0
0

Removed Nitter

This commit is contained in:
Opnxng 2024-02-18 21:16:27 +08:00
parent 33bac9c51c
commit b941e89a4c
14 changed files with 40 additions and 512 deletions

View File

@ -1,124 +0,0 @@
- name: Generate JWT Secret
command: openssl rand -hex 32
register: nitter_jwt_secret_result
- set_fact:
nitter_jwt_secret: "{{ nitter_jwt_secret_result.stdout }}"
- name: Set up nitter conf
template:
src: "conf/nitter/nitter.conf.j2"
dest: "{{ docker_dir }}/nitter/nitter.conf"
owner: 1000
group: 1000
mode: 0755
- name: Copy about.md
copy:
src: "nitter/about.md"
dest: "{{ docker_dir }}/nitter/about.md"
owner: 1000
group: 1000
mode: 0755
- name: Copy about.html
copy:
src: "nitter/about.html"
dest: "{{ docker_dir }}/nitter/about.html"
owner: 1000
group: 1000
mode: 0755
# --------------------------------------------------------------------------------------------------
- name: Create nginx directory
file:
path: "{{ docker_dir }}/nitter/nginx"
state: directory
owner: 1000
group: 1000
mode: 0775
- name: Touch nitter_error.log
file:
path: "{{ docker_dir }}/nitter/nginx/nitter_error.log"
state: touch
owner: 1000
group: 1000
mode: 0775
- name: Set up nginx.conf.j2
template:
src: "conf/nitter/nginx.conf.j2"
dest: "{{ docker_dir }}/nitter/nginx/nginx.conf"
owner: 1000
group: 1000
mode: 0755
- name: Set up nginx
template:
src: "conf/nitter/nginx.j2"
dest: "{{ docker_dir }}/nitter/nginx/nginx"
owner: 1000
group: 1000
mode: 0755
- name: Create shared_cache.conf
copy:
dest: "{{ docker_dir }}/nitter/nginx/shared_cache.conf"
content: |
proxy_buffers 64 16k;
proxy_buffer_size 4k;
expires 90d;
access_log off;
resolver 127.0.0.11;
set $backend "nitter";
proxy_pass http://$backend:8080;
- name: Create shared_static.conf
copy:
dest: "{{ docker_dir }}/nitter/nginx/shared_static.conf"
content: |
expires 90d;
access_log off;
root /src/public;
- name: Clone nitter repo to /tmp
git:
repo: https://github.com/zedeus/nitter.git
dest: "/tmp/nitter"
single_branch: true
version: guest_accounts
- name: Copy the public folder to the specified directory
command: "cp -r /tmp/nitter/public {{ docker_dir }}/nitter/nginx/"
# --------------------------------------------------------------------------------------------------
- name: Create fail2ban directory
file:
path: "{{ docker_dir }}/nitter/fail2ban"
state: directory
owner: 1000
group: 1000
mode: 0775
- name: Set up jail.local
template:
src: "conf/nitter/jail.local.j2"
dest: "{{ docker_dir }}/nitter/fail2ban/jail.local"
owner: 1000
group: 1000
mode: 0755
# --------------------------------------------------------------------------------------------------
- name: Curl guest_accounts.jsonl
shell: curl -s '{{ twitterminator_url }}' > {{ docker_dir }}/nitter/guest_accounts.jsonl
ignore_errors: true
- name: Chmod guest_accounts.jsonl
command: chmod 0777 {{ docker_dir }}/nitter/guest_accounts.jsonl
- name: Chown guest_accounts.jsonl
command: chown 1000:1000 {{ docker_dir }}/nitter/guest_accounts.jsonl

