Deblan blog

Installation De Isso

- ~7 min(s) de lecture


Aujourd’hui je vais vous expliquer comment j’ai mis en place les commentaires sur mon Blog a l’aide de Isso, j’ai connu ce système grâce à Se sytème est 100% auto-hébergé et écrit en python, donc toutes les données sont hébergées chez moi sur mon petit serveur maison.



Donc déjà pour le principe de sécurité j’ai créer un nouvel utilisateur : isso

sudo adduser isso

ensuite il nous faut installer isso à proprement parler

pip3 install isso

et voici mon fichier de Configuration (j’ai quand même changer mes mots de passe)

# Isso configuration file
# vim: set filetype=ini


# file location to the SQLite3 database, highly recommended to change this
# location to a non-temporary location!
dbpath = /home/isso/isso.db

# required to dispatch multiple websites, not used otherwise.
name =

# Your website(s). If Isso is unable to connect to at least one site, you'll
# get a warning during startup and comments are most likely non-functional.
# You'll need at least one host/website to run Isso. This is due to security
# reasons: Isso uses CORS_ to embed comments and to restrict comments only to
# your website, you have to "whitelist" your website(s).
# I recommend the first value to be a non-SSL website that is used as fallback
# if Firefox users (and only those) supress their HTTP referer completely:
# host =
#     http://example.tld/
#     https://example.tld/
host =

# time range that allows users to edit/remove their own comments.
# It supports years, weeks, days, hours, minutes, seconds.
# 3h45m12s equals to 3 hours, 45 minutes and 12 seconds.
max-age = 15m

# Select notification backend for new comments. Currently, only SMTP is
# available.
# Select notification backend(s) for new comments, separated by comma.
# Available backends:
# stdout
#     Log to standard output. Default, if none selected.
# smtp
#     Send notifications via SMTP on new comments with activation (if
#     moderated) and deletion links.
notify = stdout

# Allow users to request E-mail notifications for replies to their post.
# WARNING: It is highly recommended to also turn on moderation when enabling
# this setting, as Isso can otherwise be easily exploited for sending spam.

# Log console messages to file instead of standard output.
log-file = /home/isso/isso.log

# adds property "gravatar_image" to json response when true
# will automatically build md5 hash by email and use "gravatar_url" to build
# the url to the gravatar image
gravatar = false

# default url for gravatar. {} is where the hash will be placed
gravatar-url ={}?d=identicon

# Admin access password
admin_password = mon_mot_de_passe_super_complexe

# enable comment moderation queue. This option only affects new comments.
# Comments in modertion queue are not visible to other users until you activate
# them.
enabled = false

# remove unprocessed comments in moderation queue after given time.
purge-after = 30d

# interface to listen on. Isso supports TCP/IP and unix domain sockets: UNIX
# domain socket listen = unix:///tmp/isso.sock TCP/IP listen =
# http:///localhost:1234/
# When gevent is available, it is automatically used for http:// Currently,
# gevent can not handle http requests on unix domain socket (see #295 and #299
# for details).  Does not apply for uWSGI.
listen =

# public URL that Isso is accessed from by end users. Should always be a
# http:// or https:// absolute address. If left blank, automatic detection is
# attempted.
public-endpoint =

# reload application, when the source code has changed. Useful for development.
# Only works with the internal webserver.
reload = off

# show 10 most time consuming function in Isso after each request. Do not use
# in production.
profile = off

# Isso can notify you on new comments via SMTP. In the email notification, you
# also can moderate (=activate or delete) comments.

# self-explanatory, optional
username =

# self-explanatory (yes, plain text, create a dedicated account for
# notifications), optional.
password =

# SMTP server
host = localhost

# SMTP port
port = 587

# use a secure connection to the server, possible values: none, starttls or
# ssl. Note, that there is no easy way for Python 2.7 and 3.3 to implement
# certification validation and thus the connection is vulnerable to
# Man-in-the-Middle attacks. You should definitely use a dedicated SMTP account
# for Isso in that case.
security = starttls

# recipient address, e.g. your email address
to =

# sender address, e.g. "Foo Bar" <isso@example.tld>
from =

# specify a timeout in seconds for blocking operations like the
# connection attempt.
timeout = 10

# Enable basic spam protection features, e.g. rate-limit per IP address (/24
# for IPv4, /48 for IPv6).

# enable guard, recommended in production. Not useful for debugging purposes.
enabled = true

# limit to N new comments per minute.
ratelimit = 2

# how many comments directly to the thread (prevent a simple while true; do
# curl ...; done.
direct-reply = 3

# allow commenters to reply to their own comments when they could still edit
# the comment. After the editing timeframe is gone, commenters can reply to
# their own comments anyways. Do not forget to configure the client.
reply-to-self = false

# force commenters to enter a value into the author field. No validation is
# performed on the provided value.  Do not forget to configure the client
# accordingly.
require-author = true

# require the commenter to enter an email address (note: no validation is
# done on the provided address). Do not forget to configure the client.
require-email = false

# Customize markup and sanitized HTML. Currently, only Markdown (via Misaka) is
# supported, but new languages are relatively easy to add.

# Misaka-specific Markdown extensions, all flags starting with EXT_ can be used
# there, separated by comma.
options = strikethrough, autolink, fenced_code, no_intra_emphasis

# Additional HTML tags to allow in the generated output, comma-separated. By
# default, only a, blockquote, br, code, del, em, h1, h2, h3, h4, h5, h6, hr,
# ins, li, ol, p, pre, strong, table, tbody, td, th, thead and ul are allowed.
allowed-elements =

# Additional HTML attributes (independent from elements) to allow in the
# generated output, comma-separated. By default, only align and href are
# allowed.
allowed-attributes =

# Customize used hash functions to hide the actual email addresses from
# commenters but still be able to generate an identicon.

# A salt is used to protect against rainbow tables. Isso does not make use of
# pepper (yet). The default value has been in use since the release of Isso and
# generates the same identicons for same addresses across installations.
salt = Eech7co8Ohloopo9Ol6baimi

# Hash algorithm to use -- either from Python's hashlib or PBKDF2 (a
# computational expensive hash function).
# The actual identifier for PBKDF2 is pbkdf2:1000:6:sha1, which means 1000
# iterations, 6 bytes to generate and SHA1 as pseudo-random family used for key
# strengthening. Arguments have to be in that order, but can be reduced to
# pbkdf2:4096 for example to override the iterations only.
algorithm = pbkdf2

# Provide an Atom feed for each comment thread for users to subscribe to.

# The base URL of pages is needed to build the Atom feed. By appending
# the URI, we should get the complete URL to use to access the page
# with the comments. When empty, Atom feeds are disabled.
base =

# Limit the number of elements to return for each thread.
limit = 100

attention a un petit détail si vous voulez accéder à l’administration de isso il faut bien regler ceci :

# Admin access password
admin_password = mon_mot_de_passe_super_complexe

Et non pas comme indiquer dans la documentation officielle.

voila a partir de ce moment vous avez une belle base de travail, pour la suite je vais utiliser apache avec mod_wsgi

donc déjà on active mod_wsgi

root# a2enmod wsgi

ensuite on configure un VirtualHost, voici le miens simplifié sans la partie ssl :

<VirtualHost *:80>
    ServerAdmin webmaster@localhost
    DocumentRoot /home/isso
    WSGIDaemonProcess user=isso group=isso processes=1 threads=4 python-path=/home/isso display-name=%{GROUP}
    WSGIScriptAlias / /home/isso/
    WSGIApplicationGroup %{GLOBAL}
    WSGIScriptReloading On
    <Directory /home/isso>
	        Require all granted
    LogLevel debug
    ErrorLog ${APACHE_LOG_DIR}/error_comment.log
    CustomLog ${APACHE_LOG_DIR}/access_comment.log combined

Une fois le VirtualHost configuré, il suffit de l’activé :

root# a2ensite mon_virtual_host

Avec tout ceci le système devrait être enfin opérationnel, rendez-vous sur votre site de commentaire, il devrait répondre en erreur page non accéssible. Il ne suffit plus que d’ajouter un petit bout de code dans votre thème de votre blog et les commentaires devrait être opérationnel. Voici le code a mettre :

<script data-isso="" src="" data-isso-css="false" data-isso-avatar-bg="#222" defer></script>
<section id="isso-thread"></section>

Et voila c’est la fin du tuto, j’espère que votre système de commentaires