Merged
Conversation
New config options have been added to support HTTPs conenctionto the API: ``` [http_api] ssl_enabled = false ssl_cert_path = "./storage/ssl_certificates/localhost.crt" ssl_key_path = "./storage/ssl_certificates/localhost.key" ```
josecelano
force-pushed
the
https-api
branch
from
1dcfa35 to
b23d64b
Compare
Member
Author
|
ACK b23d64b |
This was referenced Dec 16, 2022
Closed
da2ce7
added a commit
that referenced
this pull request
Dec 22, 2022
6851ec5 fix: docker image run as non root (Jose Celano) 171a37d feat: publish docker image for tags, develop aand main branches (Jose Celano) 032f6a6 fix: docker repo name in README (Jose Celano) 46e1a37 feat: docker support (Jose Celano) f8700aa feat: allow to inject configuration from env var (Jose Celano) 3098ed2 feat: remove strip from Cargo.toml (Jose Celano) 269e5f5 feat: move default db_path to storage folder (Jose Celano) ca0e8af feat: change default http tracker port to 7070 (Jose Celano) b1ec9df feat: change udp tracker console output (Jose Celano) 19abf0f fix: error when udp response can't be written (Jose Celano) b23d64b feat: add ssl support for the API (Jose Celano) 5af28a2 fix: the pedantic clippy warnings (Jose Celano) Pull request description: Stacked on/Depends on: #128 This is a reorganization of [PR-123](#123) - I've reorganised the commits - I've implemented [Solution 1](#127 (comment)) discussed [here](#127 (comment)). The application can get the configuration from the `config.toml` file or from an env var `TORRUST_TRACKER_CONFIG` with the same content as the `config.toml` file. I think it's the minimum change to deploy the application using docker easily. The idea is the same as the solution implemented by @Power2All [here](https://github.com/Power2All/torrust-axum/tree/master/docker). But I'm using only one env var. This way, we do not need to change the code if the configuration changes. On the other hand, we are discussing a new implementation for the [settings](#127), and I did not want to implement things that will need to be changed afterwards. I'm also a fan of small steps :-). ## Testing I have deployed the application to the Digital Ocean App Platform: https://lobster-app-dc6o9.ondigitalocean.app/api/stats?token=MyAccessToken with [this PR branch docker image](https://hub.docker.com/layers/josecelano/torrust-tracker/docker-reorganized-pr/images/sha256-d08ccf6183c451910ba3dfb74695108700b1aaa2dd13f85bf6f0bdecc4bf43d9?context=repo). If you want to test the feature of getting the configuration from an env var locally (without docker): ```s TORRUST_TRACKER_CONFIG=`cat config.toml` cargo run ``` With docker, you only need to follow the instructions in the README: ## Notes Digital Ocean App Platform only allows you to expose one port (0.0.0.0:8080). I've deployed it exposing only the API with this configuration: ```toml log_level = "info" mode = "public" db_driver = "Sqlite3" db_path = "data.db" announce_interval = 120 min_announce_interval = 120 max_peer_timeout = 900 on_reverse_proxy = false external_ip = "0.0.0.0" tracker_usage_statistics = true persistent_torrent_completed_stat = false inactive_peer_cleanup_interval = 600 remove_peerless_torrents = true [[udp_trackers]] enabled = false bind_address = "0.0.0.0:6969" [[http_trackers]] enabled = false bind_address = "0.0.0.0:7070" ssl_enabled = false ssl_cert_path = "" ssl_key_path = "" [http_api] enabled = true bind_address = "0.0.0.0:8080" ssl_enabled = false ssl_cert_path = "" ssl_key_path = "" [http_api.access_tokens] admin = "MyAccessToken" ``` I suppose you need to create three apps sharing the state with a MySQL service if you want to deploy all the services. You want to do the same if you want to deploy more than one UDP or HTTP tracker. ACKs for top commit: josecelano: ACK 6851ec5 da2ce7: ACK 6851ec5 Tree-SHA512: 47a6c6d1240986f65f02fafc3ddce32cb4fc50bc118f833cdf7fd67afdef5b3dd42fbd8d46a22df818966b14b3fb3d0b1ab971a28dbec9c271b872b7c966276f
josecelano
added a commit
to josecelano/torrust-tracker
that referenced
this pull request
Mar 7, 2023
josecelano
added a commit
to josecelano/torrust-tracker
that referenced
this pull request
Mar 7, 2023
josecelano
added a commit
that referenced
this pull request
Mar 7, 2023
3860fc8 fix: format (Jose Celano) fa60994 test(http): [#128] unit test for announce handler (Jose Celano) 6ebcfcd refactor(http): push logic from Axum to App layer (Jose Celano) 49bb0db refactor(http): rename mod and move struct (Jose Celano) 637f25f refactor(http): move auth mod to handlers::common (Jose Celano) Pull request description: And other refactorings. Top commit has no ACKs. Tree-SHA512: 9ca933ddb40447ac3dcb28579874078c8037511d001f42fdddfaa4b0acc12214eee9bb592abea3c3aa1ffb11144035726cdd1719873175c33cc4a898d3924eee
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
I'm reorganizing the Full docker support PR. I've extracted this feature that is totally independent of docker support. I've enabled HTTPS for the REST API.
New config options have been added to support HTTPS connection to the API: