Prevent crashing in QueryStored, add nginx config
This commit is contained in:
Jon Staab
+1
-1
@@ -9,7 +9,7 @@ RUN go mod download
|
||||
COPY zooid zooid
|
||||
COPY cmd cmd
|
||||
|
||||
RUN CGO_ENABLED=0 GOOS=linux go build -o bin/zooid cmd/relay/main.go
|
||||
RUN CGO_ENABLED=1 GOOS=linux go build -o bin/zooid cmd/relay/main.go
|
||||
|
||||
FROM gcr.io/distroless/base-debian12 AS run
|
||||
|
||||
|
||||
@@ -113,7 +113,7 @@ adduser zooid
|
||||
|
||||
# Install system dependencies
|
||||
sudo apt update
|
||||
sudo apt install git
|
||||
apt install nginx git certbot python3-certbot-nginx sqlite3 gcc
|
||||
|
||||
# Install go and add it to path
|
||||
wget -qO- https://go.dev/dl/go1.25.1.linux-amd64.tar.gz | sudo tar -C /usr/local -xzf -
|
||||
@@ -124,7 +124,7 @@ su --login zooid
|
||||
|
||||
# Clone the repository and build
|
||||
git clone https://github.com/coracle-social/zooid.git ~/zooid && cd zooid
|
||||
go build -o bin/zooid cmd/relay/main.go
|
||||
CGO_ENABLED=1 go build -o bin/zooid cmd/relay/main.go
|
||||
|
||||
# Back to root
|
||||
exit
|
||||
@@ -136,7 +136,15 @@ cp /home/zooid/zooid/zooid.service /etc/systemd/system/zooid.service
|
||||
systemctl enable zooid
|
||||
service zooid start
|
||||
|
||||
# Next, optionally set up a reverse proxy and create a config file for each virtual relay
|
||||
# Set up nginx - be sure to edit the server_name to your domain
|
||||
cp /home/zooid/zooid/nginx.conf /etc/nginx/sites-available/zooid.conf
|
||||
ln -s /etc/nginx/sites-{available,enabled}/zooid.conf
|
||||
|
||||
# Set up a SSL certificate - you'll need to verify and renew this manually
|
||||
certbot --nginx -d '*.yourdomain.com'
|
||||
|
||||
# Enable the site and restart nginx
|
||||
service nginx restart
|
||||
```
|
||||
|
||||
## Deploying via container
|
||||
|
||||
@@ -2,7 +2,7 @@ run:
|
||||
go run cmd/relay/main.go
|
||||
|
||||
build:
|
||||
go build -o bin/zooid cmd/relay/main.go
|
||||
CGO_ENABLED=1 go build -o bin/zooid cmd/relay/main.go
|
||||
|
||||
test:
|
||||
go test -v ./...
|
||||
|
||||
+13
@@ -0,0 +1,13 @@
|
||||
server {
|
||||
listen 80;
|
||||
server_name *.yourdomain.com;
|
||||
|
||||
location / {
|
||||
proxy_pass http://127.0.0.1:3334;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "Upgrade";
|
||||
proxy_set_header Host $host;
|
||||
}
|
||||
|
||||
}
|
||||
+44
-36
@@ -405,52 +405,60 @@ func (instance *Instance) OnRequest(ctx context.Context, filter nostr.Filter) (r
|
||||
|
||||
func (instance *Instance) QueryStored(ctx context.Context, filter nostr.Filter) iter.Seq[nostr.Event] {
|
||||
return func(yield func(nostr.Event) bool) {
|
||||
pubkey, ok := khatru.GetAuthed(ctx)
|
||||
if khatru.IsInternalCall(ctx) {
|
||||
for event := range instance.Events.QueryEvents(filter, 0) {
|
||||
if !yield(event) {
|
||||
return
|
||||
}
|
||||
}
|
||||
} else {
|
||||
pubkey, isAuthed := khatru.GetAuthed(ctx)
|
||||
|
||||
if !ok {
|
||||
log.Fatal("Unauthenticated user was allowed to query events")
|
||||
}
|
||||
if !isAuthed {
|
||||
log.Panic("Unauthorized user was allowed to query events")
|
||||
}
|
||||
|
||||
stripSignature := func(event nostr.Event) nostr.Event {
|
||||
if instance.Config.Policy.StripSignatures && !instance.Config.IsAdmin(pubkey) {
|
||||
var zeroSig [64]byte
|
||||
event.Sig = zeroSig
|
||||
}
|
||||
stripSignature := func(event nostr.Event) nostr.Event {
|
||||
if instance.Config.Policy.StripSignatures && !instance.Config.IsAdmin(pubkey) {
|
||||
var zeroSig [64]byte
|
||||
event.Sig = zeroSig
|
||||
}
|
||||
|
||||
return event
|
||||
}
|
||||
return event
|
||||
}
|
||||
|
||||
if slices.Contains(filter.Kinds, AUTH_INVITE) && instance.Config.CanInvite(pubkey) {
|
||||
if !yield(stripSignature(instance.GenerateInviteEvent(pubkey))) {
|
||||
return
|
||||
}
|
||||
}
|
||||
if slices.Contains(filter.Kinds, AUTH_INVITE) && instance.Config.CanInvite(pubkey) {
|
||||
if !yield(stripSignature(instance.GenerateInviteEvent(pubkey))) {
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
for event := range instance.Events.QueryEvents(filter, 1000) {
|
||||
// We save some ephemeral events for bookkeeping, don't return them
|
||||
if event.Kind.IsEphemeral() {
|
||||
continue
|
||||
}
|
||||
for event := range instance.Events.QueryEvents(filter, 1000) {
|
||||
// We save some ephemeral events for bookkeeping, don't return them
|
||||
if event.Kind.IsEphemeral() {
|
||||
continue
|
||||
}
|
||||
|
||||
h := GetGroupIDFromEvent(event)
|
||||
h := GetGroupIDFromEvent(event)
|
||||
|
||||
if h != "" {
|
||||
if !instance.Config.Groups.Enabled {
|
||||
continue
|
||||
}
|
||||
if h != "" {
|
||||
if !instance.Config.Groups.Enabled {
|
||||
continue
|
||||
}
|
||||
|
||||
if !instance.HasGroupAccess(h, pubkey) {
|
||||
continue
|
||||
}
|
||||
}
|
||||
if !instance.HasGroupAccess(h, pubkey) {
|
||||
continue
|
||||
}
|
||||
}
|
||||
|
||||
if !instance.Config.Groups.Enabled && slices.Contains(nip29.MetadataEventKinds, event.Kind) {
|
||||
continue
|
||||
}
|
||||
if !instance.Config.Groups.Enabled && slices.Contains(nip29.MetadataEventKinds, event.Kind) {
|
||||
continue
|
||||
}
|
||||
|
||||
if !yield(event) {
|
||||
return
|
||||
}
|
||||
if !yield(event) {
|
||||
return
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user