Hopefully fix all links on doc site
This commit is contained in:
parent
215d02b341
commit
8e8016d0fd
|
@ -20,8 +20,8 @@ This document attempts to track **major** changes and additions in ENiGMA½. For
|
||||||
+ `oputil.js user rename USERNAME NEWNAME`
|
+ `oputil.js user rename USERNAME NEWNAME`
|
||||||
+ `my_messages.js` module (defaulted to "m" at the message menu) to list public messages addressed to the currently logged in user. Takes into account their username and `real_name` property.
|
+ `my_messages.js` module (defaulted to "m" at the message menu) to list public messages addressed to the currently logged in user. Takes into account their username and `real_name` property.
|
||||||
+ SSH Public Key Authentication has been added. The system uses a OpenSSH style public key set on the `ssh_public_key` user property.
|
+ SSH Public Key Authentication has been added. The system uses a OpenSSH style public key set on the `ssh_public_key` user property.
|
||||||
+ 2-Factor (2FA) authentication is now available using [RFC-4266 - HOTP: HMAC-Based One-Time Password Algorithm)](https://tools.ietf.org/html/rfc4226), [RFC-6238 - TOTP: Time-Based One-Time Password Algorithm](https://tools.ietf.org/html/rfc6238), or [Google Authenticator](http://google-authenticator.com/). QR codes for activation are available as well. One-time backup aka recovery codes can also be used. See [Security](/docs/configuration/security.md) for more info!
|
+ 2-Factor (2FA) authentication is now available using [RFC-4266 - HOTP: HMAC-Based One-Time Password Algorithm)](https://tools.ietf.org/html/rfc4226), [RFC-6238 - TOTP: Time-Based One-Time Password Algorithm](https://tools.ietf.org/html/rfc6238), or [Google Authenticator](http://google-authenticator.com/). QR codes for activation are available as well. One-time backup aka recovery codes can also be used. See [Security](./docs/configuration/security.md) for more info!
|
||||||
* New ACS codes for new 2FA/OTP: `AR` and `AF`. See [ACS](/docs/configuration/acs.md) for details.
|
* New ACS codes for new 2FA/OTP: `AR` and `AF`. See [ACS](./docs/configuration/acs.md) for details.
|
||||||
+ `oputil.js user 2fa USERNAME TYPE` enables 2-factor authentication for a user.
|
+ `oputil.js user 2fa USERNAME TYPE` enables 2-factor authentication for a user.
|
||||||
* `oputil.js user info USERNAME --security` can now display additional security information such as 2FA/OTP.
|
* `oputil.js user info USERNAME --security` can now display additional security information such as 2FA/OTP.
|
||||||
* `oputil.js fb scan --quick` is now the default. Override with `--full`.
|
* `oputil.js fb scan --quick` is now the default. Override with `--full`.
|
||||||
|
@ -84,8 +84,8 @@ submit: [
|
||||||
* `install.sh` will now attempt to use NPM's `--build-from-source` option when ARM is detected.
|
* `install.sh` will now attempt to use NPM's `--build-from-source` option when ARM is detected.
|
||||||
* `oputil.js config new` will now generate a much more complete configuration file with comments, examples, etc. `oputil.js config cat` dumps your current config to stdout.
|
* `oputil.js config new` will now generate a much more complete configuration file with comments, examples, etc. `oputil.js config cat` dumps your current config to stdout.
|
||||||
* Handling of failed login attempts is now fully in. Disconnect clients, lock out accounts, ability to auto or unlock at (email-driven) password reset, etc. See `users.failedLogin` in `config.hjson`.
|
* Handling of failed login attempts is now fully in. Disconnect clients, lock out accounts, ability to auto or unlock at (email-driven) password reset, etc. See `users.failedLogin` in `config.hjson`.
|
||||||
* NNTP support! See [NNTP docs](/docs/servers/nntp.md) for more information.
|
* NNTP support! See [NNTP docs](./docs/servers/nntp.md) for more information.
|
||||||
* `oputil.js user rm` and `oputil.js user info` are in! See [oputil CLI](/docs/admin/oputil.md).
|
* `oputil.js user rm` and `oputil.js user info` are in! See [oputil CLI](./docs/admin/oputil.md).
|
||||||
* Performing a file scan/import using `oputil.js fb scan` now recognizes various `FILES.BBS` formats.
|
* Performing a file scan/import using `oputil.js fb scan` now recognizes various `FILES.BBS` formats.
|
||||||
* Usernames found in the `config.users.badUserNames` are now not only disallowed from applying, but disconnected at any login attempt.
|
* Usernames found in the `config.users.badUserNames` are now not only disallowed from applying, but disconnected at any login attempt.
|
||||||
* Total minutes online is now tracked for users. Of course, it only starts after you get the update :)
|
* Total minutes online is now tracked for users. Of course, it only starts after you get the update :)
|
||||||
|
|
|
@ -9,7 +9,7 @@ title: Administration
|
||||||
See [Updating](updating.md).
|
See [Updating](updating.md).
|
||||||
|
|
||||||
## Viewing Logs
|
## Viewing Logs
|
||||||
See [Monitoring Logs](/docs/troubleshooting/monitoring-logs.md).
|
See [Monitoring Logs](../troubleshooting/monitoring-logs.md).
|
||||||
|
|
||||||
## Managing Users
|
## Managing Users
|
||||||
User management is currently handled via the [oputil CLI](oputil.md).
|
User management is currently handled via the [oputil CLI](oputil.md).
|
||||||
|
|
|
@ -107,7 +107,7 @@ info arguments:
|
||||||
| `group` | Modifies users group membership | Add to group: `./oputil.js user group joeuser +derp`<br/>Remove from group: `./oputil.js user group joeuser -derp` | N/A |
|
| `group` | Modifies users group membership | Add to group: `./oputil.js user group joeuser +derp`<br/>Remove from group: `./oputil.js user group joeuser -derp` | N/A |
|
||||||
|
|
||||||
#### Manage 2FA/OTP
|
#### Manage 2FA/OTP
|
||||||
While `oputil.js` can be used to manage a user's 2FA/OTP, it is highly recommended to require users to opt-in themselves. See [Security](/docs/configuration/security.md) for details.
|
While `oputil.js` can be used to manage a user's 2FA/OTP, it is highly recommended to require users to opt-in themselves. See [Security](../configuration/security.md) for details.
|
||||||
|
|
||||||
## Configuration
|
## Configuration
|
||||||
The `config` command allows sysops to perform various system configuration and maintenance tasks.
|
The `config` command allows sysops to perform various system configuration and maintenance tasks.
|
||||||
|
|
|
@ -25,7 +25,7 @@ npm install # or 'yarn'
|
||||||
|
|
||||||
:information_source: Visual diff tools such as [DiffMerge](https://www.sourcegear.com/diffmerge/downloads.php) (free, works on all major platforms) can be very helpful for the tasks outlined above!
|
:information_source: Visual diff tools such as [DiffMerge](https://www.sourcegear.com/diffmerge/downloads.php) (free, works on all major platforms) can be very helpful for the tasks outlined above!
|
||||||
|
|
||||||
:bulb: It is recommended to [monitor logs](/docs/troubleshooting/monitoring-logs.md) and poke around a bit after an update!
|
:bulb: It is recommended to [monitor logs](../troubleshooting/monitoring-logs.md) and poke around a bit after an update!
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -64,7 +64,7 @@ ENiGMA½ uses a fallback system for art selection. When a menu entry calls for a
|
||||||
4. In the `art/general` directory.
|
4. In the `art/general` directory.
|
||||||
|
|
||||||
#### ACS-Driven Conditionals
|
#### ACS-Driven Conditionals
|
||||||
The [ACS](/docs/configuration/acs.md) system can be used to make conditional art selection choices. To do this, provide an array of possible values in your art spec. As an example:
|
The [ACS](../configuration/acs.md) system can be used to make conditional art selection choices. To do this, provide an array of possible values in your art spec. As an example:
|
||||||
```hjson
|
```hjson
|
||||||
{
|
{
|
||||||
fancyMenu: {
|
fancyMenu: {
|
||||||
|
@ -153,4 +153,4 @@ fullLogoffSequenceRandomBoardAd: {
|
||||||
```
|
```
|
||||||
|
|
||||||
### See Also
|
### See Also
|
||||||
See also the [Show Art Module](/docs/modding/show-art.md) for more advanced art display!
|
See also the [Show Art Module](../modding/show-art.md) for more advanced art display!
|
|
@ -73,8 +73,8 @@ All `users` can read (see) the area, `sysops` and `co-ops` can write (upload), a
|
||||||
## ACS Touch Points
|
## ACS Touch Points
|
||||||
The following touch points exist in the system. Many more are planned:
|
The following touch points exist in the system. Many more are planned:
|
||||||
|
|
||||||
* [Message conferences and areas](/docs/messageareas/configuring-a-message-area.md)
|
* [Message conferences and areas](../messageareas/configuring-a-message-area.md)
|
||||||
* [File base areas](/docs/filebase/first-file-area.md) and [Uploads](/docs/filebase/uploads.md)
|
* [File base areas](../filebase/first-file-area.md) and [Uploads](../filebase/uploads.md)
|
||||||
* Menus within [Menu HJSON (menu.hjson)](menu-hjson.md)
|
* Menus within [Menu HJSON (menu.hjson)](menu-hjson.md)
|
||||||
|
|
||||||
See the specific areas documentation for information on available ACS checks.
|
See the specific areas documentation for information on available ACS checks.
|
||||||
|
|
|
@ -8,7 +8,7 @@ ENiGMA½ configuration files such as the [system config](config-hjson.md), [menu
|
||||||
## Hot-Reload
|
## Hot-Reload
|
||||||
Nearly all of ENiGMA½'s configuration can be hot-reloaded. That is, a live system can have it's configuration modified and it will be loaded in place.
|
Nearly all of ENiGMA½'s configuration can be hot-reloaded. That is, a live system can have it's configuration modified and it will be loaded in place.
|
||||||
|
|
||||||
:bulb: [Monitoring live logs](/docs/troubleshooting/monitoring-logs.md) is useful when making live changes. The system will complain if something is wrong!
|
:bulb: [Monitoring live logs](.../troubleshooting/monitoring-logs.md) is useful when making live changes. The system will complain if something is wrong!
|
||||||
|
|
||||||
## Common Directives
|
## Common Directives
|
||||||
### Includes
|
### Includes
|
||||||
|
@ -74,7 +74,7 @@ Consider `actionKeys` in a menu. Often times you may show a screen and the user
|
||||||
:information_source: An unresolved `@reference` will be left intact.
|
:information_source: An unresolved `@reference` will be left intact.
|
||||||
|
|
||||||
### Environment Variables
|
### Environment Variables
|
||||||
Especially in a container environment such as [Docker](/docs/installation/docker.md), environment variable access in configuration files can become very handy. ENiGMA½ provides a flexible way to access variables using the `@environment` directive. The most basic form of `@environment:VAR_NAME` produces a string value. Additionally a `:type` suffix can be supplied to coerece the value to a particular type. Variables pointing to a comma separated list can be turned to arrays using an additional `:array` suffix.
|
Especially in a container environment such as [Docker](../installation/docker.md), environment variable access in configuration files can become very handy. ENiGMA½ provides a flexible way to access variables using the `@environment` directive. The most basic form of `@environment:VAR_NAME` produces a string value. Additionally a `:type` suffix can be supplied to coerece the value to a particular type. Variables pointing to a comma separated list can be turned to arrays using an additional `:array` suffix.
|
||||||
|
|
||||||
Below is a table of the various forms:
|
Below is a table of the various forms:
|
||||||
|
|
||||||
|
|
|
@ -43,8 +43,8 @@ Below is a list of various configuration sections. There are many more, but this
|
||||||
* [Archivers](archivers.md): Set up external archive utilities for handling things like ZIP, ARJ, RAR, and so on.
|
* [Archivers](archivers.md): Set up external archive utilities for handling things like ZIP, ARJ, RAR, and so on.
|
||||||
* [Email](email.md): System email support.
|
* [Email](email.md): System email support.
|
||||||
* [Event Scheduler](event-scheduler.md): Set up events as you see fit!
|
* [Event Scheduler](event-scheduler.md): Set up events as you see fit!
|
||||||
* [File Base](/docs/filebase/index.md)
|
* [File Base](../filebase/index.md)
|
||||||
* [File Transfer Protocols](file-transfer-protocols.md): Oldschool file transfer protocols such as X/Y/Z-Modem!
|
* [File Transfer Protocols](file-transfer-protocols.md): Oldschool file transfer protocols such as X/Y/Z-Modem!
|
||||||
* [Message Areas](/docs/messageareas/configuring-a-message-area.md), [Networks](/docs/messageareas/message-networks.md), [NetMail](/docs/messageareas/netmail.md), etc.
|
* [Message Areas](../messageareas/configuring-a-message-area.md), [Networks](../messageareas/message-networks.md), [NetMail](../messageareas/netmail.md), etc.
|
||||||
* ...and a **lot** more! Explore the docs! If you can't find something, please contact us!
|
* ...and a **lot** more! Explore the docs! If you can't find something, please contact us!
|
||||||
|
|
||||||
|
|
|
@ -6,7 +6,7 @@ title: External Support Binaries
|
||||||
## External Support Binaries
|
## External Support Binaries
|
||||||
ENiGMA½ relies on various external binaries in order to perform common tasks such as processing file archives and extracting information from uploads/file imports, some legacy transfer protocols, etc.
|
ENiGMA½ relies on various external binaries in order to perform common tasks such as processing file archives and extracting information from uploads/file imports, some legacy transfer protocols, etc.
|
||||||
|
|
||||||
:correct: Before using features such as the [File Base](/docs/filebase/index.md) or [File Transfer Protocols](/docs/configuration/file-transfer-protocols.md) it is highly recommended to install support binaries!
|
:correct: Before using features such as the [File Base](../filebase/index.md) or [File Transfer Protocols](../configuration/file-transfer-protocols.md) it is highly recommended to install support binaries!
|
||||||
|
|
||||||
## Archivers
|
## Archivers
|
||||||
Below is a table of pre-configured archivers. Remember that you can override settings or add new handlers! See [Archivers](archivers.md).
|
Below is a table of pre-configured archivers. Remember that you can override settings or add new handlers! See [Archivers](archivers.md).
|
||||||
|
|
|
@ -40,7 +40,7 @@ See https://hjson.org/users.html for more more editors & plugins.
|
||||||
### Hot-Reload A.K.A. Live Editing
|
### Hot-Reload A.K.A. Live Editing
|
||||||
ENiGMA½'s configuration, menu, and theme files can edited while your BBS is running. When a file is saved, it is hot-reloaded into the running system. If users are currently connected and you change a menu for example, the next reload of that menu will show the changes.
|
ENiGMA½'s configuration, menu, and theme files can edited while your BBS is running. When a file is saved, it is hot-reloaded into the running system. If users are currently connected and you change a menu for example, the next reload of that menu will show the changes.
|
||||||
|
|
||||||
:information_source: See also [Configuration Files](/docs/configuration/config-files.md)
|
:information_source: See also [Configuration Files](../configuration/config-files.md)
|
||||||
|
|
||||||
### CaSe SeNsiTiVE
|
### CaSe SeNsiTiVE
|
||||||
Configuration keys are **case sensitive**. That means if a configuration key is `boardName` for example, `boardname`, or `BOARDNAME` **will not work**.
|
Configuration keys are **case sensitive**. That means if a configuration key is `boardName` for example, `boardname`, or `BOARDNAME` **will not work**.
|
||||||
|
|
|
@ -20,7 +20,7 @@ showSomeArt: {
|
||||||
config: { pause: true }
|
config: { pause: true }
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
As you can see a menu can be very simple.
|
As you can see a menu can be very simple.
|
||||||
|
|
||||||
:information_source: Remember that the top level menu may include additional files using the `includes` directive. See [Configuration Files](config-files.md) for more information on this.
|
:information_source: Remember that the top level menu may include additional files using the `includes` directive. See [Configuration Files](config-files.md) for more information on this.
|
||||||
|
|
||||||
|
@ -30,7 +30,7 @@ Below is a table of **common** menu entry members. These members apply to most e
|
||||||
| Item | Description |
|
| Item | Description |
|
||||||
|--------|--------------|
|
|--------|--------------|
|
||||||
| `desc` | A friendly description that can be found in places such as "Who's Online" or wherever the `%MD` MCI code is used. |
|
| `desc` | A friendly description that can be found in places such as "Who's Online" or wherever the `%MD` MCI code is used. |
|
||||||
| `art` | An art file *spec*. See [General Art Information](/docs/art/general.md). |
|
| `art` | An art file *spec*. See [General Art Information](../art/general.md). |
|
||||||
| `next` | Specifies the next menu entry to go to next. Can be explicit or an array of possibilities dependent on ACS. See **Flow Control** in the **ACS Checks** section below. If `next` is not supplied, the next menu is this menus parent. Note that special built in methods such as `@systemMethod:logoff` can also be utilized here. |
|
| `next` | Specifies the next menu entry to go to next. Can be explicit or an array of possibilities dependent on ACS. See **Flow Control** in the **ACS Checks** section below. If `next` is not supplied, the next menu is this menus parent. Note that special built in methods such as `@systemMethod:logoff` can also be utilized here. |
|
||||||
| `prompt` | Specifies a prompt, by name, to use along with this menu. Prompts are configured in the `prompts` section. See **Prompts** for more information. |
|
| `prompt` | Specifies a prompt, by name, to use along with this menu. Prompts are configured in the `prompts` section. See **Prompts** for more information. |
|
||||||
| `submit` | Defines a submit handler when using `prompt`.
|
| `submit` | Defines a submit handler when using `prompt`.
|
||||||
|
@ -41,7 +41,7 @@ Below is a table of **common** menu entry members. These members apply to most e
|
||||||
### Menu Modules
|
### Menu Modules
|
||||||
A given menu entry is backed by a *menu module*. That is, the code behind it. Menus are considered "standard" if the `module` member is not specified (and therefore backed by `core/standard_menu.js`).
|
A given menu entry is backed by a *menu module*. That is, the code behind it. Menus are considered "standard" if the `module` member is not specified (and therefore backed by `core/standard_menu.js`).
|
||||||
|
|
||||||
See [Menu Modules](/docs/modding/menu-modules.md) for more information.
|
See [Menu Modules](../modding/menu-modules.md) for more information.
|
||||||
|
|
||||||
### Config Block
|
### Config Block
|
||||||
The `config` block for a menu entry can contain common members as well as a per-module (when `module` is used) settings.
|
The `config` block for a menu entry can contain common members as well as a per-module (when `module` is used) settings.
|
||||||
|
@ -51,8 +51,8 @@ The `config` block for a menu entry can contain common members as well as a per-
|
||||||
| `cls` | If `true` the screen will be cleared before showing this menu. |
|
| `cls` | If `true` the screen will be cleared before showing this menu. |
|
||||||
| `pause` | If `true` a pause will occur after showing this menu. Useful for simple menus such as displaying art or status screens. |
|
| `pause` | If `true` a pause will occur after showing this menu. Useful for simple menus such as displaying art or status screens. |
|
||||||
| `nextTimeout` | Sets the number of **milliseconds** before the system will automatically advanced to the `next` menu. |
|
| `nextTimeout` | Sets the number of **milliseconds** before the system will automatically advanced to the `next` menu. |
|
||||||
| `baudRate` | See baud rate information in [General Art Information](/docs/art/general.md). |
|
| `baudRate` | See baud rate information in [General Art Information](../art/general.md). |
|
||||||
| `font` | Sets a SyncTERM style font to use when displaying this menus `art`. See font listing in [General Art Information](/docs/art/general.md). |
|
| `font` | Sets a SyncTERM style font to use when displaying this menus `art`. See font listing in [General Art Information](../art/general.md). |
|
||||||
| `menuFlags` | An array of menu flag(s) controlling menu behavior. See **Menu Flags** below.
|
| `menuFlags` | An array of menu flag(s) controlling menu behavior. See **Menu Flags** below.
|
||||||
|
|
||||||
#### Menu Flags
|
#### Menu Flags
|
||||||
|
@ -70,7 +70,7 @@ ENiGMA½ uses a concept of *forms* in menus. A form is a collection of associate
|
||||||
|
|
||||||
Menus may also support more than one layout type by using a *MCI key*. A MCI key is a alpha-numerically sorted key made from 1:n MCI codes. This lets the system choose the appropriate set of form(s) based on theme or random art. An example of this may be a matrix menu: Perhaps one style of your matrix uses a vertical light bar (`VM` key) while another uses a horizontal (`HM` key). The system can discover the correct form to use by matching MCI codes found in the art to that of the available forms defined in `menu.hjson`.
|
Menus may also support more than one layout type by using a *MCI key*. A MCI key is a alpha-numerically sorted key made from 1:n MCI codes. This lets the system choose the appropriate set of form(s) based on theme or random art. An example of this may be a matrix menu: Perhaps one style of your matrix uses a vertical light bar (`VM` key) while another uses a horizontal (`HM` key). The system can discover the correct form to use by matching MCI codes found in the art to that of the available forms defined in `menu.hjson`.
|
||||||
|
|
||||||
For more information on views and associated MCI codes, see [MCI Codes](/docs/art/mci.md).
|
For more information on views and associated MCI codes, see [MCI Codes](../art/mci.md).
|
||||||
|
|
||||||
## Submit Handlers
|
## Submit Handlers
|
||||||
When a form is submitted, it's data is matched against a *submit handler*. When a match is found, it's *action* is performed.
|
When a form is submitted, it's data is matched against a *submit handler*. When a match is found, it's *action* is performed.
|
||||||
|
@ -135,7 +135,7 @@ telnetConnected: {
|
||||||
```
|
```
|
||||||
|
|
||||||
The above entry `telnetConnected` is set as the Telnet server's first menu entry (set by `firstMenu` in the Telnet server's config). The entry sets up a few things:
|
The above entry `telnetConnected` is set as the Telnet server's first menu entry (set by `firstMenu` in the Telnet server's config). The entry sets up a few things:
|
||||||
* A `art` spec of `CONNECT`. (See [General Art Information](/docs/art/general.md)).
|
* A `art` spec of `CONNECT`. (See [General Art Information](../art/general.md)).
|
||||||
* A `next` entry up the next menu, by name, in the stack (`matrix`) that we'll go to after `telnetConnected`.
|
* A `next` entry up the next menu, by name, in the stack (`matrix`) that we'll go to after `telnetConnected`.
|
||||||
* An `config` block containing a single `nextTimeout` field telling the system to proceed to the `next` (`matrix`) entry automatically after 1500ms.
