From 841a691ec17380bc8b59e73bd40b63a01413435c Mon Sep 17 00:00:00 2001
From: iximeow <me@iximeow.net>
Date: Sat, 24 Jun 2023 12:41:51 -0700
Subject: make webserver configurable (instead of hardcoded configs lol)

---
 Cargo.lock       |  1 +
 Cargo.toml       |  2 +-
 src/ci_runner.rs |  1 +
 src/main.rs      | 66 +++++++++++++++++++++++++++++++++++++++++++++-----------
 4 files changed, 57 insertions(+), 13 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index 1489fc4..8c1ad8d 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1097,6 +1097,7 @@ dependencies = [
  "http",
  "http-body",
  "hyper",
+ "lazy_static",
  "lettre",
  "libc",
  "rand",
diff --git a/Cargo.toml b/Cargo.toml
index 5a35267..6ea03b7 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -6,7 +6,7 @@ license = "0BSD"
 edition = "2021"
 
 [dependencies]
-# warp = { version = "*", features = ["tls"] }
+lazy_static = "*"
 axum = { version = "*" }
 axum-server = { version = "*", features = ["tls-rustls"] }
 handlebars = "*"
diff --git a/src/ci_runner.rs b/src/ci_runner.rs
index 97d8505..9deb0bb 100644
--- a/src/ci_runner.rs
+++ b/src/ci_runner.rs
@@ -395,6 +395,7 @@ impl RunnerClient {
 
 #[tokio::main]
 async fn main() {
+    tracing_subscriber::fmt::init();
     let secret = std::fs::read_to_string("./auth_secret").unwrap();
     let client = reqwest::ClientBuilder::new()
         .connect_timeout(Duration::from_millis(1000))
diff --git a/src/main.rs b/src/main.rs
index f14b325..f24b73b 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -2,6 +2,9 @@
 #![allow(unused_variables)]
 #![allow(unused_imports)]
 
+use lazy_static::lazy_static;
+use std::sync::RwLock;
+use serde_derive::{Deserialize, Serialize};
 use tokio::spawn;
 use std::path::PathBuf;
 use axum_server::tls_rustls::RustlsConfig;
@@ -34,7 +37,26 @@ use dbctx::DbCtx;
 
 use rusqlite::OptionalExtension;
 
-const PSKS: &'static [&'static [u8]] = &[];
+#[derive(Serialize, Deserialize)]
+struct WebserverConfig {
+    psks: Vec<GithubPsk>,
+    cert_path: PathBuf,
+    key_path: PathBuf,
+    config_path: PathBuf,
+    db_path: PathBuf,
+    debug_addr: Option<String>,
+    server_addr: Option<String>,
+}
+
+#[derive(Clone, Serialize, Deserialize)]
+struct GithubPsk {
+    key: String,
+    gh_user: String,
+}
+
+lazy_static! {
+    static ref PSKS: RwLock<Vec<GithubPsk>> = RwLock::new(Vec::new());
+}
 
 #[derive(Copy, Clone, Debug)]
 enum GithubHookError {
@@ -164,6 +186,10 @@ async fn handle_github_event(ctx: Arc<DbCtx>, owner: String, repo: String, event
     }
 }
 
+async fn handle_ci_index(State(ctx): State<Arc<DbCtx>>) -> impl IntoResponse {
+    "hello and welcome to my websight"
+}
+
 async fn handle_commit_status(Path(path): Path<(String, String, String)>, State(ctx): State<Arc<DbCtx>>) -> impl IntoResponse {
     eprintln!("path: {}/{}, sha {}", path.0, path.1, path.2);
     let remote_path = format!("{}/{}", path.0, path.1);
@@ -311,8 +337,8 @@ async fn handle_repo_event(Path(path): Path<(String, String)>, headers: HeaderMa
 
     let mut hmac_ok = false;
 
-    for psk in PSKS.iter() {
-        let mut mac = Hmac::<Sha256>::new_from_slice(psk)
+    for psk in PSKS.read().unwrap().iter() {
+        let mut mac = Hmac::<Sha256>::new_from_slice(psk.key.as_bytes())
             .expect("hmac can be constructed");
         mac.update(&body);
         let result = mac.finalize().into_bytes().to_vec();
@@ -342,7 +368,7 @@ async fn handle_repo_event(Path(path): Path<(String, String)>, headers: HeaderMa
 }
 
 
-async fn make_app_server(cfg_path: &'static str, db_path: &'static str) -> Router {
+async fn make_app_server(cfg_path: &PathBuf, db_path: &PathBuf) -> Router {
     /*
 
     // GET /hello/warp => 200 OK with body "Hello, warp!"
@@ -406,6 +432,7 @@ async fn make_app_server(cfg_path: &'static str, db_path: &'static str) -> Route
     Router::new()
         .route("/:owner/:repo/:sha", get(handle_commit_status))
         .route("/:owner/:repo", post(handle_repo_event))
+        .route("/", get(handle_ci_index))
         .fallback(fallback_get)
         .with_state(Arc::new(DbCtx::new(cfg_path, db_path)))
 }
@@ -413,14 +440,29 @@ async fn make_app_server(cfg_path: &'static str, db_path: &'static str) -> Route
 #[tokio::main]
 async fn main() {
     tracing_subscriber::fmt::init();
+
+    let mut args = std::env::args();
+    let config_path = args.next().unwrap_or("./webserver_config.json".to_string());
+    let web_config: WebserverConfig = serde_json::from_reader(std::fs::File::open(config_path).expect("file exists and is accessible")).expect("valid json for WebserverConfig");
+    let mut psks = PSKS.write().expect("can write lock");
+    *psks = web_config.psks.clone();
+
     let config = RustlsConfig::from_pem_file(
-        PathBuf::from("/etc/letsencrypt/live/ci.butactuallyin.space/fullchain.pem"),
-        PathBuf::from("/etc/letsencrypt/live/ci.butactuallyin.space/privkey.pem"),
+        web_config.cert_path.clone(),
+        web_config.key_path.clone(),
     ).await.unwrap();
-    spawn(axum_server::bind_rustls("127.0.0.1:8080".parse().unwrap(), config.clone())
-        .serve(make_app_server("/root/ixi_ci_server/config", "/root/ixi_ci_server/state.db").await.into_make_service()));
-    axum_server::bind_rustls("0.0.0.0:443".parse().unwrap(), config)
-        .serve(make_app_server("/root/ixi_ci_server/config", "/root/ixi_ci_server/state.db").await.into_make_service())
-        .await
-        .unwrap();
+
+    let config_path = web_config.config_path.clone();
+    let db_path = web_config.db_path.clone();
+    if let Some(addr) = web_config.debug_addr.as_ref() {
+        spawn(axum_server::bind_rustls("127.0.0.1:8080".parse().unwrap(), config.clone())
+            .serve(make_app_server(&config_path, &db_path).await.into_make_service()));
+    }
+    if let Some(addr) = web_config.server_addr.as_ref() {
+        spawn(axum_server::bind_rustls("0.0.0.0:443".parse().unwrap(), config)
+            .serve(make_app_server(&config_path, &db_path).await.into_make_service()));
+    }
+    loop {
+        tokio::time::sleep(std::time::Duration::from_millis(1000)).await;
+    }
 }
-- 
cgit v1.1