about summary refs log tree commit diff
Commit message (Collapse)AuthorAgeFilesLines
* kittybox.1: explicit paragraphs instead of line breaks HEAD mainVika2025-05-011-5/+4
| | | | Change-Id: I700e780e008247a001a580980baf2ef983594c02
* kittybox.1: change spacing for compactnessVika2025-04-221-9/+0
| | | | Change-Id: I48e0d66c2be2c00238c8cfdc6f2ec803feb4f1a2
* Update cargo dependenciesVika2025-04-202-609/+790
| | | | | | | | | | | | | | | cargo's dependency management is really a double-edged sword. I'd very much prefer the distributions to package and update dependencies, but cargo also makes it very easy to bring in code without needing to vendor packages or similar. I suppose everything has trade-offs. With C, I would either have to make a separate shared library or vendor code, resulting in code duplication. With Cargo, I can rely on `crates.io` to provide tidbits of code to me, but I'll have to keep them updated by running `cargo update` and `cargo upgrade` often. Change-Id: Ib5cee6f63f1e895dcefe12920755ecb25f994305
* remove the prometheus crate, as it was unusedVika2025-04-203-69/+0
| | | | Change-Id: Icae13f2daf5b584b70149ac5dcce342461b96815
* kittybox-indieauth: 0.3.2 → 0.3.3Vika2025-04-203-3/+6
| | | | | | aaaaaaaaaaaaaaaa Change-Id: Idf31ef5bfa60cdeb1a4a3a2ada91f4bbc21a946f
* kittybox-frontend-renderer: factor out the `assets` module into a fileVika2025-04-202-53/+48
| | | | Change-Id: I6138cfe8479ba8df9a1580049675c1dd84abdad1
* kittybox-indieauth: 0.3.1 → 0.3.2Vika2025-04-203-3/+3
| | | | | | | Fix bug with the `IntrospectionEndpointAuthMethod` enum members being renamed incorrectly within serde Change-Id: I286330f8cb3b1270d342853ecd39ffbb95b3e164
* flake.nix: update cross-compilation notesVika2025-04-201-3/+3
| | | | | | | | In newer versions of `crane`, cross-compilation ✨just works✨ with no extra set-up required. It's nice to see the Nix cross-compilation story improving. Change-Id: Ib3d0cc965a08d517b5526154dcd9afa40a98fc7c
* flake.lock: UpdateVika2025-04-201-3/+3
| | | | | | | | | | Flake lock file updates: • Updated input 'crane': 'github:ipetkov/crane/72e2d02dbac80c8c86bf6bf3e785536acf8ee926' (2024-12-21) → 'github:ipetkov/crane/25ca4c50039d91ad88cc0b8feacb9ad7f748dedf' (2025-04-19) Change-Id: Ib474e0233cc963fe2e91aeb1af9586089cdd4874
* Extract various modules to their own files for convenienceVika2025-04-194-151/+149
| | | | Change-Id: I571ec98b760a583300a810abd756e5f6f2bca25a
* Add `connect-src 'self';` to CSPVika2025-04-162-1/+4
| | | | | | | why is this a thing... should've just put `default-src 'self'` to get behavior similar to what was in the past Change-Id: I0d3850931fe97f87a1aa10223502791a78cbe7fc
* Add font-src directive to Content-Security-Policy to fix fontsVika2025-04-161-0/+1
| | | | Change-Id: I42a97a5a782174995b815b9d822250c594fb26a0
* indieauth: Grant `profile` scope to apps that didn't request any scopesVika2025-04-161-1/+13
