diff --git a/.forgejo/workflows/check.yml b/.forgejo/workflows/check.yml index e2786f2..80adea4 100644 --- a/.forgejo/workflows/check.yml +++ b/.forgejo/workflows/check.yml @@ -1,21 +1,29 @@ on: [push] jobs: + check-renovaterc: + runs-on: nixos + steps: + - uses: https://git.salame.cl/actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + - name: Validate renovaterc + run: | + nix --version + nix shell nixpkgs#renovate --command renovate-config-validator build: runs-on: nixos steps: - uses: https://git.salame.cl/actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - - run: nix --version - name: Build Package run: | + nix --version nix build --print-build-logs .# - check-integration-tests: + test: needs: build # we use the built binaries in the checks runs-on: nixos steps: - uses: https://git.salame.cl/actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - - run: nix --version - name: Run tests run: | + nix --version nix-fast-build --max-jobs 2 --no-nom --skip-cached --no-link \ --flake ".#checks.$(nix eval --raw --impure --expr builtins.currentSystem)" report-size: @@ -25,7 +33,7 @@ jobs: - uses: https://git.salame.cl/actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - run: nix --version - name: Generate size report - uses: "https://git.salame.cl/jalil/nix-flake-outputs-size@b7e76df81383680ae01fada8db4d2c6f99391d8b" # main + uses: "https://git.salame.cl/jalil/nix-flake-outputs-size@5c40a31e3e2ed0ea28f8ba68deca41d05fdf2e71" # main with: comment-on-pr: ${{ github.ref_name != 'main' }} generate-artifact: ${{ github.ref_name == 'main' }} diff --git a/.forgejo/workflows/renovate.yml b/.forgejo/workflows/renovate.yml deleted file mode 100644 index 8d0fc54..0000000 --- a/.forgejo/workflows/renovate.yml +++ /dev/null @@ -1,14 +0,0 @@ -on: - push: - paths: - # only run if the renovate config changed - - renovate.json -jobs: - check-renovaterc: - runs-on: nixos - steps: - - uses: https://git.salame.cl/actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - - run: nix --version - - name: Validate renovaterc - run: | - nix shell nixpkgs#renovate --command renovate-config-validator diff --git a/Cargo.lock b/Cargo.lock index cffacdc..cad88f4 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -78,9 +78,9 @@ dependencies = [ [[package]] name = "axum" -version = "0.8.4" +version = "0.8.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "021e862c184ae977658b36c4500f7feac3221ca5da43e3f25bd04ab6c79a29b5" +checksum = "6d6fd624c75e18b3b4c6b9caf42b1afe24437daaee904069137d8bab077be8b8" dependencies = [ "axum-core", "bytes", @@ -112,9 +112,9 @@ dependencies = [ [[package]] name = "axum-client-ip" -version = "1.0.0" +version = "0.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b9329923fe6c30624095e63cb6c25796b32ffbf5d1da8c3a95d1054c301db92a" +checksum = "dff8ee1869817523c8f91c20bf17fd932707f66c2e7e0b0f811b29a227289562" dependencies = [ "axum", "forwarded-header-value", @@ -123,12 +123,12 @@ dependencies = [ [[package]] name = "axum-core" -version = "0.5.2" +version = "0.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "68464cd0412f486726fb3373129ef5d2993f90c34bc2bc1c1e9943b2f4fc7ca6" +checksum = "df1362f362fd16024ae199c1970ce98f9661bf5ef94b9808fee734bc3698b733" dependencies = [ "bytes", - "futures-core", + "futures-util", "http", "http-body", "http-body-util", @@ -143,9 +143,9 @@ dependencies = [ [[package]] name = "backtrace" -version = "0.3.75" +version = "0.3.74" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6806a6321ec58106fea15becdad98371e28d92ccbc7c8f1b3b6dd724fe8f1002" +checksum = "8d82cb332cdfaed17ae235a638438ac4d4839913cc2af585c3c6746e8f8bee1a" dependencies = [ "addr2line", "cfg-if", @@ -173,9 +173,9 @@ checksum = "72b3254f16251a8381aa12e40e3c4d2f0199f8c6508fbecb9d91f575e0fbb8c6" [[package]] name = "bitflags" -version = "2.9.1" +version = "2.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1b8e56985ec62d17e9c1001dc89c88ecd7dc08e47eba5ec7c29c7b5eeecde967" +checksum = "5c8214115b7bf84099f1309324e63141d4c5d7cc26862f97a0a857dbefe165bd" [[package]] name = "bytes" @@ -185,9 +185,9 @@ checksum = "d71b6127be86fdcfddb610f7182ac57211d4b18a3e9c82eb2d17662f2227ad6a" [[package]] name = "cc" -version = "1.2.22" +version = "1.2.16" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "32db95edf998450acc7881c932f94cd9b05c87b4b2599e8bab064753da4acfd1" +checksum = "be714c154be609ec7f5dad223a33bf1482fff90472de28f7362806e6d4832b8c" dependencies = [ "shlex", ] @@ -200,9 +200,9 @@ checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" [[package]] name = "clap" -version = "4.5.38" +version = "4.5.32" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ed93b9805f8ba930df42c2590f05453d5ec36cbb85d018868a5b24d31f6ac000" +checksum = "6088f3ae8c3608d19260cd7445411865a485688711b78b5be70d78cd96136f83" dependencies = [ "clap_builder", "clap_derive", @@ -220,9 +220,9 @@ dependencies = [ [[package]] name = "clap_builder" -version = "4.5.38" +version = "4.5.32" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "379026ff283facf611b0ea629334361c4211d1b12ee01024eec1591133b04120" +checksum = "22a7ef7f676155edfb82daa97f99441f3ebf4a58d5e32f295a56259f1b6facc8" dependencies = [ "anstream", "anstyle", @@ -274,12 +274,12 @@ checksum = "34aa73646ffb006b8f5147f3dc182bd4bcb190227ce861fc4a4844bf8e3cb2c0" [[package]] name = "errno" -version = "0.3.12" +version = "0.3.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cea14ef9355e3beab063703aa9dab15afd25f0667c341310c1e5274bb1d0da18" +checksum = "33d852cb9b869c2a9b3df2f71a3074817f01e1844f839a144f5fcef059a4eb5d" dependencies = [ "libc", - "windows-sys 0.59.0", + "windows-sys 0.52.0", ] [[package]] @@ -342,9 +342,9 @@ dependencies = [ [[package]] name = "getrandom" -version = "0.2.16" +version = "0.2.15" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "335ff9f135e4384c8150d6f27c6daed433577f86b4750418338c01a1a2528592" +checksum = "c4567c8db10ae91089c99af84c68c38da3ec2f087c3f82960bcdbf3656b6f4d7" dependencies = [ "cfg-if", "libc", @@ -436,9 +436,9 @@ dependencies = [ [[package]] name = "hyper-util" -version = "0.1.11" +version = "0.1.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "497bbc33a26fdd4af9ed9c70d63f61cf56a938375fbb32df34db9b1cd6d643f2" +checksum = "df2dcfbe0677734ab2f3ffa7fa7bfd4706bfdc1ef393f2ee30184aed67e631b4" dependencies = [ "bytes", "futures-util", @@ -452,12 +452,14 @@ dependencies = [ [[package]] name = "insta" -version = "1.43.1" +version = "1.42.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "154934ea70c58054b556dd430b99a98c2a7ff5309ac9891597e339b5c28f4371" +checksum = "50259abbaa67d11d2bcafc7ba1d094ed7a0c70e3ce893f0d0997f73558cb3084" dependencies = [ "console", + "linked-hash-map", "once_cell", + "pin-project", "serde", "similar", ] @@ -488,21 +490,27 @@ checksum = "bbd2bcb4c963f2ddae06a2efc7e9f3591312473c50c6685e1f298068316e66fe" [[package]] name = "libc" -version = "0.2.172" +version = "0.2.171" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d750af042f7ef4f724306de029d18836c26c1765a54a6a3f094cbd23a7267ffa" +checksum = "c19937216e9d3aa9956d9bb8dfc0b0c8beb6058fc4f7a4dc4d850edf86a237d6" + +[[package]] +name = "linked-hash-map" +version = "0.5.