LumeWeb
/
skynet-webportal
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add nginx triggers that would let malware-scanner know that it needs to scan a given skylink.

This commit is contained in:
Ivaylo Novakov 2021-12-09 16:21:49 +01:00
parent b3e7716a01
commit bf5aa247dd
No known key found for this signature in database
GPG Key ID: 06B9354AB08BE9C6
2 changed files with 44 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
docker/nginx/conf.d/include/track-download
View File

@ -20,8 +20,29 @@ log_by_lua_block {
end
end
local function scan(premature, skylink, jwt)
if premature then return end
local httpc = require("resty.http").new()
-- 10.10.10.101 points to malware-scanner service (alias not available when using resty-http)
local res, err = httpc:request_uri("http://10.10.10.101:3000/scan/" .. skylink, {
method = "POST",
headers = { ["Cookie"] = "skynet-jwt=" .. jwt },
})
if err or (res and res.status ~= ngx.HTTP_NO_CONTENT) then
ngx.log(ngx.ERR, "Failed malware-scanner request /scan/" .. skylink .. ": ", err or ("[HTTP " .. res.status .. "] " .. res.body))
end
end
if ngx.header["Skynet-Skylink"] and ngx.var.skynet_jwt ~= "" and ngx.status >= ngx.HTTP_OK and ngx.status < ngx.HTTP_SPECIAL_RESPONSE then
local ok, err = ngx.timer.at(0, track, ngx.header["Skynet-Skylink"], ngx.status, ngx.var.body_bytes_sent, ngx.var.skynet_jwt)
if err then ngx.log(ngx.ERR, "Failed to create timer: ", err) end
end
-- Unlike accounts, malware-scanner wants to be pinged about each skylink,
-- not only the ones downloaded by registered accounts.
local scan_ok, scan_err = ngx.timer.at(0, scan, ngx.header["Skynet-Skylink"], ngx.var.skynet_jwt)
if scan_err then ngx.log(ngx.ERR, "Failed to create timer: ", scan_err) end
}

21
docker/nginx/conf.d/include/track-upload
View File

@ -19,8 +19,29 @@ log_by_lua_block {
end
end
local function scan(premature, skylink, jwt)
if premature then return end
local httpc = require("resty.http").new()
-- 10.10.10.101 points to malware-scanner service (alias not available when using resty-http)
local res, err = httpc:request_uri("http://10.10.10.101:3000/scan/" .. skylink, {
method = "POST",
headers = { ["Cookie"] = "skynet-jwt=" .. jwt },
})
if err or (res and res.status ~= ngx.HTTP_NO_CONTENT) then
ngx.log(ngx.ERR, "Failed malware-scanner request /scan/" .. skylink .. ": ", err or ("[HTTP " .. res.status .. "] " .. res.body))
end
end
if ngx.header["Skynet-Skylink"] and ngx.var.skynet_jwt ~= "" then
local ok, err = ngx.timer.at(0, track, ngx.header["Skynet-Skylink"], ngx.var.skynet_jwt)
if err then ngx.log(ngx.ERR, "Failed to create timer: ", err) end
end
-- Unlike accounts, malware-scanner wants to be pinged about each skylink,
-- not only the ones uploaded by registered accounts.
local scan_ok, scan_err = ngx.timer.at(0, scan, ngx.header["Skynet-Skylink"], ngx.var.skynet_jwt)
if scan_err then ngx.log(ngx.ERR, "Failed to create timer: ", scan_err) end
}