4.7 KiB
Yumechi-no-kuni-proxy-worker
This is a misskey proxy worker for ゆめちのくに (Yumechi-no-kuni) instance. Runs natively on both local and Cloudflare Workers environments!
Work in progress! Currently to do:
- Content-Type sniffing
- SVG rendering
- Font rendering (likely will not run on Cloudflare Workers Free plan)
- Preset image resizing
- Opportunistic Redirection on large video files
- RFC9110 compliant proxy loop detection with defensive programming against known vulnerable proxies
- HTTPs only mode and X-Forwarded-Proto reflection
- Cache-Control header
- Rate-limiting on local deployment (untested)
- Read config from Cloudflare
- Timing and Rate-limiting headers (some not available on Cloudflare Workers)
- Tiered rate-limiting
- Lossy WebP on CF Workers
- Cache Results on Cloudflare KV.
- Handle all possible panics reported by Clippy
- Sandboxing the image rendering
Demo
Avatar resizing
Preview at:
Image:
SVG rendering
(font rendering disabled due to size restrictions)
Setup and Deployment
-
Clone this repository. Load the submodules with
git submodule update --init
. -
Install Rust and Cargo, using rustup is recommended. If you do not plan on deploying to Cloudflare Workers, you can remove the
rust-toolchain
file intended to get around cloudflare/worker-rs#668. Otherwise you may need to install that specific version of Rust byrustup install $(cat rust-toolchain)
. -
IF deploying locally:
-
Edit
local.toml
to your liking. The documentations can be opened withcargo doc --open
. -
Test run with
cargo run --features env-local -- -c local.toml
. Additional featuresapparmor
andreuse-port
are available for Linux users. -
Build with
cargo build --features env-local --profile release-local
. The built binary will be intarget/release-local/yumechi-no-kuni-proxy-worker
. You can consider settingRUSTFLAGS="-Ctarget-cpu=native"
for better performance. -
The only flag understood is
-c
for the configuration file. The configuration file is in TOML format. However, theRUST_LOG
environment variable will change the log level. The log level isinfo
by default if the environment variable is not set.
IF deploying to Cloudflare Workers:
Firstly I don't recommend deploying using the free plan because there are much faster implementations that do not or almost do not perform any Image processing. I have this feature mainly because I don't want to pay for a Cloudflare Workers plan just to support this.
The reported CPU time by Cloudflare is consistently over the free plan limit (which is only 10ms! probably not even enough for decoding an image) and will likely be throttled or terminated once you deploy it to real workloads. The paid plan is recommended for this worker.
-
Add the wasm target with
rustup +$(cat rust-toolchain) target add wasm32-unknown-unknown
. -
Have a working JS environment.
-
Install
wrangler
with you JS package manager of choice. See https://developers.cloudflare.com/workers/wrangler/install-and-update/.npx
also works. -
Edit
wrangler.toml
to your liking. Everything in the[vars]
section maps directly into theconfig
section of the TOML configuration file. There is acf-worker-paid
feature set which enable some additional features that will never fit in the free plan, mainly SVG font rendering and some debugging features. -
Test locally with
wrangler dev
. -
Deploy with
wrangler deploy --outdir bundled/
.
-