| | | | | | | This should fix logging into legacy IndieAuth applications that don't request scopes. Change-Id: I7063f825fdd26ecf57aef52bc172d5bf81d05ca2
* kittybox-indieauth: 0.3.0 → 0.3.1Vika2025-04-163-2/+15
| | | | | | | `Scopes` now includes `len()` and `is_empty()` to check if an application didn't request any scopes. Change-Id: I7c9c0366131445b11374cf6e66ebbc3a9ba27e0b
* kittybox.1: use macros for italics, not escapesVika2025-04-111-7/+7
| | | | | | I've read the troff manual and now I am enlightened. Change-Id: I1c39db8f67081e35994ad64100a12d63d331f3ff
* Add a hand-written man pageVika2025-04-102-4/+116
| | | | Change-Id: I575d88828533d184fea86b4282b6ce1e4e5f40cd
* Create .git-blame-ignore-revsVika2025-04-091-0/+2
| | | | Change-Id: I403c2f856353e4762b3fb2e573b8f182cf4c5628
* cargo fmtVika2025-04-0940-1791/+2893
| | | | Change-Id: I80e81ebba3f0cdf8c094451c9fe3ee4126b8c888
* Small fry clippy lintsVika2025-04-095-5/+9
| | | | Change-Id: I4b0bed232d6274d161bebafcee9ac22a63c01772
* kittybox-indieauth: 0.2.0 → 0.3.0Vika2025-04-095-16/+24
| | | | | | `ClientMetadata` now returns a `ClientIdMismatch` error type. Change-Id: I51d3adfd2114f6cb89948bb5ba54588dde795142
* Replace tuple from `normalize_mf2` with `NormalizedPost` structVika2025-04-093-30/+36
| | | | | | | | This is a little bit more idiomatic. Perhaps I should consider doing the same with other tuples I return? Change-Id: I85f0e5dc76b8212ab6d192376d8c38ce2048ae85
* templates-neo: removeVika2025-04-096-561/+1
| | | | | | | | The `html` crate is not currently maintained, and it's not exactly production-ready anyway. This was a fine experiment, but I don't think it currently belongs in-tree. Change-Id: I38019e5fb3ee549ec0b883dd7bd14f32dc746bdb
* Allow embedding the Bandcamp player for jam postsVika2025-04-091-0/+4
| | | | | | | Bandcamp embeds use iframes. I should probably collect more info on popular embeds and potentially allowlist them here. Change-Id: I7e0b4dae2ac052f6a48ad629c658b2bf851151ff
* Generate CSP using `concat!()`Vika2025-04-091-1/+10
| | | | | | This makes it more readable. Change-Id: Iefbdef1029c9759fe68ebc8fa61002e827e7d728
* kittybox-indieauth: add Eq to enumsVika2025-04-091-4/+4
| | | | | | You never know when you need it. Change-Id: I323d25977a5e4ee67768cee0f1f7d94b1997224a
* Add a class for demarcating diffusion image generator outputVika2025-04-091-2/+8
| | | | | | | | | I could expose the flag for generated images in the same way alt-text is currently represented. But this is for the future. I don't think I'll ever use this feature, this is just for completeness. Change-Id: Ide942b9cf8b03488c0cb50774e7a35f3e0fbdbaf
* Silence some Clippy warningsVika2025-04-093-0/+6
| | | | Change-Id: I264c278552cd7096b50a6a8fbacb90f62fc6c14f
* Fix .gitignoreVika2025-04-091-7/+6
| | | | | | Leftovers from my experiments with monorepos. Ugh. Change-Id: I1a98938fb92707377aec97b7559f81c5a4636554
* templates: declare explicit emoji font for counter iconsVika2025-03-131-0/+1
| | | | This fixes like icon rendering in WebKit.
