~sircmpwn/git.sr.ht

git.sr.ht/gitsrht-keys/main.go -rw-r--r-- 1.9 KiB View raw
963825d1Drew DeVault Attach annotations to a specific commit sha 7 days ago
                                                                                
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
package main

import (
	"log"
	"os"
	"path"

	goredis "github.com/go-redis/redis"
	"github.com/vaughan0/go-ini"
	"git.sr.ht/~sircmpwn/scm.sr.ht/srht-keys"
)

func main() {
	// gitsrht-keys is run by sshd to generate an authorized_key file on stdout.
	// In order to facilitate this, we do one of two things:
	// - Attempt to fetch the cached key info from Redis (preferred)
	// - Fetch the key from meta.sr.ht and store it in SQL and Redis (slower)
	service := "git.sr.ht"
	shellName := "gitsrht-shell"
	logFile := "/var/log/gitsrht-keys"

	var (
		config   ini.File
		err      error
		logger   *log.Logger
		username string
		userId   int
		b64key   string
		keyType  string
		prefix   string
	)
	// TODO: update key last used timestamp on meta.sr.ht

	logf, err := os.OpenFile(logFile,
		os.O_WRONLY|os.O_CREATE|os.O_APPEND, 0644)
	if err != nil {
		log.Printf("Warning: unable to open log file: %v "+
			"(using stderr instead)", err)
		logger = log.New(os.Stderr, "", log.LstdFlags)
	} else {
		logger = log.New(logf, "", log.LstdFlags)
	}

	for _, path := range []string{"../config.ini", "/etc/sr.ht/config.ini"} {
		config, err = ini.LoadFile(path)
		if err == nil {
			break
		}
	}
	if err != nil {
		logger.Fatalf("Failed to load config file: %v", err)
	}

	redisHost, ok := config.Get("sr.ht", "redis-host")
	if !ok {
		redisHost = "redis://localhost:6379"
	}
	ropts, err := goredis.ParseURL(redisHost)
	if err != nil {
		logger.Fatalf("Failed to parse redis host: %v", err)
	}
	redis := goredis.NewClient(ropts)

	keyType, b64key, prefix, err = srhtkeys.ParseArgs(logger)
	if err != nil {
		os.Exit(0)
	}

	username, userId = srhtkeys.UserFromKey(logger, config, redis, service, b64key)

	if username == "" {
		logger.Println("Unknown public key")
		os.Exit(0)
	}

	defaultShell := path.Join(prefix, shellName)
	shell, ok := config.Get(service, "shell")
	if !ok {
		shell = defaultShell
	}

	srhtkeys.RenderAuthorizedKeysEntry(logger, shell, userId, username,
		b64key, keyType)
}