|
* An `config` block containing a single `nextTimeout` field telling the system to proceed to the `next` (`matrix`) entry automatically after 1500ms.
|
||||||
|
|
||||||
|
|
|
@ -11,9 +11,9 @@ Unlike in the golden era of BBSing, modern Internet-connected systems are prone
|
||||||
|
|
||||||
## Two-Factor Authentication via One-Time Password
|
## Two-Factor Authentication via One-Time Password
|
||||||
Enabling Two-Factor Authentication via One-Time-Password (2FA/OTP) on an account adds an extra layer of security ("_something a user has_") in addition to their password ("_something a user knows_"). Providing 2FA/OTP to your users has some prerequisites:
|
Enabling Two-Factor Authentication via One-Time-Password (2FA/OTP) on an account adds an extra layer of security ("_something a user has_") in addition to their password ("_something a user knows_"). Providing 2FA/OTP to your users has some prerequisites:
|
||||||
* [A configured email gateway](/docs/configuration/email.md) such that the system can send out emails.
|
* [A configured email gateway](../configuration/email.md) such that the system can send out emails.
|
||||||
* One or more secure servers enabled such as [SSH](/docs/servers/ssh.md) or secure [WebSockets](/docs/servers/websocket.md) (that is, WebSockets over a secure connection such as TLS).
|
* One or more secure servers enabled such as [SSH](../servers/ssh.md) or secure [WebSockets](../servers/websocket.md) (that is, WebSockets over a secure connection such as TLS).
|
||||||
* The [web server](/docs/servers/web-server.md) enabled and exposed over TLS (HTTPS).
|
* The [web server](../servers/web-server.md) enabled and exposed over TLS (HTTPS).
|
||||||
|
|
||||||
:information_source: For WebSockets and the web server, ENiGMA½ _may_ listen on insecure channels if behind a secure web proxy.
|
:information_source: For WebSockets and the web server, ENiGMA½ _may_ listen on insecure channels if behind a secure web proxy.
|
||||||
|
|
||||||
|
@ -26,7 +26,7 @@ Due to the nature of 2FA/OTP, even if enabled on your system, users must opt-in
|
||||||
|
|
||||||
:warning: Serving 2FA/OTP registration links over insecure (HTTP) can expose secrets intended for the user and is **highly** discouraged!
|
:warning: Serving 2FA/OTP registration links over insecure (HTTP) can expose secrets intended for the user and is **highly** discouraged!
|
||||||
|
|
||||||
:memo: +ops can also manually enable or disable 2FA/OTP for a user using [oputil](/docs/admin/oputil.md), but this is generally discouraged.
|
:memo: +ops can also manually enable or disable 2FA/OTP for a user using [oputil](../admin/oputil.md), but this is generally discouraged.
|
||||||
|
|
||||||
#### Recovery
|
#### Recovery
|
||||||
In the situation that a user loses their 2FA/OTP device (such as a lost phone with Google Auth), there are some options:
|
In the situation that a user loses their 2FA/OTP device (such as a lost phone with Google Auth), there are some options:
|
||||||
|
@ -36,11 +36,11 @@ In the situation that a user loses their 2FA/OTP device (such as a lost phone wi
|
||||||
:warning: There is no way for a user to disable 2FA/OTP without first fully logging in! This is by design as a security measure.
|
:warning: There is no way for a user to disable 2FA/OTP without first fully logging in! This is by design as a security measure.
|
||||||
|
|
||||||
### ACS Checks
|
### ACS Checks
|
||||||
Various places throughout the system that implement [ACS](/docs/configuration/acs.md) can make 2FA specific checks:
|
Various places throughout the system that implement [ACS](../configuration/acs.md) can make 2FA specific checks:
|
||||||
* `AR#`: Current users **required** authentication factor. `AR2` for example means 2FA/OTP is required for this user.
|
* `AR#`: Current users **required** authentication factor. `AR2` for example means 2FA/OTP is required for this user.
|
||||||
* `AF#`: Current users **active** authentication factor. `AF2` means the user is authenticated with some sort of 2FA (such as One-Time-Password).
|
* `AF#`: Current users **active** authentication factor. `AF2` means the user is authenticated with some sort of 2FA (such as One-Time-Password).
|
||||||
|
|
||||||
See [ACS](/docs/configuration/acs.md) for more information.
|
See [ACS](../configuration/acs.md) for more information.
|
||||||
|
|
||||||
#### Example
|
#### Example
|
||||||
The following example illustrates using an `AR` ACS check to require applicable users to go through an additional 2FA/OTP process during login:
|
The following example illustrates using an `AR` ACS check to require applicable users to go through an additional 2FA/OTP process during login:
|
||||||
|
|
|
@ -3,7 +3,7 @@ layout: page
|
||||||
title: ACS
|
title: ACS
|
||||||
---
|
---
|
||||||
## File Base ACS
|
## File Base ACS
|
||||||
[ACS Codes](/docs/configuration/acs.md) may be used to control access to File Base areas by specifying an `acs` string in a file area's definition. If no `acs` is supplied in a file area definition, the following defaults apply to an area:
|
[ACS Codes](../configuration/acs.md) may be used to control access to File Base areas by specifying an `acs` string in a file area's definition. If no `acs` is supplied in a file area definition, the following defaults apply to an area:
|
||||||
* `read` : `GM[users]`: List/view the area and it's contents.
|
* `read` : `GM[users]`: List/view the area and it's contents.
|
||||||
* `write` : `GM[sysops]`: Upload.
|
* `write` : `GM[sysops]`: Upload.
|
||||||
* `download` : `GM[users]`: Download.
|
* `download` : `GM[users]`: Download.
