(username: U, password: Option) -> HeaderValue
120 | where
121 | U: std::fmt::Display,
122 | P: std::fmt::Display,
123 | {
124 | use base64::prelude::BASE64_STANDARD;
125 | use base64::write::EncoderWriter;
126 | use std::io::Write;
127 |
128 | let mut buf = b"Basic ".to_vec();
129 | {
130 | let mut encoder = EncoderWriter::new(&mut buf, &BASE64_STANDARD);
131 | let _ = write!(encoder, "{}:", username);
132 | if let Some(password) = password {
133 | let _ = write!(encoder, "{}", password);
134 | }
135 | }
136 | let mut header = HeaderValue::from_bytes(&buf).expect("base64 is always valid HeaderValue");
137 | header.set_sensitive(true);
138 | header
139 | }
140 |
--------------------------------------------------------------------------------
/src/typed_path.rs:
--------------------------------------------------------------------------------
1 | use axum_extra::routing::TypedPath;
2 | use serde_derive::{Deserialize, Serialize};
3 | use strum::{AsRefStr, Display, EnumString, IntoStaticStr, VariantNames};
4 |
5 | pub trait PathParts: Send {
6 | fn parts(&self) -> (Option, Option, Option) {
7 | (self.repo(), self.tpe(), self.name())
8 | }
9 |
10 | fn repo(&self) -> Option {
11 | None
12 | }
13 |
14 | fn tpe(&self) -> Option {
15 | None
16 | }
17 |
18 | fn name(&self) -> Option {
19 | None
20 | }
21 | }
22 |
23 | #[derive(
24 | Debug,
25 | Clone,
26 | Copy,
27 | PartialEq,
28 | Eq,
29 | Default,
30 | Display,
31 | Serialize,
32 | Deserialize,
33 | IntoStaticStr,
34 | AsRefStr,
35 | VariantNames,
36 | EnumString,
37 | )]
38 | #[serde(rename_all = "lowercase")]
39 | #[strum(serialize_all = "lowercase")]
40 | #[strum(ascii_case_insensitive)]
41 | pub enum TpeKind {
42 | Config,
43 | #[default]
44 | Data,
45 | Index,
46 | Keys,
47 | Locks,
48 | Snapshots,
49 | }
50 |
51 | impl TpeKind {
52 | pub fn into_str(self) -> &'static str {
53 | self.into()
54 | }
55 | }
56 |
57 | // A type safe route with `"/:repo/config"` as its associated path.
58 | #[derive(TypedPath, Deserialize, Debug)]
59 | #[typed_path("/:repo/config")]
60 | pub struct RepositoryConfigPath {
61 | pub repo: String,
62 | }
63 |
64 | impl PathParts for RepositoryConfigPath {
65 | fn repo(&self) -> Option {
66 | Some(self.repo.clone())
67 | }
68 | }
69 |
70 | // A type safe route with `"/:repo/"` as its associated path.
71 | #[derive(TypedPath, Deserialize, Debug)]
72 | #[typed_path("/:repo/")]
73 | pub struct RepositoryPath {
74 | pub repo: String,
75 | }
76 |
77 | impl PathParts for RepositoryPath {
78 | fn repo(&self) -> Option {
79 | Some(self.repo.clone())
80 | }
81 | }
82 |
83 | // A type safe route with `"/:tpe"` as its associated path.
84 | #[derive(TypedPath, Deserialize, Debug, Copy, Clone)]
85 | #[typed_path("/:tpe")]
86 | pub struct TpePath {
87 | pub tpe: TpeKind,
88 | }
89 |
90 | impl PathParts for TpePath {
91 | fn tpe(&self) -> Option {
92 | Some(self.tpe)
93 | }
94 | }
95 |
96 | // A type safe route with `"/:repo/:tpe/"` as its associated path.
97 | #[derive(TypedPath, Deserialize, Debug)]
98 | #[typed_path("/:repo/:tpe/")]
99 | pub struct RepositoryTpePath {
100 | pub repo: String,
101 | pub tpe: TpeKind,
102 | }
103 |
104 | impl PathParts for RepositoryTpePath {
105 | fn repo(&self) -> Option {
106 | Some(self.repo.clone())
107 | }
108 |
109 | fn tpe(&self) -> Option {
110 | Some(self.tpe)
111 | }
112 | }
113 |
114 | // A type safe route with `"/:tpe/:name"` as its associated path.
115 | #[derive(TypedPath, Deserialize, Debug)]
116 | #[typed_path("/:tpe/:name")]
117 | pub struct TpeNamePath {
118 | pub tpe: TpeKind,
119 | pub name: String,
120 | }
121 |
122 | impl PathParts for TpeNamePath {
123 | fn tpe(&self) -> Option {
124 | Some(self.tpe)
125 | }
126 |
127 | fn name(&self) -> Option {
128 | Some(self.name.clone())
129 | }
130 | }
131 |
132 | // A type safe route with `"/:repo/:tpe/:name"` as its associated path.
133 | #[derive(TypedPath, Deserialize, Debug)]
134 | #[typed_path("/:repo/:tpe/:name")]
135 | pub struct RepositoryTpeNamePath {
136 | pub repo: String,
137 | pub tpe: TpeKind,
138 | pub name: String,
139 | }
140 |
141 | impl PathParts for RepositoryTpeNamePath {
142 | fn repo(&self) -> Option {
143 | Some(self.repo.clone())
144 | }
145 |
146 | fn tpe(&self) -> Option {
147 | Some(self.tpe)
148 | }
149 |
150 | fn name(&self) -> Option {
151 | Some(self.name.clone())
152 | }
153 | }
154 |
--------------------------------------------------------------------------------
/src/web.rs:
--------------------------------------------------------------------------------
1 | use axum::{middleware, routing::get, Router};
2 | use axum_extra::routing::RouterExt;
3 | use axum_server::tls_rustls::RustlsConfig;
4 | use tokio::net::TcpListener;
5 | use tracing::{info, level_filters::LevelFilter};
6 |
7 | use crate::{
8 | acl::init_acl,
9 | auth::init_auth,
10 | context::ServerRuntimeContext,
11 | error::{AppResult, ErrorKind},
12 | handlers::{
13 | file_config::{add_config, delete_config, get_config, has_config},
14 | file_exchange::{add_file, delete_file, get_file},
15 | file_length::file_length,
16 | files_list::list_files,
17 | health::{init_start_time, live_check},
18 | repository::{create_repository, delete_repository},
19 | },
20 | log::print_request_response,
21 | storage::{init_storage, Storage},
22 | typed_path::{RepositoryConfigPath, RepositoryPath, RepositoryTpeNamePath, RepositoryTpePath},
23 | };
24 |
25 | /// Start the web server
26 | ///
27 | /// # Arguments
28 | ///
29 | /// * `runtime_ctx` - The server runtime context
30 | pub async fn start_web_server(runtime_ctx: ServerRuntimeContext) -> AppResult<()>
31 | where
32 | S: Storage + Clone + std::fmt::Debug,
33 | {
34 | let ServerRuntimeContext {
35 | socket_address,
36 | acl,
37 | auth,
38 | storage,
39 | tls,
40 | ..
41 | } = runtime_ctx;
42 |
43 | init_start_time();
44 | init_acl(acl)?;
45 | init_auth(auth)?;
46 | init_storage(storage)?;
47 |
48 | let mut app = Router::new();
49 |
50 | // /health/live
51 | //
52 | // Liveness probe. This is used to check if the server is running.
53 | // Returns “200 OK” if the server is running.
54 | app = app.route("/health/live", get(live_check));
55 |
56 | // /health/ready
57 | //
58 | // Readiness probe. This is used to check if the server is ready to accept requests.
59 | // Returns “200 OK” if the server is ready to accept requests.
60 | // app = app.route("/health/ready", get(ready_check));
61 |
62 | // /:repo/:tpe/:name
63 | app = app
64 | // Returns “200 OK” if the blob with the given name and type is stored in the repository,
65 | // “404 not found” otherwise. If the blob exists, the HTTP header Content-Length
66 | // is set to the file size.
67 | .typed_head(file_length::)
68 | // Returns the content of the blob with the given name and type if it is stored
69 | // in the repository, “404 not found” otherwise.
70 | // If the request specifies a partial read with a Range header field, then the
71 | // status code of the response is 206 instead of 200 and the response only contains
72 | // the specified range.
73 | //
74 | // Response format: binary/octet-stream
75 | .typed_get(get_file::)
76 | // Saves the content of the request body as a blob with the given name and type,
77 | // an HTTP error otherwise.
78 | //
79 | // Request format: binary/octet-stream
80 | .typed_post(add_file::)
81 | // Returns “200 OK” if the blob with the given name and type has been deleted from
82 | // the repository, an HTTP error otherwise.
83 | .typed_delete(delete_file::);
84 |
85 | // /:repo/config
86 | app = app
87 | // Returns “200 OK” if the repository has a configuration, an HTTP error otherwise.
88 | .typed_head(has_config)
89 | // Returns the content of the configuration file if the repository has a configuration,
90 | // an HTTP error otherwise.
91 | //
92 | // Response format: binary/octet-stream
93 | .typed_get(get_config::)
94 | // Returns “200 OK” if the configuration of the request body has been saved,
95 | // an HTTP error otherwise.
96 | .typed_post(add_config::)
97 | // Returns “200 OK” if the configuration of the repository has been deleted,
98 | // an HTTP error otherwise.
99 | // Note: This is not part of the API documentation, but it is implemented
100 | // to allow for the deletion of the configuration file during testing.
101 | .typed_delete(delete_config::);
102 |
103 | // /:repo/:tpe/
104 | // # API version 1
105 | //
106 | // Returns a JSON array containing the names of all the blobs stored for a given type, example:
107 | //
108 | // ```json
109 | // [
110 | // "245bc4c430d393f74fbe7b13325e30dbde9fb0745e50caad57c446c93d20096b",
111 | // "85b420239efa1132c41cea0065452a40ebc20c6f8e0b132a5b2f5848360973ec",
112 | // "8e2006bb5931a520f3c7009fe278d1ebb87eb72c3ff92a50c30e90f1b8cf3e60",
113 | // "e75c8c407ea31ba399ab4109f28dd18c4c68303d8d86cc275432820c42ce3649"
114 | // ]
115 | // ```
116 | //
117 | // # API version 2
118 | //
119 | // Returns a JSON array containing an object for each file of the given type.
120 | // The objects have two keys: name for the file name, and size for the size in bytes.
121 | //
122 | // [
123 | // {
124 | // "name": "245bc4c430d393f74fbe7b13325e30dbde9fb0745e50caad57c446c93d20096b",
125 | // "size": 2341058
126 | // },
127 | // {
128 | // "name": "85b420239efa1132c41cea0065452a40ebc20c6f8e0b132a5b2f5848360973ec",
129 | // "size": 2908900
130 | // },
131 | // {
132 | // "name": "8e2006bb5931a520f3c7009fe278d1ebb87eb72c3ff92a50c30e90f1b8cf3e60",
133 | // "size": 3030712
134 | // },
135 | // {
136 | // "name": "e75c8c407ea31ba399ab4109f28dd18c4c68303d8d86cc275432820c42ce3649",
137 | // "size": 2804
138 | // }
139 | // ]
140 | app = app.typed_get(list_files::);
141 |
142 | // /:repo/ --> note: trailing slash
143 | app = app
144 | // This request is used to initially create a new repository.
145 | // The server responds with “200 OK” if the repository structure was created
146 | // successfully or already exists, otherwise an error is returned.
147 | .typed_post(create_repository::)
148 | // Deletes the repository on the server side. The server responds with “200 OK”
149 | // if the repository was successfully removed. If this function is not implemented
150 | // the server returns “501 Not Implemented”, if this it is denied by the server it
151 | // returns “403 Forbidden”.
152 | .typed_delete(delete_repository::);
153 |
154 | // TODO: This is not reflected in the API documentation?
155 | // TODO: Decide if we want to keep this or not!
156 | // // /:tpe/:name
157 | // // we loop here over explicit types, to prevent conflict with paths "/:repo/:tpe"
158 | // for tpe in constants::TYPES.into_iter() {
159 | // let path = format!("/{}:name", &tpe);
160 | // app = app
161 | // .route(path.as_str(), head(file_length::))
162 | // .route(path.as_str(), get(get_file::))
163 | // .route(path.as_str(), post(add_file::))
164 | // .route(path.as_str(), delete(delete_file::));
165 | // }
166 | //
167 | // /:tpe --> note: NO trailing slash
168 | // we loop here over explicit types, to prevent the conflict with paths "/:repo/"
169 | // for tpe in constants::TYPES.into_iter() {
170 | // let path = format!("/{}", &tpe);
171 | // app = app.route(path.as_str(), get(list_files::));
172 | // }
173 |
174 | // Extra logging requested. Handlers will log too
175 | // TODO: Use LogSettings here, this should be set from the cli by `--log`
176 | // TODO: and then needs to go to a file
177 | // e.g. log_opts.is_disabled() or other checks
178 | match LevelFilter::current() {
179 | LevelFilter::TRACE | LevelFilter::DEBUG | LevelFilter::INFO => {
180 | app = app.layer(middleware::from_fn(print_request_response));
181 | }
182 | _ => {}
183 | };
184 |
185 | info!("Starting web server ...");
186 |
187 | if let Some(tls) = tls {
188 | // Start server with or without TLS
189 | let config = RustlsConfig::from_pem_file(tls.tls_cert, tls.tls_key)
190 | .await
191 | .map_err(|err|
192 | ErrorKind::Io.context(
193 | format!("Failed to load TLS certificate/key. Please make sure the paths are correct. `{err}`")
194 | )
195 | )?;
196 |
197 | info!("Listening on: `https://{socket_address}`");
198 |
199 | axum_server::bind_rustls(socket_address, config)
200 | .serve(app.into_make_service())
201 | .await
202 | .expect("Failed to start server. Is the address already in use?");
203 | } else {
204 | info!("Listening on: `http://{socket_address}`");
205 |
206 | axum::serve(
207 | TcpListener::bind(socket_address)
208 | .await
209 | .expect("Failed to bind to socket. Please make sure the address is correct."),
210 | app.into_make_service(),
211 | )
212 | .await
213 | .expect("Failed to start server. Is the address already in use?");
214 | };
215 |
216 | Ok(())
217 | }
218 |
--------------------------------------------------------------------------------
/tests/fixtures/hurl/endpoints.hurl:
--------------------------------------------------------------------------------
1 | # No auth
2 | HEAD http://127.0.0.1:8000/ci_repo/config
3 | HTTP 403
4 |
5 | # Access a new repository
6 | HEAD http://127.0.0.1:8000/ci_repo/
7 | [BasicAuth]
8 | hurl: hurl
9 | HTTP 405
10 |
11 | # Create a new repository
12 | POST http://127.0.0.1:8000/ci_repo/?create=true
13 | [BasicAuth]
14 | hurl: hurl
15 | HTTP 200
16 |
17 |
18 | HEAD http://127.0.0.1:8000/ci_repo/config
19 | [BasicAuth]
20 | hurl: hurl
21 | HTTP 200
22 |
23 | # Access to keys
24 | GET http://127.0.0.1:8000/ci_repo/keys/
25 | [BasicAuth]
26 | hurl: hurl
27 | HTTP 200
28 | Content-Type: application/vnd.x.restic.rest.v1
29 |
30 | GET http://127.0.0.1:8000/ci_repo/keys/eb7e523a1916c2cc1c750dc89cd6024f5dd319814c417a3f9081578f8c2c4a76
31 | RANGE: bytes=0-230
32 | [BasicAuth]
33 | hurl: hurl
34 | HTTP 206
35 | content-length: 231
36 |
37 | # GET http://127.0.0.1:8000/ci_repo/keys/eb7e523a1916c2cc1c750dc89cd6024f5dd319814c417a3f9081578f8c2c4a76
38 | # [BasicAuth]
39 | # hurl: hurl
40 | # HTTP 200
41 |
42 | GET http://127.0.0.1:8000/ci_repo/config
43 | [BasicAuth]
44 | hurl: hurl
45 | HTTP 200
46 |
47 | GET http://127.0.0.1:8000/ci_repo/locks/
48 | [BasicAuth]
49 | hurl: hurl
50 | HTTP 200
51 |
52 | # POST http://127.0.0.1:8000/ci_repo/locks/ac4ff62472b009cf71c81199f4fc635152639909cb1143911150db467ca86544
53 | # [BasicAuth]
54 | # hurl: hurl
55 | # HTTP 200
56 |
57 | GET http://127.0.0.1:8000/ci_repo/locks/
58 | [BasicAuth]
59 | hurl: hurl
60 | HTTP 200
61 |
62 | GET http://127.0.0.1:8000/ci_repo/snapshots/
63 | [BasicAuth]
64 | hurl: hurl
65 | HTTP 200
66 |
67 | GET http://127.0.0.1:8000/ci_repo/index/
68 | [BasicAuth]
69 | hurl: hurl
70 | HTTP 200
71 |
72 | # POST http://127.0.0.1:8000/ci_repo/data/3b013253cd72fa7e98f9dcd6106f9565933556f1c80a720e1e44dbf3b57af446
73 | # [BasicAuth]
74 | # hurl: hurl
75 | # HTTP 200
76 |
77 | # POST http://127.0.0.1:8000/ci_repo/data/89923722810777f3026a7cf9b246eb9613c7e3f64e77e6ccecb4001774c38acf
78 | # [BasicAuth]
79 | # hurl: hurl
80 | # HTTP 200
81 |
82 | # POST http://127.0.0.1:8000/ci_repo/index/004ebe81e7927131b6dde40bd4595ebf95a355bf26509de83fb9d12b4ab280b4
83 | # [BasicAuth]
84 | # hurl: hurl
85 | # HTTP 200
86 |
87 | # POST http://127.0.0.1:8000/ci_repo/snapshots/ddd75013f2d2470d910adadf728c5c8cd6e91cb591bdfbf1cfd7f3af7e32c7eb
88 | # [BasicAuth]
89 | # hurl: hurl
90 | # HTTP 200
91 |
92 | # DELETE http://127.0.0.1:8000/ci_repo/locks/ac4ff62472b009cf71c81199f4fc635152639909cb1143911150db467ca86544
93 | # [BasicAuth]
94 | # hurl: hurl
95 | # HTTP 200
96 |
--------------------------------------------------------------------------------
/tests/fixtures/test_data/.htpasswd:
--------------------------------------------------------------------------------
1 | rustic:$2y$05$48brsXSjDCo83AKq.52w1.A9NgpQth3emdWZZXbPStHtqv7hxIleW
2 | restic:$2y$05$iKXd4X4AKOpBPufMhlSfwOQqrl/nu1A9yAFbKYG742cJz325qeB/a
3 | hurl:$2y$05$63hF2CpYPDYuM3Jlm04hH.TYIxGo6nk1eFjVBHd06X7LLRcTFyMz2
4 |
--------------------------------------------------------------------------------
/tests/fixtures/test_data/README.md:
--------------------------------------------------------------------------------
1 | # Test data folder
2 |
3 | The test data folder contains data required for testing the server.
