SquareCows/pages-server
1
0
Fork 0
Code Issues 5 Pull requests Projects 1 Releases 9 Packages Wiki Activity Actions
9 releases 9 tags
  • v0.1.1 05d7060670

    v0.1.1 - DNS Verification and Custom Domain Redirects Stable

    ric released this 2025-12-04 19:37:37 +00:00 | 1 commits to main since this release

    What's New in v0.1.1

    This release adds two major security and functionality features to Bovine Pages Server.

    DNS TXT Record Verification for Custom Domains

    A new optional security feature to prevent domain hijacking:

    • Ownership Verification: Requires DNS TXT record to prove domain ownership before registering custom domains
    • Security: SHA256 hash with constant-time comparison prevents timing attacks
    • Format: bovine-pages-verification=<SHA256_HASH> where hash = SHA256(owner/repository)
    • Configuration: Enable with enableCustomDomainDNSVerification: true (disabled by default)
    • Backward Compatible: Existing domains continue working when disabled
    • Helper Script: examples/generate-dns-verification-hash.sh for generating hashes
    • Comprehensive Tests: Full test coverage for hash generation and DNS verification

    Custom Domain Redirects

    A powerful URL redirect system for custom domains:

    • Simple Configuration: .redirects file in repository root with FROM:TO format
    • Easy Activation: Visit /LOAD_REDIRECTS endpoint to activate redirects
    • Traefik Integration: Automatically creates Traefik redirectregex middleware
    • Persistent Storage: Stores middleware configuration in Redis
    • Security: Configurable maxRedirects parameter (default: 25) prevents resource exhaustion
    • Flexible Format: Supports comments (#) and empty lines
    • Safe Regex: Automatic escaping of special characters
    • Permanent Redirects: 301 status for all redirects
    • Custom Domains Only: Works only on custom domains, not pages domain URLs
    • Redis Required: Requires Redis cache for middleware storage
    • User-Friendly: Beautiful HTML success/error pages with detailed instructions
    • Well Tested: >90% test coverage for redirects module

    Example: DNS Verification Setup

    # 1. Generate verification hash
./examples/generate-dns-verification-hash.sh squarecows bovine-website
# Output: 73bb8214899661e7f7900c77714586cc51702e6cf26a58c62e17fa9d88f3d3d3

# 2. Add DNS TXT record
TXT bovine.squarecows.com bovine-pages-verification=73bb8214899661e7f7900c77714586cc51702e6cf26a58c62e17fa9d88f3d3d3

# 3. Add to .pages file
enabled: true
custom_domain: bovine.squarecows.com

# 4. Visit pages URL to register
https://squarecows.pages.example.com/bovine-website

    Example: Custom Domain Redirects Setup

    # .redirects file in repository root
# Redirect old blog to new location
/old-blog:/blog
/about-us:/about

# Visit to activate
https://yourdomain.com/LOAD_REDIRECTS

    Breaking Changes

    None - both features are opt-in and backward compatible.

    Configuration

    DNS Verification (optional):

    enableCustomDomainDNSVerification: true  # default: false

    Redirects (optional):

    maxRedirects: 25  # default: 25, max redirects per domain

    Full Changelog

    See CHANGELOG.md for complete details.

    🤖 Generated with Claude Code

    Downloads
  • v0.0.9 4fcbebc218

    v0.0.9 - Documentation Improvements Stable

    ric released this 2025-12-04 13:42:30 +00:00 | 8 commits to main since this release

    Documentation Improvements

    This release focuses on enhancing project documentation through comprehensive wiki updates.

    Wiki Updates

    • Cache Management Page: Created comprehensive guide for managing Redis/Valkey cache including key structures, manual cache management commands, and troubleshooting tips
    • Quick Start Guide Enhancements: Improved getting started experience with clearer installation steps and configuration examples
    • Custom Domains Documentation Updates: Enhanced custom domain setup documentation with detailed DNS verification flow for the upcoming 0.1.0 release
    • Home Page Improvements: Restructured wiki home page for better navigation and accessibility

    Notes

    This is a documentation-only release with no code changes to the plugin itself. The wiki improvements provide better guidance for administrators and users deploying and managing the pages-server plugin.

    Installation

    No changes to installation process. Continue using v0.0.3 for production deployments.

    📚 Generated with Claude Code

    Downloads
  • v0.0.8 e8cdc8f173

    v0.0.8 - Directory Listings and Custom Domain Improvements Stable

    ric released this 2025-12-03 20:24:24 +00:00 | 10 commits to main since this release

    Highlights

    This release adds directory listings functionality and improves custom domain management with several bug fixes.

