server: Allow disabling proof of possession
This commit is contained in:
parent
69366cbe97
commit
a7578d1896
|
@ -114,7 +114,7 @@ pub(crate) async fn upload_path(
|
|||
match existing_nar {
|
||||
Some(existing_nar) => {
|
||||
// Deduplicate
|
||||
upload_path_dedup(username, cache, upload_info, stream, existing_nar, database).await
|
||||
upload_path_dedup(username, cache, upload_info, stream, database, &state, existing_nar).await
|
||||
}
|
||||
None => {
|
||||
// New NAR
|
||||
|
@ -129,9 +129,11 @@ async fn upload_path_dedup(
|
|||
cache: cache::Model,
|
||||
upload_info: UploadPathNarInfo,
|
||||
stream: impl AsyncRead + Unpin,
|
||||
existing_nar: NarGuard,
|
||||
database: &DatabaseConnection,
|
||||
state: &State,
|
||||
existing_nar: NarGuard,
|
||||
) -> ServerResult<String> {
|
||||
if state.config.require_proof_of_possession {
|
||||
let (mut stream, nar_compute) = StreamHasher::new(stream, Sha256::new());
|
||||
tokio::io::copy(&mut stream, &mut tokio::io::sink())
|
||||
.await
|
||||
|
@ -148,6 +150,7 @@ async fn upload_path_dedup(
|
|||
{
|
||||
return Err(ErrorKind::RequestError(anyhow!("Bad NAR Hash or Size")).into());
|
||||
}
|
||||
}
|
||||
|
||||
// Finally...
|
||||
let txn = database
|
||||
|
|
|
@ -27,6 +27,13 @@ allowed-hosts = []
|
|||
# are there.
|
||||
#soft-delete-caches = false
|
||||
|
||||
# Whether to require fully uploading a NAR if it exists in the global cache.
|
||||
#
|
||||
# If set to false, simply knowing the NAR hash is enough for
|
||||
# an uploader to gain access to an existing NAR in the global
|
||||
# cache.
|
||||
#require-proof-of-possession = true
|
||||
|
||||
# JWT signing token
|
||||
#
|
||||
# Set this to the Base64 encoding of some random data.
|
||||
|
|
|
@ -64,6 +64,15 @@ pub struct Config {
|
|||
#[serde(default = "default_soft_delete_caches")]
|
||||
pub soft_delete_caches: bool,
|
||||
|
||||
/// Whether to require fully uploading a NAR if it exists in the global cache.
|
||||
///
|
||||
/// If set to false, simply knowing the NAR hash is enough for
|
||||
/// an uploader to gain access to an existing NAR in the global
|
||||
/// cache.
|
||||
#[serde(rename = "require-proof-of-possession")]
|
||||
#[serde(default = "default_require_proof_of_possession")]
|
||||
pub require_proof_of_possession: bool,
|
||||
|
||||
/// Database connection.
|
||||
pub database: DatabaseConfig,
|
||||
|
||||
|
@ -238,6 +247,10 @@ fn default_soft_delete_caches() -> bool {
|
|||
false
|
||||
}
|
||||
|
||||
fn default_require_proof_of_possession() -> bool {
|
||||
true
|
||||
}
|
||||
|
||||
fn default_gc_interval() -> Duration {
|
||||
Duration::from_secs(43200)
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue