diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..2eea525 --- /dev/null +++ b/.dockerignore @@ -0,0 +1 @@ +.env \ No newline at end of file diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..2eea525 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.env \ No newline at end of file diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..21c2618 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,16 @@ +FROM golang:1.22-alpine as build + +WORKDIR /app +COPY . . + +ENV GOCACHE=/root/.cache/go-build +RUN --mount=type=cache,target="/root/.cache/go-build" go build . +RUN --mount=type=cache,target="/root/.cache/go-build" go build -C cert . + +FROM nginx:alpine-slim + +COPY --from=build app app +WORKDIR /app +COPY nginx.conf /etc/nginx/nginx.conf + +ENTRYPOINT [ "sh", "entrypoint.sh" ] \ No newline at end of file diff --git a/README.md b/README.md new file mode 100644 index 0000000..fe4be18 --- /dev/null +++ b/README.md @@ -0,0 +1,5 @@ +# how to run +`docker run -p 443:443 -p 80:80 --name gitea-pages -v gitea-pages-ssl:/etc/ssl -d gitea-pages` +## gen ssl (first run) +`docker exec -it gp /app/cert/cert root.domain` +and restart docker container! \ No newline at end of file diff --git a/cert/cert.go b/cert/cert.go new file mode 100644 index 0000000..e19d71c --- /dev/null +++ b/cert/cert.go @@ -0,0 +1,130 @@ +package main + +import ( + "crypto" + "crypto/ecdsa" + "crypto/elliptic" + "crypto/rand" + "fmt" + "log" + "os" + + "github.com/go-acme/lego/v4/certcrypto" + "github.com/go-acme/lego/v4/certificate" + "github.com/go-acme/lego/v4/challenge/dns01" + "github.com/go-acme/lego/v4/lego" + "github.com/go-acme/lego/v4/registration" +) + +// You'll need a user or account type that implements acme.User +type MyUser struct { + Email string + Registration *registration.Resource + key crypto.PrivateKey +} + +func (u *MyUser) GetEmail() string { + return u.Email +} +func (u MyUser) GetRegistration() *registration.Resource { + return u.Registration +} +func (u *MyUser) GetPrivateKey() crypto.PrivateKey { + return u.key +} + +type DNSProviderBestDNS struct { + apiAuthToken string +} + +func NewDNSProviderBestDNS(apiAuthToken string) (*DNSProviderBestDNS, error) { + return &DNSProviderBestDNS{apiAuthToken: apiAuthToken}, nil +} +func (d *DNSProviderBestDNS) Present(domain, token, keyAuth string) error { + info := dns01.GetChallengeInfo(domain, keyAuth) + fmt.Println() + fmt.Println("------") + fmt.Println() + fmt.Println("Please create DNS TXT record, for domain", info.FQDN, "with these content:") + fmt.Println() + fmt.Println(info.Value) + fmt.Println() + fmt.Println("------") + fmt.Scanln() + // make API request to set a TXT record on fqdn with value and TTL + return nil +} +func (d *DNSProviderBestDNS) CleanUp(domain, token, keyAuth string) error { + // clean up any state you created in Present, like removing the TXT record + fmt.Println("------") + fmt.Println() + fmt.Println("you can delete the TXT record, and press enter to continue") + fmt.Println() + fmt.Println("------") + fmt.Scanln() + return nil +} + +func main() { + if len(os.Args) != 2 { + fmt.Println("usage: ./cert root.domain") + os.Exit(1) + } + fmt.Println("root domain is", os.Args[1]) + // Create a user. New accounts need an email and private key to start. + privateKey, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader) + if err != nil { + log.Fatal(err) + } + var email string + fmt.Print("enter you email > ") + fmt.Scanln(&email) + myUser := MyUser{ + Email: email, + key: privateKey, + } + + config := lego.NewConfig(&myUser) + + //config.CADirURL = lego.LEDirectoryStaging + config.Certificate.KeyType = certcrypto.RSA2048 + + // A client facilitates communication with the CA server. + client, err := lego.NewClient(config) + if err != nil { + log.Fatal(err) + } + + bestDNS, err := NewDNSProviderBestDNS("my-auth-token") + if err != nil { + log.Fatal(err) + } + err = client.Challenge.SetDNS01Provider(bestDNS) + if err != nil { + log.Fatal(err) + } + + // New users will need to register + reg, err := client.Registration.Register(registration.RegisterOptions{TermsOfServiceAgreed: true}) + if err != nil { + log.Fatal(err) + } + myUser.Registration = reg + + request := certificate.ObtainRequest{ + Domains: []string{os.Args[1], "*." + os.Args[1]}, + Bundle: true, + } + certificates, err := client.Certificate.Obtain(request) + if err != nil { + log.Fatal(err) + } + + // Each certificate comes back with the cert bytes, the bytes of the client's + // private key, and a certificate URL. SAVE THESE TO DISK. + os.Mkdir("/etc/ssl", 0777) + os.WriteFile("/etc/ssl/cert.crt", certificates.Certificate, 0777) + os.WriteFile("/etc/ssl/priv.key", certificates.PrivateKey, 0777) + + // ... all done. +} diff --git a/entrypoint.sh b/entrypoint.sh new file mode 100755 index 0000000..438a9d3 --- /dev/null +++ b/entrypoint.sh @@ -0,0 +1,8 @@ +#!/bin/bash +if [ -e /etc/ssl/cert.crt ] && [ -e /etc/ssl/priv.key ] +then + nginx & GIN_MODE=release ./giteapages +else + echo "create certs first" + tail -f /dev/null +fi diff --git a/go.mod b/go.mod index 6499286..6dc080c 100644 --- a/go.mod +++ b/go.mod @@ -2,13 +2,19 @@ module mi6e4ka/giteapages go 1.22.0 -require github.com/gin-gonic/gin v1.9.1 +require ( + github.com/gin-gonic/gin v1.9.1 + github.com/go-acme/lego/v4 v4.16.1 + github.com/joho/godotenv v1.5.1 +) require ( github.com/bytedance/sonic v1.9.1 // indirect + github.com/cenkalti/backoff/v4 v4.2.1 // indirect github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311 // indirect github.com/gabriel-vasile/mimetype v1.4.2 // indirect github.com/gin-contrib/sse v0.1.0 // indirect + github.com/go-jose/go-jose/v4 v4.0.1 // indirect github.com/go-playground/locales v0.14.1 // indirect github.com/go-playground/universal-translator v0.18.1 // indirect github.com/go-playground/validator/v10 v10.14.0 // indirect @@ -16,17 +22,20 @@ require ( github.com/json-iterator/go v1.1.12 // indirect github.com/klauspost/cpuid/v2 v2.2.4 // indirect github.com/leodido/go-urn v1.2.4 // indirect - github.com/mattn/go-isatty v0.0.19 // indirect + github.com/mattn/go-isatty v0.0.20 // indirect + github.com/miekg/dns v1.1.58 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect github.com/pelletier/go-toml/v2 v2.0.8 // indirect github.com/twitchyliquid64/golang-asm v0.15.1 // indirect github.com/ugorji/go/codec v1.2.11 // indirect golang.org/x/arch v0.3.0 // indirect - golang.org/x/crypto v0.9.0 // indirect - golang.org/x/net v0.10.0 // indirect - golang.org/x/sys v0.8.0 // indirect - golang.org/x/text v0.9.0 // indirect - google.golang.org/protobuf v1.30.0 // indirect + golang.org/x/crypto v0.19.0 // indirect + golang.org/x/mod v0.14.0 // indirect + golang.org/x/net v0.20.0 // indirect + golang.org/x/sys v0.17.0 // indirect + golang.org/x/text v0.14.0 // indirect + golang.org/x/tools v0.17.0 // indirect + google.golang.org/protobuf v1.31.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/go.sum b/go.sum index 1a77fa1..d08871a 100644 --- a/go.sum +++ b/go.sum @@ -1,6 +1,8 @@ github.com/bytedance/sonic v1.5.0/go.mod h1:ED5hyg4y6t3/9Ku1R6dU/4KyJ48DZ4jPhfY1O2AihPM= github.com/bytedance/sonic v1.9.1 h1:6iJ6NqdoxCDr6mbY8h18oSO+cShGSMRGCEo7F2h0x8s= github.com/bytedance/sonic v1.9.1/go.mod h1:i736AoUSYt75HyZLoJW9ERYxcy6eaN6h4BZXU064P/U= +github.com/cenkalti/backoff/v4 v4.2.1 h1:y4OZtCnogmCPw98Zjyt5a6+QwPLGkiQsYW5oUqylYbM= +github.com/cenkalti/backoff/v4 v4.2.1/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE= github.com/chenzhuoyu/base64x v0.0.0-20211019084208-fb5309c8db06/go.mod h1:DH46F32mSOjUmXrMHnKwZdA8wcEefY7UVqBKYGjpdQY= github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311 h1:qSGYFH7+jGhDF8vLC+iwCD4WpbV1EBDSzWkJODFLams= github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311/go.mod h1:b583jCggY9gE99b6G5LEC39OIiVsWj+R97kbl5odCEk= @@ -13,6 +15,10 @@ github.com/gin-contrib/sse v0.1.0 h1:Y/yl/+YNO8GZSjAhjMsSuLt29uWRFHdHYUb5lYOV9qE github.com/gin-contrib/sse v0.1.0/go.mod h1:RHrZQHXnP2xjPF+u1gW/2HnVO7nvIa9PG3Gm+fLHvGI= github.com/gin-gonic/gin v1.9.1 h1:4idEAncQnU5cB7BeOkPtxjfCSye0AAm1R0RVIqJ+Jmg= github.com/gin-gonic/gin v1.9.1/go.mod h1:hPrL7YrpYKXt5YId3A/Tnip5kqbEAP+KLuI3SUcPTeU= +github.com/go-acme/lego/v4 v4.16.1 h1:JxZ93s4KG0jL27rZ30UsIgxap6VGzKuREsSkkyzeoCQ= +github.com/go-acme/lego/v4 v4.16.1/go.mod h1:AVvwdPned/IWpD/ihHhMsKnveF7HHYAz/CmtXi7OZoE= +github.com/go-jose/go-jose/v4 v4.0.1 h1:QVEPDE3OluqXBQZDcnNvQrInro2h0e4eqNbnZSWqS6U= +github.com/go-jose/go-jose/v4 v4.0.1/go.mod h1:WVf9LFMHh/QVrmqrOfqun0C45tMe3RoiKJMPvgWwLfY= github.com/go-playground/assert/v2 v2.2.0 h1:JvknZsQTYeFEAhQwI4qEt9cyV5ONwRHC+lYKSsYSR8s= github.com/go-playground/assert/v2 v2.2.0/go.mod h1:VDjEfimB/XKnb+ZQfWdccd7VUvScMdVu0Titje2rxJ4= github.com/go-playground/locales v0.14.1 h1:EWaQ/wswjilfKLTECiXz7Rh+3BjFhfDFKv/oXslEjJA= @@ -24,9 +30,12 @@ github.com/go-playground/validator/v10 v10.14.0/go.mod h1:9iXMNT7sEkjXb0I+enO7QX github.com/goccy/go-json v0.10.2 h1:CrxCmQqYDkv1z7lO7Wbh2HN93uovUHgrECaO5ZrCXAU= github.com/goccy/go-json v0.10.2/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I= github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= -github.com/google/go-cmp v0.5.5 h1:Khx7svrCpmxxtHBq5j2mp/xVjsi8hQMfNLvJFAlrGgU= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= +github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/joho/godotenv v1.5.1 h1:7eLL/+HRGLY0ldzfGMeQkb7vMd0as4CfYvUVzLqw0N0= +github.com/joho/godotenv v1.5.1/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4= github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg= @@ -34,8 +43,10 @@ github.com/klauspost/cpuid/v2 v2.2.4 h1:acbojRNwl3o09bUq+yDCtZFc1aiwaAAxtcn8YkZX github.com/klauspost/cpuid/v2 v2.2.4/go.mod h1:RVVoqg1df56z8g3pUjL/3lE5UfnlrJX8tyFgg4nqhuY= github.com/leodido/go-urn v1.2.4 h1:XlAE/cm/ms7TE/VMVoduSpNBoyc2dOxHs5MZSwAN63Q= github.com/leodido/go-urn v1.2.4/go.mod h1:7ZrI8mTSeBSHl/UaRyKQW1qZeMgak41ANeCNaVckg+4= -github.com/mattn/go-isatty v0.0.19 h1:JITubQf0MOLdlGRuRq+jtsDlekdYPia9ZFsB8h/APPA= -github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= +github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= +github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= +github.com/miekg/dns v1.1.58 h1:ca2Hdkz+cDg/7eNF6V56jjzuZ4aCAE+DbVkILdQWG/4= +github.com/miekg/dns v1.1.58/go.mod h1:Ypv+3b/KadlvW9vJfXOTf300O4UqaHFzFCuHz+rPkBY= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= @@ -54,8 +65,9 @@ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= -github.com/stretchr/testify v1.8.3 h1:RP3t2pwF7cMEbC1dqtB6poj3niw/9gnV4Cjg5oW5gtY= github.com/stretchr/testify v1.8.3/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= +github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= +github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= github.com/twitchyliquid64/golang-asm v0.15.1 h1:SU5vSMR7hnwNxj24w34ZyCi/FmDZTkS4MhqMhdFk5YI= github.com/twitchyliquid64/golang-asm v0.15.1/go.mod h1:a1lVb/DtPvCB8fslRZhAngC2+aY1QWCk3Cedj/Gdt08= github.com/ugorji/go/codec v1.2.11 h1:BMaWp1Bb6fHwEtbplGBGJ498wD+LKlNSl25MjdZY4dU= @@ -63,21 +75,26 @@ github.com/ugorji/go/codec v1.2.11/go.mod h1:UNopzCgEMSXjBc6AOMqYvWC1ktqTAfzJZUZ golang.org/x/arch v0.0.0-20210923205945-b76863e36670/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8= golang.org/x/arch v0.3.0 h1:02VY4/ZcO/gBOH6PUaoiptASxtXU10jazRCP865E97k= golang.org/x/arch v0.3.0/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8= -golang.org/x/crypto v0.9.0 h1:LF6fAI+IutBocDJ2OT0Q1g8plpYljMZ4+lty+dsqw3g= -golang.org/x/crypto v0.9.0/go.mod h1:yrmDGqONDYtNj3tH8X9dzUun2m2lzPa9ngI6/RUPGR0= -golang.org/x/net v0.10.0 h1:X2//UzNDwYmtCLn7To6G58Wr6f5ahEAQgKNzv9Y951M= -golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= +golang.org/x/crypto v0.19.0 h1:ENy+Az/9Y1vSrlrvBSyna3PITt4tiZLf7sgCjZBX7Wo= +golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU= +golang.org/x/mod v0.14.0 h1:dGoOF9QVLYng8IHTm7BAyWqCqSheQ5pYWGhzW00YJr0= +golang.org/x/mod v0.14.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= +golang.org/x/net v0.20.0 h1:aCL9BSgETF1k+blQaYUBx9hJ9LOGP3gAVemcZlf1Kpo= +golang.org/x/net v0.20.0/go.mod h1:z8BVo6PvndSri0LbOE3hAn0apkU+1YvI6E70E9jsnvY= +golang.org/x/sync v0.6.0 h1:5BMeUDZ7vkXGfEr1x9B4bRcTH4lpkTkpdh0T/J+qjbQ= +golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20220704084225-05e143d24a9e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.8.0 h1:EBmGv8NaZBZTWvrbjNoL6HVt+IVy3QDQpJs7VRIw3tU= -golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/text v0.9.0 h1:2sjJmO8cDvYveuX97RDLsxlyUxLl+GHoLxBiRdHllBE= -golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= -golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543 h1:E7g+9GITq07hpfrRu66IVDexMakfv52eLZ2CXBWiKr4= +golang.org/x/sys v0.17.0 h1:25cE3gD+tdBA7lp7QfhuV+rJiE9YXTcS3VG1SqssI/Y= +golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= +golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= +golang.org/x/tools v0.17.0 h1:FvmRgNOcs3kOa+T20R1uhfP9F6HgG2mfxDv1vrx1Htc= +golang.org/x/tools v0.17.0/go.mod h1:xsh6VxdV005rRVaS6SSAf9oiAqljS7UZUacMZ8Bnsps= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= -google.golang.org/protobuf v1.30.0 h1:kPPoIgf3TsEvrm0PFe15JQ+570QVxYzEvvHqChK+cng= -google.golang.org/protobuf v1.30.