December 16
Hi everyone, hope you're doing well!
Lots of updates to share, details below.
Email Provider
I settled on ZohoMail as an email provider for Deserted Chateau (not for sending e.g. activation and other automatic emails, but for email inboxes for myself and e.g. support email). It has strong data privacy commitments, is GDPR compliant and has a free plan for up to 5 email addresses which is very nice. Besides that, I wasn’t keen on bigger companies’ offerings like Google Workspace, as they’re expensive in comparison (even when paying, ZohoMail is ~$1 a month for basic email accounts, compared to Google at around $6 and Microsoft at a similar price point).
I’ve set up all of the necessary DNS records and authentication for the server, which I’ve also documented on BookStack since it’s useful stuff to remember anyway (plus some possible pitfalls when using this and Amazon SES).
Submit Artwork backend improvements
I’ve changed some of the backend logic of submitting artworks, so that 4K images are only made publicly available if the user specifically wants it (as opposed to e.g. just not making the link available). This also means some extra work for 4K display options, since now choosing to set an artwork (or all artworks for a user) as enabled or not enabled for 4K means moving artworks between S3 buckets, but this allows artists greater control
Image resizer: code improvements
Went back and modified some of the image resizing code that’s been sitting around for a while; I’ve improved it to enable users to upload transparent PNGs, and have them remain as transparent PNGs instead of being converted to JPGs where the transparency would be lost.
There’s some cleanup work to do in that code, it’s still rather messy and needs a bit of fine tuning, but that should be relatively easy.
Custom Theme improvements
I’ve added all of the different CSS variables to the appearance area, so that users can control more parts of how the site looks if they want to.
I still need to modify the settings page for it a little bit, so that a “simple” and “advanced” appearance settings page is possible. Some CSS variables are only used for a handful of purposes, or e.g. are basically derivations of others (for example, the normal font color and the ‘dark shade’ of the font color for disabled elements and the like), where a user should be able to set the font color and the other associated variables get set to related values automatically in a ‘simple’ settings layout.
Documentation server: most documentation migrated
I’ve made a lot of progress in writing articles for the documentation server, not just about Deserted Chateau’s implementation but also about general advice for other people wanting to make art websites. My plan is to make the documentation server public by the end of the month or earlier; I don’t think it will be finished by then, but I don’t see a lot of reason to wait until it’s “absolutely finished”. We’ll see though.
Documentation server: docs for other art sites & docs for public reading about tech used in Deserted Chateau, etc
As part of the documentation server, I’ve been writing a lot of information about security and implementation details for websites in general. There’s a lot on there now but still more to do, and I’ve been realising that I need to restructure Deserted Chateau’s internal documentation a bit: there’s a lot of e.g. “AWS-specific” instructions in there which would be better off in a different section. I’ll need to think a little and figure out how to best do that.
Setting up WAF with CloudFront
It’s a little weird, due to the way in which AWS VPCs operate, but setting up WAF to protect Lightsail servers is a lot less intuitive than it ought to be. I’ve figured it out, and basically it requires using a Lightsail load balancer and then directing all traffic to that load balancer from a CloudFront CDN distribution - basically making the distribution the first point of contact for users, then the load balancer, with WAF acting on the CDN. Not entirely unlike other solutions, but still a bit weird.
Either way, having WAF enabled is very important, so it’s good to have the deployment instructions for it ready and written up. At this point I may just keep the test environment using a load balancer - it’s more expensive but at this point that’s less of a concern (extra $25 a month or so with load balancer + WAF).
FFmpeg compilation testing
Tested compiling Linux manually instead of relying on John Van Sickle’s pre-built versions; got it working and documented the steps in detail as part of the documentation writeup. Takes a little time to compile, but with the steps worked out it’s a fairly simple process now.
HTML, CSS and JS refactoring and improvements, continued
- Improved Settings -> Artwork page layout
- Improved Settings -> Notifications page layout
- All remaining JavaScript files that aren’t classes have been refactored into classes
- Fixed a weird CSS issue where banners in user profiles had a slight bright spot at the bottom, due to what I assume is a weird discrepancy in floating point arithmetic causing it to set the darkening gradient a little too small (yep, really…)
- Looking into user profile changes for showing links
- Refactored user profile code; no more PHP rendering stuff, moved into JavaScript file for better code readability and maintenance
- TinyMCE editor content now gets run through the HTMLPurifier library server side, although this needed some careful configuration to not break emoticons (and probably needs more testing on other elements).
Bug Fixes
- Fixed artwork titles not displaying correctly if they contained HTML entities (e.g. & symbol)
- Fixed subscription status not showing correctly
- Fixed the content security policy blocking data:image URLs (making the two factor auth settings image break)
- Fixed submit artwork form failing to display errors properly when a submitted file is over size limits
- Fixed a bug causing multiple submission uploads to fail
- Fixed a bug causing the “no notifications” and “no private messages” areas to appear in the navbar dropdowns when a user has none to display