tjh.dev / core
forked from tangled.org/core
this repo has no description
fork atom

knotserver: add hostname config

anirudh.fi f787e5e4 a37a33f5

verified
+16 -58
-45
cmd/keyfetch/format_test.go
··· 1 - package main 2 - 3 - import "testing" 4 - 5 - func TestFormatKeyData(t *testing.T) { 6 - tests := []struct { 7 - name string 8 - repoguardPath string 9 - data map[string]string 10 - want string 11 - }{ 12 - { 13 - name: "single user", 14 - repoguardPath: "/usr/bin/repoguard", 15 - data: map[string]string{ 16 - "user1": "ssh-rsa AAAA...", 17 - }, 18 - want: `command="/usr/bin/repoguard -base-dir /home/git -user user1 -log-path /home/git/log ",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa AAAA...` + "\n", 19 - }, 20 - { 21 - name: "multiple users", 22 - repoguardPath: "/usr/bin/repoguard", 23 - data: map[string]string{ 24 - "user1": "ssh-rsa AAAA...", 25 - "user2": "ssh-rsa BBBB...", 26 - }, 27 - want: `command="/usr/bin/repoguard -base-dir /home/git -user user1 -log-path /home/git/log ",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa AAAA...` + "\n" + 28 - `command="/usr/bin/repoguard -base-dir /home/git -user user2 -log-path /home/git/log ",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa BBBB...` + "\n", 29 - }, 30 - { 31 - name: "empty data", 32 - repoguardPath: "/usr/bin/repoguard", 33 - data: map[string]string{}, 34 - want: "", 35 - }, 36 - } 37 - 38 - for _, tt := range tests { 39 - t.Run(tt.name, func(t *testing.T) { 40 - if got := formatKeyData(tt.repoguardPath, tt.data); got != tt.want { 41 - t.Errorf("formatKeyData() = %v, want %v", got, tt.want) 42 - } 43 - }) 44 - } 45 - }
+4 -8
cmd/knotserver/main.go
··· 2 2 3 3 import ( 4 4 "context" 5 - "fmt" 6 5 "net/http" 7 6 8 7 "github.com/sotangled/tangled/knotserver" ··· 46 45 l.Error("failed to setup server", "error", err) 47 46 return 48 47 } 49 - addr := fmt.Sprintf("%s:%d", c.Server.Host, c.Server.Port) 50 - 51 48 imux := knotserver.Internal(ctx, db, e) 52 - iaddr := fmt.Sprintf("%s:%d", c.Server.Host, c.Server.InternalPort) 53 49 54 - l.Info("starting internal server", "address", iaddr) 55 - go http.ListenAndServe(iaddr, imux) 50 + l.Info("starting internal server", "address", c.Server.InternalListenAddr) 51 + go http.ListenAndServe(c.Server.InternalListenAddr, imux) 56 52 57 - l.Info("starting main server", "address", addr) 58 - l.Error("server error", "error", http.ListenAndServe(addr, mux)) 53 + l.Info("starting main server", "address", c.Server.ListenAddr) 54 + l.Error("server error", "error", http.ListenAndServe(c.Server.ListenAddr, mux)) 59 55 60 56 return 61 57 }
+6 -5
knotserver/config/config.go
··· 13 13 } 14 14 15 15 type Server struct { 16 - Host string `env:"HOST, default=0.0.0.0"` 17 - Port int `env:"PORT, default=5555"` 18 - InternalPort int `env:"PORT, default=5444"` 19 - Secret string `env:"SECRET, required"` 20 - DBPath string `env:"DB_PATH, default=knotserver.db"` 16 + ListenAddr string `env:"LISTEN_ADDR, default=0.0.0.0:5555"` 17 + InternalListenAddr string `env:"INTERNAL_LISTEN_ADDR, default=0.0.0.0:5444"` 18 + Secret string `env:"SECRET, required"` 19 + DBPath string `env:"DB_PATH, default=knotserver.db"` 20 + Hostname string `env:"HOSTNAME, required"` 21 + 21 22 // This disables signature verification so use with caution. 22 23 Dev bool `env:"DEV, default=false"` 23 24 }
+6
knotserver/jetstream.go
··· 110 110 111 111 func (h *Handle) processKnotMember(ctx context.Context, did string, record map[string]interface{}) error { 112 112 l := log.FromContext(ctx) 113 + 114 + if record["domain"] != h.c.Server.Hostname { 115 + l.Error("domain mismatch", "domain", record["domain"], "expected", h.c.Server.Hostname) 116 + return fmt.Errorf("domain mismatch: %s != %s", record["domain"], h.c.Server.Hostname) 117 + } 118 + 113 119 ok, err := h.e.E.Enforce(did, ThisServer, ThisServer, "server:invite") 114 120 if err != nil || !ok { 115 121 l.Error("failed to add member", "did", did)