diff options
author | tv <tv@krebsco.de> | 2020-11-23 15:52:51 +0100 |
---|---|---|
committer | tv <tv@krebsco.de> | 2020-11-23 15:52:51 +0100 |
commit | 5b455f5cca910198dfbb7b0fbd1b01acede64446 (patch) | |
tree | cfbc076d517d373a59b33172b1539886751a5472 /tv | |
parent | ad9b2a538e4adf2401565997351fb5c3539887ac (diff) |
tv elm-package-proxy: add rudimentary publish API
Diffstat (limited to 'tv')
-rw-r--r-- | tv/2configs/elm-packages-proxy.nix | 52 |
1 files changed, 48 insertions, 4 deletions
diff --git a/tv/2configs/elm-packages-proxy.nix b/tv/2configs/elm-packages-proxy.nix index 17a0d2304..bc471a322 100644 --- a/tv/2configs/elm-packages-proxy.nix +++ b/tv/2configs/elm-packages-proxy.nix @@ -4,20 +4,43 @@ cfg.packageDir = "/var/lib/elm-packages"; cfg.port = 7782; + # TODO secret files + cfg.htpasswd = "/var/lib/certs/package.elm-lang.org/htpasswd"; + cfg.sslCertificate = "/var/lib/certs/package.elm-lang.org/fullchain.pem"; + cfg.sslCertificateKey = "/var/lib/certs/package.elm-lang.org/key.pem"; + + semverRegex = + "(?<major>0|[1-9]\\d*)\\.(?<minor>0|[1-9]\\d*)\\.(?<patch>0|[1-9]\\d*)(?:-(?<prerelease>(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+(?<buildmetadata>[0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?"; + in { services.nginx.virtualHosts."package.elm-lang.org" = { addSSL = true; - # TODO secret files - sslCertificate = "/var/lib/certs/package.elm-lang.org/fullchain.pem"; - sslCertificateKey = "/var/lib/certs/package.elm-lang.org/key.pem"; + sslCertificate = cfg.sslCertificate; + sslCertificateKey = cfg.sslCertificateKey; locations."/all-packages/since/".extraConfig = '' proxy_pass http://127.0.0.1:${toString config.krebs.htgen.elm-packages-proxy.port}; proxy_pass_header Server; ''; - locations."~ ^/packages/(?<author>[A-Za-z0-9-]+)/(?<pname>[A-Za-z0-9-]+)/(?<version>(?<major>0|[1-9]\\d*)\\.(?<minor>0|[1-9]\\d*)\\.(?<patch>0|[1-9]\\d*)(?:-(?<prerelease>(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+(?<buildmetadata>[0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?)/(?:zipball|elm.json|endpoint.json)\$".extraConfig = '' + locations."~ ^/packages/(?<author>[A-Za-z0-9-]+)/(?<pname>[A-Za-z0-9-]+)/(?<version>${semverRegex})\$".extraConfig = '' + auth_basic "Restricted Area"; + auth_basic_user_file ${cfg.htpasswd}; + + proxy_set_header X-Author $author; + proxy_set_header X-Package $pname; + proxy_set_header X-Version $version; + proxy_pass_header Server; + + if ($request_method != POST) { + return 405; + } + + proxy_pass http://127.0.0.1:${toString config.krebs.htgen.elm-packages-proxy.port}; + ''; + + locations."~ ^/packages/(?<author>[A-Za-z0-9-]+)/(?<pname>[A-Za-z0-9-]+)/(?<version>${semverRegex})/(?:zipball|elm.json|endpoint.json)\$".extraConfig = '' set $zipball "${cfg.packageDir}/$author/$pname/$version/zipball"; proxy_set_header X-Author $author; proxy_set_header X-Package $pname; @@ -119,6 +142,27 @@ in { ;; esac ;; + 'POST /packages/'*) + + author=$req_x_author + pname=$req_x_package + version=$req_x_version + + zipball=${cfg.packageDir}/$author/$pname/$version/zipball + + if test -e "$zipball"; then + string_response 409 Conflict \ + "package already exists: $author/$pname@$version" \ + text/plain + else + mkdir -p "$(dirname "$zipball")" + head -c $req_content_length > "$zipball" + string_response 200 OK \ + "package created: $author/$pname@$version" \ + text/plain + fi + exit + ;; 'POST /all-packages/since/'*) # TODO only show newest? |