Draft incorporating firewall
Some checks failed
Check the description in CHANGELOG.md / check-changelog (pull_request) Has been cancelled
Check SPDX-License-Identifier / check-spdx-license-id (pull_request) Has been cancelled
Dockle / dockle (pull_request) Has been cancelled
Test (production install and build) / production (20.16.0) (pull_request) Has been cancelled
Pull Request Labeler / triage (pull_request) Has been cancelled

Signed-off-by: eternal-flame-AD <yume@yumechi.jp>
This commit is contained in:
ゆめ 2024-10-16 18:54:28 -05:00
parent 2518cf36d0
commit 6e8add8f70
No known key found for this signature in database
6 changed files with 2019 additions and 1 deletions

View file

@ -11,5 +11,8 @@
"editor.codeActionsOnSave": {
"source.fixAll": "explicit"
},
"editor.formatOnSave": false
"editor.formatOnSave": false,
"rust-analyzer.linkedProjects": [
"yume-mods/nyuukyou/Cargo.toml",
]
}

View file

@ -1,4 +1,20 @@
services:
nyuukyou:
build: yume-mods/nyuukyou
restart: always
links:
- web
depends_on:
web:
condition: service_healthy
networks:
- internal_network
- external_network
ports:
- "3001:3001"
volumes:
- ./nyuukyou:/store
web:
build: .
restart: always

1900
yume-mods/nyuukyou/Cargo.lock generated Normal file

File diff suppressed because it is too large Load diff

View file

@ -0,0 +1,12 @@
[package]
name = "nyuukyou"
version = "0.1.0"
edition = "2021"
[dependencies]
axum = "0.7"
clap = { version = "4.5.20", features = ["derive"] }
env_logger = "0.11.5"
fedivet = { git = "https://forge.yumechi.jp/yume/fedivet", tag = "testing-audit" }
serde = { version = "1.0.210", features = ["derive"] }
tokio = { version = "1" }

View file

@ -0,0 +1,24 @@
FROM archlinux AS builder
RUN pacman -Sy --noconfirm \
base-devel \
git
RUN curl -sSL https://sh.rustup.rs | bash -s -- -y --default-toolchain nightly
COPY . /src
RUN cd /src && bash -c '. $HOME/.cargo/env; cargo build --release' && \
mkdir -p /target/usr/local/bin && cp /src/target/release/nyuukyou /target/usr/local/bin/nyuukyou
FROM archlinux
COPY --from=builder /target/ /
RUN pacman -Sy --noconfirm curl && \
useradd -m -u 1000 -r nyuukyou
USER nyuukyou
ENTRYPOINT [ "/usr/local/bin/nyuukyou" ]

View file

@ -0,0 +1,63 @@
use std::path::PathBuf;
use std::sync::Arc;
use axum::response::IntoResponse;
use clap::Parser;
use fedivet::evaluate::chain::audit::AuditOptions;
use fedivet::evaluate::Evaluator;
use fedivet::model::error::MisskeyError;
use fedivet::serve;
use fedivet::BaseAppState;
use fedivet::HasAppState;
use serde::Serialize;
#[derive(Parser)]
pub struct Args {
#[clap(short, long, default_value = "127.0.0.1:3001")]
pub listen: String,
#[clap(short, long, default_value = "http://web:3000")]
pub backend: String,
#[clap(long)]
pub tls_cert: Option<String>,
#[clap(long)]
pub tls_key: Option<String>,
}
#[allow(clippy::unused_async)]
async fn build_state<E: IntoResponse + Clone + Serialize + Send + Sync + 'static>(
base: Arc<BaseAppState<E>>,
_args: &Args,
) -> impl HasAppState<E> + Evaluator<E> {
base.audited(AuditOptions::new(PathBuf::from("/store/log/audit/incoming")))
}
#[tokio::main]
async fn main() {
if std::env::var("RUST_LOG").is_err() {
std::env::set_var("RUST_LOG", "info");
}
env_logger::init();
let args = Args::parse();
let state = build_state::<MisskeyError>(
Arc::new(BaseAppState::new(
args.backend.parse().expect("Invalid backend URL"),
)),
&args,
)
.await;
serve::run(
state.clone(),
serve::start(
state,
&args.listen,
args.tls_cert.as_deref(),
args.tls_key.as_deref(),
)
.await,
)
.await;
}