Here you can leave a comment for the site's owner regarding the site's content, appearance, functioning and, generally, write whatever you think on this. Please stay on topic (“on this” doesn't mean “on anything”) and respect the others.
Please note you can also contact the site's owner using the feedback page.
Please note that premoderation is in effect here.
☞ From kolklkolkolol (unverified) Wed Jul 24 14:05:50 2024
Download page creature
How can I create a download page as on this website? Should I create downloads directory and then use pageset with lists?
reply
From Andrey Stolyarov Wed Jul 24 15:17:38 2024
Re: Download page creature
There are lots of ways to achieve this. On this particular site, the directory named
/download/
is populated with downloadable files using the collection facility, while the filedownload/index.html
is created as a stand-alone page.NB: they both use the same directory, but it doesn't create any conflicting situation, because Thalassa silently creates all needed directories within the generated tree, but never complaints about already-existing directories.
Please note there are other ways as well. In case you really have lots of items to offer for downloading, certainly you should consider lists (but, well... hardly the set-based lists, although I wouldn't state it is impossible).
reply
From kolklkolkolol (unverified) Mon Jul 29 12:04:26 2024
Re: Re: Download page creature
There are lots of ways to achieve this. On this particular site, the directory named /download/ is populated with downloadable files using the collection facility, while the file download/index.html is created as a stand-alone page.
Thanks you! This decision suits me.
reply
From Andrey Stolyarov Mon Jul 29 16:20:12 2024
Re: Download page creature
Okay, but it's not a decision, it's a solution. I wouldn't understand you if I weren't russian-speaking. In English, the two words have nothing to do with each other.
reply
From kolklkolkolol (unverified) Mon Jul 29 14:33:22 2024
Re: Re: Download page creature
On this site "Donate" menu item no "span" in html when it is current.
The same situation occurred with my "Download" item. My problem arose perhaps because I use [html:header] in template Smoky:
Is it so?
reply
From Andrey Stolyarov Mon Jul 29 16:34:50 2024
Re: Download page creature
> On this site "Donate" menu item no "span" in html when it is current.
Thanks for pointing this out, fixed.
> Is it so?
Well, in the menu configuration there's the fourth field, "label". To make the menu item look "current", you need to pass the same label to the %[html:header:] macro. E.g., your menu item may look like
Then, the correct macro call will be
%[html:header:download]
reply
From kolklkolkolol (unverified) Mon Jul 29 21:05:22 2024
Re: Re: Download page creature
Thanks, now everything works right!
P.s. I will try to learn English better
reply
☞ From Rol (unverified) Fri Jul 19 21:42:44 2024
Broken links in Docs
In the documentation the following paragraph contains incorrect links:
These links are http://thalassa.croco.net/doc/binary_section and http://thalassa.croco.net/doc/collection_section.
If I undestand correctly, they should be replaced by http://thalassa.croco.net/doc/verbatim_publishing.html#binary_section and http://thalassa.croco.net/doc/verbatim_publishing.html#collection_section.
reply
From Andrey Stolyarov Fri Jul 19 22:04:11 2024
Re: Broken links in Docs
You're absolutely right, thank you! Fixed.
reply
☞ From anon (unverified) Thu Jul 4 05:24:40 2024
Incorrect Linus Torvalds surname
According to the Web, he is actually Torvalds and not Torwalds.
reply
From Andrey Stolyarov Thu Jul 4 09:40:31 2024
Re: Incorrect Linus Torvalds surname
Argh, you're absolutely right. Fixed. Hope Linus didn't notice :-)
reply
☞ From anon (unverified) Mon Jul 1 23:24:02 2024
Incorrect currency name
to donate RUB
reply
From Andrey Stolyarov Tue Jul 2 11:07:41 2024
Re: Incorrect currency name
RUR is the official international id for it, and it stands for (RU)ssian (R)oubles, just like USD means US Dollars, GBP means GB Pounds, RSD means RS Dinars etc. (first two letters are the code of the country, and the last letter is the first from the name of the currency). The only exception known to me is EUR, it would be EUE according to the general pattern, but actually internationally used id for Euro is EUR.
reply
From Artem (unverified) Wed Jul 3 11:12:24 2024
Re: Re: Incorrect currency name
No, RUR is the old rouble, before the 1998 denomination. RUB has a different code and ISO number, and was exchanged at the rate of 1 RUB == 1000 RUR. RUR is no longer legal tender and no bank conducts transactions with it for individuals.
reply
From Andrey Stolyarov Wed Jul 3 12:01:01 2024
Re: Re: Re: Incorrect currency name
This sounds strange a bit. Russian banks still use the numeric code 810 in all account numbers (for the accounts kept in roubles), and I have never seen the code 643, which must be the "RUB"'s counterpart according to Wikipedia.
The overall situation perhaps needs some additional research, for which I've got no time now.
reply
From Artem (unverified) Wed Jul 3 14:10:41 2024
Re: Re: Re: Re: Incorrect currency name
Yes, the Russian rouble is an exception to the general rules established for Russian banks. When making payments within Russia, as well as in rouble account numbers, the Russian Central Bank requires 810. In international settlements the currency code is a separate requisite, and it should be 643. This is stated in the letter of the Central Bank of Russia No. 176-T.
The situation is strange indeed. 810 is a code not only RUR, but also SUR (Soviet Union Rouble). All this confusion made a lot of noise in Runet, and became one of the pillars of the sect-like organization "citizens of the USSR".
reply
From Andrey Stolyarov Thu Jul 4 09:42:31 2024
Re: Incorrect currency name
Well, to avoid confusion I've just replaced the currency code with the currency name. Thanks for pointing this out.
reply
☞ From irrelevant (unverified) Fri Jun 28 04:41:28 2024
depend on
will depend ON
reply
From Andrey Stolyarov Fri Jun 28 09:04:36 2024
Re: depend on
thanks :-)
reply
☞ From anon (unverified) Fri Jun 28 02:41:54 2024
quotes in guestbook
Both backtick and (single) quotes are being used at the top of guestbook page
I'm not quite sure whether two single quotes are ok to be used instead of double quotes but whatever kind of quotes you use, it's probably a good idea to have matching quote of the same kind
reply
From Andrey Stolyarov Fri Jun 28 09:34:31 2024
Re: quotes in guestbook
In plain text (e.g. within a man page), these match perfectly :-) But, well, being placed on a web page, they look ugly, I agree. Shortly after Thalassa was first published, I deided to get rid of this style for quotes, but missed some entries here and there. So thank you :-) I've just replaced them with ldquo/rdquo html entities.
reply
☞ From Alexandr (unverified) Fri May 3 09:21:32 2024
lighttpd
works with lighttpd.
reply
☞ From Ananas (unverified) Sun Apr 7 17:20:40 2024
Pageset
Hi!
I'm trying to create a page that will have its own directory in the root directory of my website, where files and other pages associated with it will be located.
For example, let's take the following structure:
required result for website:
/node
/node/index.html
/node/page_1.html
node/page_2.html
source files for db:
db/pages/node
db/pages/node/content.txt
db/pages/node/page_1
db/pages/node/page_2
I create the node.ini in the root directory and specify it in config.ini like local ini-file. Run the thalassa for generate required pages, but in the /node/ directory except the required html-files appear copy of files from the db/pages/node directory (page_1, page_2) and content.txt.html. What am I doing wrong? Thanks!
reply
From Andrey Stolyarov Sun Apr 7 17:54:29 2024
Re: Pageset
It's not intended to work the way you expect. Every item of a page set is intended to be a page. Generally, a page (that belongs to a set) has a single source file; e.g., if the item id is
foobar
, then the source is either text file namedfoobar
, orfoobar/content.txt
. Depending on the configuration, eitherfoobar.html
, orfoobar/index.html
is generated. If there are multipage flat comments, additional html files may be generated, likefoobar_2.html
orfoobar/page2.html
(particular names are ajustable within the configiration file), but that's all, and even in this case the only source file analyzed for the page generation is thatfoobar/contents.txt
(or justfoobar
if there's no directory).Files with names starting with
_
, as well as hidden files (names starting with.
) are ignored within the page set item's source directory, and all files that are not ignored and are not content.txt, are simply copied (strictly speaking, published) to the destination. The intended use for them is images accompanying the page.reply
From Ananas (unverified) Sun Apr 7 19:15:10 2024
Re: Pageset
Thanks for the explanation. I think I understood this point. But how do I achieve what I want? I need the structure to be the same for the source files and for the website pages. I need page like doc on this site. So that there is a directory with the source files on the basis of which will be created the html-pages in the appropriate location. Is it possible to arrange the source files so that they don't all lie in one place? Or all source files should be located in the root directory, and all links to them should be relative?
In my example above page_1 and page_2 must be in the root directory and links to them in the /node/content.txt should look like
../page_1.html
?reply
From Andrey Stolyarov Sun Apr 7 20:20:33 2024
Re: Pageset
Well, on this site the doc/ directory is generated with a separate (dedicated) pageset, for which the source directory is copied (!) from the thalassa source tree,
examples/thalassa/pages/
within the source tarball contains the real source for these docs (but the configuration of the pageset on this site is different from the configuration provided inexamples/thalassa/thalassa.ini
).Several approaches are possible to create more or less sophisticated trees; choose the one that will work better for you.
First of all, you can have as many pagesets as you want. Perhaps if you're not planning to have like a hundred of subdirectories, or even more, then it will be the simplest solution just to configure a separate pageset for each of your destination directories. For 2, 3, 5, even 10 directories this will work perfectly, but this can become a nightmare if you're going to have more of them, as for each of them there must be a [pageset XXX] section in your configuration files, and a separate directory for the source files.
Another approach is to use the aliases facility. For example, on the stolyarov.info site, initially there was only one pageset, named
node
, and paths like http://www.stolyarov.info/books/programming_intro/e2 or http://www.stolyarov.info/license.html are made with aliases.There's also one more approach, which I think should work, but please be warned I never tried it, so going this way you can run into a lot of bugs; I promise to fix them as soon as I can, provided that you report them. The idea is to add a custom header field to the source files in your pageset, like
destpath:
or something similar. Then, in your [pageset] section, use something like this:This way you can explicitly specify for every item where do you want it to be generated. If you decide to try this, please be sure to report your results, it is very interesting for me :-)
As of your question regarding links, well, your mileage may vary.
reply
From Ananas (unverified) Tue Apr 9 06:19:59 2024
Re: Pageset
I decided to choose the aliases. For my modest website, this is still quite enough :-)
I tried the third option you suggested, but it didn't work out. Most likely, I did something wrong. Unfortunately, I don't have enough time to thoroughly understand everything. So far, I have done as it turned out. Thanks for the help!
reply
☞ From notifications (unverified) Sun Mar 24 15:40:13 2024
Email-based reply notifications
It would be nice if registered users could receive notification emails, when somebody responds to their comments.
Of course, this option would be off by default and only enabled upon explicit user request in the settings, maybe even on per-comment basis.
The email body would contain either a reply content itself or just "someone replied to you", in case the reply contains harmful links that would trigger email server spam detection.
A better approach may be to have some sort of personalized RSS feed that can be generated for every comment tree parent.
The reason I'm asking is that right now I have to manually go to your website every day & check for replies to my comments and that annoys me a little.
reply
From Andrey Stolyarov Sun Mar 24 22:58:25 2024
Re: Email-based reply notifications
Thank you for the suggestion. Unfortunately, as of now, I've got a lot of higher-priority TODO items. But the suggestion really sounds good, so maybe I'll return to it one day.
reply
☞ From que (unverified) Mon Feb 19 16:17:03 2024
login security
In the user docs, it says that by the time login pass codes get sniffed by the attacker, they have already become useless & invalidated, but, since the connection is unencrypted, what if attacker also sniffs the cookie response from the server to the client? wont he get access to the user account then?
reply
From Andrey Stolyarov Mon Feb 19 17:31:07 2024
Re: login security
The cookie changes on every request to the CGI, so technically it is possible to take over a single session. To do so, the attacker must sniff cookies until the user goes idle, and then, yes, it will be possible to "continue" the session pretending to be that user. In case the user resumes the activity (with the cookie s/he still has), the session will immediately become invalid.
The possibility to take over a single idle session (without the possibility to take over the account) is, well, a bad thing, but not that horrible. Actually, it is insufficiently horrible to make me use https, but please note you can use https on your Thalassa-based site if you want, as Thalassa doesn't prevent this in any way.
reply
☞ From Anonimous (unverified) Wed Feb 14 20:27:52 2024
Thalassa as imageboard
I plan on patching Thalassa to work as an imageboard/textboard like 4chan, where anonymous users can create their own pages (threads) in specific categories (boards)
Right now, I can emulate this behaviour by creating predefined pages that act like boards, where top-level comments act as threads, but this is an ugly hack and I'm sure it can be done better. Also, this hack doesnt work on large amount of comments, as loading a large static page is resource intensive, and tree-like comment structure makes reading deeply nested comments really hard.
So can you please point me to how I could approach this problem and things I should be aware of?
reply
From Andrey Stolyarov Fri Feb 16 10:44:38 2024
Re: Thalassa as imageboard
Unfortunately, I don't think that the present version of Thalassa fits this task, as it is incapable of two important things:
I plan to add support for both things, but I can't take any obligations on terms and deadlines.
As of your concerns, well, this page http://www.stolyarov.info/thalcgi.cgi/moderation/gb/6 (it's in Russian, sorry) contains 1200+ comments, and I see no performance-related issues. Also Thalassa supports plain comments, like here: http://infoviolence.org/ru/guestbook.html, for them it is possible to specify how many comments to place on a single page, and the generator automatically adds more pages (on the page pointed to here, the limit is 50 and there's one additional page, as of now). This functionality is not available for tree-like comments, because I don't see any consistent way to split a tree. Well, there's some approach to it at LiveJournal, but pages are generated dynamically there, AND there's one more thing: if one of the trees on a page grows large enough, other comments can move to different pages, thus making references to particular comments mutable (unstable).
It may be possible to add more styles for rendering comments, e.g., only show top-level comments on the head page (possibly splitting them too, as necessary), and making a separate web page for every discussion (that is, for all comments that respond to a given top-level comment). See the
forumgen.[ch]pp
module, the plain comments are implemented by thePlainForumGenerator
class, and the tree is implemented bySingleTreeForumGenerator
.If you decide to code something on your own, please be sure to consult what I have at the developer documentation section, specially C++ subset restrictions and the list of banned techniques.
reply
From Anonimous (unverified) Fri Feb 16 11:21:26 2024
Re: Re: Thalassa as imageboard
Thanks for the reply, I'll look at forumgen module.
As for user created pages, I'm thinking of maybe using dullcgi framework provided in the last release, it seems easier than patching Thalassa directly.
I mean, on the high level, I just need to take user input string, wrap some html tags around it and pipe it to a file, it can't be that hard right?
reply
From Andrey Stolyarov Fri Feb 16 12:56:14 2024
Re: Thalassa as imageboard
It is far from being that easy; otherwise I'd have implemented it long ago.
reply
☞ From how (unverified) Sun Feb 11 20:54:17 2024
How I can give admin to me?
I dont use premod and other features
reply
From Andrey Stolyarov Sun Feb 11 22:43:36 2024
Re: How I can give admin to me?
Let me cite the README file which is found in $thalassa/examples/templ_smoky:
reply
☞ From anon (unverified) Sat Feb 10 10:18:02 2024
Does deployed cms use upstream?
The sites listed here (http://www.infoviolence.org and http://www.stolyarov.info), are they deployed with exact same Thalassa versions published in Downloads section or you modified code specifically for those? And if so, what are the differences. I mean just code, not templates, content or configs obviously.
reply
From Andrey Stolyarov Sat Feb 10 21:14:36 2024
Re: Does deployed cms use upstream?
It's exactly the same version, actually I've got a clone of my working git repo on the hosting machine, so it's kinda continuous integration.
But yes, these two sites don't use the Smoky template, exactly the opposite is true — the template was made using fragments of those sites.
As of this site (I mean, thalassa.croco.net), it is even made with Smoky. I use the site to convince myself Smoky is working.
Why did you suspect I have different versions of Thalassa? The two sites are simple enough to be generated with the published Thalassa version.
reply
From anon (unverified) Sun Feb 11 05:10:24 2024
Re: Re: Does deployed cms use upstream?
> Why did you suspect I have different versions of Thalassa?
Because in release notes it says "the ytid.cgi CGI program, which has long been working at the Infoviolence site, is finally available", so I naturally expected, that there are other features already being deployed and not yet merged with the upstream.
reply
From Andrey Stolyarov Sun Feb 11 22:50:55 2024
Re: Does deployed cms use upstream?
Ah, Ok, I see.
Well, there was a long pause between releases, and during that time I really made some progress, so it is really possible that at a certain moment the sites are being run with fresher version of Thalassa than the last available release.
However, whenever another release is made available, it always includes all I had to the moment.
reply
☞ From Rol (unverified) Fri Feb 9 16:23:24 2024
admin in templ_smoky have got no access to moderation
Maybe I’m doing something wrong, but I can’t get access to moderation (..../thalcgi.cgi/moderation/gb/1 write "You’ve got no access to this page") with the user’s admin role.
I use templ_smoky and click on the pencil icon at the bottom of the guestbook.
reply
From Andrey Stolyarov Sat Feb 10 21:39:45 2024
Re: admin in templ_smoky have got no access to moderation
I can't reproduce it, sorry. This site (thalassa.croco.net) is made with Smoky, my user account (admin) has only one role (yes, "admin") specified in its _data file, and I'm perfectly able to perform moderation.
Please try this:
reply
From Rol (unverified) Sun Feb 11 10:31:45 2024
Re: Re: admin in templ_smoky have got no access to moderation
Sorry for that, I just wrote in _data 'role = ' not 'roles ='...
Now I’ve fixed it and it’s working properly, sorry for the misinformation.
reply
From Andrey Stolyarov Sun Feb 11 22:46:54 2024
Re: admin in templ_smoky have got no access to moderation
No problem, Thalassa & Smoky are not so mature, so bugs are expectable. Feel free to come again if you don't understand their behavior.
reply
☞ From Rol (unverified) Thu Feb 8 21:39:51 2024
not provided ytid.ini and ytid.css in a source tarball
I may have misunderstood something, but I couldn’t find ytid.ini and ytid.css...
reply
From Andrey Stolyarov Thu Feb 8 22:30:28 2024
Re: not provided ytid.ini and ytid.css in a source tarball
You're right, thank you for reporting this. Just a moment...
upd: 0.1.21 uploaded, the files are there
reply
From Rol (unverified) Fri Feb 9 11:08:00 2024
Re: Re: not provided ytid.ini and ytid.css in a source tarball
Also forgot to say that the premod.html is also not in tarball.
reply
From Andrey Stolyarov Fri Feb 9 13:30:59 2024
Re: not provided ytid.ini and ytid.css in a source tarball
Well, it's better to say premod.html is not generated despite there's a reference to it. This isn't THAT critical, it is possible both to remove the reference and to add a file named
premod
to thedb/pages/
subdirectory, so I'll perhaps fix this issue in the next release.UPD: Fixed in 0.2.00.
reply
☞ From wtf (unverified) Sun Feb 4 07:54:47 2024
very simple simple simple generate html pages?
I need fast generate many html pages. How i can do this with cms?
reply
From Andrey Stolyarov Sun Feb 4 09:11:59 2024
Re: very simple simple simple generate html pages?
There are two ways of doing so with the Thalassa CMS. One is to use a list with item pages; you define the page template by the
itempage_template
parameter within the[list whatever]
section of your configuration, set a certain ini section group as the source for your list, and use sections of that group to customize every page, likeFor a working example to start, please see the "crocodiles" example available at the download page; the
[list croco]
is built this way, using sections like[crocodile gharial]
,[crocodile saltwater]
etc. to define particular pages.The other way is to use a page set. In this case you specify the template in your ini file, and make a headed text file for every page. Again, see the "crocodiles" example, it contains a pageset named "articles"; take a look at the
[pageset articles]
in the configuration file, and the files in thearticles/
subdirectory of the archive.If you provide some details for the task you have, I'll perhaps be able to give you more specific recommendations.
UPD: in the first version of this comment, the word
page
was used for the section group name that defines pages for the list; that won't work, as Thalassa itself uses the[page ]
section group. So, I replaced the word withxpage
.reply
From hmmm (unverified) Sun Feb 18 22:51:24 2024
Re: Re: very simple simple simple generate html pages?
I just need to learn how to generate Thalassa pages. I don’t understand anything, where should I enter all this? Put everything in square brackets in config.ini? Please tell us about this in as much detail as possible. I read all your manuals and documentation - it doesn’t help. I just need something like:
[page principles.html] + text + text + text
reply
From Andrey Stolyarov Mon Feb 19 11:04:53 2024
Re: very simple simple simple generate html pages?
Well, do I get it right you don't need almost all features Thalassa provides? No comments, no navigation, errr... nothing? Just pages, giving the html file names explicitly? Okay, perhaps the absolute minimum for
thalassa.ini
will be like this:I doubt this is really what you need, but yes, perhaps this is the simplest thing I can offer. Please note however that pages made this way don't support comments.
Once the
thalassa.ini
file is ready, just launchright in the same directory where the
thalassa.ini
resides. All the generated stuff will go to the dir you specified as[general]/rootdir
Hmmm, just in case: this is what is called stand-alone pages in the docs, details are here.
reply
☞ From ipu (unverified) Mon Jan 22 13:03:47 2024
Bottomnavbar arrows
When I click on bottom arrow for next/prev page of docs, then page opens already in the bottom, and I should scroll up.
I don't know, but maybe you want fix it?
reply
From Andrey Stolyarov Mon Jan 22 13:16:17 2024
Re: Bottomnavbar arrows
You may be right, I'll think on this.
UPD: fixed; thanks for reporting this.
reply
☞ From q (unverified) Wed Jan 17 23:48:15 2024
500 Check userdata directory
Please, help me! I am configuring apache2. I am including cgi. I am copying files from directory "target" to /var/www/html (with replace) after the generate. I launch cgi and... I'm got error from the title. My site is work but without interactive possibles =( I did tried permissions, paths but it is not successfull
reply
From Andrey Stolyarov Thu Jan 18 12:00:06 2024
Re: 500 Check userdata directory
Userdata directory is explained here, and there's a parameter named
userdata_dir
in the global configuration section of the CGI program.In your particular setup, I'd recommend you to create a directory like
/var/www/mysite_data
and make sure that in thethalcgi.ini
, in the[global]
section, the parameter looks likeIn case you use the Smoky template, the
thalcgi.ini
is generated by the template; in theconfig.ini
file, in the section[options cgi]
set the parameteruserdbdir
like this:and in the section
[options dir]
section, set something likeBTW, thank you for reporting this, as now I see these two parameters (instead of just one) may be confusing, so I'll consider to remove that "spool" parameter in future versions.