|
||||||
|
@ -28,4 +28,4 @@ areas: {
|
||||||
```
|
```
|
||||||
|
|
||||||
## See Also
|
## See Also
|
||||||
[Access Condition System (ACS)](/docs/configuration/acs.md)
|
[Access Condition System (ACS)](../configuration/acs.md)
|
||||||
|
|
|
@ -84,16 +84,16 @@ fileBase: {
|
||||||
```
|
```
|
||||||
|
|
||||||
## Importing Areas
|
## Importing Areas
|
||||||
Areas can also be imported using [oputil](/docs/admin/oputil.md) using proper FileGate "RAID" aka `FILEBONE.NA` style files. After importing areas, you may wish to tweak configuration such as better `desc` fields, ACS, or sorting.
|
Areas can also be imported using [oputil](../admin/oputil.md) using proper FileGate "RAID" aka `FILEBONE.NA` style files. After importing areas, you may wish to tweak configuration such as better `desc` fields, ACS, or sorting.
|
||||||
|
|
||||||
## Importing Files (Scan For New Files)
|
## Importing Files (Scan For New Files)
|
||||||
A common task is to *import* existing files to area(s). Consider a collection of retro BBS files in the area "Retro PC" (tag: `retro_pc` above) under the storage tag of `retro_pc_bbs`. You might choose to scan for new files in this area (and thus import new entries) as follows with [oputil](/docs/admin/oputil.md)'s `fb scan`:
|
A common task is to *import* existing files to area(s). Consider a collection of retro BBS files in the area "Retro PC" (tag: `retro_pc` above) under the storage tag of `retro_pc_bbs`. You might choose to scan for new files in this area (and thus import new entries) as follows with [oputil](../admin/oputil.md)'s `fb scan`:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
./oputil.js fb scan --quick --tags retro,bbs,pc retro_pc@retro_pc_bbs
|
./oputil.js fb scan --quick --tags retro,bbs,pc retro_pc@retro_pc_bbs
|
||||||
```
|
```
|
||||||
|
|
||||||
Here we have asked [oputil](/docs/admin/oputil.md) to scan the file base area by it's tag `retro_pc` and only include the storage tag of `retro_pc_bbs`. Note that the storage tag could be omitted, and if so, all of `retro_pc` would be scanned. We have also indicated to #hashtag new entries with the tags "retro", "bbs", and "pc".
|
Here we have asked [oputil](../admin/oputil.md) to scan the file base area by it's tag `retro_pc` and only include the storage tag of `retro_pc_bbs`. Note that the storage tag could be omitted, and if so, all of `retro_pc` would be scanned. We have also indicated to #hashtag new entries with the tags "retro", "bbs", and "pc".
|
||||||
|
|
||||||
Please see [oputil](/docs/admin/oputil.md) for more information.
|
Please see [oputil](../admin/oputil.md) for more information.
|
||||||
|
|
||||||
|
|
|
@ -98,4 +98,4 @@ ticAreas: {
|
||||||
```
|
```
|
||||||
|
|
||||||
## See Also
|
## See Also
|
||||||
[Message Networks](/docs/messageareas/message-networks.md)
|
[Message Networks](../messageareas/message-networks.md)
|
||||||
|
|
|
@ -16,7 +16,7 @@ ENiGMA½ is a modern BBS software with a nostalgic flair!
|
||||||
* [CP437](http://www.ascii-codes.com/) and UTF-8 output
|
* [CP437](http://www.ascii-codes.com/) and UTF-8 output
|
||||||
* [SyncTERM](http://syncterm.bbsdev.net/) style font and baud emulation support. Display PC/DOS and Amiga style artwork as it's intended! In general, ANSI-BBS / [cterm.txt](http://cvs.synchro.net/cgi-bin/viewcvs.cgi/*checkout*/src/conio/cterm.txt?content-type=text%2Fplain&revision=HEAD) / [bansi.txt](http://www.bbsdocumentary.com/library/PROGRAMS/GRAPHICS/ANSI/bansi.txt) are followed for expected BBS behavior.
|
* [SyncTERM](http://syncterm.bbsdev.net/) style font and baud emulation support. Display PC/DOS and Amiga style artwork as it's intended! In general, ANSI-BBS / [cterm.txt](http://cvs.synchro.net/cgi-bin/viewcvs.cgi/*checkout*/src/conio/cterm.txt?content-type=text%2Fplain&revision=HEAD) / [bansi.txt](http://www.bbsdocumentary.com/library/PROGRAMS/GRAPHICS/ANSI/bansi.txt) are followed for expected BBS behavior.
|
||||||
* Full [SAUCE](http://www.acid.org/info/sauce/sauce.htm) support.
|
* Full [SAUCE](http://www.acid.org/info/sauce/sauce.htm) support.
|
||||||
* Renegade style [pipe color codes](/docs/configuration/colour-codes.md).
|
* Renegade style [pipe color codes](./configuration/colour-codes.md).
|
||||||
* [SQLite](http://sqlite.org/) storage of users, message areas, etc.
|
* [SQLite](http://sqlite.org/) storage of users, message areas, etc.
|
||||||
* Strong [PBKDF2](https://en.wikipedia.org/wiki/PBKDF2) backed password encryption.
|
* Strong [PBKDF2](https://en.wikipedia.org/wiki/PBKDF2) backed password encryption.
|
||||||
* Support for 2-Factor Authentication with One-Time-Passwords
|
* Support for 2-Factor Authentication with One-Time-Passwords
|
||||||
|
|
|
@ -15,6 +15,6 @@ on GitHub before running it!
|
||||||
The script will install `nvm`, Node.js and grab the latest ENiGMA BBS from GitHub. It will also guide you through creating a basic configuration file, and recommend some packages to install.
|
The script will install `nvm`, Node.js and grab the latest ENiGMA BBS from GitHub. It will also guide you through creating a basic configuration file, and recommend some packages to install.
|
||||||
|
|
||||||
:information_source: After installing:
|
:information_source: After installing:
|
||||||
* Read [External Binaries](/docs/configuration/external-binaries.md)
|
* Read [External Binaries](../configuration/external-binaries.md)
|
||||||
* Read [Updating](/docs/admin/updating.md)
|
* Read [Updating](../admin/updating.md)
|
||||||
|
|
||||||
|
|
|
@ -15,4 +15,4 @@ There are multiple ways of installing ENiGMA BBS, depending on your level of exp
|
||||||
:scroll: Check out [this awesome video on installation and basic configuration](https://youtu.be/WnN-ucVi3ZU) from Al's Geek Lab!
|
:scroll: Check out [this awesome video on installation and basic configuration](https://youtu.be/WnN-ucVi3ZU) from Al's Geek Lab!
|
||||||
|
|
||||||
## Keeping Up To Date
|
## Keeping Up To Date
|
||||||
After installing, you'll want to [keep your system updated](/docs/admin/updating.md).
|
After installing, you'll want to [keep your system updated](../admin/updating.md).
|
|
@ -19,10 +19,10 @@ Each conference is represented by a entry under `messageConferences`. Each entri
|
||||||
| `sort` | :-1: | Set to a number to override the default alpha-numeric sort order based on the `name` field. |
|
| `sort` | :-1: | Set to a number to override the default alpha-numeric sort order based on the `name` field. |
|
||||||
| `default` | :-1: | Specify `true` to make this the default conference (e.g. assigned to new users) |
|
| `default` | :-1: | Specify `true` to make this the default conference (e.g. assigned to new users) |
|
||||||
| `areas` | :+1: | Container of 1:n areas described below |
|
| `areas` | :+1: | Container of 1:n areas described below |
|
||||||
| `acs` | :-1: | A standard [ACS](/docs/configuration/acs.md) block. See **ACS** below. |
|
| `acs` | :-1: | A standard [ACS](../configuration/acs.md) block. See **ACS** below. |
|
||||||
|
|
||||||
### ACS
|
### ACS
|
||||||
An optional standard [ACS](/docs/configuration/acs.md) block can be supplied with the following rules:
|
An optional standard [ACS](../configuration/acs.md) block can be supplied with the following rules:
|
||||||
* `read`: ACS required to read (see) this conference. Defaults to `GM[users]`.
|
* `read`: ACS required to read (see) this conference. Defaults to `GM[users]`.
|
||||||
* `write`: ACS required to write (post) to this conference. Defaults to `GM[users]`.
|
* `write`: ACS required to write (post) to this conference. Defaults to `GM[users]`.
|
||||||
|
|
||||||
|
@ -53,12 +53,12 @@ Message Areas are topic specific containers for messages that live within a part
|
||||||
| `desc` | :+1: | Friendly area description. |
|
| `desc` | :+1: | Friendly area description. |
|
||||||
| `sort` | :-1: | Set to a number to override the default alpha-numeric sort order based on the `name` field. |
|
| `sort` | :-1: | Set to a number to override the default alpha-numeric sort order based on the `name` field. |
|
||||||
| `default` | :-1: | Specify `true` to make this the default area (e.g. assigned to new users) |
|
| `default` | :-1: | Specify `true` to make this the default area (e.g. assigned to new users) |
|
||||||
| `acs` | :-1: | A standard [ACS](/docs/configuration/acs.md) block. See **ACS** below. |
|
| `acs` | :-1: | A standard [ACS](../configuration/acs.md) block. See **ACS** below. |
|
||||||
| `autoSignatures` | :-1: | Set to `false` to disable auto-signatures in this area. |
|
| `autoSignatures` | :-1: | Set to `false` to disable auto-signatures in this area. |
|
||||||
| `realNames` | :-1: | Set to `true` to use real names in this area. |
|
| `realNames` | :-1: | Set to `true` to use real names in this area. |
|
||||||
|
|
||||||
### ACS
|
### ACS
|
||||||
An optional standard [ACS](/docs/configuration/acs.md) block can be supplied with the following rules:
|
An optional standard [ACS](../configuration/acs.md) block can be supplied with the following rules:
|
||||||
* `read`: ACS required to read (see) this area. Defaults to `GM[users]`.
|
* `read`: ACS required to read (see) this area. Defaults to `GM[users]`.
|
||||||
* `write`: ACS required to write (post) to this area. Defaults to `GM[users]`.
|
* `write`: ACS required to write (post) to this area. Defaults to `GM[users]`.
|
||||||
|
|
||||||
|
@ -85,4 +85,4 @@ messageConferences: {
|
||||||
```
|
```
|
||||||
|
|
||||||
## Importing
|
## Importing
|
||||||
FidoNet style `.na` files as well as legacy `AREAS.BBS` files in common formats can be imported using `oputil.js mb import-areas`. See [The oputil CLI](/docs/admin/oputil.md) for more information and usage.
|
FidoNet style `.na` files as well as legacy `AREAS.BBS` files in common formats can be imported using `oputil.js mb import-areas`. See [The oputil CLI](../admin/oputil.md) for more information and usage.
|
||||||
|
|
|
@ -70,7 +70,7 @@ Example:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
:bulb: You can import `AREAS.BBS` or FTN style `.NA` files using [oputil](/docs/admin/oputil.md)!
|
:bulb: You can import `AREAS.BBS` or FTN style `.NA` files using [oputil](../admin/oputil.md)!
|
||||||
|
|
||||||
#### A More Complete Example
|
#### A More Complete Example
|
||||||
Below is a more complete *example* illustrating some of the concepts above:
|
Below is a more complete *example* illustrating some of the concepts above:
|
||||||
|
|
|
@ -34,7 +34,7 @@ Example:
|
||||||
```
|
```
|
||||||
|
|
||||||
### oputil
|
### oputil
|
||||||
The `oputil.js` utility can export packet files, dump the messages of a packet to stdout, etc. See [the oputil documentation](/docs/admin/oputil.md) for more information.
