirate/bookmark-archiver) - Save an archived copy of all websites starred using browser bookmarks/Shaarli/Delicious/Instapaper/Unmark.it/Pocket/Pinboard. Outputs browseable html.
+
## Alternatives to Shaarli
+
See [awesome-selfhosted: bookmarks & link sharing](https://github.com/Kickball/awesome-selfhosted/#bookmarks--link-sharing).
+
## Community
+
- [Liens en vrac de sebsauvage](http://sebsauvage.net/links/) - the original Shaarli
- [A large list of Shaarlis](http://porneia.free.fr/pub/links/ou-est-shaarli.html)
- [A list of working Shaarli aggregators](https://raw.githubusercontent.com/Oros42/find_shaarlis/master/annuaires.json)
- [Original revisions history](http://sebsauvage.net/wiki/doku.php?id=php:shaarli:history)
- [Shaarli.fr/my](https://www.shaarli.fr/my.php) - Unofficial, unsupported (old fork) hosted Shaarlis provider, courtesy of [DMeloni](https://github.com/DMeloni)
+
### Articles and social media discussions
+
- 2016-09-22 - Hacker News - https://news.ycombinator.com/item?id=12552176
- 2015-08-15 - Reddit - [Question about migrating from WordPress to Shaarli.](https://www.reddit.com/r/selfhosted/comments/3h3zwh/question_about_migrating_from_wordpress_to_shaarli/)
- 2015-06-22 - Hacker News - https://news.ycombinator.com/item?id=9755366
+++ /dev/null
-## Local development
-A [`Makefile`](https://github.com/shaarli/Shaarli/blob/master/Makefile) is available to perform project-related operations:
-
-- Documentation - generate a local HTML copy of the GitHub wiki
-- [Static analysis](Static-analysis) - check that the code is compliant to PHP conventions
-- [Unit tests](Unit-tests) - ensure there are no regressions introduced by new commits
-
-## Automatic builds
-[Travis CI](http://docs.travis-ci.com/) is a Continuous Integration build server, that runs a build:
-
-- each time a commit is merged to the mainline (`master` branch)
-- each time a Pull Request is submitted or updated
-
-A build is composed of several jobs: one for each supported PHP version (see [Server requirements](Server requirements)).
-
-Each build job:
-
-- updates Composer
-- installs 3rd-party test dependencies with Composer
-- runs [Unit tests](Unit-tests)
-- runs ESLint check
-
-After all jobs have finished, Travis returns the results to GitHub:
-
-- a status icon represents the result for the `master` branch: [](https://travis-ci.org/shaarli/Shaarli)
-- Pull Requests are updated with the Travis result
- - Green: all tests have passed
- - Red: some tests failed
- - Orange: tests are pending
-
-## Documentation
-[mkdocs](https://www.mkdocs.org/) is used to convert markdown documentation to HTML pages. The [public documentation](https://shaarli.readthedocs.io/en/master/) website is rendered and hosted by [readthedocs.org](https://readthedocs.org/). A copy of the documentation is also included in prebuilt [release archives](https://github.com/shaarli/Shaarli/releases) (`doc/html/` path in your Shaarli installation). To generate the HTML documentation locally, install a recent version of Python `setuptools` and run `make doc`.
+++ /dev/null
-## Development guidelines
-
-Please have a look at the following pages:
-
-- [Contributing to Shaarli](https://github.com/shaarli/Shaarli/tree/master/CONTRIBUTING.md)
-- [Static analysis](Static-analysis) - patches should try to stick to the
-[PHP Standard Recommendations](http://www.php-fig.org/psr/) (PSR), especially:
- - [PSR-1](http://www.php-fig.org/psr/psr-1/) - Basic Coding Standard
- - [PSR-2](http://www.php-fig.org/psr/psr-2/) - Coding Style Guide
-- [Unit tests](Unit-tests)
-- Javascript linting - Shaarli uses [Airbnb JavaScript Style Guide](https://github.com/airbnb/javascript).
-Run `make eslint` to check JS style.
-- [GnuPG signature](GnuPG-signature) for tags/releases
+++ /dev/null
-## Directory structure
-
-Here is the directory structure of Shaarli and the purpose of the different files:
-
-```bash
- index.php # Main program
- application/ # Shaarli classes
- ├── LinkDB.php
-
- ...
-
- └── Utils.php
- tests/ # Shaarli unitary & functional tests
- ├── LinkDBTest.php
-
- ...
-
- ├── utils # utilities to ease testing
- │ └── ReferenceLinkDB.php
- └── UtilsTest.php
- assets/
- ├── common/ # Assets shared by multiple themes
- ├── ...
- ├── default/ # Assets for the default template, before compilation
- ├── fonts/ # Font files
- ├── img/ # Images used by the default theme
- ├── js/ # JavaScript files in ES6 syntax
- ├── scss/ # SASS files
- └── vintage/ # Assets for the vintage template, before compilation
- └── ...
- COPYING # Shaarli license
- inc/ # static assets and 3rd party libraries
- └── rain.tpl.class.php # RainTPL templating library
- images/ # Images and icons used in Shaarli
- data/ # data storage: bookmark database, configuration, logs, banlist...
- ├── config.json.php # Shaarli configuration (login, password, timezone, title...)
- ├── datastore.php # Your link database (compressed).
- ├── ipban.php # IP address ban system data
- ├── lastupdatecheck.txt # Update check timestamp file
- └── log.txt # login/IPban log.
- tpl/ # RainTPL templates for Shaarli. They are used to build the pages.
- ├── default/ # Default Shaarli theme
- ├── fonts/ # Font files
- ├── img/ # Images
- ├── js/ # JavaScript files compiled by Babel and compatible with all browsers
- ├── css/ # CSS files compiled with SASS
- └── vintage/ # Legacy Shaarli theme
- └── ...
- cache/ # thumbnails cache
- # This directory is automatically created. You can erase it anytime you want.
- tmp/ # Temporary directory for compiled RainTPL templates.
- # This directory is automatically created. You can erase it anytime you want.
- vendor/ # Third-party dependencies. This directory is created by Composer
-```
--- /dev/null
+# Docker
+
+[Docker](https://docs.docker.com/get-started/overview/) is an open platform for developing, shipping, and running applications
+
+## Install Docker
+
+Install [Docker](https://www.docker.com/), by following the instructions relevant to your OS / distribution, and start the service. For example on [Debian](https://docs.docker.com/engine/install/debian/):
+
+```bash
+# update your package lists
+$ sudo apt update
+# remove old versions
+$ sudo apt-get remove docker docker-engine docker.io containerd runc
+# install requirements
+$ sudo apt-get install apt-transport-https ca-certificates curl gnupg-agent software-properties-common
+# add docker's GPG signing key
+curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -
+# add the repository
+$ sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/debian $(lsb_release -cs) stable"
+# install docker engine
+$ sudo apt-get update
+$ sudo apt-get install docker-ce docker-ce-cli containerd.io
+# verify that Docker is properly configured
+root@stretch-shaarli-02:~$ docker run hello-world
+```
+
+
+## Get and run a Shaarli image
+
+Shaarli images are available on [DockerHub](https://hub.docker.com/r/shaarli/shaarli/):
+
+- `latest`: latest branch
+- `master`: master branch
+
+These images are built automatically on DockerHub and rely on:
+
+- [Alpine Linux](https://www.alpinelinux.org/)
+- [PHP7-FPM](http://php-fpm.org/)
+- [Nginx](http://nginx.org/)
+
+Additional Dockerfiles are provided for the `arm32v7` platform, relying on [Linuxserver.io Alpine armhf images](https://hub.docker.com/r/lsiobase/alpine.armhf/). These images must be built using [`docker build`](https://docs.docker.com/engine/reference/commandline/build/) on an `arm32v7` machine or using an emulator such as [qemu](https://resin.io/blog/building-arm-containers-on-any-x86-machine-even-dockerhub/).
+
+```bash
+# download the 'latest' image from dockerhub
+docker pull shaarli/shaarli
+
+# create persistent data volumes/directories on the host
+docker volume create shaarli-data
+docker volume create shaarli-cache
+
+# create a new container using the Shaarli image
+# --detach: run the container in background
+# --name: name of the created container/instance
+# --publish: map the host's :8000 port to the container's :80 port
+# --rm: automatically remove the container when it exits
+# --volume: mount persistent volumes in the container ($volume_name:$volume_mountpoint)
+docker run --detach \
+ --name myshaarli \
+ --publish 8000:80 \
+ --rm \
+ --volume shaarli-data:/var/www/shaarli/data \
+ --volume shaarli-cache:/var/www/shaarli/cache \
+ shaarli/shaarli
+
+# verify that the container is running
+docker ps | grep myshaarli
+
+# to completely remove the container
+docker stop myshaarli # stop the running container
+docker ps | grep myshaarli # verify the container is no longer running
+docker ps -a | grep myshaarli # verify the container is stopped
+docker rm myshaarli # destroy the container
+docker ps -a | grep myshaarli # verify th container has been destroyed
+
+```
+
+## Docker Compose
+
+A [Compose file](https://docs.docker.com/compose/compose-file/) is a common format for defining and running multi-container Docker applications.
+
+A `docker-compose.yml` file can be used to run a persistent/autostarted shaarli service using [Docker Compose](https://docs.docker.com/compose/) or in a [Docker stack](https://docs.docker.com/engine/reference/commandline/stack_deploy/).
+
+Shaarli provides configuration file for Docker Compose, that will setup a Shaarli instance, a [Træfik](https://hub.docker.com/_/traefik/) instance with [Let's Encrypt](https://letsencrypt.org/) certificates, a Docker network, and volumes for Shaarli data and Træfik TLS configuration and certificates.
+
+```bash
+Download docker-compose from the [release page](https://docs.docker.com/compose/install/):
+
+```shell
+$ sudo curl -L "https://github.com/docker/compose/releases/download/1.25.5/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
+$ sudo chmod +x /usr/local/bin/docker-compose
+# create a new directory to store the configuration:
+$ mkdir shaarli && cd shaarli
+# Download the current version of Shaarli's docker-compose.yml
+$ curl -L https://raw.githubusercontent.com/shaarli/Shaarli/master/docker-compose.yml -o docker-compose.yml
+# Create the .env file and fill in your VPS and domain information
+# (replace <MY_SHAARLI_DOMAIN> and <MY_CONTACT_EMAIL> with your actual information)
+$ echo 'SHAARLI_VIRTUAL_HOST=shaarli.mydomain.org' > .env
+$ echo 'SHAARLI_LETSENCRYPT_EMAIL=admin@mydomain.org' >> .env
+# Pull the Docker images
+$ docker-compose pull
+# Run!
+$ docker-compose up -d
+```
+
+
+
+### Running dockerized Shaarli as a systemd service
+
+It is possible to start a dockerized Shaarli instance as a systemd service (systemd is the service management tool on several distributions). After installing Docker, use the following steps to run your shaarli container Shaarli to run on system start.
+
+As root, create `/etc/systemd/system/docker.shaarli.service`:
+
+```ini
+[Unit]
+Description=Shaarli Bookmark Manager Container
+After=docker.service
+Requires=docker.service
+
+
+[Service]
+Restart=always
+
+# Put any environment you want in an included file, like $host- or $domainname in this example
+EnvironmentFile=/etc/sysconfig/box-environment
+
+# It's just an example..
+ExecStart=/usr/bin/docker run \
+ -p 28010:80 \
+ --name ${hostname}-shaarli \
+ --hostname shaarli.${domainname} \
+ -v /srv/docker-volumes-local/shaarli-data:/var/www/shaarli/data:rw \
+ -v /etc/localtime:/etc/localtime:ro \
+ shaarli/shaarli:latest
+
+ExecStop=/usr/bin/docker rm -f ${hostname}-shaarli
+
+[Install]
+WantedBy=multi-user.target
+```
+
+```bash
+# reload systemd services definitions
+systemctl daemon-reload
+# start the servie and enable it a boot time
+systemctl enable docker.shaarli.service --now
+# verify that the service is running
+systemctl status docker.*
+# inspect system log if needed
+journalctl -f
+```
+
+
+
+## Docker cheatsheet
+
+```bash
+# pull/update an image
+$ docker pull shaarli:release
+# run a container from an image
+$ docker run shaarli:latest
+# list available images
+$ docker images ls
+# list running containers
+$ docker ps
+# list running AND stopped containers
+$ docker ps -a
+# run a command in a running container
+$ docker exec -ti <container-name-or-first-letters-of-id> bash
+# follow logs of a running container
+$ docker logs -f <container-name-or-first-letters-of-id>
+# delete unused images to free up disk space
+$ docker system prune --images
+# delete unused volumes to free up disk space (CAUTION all data in unused volumes will be lost)
+$ docker system prunt --volumes
+# delete unused containers
+$ docker system prune
+```
+
+
+## References
+
+- [Docker: using volumes](https://docs.docker.com/storage/volumes/)
+- [Dockerfile best practices](https://docs.docker.com/articles/dockerfile_best-practices/)
+- [Dockerfile reference](https://docs.docker.com/reference/builder/)
+- [DockerHub: GitHub automated build](https://docs.docker.com/docker-hub/github/)
+- [DockerHub: Repositories](https://docs.docker.com/userguide/dockerrepos/)
+- [DockerHub: Teams and organizations](https://docs.docker.com/docker-hub/orgs/)
+- [Get Docker CE for Debian](https://docs.docker.com/install/linux/docker-ce/debian/)
+- [Install Docker Compose](https://docs.docker.com/compose/install/)
+- [Interactive Docker training portal](https://www.katacoda.com/courses/docker/) on [Katakoda](https://www.katacoda.com/)
+- [Service management: Nginx in the foreground](http://nginx.org/en/docs/ngx_core_module.html#daemon)
+- [Service management: Using supervisord](https://docs.docker.com/articles/using_supervisord/)
+- [Volumes](https://docs.docker.com/storage/volumes/)
+- [Volumes](https://docs.docker.com/userguide/dockervolumes/)
+- [Where are Docker images stored?](http://blog.thoward37.me/articles/where-are-docker-images-stored/)
+- [docker create](https://docs.docker.com/engine/reference/commandline/create/)
+- [Docker Documentation](https://docs.docker.com/)
+- [docker exec](https://docs.docker.com/engine/reference/commandline/exec/)
+- [docker images](https://docs.docker.com/engine/reference/commandline/images/)
+- [docker logs](https://docs.docker.com/engine/reference/commandline/logs/)
+- [docker logs](https://docs.docker.com/engine/reference/commandline/logs/)
+- [Docker Overview](https://docs.docker.com/engine/docker-overview/)
+- [docker ps](https://docs.docker.com/engine/reference/commandline/ps/)
+- [docker pull](https://docs.docker.com/engine/reference/commandline/pull/)
+- [docker run](https://docs.docker.com/engine/reference/commandline/run/)
+- [docker-compose logs](https://docs.docker.com/compose/reference/logs/)
+- Træfik: [Getting Started](https://docs.traefik.io/), [Docker backend](https://docs.traefik.io/configuration/backends/docker/), [Let's Encrypt](https://docs.traefik.io/user-guide/docker-and-lets-encrypt/), [Docker image](https://hub.docker.com/_/traefik/)
\ No newline at end of file
+++ /dev/null
-To install Shaarli, simply place the files in a directory under your webserver's
-Document Root (or directly at the document root).
-
-Also, please make sure your server is properly [configured](Server-configuration.md).
-
-Multiple releases branches are available:
-
-- latest (last release)
-- stable (previous major release)
-- master (development)
-
-Using one of the following methods:
-
-- by downloading full release archives including all dependencies
-- by downloading Github archives
-- by cloning the Git repository
-- using Docker: [see the documentation](docker/shaarli-images.md)
-
---------------------------------------------------------------------------------
-
-## Latest release (recommended)
-
-### Download as an archive
-
-In most cases, you should download the latest Shaarli release from the [releases](https://github.com/shaarli/Shaarli/releases) page. Download our **shaarli-full** archive to include dependencies.
-
-The current latest released version is `v0.10.4`
-
-```bash
-$ wget https://github.com/shaarli/Shaarli/releases/download/v0.10.4/shaarli-v0.10.4-full.zip
-$ unzip shaarli-v0.10.4-full.zip
-$ mv Shaarli /path/to/shaarli/
-```
-
-### Using git
-
-Cloning using `git` or downloading Github branches as zip files requires additional steps:
-
- * Install [Composer](Unit-tests.md#install_composer) to manage third-party [PHP dependencies](3rd-party-libraries.md#composer).
- * Install [yarn](https://yarnpkg.com/lang/en/docs/install/) to build the frontend dependencies.
- * Install [python3-virtualenv](https://pypi.python.org/pypi/virtualenv) to build the local HTML documentation.
-
-```
-$ mkdir -p /path/to/shaarli && cd /path/to/shaarli/
-$ git clone -b latest https://github.com/shaarli/Shaarli.git .
-$ composer install --no-dev --prefer-dist
-$ make build_frontend
-$ make translate
-$ make htmldoc
-```
-
---------------------------------------------------------------------------------
-
-## Stable version
-
-The stable version has been experienced by Shaarli users, and will receive security updates.
-
-
-### Download as an archive
-
-As a .zip archive:
-
-```bash
-$ wget https://github.com/shaarli/Shaarli/archive/stable.zip
-$ unzip stable.zip
-$ mv Shaarli-stable /path/to/shaarli/
-```
-
-As a .tar.gz archive :
-
-```bash
-$ wget https://github.com/shaarli/Shaarli/archive/stable.tar.gz
-$ tar xvf stable.tar.gz
-$ mv Shaarli-stable /path/to/shaarli/
-```
-
-### Using git
-
-Install [Composer](Unit-tests.md#install_composer) to manage Shaarli dependencies.
-
-```bash
-$ git clone https://github.com/shaarli/Shaarli.git -b stable /path/to/shaarli/
-# install/update third-party dependencies
-$ cd /path/to/shaarli/
-$ composer install --no-dev --prefer-dist
-```
-
-
---------------------------------------------------------------------------------
-
-## Development version (mainline)
-
-_Use at your own risk!_
-
-Install [Composer](Unit-tests.md#install_composer) to manage Shaarli PHP dependencies,
-and [yarn](https://yarnpkg.com/lang/en/docs/install/)
-for front-end dependencies.
-
-To get the latest changes from the `master` branch:
-
-```bash
-# clone the repository
-$ git clone https://github.com/shaarli/Shaarli.git -b master /path/to/shaarli/
-# install/update third-party dependencies
-$ cd /path/to/shaarli
-$ composer install --no-dev --prefer-dist
-$ make build_frontend
-$ make translate
-$ make htmldoc
-```
-
--------------------------------------------------------------------------------
-
-## Finish Installation
-
-Once Shaarli is downloaded and files have been placed at the correct location, open it this location your favorite browser.
-
-
-
-Setup your Shaarli installation, and it's ready to use!
-
-## Updating Shaarli
-
-See [Upgrade and Migration](Upgrade-and-migration)
+++ /dev/null
-### Why did you create Shaarli ?
-
-I was a StumbleUpon user. Then I got fed up with they big toolbar. I switched to delicious, which was lighter, faster and more beautiful. Until Yahoo bought it. Then the export API broke all the time, delicious became slow and was ditched by Yahoo. I switched to Diigo, which is not bad, but does too much. And Diigo is sslllooooowww and their Firefox extension a bit buggy. And… oh… **their Firefox addon sends to Diigo every single URL you visit** (Don't believe me ? Use [Tamper Data](https://addons.mozilla.org/en-US/firefox/addon/tamper-data/) and open any page).
-
-Enough is enough. Saving simple links should not be a complicated heavy thing. I ditched them all and wrote my own: Shaarli. It's simple, but it does the job and does it well. And my data is not hosted on a foreign server, but on my server.
-
-### Why use Shaarli and not Delicious/Diigo ?
-
-With Shaarli:
-
-- The data is yours: It's hosted on your server.
-- Never fear of having your data locked-in.
-- Never fear to have your data sold to third party.
-- Your private links are not hosted on a third party server.
-- You are not tracked by browser addons (like Diigo does)
-- You can change the look and feel of the pages if you want.
-- You can change the behaviour of the program.
-- It's magnitude faster than most bookmarking services.
-
-### What does Shaarli mean?
-
-Shaarli stands for _shaaring_ your _links_.
-
-### My Shaarli is broken!
-First of all, ensure that both the [web server](Server-configuration) and
-[Shaarli](Shaarli-configuration) are correctly configured, and that your
-installation is [supported](Server-configuration).
-
-If everything looks right but the issue(s) remain(s), please:
-
-- take a look at the [troubleshooting](Troubleshooting) section
-- come [chat with us](https://gitter.im/shaarli/Shaarli) on Gitter, we'll be happy to help ;-)
-- browse active [issues](https://github.com/shaarli/Shaarli/issues) and [Pull Requests](https://github.com/shaarli/Shaarli/pulls)
- - if you find one that is related to the issue, feel free to comment and provide additional details (host/Shaarli setup)
- - else, [open a new issue](https://github.com/shaarli/Shaarli/issues/new), and provide information about the problem:
- - _what happens?_ - display glitches, invalid data, security flaws...
- - _what is your configuration?_ - OS, server version, activated extensions, web browser...
- - _is it reproducible?_
-
-### Why not use a real database? Files are slow!
-
-Does browsing [this page](http://sebsauvage.net/links/) feel slow? Try browsing older pages, too.
-
-It's not slow at all, is it? And don't forget the database contains more than 16000 links, and it's on a shared host, with 32000 visitors/day for my website alone. And it's still damn fast. Why?
-
-The data file is only 3.7 Mb. It's read 99% of the time, and is probably already in the operation system disk cache. So generating a page involves no I/O at all most of the time.
--- /dev/null
+# Installation
+
+Once your server is [configured](Server-configuration.md), install Shaarli:
+
+## From release ZIP
+
+To install Shaarli, simply place the files from the latest [release .zip archive](https://github.com/shaarli/Shaarli/releases) under your webserver's document root (directly at the document root, or in a subdirectory). Download the **shaarli-vX.X.X-full** archive to include dependencies.
+
+```bash
+wget https://github.com/shaarli/Shaarli/releases/download/v0.10.4/shaarli-v0.10.4-full.zip
+unzip shaarli-v0.10.4-full.zip
+sudo rsync -avP Shaarli/ /var/www/shaarli.mydomain.org/
+```
+
+## From sources
+
+These components are required to build Shaarli:
+
+- [Composer](dev/Development.md#install-composer) to manage third-party [PHP dependencies](dev/Development#third-party-libraries).
+- [yarn](https://yarnpkg.com/lang/en/docs/install/) to build frontend dependencies.
+- [python3-virtualenv](https://pypi.python.org/pypi/virtualenv) to build local HTML documentation.
+
+Clone the repository, either pointing to:
+
+- any [tagged release](https://github.com/shaarli/Shaarli/releases)
+- `latest`: the latest tagged release
+- `master`: development branch
+
+```bash
+# clone the branch/tag of your choice
+$ git clone -b latest https://github.com/shaarli/Shaarli.git /home/me/Shaarli
+# OR download/extract the tar.gz/zip: wget https://github.com/shaarli/Shaarli/archive/latest.tar.gz...
+
+# enter the directory
+$ cd /home/me/Shaarli
+# install 3rd-party PHP dependencies
+$ composer install --no-dev --prefer-dist
+# build frontend static assets
+$ make build_frontend
+# build translations
+$ make translate
+# build HTML documentation
+$ make htmldoc
+# copy the resulting shaarli directory under your webserver's document root
+$ rsync -avP /home/me/Shaarli/ /var/www/shaarli.mydomain.org/
+```
+
+## Set file permissions
+
+Regardless of the installation method, appropriate [file permissions](dev/Development.md#directory-structure) must be set:
+
+```bash
+# by default, deny access to everything to the web server
+sudo chown -R root:www-data /var/www/shaarli.mydomain.org
+sudo chmod -R u=rwX /var/www/shaarli.mydomain.org
+# allow read-only access to these files/directories
+sudo chmod -R g+rX /var/www/shaarli.mydomain.org/{index.php,application/,plugins/,inc/}
+# allow read/write access to these directories
+sudo chmod -R g+rwX /var/www/shaarli.mydomain.org/{cache/,data/,pagecache/,tmp/}
+```
+
+
+## Using Docker
+
+[See the documentation](Docker.md)
+
+
+
+## Finish Installation
+
+Once Shaarli is downloaded and files have been placed at the correct location, open this location your web browser.
+
+Enter basic settings for your Shaarli installation, and it's ready to use!
+
+
+
+Congratulations! Your Shaarli is now available at `https://shaarli.mydomain.org`.
+
+You can further [configure Shaarli](Shaarli-configuration.md), setup [Plugins](Plugins.md) or [additional software](Community-and-related-software.md).
+
+
+## Upgrading Shaarli
+
+See [Upgrade and Migration](Upgrade-and-migration)
+++ /dev/null
-## Link structure
-
-Every link available through the `LinkDB` object is represented as an array
-containing the following fields:
-
- * `id` (integer): Unique identifier.
- * `title` (string): Title of the link.
- * `url` (string): URL of the link. Used for displayable links (without redirector, url encoding, etc.).
- Can be absolute or relative for Notes.
- * `real_url` (string): Real destination URL, can be redirected, encoded, etc.
- * `shorturl` (string): Permalink small hash.
- * `description` (string): Link text description.
- * `private` (boolean): whether the link is private or not.
- * `tags` (string): all link tags separated by a single space
- * `thumbnail` (string|boolean): relative path of the thumbnail cache file, or false if there isn't any.
- * `created` (DateTime): link creation date time.
- * `updated` (DateTime): last modification date time.
-
\ No newline at end of file
-## Plugin installation
+# Plugins
-There is a bunch of plugins shipped with Shaarli, where there is nothing to do to install them.
+## Installation
-If you want to install a third party plugin:
+For plugins shipped with Shaarli, no installation is required.
-- Download it.
-- Put it in the `plugins` directory in Shaarli's installation folder.
-- Make sure you put it correctly:
+If you want to install a third party plugin, download it to the `plugins` directory in Shaarli's installation folder:
-```
+```bash
+# example directory structure
| index.php
| plugins/
|---| custom_plugin/
```
- * Make sure your webserver can read and write the files in your plugin folder.
+Make sure your webserver can read and write the files in your plugin folder.
-## Plugin configuration
-In Shaarli's administration page (`Tools` link), go to `Plugin administration`.
+## Configuration
-Here you can enable and disable all plugins available, and configure them.
+From Shaarli's administration page (`Tools` link), go to `Plugin administration`. Here you can enable and disable all plugins available, and configure them.
-## Plugin order
+
+## Order
In the plugin administration page, you can move enabled plugins to the top or bottom of the list. The first plugins in the list will be processed first.
-This is important in case plugins are depending on each other. Read plugins README details for more information.
+This is important in case plugins depend on each other. Read plugins READMEs for more information.
**Use case**: The (non existent) plugin `shaares_footer` adds a footer to every shaare in Markdown syntax. It needs to be processed *before* (higher in the list) the Markdown plugin. Otherwise its syntax won't be translated in HTML.
-## File mode
-Enabled plugin are stored in your `config.json.php` parameters file, under the `array`:
+## Configuration file
+
+Enabled plugins are stored in your [Configuration file](Shaarli-configuration), under the array:
```php
$GLOBALS['config']['ENABLED_PLUGINS']
```
-You can edit them manually here.
-Example:
+You can edit them manually here. For example:
```php
$GLOBALS['config']['ENABLED_PLUGINS'] = array(
);
```
-### Plugin usage
-#### Official plugins
+## Usage
+
+### Official plugins
Usage of each plugin is documented in it's README file:
- * `addlink-toolbar`: Adds the addlink input on the linklist page
- * `archiveorg`: For each link, add an Archive.org icon
+ * `addlink-toolbar`: Adds the addlink input on the Shaares list page
+ * `archiveorg`: For each Shaare, add a link to the archived page on Archive.org
* `default_colors`: Override default theme colors.
* `isso`: Let visitor comment your shaares on permalinks with Isso.
* [`markdown`](https://github.com/shaarli/Shaarli/blob/master/plugins/markdown/README.md): Render shaare description with Markdown syntax.
* `piwik`: A plugin that adds Piwik tracking code to Shaarli pages.
* [`playvideos`](https://github.com/shaarli/Shaarli/blob/master/plugins/playvideos/README.md): Add a button in the toolbar allowing to watch all videos.
* `pubsubhubbub`: Enable PubSubHubbub feed publishing
- * `qrcode`: For each link, add a QRCode icon.
- * [`wallabag`](https://github.com/shaarli/Shaarli/blob/master/plugins/wallabag/README.md): For each link, add a Wallabag icon to save it in your instance.
-
+ * `qrcode`: For each Shaare, add a QRCode icon.
+ * [`wallabag`](https://github.com/shaarli/Shaarli/blob/master/plugins/wallabag/README.md): For each Shaare, add a Wallabag icon to save it in your instance.
-#### Third party plugins
+### Third party plugins
-See [Community & related software](https://shaarli.readthedocs.io/en/master/Community-&-Related-software/)
+See [Community & related software](https://shaarli.readthedocs.io/en/master/Community-and-Related-software/)
-## Usage and Prerequisites
+# REST API
-See the [REST API documentation](http://shaarli.github.io/api-documentation/)
-for a list of available endpoints and parameters.
+## Server requirements
-Please ensure that your server meets the
-[requirements](Server-configuration#prerequisites) and is properly
-[configured](Server-configuration):
+See the **[REST API documentation](http://shaarli.github.io/api-documentation/)** for a list of available endpoints and parameters.
+
+Please ensure that your server meets the requirements and is properly [configured](Server-configuration):
- URL rewriting is enabled (see specific Apache and Nginx sections)
- the server's timezone is properly defined
-- the server's clock is synchronized with
- [NTP](https://en.wikipedia.org/wiki/Network_Time_Protocol)
-
-The host where the API client is invoked should also be synchronized with NTP,
-see [token expiration](#payload).
-
-## Authentication
-
-All requests to Shaarli's API must include a JWT token to verify their authenticity.
-
-This token has to be included as an HTTP header called `Authentication: Bearer <jwt token>`.
-
-JWT resources :
-
-- [jwt.io](https://jwt.io) (including a list of client per language).
-- RFC : https://tools.ietf.org/html/rfc7519
-- https://float-middle.com/json-web-tokens-jwt-vs-sessions/
-- HackerNews thread: https://news.ycombinator.com/item?id=11929267
-
-
-### Shaarli JWT Token
-
-JWT tokens are composed by three parts, separated by a dot `.` and encoded in base64:
-
-```
-[header].[payload].[signature]
-```
-
-#### Header
-
-Shaarli only allow one hash algorithm, so the header will always be the same:
-
-```json
-{
- "typ": "JWT",
- "alg": "HS512"
-}
-```
-
-Encoded in base64, it gives:
-
-```
-ewogICAgICAgICJ0eXAiOiAiSldUIiwKICAgICAgICAiYWxnIjogIkhTNTEyIgogICAgfQ==
-```
-
-#### Payload
-
-**Token expiration**
-
-To avoid infinite token validity, JWT tokens must include their creation date
-in UNIX timestamp format (timezone independent - UTC) under the key `iat` (issued at).
-This token will be valid during **9 minutes**.
-
-```json
-{
- "iat": 1468663519
-}
-```
-
-See [RFC reference](https://tools.ietf.org/html/rfc7519#section-4.1.6).
-
+- the server's clock is synchronized with [NTP](https://en.wikipedia.org/wiki/Network_Time_Protocol)
-#### Signature
-
-The signature authenticate the token validity. It contains the base64 of the header and the body, separated by a dot `.`, hashed in SHA512 with the API secret available in Shaarli administration page.
-
-Signature example with PHP:
-
-```php
-$content = base64_encode($header) . '.' . base64_encode($payload);
-$signature = hash_hmac('sha512', $content, $secret);
-```
+The host where the API client is invoked should also be synchronized with NTP, see _payload/token expiration_
## Clients and examples
-### Android, Java, Kotlin
-
-- [Android client example with Kotlin](https://gitlab.com/snippets/1665808)
- by [Braincoke](https://github.com/Braincoke)
-
-### Javascript, NodeJS
-- [shaarli-client](https://www.npmjs.com/package/shaarli-client)
- ([source code](https://github.com/laBecasse/shaarli-client))
- by [laBecasse](https://github.com/laBecasse)
+- **[python-shaarli-client](https://github.com/shaarli/python-shaarli-client)** - the reference API client ([Documentation](http://python-shaarli-client.readthedocs.io/en/latest/))
+- [shaarli-client](https://www.npmjs.com/package/shaarli-client) - NodeJs client ([source code](https://github.com/laBecasse/shaarli-client)) by [laBecasse](https://github.com/laBecasse)
+- [Android client example with Kotlin](https://gitlab.com/snippets/1665808) by [Braincoke](https://github.com/Braincoke)
-### PHP
This example uses the [PHP cURL](http://php.net/manual/en/book.curl.php) library.
var_dump(getInfo($baseUrl, $secret));
```
+## Implementation
+
+### Authentication
+
+- All requests to Shaarli's API must include a **JWT token** to verify their authenticity.
+- This token must be included as an HTTP header called `Authentication: Bearer <jwt token>`.
+- JWT tokens are composed by three parts, separated by a dot `.` and encoded in base64:
+
+```
+[header].[payload].[signature]
+```
+
+##### Header
+
+Shaarli only allow one hash algorithm, so the header will always be the same:
+
+```json
+{
+ "typ": "JWT",
+ "alg": "HS512"
+}
+```
+
+Encoded in base64, it gives:
-### Python
+```
+ewogICAgICAgICJ0eXAiOiAiSldUIiwKICAgICAgICAiYWxnIjogIkhTNTEyIgogICAgfQ==
+```
+
+##### Payload
+
+Token expiration: To avoid infinite token validity, JWT tokens must include their creation date in UNIX timestamp format (timezone independent - UTC) under the key `iat` (issued at) field ([1](https://tools.ietf.org/html/rfc7519#section-4.1.6)). This token will be valid during **9 minutes**.
+
+```json
+{
+ "iat": 1468663519
+}
+```
+
+##### Signature
+
+The signature authenticates the token validity. It contains the base64 of the header and the body, separated by a dot `.`, hashed in SHA512 with the API secret available in Shaarli administration page.
+
+Example signature with PHP:
+
+```php
+$content = base64_encode($header) . '.' . base64_encode($payload);
+$signature = hash_hmac('sha512', $content, $secret);
+```
-See the reference API client:
-- [Documentation](http://python-shaarli-client.readthedocs.io/en/latest/) on ReadTheDocs
-- [python-shaarli-client](https://github.com/shaarli/python-shaarli-client) on Github
## Troubleshooting
}
}
```
+
+## References
+
+- [jwt.io](https://jwt.io) (including a list of client per language).
+- [RFC - JSON Web Token (JWT)](https://tools.ietf.org/html/rfc7519)
+- [JSON Web Tokens (JWT) vs Sessions](https://float-middle.com/json-web-tokens-jwt-vs-sessions/), [HackerNews thread](https://news.ycombinator.com/item?id=11929267)
+
+
+
+
+++ /dev/null
-### Feeds options
-
-Feeds are available in ATOM with `/feed/atom` and RSS with `/feed/rss`.
-
-Options:
-
-- You can use `permalinks` in the feed URL to get permalink to Shaares instead of direct link to shaared URL.
- - E.G. `https://my.shaarli.domain/feed/atom?permalinks`.
-- You can use `nb` parameter in the feed URL to specify the number of Shaares you want in a feed (default if not specified: `50`). The keyword `all` is available if you want everything.
- - `https://my.shaarli.domain/feed/atom?permalinks&nb=42`
- - `https://my.shaarli.domain/feed/atom?permalinks&nb=all`
-
-### RSS Feeds or Picture Wall for a specific search/tag
-
-It is possible to filter RSS/ATOM feeds and Picture Wall on a Shaarli to **only display results of a specific search, or for a specific tag**.
-
-For example, if you want to subscribe only to links tagged `photography`:
-
-- Go to the desired Shaarli instance.
-- Search for the `photography` tag in the _Filter by tag_ box. Links tagged `photography` are displayed.
-- Click on the `RSS Feed` button.
-- You are presented with an RSS feed showing only these links. Subscribe to it to receive only updates with this tag.
-- The same method **also works for a full-text search** (_Search_ box) **and for the Picture Wall** (want to only see pictures about `nature`?)
-- You can also build the URLs manually:
- - `https://my.shaarli.domain/?do=rss&searchtags=nature`
- - `https://my.shaarli.domain/links/picture-wall?searchterm=poney`
-
- 
+++ /dev/null
-See [Git - Maintaining a project - Tagging your
-releases](http://git-scm.com/book/en/v2/Distributed-Git-Maintaining-a-Project#Tagging-Your-Releases).
-
-## Prerequisites
-This guide assumes that you have:
-
-- a GPG key matching your GitHub authentication credentials
- - i.e., the email address identified by the GPG key is the same as the one in your `~/.gitconfig`
-- a GitHub fork of Shaarli
-- a local clone of your Shaarli fork, with the following remotes:
- - `origin` pointing to your GitHub fork
- - `upstream` pointing to the main Shaarli repository
-- maintainer permissions on the main Shaarli repository, to:
- - push the signed tag
- - create a new release
-- [Composer](https://getcomposer.org/) needs to be installed
-- The [venv](https://docs.python.org/3/library/venv.html) Python 3 module needs to be installed for HTML documentation generation.
-
-## GitHub release draft and `CHANGELOG.md`
-See http://keepachangelog.com/en/0.3.0/ for changelog formatting.
-
-### GitHub release draft
-GitHub allows drafting the release note for the upcoming release, from the [Releases](https://github.com/shaarli/Shaarli/releases) page. This way, the release note can be drafted while contributions are merged to `master`.
-
-### `CHANGELOG.md`
-This file should contain the same information as the release note draft for the upcoming version.
-
-Update it to:
-
-- add new entries (additions, fixes, etc.)
-- mark the current version as released by setting its date and link
-- add a new section for the future unreleased version
-
-```bash
-$ cd /path/to/shaarli
-
-$ nano CHANGELOG.md
-
-[...]
-## vA.B.C - UNRELEASED
-TBA
-
-## [vX.Y.Z](https://github.com/shaarli/Shaarli/releases/tag/vX.Y.Z) - YYYY-MM-DD
-[...]
-```
-
-
-## Increment the version code, update docs, create and push a signed tag
-### Update the list of Git contributors
-```bash
-$ make authors
-$ git commit -s -m "Update AUTHORS"
-```
-
-### Create and merge a Pull Request
-This one is pretty straightforward ;-)
-
-### Bump Shaarli version to v0.x branch
-
-```bash
-$ git checkout master
-$ git fetch upstream
-$ git pull upstream master
-
-# IF the branch doesn't exists
-$ git checkout -b v0.5
-# OR if the branch already exists
-$ git checkout v0.5
-$ git rebase upstream/master
-
-# Bump shaarli version from dev to 0.5.0, **without the `v`**
-$ vim shaarli_version.php
-$ git add shaarli_version
-$ git commit -s -m "Bump Shaarli version to v0.5.0"
-$ git push upstream v0.5
-```
-
-### Create and push a signed tag
-```bash
-# update your local copy
-$ git checkout v0.5
-$ git fetch upstream
-$ git pull upstream v0.5
-
-# create a signed tag
-$ git tag -s -m "Release v0.5.0" v0.5.0
-
-# push it to "upstream"
-$ git push --tags upstream
-```
-
-### Verify a signed tag
-[`v0.5.0`](https://github.com/shaarli/Shaarli/releases/tag/v0.5.0) is the first GPG-signed tag pushed on the Community Shaarli.
-
-Let's have a look at its signature!
-
-```bash
-$ cd /path/to/shaarli
-$ git fetch upstream
-
-# get the SHA1 reference of the tag
-$ git show-ref tags/v0.5.0
-f7762cf803f03f5caf4b8078359a63783d0090c1 refs/tags/v0.5.0
-
-# verify the tag signature information
-$ git verify-tag f7762cf803f03f5caf4b8078359a63783d0090c1
-gpg: Signature made Thu 30 Jul 2015 11:46:34 CEST using RSA key ID 4100DF6F
-gpg: Good signature from "VirtualTam <virtualtam@flibidi.net>" [ultimate]
-```
-
-## Publish the GitHub release
-### Update release badges
-Update `README.md` so version badges display and point to the newly released Shaarli version(s), in the `master` branch.
-
-### Create a GitHub release from a Git tag
-From the previously drafted release:
-
-- edit the release notes (if needed)
-- specify the appropriate Git tag
-- publish the release
-- profit!
-
-### Generate and upload all-in-one release archives
-Users with a shared hosting may have:
-
-- no SSH access
-- no possibility to install PHP packages or server extensions
-- no possibility to run scripts
-
-To ease Shaarli installations, it is possible to generate and upload additional release archives,
-that will contain Shaarli code plus all required third-party libraries.
-
-**From the `v0.5` branch:**
-
-```bash
-$ make release_archive
-```
-
-This will create the following archives:
-
-- `shaarli-vX.Y.Z-full.tar`
-- `shaarli-vX.Y.Z-full.zip`
-
-The archives need to be manually uploaded on the previously created GitHub release.
-
-### Update `stable` and `latest` branches
-
-```
-$ git checkout latest
-# latest release
-$ git merge v0.5.0
-# fix eventual conflicts
-$ make test
-$ git push upstream latest
-$ git checkout stable
-# latest previous major
-$ git merge v0.4.5
-# fix eventual conflicts
-$ make test
-$ git push upstream stable
-```
--- /dev/null
+# Reverse proxy
+
+If Shaarli is hosted on a server behind a [reverse proxy](https://en.wikipedia.org/wiki/Reverse_proxy) (i.e. there is a proxy server between clients and the web server hosting Shaarli), configure it accordingly. See [Reverse proxy](Reverse-proxy.md) configuration. In this example:
+
+- The Shaarli application server exposes port `10080` to the proxy (for example docker container started with `--publish 127.0.0.1:10080:80`).
+- The Shaarli application server runs at `127.0.0.1` (container). Replace with the server's IP address if running on a different machine.
+- Shaarli's Fully Qualified Domain Name (FQDN) is `shaarli.mydomain.org`.
+- No HTTPS is setup on the application server, SSL termination is done at the reverse proxy.
+
+In your [Shaarli configuration](Shaarli-configuration) `data/config.json.php`, add the public IP of your proxy under `security.trusted_proxies`.
+
+See also [proxy-related](https://github.com/shaarli/Shaarli/issues?utf8=%E2%9C%93&q=label%3Aproxy+) issues.
+
+
+## Apache
+
+```apache
+<VirtualHost *:80>
+ ServerName shaarli.mydomain.org
+ # Redirect HTTP to HTTPS
+ Redirect permanent / https://shaarli.mydomain.org
+</VirtualHost>
+
+<VirtualHost *:443>
+ ServerName shaarli.mydomain.org
+
+ SSLEngine on
+ SSLCertificateFile /path/to/certificate
+ SSLCertificateKeyFile /path/to/private/key
+
+ LogLevel warn
+ ErrorLog /var/log/apache2/error.log
+ CustomLog /var/log/apache2/access.log combined
+
+ # let the proxied shaarli server/container know HTTPS URLs should be served
+ RequestHeader set X-Forwarded-Proto "https"
+
+ # send the original SERVER_NAME to the proxied host
+ ProxyPreserveHost On
+
+ # pass requests to the proxied host
+ # sets X-Forwarded-For, X-Forwarded-Host and X-Forwarded-Server headers
+ ProxyPass / http://127.0.0.1:10080/
+ ProxyPassReverse / http://127.0.0.1:10080/
+</VirtualHost>
+```
+
+
+## HAProxy
+
+
+```conf
+global
+ [...]
+
+defaults
+ [...]
+
+frontend http-in
+ bind :80
+ redirect scheme https code 301 if !{ ssl_fc }
+ bind :443 ssl crt /path/to/cert.pem
+ default_backend shaarli
+
+backend shaarli
+ mode http
+ option http-server-close
+ option forwardfor
+ reqadd X-Forwarded-Proto: https
+ server shaarli1 127.0.0.1:10080
+```
+
+
+## Nginx
+
+
+```nginx
+http {
+ [...]
+
+ index index.html index.php;
+
+ root /home/john/web;
+ access_log /var/log/nginx/access.log combined;
+ error_log /var/log/nginx/error.log;
+
+ server {
+ listen 80;
+ server_name shaarli.mydomain.org;
+ # redirect HTTP to HTTPS
+ return 301 https://shaarli.mydomain.org$request_uri;
+ }
+
+ server {
+ listen 443 ssl http2;
+ server_name shaarli.mydomain.org;
+
+ ssl_certificate /path/to/certificate
+ ssl_certificate_key /path/to/private/key
+
+ location / {
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-Proto $scheme;
+ proxy_set_header X-Forwarded-Host $host;
+
+ # pass requests to the proxied host
+ proxy_pass http://localhost:10080/;
+ proxy_set_header Host $host;
+ proxy_connect_timeout 30s;
+ proxy_read_timeout 120s;
+ }
+ }
+}
+```
+
+++ /dev/null
-## Client browser
-- Shaarli relies on `HTTP_REFERER` for some functions (like redirects and clicking on tags). If you have disabled or masqueraded `HTTP_REFERER` in your browser, some features of Shaarli may not work
-
-## Server and sessions
-- Directories are protected using `.htaccess` files
-- Forms are protected against XSRF (Cross-site requests forgery):
- - Forms which act on data (save,delete…) contain a token generated by the server.
- - Any posted form which does not contain a valid token is rejected.
- - Any token can only be used once.
- - Tokens are attached to the session and cannot be reused in another session.
-- Sessions automatically expire after 60 minutes.
-- Sessions are protected against hijacking: the session ID cannot be used from a different IP address.
-
-## Shaarli datastore and configuration
-- The password is salted, hashed and stored in the data subdirectory, in a PHP file, and protected by htaccess. Even if the webserver does not support htaccess, the hash is not readable by URL. Even if the .php file is stolen, the password cannot deduced from the hash. The salt prevents rainbow-tables attacks.
-- Links are stored as an associative array which is serialized, compressed (with deflate), base64-encoded and saved as a comment in a `.php` file.
-- Even if the server does not support `.htaccess` files, the data file will still not be readable by URL.
-- The database looks like this:
-
-```php
-<?php /* zP1ZjxxJtiYIvvevEPJ2lDOaLrZv7o...
-...ka7gaco/Z+TFXM2i7BlfMf8qxpaSSYfKlvqv/x8= */ ?>
-```
-
-- Small hashes are used to make a link to an entry in Shaarli. They are unique. In fact, the date of the items (eg. `20110923_150523`) is hashed with CRC32, then converted to base64 and some characters are replaced. They are always 6 characters longs and use only `A-Z a-z 0-9 - _` and `@`.
+# Server configuration
-- [Prerequisites](#prerequisistes)
-- [Apache](#apache)
-- [Nginx](#nginx)
-- [Proxies](#proxies)
-- [See also](#see-also)
-## Prerequisites
-### Shaarli
-- A web server and PHP interpreter module/service have been installed.
-- You have write access to the Shaarli installation directory.
-- The correct read/write permissions have been granted to the web server user and group.
-- Your PHP interpreter is compatible with supported PHP versions:
+## Requirements
+
+### Operating system and web server
+
+Shaarli can be hosted on dedicated/virtual servers, or shared hosting. The smallest DigitalOcean VPS (Droplet with 1 CPU, 1 GiB RAM and 25 GiB SSD) costs about $5/month and will run any Shaarli installation without problems.
+
+You need write access to the Shaarli installation directory - you should have received instructions from your hosting provider on how to connect to the server using SSH (or FTP for shared hosts).
+
+Examples in this documentation are given for [Debian](https://www.debian.org/), a GNU/Linux distribution widely used in server environments. Please adapt them to your specific Linux distribution.
+
+### Network and domain name
+
+Try to host the server in a region that is geographically close to your users.
+
+A domain name ([DNS record](https://opensource.com/article/17/4/introduction-domain-name-system-dns)) pointing to the server's public IP address is required to obtain a SSL/TLS certificate and setup HTTPS to secure client traffic to your Shaarli instance.
+
+You can obtain a domain name from a [registrar](https://en.wikipedia.org/wiki/Domain_name_registrar) ([1](https://www.ovh.co.uk/domains), [2](https://www.gandi.net/en/domain)), or from free subdomain providers ([1](https://freedns.afraid.org/)). If you don't have a domain name, please set up a private domain name ([FQDN](ttps://en.wikipedia.org/wiki/Fully_qualified_domain_name) in your clients' [hosts files](https://en.wikipedia.org/wiki/Hosts_(file)) to access the server (direct access by IP address can result in unexpected behavior).
+
+
+### PHP
+
+Supported PHP versions:
Version | Status | Shaarli compatibility
:---:|:---:|:---:
5.4 | EOL: 2015-09-14 | Yes (up to Shaarli 0.8.x)
5.3 | EOL: 2014-08-14 | Yes (up to Shaarli 0.8.x)
-- The following PHP extensions are installed on the server:
+Required PHP extensions:
Extension | Required? | Usage
---|:---:|---
[`php-intl`](http://php.net/manual/en/book.intl.php) | optional | localized text sorting (e.g. `e->è->f`)
[`php-curl`](http://php.net/manual/en/book.curl.php) | optional | using cURL for fetching webpages and thumbnails in a more robust way
[`php-gettext`](http://php.net/manual/en/book.gettext.php) | optional | Use the translation system in gettext mode (faster)
---------------------------------------------------------------------------------
-### SSL/TLS configuration
+Some [plugins](Plugins.md) may require additional configuration.
+
+
+## SSL/TLS (HTTPS)
-To setup HTTPS / SSL on your webserver (recommended), you must generate a public/private **key pair** and a **certificate**, and install, configure and activate the appropriate **webserver SSL extension**.
+We recommend setting up [HTTPS](https://en.wikipedia.org/wiki/HTTPS) on your webserver for secure communication between clients and the server.
-#### Let's Encrypt
+For public-facing web servers this can be done using free SSL/TLS certificates from [Let's Encrypt](https://en.wikipedia.org/wiki/Let's_Encrypt), a non-profit certificate authority provididing free certificates.
-[Let's Encrypt](https://en.wikipedia.org/wiki/Let%27s_Encrypt) is a certificate authority that provides free TLS/X.509 certificates via an automated process.
+ - [How to secure Apache with Let's Encrypt](https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-debian-10)
+ - [How to secure Nginx with Let's Encrypt](https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-debian-10)
+ - [How To Use Certbot Standalone Mode to Retrieve Let's Encrypt SSL Certificates](https://www.digitalocean.com/community/tutorials/how-to-use-certbot-standalone-mode-to-retrieve-let-s-encrypt-ssl-certificates-on-debian-10).
- * Install `certbot` using the appropriate method described on https://certbot.eff.org/.
-
-Location of the `certbot` program and template configuration files may vary depending on which installation method was used. Change the file paths below accordingly. Here is an easy way to create a signed certificate using `certbot`, it assumes `certbot` was installed through APT on a Debian-based distribution:
+In short:
- * Stop the apache2/nginx service.
- * Run `certbot --agree-tos --standalone --preferred-challenges tls-sni --email "youremail@example.com" --domain yourdomain.example.com`
- * For the Apache webserver, copy `/usr/lib/python2.7/dist-packages/certbot_apache/options-ssl-apache.conf` to `/etc/letsencrypt/options-ssl-apache.conf` (paths may vary depending on installation method)
- * For Nginx: TODO
- * Setup your webserver as described below
- * Restart the apache2/nginx service.
+```bash
+# install certbot
+sudo apt install certbot
-#### Self-signed certificates
+# stop your webserver if you already have one running
+# certbot in standalone mode needs to bind to port 80 (only needed on initial generation)
+sudo systemctl stop apache2
+sudo systemctl stop nginx
-If you don't want to request a certificate from Let's Encrypt, or are unable to (for example, webserver on a LAN, or domain name not registered in the public DNS system), you can generate a self-signed certificate. This certificate will trigger security warnings in web browsers, unless you add it to the browser's SSL store manually.
+# generate initial certificates - Let's Encrypt ACME servers must be able to access your server!
+# (DNS records must be correctly pointing to it, firewall/NAT on port 80/443 must be open)
+sudo certbot certonly --standalone --noninteractive --agree-tos --email "admin@shaarli.mydomain.org" -d shaarli.mydomain.org
+# this will generate a private key and certificate at /etc/letsencrypt/live/shaarli.mydomain.org/{privkey,fullchain}.pem
-* Apache: run `make-ssl-cert generate-default-snakeoil --force-overwrite`
-* Nginx: TODO
+# restart the web server
+sudo systemctl start apache2
+sudo systemctl start nginx
+```
+
+If you don't want to rely on a certificate authority, or the server can only be accessed from your own network, you can also generate self-signed certificates. Not that this will generate security warnings in web browsers/clients trying to access Shaarli:
+
+- [How To Create a Self-Signed SSL Certificate for Apache](https://www.digitalocean.com/community/tutorials/how-to-create-a-self-signed-ssl-certificate-for-apache-on-debian-10)
+- [How To Create a Self-Signed SSL Certificate for Nginx](https://www.digitalocean.com/community/tutorials/how-to-create-a-self-signed-ssl-certificate-for-nginx-on-debian-10)
--------------------------------------------------------------------------------
-## Apache
+## Examples
+
+The following examples assume a Debian-based operating system is installed. On other distributions you may have to adapt details such as package installation procedures, configuration file locations, and webserver username/group (`www-data` or `httpd` are common values).
+
+In these examples we assume the document root for your web server/virtualhost is at `/var/www/shaarli.mydomain.org/`:
+
+```bash
+sudo mkdir -p /var/www/shaarli.mydomain.org/
+```
+
+You can install Shaarli at the root of your virtualhost, or in a subdirectory as well. See [Directory structure](Directory-structure)
+
-Here is a basic configuration example for the Apache web server with `mod_php`.
+### Apache
-In `/etc/apache2/sites-available/shaarli.conf`:
+```bash
+# Install apache + mod_php and PHP modules
+sudo apt update
+sudo apt install apache2 libapache2-mod-php php-json php-mbstring php-gd php-intl php-curl php-gettext
+
+# Edit the virtualhost configuration file with your favorite editor
+sudo nano /etc/apache2/sites-available/shaarli.mydomain.org.conf
+```
```apache
+<VirtualHost *:80>
+ ServerName shaarli.mydomain.org
+ DocumentRoot /var/www/shaarli.mydomain.org/
+
+ # Log level. Possible values include: debug, info, notice, warn, error, crit, alert, emerg.
+ LogLevel warn
+ # Log file locations
+ ErrorLog /var/log/apache2/error.log
+ CustomLog /var/log/apache2/access.log combined
+
+ # Redirect HTTP requests to HTTPS
+ RewriteEngine on
+ RewriteRule ^.well-known/acme-challenge/ - [L]
+ # except for Let's Encrypt ACME challenge requests
+ RewriteCond %{HTTP_HOST} =shaarli.mydomain.org
+ RewriteRule ^ https://shaarli.mydomain.org%{REQUEST_URI} [END,NE,R=permanent]
+</VirtualHost>
+
<VirtualHost *:443>
- ServerName shaarli.my-domain.org
- DocumentRoot /absolute/path/to/shaarli/
+ ServerName shaarli.mydomain.org
+ DocumentRoot /var/www/shaarli.mydomain.org/
- # Logging
- # Possible values include: debug, info, notice, warn, error, crit, alert, emerg.
+ # Log level. Possible values include: debug, info, notice, warn, error, crit, alert, emerg.
LogLevel warn
- ErrorLog /var/log/apache2/shaarli-error.log
- CustomLog /var/log/apache2/shaarli-access.log combined
+ # Log file locations
+ ErrorLog /var/log/apache2/error.log
+ CustomLog /var/log/apache2/access.log combined
- # Let's Encrypt SSL configuration (recommended)
+ # SSL/TLS configuration (for Let's Encrypt certificates)
SSLEngine on
- SSLCertificateFile /etc/letsencrypt/live/yourdomain.example.com/fullchain.pem
- SSLCertificateKeyFile /etc/letsencrypt/live/yourdomain.example.com/privkey.pem
+ SSLCertificateFile /etc/letsencrypt/live/shaarli.mydomain.org/fullchain.pem
+ SSLCertificateKeyFile /etc/letsencrypt/live/shaarli.mydomain.org/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
- # Self-signed SSL cert configuration
+ # SSL/TLS configuration (for self-signed certificates)
#SSLEngine on
#SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
#SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
#php_value error_reporting 2147483647
#php_value error_log /var/log/apache2/shaarli-php-error.log
- <Directory /absolute/path/to/shaarli/>
- #Required for .htaccess support
+ <Directory /var/www/shaarli.mydomain.org/>
+ # Required for .htaccess support
AllowOverride All
Order allow,deny
Allow from all
-
- Options Indexes FollowSymLinks MultiViews #TODO is Indexes/Multiviews required?
-
- # Optional - required for playvideos plugin
- #Header set Content-Security-Policy "script-src 'self' 'unsafe-inline' https://www.youtube.com https://s.ytimg.com 'unsafe-eval'"
</Directory>
-</VirtualHost>
-```
-
-Enable this configuration with `sudo a2ensite shaarli`
-
-_Note: If you use Apache 2.2 or lower, you need [mod_version](https://httpd.apache.org/docs/current/mod/mod_version.html) to be installed and enabled._
+ <LocationMatch "/\.">
+ # Prevent accessing dotfiles
+ RedirectMatch 404 ".*"
+ </LocationMatch>
-_Note: Apache module `mod_rewrite` must be enabled to use the REST API._
+ <LocationMatch "\.(?:ico|css|js|gif|jpe?g|png)$">
+ # allow client-side caching of static files
+ Header set Cache-Control "max-age=2628000, public, must-revalidate, proxy-revalidate"
+ </LocationMatch>
+ # serve the Shaarli favicon from its custom location
+ Alias favicon.ico /var/www/shaarli.mydomain.org/images/favicon.ico
-## Nginx
+</VirtualHost>
+```
-Here is a basic configuration example for the Nginx web server, using the [php-fpm](http://php-fpm.org) PHP FastCGI Process Manager, and Nginx's [FastCGI](https://en.wikipedia.org/wiki/FastCGI) module.
+```bash
+# Enable the virtualhost
+sudo a2ensite shaarli
-<!--- TODO refactor everything below this point --->
+# mod_ssl must be enabled to use TLS/SSL certificates
+# https://httpd.apache.org/docs/current/mod/mod_ssl.html
+sudo a2enmod ssl
-### Common setup
-Once Nginx and PHP-FPM are installed, we need to ensure:
+# mod_rewrite must be enabled to use the REST API
+# https://httpd.apache.org/docs/current/mod/mod_rewrite.html
+sudo a2enmod rewrite
-- Nginx and PHP-FPM are running using the _same user and group_
-- both these user and group have
- - `read` permissions for Shaarli resources
- - `execute` permissions for Shaarli directories _AND_ their parent directories
+# mod_version must only be enabled if you use Apache 2.2 or lower
+# https://httpd.apache.org/docs/current/mod/mod_version.html
+# sudo a2enmod version
-On a production server:
+# restart the apache service
+systemctl restart apache
+```
-- `user:group` will likely be `http:http`, `www:www` or `www-data:www-data`
-- files will be located under `/var/www`, `/var/http` or `/usr/share/nginx`
+See [How to install the Apache web server](https://www.digitalocean.com/community/tutorials/how-to-install-the-apache-web-server-on-debian-10) for a complete guide.
-On a development server:
+### Nginx
-- files may be located in a user's home directory
-- in this case, make sure both Nginx and PHP-FPM are running as the local user/group!
+Guide on setting up the Nginx web server: [How to install the Nginx web server](https://www.digitalocean.com/community/tutorials/how-to-install-nginx-on-debian-10)
-For all following configuration examples, this user/group pair will be used:
+You will also need to install the [PHP-FPM](http://php-fpm.org) interpreter as detailed [here](https://www.digitalocean.com/community/tutorials/how-to-install-linux-nginx-mariadb-php-lemp-stack-on-debian-10#step-3-%E2%80%94-installing-php-for-processing). Nginx and PHP-FPM must be running using the same user and group, here we assume the user/group to be `www-data:www-data` but this may vary depending on your Linux distribution.
-- `user:group = john:users`,
-which corresponds to the following service configuration:
+```bash
+# install nginx and php-fpm
+sudo apt update
+sudo apt install nginx php-fpm
-```ini
-; /etc/php/php-fpm.conf
-user = john
-group = users
-
-[...]
-listen.owner = john
-listen.group = users
+# Edit the virtualhost configuration file with your favorite editor
+sudo nano /etc/nginx/sites-available/shaarli.mydomain.org
```
```nginx
-# /etc/nginx/nginx.conf
-user john users;
+server {
+ listen 80;
+ server_name shaarli.mydomain.org;
-http {
- [...]
+ # redirect all plain HTTP requests to HTTPS
+ return 301 https://shaarli.mydomain.org$request_uri;
}
-```
-### (Optional) Increase the maximum file upload size
-Some bookmark dumps generated by web browsers can be _huge_ due to the presence of Base64-encoded images and favicons, as well as extra verbosity when nesting links in (sub-)folders.
+server {
+ listen 443 ssl;
+ server_name shaarli.mydomain.org;
+ root /var/www/shaarli.mydomain.org;
-To increase upload size, you will need to modify both nginx and PHP configuration:
-
-```nginx
-# /etc/nginx/nginx.conf
-
-http {
- [...]
-
- client_max_body_size 10m;
-
- [...]
-}
-```
-
-```ini
-# /etc/php/<PHP_VERSION>/fpm/php.ini
-
-[...]
-post_max_size = 10M
-[...]
-upload_max_filesize = 10M
-```
+ # log file locations
+ # combined log format prepends the virtualhost/domain name to log entries
+ access_log /var/log/nginx/access.log combined;
+ error_log /var/log/nginx/error.log;
-### Minimal
-_WARNING: Use for development only!_
+ # paths to private key and certificates for SSL/TLS
+ ssl_certificate /etc/ssl/shaarli.mydomain.org.crt;
+ ssl_certificate_key /etc/ssl/private/shaarli.mydomain.org.key;
-```nginx
-user john users;
-worker_processes 1;
-events {
- worker_connections 1024;
-}
+ # increase the maximum file upload size if needed: by default nginx limits file upload to 1MB (413 Entity Too Large error)
+ client_max_body_size 100m;
-http {
- include mime.types;
- default_type application/octet-stream;
- keepalive_timeout 20;
-
- index index.html index.php;
-
- server {
- listen 80;
- server_name localhost;
- root /home/john/web;
-
- access_log /var/log/nginx/access.log;
- error_log /var/log/nginx/error.log;
-
- location /shaarli/ {
- try_files $uri /shaarli/index.php$is_args$args;
- access_log /var/log/nginx/shaarli.access.log;
- error_log /var/log/nginx/shaarli.error.log;
- }
-
- location ~ (index)\.php$ {
- try_files $uri =404;
- fastcgi_split_path_info ^(.+\.php)(/.+)$;
- fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
- fastcgi_index index.php;
- include fastcgi.conf;
- }
+ # relative path to shaarli from the root of the webserver
+ location / {
+ # default index file when no file URI is requested
+ index index.php;
+ try_files $uri /index.php$is_args$args;
}
-}
-```
-### Modular
-The previous setup is sufficient for development purposes, but has several major caveats:
+ location ~ (index)\.php$ {
+ try_files $uri =404;
+ # slim API - split URL path into (script_filename, path_info)
+ fastcgi_split_path_info ^(.+\.php)(/.+)$;
+ # pass PHP requests to PHP-FPM
+ fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
+ fastcgi_index index.php;
+ include fastcgi.conf;
+ }
-- every content that does not match the PHP rule will be sent to client browsers:
- - dotfiles - in our case, `.htaccess`
- - temporary files, e.g. Vim or Emacs files: `index.php~`
-- asset / static resource caching is not optimized
-- if serving several PHP sites, there will be a lot of duplication: `location /shaarli/`, `location /mysite/`, etc.
+ location ~ \.php$ {
+ # deny access to all other PHP scripts
+ # disable this if you host other PHP applications on the same virtualhost
+ deny all;
+ }
-To solve this, we will split Nginx configuration in several parts, that will be included when needed:
+ location ~ /\. {
+ # deny access to dotfiles
+ deny all;
+ }
-```nginx
-# /etc/nginx/deny.conf
-location ~ /\. {
- # deny access to dotfiles
- access_log off;
- log_not_found off;
- deny all;
-}
+ location ~ ~$ {
+ # deny access to temp editor files, e.g. "script.php~"
+ deny all;
+ }
-location ~ ~$ {
- # deny access to temp editor files, e.g. "script.php~"
- access_log off;
- log_not_found off;
- deny all;
-}
-```
+ location = /favicon.ico {
+ # serve the Shaarli favicon from its custom location
+ alias /var/www/shaarli/images/favicon.ico;
+ }
-```nginx
-# /etc/nginx/php.conf
-location ~ (index)\.php$ {
- # Slim - split URL path into (script_filename, path_info)
- try_files $uri =404;
- fastcgi_split_path_info ^(.+\.php)(/.+)$;
-
- # filter and proxy PHP requests to PHP-FPM
- fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
- fastcgi_index index.php;
- include fastcgi.conf;
-}
+ # allow client-side caching of static files
+ location ~* \.(?:ico|css|js|gif|jpe?g|png)$ {
+ expires max;
+ add_header Cache-Control "public, must-revalidate, proxy-revalidate";
+ # HTTP 1.0 compatibility
+ add_header Pragma public;
+ }
-location ~ \.php$ {
- # deny access to all other PHP scripts
- deny all;
}
```
-```nginx
-# /etc/nginx/static_assets.conf
-location ~* \.(?:ico|css|js|gif|jpe?g|png)$ {
- expires max;
- add_header Pragma public;
- add_header Cache-Control "public, must-revalidate, proxy-revalidate";
-}
+```bash
+# enable the configuration/virtualhost
+sudo ln -s /etc/nginx/sites-available/shaarli.mydomain.org /etc/nginx/sites-enabled/shaarli.mydomain.org
+# reload nginx configuration
+sudo systemctl reload nginx
```
-```nginx
-# /etc/nginx/nginx.conf
-[...]
-
-http {
- [...]
-
- root /home/john/web;
- access_log /var/log/nginx/access.log;
- error_log /var/log/nginx/error.log;
- server {
- # virtual host for a first domain
- listen 80;
- server_name my.first.domain.org;
+## Reverse proxies
- location /shaarli/ {
- # Slim - rewrite URLs
- try_files $uri /shaarli/index.php$is_args$args;
+If Shaarli is hosted on a server behind a [reverse proxy](https://en.wikipedia.org/wiki/Reverse_proxy) (i.e. there is a proxy server between clients and the web server hosting Shaarli), configure it accordingly. See [Reverse proxy](Reverse-proxy.md) configuration.
- access_log /var/log/nginx/shaarli.access.log;
- error_log /var/log/nginx/shaarli.error.log;
- }
- location = /shaarli/favicon.ico {
- # serve the Shaarli favicon from its custom location
- alias /var/www/shaarli/images/favicon.ico;
- }
- include deny.conf;
- include static_assets.conf;
- include php.conf;
- }
+## Allow import of large browser bookmarks export
- server {
- # virtual host for a second domain
- listen 80;
- server_name second.domain.com;
+Web browser bookmark exports can be large due to the presence of base64-encoded images and favicons/long subfolder names. Edit the PHP configuration file.
- location /minigal/ {
- access_log /var/log/nginx/minigal.access.log;
- error_log /var/log/nginx/minigal.error.log;
- }
+- Apache: `/etc/php/<PHP_VERSION>/apache2/php.ini`
+- Nginx + PHP-FPM: `/etc/php/<PHP_VERSION>/fpm/php.ini` (in addition to `client_max_body_size` in the [Nginx configuration](#nginx))
- include deny.conf;
- include static_assets.conf;
- include php.conf;
- }
-}
-```
-
-### Redirect HTTP to HTTPS
-Assuming you have generated a (self-signed) key and certificate, and they are
-located under `/home/john/ssl/localhost.{key,crt}`, it is pretty straightforward
-to set an HTTP (:80) to HTTPS (:443) redirection to force SSL/TLS usage.
-
-```nginx
-# /etc/nginx/nginx.conf
+```ini
[...]
+# (optional) increase the maximum file upload size:
+post_max_size = 100M
+[...]
+# (optional) increase the maximum file upload size:
+upload_max_filesize = 100M
+```
-http {
- [...]
-
- index index.html index.php;
-
- root /home/john/web;
- access_log /var/log/nginx/access.log;
- error_log /var/log/nginx/error.log;
-
- server {
- listen 80;
- server_name localhost;
+To verify PHP settings currently set on the server, create a `phpinfo.php` in your webserver's document root
- return 301 https://localhost$request_uri;
- }
+```bash
+# example
+echo '<?php phpinfo(); ?>' | sudo tee /var/www/shaarli.mydomain.org/phpinfo.php
+#give read-only access to this file to the webserver user
+sudo chown www-data:root /var/www/shaarli.mydomain.org/phpinfo.php
+sudo chmod 0400 /var/www/shaarli.mydomain.org/phpinfo.php
+```
- server {
- listen 443 ssl;
- server_name localhost;
+Access the file from a web browser (eg. <https://shaarli.mydomain.org/phpinfo.php> and look at the _Loaded Configuration File_ and _Scan this dir for additional .ini files_ entries
- ssl_certificate /home/john/ssl/localhost.crt;
- ssl_certificate_key /home/john/ssl/localhost.key;
+It is recommended to remove the `phpinfo.php` when no longer needed as it publicly discloses details about your webserver configuration.
- location /shaarli/ {
- # Slim - rewrite URLs
- try_files $uri /index.php$is_args$args;
- access_log /var/log/nginx/shaarli.access.log;
- error_log /var/log/nginx/shaarli.error.log;
- }
+## Robots and crawlers
- location = /shaarli/favicon.ico {
- # serve the Shaarli favicon from its custom location
- alias /var/www/shaarli/images/favicon.ico;
- }
+To opt-out of indexing your Shaarli instance by search engines, create a `robots.txt` file at the root of your virtualhost:
- include deny.conf;
- include static_assets.conf;
- include php.conf;
- }
-}
+```
+User-agent: *
+Disallow: /
```
-## Proxies
-
-If Shaarli is served behind a proxy (i.e. there is a proxy server between clients and the web server hosting Shaarli), please refer to the proxy server documentation for proper configuration. In particular, you have to ensure that the following server variables are properly set:
+By default Shaarli already disallows indexing of your local copy of the documentation by default, using `<meta name="robots">` HTML tags. Your Shaarli instance may still be indexed by various robots on the public Internet, that do not respect this header or the robots standard.
-- `X-Forwarded-Proto`
-- `X-Forwarded-Host`
-- `X-Forwarded-For`
+- [Robots exclusion standard](https://en.wikipedia.org/wiki/Robots_exclusion_standard)
+- [Introduction to robots.txt](https://support.google.com/webmasters/answer/6062608?hl=en)
+- [Robots meta tag, data-nosnippet, and X-Robots-Tag specifications](https://developers.google.com/search/reference/robots_meta_tag)
+- [About robots.txt](http://www.robotstxt.org)
+- [About the robots META tag](https://www.robotstxt.org/meta.html)
-In you [Shaarli configuration](Shaarli-configuration) `data/config.json.php`, add the public IP of your proxy under `security.trusted_proxies`.
-See also [proxy-related](https://github.com/shaarli/Shaarli/issues?utf8=%E2%9C%93&q=label%3Aproxy+) issues.
+## Fail2ban
-## Robots and crawlers
+[fail2ban](http://www.fail2ban.org/wiki/index.php/Main_Page) is an intrusion prevention framework that reads server (Apache, SSH, etc.) and uses `iptables` profiles to block brute-force attempts. You need to create a filter to detect shaarli login failures in logs, and a jail configuation to configure the behavior when failed login attempts are detected:
-Shaarli disallows indexing and crawling of your local documentation pages by search engines, using `<meta name="robots">` HTML tags.
-Your Shaarli instance and other pages you host may still be indexed by various robots on the public Internet.
-You may want to setup a robots.txt file or other crawler control mechanism on your server.
