diff --git a/.gitignore b/.gitignore index 6070f82..2f98d2a 100644 --- a/.gitignore +++ b/.gitignore @@ -2,6 +2,9 @@ node_modules .vscode +# Personalisation stuff +/src/site/pug/privacy.pug + # Database stuff db/**/*.db* diff --git a/src/lib/constants.js b/src/lib/constants.js index ce3bc00..0dafec3 100644 --- a/src/lib/constants.js +++ b/src/lib/constants.js @@ -7,6 +7,7 @@ let constants = { // Things that server owners _should_ change! website_origin: "http://localhost:10407", + has_privacy_policy: false, // You MUST read /src/site/pug/privacy.pug.template before changing this! // Things that server owners _could_ change if they want to. tor: { diff --git a/src/site/api/routes.js b/src/site/api/routes.js index 91f6f99..67a324a 100644 --- a/src/site/api/routes.js +++ b/src/site/api/routes.js @@ -10,10 +10,27 @@ module.exports = [ return render(200, "pug/home.pug", { rssEnabled: constants.settings.rss_enabled, allUnblocked: history.testNoneBlocked(), - torAvailable: switcher.canUseTor() + torAvailable: switcher.canUseTor(), + hasPrivacyPolicy: constants.has_privacy_policy }) } }, + { + route: "/privacy", methods: ["GET"], code: async () => { + if (constants.has_privacy_policy && pugCache.has("pug/privacy.pug")) { + return render(200, "pug/privacy.pug") + } else { + return render(404, "pug/friendlyerror.pug", { + statusCode: 404, + title: "No privacy policy", + message: "No privacy policy", + explanation: + "The owner of this instance has not actually written a privacy policy." + +"\nIf you own this instance, please read the file stored at /src/site/pug/privacy.pug.template." + }) + } + } + }, { route: `/u`, methods: ["GET"], code: async ({url}) => { if (url.searchParams.has("u")) { diff --git a/src/site/pug/home.pug b/src/site/pug/home.pug index c3788a5..26d1f8a 100644 --- a/src/site/pug/home.pug +++ b/src/site/pug/home.pug @@ -1,4 +1,4 @@ -//- Needs rssEnabled, allUnblocked, torAvailable +//- Needs rssEnabled, allUnblocked, torAvailable, hasPrivacyPolicy doctype html html @@ -33,6 +33,10 @@ html It does not preserve deleted posts. h2 About this instance ul + if hasPrivacyPolicy + li: a(href="/privacy") Privacy policy + else + li Owner has not written a privacy policy li Instance is #{allUnblocked ? "not blocked" : "blocked"} li RSS feeds are #{rssEnabled ? "enabled" : "disabled"} li Tor is #{torAvailable ? "enabled" : "not available"} diff --git a/src/site/pug/privacy.pug.template b/src/site/pug/privacy.pug.template new file mode 100644 index 0000000..85c24d0 --- /dev/null +++ b/src/site/pug/privacy.pug.template @@ -0,0 +1,100 @@ +//- + ============================================================================ + + Welcome. Please read this entire section before you start writing. + + It is important for instance owners to provide a privacy policy so that + their users understand what data is collected and how it is used. + + This is a Pug file. https://pugjs.org/ You can write any valid Pug here, + but no variables are imported for you to use. + + If you are unfamiliar with Pug, you can also write HTML tags. You can mix + Pug and HTML in this file. + + Get started by following these instructions: + + 1. Copy this file from /src/site/pug/privacy.pug.template + to /src/site/pug/privacy.pug + 2. Edit this file to represent the actual privacy policy of your service. + You will likely need to delete or create entire sections of text. + 3. Open /config.js and add the pair `has_privacy_policy: true` to + mark your instance as having a privacy policy. The policy will be linked + on the homepage and a feature will be added to /api/stats. + + If you prefer to set your privacy policy through other software like nginx, + you may just set the pair in config.js without following steps 1-2. Set up + a rule for the URL `/privacy` to either serve a page or redirect somewhere. + If you choose to do that, Bibliogram will not be able to apply meta tags + or CSS to your page. + + ============================================================================ + +html + head + title Privacy policy | Bibliogram + include includes/head + body.privacy-policy + article + h1 Privacy policy + + section + //- + This data is collected by the Bibliogram software itself. It is + likely the same for your instance, unless you have set + special settings to change it. + h2 Data collected by Bibliogram + p. + Bibliogram logs all incoming request URLs and the time of the request + to the console, but does not log headers, IP addresses, or other + information. These logs are not stored on disk. + p. + Bibliogram has a database that stores the usernames and IDs of + viewed users, and all data about viewed posts. This data is not + linked with the user that requested it. + + section + //- + This data is not collected by Bibliogram, and is specific to your + server, and is entirely within your control. + If you operate under a "no logs" policy, you can likely delete this + entire section. + h2 Data collected by nginx + p. + This server uses nginx as a reverse proxy to Bibliogram. nginx is + configured to use the default logging settings, which means that this + data is logged: + ul + li Request timestamp + li Request URL + li IP address + li Reported user agent + li Reported referrer + p. + These logs are saved to disk and stored indefinitely. + + section + //- + I sure hope you're not sending user data anywhere, but if you actually + are, you'll need to change this section. + If you use Google Analytics or similar software, you could write + about it here. + h2 Sending data + p. + Data collected by Bibliogram is not public and is never sent + to any external services. + + section + h2 Exporting or deleting your data + p. + Since Bibliogram does not associate any stored data with a user + identifier, we cannot export or delete "your" data since we have + no concept of "you". + + //- + Remember that you can create or delete entire sections containing + whatever content you want! + + section.return-home + div + a(href="/") ← Back to homepage diff --git a/src/site/sass/main.sass b/src/site/sass/main.sass index 0331437..d318eb4 100644 --- a/src/site/sass/main.sass +++ b/src/site/sass/main.sass @@ -446,3 +446,29 @@ body .link-to-hashtag color: #127722 + +.privacy-policy + max-width: 700px + min-height: 100vh + margin: 0px auto + padding: 0px 10px 80px + font-size: 20px + line-height: 1.4 + background-color: #481717 + color: #e2e2e2 + + h1, h2, h3 + color: #f4f4f4 + + h1 + margin: 40px 0px + font-size: 48px + + a, a:visited + color: #ffb8b8 + + .return-home + line-height: 1 + margin-top: 45px + padding-top: 15px + border-top: 1px solid #714141