simple authorized_keys file
This commit is contained in:
parent
0b415dfa4a
commit
668e3dd766
|
@ -79,7 +79,7 @@ func initFlags() {
|
||||||
|
|
||||||
flag.BoolVar(&flagDisableUNIXSock, "nounixsock", false, "disable the UNIX socket RPC interface")
|
flag.BoolVar(&flagDisableUNIXSock, "nounixsock", false, "disable the UNIX socket RPC interface")
|
||||||
|
|
||||||
flag.StringVar(&repoDir, "repo", filepath.Join(u.HomeDir, ".ssb-go"), "where to put the log and indexes")
|
flag.StringVar(&repoDir, "repo", filepath.Join(u.HomeDir, ".ssb-go-room"), "where to put the log and indexes")
|
||||||
|
|
||||||
flag.StringVar(&debugAddr, "dbg", "localhost:6078", "listen addr for metrics and pprof HTTP server")
|
flag.StringVar(&debugAddr, "dbg", "localhost:6078", "listen addr for metrics and pprof HTTP server")
|
||||||
flag.StringVar(&logToFile, "path", "", "where to write debug output to (otherwise just stderr)")
|
flag.StringVar(&logToFile, "path", "", "where to write debug output to (otherwise just stderr)")
|
||||||
|
|
|
@ -1,11 +1,14 @@
|
||||||
package roomsrv
|
package roomsrv
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"bufio"
|
||||||
"fmt"
|
"fmt"
|
||||||
"net"
|
"net"
|
||||||
|
"os"
|
||||||
"sync"
|
"sync"
|
||||||
|
|
||||||
kitlog "github.com/go-kit/kit/log"
|
kitlog "github.com/go-kit/kit/log"
|
||||||
|
"github.com/go-kit/kit/log/level"
|
||||||
"go.cryptoscope.co/muxrpc/v2"
|
"go.cryptoscope.co/muxrpc/v2"
|
||||||
|
|
||||||
refs "go.mindeco.de/ssb-refs"
|
refs "go.mindeco.de/ssb-refs"
|
||||||
|
@ -18,6 +21,24 @@ import (
|
||||||
func (s *Server) initNetwork() error {
|
func (s *Server) initNetwork() error {
|
||||||
s.authorizer.lst = make(map[string]struct{})
|
s.authorizer.lst = make(map[string]struct{})
|
||||||
|
|
||||||
|
// simple authorized_keys file, new line delimited @feed.xzy
|
||||||
|
if f, err := os.Open(s.repo.GetPath("authorized_keys")); err == nil {
|
||||||
|
evtAuthedKeys := kitlog.With(s.logger, "event", "authorized_keys")
|
||||||
|
sc := bufio.NewScanner(f)
|
||||||
|
i := 0
|
||||||
|
for sc.Scan() {
|
||||||
|
fr, err := refs.ParseFeedRef(sc.Text())
|
||||||
|
if err != nil {
|
||||||
|
level.Warn(evtAuthedKeys).Log("skipping-line", i+1, "err", err)
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
s.authorizer.Add(*fr)
|
||||||
|
i++
|
||||||
|
}
|
||||||
|
level.Info(evtAuthedKeys).Log("allowing", i)
|
||||||
|
f.Close()
|
||||||
|
}
|
||||||
|
|
||||||
// muxrpc handler creation and authoratization decider
|
// muxrpc handler creation and authoratization decider
|
||||||
mkHandler := func(conn net.Conn) (muxrpc.Handler, error) {
|
mkHandler := func(conn net.Conn) (muxrpc.Handler, error) {
|
||||||
// bypassing badger-close bug to go through with an accept (or not) before closing the bot
|
// bypassing badger-close bug to go through with an accept (or not) before closing the bot
|
||||||
|
|
|
@ -43,6 +43,7 @@ type Server struct {
|
||||||
|
|
||||||
loadUnixSock bool
|
loadUnixSock bool
|
||||||
|
|
||||||
|
repo repo.Interface
|
||||||
repoPath string
|
repoPath string
|
||||||
keyPair *keys.KeyPair
|
keyPair *keys.KeyPair
|
||||||
|
|
||||||
|
@ -108,11 +109,11 @@ func New(opts ...Option) (*Server, error) {
|
||||||
s.rootCtx, s.Shutdown = context.WithCancel(context.Background())
|
s.rootCtx, s.Shutdown = context.WithCancel(context.Background())
|
||||||
}
|
}
|
||||||
|
|
||||||
r := repo.New(s.repoPath)
|
s.repo = repo.New(s.repoPath)
|
||||||
|
|
||||||
if s.keyPair == nil {
|
if s.keyPair == nil {
|
||||||
var err error
|
var err error
|
||||||
s.keyPair, err = repo.DefaultKeyPair(r)
|
s.keyPair, err = repo.DefaultKeyPair(s.repo)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf("sbot: failed to get keypair: %w", err)
|
return nil, fmt.Errorf("sbot: failed to get keypair: %w", err)
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue