======Nitter======
**Ubuntu 20.04**
This project, while good, required a decent amount of manual work just to get it up and running. There is next to zero documentation and uses some random language that has it's own issues getting installed properly. This guide assumes you know how to setup a DNS record.
=====Install=====
Update and install nginx, redis (a caching server), and certbot. Redis will automatically start itself and create a service, which is nice.
sudo apt update;sudo apt upgrade -y
sudo apt install redis-server nginx
sudo apt install python3-certbot-nginx
sudo apt install libsass-dev # Required to run nimble scss
sudo certbot --nginx certonly
====Configure Nginx====
This configuration will obtain an A+ on Qualy's SSL Labs and Mozilla Observatory.
sudo vim /etc/nginx/conf.d/nitter.placeholder.domain.conf
server {
listen 80;
server_name nitter.placeholder.domain;
# enforce https
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name nitter.placeholder.domain;
ssl_certificate /etc/letsencrypt/live/nitter.placeholder.domain/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/nitter.placeholder.domain/privkey.pem;
ssl_session_timeout 5m;
ssl_ecdh_curve secp384r1;
ssl_session_tickets off;
ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:AES256+EECDH:AES256+EDH:!SHA1:!SHA256:!SHA384:!aNULL';
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_dhparam /etc/ssl/dhparam.pem;
ssl_stapling on;
ssl_stapling_verify on;
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
add_header Referrer-Policy "no-referrer" always;
add_header X-Content-Type-Options "nosniff" always;
#add_header X-Download-Options "noopen" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Permitted-Cross-Domain-Policies "none" always;
add_header X-Robots-Tag "none" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header Content-Security-Policy "default-src 'self' 'inline-unsafe; script-src 'self' 'inline-unsafe'" always;
location / {
proxy_pass http://localhost:8080;
}
}
====Install and Configure nim====
Install nim, just wget the latest package from their website. https://nim-lang.org/install_unix.html
Their install script is improperly written so you will need to manually copy the executable binary ''nimble'' as that one is used to compile. Just stick it in /usr/bin. Below is an example using the current version of nim at the time of writing.
wget https://nim-lang.org/download/nim-1.4.4-linux_x64.tar.xz
tar xvf nim-1.4.4-linux_x64.tar.xz
cd nim-1.4.4/
./install.sh /usr/bin
sudo cp bin/nimble /usr/bin/
Add a user named nitter and login as that user. The following commands are under the nitter user only.
sudo useradd -d /home/nitter -m nitter
sudo su nitter
Clone Nitter
git clone https://github.com/zedeus/nitter
cd nitter
Build Nitter
nimble build -d:release
Build CSS
nimble scss
mkdir ./tmp
Configure nitter
''/home/nitter/nitter/nitter.conf''
Just make sure to fill out the hostname and hmacKey, I gave my key a randomly generated 64 character string, seems to work.
====Configure and enable UFW====
sudo ufw allow ssh
sudo ufw allow http
sudo ufw allow https
sudo ufw enable
=====Make it run on startup=====
Run this command as your standard log in user, not the nitter user as that should still not have a password.
sudo vim /etc/systemd/system/nitter.service
**Systemd Service**
[Unit]
Description=Nitter (An alternative Twitter front-end)
After=syslog.target
After=network.target
[Service]
Type=simple
# set user and group
User=nitter
Group=nitter
# configure location
WorkingDirectory=/home/nitter/nitter
ExecStart=/home/nitter/nitter/nitter
Restart=always
RestartSec=15
[Install]
WantedBy=multi-user.target