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8= +google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= diff --git a/main.go b/main.go index e52aabf..9a81b49 100644 --- a/main.go +++ b/main.go @@ -1,17 +1,182 @@ package main import ( + "embed" + "encoding/json" + "html/template" + "io" + "mime" + "net/http" + "os" + "path/filepath" "strings" "github.com/gin-gonic/gin" + "github.com/joho/godotenv" ) +//go:embed pages +var embeddedFiles embed.FS + +type transport struct { + apiKey string + underlyingTransport http.RoundTripper +} + +func (t *transport) RoundTrip(req *http.Request) (*http.Response, error) { + if t.apiKey != "" { + req.Header.Add("Authorization", "token "+t.apiKey) + } + return t.underlyingTransport.RoundTrip(req) +} + func main() { + godotenv.Load() + rootDomain, exists := os.LookupEnv("ROOT_DOMAIN") + if !exists { + rootDomain = "localhost" + } + giteaUrl, exists := os.LookupEnv("GITEA_URL") + if !exists { + giteaUrl = "https://codeberg.org" + } + defaultRef, exists := os.LookupEnv("DEFAULT_REF") + if !exists { + defaultRef = "pages" + } + indexFile, exists := os.LookupEnv("INDEX_FILE") + if !exists { + indexFile = "index.html" + } + directoryIndexStr := os.Getenv("DIRECTORY_INDEX") + directoryIndex := true + if directoryIndexStr == "false" { + directoryIndex = false + } + defaultUser := os.Getenv("DEFAULT_USER") + servePort, exists := os.LookupEnv("SERVE_PORT") + if !exists { + servePort = "8080" + } + giteaToken := os.Getenv("GITEA_TOKEN") + + gitea := http.Client{Transport: &transport{underlyingTransport: http.DefaultTransport, apiKey: giteaToken}} + r := gin.Default() + + templ := template.Must(template.New("").ParseFS(embeddedFiles, "pages/*")) + r.SetHTMLTemplate(templ) + r.GET("/*path", func(ctx *gin.Context) { path := ctx.Params.ByName("path") - host := strings.Split(ctx.Request.Host, ".") - ctx.JSON(200, gin.H{"host": host, "path": path}) + + rawHost := ctx.Request.Host + if !strings.HasSuffix(rawHost, rootDomain) { + ctx.HTML(404, "error.html", gin.H{ + "error_code": "400", + "error_message": "invalid root domain", + }) + return + } + hostPrefix := strings.TrimSuffix(rawHost, rootDomain) + host := strings.Split(hostPrefix, ".") + + var owner string + switch len(host) - 1 { + case 0: + ctx.HTML(200, "index.html", gin.H{ + "root_domain": rootDomain, + }) + return + case 2: + owner = host[1] + case 1: + if defaultUser == "" { + goto godefault + } + owner = defaultUser + break + godefault: + fallthrough + default: + ctx.HTML(400, "index.html", gin.H{ + "root_domain": rootDomain, + }) + return + } + + repo := host[0] + + contentPath := giteaUrl + "/api/v1/repos/" + owner + "/" + repo + "/contents/" + path + "?ref=" + defaultRef + apiPath := giteaUrl + "/api/v1/repos/" + owner + "/" + repo + "/raw" + path + resp, err := gitea.Get(apiPath + "?ref=" + defaultRef) + if err != nil { + ctx.AbortWithError(500, err) + } + body, _ := io.ReadAll(resp.Body) + var message struct { + Message string + } + if resp.StatusCode == 200 { + // if file found + ct := mime.TypeByExtension(filepath.Ext(path)) + ctx.Data(200, ct, body) + } else { + // if file not found, and get err message + json.Unmarshal(body, &message) + + if message.Message != "getBlobForEntry" && path != "/" { + ctx.HTML(404, "error.html", gin.H{ + "error_code": "404", + "error_message": "file not found", + }) + return + } + // check is index file (from env) exists + indexPath := apiPath + "/" + indexFile + "?ref=" + defaultRef + resp, _ := gitea.Get(indexPath) + if resp.StatusCode == 200 { + // index file exist + body, _ := io.ReadAll(resp.Body) + ctx.Data(200, "text/html", body) + return + } else { + // else this is directory + resp, _ := gitea.Get(contentPath) + body, _ := io.ReadAll(resp.Body) + var dir []struct { + Name string + Path string + } + json.Unmarshal(body, &dir) + if len(dir) == 0 { + // zero files, empty or non-existent repo + ctx.HTML(404, "error.html", gin.H{ + "error_code": "404", + "error_message": "pages for repository not found", + }) + return + } + if !directoryIndex { + // if directory index disabled + ctx.HTML(401, "error.html", gin.H{ + "error_code": "401", + "error_message": "directory index disabled", + }) + return + } + var html string + html += "

Index of " + path + "

" + html += "Parrent directory
" + for _, file := range dir { + html += "" + file.Name + "
" + } + ctx.Data(200, "text/html", []byte(html)) + return + } + } + + //ctx.JSON(200, gin.H{"host": host, "path": path}) }) - r.Run() + r.Run(":" + servePort) } diff --git a/nginx.conf b/nginx.conf new file mode 100644 index 0000000..0a911d9 --- /dev/null +++ b/nginx.conf @@ -0,0 +1,47 @@ +worker_processes 1; + +events { worker_connections 1024; } + +http { + + sendfile on; + large_client_header_buffers 4 32k; + + upstream web-api { + server localhost:8080; + } + + server { + listen 80 default_server; + server_name _; + + location / { + return 301 https://$host$request_uri; + } + } + + server { + listen 443 ssl; + server_name _; + + ssl_certificate /etc/ssl/cert.crt; + ssl_certificate_key /etc/ssl/priv.key; + + location / { + proxy_pass http://web-api; + proxy_redirect off; + proxy_http_version 1.1; + proxy_cache_bypass $http_upgrade; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection keep-alive; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Forwarded-Host $server_name; + proxy_buffer_size 128k; + proxy_buffers 4 256k; + proxy_busy_buffers_size 256k; + } + } +} \ No newline at end of file diff --git a/pages/error.html b/pages/error.html new file mode 100644 index 0000000..1b2d114 --- /dev/null +++ b/pages/error.html @@ -0,0 +1,42 @@ + + + + + + {{ .error_code }} + + + + + + +
+

{{ .error_code }}

+

{{ .error_message }}

+
+ + \ No newline at end of file diff --git a/pages/index.html b/pages/index.html new file mode 100644 index 0000000..51acff9 --- /dev/null +++ b/pages/index.html @@ -0,0 +1,46 @@ + + + + + + gitea pages + + + + + + +
+

gitea pages

+

usage: repo.user.{{ .root_domain }}

+ source +
+ + \ No newline at end of file