summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDimitri Sokolyuk <demon@dim13.org>2015-03-25 20:00:38 +0100
committerDimitri Sokolyuk <demon@dim13.org>2015-03-25 20:00:38 +0100
commitec277ab95f2147017a55816f533cdb2ee3f811ed (patch)
tree9998043c13d873b480bf5410146fad8aa0235d33
Initial import
-rw-r--r--Makefile11
-rw-r--r--config.go23
-rw-r--r--ip.go18
-rw-r--r--livewatch.go18
-rw-r--r--main.go54
-rw-r--r--privsep.go37
-rw-r--r--rewrite.go108
-rw-r--r--static.go18
8 files changed, 287 insertions, 0 deletions
diff --git a/Makefile b/Makefile
new file mode 100644
index 0000000..a14800d
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,11 @@
+all:
+ go build
+
+clean:
+ go clean
+
+install:
+ install blog /usr/local/bin/
+
+restart:
+ /etc/rc.d/blog restart
diff --git a/config.go b/config.go
new file mode 100644
index 0000000..7fcbf17
--- /dev/null
+++ b/config.go
@@ -0,0 +1,23 @@
+// Copyright 2013 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Command blog is a web server for the Go blog that can run on App Engine or
+// as a stand-alone HTTP server.
+package main
+
+import (
+ "golang.org/x/tools/blog"
+)
+
+const hostname = "www.dim13.org" // default hostname for blog server
+
+var config = blog.Config{
+ Hostname: hostname,
+ BaseURL: "//" + hostname,
+ HomeArticles: 5, // articles to display on the home page
+ FeedArticles: 10, // articles to include in Atom and JSON feeds
+ FeedTitle: "dim-i-tri",
+ ContentPath: "htdocs/content",
+ TemplatePath: "htdocs/template",
+}
diff --git a/ip.go b/ip.go
new file mode 100644
index 0000000..7a4679f
--- /dev/null
+++ b/ip.go
@@ -0,0 +1,18 @@
+package main
+
+import (
+ "io"
+ "net/http"
+ "strings"
+)
+
+func init() {
+ http.HandleFunc("/ip",
+ func(w http.ResponseWriter, r *http.Request) {
+ ra := r.RemoteAddr
+ if n := strings.Index(ra, ":"); n >= 0 {
+ ra = ra[:n]
+ }
+ io.WriteString(w, ra)
+ })
+}
diff --git a/livewatch.go b/livewatch.go
new file mode 100644
index 0000000..7a6c02c
--- /dev/null
+++ b/livewatch.go
@@ -0,0 +1,18 @@
+package main
+
+import (
+ "io"
+ "net/http"
+)
+
+func init() {
+ http.HandleFunc("/livewatch", liveWatch)
+}
+
+func liveWatch(w http.ResponseWriter, r *http.Request) {
+ key := r.FormValue("key")
+ if len(key) != 32 {
+ key = "Ok"
+ }
+ io.WriteString(w, key)
+}
diff --git a/main.go b/main.go
new file mode 100644
index 0000000..d65d4a7
--- /dev/null
+++ b/main.go
@@ -0,0 +1,54 @@
+// Copyright 2013 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// +build !appengine
+
+// This file implements a stand-alone blog server.
+
+package main
+
+import (
+ "flag"
+ "log"
+ "net/http"
+ "net/http/fcgi"
+
+ "golang.org/x/tools/blog"
+)
+
+var reload = flag.Bool("reload", false, "reload content on each page load")
+
+func init() {
+ flag.Parse()
+}
+
+func main() {
+ l, err := dropPrivAndListen("www", "run/blog.sock")
+ if err != nil {
+ log.Fatal(err)
+ }
+ defer l.Close()
+
+ if *reload {
+ http.HandleFunc("/", reloadingBlogServer)
+ } else {
+ s, err := blog.NewServer(config)
+ if err != nil {
+ log.Fatal(err)
+ }
+ http.Handle("/", s)
+ }
+ log.Fatal(fcgi.Serve(l, nil))
+}
+
+// reloadingBlogServer is an handler that restarts the blog server on each page
+// view. Inefficient; don't enable by default. Handy when editing blog content.
+func reloadingBlogServer(w http.ResponseWriter, r *http.Request) {
+ s, err := blog.NewServer(config)
+ if err != nil {
+ http.Error(w, err.Error(), 500)
+ return
+ }
+ s.ServeHTTP(w, r)
+}
diff --git a/privsep.go b/privsep.go
new file mode 100644
index 0000000..2bbe91a
--- /dev/null
+++ b/privsep.go
@@ -0,0 +1,37 @@
+// This file implements privilege separation
+
+package main
+
+import (
+ "errors"
+ "os/user"
+ "strconv"
+ "net"
+ "os"
+ "path"
+
+ "github.com/sarnowski/mitigation"
+)
+
+
+func dropPrivAndListen(userName, sockPath string) (net.Listener, error) {
+ if !mitigation.CanActivate() {
+ return nil, errors.New("cannot drop privileges")
+ }
+ usr, _ := user.Lookup(userName)
+ uid, _ := strconv.Atoi(usr.Uid)
+ gid, _ := strconv.Atoi(usr.Gid)
+
+ socket := path.Join(usr.HomeDir, sockPath)
+ os.Remove(socket)
+
+ l, err := net.Listen("unix", socket)
+ if err != nil {
+ return nil, err
+ }
+ os.Chown(socket, uid, gid)
+ os.Chmod(socket, 0660)
+
+ mitigation.Activate(uid, gid, usr.HomeDir)
+ return l, nil
+}
diff --git a/rewrite.go b/rewrite.go
new file mode 100644
index 0000000..7846e67
--- /dev/null
+++ b/rewrite.go
@@ -0,0 +1,108 @@
+// Copyright 2013 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package main
+
+import "net/http"
+
+// Register HTTP handlers that redirect old blog paths to their new locations.
+func init() {
+ for p := range urlMap {
+ dest := "/" + urlMap[p]
+ http.HandleFunc(p, func(w http.ResponseWriter, r *http.Request) {
+ http.Redirect(w, r, dest, http.StatusMovedPermanently)
+ })
+ }
+}
+
+var urlMap = map[string]string{
+ "/2014/12/31c3": "31c3",
+ "/2014/08/game-over": "Game-Over",
+ "/2014/08/Cisco-EPC3212-Kabel-Deutschland-and-Facepalm": "Cisco-EPC3212-Kabel-Deutschland-and-Facepalm",
+ "/2014/08/Brave-Dapple": "Brave-Dapple",
+ "/2014/08/Brauneck": "Brauneck",
+ "/2014/07/Reinstall-OS-X": "Reinstall-OS-X",
+ "/2014/06/Where-has-my-time-gone": "Where-has-my-time-gone",
+ "/2014/02/Fix-image-URLs-in-Wordpress-RSS-feed": "Fix-image-URLs-in-Wordpress-RSS-feed",
+ "/2014/01/Silvester-2014": "Silvester-2014",
+ "/2013/11/Project-Babyface": "Project-Babyface",
+ "/2013/10/Few-words-on-FreeBSD-ports": "Few-words-on-FreeBSD-ports",
+ "/2013/06/Spectrogram": "Spectrogram",
+ "/2013/06/Jobs-at-Moccu": "Jobs-at-Moccu",
+ "/2013/06/Gentrification": "Gentrification",
+ "/2013/05/Now-Go-Out-Of-This-World": "Now-Go-Out-Of-This-World",
+ "/2013/02/Roaming-between-LAN-and-WLAN": "Roaming-between-LAN-and-WLAN",
+ "/2013/02/Playing-music-over-network-with-sndio": "Playing-music-over-network-with-sndio",
+ "/2013/02/Install-OpenBSD-on-remote-host-without-KVM": "Install-OpenBSD-on-remote-host-without-KVM",
+ "/2012/11/Migrate-OpenBSD-from-i386-to-amd64": "Migrate-OpenBSD-from-i386-to-amd64",
+ "/2012/11/A-Toy-Bike": "A-Toy-Bike",
+ "/2012/09/Moccu-Ausflug-an-die-Ostsee": "Moccu-Ausflug-an-die-Ostsee",
+ "/2012/09/Large-package-for-a-small-thing": "Large-package-for-a-small-thing",
+ "/2012/08/Migration-to-HTML5": "Migration-to-HTML5",
+ "/2012/08/Gardasee": "Gardasee",
+ "/2012/08/4.-Dragonboats-MediaCup-Berlin": "4-Dragonboats-MediaCup-Berlin",
+ "/2012/07/Plan9-is-down": "Plan9-is-down",
+ "/2012/04/Frontends-for-0x10c-Emulator": "Frontends-for-0x10c-Emulator",
+ "/2012/04/0x10c---A-Random-Weekend-Project": "0x10c-Random-Weekend-Project",