|
The `oputil.js` utility can export packet files, dump the messages of a packet to stdout, etc. See [the oputil documentation](../admin/oputil.md) for more information.
|
||||||
|
|
||||||
### Offline Readers
|
### Offline Readers
|
||||||
A few of the offline readers that have been tested with QWK packet files produced by ENiGMA½:
|
A few of the offline readers that have been tested with QWK packet files produced by ENiGMA½:
|
||||||
|
|
|
@ -3,7 +3,7 @@ layout: page
|
||||||
title: User Interruptions
|
title: User Interruptions
|
||||||
---
|
---
|
||||||
## User Interruptions
|
## User Interruptions
|
||||||
ENiGMA½ provides functionality to "interrupt" a user for various purposes such as a [node-to-node message](/docs/modding/node-msg.md). User interruptions can be queued and displayed at the next opportune time such as when switching to a new menu, or realtime if appropriate.
|
ENiGMA½ provides functionality to "interrupt" a user for various purposes such as a [node-to-node message](../modding/node-msg.md). User interruptions can be queued and displayed at the next opportune time such as when switching to a new menu, or realtime if appropriate.
|
||||||
|
|
||||||
## Standard Menu Behavior
|
## Standard Menu Behavior
|
||||||
Standard menus control interruption by the `interrupt` config block option, which may be set to one of the following values:
|
Standard menus control interruption by the `interrupt` config block option, which may be set to one of the following values:
|
||||||
|
|
|
@ -3,7 +3,7 @@ layout: page
|
||||||
title: Node to Node Messaging
|
title: Node to Node Messaging
|
||||||
---
|
---
|
||||||
## The Node to Node Messaging Module
|
## The Node to Node Messaging Module
|
||||||
The node to node messaging (`node_msg`) module allows users to send messages to one or more users on different nodes. Messages delivered to nodes follow standard [User Interruption](/docs/misc/user-interrupt.md) rules.
|
The node to node messaging (`node_msg`) module allows users to send messages to one or more users on different nodes. Messages delivered to nodes follow standard [User Interruption](../misc/user-interrupt.md) rules.
|
||||||
|
|
||||||
## Configuration
|
## Configuration
|
||||||
### Config Block
|
### Config Block
|
||||||
|
|
|
@ -10,7 +10,7 @@ The `telnet_bridge` module allows "bridged" Telnet connections from your board t
|
||||||
Available `config` entries:
|
Available `config` entries:
|
||||||
* `host`: Hostname or IP address to connect to.
|
* `host`: Hostname or IP address to connect to.
|
||||||
* `port`: Port to connect to. Defaults to the standard Telnet port of `23`.
|
* `port`: Port to connect to. Defaults to the standard Telnet port of `23`.
|
||||||
* `font`: A SyncTERM style font. Useful for example if you would like to connect form a "DOS" style BBS to an Amiga. See [the general art documentation on SyncTERM Style Fonts](/docs/art/general.md).
|
* `font`: A SyncTERM style font. Useful for example if you would like to connect form a "DOS" style BBS to an Amiga. See [the general art documentation on SyncTERM Style Fonts](../art/general.md).
|
||||||
|
|
||||||
### Example
|
### Example
|
||||||
Below is an example `menu.hjson` entry that would connect to [Xibalba](https://xibalba.l33t.codes):
|
Below is an example `menu.hjson` entry that would connect to [Xibalba](https://xibalba.l33t.codes):
|
||||||
|
|
|
@ -57,4 +57,4 @@ Generally `mciMap` entries will point to a Vertical List View Menu (`%VM1`, `%VM
|
||||||
* `affils` or `affiliation`: Users affiliations.
|
* `affils` or `affiliation`: Users affiliations.
|
||||||
* `position`: Rank position (numeric).
|
* `position`: Rank position (numeric).
|
||||||
|
|
||||||
Remember that string format rules apply, so for example, if displaying top uploaded bytes (`ul_file_bytes`), a `itemFormat` may be `{userName} - {value!sizeWithAbbr}` yielding something like "TopDude - 4 GB". See [MCI](/docs/art/mci.md) for additional information.
|
Remember that string format rules apply, so for example, if displaying top uploaded bytes (`ul_file_bytes`), a `itemFormat` may be `{userName} - {value!sizeWithAbbr}` yielding something like "TopDude - 4 GB". See [MCI](../art/mci.md) for additional information.
|
||||||
|
|
|
@ -3,7 +3,7 @@ layout: page
|
||||||
title: TopX
|
title: TopX
|
||||||
---
|
---
|
||||||
## The 2FA/OTP Config Module
|
## The 2FA/OTP Config Module
|
||||||
The `user_2fa_otp_config` module provides opt-in, configuration, and viewing of Two-Factor Authentication via One-Time-Password (2FA/OTP) settings. In order to allow users access to 2FA/OTP, the system must be properly configured. See [Security](/docs/configuration/security.md) for more information.
|
The `user_2fa_otp_config` module provides opt-in, configuration, and viewing of Two-Factor Authentication via One-Time-Password (2FA/OTP) settings. In order to allow users access to 2FA/OTP, the system must be properly configured. See [Security](../configuration/security.md) for more information.
|
||||||
|
|
||||||
:information_source: By default, the 2FA/OTP configuration menu may only be accessed by users connected securely (ACS `SC`). It is highly recommended to leave this default as accessing these settings over a plain-text connection could expose private secrets!
|
:information_source: By default, the 2FA/OTP configuration menu may only be accessed by users connected securely (ACS `SC`). It is highly recommended to leave this default as accessing these settings over a plain-text connection could expose private secrets!
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue