{"id":20758003,"url":"https://github.com/freekbes/improved_intra_server","last_synced_at":"2025-10-10T00:07:50.394Z","repository":{"id":41518501,"uuid":"494821945","full_name":"FreekBes/improved_intra_server","owner":"FreekBes","description":"The back-end of the Improved Intra browser extension","archived":false,"fork":false,"pushed_at":"2025-09-22T14:51:14.000Z","size":7028,"stargazers_count":2,"open_issues_count":7,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-09-23T16:55:29.240Z","etag":null,"topics":["42born2code","flask","gunicorn","nginx-proxy","postgresql","python3","sqlalchemy","wsgi-python"],"latest_commit_sha":null,"homepage":"https://github.com/FreekBes/improved_intra/","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/FreekBes.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2022-05-21T15:29:48.000Z","updated_at":"2025-06-01T15:12:12.000Z","dependencies_parsed_at":"2024-05-03T21:30:06.873Z","dependency_job_id":"5ce7dcf5-2292-4597-b436-9f263529c9ca","html_url":"https://github.com/FreekBes/improved_intra_server","commit_stats":null,"previous_names":[],"tags_count":12,"template":false,"template_full_name":null,"purl":"pkg:github/FreekBes/improved_intra_server","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/FreekBes%2Fimproved_intra_server","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/FreekBes%2Fimproved_intra_server/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/FreekBes%2Fimproved_intra_server/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/FreekBes%2Fimproved_intra_server/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/FreekBes","download_url":"https://codeload.github.com/FreekBes/improved_intra_server/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/FreekBes%2Fimproved_intra_server/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279002366,"owners_count":26083355,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-09T02:00:07.460Z","response_time":59,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["42born2code","flask","gunicorn","nginx-proxy","postgresql","python3","sqlalchemy","wsgi-python"],"created_at":"2024-11-17T09:48:26.661Z","updated_at":"2025-10-10T00:07:50.353Z","avatar_url":"https://github.com/FreekBes.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Back-end for Improved Intra\nThis repository contains the back-end for use with the [Improved Intra](https://github.com/FreekBes/improved_intra) browser extension.\n\n\n## Install\nThis guide is written with Debian 11 (\"Bullseye\") in mind. It should also work on Windows Subsystem for Linux.\n\n### Update \u0026 install system dependencies\n```sh\nsudo apt update \u0026\u0026 sudo apt upgrade\nsudo apt install git nginx openssl\n```\n\n### Clone the repository\n```sh\ngit clone https://github.com/FreekBes/improved_intra_server.git /opt/improved_intra_server\nsudo chown -R www-data:www-data /opt/improved_intra_server\ncd /opt/improved_intra_server\n```\n\n### Install PostgreSQL\n```sh\nsudo apt install -y wget lsb-release gnupg2\nsudo sh -c 'echo \"deb http://apt.postgresql.org/pub/repos/apt $(lsb_release -cs)-pgdg main\" \u003e /etc/apt/sources.list.d/pgdg.list'\nwget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -\nsudo apt update \u0026\u0026 sudo apt install -y postgresql\n```\nMore installation options available [here](https://www.postgresql.org/download/).\n\n### Set up PostgreSQL\n```sh\n# Enable PostgreSQL at boot\nsudo systemctl enable postgresql\n\n# Start PostgreSQL now\nsudo service postgresql start\n\n# Launch and enter a PostgreSQL console\nsudo -u postgres psql postgres\n```\n```postgresql\n--- Set password for postgres user to 'postgres' (you can modify this)\nALTER USER postgres PASSWORD 'postgres';\n\n--- Create database (optional, __init__.py will do this for you)\nCREATE DATABASE \"iintra\" WITH OWNER \"postgres\" ENCODING 'UTF8';\n\n--- Exit PostgreSQL console\nEXIT;\n```\n\n### Install Python3\n```sh\nsudo apt install -y python3 python3-pip python-setuptools libpq-dev python3-virtualenv virtualenv\n```\n\n### Initialize the virtual environment\n```sh\n# Create a virtual environment\nsudo virtualenv -p python3 .venv\nsudo chown -R www-data:www-data /opt/improved_intra_server\n\n# Activate the virtual environment\n. .venv/bin/activate\n\n# Install packages\nsudo .venv/bin/pip install -r requirements.txt\n```\n\n### Set up secrets\nCopy the `.secret.env.example` file, rename it to `.secret.env` and fill it in.