about summary refs log tree commit diff
Commit message (Collapse)AuthorAgeFilesLines
* Expose custom CSS as a route feature/themesVika27 hours3-0/+44
| | | | | | | | The admin dashboard (that's not done yet) should include methods for setting this field. For now, it could very well be set through editing the database manually. #ManualUntilItHurts Change-Id: Ibef6fca5f1d19f237e660bf3a13b4d72c8c08a0a
* WIP: Theme supportVika27 hours11-17/+106
| | | | | | | | | | | Kittybox can now ship with several different stylesheets, provided by the renderer. Unknown stylesheets fall back to the default one, which is the same Kittybox has shipped since its inception. There's also a settings field for custom CSS, but it's not exposed anywhere yet. Change-Id: I2850dace5c40f9fed04b4651c551a861df5b83d3
* kittybox-frontend-renderer: factor out the `assets` module into a fileVika27 hours2-53/+48
| | | | Change-Id: I6138cfe8479ba8df9a1580049675c1dd84abdad1
* kittybox-indieauth: 0.3.1 → 0.3.2Vika27 hours3-3/+3
| | | | | | | Fix bug with the `IntrospectionEndpointAuthMethod` enum members being renamed incorrectly within serde Change-Id: I286330f8cb3b1270d342853ecd39ffbb95b3e164
* flake.nix: update cross-compilation notesVika27 hours1-3/+3
| | | | | | | | In newer versions of `crane`, cross-compilation ✨just works✨ with no extra set-up required. It's nice to see the Nix cross-compilation story improving. Change-Id: Ib3d0cc965a08d517b5526154dcd9afa40a98fc7c
* flake.lock: UpdateVika27 hours1-3/+3
| | | | | | | | | | Flake lock file updates: • Updated input 'crane': 'github:ipetkov/crane/72e2d02dbac80c8c86bf6bf3e785536acf8ee926' (2024-12-21) → 'github:ipetkov/crane/25ca4c50039d91ad88cc0b8feacb9ad7f748dedf' (2025-04-19) Change-Id: Ib474e0233cc963fe2e91aeb1af9586089cdd4874
* Extract various modules to their own files for convenienceVika47 hours4-151/+149
| | | | Change-Id: I571ec98b760a583300a810abd756e5f6f2bca25a
* Add `connect-src 'self';` to CSPVika5 days2-1/+4
| | | | | | | why is this a thing... should've just put `default-src 'self'` to get behavior similar to what was in the past Change-Id: I0d3850931fe97f87a1aa10223502791a78cbe7fc
* Add font-src directive to Content-Security-Policy to fix fontsVika5 days1-0/+1
| | | | Change-Id: I42a97a5a782174995b815b9d822250c594fb26a0
* indieauth: Grant `profile` scope to apps that didn't request any scopesVika5 days1-1/+13
| | | | | | | This should fix logging into legacy IndieAuth applications that don't request scopes. Change-Id: I7063f825fdd26ecf57aef52bc172d5bf81d05ca2
* kittybox-indieauth: 0.3.0 → 0.3.1Vika5 days3-2/+15
| | | | | | | `Scopes` now includes `len()` and `is_empty()` to check if an application didn't request any scopes. Change-Id: I7c9c0366131445b11374cf6e66ebbc3a9ba27e0b
* kittybox.1: use macros for italics, not escapesVika10 days1-7/+7
| | | | | | I've read the troff manual and now I am enlightened. Change-Id: I1c39db8f67081e35994ad64100a12d63d331f3ff
* Add a hand-written man pageVika11 days2-4/+116
| | | | Change-Id: I575d88828533d184fea86b4282b6ce1e4e5f40cd
* Create .git-blame-ignore-revsVika12 days1-0/+2
| | | | Change-Id: I403c2f856353e4762b3fb2e573b8f182cf4c5628
* cargo fmtVika12 days40-1791/+2893
| | | | Change-Id: I80e81ebba3f0cdf8c094451c9fe3ee4126b8c888
* Small fry clippy lintsVika12 days5-5/+9
| | | | Change-Id: I4b0bed232d6274d161bebafcee9ac22a63c01772
* kittybox-indieauth: 0.2.0 → 0.3.0Vika12 days5-16/+24
| | | | | | `ClientMetadata` now returns a `ClientIdMismatch` error type. Change-Id: I51d3adfd2114f6cb89948bb5ba54588dde795142
* Replace tuple from `normalize_mf2` with `NormalizedPost` structVika12 days3-30/+36
| | | | | | | | This is a little bit more idiomatic. Perhaps I should consider doing the same with other tuples I return? Change-Id: I85f0e5dc76b8212ab6d192376d8c38ce2048ae85
* templates-neo: removeVika12 days6-561/+1
| | | | | | | | The `html` crate is not currently maintained, and it's not exactly production-ready anyway. This was a fine experiment, but I don't think it currently belongs in-tree. Change-Id: I38019e5fb3ee549ec0b883dd7bd14f32dc746bdb
* Allow embedding the Bandcamp player for jam postsVika12 days1-0/+4
| | | | | | | Bandcamp embeds use iframes. I should probably collect more info on popular embeds and potentially allowlist them here. Change-Id: I7e0b4dae2ac052f6a48ad629c658b2bf851151ff
* Generate CSP using `concat!()`Vika12 days1-1/+10
| | | | | | This makes it more readable. Change-Id: Iefbdef1029c9759fe68ebc8fa61002e827e7d728
* kittybox-indieauth: add Eq to enumsVika12 days1-4/+4
| | | | | | You never know when you need it. Change-Id: I323d25977a5e4ee67768cee0f1f7d94b1997224a
* Add a class for demarcating diffusion image generator outputVika12 days1-2/+8
| | | | | | | | | I could expose the flag for generated images in the same way alt-text is currently represented. But this is for the future. I don't think I'll ever use this feature, this is just for completeness. Change-Id: Ide942b9cf8b03488c0cb50774e7a35f3e0fbdbaf
* Silence some Clippy warningsVika12 days3-0/+6
| | | | Change-Id: I264c278552cd7096b50a6a8fbacb90f62fc6c14f
* Fix .gitignoreVika12 days1-7/+6
| | | | | | Leftovers from my experiments with monorepos. Ugh. Change-Id: I1a98938fb92707377aec97b7559f81c5a4636554
* templates: declare explicit emoji font for counter iconsVika2025-03-131-0/+1
| | | | This fixes like icon rendering in WebKit.
* Remove lib.mdDoc from configuration.nixVika2025-01-041-4/+4
| | | | Change-Id: I81fe5b0432b31061c15b298d353e64822dd8c0ac
* Add a small note about the authorization confirmation endpoint dataVika2025-01-031-0/+7
| | | | Change-Id: I145777043c043163f7c7f3acbb405994d73b479f
* Fix the IndieAuth scriptVika2025-01-032-6/+3
| | | | Change-Id: I17af1bd69de0f885e28db161d9ca81fa199a8aa5
* kittybox-indieauth-helper: fix handler typesVika2025-01-031-16/+12
| | | | Change-Id: I991a3b935b4ae435acd852ee62a8d2893cf00950
* Harden default CSPVika2025-01-021-1/+1
| | | | Change-Id: I31362b3ec779a1eaea54c0d9567daa5de0ae0fc0
* Don't exclude fonts from Nix buildsVika2025-01-021-1/+1
| | | | Change-Id: I1b4e56874b86151c9b76495f3a1f63ba8bd527b3
* Allow arbitrary HTML in Markdown post contentVika2025-01-021-1/+11
| | | | | | Oh, that's how it's done. Fuck. Change-Id: I40c5296ba05ddec7aa277308520017e5068e6fc9
* Add styles for delimiting LLM quotes to the default themeVika2025-01-021-0/+19
| | | | | | Might be useful, who knows :3 Change-Id: I9f2886575cfa3ab0c89a074a494d97b5b2547e5c
* Vendor fonts into KittyboxVika2025-01-0214-24/+320
| | | | | | | These fonts are licensed under OFL 1.1, which means I can freely redistribute them. Ain't that nice? Change-Id: Ide32286305680865652db17c8d482b5ac0f20a50
* Fix CSP and allow Google FontsVika2025-01-021-1/+1
| | | | | | I really need to figure out how to rip fonts from Google Fonts. Change-Id: I66f62ca639bf399223a1cd030d057bdcc3bc0de1
* Set a minimal CSPVika2025-01-022-2/+7
