Commit Graph

155 Commits

Author SHA1 Message Date
Catherine 94ec490ca5 Add -update-site CLI argument, for administrative updates. 2025-09-26 00:31:14 +00:00
Catherine 79a2933dea Build code and run linter as part of a CI job. 2025-09-26 00:03:10 +00:00
Catherine 7941708aad Update Nix flake. 2025-09-25 23:47:23 +00:00
Catherine d36bebfe4e Move repository to https://codeberg.org/git-pages/git-pages.git. 2025-09-25 02:06:35 +00:00
Catherine 80aa8e2901 Add Codeberg Pages v2 specific DNS authorization mechanism.
Feature-gated behind `codeberg-pages-compat` since it has no generic
use outside of that specific deployment.
2025-09-25 01:18:47 +00:00
Catherine d26fe98577 Refactor authorization code to handle non-pages branches. NFC 2025-09-24 22:54:58 +00:00
Catherine 714e37cce8 Implement partial Netlify _redirects support.
This is roughly to match the Codeberg subset:
https://docs.codeberg.org/codeberg-pages/redirects/
2025-09-24 19:11:27 +00:00
Catherine 59eb65ff66 Fly.io: enable primary region with 1 machine always running. 2025-09-24 17:32:37 +00:00
Catherine c6330ccffc Don't attempt to proxy if a fallback URL hasn't been set up. 2025-09-24 11:12:00 +00:00
Catherine fc029ad219 [breaking-change] Remove health endpoint handler and renumber metrics.
The previous commit has eliminated any way to use `ServeHealth()`,
but kept it around to not introduce breaking changes. This one has
no such constraint.
2025-09-23 02:39:11 +00:00
Catherine 4c087278cb Fly.io: switch health check method to [[services.http_checks]].
More specifically, remove the dedicated HTTP datapath for health
checks and verify the entire stack, from TLS frontend to S3 backend.
Verifying too little has resulted in a small outage recently when
the pages listener got misconfigured but the health listener happily
accepted connections like normal. This would not happen now that
the health check uses port 443, too.
2025-09-23 02:34:55 +00:00
Catherine 922cc6315a Use filename, not URL path, for MIME type sniffing.
Otherwise, even though `/foo/index.html` and `/foo` are identical
resources in every way, their MIME type could differ.
2025-09-23 00:42:19 +00:00
Catherine 38269c66ae Add -get-blob mode, printing contents of a blob. 2025-09-22 21:33:23 +00:00
Catherine b1c372ea54 All subdomains of a forbidden domain are forbidden as well. 2025-09-22 20:00:54 +00:00
Catherine f0b19debdc Make X-Pages-Update: no-change a reportable event. 2025-09-22 19:48:31 +00:00
Catherine 3701aa1800 Simplify. NFC 2025-09-22 19:46:17 +00:00
Catherine 9907a26397 Remove leftover comments. NFC 2025-09-22 19:43:56 +00:00
Catherine c11114149c Allow marking a domain as unconditionally forbidden to update. 2025-09-22 19:39:23 +00:00
Catherine 6a2cc5b157 Minor refactor. NFC 2025-09-22 19:39:23 +00:00
miyuko 1aef0288e7 Add page operation metrics and expose them in Prometheus text format. 2025-09-22 19:03:59 +01:00
Catherine 584957a92d Provide Allow: header when responding with 405 Method Not Allowed. 2025-09-22 17:41:03 +00:00
Catherine 789a5e682e [breaking-change] Use type-safe representation for time durations. 2025-09-22 17:05:22 +00:00
Catherine 80e3d7ff56 Turn off Caddy's admin interface and expose metrics on the same port. 2025-09-22 16:26:55 +00:00
Catherine e78f70626e Fly.io: enable Caddy metrics collection. 2025-09-22 09:50:01 +00:00
Catherine 247922a093 Fly.io: configure concurrency.
The default is 20, and is regularly reached by crawlers or overly
enthusiastic browsers. The actual concurrency limit is likely closer
to 500-1000.
2025-09-22 08:42:12 +00:00
Catherine fd7b632b52 Expand Server: header to include machine ID on Fly.io. 2025-09-22 08:27:03 +00:00
Catherine 6dfc03c3a8 Reimplement ugly automemlimit logging at startup. 2025-09-22 07:02:42 +00:00
Catherine a159dba0b8 [breaking-change] Redesign environment var configuration overrides.
This is done using reflection to avoid boilerplate and potential desync
of the two configuration interfaces. The `[[wildcards]]` section did
not fit well into the "splat every config key" paradigm, so it is
unmarshalled as a whole from a JSON payload in an environment variable.

This commit also splits up the `Config` type into small per-section
struct types and removes most references to the global `config` in
favor of passing pointers to sections around.

A new option, `-print-config-env-vars`, shows the names and types of
all of the available configuration knobs.
2025-09-22 07:02:42 +00:00
Catherine d81676fea0 Miscellaneous minor configuration related fixes. 2025-09-22 01:31:41 +00:00
Catherine bf2922f892 [breaking-change] Add default config values where appropriate. 2025-09-21 23:08:27 +00:00
Catherine 51606aac98 Replace hardcoded limits with a config file section. 2025-09-21 19:00:36 +00:00
Catherine e59699ab1a Configure Caddy to use PROXY protocol for X-Forwarded-For. 2025-09-21 14:27:25 +00:00
Catherine d4f5420875 Configure Caddy to use HTTP/3.
Also, add `Alt-Svc:` headers for both H2 and H3.
2025-09-21 14:27:25 +00:00
Catherine 21227ce59f Only send Access-Control-Allow-Origin: in response to a CORS request.
This saves a bit of bandwidth. NFC otherwise.
2025-09-21 08:19:08 +00:00
Catherine 2af2975713 Add tar+gzip and tar+zstd compressed archive support. 2025-09-21 06:25:10 +00:00
Catherine 382bee9b4e Don't send Access-Control-Max-Age: in response to GET requests.
This header only has meaning in an `OPTIONS` response.
2025-09-21 06:05:17 +00:00
Catherine b5ab776a23 Use Cache-Control: max-age=60, stale-while-revalidate=3600.
This is a way to avoid blocking on network requests in the browser
while ensuring the content is served very fresh.
2025-09-21 05:31:06 +00:00
Catherine 5b471f6677 Add a feature flag for testing h2c:// performance. 2025-09-21 04:38:06 +00:00
Catherine a10e28210a Enable h2c:// (cleartext HTTP/2) protocol on all http:// sockets.
This allows git-pages and Caddy to efficiently use the same connection
for many pipelined requests, which I hope will reduce contention when
some bot decides to send fifty requests in the same millisecond.

This commit also changes built-in Caddy configuration to use HTTP/2
cleartext only when talking to the backend.
2025-09-21 03:36:14 +00:00
Catherine 403821a150 Return status 413 Request Entity Too Large where appropriate. 2025-09-21 03:35:18 +00:00
Catherine d2d4a27667 Return status 415 Unsupported Media Type in PUT handler.
Before this commit, an unparseable media type would return 200 OK.
2025-09-21 03:33:42 +00:00
Catherine 5765fa7ffa Proxy requests for unknown sites via wildcard fallback URL (if any). 2025-09-21 02:39:44 +00:00
Catherine d5302e4358 [breaking-change] Allow multiple wildcard domains to be configured. 2025-09-21 00:29:51 +00:00
Catherine acf948ac6b Remove code for migrating from v1 data layout. 2025-09-20 20:10:40 +00:00
Catherine 7e9cd17b70 Add a -get-manifest option for debugging.
This isn't done via a socket to avoid potential misconfiguration
leading to authentication bypass.
2025-09-20 20:07:15 +00:00
Catherine bdc119d630 Remove leading . path segments from tar archive member filenames. 2025-09-20 15:42:17 +00:00
miyuko 2f525f3bb7 Strip Content-Type parameters when looking at the type. 2025-09-20 16:12:23 +01:00
Catherine 26647411ed Fix tar file extractor. 2025-09-20 14:57:53 +00:00
Catherine 960a40d736 Add Honeybadger.io observability support.
It's not yet clear how useful it is, but it's at least something.
2025-09-20 14:19:55 +00:00
Catherine e5f1bac0ed Remove outdated comment. NFC 2025-09-20 08:38:55 +00:00