Zhaofeng Li
3d10425b6a
server/config: Fail fast on token decoding errors
2024-10-06 11:19:03 -06:00
Zhaofeng Li
77f76d55ed
server/config: Allow omitting jwt section entirely
2024-10-05 17:42:16 -06:00
Zhaofeng Li
d2363b5879
server/config: Provide instructions for the user to migrate their HS256 config
2024-10-05 11:50:48 -06:00
Zhaofeng Li
5d6560e409
Merge branch 'main' into HEAD
2024-10-05 11:50:16 -06:00
Zhaofeng Li
7050d8f292
rustfmt, clippy
2024-08-19 14:49:56 -04:00
Zhaofeng Li
49c565f792
Use tokio::test instead of tokio-test
2024-08-19 14:49:56 -04:00
Zhaofeng Li
deff31a850
Move chunking to attic crate
2024-08-19 14:49:56 -04:00
Zhaofeng Li
956d6915a5
attic: Split out stream feature
...
Right now it just depends on tokio, but the goal is to support
alternative async runtimes.
2024-08-19 14:49:56 -04:00
Zhaofeng Li
443ceac40f
server: Upsert object row on conflict
...
Upsert instead of doing delete+insert or ignoring the specific error.
Fixes #132 .
2024-08-13 07:39:38 -06:00
Cole Helbling
903fb4e39e
fixup: stream error logging
...
The call to `into_inner()` discards the wrapper type constructed by
`map_err()`. So instead, `map_err()` the actual stream, and call
`Body::from_stream` on the wrapped stream.
2024-07-26 10:21:52 -07:00
Cole Helbling
858e5bec13
Merge remote-tracking branch 'upstream/main' into rs256-support
2024-07-26 07:25:11 -07:00
A cursed quail
759dbc9f7e
sqlite-specific performance tuning
2024-06-08 22:05:37 -05:00
Zhaofeng Li
14cb5f9e46
Trivial semver-incompatible upgrades
2024-06-01 13:47:27 -06:00
Zhaofeng Li
9a6b2cbf1d
server: Upgrade aws-sdk-rust
2024-06-01 13:47:27 -06:00
Zhaofeng Li
bc22e00a3b
server: Upgrade to Axum 0.7
2024-06-01 13:47:27 -06:00
Zhaofeng Li
0558269391
Merge pull request #137 from cole-h/log-stream-errors
...
Log stream errors
2024-06-01 08:17:54 -06:00
Cole Helbling
a4f2cae9dd
Log stream errors
2024-05-28 11:32:43 -07:00
Parnell Springmeyer
d3ffcf885c
Choose a more sensible limit for MySQL, suggested by @baloo
2024-02-28 14:06:31 -08:00
Parnell Springmeyer
2705d1d90b
Limit the chunk finding query, not the GC mark query
2024-02-28 12:53:27 -08:00
Parnell Springmeyer
47f17e0900
gc.rs: LIMIT number of orphan_chunk_ids
; fixes #115
2024-02-28 10:37:36 -08:00
Cole Helbling
41b42b62d5
Merge remote-tracking branch 'upstream/main' into rs256-support
2024-02-26 11:45:09 -08:00
Cole Helbling
756fef8d5f
Support pubkey-only JWT configuration
2024-02-26 11:44:04 -08:00
Zhaofeng Li
9a9e2c0ce1
Merge pull request #98 from Mic92/sharding
...
implement sharding
2024-01-01 09:17:18 -07:00
Zhaofeng Li
7b133bca83
server: Upgrade sea-orm to 0.12.10
...
Co-authored-by: Francesco Gazzetta <fgaz@fgaz.me>
2023-12-18 09:28:58 -07:00
Zhaofeng Li
ab4040a267
Trivial semver-incompatible upgrades
...
Co-authored-by: Francesco Gazzetta <fgaz@fgaz.me>
2023-12-18 09:28:43 -07:00
Zhaofeng Li
9c79f6f5cb
server: Upgrade aws-sdk-rust
...
