From 5b921c52f6570e46fff211f51f44902c326256e5 Mon Sep 17 00:00:00 2001 From: kjwon15 Date: Thu, 27 Dec 2018 16:38:19 +0900 Subject: [PATCH 1/7] Make Dokku-able --- .gitignore | 3 +++ Procfile | 1 + app.json | 7 +++++++ bin/pre-deploy | 20 ++++++++++++++++++++ 4 files changed, 31 insertions(+) create mode 100644 Procfile create mode 100644 app.json create mode 100755 bin/pre-deploy diff --git a/.gitignore b/.gitignore index 18f9b3b..5011ae1 100644 --- a/.gitignore +++ b/.gitignore @@ -96,3 +96,6 @@ ENV/ viera.yaml viera.jsonld + +relay.jsonld +relay.yaml diff --git a/Procfile b/Procfile new file mode 100644 index 0000000..93b6f8b --- /dev/null +++ b/Procfile @@ -0,0 +1 @@ +web: python -m relay diff --git a/app.json b/app.json new file mode 100644 index 0000000..c9a9b8a --- /dev/null +++ b/app.json @@ -0,0 +1,7 @@ +{ + "scripts": { + "dokku": { + "predeploy": "./bin/pre-deploy" + } + } +} diff --git a/bin/pre-deploy b/bin/pre-deploy new file mode 100755 index 0000000..e76271f --- /dev/null +++ b/bin/pre-deploy @@ -0,0 +1,20 @@ +#!/bin/bash + +cat << EOF > relay.yaml +# this is the path that the object graph will get dumped to (in JSON-LD format), +# you probably shouldn't change it, but you can if you want. +db: relay.jsonld + +# Listener +listen: 0.0.0.0 +port: ${PORT:-8080} + +# Note +note: "Make a note about your instance here." + +# this section is for ActivityPub +ap: + # this is used for generating activitypub messages, as well as instructions for + # linking AP identities. it should be an SSL-enabled domain reachable by https. + host: '$HOSTNAME' +EOF From 94a1b633e80daedf1ebc1e16738bee2b702ebb72 Mon Sep 17 00:00:00 2001 From: kjwon15 Date: Thu, 27 Dec 2018 17:06:52 +0900 Subject: [PATCH 2/7] Fix GIT_REV on dokku --- bin/pre-deploy | 2 +- relay/nodeinfo.py | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/bin/pre-deploy b/bin/pre-deploy index e76271f..0df205d 100755 --- a/bin/pre-deploy +++ b/bin/pre-deploy @@ -7,7 +7,7 @@ db: relay.jsonld # Listener listen: 0.0.0.0 -port: ${PORT:-8080} +port: ${PORT:-5000} # Note note: "Make a note about your instance here." diff --git a/relay/nodeinfo.py b/relay/nodeinfo.py index 5556e14..11e7f39 100644 --- a/relay/nodeinfo.py +++ b/relay/nodeinfo.py @@ -1,3 +1,4 @@ +import os import subprocess import urllib.parse @@ -10,7 +11,7 @@ from .database import DATABASE try: commit_label = subprocess.check_output(["git", "rev-parse", "HEAD"]).strip().decode('ascii') except: - commit_label = '???' + commit_label = os.environ.get('GIT_REV') nodeinfo_template = { From 9dc8743fe3efc01006755695a671983a32723bb6 Mon Sep 17 00:00:00 2001 From: kjwon15 Date: Thu, 27 Dec 2018 17:25:42 +0900 Subject: [PATCH 3/7] Set blocked_instances as empty array --- bin/pre-deploy | 1 + 1 file changed, 1 insertion(+) diff --git a/bin/pre-deploy b/bin/pre-deploy index 0df205d..af4c04c 100755 --- a/bin/pre-deploy +++ b/bin/pre-deploy @@ -17,4 +17,5 @@ ap: # this is used for generating activitypub messages, as well as instructions for # linking AP identities. it should be an SSL-enabled domain reachable by https. host: '$HOSTNAME' + blocked_instances: [] EOF From a87c6c8220d81aacd63f6856130e1c5b8458c9e8 Mon Sep 17 00:00:00 2001 From: kjwon15 Date: Thu, 27 Dec 2018 17:51:31 +0900 Subject: [PATCH 4/7] Fix encoding --- relay/actor.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/relay/actor.py b/relay/actor.py index eb5c869..6eee902 100644 --- a/relay/actor.py +++ b/relay/actor.py @@ -22,8 +22,8 @@ if "actorKeys" not in DATABASE: pubkey = privkey.publickey() DATABASE["actorKeys"] = { - "publicKey": pubkey.exportKey('PEM'), - "privateKey": privkey.exportKey('PEM') + "publicKey": pubkey.exportKey('PEM').decode('UTF-8'), + "privateKey": privkey.exportKey('PEM').decode('UTF-8') } From b97720cbd722c62b797f3fe571ec85fc080ee450 Mon Sep 17 00:00:00 2001 From: kjwon15 Date: Thu, 27 Dec 2018 18:48:40 +0900 Subject: [PATCH 5/7] Persist db --- app.json | 9 +++++++++ bin/pre-deploy | 2 +- 