feat: allow containerized deployments

At the moment, it seems like it should be working, but I get: ``` lua5.1: error loading module 'bcrypt' from file '/usr/local/openresty/luajit/lib/lua/5.1/bcrypt.so': Error relocating /usr/local/openresty/luajit/lib/lua/5.1/bcrypt.so: luaL_setfuncs: symbol not found ```
2025-05-22 11:25:21 +02:00
29 changed files with 146 additions and 375 deletions
--- a/.dockerignore
+++ b/.dockerignore
@ -1,8 +0,0 @@
 logs/
 nginx.conf.compiled
 .vscode/
 .local/
 data/db/*
 secrets
 secrets/.touched*
 sass
--- a/.gitignore
+++ b/.gitignore
@ -1,9 +1,10 @@
 logs/
 nginx.conf.compiled
 db.*.sqlite
 .vscode/
 .local/
-data/db/*
+static/avatars/*
-secrets/secrets.lua
+!static/avatars/default.webp
-secrets/.touched*
+secrets.lua
-data/static/avatars/*
+
-!data/static/avatars/default.webp
+.first_launch.*
--- a/16
+++ b/16
@ -1,16 +0,0 @@
 # HOW TO:
 #
 # docker compose up
 #
 # it exposes the data/ and secrets/ volumes in app root
 #
 FROM openresty/openresty:alpine-fat
 RUN apk add --no-cache git make gcc g++ musl-dev libffi-dev openssl-dev sqlite-dev libsodium libsodium-dev imagemagick-dev openssl
 WORKDIR /app
 COPY . .
 RUN eval "$(luarocks --lua-version=5.1 path)"
 RUN luarocks --lua-version=5.1 build --only-deps
 EXPOSE 8080
 RUN chmod +x /app/start.sh
 ENTRYPOINT ["/app/start.sh", "production"]
--- a/README.md
+++ b/README.md
@ -6,43 +6,34 @@ Released under [CNPLv7+](https://thufie.lain.haus/NPL.html).
 Please read the [full terms](./LICENSE.md) for proper wording.
 # installing & first time setup
-## docker
+1. first, install OpenResty. instructions for linux can be found [here](https://openresty.org/en/linux-packages.html).
-```bash
+2. then, install LuaJIT and Lua 5.1 (usually called `lua5.1` in package managers)
-$ docker compose up
+3. then, install [LuaRocks](https://luarocks.org) (prefer your package manager instead of a local install recommended by the guide)
-```
+4. add luarocks search dirs to path:
 - opens port 8080
 - exposes `data/db` and `data/avatars` as volumes for data backup and persistence
 - exposes `secrets/` as a volume so that the script won't try to perform first time setup again
 ## manual
 1. install:
   - OpenResty. instructions for linux can be found [here](https://openresty.org/en/linux-packages.html)
   - LuaJIT and Lua 5.1 (usually called `lua5.1` in package managers)
   - openssl (-dev)
   - sqlite (-dev)
   - libsodium (-dev)
   - imagemagick (-dev)
   - [LuaRocks](https://luarocks.org) (either through the guide's instructions or your package manager, whichever is newer)
 2. add luarocks search dirs to path:
 ```bash
  # in .bashrc (or other shell equivalent)
  eval "$(luarocks --lua-version 5.1 path)"
 ```
-3. clone repo
+5. clone repo
-4. install the lua dependencies:
+6. install the dependencies:
 ```bash
 $ luarocks --local --lua-version 5.1 build --only-deps
 ```
-5. run:
+7. create a file named `secrets.lua` in the project directory.  
 use the `secrets.lua.example` file as reference, and generate a cryptographically secure random key, for example, with:
 ```bash
-$ start.sh production # or 'development' or empty string
+$ openssl rand -hex 32
 ```
 8. run:
 ```bash
 $ start.sh production
 ```
 the script will perform some necessary first time setup (and create a hidden file in the folder to ensure it won't do so again). it will create an administrator account and print the credentials to the console; **this will only happen once**. make sure you save them somewhere. the administrator account is the only one that can promote other users to moderator.  
-(note the `production` argument. if called with no arguments, `start.sh` will run in a development environment, which uses a separate database and shows more debug information.)
+(note the `production` argument. if called with no arguments, `start.sh` will run in a development environment, which uses a separate database.)
 this app is made with the assumption that it is being reverse-proxied. as such, you may want to change the port to something other than the default `8080`. you can do that in [`config.lua`]([./config.lua]).
--- a/app.lua
+++ b/app.lua
@ -21,9 +21,6 @@ local function inject_methods(req)
    return util.ntob(v)
  end
  req.PermissionLevelString = constants.PermissionLevelString
  req.infobox_message = function (_, s)
    return util.infobox_message(s)
  end
  util.pop_infobox(req)
 end
--- a/apps/mod.lua
+++ b/apps/mod.lua
@ -1,46 +1,23 @@
 local app = require("lapis").Application()
 local db = require("lapis.db")
 local util = require("util")
 local models = require("models")
 local Users = models.Users
-- everything here requires a logged in moderator
+app:get("user_list", "/list", function(self)
 app:before_filter(function(self)
  self.me = util.get_logged_in_user(self)
  if not self.me then
-    self:write{redirect_to = self:url_for("all_topics")}
+    return {redirect_to = self:url_for("all_topics")}
    return
  end
-
+  
  if not self.me:is_mod() then
-    self:write{redirect_to = self:url_for("all_topics")}
+    return {redirect_to = self:url_for("all_topics")}
    return
  end
-end)
+  
 app:get("user_list", "/list", function(self)
  self.users = Users:select("")
-
+  
  return {render = "mod.user-list"}
 end)
 app:get("sort_topics", "/sort-topics", function(self)
  self.topics = db.query("SELECT * FROM topics ORDER BY sort_order ASC")
  self.page_title = "sorting topics"
  return {render = "mod.sort-topics"}
 end)
 app:post("sort_topics", "/sort-topics", function(self)
  local updates = self.params
  db.query("BEGIN")
  for topic_id, new_order in pairs(updates) do
    db.update("topics", {sort_order = new_order}, {id = topic_id})
  end
  db.query("COMMIT")
  return {redirect_to = self:url_for("sort_topics")}
 end)
 return app
--- a/apps/threads.lua
+++ b/apps/threads.lua
@ -35,10 +35,7 @@ app:post("thread_create", "/create", function(self)
  end
  local topic = Topics:find(self.params.topic_id)
  if not topic then
-    return {redirect_to = self:url_for("all_topics")}
+    return {redirect_to = self:url_for("topics")}
  end
  if util.is_topic_locked(topic) and not user:is_mod() then
    return {redirect_to = self:url_for("all_topics")}
  end
  local title = lapis_util.trim(self.params.title)
@ -57,7 +54,7 @@ app:post("thread_create", "/create", function(self)
  local post = util.create_post(thread.id, user.id, post_content)
  if not post then
-    return {redirect_to = self:url_for("all_topics")}
+    return {redirect_to = self:url_for("topics")}
  end
  return {redirect_to = self:url_for("thread", {slug = slug})}
--- a/apps/users.lua
+++ b/apps/users.lua
@ -5,7 +5,7 @@ local constants = require("constants")
 local util = require("util")
-local auth = require("lib.auth")
+local bcrypt = require("bcrypt")
 local rand = require("openssl.rand")
 local models = require("models")
@ -14,7 +14,7 @@ local Sessions = models.Sessions
 local Avatars = models.Avatars
 local function authenticate_user(user, password)
-  return auth.verify(password, user.password_hash)
+  return bcrypt.verify(password, user.password_hash)
 end
 local function create_session_key()
@ -321,7 +321,7 @@ app:post("user_signup", "/signup", function(self)
  local new_user = Users:create({
    username = username,
-    password_hash = auth.digest(password),
+    password_hash = bcrypt.digest(password, constants.BCRYPT_ROUNDS),
    permission = constants.PermissionLevel.GUEST,
  })
--- a/config.lua
+++ b/config.lua
@ -1,5 +1,5 @@
 local config = require("lapis.config")
-local secrets = require("secrets.secrets")
+local secrets = require("secrets")
 config({"development", "production"}, {
  port = 8080,
@ -7,7 +7,7 @@ config({"development", "production"}, {
  code_cache = "off",
  num_workers = "1",
  sqlite = {
-    database = "data/db/db.dev.sqlite"
+    database = "db.dev.sqlite"
  },
  secret = "SUPER SECRET",
  session_name = "porom_session",
@ -20,7 +20,7 @@ config("production", {
  },
  secret = secrets.key,
  sqlite = {
-    database = "data/db/db.prod.sqlite"
+    database = "db.prod.sqlite"
  },
  session_name = "porom_session_s"
 })
--- a/create_default_accounts.lua
+++ b/create_default_accounts.lua
@ -1,4 +1,4 @@
-local auth = require("lib.auth")
+local bcrypt = require("bcrypt")
 local models = require("models")
 local constants = require("constants")
@ -23,14 +23,13 @@ local function create_admin()
    return
  end
  math.randomseed(os.time())
  local password = ""
  for _ = 1, 16 do
    local randi = math.random(#alphabet)
    password = password .. alphabet:sub(randi, randi)
  end
-  local hash = auth.digest(password)
+  local hash = bcrypt.digest(password, constants.BCRYPT_ROUNDS)
  models.Users:create({
    username = username,
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@ -0,0 +1,13 @@
 # Generate a random secret key
 # export PROD_SECRET_KEY=$(openssl rand -hex 32)
 # Start the container
 # docker-compose up
 version: "3"
 services:
  porom:
    build: 
      context: .
      args:
        - PROD_SECRET_KEY=${PROD_SECRET_KEY}
    ports: 
      - "8080:8080"
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -1,10 +0,0 @@
 services:
  porom:
    build:
      context: .
    ports:
      - "8080:8080"
    volumes:
      - ./data/static:/app/data/static
      - ./data/db:/app/data/db
      - ./secrets:/app/secrets
--- a/36
+++ b/36
@ -0,0 +1,36 @@
 # HOW TO:
 #
 # Generate a random secret key & build the Docker image
 # ```sh
 # SECRET_KEY=$(openssl rand -hex 32) docker build --build-arg PROD_SECRET_KEY="$SECRET_KEY" -t porom:latest .
 # ```
 #
 # Then run the container
 # ```sh
 # docker run -d -p 8080:8080 --name porom porom:latest
 # ```
 #
 FROM openresty/openresty:alpine-fat
 COPY ./nginx.conf /usr/local/openresty/nginx/conf/nginx.conf
 COPY . /usr/local/openresty/nginx/html
 WORKDIR /usr/local/openresty/nginx/html
 RUN apk add --no-cache \ 
    make \
    git \
    make \
    gcc \
    g++ \
    musl-dev \
    libffi-dev \
    openssl-dev \
    sqlite-dev \
    imagemagick-dev \
    lua5.1 \
    lua5.1-dev
 RUN eval "$(luarocks --lua-version 5.1 path)"
 RUN luarocks --lua-version 5.1 build --only-deps
 ARG PROD_SECRET_KEY
 RUN echo "return { key = \"${PROD_SECRET_KEY}\",}" > /usr/local/openresty/nginx/html/secrets.lua
 EXPOSE 8080
 RUN chmod +x /usr/local/openresty/nginx/html/start.sh
 ENTRYPOINT ["/usr/local/openresty/nginx/html/start.sh", "production"]
--- a/js/sort-topics.js
+++ b/js/sort-topics.js
@ -1,45 +0,0 @@
 // https://codepen.io/crouchingtigerhiddenadam/pen/qKXgap
 let selected = null;
 let container = document.getElementById("topics-container")
 function isBefore(el1, el2) {
  let cur
  if (el2.parentNode === el1.parentNode) {
    for (cur = el1.previousSibling; cur; cur = cur.previousSibling) {
      if (cur === el2) return true
    }
  }
  return false;
 }
 function dragOver(e) {
  let target = e.target.closest(".draggable-topic")
  if (!target || target === selected) {
    return;
  }
  if (isBefore(selected, target)) {
    container.insertBefore(selected, target)
  } else {
    container.insertBefore(selected, target.nextSibling)
  }
 }
 function dragEnd() {
  if (!selected) return;
  selected.classList.remove("dragged")
  selected = null;
  for (let i = 0; i < container.childElementCount - 1; i++) {
    let input = container.children[i].querySelector(".topic-input");
    input.value = i + 1;
  }
 }
 function dragStart(e) {
  e.dataTransfer.effectAllowed = 'move'
  e.dataTransfer.setData('text/plain', null)
  selected = e.target
  selected.classList.add("dragged")
 }
--- a/lib/auth.lua
+++ b/lib/auth.lua
@ -1,16 +0,0 @@
 local auth = {}
 local ls = require "luasodium"
 function auth.digest(password)
  return ls.crypto_pwhash_str(
    password,
    ls.crypto_pwhash_OPSLIMIT_INTERACTIVE,
    ls.crypto_pwhash_MEMLIMIT_INTERACTIVE)
 end
 function auth.verify(password, hash)
  return ls.crypto_pwhash_str_verify(hash, password)
 end
 return auth
--- a/nginx.conf
+++ b/nginx.conf
@ -26,20 +26,16 @@ http {
    }
    location /static/ {
-      alias data/static/;
+      alias static/;
    }
    location /favicon.ico {
-      alias data/static/favicon.ico;
+      alias static/favicon.ico;
    }
    location /avatars {
-      alias data/static/avatars;
+      alias static/avatars;
      expires 1y;
    }
    location /static/js/ {
      alias js/;
    }
  }
 }
--- a/porom-dev-1.rockspec
+++ b/porom-dev-1.rockspec
@ -16,7 +16,7 @@ dependencies = {
  "lapis == 1.16.0",
  "lsqlite3",
  "magick",
-  "luasodium",
+  "bcrypt",
  "luaossl",
 }
--- a/sass/style.scss
+++ b/sass/style.scss
@ -366,18 +366,3 @@ input[type="text"], input[type="password"], textarea, select {
  grid-area: topic-locked-container;
  border: 2px outset $light;
 }
 .draggable-topic {
  cursor: pointer;
  user-select: none;
  background-color: $accent_color;
  padding: 20px;
  margin: 12px 0;
  border-top: 6px outset $light;
  border-bottom: 6px outset $dark2;
  &.dragged {
    background-color: $button_color;
  }
 }
--- a/secrets/secrets.lua.example
+++ b/secrets/secrets.lua.example
--- a/start.sh
+++ b/start.sh
@ -1,23 +1,15 @@
 #!/bin/bash
 set -e
 start() {
  lapis serve
 }
 first_launch() {
  echo "Setting up for the first time"
-  mkdir -p secrets
+  touch ".first_launch.$LAPIS_ENVIRONMENT"
-  local SECRET
+  lua5.1 schema.lua
  SECRET="$(openssl rand -hex 32)"
  echo "return { key = \"${SECRET}\",}" > secrets/secrets.lua
  touch "secrets/.touched.$LAPIS_ENVIRONMENT"
  mkdir -p data/db
  luajit schema.lua
  chmod -R a+rw data
  lapis migrate
-  luajit create_default_accounts.lua
+  lua5.1 create_default_accounts.lua
 }
 if [[ $# -ne 1 ]]; then
@ -29,7 +21,7 @@ fi
 echo "Starting in $LAPIS_ENVIRONMENT"
-if ! [ -f "secrets/.touched.$LAPIS_ENVIRONMENT" ]; then
+if ! [ -f ".first_launch.$LAPIS_ENVIRONMENT" ]; then
  first_launch
 fi
--- a/data/static/avatars/default.webp
+++ b/data/static/avatars/default.webp
--- a/data/static/style.css
+++ b/data/static/style.css
@ -364,16 +364,3 @@ input[type=text]:focus, input[type=password]:focus, textarea:focus, select:focus
  grid-area: topic-locked-container;
  border: 2px outset rgb(217.26, 220.38, 213.42);
 }
 .draggable-topic {
  cursor: pointer;
  user-select: none;
  background-color: #c1ceb1;
  padding: 20px;
  margin: 12px 0;
  border-top: 6px outset rgb(217.26, 220.38, 213.42);
  border-bottom: 6px outset rgb(135.1928346457, 145.0974015748, 123.0025984252);
 }
 .draggable-topic.dragged {
  background-color: rgb(177, 206, 204.5);
 }
--- a/util.lua
+++ b/util.lua
@ -3,7 +3,6 @@ local magick = require("magick")
 local db = require("lapis.db")
 local html_escape = require("lapis.html").escape
 local constants   = require("constants")
 local string_trim = require("lapis.util").trim
 local Avatars = require("models").Avatars
 local Users = require("models").Users
@ -34,131 +33,10 @@ util.TransientUser = {
  username = "Deleted User",
 }
 -- PURE API
 function util.get_user_avatar_url(req, user)
  return Avatars:find(user.avatar_id).file_path
 end
 ---split a string
 ---@param s string subject
 ---@param delimiter string? string to split by, can be empty to split by character
 ---@param max_matches integer? the maximum number of returned elements
 ---@param trim boolean? whether to trim whitespace off matches
 ---@param allow_empty boolean? should empty matches be in the resulting table
 ---@return string[]
 function util.s_split(s, delimiter, max_matches, trim, allow_empty)
  local result = {}
  if s == "" then
    return result
  end
  trim = trim == nil and true or trim
  local tr = function(subj)
    if trim then return string_trim(subj) else return subj end
  end
  max_matches = max_matches or -1
  allow_empty = allow_empty == nil and true or allow_empty
  if delimiter == "" then
    for i=1, #s do
      local c = s:sub(i, 1)
      if allow_empty or c ~= "" then
        table.insert(result, c)
        if max_matches > 0 and #result == max_matches then
          break
        end
      end
    end
    return result
  end
  local current_pos = 1
  local delim_len = #delimiter
  while true do
    if max_matches > 0 and #result >= max_matches then
      break
    end
 ---@diagnostic disable-next-line: param-type-mismatch
    local start_pos, end_pos = s:find(delimiter, current_pos, true)
    if not start_pos then
      break
    end
    local substr = s:sub(current_pos, start_pos - 1)
    if allow_empty or substr ~= "" then
      table.insert(result, tr(substr))
    end
    current_pos = end_pos + 1
  end
  local substr = s:sub(current_pos)
  if allow_empty or substr ~= "" then
    table.insert(result, tr(substr))
  end
  return result
 end
 function util.split_sentences(sentences, max_sentences)
  return util.s_split(sentences, ".", max_sentences or 2, true, false)
 end
 function util.infobox_message(msg)
  local sentences = util.split_sentences(msg)
  if #sentences == 1 then
    return "<b>" .. sentences[1] .. ". " .. "</b>"
  end
  return "<span><b>" .. sentences[1] .. ". " .. "</b> " .. sentences[2] .. ".</span>"
 end
 function util.get_logged_in_user(req)
  if req.session.session_key == nil then
    return nil
  end
  local session = db.select('* FROM "sessions" WHERE "key" = ? AND "expires_at" > "?" LIMIT 1', req.session.session_key, os.time())
  if #session > 0 then
    return Users:find({id = session[1].user_id})
  end
  return nil
 end
 function util.get_logged_in_user_or_transient(req)
  return util.get_logged_in_user(req) or util.TransientUser
 end
 function util.ntob(v)
  return v ~= 0
 end
 function util.bton(b)
  return 1 and b or 0
 end
 function util.stob(s)
  if s == "true" then
    return true
  end
  if s == "false" then
    return false
  end
 end
 function util.form_bool_to_sqlite(s)
  return util.bton(util.stob(s))
 end
 function util.is_thread_locked(thread)
  return util.ntob(thread.is_locked)
 end
 function util.is_topic_locked(topic)
  return util.ntob(topic.is_locked)
 end
 -- OTHER API
 function util.validate_and_create_image(input_image, filename)
  local img = magick.load_image_from_blob(input_image)
@ -214,6 +92,48 @@ function util.destroy_avatar(avatar_id)
  end
 end
 function util.get_logged_in_user(req)
  if req.session.session_key == nil then
    return nil
  end
  local session = db.select('* FROM "sessions" WHERE "key" = ? AND "expires_at" > "?" LIMIT 1', req.session.session_key, os.time())
  if #session > 0 then
    return Users:find({id = session[1].user_id})
  end
  return nil
 end
 function util.get_logged_in_user_or_transient(req)
  return util.get_logged_in_user(req) or util.TransientUser
 end
 function util.ntob(v)
  return v ~= 0
 end
 function util.bton(b)
  return 1 and b or 0
 end
 function util.stob(s)
  if s == "true" then
    return true
  end
  if s == "false" then
    return false
  end
 end
 function util.form_bool_to_sqlite(s)
  return util.bton(util.stob(s))
 end
 function util.is_thread_locked(thread)
  return util.ntob(thread.is_locked)
 end
 function util.create_post(thread_id, user_id, content)
  db.query("BEGIN")
  local post = Posts:create({
--- a/views/base.etlua
+++ b/views/base.etlua
@ -8,7 +8,7 @@
    <title>Porom</title>
  <% end %>
  <% math.randomseed(os.time()) %>
-  <link rel="stylesheet" href="<%= "/static/style.css?v=" .. math.random(1, 100) %>">
+  <link rel="stylesheet" href="<%= "/static/style.css?" .. math.random(1, 100) %>">
 </head>
 <body>
  <% render("views.common.topnav") -%>
--- a/views/common/infobox.etlua
+++ b/views/common/infobox.etlua
@ -1,7 +1,6 @@
 <%
  local class = "infobox " .. constants.InfoboxHTMLClass[kind]
  local icon = constants.InfoboxIcons[kind]
  local sentences = infobox_message(msg)
 %>
 <div class="<%= class %>">
@ -9,6 +8,6 @@
  <div class="infobox-icon-container">
  <% render(icon) %>
  </div>
-    <%- sentences %>
+    <%= msg %>
  </span>
 </div>
--- a/views/mod/sort-topics.etlua
+++ b/views/mod/sort-topics.etlua
@ -1,19 +0,0 @@
 <div class="darkbg settings-container">
  <% if infobox then %>
    <% render("views.common.infobox", infobox) %>
  <% end %>
  <h1>Change topics order</h1>
  <p>Drag topic titles to reoder them. Press submit when done. The topics will appear to users in the order set here.</p>
    <form method="post" id=topics-container>
      <% for _, topic in ipairs(topics) do %>
        <div draggable="true" class="draggable-topic" ondragover="dragOver(event)" ondragstart="dragStart(event)" ondragend="dragEnd()">
          <div class="thread-title"><%= topic.name %></div>
          <div><%= topic.description %></div>
          <input type="hidden" name="<%= topic.id %>" value="<%= topic.sort_order %>" class="topic-input">
        </div>
      <% end %>
      <input type=submit value="Save order">
    </form>
 </div>
 <script src="/static/js/sort-topics.js"></script>
--- a/views/topics/topic.etlua
+++ b/views/topics/topic.etlua
@ -2,8 +2,6 @@
  <% render("views.common.infobox", infobox) %>
 <% end %>
 <% local is_locked = ntob(topic.is_locked) %>
 <nav class="darkbg">
  <h1 class="thread-title">All threads in "<%= topic.name %>"</h1>
  <span><%= topic.description %></span>
@ -14,27 +12,25 @@
    <p>Your account is still pending confirmation by a moderator. You are not able to create a new thread or post at this time.</p>
  <% elseif thread_create_error == ThreadCreateError.LOGGED_OUT then %>
    <p>Only logged in users can create threads. <a href="<%= url_for("user_signup") %>">Sign up</a> or <a href="<%= url_for("user_login")%>">log in</a> to create a thread.</p>
  <% else %>
    <p>This topic is locked.</p>
  <% end %>
  <% if me:is_mod() then %>
    <a class="linkbutton" href="<%= url_for("topic_edit", {slug = topic.slug}) %>">Edit topic</a>
    <form class="modform" method="post" action="<%= url_for("topic_edit", {slug = topic.slug}) %>">
-      <input type="hidden" name="is_locked" value="<%= not is_locked %>">
+      <input type="hidden" name="is_locked" value="<%= not ntob(topic.is_locked) %>">
-      <input class="warn" type="submit" id="lock" value="<%= is_locked and "Unlock topic" or "Lock topic" %>">
+      <input class="warn" type="submit" id="lock" value="<%= ntob(topic.is_locked) and "Unlock topic" or "Lock topic" %>">
    </form>
  <% end %>
  </div>
 </nav>
 <% if is_locked then -%>
  <% render("views.common.infobox", {kind = constants.InfoboxKind.LOCK, msg = "This topic is locked. Only moderators can create new threads."}) %>
 <% end -%>
 <% if #threads_list == 0 then %>
  <p>There are no threads in this topic.</p>
 <% else %>
  <% for _, thread in ipairs(threads_list) do %>
    <% local is_stickied = ntob(thread.is_stickied) %>
-    <% local thread_is_locked = ntob(thread.is_locked) %>
+    <% local is_locked = ntob(thread.is_locked) %>
    <div class="thread">
      <div class="thread-sticky-container contain-svg">
        <% if is_stickied then -%>
@ -58,7 +54,7 @@
        </span>
      </div>
      <div class="thread-locked-container contain-svg">
-        <% if thread_is_locked then -%>
+        <% if is_locked then -%>
          <% render("svg-icons.lock") %>
          <i>Locked</i>
        <% end -%>
--- a/views/topics/topics.etlua
+++ b/views/topics/topics.etlua
@ -2,7 +2,6 @@
  <h1 class="thread-title">All topics</h1>
  <% if me:is_mod() then %>
    <a class="linkbutton" href="<%= url_for("topic_create") %>">Create new topic</a>
    <a class="linkbutton" href="<%= url_for("sort_topics") %>">Sort topics</a>
  <% end %>
 </nav>
@ -13,7 +12,7 @@
    <% local is_locked = ntob(topic.is_locked) %>
    <div class="topic">
      <div class="topic-info-container">
-        <a class="thread-title" href=<%= url_for("topic", {slug = topic.slug}) %>><%= topic.name %></a>
+        <a href=<%= url_for("topic", {slug = topic.slug}) %>><%= topic.name %></a>
        <%= topic.description %>
        <% if topic.latest_thread_username then %>
        <span>
--- a/views/user/user.etlua
+++ b/views/user/user.etlua
@ -1,5 +1,5 @@
 <% if infobox then %>
-  <% render("views.common.infobox", infobox) %>
+  <% render("views.common.infobox", pop_infobox) %>
 <% end %>
 <div class="darkbg">
  <h1 class="thread-title">Latest posts by <i><%= user.username %></i></h1>