View File

@ -1,49 +0,0 @@
<h1>About</h1>
<p>Nitter is a free and open source alternative Twitter front-end focused on
privacy and performance. The source is available on GitHub at
<a href="https://github.com/zedeus/nitter">https://github.com/zedeus/nitter</a></p>
<ul>
<li>No JavaScript or ads</li>
<li>All requests go through the backend, client never talks to Twitter</li>
<li>Prevents Twitter from tracking your IP or JavaScript fingerprint</li>
<li>Uses Twitter's unofficial API (no rate limits or developer account required)</li>
<li>Lightweight (for <a href="/nim_lang">@nim_lang</a>, 60KB vs 784KB from twitter.com)</li>
<li>RSS feeds</li>
<li>Themes</li>
<li>Mobile support (responsive design)</li>
<li>AGPLv3 licensed, no proprietary instances permitted</li>
</ul>
<p>Nitter's GitHub wiki contains
<a href="https://github.com/zedeus/nitter/wiki/Instances">instances</a> and
<a href="https://github.com/zedeus/nitter/wiki/Extensions">browser extensions</a>
maintained by the community.</p>
<h2>Opnxng.com</h2>
<p>Other services: <a href="https://about.opnxng.com/">https://about.opnxng.com/</a></p>
<p>Donating: <a href="https://liberapay.com/Opnxng/">https://liberapay.com/Opnxng/</a><br>
Links to donate to the developer of Nitter can be found down below.</p>
<h2>Why use Nitter?</h2>
<p>It's impossible to use Twitter without JavaScript enabled. For privacy-minded
folks, preventing JavaScript analytics and IP-based tracking is important, but
apart from using a VPN and uBlock/uMatrix, it's impossible. Despite being behind
a VPN and using heavy-duty adblockers, you can get accurately tracked with your
<a href="https://restoreprivacy.com/browser-fingerprinting/">browser's fingerprint</a>,
<a href="https://noscriptfingerprint.com/">no JavaScript required</a>. This all became
particularly important after Twitter <a href="https://www.eff.org/deeplinks/2020/04/twitter-removes-privacy-option-and-shows-why-we-need-strong-privacy-laws">removed the
ability</a>
for users to control whether their data gets sent to advertisers.</p>
<p>Using an instance of Nitter (hosted on a VPS for example), you can browse
Twitter without JavaScript while retaining your privacy. In addition to
respecting your privacy, Nitter is on average around 15 times lighter than
Twitter, and in most cases serves pages faster (eg. timelines load 2-4x faster).</p>
<p>In the future a simple account system will be added that lets you follow Twitter
users, allowing you to have a clean chronological timeline without needing a
Twitter account.</p>
<h2>Donating</h2>
<p>Liberapay: <a href="https://liberapay.com/zedeus">https://liberapay.com/zedeus</a> <br />
Patreon: <a href="https://patreon.com/nitter">https://patreon.com/nitter</a> <br />
BTC: bc1qp7q4qz0fgfvftm5hwz3vy284nue6jedt44kxya <br />
ETH: 0x66d84bc3fd031b62857ad18c62f1ba072b011925 <br />
LTC: ltc1qhsz5nxw6jw9rdtw9qssjeq2h8hqk2f85rdgpkr <br />
XMR: 42hKayRoEAw4D6G6t8mQHPJHQcXqofjFuVfavqKeNMNUZfeJLJAcNU19i1bGdDvcdN6romiSscWGWJCczFLe9RFhM3d1zpL</p>
<h2>Contact</h2>
<p>Feel free to join our <a href="https://matrix.to/#/#nitter:matrix.org">Matrix channel</a>.</p>

