1
0
mirror of https://github.com/PrivSec-dev/privsec.dev synced 2024-12-21 04:11:33 -05:00

Switch to Netlify

Signed-off-by: Tommy <contact@tommytran.io>
This commit is contained in:
Tommy 2022-07-21 11:22:12 -04:00 committed by tommytran732
parent d83e623eb8
commit 3b04829457
No known key found for this signature in database
GPG Key ID: 060B29EB996BD9F2
18 changed files with 62 additions and 256 deletions

View File

@ -1,5 +0,0 @@
{
"projects": {
"default": "privsec-356523"
}
}

View File

@ -1,36 +0,0 @@
# This file was auto-generated by the Firebase CLI
# https://github.com/firebase/firebase-tools
name: Deploy to Firebase Hosting on merge
'on':
push:
branches:
- main
jobs:
Build_and_Deploy:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
with:
submodules: true # Fetch Hugo themes (true OR recursive)
fetch-depth: 0 # Fetch all history for .GitInfo and .Lastmod
#- name: Fecth External Blog
# run: ./external-blogs.sh
- name: Hugo setup
uses: peaceiris/actions-hugo@v2
with:
hugo-version: 'latest'
- name: Build
run: hugo --minify
- name: Deploy
uses: FirebaseExtended/action-hosting-deploy@v0
with:
repoToken: '${{ secrets.GITHUB_TOKEN }}'
firebaseServiceAccount: '${{ secrets.FIREBASE_SERVICE_ACCOUNT_PRIVSEC_356523 }}'
channelId: live
projectId: privsec-356523

View File

@ -1,47 +0,0 @@
name: Deploy to Firebase Hosting on PR
on:
workflow_run:
workflows: ["Build Hugo site on PR"]
types:
- completed
jobs:
Preview:
runs-on: ubuntu-latest
if: >
${{ github.event.workflow_run.event == 'pull_request' &&
github.event.workflow_run.conclusion == 'success' }}
steps:
- name: Download artifact
uses: actions/github-script@v3.1.0
with:
script: |
var artifacts = await github.actions.listWorkflowRunArtifacts({
owner: context.repo.owner,
repo: context.repo.repo,
run_id: ${{github.event.workflow_run.id }},
});
var matchArtifact = artifacts.data.artifacts.filter((artifact) => {
return artifact.name == "hugo"
})[0];
var download = await github.actions.downloadArtifact({
owner: context.repo.owner,
repo: context.repo.repo,
artifact_id: matchArtifact.id,
archive_format: 'zip',
});
var fs = require('fs');
fs.writeFileSync('${{github.workspace}}/hugo.zip', Buffer.from(download.data));
- name: Unzip artifact
run: unzip hugo.zip
- name: Remove artifact zip
run: rm hugo.zip
- name: Deploy to Firebase
uses: FirebaseExtended/action-hosting-deploy@v0
with:
repoToken: '${{ secrets.GITHUB_TOKEN }}'
firebaseServiceAccount: '${{ secrets.FIREBASE_SERVICE_ACCOUNT_PRIVSEC_356523 }}'
projectId: privsec-356523

View File

@ -1,31 +0,0 @@
# This file was auto-generated by the Firebase CLI
# https://github.com/firebase/firebase-tools
name: Build Hugo site on PR
'on': pull_request
jobs:
Build_Hugo_Site:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
with:
submodules: true # Fetch Hugo themes (true OR recursive)
fetch-depth: 0 # Fetch all history for .GitInfo and .Lastmod
#- name: Fecth External Blog
# run: ./external-blogs.sh
- name: Hugo setup
uses: peaceiris/actions-hugo@v2
with:
hugo-version: 'latest'
- name: Build Hugo site
run: hugo --minify
- name: Upload artifact
uses: actions/upload-artifact@v2
with:
name: hugo
path: .

74
.gitignore vendored
View File

@ -1,69 +1,7 @@
# Logs
logs
*.log
npm-debug.log*
yarn-debug.log*
yarn-error.log*
firebase-debug.log*
firebase-debug.*.log*
# Firebase cache
.firebase/
# Firebase config
# Uncomment this if you'd like others to create their own Firebase project.
# For a team working on the same Firebase project(s), it is recommended to leave
# it commented so all members can deploy to the same project(s) in .firebaserc.
# .firebaserc
# Runtime data
pids
*.pid
*.seed
*.pid.lock
# Directory for instrumented libs generated by jscoverage/JSCover
lib-cov
# Coverage directory used by tools like istanbul
coverage
# nyc test coverage
.nyc_output
# Grunt intermediate storage (http://gruntjs.com/creating-plugins#storing-task-files)
.grunt
# Bower dependency directory (https://bower.io/)
bower_components
# node-waf configuration
.lock-wscript
# Compiled binary addons (http://nodejs.org/api/addons.html)
build/Release
# Dependency directories
node_modules/
# Optional npm cache directory
.npm
# Optional eslint cache
.eslintcache
# Optional REPL history
.node_repl_history
# Output of 'npm pack'
*.tgz
# Yarn Integrity file
.yarn-integrity
# dotenv environment variables file
.env
# Ignore .DS_Store files (macOS)
.DS_Store
.DS_Store
# Ignore Hugo generated files
public/
resources/
.hugo_build.lock

View File

View File

@ -1,6 +1,5 @@
baseURL: "https://privsec.dev"
title: PrivSec.dev
paginate: 5
theme: PaperMod
enableRobotsTXT: true
@ -55,6 +54,8 @@ params:
url: "https://github.com/PrivSec-dev"
- name: matrix
url: "https://matrix.to/#/#privsec:arcticfoxes.net"
- name: twitter
url: "https://twitter.com/privsec_dev"
- name: email
url: "mailto:contact@privsec.dev"
- name: rss
@ -136,4 +137,4 @@ privacy:
simple: false
youtube:
disable: false
privacyEnhanced: true
privacyEnhanced: true

View File

@ -1,11 +1,12 @@
---
title: "About Us"
date: 2022-07-16
lastmod: 2022-07-21
---
PrivSec.dev is made by a group of enthusiastic individuals looking to provide practical privacy and security advice for the end user. We are security researchers, developers, system administrators... generally people with technical knowledge and work in the field.
We focus on in-depth system configuration, security analysis, and software/hardware recommendations. Our site is based on technical merits, not ideologies and politics.
Just stick with Windows, Google Chrome, don't use 2FA.
---
### Tommy

View File

@ -1,5 +1,7 @@
---
title: "Code of Conflict"
date: 2022-07-18
lastmod: 2022-07-21
---
The development effort of PrivSec.dev is a very personal process compared to “traditional” ways of developing a community website. Your recommendations and ideas behind it will be carefully reviewed, often resulting in critique and criticism. Know that this happens because everyone involved wants to see the best possible solution for the overall success of PrivSec.dev.

View File

@ -1,5 +1,7 @@
---
title: "Donate"
date: 2022-07-16
las
---
The domain costs us $12/year to renew from Google. We got our repository hosted for free on GitHub. We got our site hosted for free with Firebase. It costs Tommy ~$20/month to run the mail server, but that server is used for a bunch of his projects, not just PrivSec, and we doubt it will be used that much anyways. The point is, this website does not cost much to run, and as such we will not be accepting donation as a project.

View File

@ -1,5 +1,7 @@
---
title: "Privacy Policy"
date: 2022-07-18
lastmod: 2022-07-21
---
PrivSec.dev as a project does not collect any personal information. We do not log your IPs, collect your fingerprints, or run any sort of analytics on you. In sort, we do not care who you are, what you do, or how you are using our website. It is none of our business.
@ -12,9 +14,9 @@ Services like Disqus, Instagram, and Google Analytics are disabled. We do link t
## Hosting Provider
We use Google Domains, Google DNS, and Google Firebase Hosting to run our website. We turn Google Analytics off for our project, so it should not collect any data on you.
We use Google Domains, Google DNS. We host our website on Netlify. We turn Netlify Analytics off for our project, so we do not have any information about you. We do not use Netlify assets optimization, so nothing is hosted on CloudFront.
For the Privacy Policy of Firebase Hosting, please check out [this link](https://firebase.google.com/support/privacy).
Netlify does store your IP address and access logs for less than 30 days. Please check out [this link](https://www.netlify.com/gdpr-ccpa/) for their policy regarding this. Their general privacy policy can be found [here](https://www.netlify.com/gdpr-ccpa/).
## Git Repository
@ -32,4 +34,5 @@ Direct or private messages with individuals are end to end encrypted by default.
## Email
Our mail server is hosted by Tommy on his own Dedicated Server colocated in the United Kingdom. Many of us use our @privsec.dev email as an alias and forward it to another email provider. The privacy of your emails with us is the same as with any other person you communicate with using this protocol - the hosting providers can read all of your conversations with us unless you are using PGP, and even when you use PGP there is no metadata protection.
Our mail server is hosted by Tommy on his own Dedicated Server colocated in the United Kingdom. Many of us use our @privsec.dev email as an alias and forward it to another email provider. The privacy of your emails with us is the same as with any other person you communicate with using this protocol - the hosting providers can read all of your conversations with us unless you are using PGP, and even when you use PGP there is no metadata protection.

