Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Branch: master
Fetching contributors…

Cannot retrieve contributors at this time

executable file 94 lines (60 sloc) 3.093 kB

Postmile is a collaborative list making tool built using JS, Node.js, and MongoDB.

Installation

Postmile consists of an api server and a web server, both running using Node.js. The two servers can run on the same machine or different machines. The following is based on a shared machine.

$ git clone git://github.com/hueniverse/postmile.git
$ cd postmile
$ cp config.js.example config.js

Edit postmile/config.js with your preferences and configuration.

$ cd api
$ cp vault.js.example vault.js

Edit postmile/api/vault.js and set the values of the 'aes256Key' variables to different random secrets sufficiently long (e.g. 40 characters).

If your MongoDB requires authentication, set the values of the database 'username' and 'password' (otherwise leave empty).

$ npm update
$ node install

110827/005720.948, info, Database initialized
110827/005720.952, info, Initial dataset created successfully
110827/005720.952, info, >>>>> postmile.web client secret: __some__secret__

Copy the postmile.web client secret and save it for later.

$ cd ../web
$ npm update
$ cp vault.js.example vault.js

Edit postmile/web/vault.js and set the values of the 'aes256Key' variables to different random secrets sufficiently long (e.g. 40 characters).

Set the value of the postmileAPI 'clientSecret' variable to the client secret saved earlier.

Enter at least one third-party API credentials (Twitter, Facebook, or Yahoo!) as received from each provider when you registered the application. If asked, the callback URI is your web server configuration entered above with the path '/auth/twitter', '/auth/facebook', or '/auth/yahoo'. For example, if you configured your web server to run on '127.0.0.1', port '8000', using the 'http' scheme, and you are using Twitter, your callback URI is http://127.0.0.1:8000/auth/twitter.

$ cd ..

Make sure to protect your vault.js files. If an attacker gets hold of them, you're screwed. If you are going to run this in a production environment, you should use TLS (HTTPS) for the web server (otherwise it's cookies and OAuth 2.0 bits are pretty open for attacks). To configure TLS, set the 'process.web.tls' variable in the postmile/config.js file to point to your TLS key and certificate.

Startup

To start both servers at the same time in the same process (combined log output):

$ node postmile

To start each server individually:

$ node api/index &
$ node web/index &

Now point your browser at the web server address and start using Postmile.

Credits

Eran Hammer-Lahav - Concept and server-side components

Lance Welsh - 'view' web client

Axel Albin-Lax, Josh Kamler, and Bryan Chen - UX/UI design, Snowy web client theme

Emmanuel Crouvisier - 'view' web client CSS/HTML

Chris Carrasco - Original artwork

History

Postmile is based on the discontinued experimental Yahoo! Sled project initially published at: https://github.com/yahoo/postmile.

Jump to Line
Something went wrong with that request. Please try again.