\n\n### Configure the systemd service\n```sh\ncp useful/iintra-server.service /etc/systemd/system/\nsudo systemctl start iintra-server.service\nsudo systemctl enable iintra-server.service\n```\n\n### Set up nginx as reverse-proxy\n```sh\n# Copy custom nginx config snippets\ncp ./useful/*.nginx.snippet.conf /etc/nginx/snippets/\n\n# Remove default nginx server\nrm -f /etc/nginx/sites-enabled/default\n```\n\n#### Use with self-signed certificate\n```sh\n# Create SSL certificate for HTTPS support\nsudo mkdir -p /etc/nginx/ssl\nsudo openssl req -newkey rsa:2048 -x509 -days 365 -nodes \\\n\t-keyout /etc/nginx/ssl/server.key -out /etc/nginx/ssl/server.pem \\\n\t-subj \"/C=NL/ST=North-Holland/L=Amsterdam/O=ImprovedIntra/CN=iintra.freekb.es/\"\n\n# Copy server config\ncp ./useful/nginx.example.ssl.conf /etc/nginx/sites-available/iintra.freekb.es.conf\nln -s /etc/nginx/sites-available/iintra.freekb.es.conf /etc/nginx/sites-enabled/\n\n# Restart nginx\nsudo systemctl restart nginx\n```\n\n#### Use without SSL support\nUseful if you want to add a certificate yourself, for example using `certbot`.\n```sh\n# Copy server config\ncp ./useful/nginx.example.conf /etc/nginx/sites-available/iintra.freekb.es.conf\nln -s /etc/nginx/sites-available/iintra.freekb.es.conf /etc/nginx/sites-enabled/\n\n# Restart nginx\nsudo systemctl restart nginx\n```\n\n\n## Updating the server\n```sh\n# Pull latest updates\ncd /opt/improved_intra_server\ngit pull\n\n# Activate the virtual environment\n. .venv/bin/activate\n\n# Install and update dependencies\nsudo .venv/bin/pip install -r requirements.txt\n\n# Fix permissions\nsudo chown -R www-data:www-data /opt/improved_intra_server\n\n# Restart the wsgi server\ncp useful/iintra-server.service /etc/systemd/system/\nsudo systemctl daemon-reload\nsudo systemctl restart iintra-server.service\n\n# Update nginx snippets\ncp ./useful/*.nginx.snippet.conf /etc/nginx/snippets/\n\n# Do not run this step if you do not use a self-signed certificate but do use SSL/HTTPS\ncp ./useful/nginx.example.conf /etc/nginx/sites-available/iintra.freekb.es.conf\n\n# Restart nginx\nsudo systemctl restart nginx\n```\n\n\n## Logs\nThere are several log files used by the Improved Intra server:\n- *logs/access.log*: contains all requests made to the server\n- *logs/error.log*: contains all errors encountered by the server\n- *logs/server.log*: contains specific logging done by the server, such as requests made to the Intra API and logging for runners\n- *wsgi.log*: contains all logging done in development mode\n\nAdditionally, there is another log maintained by the systemd service. This log contains errors encountered by the systemd service itself, such as errors encountered when starting the server. But also, very importantly: errors encountered by the server itself are logged here as well (any `print` statement). This is probably the most important log file to look at when something goes wrong.\n```sh\n# To view the log\nsudo journalctl -u iintra-server.service\n\n# To view the last 100 lines of the log\nsudo journalctl -u iintra-server.service -n 100 --no-pager\n\n# Or, to follow the log (like with tail -f)\nsudo journalctl -u iintra-server.service -f\n```\n\n\n## Resetting all user/extension sessions\nIf you wish to reset all extension sessions, effectively logging out all extension sessions, you can do so by changing the _SESSION_KEY_ in the `.secret.env` file. This will invalidate all existing Flask server sessions and force the extension to reauthenticate the user. Normally, this would happen without the user having to do anything - because of the `ext_token` or `user_token` implementation. However, if you wish to force the user to reauthenticate by logging in to the Intranet again, you also do this by deleting all `user_tokens` from the database **(use with caution)**:\n```postgresql\nSTART TRANSACTION;\nDELETE FROM user_tokens;\nCOMMIT;\n```\n\n\n\n## Using a self-hosted back-end server in development\nOn a user machine, modify the hosts file to point to your development server. Don't forget to remove those lines after development!\n\n### Unix\n```sh\n# Replace 127.0.0.1 with the IP address of your server if not on localhost\nsudo echo '127.0.0.1 darkintra.freekb.es' \u003e\u003e /etc/hosts\nsudo echo '127.0.0.1 iintra.freekb.es' \u003e\u003e /etc/hosts\n```\n\n### Windows\n1. Run `notepad.exe` as an administrator\n2. Open the file `C:\\Windows\\System32\\drivers\\etc\\hosts`\n3. Add the following lines at the bottom of the file (replace the `127.0.0.1` with the IP address of your server if not on localhost):\n```\n# Improved Intra development server\n127.0.0.1 darkintra.freekb.es\n127.0.0.1 iintra.freekb.es\n```\n\n## Ignoring the unsafe certificate error in Chromium-based browsers\n1. Visit [iintra.freekb.es](https://iintra.freekb.es/) in your Chromium-based browser (after running above steps for your OS)\n2. Select any spot in the \"Your connection is not secure\" page\n3. Type `thisisunsafe` on your keyboard\n4. Profit\n\nThis method will also work for any XMLHttpRequests sent by code! Isn't it great?\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffreekbes%2Fimproved_intra_server","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ffreekbes%2Fimproved_intra_server","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffreekbes%2Fimproved_intra_server/lists"}