mirrors/smartrelease
1
0
Fork 0
mirror of https://github.com/bytedream/smartrelease.git synced 2025-05-09 20:25:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add custom hosts and https only mode

Browse Source
This commit is contained in:
bytedream 2022-05-04 17:03:32 +02:00
parent 1a29eefb70
commit defda719f4
3 changed files with 82 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.example.env
View File

@ -3,3 +3,6 @@ PORT = 8080
ENABLE_REGEX=false ENABLE_REGEX=false
MAX_PATTER_LEN=70 MAX_PATTER_LEN=70
HTTPS_ONLY=true
ENABLE_CUSTOM_HOSTS=false

14
README.md
View File

@ -191,6 +191,20 @@ Default is `false`.
Limits the maximal length the pattern can have. Limits the maximal length the pattern can have.
Default is `70`. Default is `70`.
### `HTTPS_ONLY`
If requests should always be made with https connections. Default is `true`.
### `ENABLE_CUSTOM_HOSTS`
If custom hosted instances of git servers should be supported too. Default is `false`.
The url scheme of using a custom git server follows this:
<pre>
<code>https://example.com/custom/:host/<a href="#platform">:platform</a>/<a href="#owner">:owner</a>/<a href="#repository">:repository</a>/<a href="#pattern">:pattern</a></code>
</pre>
**:host** is the url of the custom git server host. Subpaths are currently not supported.
## Warnings ## Warnings
It is recommended to limit the pattern length with [`MAX_PATTER_LEN`](#max_patter_len) if [`ENABLE_REGEX`](#enable_regex) is enabled since a too long pattern which is too complex could lead to an, wanted or unwanted, [ReDoS](https://en.wikipedia.org/wiki/ReDoS) attack. It is recommended to limit the pattern length with [`MAX_PATTER_LEN`](#max_patter_len) if [`ENABLE_REGEX`](#enable_regex) is enabled since a too long pattern which is too complex could lead to an, wanted or unwanted, [ReDoS](https://en.wikipedia.org/wiki/ReDoS) attack.

