baileytownsend.dev / pds-gatekeeper
Microservice to bring 2FA to self hosted PDSes
fork

Configure Feed

Select the types of activity you want to include in your feed.

docker and setup

authored by baileytownsend.dev and committed by

Tangled 5b1ada5e 94e8ca84

+351 -181
+183 -151
Cargo.lock
··· 112 112 checksum = "c08606f8c3cbf4ce6ec8e28fb0014a2c086708fe954eaa885384a6165172e7e8" 113 113 114 114 [[package]] 115 + name = "aws-lc-rs" 116 + version = "1.13.3" 117 + source = "registry+https://github.com/rust-lang/crates.io-index" 118 + checksum = "5c953fe1ba023e6b7730c0d4b031d06f267f23a46167dcbd40316644b10a17ba" 119 + dependencies = [ 120 + "aws-lc-sys", 121 + "untrusted 0.7.1", 122 + "zeroize", 123 + ] 124 + 125 + [[package]] 126 + name = "aws-lc-sys" 127 + version = "0.30.0" 128 + source = "registry+https://github.com/rust-lang/crates.io-index" 129 + checksum = "dbfd150b5dbdb988bcc8fb1fe787eb6b7ee6180ca24da683b61ea5405f3d43ff" 130 + dependencies = [ 131 + "bindgen", 132 + "cc", 133 + "cmake", 134 + "dunce", 135 + "fs_extra", 136 + ] 137 + 138 + [[package]] 115 139 name = "axum" 116 140 version = "0.8.4" 117 141 source = "registry+https://github.com/rust-lang/crates.io-index" ··· 217 241 checksum = "55248b47b0caf0546f7988906588779981c43bb1bc9d0c44087278f80cdb44ba" 218 242 219 243 [[package]] 244 + name = "bindgen" 245 + version = "0.69.5" 246 + source = "registry+https://github.com/rust-lang/crates.io-index" 247 + checksum = "271383c67ccabffb7381723dea0672a673f292304fcb45c01cc648c7a8d58088" 248 + dependencies = [ 249 + "bitflags", 250 + "cexpr", 251 + "clang-sys", 252 + "itertools", 253 + "lazy_static", 254 + "lazycell", 255 + "log", 256 + "prettyplease", 257 + "proc-macro2", 258 + "quote", 259 + "regex", 260 + "rustc-hash", 261 + "shlex", 262 + "syn", 263 + "which", 264 + ] 265 + 266 + [[package]] 220 267 name = "bitflags" 221 268 version = "2.9.1" 222 269 source = "registry+https://github.com/rust-lang/crates.io-index" ··· 274 321 ] 275 322 276 323 [[package]] 324 + name = "cexpr" 325 + version = "0.6.0" 326 + source = "registry+https://github.com/rust-lang/crates.io-index" 327 + checksum = "6fac387a98bb7c37292057cffc56d62ecb629900026402633ae9160df93a8766" 328 + dependencies = [ 329 + "nom 7.1.3", 330 + ] 331 + 332 + [[package]] 277 333 name = "cfg-if" 278 334 version = "1.0.1" 279 335 source = "registry+https://github.com/rust-lang/crates.io-index" ··· 341 397 ] 342 398 343 399 [[package]] 400 + name = "clang-sys" 401 + version = "1.8.1" 402 + source = "registry+https://github.com/rust-lang/crates.io-index" 403 + checksum = "0b023947811758c97c59bf9d1c188fd619ad4718dcaa767947df1cadb14f39f4" 404 + dependencies = [ 405 + "glob", 406 + "libc", 407 + "libloading", 408 + ] 409 + 410 + [[package]] 411 + name = "cmake" 412 + version = "0.1.54" 413 + source = "registry+https://github.com/rust-lang/crates.io-index" 414 + checksum = "e7caa3f9de89ddbe2c607f4101924c5abec803763ae9534e4f4d7d8f84aa81f0" 415 + dependencies = [ 416 + "cc", 417 + ] 418 + 419 + [[package]] 344 420 name = "concurrent-queue" 345 421 version = "2.5.0" 346 422 source = "registry+https://github.com/rust-lang/crates.io-index" ··· 356 432 checksum = "c2459377285ad874054d797f3ccebf984978aa39129f6eafde5cdc8315b612f8" 357 433 358 434 [[package]] 359 - name = "core-foundation" 360 - version = "0.9.4" 361 - source = "registry+https://github.com/rust-lang/crates.io-index" 362 - checksum = "91e195e091a93c46f7102ec7818a2aa394e1e1771c3ab4825963fa03e45afb8f" 363 - dependencies = [ 364 - "core-foundation-sys", 365 - "libc", 366 - ] 367 - 368 - [[package]] 369 435 name = "core-foundation-sys" 370 436 version = "0.8.7" 371 437 source = "registry+https://github.com/rust-lang/crates.io-index" ··· 547 613 checksum = "1aaf95b3e5c8f23aa320147307562d361db0ae0d51242340f558153b4eb2439b" 548 614 549 615 [[package]] 616 + name = "dunce" 617 + version = "1.0.5" 618 + source = "registry+https://github.com/rust-lang/crates.io-index" 619 + checksum = "92773504d58c093f6de2459af4af33faa518c13451eb8f2b5698ed3d36e7c813" 620 + 621 + [[package]] 550 622 name = "either" 551 623 version = "1.15.0" 552 624 source = "registry+https://github.com/rust-lang/crates.io-index" ··· 639 711 checksum = "d9c4f5dac5e15c24eb999c26181a6ca40b39fe946cbe4c263c7209467bc83af2" 640 712 641 713 [[package]] 642 - name = "foreign-types" 643 - version = "0.3.2" 644 - source = "registry+https://github.com/rust-lang/crates.io-index" 645 - checksum = "f6f339eb8adc052cd2ca78910fda869aefa38d22d5cb648e6485e4d3fc06f3b1" 646 - dependencies = [ 647 - "foreign-types-shared", 648 - ] 649 - 650 - [[package]] 651 - name = "foreign-types-shared" 652 - version = "0.1.1" 653 - source = "registry+https://github.com/rust-lang/crates.io-index" 654 - checksum = "00b0228411908ca8685dba7fc2cdd70ec9990a6e753e89b6ac91a84c40fbaf4b" 655 - 656 - [[package]] 657 714 name = "form_urlencoded" 658 715 version = "1.2.1" 659 716 source = "registry+https://github.com/rust-lang/crates.io-index" ··· 671 728 "nonempty", 672 729 "thiserror 1.0.69", 673 730 ] 731 + 732 + [[package]] 733 + name = "fs_extra" 734 + version = "1.3.0" 735 + source = "registry+https://github.com/rust-lang/crates.io-index" 736 + checksum = "42703706b716c37f96a77aea830392ad231f44c9e9a67872fa5548707e11b11c" 674 737 675 738 [[package]] 676 739 name = "futures-channel" ··· 790 853 version = "0.31.1" 791 854 source = "registry+https://github.com/rust-lang/crates.io-index" 792 855 checksum = "07e28edb80900c19c28f1072f2e8aeca7fa06b23cd4169cefe1af5aa3260783f" 856 + 857 + [[package]] 858 + name = "glob" 859 + version = "0.3.3" 860 + source = "registry+https://github.com/rust-lang/crates.io-index" 861 + checksum = "0cc23270f6e1808e30a928bdc84dea0b9b4136a8bc82338574f23baf47bbd280" 793 862 794 863 [[package]] 795 864 name = "globset" ··· 943 1012 ] 944 1013 945 1014 [[package]] 946 - name = "hostname" 947 - version = "0.4.1" 948 - source = "registry+https://github.com/rust-lang/crates.io-index" 949 - checksum = "a56f203cd1c76362b69e3863fd987520ac36cf70a8c92627449b2f64a8cf7d65" 950 - dependencies = [ 951 - "cfg-if", 952 - "libc", 953 - "windows-link", 954 - ] 955 - 956 - [[package]] 957 1015 name = "http" 958 1016 version = "1.3.1" 959 1017 source = "registry+https://github.com/rust-lang/crates.io-index" ··· 1222 1280 ] 1223 1281 1224 1282 [[package]] 1283 + name = "itertools" 1284 + version = "0.12.1" 1285 + source = "registry+https://github.com/rust-lang/crates.io-index" 1286 + checksum = "ba291022dbbd398a455acf126c1e341954079855bc60dfdda641363bd6922569" 1287 + dependencies = [ 1288 + "either", 1289 + ] 1290 + 1291 + [[package]] 1225 1292 name = "itoa" 1226 1293 version = "1.0.15" 1227 1294 source = "registry+https://github.com/rust-lang/crates.io-index" ··· 1279 1346 ] 1280 1347 1281 1348 [[package]] 1349 + name = "lazycell" 1350 + version = "1.3.0" 1351 + source = "registry+https://github.com/rust-lang/crates.io-index" 1352 + checksum = "830d08ce1d1d941e6b30645f1a0eb5643013d835ce3779a5fc208261dbe10f55" 1353 + 1354 + [[package]] 1282 1355 name = "lettre" 1283 1356 version = "0.11.18" 1284 1357 source = "registry+https://github.com/rust-lang/crates.io-index" ··· 1292 1365 "fastrand", 1293 1366 "futures-io", 1294 1367 "futures-util", 1295 - "hostname", 1296 1368 "httpdate", 1297 1369 "idna", 1298 1370 "mime", 1299 - "native-tls", 1300 - "nom", 1371 + "nom 8.0.0", 1301 1372 "percent-encoding", 1302 1373 "quoted_printable", 1374 + "rustls", 1303 1375 "socket2", 1304 1376 "tokio", 1305 - "tokio-native-tls", 1377 + "tokio-rustls", 1306 1378 "url", 1379 + "webpki-roots 1.0.2", 1307 1380 ] 1308 1381 1309 1382 [[package]] ··· 1311 1384 version = "0.2.175" 1312 1385 source = "registry+https://github.com/rust-lang/crates.io-index" 1313 1386 checksum = "6a82ae493e598baaea5209805c49bbf2ea7de956d50d7da0da1164f9c6d28543" 1387 + 1388 + [[package]] 1389 + name = "libloading" 1390 + version = "0.8.8" 1391 + source = "registry+https://github.com/rust-lang/crates.io-index" 1392 + checksum = "07033963ba89ebaf1584d767badaa2e8fcec21aedea6b8c0346d487d49c28667" 1393 + dependencies = [ 1394 + "cfg-if", 1395 + "windows-targets 0.48.5", 1396 + ] 1314 1397 1315 1398 [[package]] 1316 1399 name = "libm" ··· 1342 1425 1343 1426 [[package]] 1344 1427 name = "linux-raw-sys" 1345 - version = "0.9.4" 1428 + version = "0.4.15" 1346 1429 source = "registry+https://github.com/rust-lang/crates.io-index" 1347 - checksum = "cd945864f07fe9f5371a27ad7b52a172b4b499999f1d97574c9fa68373937e12" 1430 + checksum = "d26c52dbd32dccf2d10cac7725f8eae5296885fb5703b261f7d0a0739ec807ab" 1348 1431 1349 1432 [[package]] 1350 1433 name = "litemap" ··· 1406 1489 checksum = "6877bb514081ee2a7ff5ef9de3281f14a4dd4bceac4c09388074a6b5df8a139a" 1407 1490 1408 1491 [[package]] 1492 + name = "minimal-lexical" 1493 + version = "0.2.1" 1494 + source = "registry+https://github.com/rust-lang/crates.io-index" 1495 + checksum = "68354c5c6bd36d73ff3feceb05efa59b6acb7626617f4962be322a825e61f79a" 1496 + 1497 + [[package]] 1409 1498 name = "miniz_oxide" 1410 1499 version = "0.8.9" 1411 1500 source = "registry+https://github.com/rust-lang/crates.io-index" ··· 1426 1515 ] 1427 1516 1428 1517 [[package]] 1429 - name = "native-tls" 1430 - version = "0.2.14" 1518 + name = "nom" 1519 + version = "7.1.3" 1431 1520 source = "registry+https://github.com/rust-lang/crates.io-index" 1432 - checksum = "87de3442987e9dbec73158d5c715e7ad9072fda936bb03d19d7fa10e00520f0e" 1521 + checksum = "d273983c5a657a70a3e8f2a01329822f3b8c8172b73826411a55751e404a0a4a" 1433 1522 dependencies = [ 1434 - "libc", 1435 - "log", 1436 - "openssl", 1437 - "openssl-probe", 1438 - "openssl-sys", 1439 - "schannel", 1440 - "security-framework", 1441 - "security-framework-sys", 1442 - "tempfile", 1523 + "memchr", 1524 + "minimal-lexical", 1443 1525 ] 1444 1526 1445 1527 [[package]] ··· 1551 1633 checksum = "42f5e15c9953c5e4ccceeb2e7382a716482c34515315f7b03532b8b4e8393d2d" 1552 1634 1553 1635 [[package]] 1554 - name = "openssl" 1555 - version = "0.10.73" 1556 - source = "registry+https://github.com/rust-lang/crates.io-index" 1557 - checksum = "8505734d46c8ab1e19a1dce3aef597ad87dcb4c37e7188231769bd6bd51cebf8" 1558 - dependencies = [ 1559 - "bitflags", 1560 - "cfg-if", 1561 - "foreign-types", 1562 - "libc", 1563 - "once_cell", 1564 - "openssl-macros", 1565 - "openssl-sys", 1566 - ] 1567 - 1568 - [[package]] 1569 - name = "openssl-macros" 1570 - version = "0.1.1" 1571 - source = "registry+https://github.com/rust-lang/crates.io-index" 1572 - checksum = "a948666b637a0f465e8564c73e89d4dde00d72d4d473cc972f390fc3dcee7d9c" 1573 - dependencies = [ 1574 - "proc-macro2", 1575 - "quote", 1576 - "syn", 1577 - ] 1578 - 1579 - [[package]] 1580 - name = "openssl-probe" 1581 - version = "0.1.6" 1582 - source = "registry+https://github.com/rust-lang/crates.io-index" 1583 - checksum = "d05e27ee213611ffe7d6348b942e8f942b37114c00cc03cec254295a4a17852e" 1584 - 1585 - [[package]] 1586 - name = "openssl-sys" 1587 - version = "0.9.109" 1588 - source = "registry+https://github.com/rust-lang/crates.io-index" 1589 - checksum = "90096e2e47630d78b7d1c20952dc621f957103f8bc2c8359ec81290d75238571" 1590 - dependencies = [ 1591 - "cc", 1592 - "libc", 1593 - "pkg-config", 1594 - "vcpkg", 1595 - ] 1596 - 1597 - [[package]] 1598 1636 name = "overload" 1599 1637 version = "0.1.1" 1600 1638 source = "registry+https://github.com/rust-lang/crates.io-index" ··· 1655 1693 version = "0.1.0" 1656 1694 dependencies = [ 1657 1695 "anyhow", 1696 + "aws-lc-rs", 1658 1697 "axum", 1659 1698 "axum-template", 1660 1699 "chrono", ··· 1666 1705 "lettre", 1667 1706 "rand 0.9.2", 1668 1707 "rust-embed", 1708 + "rustls", 1669 1709 "scrypt", 1670 1710 "serde", 1671 1711 "serde_json", ··· 1821 1861 ] 1822 1862 1823 1863 [[package]] 1864 + name = "prettyplease" 1865 + version = "0.2.35" 1866 + source = "registry+https://github.com/rust-lang/crates.io-index" 1867 + checksum = "061c1221631e079b26479d25bbf2275bfe5917ae8419cd7e34f13bfc2aa7539a" 1868 + dependencies = [ 1869 + "proc-macro2", 1870 + "syn", 1871 + ] 1872 + 1873 + [[package]] 1824 1874 name = "proc-macro2" 1825 1875 version = "1.0.97" 1826 1876 source = "registry+https://github.com/rust-lang/crates.io-index" ··· 2005 2055 "cfg-if", 2006 2056 "getrandom 0.2.16", 2007 2057 "libc", 2008 - "untrusted", 2058 + "untrusted 0.9.0", 2009 2059 "windows-sys 0.52.0", 2010 2060 ] 2011 2061 ··· 2071 2121 checksum = "56f7d92ca342cea22a06f2121d944b4fd82af56988c270852495420f961d4ace" 2072 2122 2073 2123 [[package]] 2124 + name = "rustc-hash" 2125 + version = "1.1.0" 2126 + source = "registry+https://github.com/rust-lang/crates.io-index" 2127 + checksum = "08d43f7aa6b08d49f382cde6a7982047c3426db949b1424bc4b7ec9ae12c6ce2" 2128 + 2129 + [[package]] 2074 2130 name = "rustix" 2075 - version = "1.0.8" 2131 + version = "0.38.44" 2076 2132 source = "registry+https://github.com/rust-lang/crates.io-index" 2077 - checksum = "11181fbabf243db407ef8df94a6ce0b2f9a733bd8be4ad02b4eda9602296cac8" 2133 + checksum = "fdb5bc1ae2baa591800df16c9ca78619bf65c0488b41b96ccec5d11220d8c154" 2078 2134 dependencies = [ 2079 2135 "bitflags", 2080 2136 "errno", ··· 2089 2145 source = "registry+https://github.com/rust-lang/crates.io-index" 2090 2146 checksum = "c0ebcbd2f03de0fc1122ad9bb24b127a5a6cd51d72604a3f3c50ac459762b6cc" 2091 2147 dependencies = [ 2148 + "aws-lc-rs", 2149 + "log", 2092 2150 "once_cell", 2093 2151 "ring", 2094 2152 "rustls-pki-types", ··· 2112 2170 source = "registry+https://github.com/rust-lang/crates.io-index" 2113 2171 checksum = "0a17884ae0c1b773f1ccd2bd4a8c72f16da897310a98b0e84bf349ad5ead92fc" 2114 2172 dependencies = [ 2173 + "aws-lc-rs", 2115 2174 "ring", 2116 2175 "rustls-pki-types", 2117 - "untrusted", 2176 + "untrusted 0.9.0", 2118 2177 ] 2119 2178 2120 2179 [[package]] ··· 2145 2204 checksum = "93fc1dc3aaa9bfed95e02e6eadabb4baf7e3078b0bd1b4d7b6b0b68378900502" 2146 2205 dependencies = [ 2147 2206 "winapi-util", 2148 - ] 2149 - 2150 - [[package]] 2151 - name = "schannel" 2152 - version = "0.1.27" 2153 - source = "registry+https://github.com/rust-lang/crates.io-index" 2154 - checksum = "1f29ebaa345f945cec9fbbc532eb307f0fdad8161f281b6369539c8d84876b3d" 2155 - dependencies = [ 2156 - "windows-sys 0.59.0", 2157 2207 ] 2158 2208 2159 2209 [[package]] ··· 2193 2243 ] 2194 2244 2195 2245 [[package]] 2196 - name = "security-framework" 2197 - version = "2.11.1" 2198 - source = "registry+https://github.com/rust-lang/crates.io-index" 2199 - checksum = "897b2245f0b511c87893af39b033e5ca9cce68824c4d7e7630b5a1d339658d02" 2200 - dependencies = [ 2201 - "bitflags", 2202 - "core-foundation", 2203 - "core-foundation-sys", 2204 - "libc", 2205 - "security-framework-sys", 2206 - ] 2207 - 2208 - [[package]] 2209 - name = "security-framework-sys" 2210 - version = "2.14.0" 2211 - source = "registry+https://github.com/rust-lang/crates.io-index" 2212 - checksum = "49db231d56a190491cb4aeda9527f1ad45345af50b0851622a7adb8c03b01c32" 2213 - dependencies = [ 2214 - "core-foundation-sys", 2215 - "libc", 2216 - ] 2217 - 2218 - [[package]] 2219 2246 name = "serde" 2220 2247 version = "1.0.219" 2221 2248 source = "registry+https://github.com/rust-lang/crates.io-index" ··· 2643 2670 ] 2644 2671 2645 2672 [[package]] 2646 - name = "tempfile" 2647 - version = "3.21.0" 2648 - source = "registry+https://github.com/rust-lang/crates.io-index" 2649 - checksum = "15b61f8f20e3a6f7e0649d825294eaf317edce30f82cf6026e7e4cb9222a7d1e" 2650 - dependencies = [ 2651 - "fastrand", 2652 - "getrandom 0.3.3", 2653 - "once_cell", 2654 - "rustix", 2655 - "windows-sys 0.52.0", 2656 - ] 2657 - 2658 - [[package]] 2659 2673 name = "thiserror" 2660 2674 version = "1.0.69" 2661 2675 source = "registry+https://github.com/rust-lang/crates.io-index" ··· 2760 2774 ] 2761 2775 2762 2776 [[package]] 2763 - name = "tokio-native-tls" 2764 - version = "0.3.1" 2777 + name = "tokio-rustls" 2778 + version = "0.26.2" 2765 2779 source = "registry+https://github.com/rust-lang/crates.io-index" 2766 - checksum = "bbae76ab933c85776efabc971569dd6119c580d8f5d448769dec1764bf796ef2" 2780 + checksum = "8e727b36a1a0e8b74c376ac2211e40c2c8af09fb4013c60d910495810f008e9b" 2767 2781 dependencies = [ 2768 - "native-tls", 2782 + "rustls", 2769 2783 "tokio", 2770 2784 ] 2771 2785 ··· 2998 3012 2999 3013 [[package]] 3000 3014 name = "untrusted" 3015 + version = "0.7.1" 3016 + source = "registry+https://github.com/rust-lang/crates.io-index" 