Commit Graph

254 Commits

Author SHA1 Message Date
Catherine ff8cf9928e Make compression always enabled.
This removes the `compress` feature.
2025-11-13 23:22:25 +00:00
Catherine 9d0a3ac6ad Use Branch: instead of X-Pages-Branch: to set custom branch name. 2025-11-12 17:05:11 +00:00
Catherine ed77339144 Remove deprecated COOP/COEP assignment based on content type. 2025-11-11 17:56:02 +00:00
miyuko cf5b98e3e5 Don't issue extraneous HEAD requests for S3 GetObject operations. 2025-11-11 17:33:24 +00:00
Catherine 02b5b7d2bb Ignore only the malformed _redirects/_headers rules.
Before this commit, upon encountering a malformed rule, the entire file
was ignored. This is both increasingly unviable for complex sites,
a likely source of self-DoS (or at least degradation of service),
and not the behavior Grebedoc has been promising for a few weeks.
2025-11-11 15:55:48 +00:00
Catherine c90b453d44 Default to allowed-custom-headers = ["X-Clacks-Overhead"].
X-Clacks-Overhead: GNU Terry Pratchett
2025-11-11 15:38:11 +00:00
Catherine 26b29ec4be Add Netlify _headers support. 2025-11-11 15:36:14 +00:00
Catherine 2a6308eb05 Update flake. 2025-11-11 06:12:40 +00:00
Catherine f9e142dd51 Observe all storage errors reported by GetManifest.
Otherwise users may get jumpscares of "site not found" due to temporary
conditions (network errors to S3 backend included).
2025-11-11 06:10:01 +00:00
Catherine c4b3671a53 Add [[wildcard]].index-repo-branch option (pages by default). 2025-11-05 23:00:32 +00:00
Catherine 9b19eeae82 Add missing [limits] keys to default configuration. 2025-11-05 22:58:12 +00:00
Catherine 47a658ac03 Avoid leaking http.Transport resources.
`http.Transport` objects cache connections and are meant to be long
lived rather than created on demand; creating them on demand leaks
sockets. Bug introduced in commit 3c07ebcc.
2025-11-05 09:48:36 +00:00
Catherine 3c07ebccbf Add [[wildcard]].fallback-insecure option to disable TLS verification.
This is intended for local deployments only.
2025-11-04 19:03:54 +00:00
woodpecker-bot 28c1b42167 fix(deps): update all dependencies 2025-10-30 00:10:05 +00:00
Catherine ba820e63e3 Work around slog issues handling %% in a format string. 2025-10-29 01:04:01 +00:00
Catherine 2db3de01c7 Fix a nil dereference on non-custom 404 pages. 2025-10-27 16:14:35 +00:00
Catherine 91cafac86a Apply Content-Type from the manifest to non-200 status pages. 2025-10-27 15:25:14 +00:00
Catherine d0e0f98616 Fix flake, and (actually) disable Renovate auto-merge. 2025-10-27 15:13:50 +00:00
woodpecker-bot b295318118 fix(deps): update all dependencies 2025-10-27 00:11:41 +00:00
Catherine c93bc3a250 CI: run on all branches, but package only on main branch.
This is required for Renovate to work properly.
2025-10-26 05:02:01 +00:00
Catherine 30668be4a0 If an https fallback URL is configured, try TLS for Caddy domain check.
This is added pretty much exclusively for Codeberg Pages v2 migration,
but the implementation is generic enough to be useful for other similar
setups (if anyone ever has to deal with one...)
2025-10-26 04:55:58 +00:00
Catherine 26b926293b Serve X-Content-Type-Options: nosniff.
Mozilla HTTP Observatory cares about this (5 points), and there isn't
really any reason not to send it at all times.
2025-10-24 09:28:49 +00:00
Catherine 68343a3dff Turns out a Web Worker is a type of frame (for COEP purposes). 2025-10-24 09:26:54 +00:00
Catherine fc1582972c Fix flake. 2025-10-23 15:12:29 +00:00
Catherine b6d9f3de61 Renovate: disable automerge so it'd stop breaking the flake. 2025-10-23 15:12:22 +00:00
miyuko d4b779eeb4 Copy root .go files to the builder image in the Dockerfile.
This fixes the image build error where, after having changed the build
command to use the root of the repo instead of ./src, the Go toolchain
is unable to find any .go files to build.
2025-10-23 15:08:10 +01:00
woodpecker-bot f1400aaf62 fix(deps): pin dependencies 2025-10-23 00:11:27 +00:00
miyuko 8f8521d697 Don't compress video or audio files. 2025-10-22 17:25:13 +01:00
miyuko ffedc45a14 Don't send COEP/COOP headers for non-HTML resources. 2025-10-22 17:25:10 +01:00
miyuko d6a7a72e09 Serve compressed content directly if client indicates support. 2025-10-22 16:59:35 +01:00
miyuko aa965c5a08 Use s3:GetObject instead of s3:ListObjects for CheckDomain. 2025-10-22 13:45:15 +01:00
Catherine 34db13e603 Simplify observability code. NFC 2025-10-22 10:44:25 +00:00
Simon Kolkmann d144ea197e Update README. 2025-10-22 11:53:32 +02:00
Catherine d1be93919f Make installable with go install. 2025-10-22 05:24:55 +00:00
Gusted 9f435d6e28 Disable actions/buildah-simple from renovate 2025-10-22 01:37:45 +02:00
miyuko c39e57a857 Fetch manifests in parallel when handling GET requests. 2025-10-22 00:25:21 +01:00
miyuko 3863f0f134 Revert "Add a GetManifests function."
This reverts commit 0a111234f2.
2025-10-22 00:25:21 +01:00
Catherine 9849bcd498 Renovate: disable abandonmentThreshold.
It's fine for a package to stop getting updates if it is feature
complete.
2025-10-21 23:14:15 +00:00
woodpecker-bot 0d7a9aa9eb chore(deps): add renovate.json 2025-10-21 22:59:59 +00:00
Catherine 5e09a2b2bb Add a metric for site space saving due to compression. 2025-10-21 03:54:20 +00:00
Catherine 25f7ea08c9 Sniff Content-Type during site update.
This isn't yet used in the code responding to GET requests because we
do not yet have a migration path for legacy code.
2025-10-21 03:40:29 +00:00
Catherine 0a111234f2 Add a GetManifests function.
Intended as an implementation detail of parallel `getPages`.
2025-10-21 01:40:22 +00:00
Catherine 83c1e564c4 Add stored_size (size after deduplication) to manifest. 2025-10-21 00:49:27 +00:00
Catherine 23b516cf15 Observe timings even for 304 Not Modified responses to manifest loads. 2025-10-21 00:29:42 +00:00
Catherine 99b87226a1 Move update error observation to a single place. NFC 2025-10-18 21:49:54 +00:00
miyuko fcc6245ce8 Respond to webhook deliveries in under 3 seconds. 2025-10-18 04:38:06 +01:00
miyuko 2ac2aee14a Use ETags when refreshing cached manifests. 2025-10-17 21:13:58 +01:00
Catherine d54976e756 Report update errors or timeouts.
Looking through Sentry history, `update <domain> err:` is an extremely
high SNR signal of something going wrong; from configuration errors on
our side, to people pushing too-large git repositories and it failing.
Either way we should know.
2025-10-17 10:33:41 +00:00
Catherine ff6fff2133 Add git_pages_http_request_count metric. 2025-10-17 02:13:06 +00:00
miyuko e709634906 Add classic buckets to git_pages_s3_get_object_duration_seconds. 2025-10-17 03:07:14 +01:00