4 |
5 | ## Basic files for test access to a repository
6 |
7 | ### `.htpasswd`
8 |
9 | File governing the access to the server. Without access all is rejected.
10 |
11 | The `.htpasswd` file has three entries:
12 |
13 | - rustic:rustic
14 | - restic:restic
15 | - hurl:hurl
16 |
17 | ### `acl.toml`
18 |
19 | Definition which user from the HTACCESS file has what privileges on which
20 | repository.
21 |
22 | Check [here](config/README.md) for more information.
23 |
24 | ### `rustic_server.toml`
25 |
26 | Server configuration file.
27 |
28 | ### `rustic.toml`
29 |
30 | Configuration file for the `rustic` commands. Start as:
31 |
32 | ```console
33 | rustic -P /test.toml
34 | ```
35 |
36 | In the configuration folder there is an example given. Adapt to your
37 | configuration. To make use of the `test_repo`, the file has to contain the
38 | following credentials:
39 |
40 | ```toml
41 | [repository]
42 | repository = "rest:http://rustic:rustic@localhost:8000/ci_repo"
43 | password = "rustic"
44 | ```
45 |
46 | ### `certs` directory
47 |
48 | Contains the test certificates for the server.
49 |
50 | ## Source folder for Testing
51 |
52 | There is a source folder with test data.
53 |
54 | ## Storage folder for Testing
55 |
56 | There is a storage folder with test data. It is used to store the data for the
57 | server. The data is stored in the `tests/generated/test_storage` directory.
58 |
--------------------------------------------------------------------------------
/tests/fixtures/test_data/acl.toml:
--------------------------------------------------------------------------------
1 | [test_repo]
2 | rustic = "Append"
3 | restic = "Append"
4 | hurl = "Append"
5 |
6 | [repo_remove_me]
7 | rustic = "Modify"
8 | restic = "Modify"
9 |
10 | [repo_remove_me_2]
11 | rustic = "Modify"
12 | restic = "Modify"
13 |
14 | [ci_repo]
15 | rustic = "Modify"
16 | restic = "Modify"
17 | hurl = "Modify"
18 |
--------------------------------------------------------------------------------
/tests/fixtures/test_data/certs/test.crt:
--------------------------------------------------------------------------------
1 | -----BEGIN CERTIFICATE-----
2 | MIIFazCCA1OgAwIBAgIUbXfB4z/6MIKJgY+VTqnJ7+nTNWAwDQYJKoZIhvcNAQEL
3 | BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM
4 | GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yNDExMTUwNzE4MTVaFw0yNDEy
5 | MTUwNzE4MTVaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw
6 | HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggIiMA0GCSqGSIb3DQEB
7 | AQUAA4ICDwAwggIKAoICAQC7+I2MESwS2ITiACX24F1ad7LDJRatsa40KNfG0o9x
8 | TGC/v0Hi22h2uvxoIf/Sol9uikm+agFbTiCptzvkG8ceMqO+Wfb55UyElvu3RD5z
9 | xYVlpSHs4FKI25C+OENAALVxCmCGR+/CEWHamhRT0goGgkxdieh0zDqWKzg3ZGR8
10 | 7ez6MjuRag8ffTgMd6ShBNun0HrS37hVOSMXnZvOm8gTp3Ns+lacui4LIA75+COl
11 | KxPz2uVX0ChmCw9o1u8hZ0WRvaTZ20ftdr4PKIJ7PkubQeO03NuB0vV1OHQWP57/
12 | zGeuz9GKxlpeeNrZPWtcEUONEyBVopSVOVDiKHmVgC5prrqIJ55eykxaKR977NNP
13 | 8+acVLHItmMozdnQTYdWqmqjrVadUBXEMvLhcZQkPOFcEKVETkN+XWey0Gy+wVRr
14 | BFkY8DJhtkUSVOCvyvtXnZuGAqNsZjEdaa5fCIYFL6OIcEuEmdcSY0wjY81mBmUm
15 | 4klXLZ/fqht6uiF+zr/2gesSxaookj8wDH88eIRzp79ZEwddXbYl0vdROgbYfP3u
16 | Jg4SGPC+ixcx0+QgBvnNo4wACTK4gpxmWdu6AfqorOJUjxlKT6Pl67Z7D9N6GQaL
17 | 9ixb5rMY2TFrca+qJ9lNWJoOyHCmPqhrEUwc4P7ttPK6wSunhtEvFMRghT2Prhtr
18 | DwIDAQABo1MwUTAdBgNVHQ4EFgQUdmGNwC3UyYQoY8aRjZLZZP548O8wHwYDVR0j
19 | BBgwFoAUdmGNwC3UyYQoY8aRjZLZZP548O8wDwYDVR0TAQH/BAUwAwEB/zANBgkq
20 | hkiG9w0BAQsFAAOCAgEAczt0ZT/bX7d2CmS/3gT/j8uAduEdKP6EcAQqmNO88+V+
21 | Ib4+VC4wtPlz5VH1u2cySFiCMb55I16HNScP3Ufjqzi6W6tAaIFkEr1iGT8JF8o1
22 | vXhxwrpkg8hWUSR/eK4Huatx68Y9r3HwkTIAUxQ6OpiduPcrLt+hvH8ybQFOAm0h
23 | 0sfSF1MPlBuuoMo6xAbn/PwxdTISeYjeu4oqSV85dRZ0J7q0gmnRMP9dnUdJaYwS
24 | x2f8/y1lbl6WskNphHJs8l07BnhyulcxmU/wupo7TF80aNd29xaSnZ/WZ9OUO+JE
25 | o3uEEWVJOFZ/xWxH284G6zpkgrzKqQWql1EDcRwEsCP7Mb1nhcHuKFh6w+KUuy3Q
26 | +2zlRE20n6+30YSJ0sI+cHsYBZ3ay7qQHa00ZJtId7i5xswMhnl+HzNvwPRN8RNC
27 | dTKY0+mL554ahQXKwWXNB4CAIxYE84SCA+N2nNzVOuGME0jsulzyhsEqh0eIVQp2
28 | +pg3BIAUGESRfCy+b5dHE4THeyeXZQ3fdsPeH5eE1wSuTysBYWdoh+0uOKGHXRQX
29 | h3HB8LEuN7GHNkMMHwPRimFaeOrznbgX+IL/wnQSRe1Sw/j0/YPP3zZpLRZUaglB