Co-authored-by: Francesco Gazzetta <fgaz@fgaz.me>
2023-12-18 09:28:43 -07:00
Cole Helbling
26234c294a
cargo fmt
2023-12-18 09:28:43 -07:00
Cole Helbling
0a9d4938ef
Move back to jwt_simple
...
This effectively reverts commit 3e0b65a4c3
.
Because jwt_simple doesn't have a unified type / trait that allows
signature and verification, I had to add a SignatureType enum to
approximate that.
2023-11-12 12:19:22 -08:00
Cole Helbling
32e6d858fa
server: fixup oobe random secret generation
2023-11-12 11:19:34 -08:00
Cole Helbling
427ae4550b
server: support HS256, RS256 JWT secrets
2023-11-12 11:19:34 -08:00
Cole Helbling
20e0a2b3a7
server: support configuring the iss
, aud
claim validation
...
The JWT spec [1] basically says that JWTs must validate the `aud` claim
if its specified:
> If the principal
> processing the claim does not identify itself with a value in the
> "aud" claim when this claim is present, then the JWT MUST be
> rejected.
[1]: https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.3
2023-11-12 11:19:34 -08:00
Cole Helbling
d0dfdde35a
server: rename RS256 secret stuff to note that it's base64 encoded
...
So it's Base64<PEM bytes>, not just PEM bytes.
2023-11-11 12:59:03 -08:00
Graham Christensen
d49cd3383b
Make the nix flake check tests pass
2023-11-11 12:58:59 -08:00
Graham Christensen
9511afde4b
server: HS256 -> RS256 secrets
2023-11-11 12:58:57 -08:00
Graham Christensen
3e0b65a4c3
Migrate to jsonwebtoken
2023-11-11 12:58:55 -08:00
Cole Helbling
9001fa5418
cargo fmt
2023-11-11 12:58:53 -08:00
Jörg Thalheim
484e38094c
implement sharding
...
didn't actually tested the code
2023-11-11 07:37:17 +01:00
Zhaofeng Li
f4cf5704d6
Fix lint
...
get_or_insert_permission_mut returns a mut reference.
Fixes #77 .
2023-08-13 18:23:30 -06:00
Travis Staton
91d8bd5cdc
fix chunk deletion bug
...
fetch all deleted chunks, not just the ones that just transitioned
2023-06-25 13:51:26 -04:00
Zhaofeng Li
564b4be0f9
Update sea-orm to 0.11.3
...
This commit drops support of Nixpkgs 22.11. Users should upgrade to
23.05 or use the pinned nixpkgs version in the flake.
2023-06-12 18:52:16 -06:00
Zhaofeng Li
2d0aeefd2f
Trivial semver-incompatible upgrades
2023-05-28 15:23:45 -06:00
Zhaofeng Li
1b980a9640
server: Upgrade async-compression
2023-05-28 15:23:45 -06:00
Zhaofeng Li
1a0116fee8
server: Upgrade aws-sdk-rust
2023-05-28 15:23:45 -06:00
Zhaofeng Li
6489d775ae
Update deps
2023-05-28 15:23:45 -06:00
Charlotte 🦝 Delenk
c686b2c1ea
Increase narinfo size limit to 1MiB
...
I was still encountering failures due to narinfo files being too large,
even with the increased 64kiB limit. This commit increases it to 1MiB
which is hopefully larger than any “reasonable” derivation, while also
not being too large for the server to keep in memory at once.
2023-04-06 10:03:00 +01:00
Zhaofeng Li
94a1d44a10
server: Only read PUT payload up to the claimed size
2023-03-21 18:45:34 -06:00
Zhaofeng Li
ba8bd5d66c
Thanks clippy
2023-03-21 18:45:34 -06:00
Zhaofeng Li
22626efd35
Trivial semver-incompatible upgrades
2023-03-05 11:05:11 -07:00
Zhaofeng Li
c3c7c10c05
Upgrade toml
2023-03-05 11:05:11 -07:00
Zhaofeng Li
97285de54f
Upgrade base64
2023-03-05 11:05:11 -07:00