# Yumechi-no-kuni-proxy-worker This is a misskey proxy worker for ゆめちのくに (Yumechi-no-kuni) instance. Runs natively on both local and Cloudflare Workers environments! Work in progress! Currently to do: - [X] Content-Type sniffing - [X] SVG rendering - [ ] Font rendering (likely will not run on Cloudflare Workers Free plan) - [X] Preset image resizing - [X] Opportunistic Redirection on large video files - [X] RFC9110 compliant proxy loop detection with defensive programming against known vulnerable proxies - [X] HTTPs only mode and X-Forwarded-Proto reflection - [X] Cache-Control header - [X] Rate-limiting on local deployment (untested) - [X] Read config from Cloudflare - [X] Timing and Rate-limiting headers (some not available on Cloudflare Workers) - [ ] Lossy WebP on CF Workers - [ ] Cache Results on Cloudflare KV. - [ ] Handle all possible panics reported by Clippy - [X] Sandboxing the image rendering ## Demo ### Avatar resizing Preview at: [https://yumechi-no-kuni-proxy-worker.eternal-flame-ad.workers.dev/proxy/avatar.webp?url=https://media.misskeyusercontent.com/io/274cc4f7-4674-4db1-9439-9fac08a66aa1.png](https://yumechi-no-kuni-proxy-worker.eternal-flame-ad.workers.dev/proxy/avatar.webp?url=https://media.misskeyusercontent.com/io/274cc4f7-4674-4db1-9439-9fac08a66aa1.png) Image: ![Syuilo Avatar resived.png](https://yumechi-no-kuni-proxy-worker.eternal-flame-ad.workers.dev/proxy/avatar.webp?url=https://media.misskeyusercontent.com/io/274cc4f7-4674-4db1-9439-9fac08a66aa1.png) ### SVG rendering (font rendering disabled due to size restrictions) [https://yumechi-no-kuni-proxy-worker.eternal-flame-ad.workers.dev/proxy/static.webp?url=https://upload.wikimedia.org/wikipedia/commons/a/ad/AES-AddRoundKey.svg](https://yumechi-no-kuni-proxy-worker.eternal-flame-ad.workers.dev/proxy/static.webp?url=https://upload.wikimedia.org/wikipedia/commons/a/ad/AES-AddRoundKey.svg) ![AES-AddRoundKey.svg](https://yumechi-no-kuni-proxy-worker.eternal-flame-ad.workers.dev/proxy/static.webp?url=https://upload.wikimedia.org/wikipedia/commons/a/ad/AES-AddRoundKey.svg) ## Setup and Deployment 1. Clone this repository. Load the submodules with `git submodule update --init`. 2. Install Rust and Cargo, using [rustup](https://rustup.rs/) is recommended. If you do not plan on deploying to Cloudflare Workers, you can remove the `rust-toolchain` file intended to get around [cloudflare/worker-rs#668](https://github.com/cloudflare/workers-rs/issues/668). Otherwise you may need to install that specific version of Rust by `rustup install $(cat rust-toolchain)`. 3. IF deploying locally: 1. Edit `local.toml` to your liking. The documentations can be opened with `cargo doc --open`. 2. Test run with `cargo run --features env-local -- -c local.toml`. Additional features `apparmor` and `reuse-port` are available for Linux users. 3. Build with `cargo build --features env-local --profile release-local`. The built binary will be in `target/release-local/yumechi-no-kuni-proxy-worker`. 4. The only flag understood is `-c` for the configuration file. The configuration file is in TOML format. However, the `RUST_LOG` environment variable will change the log level. The log level is `info` by default if the environment variable is not set. IF deploying to Cloudflare Workers: 5. Add the wasm target with `rustup +$(cat rust-toolchain) target add wasm32-unknown-unknown`. 6. Have a working JS environment. 7. Install `wrangler` with you JS package manager of choice. See https://developers.cloudflare.com/workers/wrangler/install-and-update/. `npx` also works. 8. Edit `wrangler.toml` to your liking. Everything in the `[vars]` section maps directly into the `config` section of the TOML configuration file. There is a `cf-worker-paid` feature set which enable some additional features that will never fit in the free plan, mainly SVG font rendering and some debugging features. 9. Test locally with `wrangler dev`. 10. Deploy with `wrangler deploy --outdir bundled/`.