Migration of our hostname to lab.lostb.one is done. Redirects are intact until March.

Commit fa302180 authored by Che's avatar Che

Documentation update (Apache configuration)

- Add link to the home of the net.art generator
- Fix the description of the ZKM exhibition
- Add table of contents
- Add Apache 2.4 configuration stubs
- Move sections around a bit
parent 5b56280b
# Gallery
This extension of the [net.art generator](https://nag.iap.de) displays a collection of the generated images as thumbnails in a grid, allowing to click on them to open a more detailed view of the image.
This extension of the [net.art generator](http://net.art-generator.com/index.html) (currently [nag_05](https://nag.iap.de)) displays a collection of the generated images as thumbnails in a grid, allowing to click on them to open a more detailed view of the image.
![NAG gallery preview](nag_gallery_preview.jpg)
as seen in:
* [Berlin Zentrum der Netzkunst, damals und heute](https://netzkunst.berlin/) exhibition at the [panke.gallery](http://www.panke.gallery/) in Berlin, 4 October - 23 November 2018
* [Writing the History of the Future](https://zkm.de/de/ausstellung/2019/02/writing-the-history-of-the-future) exhibition at the [ZKM](https://zkm.de/) in Karlsruhe, 23 February 2019 - 28 March 2021
* [Writing the History of the Future, Part II](https://zkm.de/de/ausstellung/2019/02/writing-the-history-of-the-future) exhibition at the [ZKM](https://zkm.de/) in Karlsruhe, 24 May 2019 - 28 March 2021
## Table of Contents
* [Setup](#setup)
* [Apache configuration](#apache_configuration)
* [ifs.sh](#ifssh)
* [gallery.php](#galleryphp)
* [explanation.html](#explanationhtml)
## Setup
🚧 WIP 🚧
The gallery consists of two scripts. [ifs.sh](#ifssh) is the file synchronization bash script running in the background and [gallery.php](#galleryphp) is the frontend php script visible to users.
* Requirements
* File/folder structure (& permissions/user)
......@@ -39,17 +47,123 @@ as seen in:
```
* Packages (Debian)
🚧 WIP 🚧
Following is a more detailed explanation of the different files:
### [explanation.html](explanation.html)
explanation.html is the unauthorized (401) error page which is shown in case a user provided wrong credentials or aborted the login process.
### Apache configuration
This is the minimal configuration stub for Apache 2.4 assuming the net.art generator in the directory `/var/www/nag` and the gallery in `/var/www/gallery`.
Please make sure the expires module is enabled by executing this command: `a2enmod expires`
```apache
<VirtualHost *:80>
Protocols h2c http/1.1
ProtocolsHonorOrder on
DocumentRoot /var/www/nag
<Directory /var/www/nag>
Options +ExecCGI -Indexes
AddHandler cgi-script .cgi
</Directory>
# Embed the gallery's directory via Alias
Alias "/gallery" "/var/www/gallery"
<Directory /var/www/gallery>
Options -Indexes
</Directory>
# Since the load is a little heavy with the gallery, these settings
# should apply caching to images.
<IfModule mod_expires.c>
ExpiresActive on
# Set the default expiry times.
ExpiresDefault "access plus 2 days"
ExpiresByType text/html "access plus 0 seconds"
ExpiresByType image/gif "access plus 1 month"
ExpiresByType image/jpg "access plus 1 month"
ExpiresByType image/png "access plus 1 month"
ExpiresByType image/jpeg "access plus 1 month"
</IfModule>
</VirtualHost>
```
The following is a configuration stub for Apache 2.4 containing a hardened HTTPS listener and a HTTP listener performing rewrites to HTTPS.
Please make sure the needed modules are enabled by executing this command: `a2enmod expires headers rewrite ssl`
```apache
<VirtualHost *:80>
Protocols h2c http/1.1
ProtocolsHonorOrder on
# Rewrite to TLS
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
</IfModule>
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
Protocols h2 http/1.1
ProtocolsHonorOrder on
DocumentRoot /var/www/nag
<Directory /var/www/nag>
Options +ExecCGI -Indexes
AddHandler cgi-script .cgi
</Directory>
# Embed the gallery's directory via Alias
Alias "/gallery" "/var/www/gallery"
<Directory /var/www/gallery>
Options -Indexes
</Directory>
# Since the load is a little heavy with the gallery, these settings
# should apply caching to images.
<IfModule mod_expires.c>
ExpiresActive on
# Set the default expiry times.
ExpiresDefault "access plus 2 days"
ExpiresByType text/html "access plus 0 seconds"
ExpiresByType image/gif "access plus 1 month"
ExpiresByType image/jpg "access plus 1 month"
ExpiresByType image/png "access plus 1 month"
ExpiresByType image/jpeg "access plus 1 month"
</IfModule>
# TLS configuration
SSLEngine on
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
SSLCipherSuite ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
SSLHonorCipherOrder on
SSLCompression off
SSLSessionTickets off
SSLCertificateFile /path/to/tls.crt
SSLCertificateKeyFile /path/to/tls.key
<FilesMatch "\./(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
# Security and privacy headers (for public use)
<IfModule mod_headers.c>
Header set X-Content-Type-Options: "nosniff"
Header set X-Frame-Options: "sameorigin"
Header set X-XSS-Protection: "1; mode=block"
Header set Referrer-Policy: "no-referrer"
</IfModule>
</VirtualHost>
</IfModule>
```
### [ifs.sh](ifs.sh)
ifs.sh is the inotify-based file sync with date-based filtering script.
ifs.sh is the inotify-based file sync script.
Its job is to transfer images from one folder to another, sounds simple, should be simple – Maybe a little too simple, that's why inotify is used to trigger a rsync job in a timely manner.
Try `ifs.sh -h` for the help output.
......@@ -58,12 +172,14 @@ Lesson learned: `inotifywait` is a great tool to use on the command line for blo
### [gallery.php](gallery.php)
gallery.php is the web frontend to the thumbnail collection and hopefully evolves into something useful in the next couple of days.
#### Parameters
gallery.php is the web frontend to the thumbnail collection.
Integrated during development to play around with sizes and different views:
It takes a couple of parameters to ease the process of choosing the best amount and size of images for a specific setup:
* `limit=2769`: use a limit of 2.769 images for the grid (accepts values between 400 and 4.000)
* `size=24`: use a thumbnail size of 24px (accepts values between 5 and 400)
* `refresh=n`: turn off the automatic refresh
### [explanation.html](explanation.html)
explanation.html is the unauthorized (401) error page which was shown in case a user provided wrong credentials or aborted the login process during the non-public phase of the nag.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment