remco/Atomcms-edit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
1db80e76fe89d1dacf82a0071aa87053e3486313
Atomcms-edit/README.md
T
root 1db80e76fe chore: clean up repo structure and polish docs 
- Rewrite .gitignore in English with proper patterns for build artifacts, storage files, and IDE files
- Remove tracked build assets (hash-based) and storage files from git
- Update LICENSE copyright to 2026 Remco (Epicnabbo)
- Fix clone URLs in README (remove placeholder gitea-server)
- Sync docs/INSTALL.md with README installation guide
2026-06-06 20:12:08 +02:00

12 KiB
Executable File
Raw Blame History

AtomCMS — Remco Epicnabbo Edition

Discord Laravel PHP License

A modern Habbo retro CMS powered by Laravel 13, Filament 5, React 19, and Nitro. Forked and maintained by Remco (Epicnabbo).

What's New in V3

Feature Description
Commandocentrum Central admin dashboard with Nitro, emulator & hotel monitoring
Nitro V3 Update System Auto-update emulator, Nitro client & renderer via CLI (Linux .env)
Configurable Paths 13 paths fully adjustable via .env (no database needed)
Emulator Control Start, stop, restart & check status from the admin panel
Live Monitoring Online users, emulator status, DB status, server load, diagnostics
Hotel Alerts Send messages to all online users in real-time
Emulator Log Viewer Live logs directly in the browser
Clothing Sync Sync catalog clothing from FigureMap with one click
Social Login OAuth login via Google, Discord & GitHub
Notification Settings Email & Discord webhook alerts with rank filtering
Staff Activity Log Full audit trail of all housekeeping actions
Bulletproof Installation 12-step guide for Ubuntu 26.04 with Redis, SSL, firewall & PHP tuning
PHP 8.5 + Ubuntu 26.04 Fully compatible with the latest PHP and Ubuntu LTS
Dual .env System Separate configs for Linux (Redis) and Windows (file-based)
XAMPP Blocked Explicitly unsupported — we prioritise security

Quick Start

git clone https://git.your-server.com/remco/Atomcms-edit.git /var/www/atomcms
cd /var/www/atomcms
cp .env.example.linux .env
php artisan key:generate
# Edit .env with your DB credentials, then:
composer install --no-dev --optimize-autoloader
php artisan migrate --seed
yarn install && yarn build:all

Full installation guidedocs/INSTALL.md or scroll down to Installation

Features

Module What it does
Commandocentrum Nitro V3 one-click updater, emulator start/stop/restart, hotel alerts, live monitoring, log viewer, clothing sync, social login (Google/Discord/GitHub)
Radio DJ apps, live sessions, song requests, shoutbox, leaderboard, contests
Shop Product catalog, virtual currency, vouchers, PayPal
Community Articles, photo gallery, leaderboard, teams, rare values, badge lottery
Users Public profiles, 2FA, referrals, session logs
Help Ticket system, FAQ, rules
Filament Admin Users, bans, radio, shop, articles, emulator settings/texts/catalog, chatlogs, word filters, permissions, navigation
Themes Atom (light) & Dusk (dark)

Nitro V3 Update (Linux-only)

⚠️ CLI only. The web UI button has been removed. The script is configured via .env variables.

What it does: git pull emulator → DB backup → SQL imports → Maven build → git pull Nitro_Render_V3 + Nitro-V3 → yarn build → sync Gamedata → cleanup → restart emulator.

Usage:

# Make sure .env contains all NITRO_* variables (see .env.example.linux)
cd /var/www/atomcms
bash update-Nitrov3.sh

Configurable via .env:

Variable Default Description
NITRO_EMULATOR_PATH /var/www/emulator Emulator root directory
NITRO_EMULATOR_SERVICE emulator Systemd service name
NITRO_DB_HOST 127.0.0.1 Database host
NITRO_DB_PORT 3306 Database port
NITRO_DB_NAME habbo Database name
NITRO_DB_USER root Database user
NITRO_DB_PASS Database password
NITRO_SQL_DIR {emulator}/Database Updates SQL updates directory
NITRO_BACKUP_DIR {emulator}/Database Updates/backups Backup directory
NITRO_GAMEDATA_DIR /var/www/Gamedata/config Gamedata config directory
NITRO_CLIENT_DIR {nitro}/public/configuration Nitro client config directory
NITRO_CLIENT_SRC /var/www/Nitro-V3 Nitro-V3 source directory
NITRO_RENDERER_SRC /var/www/Nitro_Render_V3 Nitro Render V3 source directory

Requirements

Component Version
PHP 8.5+
Database MariaDB 10.6+ or MySQL 8.0+
Web Server Nginx or Apache
Node.js 20+
Yarn 1.22+
Composer 2.x
Redis Recommended (Linux)

Environment Files

File Use Cache DB
docs/INSTALL.md Step-by-step setup guide
.env.example.linux Linux production Redis MariaDB
.env.example.windows Windows development File MySQL 
cp .env.example.linux .env
php artisan key:generate

⚠️ XAMPP is not supported. Extremely unsafe for production.

Installation (Ubuntu 26.04)

# 1. System dependencies
sudo apt update
sudo apt install -y git curl wget unzip nginx mariadb-server redis-server \
  php8.5 php8.5-{cli,fpm,mysql,xml,mbstring,curl,zip,bcmath,gd,sockets,intl} \
  build-essential

# 2. Composer
curl -sS https://getcomposer.org/installer | php
sudo mv composer.phar /usr/local/bin/composer

# 3. Node.js + Yarn
curl -fsSL https://deb.nodesource.com/setup_22.x | sudo -E bash -
sudo apt install -y nodejs
sudo corepack enable
corepack install -g yarn@latest

# 4. Secure MariaDB
sudo mysql -e "ALTER USER 'root'@'localhost' IDENTIFIED BY 'your_root_password'; FLUSH PRIVILEGES;"

# 5. Clone
git clone https://git.your-server.com/remco/Atomcms-edit.git /var/www/atomcms
cd /var/www/atomcms

# 6. Configure
cp .env.example.linux .env
# EDIT .env first: set DB_PASSWORD, APP_URL, SESSION_DOMAIN
nano .env
php artisan key:generate

# 7. Create database + user
sudo mysql -e "CREATE DATABASE IF NOT EXISTS habbo CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;"
sudo mysql -e "CREATE USER IF NOT EXISTS 'cms'@'localhost' IDENTIFIED BY 'your_db_password';"
sudo mysql -e "GRANT ALL ON habbo.* TO 'cms'@'localhost'; FLUSH PRIVILEGES;"

# 8. Install PHP & JS deps
composer install --no-dev --optimize-autoloader
yarn install

# 9. Migrate, seed & cache
php artisan migrate --seed
php artisan optimize
php artisan filament:optimize

# 10. Build frontend
yarn build:all

# 11. Permissions
sudo chown -R www-data:www-data storage bootstrap/cache public/build
sudo chmod -R 775 storage bootstrap/cache

# 12. Sudoers (for update-Nitrov3.sh — sudo chown + systemctl)
sudo tee /etc/sudoers.d/www-data << 'EOF'
www-data ALL=(ALL) NOPASSWD: /usr/bin/systemctl restart emulator
www-data ALL=(ALL) NOPASSWD: /usr/bin/systemctl status emulator
www-data ALL=(ALL) NOPASSWD: /usr/bin/chown -R www-data\:www-data /var/www/*
EOF
sudo chmod 440 /etc/sudoers.d/www-data

# 13. Start services
sudo systemctl enable --now redis-server

# 14. PHP tuning
sudo sed -i 's/upload_max_filesize = .*/upload_max_filesize = 64M/' /etc/php/8.5/fpm/php.ini
sudo sed -i 's/post_max_size = .*/post_max_size = 64M/' /etc/php/8.5/fpm/php.ini
sudo sed -i 's/memory_limit = .*/memory_limit = 256M/' /etc/php/8.5/fpm/php.ini
sudo sed -i 's/max_execution_time = .*/max_execution_time = 300/' /etc/php/8.5/fpm/php.ini

# 16. Restart & verify
sudo systemctl restart php8.5-fpm redis-server nginx
php artisan about  # should show green "Application" line

Nginx

server {
    listen 80;
    server_name your-domain.com;
    root /var/www/atomcms/public;
    index index.php;
    charset utf-8;

    add_header X-Frame-Options "SAMEORIGIN" always;
    add_header X-Content-Type-Options "nosniff" always;
    add_header Referrer-Policy "strict-origin-when-cross-origin" always;

    gzip on;
    gzip_types text/plain text/css application/json application/javascript text/xml image/svg+xml;
    gzip_vary on;

    location / { try_files $uri $uri/ /index.php?$query_string; }
    location ~ \.php$ {
        fastcgi_pass unix:/var/run/php/php8.5-fpm.sock;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }
    location ~ /\.(?!well-known).* { deny all; }
    location ~ /(\.env|\.git|composer\.(json|lock)) { deny all; }
}

sudo ln -sf /etc/nginx/sites-available/atomcms /etc/nginx/sites-enabled/
sudo nginx -t && sudo systemctl reload nginx
sudo systemctl restart php8.5-fpm redis-server
sudo ufw allow 80/tcp && sudo ufw allow 443/tcp && sudo ufw --force enable

SSL (recommended)

sudo apt install -y certbot python3-certbot-nginx
sudo certbot --nginx -d your-domain.com

Yarn Scripts

yarn build:all       # Build all themes
yarn build:atom      # Atom theme only
yarn build:dusk      # Dusk theme only
yarn dev             # Vite dev server
yarn lint            # Lint JS/Vue
yarn format          # Format code

Tech Stack

Laravel 13 · React 19 + Alpine.js · Vite 8 · TailwindCSS 4 · Filament 5 · MariaDB/MySQL · Redis

Security

AtomCMS is built with security as a priority. Below is what's in place and what you need to configure.

Already locked down

Measure Details
Mass assignment protection User model restricted to 21 fillable fields (sensitive fields like rank, credits, online require explicit forceFill)
API authentication Sanctum tokens, Bearer-only (no query-string API keys accepted)
PayPal credentials Loaded from env(), never hardcoded
CORS Must be explicitly set via CORS_ALLOWED_ORIGINS env (no wildcard default)
Debug mode APP_DEBUG=false by default
PHP debugging No dd(), dump(), or var_dump() in production code
Password flashing Exception handler excludes passwords from session flash
File uploads MIME validation (Laravel image rule + finfo on logos)
2FA Two-factor authentication available
SQL injection All queries use parameterized binding or Eloquent ORM
Command injection All exec()/shell_exec() calls use escapeshellarg() or hardcoded values
CSRF Sanctum CSRF protection on all stateful routes
Insecure deserialization No unserialize() calls exist

⚠️ You must configure

Item What to do
.env file Restrict file permissions (chmod 600 .env), ensure Nginx blocks access (already in the provided config)
CORS_ALLOWED_ORIGINS Set to your exact frontend domain(s) in .env (included in the example files)
Database password Use a strong, unique password (not your_db_password)
APP_KEY Run php artisan key:generate after cloning
Session domain Set SESSION_DOMAIN to your hotel domain in .env
SSL Required for production — use the Certbot instructions above
Admin accounts Only grant high-rank access to trusted users
Log retention Check LOG_MAX_FILES in .env (default 14 days)

🔒 Sudoers safety

The sudoers.d/www-data configuration grants passwordless systemctl and chown to www-data. This is safe by design:

  • Each command is pinned to a specific binary path (/usr/bin/systemctl, /usr/bin/chown)
  • chown is restricted to /var/www/*
  • No shell (/bin/sh, /bin/bash) is granted
  • No arbitrary binaries can be executed
  • In a worst-case web compromise, the attacker still cannot read /etc/shadow, install packages, or run arbitrary commands

Support

  • Discord: Join our server
  • Issues: Report bugs via the project issue tracker
  • Contributions: Fork & submit merge requests — all help is welcome!

Credits

Remco (Epicnabbo) — Core Maintainer · Kasja — Design & Themes · Kani — RCON & API · Atom Community — Testing & Feedback

Made with love for the Retro Community
Reference in New Issue View Git Blame Copy Permalink