-See [[1]](https://en.wikipedia.org/wiki/Robots_exclusion_standard), [[2]](https://support.google.com/webmasters/answer/6062608?hl=en) and [[3]](https://developers.google.com/search/reference/robots_meta_tag)
-
-## See also
+```ini
+# /etc/fail2ban/filter.d/shaarli-auth.conf
+[INCLUDES]
+before = common.conf
+[Definition]
+failregex = \s-\s<HOST>\s-\sLogin failed for user.*$
+ignoreregex =
+```
- * [Server security](Server-security.md)
+```ini
+# /etc/fail2ban/jail.local
+[shaarli-auth]
+enabled = true
+port = https,http
+filter = shaarli-auth
+logpath = /var/www/shaarli.mydomain.org/data/log.txt
+# allow 3 login attempts per IP address
+# (over a period specified by findtime = in /etc/fail2ban/jail.conf)
+maxretry = 3
+# permanently ban the IP address after reaching the limit
+bantime = -1
+```
-#### Webservers
+#### References
-- [Apache/PHP - error log per VirtualHost](http://stackoverflow.com/q/176) (StackOverflow)
+- [Apache/PHP - error log per VirtualHost - StackOverflow](http://stackoverflow.com/q/176)
- [Apache - PHP: php_value vs php_admin_value and the use of php_flag explained](https://ma.ttias.be/php-php_value-vs-php_admin_value-and-the-use-of-php_flag-explained/)
-- [Server-side TLS (Apache)](https://wiki.mozilla.org/Security/Server_Side_TLS#Apache) (Mozilla)
+- [Server-side TLS (Apache) - Mozilla](https://wiki.mozilla.org/Security/Server_Side_TLS#Apache)
- [Nginx Beginner's guide](http://nginx.org/en/docs/beginners_guide.html)
- [Nginx ngx_http_fastcgi_module](http://nginx.org/en/docs/http/ngx_http_fastcgi_module.html)
- [Nginx Pitfalls](http://wiki.nginx.org/Pitfalls)
-- [Nginx PHP configuration examples](http://kbeezie.com/nginx-configuration-examples/) (Karl Blessing)
-- [Server-side TLS (Nginx)](https://wiki.mozilla.org/Security/Server_Side_TLS#Nginx) (Mozilla)
+- [Nginx PHP configuration examples - Karl Blessing](http://kbeezie.com/nginx-configuration-examples/)
+- [Apache 2.4 documentation](https://httpd.apache.org/docs/2.4/)
+- [Apache mod_proxy](https://httpd.apache.org/docs/2.4/mod/mod_proxy.html)
+- [Apache Reverse Proxy Request Headers](https://httpd.apache.org/docs/2.4/mod/mod_proxy.html#x-headers)
+- [HAProxy documentation](https://cbonte.github.io/haproxy-dconv/)
+- [Nginx documentation](https://nginx.org/en/docs/)
+- [`X-Forwarded-Proto`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-Proto)
+- [`X-Forwarded-Host`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-Host)
+- [`X-Forwarded-For`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-For)
+- [Server-side TLS (Nginx) - Mozilla](https://wiki.mozilla.org/Security/Server_Side_TLS#Nginx)
- [How to Create Self-Signed SSL Certificates with OpenSSL](http://www.xenocafe.com/tutorials/linux/centos/openssl/self_signed_certificates/index.php)
- [How do I create my own Certificate Authority?](https://workaround.org/certificate-authority)
-
-#### PHP
-
- [Travis configuration](https://github.com/shaarli/Shaarli/blob/master/.travis.yml)
- [PHP: Supported versions](http://php.net/supported-versions.php)
-- [PHP: Unsupported versions](http://php.net/eol.php) _(EOL - End Of Life)_
+- [PHP: Unsupported versions (EOL/End-of-life)](http://php.net/eol.php)
- [PHP 7 Changelog](http://php.net/ChangeLog-7.php)
- [PHP 5 Changelog](http://php.net/ChangeLog-5.php)
- [PHP: Bugs](https://bugs.php.net/)
+- [Transport Layer Security](https://en.wikipedia.org/wiki/Transport_Layer_Security)
+- Hosting providers: [DigitalOcean](https://www.digitalocean.com/) ([1](https://www.digitalocean.com/docs/droplets/overview/), [2](https://www.digitalocean.com/pricing/), [3](https://www.digitalocean.com/docs/droplets/how-to/create/), [How to Add SSH Keys to Droplets](https://www.digitalocean.com/docs/droplets/how-to/add-ssh-keys/), [4](https://www.digitalocean.com/community/tutorials/initial-server-setup-with-debian-8), [5](https://www.digitalocean.com/community/tutorials/an-introduction-to-securing-your-linux-vps)), [Gandi](https://www.gandi.net/en), [OVH](https://www.ovh.co.uk/), [RackSpace](https://www.rackspace.com/), etc.
+
+
+++ /dev/null
-## php.ini
-PHP settings are defined in:
-
-- a main configuration file, usually found under `/etc/php/$php_version/php.ini`; some distributions provide different configuration environments, e.g.
- - `/etc/php/$php_version/cli/php.ini` - used when running console scripts
- - `/etc/php/$php_version/apache2/php.ini` - used when a client requests PHP resources from Apache
- - `/etc/php/$php_version/php-fpm.conf` - used when PHP requests are proxied to PHP-FPM
-- additional configuration files/entries, depending on the installed/enabled extensions:
- - `/etc/php/conf.d/xdebug.ini`
-
-### Locate .ini files
-#### Console environment
-```bash
-$ php --ini
-Configuration File (php.ini) Path: /etc/php
-Loaded Configuration File: /etc/php/php.ini
-Scan for additional .ini files in: /etc/php/conf.d
-Additional .ini files parsed: /etc/php/conf.d/xdebug.ini
-```
-
-#### Server environment
-- create a `phpinfo.php` script located in a path supported by the web server, e.g.
- - Apache (with user dirs enabled): `/home/myself/public_html/phpinfo.php`
- - `/var/www/test/phpinfo.php`
-- make sure the script is readable by the web server user/group (usually, `www`, `www-data` or `httpd`)
-- access the script from a web browser
-- look at the _Loaded Configuration File_ and _Scan this dir for additional .ini files_ entries
-```php
-<?php phpinfo(); ?>
-```
-
-## fail2ban
-`fail2ban` is an intrusion prevention framework that reads server (Apache, SSH, etc.) and uses `iptables` profiles to block brute-force attempts:
-
-- [Official website](http://www.fail2ban.org/wiki/index.php/Main_Page)
-- [Source code](https://github.com/fail2ban/fail2ban)
-
-### Read Shaarli logs to ban IPs
-Example configuration:
-- allow 3 login attempts per IP address
-- after 3 failures, permanently ban the corresponding IP adddress
-
-`/etc/fail2ban/jail.local`
-```ini
-[shaarli-auth]
-enabled = true
-port = https,http
-filter = shaarli-auth
-logpath = /var/www/path/to/shaarli/data/log.txt
-maxretry = 3
-bantime = -1
-```
-
-`/etc/fail2ban/filter.d/shaarli-auth.conf`
-```ini
-[INCLUDES]
-before = common.conf
-[Definition]
-failregex = \s-\s<HOST>\s-\sLogin failed for user.*$
-ignoreregex =
-```
-
-## Robots - Restricting search engines and web crawler traffic
-
-Creating a `robots.txt` with the following contents at the root of your Shaarli installation will prevent _honest_ web crawlers from indexing each and every link and Daily page from a Shaarli instance, thus getting rid of a certain amount of unsollicited network traffic.
-
-```
-User-agent: *
-Disallow: /
-```
-
-See:
-
-- http://www.robotstxt.org
-- http://www.robotstxt.org/robotstxt.html
-- http://www.robotstxt.org/meta.html
-## Foreword
-
-**Do not edit configuration options in index.php! Your changes would be lost.**
+# Shaarli configuration
Once your Shaarli instance is installed, the file `data/config.json.php` is generated:
-* it contains all settings in JSON format, and can be edited to customize values
-* it defines which [plugins](Plugin-System) are enabled
-* its values override those defined in `index.php`
-* it is wrap in a PHP comment to prevent anyone accessing it, regardless of server configuration
-
-## File and directory permissions
-
-The server process running Shaarli must have:
-
-- `read` access to the following resources:
- - PHP scripts: `index.php`, `application/*.php`, `plugins/*.php`
- - 3rd party PHP and Javascript libraries: `inc/*.php`, `inc/*.js`
- - static assets:
- - CSS stylesheets: `inc/*.css`
- - `images/*`
- - RainTPL templates: `tpl/*.html`
-- `read`, `write` and `execution` access to the following directories:
- - `cache` - thumbnail cache
- - `data` - link data store, configuration options
- - `pagecache` - Atom/RSS feed cache
- - `tmp` - RainTPL page cache
-
-On a Linux distribution:
-
-- the web server user will likely be `www` or `http` (for Apache2)
-- it will be a member of a group of the same name: `www:www`, `http:http`
-- to give it access to Shaarli, either:
- - unzip Shaarli in the default web server location (usually `/var/www/`) and set the web server user as the owner
- - put users in the same group as the web server, and set the appropriate access rights
-- if you have a domain / subdomain to serve Shaarli, [configure the server](Server-configuration) accordingly
-
-## Configuration
-
-In `data/config.json.php`.
-
-See also [Plugin System](Plugin-System).
-
-### Credentials
-
-_These settings should not be edited_
-
-- **login**: Login username.
-- **hash**: Generated password hash.
-- **salt**: Password salt.
-
-### General
-
-- **title**: Shaarli's instance title.
-- **header_link**: Link to the homepage.
-- **links_per_page**: Number of shaares displayed per page.
-- **timezone**: See [the list of supported timezones](http://php.net/manual/en/timezones.php).
-- **enabled_plugins**: List of enabled plugins.
-- **default_note_title**: Default title of a new note.
-- **retrieve_description** (boolean): If set to true, for every new links Shaarli will try
-to retrieve the description and keywords from the HTML meta tags.
-
-### Security
-
-- **session_protection_disabled**: Disable session cookie hijacking protection (not recommended).
- It might be useful if your IP adress often changes.
-- **ban_after**: Failed login attempts before being IP banned.
-- **ban_duration**: IP ban duration in seconds.
-- **open_shaarli**: Anyone can add a new link while logged out if enabled.
-- **trusted_proxies**: List of trusted IP which won't be banned after failed login attemps. Useful if Shaarli is behind a reverse proxy.
-- **allowed_protocols**: List of allowed protocols in shaare URLs or markdown-rendered descriptions. Useful if you want to store `javascript:` links (bookmarklets) in Shaarli (default: `["ftp", "ftps", "magnet"]`).
-
-### Resources
-
-- **data_dir**: Data directory.
-- **datastore**: Shaarli's links database file path.
-- **history**: Shaarli's operation history file path.
-- **updates**: File path for the ran updates file.
-- **log**: Log file path.
-- **update_check**: Last update check file path.
-- **raintpl_tpl**: Templates directory.
-- **raintpl_tmp**: Template engine cache directory.
-- **thumbnails_cache**: Thumbnails cache directory.
-- **page_cache**: Shaarli's internal cache directory.
-- **ban_file**: Banned IP file path.
-### Translation
+- it contains all settings in JSON format, and can be edited to customize values
+- it defines which [plugins](Plugins.md) are enabled
+- its values override those defined in `index.php`
+- it is wrapped in a PHP comment so that its contents are never served by the web server, regardless of configuration
-- **language**: translation language (also see [Translations](Translations))
- - **auto** (default): The translation language is chosen from the browser locale.
- It means that the language can be different for 2 different visitors depending on their locale.
- - **en**: Use the English translation.
- - **fr**: Use the French translation.
-- **mode**:
- - **auto** or **php** (default): Use the PHP implementation of gettext (slower)
- - **gettext**: Use PHP builtin gettext extension
- (faster, but requires `php-gettext` to be installed and to reload the web server on update)
-- **extension**: Translation extensions for custom themes or plugins.
-Must be an associative array: `translation domain => translation path`.
-
-### Updates
-
-- **check_updates**: Enable or disable update check to the git repository.
-- **check_updates_branch**: Git branch used to check updates (e.g. `stable` or `master`).
-- **check_updates_interval**: Look for new version every N seconds (default: every day).
-
-### Privacy
-
-- **default_private_links**: Check the private checkbox by default for every new link.
-- **hide_public_links**: All links are hidden while logged out.
-- **force_login**: if **hide_public_links** and this are set to `true`, all anonymous users are redirected to the login page.
-- **hide_timestamps**: Timestamps are hidden.
-- **remember_user_default**: Default state of the login page's *remember me* checkbox
- - `true`: checked by default, `false`: unchecked by default
-
-### Feed
+**Do not edit configuration options in index.php! Your changes would be lost.**
-- **rss_permalinks**: Enable this to redirect RSS links to Shaarli's permalinks instead of shaared URL.
-- **show_atom**: Display ATOM feed button.
+## Tools menu
-### Thumbnail
+Some settings can be configured directly from a web browser by accesing the `Tools` menu. Values are read/written to/from the configuration file.
-- **enable_thumbnails**: Enable or disable thumbnail display.
-- **enable_localcache**: Enable or disable local cache.
+
### LDAP
} ?>
```
-## Additional configuration
+## Settings
+
+### Credentials
+
+_These settings should not be edited_
+
+- **login**: Login username.
+- **hash**: Generated password hash.
+- **salt**: Password salt.
+
+### General
+
+- **title**: Shaarli's instance title.
+- **header_link**: Link to the homepage.
+- **links_per_page**: Number of Shaares displayed per page.
+- **timezone**: See [the list of supported timezones](http://php.net/manual/en/timezones.php).
+- **enabled_plugins**: List of enabled plugins.
+- **default_note_title**: Default title of a new note.
+- **retrieve_description** (boolean): If set to true, for every new Shaare Shaarli will try to retrieve the description and keywords from the HTML meta tags.
+
+### Security
+
+- **session_protection_disabled**: Disable session cookie hijacking protection (not recommended).
+ It might be useful if your IP adress often changes.
+- **ban_after**: Failed login attempts before being IP banned.
+- **ban_duration**: IP ban duration in seconds.
+- **open_shaarli**: Anyone can add a new Shaare while logged out if enabled.
+- **trusted_proxies**: List of trusted IP which won't be banned after failed login attemps. Useful if Shaarli is behind a reverse proxy.
+- **allowed_protocols**: List of allowed protocols in shaare URLs or markdown-rendered descriptions. Useful if you want to store `javascript:` links (bookmarklets) in Shaarli (default: `["ftp", "ftps", "magnet"]`).
+
+### Resources
+
+- **data_dir**: Data directory.
+- **datastore**: Shaarli's Shaares database file path.
+- **history**: Shaarli's operation history file path.
+- **updates**: File path for the ran updates file.
+- **log**: Log file path.
+- **update_check**: Last update check file path.
+- **raintpl_tpl**: Templates directory.
+- **raintpl_tmp**: Template engine cache directory.
+- **thumbnails_cache**: Thumbnails cache directory.
+- **page_cache**: Shaarli's internal cache directory.
+- **ban_file**: Banned IP file path.
+
+### Translation
+
+- **language**: translation language (also see [Translations](Translations))
+ - **auto** (default): The translation language is chosen from the browser locale.
+ It means that the language can be different for 2 different visitors depending on their locale.
+ - **en**: Use the English translation.
+ - **fr**: Use the French translation.
+- **mode**:
+ - **auto** or **php** (default): Use the PHP implementation of gettext (slower)
+ - **gettext**: Use PHP builtin gettext extension
+ (faster, but requires `php-gettext` to be installed and to reload the web server on update)
+- **extension**: Translation extensions for custom themes or plugins.
+Must be an associative array: `translation domain => translation path`.
+
+### Updates
+
+- **check_updates**: Enable or disable update check to the git repository.
+- **check_updates_branch**: Git branch used to check updates (e.g. `stable` or `master`).
+- **check_updates_interval**: Look for new version every N seconds (default: every day).
+
+### Privacy
+
+- **default_private_links**: Check the private checkbox by default for every new Shaare.
+- **hide_public_links**: All Shaares are hidden while logged out.
+- **force_login**: if **hide_public_links** and this are set to `true`, all anonymous users are redirected to the login page.
+- **hide_timestamps**: Timestamps are hidden.
+- **remember_user_default**: Default state of the login page's *remember me* checkbox
+ - `true`: checked by default, `false`: unchecked by default
+
+### Feed
+
+- **rss_permalinks**: Enable this to redirect RSS links to Shaarli's permalinks instead of shaared URL.
+- **show_atom**: Display ATOM feed button.
+
+### Thumbnail
+
+- **enable_thumbnails**: Enable or disable thumbnail display.
+- **enable_localcache**: Enable or disable local cache.
-The `playvideos` plugin may require that you adapt your server's
-[Content Security Policy](https://github.com/shaarli/Shaarli/blob/master/plugins/playvideos/README.md#troubleshooting)
-configuration to work properly.
+## Plugins configuration
+See [Plugins](Plugins.md)
\ No newline at end of file
+++ /dev/null
-Content posted to Shaarli is separated in items called _Shaares_. For each Shaare,
-you can customize the following aspects:
-
- * URL to link to
- * Title
- * Free-text description
- * Tags
- * Public/private status
-
---------------------------------------------------------------------------------
-
-## Adding new Shaares
-
-While logged in to your Shaarli, you can add new Shaares in several ways:
-
- * [+Shaare button](#shaare-button)
- * [Bookmarklet](#bookmarklet)
- * Third-party [apps and browser addons](Community-&-Related-software.md#mobile-apps)
- * [REST API](https://shaarli.github.io/api-documentation/)
-
-### +Shaare button
-
- * While logged in to your Shaarli, click the **`+Shaare`** button located in the toolbar.
- * Enter the URL of a link you want to share.
- * Click `Add link`
- * The `New Shaare` dialog appears, allowing you to fill in the details of your Shaare.
- * The Description, Title, and Tags will help you find your Shaare later using tags or full-text search.
- * You can also check the “Private” box so that the link is saved but only visible to you (the logged-in user).
- * Click `Save`.
-
-<!-- TODO Add screenshot of add/edit link dialog -->
-
-### Bookmarklet
-
-The _Bookmarklet_ \[[1](https://en.wikipedia.org/wiki/Bookmarklet)\] is a special
-browser bookmark you can use to add new content to your Shaarli. This bookmarklet is
-compatible with Firefox, Opera, Chrome and Safari. To set it up:
-
- * Access the `Tools` page from the button in the toolbar.
- * Drag the **`✚Shaare link` button** to your browser's bookmarks bar.
-
-Once this is done, you can shaare any URL you are visiting simply by clicking the
-bookmarklet in your browser! The same `New Shaare` dialog as above is displayed.
-
-| Note | Websites which enforce Content Security Policy (CSP), such as github.com, disallow usage of bookmarklets. Unfortunately, there is nothing Shaarli can do about it. \[[1](https://github.com/shaarli/Shaarli/issues/196)]\ \[[2](https://bugzilla.mozilla.org/show_bug.cgi?id=866522)]\ \[[3](https://code.google.com/p/chromium/issues/detail?id=233903)]\ |
-|---------|---------|
-
-| Note | Under Opera, you can't drag'n drop the button: You have to right-click on it and add a bookmark to your personal toolbar. |
-|---------|---------|
-
-
-
-
---------------------------------------------------------------------------------
-
-## Editing Shaares
-
-Any Shaare can edited by clicking its  `Edit` button.
-
-Editing a Shaare will not change it's permalink, each permalink always points to the
-latest revision of a Shaare.
-
---------------------------------------------------------------------------------
-
-## Using shaarli as a blog, notepad, pastebin...
-
-While adding or editing a link, leave the URL field blank to create a text-only
-("note") post. This allows you to post any kind of text content, such as blog
-articles, private or public notes, snippets... There is no character limit! You can
-access your Shaare from its permalink.
-
+++ /dev/null
-## WIP
-This topic is currently being discussed here:
-
-- [Fix coding style (static analysis)](https://github.com/shaarli/Shaarli/issues/95) (#95)
-- [Continuous Integration tools & features](https://github.com/shaarli/Shaarli/issues/130) (#130)
-
-### Usage
-Static analysis tools can be installed with Composer, and used through Shaarli's [Makefile](https://github.com/shaarli/Shaarli/blob/master/Makefile).
-
-For an overview of the available features, see:
-
-- [Code quality: Makefile to run static code checkers](https://github.com/shaarli/Shaarli/pull/124) (#124)
-- [Run PHPCS against different coding standards](https://github.com/shaarli/Shaarli/pull/276) (#276)
# Troubleshooting
+First of all, ensure that both the [web server](Server-configuration.md) and [Shaarli](Shaarli-configuration.md) are correctly configured.
+
+
## Login
### I forgot my password!
### I'm locked out - Login bruteforce protection
-Login form is protected against brute force attacks: 4 failed logins will ban the IP address from login for 30 minutes. Banned IPs can still browse links.
+Login form is protected against brute force attacks: 4 failed logins will ban the IP address from login for 30 minutes. Banned IPs can still browse Shaares.
- To remove the current IP bans, delete the file `data/ipbans.php`
- To list all login attempts, see `data/log.txt` (succesful/failed logins, bans/lifted bans)
+--------------------------------------
+
## Browser issues
### Redirection issues (HTTP Referer)
-Depending on its configuration and installed plugins, the browser may remove or alter (spoof) [HTTP referers](https://en.wikipedia.org/wiki/HTTP_referer), thus preventing Shaarli from properly redirecting between pages. Referer settings are available by browsing `about:config` and are documented [here](https://wiki.mozilla.org/Security/Referrer). `network.http.referer.spoofSource = true` in particular is known to break some functionality in Shaarli.
+Shaarli relies on `HTTP_REFERER` for some functions (like redirects and clicking on tags). If you have disabled or altered/spoofed [HTTP referers](https://en.wikipedia.org/wiki/HTTP_referer) in your browser, some features of Shaarli may not work as expected (depending on configuration and installed plugins), notably redirections between pages.
+
+Firefox Referer settings are available by browsing `about:config` and are documented [here](https://wiki.mozilla.org/Security/Referrer). `network.http.referer.spoofSource = true` in particular is known to break some functionality in Shaarli.
+
### Firefox, localhost and redirections
`localhost` is not a proper Fully Qualified Domain Name (FQDN); if Firefox has been set up to spoof referers, or only accept requests from the same base domain/host,
Shaarli redirections will not work properly. To solve this, assign a local domain to your host, e.g. `localhost.lan` in your [hosts file](https://en.wikipedia.org/wiki/Hosts_(file)) and browse Shaarli at http://localhost.lan/.
+-----------------------------------------
+
## Hosting problems
### Old PHP versions
- You may be using OperaTurbo or OperaMini, which use their own proxies which may change from time to time.
- If you have another application on the same webserver where Shaarli is installed, these application may forcefully expire php sessions.
+
### Old apache versions, Internal Server Error
If you hosting provider only provides apache 2.2 and no support for `mod_version`, `.htaccess` files may cause 500 errors (Internal Server Error). See [this workaround](https://github.com/shaarli/Shaarli/issues/1196#issuecomment-412271085).
-## Sessions do not seem to work correctly on your server
+
+### Sessions do not seem to work correctly on your server
Follow the instructions in the error message. Make sure you are accessing shaarli via a direct IP address or a proper hostname. If you have **no dots** in the hostname (e.g. `localhost` or `http://my-webserver/shaarli/`), some browsers will not store cookies at all (this respects the [HTTP cookie specification](http://curl.haxx.se/rfc/cookie_spec.html)).
+----------------------------------------------------------
+
+## Upgrades
+
+### You must specify an integer as a key
+
+In `v0.8.1` we changed how Shaare keys are handled (from timestamps to incremental integers). Take a look at `data/updates.txt` content.
+
+
+### `updates.txt` contains `updateMethodDatastoreIds`
+
+Try to delete it and refresh your page while being logged in.
+
+### `updates.txt` doesn't exist or doesn't contain `updateMethodDatastoreIds`
+
+1. Create `data/updates.txt` if it doesn't exist
+2. Paste this string in the update file `;updateMethodRenameDashTags;`
+3. Login to Shaarli
+4. Delete the update file
+5. Refresh
+
+
+
+--------------------------------------------------------
+
+## Import/export
+
+### Importing shaarli data to Firefox
+
+- In Firefox, open the bookmark manager (`Bookmarks menu > Show all bookmarks` or `Ctrl+Shift+B`), select `Import and Backup > Import bookmarks in HTML format`
+- Make sure the `Prepend note permalinks with this Shaarli instance's URL` box is checked when exporting, so that text-only/notes Shaares still point to the Shaarli instance you exported them from.