View File

@ -1,59 +0,0 @@
# About
Nitter is a free and open source alternative Twitter front-end focused on
privacy and performance. The source is available on GitHub at
<https://github.com/zedeus/nitter>
* No JavaScript or ads
* All requests go through the backend, client never talks to Twitter
* Prevents Twitter from tracking your IP or JavaScript fingerprint
* Uses Twitter's unofficial API (no rate limits or developer account required)
* Lightweight (for [@nim_lang](/nim_lang), 60KB vs 784KB from twitter.com)
* RSS feeds
* Themes
* Mobile support (responsive design)
* AGPLv3 licensed, no proprietary instances permitted
Nitter's GitHub wiki contains
[instances](https://github.com/zedeus/nitter/wiki/Instances) and
[browser extensions](https://github.com/zedeus/nitter/wiki/Extensions)
maintained by the community.
## Opnxng.com
Other services: [https://about.opnxng.com/]h(ttps://about.opnxng.com)
Donating: [https://liberapay.com/Opnxng/](https://liberapay.com/Opnxng)
Links to donate to the developer of Nitter can be found down below.
## Why use Nitter?
It's impossible to use Twitter without JavaScript enabled. For privacy-minded
folks, preventing JavaScript analytics and IP-based tracking is important, but
apart from using a VPN and uBlock/uMatrix, it's impossible. Despite being behind
a VPN and using heavy-duty adblockers, you can get accurately tracked with your
[browser's fingerprint](https://restoreprivacy.com/browser-fingerprinting/),
[no JavaScript required](https://noscriptfingerprint.com/). This all became
particularly important after Twitter [removed the
ability](https://www.eff.org/deeplinks/2020/04/twitter-removes-privacy-option-and-shows-why-we-need-strong-privacy-laws)
for users to control whether their data gets sent to advertisers.
Using an instance of Nitter (hosted on a VPS for example), you can browse
Twitter without JavaScript while retaining your privacy. In addition to
respecting your privacy, Nitter is on average around 15 times lighter than
Twitter, and in most cases serves pages faster (eg. timelines load 2-4x faster).
In the future a simple account system will be added that lets you follow Twitter
users, allowing you to have a clean chronological timeline without needing a
Twitter account.
## Donating
Liberapay: <https://liberapay.com/zedeus> \
Patreon: <https://patreon.com/nitter> \
BTC: bc1qp7q4qz0fgfvftm5hwz3vy284nue6jedt44kxya \
ETH: 0x66d84bc3fd031b62857ad18c62f1ba072b011925 \
LTC: ltc1qhsz5nxw6jw9rdtw9qssjeq2h8hqk2f85rdgpkr \
XMR: 42hKayRoEAw4D6G6t8mQHPJHQcXqofjFuVfavqKeNMNUZfeJLJAcNU19i1bGdDvcdN6romiSscWGWJCczFLe9RFhM3d1zpL
## Contact
Feel free to join our [Matrix channel](https://matrix.to/#/#nitter:matrix.org).

View File

@ -18,9 +18,9 @@ services:
- {{ docker_dir }}/firefox/start.sh:/custom-cont-init.d/start.sh
- {{ docker_dir }}/firefox/fly:/config/.fly
- {{ docker_dir }}/firefox/profile:/config/.mozilla/firefox
- {{ docker_dir }}/firefox/index.html:/usr/share/kasmvnc/www/index.html
- {{ docker_dir }}/firefox/vnc.html:/usr/share/kasmvnc/www/vnc.html
- {{ docker_dir }}/firefox/style.bundle.css:/usr/share/kasmvnc/www/dist/style.bundle.css
# - {{ docker_dir }}/firefox/index.html:/usr/share/kasmvnc/www/index.html
# - {{ docker_dir }}/firefox/vnc.html:/usr/share/kasmvnc/www/vnc.html
# - {{ docker_dir }}/firefox/style.bundle.css:/usr/share/kasmvnc/www/dist/style.bundle.css
# devices:
# - /dev/dri:/dev/dri
ports:

