Compare commits

...

4 Commits

Author SHA1 Message Date
4b4bc9792b feat: Only listen on http-port if we don't have ACME disabled
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
2024-02-04 13:41:29 +01:00
aaab500049 fix: Always add authorization if a token is provided 2024-02-04 13:40:34 +01:00
fbb80c622f fix: Fix wrong logging output 2024-02-04 13:34:37 +01:00
48b6585eba feat: Allow reading an access token 2024-02-04 13:26:48 +01:00
3 changed files with 58 additions and 14 deletions

View File

@ -147,6 +147,7 @@ func runServer(ctx *cli.Context) error {
defaultCsp := ctx.String("default-csp") defaultCsp := ctx.String("default-csp")
lokiUrl := ctx.String("loki-url") lokiUrl := ctx.String("loki-url")
metricsBotList := ctx.String("metrics-bot-list") metricsBotList := ctx.String("metrics-bot-list")
tokenFile := ctx.String("token-file")
// Init Logging // Init Logging
if ctx.Bool("debug") { if ctx.Bool("debug") {
@ -177,18 +178,28 @@ func runServer(ctx *cli.Context) error {
} }
} }
// If specified, read in an access token
token := ""
if tokenFile != "" {
t, err := readSecret(tokenFile)
if err != nil {
log.Warnf("Failed to read secret: %v", err)
}
token = t
}
// Setup the Gitea stuff // Setup the Gitea stuff
httpClient := http.Client{Timeout: 10 * time.Second} httpClient := http.Client{Timeout: 10 * time.Second}
giteaApiClient, err := gitea.NewClient( giteaApiClient, err := gitea.NewClient(
giteaUrl, giteaUrl,
gitea.SetHTTPClient(&httpClient), gitea.SetHTTPClient(&httpClient),
gitea.SetToken(""), gitea.SetToken(token),
gitea.SetUserAgent("rio"), gitea.SetUserAgent("rio"),
) )
if err != nil { if err != nil {
return err return err
} }
giteaClient := riogitea.NewGiteaClient(giteaUrl, giteaApiClient) giteaClient := riogitea.NewGiteaClient(giteaUrl, token, giteaApiClient)
// Listen on the port // Listen on the port
addr := ctx.String("listen-host") + ":" + ctx.String("listen-port") addr := ctx.String("listen-host") + ":" + ctx.String("listen-port")
@ -199,16 +210,6 @@ func runServer(ctx *cli.Context) error {
return err return err
} }
// Listen on the HTTP port
httpAddr := ctx.String("http-host") + ":" + ctx.String("http-port")
httpListener, err := net.Listen("tcp", httpAddr)
if err != nil {
fmt.Println(
fmt.Errorf("Failed to create HTTP listener: %v", err),
)
return err
}
// Prepare the context // Prepare the context
cacheCtx := context.CacheContext{ cacheCtx := context.CacheContext{
RepositoryInformationCache: context.MakeRepoInfoCache(), RepositoryInformationCache: context.MakeRepoInfoCache(),
@ -291,7 +292,7 @@ func runServer(ctx *cli.Context) error {
go func() { go func() {
defer waitGroup.Done() defer waitGroup.Done()
log.Infof("Listening on main HTTP server %s", httpAddr) log.Infof("Listening on main HTTP server %s", addr)
if err := http.Serve(listener, Handler(globalCtx)); err != nil { if err := http.Serve(listener, Handler(globalCtx)); err != nil {
log.Fatal(fmt.Errorf("Listening failed: %v", err)) log.Fatal(fmt.Errorf("Listening failed: %v", err))
} }
@ -299,6 +300,16 @@ func runServer(ctx *cli.Context) error {
}() }()
if !acmeDisable { if !acmeDisable {
// Listen on the HTTP port
httpAddr := ctx.String("http-host") + ":" + ctx.String("http-port")
httpListener, err := net.Listen("tcp", httpAddr)
if err != nil {
fmt.Println(
fmt.Errorf("Failed to create HTTP listener: %v", err),
)
return err
}
go func() { go func() {
defer waitGroup.Done() defer waitGroup.Done()
@ -414,6 +425,12 @@ func main() {
Value: "", Value: "",
EnvVars: []string{"METRICS_BOT_LIST"}, EnvVars: []string{"METRICS_BOT_LIST"},
}, },
&cli.StringFlag{
Name: "token-file",
Usage: "File containing a access token. Required for serving private repositories",
Value: "",
EnvVars: []string{"TOKEN_FILE"},
},
}, },
} }

16
cmd/rio/utils.go Normal file
View File

@ -0,0 +1,16 @@
package main
import (
"os"
"strings"
)
// Read a secret file and return its (cleaned) content.
func readSecret(path string) (string, error) {
content, err := os.ReadFile(path)
if err != nil {
return "", err
}
return strings.Trim(string(content), "\n\r "), nil
}

View File

@ -7,6 +7,7 @@ import (
"time" "time"
"code.gitea.io/sdk/gitea" "code.gitea.io/sdk/gitea"
log "github.com/sirupsen/logrus"
"git.polynom.me/rio/internal/dns" "git.polynom.me/rio/internal/dns"
) )
@ -38,6 +39,8 @@ type Repository struct {
} }
type GiteaClient struct { type GiteaClient struct {
Token string
GetRepository GetRepositoryMethod GetRepository GetRepositoryMethod
HasBranch HasBranchMethod HasBranch HasBranchMethod
HasUser HasUserMethod HasUser HasUserMethod
@ -46,8 +49,9 @@ type GiteaClient struct {
LookupRepoTXT LookupRepoTXTMethod LookupRepoTXT LookupRepoTXTMethod
} }
func NewGiteaClient(giteaUrl string, giteaClient *gitea.Client) GiteaClient { func NewGiteaClient(giteaUrl string, token string, giteaClient *gitea.Client) GiteaClient {
return GiteaClient{ return GiteaClient{
Token: token,
GetRepository: func(username, repositoryName string) (Repository, error) { GetRepository: func(username, repositoryName string) (Repository, error) {
repo, _, err := giteaClient.GetRepo(username, repositoryName) repo, _, err := giteaClient.GetRepo(username, repositoryName)
if err != nil { if err != nil {
@ -86,12 +90,19 @@ func NewGiteaClient(giteaUrl string, giteaClient *gitea.Client) GiteaClient {
path, path,
branch, branch,
) )
log.Debugf("GetFile: Requesting '%s'", apiUrl)
client := &http.Client{} client := &http.Client{}
req, err := http.NewRequest("GET", apiUrl, nil) req, err := http.NewRequest("GET", apiUrl, nil)
if since != nil { if since != nil {
sinceFormat := since.Format(time.RFC1123) sinceFormat := since.Format(time.RFC1123)
req.Header.Add("If-Modified-Since", sinceFormat) req.Header.Add("If-Modified-Since", sinceFormat)
} }
// Add authentication, if we have a token
if token != "" {
req.Header.Add("Authorization", "token "+token)
}
resp, err := client.Do(req) resp, err := client.Do(req)
if err != nil { if err != nil {
return []byte{}, true, err return []byte{}, true, err