This module provides a Web server for the document sanitization solution
- From a Web page, the user uploads documents to the
server(images, PDF or office documents) - The server sanitizes original documents and transforms them to PDFs (
entrusted-clicommand-line invocation) - Once the processing completed successfully completed, resulting PDF documents can be downloaded
There’s a basic Web interface that can be accessed from the server root URL (i.e. http://localhost:13000).
This is used for a single workstation, in a “multi virtual machines” scenario (several virtual machines: VMs):
- There are several VMs for specific purposes (“entrusted VM”, “programming VM”, “socials VM”, etc.)
- Inside some of the VMs, there’s a need to open safely documents (ebooks, emails attachments, etc.)
- The “Entrusted VM” performing document conversions has no internet connectivity (by choice)
- The “Entrusted VM” only allows SSH and “document conversion requests”
- The “Entrusted VM” has limited resources (1 GB of RAM allocated)
- Strive for balance between minimalism and convenience, but focus on performance
- Keep a familiar look and feel in user interfaces (Web or Desktop interfaces)
- Avoid large feature gaps between the Web and Desktop interfaces
- Delete automatically files from the server upon download for both privacy and free disk space purposes
The high-level architecture is described below.
You need to have the rust compiler tools installed in order to compile the code.
It’s possible to produce standalone binaries on Linux, with no runtime dependencies (crt-static rustc flag)
- On Windows, in order to avoid dealing with Windows redistributable bundling or pre-installation, use the
x86_64-pc-windows-gnutarget - On Linux, you’ll need
musl devrelated packages for your distribution
Please use a recent version of rust (1.70.0+) to compile the program.
This is the basic command to build dynamically linked binaries: cargo build.
For detailed build instructions, please take a look at some of the commands in ci_cd scripts.
For the server component, any OS that can run the entrusted-cli binary:
- It is assumed that the
entrusted-cliprogram is installed - The
entrusted-cliprogram must also be directly accessible (i.e. in your PATH variable)
You can run the server as follow, once the program is built (Linux assumed below).
./target/debug/entrusted-webserverYes, the user interface (simple HTML page) interacts with the Web API of the entrusted-webserver.
Please consult the OpenAPI specification documentation for further details.
Yes, the configuration file (config.toml) is optional and its location is operating system dependent.
| Operating System | Configuration File Location |
|---|---|
| Linux & Others | $XDG_CONFIG_HOME/com.rimerosolutions.entrusted.entrusted_webserver/config.toml |
| Mac OS | $HOME/Library/Application Support/com.rimerosolutions.entrusted.entrusted_webserver/config.toml |
| Windows | %APPDATA%\com.rimerosolutions.entrusted.entrusted_webserver\config.toml |
The configuration format is TOML, it’s a bit similar to INI files syntax.
# The server hostname or IP address to bind
host = "localhost"
# The server port
port = 13000
# This is meant mostly for advanced usage (self-hosting, development, etc.)
# This always defaults to the current version of the application for the tag
# Unless you know what you're doing, there's no need to set this
# container-image-name= docker.io/MY_USERNAME_HERE/entrusted_container:1.2.3
| Parameter | Description |
|---|---|
host | The server hostname or IP address |
port | The server port number |
container-image-name | A custom container image for conversions (advanced option) |