BOF Toolbox is a kind of index website of tools, services and advice for users that value their privacy and security. It lists both safe options and well known unsafe options so users can quickly identify better alternatives that suits their existing workflow.
This is my first project using Python and Django. Feedback is always welcome..
Original author: Chris Snijder (https://github.com/SnijderC). See toolbox/templates/credits.md for a list of all contributors to the Toolbox and it's contents. This repository is maintained by Bits of Freedom (https://bof.nl). The Toolbox website can be found here: https://toolbox.bof.nl.
- Python 2.7+
- Python header files and static library
- Python pip
- MySQL 5.6+ or any other database supported by Django.*
- MySQL database development files
- JPEG runtime library
To install these dependencies in Debian/Ubuntu:
sudo apt-get install python python-dev python-pip mysql-server-5.6 libmysqlclient-dev libjpeg-dev
* One thing that can be said about another database backend is that the search functionality will not work. You will need to implement a custom solution as this feature uses MySQL's.
-
Make a copy of the Git repo:
git clone https://code.bof.nl/bitsoffreedom/toolbox.git
This should create a new directory called toolbox in the current directory.
-
If you want create a virtual environment to isolate this app's dependencies (and you should) to not depend on system wide changes.
If you have virtualenv, you can skip this:
pip install virtualenv
Next:
virtualenv toolboxenv source ./toolboxenv/bin/activate
-
Copy the
settings/production.py.sample
file tosettings/production.py
, at a minimum supply a database host, name, username and password. Note: For a development setup you should usedevelopment.py
instead. Settings indevelopment.py
overrule settings inproduction.py
.Find these lines and fill in your database settings:
# Database # https://docs.djangoproject.com/en/1.6/ref/settings/#databases DATABASES = { 'default': { 'ENGINE' : 'django.db.backends.mysql', 'NAME' : 'toolbox-prod', 'HOST' : 'localhost', 'USER' : 'toolbox-prod', 'PASSWORD' : 'banaan01' } }
-
Run the following to install the frameworks which consist mainly of Django, Django plugins and some utilities like mysql-python. Then it will initialise the database with empty tables.
pip install -r requirements.txt mkdir toolbox/logs python manage.py syncdb --noinput python manage.py migrate toolbox --noinput python manage.py collectstatic --noinput
If something fails, read the Someone the toolbox section..
Run this to create a superuser (admin) and set a password for said superuser:
python manage.py createsuperuser
-
Magic should happen and you may startup the test server by running:
python manage.py runserver 0.0.0.0:8080 --insecure
NOTE the part where this says
--insecure
. This is for testing only! -
Now browse to:
-
You should setup wsgi in NGINX, Apache or lighthttpd for a production environment. Do not forget this alias:
- /static should point to the toolbox/static/ directory (for all static files) Bits of Freedom uses nginx and uWSGI. uWSGI requires a plugin to work with Python. This plugin can be installed with one command on Debian/Ubuntu:
sudo apt-get install uwsgi-plugin-python
The configuration used by Bits of Freedom is available in the "examples" directory. The nginx example configuration does not have SSL configured, because all SSL connections are terminated at a forward proxy in Bits of Freedom's setup. If you don't use a forward proxy you should configure SSL.
Ok, so plans fail.. Most problems arise from missing dependencies. Try to install them with this command:
pip install -r requirements.txt --allow-external mysql-connector-python
Also, make sure you are working inside your virtual environment. Feel free to ask Bits of Freedom's system administrator for help: [email protected]
Always make a backup before you attempt to upgrade!
Commands to execute inside the virtualenv:
git pull
pip install --upgrade -r requirements.txt
python manage.py syncdb --noinput
python manage.py migrate toolbox --noinput
python manage.py collectstatic --noinput
The entry point for this project is app.py.
There are currently 3 main content providing functions mapped below.
-
Static pages written in Jade or Markdown.
-
Dynamic pages based on the actual database content.
-
The Django admin pages.
The 5 entry points defined in app.py are:
-
The landing page: templates/landing.jade
-
The Django admin pages.
-
Static markdown files, these include e.g. credits and markdown documentation pages: /templates/credit.md and /templates/markdown_doc.md respectively.
-
More static pages but more specifically licenses, obviously in the license dir.
-
Dynamic pages, the actual content of the website. There are 2 index templates and a content template for displaying that content.
- A multi-column index page that shows all the content types.
- A single-column layout that shows one type of content e.g. "tools".
- A content page that contains only a single content item; e.g. one tool: "TOR".
The "slugs" – which is a loosely defined term, can be found in the settings files. There is an array that defines whether a "slug" can come only with or also without an argument, e.g. /tools/
is defined as single but can actually also have an argument: /tools/tor/
. It also defines wether it may occur more than once in the case of: /categorie/e-mail/categorie/encryptie
; multiple
is set to true
. Finally the array specifies a name that corresponds to the database table in English. This way non-Dutch speakers can re-use/contribute to the code, plus in the future it can be made multi-lingual without renaming all the database tables.
Currently these are the "slugs" that may be "single":
- adviezen (advise)
- tools
- diensten (services)
Additionally "single" slugs can only occur once, if they occur twice the last one is taken into consideration, the previous ones are ignored.
In other words: /adviezen/tools/
would lead to the tools section, not the advice section.
These slugs can be of type multiple and can be considered to be "filters":
- categorie
Thus these can occur multiple times:
/categorie/e-mail/categorie/encryptie/categorie/privacy/
These are accumulated (AND) so this would filter out all the tools that help you with encryption and privacy for your e-mail use.
Then there are some slugs that are also filters but for ux simplicity it was decided these should only allow for one selection:
- formfactor
- platform
Lastly there are 2 mute slugs that are for future use:
- licenties (licenses)
- prijs (price)
Yes please... See CONTRIBUTING.md