+ "/0x10c-A-Random-Weekend-Project": "0x10c-Random-Weekend-Project",
+ "/2012/03/DimOS-reaches-beta1-stage": "DimOS-reaches-beta1-stage",
+ "/2012/03/Digital-Suicide": "Digital-Suicide",
+ "/2012/03/Another-World-on-OpenBSD": "Another-World-on-OpenBSD",
+ "/2011/12/Back-online": "Back-online",
+ "/2011/11/Updates-on-DimOS-RT": "Updates-on-DimOS-RT",
+ "/2011/11/Papa-ist-tot": "Papa-ist-tot",
+ "/2011/11/No-comment": "No-comment",
+ "/2011/10/Flundie-is-dead": "Flundie-is-dead",
+ "/2011/09/Erzgebirge": "Erzgebirge",
+ "/2011/07/eduroam-and-wicd": "eduroam-and-wicd",
+ "/2011/07/Thunderbird,-shame-on-you!": "Thunderbird-shame-on-you",
+ "/2011/06/Gollum-is-dead": "Gollum-is-dead",
+ "/2011/05/The-Monkeytail-Beard": "The-Monkeytail-Beard",
+ "/2011/05/Backup-Proxmox-Containers-to-FTP": "Backup-Proxmox-Containers-to-FTP",
+ "/2011/04/66-lakes-trail": "66-lakes-trail",
+ "/2011/03/dimos-lcd": "DimOS-LCD",
+ "/2011/03/Theme-tweak-and-IE": "Theme-tweak-and-IE",
+ "/2011/03/Migration-to-Blogsum": "Migration-to-Blogsum",
+ "/2011/02/dimos-rgb": "DimOS-RGB",
+ "/2011/01/My-roommate's-cooking": "My-roommates-cooking",
+ "/2010/11/aucat": "Visualisation-hack-for-aucat",
+ "/2010/11/0b00100000": "0b00100000",
+ "/2010/08/Trip-into-Alps": "Trip-into-Alps",
+ "/2010/07/Drachenberg": "Drachenberg",
+ "/2010/01/SP12": "SP12",
+ "/2009/10/xlinux": "xlinux",
+ "/2009/10/tallyman": "tallyman",
+ "/2009/09/Mittelgebirge": "Mittelgebirge",
+ "/2009/08/Teufelsberg": "Teufelsberg",
+ "/2009/07/Einfuehrung-in-die-Luft--und-Raumfahrt": "Einfuehrung-in-die-Luft-und-Raumfahrt",
+ "/2009/07/Beastie's-second-flight": "Beasties-second-flight",
+ "/2009/07/Beastie's-maiden-flight": "Beasties-maiden-flight",
+ "/2009/04/brainfuck": "brainfuck",
+ "/2009/02/teapot": "teapot",
+ "/2008/09/Muellberg": "Muellberg",
+ "/2008/08/Panorama-from-'Alten-Peter'-in-Munich": "Panorama-from-Alten-Peter-in-Munich",
+ "/2008/07/xterm-colors": "xterm-colors",
+ "/2008/05/Linux-Tag-2008": "Linux-Tag-2008",
+ "/2007/11/Turing-Machine": "Turing-Machine",
+ "/2007/07/POV-Ray-experiments": "POV-Ray-experiments",
+ "/2007/02/dumped-pendulum": "Damped-pendulum",
+ "/2006/10/Physics-Award": "Physics-Award",
+ "/2005/09/OpenBSD-rlimit-LKM": "OpenBSD-rlimit-LKM",
+ "/2005/02/watch": "watch",
+ "/2004/09/simple-bootmanager": "simple-bootmanager",
+ "/2003/08/Absinth-Rezepte": "Absinth-Rezepte",
+ "/2003/06/cvs": "cvs",
+ "/2002/07/the-beginning": "the-beginning",
+ "/1998/06/Linux-Tag-1998": "Linux-Tag-1998",
+ "/1978/11/Who-am-I": "Who-am-I",
+ "/whoami": "Who-am-I",
+ "/tek": "teapot",
+ "/Tags/gone": "Where-has-my-time-gone",
+ "/Tags/spectrogram": "Spectrogram",
+ "/Tags/sndio": "Playing-music-over-network-with-sndio",
+ "/Tags/AVR": "SP12",
+ "/Tags/DimOS": "DimOS-reaches-beta1-stage",
+ "/Tags/": "index",
+ "/rss.xml": "/feed.atom",
+}
diff --git a/static.go b/static.go
new file mode 100644
index 0000000..3c32d6b
--- /dev/null
+++ b/static.go
@@ -0,0 +1,18 @@
+// Copyright 2013 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// +build !appengine
+
+// This file implements a stand-alone blog server.
+
+package main
+
+import (
+ "net/http"
+)
+
+func init() {
+ fs := http.FileServer(http.Dir("htdocs/static"))
+ http.Handle("/static/", http.StripPrefix("/static/", fs))
+}