| 100 | } |
| 101 | |
| 102 | func serve(host string, port uint64) { |
| 103 | if err := os.MkdirAll(config.Current.SaveDir, 0700); err != nil { |
| 104 | log.Fatal().Err(err).Send() |
| 105 | } |
| 106 | |
| 107 | interval := time.Duration(config.Current.CleanupIntervalMins) * time.Minute |
| 108 | timeout := time.Duration(config.Current.SignTimeoutMins) * time.Minute |
| 109 | go func() { |
| 110 | for range time.Tick(interval) { |
| 111 | storage.Jobs.Cleanup(timeout) |
| 112 | storage.Uploads.Cleanup(timeout) |
| 113 | } |
| 114 | }() |
| 115 | |
| 116 | log.Info().Msg("setting builder secrets") |
| 117 | for _, builder := range config.Current.Builder { |
| 118 | if err := setBuilderSecrets(builder); err != nil { |
| 119 | log.Fatal().Err(err).Send() |
| 120 | } |
| 121 | } |
| 122 | |
| 123 | e := echo.New() |
| 124 | e.HideBanner = true |
| 125 | logger := lecho.From(log.Logger, lecho.WithLevel(log2.INFO)) |
| 126 | e.Logger = logger |
| 127 | e.Use(lecho.Middleware(lecho.Config{Logger: logger})) |
| 128 | |
| 129 | forcedBasicAuth := middleware.BasicAuth(func(username string, password string, c echo.Context) (bool, error) { |
| 130 | return username == config.Current.BasicAuth.Username && password == config.Current.BasicAuth.Password, nil |
| 131 | }) |
| 132 | basicAuth := func(f echo.HandlerFunc) echo.HandlerFunc { |
| 133 | if config.Current.BasicAuth.Enable { |
| 134 | return forcedBasicAuth(f) |
| 135 | } else { |
| 136 | return f |
| 137 | } |
| 138 | } |
| 139 | workflowKeyAuth := middleware.KeyAuth(func(s string, c echo.Context) (bool, error) { |
| 140 | return s == config.Current.BuilderKey, nil |
| 141 | }) |
| 142 | |
| 143 | if config.Current.RedirectHttps { |
| 144 | e.Pre(middleware.HTTPSRedirectWithConfig(middleware.RedirectConfig{ |
| 145 | Code: 302, |
| 146 | })) |
| 147 | } |
| 148 | |
| 149 | e.GET("/", renderIndex, basicAuth) |
| 150 | e.GET("/favicon.png", getFavIcon, basicAuth) |
| 151 | e.POST("/apps", uploadUnsignedApp, basicAuth) |
| 152 | getAndHead(e, "/apps/:id/signed", appResolver(getSignedApp), appResolver(getSignedApp)) |
| 153 | getAndHead(e, "/apps/:id/tweaks", appResolver(getTweaks), appResolver(getEmpty200App)) |
| 154 | getAndHead(e, "/apps/:id/unsigned", appResolver(getUnsignedApp), appResolver(getUnsignedApp)) |
| 155 | e.GET("/apps/:id/install", appResolver(renderInstall)) |
| 156 | e.GET("/apps/:id/manifest", appResolver(getManifest)) |
| 157 | e.GET("/apps/:id/resign", appResolver(resignApp), basicAuth) |
| 158 | e.GET("/apps/:id/delete", appResolver(deleteApp), basicAuth) |
| 159 | e.GET("/apps/:id/rename", appResolver(renderRenameApp), basicAuth) |