Commit Graph

467 Commits

Author SHA1 Message Date
Karol Wypchlo f08249e0e5
use handshake docker image 2022-02-24 15:44:41 +01:00
Karol Wypchło 368eaa0fbe
switch blocker to image (#1764) 2022-02-24 13:18:37 +01:00
Karol Wypchło 69e2b59322
switch abuse-scanner to image (#1766) 2022-02-24 13:16:30 +01:00
Karol Wypchlo ccb271a3d7
switch malware-scanner to image 2022-02-24 10:57:08 +01:00
Karol Wypchlo 9241979ca5
clean up nginx cache specific code 2022-02-23 17:40:57 +01:00
Karol Wypchlo 0bd5af87fc
report bypass instead of miss when skyd cache is enabled 2022-02-18 13:12:03 +01:00
Karol Wypchlo 87e2a9e3bb
add skynet-cache-ratio header to access log 2022-02-18 13:06:48 +01:00
Karol Wypchło e1e56a60e0
Merge pull request #1727 from SkynetLabs/replace-api-env-vars-with-domains
replace api env vars with domain vars
2022-02-17 15:40:48 +01:00
Karol Wypchło c481a76748
Merge pull request #1729 from SkynetLabs/update-nginx-distro
upgrade nginx linux distro from ubuntu 18 LTS to 20 LTS
2022-02-17 15:21:34 +01:00
Karol Wypchlo 8a536cf43c
use ngx.var.scheme instead of https 2022-02-16 15:09:33 +01:00
Karol Wypchlo f7f03d183a
replace api env vars with domain vars 2022-02-16 14:59:15 +01:00
Karol Wypchlo 26a0451d32
upgrade nginx linux distro from ubuntu 18 LTS to 20 LTS 2022-02-16 14:40:29 +01:00
Karol Wypchlo ce7c2cdc13
add user-agent override 2022-02-16 14:25:42 +01:00
Karol Wypchło f8f39ea936
update limit_conn to 100
Co-authored-by: Michał Leszczyk <michasko37@gmail.com>
2022-02-16 11:41:56 +01:00
Karol Wypchlo 166c452dbb
expose /skynet/trustless/basesector 2022-02-16 10:55:19 +01:00
Ivaylo Novakov 6371ee57e5
Update docker/nginx/conf.d/include/cors-headers
Co-authored-by: Karol Wypchło <kwypchlo@gmail.com>
2022-02-15 15:21:03 +01:00
Ivaylo Novakov 0c8fa3283b
Allow the Skynet-API-Key header.
Add a health-check command for fetching the test user's API key.
2022-02-15 14:59:19 +01:00
dependabot[bot] e399cf17ee
Bump node from 16.13.2-alpine to 16.14.0-alpine in /docker/handshake
Bumps node from 16.13.2-alpine to 16.14.0-alpine.

---
updated-dependencies:
- dependency-name: node
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-02-14 14:30:44 +00:00
Karol Wypchlo b827616fab
disable nginx cache when skyd cache is enabled 2022-02-10 14:55:04 +01:00
Karol Wypchlo 1d006ef163
changelog entry 2022-02-09 17:00:01 +01:00
Karol Wypchlo d91b71ae48
escape uri on subdomain skylink requests 2022-02-09 16:47:34 +01:00
Karol Wypchło 9f4903021f
add ttl for dns entry used for ssl challenge 2022-02-03 12:15:56 +01:00
Karol Wypchlo 04bced818f
never restrict options requests 2022-01-26 23:56:37 +01:00
Karol Wypchlo 4e240f2ad8
add option to limit access to subscription users only 2022-01-21 17:43:30 +01:00
Karol Wypchlo ce3b3d035d
check if blocklist is not null 2022-01-20 11:06:34 +01:00
Karol Wypchlo 634bf8d6ba
enable cors on /logout endpoint 2022-01-19 18:08:14 +01:00
Karol Wypchlo cafa312e10
Revert "enable cors on /logout endpoint"
This reverts commit 377a154da0.
2022-01-19 18:07:43 +01:00
Karol Wypchlo 377a154da0
enable cors on /logout endpoint 2022-01-19 18:07:24 +01:00
Karol Wypchlo 46b4cdf0bf
fix empty check on nginx sourced env variable 2022-01-19 17:50:46 +01:00
Karol Wypchlo e4d2dffe86
allow to use skyd api password from env 2022-01-19 15:35:18 +01:00
dependabot[bot] 9e0f84e641
Bump node from 16.13.1-alpine to 16.13.2-alpine in /docker/handshake
Bumps node from 16.13.1-alpine to 16.13.2-alpine.

---
updated-dependencies:
- dependency-name: node
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-01-17 12:10:13 +00:00
Karol Wypchlo 4b74ced941
changed ACCOUNTS_AUTH_REQUIRED to ACCOUNTS_LIMIT_ACCESS string var for more flexibility 2022-01-12 14:05:25 +01:00
Karol Wypchlo 15aea1da40
Merge remote-tracking branch 'origin/master' into account-only-portals 2022-01-12 13:44:36 +01:00
Karol Wypchlo c04fd5067d
introduce portals for authenticated users only 2022-01-11 17:07:57 +01:00
Karol Wypchło a7bad7411a
Merge pull request #1497 from SkynetLabs/adjust-blocklist-airtable-script
do not prune nginx cache on airtable blocklist script
2022-01-11 16:38:07 +01:00
Karol Wypchlo b7a7d078ea
remove not exisiting dir copy after #1533 2022-01-11 12:56:29 +01:00
Karol Wypchło a86cb6e5b3
Merge pull request #1533 from SkynetLabs/get-rid-of-cache-purging-code
get rid of unused cache purgin code
2022-01-11 10:21:53 +01:00
Karol Wypchlo a73858e8e9
get rid of unused cache purgin code 2022-01-10 17:10:59 +01:00
Karol Wypchlo 6a889ad793
registry subscription endpoint 2022-01-10 14:51:16 +01:00
Karol Wypchło 31e80e129e
Merge pull request #1519 from SkynetLabs/use-portal-modules-to-discover-services
use portal modules env to discover services in nginx
2022-01-07 13:59:50 +01:00
Karol Wypchlo 31b7090863
change var name and add description 2022-01-07 13:36:04 +01:00
Karol Wypchlo d24c677a30
use portal modules env to discover services in nginx 2022-01-07 11:53:16 +01:00
Karol Wypchlo 669f700a9e
prevent files larger than 1GB from being stored in cache 2022-01-05 16:14:13 +01:00
Karol Wypchlo 5cf5acb4e2
do not prune blocklist manually 2021-12-23 13:17:07 +01:00
Karol Wypchlo 928e038749
fix skapp link redirect 2021-12-21 16:29:41 +01:00
Karol Wypchlo 51b56d2e42
fix skapp link redirect 2021-12-21 16:28:52 +01:00
Karol Wypchlo f456f1c850
remove /usr/local/bin /usr/bin /bin /usr/sbin /sbin /Applications/VMware Fusion.app/Contents/Public /usr/local/MacGPG2/bin /Library/Apple/usr/bin redirecting to 2021-12-21 16:17:40 +01:00
Karol Wypchlo 6b9e825966
expose /abuse and /abuse/report endpoints 2021-12-21 16:07:18 +01:00
Karol Wypchło 5b1d281ee1
Merge pull request #1479 from SkynetLabs/pj/abuse-skapp
Abuse Skapp: Update CORS rules
2021-12-21 15:56:13 +01:00
Karol Wypchło 76e302aa2a
Merge pull request #1478 from SkynetLabs/blake-hashing-lua
no delay blocklisting
2021-12-20 17:25:25 +01:00
Karol Wypchlo d34366aefc
improve get_stale usage docs 2021-12-20 16:55:14 +01:00
Karol Wypchlo 871712c3f8
improve docs around shared dict size 2021-12-20 16:50:54 +01:00
Karol Wypchlo 9805ac9b2a
limit local networks 2021-12-20 14:54:42 +01:00
Karol Wypchło a95a2627d8
Update docker/nginx/conf.d/server.local.conf
Co-authored-by: Ivaylo Novakov <ro-tex@users.noreply.github.com>
2021-12-20 14:18:48 +01:00
PJ b9feec9f1e
Merge branch 'master' of https://github.com/SkynetLabs/skynet-webportal into pj/mail-scanner 2021-12-20 13:46:36 +01:00
Karol Wypchlo 5673f44d1a
blocklist improvements 2021-12-20 13:12:56 +01:00
Ivaylo Novakov d09950f1e0
Fix the port of malware-scanner. 2021-12-20 12:52:17 +02:00
Karol Wypchlo b72c997e55
add proxy for stripe webhook endpoint 2021-12-19 16:53:50 +01:00
PJ a78d0cd98c
Use plain CORS 2021-12-17 16:00:01 +01:00
Ivaylo Novakov b37008b497
Merge pull request #1364 from SkynetLabs/sevey/update-default-limit
Update default limit for Uploads
2021-12-17 15:32:33 +01:00
PJ 91cd98eaa1
Add newline 2021-12-17 15:20:31 +01:00
PJ 98dc87ba6f
Update CORS rules 2021-12-17 15:15:06 +01:00
Karol Wypchlo a3711b1e0f
expose accounts /health endpoint 2021-12-15 12:44:01 +01:00
Ivaylo Novakov 412ba559fa
Expect 200s. 2021-12-14 14:38:40 +02:00
Ivaylo Novakov 60cef34bfc
Move blocker from .102 to .110 2021-12-14 11:10:15 +02:00
Ivaylo Novakov 95e8b85df9
Merge branch 'master' into ivo/clamav 2021-12-14 09:30:54 +02:00
PJ e4f7cf4101
Update maintainer 2021-12-13 15:45:22 +01:00
dependabot[bot] f25a2ce604
Bump node from 16.13.0-alpine to 16.13.1-alpine in /docker/handshake
Bumps node from 16.13.0-alpine to 16.13.1-alpine.

