2019-09-18 01:01:34 +00:00
|
|
|
require 'geminabox'
|
|
|
|
|
require 'rack/session/redis'
|
2019-09-18 13:19:36 +00:00
|
|
|
require 'securerandom'
|
2019-09-18 01:01:34 +00:00
|
|
|
|
2019-09-18 17:41:30 +00:00
|
|
|
Geminabox.data = '/srv/gems'
|
2019-09-18 01:01:34 +00:00
|
|
|
Geminabox.rubygems_proxy = true
|
|
|
|
|
Geminabox.allow_remote_failure = true
|
2022-03-19 16:56:08 +00:00
|
|
|
Geminabox.build_legacy = false
|
|
|
|
|
Geminabox.rubygems_proxy_merge_strategy = :combine_local_and_remote_gem_versions
|
2019-09-18 01:01:34 +00:00
|
|
|
|
2019-09-18 14:00:26 +00:00
|
|
|
# https://github.com/geminabox/geminabox/wiki/Http-Basic-Auth
|
|
|
|
|
Geminabox::Server.helpers do
|
|
|
|
|
def protected!
|
|
|
|
|
unless authorized?
|
|
|
|
|
response['WWW-Authenticate'] = %(Basic realm="Geminabox")
|
|
|
|
|
halt 401, "No pushing or deleting without auth.\n"
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def authorized?
|
|
|
|
|
@auth ||= Rack::Auth::Basic::Request.new(request.env)
|
|
|
|
|
@auth.provided? &&
|
|
|
|
|
@auth.basic? &&
|
|
|
|
|
@auth.credentials &&
|
|
|
|
|
@auth.credentials == [ENV.fetch('HTTP_BASIC_USER', SecureRandom.hex),
|
|
|
|
|
ENV.fetch('HTTP_BASIC_PASSWORD', SecureRandom.hex)]
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
Geminabox::Server.before '/upload' do
|
|
|
|
|
protected!
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
Geminabox::Server.before do
|
|
|
|
|
protected! if request.delete?
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
Geminabox::Server.before '/api/v1/gems' do
|
|
|
|
|
unless ENV['HTTP_AUTHORIZATION'] == 'API_KEY'
|
|
|
|
|
halt 401, "Access Denied. Api_key invalid or missing.\n"
|
|
|
|
|
end
|
2019-09-18 13:19:36 +00:00
|
|
|
end
|
|
|
|
|
|
2022-03-07 16:53:01 +00:00
|
|
|
use Rack::Session::Redis, redis_server: ENV['REDIS_SERVER']
|
2019-09-18 01:01:34 +00:00
|
|
|
use Rack::Protection
|
|
|
|
|
|
|
|
|
|
run Geminabox::Server
|
