mirrors/git-pages
1
0
Fork 0
mirror of https://codeberg.org/git-pages/git-pages.git synced 2026-05-14 11:11:35 +00:00
Code Issues Packages Projects Releases Wiki Activity
136 Commits 3 Branches 13 Tags
1aef0288e75db6795004ff113e99d6c2bd5d2233
Commit Graph

104 Commits

Author SHA1 Message Date
miyuko
1aef0288e7 Add page operation metrics and expose them in Prometheus text format. 2025-09-22 19:03:59 +01:00
Catherine
584957a92d Provide Allow: header when responding with 405 Method Not Allowed. 2025-09-22 17:41:03 +00:00
Catherine
789a5e682e [breaking-change] Use type-safe representation for time durations. 2025-09-22 17:05:22 +00:00
Catherine
fd7b632b52 Expand Server: header to include machine ID on Fly.io. 2025-09-22 08:27:03 +00:00
Catherine
6dfc03c3a8 Reimplement ugly automemlimit logging at startup. 2025-09-22 07:02:42 +00:00
Catherine
a159dba0b8 [breaking-change] Redesign environment var configuration overrides. 
This is done using reflection to avoid boilerplate and potential desync
of the two configuration interfaces. The `[[wildcards]]` section did
not fit well into the "splat every config key" paradigm, so it is
unmarshalled as a whole from a JSON payload in an environment variable.

This commit also splits up the `Config` type into small per-section
struct types and removes most references to the global `config` in
favor of passing pointers to sections around.

A new option, `-print-config-env-vars`, shows the names and types of
all of the available configuration knobs.
 2025-09-22 07:02:42 +00:00
Catherine
d81676fea0 Miscellaneous minor configuration related fixes. 2025-09-22 01:31:41 +00:00
Catherine
bf2922f892 [breaking-change] Add default config values where appropriate. 2025-09-21 23:08:27 +00:00
Catherine
51606aac98 Replace hardcoded limits with a config file section. 2025-09-21 19:00:36 +00:00
Catherine
21227ce59f Only send Access-Control-Allow-Origin: in response to a CORS request. 
This saves a bit of bandwidth. NFC otherwise.
 2025-09-21 08:19:08 +00:00
Catherine
2af2975713 Add tar+gzip and tar+zstd compressed archive support. 2025-09-21 06:25:10 +00:00
Catherine
382bee9b4e Don't send Access-Control-Max-Age: in response to GET requests. 
This header only has meaning in an `OPTIONS` response.
 2025-09-21 06:05:17 +00:00
Catherine
b5ab776a23 Use Cache-Control: max-age=60, stale-while-revalidate=3600. 
This is a way to avoid blocking on network requests in the browser
while ensuring the content is served very fresh.
 2025-09-21 05:31:06 +00:00
Catherine
5b471f6677 Add a feature flag for testing h2c:// performance. 2025-09-21 04:38:06 +00:00
Catherine
a10e28210a Enable h2c:// (cleartext HTTP/2) protocol on all http:// sockets. 
This allows git-pages and Caddy to efficiently use the same connection
for many pipelined requests, which I hope will reduce contention when
some bot decides to send fifty requests in the same millisecond.

