do not hardcode e-mail addresses, update readme

1 year ago · f1ac5a9602
parent 0652aa73d4
commit f1ac5a9602
6 changed files with 31 additions and 8 deletions
--- a/INSTALL.md
+++ b/INSTALL.md
@ -16,6 +16,8 @@ Place a `config.json` file in the same directory that looks like this: (below ar

 ```json
 {
+  "baseURL": "https://mygojamminginstance.mydomain.com/",
+  "adminEmail": "myemail@domain.com",
  "port": 1337,
  "host": "localhost",
  "token": "miauwkes",
@ -26,13 +28,16 @@ Place a `config.json` file in the same directory that looks like this: (below ar
  ],
  "blacklist":  [
    "youtube.com"
-  ]
+  ],
+  "whitelist": []
 }
 ```

+- baseURL, with trailing slash: base access point, used in approval/admin panel
+- adminEmail, the e-mail address to send notificaions to. If absent, will not send out mails. **uses 127.0.0.1:25 postfix** at the moment.
 - port, host: http server params
 - token, allowedWebmentionSources: see below, used for authentication
- blacklist: blacklist domains from which we do NOT send to or accept mentions from. 
+- blacklist/whitelist: domains from which we do (NOT) send to or accept mentions from. 
 - utcOffset: offset in minutes for date processing, starting from UTC time.

 If a config file is missing, or required keys are missing, a warning will be generated and default values will be used instead. See `common/config.go`.
--- a/README.md
+++ b/README.md
@ -126,7 +126,7 @@ It will attempt to auto-discover them with a HEAD call, in the following order:
 3. `/feed`
 4. `/feed/index.xml`

-If none provied a status of 200 with content-type `application/xml`, it will abort and log an error. 
+If none provied a status of 200 with a Content-Type that contains `xml`, it will abort and log an error. 

 Note that this _requires your site to be on HTTPS_!! 

@ -188,7 +188,21 @@ Database migrations are run using the `-migrate` flag.

 Since Go-jamming still supports Pingbacks, spam could be an issue. However, if the URL doesn't contain a genuine link, the mention will be immediately dropped.

-Still, spammers always find a way and sometimes even create fake blog posts with real links to your blog. In that case, simply add the domain to the `blacklist` in `config.json`.
+Still, spammers always find a way and sometimes even create fake blog posts with real links to your blog. 
+
+### Mentions _in moderation_
+
+Go-Jamming employs a `whitelist` and `blacklist` system. By default, all mentions end up in a moderation queue, another database that will not pollute the mention db.
+
+Each mention has to be manually approved. An e-mail to `localhost:25` (a local Postfix) will be sent out with approve/reject links, if configured. Otherwise, the endpoint `/admin/{token}` is the dashboard where you can approve/reject from time to time:
+
+![](https://raw.githubusercontent.com/wgroeneveld/go-jamming/master/adminpanel.jpg)
+
+Approved mentions will have their domain added to the whitelist. Rejected mentions will have their domain added to the blacklist. 
+
+### Manually blacklisting partial domains
+
+In that case, simply add the domain to the `blacklist` in `config.json`.

 Adding this **manually** will not remove existing spam in your DB! The `-blacklist` flag is there to:

--- a/adminpanel.jpg
+++ b/adminpanel.jpg
--- a/app/notifier/mailnotifier.go
+++ b/app/notifier/mailnotifier.go
@ -55,11 +55,11 @@ func sendMail(from, subject, body, toName, toAddress string) error {

 func (mn *MailNotifier) NotifyReceived(wm mf.Mention, indieweb *mf.IndiewebData) {
 	err := sendMail(
-		"admin@brainbaking.com",
+		mn.Conf.AdminEmail,
 		"Webmention in moderation from "+wm.SourceDomain(),
 		BuildNotification(wm, indieweb, mn.Conf),
 		"Go-Jamming User",
-		"wouter@brainbaking.com")
+		mn.Conf.AdminEmail)

 	if err != nil {
 		log.Err(err).Msg("Unable to send notification mail, check localhost postfix settings?")
--- a/app/webmention/handler.go
+++ b/app/webmention/handler.go
@ -89,9 +89,11 @@ func HandlePost(conf *common.Config, repo db.MentionRepo) http.HandlerFunc {
 			RestClient: httpClient,
 			Conf:       conf,
 			Repo:       repo,
-			Notifier: &notifier.MailNotifier{
+		}
+		if len(conf.AdminEmail) > 0 {
+			recv.Notifier = &notifier.MailNotifier{
 				Conf: conf,
-			},
+			}
 		}

 		go recv.Receive(wm)
--- a/common/config.go
+++ b/common/config.go
@ -14,6 +14,7 @@ import (
 type Config struct {
 	// BaseURL should end with a / and is used to build URLs in notifications
 	BaseURL                  string   `json:"baseURL"`
+	AdminEmail               string   `json:"adminEmail"`
 	Port                     int      `json:"port"`
 	Token                    string   `json:"token"`
 	UtcOffset                int      `json:"utcOffset"`
@ -137,6 +138,7 @@ func config() *Config {

 func defaultConfig() *Config {
 	defaultConfig := &Config{
+		AdminEmail:               "wouter@brainbaking.com",
 		BaseURL:                  "https://jam.brainbaking.com/",
 		Port:                     1337,
 		Token:                    "miauwkes",