summaryrefslogtreecommitdiffstats
path: root/tv/2configs/elm-packages-proxy.nix
diff options
context:
space:
mode:
authortv <tv@krebsco.de>2020-11-23 15:52:51 +0100
committertv <tv@krebsco.de>2020-11-23 15:52:51 +0100
commit5b455f5cca910198dfbb7b0fbd1b01acede64446 (patch)
treecfbc076d517d373a59b33172b1539886751a5472 /tv/2configs/elm-packages-proxy.nix
parentad9b2a538e4adf2401565997351fb5c3539887ac (diff)
tv elm-package-proxy: add rudimentary publish API
Diffstat (limited to 'tv/2configs/elm-packages-proxy.nix')
-rw-r--r--tv/2configs/elm-packages-proxy.nix52
1 files changed, 48 insertions, 4 deletions
diff --git a/tv/2configs/elm-packages-proxy.nix b/tv/2configs/elm-packages-proxy.nix
index 17a0d2304..bc471a322 100644
--- a/tv/2configs/elm-packages-proxy.nix
+++ b/tv/2configs/elm-packages-proxy.nix
@@ -4,20 +4,43 @@
cfg.packageDir = "/var/lib/elm-packages";
cfg.port = 7782;
+ # TODO secret files
+ cfg.htpasswd = "/var/lib/certs/package.elm-lang.org/htpasswd";
+ cfg.sslCertificate = "/var/lib/certs/package.elm-lang.org/fullchain.pem";
+ cfg.sslCertificateKey = "/var/lib/certs/package.elm-lang.org/key.pem";
+
+ semverRegex =
+ "(?<major>0|[1-9]\\d*)\\.(?<minor>0|[1-9]\\d*)\\.(?<patch>0|[1-9]\\d*)(?:-(?<prerelease>(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+(?<buildmetadata>[0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?";
+
in {
services.nginx.virtualHosts."package.elm-lang.org" = {
addSSL = true;
- # TODO secret files
- sslCertificate = "/var/lib/certs/package.elm-lang.org/fullchain.pem";
- sslCertificateKey = "/var/lib/certs/package.elm-lang.org/key.pem";
+ sslCertificate = cfg.sslCertificate;
+ sslCertificateKey = cfg.sslCertificateKey;
locations."/all-packages/since/".extraConfig = ''
proxy_pass http://127.0.0.1:${toString config.krebs.htgen.elm-packages-proxy.port};
proxy_pass_header Server;
'';
- locations."~ ^/packages/(?<author>[A-Za-z0-9-]+)/(?<pname>[A-Za-z0-9-]+)/(?<version>(?<major>0|[1-9]\\d*)\\.(?<minor>0|[1-9]\\d*)\\.(?<patch>0|[1-9]\\d*)(?:-(?<prerelease>(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+(?<buildmetadata>[0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?)/(?:zipball|elm.json|endpoint.json)\$".extraConfig = ''
+ locations."~ ^/packages/(?<author>[A-Za-z0-9-]+)/(?<pname>[A-Za-z0-9-]+)/(?<version>${semverRegex})\$".extraConfig = ''
+ auth_basic "Restricted Area";
+ auth_basic_user_file ${cfg.htpasswd};
+
+ proxy_set_header X-Author $author;
+ proxy_set_header X-Package $pname;
+ proxy_set_header X-Version $version;
+ proxy_pass_header Server;
+
+ if ($request_method != POST) {
+ return 405;
+ }
+
+ proxy_pass http://127.0.0.1:${toString config.krebs.htgen.elm-packages-proxy.port};
+ '';
+
+ locations."~ ^/packages/(?<author>[A-Za-z0-9-]+)/(?<pname>[A-Za-z0-9-]+)/(?<version>${semverRegex})/(?:zipball|elm.json|endpoint.json)\$".extraConfig = ''
set $zipball "${cfg.packageDir}/$author/$pname/$version/zipball";
proxy_set_header X-Author $author;
proxy_set_header X-Package $pname;
@@ -119,6 +142,27 @@ in {
;;
esac
;;
+ 'POST /packages/'*)
+
+ author=$req_x_author
+ pname=$req_x_package
+ version=$req_x_version
+
+ zipball=${cfg.packageDir}/$author/$pname/$version/zipball
+
+ if test -e "$zipball"; then
+ string_response 409 Conflict \
+ "package already exists: $author/$pname@$version" \
+ text/plain
+ else
+ mkdir -p "$(dirname "$zipball")"
+ head -c $req_content_length > "$zipball"
+ string_response 200 OK \
+ "package created: $author/$pname@$version" \
+ text/plain
+ fi
+ exit
+ ;;
'POST /all-packages/since/'*)
# TODO only show newest?