And one more thing: why don't you just specify your /var/www/html as the target directory?
reply
From q (unverified) Thu Jan 18 12:36:00 2024
500 Session creation error
Wow! It's work! But...
i don't know It is not help me
reply
From Andrey Stolyarov Thu Jan 18 12:42:58 2024
Re: 500 Session creation error
Can you give more details what happens if you set /var/www/html as the target directory?
reply
From q (unverified) Mon Jan 22 06:07:45 2024
Re: Re: 500 Session creation error
I just set /var/www/html as the target directory. Thalassa is generating site (templ smoky) to path. But then after the launch apache if user input correct captcha he is got...
reply
From Andrey Stolyarov Mon Jan 22 10:11:04 2024
Re: Re: Re: 500 Session creation error
This just means the userdata directory is not writable for
thalcgi.cgi
, so it can't create the session file. If you go withoutsuexec
, then perhapsthalcgi.cgi
runs with the same credentials as Apache itself, so the../mysite_data
(or whatever the name of the directory you created for that purpose) and all the stuff inside it must be writable for the account (pseudouser) used by Apache, typically it's something likehttpd
,www-data
or the like (useps axu | grep apache
to figure out).reply
From q (unverified) Tue Jan 23 00:51:33 2024
Error was fixed
Thank you very much!
reply
☞ From Andy (unverified) Sun Dec 24 09:27:04 2023
Possible bug was found
Hello! It looks like there is a bug in navigation tools behavior.
Steps to reproduce the bug: 1) Go to the page http://thalassa.croco.net/doc/doyouneedit.html 2) Click on "to the list" button
Expected result: render of http://thalassa.croco.net/doc page. Actual result: Bad request error.
reply
From Andrey Stolyarov Sun Dec 24 13:15:19 2023
Re: Possible bug was found
Fixed. Thanks!
reply
From Bububu (unverified) Sat Dec 30 23:44:27 2023
Re: Re: Possible bug was found
I am not sure if you would consider this worthy of changing/fixing, but if you go to a page with a subdirectory in its URL, but without a trailing slash (e.g., http://thalassa.croco.net/doc in the comment above instead of http://thalassa.croco.net/doc/), every link on that page that is supposed to refer to the same subdirectory will be broken (http://thalassa.croco.net/principles.html instead of http://thalassa.croco.net/doc/principles.html, and so on).
reply
From Andrey Stolyarov Sun Dec 31 00:21:58 2023
Re: Possible bug was found
This behavior as such is nothing wrong, it's how browsers handle local URIs: if there's no trailing slash, that
doc
is assumed to be a file, not a directory, and the reference to "principles.html", which means file with the given name, located in the same dir where we are, is handled by replacing current file name (doc) with new one (principles.html).What was the bug is that URLs requesting a directory (as opposing to a file), should it have no trailing slash, must be redirected to the same URL with the trailing slash added. With Apache, this is typically done using directives in the .htaccess file, which Thalassa generates. Okay, it simply generated a wrong directive.
Now that problem is fixed, thank you for reporting it.
reply
☞ From andy (unverified) Fri Dec 22 21:30:37 2023
Re: stack of tech
No disrespect, but what do you think about [link removed]? would it suit you? I liked him in past and I immediately remembered him when I came to your site.
I understand why Thalassa CMS was written, and also what influenced the choice of technologies, but your opinion on the concept of openresty and lua-git is interesting (you might even like it).
Thx!
reply
From Andrey Stolyarov Sat Dec 23 10:13:22 2023
Re: stack of tech
There's a lot of Javascript right at the main page, and there's no reason to look into it any further. If you consider it acceptable to send turing-complete code to your visitor's browser, we've got nothing to discuss at all.
Anyway, you must be mad to think such a bastard that needs SQL, is written in an interpreted language and even utilizes parallel programming is smth. I can like.
Actually, I believe such "technologies" must be criminalized, with significant money penalties for distributing software written in interpreted languages, and with several years in prison for making JS-containing sites publicly available. Actually, imprisoning should be in effect for creating any situation when a end-user's computer downloads any program code and executes it, unless explicitly ordered to do so by the user (with lots of warnings). Besides the so-called "web-applications", this antipattern covers automatic software updates, various plugins and a lot of other bad things.
UPD: having read your next comment, I confirm that we've got nothing to discuss. I generally don't waste my time on jerks who advocate usage of client-side execution in any way. No further comments from your part will ever pass premoderation on any of my sites.
reply
☞ From anonymous (unverified) Sun Dec 10 08:54:47 2023
Why don't you like nginx?
Why don't you like nginx?
reply
From Andrey Stolyarov Sun Dec 10 13:36:47 2023
Re: Why don't you like nginx?
First of all, why do you assume that I dislike it? That's not true, the truth is that I never tried it and I'm not going to give it a single try in any foreseeable future. I got used to Apache in 1997 when nginx didn't exist; Apache serves my needs as an HTTP server. At hands, I've got no problem, which nginx can be a solution for. Why the fuck would I spend (well, waste) my time learning how to deal with nginx? My time is too precious to waste it trying every new piece of software just because it becomes available.
What I know for sure is that it doesn't support the CGI interface directly, so it is likely to cause problems for me rather than to solve any of problems I really have.
reply
☞ From Rol (unverified) Sun Oct 8 21:14:26 2023
Re: set up thalassa with Apache 2
Can you tell me what the file permissions on apache should be?
I have a testcms user whose home directory contains the "mysite" directory (a copy of the template).
In config.ini I specify "sitesrc=/home/testcms/mysite", "target=/var/www/html/mysite/data".
thalcgi.cgi and thalcgi.ini end up in the target directory by default.
How do I configure suexec to use testcms to throw files into target and thalcgi.ini was only available to the user from which thalcgi.cgi runs?
Or you can tell me how to organize this.
reply
From Andrey Stolyarov Sun Oct 8 21:34:07 2023
Re: Re: set up thalassa with Apache 2
> How do I configure suexec to use testcms to throw files into target
Actually, I don't understand this question. Suexec does not throw any files anywhere.
Perhaps it is possible to create a kind of step-by-step instruction how to configure the apache+suexec+thalassa bundle, but it's definitely not for a small comment, it's a task for a day or so. As of now, may be I can provide some help if you tell what actually doesn't work, and how does that look.
reply
From Rol (unverified) Mon Oct 9 00:05:39 2023
Re: Re: Re: set up thalassa with Apache 2
> Actually, I don't understand this question. Suexec does not throw any files anywhere.
Sorry, I meant running thalcgi gen from testcms to update files to /var/www/html/... or am I doing something wrong?
> if you tell what actually doesn't work, and how does that look
I tried installing thalassa locally on my computer. I was able to get the generated site to display and, apart from thalcgi.ini being accessible through the site, everything works fine.