View File

@ -3,6 +3,6 @@ title: "Search" # in any language you want
layout: "search" # is necessary
# url: "/archive"
# description: "Description for Search"
summary: "search"
summary: "Search"
placeholder: "Enter your search query"
---

View File

@ -1,57 +0,0 @@
{
"hosting": {
"public": "public",
"headers": [
{
"source": "*",
"headers": [
{
"key": "Content-Security-Policy",
"value": "block-all-mixed-content; form-action 'none'; frame-ancestors 'self'"
},
{
"key": "X-Content-Type-Options",
"value": "nosniff"
},
{
"key": "Referrer-Policy",
"value": "no-referrer"
},
{
"key": "Cross-Origin-Opener-Policy",
"value": "same-origin"
},
{
"key": "Cross-Origin-Embedder-Policy",
"value": "require-corp"
},
{
"key": "X-Frame-Options",
"value": "DENY"
},
{
"key": "X-XSS-Protection",
"value": "0"
},
{
"key": "Permissions-Policy",
"value": "accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), sync-xhr=(), usb=(), xr-spatial-tracking=()"
},
{
"key": "Cross-Origin-Resource-Policy",
"value": "same-origin"
},
{
"key": "Expect-CT",
"value": "enforce, max-age=63072000"
}
]
}
],
"ignore": [
"firebase.json",
"**/.*",
"**/node_modules/**"
]
}
}

View File

@ -0,0 +1,19 @@
{{- $pages := where site.RegularPages.ByTitle "Type" "in" site.Params.mainSections }}
{{- if and (gt (len $pages) 1) (in $pages . ) }}
<nav class="paginav">
{{- with $pages.Next . }}
<a class="prev" href="{{ .Permalink }}">
<span class="title">« {{ i18n "prev_page" }}</span>
<br>
<span>{{- .Name -}}</span>
</a>
{{- end }}
{{- with $pages.Prev . }}
<a class="next" href="{{ .Permalink }}">
<span class="title">{{ i18n "next_page" }} »</span>
<br>
<span>{{- .Name -}}</span>
</a>
{{- end }}
</nav>
{{- end }}

16
netlify.toml Normal file
View File

@ -0,0 +1,16 @@
[[headers]]
for = "/*"
[headers.values]
Strict-Transport-Security = "max-age=63072000; includeSubDomains; preload"
Content-Security-Policy = "default-src 'self'; script-src 'self' 'unsafe-inline'; form-action 'none'; frame-ancestors 'none'; block-all-mixed-content; base-uri 'none'"
X-Content-Type-Options = "nosniff"
Referrer-Policy = "no-referrer"
Cross-Origin-Opener-Policy = "same-origin"
Cross-Origin-Embedder-Policy = "require-corp"
X-Frame-Options = "DENY"
X-XSS-Protection = "0"
Permissions-Policy = "accelerometer=(), autoplay=(), camera=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), hid=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), xr-spatial-tracking=()"
Cross-Origin-Resource-Policy = "same-origin"
[context.deploy-preview]
command = "hugo -b $DEPLOY_PRIME_URL"

File diff suppressed because one or more lines are too long

View File

@ -1 +0,0 @@
{"Target":"main.4e5c639214707eff609bb55fe49e183dee42258a73bc90e4cc7b0a84f900798a.css","MediaType":"text/css","Data":{"Integrity":"sha256-TlxjkhRwfv9gm7Vf5J4YPe5CJYpzvJDkzHsKhPkAeYo="}}

View File

@ -0,0 +1,4 @@
version: STSv1
mode: enforce
mx: mail.tommytran.io
max_age: 604800