sose
/
hellgate
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

added to readme

This commit is contained in:
sose 2021-04-28 07:12:58 +00:00
parent 3aa36ef051
commit 46bf9d66e8
1 changed files with 39 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
readme.md
View File

@ -3,7 +3,10 @@
An extensible, general purpose http-\>gemini mirror with full
javascript support
## Requirements
## Requirements - If you are using Docker
- docker
## Requirements - If you are not using Docker
- nodejs
- npm
- electron
@ -20,8 +23,17 @@ javascript support
- libasound2
- xvfb (if you're running it headless)
## Setup
- `sudo apt install libgtk2.0-0 libgconf-2-4 libxshmfence1 libnss3 libatk-bridge2.0-0 libdrm2 libgtk-3-0 libgbm1 libasound2` (if you're on debian, other
## Setup - If you are using Docker
- `docker pull sose/hellgate`
- `docker run -p 1965:1965 sose/hellgate`
- the server will listen on `localhost:1965`
- If you are using port 1965 on the host machine, you can bind a different port
by running `docker run -p {PORT}:1965 sose/hellgate` instead
## Setup - If you are not using Docker
- `sudo apt install npm nodejs libgtk2.0-0 libgconf-2-4 libxshmfence1 libnss3
libatk-bridge2.0-0 libdrm2 libgtk-3-0 libgbm1 libasound2` (if you're on
debian, other
distros idk)
- `sudo apt install xvfb` (again, on debian)
- `git clone https://tildegit.org/sose/hellgate`
@ -44,6 +56,28 @@ javascript support
- If you write a new sigil for a specific website, don't hesitate to send it as
a pull request to this repo
## Notes
## Security
- Obviously executing arbitrary Javascript from around the web is never going
to be completely safe, however the following steps have been taken to ensure
the saftey of the host machine:
- All websites have a maximum time in which they have to load their
content (default 2s) and execute any scripts (default 2s)
- When running outside of a Docker container, all renderer processes
will be run inside the Chromium sandbox
(https://github.com/chromium/chromium/blob/master/docs/linux/sandboxing.md)
- When running inside of a Docker container, the entire program is
running inside a Docker container (as an unprivileged user).
- Nodejs integration is disabled in all renderer processes
- Context isolation is enabled in all reneder processes
- Any request for browser permissions is automatically denied
- Any request to create a new window is automatically denied
- Essentially, in theory, the machine hosting hellgate should not be at any
more risk than a regular web broser. However, security vulnerabilities
exists, and no software is perfect, not Docker, not Chromium, not Linux not
Electron and *certainly* not Hellgate. If you have valuable things on your
server I would suggest running all of this in a VM, just in case.
## Other Notes
- As of right now the npm version of gemini-server is broken, use the version
from github or this will not work
from github or this will not work.
- If you are using the docker container this is already done for you.