thelilfrog/cloudsave
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases 8 Wiki Activity

Compare commits

base: thelilfrog:0.0.4d
Branches Tags
thelilfrog:main thelilfrog:gui thelilfrog:fix_sec
thelilfrog:0.0.4d thelilfrog:0.0.4c thelilfrog:0.0.4b thelilfrog:0.0.4a thelilfrog:0.0.4 thelilfrog:v0.0.3 thelilfrog:v0.0.2 thelilfrog:v0.0.1
...
compare: thelilfrog:b3232e79d5c38424bfbc916185c4232fa19a0cc7
Branches Tags
thelilfrog:main thelilfrog:gui thelilfrog:fix_sec
thelilfrog:0.0.4d thelilfrog:0.0.4c thelilfrog:0.0.4b thelilfrog:0.0.4a thelilfrog:0.0.4 thelilfrog:v0.0.3 thelilfrog:v0.0.2 thelilfrog:v0.0.1

2 Commits
0.0.4d ... b3232e79d5

Author SHA1 Message Date
Aurélie DELHAIE
b3232e79d5 add gosec
Some checks failed
CloudSave/pipeline/head There was a failure building this commit
Details
2025-09-07 00:31:37 +02:00
Aurélie DELHAIE
0a33d1b68d wip 0.0.5
All checks were successful
CloudSave/pipeline/head This commit looks good
Details
2025-09-02 22:32:07 +02:00
16 changed files with 296 additions and 14 deletions
Expand all files Collapse all files

2
build.sh
View File

@@ -35,7 +35,7 @@ fi
## SERVER ## SERVER
platforms=("linux/amd64" "linux/arm64" "linux/riscv64" "linux/ppc64le") platforms=("linux/amd64" "linux/arm64" "linux/riscv64" "linux/ppc64le", "windows/amd64")
for platform in "${platforms[@]}"; do for platform in "${platforms[@]}"; do
echo "* Compiling server for $platform..." echo "* Compiling server for $platform..."

2
cmd/cli/commands/list/list.go
View File

@@ -43,7 +43,7 @@ func (p *ListCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{})
return subcommands.ExitUsageError return subcommands.ExitUsageError
} }
username, password, err := credentials.Read() username, password, err := credentials.Read(f.Arg(0))
if err != nil { if err != nil {
fmt.Fprintf(os.Stderr, "error: failed to read std output: %s", err) fmt.Fprintf(os.Stderr, "error: failed to read std output: %s", err)
return subcommands.ExitFailure return subcommands.ExitFailure

60
cmd/cli/commands/login/login.go Normal file
View File

@@ -0,0 +1,60 @@
package login
import (
"cloudsave/cmd/cli/tools/prompt/credentials"
"cloudsave/pkg/remote/client"
"context"
"flag"
"fmt"
"os"
"github.com/google/subcommands"
)
type (
LoginCmd struct {
}
)
func (*LoginCmd) Name() string { return "login" }
func (*LoginCmd) Synopsis() string { return "save IN PLAIN TEXT your credentials" }
func (*LoginCmd) Usage() string {
return `Usage: cloudsave login <SERVER_HOSTNAME>
Warning: this command saves the login into a plain text json file
Options:
`
}
func (p *LoginCmd) SetFlags(f *flag.FlagSet) {
}
func (p *LoginCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}) subcommands.ExitStatus {
if f.NArg() != 1 {
fmt.Fprintf(os.Stderr, "error: this command take 1 argument")
return subcommands.ExitUsageError
}
server := f.Arg(0)
username, password, err := credentials.Read(server)
if err != nil {
fmt.Fprintf(os.Stderr, "error: failed to read std output: %s", err)
return subcommands.ExitFailure
}
cli := client.New(server, username, password)
if _, err := cli.Version(); err != nil {
fmt.Fprintf(os.Stderr, "error: failed to login: %s", err)
return subcommands.ExitFailure
}
if err := credentials.Login(username, password, server); err != nil {
fmt.Fprintf(os.Stderr, "error: failed to save login: %s", err)
return subcommands.ExitFailure
}
fmt.Println("login information saved!")
return subcommands.ExitSuccess
}

43
cmd/cli/commands/logout/logout.go Normal file
View File

@@ -0,0 +1,43 @@
package logout
import (
"cloudsave/cmd/cli/tools/prompt/credentials"
"context"
"flag"
"fmt"
"os"
"github.com/google/subcommands"
)
type (
LogoutCmd struct {
}
)
func (*LogoutCmd) Name() string { return "logout" }
func (*LogoutCmd) Synopsis() string { return "logout from a server" }
func (*LogoutCmd) Usage() string {
return `Usage: cloudsave logout <SERVER_HOSTNAME>
Options:
`
}
func (p *LogoutCmd) SetFlags(f *flag.FlagSet) {
}
func (p *LogoutCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}) subcommands.ExitStatus {
if f.NArg() != 1 {
fmt.Fprintf(os.Stderr, "error: this command take 1 argument")
return subcommands.ExitUsageError
}
if err := credentials.Logout(f.Arg(0)); err != nil {
fmt.Fprintf(os.Stderr, "error: failed to logout: %s", err)
return subcommands.ExitFailure
}
fmt.Println("bye!")
return subcommands.ExitSuccess
}

2
cmd/cli/commands/pull/pull.go
View File

@@ -41,7 +41,7 @@ func (p *PullCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{})
gameID := f.Arg(1) gameID := f.Arg(1)
path := f.Arg(2) path := f.Arg(2)
username, password, err := credentials.Read() username, password, err := credentials.Read(url)
if err != nil { if err != nil {
fmt.Fprintf(os.Stderr, "error: failed to read std output: %s", err) fmt.Fprintf(os.Stderr, "error: failed to read std output: %s", err)
return subcommands.ExitFailure return subcommands.ExitFailure

2
cmd/cli/commands/sync/sync.go
View File

@@ -284,7 +284,7 @@ func connect(remoteCred map[string]map[string]string, r remote.Remote) (*client.
fmt.Println() fmt.Println()
fmt.Println("Connexion to", r.URL) fmt.Println("Connexion to", r.URL)
fmt.Println("============") fmt.Println("============")
username, password, err := credentials.Read() username, password, err := credentials.Read(r.URL)
if err != nil { if err != nil {
return nil, fmt.Errorf("failed to read std output: %w", err) return nil, fmt.Errorf("failed to read std output: %w", err)
} }

2
cmd/cli/commands/version/version.go
View File

@@ -42,7 +42,7 @@ func (p *VersionCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{
return subcommands.ExitUsageError return subcommands.ExitUsageError
} }
username, password, err := credentials.Read() username, password, err := credentials.Read(f.Arg(0))
if err != nil { if err != nil {
fmt.Fprintf(os.Stderr, "failed to read std output: %s", err) fmt.Fprintf(os.Stderr, "failed to read std output: %s", err)
return subcommands.ExitFailure return subcommands.ExitFailure

4
cmd/cli/main.go
View File

@@ -4,6 +4,8 @@ import (
"cloudsave/cmd/cli/commands/add" "cloudsave/cmd/cli/commands/add"
"cloudsave/cmd/cli/commands/apply" "cloudsave/cmd/cli/commands/apply"
"cloudsave/cmd/cli/commands/list" "cloudsave/cmd/cli/commands/list"
"cloudsave/cmd/cli/commands/login"
"cloudsave/cmd/cli/commands/logout"
"cloudsave/cmd/cli/commands/pull" "cloudsave/cmd/cli/commands/pull"
"cloudsave/cmd/cli/commands/remote" "cloudsave/cmd/cli/commands/remote"
"cloudsave/cmd/cli/commands/remove" "cloudsave/cmd/cli/commands/remove"
@@ -56,6 +58,8 @@ func main() {
subcommands.Register(&remote.RemoteCmd{Service: s}, "remote") subcommands.Register(&remote.RemoteCmd{Service: s}, "remote")
subcommands.Register(&sync.SyncCmd{Service: s}, "remote") subcommands.Register(&sync.SyncCmd{Service: s}, "remote")
subcommands.Register(&pull.PullCmd{Service: s}, "remote") subcommands.Register(&pull.PullCmd{Service: s}, "remote")
subcommands.Register(&login.LoginCmd{}, "remote")
subcommands.Register(&logout.LogoutCmd{}, "remote")
flag.Parse() flag.Parse()
ctx := context.Background() ctx := context.Background()

99
cmd/cli/tools/prompt/credentials/credentials.go
View File

@@ -2,14 +2,48 @@ package credentials
import ( import (
"bufio" "bufio"
"encoding/json"
"errors"
"fmt" "fmt"
"os" "os"
"path/filepath"
"strings" "strings"
"golang.org/x/term" "golang.org/x/term"
) )
func Read() (string, string, error) { type (
credential struct {
Username string `json:"username"`
Password string `json:"password"`
}
credentialsStore struct {
Store map[string]credential `json:"store"`
}
)
var (
datastorePath string
)
func init() {
roaming, err := os.UserConfigDir()
if err != nil {
panic("failed to get user config path: " + err.Error())
}
datastorePath = filepath.Join(roaming, "cloudsave")
}
func Read(server string) (string, string, error) {
var err error
store, err := load()
if err == nil {
if c, ok := store[server]; ok {
return c.Username, c.Password, nil
}
}
fmt.Print("Enter username: ") fmt.Print("Enter username: ")
reader := bufio.NewReader(os.Stdin) reader := bufio.NewReader(os.Stdin)
username, _ := reader.ReadString('\n') username, _ := reader.ReadString('\n')
@@ -24,3 +58,66 @@ func Read() (string, string, error) {
return username, string(password), nil return username, string(password), nil
} }
func Login(username, password, server string) error {
store, err := load()
if err != nil {
return err
}
store[server] = credential{
Username: username,
Password: password,
}
return save(store)
}
func Logout(server string) error {
store, err := load()
if err != nil {
return err
}
delete(store, server)
return save(store)
}
func save(store map[string]credential) error {
c := credentialsStore{
Store: store,
}
f, err := os.OpenFile(filepath.Join(datastorePath, "credential.json"), os.O_CREATE|os.O_TRUNC|os.O_WRONLY, 0740)
if err != nil {
return fmt.Errorf("failed to open datastore: %w", err)
}
defer f.Close()
e := json.NewEncoder(f)
if err := e.Encode(c); err != nil {
return fmt.Errorf("failed to encode data: %w", err)
}
return nil
}
func load() (map[string]credential, error) {
f, err := os.OpenFile(filepath.Join(datastorePath, "credential.json"), os.O_RDONLY, 0)
if err != nil {
if errors.Is(err, os.ErrNotExist) {
return make(map[string]credential), nil
}
return nil, fmt.Errorf("failed to open datastore: %w", err)
}
defer f.Close()
var c credentialsStore
d := json.NewDecoder(f)
if err := d.Decode(&c); err != nil {
return nil, fmt.Errorf("failed to decode data: %w", err)
}
return c.Store, nil
}

8
cmd/server/api/api.go
View File

@@ -21,6 +21,7 @@ type (
Server *http.Server Server *http.Server
Service *data.Service Service *data.Service
documentRoot string documentRoot string
creds map[string]string
} }
) )
@@ -32,6 +33,7 @@ func NewServer(documentRoot string, srv *data.Service, creds map[string]string,
s := &HTTPServer{ s := &HTTPServer{
Service: srv, Service: srv,
documentRoot: documentRoot, documentRoot: documentRoot,
creds: creds,
} }
router := chi.NewRouter() router := chi.NewRouter()
router.NotFound(func(writer http.ResponseWriter, request *http.Request) { router.NotFound(func(writer http.ResponseWriter, request *http.Request) {
@@ -46,7 +48,7 @@ func NewServer(documentRoot string, srv *data.Service, creds map[string]string,
router.Use(middleware.Compress(5, "application/gzip")) router.Use(middleware.Compress(5, "application/gzip"))
router.Use(middleware.Heartbeat("/heartbeat")) router.Use(middleware.Heartbeat("/heartbeat"))
router.Route("/api", func(routerAPI chi.Router) { router.Route("/api", func(routerAPI chi.Router) {
routerAPI.Use(BasicAuth("cloudsave", creds)) routerAPI.Use(s.BasicAuth("cloudsave"))
routerAPI.Route("/v1", func(r chi.Router) { routerAPI.Route("/v1", func(r chi.Router) {
// Get information about the server // Get information about the server
r.Get("/version", s.Information) r.Get("/version", s.Information)
@@ -78,6 +80,10 @@ func NewServer(documentRoot string, srv *data.Service, creds map[string]string,
return s return s
} }
func (s *HTTPServer) SetCredentials(creds map[string]string) {
s.creds = creds
}
func (s HTTPServer) all(w http.ResponseWriter, r *http.Request) { func (s HTTPServer) all(w http.ResponseWriter, r *http.Request) {
datastore, err := s.Service.AllGames() datastore, err := s.Service.AllGames()
if err != nil { if err != nil {

4
cmd/server/api/middlewares.go
View File

@@ -20,7 +20,7 @@ func recoverMiddleware(next http.Handler) http.Handler {
} }
// BasicAuth implements a simple middleware handler for adding basic http auth to a route. // BasicAuth implements a simple middleware handler for adding basic http auth to a route.
func BasicAuth(realm string, creds map[string]string) func(next http.Handler) http.Handler { func (s *HTTPServer) BasicAuth(realm string) func(next http.Handler) http.Handler {
return func(next http.Handler) http.Handler { return func(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
user, pass, ok := r.BasicAuth() user, pass, ok := r.BasicAuth()
@@ -29,7 +29,7 @@ func BasicAuth(realm string, creds map[string]string) func(next http.Handler) ht
return return
} }
credPass := creds[user] credPass := s.creds[user]
if err := bcrypt.CompareHashAndPassword([]byte(credPass), []byte(pass)); err != nil { if err := bcrypt.CompareHashAndPassword([]byte(credPass), []byte(pass)); err != nil {
basicAuthFailed(w, r, realm) basicAuthFailed(w, r, realm)
return return

20
cmd/server/main.go
View File

@@ -5,12 +5,30 @@ package main
import ( import (
"fmt" "fmt"
"os" "os"
"os/signal"
"syscall"
) )
const defaultDocumentRoot string = "/var/lib/cloudsave" const defaultDocumentRoot string = "/var/lib/cloudsave"
var (
updateChan chan struct{}
)
func main() { func main() {
run() updateChan = make(chan struct{})
sigc := make(chan os.Signal, 1)
signal.Notify(sigc, syscall.SIGHUP)
go func() {
for {
<-sigc
updateChan <- struct{}{}
}
}()
run(updateChan)
} }
func fatal(message string, exitCode int) { func fatal(message string, exitCode int) {

18
cmd/server/main_windows.go
View File

@@ -13,9 +13,15 @@ const defaultDocumentRoot string = "C:\\ProgramData\\CloudSave"
//go:embed res/icon.ico //go:embed res/icon.ico
var icon []byte var icon []byte
var (
updateChan chan struct{}
)
func main() { func main() {
updateChan = make(chan struct{})
go systray.Run(onReady, onExit) go systray.Run(onReady, onExit)
run()
run(updateChan)
} }
func fatal(message string, exitCode int) { func fatal(message string, exitCode int) {
@@ -28,12 +34,20 @@ func onReady() {
systray.SetTooltip("CloudSave") systray.SetTooltip("CloudSave")
systray.SetIcon(icon) systray.SetIcon(icon)
mQuit := systray.AddMenuItem("Quit", "Quit") mReload := systray.AddMenuItem("Reload", "Reload the server data")
mQuit := systray.AddMenuItem("Quit", "Quit the server")
go func() { go func() {
<-mQuit.ClickedCh <-mQuit.ClickedCh
os.Exit(0) os.Exit(0)
}() }()
go func() {
for {
<-mReload.ClickedCh
updateChan <- struct{}{}
}
}()
} }
func onExit() { func onExit() {

18
cmd/server/runner.go
View File

@@ -14,7 +14,7 @@ import (
"strconv" "strconv"
) )
func run() { func run(updateChan <-chan struct{}) {
fmt.Printf("CloudSave server -- v%s.%s.%s\n\n", constants.Version, runtime.GOOS, runtime.GOARCH) fmt.Printf("CloudSave server -- v%s.%s.%s\n\n", constants.Version, runtime.GOOS, runtime.GOARCH)
var documentRoot string var documentRoot string
@@ -47,6 +47,7 @@ func run() {
if err := r.Preload(); err != nil { if err := r.Preload(); err != nil {
fatal("failed to load datastore: "+err.Error(), 1) fatal("failed to load datastore: "+err.Error(), 1)
} }
repo = r repo = r
} else { } else {
slog.Info("loading lazy repository...") slog.Info("loading lazy repository...")
@@ -61,6 +62,21 @@ func run() {
server := api.NewServer(documentRoot, s, h.Content(), port) server := api.NewServer(documentRoot, s, h.Content(), port)
go func() {
for {
<-updateChan
if r, ok := repo.(*repository.EagerRepository); ok {
r.Reload()
}
h, err := htpasswd.Open(filepath.Join(documentRoot, ".htpasswd"))
if err != nil {
fatal("failed to load .htpasswd: "+err.Error(), 1)
}
slog.Info("users loaded: " + strconv.Itoa(len(h.Content())) + " user(s) loaded")
server.SetCredentials(h.Content())
}
}()
fmt.Println("server started at :" + strconv.Itoa(port)) fmt.Println("server started at :" + strconv.Itoa(port))
if err := server.Server.ListenAndServe(); err != nil { if err := server.Server.ListenAndServe(); err != nil {
fatal("failed to start server: "+err.Error(), 1) fatal("failed to start server: "+err.Error(), 1)

8
jenkinsfile
View File

@@ -2,6 +2,14 @@ pipeline {
agent any agent any
stages { stages {
stage('Audit') {
steps {
sh '''
go install github.com/securego/gosec/v2/cmd/gosec@v2.22.8
/var/lib/jenkins/go/bin/gosec ./...
'''
}
}
stage('Build') { stage('Build') {
steps { steps {
sh './build.sh' sh './build.sh'

18
pkg/repository/repository.go
View File

@@ -73,7 +73,7 @@ type (
AllHist(gameID GameIdentifier) ([]string, error) AllHist(gameID GameIdentifier) ([]string, error)
WriteBlob(ID Identifier) (io.Writer, error) WriteBlob(ID Identifier) (io.Writer, error)
WriteMetadata(gameID GameIdentifier, m Metadata) error WriteMetadata(gameID GameIdentifier, m Metadata) error
Metadata(gameID GameIdentifier) (Metadata, error) Metadata(gameID GameIdentifier) (Metadata, error)
LastScan(gameID GameIdentifier) (time.Time, error) LastScan(gameID GameIdentifier) (time.Time, error)
@@ -401,6 +401,7 @@ func (r *EagerRepository) Preload() error {
r.mu.Lock() r.mu.Lock()
defer r.mu.Unlock() defer r.mu.Unlock()
slog.Info("loading data from datastore to memory...")
games, err := r.Repository.All() games, err := r.Repository.All()
if err != nil { if err != nil {
return fmt.Errorf("failed to load all data: %w", err) return fmt.Errorf("failed to load all data: %w", err)
@@ -443,6 +444,21 @@ func (r *EagerRepository) Preload() error {
return nil return nil
} }
func (r *EagerRepository) ClearCache() {
r.mu.Lock()
defer r.mu.Unlock()
slog.Info("clearing cache...")
for k := range r.data {
delete(r.data, k)
}
}
func (r *EagerRepository) Reload() error {
r.ClearCache()
return r.Preload()
}
func (r *EagerRepository) All() ([]string, error) { func (r *EagerRepository) All() ([]string, error) {
r.mu.RLock() r.mu.RLock()
defer r.mu.RUnlock() defer r.mu.RUnlock()