The web server configuration is nothing special. Just a fairly ordinary Apache, with name-based virtual hosting. I'll describe the configuration for this particular virtual host.
To easily get a standard look and feel across the whole site, as well as making it easy to make changes across the whole site such as adding a new menu entry in the left hand bar to all pages, I use a templating system. I used to use my own homebrew one - which can still do everything I need - but when I installed Bryar to run my journal it needed the Template Toolkit so in the interests of consistency I switched to using that.
The default page for any directory is whichever of [ index.html index.pl index.tt2 ] it comes across first, tt2 being pages written using the new templating system. .tt2 files are handled by this snippet of Apache config:
and run as CGIs - the ExecCGI option is turned on almost everywhere. Parameters can be passed to the Template Toolkit either in the usual CGI way such as in my wishlist or in a file with the same name but with .data tacked on the end, or both - the wishlist in fact uses both methods, having some code in the .data file which parses a CSV file. The contents of the .data files is private. If I have several .tt2 files in a directory, they can all share a data file too, called _allfiles.tt2.data. This is handy when I need some data in common for all of them. Anything in there is over-ridden by any page-specific .data file. .data files can include things like tied hashes to refer to big data sets such as in this copy of the first ever work of science fiction, where I have the whole of the bible in a dbm file and just pull out whatever bits the user asked for.AddHandler text/tt2 .tt2 Action text/tt2 /david/tt2.pl
Security is handled in a few different ways. First of all, there are some files which have permissions such that the web server just can't do anything with them. An example is the indexer for the search engine, which needs to run as a regular user. Second, there is a 'private' directory which has no default page and has directory browsing turned off. Unless I point you at a specific file in there, you've got no realistic chance of figuring out anything that's in there, so that's how I share private files with small groups of people. Third, I use mod_rewrite to control access to files like the .tt2.data files like so:
and finally, because so many rude little shits think it's clever to use my photographs as the backgrounds on their spotty-teenage-oik-site-of-the-week pages, I have mod_rewrite check all image requests and only allow them through if the request is coming from certain sites.RewriteRule \.tt2\.data$ - [F,L]
My journal is a fairly standard installation of Bryar. Almost all of the customisation is done in the templates. The only changes I've made are:
- Templates get passed the normal list of documents to show, plus a list of recent documents, plus a list of all but the recent documents. I'm sure these two extra lists are available if I poke and prod the Bryar object correctly from within a template, but I couldn't figure it out and so cheated;
- Comments have seperate URL and email fields;
- I get email whenever someone submits a comment;
- Comments that contain certain spammish indicators just get emailed to me so I can check them and add them manually if they're OK;
- If they contain too many spammish indicators, they just get a 500 error which will hopefully make the spam-bots go away.
Searching is handled by my own custom search engine which is due for a re-write. Its indexer periodically grovels over the entire site, including the journal. It follows links between <noindex> ... </noindex> tags but doesn't bother indexing the text between them, so I can suppress indexing of the menu items on the left.
The site is published from my laptop to my server in the only way that makes sense - using make and rsync.