mirrors/git-pages
1
0
Fork 0
mirror of https://codeberg.org/git-pages/git-pages.git synced 2026-05-14 11:11:35 +00:00
Code Issues Packages Projects Releases Wiki Activity
102 Commits 3 Branches 13 Tags
15b2f1ea396fa4df43dcb7d9fb235ae3f927d1b7
Commit Graph

102 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Catherine
15b2f1ea39 Allow zip and tar archive uploads PUT request. 2025-09-20 07:16:10 +00:00
Catherine
95814dd3f3 Parse _redirects file and store rules in manifest. 2025-09-20 07:16:10 +00:00
Catherine
3acab677e0 Split up backend.go. NFC 2025-09-20 04:39:13 +00:00
Catherine
7178885bfb Add a dedicated error type to report missing blob or manifest. 2025-09-20 04:24:36 +00:00
Catherine
412c2c2e3a Fix issues found by staticcheck. NFC 2025-09-20 03:55:58 +00:00
Catherine
9f0e54546a CI: fix trigger list. 2025-09-20 01:18:25 +00:00
Catherine
ed0f8e9d0d Add instructions for first-party container to README. 2025-09-20 01:12:52 +00:00
Catherine
fa17b9c1ed Build Docker images on CI. 2025-09-20 00:34:13 +00:00
Catherine
9d18700834 Switch from Nix back to Docker for deployment. 2025-09-20 00:12:55 +00:00
Catherine
da604215c1 Adapt Caddyfile during the build. 
Until https://github.com/ss098/certmagic-s3/pull/25 is merged, this
also uses a fork of certmagic-s3.
 2025-09-19 22:12:48 +00:00
Catherine
859c4bef77 Make Fly.io health checks more aggressive. 2025-09-19 21:08:35 +00:00
Catherine
3d23d58fbb Make supervisord and Caddy less chatty. 2025-09-19 21:08:21 +00:00
Catherine
5f7e5a1271 Don't ask backend for bare IP address sites. 2025-09-19 20:32:02 +00:00
Catherine
cbbd2bcd7e Expose Fly.io region in Server header. 2025-09-19 19:01:41 +00:00
Catherine
93ffee538c Precompute total site size in manifest. 2025-09-19 18:38:47 +00:00
Catherine
e0e5a8978e Describe authorization flow for metadata retrieval. 2025-09-19 18:38:14 +00:00
Catherine
f6982e6222 Fix inaccurate description of branch selection. 2025-09-19 18:29:45 +00:00
Catherine
c13a82e2ed Update Nix flake. 2025-09-19 17:54:53 +00:00
Catherine
e92b48b99f Expose site manifest to authorized clients. 
As the rules for serving a site get more complex, being able to see
the git-pages' view of the site structure will become increasingly
valuable.

Unauthorized clients are rejected to make enumeration more difficult.
While git-pages isn't designed to serve sensitive data, it is prudent
to recognize that someone somewhere will do it anyway.
 2025-09-19 16:58:01 +00:00
Catherine
dbfdd5d418 Refactor Protobuf schema. 
This is to prepare for making manifest debug representation accessible.

- change `Entry.size` to `uint32` so that it's serialized as a number
  in protoJSON export
- rename `Manifest.files` to `Manifest.contents`
- leave size and data for the root directory empty, same as with
  non-root directories fetched from git
 2025-09-19 15:20:35 +00:00
Catherine
d89f03e665 Upgrade protobuf schema to edition 2023. NFCI 
Also, some renames for consistency:
- `Manifest.repoURL`→`Manifest.repo_url`
- `Manifest.tree`→`Manifest.files`
 2025-09-19 14:12:08 +00:00
Catherine
46d54503ee Fix DNS allowlist not applying to POST requests. 2025-09-19 14:10:26 +00:00
Catherine
df6ca018a5 Unpublish site when pushing an empty repository. 2025-09-19 05:41:01 +00:00
bin
da212dcb89 Aggressively optimise size of Nix built Docker images 2025-09-19 04:23:57 +00:00
Catherine
5f3edfedf9 Add DELETE method support. 2025-09-19 04:08:22 +00:00
Catherine
9810a346f0 Refactor authorization code. NFC 2025-09-19 04:08:22 +00:00
bin
54c9a0a77e Allow building containers using Nix. 
fly auth docker && \
    nix build .#image -L && \
    docker load < result && \
    docker tag git-pages:latest registry.fly.io/git-pages:latest && \
    docker push registry.fly.io/git-pages:latest
 2025-09-18 22:50:23 -04:00
Catherine
5024802fd4 Start listening before lengthy initialization. 2025-09-19 01:09:19 +00:00
Catherine
82bfe278bf [security] Restrict X-Pages-Branch to shared secret authorization only. 2025-09-19 00:57:54 +00:00
Catherine
512d5e928a Clearly indicate insecure mode at startup. 2025-09-19 00:36:35 +00:00
whitequark
6a67785e02 Correct inaccuracy in README. 2025-09-19 02:35:56 +02:00
Catherine
8c964b1afd Ignore config.toml*. 2025-09-19 00:08:55 +00:00
Catherine
af5deb60c6 [breaking-change] Accept multiple index repository patterns. 2025-09-18 23:51:20 +00:00
whitequark
c95a2f7f43 Mention grebedoc.dev in README. 2025-09-19 00:58:46 +02:00
Catherine
345602e08f Update README. 2025-09-18 22:53:52 +00:00
Catherine
3393c077b5 Add DNS allowlist authorization. 
Also, improve authorization docs and tighten rules for `INSECURE`.
 2025-09-18 21:53:55 +00:00
Catherine
929aedfd2c Use strings.Trim{Prefix,Suffix}. NFC 2025-09-18 20:05:59 +00:00
Catherine
877d375af7 Fold domain names to lowercase when constructing a web root. 
Currently all domains with uppercase letters in them (as presented in
the `Host:` header during registration) are broken.
 2025-09-18 19:40:51 +00:00
Catherine
3c46169ba6 Refactor authentication code. 2025-09-18 19:23:59 +00:00
bin
6f932df886 Initial Nix flake 2025-09-18 19:14:47 +00:00
Catherine
f99298d38b Make Caddy startup dependent on git-pages. 
Fly.io starts routing requests to the VM the moment it becomes
reachable (listens on its service ports) even if it is not ready yet.
This causes transient failures on machine startup.
 2025-09-18 17:28:25 +00:00
Catherine
2548effeb8 Unify Caddy and git-pages health checks. 2025-09-18 13:50:48 +00:00
Catherine
810dc9cea0 Disable swap on fly.io. 
This just results in latency spikes with big uploads.
 2025-09-18 13:23:38 +00:00
Catherine
d48c754b9e Switch from hivemind to supervisord. 
Hivemind doesn't have auto-restart capability (it quits with code 0,
which just stops the VM).
 2025-09-18 12:15:23 +00:00
Catherine
b85b762ba9 [breaking-change] Update Dockerfile to add Caddy and a fly.io deployment option. 2025-09-18 05:14:04 +00:00
Catherine
0ed4fd2fc2 Fetch repositories to /tmp, not in-memory. 2025-09-18 04:32:23 +00:00
Catherine
07a736382c Automatically set GOMEMLIMIT at 90% of available memory. 
Or at the ratio specified by `AUTOMEMLIMIT`.
 2025-09-18 03:31:51 +00:00
Catherine
fb9f4a7c4a Allow configuring log format. 
In a production environment the timestamp will be appended by the log
service.
 2025-09-18 02:00:49 +00:00
Catherine
bd6e377e43 Allow explicit authorization to bypass wildcard URL restriction. 2025-09-18 01:56:06 +00:00
Catherine
bbd7964e0c Revert "Expose metadata when running on bunny.net magic containers." 
This reverts commit 705685e918.
 2025-09-18 01:42:17 +00:00