---
updated-dependencies:
- dependency-name: node
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-12-13 14:39:06 +00:00
PJ 52e1ffbc0a
Add abuse scanner module 2021-12-13 10:42:46 +01:00
PJ d0da240ab9
Move script 2021-12-10 17:15:49 +01:00
Ivaylo Novakov bf5aa247dd
Add nginx triggers that would let malware-scanner know that it needs to scan a given skylink. 2021-12-09 16:21:49 +01:00
Ivaylo Novakov b3e7716a01
Merge branch 'master' into ivo/clamav 2021-12-09 14:32:13 +01:00
Ivaylo Novakov 39c4790364 Weekly Deploy for Dec 6, 2021. Including cache pruning fix
-----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEl73IdNcm91gzFlRkmt3TRPEwV/YFAmGuXlsACgkQmt3TRPEw
 V/b+dA//THc5/LWTRs8r7BAOQj8V9QzxJsuS7g+gV4zeDW5ymXlK0lSRSXvjNsOW
 mQ21Qx5fE05ztRlUNOUPKd1bZUgnL4O5AUBWUm87rq6NXHVop1JYaFGOpbfUpRZT
 HWE2SwGgwBRUjSgkwkz+jsg8SkajADwThLf8aSNAmKWienondtEFA8hMtBqUcyjK
 A7AsQbjjjS62lUsP78SJEPM5pG0vX+FxHzMAUtkqT94foJlI4RosyAp3yDPjrR/8
 eUn/CCci9p/ORzKnKos9DAo+1G5X0qgrP/9aGlnpDlkYZ2SQfJVMAKWaMpfIUsWi
 zihJYPogFAUHaDY1ddEnx47aYRN7hmumDGM+iUvbi39LshPBdBaeW56RRyA3qBel
 pD5eXr53C6kje5Wu6t9SbzILjh5cuQ8vd50hnrJ282vSMZbwqwwKjpliZu4FsrQC
 OiA1K7l7P8gAiL8d5YQOJ2uBTviAA0A8wNVPHx8qd/hWNOr7WxSM75POyTvRNtRq
 GdZko6/FDrK48Gw8LNxZMUa7x5LfjgtyiWfGsYomRG3GLBcy44neEhk3P37sELJv
 /jr0aOhLW+95r3OI7sUqnMppWdCKa5XFEqxTHc5Zax+NKzao3aSvRDNtujKxe+IC
 NfzJVXLtsde/Bho1B1q7GSG3YTINcJ422YwDNWfbCV0qajW40GU=
 =JEZB
 -----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCAAdFiEEWWr7bKPf/zmGZCrIBrk1SrCL6cYFAmGyAhsACgkQBrk1SrCL
 6ca/cwf/eXbHwojF27fYPoziWWskatsdCKJ2jnu1ovqVceVYztX9Kt+CQ++Ri4A9
 LqKvDPwLfKXF0W3x/nK6FtL2CSq81SPED/mLKMH/XTsbwtsnPFbnAzxdl7tqSA2Y
 6mqyBnyeyGby6tGW2ZE5EAYRv/dkKYzlTp7WMqoalleoRy6sbS6RZ8bJMA8xrbPo
 RwIAfvl4MVItt/qpws+J9g/qQ2QR8ZZKZtDxLxGNSFw9GDQBk/hKxRI9nP1WEsVp
 SEHCmfveOAdbzf8Cbr4j/m6wmoXPr+2qF5QIJ8eDiEAQ2YLPKbMpk6xO500geAFl
 k+6BHOQR2dOfsyyo33IFIcV9NyvDAQ==
 =F885
 -----END PGP SIGNATURE-----

Merge tag 'deploy-2021-12-06' into ivo/clamav

Weekly Deploy for Dec 6, 2021. Including cache pruning fix

# gpg: Signature made Mon Dec  6 20:02:51 2021 CET
# gpg:                using RSA key 97BDC874D726F758331654649ADDD344F13057F6
# gpg: key 9ADDD344F13057F6: public key "Matthew Sevey (Created on MacOS Big Sur for Yubi Key Nano 5) <mjsevey@gmail.com>" imported
# gpg: Total number processed: 1
# gpg:               imported: 1
# gpg: Good signature from "Matthew Sevey (Created on MacOS Big Sur for Yubi Key Nano 5) <mjsevey@gmail.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 97BD C874 D726 F758 3316  5464 9ADD D344 F130 57F6
2021-12-09 14:18:19 +01:00
Ivaylo Novakov a4242a9234
Merge branch 'master' into accounts-api-refactor
# Conflicts:
#	.gitignore
2021-12-09 14:03:59 +01:00
Matthew Sevey 7bf366db24
Add serverload endpoint (#1410)
* write usage script for cpu and free disk space tracking, testing new endpoint

* Test alias nginx path

* testing json

* fix server load json file being served by nginx

* Fix filenames

* Add changelog

* Add systemd file for serverload

* Update setup-scripts/serverload.sh

Co-authored-by: Peter-Jan Brone <peter-jan@settlemint.com>
2021-12-06 12:49:58 +01:00
Chris Schinnerl 495dd8d14b
Merge remote-tracking branch 'origin/master' into accounts-api-refactor 2021-12-03 10:20:33 +01:00
Christopher Schinnerl b2dbe4bdb4
Merge pull request #1408 from SkynetLabs/pj/abuse
Abuse Reports
2021-12-02 19:12:28 +01:00
PJ 341f313839
Remove comments 2021-12-02 17:28:40 +01:00
PJ 6e1af409c6
Remove commented out code 2021-12-02 17:23:37 +01:00
PJ 7f28d30a44
Update branch arg 2021-12-02 17:20:14 +01:00
PJ 938c5905c5
Remove CORS settings 2021-12-02 17:07:11 +01:00
PJ c89663b393
Add missing semi colon 2021-12-02 14:05:41 +01:00
PJ 6c99803749
Bypass CORS issue 2021-12-01 16:51:40 +01:00
PJ 25fd697d5f
Configure routes 2021-12-01 16:23:56 +01:00
PJ 63b283fc42
Update block routes 2021-12-01 12:56:25 +01:00
PJ 1fe2c3d76f
Add abuse location 2021-12-01 11:18:25 +01:00
PJ a03860419f
Update dockerfile 2021-12-01 11:04:02 +01:00
PJ 3722969f0f
Add blocker Dockerfile 2021-12-01 10:57:28 +01:00
PJ d1cbbb4ebb
Add min_free param to proxy_cache_path directive 2021-12-01 10:38:25 +01:00
Matthew Sevey c273634e27
Update docker/nginx/conf.d/server/server.api 2021-11-30 07:43:17 -05:00
Karol Wypchło b0fefce39e
Update docker/accounts/Dockerfile
Co-authored-by: Matthew Sevey <mjsevey@gmail.com>
2021-11-24 00:38:45 +01:00
Ivaylo Novakov 57c15cd833
Scan a maximum of 100MB of each stream. 2021-11-16 14:13:49 +01:00
Ivaylo Novakov ec94429f2a
Expose accounts's challenge-response endpoints + CORS. 2021-11-16 09:27:04 +01:00
Ivaylo Novakov 6f20d223b1
No custom port for malware-scanner. 2021-11-16 09:19:47 +01:00
Matthew Sevey 0e9d9a624e
Merge branch 'master' into sevey/update-default-limit 2021-11-15 10:12:07 -08:00
Matthew Sevey aba544aa2e
increase to 5GB limit for uploading large directories: 2021-11-15 10:11:38 -08:00
Karol Wypchlo 74084a8da8
upgrade accounts to new api 2021-11-13 01:34:00 +01:00
Ivaylo Novakov 030b8b9419
Set burst to 10, parallel to 5. 2021-11-12 18:10:38 +01:00
Ivaylo Novakov a0789be7a4
Move the clamd.conf where it should be. 2021-11-12 18:04:26 +01:00
Ivaylo Novakov c0eb41d10d
Set burst to 2. 2021-11-11 17:17:53 +01:00