* Remove lib.mdDoc from configuration.nixVika2025-01-041-4/+4
| | | | Change-Id: I81fe5b0432b31061c15b298d353e64822dd8c0ac
* Add a small note about the authorization confirmation endpoint dataVika2025-01-031-0/+7
| | | | Change-Id: I145777043c043163f7c7f3acbb405994d73b479f
* Fix the IndieAuth scriptVika2025-01-032-6/+3
| | | | Change-Id: I17af1bd69de0f885e28db161d9ca81fa199a8aa5
* kittybox-indieauth-helper: fix handler typesVika2025-01-031-16/+12
| | | | Change-Id: I991a3b935b4ae435acd852ee62a8d2893cf00950
* Harden default CSPVika2025-01-021-1/+1
| | | | Change-Id: I31362b3ec779a1eaea54c0d9567daa5de0ae0fc0
* Don't exclude fonts from Nix buildsVika2025-01-021-1/+1
| | | | Change-Id: I1b4e56874b86151c9b76495f3a1f63ba8bd527b3
* Allow arbitrary HTML in Markdown post contentVika2025-01-021-1/+11
| | | | | | Oh, that's how it's done. Fuck. Change-Id: I40c5296ba05ddec7aa277308520017e5068e6fc9
* Add styles for delimiting LLM quotes to the default themeVika2025-01-021-0/+19
| | | | | | Might be useful, who knows :3 Change-Id: I9f2886575cfa3ab0c89a074a494d97b5b2547e5c
* Vendor fonts into KittyboxVika2025-01-0214-24/+320
| | | | | | | These fonts are licensed under OFL 1.1, which means I can freely redistribute them. Ain't that nice? Change-Id: Ide32286305680865652db17c8d482b5ac0f20a50
* Fix CSP and allow Google FontsVika2025-01-021-1/+1
| | | | | | I really need to figure out how to rip fonts from Google Fonts. Change-Id: I66f62ca639bf399223a1cd030d057bdcc3bc0de1
* Set a minimal CSPVika2025-01-022-2/+7
| | | | | | | | | | | - Styles and scripts can now only be loaded from Kittybox (hint: use the media endpoint if you wish to upload custom CSS) - Inline scripts are now completely prohibited (this means it's safe to show arbitrary HTML from Webmentions) - `<base>` element is prohibited (who uses that anyway?) - Loading anything else is only allowed via HTTPS Change-Id: I285a18b71dd9860416b18dd0e88f8fe7c8511e0b
* Set X-Content-Type-Options: nosniffVika2025-01-023-6/+24
| | | | | | | | This prevents browsers from guessing the Content-Type, and since we're always making sure to serve with the known-correct content type, we don't need the browser to guess. Change-Id: I02550d6763969f999ec22ec41e5539f945ea7ca4
* axum: 0.7.9 → 0.8.1Vika2025-01-0111-62/+61
| | | | | | | | | | | | | Some breaking changes. For better or for worse. The optional extractor breaking change is a double-edged sword, since not all extractors can be used with `Option<T>` now, and you have to use `Result<T, T::Rejection>` even when you want to ignore an error coming from an extractor, such as `Query`. However, this allows catching errors on authorization extractors even in places where authorization is optional. Change-Id: I35f809d3adf27dbef0e7ee93dc1a7af178b7d014
* distributed-test: wait for Kittybox to start up explicitlyVika2025-01-011-1/+2
| | | | | | | Makes logs more readable, because we aren't confused on concurrency that the socket listener introduces. Change-Id: Id471d314a1507b5b48d6fa53ba9ca743977c1c6a
* distributed-test: add Postgres-based job queueVika2025-01-011-0/+22
| | | | | | | | This test historically existed to showcase clustering via NFS, so we don't use the Postgres backend for the data. That would be too easy. Instead, we only use it for the webmention job queue! Change-Id: I975893b974063f24f2761186df57db4b876366f6
* PGPASS → PGPASSWORDVika2025-01-012-19/+4
| | | | | | | | Turns out sqlx natively reads a plaintext password from this variable, otherwise from the `$PGPASSFILE`, otherwise from `$HOME/.pgpass`, so I don't need custom logic around passwords. Yay for sqlx being smart! Change-Id: I14858903ea1605469f9ea8095dc3bb056f617e85
* Add a dev-shell and a check to verify MSRVVika2025-01-012-18/+43
| | | | | | This builds the entire crate using my chosen MSRV. Isn't that nice? Change-Id: I8bbe47cc5db63ab3f27616a9e3576a50d349b89b
* Remove Docker containerVika2025-01-012-48/+0
| | | | | | It was outdated. Anyway, Docker is no longer in vogue anyway. Change-Id: Ic1ace406f3f8453de174ee465d0db6d17502822e
* Give NixOS e2e tests unique names in CIVika2025-01-013-3/+3
| | | | Change-Id: I6f9262d94736debf23c8f21618ed49ace8b2b8eb
* Bump MSRV to 1.81 due to dependency using error_in_coreVika2025-01-011-1/+1
| | | | Change-Id: I8c0ccf651d05b33fa33cbf8bb454b27ad6b9af98
* Fix Postgres setup in testsVika2025-01-013-9/+3
| | | | Change-Id: Ibc26d9700faa0c25663146871924ee196dc62274