Tue, 26 Apr 2016 09:29:30 +0200 Kamil Cholewiński <harry6...@gmail.com> > On Tue, 26 Apr 2016, David Lou <david....@outlook.com> wrote: > > Hello, > > > > This is my first post. :) I suppose this is a high level kind of > > question.
And can have way too many answers, not that many of them OpenBSD related. > > When I say 'blog', I'm referring to a website that contains > > essentially many pages of content. Each content page has attributes > > such as title, date, category, tags, and so on. When a user browsers > > this website, the content pages are served in a visually attractive > > layout, with possible bells and whistles such as Facebook/Twitter > > share buttons, and comment sections. Additional features may include > > a search bar and an archive page. You are drafting a far too complex set of requirements for a 1 man show. You can abandon reading now & order it from a commercial support vendor. > > I'm shying away from popular solutions such as WordPress because > > (1) I'm not sure if it even installs on OpenBSD and more importantly > > (2) I'm not convinced that it adheres to the OpenBSD principles of > > correctness and proactive security. These solutions save lots of time and costs, if you can handle them with proper management, accept there are known hidden expenses and figure out when to stop before it gets unjustified according to your planned budget. > Use a static site generator. Nothing beats a bunch of static files when > it comes to keeping your backend secure. No code is best code. Reality check, structured text presentation beats any sort of generator: [https://en.wikipedia.org/wiki/Lightweight_markup_language] I can recommend one of these, but I would not, so just brainstorm to find what suits you best. Some of these mix well with your text or other editor, some even have export to the static site generators 'harry666t' mentions below, and some of them even directly put your edits in the dynamic site content management and presentation mishmash of system you want to replicate in your design specification. Why not just use a popular system like Drupal, Wordpress, Bloody-logger, adds sponsored futu-Rama-steam-ol-we-blog-roll-yer & rehash them for static site output and publish that? Too much work? Exactly that, use cash! For text edit you only need your choice of text editor, a web browser can have an additional feature to open your preferred editor for you. With the proper use, you don't even need markup of any sort, just plain text structured so it can have line oriented edits for better revisions. The rcs(1) and cvs(1) revision and version management tools work fine: [http://man.openbsd.org/rcs] [http://man.openbsd.org/cvs] An httpd(8) server is in the base system, can server pages immediately: [http://man.openbsd.org/httpd] You can choose to use a text (pre-)processor, template system, etc the entire load of pain and you're better on a pay as you go web service. > Don't try to roll your own, unless you're prepared to deal with CSRF, > XSS, comment spam, blah blah blah. No, actually, try it as best as you can, and what you can create and enhance is exactly what you're capable of actually managing yourself. > Try one of these: https://www.staticgen.com/ Good luck finding one that will not shoot you in the foot in the long run if you are not trained to handle it inside out from the internals. > If you need comments, try https://disqus.com/ And prepare some cost and a person to dedicate to handling the comments. AI is pretty stagnant plus the personal e-assistants still don't get it. > > So going forward I'm planning to learn how to do all of these things. Well, it all shrinks down to cost per feature, justification and profit. > > Does this sound like a good plan? What would you say is a good way > > to learn the correct and secure way of using these technologies? Frankly, NO. Your specs are way off your budget. This looks like a bait question for advertising your preferred service as a final post. If you're just starting with OpenBSD, start with the basics and work up from a single text file up to where your effort and budget may lead you. > > Lastly, just a side question. Not sure if this is an FAQ: Running a > > webserver on OpenBSD probably means I'll need to stay up to date with > > security patches. Is there an automatic script I can run so I don't > > have to constantly worry about this aspect of running a website? > > For OS security updates: https://stable.mtier.org/ That's cool, and worthwhile mention, it's also perfectly good to just run the upgrade from release to -release, -stable via patches or even follow snapshots for close to -current very fine outlined in the FAQ: [http://www.openbsd.org/faq/faq5.html#Flavors] > If you install packages from third-party sources (pip, gem, npm, go get, > whatever), you need to come up with some sort of strategy. Best if you'd > subscribe to some sort of security@ or announce@ mailing list for each > project you care about. The less the better, so edit where you like, copy to web server, done. Regards, Anton
