Skip to content

Commit

Permalink
support https with certificate path options
Browse files Browse the repository at this point in the history
http as a cargo build feature
  • Loading branch information
Jerboa-app committed Jan 5, 2024
1 parent 8ba781f commit 81be74b
Show file tree
Hide file tree
Showing 7 changed files with 226 additions and 129 deletions.
8 changes: 8 additions & 0 deletions Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -9,10 +9,18 @@ edition="2021"
name = "pulse"
path = "src/main.rs"

[[bin]]
name = "pulse_http"
path = "src/main_http.rs"
required-features=["http"]

[[bin]]
name = "post_discord"
path = "src/post_discord.rs"

[features]
http = []

[dependencies]
tokio = { version = "1", features = ["full"] }
axum = "0.6.20"
Expand Down
31 changes: 26 additions & 5 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,13 +1,34 @@
### Pulse
#### A work in progress information bot linking Discord and Github, with more to come
## Pulse
### A work in progress information bot linking Discord and Github, with more to come

- for now uses a Discord webhook for only posting messages
- recieves POST requests (e.g. from github webhooks) to be processed into custom messages, which are then POST'd to Discord
- so we can format the Github POST content to our hearts content

# To come
### Roadmap

- [ ] support for https POST reciepts (does work, just need actual certs, and to bundle them in)
- [ ] verify POST's are from github using the webhook secret
- [x] support for https POST receipts
- [x] support for http POST receipts (as a cargo build option)
- [x] verify POST's are from github using the webhook secret
- [ ] Release formatting
- [ ] Pre-release formatting

### Setup

### Example Google Cloud instance (free tier)

### https certificate setup

#### Self signed (useful for localhost testing)

- You can use the bash script ```certs/gen.sh``` to generate a key/cert pair with openssl

#### Production; from authority

- get a domain (e.g. from squarespace)
- create a custom DNS record, e.g.
- ```
your.domain.somwhere A 1 hour google.cloud.instance.ip
```
- Use [Let's Encrypts](https://letsencrypt.org/) recommendation of [certbot](https://certbot.eff.org/) it really is very easy
- You will need to enable http in the cloud instance firewall for provisioning as well as https
3 changes: 3 additions & 0 deletions src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,9 @@ pub mod discord;
pub mod web;
pub mod server;

#[cfg(feature = "http")]
pub mod server_http;

const DEBUG: bool = true;

pub fn debug(msg: String, context: Option<String>)
Expand Down
32 changes: 32 additions & 0 deletions src/main_http.rs
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
#[cfg(feature = "http")]
use pulse::server_http::serve;

#[cfg(feature = "http")]
#[tokio::main]
async fn main() {

let args: Vec<String> = std::env::args().collect();

let token = if args.iter().any(|x| x == "-t")
{
let i = args.iter().position(|x| x == "-t").unwrap();

if i+1 < args.len()
{
args[i+1].clone()
}
else
{
println!("Authentication token not provided, please provide -t token");
std::process::exit(1);
}
}
else
{
println!("Authentication token not provided, please provide -t token");
std::process::exit(1);
};

serve(token).await;

}
120 changes: 0 additions & 120 deletions src/pulse-ssl.rs

This file was deleted.

61 changes: 57 additions & 4 deletions src/server.rs
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ use crate::web::response::github_verify::github_verify;

use std::clone;
use std::net::{IpAddr, Ipv4Addr, SocketAddr};
use std::path::PathBuf;
use std::sync::{Arc, Mutex};

use axum::extract::State;
Expand All @@ -14,6 +15,7 @@ use axum::
Router,
middleware
};
use axum_server::tls_rustls::RustlsConfig;

pub struct Server
{
Expand Down Expand Up @@ -62,10 +64,27 @@ impl Server
self.addr
}

pub async fn serve(self: Server)
pub async fn serve(self: Server, cert_path: String, key_path: String)
{
axum::Server::bind(&self.addr)
.serve(self.router.into_make_service_with_connect_info::<SocketAddr>())

// configure https

let config = match RustlsConfig::from_pem_file(
PathBuf::from(cert_path.clone()),
PathBuf::from(key_path.clone())
)
.await
{
Ok(c) => c,
Err(e) =>
{
println!("error while reading certificates in {} and key {}\n{}", cert_path, key_path, e);
std::process::exit(1);
}
};

axum_server::bind_rustls(self.addr, config)
.serve(self.router.into_make_service())
.await
.unwrap();
}
Expand Down Expand Up @@ -93,8 +112,42 @@ pub async fn serve(token: String) {
3030
};

let cert_path = if args.iter().any(|x| x == "-c")
{
let i = args.iter().position(|x| x == "-c").unwrap();
if i+1 < args.len()
{
args[i+1].clone()
}
else
{
"./cert.pem".to_string()
}
}
else
{
"./cert.pem".to_string()
};

let key_path = if args.iter().any(|x| x == "-k")
{
let i = args.iter().position(|x| x == "-k").unwrap();
if i+1 < args.len()
{
args[i+1].clone()
}
else
{
"./key.pem".to_string()
}
}
else
{
"./key.pem".to_string()
};

let server = Server::new(127,0,0,1,port,token);

server.serve().await
server.serve(cert_path, key_path).await

}
Loading

0 comments on commit 81be74b

Please sign in to comment.