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/app.json b/app.json index c9a9b8a..087b641 100644 --- a/app.json +++ b/app.json @@ -1,4 +1,13 @@ { + "dokku": { + "volumes": [ + { + "host": "/var/lib/dokku/data/storage/$APP/files", + "app": "/app/files", + "phases": "deploy,run" + } + ] + }, "scripts": { "dokku": { "predeploy": "./bin/pre-deploy" diff --git a/bin/pre-deploy b/bin/pre-deploy index af4c04c..9ac6ba8 100755 --- a/bin/pre-deploy +++ b/bin/pre-deploy @@ -3,7 +3,7 @@ cat << EOF > relay.yaml # this is the path that the object graph will get dumped to (in JSON-LD format), # you probably shouldn't change it, but you can if you want. -db: relay.jsonld +db: files/relay.jsonld # Listener listen: 0.0.0.0 From c1f1cfe0660e672ab95fc62e9874922450210114 Mon Sep 17 00:00:00 2001 From: kjwon15 Date: Thu, 27 Dec 2018 18:55:00 +0900 Subject: [PATCH 6/7] Add white list policy --- bin/pre-deploy | 23 ++++------------------- relay/actor.py | 10 +++++++++- relay_template.yaml | 23 +++++++++++++++++++++++ 3 files changed, 36 insertions(+), 20 deletions(-) create mode 100644 relay_template.yaml diff --git a/bin/pre-deploy b/bin/pre-deploy index 9ac6ba8..51e37f6 100755 --- a/bin/pre-deploy +++ b/bin/pre-deploy @@ -1,21 +1,6 @@ #!/bin/bash -cat << EOF > relay.yaml -# this is the path that the object graph will get dumped to (in JSON-LD format), -# you probably shouldn't change it, but you can if you want. -db: files/relay.jsonld - -# Listener -listen: 0.0.0.0 -port: ${PORT:-5000} - -# Note -note: "Make a note about your instance here." - -# this section is for ActivityPub -ap: - # this is used for generating activitypub messages, as well as instructions for - # linking AP identities. it should be an SSL-enabled domain reachable by https. - host: '$HOSTNAME' - blocked_instances: [] -EOF +sed \ + -e "s/__PORT__/${PORT:-5000}/g" \ + -e "s/__HOSTNAME__/$HOSTNAME/g" \ + relay_template.yaml > relay.yaml diff --git a/relay/actor.py b/relay/actor.py index 6eee902..3c4e352 100644 --- a/relay/actor.py +++ b/relay/actor.py @@ -35,7 +35,11 @@ from . import app, CONFIG from .remote_actor import fetch_actor -AP_CONFIG = CONFIG.get('ap', {'host': 'localhost','blocked_instances':[]}) +AP_CONFIG = CONFIG.get('ap', { + 'host': 'localhost', + 'blocked_instances': [], + 'allowed_instances': [], +}) CACHE_SIZE = CONFIG.get('cache-size', 16384) @@ -218,6 +222,10 @@ async def handle_follow(actor, data, request): if urlsplit(inbox).hostname in AP_CONFIG['blocked_instances']: return + if AP_CONFIG['allowed_instances'] and\ + urlsplit(inbox).hostname not in AP_CONFIG['allowed_instances']: + return + if inbox not in following: following += [inbox] DATABASE['relay-list'] = following diff --git a/relay_template.yaml b/relay_template.yaml new file mode 100644 index 0000000..7c8aec1 --- /dev/null +++ b/relay_template.yaml @@ -0,0 +1,23 @@ +# this is the path that the object graph will get dumped to (in JSON-LD format), +# you probably shouldn't change it, but you can if you want. +db: files/relay.jsonld + +# Listener +listen: 0.0.0.0 +port: __PORT__ + +# Note +note: "Make a note about your instance here." + +# this section is for ActivityPub +ap: + # this is used for generating activitypub messages, as well as instructions for + # linking AP identities. it should be an SSL-enabled domain reachable by https. + host: '__HOSTNAME__' + blocked_instances: [] + allowed_instances: + - edge.twingyeo.kr + - planet.moe + - qdon.space + - twingyeo.kr + - uri.life From 6b8c2354fd3ca3f74ad41c87e91a931f817b8be2 Mon Sep 17 00:00:00 2001 From: kjwon15 Date: Wed, 9 Jan 2019 22:17:01 +0900 Subject: [PATCH 7/7] Add doctype to html --- relay/default.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/relay/default.py b/relay/default.py index b3a1836..6c84657 100644 --- a/relay/default.py +++ b/relay/default.py @@ -14,7 +14,7 @@ async def default(request): status=200, content_type="text/html", charset="utf-8", - text=""" + text=""" ActivityPub Relay at {host}