| | | | | | | | | | | - Styles and scripts can now only be loaded from Kittybox (hint: use the media endpoint if you wish to upload custom CSS) - Inline scripts are now completely prohibited (this means it's safe to show arbitrary HTML from Webmentions) - `<base>` element is prohibited (who uses that anyway?) - Loading anything else is only allowed via HTTPS Change-Id: I285a18b71dd9860416b18dd0e88f8fe7c8511e0b
* Set X-Content-Type-Options: nosniffVika2025-01-023-6/+24
| | | | | | | | This prevents browsers from guessing the Content-Type, and since we're always making sure to serve with the known-correct content type, we don't need the browser to guess. Change-Id: I02550d6763969f999ec22ec41e5539f945ea7ca4
* axum: 0.7.9 → 0.8.1Vika2025-01-0111-62/+61
| | | | | | | | | | | | | Some breaking changes. For better or for worse. The optional extractor breaking change is a double-edged sword, since not all extractors can be used with `Option<T>` now, and you have to use `Result<T, T::Rejection>` even when you want to ignore an error coming from an extractor, such as `Query`. However, this allows catching errors on authorization extractors even in places where authorization is optional. Change-Id: I35f809d3adf27dbef0e7ee93dc1a7af178b7d014
* distributed-test: wait for Kittybox to start up explicitlyVika2025-01-011-1/+2
| | | | | | | Makes logs more readable, because we aren't confused on concurrency that the socket listener introduces. Change-Id: Id471d314a1507b5b48d6fa53ba9ca743977c1c6a
* distributed-test: add Postgres-based job queueVika2025-01-011-0/+22
| | | | | | | | This test historically existed to showcase clustering via NFS, so we don't use the Postgres backend for the data. That would be too easy. Instead, we only use it for the webmention job queue! Change-Id: I975893b974063f24f2761186df57db4b876366f6
* PGPASS → PGPASSWORDVika2025-01-012-19/+4
| | | | | | | | Turns out sqlx natively reads a plaintext password from this variable, otherwise from the `$PGPASSFILE`, otherwise from `$HOME/.pgpass`, so I don't need custom logic around passwords. Yay for sqlx being smart! Change-Id: I14858903ea1605469f9ea8095dc3bb056f617e85
* Add a dev-shell and a check to verify MSRVVika2025-01-012-18/+43
| | | | | | This builds the entire crate using my chosen MSRV. Isn't that nice? Change-Id: I8bbe47cc5db63ab3f27616a9e3576a50d349b89b
* Remove Docker containerVika2025-01-012-48/+0
| | | | | | It was outdated. Anyway, Docker is no longer in vogue anyway. Change-Id: Ic1ace406f3f8453de174ee465d0db6d17502822e
* Give NixOS e2e tests unique names in CIVika2025-01-013-3/+3
| | | | Change-Id: I6f9262d94736debf23c8f21618ed49ace8b2b8eb
* Bump MSRV to 1.81 due to dependency using error_in_coreVika2025-01-011-1/+1
| | | | Change-Id: I8c0ccf651d05b33fa33cbf8bb454b27ad6b9af98
* Fix Postgres setup in testsVika2025-01-013-9/+3
| | | | Change-Id: Ibc26d9700faa0c25663146871924ee196dc62274
* cargo update, bump msrv to match microformats crateVika2025-01-012-5/+5
| | | | | | I need to actually verify the msrv tho Change-Id: I61ce30845b9a076849ebc6adde65e58763b3741e
* Partially appease clippyVika2025-01-015-8/+7
| | | | | | | Some false positives on `serde(rename)` remain, as well as lints still requiring my attention. Change-Id: I3166771af20b2d07c6226b3b1a9d15fe36152356
* Get rid of base64 and hex in favor of data_encoding crateVika2025-01-015-15/+16
| | | | | | Less dependency duplication = more fun Change-Id: Icbd0497a68fdd5bea3757e3c62c80008b87bce96
generated by cgit-pink 1.4.1 (git 2.36.1) at 2025-04-21 09:32:41 +0000