[feature] Allow admins to expire remote public keys; refetch expired keys on demand (#2183)

This commit is contained in:
tobi
2023-09-12 11:43:12 +02:00
committed by GitHub
parent 2cac5a4613
commit 4b594516ec
23 changed files with 841 additions and 117 deletions

View File

@ -0,0 +1,61 @@
/*
GoToSocial
Copyright (C) GoToSocial Authors admin@gotosocial.org
SPDX-License-Identifier: AGPL-3.0-or-later
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
"use strict";
const React = require("react");
const query = require("../../../lib/query");
const { useTextInput } = require("../../../lib/form");
const { TextInput } = require("../../../components/form/inputs");
const MutationButton = require("../../../components/form/mutation-button");
module.exports = function ExpireRemote({}) {
const domainField = useTextInput("domain");
const [expire, expireResult] = query.useInstanceKeysExpireMutation();
function submitExpire(e) {
e.preventDefault();
expire(domainField.value);
}
return (
<form onSubmit={submitExpire}>
<h2>Expire remote instance keys</h2>
<p>
Mark all public keys from the given remote instance as expired.<br/><br/>
This is useful in cases where the remote domain has had to rotate their keys for whatever
reason (security issue, data leak, routine safety procedure, etc), and your instance can no
longer communicate with theirs properly using cached keys. A key marked as expired in this way
will be lazily refetched next time a request is made to your instance signed by the owner of that
key.
</p>
<TextInput
field={domainField}
label="Domain"
type="string"
placeholder="example.org"
/>
<MutationButton label="Expire keys" result={expireResult} />
</form>
);
};

View File

@ -0,0 +1,32 @@
/*
GoToSocial
Copyright (C) GoToSocial Authors admin@gotosocial.org
SPDX-License-Identifier: AGPL-3.0-or-later
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
"use strict";
const React = require("react");
const ExpireRemote = require("./expireremote");
module.exports = function Keys() {
return (
<>
<h1>Key Actions</h1>
<ExpireRemote />
</>
);
};

View File

@ -21,42 +21,39 @@
const React = require("react");
const query = require("../lib/query");
const query = require("../../../lib/query");
const { useTextInput } = require("../lib/form");
const { TextInput } = require("../components/form/inputs");
const { useTextInput } = require("../../../lib/form");
const { TextInput } = require("../../../components/form/inputs");
const MutationButton = require("../components/form/mutation-button");
const MutationButton = require("../../../components/form/mutation-button");
module.exports = function AdminActionPanel() {
module.exports = function Cleanup({}) {
const daysField = useTextInput("days", { defaultValue: 30 });
const [mediaCleanup, mediaCleanupResult] = query.useMediaCleanupMutation();
function submitMediaCleanup(e) {
function submitCleanup(e) {
e.preventDefault();
mediaCleanup(daysField.value);
}
return (
<>
<h1>Admin Actions</h1>
<form onSubmit={submitMediaCleanup}>
<h2>Media cleanup</h2>
<p>
<form onSubmit={submitCleanup}>
<h2>Cleanup</h2>
<p>
Clean up remote media older than the specified number of days.
If the remote instance is still online they will be refetched when needed.
Also cleans up unused headers and avatars from the media cache.
</p>
<TextInput
field={daysField}
label="Days"
type="number"
min="0"
placeholder="30"
/>
<MutationButton label="Remove old media" result={mediaCleanupResult} />
</form>
</>
</p>
<TextInput
field={daysField}
label="Days"
type="number"
min="0"
placeholder="30"
/>
<MutationButton label="Remove old media" result={mediaCleanupResult} />
</form>
);
};
};

View File

@ -0,0 +1,32 @@
/*
GoToSocial
Copyright (C) GoToSocial Authors admin@gotosocial.org
SPDX-License-Identifier: AGPL-3.0-or-later
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
"use strict";
const React = require("react");
const Cleanup = require("./cleanup");
module.exports = function Media() {
return (
<>
<h1>Media Actions</h1>
<Cleanup />
</>
);
};

View File

@ -55,7 +55,10 @@ const { Sidebar, ViewRouter } = createNavigation("/settings", [
defaultUrl: "/settings/admin/settings",
permissions: ["admin"]
}, [
Item("Actions", { icon: "fa-bolt" }, require("./admin/actions")),
Menu("Actions", { icon: "fa-bolt" }, [
Item("Media", { icon: "fa-photo" }, require("./admin/actions/media")),
Item("Keys", { icon: "fa-key-modern" }, require("./admin/actions/keys")),
]),
Menu("Custom Emoji", { icon: "fa-smile-o" }, [
Item("Local", { icon: "fa-home", wildcard: true }, require("./admin/emoji/local")),
Item("Remote", { icon: "fa-cloud" }, require("./admin/emoji/remote"))
@ -63,7 +66,7 @@ const { Sidebar, ViewRouter } = createNavigation("/settings", [
Menu("Settings", { icon: "fa-sliders" }, [
Item("Settings", { icon: "fa-sliders", url: "" }, require("./admin/settings")),
Item("Rules", { icon: "fa-dot-circle-o", wildcard: true }, require("./admin/settings/rules"))
])
]),
])
]);

View File

@ -47,6 +47,15 @@ const endpoints = (build) => ({
}
})
}),
instanceKeysExpire: build.mutation({
query: (domain) => ({
method: "POST",
url: `/api/v1/admin/domain_keys_expire`,
params: {
domain: domain
}
})
}),
instanceBlocks: build.query({
query: () => ({
url: `/api/v1/admin/domain_blocks`