30 | hQRc9rZdD6vxSeSpSZRUbtgRuwBAjl+EBl5ACope2SXtC9+61+xojA8yp6IGw1o=
31 | -----END CERTIFICATE-----
32 |
--------------------------------------------------------------------------------
/tests/fixtures/test_data/certs/test.key:
--------------------------------------------------------------------------------
1 | -----BEGIN PRIVATE KEY-----
2 | MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQC7+I2MESwS2ITi
3 | ACX24F1ad7LDJRatsa40KNfG0o9xTGC/v0Hi22h2uvxoIf/Sol9uikm+agFbTiCp
4 | tzvkG8ceMqO+Wfb55UyElvu3RD5zxYVlpSHs4FKI25C+OENAALVxCmCGR+/CEWHa
5 | mhRT0goGgkxdieh0zDqWKzg3ZGR87ez6MjuRag8ffTgMd6ShBNun0HrS37hVOSMX
6 | nZvOm8gTp3Ns+lacui4LIA75+COlKxPz2uVX0ChmCw9o1u8hZ0WRvaTZ20ftdr4P
7 | KIJ7PkubQeO03NuB0vV1OHQWP57/zGeuz9GKxlpeeNrZPWtcEUONEyBVopSVOVDi
8 | KHmVgC5prrqIJ55eykxaKR977NNP8+acVLHItmMozdnQTYdWqmqjrVadUBXEMvLh
9 | cZQkPOFcEKVETkN+XWey0Gy+wVRrBFkY8DJhtkUSVOCvyvtXnZuGAqNsZjEdaa5f
10 | CIYFL6OIcEuEmdcSY0wjY81mBmUm4klXLZ/fqht6uiF+zr/2gesSxaookj8wDH88
11 | eIRzp79ZEwddXbYl0vdROgbYfP3uJg4SGPC+ixcx0+QgBvnNo4wACTK4gpxmWdu6
12 | AfqorOJUjxlKT6Pl67Z7D9N6GQaL9ixb5rMY2TFrca+qJ9lNWJoOyHCmPqhrEUwc
13 | 4P7ttPK6wSunhtEvFMRghT2PrhtrDwIDAQABAoICACo0H7/LmTwv/gHqK5v2+y7V
14 | Qj87ZBCinKzcYLoky40SK4TR0d64CYfi6soMnC40Q74DcZQ9o8lWzNGeMOXB8N6Q
15 | WyBhfajU+W2poqGewnDm79EHFwtiwFU3CxQSeNL1dceIH2z22NeXZIOa5aZ+Ob8F
16 | YVT9IkKbGipeUNRrB37fQr5YKfS3veaBjGSMNlvqxdCzZ+hRz8beucjTG8jzRCRZ
17 | i/pzaJ/u02ivDX3FX2d1uRie1LB3LaLfp9mPrIgw8jdLP6ikac1gxEKOA2HddkdJ
18 | L3GLxwMqlO75OmNGbJIdWEgxI+iHKYIdm3F8L08wFx0lJrTjeH3arRTiJo5RBdpU
19 | y8z6q8rlBpDE6c189mqEAXVMCEvFe259LfWDwI45BE7Oyrb9DqgxJ35psQuIWB+g
20 | fnBwiSBTVlVjKcg+2ufhF0dlU/dn7L87jvc83GMzy3i2sTYwqxBXkcTpdI6AwfPL
21 | hsB+/8yK46OTk0/9e80+0K4KGCrTCXCyg/YGDXRoTkHpopvc4eW8L82alFvdWKn8
22 | glN5PQYIlSXm02DyL63IiJiIo0Y05OP4uG8tPEasEzDhTPiG/Wiij3EU1uNi5Dhq
23 | A8tih5KxeouAAouXtDjB/zvUAkVnPso2vhI8pIG3lFnIfSvGGf/5GZmcR3OJztju
24 | FF2tu1yM8JyvKcEpX+NpAoIBAQDtypVSesjNBG3MCaFzaDKKBen6rDKxi+LoSHSg
25 | aPdTpwcy1O9HZlHOAqvBzhk+70C+mGrQ67eji55n24hLxqjPsXWuEeYWqaAP6lxy
26 | E/gfL5exQD6En6FLieg5LVxxFhzOhfqQNHm6B/X8GSKJW+M8Y8stYRX44Q+2qLIY
27 | 1GC33KfXvKLL2E9NYxep/jEItJiuhnFkSGACRLdxRP9x604cpZPHyin7nSK57GV4
28 | gmjFBF71n0ImVefgaq/wiPAUHp6uAdpHvPI4m23al96wdNsSQrjgoTFLEpTHEk6a
29 | sUZswWlRSjRwFoFV2mpdsIz6wo7qkFXsXQuIU6ln+09eXbVnAoIBAQDKXVdXFlGl
30 | MBeE7NKJSXEbagDrmKlpoa36KLT5uokZ4UTToF1bBtB1dE0nLOvDzK8+SP60NuNd
31 | CiUr2solksqMSOplZQa0ErSgxFhg1cPtndzLpKG+cA4FqWsfmCCIDfjOiQ4raqK0
32 | hQCO+0w3i1W/mDLidx+U6thXlma96jhXVRM4YaB42vZ1IAbyCLW/ZsNCna4+7KQ3
33 | 3Q04Fu+ODMno2ax16mUzYTwSpRUOk3DeHVjHsHwg5dRk286kG7YLCAsxqnWi0lci
34 | yWdw0czviSquCCNhaBy2v+q1Sr6X52n919b5Qq03NoedlFvZDNfuu0VwwTuX6bMZ
35 | 8UhstzPKoSwZAoIBABff4yYo1chfzXZS8TbZG1noRhm4+E4DMYEI5UzFvS9U8dAU
36 | uQF+MHByrDQFMVu0QdfhDbh0MjflaL4cuI6DH6fatWoIugVEeqGecjGx95OJ/7z4
37 | Kk6+iD9BVWOIPmPMSJAju4iG/EHFUtlA3MrVwvbpPhkMSlx2nFFGlrsPd7Z+HQv4
38 | EJBO44dtj46tytaI61t6fCAJdDpGE/T3bH5PlcQii7ffgF+W40mvhnCXB1Xgnngi
39 | yU14CpPpokiQNyqN+HiYDwZs3hT45gqwfNdSpDwtHsrO5FgZQX7LQ8EcU2nP8XcL
40 | 8D/gwpOQHmXRuBXlOtwqKbZVkTbaz4N1I/7hgbkCggEBALJStH9afJHbIi6RXil6
41 | XUByFeOGQGuD/MJ/kpKprNzwZG00WG+5PoLx/Hb0H8IHobl6K3B1Gb/IC99sSkv3
42 | 4aLjMiItd03BWgh9XP/f/2ppfMK7DYi6R7D3jR1nOeuKnGCr55+ctUnsFgTpL02W
43 | 6/YM0XI81Miudfwg3eKm/gT/RBOf+//ju+CUW2p3AGlszc3rEzwB3egYU+jEVU7Q
44 | uDAHePDjn1A6c+xeKoMQrBoetDgrrgZzYMmL5Lk6bh2kdfDLLCRRxFU0M4H4buX5
45 | 8nEvXLYeP4dO8S3WcsN7OixlQduexPLti23x6UoIBlQqFFP7A1+noZrPwymB+xKp
46 | GikCggEAPkvkGP7IsU24e0o+1DhSTXne1P4uL3gb9J2ajS2zXM/mHEnsMXk1tDbR
47 | hZMPWbeEdy9JNDVmIOn2DlHe8XA/IxpseMGuw84Lw2xdnG9KxcFfL3tKxBuQSgWW
48 | 2Rh/Bj0K91TjSWUuuWdyXGa956EEvm9kElvS0yAzrtcPEq+TMvY/EXpxBiRgmumd
49 | CByZ/Cslt5UYy1WQleYLhfwRGYvPVSxm9YsDnxUuElTp1GXmAhMyPB/GPIU4K387
50 | NPg7ORaAzwq/aBUstgvZzMxSVh1NFwuOoPSbBl94VN90KEBRjJsCWMprUqRsaCr0
51 | 3qSwXbVVeQ1hLFeZrLDH1U+xTu0W8g==
52 | -----END PRIVATE KEY-----
53 |
--------------------------------------------------------------------------------
/tests/fixtures/test_data/rustic.toml:
--------------------------------------------------------------------------------
1 | [repository]
2 | repository = "rest:http://rustic:rustic@localhost:8000/ci_repo"
3 | password = "rustic"
4 |
--------------------------------------------------------------------------------
/tests/fixtures/test_data/rustic_server.toml:
--------------------------------------------------------------------------------
1 | [server]
2 | listen = "127.0.0.1:8080"
3 |
4 | [storage]
5 | data-dir = "tests/generated/test_storage/"
6 |
7 | [auth]
8 | disable-auth = false
9 | htpasswd-file = "tests/fixtures/test_data/.htpasswd"
10 |
11 | [acl]
12 | disable-acl = false
13 | append-only = false
14 | acl-path = "tests/fixtures/test_data/acl.toml"
15 |
16 | [tls]
17 | disable-tls = true
18 | # tls-cert = "tests/fixtures/test_data/certs/test.crt"
19 | # tls-key = "tests/fixtures/test_data/certs/test.key"
20 |
--------------------------------------------------------------------------------
/tests/fixtures/test_data/server_acl_minimal.toml:
--------------------------------------------------------------------------------
1 | [acl]
2 | disable-acl = true
3 | acl-path = "/test_data/test_repo/acl.toml"
4 | append-only = false
5 |
--------------------------------------------------------------------------------
/tests/fixtures/test_data/test_repo_source/my_file.html:
--------------------------------------------------------------------------------
1 | hello wold
2 |
--------------------------------------------------------------------------------
/tests/fixtures/test_data/test_repo_source/my_file.txt:
--------------------------------------------------------------------------------
1 | hello world
2 |
--------------------------------------------------------------------------------
/tests/fixtures/test_data/test_repo_source/my_folder/my_file.html:
--------------------------------------------------------------------------------
1 |
hello wold in folder
2 |
--------------------------------------------------------------------------------
/tests/fixtures/test_data/test_repo_source/my_folder/my_file.txt:
--------------------------------------------------------------------------------
1 | hello world in folder
2 |
--------------------------------------------------------------------------------
/tests/generated/test_storage/test_repo/config:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/rustic-rs/rustic_server/c1435f6bbe940262df0179a1e9794d2b5bb461df/tests/generated/test_storage/test_repo/config
--------------------------------------------------------------------------------
/tests/generated/test_storage/test_repo/keys/3f918b737a2b9f72f044d06d6009eb34e0e8d06668209be3ce86e5c18dac0295:
--------------------------------------------------------------------------------
1 | {"created":"2024-11-13T09:36:49.8626939+01:00","username":"TOWERPC\\dailyuse","hostname":"TowerPC","kdf":"scrypt","N":32768,"r":8,"p":7,"salt":"eOkZJZ+hvbGoe3ebzcNcEUXA/VP/e9WK2FUa0yDr96ZrjSoFc9qTbpgt4A3Z7m0NxqkF72D/aAgslDLw8Oe4cQ==","data":"ciGXdAUQBygykL/F+FE+/YnwNdcvdUenJ4ndRVIyOZ7BDs/VJxxEVul0YEykxtNJ0tJc2fruOzcMsSyjZkrATod4Zi3c2D0CJEE9kKeggwNDSJou9TOFjXF8eoZTQrzzeEkDXXPy26wlxhtLSlj4RqR3UgZzLOuT9rp9oUalxuCq7k0CAPz65rqOvUbmE0+krmuefJwhDWXK97E+gDp5iQ=="}
--------------------------------------------------------------------------------
/tests/integration/_impl.rs:
--------------------------------------------------------------------------------
1 | use std::time::Duration;
2 |
3 | use crate::config::ConfigFile;
4 | use assert_cmd::Command;
5 | use serde::Serialize;
6 |
7 | pub trait AssertCmdExt {
8 | /// Add the given configuration file
9 | fn config(&mut self, config: &impl Serialize) -> &mut Self;
10 |
11 | /// Enable test mode
12 | fn test_mode_args(&mut self) -> &mut Self;
13 | }
14 |
15 | impl AssertCmdExt for Command {
16 | fn config(&mut self, config: &impl Serialize) -> &mut Self {
17 | let target_bin = self.get_program().to_owned();
18 | let config_file = ConfigFile::create(&target_bin, config);
19 |
20 | // Leak the config file to keep it alive for the duration of the test
21 | let static_config: &'static mut ConfigFile = Box::leak(Box::new(config_file));
22 |
23 | self.args(["-c", &static_config.path().display().to_string()]);