3017 + checksum = "a156c684c91ea7d62626509bce3cb4e1d9ed5c4d978f7b4352658f96a4c26b4a" 3018 + 3019 + [[package]] 3020 + name = "untrusted" 3001 3021 version = "0.9.0" 3002 3022 source = "registry+https://github.com/rust-lang/crates.io-index" 3003 3023 checksum = "8ecb6da28b8a351d773b68d5825ac39017e680750f980f3a1a85cd8dd28a47c1" ··· 3171 3191 checksum = "7e8983c3ab33d6fb807cfcdad2491c4ea8cbc8ed839181c7dfd9c67c83e261b2" 3172 3192 dependencies = [ 3173 3193 "rustls-pki-types", 3194 + ] 3195 + 3196 + [[package]] 3197 + name = "which" 3198 + version = "4.4.2" 3199 + source = "registry+https://github.com/rust-lang/crates.io-index" 3200 + checksum = "87ba24419a2078cd2b0f2ede2691b6c66d8e47836da3b6db8265ebad47afbfc7" 3201 + dependencies = [ 3202 + "either", 3203 + "home", 3204 + "once_cell", 3205 + "rustix", 3174 3206 ] 3175 3207 3176 3208 [[package]]
+5 -1
Cargo.toml
··· 18 18 hex = "0.4" 19 19 jwt-compact = { version = "0.8.0", features = ["es256k"] } 20 20 scrypt = "0.11" 21 - lettre = { version = "0.11.18", features = ["tokio1", "pool", "tokio1-native-tls"] } 21 + #lettre = { version = "0.11.18", default-features = false, features = ["pool", "tokio1-rustls", "smtp-transport", "hostname", "builder"] } 22 + #lettre = { version = "0.11", default-features = false, features = ["builder", "webpki-roots", "rustls", "aws-lc-rs", "smtp-transport", "tokio1", "tokio1-rustls"] } 23 + aws-lc-rs = "1.13.0" 24 + lettre = { version = "0.11", default-features = false, features = ["builder", "webpki-roots", "rustls", "aws-lc-rs", "smtp-transport", "tokio1", "tokio1-rustls"] } 25 + rustls = { version = "0.23", default-features = false, features = ["tls12", "std", "logging", "aws_lc_rs"] } 22 26 handlebars = { version = "6.3.2", features = ["rust-embed"] } 23 27 rust-embed = "8.7.2" 24 28 axum-template = { version = "3.0.0", features = ["handlebars"] }
+2 -6
Dockerfile
··· 1 1 FROM rust:1.89.0-bookworm AS builder 2 - RUN apt-get update 3 - RUN apt-get install -y pkg-config \ 4 - libssl-dev 5 2 WORKDIR /app 6 3 COPY ../ /app 7 4 RUN cargo build --release 8 5 # 9 - FROM rust:1.89-bookworm AS api 6 + FROM rust:1.89-slim-bookworm AS api 10 7 RUN apt-get update 11 - RUN apt-get install -y libssl3 \ 12 - ca-certificates 8 + RUN apt-get install -y ca-certificates 13 9 COPY --from=builder /app/target/release/pds_gatekeeper /usr/local/bin/pds_gatekeeper 14 10 CMD ["pds_gatekeeper"]
+77 -13
README.md
··· 21 21 22 22 # Setup 23 23 24 - We are getting close! Testing now 24 + PDS Gatekeeper has 2 parts to its setup, docker compose file and a reverse proxy (Caddy in this case). I will be 25 + assuming you setup the PDS following the directions 26 + found [here](https://atproto.com/guides/self-hosting), but if yours is different, or you have questions, feel free to 27 + let 28 + me know, and we can figure it out. 29 + 30 + ## Docker compose 31 + 32 + The pds gatekeeper container can be found on docker hub under the name `fatfingers23/pds_gatekeeper`. The container does 33 + need access to the `/pds` root folder to access the same db's as your PDS. The part you need to add would look a bit 34 + like below. You can find a full example of what I use for my pds at [./examples/compose.yml](./examples/compose.yml). 35 + This is usually found at `/pds/compose.yaml`on your PDS> 36 + 37 + ```yml 38 + gatekeeper: 39 + container_name: gatekeeper 40 + image: fatfingers23/pds_gatekeeper:arm-latest 41 + network_mode: host 42 + restart: unless-stopped 43 + #This gives the container to the access to the PDS folder. Source is the location on your server of that directory 44 + volumes: 45 + - type: bind 46 + source: /pds 47 + target: /pds 48 + depends_on: 49 + - pds 50 + ``` 25 51 26 - Nothing here yet! If you are brave enough to try before full release, let me know and I'll help you set it up. 27 - But I want to run it locally on my own PDS first to test run it a bit. 52 + ## Caddy setup 28 53 29 - Example Caddyfile (mostly so I don't lose it for now. Will have a better one in the future) 54 + For the reverse proxy I use caddy. This part is what overwrites the endpoints and proxies them to PDS gatekeeper to add 55 + in extra functionality. The main part is below, for a full example see [./examples/Caddyfile](./examples/Caddyfile). 56 + This is usually found at `/pds/caddy/etc/caddy/Caddyfile` on your PDS. 30 57 31 58 ```caddyfile 32 - http://localhost { 33 - 34 59 @gatekeeper { 35 - path /xrpc/com.atproto.server.getSession 36 - path /xrpc/com.atproto.server.updateEmail 37 - path /xrpc/com.atproto.server.createSession 38 - path /@atproto/oauth-provider/~api/sign-in 60 + path /xrpc/com.atproto.server.getSession 61 + path /xrpc/com.atproto.server.updateEmail 62 + path /xrpc/com.atproto.server.createSession 63 + path /@atproto/oauth-provider/~api/sign-in 39 64 } 40 65 41 66 handle @gatekeeper { 42 - reverse_proxy http://localhost:8080 67 + reverse_proxy http://localhost:8080 43 68 } 44 69 45 - reverse_proxy /* http://localhost:3000 70 + reverse_proxy http://localhost:3000 71 + ``` 72 + 73 + If you use a cloudflare tunnel then your caddyfile would look a bit more like below with your tunnel proxying to 74 + `localhost:8081` (or w/e port you want). 75 + 76 + ```caddyfile 77 + http://*.localhost:8082, http://localhost:8082 { 78 + @gatekeeper { 79 + path /xrpc/com.atproto.server.getSession 80 + path /xrpc/com.atproto.server.updateEmail 81 + path /xrpc/com.atproto.server.createSession 82 + path /@atproto/oauth-provider/~api/sign-in 83 + } 84 + 85 + handle @gatekeeper { 86 + reverse_proxy http://localhost:8080 87 + } 88 + 89 + reverse_proxy http://localhost:3000 46 90 } 47 91 48 - ``` 92 + ``` 93 + 94 + # Environment variables and bonuses 95 + 96 + Every environment variable can be set in the `pds.env` and shared between PDS and gatekeeper and the PDS, with the 97 + exception of `PDS_ENV_LOCATION`. This can be set to load the pds.env, by default it checks `/pds/pds.env` and is 98 + recommended to mount the `/pds` folder on the server to `/pds` in the pds gatekeeper container. 99 + 100 + `PDS_DATA_DIRECTORY` - Root directory of the PDS. Same as the one found in `pds.env` this is how pds gatekeeper knows 101 + knows the rest of the environment variables. 102 + 103 + `GATEKEEPER_EMAIL_TEMPLATES_DIRECTORY` - The folder for templates of the emails PDS gatekeeper sends. You can find them 104 + in [./email_templates](./email_templates). You are free to edit them as you please and set this variable to a location 105 + in the pds gateekeper container and it will use them in place of the default ones. Just make sure ot keep the names the 106 + same. 107 + 108 + `PDS_BASE_URL` - Base url of the PDS. You most likely want `https://localhost:3000` which is also the default 109 + 110 + `GATEKEEPER_HOST` - Host for pds gatekeeper. Defaults to `127.0.0.1` 111 + 112 + `GATEKEEPER_PORT` - Port for pds gatekeeper. Defaults to `8080`
