diff --git a/.gitignore b/.gitignore index be181615..0f8796c3 100644 --- a/.gitignore +++ b/.gitignore @@ -178,4 +178,5 @@ config/extended_description_test.md glitch-old glitch glitch.tar.gz -glitch-dev \ No newline at end of file +glitch-dev +*.pem \ No newline at end of file diff --git a/config/config.example.toml b/config/config.example.toml index 6fa64df8..86c4646e 100644 --- a/config/config.example.toml +++ b/config/config.example.toml @@ -76,6 +76,14 @@ banned_user_agents = [ # "wget\/1.20.3", ] +[http.tls] +# If these values are set, Lysand will use these files for TLS +enabled = false +key = "config/privatekey.pem" +cert = "config/certificate.pem" +passphrase = "" +ca = "" + [http.bait] # Enable the bait feature (sends fake data to those who are flagged) enabled = false @@ -88,6 +96,7 @@ bait_user_agents = ["curl", "wget"] [frontend] # Enable custom frontends (warning: not enabling this or Glitch will make Lysand only accessible via the Mastodon API) +# Frontends also control the OAuth flow, so if you disable this, you will need to use the Mastodon frontend enabled = true # The URL to reach the frontend at (should be on a local network) url = "http://localhost:3000" diff --git a/docs/glitch-soc.md b/docs/glitch-soc.md index 0614999c..29f0995a 100644 --- a/docs/glitch-soc.md +++ b/docs/glitch-soc.md @@ -8,7 +8,8 @@ Lysand supports the use of the Glitch-Soc fork of Mastodon's frontend. Here's ho ```toml [frontend] # Enable custom frontends (warning: not enabling this or Glitch will make Lysand only accessible via the Mastodon API) - enabled = false + # Frontends also control the OAuth flow, so if you disable this, you will need to use the Mastodon frontend + enabled = true # The URL to reach the frontend at (should be on a local network) url = "http://localhost:3000" @@ -20,8 +21,6 @@ Lysand supports the use of the Glitch-Soc fork of Mastodon's frontend. Here's ho # Server the assets were ripped from (and any eventual CDNs) server = ["https://tech.lgbt"] ``` - (you can disable the normal frontend option as it will not be used anymore) - The `server` option can be left as-is, unless you have downloaded your own `index.html` file from a different Glitch instance. 4. Start Lysand and navigate to `/` to see the Glitch frontend in action. diff --git a/drizzle.config.ts b/drizzle.config.ts index 3c43500f..a49f235d 100644 --- a/drizzle.config.ts +++ b/drizzle.config.ts @@ -6,16 +6,16 @@ export default { out: "./drizzle", schema: "./drizzle/schema.ts", dbCredentials: { - host: "localhost", + /* host: "localhost", port: 40000, user: "lysand", password: "lysand", - database: "lysand", - /* host: config.database.host, + database: "lysand", */ + host: config.database.host, port: Number(config.database.port), user: config.database.username, password: config.database.password, - database: config.database.database, */ + database: config.database.database, }, // Print all statements verbose: true, diff --git a/packages/config-manager/config.type.ts b/packages/config-manager/config.type.ts index ef0aa083..91a5c799 100644 --- a/packages/config-manager/config.type.ts +++ b/packages/config-manager/config.type.ts @@ -105,6 +105,23 @@ export interface Config { banned_user_agents: string[]; + tls: { + /** @default false */ + enabled: boolean; + + /** @default "" */ + key: string; + + /** @default "" */ + cert: string; + + /** @default "" */ + passphrase: string; + + /** @default "" */ + ca: string; + }; + bait: { /** @default false */ enabled: boolean; @@ -437,6 +454,13 @@ export const defaultConfig: Config = { bind_port: "8080", banned_ips: [], banned_user_agents: [], + tls: { + enabled: false, + key: "", + cert: "", + passphrase: "", + ca: "", + }, bait: { enabled: false, send_file: "", diff --git a/server.ts b/server.ts index 60c55f76..b55b64ec 100644 --- a/server.ts +++ b/server.ts @@ -15,6 +15,16 @@ export const createServer = ( ) => Bun.serve({ port: config.http.bind_port, + tls: config.http.tls.enabled + ? { + key: Bun.file(config.http.tls.key), + cert: Bun.file(config.http.tls.cert), + passphrase: config.http.tls.passphrase, + ca: config.http.tls.ca + ? Bun.file(config.http.tls.ca) + : undefined, + } + : undefined, hostname: config.http.bind || "0.0.0.0", // defaults to "0.0.0.0" async fetch(req) { // Check for banned IPs @@ -121,17 +131,11 @@ export const createServer = ( const matchedRoute = matchRoute( req.url.replace(".well-known", "well-known"), ); + if (matchedRoute?.filePath && matchedRoute.name !== "/[...404]") { return await processRoute(matchedRoute, req, logger); } - if (config.frontend.glitch.enabled) { - return ( - (await handleGlitchRequest(req, dualLogger)) ?? - errorResponse("Route not found", 404) - ); - } - const base_url_with_http = config.http.base_url.replace( "https://", "http://", @@ -157,13 +161,19 @@ export const createServer = ( "Server.Proxy", `The Frontend is not running or the route is not found: ${replacedUrl}`, ); - return errorResponse("Route not found", 404); + return null; }); - if ( - proxy.status !== 404 && - !(await proxy.clone().text()).includes("404 Not Found") - ) { + console.log(proxy); + + if (!proxy || proxy.status === 404) { + if (config.frontend.glitch.enabled) { + return ( + (await handleGlitchRequest(req, dualLogger)) ?? + errorResponse("Route not found", 404) + ); + } + } else { return proxy; }