diff options
| author | DanConwayDev <DanConwayDev@protonmail.com> | 2026-01-12 17:40:25 +0000 |
|---|---|---|
| committer | DanConwayDev <DanConwayDev@protonmail.com> | 2026-01-12 17:40:25 +0000 |
| commit | c29191b1e1239e931c575a926ec9480e594476d6 (patch) | |
| tree | 6fcb776ba34b6fab766ceb613997b07b18e780df /docs/reference | |
| parent | 2b8992631b9dedcfd4ea44e8565b14ac8a5ed8ea (diff) | |
feat(grasp-05): implement archive mode for backup/mirror operation
Implements GRASP-05 specification for accepting repository announcements
that don't list this relay, enabling archive, mirror, and backup use cases.
Core Features:
- Three whitelist formats: <npub>, <npub>/<identifier>, <identifier>
- Archive-all mode for complete ecosystem mirrors
- Fail-fast npub validation at startup
- Read-only enforcement (archived repos reject pushes)
- Full GRASP-02 sync (git data + Nostr events)
- Dynamic archive status (no flags/metadata)
Implementation:
- Add ArchiveWhitelistEntry enum with Pubkey/Repository/Identifier variants
- Add ArchiveConfig with validation and matching logic
- Update AnnouncementResult to include AcceptArchive variant
- Refactor validate_announcement() to return AnnouncementResult with archive check
- Update AnnouncementPolicy with catch-all pattern for cleaner code
- Wire archive config through builder and policy layers
Configuration:
- NGIT_ARCHIVE_ALL: Accept all announcements (⚠️ storage risk)
- NGIT_ARCHIVE_WHITELIST: Comma-separated whitelist entries
- Updated docs, .env.example, and nix/module.nix
Testing:
- 28 unit tests for config parsing and whitelist matching
- 7 integration tests for archive mode validation
- All 296 tests passing
Validation Priority:
1. Lists our service → Accept (GRASP-01, read/write)
2. Is maintainer → AcceptMaintainer (multi-maintainer, read/write)
3. Matches archive config → AcceptArchive (GRASP-05, read-only)
4. None of above → Reject
Security Considerations:
- Archive-all mode has storage/bandwidth DoS risk
- Identifier-only format matches any pubkey (use npub/identifier for high-value)
- Invalid npubs cause startup failure (fail-fast)
Documentation:
- Concise explanation focused on rationale
- Reference docs updated with all config options
- README updated to reflect completed feature
- Removed from roadmap, added to compliance section
See docs/explanation/grasp-05-archive.md for details.
Diffstat (limited to 'docs/reference')
| -rw-r--r-- | docs/reference/configuration.md | 76 |
1 files changed, 76 insertions, 0 deletions
diff --git a/docs/reference/configuration.md b/docs/reference/configuration.md index bdd832f..52418ad 100644 --- a/docs/reference/configuration.md +++ b/docs/reference/configuration.md | |||
| @@ -498,6 +498,82 @@ NGIT_REJECTED_COLD_INDEX_EXPIRY_SECS=1209600 | |||
| 498 | 498 | ||
| 499 | --- | 499 | --- |
| 500 | 500 | ||
| 501 | ### GRASP-05 Archive Configuration | ||
| 502 | |||
| 503 | These options enable archive/mirror/backup mode per the GRASP-05 specification. | ||
| 504 | |||
| 505 | #### `NGIT_ARCHIVE_ALL` | ||
| 506 | |||
| 507 | **Description:** Accept all repository announcements regardless of whether they list this instance | ||
| 508 | **Type:** Boolean | ||
| 509 | **Default:** `false` | ||
| 510 | **Required:** No | ||
| 511 | |||
| 512 | **Examples:** | ||
| 513 | |||
| 514 | ```bash | ||
| 515 | # Enable archive-all mode (⚠️ WARNING: Storage risk) | ||
| 516 | NGIT_ARCHIVE_ALL=true | ||
| 517 | |||
| 518 | # Disable (default - GRASP-01 strict mode) | ||
| 519 | NGIT_ARCHIVE_ALL=false | ||
| 520 | ``` | ||
| 521 | |||
| 522 | **Security Warning:** When enabled, any repository can be mirrored to this relay, potentially causing storage and bandwidth exhaustion. Only enable if you have unlimited resources and trust the relay network. | ||
| 523 | |||
| 524 | **Notes:** | ||
| 525 | |||
| 526 | - Archived repositories are read-only (pushes rejected) | ||
| 527 | - Full sync enabled (both git data and Nostr events) | ||
| 528 | - Takes precedence over whitelist (accepts everything) | ||
| 529 | |||
| 530 | --- | ||
| 531 | |||
| 532 | #### `NGIT_ARCHIVE_WHITELIST` | ||
| 533 | |||
| 534 | **Description:** Comma-separated list of repositories/pubkeys/identifiers to archive | ||
| 535 | **Type:** String (comma-separated) | ||
| 536 | **Default:** (empty) | ||
| 537 | **Required:** No | ||
| 538 | |||
| 539 | **Formats:** | ||
| 540 | |||
| 541 | - `<npub>` - Archive all repos from this pubkey | ||
| 542 | - `<npub>/<identifier>` - Archive specific repo from specific pubkey | ||
| 543 | - `<identifier>` - Archive repos with this identifier from any pubkey | ||
| 544 | |||
| 545 | **Examples:** | ||
| 546 | |||
| 547 | ```bash | ||
| 548 | # Archive all repos from Alice | ||
| 549 | NGIT_ARCHIVE_WHITELIST=npub1alice23 | ||
| 550 | |||
| 551 | # Archive specific repos | ||
| 552 | NGIT_ARCHIVE_WHITELIST=npub1alice23/linux,npub1bob23/bitcoin-core | ||
| 553 | |||
| 554 | # Archive by identifier (any pubkey) | ||
| 555 | NGIT_ARCHIVE_WHITELIST=bitcoin-core,linux,rust | ||
| 556 | |||
| 557 | # Mixed formats | ||
| 558 | NGIT_ARCHIVE_WHITELIST=npub1alice23...,npub1bob23.../linux,bitcoin-core | ||
| 559 | ``` | ||
| 560 | |||
| 561 | **Validation:** | ||
| 562 | |||
| 563 | - Npub entries are validated at startup (invalid npub = server fails to start) | ||
| 564 | - Identifier entries accept any string | ||
| 565 | - Whitespace is trimmed | ||
| 566 | - Empty entries are ignored | ||
| 567 | |||
| 568 | **Security Notes:** | ||
| 569 | |||
| 570 | - Identifier-only format (`bitcoin-core`) matches ANY pubkey | ||
| 571 | - Use `npub/identifier` format for high-value archives | ||
| 572 | - Whitelist is static (restart required to change) | ||
| 573 | - Future: Dynamic management via API | ||
| 574 | |||
| 575 | --- | ||
| 576 | |||
| 501 | ### Logging Configuration | 577 | ### Logging Configuration |
| 502 | 578 | ||
| 503 | #### `RUST_LOG` | 579 | #### `RUST_LOG` |