+29
examples/Caddyfile
··· 1 + { 2 + email youremail@myemail.com 3 + on_demand_tls { 4 + ask http://localhost:3000/tls-check 5 + } 6 + } 7 + 8 + *.yourpds.com, yourpds.com { 9 + tls { 10 + on_demand 11 + } 12 + # You'll most likely just want from here to.... 13 + @gatekeeper { 14 + path /xrpc/com.atproto.server.getSession 15 + path /xrpc/com.atproto.server.updateEmail 16 + path /xrpc/com.atproto.server.createSession 17 + path /@atproto/oauth-provider/~api/sign-in 18 + } 19 + 20 + handle @gatekeeper { 21 + #This is the address for PDS gatekeeper, default is 8080 22 + reverse_proxy http://localhost:8080 23 + } 24 + 25 + reverse_proxy http://localhost:3000 26 + #..here. Copy and paste this replacing the reverse_proxy http://localhost:3000 line 27 + } 28 + 29 +
+51
examples/compose.yml
··· 1 + version: '3.9' 2 + services: 3 + caddy: 4 + container_name: caddy 5 + image: caddy:2 6 + network_mode: host 7 + depends_on: 8 + - pds 9 + restart: unless-stopped 10 + volumes: 11 + - type: bind 12 + source: /pds/caddy/data 13 + target: /data 14 + - type: bind 15 + source: /pds/caddy/etc/caddy 16 + target: /etc/caddy 17 + pds: 18 + container_name: pds 19 + image: ghcr.io/bluesky-social/pds:0.4 20 + network_mode: host 21 + restart: unless-stopped 22 + volumes: 23 + - type: bind 24 + source: /pds 25 + target: /pds 26 + env_file: 27 + - /pds/pds.env 28 + watchtower: 29 + container_name: watchtower 30 + image: containrrr/watchtower:latest 31 + network_mode: host 32 + volumes: 33 + - type: bind 34 + source: /var/run/docker.sock 35 + target: /var/run/docker.sock 36 + restart: unless-stopped 37 + environment: 38 + WATCHTOWER_CLEANUP: true 39 + WATCHTOWER_SCHEDULE: "@midnight" 40 + gatekeeper: 41 + container_name: gatekeeper 42 + image: fatfingers23/pds_gatekeeper:arm-latest 43 + network_mode: host 44 + restart: unless-stopped 45 + #This gives the container to the access to the PDS folder. Source is the location on your server of that directory 46 + volumes: 47 + - type: bind 48 + source: /pds 49 + target: /pds 50 + depends_on: 51 + - pds
+4 -7
justfile
··· 1 1 release: 2 2 docker buildx build \ 3 - --platform linux/arm64 \ 4 - --tag fatfingers23/pds_gatekeeper:arm-latest \ 5 - --push . 6 - # docker buildx build \ 7 - # --platform linux/amd64 \ 8 - # --tag fatfingers23/pds_gatekeeper:latest \ 9 - # --push . 3 + --platform linux/arm64,linux/amd64 \ 4 + --tag fatfingers23/pds_gatekeeper:latest \ 5 + --tag fatfingers23/pds_gatekeeper:0.1 \ 6 + --push .
-3
src/main.rs
··· 132 132 let sent_from = env::var("PDS_EMAIL_FROM_ADDRESS") 133 133 .expect("PDS_EMAIL_FROM_ADDRESS is not set in your pds.env file"); 134 134 135 - //TODO current bug running in docker 136 - // https://github.com/lettre/lettre/issues/349#issuecomment-510155500 137 - 138 135 let mailer: AsyncSmtpTransport<Tokio1Executor> = 139 136 AsyncSmtpTransport::<Tokio1Executor>::from_url(smtp_url.as_str())?.build(); 140 137 //Email templates setup