mirrors/git-pages
1
0
Fork 0
mirror of https://codeberg.org/git-pages/git-pages.git synced 2026-05-22 07:01:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
107 Commits 2 Branches 13 Tags
960a40d7367dd61c3cdc9164a75a4d6cd4e57904
Commit Graph

80 Commits

Author SHA1 Message Date
Catherine
960a40d736 Add Honeybadger.io observability support. 
It's not yet clear how useful it is, but it's at least something.
 2025-09-20 14:19:55 +00:00
Catherine
e5f1bac0ed Remove outdated comment. NFC 2025-09-20 08:38:55 +00:00
Catherine
f5ffd70824 Rename X-Pages-Outcome response header to X-Pages-Update. 2025-09-20 08:34:56 +00:00
Catherine
ddf0de8435 Record non-fatal problems in manifest and report them. 
This feature keeps complex features like `_redirects` debuggable.
 2025-09-20 08:33:11 +00:00
Catherine
bd294982b2 Disallow Host: values starting with a dot. 
Although these should never appear in first place, allowing them
to proceed into application logic may cause conflicts with reserved
manifest names.
 2025-09-20 07:41:34 +00:00
Catherine
15b2f1ea39 Allow zip and tar archive uploads PUT request. 2025-09-20 07:16:10 +00:00
Catherine
95814dd3f3 Parse _redirects file and store rules in manifest. 2025-09-20 07:16:10 +00:00
Catherine
3acab677e0 Split up backend.go. NFC 2025-09-20 04:39:13 +00:00
Catherine
7178885bfb Add a dedicated error type to report missing blob or manifest. 2025-09-20 04:24:36 +00:00
Catherine
412c2c2e3a Fix issues found by staticcheck. NFC 2025-09-20 03:55:58 +00:00
Catherine
5f7e5a1271 Don't ask backend for bare IP address sites. 2025-09-19 20:32:02 +00:00
Catherine
cbbd2bcd7e Expose Fly.io region in Server header. 2025-09-19 19:01:41 +00:00
Catherine
93ffee538c Precompute total site size in manifest. 2025-09-19 18:38:47 +00:00
Catherine
e92b48b99f Expose site manifest to authorized clients. 
As the rules for serving a site get more complex, being able to see
the git-pages' view of the site structure will become increasingly
valuable.

Unauthorized clients are rejected to make enumeration more difficult.
While git-pages isn't designed to serve sensitive data, it is prudent
to recognize that someone somewhere will do it anyway.
 2025-09-19 16:58:01 +00:00
Catherine
dbfdd5d418 Refactor Protobuf schema. 
This is to prepare for making manifest debug representation accessible.

- change `Entry.size` to `uint32` so that it's serialized as a number
  in protoJSON export
- rename `Manifest.files` to `Manifest.contents`
- leave size and data for the root directory empty, same as with
  non-root directories fetched from git
 2025-09-19 15:20:35 +00:00
Catherine
d89f03e665 Upgrade protobuf schema to edition 2023. NFCI 
Also, some renames for consistency:
- `Manifest.repoURL`→`Manifest.repo_url`
- `Manifest.tree`→`Manifest.files`
 2025-09-19 14:12:08 +00:00
Catherine
46d54503ee Fix DNS allowlist not applying to POST requests. 2025-09-19 14:10:26 +00:00
Catherine
df6ca018a5 Unpublish site when pushing an empty repository. 2025-09-19 05:41:01 +00:00
Catherine
5f3edfedf9 Add DELETE method support. 2025-09-19 04:08:22 +00:00
Catherine
9810a346f0 Refactor authorization code. NFC 2025-09-19 04:08:22 +00:00
Catherine
5024802fd4 Start listening before lengthy initialization. 2025-09-19 01:09:19 +00:00
Catherine
82bfe278bf [security] Restrict X-Pages-Branch to shared secret authorization only. 2025-09-19 00:57:54 +00:00
Catherine
512d5e928a Clearly indicate insecure mode at startup. 2025-09-19 00:36:35 +00:00
Catherine
af5deb60c6 [breaking-change] Accept multiple index repository patterns. 2025-09-18 23:51:20 +00:00
Catherine
3393c077b5 Add DNS allowlist authorization. 
Also, improve authorization docs and tighten rules for `INSECURE`.
 2025-09-18 21:53:55 +00:00
Catherine
929aedfd2c Use strings.Trim{Prefix,Suffix}. NFC 2025-09-18 20:05:59 +00:00
Catherine
877d375af7 Fold domain names to lowercase when constructing a web root. 
Currently all domains with uppercase letters in them (as presented in
the `Host:` header during registration) are broken.
 2025-09-18 19:40:51 +00:00
Catherine
3c46169ba6 Refactor authentication code. 2025-09-18 19:23:59 +00:00
Catherine
0ed4fd2fc2 Fetch repositories to /tmp, not in-memory. 2025-09-18 04:32:23 +00:00
Catherine
07a736382c Automatically set GOMEMLIMIT at 90% of available memory. 
Or at the ratio specified by `AUTOMEMLIMIT`.
 2025-09-18 03:31:51 +00:00
Catherine
fb9f4a7c4a Allow configuring log format. 
In a production environment the timestamp will be appended by the log
service.
 2025-09-18 02:00:49 +00:00
Catherine
bd6e377e43 Allow explicit authorization to bypass wildcard URL restriction. 2025-09-18 01:56:06 +00:00
Catherine
bbd7964e0c Revert "Expose metadata when running on bunny.net magic containers." 
This reverts commit 705685e918.
 2025-09-18 01:42:17 +00:00
Catherine
2ca9a4c244 Revert "Log successful health check." 
This reverts commit 82f24d5508.
 2025-09-18 01:40:51 +00:00
Catherine
c9b2cbb52e Work around a TOCTTOU race in os.Root.MkdirAll(). 
This race was reliably triggered by an initial push into an empty blob
store, causing it to fail.
 2025-09-17 23:14:52 +00:00
Catherine
82f24d5508 Log successful health check. 2025-09-17 18:31:38 +00:00
Catherine
f482be4c05 Invalidate S3 backend cache after committing or deleting a manifest. 2025-09-17 17:01:50 +00:00
Catherine
6abaa04688 [breaking-change] S3_ENDPOINT_URLS3_ENDPOINT. 2025-09-17 16:25:31 +00:00
Catherine
73f00459c7 Simplify X-Bunnynet-MC format. 2025-09-17 15:38:32 +00:00
Catherine
ea2c2c5d2e [breaking-change] Add a health check endpoint. 
Also, simplify the listen endpoint configuration format.
 2025-09-17 15:36:27 +00:00
Catherine
13c72015a7 Raise default S3 backend max-age for manifests to 60s. 
The default of 5s is way too aggressive and results in poor experience.
 2025-09-17 15:16:02 +00:00
Catherine
705685e918 Expose metadata when running on bunny.net magic containers. 2025-09-17 14:55:50 +00:00
Catherine
ef7aea6a38 Fix S3 backend cache expiry calculation. 2025-09-17 14:19:10 +00:00
Catherine
48cc4cbcbb Cache misses as well as hits in S3 GetManifest. 
Otherwise URLs with a subdirectory end up hammering the backend server.
 2025-09-17 14:18:08 +00:00
Catherine
a0bd7d8650 Implement migration from v1 data layout. 2025-09-17 13:14:10 +00:00
miyuko
31131a6360 Use a context to ensure a time-based deadline for update operations. 2025-09-17 13:14:42 +01:00
miyuko
cf8abbca28 Wrap errors when calling fmt.Errorf. 2025-09-17 13:14:42 +01:00
miyuko
92622b19a4 Fix file not closed after serving a page. 2025-09-17 13:14:42 +01:00
Catherine
3b80cb4144 Fix domain presence check. 
Before this commit, domains which had a project deployed but not
an index would be incorrectly considered nonexistent when queried
via the Caddy endpoint.
 2025-09-17 12:11:25 +00:00
Catherine
9e7ea8b5f1 Fix ETag header format. 2025-09-17 10:31:20 +00:00