Leave a message for feye.dev!

Messages:

We transformed feye.dev from a static HTML page into a dynamic website where visitors can leave messages. The main idea is to use Python + Flask as the backend to handle message submissions and display.
A new project folder was created at: /var/www/feye.dev/app
This folder contains the Flask application and related files.
A Python virtual environment (venv) was also set up here to isolate dependencies.
The main Flask application file is: /var/www/feye.dev/app/app.py
Handles HTTP requests. Processes POST submissions from the message form. Reads and displays saved messages.
Messages are stored in a text file inside the same folder: /var/www/feye.dev/app/messages.txt
Nginx configuration was updated in: /etc/nginx/sites-available/feye.dev
The HTTPS server block now proxies requests to the Flask app running on Gunicorn. The HTTP → HTTPS redirect block managed by Certbot was kept intact. SSL certificates from Let’s Encrypt are still used.
Gunicorn is used as a production WSGI server to run the Flask app. It runs the Flask application on 127.0.0.1:5000, while Nginx acts as a reverse proxy to forward requests from port 80 or 443 to Gunicorn. Gunicorn is configured to run as a systemd service so that the app starts automatically on server reboot.
We implemented the Post/Redirect/Get pattern to prevent duplicate messages when the user reloads the page after submitting a message. After a POST submission, Flask redirects the client to a GET request, ensuring the message is only stored once.
The result is that visitors can submit and view messages on feye.dev in real time. The site uses HTTPS with Let’s Encrypt, all HTTP traffic is redirected to HTTPS, and Flask runs securely in production through Gunicorn and Nginx.
I ran using the command "nohup gunicorn -w 3 -b 127.0.0.1:5000 app:app > gunicorn.log 2>&1 &"
To check logs use: "tail -f gunicorn.log"
(still in the /var/www/feye.dev/app dir)
To check if it is running: ps aux | grep gunicorn
To stop it: sudo pkill gunicorn
d
<script>alert('XSS')</script>
"><script>alert("XSS")</script>
<scr<script>ipt>alert('XSS')</scr<script>ipt>
Crazy!
Kek
Jannes ist ein Kek!
Wie habe ich das nicht kommen gesehen? :)
-----BEGIN PGP MESSAGE----- wcFMA0VgbJecWPIfAQ/+OYzbvCFdnlaI29xwBAMkiFwmwvNHrVvrLeF6FmK8d7jw k+TOjKu57bX4/ryiAnv4vf0flAX1FZFd4n/PzjEsBeTKrmA2FJMlk3WfW9uREXKs hdyFtR0zZDH8wPQ0OtSiQeJONHyMRUFKro5a1E6tbU+KCjJnrW9Pv0vKOUZNqDG+ 72KueFEBhhIgSAd5heJnsT/OAQ7ApsRWYp/DS9+vpHIIeerRQP2eKVU0lorbsXCt qW4itJ91I1bR1J16ANOAODhB972+qQ4M+Ah8xTBhsFaAk7Qs1v3RgoccaNx1e8lL mOcj2IYWrJWjpefQBQ/IN0tO5TrUleCKYHRHbBGoj6yv/BC3sxj/Zgmm0ESYvrxe +5gnWspc4ivjzxMm8t/WH77yv/zX9tgKRVhjNafH1OEOR4lbwTvWQGixrleZw9wB U5yAK4YPDdUFUHafp+BHulL9x1rqtm1Nm4TXeqkXAfNdkb9lNOK0fnveCsfEfKRu sAnd8c5C6pE0oFcK7adhvi4WG9O7CZKFD0I/CJdWE2tzgraecBPP2P92hdxcvLlV ktjjmk4sWPAK/eXnaP4ZpBriqzyQAfJSfNuEliUNBHxu3Oc5LLq4VN0xlzkTJiHz HKp0t8uE7JH7sTUXYiX+yIbwS1VyYixgAIfYspMNscAQL/FbPXSzcbMueM6/Pv7B wMwDe36WjtjmnyEBC/9LvueiCgn/0HjILjL5crVPdriUAsAEMI7TT6vFZw4wg4hv bkFhWbKrny/P4VKPceeG4T3qdaJ1Jbdr5/5tgPrnawSnhnFTBFlUe8GyQrftJcho