View File

@ -1,101 +0,0 @@
# {{ ansible_managed }}
version: '3.7'
services:
nitter:
image: git.opnxng.com/opnxng/nitter:latest
container_name: nitter
user: "998:998"
read_only: true
security_opt:
- no-new-privileges
environment:
- PUID=1000
- PGID=1000
- TZ=Asia/Singapore
# ports:
# - 8883:8080
volumes:
- {{ docker_dir }}/nitter/nitter.conf:/src/nitter.conf:ro
- {{ docker_dir }}/nitter/about.html:/src/public/md/about.html:ro
- {{ docker_dir }}/nitter/about.md:/src/public/md/about.md:ro
- {{ docker_dir }}/nitter/guest_accounts.jsonl:/src/guest_accounts.jsonl
depends_on:
- nitter-redis
restart: unless-stopped
healthcheck:
test: wget -nv --tries=1 --spider http://127.0.0.1:8080/Jack/status/20 || exit 1
interval: 30s
timeout: 5s
retries: 2
networks:
- nitter
nitter-redis:
image: redis:alpine
container_name: nitter-redis
command: redis-server --save 60 1 --loglevel warning
security_opt:
- no-new-privileges
environment:
- PUID=1000
- PGID=1000
- TZ=Asia/Singapore
volumes:
- {{ docker_dir }}/nitter/redis:/data
restart: unless-stopped
user: "999:1000"
read_only: true
healthcheck:
test: redis-cli ping
interval: 30s
timeout: 5s
retries: 2
networks:
- nitter
nitter-nginx:
image: nginx:stable-alpine-slim
container_name: nitter-nginx
security_opt:
- no-new-privileges
environment:
- PUID=1000
- PGID=1000
- TZ=Asia/Singapore
volumes:
- {{ docker_dir }}/nitter/nginx/nginx.conf:/etc/nginx/nginx.conf
- {{ docker_dir }}/nitter/nginx/shared_cache.conf:/etc/nginx/shared_cache.conf
- {{ docker_dir }}/nitter/nginx/shared_static.conf:/etc/nginx/shared_static.conf
- {{ docker_dir }}/nitter/nginx/nitter_error.log:/var/log/nginx/nitter_error.log
- {{ docker_dir }}/nitter/nginx/nginx:/etc/logrotate.d/nginx
- {{ docker_dir }}/nitter/nginx/public:/src/public
- {{ docker_dir }}/nitter/about.html:/src/public/md/about.html:ro
- {{ docker_dir }}/nitter/about.md:/src/public/md/about.md:ro
restart: unless-stopped
ports:
- 8883:80
networks:
- nitter
nitter-fail2ban:
image: lscr.io/linuxserver/fail2ban:latest
container_name: nitter-fail2ban
cap_add:
- NET_ADMIN
- NET_RAW
security_opt:
- no-new-privileges
environment:
- PUID=1000
- PGID=1000
- TZ=Asia/Singapore
# - VERBOSITY=-vv
volumes:
- {{ docker_dir }}/nitter/fail2ban/jail.local:/config/fail2ban/jail.local
- {{ docker_dir }}/nitter/nginx/nitter_error.log:/var/log/nginx/nitter_error.log
restart: unless-stopped
network_mode: host
networks:
nitter:
name: nitter

View File

@ -3,8 +3,8 @@ version: '3.7'
services:
searxng:
# image: git.opnxng.com/opnxng/searxng
image: searxng/searxng:latest
image: git.opnxng.com/opnxng/searxng
#image: searxng/searxng:latest
restart: always
container_name: searxng
security_opt:

View File

@ -39,7 +39,7 @@ services:
- FLAIRS_ENABLED=false
- API_ENABLED=false
- SUGGESTED_SUBREDDITS=["Saved", "Selfhosted", "Linux", "Privacy", "DataHoarder"]
- DOMAIN_REPLACEMENTS=[["twitter.com","n.opnxng.com"],["quora.com","q.opnxng.com."],["imgur.com","r.opnxng.com"]]
- DOMAIN_REPLACEMENTS=[["quora.com","q.opnxng.com."],["imgur.com","r.opnxng.com"]]
restart: unless-stopped
healthcheck:
test: ["CMD", "wget" ,"--no-verbose", "--tries=1", "--spider", "http://localhost:8080/about"]

View File

@ -162,27 +162,32 @@
}
}
@n {
host n.{$HOSTNAME}
maxmind_geolocation {
db_path "/etc/caddy/GeoLite2-City.mmdb"
deny_countries CN
}
}
# @n {
# host n.{$HOSTNAME}
# maxmind_geolocation {
# db_path "/etc/caddy/GeoLite2-City.mmdb"
# deny_countries CN
# }
# }
# handle @n {
# @notstatic {
# not path /css/* /js/* /fonts/* /browserconfig.xml /android-chrome* /favicon* /logo* /lp.svg /robots.txt /safari* /site.webmanifest /pic/*
# }
# rate_limit @notstatic {remote.ip} 2r/s 60000 429
# rate_limit @notstatic {remote.ip} 45r/m 300000 429
# reverse_proxy {{ oracle4_private_ip }}:8883 {
# header_up X-Real-IP {remote_host}
# transport http {compression off}
# }
# header {
# header Content-Security-Policy "default-src 'none'; script-src 'self' 'unsafe-inline'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none'; media-src 'self' blob:; worker-src 'self' blob:; base-uri 'self'; form-action 'self'; frame-ancestors 'self'; connect-src 'self' https://*.twimg.com; manifest-src 'self'"
# X-Robots-Tag "noindex, noimageindex, nosnippet, notranslate, noarchive, nofollow"
# }
# }
@n host n.{$HOSTNAME}
handle @n {
@notstatic {
not path /css/* /js/* /fonts/* /browserconfig.xml /android-chrome* /favicon* /logo* /lp.svg /robots.txt /safari* /site.webmanifest /pic/*
}
rate_limit @notstatic {remote.ip} 2r/s 60000 500
rate_limit @notstatic {remote.ip} 45r/m 300000 500
reverse_proxy {{ oracle4_private_ip }}:8883 {
header_up X-Real-IP {remote_host}
transport http {compression off}
}
header {
header Content-Security-Policy "default-src 'none'; script-src 'self' 'unsafe-inline'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none'; media-src 'self' blob:; worker-src 'self' blob:; base-uri 'self'; form-action 'self'; frame-ancestors 'self'; connect-src 'self' https://*.twimg.com; manifest-src 'self'"
X-Robots-Tag "noindex, noimageindex, nosnippet, notranslate, noarchive, nofollow"
}
redir https://about.opnxng.com/blog/#nitter
}
@b host b.{$HOSTNAME}
@ -489,8 +494,8 @@
@q host q.{$HOSTNAME}
handle @q {
encode zstd gzip
rate_limit {remote.ip} 2r/s 60000 500
rate_limit {remote.ip} 45r/m 300000 500
rate_limit {remote.ip} 2r/s 60000 429
rate_limit {remote.ip} 45r/m 300000 429
reverse_proxy {
to {{ oracle1_private_ip }}:8904
to {{ oracle2_private_ip }}:8904
@ -542,8 +547,8 @@
# @notstatic {
# not path /static/* /android-chrome* /favicon* /robots.txt /banner/* /site.webmanifest
# }
# rate_limit @notstatic {remote.ip} 2r/s 60000 500
# rate_limit @notstatic {remote.ip} 45r/m 300000 500
# rate_limit @notstatic {remote.ip} 2r/s 60000 429
# rate_limit @notstatic {remote.ip} 45r/m 300000 429
# reverse_proxy {
# to {{ oracle1_private_ip }}:8907
# to {{ oracle2_private_ip }}:8907

View File

@ -1,10 +0,0 @@
[DEFAULT]
bantime.increment = true
[nginx-limit-req]
enabled = true
port = http,https
chain = DOCKER-USER
action = %(known/action)s
# logpath = %(nginx_error_log)s
logpath = /var/log/nginx/*.log

View File

@ -1,57 +0,0 @@
# {{ ansible_managed }}
events {
worker_connections 4096; ## Default: 1024
}
http {
limit_req_zone $binary_remote_addr zone=n.opnxng.com_sec:10m rate=1r/s;
limit_req_zone $binary_remote_addr zone=n.opnxng.com_min:10m rate=45r/m;
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
set_real_ip_from 192.168.0.0/16;
real_ip_header X-Forwarded-For;
real_ip_recursive on;
location / {
resolver 127.0.0.11;
set $backend "nitter";
proxy_pass http://$backend:8080;
limit_req zone=n.opnxng.com_sec burst=3 nodelay;
limit_req zone=n.opnxng.com_min burst=4;
}
location = /robots.txt {
add_header Content-Type text/plain;
return 200 "User-agent: *\nDisallow: /\n";
}
error_log /var/log/nginx/nitter_error.log notice;
location /pic/ { include shared_cache.conf; }
location /video/ { include shared_cache.conf; }
# If you are running nitter from docker then change `shared_static.conf` to `shared_cache.conf`
location /css/ { include shared_cache.conf; }
location /js/ { include shared_cache.conf; }
location /fonts/ { include shared_static.conf; }
location = /apple-touch-icon.png { include shared_static.conf; }
location = /apple-touch-icon-precomposed.png { include shared_static.conf; }
location = /android-chrome-192x192.png { include shared_static.conf; }
location = /favicon-32x32.png { include shared_static.conf; }
location = /favicon-16x16.png { include shared_static.conf; }
location = /favicon.ico { include shared_static.conf; }
location = /logo.png { include shared_static.conf; }
location = /site.webmanifest { include shared_static.conf; }
}
}

View File

@ -1,30 +0,0 @@
/var/log/nginx/*.log {
daily
missingok
rotate 52
compress
delaycompress
notifempty
create 640 nginx adm
sharedscripts
postrotate
if [ -f /var/run/nginx.pid ]; then
kill -USR1 `cat /var/run/nginx.pid`
fi
endscript
}
/var/log/nginx/nitter_error.log {
rotate 30
size 10M
dateext
dateformat -%Y-%m-%d
missingok
compress
sharedscripts
postrotate
if [ -f /var/run/nginx.pid ]; then
kill -USR1 `cat /var/run/nginx.pid`
fi
endscript
}

View File

@ -1,48 +0,0 @@
# {{ ansible_managed }}
[Server]
address = "0.0.0.0"
port = 8080
https = false # disable to enable cookies when not using https
httpMaxConnections = 100
staticDir = "./public"
title = "nitter"
hostname = "n.opnxng.com"
[Cache]
listMinutes = 240 # how long to cache list info (not the tweets, so keep it high)
rssMinutes = 10 # how long to cache rss queries
redisHost = "nitter-redis" if using docker-compose
redisPort = 6379
redisPassword = ""
#redisConnections = 0
#redisMaxConnections = 0
#redisConnections = 20 # connection pool size
#redisMaxConnections = 30
# max, new connections are opened when none are available, but if the pool size
# goes above this, they're closed when released. don't worry about this unless
# you receive tons of requests per second
[Config]
hmacKey = "{{ nitter_jwt_secret }}" # random key for cryptographic signing of video urls
base64Media = false # use base64 encoding for proxied media urls
enableRSS = true # set this to false to disable RSS feeds
enableDebug = false # enable request logs and debug endpoints
proxy = "" # http/https url, SOCKS proxies are not supported
proxyAuth = ""
tokenCount = 10
# minimum amount of usable tokens. tokens are used to authorize API requests,
# but they expire after ~1 hour, and have a limit of 187 requests.
# the limit gets reset every 15 minutes, and the pool is filled up so there's
# always at least $tokenCount usable tokens. again, only increase this if
# you receive major bursts all the time
# Change default preferences here, see src/prefs_impl.nim for a complete list
[Preferences]
theme = "auto_(Twitter)"
replaceTwitter = "n.opnxng.com"
replaceYouTube = "invidious.fdn.fr"
replaceReddit = "l.opnxng.com"
replaceInstagram = ""
proxyVideos = true
hlsPlayback = false
infiniteScroll = false

View File

@ -227,9 +227,9 @@ hostname_replace:
'dic\.academic\.ru$': 'akademik.bloat.cat'
'(.*\.)?tumblr\.com$': 'tb.opnxng.com'
'(.*\.)?imgur\.com$': 'r.opnxng.com'
'(.*\.)?stackoverflow\.com$': 'a.opnxng.com'
'(.*\.)?mobile.twitter\.com$': 'n.opnxng.com'
'(about\www\.)?twitter\.com$': 'n.opnxng.com'
'(.*\.)?stackoverflow\.com$': 'code.whatever.social'
# '(.*\.)?mobile.twitter\.com$': 'nitter.poast.org'
# '(about\www\.)?twitter\.com$': 'nitter.poast.org'
'(.*\.)?quora\.com$': 'q.opnxng.com'
'(.*\.)?imdb\.com$': 'd.opnxng.com'
# '(.*\.)?instagram\.com$': 'ig.opnxng.com'

View File

@ -5,6 +5,8 @@ config:
compose:
oracle4:
- paulgo
vultr:
- teddit
# ----------------------------------------------------------------------------------------------------
@ -91,7 +93,6 @@ deployed-compose:
- priviblur
oracle4:
- caddy
- nitter
- paulgo
- authelia
- geoipupdate