aboutsummaryrefslogtreecommitdiff
path: root/cmd
AgeCommit message (Collapse)AuthorFilesLines
2025-04-19cmd/relayd: refine for packagingv1.13.6Xe Iaso3-2/+14
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-04-19cmd/relayd: automagically reload TLS certificates, JA3N/JA4 fingerprintsXe Iaso2-8/+457
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-04-07cmd: add yeet tombstoneXe Iaso10-1190/+1
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-04-06add reverseproxydXe Iaso1-0/+38
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-04-04cmd/yeet: support custom filename logic for tarball generationv1.13.4Xe Iaso3-4/+15
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-04-03add package build job from Anubis as a testXe Iaso1-4/+3
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-04-02cmd/yeet: staticcheck/vet fixesv1.13.1Xe Iaso4-28/+13
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-04-02cmd/yeet/internal/mktarball: put VERSION in doc folderXe Iaso2-0/+19
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-04-01cmd/yeet: build tarball packagesv1.13.0Xe Iaso5-13/+198
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-04-01cmd/yeet: modernize build syntax, nix nixXe Iaso7-186/+110
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-03-31cmd/yeet: fixupsXe Iaso6-37/+76
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-03-28cmd/yeet: add ability to build debian packagesXe Iaso6-30/+174
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-03-19cmd/anubis: mark as a tombstone (#705)Xe Iaso1-6/+5
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-03-17cmd/anubis: rephrase noscript warningXe Iaso2-2/+2
Closes #701 Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-03-17cmd/anubis: allow qwantbot scraping (#700)Dennis ten Hoove1-1/+6
Like Google and Bing, Qwant maintains its own search index.
2025-03-17cmd/anubis: add rule hashes for admin-configured denials (#696)Xe Iaso5-7/+57
* cmd/anubis: add rule hashes for admin-configured denials Closes #695 Signed-off-by: Xe Iaso <me@xeiaso.net> * cmd/anubis: remove theoretical nil pointer deference panic This won't actually happen in real life, but the code paths might change so we should be somewhat defensive. Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --------- Signed-off-by: Xe Iaso <me@xeiaso.net> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
2025-03-15cmd/anubis/internal/config: properly use errors.JoinXe Iaso1-6/+6
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-03-03Potential fix for code scanning alert no. 9: Uncontrolled data used in path ↵Xe Iaso1-3/+21
expression (#687) * Potential fix for code scanning alert no. 9: Uncontrolled data used in path expression Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> * Update cmd/mimi/modules/discord/heic2jpeg/heic2jpeg.go Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --------- Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
2025-03-03cmd/anubis: implement health check (#685)Xe Iaso1-0/+22
Closes #681 Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-03-01cmd/anubis: Fix potential decaymap race (#683)Em Sharnoff1-1/+5
Fixes a potential TOCTOU issue that would cause values to be spuriously erased. IIUC, the following interleaving of (*DecayMap).Get() and (*DecayMap).Set() can cause an update to be erased: // thread A: Get("x") m.lock.RLock() value, ok := m.data["x"] m.lock.RUnlock() ... if time.Now().After(value.expiry) { // <wait for lock!> // thread B: Set("x", ...) m.lock.Lock() defer m.lock.Unlock() m.data["x"] = DecayMapEntry{ ... } // thread A continues its Get("x") after acquring the lock: m.lock.Lock() delete(m.data, "x") // Oops! Newer entry is deleted! m.lock.Unlock() Realistically... I think it's probably a non-issue either way, because the worst that can happen is that a cache entry is spuriously removed, and it'll just get re-fetched.
2025-02-14cmd/anubis: cache DNSBL hits in a DecayMapXe Iaso2-12/+84
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-02-14cmd/anubis: enable DNSBL checking via droneblXe Iaso7-3/+226
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-02-14Earthfile: bump to go 1.24Xe Iaso1-0/+5
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-01-26cmd/anubis: forbid bypassing auth by faking the challenge difficultyXe Iaso7-22/+6
This fixes a trivial auth bypass where a user requests a challenge, formulates any nonce they want (such as 42069), and then passes the challenge with difficulty zero. This was fixed by not using the difficulity the client specified and instead using the fixed difficulty at the server level. The difficulty has also been encoded into the challenge in 7bd7b209f4f1. Thanks to Coral Pink for finding this and reporting it over email. Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-01-26cmd/anubis: bake difficulty into challengeXe Iaso1-1/+2
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-01-26cmd/anubis: ship sourcemapsXe Iaso6-1/+9
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-01-26cmd/anubis: disable video test for nowXe Iaso5-11/+12
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-01-25cmd/anubis: prepare for more efficient servingXe Iaso4-1/+32
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-01-25cmd/anubis: minify JS, add video element testXe Iaso8-108/+145
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-01-25make simpleapp helm templateXe Iaso1-7/+24
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-01-24cmd/anubis: document POLICY_FNAMEXe Iaso1-7/+8
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-01-24cmd/anubis: add rudimentary bot policy supportXe Iaso7-50/+422
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-01-24cmd/anubis: don't include Accept-Encoding in challengeXe Iaso2-3/+7
Browsers are known to change the Accept-Encoding header based on what media type is being accepted. I kinda hate this too, but such is life. Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-01-21refactor out fly.io registry from CIXe Iaso2-2/+2
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-01-21cmd/yeet/internal: move flags hereXe Iaso2-59/+67
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-01-20cmd/nomadicdemo: it works enough that I don't have to careXe Iaso3-8/+13
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-01-19cmd/anubis: Document caddy+gitea/forgejo and UID changesXe Iaso1-0/+35
Ref #649 Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-01-19cmd: add httpdebugXe Iaso1-0/+25
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-01-19cmd/anubis: add loading spinnersv1.11.0Xe Iaso3-8/+102
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-01-19Earthfile: embed the version in CIXe Iaso1-1/+2
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-01-19cmd/anubis: expose internal API calls on the metrics serverXe Iaso1-3/+2
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-01-19cmd/anubis: submit cachebusters for resourcesXe Iaso2-17/+71
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-01-19cmd/anubis: add info about key fingerprint being the input to the challengeXe Iaso1-0/+1
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-01-19cmd/build: fix other merge conflicts that I accidentally incurred by coding ↵Xe Iaso2-6/+2
while waking up Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-01-19cmd/anubis: oops, i hate git mergesXe Iaso1-3/+0
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-01-19cmd/anubis: inject fingerprint of the private key of the Anubis serverXe Iaso1-5/+16
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-01-19cmd/anubis: fix expiry checking logicXe Iaso1-13/+30
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-01-19cmd/anubis: idk what's wrong but something isXe Iaso1-7/+7
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-01-19cmd/anubis: clear the cookie more robustlyXe Iaso1-0/+7
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-01-19cmd/anubis: fix logic?Xe Iaso1-1/+2
Signed-off-by: Xe Iaso <me@xeiaso.net>
generated by cgit v1.2.3 (git 2.25.1) at 2026-01-04 16:17:05 +0000