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0717cef1bc8b636c6e1c1bbdefc09e6322da8a9321966e8928ef80d20f7f770f" [[package]] name = "linux-raw-sys" -version = "0.9.4" +version = "0.9.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cd945864f07fe9f5371a27ad7b52a172b4b499999f1d97574c9fa68373937e12" +checksum = "fe7db12097d22ec582439daf8618b8fdd1a7bef6270e9af3b1ebcd30893cf413" [[package]] name = "log" -version = "0.4.27" +version = "0.4.26" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "13dc2df351e3202783a1fe0d44375f7295ffb4049267b0f3018346dc122a1d94" +checksum = "30bde2b3dc3671ae49d8e2e9f044c7c005836e7a023ee57cffa25ab82764bb9e" [[package]] name = "matchers" @@ -527,9 +535,9 @@ checksum = "78ca9ab1a0babb1e7d5695e3530886289c18cf2f87ec19a575a0abdce112e3a3" [[package]] name = "miette" -version = "7.6.0" +version = "7.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5f98efec8807c63c752b5bd61f862c165c115b0a35685bdcfd9238c7aeb592b7" +checksum = "1a955165f87b37fd1862df2a59547ac542c77ef6d17c666f619d1ad22dd89484" dependencies = [ "backtrace", "backtrace-ext", @@ -541,14 +549,15 @@ dependencies = [ "supports-unicode", "terminal_size", "textwrap", + "thiserror 1.0.69", "unicode-width 0.1.14", ] [[package]] name = "miette-derive" -version = "7.6.0" +version = "7.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "db5b29714e950dbb20d5e6f74f9dcec4edbcc1067bb7f8ed198c097b8c1a818b" +checksum = "bf45bf44ab49be92fd1227a3be6fc6f617f1a337c06af54981048574d8783147" dependencies = [ "proc-macro2", "quote", @@ -563,9 +572,9 @@ checksum = "6877bb514081ee2a7ff5ef9de3281f14a4dd4bceac4c09388074a6b5df8a139a" [[package]] name = "miniz_oxide" -version = "0.8.8" +version = "0.8.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3be647b768db090acb35d5ec5db2b0e1f1de11133ca123b9eacf5137868f892a" +checksum = "8e3e04debbb59698c15bacbb6d93584a8c0ca9cc3213cb423d31f760d8843ce5" dependencies = [ "adler2", ] @@ -608,9 +617,9 @@ dependencies = [ [[package]] name = "once_cell" -version = "1.21.3" +version = "1.21.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "42f5e15c9953c5e4ccceeb2e7382a716482c34515315f7b03532b8b4e8393d2d" +checksum = "d75b0bedcc4fe52caa0e03d9f1151a323e4aa5e2d78ba3580400cd3c9e2bc4bc" [[package]] name = "overload" @@ -620,9 +629,9 @@ checksum = "b15813163c1d831bf4a13c3610c05c0d03b39feb07f7e09fa234dac9b15aaf39" [[package]] name = "owo-colors" -version = "4.2.1" +version = "4.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "26995317201fa17f3656c36716aed4a7c81743a9634ac4c99c0eeda495db0cec" +checksum = "1036865bb9422d3300cf723f657c2851d0e9ab12567854b1f4eba3d77decf564" [[package]] name = "percent-encoding" @@ -630,6 +639,26 @@ version = "2.3.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e3148f5046208a5d56bcfc03053e3ca6334e51da8dfb19b6cdc8b306fae3283e" +[[package]] +name = "pin-project" +version = "1.1.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "677f1add503faace112b9f1373e43e9e054bfdd22ff1a63c1bc485eaec6a6a8a" +dependencies = [ + "pin-project-internal", +] + +[[package]] +name = "pin-project-internal" +version = "1.1.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6e918e4ff8c4549eb882f14b3a4bc8c8bc93de829416eacf579f1207a8fbf861" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + [[package]] name = "pin-project-lite" version = "0.2.16" @@ -644,9 +673,9 @@ checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184" [[package]] name = "proc-macro2" -version = "1.0.95" +version = "1.0.94" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "02b3e5e68a3a1a02aad3ec490a98007cbc13c37cbe84a3cd7b8e406d76e7f778" +checksum = "a31971752e70b8b2686d7e46ec17fb38dad4051d94024c88df49b667caea9c84" dependencies = [ "unicode-ident", ] @@ -726,15 +755,15 @@ checksum = "719b953e2095829ee67db738b3bfa9fa368c94900df327b3f07fe6e794d2fe1f" [[package]] name = "rustix" -version = "1.0.7" +version = "1.0.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c71e83d6afe7ff64890ec6b71d6a69bb8a610ab78ce364b3352876bb4c801266" +checksum = "e56a18552996ac8d29ecc3b190b4fdbb2d91ca4ec396de7bbffaf43f3d637e96" dependencies = [ "bitflags", "errno", "libc", "linux-raw-sys", - "windows-sys 0.59.0", + "windows-sys 0.52.0", ] [[package]] @@ -820,9 +849,9 @@ checksum = "0fda2ff0d084019ba4d7c6f371c95d8fd75ce3524c3cb8fb653a3023f6323e64" [[package]] name = "signal-hook-registry" -version = "1.4.5" +version = "1.4.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9203b8055f63a2a00e2f593bb0510367fe707d7ff1e5c872de2f537b339e5410" +checksum = "a9e9e0b4211b72e7b8b6e85c807d36c212bdb33ea8587f7569562a84df5465b1" dependencies = [ "libc", ] @@ -835,15 +864,15 @@ checksum = "bbbb5d9659141646ae647b42fe094daf6c6192d1620870b449d9557f748b2daa" [[package]] name = "smallvec" -version = "1.15.0" +version = "1.14.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8917285742e9f3e1683f0a9c4e6b57960b7314d0b08d30d1ecd426713ee2eee9" +checksum = "7fcf8323ef1faaee30a44a340193b1ac6814fd9b7b4e88e9d4519a3e4abe1cfd" [[package]] name = "socket2" -version = "0.5.9" +version = "0.5.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4f5fd57c80058a56cf5c777ab8a126398ece8e442983605d280a44ce79d0edef" +checksum = "c970269d99b64e60ec3bd6ad27270092a5394c4e309314b18ae3fe575695fbe8" dependencies = [ "libc", "windows-sys 0.52.0", @@ -878,9 +907,9 @@ checksum = "b7401a30af6cb5818bb64852270bb722533397edcfc7344954a38f420819ece2" [[package]] name = "syn" -version = "2.0.101" +version = "2.0.100" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8ce2b7fc941b3a24138a0a7cf8e858bfc6a992e7978a068a5c760deb0ed43caf" +checksum = "b09a44accad81e1ba1cd74a32461ba89dee89095ba17b32f5d03683b1b1fc2a0" dependencies = [ "proc-macro2", "quote", @@ -965,9 +994,9 @@ dependencies = [ [[package]] name = "tokio" -version = "1.45.0" +version = "1.44.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2513ca694ef9ede0fb23fe71a4ee4107cb102b9dc1930f6d0fd77aae068ae165" +checksum = "f382da615b842244d4b8738c82ed1275e6c5dd90c459a30941cd07080b06c91a" dependencies = [ "backtrace", "bytes", @@ -1009,9 +1038,9 @@ dependencies = [ [[package]] name = "tower-http" -version = "0.6.4" +version = "0.6.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0fdb0c213ca27a9f57ab69ddb290fd80d970922355b83ae380b395d3986b8a2e" +checksum = "403fa3b783d4b626a8ad51d766ab03cb6d2dbfc46b1c5d4448395e6628dc9697" dependencies = [ "bitflags", "bytes", diff --git a/Cargo.toml b/Cargo.toml index 9d91caf..ee5cfbf 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -3,7 +3,7 @@ description = "An HTTP server using HTTP basic auth to make secure calls to nsup name = "webnsupdate" version = "0.3.6" edition = "2021" -license = "MIT" +license-file = "LICENSE" readme = "README.md" keywords = ["dns", "dyndns", "dynamic-ip"] categories = ["networking", "dns", "dyndns"] @@ -16,7 +16,7 @@ pedantic = { level = "warn", priority = -1 } [dependencies] axum = "0.8" -axum-client-ip = "1.0" +axum-client-ip = "0.7" base64 = "0.22" clap = { version = "4", features = ["derive", "env"] } clap-verbosity-flag = { version = "3", default-features = false, features = [ @@ -35,7 +35,7 @@ tracing = "0.1" tracing-subscriber = { version = "0.3", features = ["env-filter"] } [dev-dependencies] -insta = { version = "=1.43.1", features = ["json"] } +insta = { version = "=1.42.2", features = ["json"] } [profile.release] opt-level = "s" diff --git a/flake-modules/default.nix b/flake-modules/default.nix index 7cf532e..6736a16 100644 --- a/flake-modules/default.nix +++ b/flake-modules/default.nix @@ -1,8 +1,4 @@ -{ lib, inputs, ... }: -let - webnsupdate = ../module.nix; - cargoToml = lib.importTOML ../Cargo.toml; -in +{ inputs, ... }: { imports = [ inputs.treefmt-nix.flakeModule @@ -10,10 +6,14 @@ in ./tests.nix ]; - flake.nixosModules = { - default = webnsupdate; - inherit webnsupdate; - }; + flake.nixosModules = + let + webnsupdate = ../module.nix; + in + { + default = webnsupdate; + inherit webnsupdate; + }; perSystem = { pkgs, ... }: @@ -23,10 +23,7 @@ in projectRootFile = "flake.nix"; programs = { nixfmt.enable = true; - rustfmt = { - enable = true; - inherit (cargoToml.package) edition; # respect the package's edition - }; + rustfmt.enable = true; statix.enable = true; typos.enable = true; }; diff --git a/flake.lock b/flake.lock index 222ce24..4c2f403 100644 --- a/flake.lock +++ b/flake.lock @@ -2,11 +2,11 @@ "nodes": { "crane": { "locked": { - "lastModified": 1747260204, - "narHash": "sha256-KUb6MFWc2DYeTCmcEkrBrrqhxAgO6NHZh5qQKwsjG6I=", + "lastModified": 1742394900, + "narHash": "sha256-vVOAp9ahvnU+fQoKd4SEXB2JG2wbENkpqcwlkIXgUC0=", "owner": "ipetkov", "repo": "crane", - "rev": "7f85510df37247c86a0c44032f49aa18292ee11f", + "rev": "70947c1908108c0c551ddfd73d4f750ff2ea67cd", "type": "github" }, "original": { @@ -22,11 +22,11 @@ ] }, "locked": { - "lastModified": 1743550720, - "narHash": "sha256-hIshGgKZCgWh6AYJpJmRgFdR3WUbkY04o82X05xqQiY=", + "lastModified": 1741352980, + "narHash": "sha256-+u2UunDA4Cl5Fci3m7S643HzKmIDAe+fiXrLqYsR2fs=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "c621e8422220273271f52058f618c94e405bb0f5", + "rev": "f4330d22f1c5d2ba72d3d22df5597d123fdb60a9", "type": "github" }, "original": { @@ -37,15 +37,18 @@ }, "nixpkgs": { "locked": { - "lastModified": 1747275534, - "narHash": "sha256-isj7Hlm5+PuoyyfVWOWgv52WXaKV6QgegYr9UKjBeQ4=", - "rev": "adaa24fbf46737f3f1b5497bf64bae750f82942e", - "type": "tarball", - "url": "https://releases.nixos.org/nixos/unstable/nixos-25.05pre799423.adaa24fbf467/nixexprs.tar.xz?rev=adaa24fbf46737f3f1b5497bf64bae750f82942e" + "lastModified": 1742288794, + "narHash": "sha256-Txwa5uO+qpQXrNG4eumPSD+hHzzYi/CdaM80M9XRLCo=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "b6eaf97c6960d97350c584de1b6dcff03c9daf42", + "type": "github" }, "original": { - "type": "tarball", - "url": "https://channels.nixos.org/nixos-unstable/nixexprs.tar.xz" + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" } }, "root": { @@ -79,11 +82,11 @@ ] }, "locked": { - "lastModified": 1747299117, - "narHash": "sha256-JGjCVbxS+9t3tZ2IlPQ7sdqSM4c+KmIJOXVJPfWmVOU=", + "lastModified": 1742370146, + "narHash": "sha256-XRE8hL4vKIQyVMDXykFh4ceo3KSpuJF3ts8GKwh5bIU=", "owner": "numtide", "repo": "treefmt-nix", - "rev": "e758f27436367c23bcd63cd973fa5e39254b530e", + "rev": "adc195eef5da3606891cedf80c0d9ce2d3190808", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 347a1d6..f93aaca 100644 --- a/flake.nix +++ b/flake.nix @@ -6,7 +6,7 @@ url = "github:hercules-ci/flake-parts"; inputs.nixpkgs-lib.follows = "nixpkgs"; }; - nixpkgs.url = "https://channels.nixos.org/nixos-unstable/nixexprs.tar.xz"; + nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; systems.url = "github:nix-systems/default"; treefmt-nix = { url = "github:numtide/treefmt-nix"; diff --git a/src/config.rs b/src/config.rs index d8523b2..6e4af7f 100644 --- a/src/config.rs +++ b/src/config.rs @@ -4,7 +4,7 @@ use std::{ path::PathBuf, }; -use axum_client_ip::ClientIpSource; +use axum_client_ip::SecureClientIpSource; use miette::{Context, IntoDiagnostic}; #[derive(Debug, Default, Clone, Copy, serde::Deserialize, serde::Serialize)] @@ -99,9 +99,9 @@ pub struct Records { /// Set client IP source /// - /// see: + /// see: #[serde(default = "default_ip_source")] - pub ip_source: ClientIpSource, + pub ip_source: SecureClientIpSource, /// Set which IPs to allow updating (ipv4, ipv6 or both) #[serde(default = "default_ip_type")] @@ -198,8 +198,8 @@ fn default_address() -> SocketAddr { SocketAddr::new(IpAddr::V4(Ipv4Addr::LOCALHOST), 5353) } -fn default_ip_source() -> ClientIpSource { - ClientIpSource::RightmostXForwardedFor +fn default_ip_source() -> SecureClientIpSource { + SecureClientIpSource::RightmostXForwardedFor } fn default_ip_type() -> IpType { diff --git a/src/main.rs b/src/main.rs index f7e6fcb..210b481 100644 --- a/src/main.rs +++ b/src/main.rs @@ -10,7 +10,7 @@ use axum::{ routing::get, Router, }; -use axum_client_ip::ClientIp; +use axum_client_ip::SecureClientIp; use base64::{engine::general_purpose::URL_SAFE_NO_PAD, Engine}; use clap::{Parser, Subcommand}; use clap_verbosity_flag::Verbosity; @@ -230,6 +230,29 @@ struct Ipv6Prefix { length: u32, } +impl Ipv6Prefix { + /// Create an [`Ipv6Addr`] from a prefix and a client id + pub fn with_client_id(self, client_id: Ipv6Addr) -> Ipv6Addr { + let Self { prefix, length } = self; + // Clear the last `length` bits + let prefix_mask = u128::MAX << length; + let client_mask = !prefix_mask; + let prefix = prefix.to_bits(); + let client = client_id.to_bits(); + debug_assert_eq!( + prefix & client_mask, + 0, + "prefix contains bits in client id part" + ); + debug_assert_eq!( + client & prefix_mask, + 0, + "client id contains bits in prefix part" + ); + Ipv6Addr::from_bits((prefix & prefix_mask) | (client & client_mask)) + } +} + impl std::fmt::Display for Ipv6Prefix { fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result { let Self { prefix, length } = self; @@ -456,7 +479,7 @@ impl FritzBoxUpdateParams { #[tracing::instrument(skip(state), level = "trace", ret(level = "info"))] async fn update_records( State(state): State>, - ClientIp(ip): ClientIp, + SecureClientIp(ip): SecureClientIp, Query(update_params): Query, ) -> axum::response::Result<&'static str> { info!("accepted update from {ip}");