This is an old revision of the document!
Table of Contents
Nitter
Ubuntu 20.04
This project, while good, required a decent amount of manual work just to get it up and running. There is next to zero documentation and uses some random language that has it's own issues getting installed properly. This guide assumes you know how to setup a DNS record.
Install
Update and install nginx, redis (a caching server), and certbot. Redis will automatically start itself and create a service, which is nice.
sudo apt update;sudo apt upgrade -y sudo apt install redis-server nginx sudo apt install python3-certbot-nginx sudo apt install libsass-dev # Required to run nimble scss sudo certbot --nginx certonly
Configure Nginx
This configuration will obtain an A+ on Qualy's SSL Labs and Mozilla Observatory.
sudo vim /etc/nginx/conf.d/nitter.placeholder.domain.conf
server {
listen 80;
server_name nitter.placeholder.domain;
# enforce https
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name nitter.placeholder.domain;
ssl_certificate /etc/letsencrypt/live/nitter.placeholder.domain/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/nitter.placeholder.domain/privkey.pem;
ssl_session_timeout 5m;
ssl_ecdh_curve secp384r1;
ssl_session_tickets off;
ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:AES256+EECDH:AES256+EDH:!SHA1:!SHA256:!SHA384:!aNULL';
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_dhparam /etc/ssl/dhparam.pem;
ssl_stapling on;
ssl_stapling_verify on;
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
add_header Referrer-Policy "no-referrer" always;
add_header X-Content-Type-Options "nosniff" always;
#add_header X-Download-Options "noopen" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Permitted-Cross-Domain-Policies "none" always;
add_header X-Robots-Tag "none" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header Content-Security-Policy "default-src 'self' 'inline-unsafe; script-src 'self' 'inline-unsafe'" always;
location / {
proxy_pass http://localhost:8080;
}
}
Install and Configure nim
Install nim, just wget the latest package from their website. https://nim-lang.org/install_unix.html
Their install script is improperly written so you will need to manually copy the executable binary nimble as that one is used to compile. Just stick it in /usr/bin. Below is an example using the current version of nim at the time of writing.
wget https://nim-lang.org/download/nim-1.4.4-linux_x64.tar.xz tar xvf nim-1.4.4-linux_x64.tar.xz cd nim-1.4.4/ ./install.sh /usr/bin sudo cp bin/nimble /usr/bin/
Add a user named nitter and login as that user. The following commands are under the nitter user only.
sudo useradd -d /home/nitter -m nitter sudo su nitter
Clone Nitter
git clone https://github.com/zedeus/nitter cd nitter
Build Nitter
nimble build -d:release
Build CSS
nimble scss mkdir ./tmp
Configure nitter
/home/nitter/nitter/nitter.conf
Just make sure to fill out the hostname and hmacKey, I gave my key a randomly generated 64 character string, seems to work.
Configure and enable UFW
sudo ufw allow ssh sudo ufw allow http sudo ufw allow https sudo ufw enable
Make it run on startup
Run this command as your standard log in user, not the nitter user as that should still not have a password.
sudo vim /etc/systemd/system/nitter.service
Systemd Service
[Unit] Description=Nitter (An alternative Twitter front-end) After=syslog.target After=network.target [Service] Type=simple # set user and group User=nitter Group=nitter # configure location WorkingDirectory=/home/nitter/nitter ExecStart=/home/nitter/nitter/nitter Restart=always RestartSec=15 [Install] WantedBy=multi-user.target