mirrors/git-pages
1
0
Fork 0
mirror of https://codeberg.org/git-pages/git-pages.git synced 2026-05-19 21:51:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
111 Commits 2 Branches 13 Tags
7e9cd17b70717bea2fe240eb6a784cb206243690
Commit Graph

111 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Catherine
7e9cd17b70 Add a -get-manifest option for debugging. 
This isn't done via a socket to avoid potential misconfiguration
leading to authentication bypass.
 2025-09-20 20:07:15 +00:00
Catherine
bdc119d630 Remove leading . path segments from tar archive member filenames. 2025-09-20 15:42:17 +00:00
miyuko
2f525f3bb7 Strip Content-Type parameters when looking at the type. 2025-09-20 16:12:23 +01:00
Catherine
26647411ed Fix tar file extractor. 2025-09-20 14:57:53 +00:00
Catherine
960a40d736 Add Honeybadger.io observability support. 
It's not yet clear how useful it is, but it's at least something.
 2025-09-20 14:19:55 +00:00
Catherine
e5f1bac0ed Remove outdated comment. NFC 2025-09-20 08:38:55 +00:00
Catherine
f5ffd70824 Rename X-Pages-Outcome response header to X-Pages-Update. 2025-09-20 08:34:56 +00:00
Catherine
ddf0de8435 Record non-fatal problems in manifest and report them. 
This feature keeps complex features like `_redirects` debuggable.
 2025-09-20 08:33:11 +00:00
Catherine
bd294982b2 Disallow Host: values starting with a dot. 
Although these should never appear in first place, allowing them
to proceed into application logic may cause conflicts with reserved
manifest names.
 2025-09-20 07:41:34 +00:00
Catherine
15b2f1ea39 Allow zip and tar archive uploads PUT request. 2025-09-20 07:16:10 +00:00
Catherine
95814dd3f3 Parse _redirects file and store rules in manifest. 2025-09-20 07:16:10 +00:00
Catherine
3acab677e0 Split up backend.go. NFC 2025-09-20 04:39:13 +00:00
Catherine
7178885bfb Add a dedicated error type to report missing blob or manifest. 2025-09-20 04:24:36 +00:00
Catherine
412c2c2e3a Fix issues found by staticcheck. NFC 2025-09-20 03:55:58 +00:00
Catherine
9f0e54546a CI: fix trigger list. 2025-09-20 01:18:25 +00:00
Catherine
ed0f8e9d0d Add instructions for first-party container to README. 2025-09-20 01:12:52 +00:00
Catherine
fa17b9c1ed Build Docker images on CI. 2025-09-20 00:34:13 +00:00
Catherine
9d18700834 Switch from Nix back to Docker for deployment. 2025-09-20 00:12:55 +00:00
Catherine
da604215c1 Adapt Caddyfile during the build. 
Until https://github.com/ss098/certmagic-s3/pull/25 is merged, this
also uses a fork of certmagic-s3.
 2025-09-19 22:12:48 +00:00
Catherine
859c4bef77 Make Fly.io health checks more aggressive. 2025-09-19 21:08:35 +00:00
Catherine
3d23d58fbb Make supervisord and Caddy less chatty. 2025-09-19 21:08:21 +00:00
Catherine
5f7e5a1271 Don't ask backend for bare IP address sites. 2025-09-19 20:32:02 +00:00
Catherine
cbbd2bcd7e Expose Fly.io region in Server header. 2025-09-19 19:01:41 +00:00
Catherine
93ffee538c Precompute total site size in manifest. 2025-09-19 18:38:47 +00:00
Catherine
e0e5a8978e Describe authorization flow for metadata retrieval. 2025-09-19 18:38:14 +00:00
Catherine
f6982e6222 Fix inaccurate description of branch selection. 2025-09-19 18:29:45 +00:00
Catherine
c13a82e2ed Update Nix flake. 2025-09-19 17:54:53 +00:00
Catherine
e92b48b99f Expose site manifest to authorized clients. 
As the rules for serving a site get more complex, being able to see
the git-pages' view of the site structure will become increasingly
valuable.

Unauthorized clients are rejected to make enumeration more difficult.
While git-pages isn't designed to serve sensitive data, it is prudent
to recognize that someone somewhere will do it anyway.
 2025-09-19 16:58:01 +00:00
Catherine
dbfdd5d418 Refactor Protobuf schema. 
This is to prepare for making manifest debug representation accessible.

- change `Entry.size` to `uint32` so that it's serialized as a number
  in protoJSON export
- rename `Manifest.files` to `Manifest.contents`
- leave size and data for the root directory empty, same as with
  non-root directories fetched from git
 2025-09-19 15:20:35 +00:00
Catherine
d89f03e665 Upgrade protobuf schema to edition 2023. NFCI 
Also, some renames for consistency:
- `Manifest.repoURL`→`Manifest.repo_url`
- `Manifest.tree`→`Manifest.files`
 2025-09-19 14:12:08 +00:00
Catherine
46d54503ee Fix DNS allowlist not applying to POST requests. 2025-09-19 14:10:26 +00:00
Catherine
df6ca018a5 Unpublish site when pushing an empty repository. 2025-09-19 05:41:01 +00:00
bin
da212dcb89 Aggressively optimise size of Nix built Docker images 2025-09-19 04:23:57 +00:00
Catherine
5f3edfedf9 Add DELETE method support. 2025-09-19 04:08:22 +00:00
Catherine
9810a346f0 Refactor authorization code. NFC 2025-09-19 04:08:22 +00:00
bin
54c9a0a77e Allow building containers using Nix. 
fly auth docker && \
    nix build .#image -L && \
    docker load < result && \
    docker tag git-pages:latest registry.fly.io/git-pages:latest && \
    docker push registry.fly.io/git-pages:latest
 2025-09-18 22:50:23 -04:00
Catherine
5024802fd4 Start listening before lengthy initialization. 2025-09-19 01:09:19 +00:00
Catherine
82bfe278bf [security] Restrict X-Pages-Branch to shared secret authorization only. 2025-09-19 00:57:54 +00:00
Catherine
512d5e928a Clearly indicate insecure mode at startup. 2025-09-19 00:36:35 +00:00
whitequark
6a67785e02 Correct inaccuracy in README. 2025-09-19 02:35:56 +02:00
Catherine
8c964b1afd Ignore config.toml*. 2025-09-19 00:08:55 +00:00
Catherine
af5deb60c6 [breaking-change] Accept multiple index repository patterns. 2025-09-18 23:51:20 +00:00
whitequark
c95a2f7f43 Mention grebedoc.dev in README. 2025-09-19 00:58:46 +02:00
Catherine
345602e08f Update README. 2025-09-18 22:53:52 +00:00
Catherine
3393c077b5 Add DNS allowlist authorization. 
Also, improve authorization docs and tighten rules for `INSECURE`.
 2025-09-18 21:53:55 +00:00
Catherine
929aedfd2c Use strings.Trim{Prefix,Suffix}. NFC 2025-09-18 20:05:59 +00:00
Catherine
877d375af7 Fold domain names to lowercase when constructing a web root. 
Currently all domains with uppercase letters in them (as presented in
the `Host:` header during registration) are broken.
 2025-09-18 19:40:51 +00:00
Catherine
3c46169ba6 Refactor authentication code. 2025-09-18 19:23:59 +00:00
bin
6f932df886 Initial Nix flake 2025-09-18 19:14:47 +00:00
Catherine
f99298d38b Make Caddy startup dependent on git-pages. 
Fly.io starts routing requests to the VM the moment it becomes
reachable (listens on its service ports) even if it is not ready yet.
This causes transient failures on machine startup.
 2025-09-18 17:28:25 +00:00