LiqqyLrmtQYCzreAAFJbwYHIG1nT4OSEHMGBjWgb8qkN01SdHDQbehsptkEkYNRy 3C64em0B/zv1errfGgcwPXsoHe4sJglDdz6zfBUCCYKitQIWZrHzftU/ghv/5vpT 06ZBRKCdFUnmEXc7x3lZd1IboBvhrA7yW7xe7qVw5snV5UsPg8CNOcnBRwoUVEJs Bj/NdOgq+pU9KE2i8mz4EPyvKaFzyGBHssiUhYiaz7rCO9LV3AyNFHBEOsc0EKqp niT9vqDNhHn9ZYVnb4TK3guhxeEpfzVxOiiUw4g05FKSi0b5+6zt+T9BLY++Drvd f1XHRryqVtDUzsJhOR+AOIuw/JlYsdO5HE/iHTd0abYkKwZsabkE5P0Gm1OT92Jn 8QcqLhtzzCYLf2IGQwLSwVsB60z2VztdAk5j8pXLOTpNiobIP/hLJurmNNSscnR/ lXG6v9AkeTaQGcpAnODjOF8AfuQmix9WW1t+yjyPYxeLa/L1AB+yIj+nSrgWh23X jP1zgaLzGN0bEEFAjIeB/jtp4Gz5SFXQ0DdDcKxr6y+g28z5PT44E/49yGAd4lgL Nci02lQHJ4kAv8CDpmQruvNYfOVSGjvcYbcLu4/Y86q6Von7WWUKO8d4OQ1o4Kls UXBRhYMQm4mjfFr+vK8RCOD6GZzNYNlxURNKc5LN4K18HO+dgj7kQ5ys5ENvvDJb Px9iH3KcUkYVrUbfFNQzJGR9Nc/LJ59lv5GVcAiPbtLgBwTAH4y+z4FAlWxBLcC9 kf7l6HmNN8t/l+E+JivZTMgDkP7yKEihmT/NLBX4TaE5+O2/JDZFlgMQDn7G5FwX k9F923bfdpH66l7H2p2drq49SmCXNL93tdAyo6ryuyj84DQ3NaCQOp6tWNYZb36Q aXgseVLieMtJpTvRo0DpbcWaclWrC+5/2ro4AZyPtyh4lFz4aoe9bmqc6MuNR8lz WZ73hKdH4DcEvWiX8x/GmOcC79PxTBaarTDeae7lTEEl1b89Rf4zp0H9dFNVtCdK qitU9NTMI6oD05an7F6mEBvH2bEmmNpQl8amIue5UAzHZCLKzromj+6BGmfviWVG 4/69OYrIqHtC1syIlYf9JUGA6o7rx6OJNJC94Q== =g2Pm -----END PGP MESSAGE-----
hey
\sum_n
Lukas kek
Jannes KEK
du kek
Mario Doppelkek
Hallo Mama
Hallo Lukas!
I don't think we need any advertisment. It's already perfect as it is.
although it would be quite funny to see a professional video promoting this site
Hallo aus dem Zug
last message before upgrade
upgrade is working
after upgrade still working
not redirecting
not redirecting test
Gunicorn startet jetzt automatisch und kann mit "sudo systemctl restart feye-dev.service" neu geladen werden
hi
test
test
Die Gedanken sind frei.
website started automatically after reboot and is fully functional
Lol
Ingo war hier
Lol
Rundeee Siedler
Rundeee Siedler
Ingo war hier
Rundeee Siedler
Rundeee Siedler
Tja, beim Seite neu laden wird die Nachricht doppelt gesendet...
Subdomains funktionieren jetzt mit gültigem Zertifikat von Let's Encrypt. Dafür wurde ein TXT DNS Record "_acme-challenge.feye.dev" angelegt.
Runde Doppelkopf
Doppelkopf kann nun unter doppelkopf.feye.dev gespielt werden
Rundeee Siedler
Eine Salami Pizza bitte!
hallo
Doppelkopf now starts automatically after reboot
test
test
test
hallo welt
hallo welt
hey
Let’s Encrypt setup:
These steps: https://www.digitalocean.com/community/tutorials/how-to-acquire-a-let-s-encrypt-certificate-using-dns-validation-with-certbot-dns-digitalocean-on-ubuntu-20-04 but API token scoped to 'domain'
sudo apt install python3-certbot-dns-digitalocean
...
sudo certbot certonly --dns-digitalocean --dns-digitalocean-credentials ~/certbot-creds.ini -d feye.dev -d *.feye.dev
Copypaste if necessary by the nginx.conf the options-ssl-nginx.conf and ssl-dhparams.pem from https://github.com/certbot/certbot/blob/master/certbot-nginx/certbot_nginx/_internal/tls_configs/options-ssl-nginx.conf
Optionally: Add a deploy hook to certbot renew (system-wide): create /etc/letsencrypt/renewal-hooks/post/99-reload-nginx.sh with: #!/bin/sh systemctl reload nginx chmod +x it