+- Depending on the number of bookmarks, the import can take some time.
+
+You may be interested in these Firefox addons to manage bookmarks imported from Shaarli
+
+- [Bookmark Deduplicator](https://addons.mozilla.org/en-US/firefox/addon/bookmark-deduplicator/) - provides an easy way to deduplicate your bookmarks
+- [TagSieve](https://addons.mozilla.org/en-US/firefox/addon/tagsieve/) - browse your bookmarks by their tags
+
+### Diigo
+
+If you export your bookmark from Diigo, make sure you use the Delicious export, not the Netscape export. (Their Netscape export is broken, and they don't seem to be interested in fixing it.)
+
+### Mister Wong
+
+See [this issue](https://github.com/sebsauvage/Shaarli/issues/146) for import tweaks.
+
+### SemanticScuttle
+
+To correctly import the tags from a [SemanticScuttle](http://semanticscuttle.sourceforge.net/) HTML export, edit the HTML file before importing and replace all occurences of `tags=` (lowercase) to `TAGS=` (uppercase).
+
+### Scuttle
+
+Shaarli cannot import data directly from [Scuttle](https://github.com/scronide/scuttle).
+
+However, you can use the third-party [scuttle-to-shaarli](https://github.com/q2apro/scuttle-to-shaarli)
+tool to export the Scuttle database to the Netscape HTML format compatible with the Shaarli importer.
+
+### Refind.com
+
+You can use the third-party tool [Derefind](https://github.com/ShawnPConroy/Derefind) to convert refind.com bookmark exports to a format that can be imported into Shaarli.
+
+
+-------------------------------------------------------
+
+## Other
+
+### The bookmarklet doesn't work
+
+Websites which enforce Content Security Policy (CSP), such as github.com, disallow usage of bookmarklets. Unfortunately, there is nothing Shaarli can do about it ([1](https://github.com/shaarli/Shaarli/issues/196), [2](https://bugzilla.mozilla.org/show_bug.cgi?id=866522), [3](https://code.google.com/p/chromium/issues/detail?id=233903).
+
+Under Opera, you can't drag'n drop the button: You have to right-click on it and add a bookmark to your personal toolbar.
+
+
+### Changing the timestamp for a shaare
+
+- Look for `<input type="hidden" name="lf_linkdate" value="{$link.linkdate}">` in `tpl/editlink.tpl` (line 14)
+- Replace `type="hidden"` with `type="text"` from this line
+- A new date/time field becomes available in the edit/new Shaare dialog.
+- You can set the timestamp manually by entering it in the format `YYYMMDD_HHMMS`.
+
+
+-------------------------------------------------------
+
+## Support
+
+If the solutions above did not help, please:
+
+- Come and ask question on the [Gitter chat](https://gitter.im/shaarli/Shaarli) (also reachable via [IRC](https://irc.gitter.im/))
+- Search for [issues](https://github.com/shaarli/Shaarli/issues) and [Pull Requests](https://github.com/shaarli/Shaarli/pulls)
+ - if you find one that is related to the issue, feel free to comment and provide additional details (host/Shaarli setup...)
+ - check issues labeled [`feature`](https://github.com/shaarli/Shaarli/labels/feature), [`enhancement`](https://github.com/shaarli/Shaarli/labels/enhancement), and [`plugin`](https://github.com/shaarli/Shaarli/labels/plugin) if you would like a feature added to Shaarli.
+ - else, [open a new issue](https://github.com/shaarli/Shaarli/issues/new), and provide information about the problem:
+ - _what happens?_ - display glitches, invalid data, security flaws...
+ - _what is your configuration?_ - OS, server version, activated extensions, web browser...
+ - _is it reproducible?_
\ No newline at end of file
+++ /dev/null
-The testing framework used is [PHPUnit](https://phpunit.de/); it can be installed with [Composer](https://getcomposer.org/), which is a dependency management tool.
-
-## Setup a testing environment
-
-### Install composer
-
-You can either use:
-
-- a system-wide version, e.g. installed through your distro's package manager (eg. `sudo apt install composer`)
-- a local version, downloadable [here](https://getcomposer.org/download/). To update a local composer installation, run `php composer.phar self-update`
-
-
-### Install Shaarli development dependencies
-
-```bash
-$ cd /path/to/shaarli
-$ composer install
-```
-
-### Install Xdebug
-
-Xdebug must be installed and enable for PHPUnit to generate coverage reports. See http://xdebug.org/docs/install.
-
-```bash
-# for Debian-based distributions
-$ aptitude install php-xdebug
-
-# for ArchLinux:
-$ pacman -S xdebug
-```
-
-Then add the following line to `/etc/php/<PHP_VERSION>/cli/php.ini`:
-
-```ini
-zend_extension=xdebug.so
-```
-
-## Run unit tests
-
-Run `make test` and ensure tests return `OK`. If tests return failures, refer to PHPUnit messages and fix your code/tests accordingly.
-
-By default, PHPUnit will run all suitable tests found under the `tests` directory. Each test has 3 possible outcomes:
-
-- `.` - success
-- `F` - failure: the test was run but its results are invalid
- - the code does not behave as expected
- - dependencies to external elements: globals, session, cache...
-- `E` - error: something went wrong and the tested code has crashed
- - typos in the code, or in the test code
- - dependencies to missing external elements
-
-If Xdebug has been installed and activated, two coverage reports will be generated:
-
-- a summary in the console
-- a detailed HTML report with metrics for tested code
- - to open it in a web browser: `firefox coverage/index.html &`
-
-### Executing specific tests
-
-Add a [`@group`](https://phpunit.de/manual/current/en/appendixes.annotations.html#appendixes.annotations.group) annotation in a test class or method comment:
-
-```php
-/**
- * Netscape bookmark import
- * @group WIP
- */
-class BookmarkImportTest extends PHPUnit_Framework_TestCase
-{
- [...]
-}
-```
-
-To run all tests annotated with `@group WIP`:
-```bash
-$ vendor/bin/phpunit --group WIP tests/
-```
-
-### Running tests inside Docker containers
-
-Test Dockerfiles are located under `tests/docker/<distribution>/Dockerfile`,
-and can be used to build Docker images to run Shaarli test suites under common
-Linux environments.
-
-Dockerfiles are provided for the following environments:
-
-- `alpine36` - [Alpine 3.6](https://www.alpinelinux.org/downloads/)
-- `debian8` - [Debian 8 Jessie](https://www.debian.org/DebianJessie) (oldstable)
-- `debian9` - [Debian 9 Stretch](https://wiki.debian.org/DebianStretch) (stable)
-- `ubuntu16` - [Ubuntu 16.04 Xenial Xerus](http://releases.ubuntu.com/16.04/) (LTS)
-
-What's behind the curtains:
-
-- each image provides:
- - a base Linux OS
- - Shaarli PHP dependencies (OS packages)
- - test PHP dependencies (OS packages)
- - Composer
-- the local workspace is mapped to the container's `/shaarli/` directory,
-- the files are rsync'd so tests are run using a standard Linux user account
- (running tests as `root` would bypass permission checks and may hide issues)
-- the tests are run inside the container.
-
-To run tests inside a Docker container:
-
-```bash
-# build the Debian 9 Docker image for unit tests
-$ cd /path/to/shaarli
-$ cd tests/docker/debian9
-$ docker build -t shaarli-test:debian9 .
-
-# install/update 3rd-party test dependencies
-$ composer install --prefer-dist
-
-# run tests using the freshly built image
-$ docker run -v $PWD:/shaarli shaarli-test:debian9 docker_test
-
-# run the full test campaign
-$ docker run -v $PWD:/shaarli shaarli-test:debian9 docker_all_tests
-```
-## Preparation
+# Upgrade and migration
-### Note your current version
+## Note your current version
If anything goes wrong, it's important for us to know which version you're upgrading from.
The current version is present in the `shaarli_version.php` file.
-### Backup your data
-Shaarli stores all user data under the `data` directory:
+## Backup your data
-- `data/config.json.php` (or `data/config.php` for older Shaarli versions) - main configuration file
-- `data/datastore.php` - bookmarked links
-- `data/ipbans.php` - banned IP addresses
-- `data/updates.txt` - contains all automatic update to the configuration and datastore files already run
+Shaarli stores all user data and [configuration](Shaarli-configuration.md) under the `data` directory. [Backup](Backup-and-restore.md) this repository _before_ upgrading Shaarli. You will need to restore it after the following upgrade steps.
-See [Shaarli configuration](Shaarli-configuration) for more information about Shaarli resources.
-
-It is recommended to backup this repository _before_ starting updating/upgrading Shaarli:
-
-- users with SSH access: copy or archive the directory to a temporary location
-- users with FTP access: download a local copy of your Shaarli installation using your favourite client
-
-### Migrating data from a previous installation
-
-As all user data is kept under `data`, this is the only directory you need to worry about when migrating to a new installation, which corresponds to the following steps:
-
-- backup the `data` directory
-- install or update Shaarli:
- - fresh installation - see [Download and Installation](Download-and-Installation)
- - update - see the following sections
-- check or restore the `data` directory
-
-## Recommended : Upgrading from release archives
+```bash
+sudo cp -r /var/www/shaarli.mydomain.org/data ~/shaarli-data-backup
+```
-All tagged revisions can be downloaded as tarballs or ZIP archives from the [releases](https://github.com/shaarli/Shaarli/releases) page.
+## Upgrading from ZIP archives
-We recommend that you use the latest release tarball with the `-full` suffix. It contains the dependencies, please read [Download and Installation](Download-and-Installation) for `git` complete instructions.
+If you installed Shaarli from a [release ZIP archive](Installation.md#from-release-zip):
-Once downloaded, extract the archive locally and update your remote installation (e.g. via FTP) -be sure you keep the content of the `data` directory!
+```bash
+# Download the archive to the server, and extract it
+cd ~
+wget https://github.com/shaarli/Shaarli/releases/download/v0.X.Y/shaarli-v0.X.Y-full.zip
+unzip shaarli-v0.X.Y-full.zip
+
+# overwrite your Shaarli installation with the new release **All data will be lost, see _Backup your data_ above.**
+sudo rsync -avP --delete Shaarli/ /var/www/shaarli.mydomain.org/
+
+# restore file permissions as described on the installation page
+sudo chown -R root:www-data /var/www/shaarli.mydomain.org
+sudo chmod -R u=rwX /var/www/shaarli.mydomain.org
+sudo chmod -R g+rX /var/www/shaarli.mydomain.org/{index.php,application/,plugins/,inc/}
+sudo chmod -R g+rwX /var/www/shaarli.mydomain.org/{cache/,data/,pagecache/,tmp/}
+
+# restore backups of the data directory
+sudo cp -r ~/shaarli-data-backup/* /var/www/shaarli.mydomain.org/data/
+
+# If you use gettext mode for translations (not the default), reload your web server.
+sudo systemctl restart apache2
+sudo systemctl restart nginx
+```
-If you use translations in gettext mode - meaning you manually changed the default mode -,
-reload your web server.
+If you don't have shell access (eg. on shared hosting), backup the shaarli data directory, download the ZIP archive locally, extract it, upload it to the server using file transfer, and restore the data directory backup.
-After upgrading, access your fresh Shaarli installation from a web browser; the configuration and data store will then be automatically updated, and new settings added to `data/config.json.php` (see [Shaarli configuration](Shaarli configuration) for more details).
+Access your fresh Shaarli installation from a web browser; the configuration and data store will then be automatically updated, and new settings added to `data/config.json.php` (see [Shaarli configuration](Shaarli-configuration.md) for more details).
-## Upgrading with Git
-### Updating a community Shaarli
+## Upgrading from Git
-If you have installed Shaarli from the [community Git repository](Download#clone-with-git-recommended), simply [pull new changes](https://www.git-scm.com/docs/git-pull) from your local clone:
+If you have installed Shaarli [from sources](Installation.md#from-sources):
```bash
-$ cd /path/to/shaarli
-$ git pull
-
-From github.com:shaarli/Shaarli
- * branch master -> FETCH_HEAD
-Updating ebd67c6..521f0e6
-Fast-forward
- application/Url.php | 1 +
- shaarli_version.php | 2 +-
- tests/Url/UrlTest.php | 1 +
- 3 files changed, 3 insertions(+), 1 deletion(-)
-```
+# pull new changes from your local clone
+cd /var/www/shaarli.mydomain.org/
+sudo git pull
-Shaarli >= `v0.8.x`: install/update third-party PHP dependencies using [Composer](https://getcomposer.org/):
+# update PHP dependencies (Shaarli >= v0.8)
+sudo composer install --no-dev
-```bash
-$ composer install --no-dev
+# update translations (Shaarli >= v0.9.2)
+sudo make translate
-Loading composer repositories with package information
-Updating dependencies
- - Installing shaarli/netscape-bookmark-parser (v1.0.1)
- Downloading: 100%
-```
+# If you use translations in gettext mode (not the default), reload your web server.
+sudo systemctl reload apache
+sudo systemctl reload nginx
-Shaarli >= `v0.9.2` supports translations:
+# update front-end dependencies (Shaarli >= v0.10.0)
+sudo make build_frontend
-```bash
-$ make translate
-```
+# restore file permissions as described on the installation page
+sudo chown -R root:www-data /var/www/shaarli.mydomain.org
+sudo chmod -R u=rwX /var/www/shaarli.mydomain.org
+sudo chmod -R g+rX /var/www/shaarli.mydomain.org/{index.php,application/,plugins/,inc/}
+sudo chmod -R g+rwX /var/www/shaarli.mydomain.org/{cache/,data/,pagecache/,tmp/}
+```
-If you use translations in gettext mode, reload your web server.
+Access your fresh Shaarli installation from a web browser; the configuration and data store will then be automatically updated, and new settings added to `data/config.json.php` (see [Shaarli configuration](Shaarli-configuration.md) for more details).
-Shaarli >= `v0.10.0` manages its front-end dependencies with nodejs. You need to install
-[yarn](https://yarnpkg.com/lang/en/docs/install/):
+---------------------------------------------------------------
-```bash
-$ make build_frontend
-```
-
-### Migrating and upgrading from Sebsauvage's repository
+## Migrating and upgrading from Sebsauvage's repository
If you have installed Shaarli from [Sebsauvage's original Git repository](https://github.com/sebsauvage/Shaarli), you can use [Git remotes](https://git-scm.com/book/en/v2/Git-Basics-Working-with-Remotes) to update your working copy.
- no versioned file has been locally modified
- no untracked files are present
-#### Step 0: show repository information
+### Step 0: show repository information
```bash
$ cd /path/to/shaarli
nothing to commit, working directory clean
```
-#### Step 1: update Git remotes
+### Step 1: update Git remotes
```
$ git remote rename origin sebsauvage
* [new tag] v0.7.0 -> v0.7.0
```
-#### Step 2: use the stable community branch
+### Step 2: use the stable community branch
```bash
$ git checkout origin/stable -b stable
If you use translations in gettext mode, reload your web server.
-Shaarli >= `v0.10.0` manages its front-end dependencies with nodejs. You need to install
-[yarn](https://yarnpkg.com/lang/en/docs/install/):
+Shaarli >= `v0.10.0` manages its front-end dependencies with nodejs. You need to install [yarn](https://yarnpkg.com/lang/en/docs/install/):
```bash
$ make build_frontend
Total 3317 (delta 2050), reused 3301 (delta 2034)to
```
-#### Step 3: configuration
+### Step 3: configuration
After migrating, access your fresh Shaarli installation from a web browser; the
configuration will then be automatically updated, and new settings added to
-`data/config.json.php` (see [Shaarli configuration](Shaarli-configuration) for more
+`data/config.json.php` (see [Shaarli configuration](Shaarli-configuration.md) for more
details).
## Troubleshooting
-If the solutions provided here don't work, please open an issue specifying which version you're upgrading from and to.
-
-### You must specify an integer as a key
-
-In `v0.8.1` we changed how link keys are handled (from timestamps to incremental integers).
-Take a look at `data/updates.txt` content.
-
-#### `updates.txt` contains `updateMethodDatastoreIds`
-
-Try to delete it and refresh your page while being logged in.
-
-#### `updates.txt` doesn't exist or doesn't contain `updateMethodDatastoreIds`
+If the solutions provided here don't work, see [Troubleshooting](Troubleshooting.md) and/or open an issue specifying which version you're upgrading from and to.
-1. Create `data/updates.txt` if it doesn't exist
-2. Paste this string in the update file `;updateMethodRenameDashTags;`
-3. Login to Shaarli
-4. Delete the update file
-5. Refresh
--- /dev/null
+## Features
+
+For any item posted to Shaarli (called a _Shaare_), you can customize the following aspects:
+
+- URL to link to
+- Title
+- Free-text description
+- Tags
+- Public/private status
+
+
+### Adding/editing Shaares
+
+While logged in to your Shaarli, you can add, edit or delete Shaares:
+
+- Using the **+Shaare** button: enter the URL you want to share, click `Add link`, fill in the details of your Shaare, and `Save`
+- Using the [Bookmarklet](https://en.wikipedia.org/wiki/Bookmarklet): drag the `✚Shaare link` button from the `Tools` page to your browser's bookmarks bar, click it to share the current page.
+- Using [apps and browser addons](Community-and-related-software.md#mobile-apps)
+- Using the [REST API](https://shaarli.github.io/api-documentation/)
+- Any Shaare can edited by clicking its  `Edit` button.
+
+
+### Tags
+
+Tags can be be used to organize and categorize your Shaares:
+
+- You can rename, merge and delete tags from the _Tools_ menu or the [tag cloud/list](#tag-cloud)
+- Tags are auto-completed (from the list of existing tags) in all dialogs
+- Tags can be combined with text in [search](#search) queries
+
+
+### Public/private Shaares
+
+Additional filter buttons can be found at the top left of the Shaare list **only when logged in**:
+
+- **Only show private Shaares:** Private shares can be searched by clicking the `only show private links` toggle button top left of the Shaares list (only when logged in)
+
+
+### Permalinks
+
+Permalinks are fixed, short links attached to each Shaare. Editing a Shaare will not change it's permalink, each permalink always points to the latest revision of a Shaare.
+
+
+### Text-only (note) Shaares
+
+Shaarli can be used as a minimal blog, notepad, pastebin...: While adding or editing a Shaare, leave the URL field blank to create a text-only ("note") post. This allows you to post any kind of text content, such as blog articles, private or public notes, snippets... There is no character limit! You can access your post from its permalink.
+
+
+### Search
+
+- **Plain text search:** Use `Search text` to search in all fields of all Shaares (Title, URL, Description...). Use double-quotes (example `"exact search"`) to search for the exact expression.
+- **Tags search:** `Filter by tags` allow only displaying Shaares tagged with one or multiple tags (use space to separate tags).
+- **Hidden tags:** tags starting with a dot `.` (example `.secret`) are private. They can only be seen and searched when logged in.
+- **Exclude text/tags:** Use the `-` operator before a word or tag to exclude Shaares matching this word from search results (`NOT` operator).
+- **Untagged links:** Shaares without tags can be searched by clicking the `untagged` toggle button top left of the Shaares list (only when logged in).
+
+
+Both exclude patterns and exact searches can be combined with normal searches (example `"exact search" term otherterm -notthis "very exact" stuff -notagain`). Only AND (and NOT) search is currrently supported.
+
+
+### Tag cloud
+
+The `Tag cloud` page diplays a "cloud" or list view of all tags in your Shaarli (most frequently used tags are displayed with a bigger font size)
+
+
+- **Tags list:** click on `Most used` or `Alphabetical` to display tags as a list. You can also edit/delete tags for this page.
+- Click on any tag to search all Shaares matching this tag.
+- **Filtering the tag cloud/list:** Click on the counter next to a tag to show other tags of Shaares with this tag. Repeat this any number of times to further filter the tag cloud. Click `List all links with those tags` to display Shaares matching your current tag filter set.
+
+
+
+### RSS feeds
+
+RSS/ATOM feeds feeds are available (in ATOM with `/feed/atom` and RSS with `/feed/rss`)
+
+- **Filtering RSS feeds:** RSS feeds and picture wall can also be restricted to only return items matching a text/tag search. For example, search for `photography` (text or tags) in Shaarli, then click the `RSS Feed` button. A feed with only matching results is displayed.
+- Add the `&nb` parameter in feed URLs to specify the number of Shaares you want in a feed (default if not specified: `50`). The keyword `all` is available if you want everything.
+- Add the `&permalinks` parameter in feed URLs to point permalinks to the corresponding shaarly entry/link instead of the direct, Shaare URL attribute
+
+ 
+
+```bash
+# examples
+https://shaarli.mydomain.org/feed/atom?permalinks
+https://shaarli.mydomain.org/feed/atom?permalinks&nb=42
+https://shaarli.mydomain.org/feed/atom?permalinks&nb=all
+https://shaarli.mydomain.org/feed/rss?searchtags=nature
+https://shaarli.mydomain.org/links/picture-wall?searchterm=poney
+```
+
+
+### Picture wall
+
+- The picture wall can be filtered by text or tags search in the same way as [RSS feeds](#rss-feeds)
+
+
+### Import/export
+
+To **export Shaares as a HTML file**, under _Tools > Export_, choose:
+
+- `Export all` to export both public and private Shaares
+- `Export public` to export public Shaares only
+- `Export private` to export private Shaares only
+
+Restore by using the `Import` feature.
+
+- These exports contain the full data (URL, title, tags, date, description, public/private status of your Shaares)
+- They can also be imported to your web browser bookmarks.
+
--- /dev/null
+# Development
+
+Please read [Contributing to Shaarli](https://github.com/shaarli/Shaarli/tree/master/CONTRIBUTING.md)
+
+## Guidelines
+
+
+- [Unit tests](Unit-tests)
+- Javascript linting - Shaarli uses [Airbnb JavaScript Style Guide](https://github.com/airbnb/javascript).
+Run `make eslint` to check JS style.
+- [GnuPG signature](GnuPG-signature) for tags/releases
+
+
+## Third-party libraries
+
+CSS:
+
+- Yahoo UI [CSS Reset](http://yuilibrary.com/yui/docs/cssreset/) - standardize cross-browser rendering
+
+Javascript:
+
+- [Awesomeplete](https://leaverou.github.io/awesomplete/) ([GitHub](https://github.com/LeaVerou/awesomplete)) - autocompletion in input forms
+- [bLazy](http://dinbror.dk/blazy/) ([GitHub](https://github.com/dinbror/blazy)) - lazy loading for thumbnails
+- [qr.js](http://neocotic.com/qr.js/) ([GitHub](https://github.com/neocotic/qr.js)) - QR code generation
+
+PHP (managed through [`composer.json`](https://github.com/shaarli/Shaarli/blob/master/composer.json)):
+
+- [RainTPL](https://github.com/rainphp/raintpl) - HTML templating for PHP
+- [`shaarli/netscape-bookmark-parser`](https://packagist.org/packages/shaarli/netscape-bookmark-parser) - Import bookmarks from Netscape files
+- [`erusev/parsedown`](https://packagist.org/packages/erusev/parsedown) - Parse MarkDown syntax for the MarkDown plugin
+- [`slim/slim`](https://packagist.org/packages/slim/slim) - Handle routes and middleware for the REST API
+- [`ArthurHoaro/web-thumbnailer`](https://github.com/ArthurHoaro/web-thumbnailer) - PHP library which will retrieve a thumbnail for any given URL
+- [`pubsubhubbub/publisher`](https://github.com/pubsubhubbub/php-publisher) - A PubSubHubbub publisher module for PHP.
+- [`gettext/gettext`](https://github.com/php-gettext/Gettext) - PHP library to collect and manipulate gettext (.po, .mo, .php, .json, etc)
+
+
+## Security
+
+- The password is salted, hashed and stored in the data subdirectory, in a PHP file, and protected by htaccess. Even if the webserver does not support htaccess, the hash is not readable by URL. Even if the .php file is stolen, the password cannot deduced from the hash. The salt prevents rainbow-tables attacks.
