From ec277ab95f2147017a55816f533cdb2ee3f811ed Mon Sep 17 00:00:00 2001 From: Dimitri Sokolyuk Date: Wed, 25 Mar 2015 20:00:38 +0100 Subject: Initial import --- Makefile | 11 ++++++ config.go | 23 +++++++++++++ ip.go | 18 ++++++++++ livewatch.go | 18 ++++++++++ main.go | 54 ++++++++++++++++++++++++++++++ privsep.go | 37 ++++++++++++++++++++ rewrite.go | 108 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ static.go | 18 ++++++++++ 8 files changed, 287 insertions(+) create mode 100644 Makefile create mode 100644 config.go create mode 100644 ip.go create mode 100644 livewatch.go create mode 100644 main.go create mode 100644 privsep.go create mode 100644 rewrite.go create mode 100644 static.go diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..a14800d --- /dev/null +++ b/Makefile @@ -0,0 +1,11 @@ +all: + go build + +clean: + go clean + +install: + install blog /usr/local/bin/ + +restart: + /etc/rc.d/blog restart diff --git a/config.go b/config.go new file mode 100644 index 0000000..7fcbf17 --- /dev/null +++ b/config.go @@ -0,0 +1,23 @@ +// Copyright 2013 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// Command blog is a web server for the Go blog that can run on App Engine or +// as a stand-alone HTTP server. +package main + +import ( + "golang.org/x/tools/blog" +) + +const hostname = "www.dim13.org" // default hostname for blog server + +var config = blog.Config{ + Hostname: hostname, + BaseURL: "//" + hostname, + HomeArticles: 5, // articles to display on the home page + FeedArticles: 10, // articles to include in Atom and JSON feeds + FeedTitle: "dim-i-tri", + ContentPath: "htdocs/content", + TemplatePath: "htdocs/template", +} diff --git a/ip.go b/ip.go new file mode 100644 index 0000000..7a4679f --- /dev/null +++ b/ip.go @@ -0,0 +1,18 @@ +package main + +import ( + "io" + "net/http" + "strings" +) + +func init() { + http.HandleFunc("/ip", + func(w http.ResponseWriter, r *http.Request) { + ra := r.RemoteAddr + if n := strings.Index(ra, ":"); n >= 0 { + ra = ra[:n] + } + io.WriteString(w, ra) + }) +} diff --git a/livewatch.go b/livewatch.go new file mode 100644 index 0000000..7a6c02c --- /dev/null +++ b/livewatch.go @@ -0,0 +1,18 @@ +package main + +import ( + "io" + "net/http" +) + +func init() { + http.HandleFunc("/livewatch", liveWatch) +} + +func liveWatch(w http.ResponseWriter, r *http.Request) { + key := r.FormValue("key") + if len(key) != 32 { + key = "Ok" + } + io.WriteString(w, key) +} diff --git a/main.go b/main.go new file mode 100644 index 0000000..d65d4a7 --- /dev/null +++ b/main.go @@ -0,0 +1,54 @@ +// Copyright 2013 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// +build !appengine + +// This file implements a stand-alone blog server. + +package main + +import ( + "flag" + "log" + "net/http" + "net/http/fcgi" + + "golang.org/x/tools/blog" +) + +var reload = flag.Bool("reload", false, "reload content on each page load") + +func init() { + flag.Parse() +} + +func main() { + l, err := dropPrivAndListen("www", "run/blog.sock") + if err != nil { + log.Fatal(err) + } + defer l.Close() + + if *reload { + http.HandleFunc("/", reloadingBlogServer) + } else { + s, err := blog.NewServer(config) + if err != nil { + log.Fatal(err) + } + http.Handle("/", s) + } + log.Fatal(fcgi.Serve(l, nil)) +} + +// reloadingBlogServer is an handler that restarts the blog server on each page +// view. Inefficient; don't enable by default. Handy when editing blog content. +func reloadingBlogServer(w http.ResponseWriter, r *http.Request) { + s, err := blog.NewServer(config) + if err != nil { + http.Error(w, err.Error(), 500) + return + } + s.ServeHTTP(w, r) +} diff --git a/privsep.go b/privsep.go new file mode 100644 index 0000000..2bbe91a --- /dev/null +++ b/privsep.go @@ -0,0 +1,37 @@ +// This file implements privilege separation + +package main + +import ( + "errors" + "os/user" + "strconv" + "net" + "os" + "path" + + "github.com/sarnowski/mitigation" +) + + +func dropPrivAndListen(userName, sockPath string) (net.Listener, error) { + if !mitigation.CanActivate() { + return nil, errors.New("cannot drop privileges") + } + usr, _ := user.Lookup(userName) + uid, _ := strconv.Atoi(usr.Uid) + gid, _ := strconv.Atoi(usr.Gid) + + socket := path.Join(usr.HomeDir, sockPath) + os.Remove(socket) + + l, err := net.Listen("unix", socket) + if err != nil { + return nil, err + } + os.Chown(socket, uid, gid) + os.Chmod(socket, 0660) + + mitigation.Activate(uid, gid, usr.HomeDir) + return l, nil +} diff --git a/rewrite.go b/rewrite.go new file mode 100644 index 0000000..7846e67 --- /dev/null +++ b/rewrite.go @@ -0,0 +1,108 @@ +// Copyright 2013 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package main + +import "net/http" + +// Register HTTP handlers that redirect old blog paths to their new locations. +func init() { + for p := range urlMap { + dest := "/" + urlMap[p] + http.HandleFunc(p, func(w http.ResponseWriter, r *http.Request) { + http.Redirect(w, r, dest, http.StatusMovedPermanently) + }) + } +} + +var urlMap = map[string]string{ + "/2014/12/31c3": "31c3", + "/2014/08/game-over": "Game-Over", + "/2014/08/Cisco-EPC3212-Kabel-Deutschland-and-Facepalm": "Cisco-EPC3212-Kabel-Deutschland-and-Facepalm", + "/2014/08/Brave-Dapple": "Brave-Dapple", + "/2014/08/Brauneck": "Brauneck", + "/2014/07/Reinstall-OS-X": "Reinstall-OS-X", + "/2014/06/Where-has-my-time-gone": "Where-has-my-time-gone", + "/2014/02/Fix-image-URLs-in-Wordpress-RSS-feed": "Fix-image-URLs-in-Wordpress-RSS-feed", + "/2014/01/Silvester-2014": "Silvester-2014", + "/2013/11/Project-Babyface": "Project-Babyface", + "/2013/10/Few-words-on-FreeBSD-ports": "Few-words-on-FreeBSD-ports", + "/2013/06/Spectrogram": "Spectrogram", + "/2013/06/Jobs-at-Moccu": "Jobs-at-Moccu", + "/2013/06/Gentrification": "Gentrification", + "/2013/05/Now-Go-Out-Of-This-World": "Now-Go-Out-Of-This-World", + "/2013/02/Roaming-between-LAN-and-WLAN": "Roaming-between-LAN-and-WLAN", + "/2013/02/Playing-music-over-network-with-sndio": "Playing-music-over-network-with-sndio", + "/2013/02/Install-OpenBSD-on-remote-host-without-KVM": "Install-OpenBSD-on-remote-host-without-KVM", + "/2012/11/Migrate-OpenBSD-from-i386-to-amd64": "Migrate-OpenBSD-from-i386-to-amd64", + "/2012/11/A-Toy-Bike": "A-Toy-Bike", + "/2012/09/Moccu-Ausflug-an-die-Ostsee": "Moccu-Ausflug-an-die-Ostsee", + "/2012/09/Large-package-for-a-small-thing": "Large-package-for-a-small-thing", + "/2012/08/Migration-to-HTML5": "Migration-to-HTML5", + "/2012/08/Gardasee": "Gardasee", + "/2012/08/4.-Dragonboats-MediaCup-Berlin": "4-Dragonboats-MediaCup-Berlin", + "/2012/07/Plan9-is-down": "Plan9-is-down", + "/2012/04/Frontends-for-0x10c-Emulator": "Frontends-for-0x10c-Emulator", + "/2012/04/0x10c---A-Random-Weekend-Project": "0x10c-Random-Weekend-Project", + "/0x10c-A-Random-Weekend-Project": "0x10c-Random-Weekend-Project", + "/2012/03/DimOS-reaches-beta1-stage": "DimOS-reaches-beta1-stage", + "/2012/03/Digital-Suicide": "Digital-Suicide", + "/2012/03/Another-World-on-OpenBSD": "Another-World-on-OpenBSD", + "/2011/12/Back-online": "Back-online", + "/2011/11/Updates-on-DimOS-RT": "Updates-on-DimOS-RT", + "/2011/11/Papa-ist-tot": "Papa-ist-tot", + "/2011/11/No-comment": "No-comment", + "/2011/10/Flundie-is-dead": "Flundie-is-dead", + "/2011/09/Erzgebirge": "Erzgebirge", + "/2011/07/eduroam-and-wicd": "eduroam-and-wicd", + "/2011/07/Thunderbird,-shame-on-you!": "Thunderbird-shame-on-you", + "/2011/06/Gollum-is-dead": "Gollum-is-dead", + "/2011/05/The-Monkeytail-Beard": "The-Monkeytail-Beard", + "/2011/05/Backup-Proxmox-Containers-to-FTP": "Backup-Proxmox-Containers-to-FTP", + "/2011/04/66-lakes-trail": "66-lakes-trail", + "/2011/03/dimos-lcd": "DimOS-LCD", + "/2011/03/Theme-tweak-and-IE": "Theme-tweak-and-IE", + "/2011/03/Migration-to-Blogsum": "Migration-to-Blogsum", + "/2011/02/dimos-rgb": "DimOS-RGB", + "/2011/01/My-roommate's-cooking": "My-roommates-cooking", + "/2010/11/aucat": "Visualisation-hack-for-aucat", + "/2010/11/0b00100000": "0b00100000", + "/2010/08/Trip-into-Alps": "Trip-into-Alps", + "/2010/07/Drachenberg": "Drachenberg", + "/2010/01/SP12": "SP12", + "/2009/10/xlinux": "xlinux", + "/2009/10/tallyman": "tallyman", + "/2009/09/Mittelgebirge": "Mittelgebirge", + "/2009/08/Teufelsberg": "Teufelsberg", + "/2009/07/Einfuehrung-in-die-Luft--und-Raumfahrt": "Einfuehrung-in-die-Luft-und-Raumfahrt", + "/2009/07/Beastie's-second-flight": "Beasties-second-flight", + "/2009/07/Beastie's-maiden-flight": "Beasties-maiden-flight", + "/2009/04/brainfuck": "brainfuck", + "/2009/02/teapot": "teapot", + "/2008/09/Muellberg": "Muellberg", + "/2008/08/Panorama-from-'Alten-Peter'-in-Munich": "Panorama-from-Alten-Peter-in-Munich", + "/2008/07/xterm-colors": "xterm-colors", + "/2008/05/Linux-Tag-2008": "Linux-Tag-2008", + "/2007/11/Turing-Machine": "Turing-Machine", + "/2007/07/POV-Ray-experiments": "POV-Ray-experiments", + "/2007/02/dumped-pendulum": "Damped-pendulum", + "/2006/10/Physics-Award": "Physics-Award", + "/2005/09/OpenBSD-rlimit-LKM": "OpenBSD-rlimit-LKM", + "/2005/02/watch": "watch", + "/2004/09/simple-bootmanager": "simple-bootmanager", + "/2003/08/Absinth-Rezepte": "Absinth-Rezepte", + "/2003/06/cvs": "cvs", + "/2002/07/the-beginning": "the-beginning", + "/1998/06/Linux-Tag-1998": "Linux-Tag-1998", + "/1978/11/Who-am-I": "Who-am-I", + "/whoami": "Who-am-I", + "/tek": "teapot", + "/Tags/gone": "Where-has-my-time-gone", + "/Tags/spectrogram": "Spectrogram", + "/Tags/sndio": "Playing-music-over-network-with-sndio", + "/Tags/AVR": "SP12", + "/Tags/DimOS": "DimOS-reaches-beta1-stage", + "/Tags/": "index", + "/rss.xml": "/feed.atom", +} diff --git a/static.go b/static.go new file mode 100644 index 0000000..3c32d6b --- /dev/null +++ b/static.go @@ -0,0 +1,18 @@ +// Copyright 2013 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// +build !appengine + +// This file implements a stand-alone blog server. + +package main + +import ( + "net/http" +) + +func init() { + fs := http.FileServer(http.Dir("htdocs/static")) + http.Handle("/static/", http.StripPrefix("/static/", fs)) +} -- cgit v1.2.3