93
src/main.rs
View File

@ -5,7 +5,7 @@ use std::str::FromStr;
use std::time::Duration; use std::time::Duration;
use actix_web::{App, dev, Error, get, http, HttpRequest, HttpResponse, HttpServer, Result, web}; use actix_web::{App, dev, Error, get, http, HttpRequest, HttpResponse, HttpServer, Result, web};
use actix_web::client::{Client, Connector}; use actix_web::client::{Client, Connector};
use actix_web::error::{ErrorInternalServerError, ErrorNotFound, ErrorUriTooLong}; use actix_web::error::{ErrorBadRequest, ErrorInternalServerError, ErrorNotFound, ErrorUriTooLong};
use actix_web::middleware::errhandlers::{ErrorHandlerResponse, ErrorHandlers}; use actix_web::middleware::errhandlers::{ErrorHandlerResponse, ErrorHandlers};
use dotenv::dotenv; use dotenv::dotenv;
use lazy_static::lazy_static; use lazy_static::lazy_static;
@ -15,13 +15,15 @@ use regex::{escape, Regex};
use serde::Deserialize; use serde::Deserialize;
lazy_static! { lazy_static! {
pub static ref ENABLE_REGEX: bool = env_lookup::<bool>("ENABLE_REGEX", false).unwrap(); static ref ENABLE_REGEX: bool = env_lookup("ENABLE_REGEX", false);
pub static ref MAX_PATTERN_LEN: i32 = env_lookup::<i32>("MAX_PATTER_LEN", 70).unwrap(); static ref MAX_PATTERN_LEN: i32 = env_lookup("MAX_PATTER_LEN", 70);
pub static ref TAG_PATTERN: Regex = Regex::new(r"(?P<major>\d+)([.-_](?P<minor>\d+)([.-_](?P<patch>\d+))?([.-_]?(?P<pre>[\w\d]+))?)?").unwrap(); static ref ENABLE_CUSTOM_HOSTS: bool = env_lookup("ENABLE_CUSTOM_HOSTS", false);
pub static ref REPLACE_PATTERN: Regex = Regex::new(r"\{\w*?}").unwrap();
pub static ref USER_AGENT: String = format!("smartrelease/{}", env_lookup::<String>("CARGO_PKG_VERSION", "".to_string()).unwrap()); static ref TAG_PATTERN: Regex = Regex::new(r"(?P<major>\d+)([.-_](?P<minor>\d+)([.-_](?P<patch>\d+))?([.-_]?(?P<pre>[\w\d]+))?)?").unwrap();
static ref REPLACE_PATTERN: Regex = Regex::new(r"\{\w*?}").unwrap();
static ref USER_AGENT: String = format!("smartrelease/{}", env_lookup::<String>("CARGO_PKG_VERSION", "".to_string()));
} }
#[derive(Deserialize)] #[derive(Deserialize)]
@ -58,19 +60,7 @@ async fn github(
web::Path((user, repo, pattern)): web::Path<(String, String, String)>, web::Path((user, repo, pattern)): web::Path<(String, String, String)>,
query: web::Query<Query> query: web::Query<Query>
) -> Result<HttpResponse> { ) -> Result<HttpResponse> {
if let Some(err) = pre_check(&pattern) { request_github(user.as_str(), repo.as_str(), pattern.as_str(), query).await
return Err(err)
}
let mut res = client()
.get(format!("https://api.github.com/repos/{}/{}/releases/latest", user, repo))
.header("Accept", "application/vnd.github.v3+json")
.header("User-Agent", USER_AGENT.as_str())
.send()
.await?;
let mut github = res.json::<GitHub>().await?;
process(&pattern, &mut github.assets, query.into_inner(), &github.tag_name)
} }
#[derive(Deserialize)] #[derive(Deserialize)]
@ -84,15 +74,54 @@ async fn gitea(
web::Path((user, repo, pattern)): web::Path<(String, String, String)>, web::Path((user, repo, pattern)): web::Path<(String, String, String)>,
query: web::Query<Query> query: web::Query<Query>
) -> Result<HttpResponse> { ) -> Result<HttpResponse> {
request_gitea("gitea.com", user.as_str(), repo.as_str(), pattern.as_str(), query).await
}
#[get("/custom/{host}/{platform}/{user}/{repo}/{pattern}")]
async fn custom(
web::Path((host, platform, user, repo, pattern)): web::Path<(String, String, String, String, String)>,
query: web::Query<Query>
) -> Result<HttpResponse> {
if *ENABLE_CUSTOM_HOSTS {
match platform.as_str() {
"gitea" => request_gitea(host.as_str(), user.as_str(), repo.as_str(), pattern.as_str(), query).await,
_ => Err(ErrorBadRequest("Invalid host"))
}
} else {
Err(ErrorNotFound("Custom hosts are disabled"))
}
}
async fn request_github(user: &str, repo: &str, pattern: &str, query: web::Query<Query>) -> Result<HttpResponse> {
if let Some(err) = pre_check(pattern) {
return Err(err)
}
let mut res = client() let mut res = client()
.get(format!("https://gitea.com/api/v1/repos/{}/{}/releases?limit=1", user, repo)) .get(format!("https://api.github.com/repos/{}/{}/releases/latest", user, repo))
.header("Accept", "application/vnd.github.v3+json")
.header("User-Agent", USER_AGENT.as_str())
.send()
.await?;
let mut result = res.json::<GitHub>().await?;
process(&pattern, &mut result.assets, query.into_inner(), &result.tag_name)
}
async fn request_gitea(host: &str, user: &str, repo: &str, pattern: &str, query: web::Query<Query>) -> Result<HttpResponse> {
if let Some(err) = pre_check(pattern) {
return Err(err)
}
let mut res = client()
.get(format!("{}://{}/api/v1/repos/{}/{}/releases?limit=1", if env_lookup("HTTPS_ONLY", true) { "HTTPS" } else { "HTTP" }, host, user, repo))
.header(http::header::CONTENT_TYPE, "application/json") .header(http::header::CONTENT_TYPE, "application/json")
.header(http::header::USER_AGENT, USER_AGENT.as_str()) .header(http::header::USER_AGENT, USER_AGENT.as_str())
.send() .send()
.await?; .await?;
let mut gitea = res.json::<[Gitea; 1]>().await?; let mut result = res.json::<[Gitea; 1]>().await?;
return process(&pattern, &mut gitea[0].assets, query.into_inner(), &gitea[0].tag_name) return process(pattern, &mut result[0].assets, query.into_inner(), &result[0].tag_name )
} }
fn redirect_error<B>(res: dev::ServiceResponse<B>) -> Result<ErrorHandlerResponse<B>> { fn redirect_error<B>(res: dev::ServiceResponse<B>) -> Result<ErrorHandlerResponse<B>> {
@ -102,8 +131,6 @@ fn redirect_error<B>(res: dev::ServiceResponse<B>) -> Result<ErrorHandlerRespons
let split_path: Vec<&str> = res.request().uri().path().split("/").collect(); let split_path: Vec<&str> = res.request().uri().path().split("/").collect();
info!("{} {}: got {} ({})", info!("{} {}: got {} ({})",
ip(res.request()), ip(res.request()),
res.request().path(), res.request().path(),
@ -147,11 +174,12 @@ fn client() -> Client {
.finish(); .finish();
} }
fn env_lookup<F: FromStr>(name: &str, default: F) -> std::result::Result<F, F::Err> { fn env_lookup<F: FromStr>(name: &str, default: F) -> F {
if let Ok(envvar) = env::var(name) { if let Ok(envvar) = env::var(name) {
return envvar.parse::<F>(); envvar.parse::<F>().unwrap_or(default)
} else {
default
} }
Ok(default)
} }
fn ip(request: &HttpRequest) -> String { fn ip(request: &HttpRequest) -> String {
@ -160,15 +188,15 @@ fn ip(request: &HttpRequest) -> String {
.rsplit_once(":").unwrap().0.to_string() .rsplit_once(":").unwrap().0.to_string()
} }
fn pre_check(pattern: &String) -> Option<Error> { fn pre_check(pattern: &str) -> Option<Error> {
// if MAX_PATTERN_LEN is -1 or below the len checking is disabled // if MAX_PATTERN_LEN is -1 or below the len checking is disabled
if *MAX_PATTERN_LEN > -1 && REPLACE_PATTERN.replace_all(pattern.as_str(), "").len() > *MAX_PATTERN_LEN as usize { if *MAX_PATTERN_LEN > -1 && REPLACE_PATTERN.replace_all(pattern, "").len() > *MAX_PATTERN_LEN as usize {
return Some(ErrorUriTooLong(format!("Pattern / last url path must not exceed {} characters", *MAX_PATTERN_LEN))) return Some(ErrorUriTooLong(format!("Pattern / last url path must not exceed {} characters", *MAX_PATTERN_LEN)))
} }
None None
} }
fn process(pattern: &String, assets: &mut Vec<Assets>, query: Query, tag_name: &String) -> Result<HttpResponse> { fn process(pattern: &str, assets: &mut Vec<Assets>, query: Query, tag_name: &String) -> Result<HttpResponse> {
let re: Regex; let re: Regex;
let mut replaced = replace( let mut replaced = replace(
pattern.to_string(), pattern.to_string(),
@ -253,13 +281,14 @@ async fn main() -> io::Result<()> {
.filter_level(Info) .filter_level(Info)
.init(); .init();
let host = env_lookup::<String>("HOST", "0.0.0.0".to_string()).unwrap(); let host = env_lookup::<String>("HOST", "0.0.0.0".to_string());
let port = env_lookup::<i16>("PORT", 8080).unwrap(); let port = env_lookup::<i16>("PORT", 8080);
let server = HttpServer::new(|| { let server = HttpServer::new(|| {
App::new() App::new()
.service(github) .service(github)
.service(gitea) .service(gitea)
.service(custom)
.service( .service(
web::resource("/").route(web::get().to(|| async { web::resource("/").route(web::get().to(|| async {
HttpResponse::Found() HttpResponse::Found()