24 | self
25 | }
26 |
27 | fn test_mode_args(&mut self) -> &mut Self {
28 | self.timeout(Duration::from_secs(10)) // Set a timeout of 10 seconds
29 | .args(["-v"]) // Enable verbose logging
30 | .env("CI", "1"); // Enable CI test mode
31 |
32 | self
33 | }
34 | }
35 |
--------------------------------------------------------------------------------
/tests/integration/acceptance.rs:
--------------------------------------------------------------------------------
1 | //! Acceptance test: runs the application as a subprocess and asserts its
2 | //! output for given argument combinations matches what is expected.
3 | //!
4 | //! Modify and/or delete these as you see fit to test the specific needs of
5 | //! your application.
6 | //!
7 | //! For more information, see:
8 | //!
9 |
10 | // Tip: Deny warnings with `RUSTFLAGS="-D warnings"` environment variable in CI
11 |
12 | #![forbid(unsafe_code)]
13 | #![warn(
14 | missing_docs,
15 | rust_2018_idioms,
16 | trivial_casts,
17 | unused_lifetimes,
18 | unused_qualifications
19 | )]
20 |
21 | use std::{net::SocketAddr, path::PathBuf};
22 |
23 | use crate::_impl::AssertCmdExt;
24 | use anyhow::{Ok, Result};
25 | use assert_cmd::Command;
26 | use rstest::{fixture, rstest};
27 | use rustic_server::config::RusticServerConfig;
28 | use serial_test::file_serial;
29 |
30 | #[fixture]
31 | fn setup() -> Result {
32 | let runner = Command::cargo_bin(env!("CARGO_PKG_NAME").replace("_", "-"))?;
33 |
34 | Ok(runner)
35 | }
36 |
37 | /// Use command-line argument value
38 | #[rstest]
39 | #[file_serial]
40 | #[ignore = "FIXME: This test doesn't run in CI because it needs to bind to a port."]
41 | fn test_serve_with_args_passes(setup: Result) -> Result<()> {
42 | let assert = setup?
43 | .arg("serve")
44 | .args(["--listen", "127.0.0.1:8001"])
45 | .args(["--htpasswd-file", "tests/fixtures/test_data/.htpasswd"])
46 | .args([
47 | "--tls",
48 | "--tls-cert",
49 | "tests/fixtures/test_data/certs/test.crt",
50 | "--tls-key",
51 | "tests/fixtures/test_data/certs/test.key",
52 | ])
53 | .args([
54 | "--private-repos",
55 | "--acl-path",
56 | "tests/fixtures/test_data/acl.toml",
57 | ])
58 | .args(["--path", "tests/generated/test_storage"])
59 | .args(["--max-size", "1000"])
60 | .test_mode_args()
61 | .assert();
62 |
63 | assert
64 | .stdout(predicates::str::contains("Parsed socket address."))
65 | .stdout(predicates::str::contains("ACL is enabled."))
66 | .stdout(predicates::str::contains(
67 | "Authentication is enabled by default.",
68 | ))
69 | .stdout(predicates::str::contains("TLS is enabled."))
70 | .stdout(predicates::str::contains(
71 | "Listening on: `https://127.0.0.1:8001`",
72 | ))
73 | .stdout(predicates::str::contains("Shutting down gracefully ..."))
74 | .success();
75 |
76 | Ok(())
77 | }
78 |
79 | /// Use configured value
80 | #[rstest]
81 | #[file_serial]
82 | #[ignore = "FIXME: This test doesn't run in CI because it needs to bind to a port."]
83 | fn start_with_config_no_args(setup: Result) -> Result<()> {
84 | let mut config = RusticServerConfig::default();
85 | config.server.listen = Some(SocketAddr::from(([127, 0, 0, 1], 8081)));
86 | config.storage.quota = Some(1000);
87 | config.acl.acl_path = Some(PathBuf::from("tests/fixtures/test_data/acl.toml"));
88 | config.auth.htpasswd_file = Some(PathBuf::from("tests/fixtures/test_data/.htpasswd"));
89 |
90 | let assert = setup?
91 | .test_mode_args()
92 | .config(&config)
93 | .arg("serve")
94 | .assert();
95 |
96 | assert
97 | .stdout(predicates::str::contains("Using configuration file:"))
98 | .stdout(predicates::str::contains("ACL is enabled."))
99 | .stdout(predicates::str::contains("TLS is disabled."))
100 | .stdout(predicates::str::contains("Starting web server ..."))
101 | .stdout(predicates::str::contains(
102 | "Listening on: `http://127.0.0.1:8081`",
103 | ))
104 | .stdout(predicates::str::contains("Shutting down gracefully ..."))
105 | .success();
106 |
107 | Ok(())
108 | }
109 |
110 | /// Check merge precedence
111 | #[rstest]
112 | #[file_serial]
113 | #[ignore = "FIXME: This test doesn't run in CI because it needs to bind to a port."]
114 | fn start_with_config_and_args(setup: Result) -> Result<()> {
115 | let mut config = RusticServerConfig::default();
116 | config.server.listen = Some(SocketAddr::from(([127, 0, 0, 1], 8081)));
117 | config.acl.acl_path = Some(PathBuf::from("tests/fixtures/test_data/acl.toml"));
118 |
119 | let assert = setup?
120 | .test_mode_args()
121 | .config(&config)
122 | .arg("serve")
123 | .args(["--listen", "127.0.0.1:8001"])
124 | .args(["--htpasswd-file", "tests/fixtures/test_data/.htpasswd"])
125 | .assert();
126 |
127 | assert
128 | .stdout(predicates::str::contains("ACL is enabled."))
129 | .stdout(predicates::str::contains(
130 | "Authentication is enabled by default.",
131 | ))
132 | .stdout(predicates::str::contains("TLS is disabled."))
133 | .stdout(predicates::str::contains(
134 | "Listening on: `http://127.0.0.1:8001",
135 | ))
136 | .stdout(predicates::str::contains("Shutting down gracefully ..."))
137 | .success();
138 |
139 | Ok(())
140 | }
141 |
142 | // /// Override configured value with command-line argument
143 | // #[test]
144 | // fn start_with_config_and_args() {
145 | // let mut config = RusticServerConfig::default();
146 | // config.hello.recipient = "configured recipient".to_owned();
147 |
148 | // let mut runner = RUNNER.clone();
149 | // let mut cmd = runner
150 | // .config(&config)
151 | // .args(&["start", "acceptance", "test"])
152 | // .capture_stdout()
153 | // .run();
154 |
155 | // cmd.stdout().expect_line("Hello, acceptance test!");
156 | // cmd.wait().unwrap().expect_success();
157 | // }
158 |
159 | #[rstest]
160 | fn test_version_no_args_passes(setup: Result) -> Result<()> {
161 | let assert = setup?.arg("--version").assert();
162 |
163 | assert
164 | .stdout(predicates::str::contains(env!("CARGO_PKG_VERSION")))
165 | .success();
166 |
167 | Ok(())
168 | }
169 |
--------------------------------------------------------------------------------
/tests/integration/config.rs:
--------------------------------------------------------------------------------
1 | //! Support for writing config files and using them in tests
2 | //
3 | // Taken from https://github.com/iqlusioninc/abscissa/blob/091c84d388a8ec6a1e2d69b9f61cf4439c839de1/core/src/testing/config.rs
4 | // Licensed under Apache License Version 2.0, Copyright © 2018-2024 iqlusion
5 | //
6 | // The abscissa crate is distributed under the terms of the Apache License (Version 2.0).
7 | //
8 | // Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License.
9 | // You may obtain a copy of the License at https://www.apache.org/licenses/LICENSE-2.0
10 | // Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS,
11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
12 | // and limitations under the License.
13 | //
14 | // SPDX-License-Identifier: Apache-2.0
15 | //
16 | // Remove this file once the `abscissa` crate is updated to a version that exposes this functionality:
17 | // https://github.com/iqlusioninc/abscissa/pull/944
18 |
19 | use serde::Serialize;
20 | use std::{
21 | env,
22 | ffi::OsStr,
23 | fs::{self, File, OpenOptions},
24 | io::{self, Write},
25 | path::{Path, PathBuf},
26 | };
27 |
28 | /// Number of times to attempt to create a file before giving up
29 | const FILE_CREATE_ATTEMPTS: usize = 1024;
30 |
31 | /// Configuration file RAII guard which deletes it on completion
32 | #[derive(Debug)]
33 | pub struct ConfigFile {
34 | /// Path to the config file
35 | path: PathBuf,
36 | }
37 |
38 | impl ConfigFile {
39 | /// Create a config file by serializing it to the given location
40 | pub fn create(app_name: &OsStr, config: &C) -> Self
41 | where
42 | C: Serialize,
43 | {
44 | let (path, mut file) = Self::open(app_name);
45 |
46 | let config_toml = toml::to_string_pretty(config)
47 | .unwrap_or_else(|e| panic!("error serializing config as TOML: {}", e))
48 | .into_bytes();
49 |
50 | file.write_all(&config_toml)
51 | .unwrap_or_else(|e| panic!("error writing config to {}: {}", path.display(), e));
52 |
53 | Self { path }
54 | }
55 |
56 | /// Get path to the configuration file
57 | pub fn path(&self) -> &Path {
58 | self.path.as_ref()
59 | }
60 |
61 | /// Create a temporary filename for the config
62 | fn open(app_name: &OsStr) -> (PathBuf, File) {
63 | // TODO: fully `OsString`-based path building
64 | let filename_prefix = app_name.to_string_lossy().to_string();
65 |
66 | for n in 0..FILE_CREATE_ATTEMPTS {
67 | let filename = format!("{}-{}.toml", &filename_prefix, n);
68 | let path = env::temp_dir().join(filename);
69 |
70 | match OpenOptions::new().write(true).create_new(true).open(&path) {
71 | Ok(file) => return (path, file),
72 | Err(e) => {
73 | if e.kind() == io::ErrorKind::AlreadyExists {
74 | continue;
75 | } else {
76 | panic!("couldn't create {}: {}", path.display(), e);
77 | }
78 | }
79 | }
80 | }
81 |
82 | panic!(
83 | "couldn't create {}.toml after {} attempts!",
84 | filename_prefix, FILE_CREATE_ATTEMPTS
85 | )
86 | }
87 | }
88 |
89 | impl Drop for ConfigFile {
90 | fn drop(&mut self) {
91 | fs::remove_file(&self.path).unwrap_or_else(|e| {
92 | eprintln!("error removing {}: {}", self.path.display(), e);
93 | })
94 | }
95 | }
96 |
--------------------------------------------------------------------------------
/tests/integration/main.rs:
--------------------------------------------------------------------------------
1 | mod _impl;
2 | mod acceptance;
3 | pub(crate) mod config;
4 |
--------------------------------------------------------------------------------
3 | 
7 | 
9 | 
10 | 
13 | 
14 | 
3 |