EcoCounts Tech Support
Page Speed
EcoCore website
2025-01-31 https://pagespeed.web.dev/analysis/https-ecocore-org/qf23ypn4xt?form_factor=mobile
2025-02-18 (after migration) https://pagespeed.web.dev/analysis/https-ecocore-org/mo332pqvsv?form_factor=mobile
Google Recaptcha Keys
EcoCore reCAPTCHA https://cloud.google.com/security/products/recaptcha?hl=en
v2 no robots site key: 6Leagd8qAAAAAPg_2t1Nuz1LMRi7yciJ0U7j6byb
v2 secret: 6Leagd8qAAAAAGD-TBj2YnY5Rz95tjg28K7IAJdR
v3 site key: 6LcC_cAUAAAAABA9IebNeeSBw6dl-oBLk73Fxyyw
v3 secret: 6LcC_cAUAAAAAGJHrWtkYLXgeF8qT4nEGGlv6qVj
WordPress
- Plugins:
- MiniOrange OpenID Connect Login ( OpenID Connect Client)
NextCloud
- Set up the SSO server app in NextCloud top right user menu
- Click "+ App"
- Search on "OIDC"
- enable "OIDC Identity Provider"
- Go to Settings, scroll down to Administration in left-hand menu column, choose Security
- Set up OpenID Connect client (not OAuth2.0) for WordPress in conjunction with the MiniOrange OIDC client
- Set up OAuth2 client for Flarum in conjunction with the Flarum FoF OAuth extension, and the Flarum NextCloud OAuth extension
Flarum
Extensions:
- add the NextCloud OAuth extension: https://extiverse.com/extension/frie/flarum-nextcloud-oauth
MediaWiki
- Add extensions to
/home/carbonc/sites/mediawiki/w
- OpenID-Connect extension https://www.mediawiki.org/wiki/Extension:OpenID_Connect
- Add the following configuration to the
sites/mediawiki/w/LocalSettings.php
wfLoadExtension( 'PluggableAuth' ); $wgPluggableAuth_EnableLocalLogin = false; $wgPluggableAuth_ButtonLabelMessage = 'Login with your EcoCounts account'; wfLoadExtension( 'OpenIDConnect' ); $wgPluggableAuth_Config[] = [ 'plugin' => 'OpenIDConnect', 'data' => [ 'providerURL' => 'https://cloud.ecocounts.community', 'clientID' => 'I8MfDD8oPXvmNc4OxyafXHKKsrhiekRisC9toFLwm2o9Oz6NMEcqiAhuelHuCfTS', 'clientsecret' => '5C4aBrz7xR9I9hvBo95jefLJm5pZ9FxY40r2YGko4TrIJuHUUXXVhwguFS34qq92' ] ]; $wgOpenIDConnect_UseRealNameAsUserName = true;
Adding User Accounts
- Admin user must add username, password and email to https://cloud.ecocounts.community
- this sends an email with username to the email address
- log in with their credentials to Flarum - beware of the "Oops! Something went wrong. Please reload the page and try again." (just cancel and login again)
- log in to Wiki (top right "login" link)
- log in to the Wordpress site
- log in to Flarum as admin and give new user appropriate role
- same for Wordpress and add first & last name, editor role and email address
- forward the user the password, the link to the sites and ask them to log in to confirm their accounts work
Backups
BackupPC: HomeServer
Flarum: https://discuss.flarum.org/d/29768/3
Mediawiki package
Help: https://www.mediawiki.org/wiki/Project:Support_desk
Mediawiki installation.
- Put in a link:
sudo ln -s /var/lib/mediawiki /var/www/permacode/w
- install the php5-intl package
- install the php5-xcache package
- make sure the file upload directory
wgUploadDirectory
is non-executablechmod 644 ....
- mediawiki config settings
- script that does the install:
/usr/share/mediawiki/includes/installer/Install.php
- setup a mediawiki user in mysql:
mysql> GRANT ALL ON *.* TO 'mediawiki'@'localhost' IDENTIFIED BY 'password';
- for security's sake, exit mysql and zero length .mysql_history
>.mysql_history
- browse the wiki and go through config settings, and then grab the LocalSettings.php file and scp it across, then:
mv LocalSettings.php /etc/mediawiki chmod 700 /etc/mediawiki/LocalSettings.php chown www-data /etc/mediawiki/LocalSettings.php
- setup wikipedia editor toolbar in LocalSettings.php:
require_once ( "$IP/extensions/WikiEditor/WikiEditor.php" );
- configure longer session time-out in
/etc/php5/apache2/php.ini
:session.gc_maxlifetime = 864400
(24 hours) - configure Mediawiki short URLs:
- enable mod_rewrite:
a2enmod rewrite
- add apache config in
/etc/apache2/site-available/permacode
:# configure short URLs
- RewriteEngine On
RewriteRule ^/?wiki(/.*)?$ %{DOCUMENT_ROOT}/w/index.php [L]
- add mediawiki config in
/etc/mediawiki/LocalSettings.php
:$wgScriptPath = "/w";
$wgArticlePath = "/wiki/$1";
- enable mod_rewrite:
- put a robots.txt into
/var/www/permacode
:User-agent: *
Disallow: /w/
- Add Markdown syntax https://github.com/bharley/mw-markdown
Wordpress Plugin - Google Analytics
The Newsletter Plugin
This is more complex than the other plugins.
Start with this one:
https://www.thenewsletterplugin.com/
Once that's installed, you need to get the free license key by registering with the developers:
https://www.thenewsletterplugin.com/account
and once that is installed, you need to install the add-on downloader via their Addons menu
and then when that's done, you go to their Addons Manager page and you need to install their "WP User Integration" add-on which you'll see there under "Integrations". It requires the free license key first.
Podcast
Podcast account at podbean: https://carbonwatchdog.podbean.com/
Podcast validator: https://podba.se/validate/?url=https://carbonwatchdog.org/feed/podcast/
Podcast RSS feed on Wordpress: https://martech.zone/wordpress-publish-external-podcast-feed/
Podcast services: https://martech.zone/where-to-promote-your-podcast/
- https://carbonwatchdog.org/feed/podcast/ - https://podcastsmanager.google.com https://podcasts.google.com/feed/aHR0cHM6Ly9jYXJib253YXRjaGRvZy5vcmcvZmVlZC9wb2RjYXN0Lw - https://podcasters.spotify.com https://open.spotify.com/show/3YqQC21Uew4shO7w72LCaz - https://podcastsconnect.apple.com/ https://podcasts.apple.com/gb/podcast/the-carbon-watchdog-podcast/id1534302716 - https://partners.stitcher.com/join https://www.stitcher.com/s?fid=579503&refid=stpr - https://www.pocketcasts.com/submit/ https://pca.st/ze7l451m - https://podcasters.deezer.com/submission https://deezer.com/show/1851042 - https://amp.pandora.com https://www.pandora.com/podcast/the-carbon-watchdog-podcast/PC:37546 - https://www.iheart.com/content/submit-your-podcast/ https://www.iheart.com/podcast/269-the-carbon-watchdog-podcas-73688814/
Imagick for Wordpress images
Linux installs imagick by default with a security restriction on PDF operations, so this has to be lifted for normal operations. The security issue is caused by the potential for hackers to upload dangerous PDFs that do weird stuff to imagick so it doesn't affect us since we don't allow uploads except by admin.
Depending on the system, you may need to edit /etc/ImageMagick-6/policy.xml or /etc/ImageMagick-7/policy.xml and change this line:
<policy domain="coder" rights="none" pattern="PDF" />
to:
<policy domain="coder" rights="read" pattern="PDF" />
You can read more here: https://imagemagick.org/script/security-policy.php
You should give real thought if you want to enable it though because there are security issues with it:
https://searchsecurity.techtarget.com/tip/More-Ghostscript-vulnerabilities-more-PostScript-problems
CSS Scraps
cite, figcaption, .wp-caption-text, .post-meta, .entry-content .wp-block-archives li, .entry-content .wp-block-categories li, .entry-content .wp-block-latest-posts li, .wp-block-latest-comments__comment-date, .wp-block-latest-posts__post-date, .wp-block-embed figcaption, .wp-block-image figcaption, .wp-block-pullquote cite, .comment-metadata, .comment-respond .comment-notes, .comment-respond .logged-in-as, .pagination .dots, .entry-content hr:not(.has-background), hr.styled-separator, :root .has-secondary-color, .dip-article-block h4, .entry-title a, .ub-block-post-grid header .ub-block-post-grid-title a, .wp-block-ub-content-toggle-accordion-title h2 { color: #f2f6f9 !important; fill: #f2f6f9; }