We heavily attempt to provide easy use of poetry virtualenvs
with aurweb in this revision of the INSTALL file. Added a
section about cron jobs and updated the nginx config example
with a lot more detail and locations for other parts of
the AUR infrastructure.
Signed-off-by: Kevin Morris <kevr@0cost.org>
This introduces examples of a gunicorn systemd service in
addition to git script wrappers that can be used for poetry
virtualenv-driven installations.
Signed-off-by: Kevin Morris <kevr@0cost.org>
No longer needed; logging.conf, which is the default config
used, is now setup for production INFO logging.
Signed-off-by: Kevin Morris <kevr@0cost.org>
We'll override logging.conf with logging.test.conf for debug logging
needed for tests now, so we can rely on the default logging.conf
for production use.
Signed-off-by: Kevin Morris <kevr@0cost.org>
- On non-localhost communication, this whitelists forwarded headers
on all remote ips
- Add more headers
- Force https X-Forwarded-Proto
- Unset Forwarded header and rely on X-Forwarded-*
Signed-off-by: Kevin Morris <kevr@0cost.org>
When the Docker image is outdated, we need to fetch updated
archlinux-keyring keys to perform an -Syu without problems.
Signed-off-by: Kevin Morris <kevr@0cost.org>
This patch brings in the use of .with_entities on our
RPC search query. This primarily fixes performance issues
we were seeing with large queries.
That being said, we do see a bit of a slowdown on
large record count rpc queries, but it's quite negligible
at this point.
We still do aim to perform better than the older PHP
implementation, so this is not a finishing patch by
any means.
Signed-off-by: Kevin Morris <kevr@0cost.org>
We were allowing erroneous URLs through, raising exceptions,
from e.g. `http://[localhost:8444/blah`. This patch catches
any ValueErrors raised during the parse process and returns
False, indicating that the validation failed.
This patch also adds testing specifically for `util.valid_homepage`.
We didn't have specific testing for this before; this will allow us
to catch regressions in this area.
Closes#250
Signed-off-by: Kevin Morris <kevr@0cost.org>
Without this rewriting, we've been running into conversing with
HTTP over HTTPS (400 Bad Request).
TODO: Refactor this entire nginx config to something a bit more
simple and clean.
Signed-off-by: Kevin Morris <kevr@0cost.org>
We don't need the https certificates being dealt with in the fastapi
service; we will define our certificates in any frontend nginx
running on top.
Signed-off-by: Kevin Morris <kevr@0cost.org>
This commit does quite a bit:
- Catches unhandled exceptions raised in the route handler and
produces a 500 Internal Server Error Arch-themed response.
- Each unhandled exception causes a notification to be sent to new
`notifications.postmaster` email with a "Traceback ID."
- Traceback ID is logged to the server along with the traceback which
caused the 500: `docker-compose logs fastapi | grep '<traceback_id>'`
- If `options.traceback` is set to `1`, traceback is displayed in
the new 500.html template.
Signed-off-by: Kevin Morris <kevr@0cost.org>
Originally left at util/adduser.py, this script allows administrators
to simply add a user to the configured aurweb database.
See --help for options.
Signed-off-by: Kevin Morris <kevr@0cost.org>
This gets raised when a client closes a connection before receiving
a valid response; this is not controllable from our side.
Signed-off-by: Kevin Morris <kevr@0cost.org>
After two months, this finally got merged by somebody else.
Still largely considering moving away from FastAPI in the
long run, but this is better than relying on kevr's fork
for starlette 0.17.1 compat.
Other packages have also been upgraded and locked to versions.
Signed-off-by: Kevin Morris <kevr@0cost.org>
This migration modifies the Yes, No, Abstain and ActiveTUs columns
of the TUVoteInfo table from unsigned TINYINT to unsigned INTEGER.
TINYINT supports a total of 1 byte (up to 255 trusted users). This
is quite limited and we don't spend too much more by storing a
standard 4-byte INTEGER.
Signed-off-by: Kevin Morris <kevr@0cost.org>
Previous conversion was causing a straight up bug when submitting
new proposals. This patch fixes that issue.
Signed-off-by: Kevin Morris <kevr@0cost.org>
In addition, we display the Voters partial regardless of them existing
or not; with no voters, an empty Voters list is displayed.
Closes#236
Signed-off-by: Kevin Morris <kevr@0cost.org>
Conflicts, Provides and Replaces did not have consistent
ordering with PHP. This patch fixes that issue.
Closes#228
Signed-off-by: Kevin Morris <kevr@0cost.org>
This was redirecting us to the package which we merged, leading
us into a 404. This fixes that issue by instead redirecting us
into the target we merge into.
Closes#231
Signed-off-by: Kevin Morris <kevr@0cost.org>
