On Tue, Apr 26, 2016 at 06:15:22AM +0000, David Lou wrote: > Hello, Hi there,
> This is my first post. :) I suppose this is a high level kind of > question. > > When I say 'blog', I'm referring to a website that contains > essentially many pages of content. Each content page has attributes > such as title, date, category, tags, and so on. When a user browsers > this website, the content pages are served in a visually attractive > layout, with possible bells and whistles such as Facebook/Twitter > share buttons, and comment sections. Additional features may include > a search bar and an archive page. > > I'm shying away from popular solutions such as WordPress because > (1) I'm not sure if it even installs on OpenBSD and more importantly Wordpress appears to have been removed from ports. But there is Drupal. And you may take a look at blogsum. The latter is unknown to me but it popped up when I did some browsing in pkg_mgr. $ pkg_info drupal $ pkg_info blogsum > (2) I'm not convinced that it adheres to the OpenBSD principles of > correctness and proactive security. That goes for a lot of ports. FAQ 15 states: "The packages and ports collection does NOT go through the same thorough security audit that is performed on the OpenBSD base system. Although we strive to keep the quality of the packages collection high, we just do not have enough human resources to ensure the same level of robustness and security." > So with that said, I'd like to solicit some feedback on how such a > blog website should be built. Personally I'm thinking of some kind > of homegrown solution. First I'd design my own database that stores Good luck with that but I'd say you're up for a steep learning curve and potentially a tremendous amount of work.. > the attributes of all content pages. And then I'd use a web server--- > whenever a user visits a webpage, the web server would run some kind > of script that queries the database for all the necessary information > and wraps the content page in a nicely designed HTML document. That pretty much sums up the absolute basic functionalities of any "popular solution" out there, like above mentioned Drupal. Think twice before trying to reinvent the wheel. > OpenBSD seems to come with nginx in the port tree as its web server Yes. And Apache. And a bunch of other webservers. But OpenBSD also comes with its own "built-in" webserver, httpd(8). It's wonderful! $ man httpd > but right now I don't know what scripting options it provides for > serving dynamic web content. So going forward I'm planning to learn > how to do all of these things. Most that matters are supported. Support for Perl and PHP is extensive. > Does this sound like a good plan? What would you say is a good way > to learn the correct and secure way of using these technologies? Start with an existing solution like Drupal. It may be totally overkill but you'll get to know the terminology and technologies involved. If you insist on developing a homegrown solution, keep in mind that people easily get bored when things are not working. And content matters more than design! If what you have to say is interesting, people will read it almost regardless of the way you present it. If you got nothing to say people will not care even if the pages are otherwise esthetically pleasant. > Lastly, just a side question. Not sure if this is an FAQ: Running a > webserver on OpenBSD probably means I'll need to stay up to date with > security patches. Is there an automatic script I can run so I don't > have to constantly worry about this aspect of running a website? > > David