After that I decided to figure out how to use suexec, but got caught up in file permissions.
I created a new "thalassa" user that I wanted to use in suexec. But it seems that the cgi owner and the directory in which it is located (/var/www/html/...) must be the same user.
But I thought that to own this directory should be www-data (user apache2). That’s why I never figured out how to give permission.
reply
From Andrey Stolyarov Mon Oct 9 00:44:36 2023
Re: set up thalassa with Apache 2
> I meant running thalcgi gen from testcms to update files to /var/www/html/.
Well, this has nothing to do with suexec. Anyway, do I get it right that this (I mean, site generation to be done by thalassa) works for you and there's no problem with it?
> But it seems that the cgi owner and the directory in which it is located (/var/www/html/...) must be the same user.
It is intended to work this way, yes.
> But I thought that to own this directory should be www-data (user apache2).
This is true for a setup without suexec. Well, let me try to explain why we do need suexec, perhaps you don't fully understand it.
Actually, the web tree (these /var/www/html subtrees) may belong to any user, even to different users, the only important thing is to make all the content accessible to Apache, which is typically done making it world-readable, like with
chmod o+rX /var/www/html -R
, which will set permissions for all files to smth. like 644 and directories like 755.For static content, this works perfectly, but it is problematic if you want to implement something server-side running programs, like CGI. Without suexec, Apache can only run anything under the same credentials it has itself. If your CGIs (or other server-side programs) only read something and never write, things are still more or less easy (just make everything readable to the same good uid which your Apache uses, and everything's fine), but once you need your programs to write something, you need to provide them with a place to do so, like directories writable for the apache user. In case of Thalassa, that session database directory must be made writable for the thalcgi.cgi.
From the other hand, you should never let all your static content AND the CGI binaries be writable for the Apache, as it is insecure. So, the site's administrator (that is, the person who is in charge for the content and for the server-side programs) from now on needs to have full access to TWO "users" of the system: the one which owns static content and the one which owns these CGI-writable dirs... which means the Apache user!
Well, if you ever tried to work with setups like this, you know it is terribly inconvenient unless you actually work as root, and this is exactly what people trying to run CGI without suexec typically end up with. Besides the fact that doing things like web content administering from under root is terrible from the security point of view, this might be just inappropriate in case you try with shared hosting, like if a single unix system (e.g., a VPS) serves two or more sites belonging to different users (that is, real persons who are different, heh). BTW, actually their CGIs can interfere because they will run under the same account, and even any of them can make bad things like killing the Apache :-) so that all other's sites will go down together.
Here's where suexec jumps in. The intention here is to have a designated site administrator account for every site on the machine, and to let the CGIs that belong to that site to run with the site administrator's credentials, not with the http server's creds. In your setup the "thalassa" user is perfectly suitable for that purpose. Even if there's only one site on the machine, using suexec is still convenient as everything you need (both the content and all these dirs your CGIs will write to) belongs to a single user, so you can either log in right under that user, or login as root and then do
su - thalassa
to become that user (well... not recommended, heh; root account should never be used when it is possible to avoid it).However, suexec is a SUID binary, and, like any SUID binary, it must always be assumed as an attractive target for various attacks. So it is written, well, paranoid enough. It performs a lot of security-related checks before actually running the CGI binary, and, among other things, neither the directory where the CGI resides, nor the CGI itself must be writable by someone else than the user configured as the site's user. So actually both the dir and the binary must belong to that user, because if they belong to someone else, that account will be able to rewrite the content of the binary, thus breaking into the site admin's account.
What I'd recommend is to make a subdir under your /var/www for each site-admin-user, in this case this can be /var/www/thalassa (well... leave that /var/www/html alone, for the "default" site, when the requested url doesn't match any of your virtual sites). There can be more than one of these accounts, e.g., if you decide to invite a friend to your server to host his/her site; add smth. like /var/www/johnny in that case. Let these dirs be owned by the respective accounts, e.g., do
Then, for each site to be served with Thalassa, make two directories, one for the site itself, and the other for its session database, like /var/www/thalassa/mysite and /var/www/thalassa/_mysite. And... well, and enjoy :-)
In your setup I'd recommend to create the third directory, like /var/www/thalassa/Mysite, for the site source (the place where to unpack Smoky to, that is, the place where these config.ini, thalassa.ini, base/ subdir and the company live). In case you want the thalassa account's home to be somewhere else, like traditionally in /home/thalassa, then make some symlinks pointing from there to /var/www/thalassa for convenience.
reply
From Rol (unverified) Mon Oct 9 18:16:12 2023
Re: Re: set up thalassa with Apache 2
> the place where to unpack Smoky to, that is, the place where these config.cgi, thalassa.cgi, base/ subdir and the company live
*The suffixes must be . ini
> And... well, and enjoy :-)
I did everything you said. Now everything works as it should, thanks for the explanation!
reply
From Andrey Stolyarov Mon Oct 9 20:39:22 2023
Re: Re: Re: set up thalassa with Apache 2
> The suffixes must be . ini
Sure, thank you. Fixed the text.
> Now everything works as it should
Congratulations :-)
reply
☞ From Not a user (unverified) Thu Sep 28 09:57:23 2023
small dependency (not that bad meaning) bug in the Makefile
If I compile with just make, everything is ok. But with make -j4 I get an error:
Here is an example patch for it if you want to fix:
reply
From Andrey Stolyarov Thu Sep 28 21:07:33 2023
Thanks!
Thank you for catching this. It's unlikely I'd ever manage to catch this flaw on my own because the whole thing with all the libs builds in less than 10 seconds so it's very unlikely I'd ever run make with
-j
:-)The right fix here is different though. It is a single line
added anywhere in the Makefile, and yes, only the dep line without the command. Well, heh, the only reason it wasn't there already is that the lib/captcha directory is nearly the only one with a code written by someone else, not me. Oh, okay, md5 is also someone else's, but, well, it wasn't made for this project (unlike the captcha, which was intended for Thalassa).
reply
☞ From Ananas (unverified) Mon Sep 11 05:35:46 2023
Re: CGI settings
In order for the thalcgi.cgi to work, do I need to configure something else besides the config.ini. When trying to leave a comment on my site, for example, an error 404 is returned. Thanks!
reply
From Andrey Stolyarov Mon Sep 11 10:11:04 2023
Re: CGI settings
The thalcgi.cgi program only uses one configuration file, named
thalcgi.ini
(NOT config.ini, which I don't know where you got from).However, if you try thalcgi.cgi and get the 404, the problem is not with the config. In case thalcgi.cgi runs but fails to read its config file, it generates a built-in error page. So the problem is with your HTTP server configuration.
Try a script like this:
Place it in your site's directory, make sure you made it executable, and then hack your server's configuration until at the URL like http://your-site-domain-name.com/test.cgi you see the phrase "it works".
UPD: You didn't indicate it, but after some thoughts I suspect you're using the Smoky template, which really has a file named
config.ini
. This may make the situation more complicated, because thalcgi.cgi has its own 404 page, which it displays in case the requested path (these path tokens afterthalcgi.cgi/
) is either not configured, or the path predicate returnsno
for the respective page. So, it is necessary to have more information here, e.g., does thalcgi.cgi work properly for displaying the session status, the contact form and other things not related to comments.reply
From Ananas (unverified) Tue Sep 12 05:49:00 2023
Re: Re: CGI settings
1) Yes, I am using the Smoky template and I meant this particular config file. 2) Session status isn't displayed.The page with the suggestion to use cookies when necessary does not appear, contact form too. 3) I changed the server settings, now the scripts are running, but error 500 appears. I suspect that I have incorrectly configured access to some directories like thalcgi_db. I'll figure it out :)
reply
From Andrey Stolyarov Tue Sep 12 10:47:21 2023
Re: Re: Re: CGI settings
> I suspect that I have incorrectly configured access to some directories like thalcgi_db
If thalcgi.cgi is able to run (that is, the server launches it upon the request), then no matter how wrong the environment is, it will show its own error message. What I'd check first is permissions set on the thalcgi.cgi and on the directory where it resides. And, okay, if it is able to run from its current location (some fascist sysadmins tend to set noexec everywhere, and it is simply stupid).
reply
From Ananas (unverified) Wed Sep 13 06:01:10 2023
Re: Re: Re: Re: CGI settings
After experimenting on the local machine, I found out that the problem was in the wrong server settings and the inability to read the thalcgi.ini by the thalcgi.cgi. It remains to figure out how to configure the suexec to prevent leaking of the thalcgi.ini. I should have read the documentation carefully first :)
reply
From Ananas (unverified) Wed Sep 13 09:26:23 2023
Re: Re: Re: Re: CGI settings
(In continuation of my comment today) Do I understand correctly that I need to activate the suexec in the Apache configuration, and set a SetUid for the thalcgi.cgi?
reply
From Andrey Stolyarov Wed Sep 13 10:17:33 2023
Re: Re: Re: Re: Re: CGI settings
First of all, DO NOT set the SetUid bit!
As of suexec, I'm used to run sites with suexec, and that's what I strongly recommend, but it should still be possible to go without it. The
thalcgi.cgi
program has an additional check for that situation.If you decide not to bother with suexec, then be sure to use your .htaccess file to prevent Apache from giving out the
thalcgi.ini
file. Without suexec, CGIs run under the same UID as the HTTP server (Apache itself), so the ini file must be readable for that UID (and for the server), so additional step is needed to make sure it doesn't leak.reply
From Ananas (unverified) Mon Sep 18 05:50:35 2023
Re: CGI settings
It seems that I managed to set everything up correctly. Now it works :) I have a question: why does the thalassa always try to replace an existing .htaccess when generating content?
reply
From Andrey Stolyarov Mon Sep 18 13:04:02 2023
Re: Re: CGI settings
It is told to generate its own .htaccess by the Smoky template's base files. Take a look at the
base/base.ini
file, it contains the following section:This version does exactly three things: allows Apache to follow symbolic links (so that aliases can work, although Smoky by default doesn't use aliases), adds the trailing slash to directory URIs and sets the 404 page.
Is this problematic for you? If it is, perhaps I should think how to solve it in future versions of Smoky. As of now, you can simply comment out this section, the only downside of this is that you'll have to do it every time you update the base/ directory to a newer version.
reply
From Ananas (unverified) Mon Sep 18 13:51:52 2023
Re: Re: Re: CGI settings
> Is this problematic for you?
My .htacces looks different, so I don't need a replacement. I have this file owned by one user, and the thalassa is run on behalf of another, so the replacement fails. So my .htacces remains intact, so it's not a big problem for me.
reply
From Andrey Stolyarov Mon Sep 18 16:27:14 2023
Re: CGI settings
It's generally not a good idea to rely on a program being unable to replace a file which it badly wants to replace but the replacement is not what the user needs. Actually, an error condition should never be considered a norm.
Well, I'll think what to do on this.
BTW, do I get it right you managed to run the Thalassa CGI in a non-suexec configuration? It's interesting for me as, honestly speaking, I never tried this.
reply
From Ananas (unverified) Tue Sep 19 06:40:39 2023
Re: CGI settings
> BTW, do I get it right you managed to run the Thalassa CGI in a non-suexec configuration?
Yes, I do. I have not activated the suexec module in Apache. The thalcgi.ini belongs to the server user and hiden with .htacces.
> It's generally not a good idea...
I agree, it's my bad. I wanted to launch a working website faster, and then slowly bring everything to mind, including the configuration of the server. I try different things, read your documentation and slowly everything falls into place. I want to create my own template later.
reply
From Andrey Stolyarov Tue Sep 19 12:01:13 2023
Re: CGI settings
> I have not activated the suexec module
So it works. Great :-)
> The thalcgi.ini belongs to the server user
BTW, it doesn't have to belong to the server's uid, it only needs to be readable for the server's credentials (e.g., for the server's group).
> I wanted to launch a working website faster,
Understood, specially taking into account how immature both Thalassa and Smoky are. In the next version of Smoky I'll add an option to suppress generation of
.htaccess
, and, perhaps, I'll also add filtering ofthalcgi.ini
files to the default version of it.> I want to create my own template later.
Oh, I really like this intention :-)
reply
☞ From Anonymous (unverified) Thu Aug 24 17:25:38 2023
Does not work on FreeBSD
reply
From Andrey Stolyarov Thu Aug 24 22:07:35 2023
Re: Does not work on FreeBSD
Thank you for reporting this. It is more or less obvious why it doesn't compile and how to fix the problem; however, unfortunately I've got no access to a working FreeBSD now, so I'll be unable to check if the result is okay.
Anyway, I'll do my best to fix this in the next source tarball to be published.
reply
From Anonymous (unverified) Fri Aug 25 03:53:21 2023
Re: Does not work on FreeBSD
Also FreeBSD use clang and clang++ as default compillers. Please consider this feature.
reply
From Anon (unverified) Fri Sep 1 17:40:34 2023
By the way...
:-)
reply
From Andrey Stolyarov Fri Sep 1 22:29:39 2023
Re: By the way...
Errr... thanks :-)
reply
From lucy Sat Aug 26 13:14:10 2023
Re: Does not work on FreeBSD
Hello, i had same problem, but it is easy to repair. In file cmd.cpp just change all existing
signalhandler_t
tosig_t
andsetpgrp()
tosetpgrp(0, 0)
and all will be work fine. look on man signalreply
From Andrey Stolyarov Sat Aug 26 19:19:02 2023
It's not THAT easy
If we do what you suggest, it won't compile under Linux and under some older unices.
sighandler_t
is only used there to declare a single local variable, sovoid (*oldsig)(int);
solves the problem. Well, no,sighandler_t
can NOT be anything else.As of
setpgrp()
, it must be replaced withsetpgid(0, 0);
, it is more or less portable. Furthermore,getpgid(0)
should be used instead ofgetpgrp()
.reply
☞ From Anonymous (unverified) Sat Aug 19 20:47:22 2023
Interesting project!
This is a really fast html preprocessor! I want to try it next time for public information sites!
P.S. Logo image is too big.
reply
From Andrey Stolyarov Mon Aug 21 11:49:11 2023
Re: Interesting project!
I myself was a bit surprised by how fast it works, specially taking into account that I didn't do any intentional optimizations for speed. However, surprisingly enough, it wasn't my goal to create another static HTML generator; for me it has any value only together with the CGI program which provides user comments feature.
Anyway, if you give Thalassa a try in one of your projects, any feedback is welcome.
As of the logo, you're right, I'll reduce it.
reply
☞ From Anonymous (unverified) Thu Jul 27 08:32:18 2023
Files suffixes
Why .html, not .xhtml for XHTML 1.0 Strict?
By default a lot of web servers response text/html for .html files, not application/xhtml+xml. So browser parse this as HTML page, not as XML.
reply
From Andrey V. Stolyarov Thu Jul 27 11:08:13 2023
Re: Files suffixes
> XHTML 1.0 Strict?
It's not strict, it's "Transitional", solely because I need the iframe tag which is prohibited in the "Strict": in the head of the main page, that small black window with green chars is generated by the CGI, while all the page is static. Anyway, no part of generated content is hardcoded into the binaries, it all comes from the configuration, so it's possible to switch to the "Strict" version just by editing the ini files.
> Why .html, not .xhtml
The exact names of the files being generated are configured, too, so this is not a problem for Thalassa itself. Well, honestly speaking, in the present version of the Smoky template, the respective part of the configuration is within the ``base/'' subdirectory, which is not intended as user-editable, but nonetheless it can be edited. Actually, if this is important for you, I can add an option for the file extension in one of the upcoming versions.
However, as for the parser version: for the ``text/html'' mime type, as far as I understand the logic, the actual markup version is to be determined by the file's content, in which the exact format is specified, and I think this is generally better; furthermore, I doubt it is really correct to use ``application/*'' for anything intended as a human-readable text (to be rendered by the browser, not by an external application), despite servers, including the Apache I use, really emit that ``application/xhtml+xml'' for .xhtml files.
reply
☞ From Anon (unverified) Wed Jul 26 04:03:12 2023
Modules
Will there be support for modules/plugins without changing the core code?
reply
From Andrey V. Stolyarov Wed Jul 26 09:14:35 2023
Re: Modules
Something like that is possible in future, but decisions of this sort should be balanced.
As of now, Thalassa consists of two statically-built binaries (the static content generator and the CGI), and the CGI even doesn't support loading multiple configuration files (the generator does, and in the Smoky template the configuration file for the CGI is actually composed by the generator). This minimalistic architecture has its own advantages, at least it is self-containing (hence minimal effort from the sysadmins) and quick.
Can you, maybe, give some examples of functionality you'd like to have implemented as modules?
As far as I can imagine, some useful things can be implemented simply as additional configuration sections, and some can be additional (optional) CGI programs, possibly using the same session data (the cookie and all related stuff) and user accounts; such CGIs can be thought of as plugins. Should we ever need more built-in macros in the generator, it is better to implement them within the existing program, may be as optional modules added at the compile time.
What I'd like to avoid is an infrastructure for real pluggable modules.
reply
☞ From Nokia user (unverified) Tue Jul 25 11:56:47 2023
What about WAP version support?
What do you think about add generation WML versions of sites?
reply
From Andrey V. Stolyarov Tue Jul 25 12:15:33 2023
Re: What about WAP version support?
There's no need to add anything like that to Thalassa itself, because actually Thalassa is a (domain-specific) macroprocessor, so it is able to generate whatever texts you want. For example, there's RSS feed on this site, despite there's no special support for RSS in Thalassa, it is solely a question of writing proper configuration files.
As of adding WAP, e.g., to the Smoky template, it might be a good idea, but personally I'm not familiar with WAP and right now I've got higher-priority tasks. Maybe later.
reply