This commit also changes built-in Caddy configuration to use HTTP/2
cleartext only when talking to the backend.
 2025-09-21 03:36:14 +00:00
Catherine
403821a150 Return status 413 Request Entity Too Large where appropriate. 2025-09-21 03:35:18 +00:00
Catherine
d2d4a27667 Return status 415 Unsupported Media Type in PUT handler. 
Before this commit, an unparseable media type would return 200 OK.
 2025-09-21 03:33:42 +00:00
Catherine
5765fa7ffa Proxy requests for unknown sites via wildcard fallback URL (if any). 2025-09-21 02:39:44 +00:00
Catherine
d5302e4358 [breaking-change] Allow multiple wildcard domains to be configured. 2025-09-21 00:29:51 +00:00
Catherine
acf948ac6b Remove code for migrating from v1 data layout. 2025-09-20 20:10:40 +00:00
Catherine
7e9cd17b70 Add a -get-manifest option for debugging. 
This isn't done via a socket to avoid potential misconfiguration
leading to authentication bypass.
 2025-09-20 20:07:15 +00:00
Catherine
bdc119d630 Remove leading . path segments from tar archive member filenames. 2025-09-20 15:42:17 +00:00
miyuko
2f525f3bb7 Strip Content-Type parameters when looking at the type. 2025-09-20 16:12:23 +01:00
Catherine
26647411ed Fix tar file extractor. 2025-09-20 14:57:53 +00:00
Catherine
960a40d736 Add Honeybadger.io observability support. 
It's not yet clear how useful it is, but it's at least something.
 2025-09-20 14:19:55 +00:00
Catherine
e5f1bac0ed Remove outdated comment. NFC 2025-09-20 08:38:55 +00:00
Catherine
f5ffd70824 Rename X-Pages-Outcome response header to X-Pages-Update. 2025-09-20 08:34:56 +00:00
Catherine
ddf0de8435 Record non-fatal problems in manifest and report them. 
This feature keeps complex features like `_redirects` debuggable.
 2025-09-20 08:33:11 +00:00
Catherine
bd294982b2 Disallow Host: values starting with a dot. 
Although these should never appear in first place, allowing them
to proceed into application logic may cause conflicts with reserved
manifest names.
 2025-09-20 07:41:34 +00:00
Catherine
15b2f1ea39 Allow zip and tar archive uploads PUT request. 2025-09-20 07:16:10 +00:00
Catherine
95814dd3f3 Parse _redirects file and store rules in manifest. 2025-09-20 07:16:10 +00:00
Catherine
3acab677e0 Split up backend.go. NFC 2025-09-20 04:39:13 +00:00
Catherine
7178885bfb Add a dedicated error type to report missing blob or manifest. 2025-09-20 04:24:36 +00:00
Catherine
412c2c2e3a Fix issues found by staticcheck. NFC 2025-09-20 03:55:58 +00:00
Catherine
5f7e5a1271 Don't ask backend for bare IP address sites. 2025-09-19 20:32:02 +00:00
Catherine
cbbd2bcd7e Expose Fly.io region in Server header. 2025-09-19 19:01:41 +00:00
Catherine
93ffee538c Precompute total site size in manifest. 2025-09-19 18:38:47 +00:00
Catherine
e92b48b99f Expose site manifest to authorized clients. 
As the rules for serving a site get more complex, being able to see
the git-pages' view of the site structure will become increasingly
valuable.

Unauthorized clients are rejected to make enumeration more difficult.
While git-pages isn't designed to serve sensitive data, it is prudent
to recognize that someone somewhere will do it anyway.
 2025-09-19 16:58:01 +00:00
Catherine
dbfdd5d418 Refactor Protobuf schema. 
This is to prepare for making manifest debug representation accessible.

- change `Entry.size` to `uint32` so that it's serialized as a number
  in protoJSON export
- rename `Manifest.files` to `Manifest.contents`
- leave size and data for the root directory empty, same as with
  non-root directories fetched from git
 2025-09-19 15:20:35 +00:00
Catherine
d89f03e665 Upgrade protobuf schema to edition 2023. NFCI 
Also, some renames for consistency:
- `Manifest.repoURL`→`Manifest.repo_url`
- `Manifest.tree`→`Manifest.files`
 2025-09-19 14:12:08 +00:00
Catherine
46d54503ee Fix DNS allowlist not applying to POST requests. 2025-09-19 14:10:26 +00:00
Catherine
df6ca018a5 Unpublish site when pushing an empty repository. 2025-09-19 05:41:01 +00:00
Catherine
5f3edfedf9 Add DELETE method support. 2025-09-19 04:08:22 +00:00
Catherine
9810a346f0 Refactor authorization code. NFC 2025-09-19 04:08:22 +00:00
Catherine
5024802fd4 Start listening before lengthy initialization. 2025-09-19 01:09:19 +00:00
Catherine
82bfe278bf [security] Restrict X-Pages-Branch to shared secret authorization only. 2025-09-19 00:57:54 +00:00
Catherine
512d5e928a Clearly indicate insecure mode at startup. 2025-09-19 00:36:35 +00:00
Catherine
af5deb60c6 [breaking-change] Accept multiple index repository patterns. 2025-09-18 23:51:20 +00:00
Catherine
3393c077b5 Add DNS allowlist authorization. 
Also, improve authorization docs and tighten rules for `INSECURE`.
 2025-09-18 21:53:55 +00:00
Catherine
929aedfd2c Use strings.Trim{Prefix,Suffix}. NFC 2025-09-18 20:05:59 +00:00