diff options
| author | DanConwayDev <DanConwayDev@protonmail.com> | 2026-02-23 15:20:59 +0000 |
|---|---|---|
| committer | DanConwayDev <DanConwayDev@protonmail.com> | 2026-02-23 15:20:59 +0000 |
| commit | 113928aa84894ea8f65c247d9987527e792b32a9 (patch) | |
| tree | ec967d6195d9f7ec4f061449596611afe3a0950f /src/config.rs | |
| parent | 26f608e5011b9d1ad6036da75b89272835e69695 (diff) | |
| parent | e0ad39a489b3398f8208713bf728db0cb11475b0 (diff) | |
Merge master into 3ca0-announcements-purgatory
Diffstat (limited to 'src/config.rs')
| -rw-r--r-- | src/config.rs | 30 |
1 files changed, 21 insertions, 9 deletions
diff --git a/src/config.rs b/src/config.rs index 7062187..dd7b1e3 100644 --- a/src/config.rs +++ b/src/config.rs | |||
| @@ -115,16 +115,19 @@ pub struct ArchiveConfig { | |||
| 115 | /// | 115 | /// |
| 116 | /// WARNING: Setting this to true allows anyone to mirror any repository | 116 | /// WARNING: Setting this to true allows anyone to mirror any repository |
| 117 | /// to this relay, potentially causing storage/bandwidth exhaustion. | 117 | /// to this relay, potentially causing storage/bandwidth exhaustion. |
| 118 | #[serde(default)] | ||
| 118 | pub archive_all: bool, | 119 | pub archive_all: bool, |
| 119 | 120 | ||
| 120 | /// Whitelist entries for selective archiving | 121 | /// Whitelist entries for selective archiving |
| 121 | /// | 122 | /// |
| 122 | /// If empty and archive_all is false, GRASP-05 is disabled (GRASP-01 strict mode). | 123 | /// If empty and archive_all is false, GRASP-05 is disabled (GRASP-01 strict mode). |
| 124 | #[serde(default)] | ||
| 123 | pub whitelist: Vec<WhitelistEntry>, | 125 | pub whitelist: Vec<WhitelistEntry>, |
| 124 | 126 | ||
| 125 | /// GRASP server domains to archive (archive all repositories from these domains) | 127 | /// GRASP server domains to archive (archive all repositories from these domains) |
| 126 | /// | 128 | /// |
| 127 | /// If non-empty, archives all repositories from the specified GRASP server domains. | 129 | /// If non-empty, archives all repositories from the specified GRASP server domains. |
| 130 | #[serde(default)] | ||
| 128 | pub grasp_services: Vec<String>, | 131 | pub grasp_services: Vec<String>, |
| 129 | 132 | ||
| 130 | /// Read-only archive mode: relay is a read-only sync of archived repositories | 133 | /// Read-only archive mode: relay is a read-only sync of archived repositories |
| @@ -132,6 +135,7 @@ pub struct ArchiveConfig { | |||
| 132 | /// When true, the relay ONLY accepts announcements matching the archive whitelist/all. | 135 | /// When true, the relay ONLY accepts announcements matching the archive whitelist/all. |
| 133 | /// Announcements listing the relay but not in the whitelist are rejected. | 136 | /// Announcements listing the relay but not in the whitelist are rejected. |
| 134 | /// When false, the relay operates in GRASP-01 mode for unwhitelisted repos. | 137 | /// When false, the relay operates in GRASP-01 mode for unwhitelisted repos. |
| 138 | #[serde(default)] | ||
| 135 | pub read_only: bool, | 139 | pub read_only: bool, |
| 136 | } | 140 | } |
| 137 | 141 | ||
| @@ -178,6 +182,7 @@ pub struct RepositoryConfig { | |||
| 178 | /// Whitelist entries for selective repository acceptance | 182 | /// Whitelist entries for selective repository acceptance |
| 179 | /// | 183 | /// |
| 180 | /// If empty, all repositories listing the service are accepted (GRASP-01 mode). | 184 | /// If empty, all repositories listing the service are accepted (GRASP-01 mode). |
| 185 | #[serde(default)] | ||
| 181 | pub whitelist: Vec<WhitelistEntry>, | 186 | pub whitelist: Vec<WhitelistEntry>, |
| 182 | } | 187 | } |
| 183 | 188 | ||
| @@ -204,6 +209,7 @@ pub struct BlacklistConfig { | |||
| 204 | /// | 209 | /// |
| 205 | /// If empty, no repositories are blacklisted. | 210 | /// If empty, no repositories are blacklisted. |
| 206 | /// Blacklist takes precedence over both archive and repository whitelists. | 211 | /// Blacklist takes precedence over both archive and repository whitelists. |
| 212 | #[serde(default)] | ||
| 207 | pub blacklist: Vec<WhitelistEntry>, | 213 | pub blacklist: Vec<WhitelistEntry>, |
| 208 | } | 214 | } |
| 209 | 215 | ||
| @@ -245,6 +251,7 @@ pub struct EventBlacklistConfig { | |||
| 245 | /// | 251 | /// |
| 246 | /// If empty, no events are blacklisted by author. | 252 | /// If empty, no events are blacklisted by author. |
| 247 | /// Applies to ALL event types, preventing events from reaching both the relay and purgatory. | 253 | /// Applies to ALL event types, preventing events from reaching both the relay and purgatory. |
| 254 | #[serde(default)] | ||
| 248 | pub blacklisted_npubs: Vec<String>, | 255 | pub blacklisted_npubs: Vec<String>, |
| 249 | } | 256 | } |
| 250 | 257 | ||
| @@ -466,6 +473,10 @@ pub struct Config { | |||
| 466 | /// Prevents connection exhaustion DoS attacks | 473 | /// Prevents connection exhaustion DoS attacks |
| 467 | #[arg(long, env = "NGIT_MAX_CONNECTIONS", default_value_t = 4096)] | 474 | #[arg(long, env = "NGIT_MAX_CONNECTIONS", default_value_t = 4096)] |
| 468 | pub max_connections: usize, | 475 | pub max_connections: usize, |
| 476 | |||
| 477 | /// Log level for application logging | ||
| 478 | #[arg(long, env = "NGIT_LOG_LEVEL", default_value = "info")] | ||
| 479 | pub log_level: String, | ||
| 469 | } | 480 | } |
| 470 | 481 | ||
| 471 | impl Config { | 482 | impl Config { |
| @@ -748,6 +759,7 @@ impl Config { | |||
| 748 | repository_blacklist: String::new(), | 759 | repository_blacklist: String::new(), |
| 749 | event_blacklist: String::new(), | 760 | event_blacklist: String::new(), |
| 750 | max_connections: 500, | 761 | max_connections: 500, |
| 762 | log_level: "debug".to_string(), | ||
| 751 | } | 763 | } |
| 752 | } | 764 | } |
| 753 | } | 765 | } |
| @@ -1069,14 +1081,14 @@ mod tests { | |||
| 1069 | fn test_archive_read_only_defaults() { | 1081 | fn test_archive_read_only_defaults() { |
| 1070 | // Default: false when no archive mode | 1082 | // Default: false when no archive mode |
| 1071 | let config = Config::for_testing(); | 1083 | let config = Config::for_testing(); |
| 1072 | assert_eq!(config.archive_config().read_only, false); | 1084 | assert!(!config.archive_config().read_only); |
| 1073 | 1085 | ||
| 1074 | // Default: true when archive_all is set | 1086 | // Default: true when archive_all is set |
| 1075 | let config = Config { | 1087 | let config = Config { |
| 1076 | archive_all: true, | 1088 | archive_all: true, |
| 1077 | ..Config::for_testing() | 1089 | ..Config::for_testing() |
| 1078 | }; | 1090 | }; |
| 1079 | assert_eq!(config.archive_config().read_only, true); | 1091 | assert!(config.archive_config().read_only); |
| 1080 | 1092 | ||
| 1081 | // Default: true when archive_whitelist is set | 1093 | // Default: true when archive_whitelist is set |
| 1082 | let keys = Keys::generate(); | 1094 | let keys = Keys::generate(); |
| @@ -1085,7 +1097,7 @@ mod tests { | |||
| 1085 | archive_whitelist: test_npub, | 1097 | archive_whitelist: test_npub, |
| 1086 | ..Config::for_testing() | 1098 | ..Config::for_testing() |
| 1087 | }; | 1099 | }; |
| 1088 | assert_eq!(config.archive_config().read_only, true); | 1100 | assert!(config.archive_config().read_only); |
| 1089 | } | 1101 | } |
| 1090 | 1102 | ||
| 1091 | #[test] | 1103 | #[test] |
| @@ -1096,7 +1108,7 @@ mod tests { | |||
| 1096 | archive_read_only: Some(true), | 1108 | archive_read_only: Some(true), |
| 1097 | ..Config::for_testing() | 1109 | ..Config::for_testing() |
| 1098 | }; | 1110 | }; |
| 1099 | assert_eq!(config.archive_config().read_only, true); | 1111 | assert!(config.archive_config().read_only); |
| 1100 | 1112 | ||
| 1101 | // Explicit false with archive_all (unusual but allowed) | 1113 | // Explicit false with archive_all (unusual but allowed) |
| 1102 | let config = Config { | 1114 | let config = Config { |
| @@ -1104,14 +1116,14 @@ mod tests { | |||
| 1104 | archive_read_only: Some(false), | 1116 | archive_read_only: Some(false), |
| 1105 | ..Config::for_testing() | 1117 | ..Config::for_testing() |
| 1106 | }; | 1118 | }; |
| 1107 | assert_eq!(config.archive_config().read_only, false); | 1119 | assert!(!config.archive_config().read_only); |
| 1108 | 1120 | ||
| 1109 | // Explicit false without archive mode | 1121 | // Explicit false without archive mode |
| 1110 | let config = Config { | 1122 | let config = Config { |
| 1111 | archive_read_only: Some(false), | 1123 | archive_read_only: Some(false), |
| 1112 | ..Config::for_testing() | 1124 | ..Config::for_testing() |
| 1113 | }; | 1125 | }; |
| 1114 | assert_eq!(config.archive_config().read_only, false); | 1126 | assert!(!config.archive_config().read_only); |
| 1115 | } | 1127 | } |
| 1116 | 1128 | ||
| 1117 | #[test] | 1129 | #[test] |
| @@ -1514,7 +1526,7 @@ mod tests { | |||
| 1514 | }; | 1526 | }; |
| 1515 | let archive_config = config.archive_config(); | 1527 | let archive_config = config.archive_config(); |
| 1516 | assert!(archive_config.enabled()); | 1528 | assert!(archive_config.enabled()); |
| 1517 | assert_eq!(archive_config.read_only, true); // Default to true | 1529 | assert!(archive_config.read_only); // Default to true |
| 1518 | } | 1530 | } |
| 1519 | 1531 | ||
| 1520 | #[test] | 1532 | #[test] |
| @@ -1524,7 +1536,7 @@ mod tests { | |||
| 1524 | archive_grasp_services: "git.example.com".to_string(), | 1536 | archive_grasp_services: "git.example.com".to_string(), |
| 1525 | ..Config::for_testing() | 1537 | ..Config::for_testing() |
| 1526 | }; | 1538 | }; |
| 1527 | assert_eq!(config.archive_config().read_only, true); | 1539 | assert!(config.archive_config().read_only); |
| 1528 | } | 1540 | } |
| 1529 | 1541 | ||
| 1530 | #[test] | 1542 | #[test] |
| @@ -1535,7 +1547,7 @@ mod tests { | |||
| 1535 | archive_read_only: Some(false), | 1547 | archive_read_only: Some(false), |
| 1536 | ..Config::for_testing() | 1548 | ..Config::for_testing() |
| 1537 | }; | 1549 | }; |
| 1538 | assert_eq!(config.archive_config().read_only, false); | 1550 | assert!(!config.archive_config().read_only); |
| 1539 | } | 1551 | } |
| 1540 | 1552 | ||
| 1541 | #[test] | 1553 | #[test] |