+- Directories are protected using `.htaccess` files
+- Forms are protected against [XSRF](http://en.wikipedia.org/wiki/Cross-site_request_forgery):
+ - Forms which act on data (save,delete…) contain a token generated by the server.
+ - Any posted form which does not contain a valid token is rejected.
+ - Any token can only be used once.
+ - Tokens are attached to the session and cannot be reused in another session.
+- Sessions automatically expire after 60 minutes.
+- Sessions are protected against hijacking: the session ID cannot be used from a different IP address.
+- Links are stored as an associative array which is serialized, compressed (with deflate), base64-encoded and saved as a comment in a `.php` file - even if the server does not support `.htaccess` files, the data file will still not be readable by URL.
+- Bruteforce protection: Successful and failed login attempts are logged - IP bans are enforced after a configurable amount of failures. Logs can also be used consumed by [fail2ban](../Server-configuration.md#fail2ban)
+- A pop-up notification is shown when a new release is available.
+
+## Link structure
+
+Every link available through the `LinkDB` object is represented as an array
+containing the following fields:
+
+ * `id` (integer): Unique identifier.
+ * `title` (string): Title of the link.
+ * `url` (string): URL of the link. Used for displayable links (without redirector, url encoding, etc.).
+ Can be absolute or relative for Notes.
+ * `real_url` (string): Real destination URL, can be redirected, encoded, etc.
+ * `shorturl` (string): Permalink small hash.
+ * `description` (string): Link text description.
+ * `private` (boolean): whether the link is private or not.
+ * `tags` (string): all link tags separated by a single space
+ * `thumbnail` (string|boolean): relative path of the thumbnail cache file, or false if there isn't any.
+ * `created` (DateTime): link creation date time.
+ * `updated` (DateTime): last modification date time.
+
+Small hashes are used to make a link to an entry in Shaarli. They are unique: the date of the item (eg. `20110923_150523`) is hashed with CRC32, then converted to base64 and some characters are replaced. They are always 6 characters longs and use only `A-Z a-z 0-9 - _` and `@`.
+
+
+## Directory structure
+
+Here is the directory structure of Shaarli and the purpose of the different files:
+
+```bash
+ index.php # Main program
+ application/ # Shaarli classes
+ ├── LinkDB.php
+
+ ...
+
+ └── Utils.php
+ tests/ # Shaarli unitary & functional tests
+ ├── LinkDBTest.php
+
+ ...
+
+ ├── utils # utilities to ease testing
+ │ └── ReferenceLinkDB.php
+ └── UtilsTest.php
+ assets/
+ ├── common/ # Assets shared by multiple themes
+ ├── ...
+ ├── default/ # Assets for the default template, before compilation
+ ├── fonts/ # Font files
+ ├── img/ # Images used by the default theme
+ ├── js/ # JavaScript files in ES6 syntax
+ ├── scss/ # SASS files
+ └── vintage/ # Assets for the vintage template, before compilation
+ └── ...
+ COPYING # Shaarli license
+ inc/ # static assets and 3rd party libraries
+ └── rain.tpl.class.php # RainTPL templating library
+ images/ # Images and icons used in Shaarli
+ data/ # data storage: bookmark database, configuration, logs, banlist...
+ ├── config.json.php # Shaarli configuration (login, password, timezone, title...)
+ ├── datastore.php # Your link database (compressed).
+ ├── ipban.php # IP address ban system data
+ ├── lastupdatecheck.txt # Update check timestamp file
+ └── log.txt # login/IPban log.
+ tpl/ # RainTPL templates for Shaarli. They are used to build the pages.
+ ├── default/ # Default Shaarli theme
+ ├── fonts/ # Font files
+ ├── img/ # Images
+ ├── js/ # JavaScript files compiled by Babel and compatible with all browsers
+ ├── css/ # CSS files compiled with SASS
+ └── vintage/ # Legacy Shaarli theme
+ └── ...
+ cache/ # thumbnails cache
+ # This directory is automatically created. You can erase it anytime you want.
+ tmp/ # Temporary directory for compiled RainTPL templates.
+ # This directory is automatically created. You can erase it anytime you want.
+ vendor/ # Third-party dependencies. This directory is created by Composer
+```
+
+Shaarli needs read access to:
+
+- the root index.php file
+- the `application/`, `plugins/` and `inc/` directories (recursively)
+
+Shaarli needs read/write access to the `cache/`, `data/`, `pagecache/`, and `tmp/` directories
+
+
+## Automation
+
+A [`Makefile`](https://github.com/shaarli/Shaarli/blob/master/Makefile) is available to perform project-related operations:
+
+- [Static analysis](#Static-analysis) - check that the code is compliant to PHP conventions
+- [Unit tests](#Unit-tests) - ensure there are no regressions introduced by new commits
+- Documentation - generate a local HTML copy of the markdown documentation
+
+### Continuous Integration
+
+[Travis CI](http://docs.travis-ci.com/) is a Continuous Integration build server, that runs a build:
+
+- each time a commit is merged to the mainline (`master` branch)
+- each time a Pull Request is submitted or updated
+
+After all jobs have finished, Travis returns the results to GitHub:
+
+- a status icon represents the result for the `master` branch: [](https://travis-ci.org/shaarli/Shaarli)
+- Pull Requests are updated with the Travis build result.
+
+See [`.travis.yml`](https://github.com/shaarli/Shaarli/blob/master/.travis.yml).
+
+
+### Documentation
+
+[mkdocs](https://www.mkdocs.org/) is used to convert markdown documentation to HTML pages. The [public documentation](https://shaarli.readthedocs.io/en/master/) website is rendered and hosted by [readthedocs.org](https://readthedocs.org/). A copy of the documentation is also included in prebuilt [release archives](https://github.com/shaarli/Shaarli/releases) (`doc/html/` path in your Shaarli installation). To generate the HTML documentation locally, install a recent version of Python `setuptools` and run `make doc`.
+
+
+## Static analysis
+
+Patches should try to stick to the [PHP Standard Recommendations](http://www.php-fig.org/psr/) (PSR), especially:
+
+- [PSR-1](http://www.php-fig.org/psr/psr-1/) - Basic Coding Standard
+- [PSR-2](http://www.php-fig.org/psr/psr-2/) - Coding Style Guide
+
+
+**Work in progress:** Static analysis is currently being discussed here: in [#95 - Fix coding style (static analysis)](https://github.com/shaarli/Shaarli/issues/95), [#130 - Continuous Integration tools & features](https://github.com/shaarli/Shaarli/issues/130)
+
+Static analysis tools can be installed with Composer, and used through Shaarli's [Makefile](https://github.com/shaarli/Shaarli/blob/master/Makefile).
+
+For an overview of the available features, see:
+
+- [Code quality: Makefile to run static code checkers](https://github.com/shaarli/Shaarli/pull/124) (#124)
+- [Run PHPCS against different coding standards](https://github.com/shaarli/Shaarli/pull/276) (#276)
## Introduction
### PGP and GPG
-[Gnu Privacy Guard](https://gnupg.org/) (GnuPG) is an Open Source implementation of the
-[Pretty Good Privacy](https://en.wikipedia.org/wiki/Pretty_Good_Privacy#OpenPGP)
-(OpenPGP) specification. Its main purposes are digital authentication, signature and encryption.
+[Gnu Privacy Guard](https://gnupg.org/) (GnuPG) is an Open Source implementation of the [Pretty Good Privacy](https://en.wikipedia.org/wiki/Pretty_Good_Privacy#OpenPGP) (OpenPGP) specification. Its main purposes are digital authentication, signature and encryption. It is often used by the [FLOSS](https://en.wikipedia.org/wiki/Free_and_open-source_software) community to verify:
-It is often used by the [FLOSS](https://en.wikipedia.org/wiki/Free_and_open-source_software) community to verify:
+- Linux package signatures: Debian [SecureApt](https://wiki.debian.org/SecureApt), ArchLinux [Master Keys](https://www.archlinux.org/master-keys/)
+- [Version control](https://en.wikipedia.org/wiki/Revision_control) releases & maintainer identity
-- Linux package signatures: Debian [SecureApt](https://wiki.debian.org/SecureApt), ArchLinux [Master
-Keys](https://www.archlinux.org/master-keys/)
-- [SCM](https://en.wikipedia.org/wiki/Revision_control) releases & maintainer identity
+> You MUST understand that presence of data in the keyserver (pools) in no way connotes trust. Anyone can generate a key, with any name or email address, and upload it. All security and trust comes from evaluating security at the “object level”, via PGP [Web of trust](https://en.wikipedia.org/wiki/Web_of_trust) signatures. This keyserver makes it possible to retrieve keys, looking them up via various indices, but the collection of keys in this public pool is KNOWN to contain malicious and fraudulent keys. It is the common expectation of server operators that users understand this and use software which, like all known common OpenPGP implementations, evaluates trust accordingly. This expectation is so common that it is not normally explicitly stated.
-### Trust
-To quote Phil Pennock (the author of the [SKS](https://bitbucket.org/skskeyserver/sks-keyserver/wiki/Home) key server - http://sks.spodhuis.org/):
+-- Phil Pennock (author of the [SKS](https://bitbucket.org/skskeyserver/sks-keyserver/wiki/Home) key server - http://sks.spodhuis.org/)
-> You MUST understand that presence of data in the keyserver (pools) in no way connotes trust. Anyone can generate a key, with any name or email address, and upload it. All security and trust comes from evaluating security at the “object level”, via PGP Web-Of-Trust signatures. This keyserver makes it possible to retrieve keys, looking them up via various indices, but the collection of keys in this public pool is KNOWN to contain malicious and fraudulent keys. It is the common expectation of server operators that users understand this and use software which, like all known common OpenPGP implementations, evaluates trust accordingly. This expectation is so common that it is not normally explicitly stated.
+Trust can be gained by having your key signed by other people (and signing their key back, too :) ), for instance during [key signing parties](https://en.wikipedia.org/wiki/Key_signing_party): [Keysigning party HOWTO](http://www.cryptnet.net/fdp/crypto/keysigning_party/en/keysigning_party.html),
-Trust can be gained by having your key signed by other people (and signing their key back, too :) ), for instance during [key signing parties](https://en.wikipedia.org/wiki/Key_signing_party), see:
-
-- [The Keysigning party HOWTO](http://www.cryptnet.net/fdp/crypto/keysigning_party/en/keysigning_party.html)
-- [Web of trust](https://en.wikipedia.org/wiki/Web_of_trust)
## Generate a GPG key
- [Generating a GPG key for Git tagging](http://stackoverflow.com/a/16725717) (StackOverflow)
-[**I am a developer: ** Developer API](#developer-api)
-
-[**I am a template designer: ** Guide for template designers](#guide-for-template-designer)
-
----
+# Plugin system
## Developer API
### What can I do with plugins?
-The plugin system let you:
+The plugin system lets you:
- insert content into specific places across templates.
- alter data before templates rendering.
- alter data before saving new links.
+
### How can I create a plugin for Shaarli?
First, chose a plugin name, such as `demo_plugin`.
| |---| demo_plugin.php
```
+
### Plugin initialization
At the beginning of Shaarli execution, all enabled plugins are loaded. At this point, the plugin system looks for an `init()` function in the <plugin_name>.php to execute and run it if it exists. This function must be named this way, and takes the `ConfigManager` as parameter.
If this function is declared, and the plugin enabled, it will be called every time Shaarli is rendering the header.
+
### Plugin's data
#### Parameters
return $data;
```
+
#### Data manipulation
When a page is displayed, every variable send to the template engine is passed to plugins before that in `$data`.
> Note: In PHP, `parse_ini_file()` seems to want strings to be between by quotes `"` in the ini file.
+
### It's not working!
Use `demo_plugin` as a functional example. It covers most of the plugin system features.
If it's still not working, please [open an issue](https://github.com/shaarli/Shaarli/issues/new).
+
### Hooks
| Hooks | Description |
| [save_plugin_parameters](#save_plugin_parameters) | Allow to manipulate plugin parameters before they're saved. |
-
#### render_header
-Triggered on every page.
+Triggered on every page - allows plugins to add content in page headers.
-Allow plugin to add content in page headers.
##### Data
-#### render_includes
-Triggered on every page.
+#### render_includes
-Allow plugin to include their own CSS files.
+Triggered on every page - allows plugins to include their own CSS files.
-##### Data
+##### data
`$data` is an array containing:
> Note: only add the path of the CSS file. E.g: `plugins/demo_plugin/custom_demo.css`.
+
#### render_footer
Triggered on every page.
Allow plugin to add content in page footer and include their own JS files.
-##### Data
+##### data
`$data` is an array containing:
> Note: only add the path of the JS file. E.g: `plugins/demo_plugin/custom_demo.js`.
+
#### render_linklist
Triggered when `linklist` is displayed (list of links, permalink, search, tag filtered, etc.).
It allows to add content at the begining and end of the page, after every link displayed and to alter link data.
-##### Data
+##### data
`$data` is an array containing:
- All templates data, including links.
- [Special data](#special-data)
-##### Template placeholders
+##### template placeholders
Items can be displayed in templates by adding an entry in `$data['<placeholder>']` array.
+
#### render_editlink
Triggered when the link edition form is displayed.
Allow to add fields in the form, or display elements.
-##### Data
+##### data
`$data` is an array containing:
- All templates data.
- [Special data](#special-data)
-##### Template placeholders
+##### template placeholders
Items can be displayed in templates by adding an entry in `$data['<placeholder>']` array.
+
#### render_tools
Triggered when the "tools" page is displayed.
Allow to add content at the end of the page.
-##### Data
+##### data
`$data` is an array containing:
- All templates data.
- [Special data](#special-data)
-##### Template placeholders
+##### template placeholders
Items can be displayed in templates by adding an entry in `$data['<placeholder>']` array.
+
#### render_picwall
Triggered when picwall is displayed.
Allow to add content at the top and bottom of the page.
-##### Data
+##### data
`$data` is an array containing:
- All templates data.
- [Special data](#special-data)
-##### Template placeholders
+##### template placeholders
Items can be displayed in templates by adding an entry in `$data['<placeholder>']` array.
+
#### render_tagcloud
Triggered when tagcloud is displayed.
Allow to add content at the top and bottom of the page.
-##### Data
+##### data
`$data` is an array containing:
#### render_taglist
-Triggered when taglist is displayed.
-
-Allow to add content at the top and bottom of the page.
+Triggered when taglist is displayed - allows to add content at the top and bottom of the page.
-##### Data
+##### data
`$data` is an array containing:
Allow to add content at the top and bottom of the page, the bottom of each link and to alter data.
-##### Data
+
+##### data
`$data` is an array containing:
- `plugin_start_zone`: before displaying the template content.
- `plugin_end_zone`: after displaying the template content.
+
#### render_feed
Triggered when the ATOM or RSS feed is displayed.
Allow to add tags in the feed, either in the header or for each items. Items (links) can also be altered before being rendered.
-##### Data
+##### data
`$data` is an array containing:
- `feed_plugins`: additional tag for every link entry.
+
#### save_link
Triggered when a link is save (new link or edit).
Allow to alter the link being saved in the datastore.
-##### Data
+##### data
`$data` is an array containing the link being saved:
Allow to execute any action before the link is actually removed from the datastore
-##### Data
+##### data
`$data` is an array containing the link being deleted:
Plugins can perform an action every times their settings are updated.
For example it is used to update the CSS file of the `default_colors` plugins.
-##### Data
+##### data
`$data` input contains the `$_POST` array.
Also [special data](#special-data).
-## Guide for template designer
+## Guide for template designers
### Plugin administration
--- /dev/null
+# Release Shaarli
+
+## Requirements
+
+This guide assumes that you have:
+
+- a GPG key matching your GitHub authentication credentials/email (the email address identified by the GPG key is the same as the one in your `~/.gitconfig`)
+- a GitHub fork of Shaarli
+- a local clone of your Shaarli fork, with the following remotes:
+ - `origin` pointing to your GitHub fork
+ - `upstream` pointing to the main Shaarli repository
+- maintainer permissions on the main Shaarli repository, to:
+ - push the signed tag
+ - create a new release
+- [Composer](https://getcomposer.org/) needs to be installed
+- The [venv](https://docs.python.org/3/library/venv.html) Python 3 module needs to be installed for HTML documentation generation.
+
+## Release notes and `CHANGELOG.md`
+
+GitHub allows drafting the release notes for the upcoming release, from the [Releases](https://github.com/shaarli/Shaarli/releases) page. This way, the release note can be drafted while contributions are merged to `master`. See http://keepachangelog.com/en/0.3.0/ for changelog formatting.
+
+`CHANGELOG.md` should contain the same information as the release note draft for the upcoming version. Update it to:
+
+- add new entries (additions, fixes, etc.)
+- mark the current version as released by setting its date and link
+- add a new section for the future unreleased version
+
+```bash
+## [v0.x.y](https://github.com/shaarli/Shaarli/releases/tag/v0.x.y) - UNRELEASES
+
+### Added
+
+### Changed
+
+### Fixed
+
+### Removed
+
+### Deprecated
+
+### Security
+
+```
+
+
+## Update the list of Git contributors
+
+```bash
+$ make authors
+$ git commit -s -m "Update AUTHORS"
+```
+
+## Create and merge a Pull Request
+
+Create a Pull Request to marge changes from your remote, into `master` in the community Shaarli repository, and have it merged.
+
+
+## Create the release branch and update shaarli_version.php
+
+```bash
+# fetch latest changes from master to your local copy
+git checkout master
+git pull upstream master
+
+# If releasing a new minor version, create a release branch
+$ git checkout -b v0.x
+
+# Bump shaarli_version.php from dev to 0.x.0, **without the v**
+$ vim shaarli_version.php
+$ git add shaarli_version
+$ git commit -s -m "Bump Shaarli version to v0.x.0"
+$ git push upstream v0.x
+```
+
+## Create and push a signed tag
+
+Git [tags](http://git-scm.com/book/en/v2/Distributed-Git-Maintaining-a-Project#Tagging-Your-Releases) are used to identify specific revisions with a unique version number that follows [semantic versioning](https://semver.org/)
+
+```bash
+# update your local copy
+git checkout v0.5
+git pull upstream v0.5
+
+# create a signed tag
+git tag -s -m "Release v0.5.0" v0.5.0
+
+# push the tag to upstream
+git push --tags upstream
+```
+
+Here is how to verify a signed tag. [`v0.5.0`](https://github.com/shaarli/Shaarli/releases/tag/v0.5.0) is the first GPG-signed tag pushed on the Community Shaarli. Let's have a look at its signature!
+
+```bash
+# update the list of available tags
+git fetch upstream
+
+# get the SHA1 reference of the tag
+git show-ref tags/v0.5.0
+# gives: f7762cf803f03f5caf4b8078359a63783d0090c1 refs/tags/v0.5.0
+
+# verify the tag signature information
+git verify-tag f7762cf803f03f5caf4b8078359a63783d0090c1
+# gpg: Signature made Thu 30 Jul 2015 11:46:34 CEST using RSA key ID 4100DF6F
+# gpg: Good signature from "VirtualTam <virtualtam@flibidi.net>" [ultimate]
+```
+
+## Publish the GitHub release
+
+- In the `master` banch, update version badges in `README.md` to point to the newly released Shaarli version
+- Update the previously drafted [release](https://github.com/shaarli/Shaarli/releases) (notes, tag) and publish it
+- Profit!
+
+
+## Generate full release zip archives
+
+Release archives will contain Shaarli code plus all required third-party libraries. They are useful for users who:
+
+- have no SSH access, no possibility to install PHP packages/server extensions, no possibility to run scripts (shared hosting)
+- do not want to install build/dev dependencies on their server
+
+ `git checkout` the appropriate branch, then:
+
+```bash
+# checkout the appropriate branch
+git checkout 0.x.y
+# generate zip archives
+make release_archive
+```
+
+This will create `shaarli-v0.x.y-full.tar`, `shaarli-v0.x.y-full.zip`. These archives need to be manually uploaded on the previously created GitHub [release](https://github.com/shaarli/Shaarli/releases).
+
+
+### Update the `latest` branch
+
+```bash
+# checkout the 'latest' branch
+git checkout latest
+# merge changes from your newly published release branch
+git merge v0.x.y
+# fix eventual conflicts with git mergetool...
+# run tests
+make test
+# push the latest branch
+git push upstream latest
+```
+# Theming
+
## Foreword
There are two ways of customizing how Shaarli looks:
### Contributing
-We encourage the community to contribute to Shaarli's translation either by improving existing
-translations or submitting a new language.
+We encourage the community to contribute to Shaarli translations, either by improving existing translations or submitting a new language.
-Contributing to the translation does not require development skill.
+Contributing to the translation does not require software development knowledge.
-Please submit a pull request with the `.po` file updated/created. Note that the compiled file (`.mo`)
-is not stored on the repository, and is generated during the release process.
+Please submit a pull request with the `.po` file updated/created. Note that the compiled file (`.mo`) is not stored on the repository, and is generated during the release process.
-### How to
-
-First, install [Poedit](https://poedit.net/) tool.
-
-Poedit will extract strings to translate from the PHP source code.
-**Important**: due to the usage of a template engine, it's important to generate PHP cache files to extract
-every translatable string.
+### How to
-You can either use [this script](https://gist.github.com/ArthurHoaro/5d0323f758ab2401ef444a53f54e9a07) (recommended)
-or visit every template page in your browser to generate cache files, while logged in.
+Install [Poedit](https://poedit.net/) (used to extract strings to translate from the PHP source code, and generate `.po` files).
-Here is a list :
+Due to the usage of a template engine, it's important to generate PHP cache files to extract every translatable string. You can either use [this script](https://gist.github.com/ArthurHoaro/5d0323f758ab2401ef444a53f54e9a07) (recommended) or visit every template page in your browser to generate cache files, while logged in. Here is a list :
```
http://<replace_domain>/
+http://<replace_domain>/login
+http://<replace_domain>/daily
+http://<replace_domain>/tags/cloud
+http://<replace_domain>/tags/list
+http://<replace_domain>/picture-wall
http://<replace_domain>/?nonope
http://<replace_domain>/admin/add-shaare
http://<replace_domain>/admin/password
http://<replace_domain>/admin/tags
http://<replace_domain>/admin/configure
http://<replace_domain>/admin/tools
-http://<replace_domain>/daily
http://<replace_domain>/admin/shaare
http://<replace_domain>/admin/export
http://<replace_domain>/admin/import
-http://<replace_domain>/login
-http://<replace_domain>/picture-wall
http://<replace_domain>/admin/plugins
-http://<replace_domain>/tags/cloud
-http://<replace_domain>/tags/list
```
-#### Improve existing translation
-
-In Poedit, click on "Edit a Translation", and from Shaarli's directory open
-`inc/languages/<lang>/LC_MESSAGES/shaarli.po`.
-The existing list of translatable strings should have been loaded, then click on the "Update" button.
+#### Improve existing translations
-You can start editing the translation.
+- In Poedit, click on "Edit a Translation
+- Open `inc/languages/<lang>/LC_MESSAGES/shaarli.po` under Shaarli's directory
+- The existing list of translatable strings should load
+- Click on the "Update" button.
+- Start editing translations.
Save when you're done, then you can submit a pull request containing the updated `shaarli.po`.
-#### Add a new language
-
-Open Poedit and select "Create New Translation", then from Shaarli's directory open
-`inc/languages/<lang>/LC_MESSAGES/shaarli.po`.
-
-Then select the language you want to create.
-Click on `File > Save as...`, and save your file in `<shaarli directory>/inc/language/<new language>/LC_MESSAGES/shaarli.po`.
-`<new language>` here should be the language code respecting the [ISO 3166-1 alpha-2](https://en.wikipedia.org/wiki/ISO_3166-2)
-format in lowercase (e.g. `de` for German).
+#### Add a new language
-Then click on the "Update" button, and you can start to translate every available string.
+- In Poedit select "Create New Translation"
+- Open `inc/languages/<lang>/LC_MESSAGES/shaarli.po` under Shaarli's directory
+- Select the language you want to create.
+- Click on `File > Save as...`, save your file in `<shaarli directory>/inc/language/<new language>/LC_MESSAGES/shaarli.po` (`<new language>` here should be the language code respecting the [ISO 3166-1 alpha-2](https://en.wikipedia.org/wiki/ISO_3166-2) format in lowercase - e.g. `de` for German)
+- Click on the "Update" button
+- Start editing translations.
Save when you're done, then you can submit a pull request containing the new `shaarli.po`.
+
### Theme translations
-Theme translation extensions are loaded automatically if they're present.
+[Theme](Theming) translation extensions are loaded automatically if they're present.
As a theme developer, all you have to do is to add the `.po` and `.mo` compiled file like this:
- tpl/<theme name>/language/<lang>/LC_MESSAGES/<theme name>.po
- tpl/<theme name>/language/<lang>/LC_MESSAGES/<theme name>.mo
+```
+tpl/<theme name>/language/<lang>/LC_MESSAGES/<theme name>.po
+tpl/<theme name>/language/<lang>/LC_MESSAGES/<theme name>.mo
+```
Where `<lang>` is the ISO 3166-1 alpha-2 language code.
+
Read the following section "Extend Shaarli's translation" to learn how to generate those files.
+
### Extend Shaarli's translation
If you're writing a custom theme, or a non official plugin, you might want to use the translation system,
--- /dev/null
+# Unit tests
+
+Shaarli uses the [PHPUnit](https://phpunit.de/) test framework; it can be installed with [Composer](https://getcomposer.org/), which is a dependency management tool.
+
+## Install composer
+
+You can either use:
+
+- a system-wide version, e.g. installed through your distro's package manager
+- a local version, downloadable [here](https://getcomposer.org/download/).
+
+```bash
+# system-wide version
+$ composer install
+$ composer update
+
+# local version
+$ php composer.phar self-update
+$ php composer.phar install
+$ php composer.phar update
+```
+
+## Install Shaarli dev dependencies
+
+```bash
+$ cd /path/to/shaarli
+$ composer update
+```
+
+## Install and enable Xdebug to generate PHPUnit coverage reports
+
+
+[Xdebug](http://xdebug.org/docs/install) is a PHP extension which provides debugging and profiling capabilities. Install Xdebug:
+
+```bash
+# for Debian-based distros:
+sudo aptitude install php5-xdebug
+
+# for ArchLinux:
+pacman -S xdebug
+
+# then add the following line to /etc/php/php.ini
+zend_extension=xdebug.so
+```
+
+## Run unit tests
+
+Ensure tests pass successuflly:
+
+```bash
+make test
+# ...
+# OK (36 tests, 65 assertions)
+```
+
+In case of failure the test suite will point you to actual errors and output a summary:
+
+```bash
+make test
+# ...
+# FAILURES!
+# Tests: 36, Assertions: 63, Errors: 1, Failures: 2.
+```
+
+By default, PHPUnit will run all suitable tests found under the `tests` directory. Each test has 3 possible outcomes:
+
+- `.` - success
+- `F` - failure: the test was run but its results are invalid
+ - the code does not behave as expected
+ - dependencies to external elements: globals, session, cache...
+- `E` - error: something went wrong and the tested code has crashed
+ - typos in the code, or in the test code
+ - dependencies to missing external elements
+
+If Xdebug has been installed and activated, two coverage reports will be generated:
+
+- a summary in the console
+- a detailed HTML report with metrics for tested code
+ - to open it in a web browser: `firefox coverage/index.html &`
+
+
+### Executing specific tests
+
+Add a [`@group`](https://phpunit.de/manual/current/en/appendixes.annotations.html#appendixes.annotations.group) annotation in a test class or method comment:
+
+```php
+/**
+ * Netscape bookmark import
+ * @group WIP
+ */
+class BookmarkImportTest extends PHPUnit_Framework_TestCase
+{
+ [...]
+}
+```
+
+To run all tests annotated with `@group WIP`:
+```bash
+$ vendor/bin/phpunit --group WIP tests/
+```
+
+## Running tests inside Docker containers
+
+Unit tests can be run inside [Docker](../Docker.md) containers.
+
+Test Dockerfiles are located under `tests/docker/<distribution>/Dockerfile`, and can be used to build Docker images to run Shaarli test suites under commonLinux environments. Dockerfiles are provided for the following environments:
+
+- [`alpine36`](https://github.com/shaarli/Shaarli/blob/master/tests/docker/alpine36/Dockerfile) - [Alpine Linux 3.6](https://www.alpinelinux.org/downloads/)
+- [`debian8`](https://github.com/shaarli/Shaarli/blob/master/tests/docker/debian8/Dockerfile) - [Debian 8 Jessie](https://www.debian.org/DebianJessie) (oldoldstable)
+- [`debian9`](https://github.com/shaarli/Shaarli/blob/master/tests/docker/debian9/Dockerfile) - [Debian 9 Stretch](https://wiki.debian.org/DebianStretch) (oldstable)
+- [`ubuntu16`](https://github.com/shaarli/Shaarli/blob/master/tests/docker/ubuntu16/Dockerfile) - [Ubuntu 16.04 Xenial Xerus](http://releases.ubuntu.com/16.04/) (old LTS)
+
+Each image provides:
+- a base Linux OS
+- Shaarli PHP dependencies (OS packages)
+- test PHP dependencies (OS packages)
+- Composer
+- Tests that run inside the conatiner using a standard Linux user account (running tests as `root` would bypass permission checks and may hide issues)
+
+Build a test image:
+
+```bash
+# build the Debian 9 Docker image
+cd /path/to/shaarli/tests/docker/debian9
+docker build -t shaarli-test:debian9 .
+```
+
+Run unit tests in a container:
+
+```bash
+cd /path/to/shaarli
+# install/update 3rd-party test dependencies
+composer install --prefer-dist
+# run tests using the freshly built image
+docker run -v $PWD:/shaarli shaarli-test:debian9 docker_test
+# run the full test campaign
+docker run -v $PWD:/shaarli shaarli-test:debian9 docker_all_tests
+```
-**WORK IN PROGRESS**
+# Versioning
+
+If you're maintaining a 3rd party tool for Shaarli (theme, plugin, etc.), It's important to understand how Shaarli branches work ensure your tool stays compatible.
-It's important to understand how Shaarli branches work, especially if you're maintaining a 3rd party tools for Shaarli (theme, plugin, etc.), to be sure stay compatible.
## `master` branch
- This branch shouldn't be used for production as it isn't necessary stable.
- 3rd party aren't required to be compatible with the latest changes.
- Official plugins, themes and libraries (contained within Shaarli organization repos) must be compatible with the master branch.
-- The version in this branch is always `dev`.
-## `v0.x` branch
-This `v0.x` branch, points to the latest `v0.x.y` release.
+## `v0.x` branch
-Explanation:
+The `v0.x` branch points to the latest `v0.x.y` release.
-When a new version is released, it might contains a major bug which isn't detected right away. For example, a new PHP version is released, containing backward compatibility issue which doesn't work with Shaarli.
+If a major bug affects the original `v0.x.0` release, we may [backport](https://en.wikipedia.org/wiki/Backporting) a fix for this bug from master, to the `v0.x` branch, and create a new bugfix release (eg. `v0.x.1`) from this branch.
-In this case, the issue is fixed in the `master` branch, and the fix is backported the to the `v0.x` branch. Then a new release is made from the `v0.x` branch.
+This allows users of the original release to upgrade to the fixed version, without having to upgrade to a completely new minor/major release.
-This workflow allow us to fix any major bug detected, without having to release bleeding edge feature too soon.
## `latest` branch
This branch point the latest release. It recommended to use it to get the latest tested changes.
-## `stable` branch
-
-The `stable` branch doesn't contain any major bug, and is one major digit version behind the latest release.
-
-For example, the current latest release is `v0.8.3`, the stable branch is an alias to the latest `v0.7.x` release. When the `v0.9.0` version will be released, the stable will move to the latest `v0.8.x` release.
-
-Remarks:
-
-- Shaarli release pace isn't fast, and the stable branch might be a few months behind the latest release.
## Releases
-Releases are always made from the latest `v0.x` branch.
+For every release, we manually generate a .zip file which contains all Shaarli dependencies, making Shaarli's installation only one step.
-Note that for every release, we manually generate a tarball which contains all Shaarli dependencies, making Shaarli's installation only one step.
## Advices on 3rd party git repos workflow
+++ /dev/null
-## Basics
-Install [Docker](https://www.docker.com/), by following the instructions relevant
-to your OS / distribution, and start the service.
-
-### Search an image on [DockerHub](https://hub.docker.com/)
-
-```bash
-$ docker search debian
-
-NAME DESCRIPTION STARS OFFICIAL AUTOMATED
-ubuntu Ubuntu is a Debian-based Linux operating s... 2065 [OK]
-debian Debian is a Linux distribution that's comp... 603 [OK]
-google/debian 47 [OK]
-```
-
-### Show available tags for a repository
-```bash
-$ curl https://index.docker.io/v1/repositories/debian/tags | python -m json.tool
-
-% Total % Received % Xferd Average Speed Time Time Time Current
-Dload Upload Total Spent Left Speed
-100 1283 0 1283 0 0 433 0 --:--:-- 0:00:02 --:--:-- 433
-```
-
-Sample output:
-```json
-[
- {
- "layer": "85a02782",
- "name": "stretch"
- },
- {
- "layer": "59abecbc",
- "name": "testing"
- },
- {
- "layer": "bf0fd686",
- "name": "unstable"
- },
- {
- "layer": "60c52dbe",
- "name": "wheezy"
- },
- {
- "layer": "c5b806fe",
- "name": "wheezy-backports"
- }
-]
-
-```
-
-### Pull an image from DockerHub
-```bash
-$ docker pull repository[:tag]
-
-$ docker pull debian:wheezy
-wheezy: Pulling from debian
-4c8cbfd2973e: Pull complete
-60c52dbe9d91: Pull complete
-Digest: sha256:c584131da2ac1948aa3e66468a4424b6aea2f33acba7cec0b631bdb56254c4fe
-Status: Downloaded newer image for debian:wheezy
-```
-
-Docker re-uses layers already downloaded. In other words if you have images based on Alpine or some Ubuntu version for example, those can share disk space.
-
-### Start a container
-A container is an instance created from an image, that can be run and that keeps running until its main process exits. Or until the user stops the container.
-
-The simplest way to start a container from image is ``docker run``. It also pulls the image for you if it is not locally available. For more advanced use, refer to ``docker create``.
-
-Stopped containers are not destroyed, unless you specify ``--rm``. To view all created, running and stopped containers, enter:
-```bash
-$ docker ps -a
-```
-
-Some containers may be designed or configured to be restarted, others are not. Also remember both network ports and volumes of a container are created on start, and not editable later.
-
-### Access a running container
-A running container is accessible using ``docker exec``, or ``docker copy``. You can use ``exec`` to start a root shell in the Shaarli container:
-```bash
-$ docker exec -ti <container-name-or-id> bash
-```
-Note the names and ID's of containers are listed in ``docker ps``. You can even type only one or two letters of the ID, given they are unique.
-
-Access can also be through one or more network ports, or disk volumes. Both are specified on and fixed on ``docker create`` or ``run``.
-
-You can view the console output of the main container process too:
-```bash
-$ docker logs -f <container-name-or-id>
-```
-
-### Docker disk use
-Trying out different images can fill some gigabytes of disk quickly. Besides images, the docker volumes usually take up most disk space.
-
-If you care only about trying out docker and not about what is running or saved, the following commands should help you out quickly if you run low on disk space:
-
-```bash
-$ docker rmi -f $(docker images -aq) # remove or mark all images for disposal
-$ docker volume rm $(docker volume ls -q) # remove all volumes
-```
-
-### Systemd config
-Systemd is the process manager of choice on Debian-based distributions. Once you have a ``docker`` service installed, you can use the following steps to set up Shaarli to run on system start.
-
-```bash
-systemctl enable /etc/systemd/system/docker.shaarli.service
-systemctl start docker.shaarli
-systemctl status docker.*
-journalctl -f # inspect system log if needed
-```
-
-You will need sudo or a root terminal to perform some or all of the steps above. Here are the contents for the service file:
-```
-[Unit]
-Description=Shaarli Bookmark Manager Container
-After=docker.service
-Requires=docker.service
-
-
-[Service]
-Restart=always
-
-# Put any environment you want in an included file, like $host- or $domainname in this example
-EnvironmentFile=/etc/sysconfig/box-environment
-
-# It's just an example..
-ExecStart=/usr/bin/docker run \
- -p 28010:80 \
- --name ${hostname}-shaarli \
- --hostname shaarli.${domainname} \
- -v /srv/docker-volumes-local/shaarli-data:/var/www/shaarli/data:rw \
- -v /etc/localtime:/etc/localtime:ro \
- shaarli/shaarli:latest
-
-ExecStop=/usr/bin/docker rm -f ${hostname}-shaarli
-
-
-[Install]
-WantedBy=multi-user.target
-```
+++ /dev/null
-### Docker
-
-- [Interactive Docker training portal](https://www.katacoda.com/courses/docker/) on [Katakoda](https://www.katacoda.com/)
-- [Where are Docker images stored?](http://blog.thoward37.me/articles/where-are-docker-images-stored/)
-- [Dockerfile reference](https://docs.docker.com/reference/builder/)
-- [Dockerfile best practices](https://docs.docker.com/articles/dockerfile_best-practices/)
-- [Volumes](https://docs.docker.com/userguide/dockervolumes/)
-
-### DockerHub
-
-- [Repositories](https://docs.docker.com/userguide/dockerrepos/)
-- [Teams and organizations](https://docs.docker.com/docker-hub/orgs/)
-- [GitHub automated build](https://docs.docker.com/docker-hub/github/)
-
-### Service management
-
-- [Using supervisord](https://docs.docker.com/articles/using_supervisord/)
-- [Nginx in the foreground](http://nginx.org/en/docs/ngx_core_module.html#daemon)
-- [supervisord](http://supervisord.org/)
+++ /dev/null
-## Foreword
-
-This guide assumes that:
-
-- Shaarli runs in a Docker container
-- The host's `10080` port is mapped to the container's `80` port
-- Shaarli's Fully Qualified Domain Name (FQDN) is `shaarli.domain.tld`
-- HTTP traffic is redirected to HTTPS
-
-## Apache
-
-- [Apache 2.4 documentation](https://httpd.apache.org/docs/2.4/)
- - [mod_proxy](https://httpd.apache.org/docs/2.4/mod/mod_proxy.html)
- - [Reverse Proxy Request Headers](https://httpd.apache.org/docs/2.4/mod/mod_proxy.html#x-headers)
-
-The following HTTP headers are set when the `ProxyPass` directive is set:
-
-- `X-Forwarded-For`
-- `X-Forwarded-Host`
-- `X-Forwarded-Server`
-
-The original `SERVER_NAME` can be sent to the proxied host by setting the [`ProxyPreserveHost`](https://httpd.apache.org/docs/2.4/mod/mod_proxy.html#ProxyPreserveHost) directive to `On`.
-
-```apache
-<VirtualHost *:80>
- ServerName shaarli.domain.tld
- Redirect permanent / https://shaarli.domain.tld
-</VirtualHost>
-
-<VirtualHost *:443>
- ServerName shaarli.domain.tld
-
- SSLEngine on
- SSLCertificateFile /path/to/cert
- SSLCertificateKeyFile /path/to/certkey
-
- LogLevel warn
- ErrorLog /var/log/apache2/shaarli-error.log
- CustomLog /var/log/apache2/shaarli-access.log combined
-
- RequestHeader set X-Forwarded-Proto "https"
- ProxyPreserveHost On
-
- ProxyPass / http://127.0.0.1:10080/
- ProxyPassReverse / http://127.0.0.1:10080/
-</VirtualHost>
-```
-
-
-## HAProxy
-
-- [HAProxy documentation](https://cbonte.github.io/haproxy-dconv/)
-
-```conf
-global
- [...]
-
-defaults
- [...]
-
-frontend http-in
- bind :80
- redirect scheme https code 301 if !{ ssl_fc }
-
- bind :443 ssl crt /path/to/cert.pem
-
- default_backend shaarli
-
-
-backend shaarli
- mode http
- option http-server-close
- option forwardfor
- reqadd X-Forwarded-Proto: https
-
- server shaarli1 127.0.0.1:10080
-```
-
-
-## Nginx
-
-- [Nginx documentation](https://nginx.org/en/docs/)
-
-```nginx
-http {
- [...]
-
- index index.html index.php;
-
- root /home/john/web;
- access_log /var/log/nginx/access.log;
- error_log /var/log/nginx/error.log;
-
- server {
- listen 80;
- server_name shaarli.domain.tld;
- return 301 https://shaarli.domain.tld$request_uri;
- }
-
- server {
- listen 443 ssl http2;
- server_name shaarli.domain.tld;
-
- ssl_certificate /path/to/cert
- ssl_certificate_key /path/to/certkey
-
- location / {
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header X-Forwarded-Proto $scheme;
- proxy_set_header X-Forwarded-Host $host;
-
- proxy_pass http://localhost:10080/;
- proxy_set_header Host $host;
- proxy_connect_timeout 30s;
- proxy_read_timeout 120s;
-
- access_log /var/log/nginx/shaarli.access.log;
- error_log /var/log/nginx/shaarli.error.log;
- }
- }
-}
-```
+++ /dev/null
-A brief guide on getting starting using docker is given in [Docker 101](docker-101.md).
-To learn more about user data and how to keep it across versions, please see [Upgrade and Migration](../Upgrade-and-migration.md).
-
-## Get and run a Shaarli image
-
-### DockerHub repository
-The images can be found in the [`shaarli/shaarli`](https://hub.docker.com/r/shaarli/shaarli/)
-repository.
-
-### Available image tags
-- `latest`: latest branch
-- `master`: master branch
-- `stable`: stable branch
-
-The `latest`, `master` and `stable` images rely on:
-
-- [Alpine Linux](https://www.alpinelinux.org/)
-- [PHP7-FPM](http://php-fpm.org/)
-- [Nginx](http://nginx.org/)
-
-Additional Dockerfiles are provided for the `arm32v7` platform, relying on
-[Linuxserver.io Alpine armhf
-images](https://hub.docker.com/r/lsiobase/alpine.armhf/). These images must be
-built using [`docker
-build`](https://docs.docker.com/engine/reference/commandline/build/) on an
-`arm32v7` machine or using an emulator such as
-[qemu](https://resin.io/blog/building-arm-containers-on-any-x86-machine-even-dockerhub/).
-
-### Download from Docker Hub
-```shell
-$ docker pull shaarli/shaarli
-
-latest: Pulling from shaarli/shaarli
-32716d9fcddb: Pull complete
-84899d045435: Pull complete
-4b6ad7444763: Pull complete
-e0345ef7a3e0: Pull complete
-5c1dd344094f: Pull complete
-6422305a200b: Pull complete
-7d63f861dbef: Pull complete
-3eb97210645c: Pull complete
-869319d746ff: Already exists
-869319d746ff: Pulling fs layer
-902b87aaaec9: Already exists
-Digest: sha256:f836b4627b958b3f83f59c332f22f02fcd495ace3056f2be2c4912bd8704cc98
-Status: Downloaded newer image for shaarli/shaarli:latest
-```
-
-### Create and start a new container from the image
-```shell
-# map the host's :8000 port to the container's :80 port
-$ docker create -p 8000:80 shaarli/shaarli
-d40b7af693d678958adedfb88f87d6ea0237186c23de5c4102a55a8fcb499101
-
-# launch the container in the background
-$ docker start d40b7af693d678958adedfb88f87d6ea0237186c23de5c4102a55a8fcb499101
-d40b7af693d678958adedfb88f87d6ea0237186c23de5c4102a55a8fcb499101
-
-# list active containers
-$ docker ps
-CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
-d40b7af693d6 shaarli/shaarli /usr/bin/supervisor 15 seconds ago Up 4 seconds 0.0.0.0:8000->80/tcp backstabbing_galileo
-```
-
-### Stop and destroy a container
-```shell
-$ docker stop backstabbing_galileo # those docker guys are really rude to physicists!
-backstabbing_galileo
-
-# check the container is stopped
-$ docker ps
-CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
-
-# list ALL containers
-$ docker ps -a
-CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
-d40b7af693d6 shaarli/shaarli /usr/bin/supervisor 5 minutes ago Exited (0) 48 seconds ago backstabbing_galileo
-
-# destroy the container
-$ docker rm backstabbing_galileo # let's put an end to these barbarian practices
-backstabbing_galileo
-
-$ docker ps -a
-CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
-```
-
-### Automatic builds
-Docker users can start a personal instance from an
-[autobuild image](https://hub.docker.com/r/shaarli/shaarli/).
-For example to start a temporary Shaarli at ``localhost:8000``, and keep session
-data (config, storage):
-
-```shell
-MY_SHAARLI_VOLUME=$(cd /path/to/shaarli/data/ && pwd -P)
-docker run -ti --rm \
- -p 8000:80 \
- -v $MY_SHAARLI_VOLUME:/var/www/shaarli/data \
- shaarli/shaarli
-```
-
-### Volumes and data persistence
-Data can be persisted by [using volumes](https://docs.docker.com/storage/volumes/).
-Volumes allow to keep your data when renewing and/or updating container images:
-
-```shell
-# Create data volumes
-$ docker volume create shaarli-data
-$ docker volume create shaarli-cache
-
-# Create and start a Shaarli container using these volumes to persist data
-$ docker create \
- --name shaarli \
- -v shaarli-cache:/var/www/shaarli/cache \
- -v shaarli-data:/var/www/shaarli/data \
- -p 8000:80 \
- shaarli/shaarli:master
-$ docker start shaarli
-```
+++ /dev/null
-## Backup and restore the datastore file
-
-Backup the file `data/datastore.php` (by FTP or SSH). Restore by putting the file back in place.
-
-Example command:
-```bash
-rsync -avzP my.server.com:/var/www/shaarli/data/datastore.php datastore-$(date +%Y-%m-%d_%H%M).php
-```
-
-## Export links as...
-
-To export links as an HTML file, under _Tools > Export_, choose:
-
-- _Export all_ to export both public and private links
-- _Export public_ to export public links only
-- _Export private_ to export private links only
-
-Restore by using the `Import` feature.
-
-- This can be done using the [shaarchiver](https://github.com/nodiscc/shaarchiver) tool.
-
-Example command:
-```bash
-./export-bookmarks.py --url=https://my.server.com/shaarli --username=myusername --password=mysupersecretpassword --download-dir=./ --type=all
-```
-
-## Import links from...
-
-### Diigo
-
-If you export your bookmark from Diigo, make sure you use the Delicious export, not the Netscape export. (Their Netscape export is broken, and they don't seem to be interested in fixing it.)
-
-### Mister Wong
-
-See [this issue](https://github.com/sebsauvage/Shaarli/issues/146) for import tweaks.
-
-### SemanticScuttle
-
-To correctly import the tags from a [SemanticScuttle](http://semanticscuttle.sourceforge.net/) HTML export, edit the HTML file before importing and replace all occurences of `tags=` (lowercase) to `TAGS=` (uppercase).
-
-### Scuttle
-
-Shaarli cannot import data directly from [Scuttle](https://github.com/scronide/scuttle).
-
-However, you can use the third-party [scuttle-to-shaarli](https://github.com/q2apro/scuttle-to-shaarli)
-tool to export the Scuttle database to the Netscape HTML format compatible with the Shaarli importer.
-
-### Refind
-
-You can use the third-party tool [Derefind](https://github.com/ShawnPConroy/Derefind) to convert refind.com bookmark exports to a format that can be imported into Shaarli.
-
-## Import Shaarli links to Firefox
-
-- Export your Shaarli links as described above.
- - For compatibility reasons, check `Prepend note permalinks with this Shaarli instance's URL (useful to import bookmarks in a web browser)`
-- In Firefox, open the bookmark manager (not the sidebar! `Bookmarks menu > Show all bookmarks` or `Ctrl+Shift+B`)
-- Select `Import and Backup > Import bookmarks in HTML format`
-
-Your bookmarks will be imported in Firefox, ready to use, with tags and descriptions retained. "Self" (notes) shaares will still point to the Shaarli instance you exported them from, but the note text can be viewed directly in the bookmark properties inside your browser. Depending on the number of bookmarks, the import can take some time.
-
-You may be interested in these Firefox addons to manage links imported from Shaarli
-
-- [Bookmark Deduplicator](https://addons.mozilla.org/en-US/firefox/addon/bookmark-deduplicator/) - provides an easy way to deduplicate your bookmarks
-- [TagSieve](https://addons.mozilla.org/en-US/firefox/addon/tagsieve/) - browse your bookmarks by their tags
+++ /dev/null
-_Last updated on 2018-07-01._
-
-## Goals
-- Getting a Virtual Private Server (VPS)
-- Running Shaarli:
- - as a Docker container,
- - using the Træfik reverse proxy,
- - securized with TLS certificates from Let's Encrypt.
-
-
-The following components and tools will be used:
-
-- [Debian](https://www.debian.org/), a GNU/Linux distribution widely used in
- server environments;
-- [Docker](https://docs.docker.com/engine/docker-overview/), an open platform
- for developing, shipping, and running applications;
-- [Docker Compose](https://docs.docker.com/compose/), a tool for defining and
- running multi-container Docker applications.
-
-
-More information can be found in the [Resources](#resources) section at the
-bottom of the guide.
-
-## Getting a Virtual Private Server
-For this guide, I went for the smallest VPS available from DigitalOcean,
-a Droplet with 1 CPU, 1 GiB RAM and 25 GiB SSD storage, which costs
-$5/month ($0.007/hour):
-
-- [Droplets Overview](https://www.digitalocean.com/docs/droplets/overview/)
-- [Pricing](https://www.digitalocean.com/pricing/)
-- [How to Create a Droplet from the DigitalOcean Control Panel](https://www.digitalocean.com/docs/droplets/how-to/create/)
-- [How to Add SSH Keys to Droplets](https://www.digitalocean.com/docs/droplets/how-to/add-ssh-keys/)
-- [Initial Server Setup with Debian 8](https://www.digitalocean.com/community/tutorials/initial-server-setup-with-debian-8) (also applies to Debian 9)
-- [An Introduction to Securing your Linux VPS](https://www.digitalocean.com/community/tutorials/an-introduction-to-securing-your-linux-vps)
-
-### Creating a Droplet
-Select `Debian 9` as the Droplet distribution:
-
-<img src="../images/01-create-droplet-distro.jpg"
- width="500px"
- alt="Droplet distribution" />
-
-Choose a region that is geographically close to you:
-
-<img src="../images/02-create-droplet-region.jpg"
- width="500px"
- alt="Droplet region" />
-
-Choose a Droplet size that corresponds to your usage and budget:
-
-<img src="../images/03-create-droplet-size.jpg"
- width="500px"
- alt="Droplet size" />
-
-Finalize the Droplet creation:
-
-<img src="../images/04-finalize.jpg"
- width="500px"
- alt="Droplet finalization" />
-
-Droplet information is displayed on the Control Panel:
-
-<img src="../images/05-droplet.jpg"
- width="500px"
- alt="Droplet summary" />
-
-Once your VPS has been created, you will receive an e-mail with connection
-instructions.
-
-## Obtaining a domain name
-After creating your VPS, it will be reachable using its IP address; some hosting
-providers also create a DNS record, e.g. `ns4853142.ip-01-47-127.eu`.
-
-A domain name (DNS record) is required to obtain a certificate and setup HTTPS
-(HTTP with TLS encryption).
-
-Domain names can be obtained from registrars through hosting providers such as
-[Gandi](https://www.gandi.net/en/domain).
-
-Once you have your own domain, you need to create a new DNS record that points
-to your VPS' IP address:
-
-<img src="../images/06-domain.jpg"
- width="650px"
- alt="Domain configuration" />
-
-## Host setup
-Now's the time to connect to your freshly created VPS!
-
-```shell
-$ ssh root@188.166.85.8
-
-Linux stretch-shaarli-02 4.9.0-6-amd64 #1 SMP Debian 4.9.88-1+deb9u1 (2018-05-07) x86_64
-
-The programs included with the Debian GNU/Linux system are free software;
-the exact distribution terms for each program are described in the
-individual files in /usr/share/doc/*/copyright.
-
-Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
-permitted by applicable law.
-Last login: Sun Jul 1 11:20:18 2018 from <REDACTED>
-
-root@stretch-shaarli-02:~$
-```
-
-### Updating the system
-```shell
-root@stretch-shaarli-02:~$ apt update && apt upgrade -y
-```
-
-### Setting up Docker
-_The following instructions are from the
-[Get Docker CE for Debian](https://docs.docker.com/install/linux/docker-ce/debian/)
-guide._
-
-Install package dependencies:
-
-```shell
-root@stretch-shaarli-02:~$ apt install -y apt-transport-https ca-certificates curl gnupg2 software-properties-common
-```
-
-Add Docker's package repository GPG key:
-
-```shell
-root@stretch-shaarli-02:~$ curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -
-```
-
-Add Docker's package repository:
-
-```shell
-root@stretch-shaarli-02:~$ add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/debian stretch stable"
-```
-
-Update package lists and install Docker:
-
-```shell
-root@stretch-shaarli-02:~$ apt update && apt install -y docker-ce
-```
-
-Verify Docker is properly configured by running the `hello-world` image:
-
-```shell
-root@stretch-shaarli-02:~$ docker run hello-world
-```
-
-### Setting up Docker Compose
-_The following instructions are from the
-[Install Docker Compose](https://docs.docker.com/compose/install/)
-guide._
-
-Download the current version from the release page:
-
-```shell
-root@stretch-shaarli-02:~$ curl -L https://github.com/docker/compose/releases/download/1.21.2/docker-compose-$(uname -s)-$(uname -m) -o /usr/local/bin/docker-compose
-root@stretch-shaarli-02:~$ chmod +x /usr/local/bin/docker-compose
-```
-
-## Running Shaarli
-Shaarli comes with a configuration file for Docker Compose, that will setup:
-
-- a local Docker network
-- a Docker [volume](https://docs.docker.com/storage/volumes/) to store Shaarli data
-- a Docker [volume](https://docs.docker.com/storage/volumes/) to store Træfik TLS configuration and certificates
-- a [Shaarli](https://hub.docker.com/r/shaarli/shaarli/) instance
-- a [Træfik](https://hub.docker.com/_/traefik/) instance
-
-[Træfik](https://docs.traefik.io/) is a modern HTTP reverse proxy, with native
-support for Docker and [Let's Encrypt](https://letsencrypt.org/).
-
-### Compose configuration
-Create a new directory to store the configuration:
-
-```shell
-root@stretch-shaarli-02:~$ mkdir shaarli && cd shaarli
-root@stretch-shaarli-02:~/shaarli$
-```
-
-Download the current version of Shaarli's `docker-compose.yml`:
-
-```shell
-root@stretch-shaarli-02:~/shaarli$ curl -L https://raw.githubusercontent.com/shaarli/Shaarli/master/docker-compose.yml -o docker-compose.yml
-```
-
-Create the `.env` file and fill in your VPS and domain information (replace
-`<MY_SHAARLI_DOMAIN>` and `<MY_CONTACT_EMAIL>` with your actual information):
-
-```shell
-root@stretch-shaarli-02:~/shaarli$ vim .env
-```
-
-```shell
-SHAARLI_VIRTUAL_HOST=<MY_SHAARLI_DOMAIN>
-SHAARLI_LETSENCRYPT_EMAIL=<MY_CONTACT_EMAIL>
-```
-
-### Pull the Docker images
-```shell
-root@stretch-shaarli-02:~/shaarli$ docker-compose pull
-Pulling shaarli ... done
-Pulling traefik ... done
-```
-
-### Run!
-```shell
-root@stretch-shaarli-02:~/shaarli$ docker-compose up -d
-Creating network "shaarli_http-proxy" with the default driver
-Creating volume "shaarli_traefik-acme" with default driver
-Creating volume "shaarli_shaarli-data" with default driver
-Creating shaarli_shaarli_1 ... done
-Creating shaarli_traefik_1 ... done
-```
-
-## Conclusion
-Congratulations! Your Shaarli instance should be up and running, and available
-at `https://<MY_SHAARLI_DOMAIN>`.
-
-<img src="../images/07-installation.jpg"
- width="500px"
- alt="Shaarli installation page" />
-
-## Resources
-### Related Shaarli documentation
-- [Docker 101](../docker/docker-101.md)
-- [Shaarli images](../docker/shaarli-images.md)
-
-### Hosting providers
-- [DigitalOcean](https://www.digitalocean.com/)
-- [Gandi](https://www.gandi.net/en)
-- [OVH](https://www.ovh.co.uk/)
-- [RackSpace](https://www.rackspace.com/)
-- etc.
-
-### Domain Names and Registrars
-- [Introduction to the Domain Name System (DNS)](https://opensource.com/article/17/4/introduction-domain-name-system-dns)
-- [ICANN](https://www.icann.org/)
-- [Domain name registrar](https://en.wikipedia.org/wiki/Domain_name_registrar)
-- [OVH Domain Registration](https://www.ovh.co.uk/domains/)
-- [Gandi Domain Registration](https://www.gandi.net/en/domain)
-
-### HTTPS and Security
-- [Transport Layer Security](https://en.wikipedia.org/wiki/Transport_Layer_Security)
-- [Let's Encrypt](https://letsencrypt.org/)
-
-### Docker
-- [Docker Overview](https://docs.docker.com/engine/docker-overview/)
-- [Docker Documentation](https://docs.docker.com/)
-- [Get Docker CE for Debian](https://docs.docker.com/install/linux/docker-ce/debian/)
-- [docker logs](https://docs.docker.com/engine/reference/commandline/logs/)
-- [Volumes](https://docs.docker.com/storage/volumes/)
-- [Install Docker Compose](https://docs.docker.com/compose/install/)
-- [docker-compose logs](https://docs.docker.com/compose/reference/logs/)
-
-### Træfik
-- [Getting Started](https://docs.traefik.io/)
-- [Docker backend](https://docs.traefik.io/configuration/backends/docker/)
-- [Let's Encrypt and Docker](https://docs.traefik.io/user-guide/docker-and-lets-encrypt/)
-- [traefik](https://hub.docker.com/_/traefik/) Docker image
+++ /dev/null
-### Decode datastore content
-
-To display the array representing the data saved in `data/datastore.php`, use the following snippet:
-
-```php
-$data = "tZNdb9MwFIb... <Commented content inside datastore.php>";
-$out = unserialize(gzinflate(base64_decode($data)));
-echo "<pre>"; // Pretty printing is love, pretty printing is life
-print_r($out);
-echo "</pre>";
-exit;
-```
-This will output the internal representation of the datastore, "unobfuscated" (if this can really be considered obfuscation).
-
-Alternatively, you can transform to JSON format (and pretty-print if you have `jq` installed):
-```
-php -r 'print(json_encode(unserialize(gzinflate(base64_decode(preg_replace("!.*/\* (.+) \*/.*!", "$1", file_get_contents("data/datastore.php")))))));' | jq .
-```
-
-### See also
-
-- [Add a new custom field to shaares (example patch)](https://gist.github.com/nodiscc/8b0194921f059d7b9ad89a581ecd482c)
-- [Copy an existing Shaarli installation over SSH, and serve it locally](https://gist.github.com/nodiscc/ed161c66e5b028b5299b0a3733d01c77)
-- [Create multiple Shaarli instances, generate an HTML index of them](https://gist.github.com/nodiscc/52e711cda3bc47717c16065231cf6b20)
The personal, minimalist, super-fast, database free, bookmarking service.
-Do you want to share the links you discover?
-Shaarli is a minimalist bookmark manager and link sharing service that you can install on your own server.
-It is designed to be personal (single-user), fast and handy.
-
-<!-- TODO screenshots -->
+Do you want to share the links you discover? Shaarli is a minimalist bookmark manager and link sharing service that you can install on your own server. It is designed to be personal (single-user), fast and handy.
Visit the pages in the sidebar to find information on how to setup, use, configure, tweak and troubleshoot Shaarli.
-
* [GitHub project page](https://github.com/shaarli/Shaarli)
-* [Online documentation](https://shaarli.readthedocs.io/)
-* [Latest releases](https://github.com/shaarli/Shaarli/releases)
+* [Documentation](https://shaarli.readthedocs.io/)
* [Changelog](https://github.com/shaarli/Shaarli/blob/master/CHANGELOG.md)
+[](https://i.imgur.com/WWPfSj0.png) [](https://i.imgur.com/V09kAQt.png) [](https://i.imgur.com/TZzGHMs.png) [](https://i.imgur.com/sfJJ6NT.png) [](https://i.imgur.com/QsedIuJ.png) [](https://i.imgur.com/KdtF8Ll.png) [](https://i.imgur.com/27wYsbC.png) [](https://i.imgur.com/zGF4d6L.jpg)
+
+
+
## Demo
You can use this [public demo instance of Shaarli](https://demo.shaarli.org).
Login: `demo`; Password: `demo`
+## Getting started
+
+- [Configure your server](Server-configuration.md)
+- [Install Shaarli](Installation.md)
+- Or install Shaarli using [Docker](Docker.md)
+
+
## Features
Shaarli can be used:
-- to share, comment and save interesting links and news
+- to share, comment and save interesting links
- to bookmark useful/frequent links and share them between computers
- as a minimal blog/microblog/writing platform
-- as a read-it-later list
-- to draft and save articles/posts/ideas
-- to keep notes, documentation and code snippets
-- as a shared clipboard/notepad/pastebin between machines
-- as a todo list
-- to store media playlists
-- to keep extracts/comments from webpages that may disappear.
-- to keep track of ongoing discussions
-- to feed other blogs, aggregators, social networks... using RSS feeds
+- as a read-it-later/todo list
+- as a notepad to draft and save articles/posts/ideas
+- as a knowledge base to keep notes, documentation and code snippets
+- as a shared clipboard/notepad/pastebin between computers
+- as playlist manager for online media
+- to feed other blogs, aggregators, social networks...
### Edit, view and search your links
-- Minimalist design
-- FAST
-- Customizable link titles and descriptions
-- Tags to organize your links (features tag autocompletion, renaming, merging and deletion)
-- Search by tag or using the full-text search
-- Public and private links (visible only to logged-in users)
-- Unique permalinks for easy reference
-- Paginated link list (with image and video thumbnails)
-- Tag cloud and list views
-- Picture wall: image and video thumbnails view (with lazy loading)
-- ATOM and RSS feeds (can also be filtered using tags or text search)
-- Daily: newspaper-like daily digest (and daily RSS feed)
-- URL cleanup: automatic removal of `?utm_source=...`, `fb=...`
-- Extensible through [plugins](https://shaarli.readthedocs.io/en/master/Plugins/#plugin-usage)
-
-### Easy setup
-
-- Dead-simple installation: drop the files, open the page
-- Links are stored in a file (no database required, easy backup: simply copy the datastore file)
-- Import and export links as Netscape bookmarks compatible with most Web browsers
-
-### Accessibility
-
-- Bookmarklet and other tools to share links in one click
-- Support for mobile browsers
-- Degrades gracefully with Javascript disabled
-- Easy page customization through HTML/CSS/RainTPL
-
-### Security
-
-- Discreet pop-up notification when a new release is available
-- Bruteforce protection on the login form
-- Protected against [XSRF](http://en.wikipedia.org/wiki/Cross-site_request_forgery) and session cookie hijacking
+- Editable URL, title, description, tags, private/public status for all your [Shaares](Usage.md)
+- [Tags](Usage.md#tags) to organize your Shaares
+- [Search](Usage.md#search) in all fields
+- Unique [permalinks](Usage.md#permalinks) for easy reference
+- Paginated Shaares list view (with image and video thumbnails)
+- [Tag cloud/list](Usage#tag-cloud) views
+- [Picture wall](Usage#picture-wall)/thumbnails view (with lazy loading)
+- [ATOM and RSS feeds](Usage.md#rss-feeds) (can also be filtered using tags or text search)
+- [Daily](Usage.md#daily): newspaper-like daily digest (and daily RSS feed)
+- URL cleanup: automatic removal of `?utm_source=...`, `fb=...` tracking parameters
+- Extensible through [plugins](Plugins.md)
+- Easily extensible by any client using the [REST API](REST-API.md) exposed by Shaarli
+- Bookmarklet and [other tools](Community-and-related-software.md) to share links in one click
+- Responsive/support for mobile browsers, degrades gracefully with Javascript disabled
-<!-- TODO Limitations -->
-### REST API
-
-- Easily extensible by any client using the REST API exposed by Shaarli ([API documentation](http://shaarli.github.io/api-documentation/)).
+### Easy setup
+- Dead-simple [installation](Installation.md): drop the files on your server, open the page
+- Shaares are stored in a file (no database required, easy [backup](Backup-and-restore.md))
+- [Configurable](Shaarli-configuration.md) from dialog and configuration file
+- Extensible through third-party [plugins and themes](Community-and-related-software.md)
-## Screenshots
+### Fast
-[](https://i.imgur.com/WWPfSj0.png) [](https://i.imgur.com/TZzGHMs.png) [](https://i.imgur.com/27wYsbC.png) [](https://i.imgur.com/0f5faqw.png) [](https://i.imgur.com/zGF4d6L.jpg) [](https://i.imgur.com/sfJJ6NT.png) [](https://i.imgur.com/QsedIuJ.png) [](https://i.imgur.com/KdtF8Ll.png) [](https://i.imgur.com/boaaibC.png) [](https://i.imgur.com/Ib9O7n3.png)
+- Fast! Small datastore file, write-once/read-many, served most of the time from OS disk caches (no disk I/O)
+- Stays fast with even tens of thousands shaares!
+### Self-hosted
+- Shaarli is an alternative to commercial services such as StumbleUpon, Delicio.us, Diigo...
+- The data is yours, [import and export](Usage#import-export) it to HTML bookmarksformat compatible with most web browser, and from a variety of formats
+- Shaarli does not send any telemetry/metrics/private information to developers
+- Shaarli is Free and Open-Source software, inspect and change how the program works in the [source code](https://github.com/shaarli/Shaarli)
+- Built-in [Security](dev/Development.md#security) features to help you protect your Shaarli instance
## About
-### Shaarli community fork
-
-This friendly fork is maintained by the Shaarli community at <https://github.com/shaarli/Shaarli>
-
-This is a community fork of the original [Shaarli](https://github.com/sebsauvage/Shaarli/) project by [Sébastien Sauvage](http://sebsauvage.net/).
-
-The original project is currently unmaintained, and the developer [has informed us](https://github.com/sebsauvage/Shaarli/issues/191) that he would have no time to work on Shaarli in the near future.
+This [community fork](https://github.com/shaarli/Shaarli) of the original [Shaarli](https://github.com/sebsauvage/Shaarli/) project by [Sébastien Sauvage](http://sebsauvage.net/) (now [unmaintained](https://github.com/sebsauvage/Shaarli/issues/191)) has carried on the work to provide [many patches](https://github.com/shaarli/Shaarli/compare/sebsauvage:master...master) for [bug fixes and enhancements](https://github.com/shaarli/Shaarli/issues?q=is%3Aclosed+) in this repository, and will keep maintaining the project for the foreseeable future, while keeping Shaarli simple and efficient.
-The Shaarli community has carried on the work to provide [many
-patches](https://github.com/shaarli/Shaarli/compare/sebsauvage:master...master) for
-[bug fixes and enhancements](https://github.com/shaarli/Shaarli/issues?q=is%3Aclosed+)
-in this repository, and will keep maintaining the project for the foreseeable
-future, while keeping Shaarli simple and efficient.
+The original Shaarli instance is still available [here](https://sebsauvage.net/links/) (+25000 shaares!)
### Contributing and getting help
-Feedback is very appreciated!
+Feedback is very appreciated! Feel free to propose solutions to existing problems, help us improve the documentation and translations, and submit pull requests :-)
-- If you have any questions or ideas, please join the [chat](https://gitter.im/shaarli/Shaarli) (also reachable via [IRC](https://irc.gitter.im/)), post them in our [general discussion](https://github.com/shaarli/Shaarli/issues/308) or read the current [issues](https://github.com/shaarli/Shaarli/issues).
-- Have a look at the open [issues](https://github.com/shaarli/Shaarli/issues) and [pull requests](https://github.com/shaarli/Shaarli/pulls)
-- If you would like a feature added to Shaarli, check the issues labeled [`feature`](https://github.com/shaarli/Shaarli/labels/feature), [`enhancement`](https://github.com/shaarli/Shaarli/labels/enhancement), and [`plugin`](https://github.com/shaarli/Shaarli/labels/plugin).
-- If you've found a bug, please create a [new issue](https://github.com/shaarli/Shaarli/issues/new).
-- Feel free to propose solutions to existing problems, help us improve the documentation and translations, and submit pull requests :-)
+See [Support](Troubleshooting.md#support) to get in touch with the Shaarli community.
### License
pages:
- Home: index.md
- Setup:
- - Download and Installation: Download-and-Installation.md
- - Upgrade and migration: Upgrade-and-migration.md
- Server configuration: Server-configuration.md
- - Server security: Server-security.md
+ - Installation: Installation.md
+ - Docker: Docker.md
+ - Reverse Proxy: Reverse-proxy.md
+ - Backup and restore: Backup-and-restore.md
- Shaarli configuration: Shaarli-configuration.md
- Plugins: Plugins.md
-- Docker:
- - Docker 101: docker/docker-101.md
- - Shaarli images: docker/shaarli-images.md
- - Reverse proxy configuration: docker/reverse-proxy-configuration.md
- - Docker resources: docker/resources.md
+ - Upgrade and migration: Upgrade-and-migration.md
- Usage:
- - Browsing and searching: Browsing-and-searching.md
- - Sharing content: Sharing-content.md
- - RSS feeds: RSS-feeds.md
+ - Usage: Usage.md
- REST API: REST-API.md
- - Community & Related software: Community-&-Related-software.md
-- Guides:
- - Install Shaarli on Debian 9 with Docker: guides/install-shaarli-with-debian9-and-docker.md
- - Backup, restore, import and export: guides/backup-restore-import-export.md
- - Various hacks: guides/various-hacks.md
+ - Community and Related software: Community-and-related-software.md
- Development:
- - Development guidelines: Development-guidelines.md
- - Continuous integration tools: Continuous-integration-tools.md
- - GnuPG signature: GnuPG-signature.md
- - Directory structure: Directory-structure.md
- - Link Structure: Link-structure.md
- - 3rd party libraries: 3rd-party-libraries.md
- - Plugin System: Plugin-System.md
- - Release Shaarli: Release-Shaarli.md
- - Versioning and Branches: Versioning-and-Branches.md
- - Security: Security.md
- - Static analysis: Static-analysis.md
- - Translations: Translations.md
- - Theming: Theming.md
- - Unit tests: Unit-tests.md
-- FAQ: FAQ.md
+ - Development: dev/Development.md
+ - Versioning: dev/Versioning.md
+ - GnuPG signature: dev/GnuPG-signature.md
+ - Plugin System: dev/Plugin-system.md
+ - Translations: dev/Translations.md
+ - Release Shaarli: dev/Release-Shaarli.md
+ - Theming: dev/Theming.md
+ - Unit tests: dev/Unit-tests.md
- Troubleshooting: Troubleshooting.md
#### Installation and setup
-This is a default Shaarli plugin, you just have to enable it. See https://shaarli.readthedocs.io/en/master/Shaarli-configuration/
+This is a default Shaarli plugin, you just have to enable it. See [Shaarli configuration](../../doc/md/Shaarli-configuration.md).
#### Troubleshooting
-If your server has [Content Security Policy](http://content-security-policy.com/) headers enabled, this may prevent the script from loading fully. You should relax the CSP in your server settings. Example CSP rule for apache2:
-
-In `/etc/apache2/conf-available/shaarli-csp.conf`:
+If your server has [Content Security Policy](http://content-security-policy.com/) headers enabled, this may prevent the script from loading fully. You should relax the CSP in your server settings. Example CSP rule for apache2:
```apache
<Directory /path/to/shaarli>
+ # Required for playvideos plugin
Header set Content-Security-Policy "script-src 'self' 'unsafe-inline' https://www.youtube.com https://s.ytimg.com 'unsafe-eval'"
</Directory>
```
-Then run `a2enconf shaarli-csp; service apache2 reload`
+You may place the `Header` directive in the `<Directory...` section of your [webserver configuration](../../doc/md/Server-configuration.md)/virtualhost file, or write the above snippet to `/etc/apache2/conf-available/shaarli-csp.conf`; then run `a2enconf shaarli-csp; service apache2 reload`.
### License
```
projects / github / shaarli / Shaarli.git / commitdiff
