mirror of
https://codeberg.org/Codeberg/pages-server.git
synced 2025-01-18 16:47:54 +00:00
Pass Gitea API token to requests
This allows to display repos that aren't fully public. Some users seem to be very interested in not having their pages viewable, and it might make even sense to avoid e.g. search engines to read them. If set to some random user string, this could allow to set the visibility at least to limited (so only logged users see the repo), and should allow to view private repos in the future with another API token.
This commit is contained in:
parent
418dbb7315
commit
772c17e214
4 changed files with 9 additions and 6 deletions
|
@ -4,6 +4,7 @@
|
||||||
- `PAGES_DOMAIN` (default: `codeberg.page`): main domain for pages.
|
- `PAGES_DOMAIN` (default: `codeberg.page`): main domain for pages.
|
||||||
- `RAW_DOMAIN` (default: `raw.codeberg.org`): domain for raw resources.
|
- `RAW_DOMAIN` (default: `raw.codeberg.org`): domain for raw resources.
|
||||||
- `GITEA_ROOT` (default: `https://codeberg.org`): root of the upstream Gitea instance.
|
- `GITEA_ROOT` (default: `https://codeberg.org`): root of the upstream Gitea instance.
|
||||||
|
- `GITEA_API_TOKEN` (default: empty): API token for the Gitea instance to access non-public (e.g. limited) repos.
|
||||||
- `REDIRECT_BROKEN_DNS` (default: https://docs.codeberg.org/pages/custom-domains/): info page for setting up DNS, shown for invalid DNS setups.
|
- `REDIRECT_BROKEN_DNS` (default: https://docs.codeberg.org/pages/custom-domains/): info page for setting up DNS, shown for invalid DNS setups.
|
||||||
- `REDIRECT_RAW_INFO` (default: https://docs.codeberg.org/pages/raw-content/): info page for raw resources, shown if no resource is provided.
|
- `REDIRECT_RAW_INFO` (default: https://docs.codeberg.org/pages/raw-content/): info page for raw resources, shown if no resource is provided.
|
||||||
- `ACME_API` (default: https://acme-v02.api.letsencrypt.org/directory): set this to https://acme.mock.director to use invalid certificates without any verification (great for debugging).
|
- `ACME_API` (default: https://acme-v02.api.letsencrypt.org/directory): set this to https://acme.mock.director to use invalid certificates without any verification (great for debugging).
|
||||||
|
|
|
@ -81,7 +81,7 @@ func checkCanonicalDomain(targetOwner, targetRepo, targetBranch, actualDomain st
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
req := fasthttp.AcquireRequest()
|
req := fasthttp.AcquireRequest()
|
||||||
req.SetRequestURI(string(GiteaRoot) + "/api/v1/repos/" + targetOwner + "/" + targetRepo + "/raw/" + targetBranch + "/.domains")
|
req.SetRequestURI(string(GiteaRoot) + "/api/v1/repos/" + targetOwner + "/" + targetRepo + "/raw/" + targetBranch + "/.domains" + "?access_token=" + string(GiteaApiToken))
|
||||||
res := fasthttp.AcquireResponse()
|
res := fasthttp.AcquireResponse()
|
||||||
|
|
||||||
err := upstreamClient.Do(req, res)
|
err := upstreamClient.Do(req, res)
|
||||||
|
|
10
handler.go
10
handler.go
|
@ -152,7 +152,7 @@ func handler(ctx *fasthttp.RequestCtx) {
|
||||||
if len(pathElements) > 2 && strings.HasPrefix(pathElements[2], "@") {
|
if len(pathElements) > 2 && strings.HasPrefix(pathElements[2], "@") {
|
||||||
s.Step("raw domain preparations, now trying with specified branch")
|
s.Step("raw domain preparations, now trying with specified branch")
|
||||||
if tryBranch(targetRepo, pathElements[2][1:], pathElements[3:],
|
if tryBranch(targetRepo, pathElements[2][1:], pathElements[3:],
|
||||||
string(GiteaRoot)+"/"+targetOwner+"/"+targetRepo+"/src/branch/%b/%p",
|
string(GiteaRoot)+"/"+targetOwner+"/"+targetRepo+"/src/branch/%b/%p"+"?access_token="+string(GiteaApiToken),
|
||||||
) {
|
) {
|
||||||
s.Step("tryBranch, now trying upstream")
|
s.Step("tryBranch, now trying upstream")
|
||||||
tryUpstream()
|
tryUpstream()
|
||||||
|
@ -164,7 +164,7 @@ func handler(ctx *fasthttp.RequestCtx) {
|
||||||
} else {
|
} else {
|
||||||
s.Step("raw domain preparations, now trying with default branch")
|
s.Step("raw domain preparations, now trying with default branch")
|
||||||
tryBranch(targetRepo, "", pathElements[2:],
|
tryBranch(targetRepo, "", pathElements[2:],
|
||||||
string(GiteaRoot)+"/"+targetOwner+"/"+targetRepo+"/src/branch/%b/%p",
|
string(GiteaRoot)+"/"+targetOwner+"/"+targetRepo+"/src/branch/%b/%p"+"?access_token="+string(GiteaApiToken),
|
||||||
)
|
)
|
||||||
s.Step("tryBranch, now trying upstream")
|
s.Step("tryBranch, now trying upstream")
|
||||||
tryUpstream()
|
tryUpstream()
|
||||||
|
@ -345,7 +345,7 @@ func getBranchTimestamp(owner, repo, branch string) *branchTimestamp {
|
||||||
if branch == "" {
|
if branch == "" {
|
||||||
// Get default branch
|
// Get default branch
|
||||||
var body = make([]byte, 0)
|
var body = make([]byte, 0)
|
||||||
status, body, err := fasthttp.GetTimeout(body, string(GiteaRoot)+"/api/v1/repos/"+owner+"/"+repo, 5*time.Second)
|
status, body, err := fasthttp.GetTimeout(body, string(GiteaRoot)+"/api/v1/repos/"+owner+"/"+repo+"?access_token="+string(GiteaApiToken), 5*time.Second)
|
||||||
if err != nil || status != 200 {
|
if err != nil || status != 200 {
|
||||||
_ = branchTimestampCache.Set(owner+"/"+repo+"/"+branch, nil, DefaultBranchCacheTimeout)
|
_ = branchTimestampCache.Set(owner+"/"+repo+"/"+branch, nil, DefaultBranchCacheTimeout)
|
||||||
return nil
|
return nil
|
||||||
|
@ -354,7 +354,7 @@ func getBranchTimestamp(owner, repo, branch string) *branchTimestamp {
|
||||||
}
|
}
|
||||||
|
|
||||||
var body = make([]byte, 0)
|
var body = make([]byte, 0)
|
||||||
status, body, err := fasthttp.GetTimeout(body, string(GiteaRoot)+"/api/v1/repos/"+owner+"/"+repo+"/branches/"+branch, 5*time.Second)
|
status, body, err := fasthttp.GetTimeout(body, string(GiteaRoot)+"/api/v1/repos/"+owner+"/"+repo+"/branches/"+branch+"?access_token="+string(GiteaApiToken), 5*time.Second)
|
||||||
if err != nil || status != 200 {
|
if err != nil || status != 200 {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
@ -416,7 +416,7 @@ func upstream(ctx *fasthttp.RequestCtx, targetOwner string, targetRepo string, t
|
||||||
cachedResponse = cachedValue.(fileResponse)
|
cachedResponse = cachedValue.(fileResponse)
|
||||||
} else {
|
} else {
|
||||||
req = fasthttp.AcquireRequest()
|
req = fasthttp.AcquireRequest()
|
||||||
req.SetRequestURI(string(GiteaRoot) + "/api/v1/repos/" + uri)
|
req.SetRequestURI(string(GiteaRoot) + "/api/v1/repos/" + uri + "?access_token=" + string(GiteaApiToken))
|
||||||
res = fasthttp.AcquireResponse()
|
res = fasthttp.AcquireResponse()
|
||||||
res.SetBodyStream(&strings.Reader{}, -1)
|
res.SetBodyStream(&strings.Reader{}, -1)
|
||||||
err = upstreamClient.Do(req, res)
|
err = upstreamClient.Do(req, res)
|
||||||
|
|
2
main.go
2
main.go
|
@ -39,6 +39,8 @@ var MainDomainSuffix = []byte("." + envOr("PAGES_DOMAIN", "codeberg.page"))
|
||||||
// GiteaRoot specifies the root URL of the Gitea instance, without a trailing slash.
|
// GiteaRoot specifies the root URL of the Gitea instance, without a trailing slash.
|
||||||
var GiteaRoot = []byte(envOr("GITEA_ROOT", "https://codeberg.org"))
|
var GiteaRoot = []byte(envOr("GITEA_ROOT", "https://codeberg.org"))
|
||||||
|
|
||||||
|
var GiteaApiToken = []byte(envOr("GITEA_API_TOKEN", ""))
|
||||||
|
|
||||||
//go:embed 404.html
|
//go:embed 404.html
|
||||||
var NotFoundPage []byte
|
var NotFoundPage []byte
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue