diff options
author | Alex <alex@adnab.me> | 2023-08-28 09:18:13 +0000 |
---|---|---|
committer | Alex <alex@adnab.me> | 2023-08-28 09:18:13 +0000 |
commit | d539a56d3a3f2df5f9e69c7afc3156b698f5183c (patch) | |
tree | f4ea09912badc609656650592c8c6188471d0794 /src/api/admin/api_server.rs | |
parent | bd50333ade4085fe4ca1d5dafc5f7ca280882879 (diff) | |
parent | 24e533f2623ac6ebbdac92efa9c08b6092c59daf (diff) | |
download | garage-d539a56d3a3f2df5f9e69c7afc3156b698f5183c.tar.gz garage-d539a56d3a3f2df5f9e69c7afc3156b698f5183c.zip |
Merge pull request 'Support {s3,web}.root_domains for the Caddy on-demand TLS endpoint (<admin>/check?domain=xx)' (#610) from bug/support-root-domains-on-demand-tls into main
Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/610
Diffstat (limited to 'src/api/admin/api_server.rs')
-rw-r--r-- | src/api/admin/api_server.rs | 47 |
1 files changed, 38 insertions, 9 deletions
diff --git a/src/api/admin/api_server.rs b/src/api/admin/api_server.rs index b0dfdfb7..8bf467dc 100644 --- a/src/api/admin/api_server.rs +++ b/src/api/admin/api_server.rs @@ -26,6 +26,7 @@ use crate::admin::cluster::*; use crate::admin::error::*; use crate::admin::key::*; use crate::admin::router::{Authorization, Endpoint}; +use crate::helpers::host_to_bucket; pub struct AdminApiServer { garage: Arc<Garage>, @@ -78,10 +79,7 @@ impl AdminApiServer { .body(Body::empty())?) } - async fn handle_check_website_enabled( - &self, - req: Request<Body>, - ) -> Result<Response<Body>, Error> { + async fn handle_check_domain(&self, req: Request<Body>) -> Result<Response<Body>, Error> { let query_params: HashMap<String, String> = req .uri() .query() @@ -102,12 +100,43 @@ impl AdminApiServer { .get("domain") .ok_or_internal_error("Could not parse domain query string")?; + // Resolve bucket from domain name, inferring if the website must be activated for the + // domain to be valid. + let (bucket_name, must_check_website) = if let Some(bname) = self + .garage + .config + .s3_api + .root_domain + .as_ref() + .and_then(|rd| host_to_bucket(domain, rd)) + { + (bname.to_string(), false) + } else if let Some(bname) = self + .garage + .config + .s3_web + .as_ref() + .and_then(|sw| host_to_bucket(domain, sw.root_domain.as_str())) + { + (bname.to_string(), true) + } else { + (domain.to_string(), true) + }; + let bucket_id = self .garage .bucket_helper() - .resolve_global_bucket_name(domain) + .resolve_global_bucket_name(&bucket_name) .await? - .ok_or(HelperError::NoSuchBucket(domain.to_string()))?; + .ok_or(HelperError::NoSuchBucket(bucket_name.to_string()))?; + + if !must_check_website { + return Ok(Response::builder() + .status(StatusCode::OK) + .body(Body::from(format!( + "Domain '{domain}' is managed by Garage" + )))?); + } let bucket = self .garage @@ -123,11 +152,11 @@ impl AdminApiServer { Ok(Response::builder() .status(StatusCode::OK) .body(Body::from(format!( - "Bucket '{domain}' is authorized for website hosting" + "Domain '{domain}' is managed by Garage" )))?) } None => Err(Error::bad_request(format!( - "Bucket '{domain}' is not authorized for website hosting" + "Domain '{domain}' is not managed by Garage" ))), } } @@ -229,7 +258,7 @@ impl ApiHandler for AdminApiServer { match endpoint { Endpoint::Options => self.handle_options(&req), - Endpoint::CheckWebsiteEnabled => self.handle_check_website_enabled(req).await, + Endpoint::CheckDomain => self.handle_check_domain(req).await, Endpoint::Health => self.handle_health(), Endpoint::Metrics => self.handle_metrics(), Endpoint::GetClusterStatus => handle_get_cluster_status(&self.garage).await, |