    New Features

    Directory Index (Apache-style directory listings)

    • Enable Apache-style directory listings for directories without index.html
    • Configure per-repository with directory_index: true in .pages file
    • Beautiful responsive HTML listing with file names, types, and sizes
    • Color-coded icons for files and folders
    • Parent directory navigation
    • Mobile-responsive design
    • Cached for 60 seconds for optimal performance

    Cache Reaper Script

    • Python script for automated cleanup of stale domain mappings
    • Connects to Redis and validates domain mappings against Forgejo API
    • Dry-run mode for safe testing
    • Designed for cron scheduling (hourly, daily, etc.)
    • Exit codes for monitoring and alerting
    • Full documentation in reaper/ directory

    Custom Domain Conflict Prevention

    • Validates custom domain ownership during registration
    • Prevents domain hijacking by checking existing mappings
    • Allows re-registration for the same repository (updates mappings)

    Bug Fixes

    Reaper Script: Added missing priority key to Traefik router cleanup

    • Now properly deletes all 6 Traefik router configuration keys
    • Prevents orphaned keys from remaining in Redis

    Custom Domain Reverse Mapping: Added persistent reverse mapping cache

    • Caches both forward (custom_domain:domain -> username:repository) and reverse (username:repository -> domain) mappings
    • Prevents custom domain resolution failures when forward mapping expires
    • Both mappings use TTL=0 (persistent storage) for reliability

    Documentation

    • Comprehensive wiki documentation for directory listings feature
    • Enhanced Quick Start guide with Traefik and Docker setup
    • Added Redis/Valkey requirement documentation
    • Architecture diagrams using Mermaid.js
    • Rebranded to "Bovine Pages Server"

    Installation

    Add to your Traefik configuration:

    experimental:
  plugins:
    pages-server:
      moduleName: code.squarecows.com/SquareCows/pages-server
      version: v0.0.8

    See the Quick Start Guide for complete setup instructions.

    Full Changelog

    See CHANGELOG.md for complete details.

    Downloads
  • v0.0.7 be39b4bccb

    v0.0.7 - Password Protection & Critical Bug Fixes Stable

    ric released this 2025-12-01 21:15:59 +00:00 | 18 commits to main since this release

    Release v0.0.7

    🎉 What's New

    🔒 Password Protection

    Protect your websites with secure password authentication:

    • Add password: field in .pages file with SHA256 hash
    • Automatic login page with beautiful gradient UI
    • Secure HMAC-signed cookies (HttpOnly, Secure, SameSite=Strict)
    • Configurable auth cookie duration (default: 1 hour)
    • Password hash caching with 60-second TTL
    • Per-repository authentication

    🐛 Critical Bug Fixes

    • CRITICAL: Traefik Router Expiration: Fixed bug where router configurations were expiring after 10 minutes
      • Changed default traefikRedisRouterTTL from 600 seconds to 0 (persistent)
      • Router configurations now persist until explicitly deleted
      • Prevents custom domain sites from disappearing from Traefik
      • External reaper process should clean up stale routers

    📚 Documentation

    • Moved CUSTOM_DOMAINS.md to wiki for better organization
    • Added comprehensive password protection documentation to README and wiki
    • Updated configuration examples with new auth parameters

    📦 Installation

    Update your Traefik configuration to use v0.0.7:

    experimental:
  plugins:
    pages-server:
      moduleName: code.squarecows.com/SquareCows/pages-server
      version: v0.0.7

    🔗 Links

    Downloads
  • v0.0.6 eab9278acc

    v0.0.6 - Critical Bug Fixes and New Features Stable

    ric released this 2025-12-01 20:26:04 +00:00 | 25 commits to main since this release

    Critical Fixes

    Redis Binary Data Corruption (CRITICAL)

    Fixed a critical bug causing data corruption when reading large files from Redis cache:

    • Changed reader.Read() to io.ReadFull() in Redis RESP protocol bulk string reader
    • reader.Read() doesn't guarantee reading all bytes at once, causing partial reads for large files
    • This caused CSS/JS files to be corrupted when served from Redis cache
    • Resulted in Subresource Integrity (SRI) hash mismatches and broken styling
    • Files are now read completely and correctly from Redis cache
    • Action Required: Clear your Redis cache after updating to remove corrupted data

    SVG File Corruption

    Fixed "Char 0x0 out of allowed range" errors when serving SVG files:

    • Replaced custom base64 decoder with Go's standard library encoding/base64
    • Removed buggy custom base64Decode and base64DecodedLen functions
    • Fixes corruption issues with binary files (SVGs, images, fonts)
    • Standard library decoder is more robust and well-tested

    New Features

    Directory Index Support

    Automatic index.html detection for directory URLs:

    • Accessing /pricing/ now automatically tries /pricing/index.html
    • Enables clean URLs without file extensions
    • Only applies to paths without file extensions (directories)
    • Falls back to 404 if neither the directory nor index.html exists
    • Standard web server behavior for improved user experience

    Persistent Custom Domain Storage

    Custom domain mappings now stored without TTL:

    • Changed customDomainCache initialization to use TTL=0 (persistent storage)
    • Modified SetWithTTL() to use SET command instead of SETEX when TTL=0
    • Modified MemoryCache to use expiration=-1 for never-expiring items
    • Enables external reaper scripts to validate and clean up domains via cron
    • Domain mappings persist until explicitly deleted
    • No impact on file content cache (still uses configured TTL)

    HTTP Response Headers

    Added server identification and cache status headers:

    • Added Server: bovine header to all responses (content and error pages)
    • Added X-Cache-Status: HIT header when serving content from cache
    • Added X-Cache-Status: MISS header when fetching content from Forgejo API
    • Enables monitoring and debugging of cache behavior

    Upgrade Instructions

    1. Update the plugin version in your Traefik configuration to v0.0.6
    2. IMPORTANT: Clear your Redis cache to remove corrupted data: 
      redis-cli FLUSHDB
    3. Restart Traefik to load the updated plugin
    4. Verify the site loads correctly with proper CSS/JS

    Full Changelog

    See CHANGELOG.md for complete details.

    Downloads
  • v0.0.5 593e740ae9

    v0.0.5 - Router Configuration Documentation Fixes Stable

    ric released this 2025-11-29 13:09:50 +00:00 | 33 commits to main since this release

    Release v0.0.5

    Documentation-only release that corrects router configuration examples in README.md to match the actual implementation.

    🔧 Fixed

    Router Configuration Documentation

    • Removed incorrect tls.certResolver from pages-custom-domains-https router example
      • The catch-all router should NOT have a certResolver
      • Individual domains get their own routers dynamically created in Redis with proper SSL configuration
    • Updated custom domain setup instructions:
      • Added step 3: Configure Traefik static config with Redis provider
      • Clarified that plugin writes router configurations to Redis
      • Explained that Traefik Redis provider loads routers and requests SSL certificates automatically
    • Fixed configuration examples to match actual implementation behavior

    📚 Documentation

    • Updated custom domain setup with Redis provider configuration requirement
    • Clarified catch-all router behavior vs. individual Redis routers
    • Added explanatory comments to router configuration examples

    📝 Note

    This is a documentation-only release. No code changes from v0.0.4. The configuration examples in the README were incorrect and could cause confusion. This release corrects those examples to match how the Redis router integration actually works.

    See CHANGELOG.md for full details.

    Downloads
  • v0.0.4 645af5fe57

    v0.0.4 - Redis Router Integration & SSL Certificate Fixes Stable

    ric released this 2025-11-29 13:04:36 +00:00 | 35 commits to main since this release

    Release v0.0.4

    Major improvements for automatic SSL certificate generation and custom domain support.

    🔧 Fixed

    ACME Challenge Passthrough

    • Critical fix: Middleware was redirecting ACME HTTP challenges to HTTPS, preventing SSL certificate generation
    • Added automatic detection of /.well-known/acme-challenge/* paths
    • ACME challenges now pass through to Traefik's handler before HTTPS redirect
    • Enables Let's Encrypt to validate custom domains and generate SSL certificates
    • No configuration changes required - works automatically

    Redis Router Registration

    • Fixed service reference: Changed from pages-noop to noop@internal (Traefik's built-in service)
    • Fixed middleware reference: Changed from pages-server to pages-server@file (fully qualified name)
    • Eliminates "service does not exist" and "middleware does not exist" errors in Traefik dashboard
    • No external service configuration required

    Router Configuration

    • Split HTTP (web) and HTTPS (websecure) routers properly
    • Removed incorrect pattern where both entrypoints were on same router with TLS
    • Updated examples/traefik-config.yml with correct 3-router pattern

    📚 Documentation

    • Added comprehensive "Traefik Redis Provider Integration" section to README.md
    • Added ACME Challenge Handling section explaining automatic passthrough
    • Added troubleshooting section for SSL certificate generation issues
    • Created IMPLEMENTATION_SUMMARY.md documenting the Traefik Redis provider implementation
    • Updated all configuration examples with proper router structure

    🚀 Impact

    • Custom Domains: SSL certificates now generate correctly for custom domains
    • Deployment: Existing deployments must update router configuration to split HTTP/HTTPS
    • Security: HTTPS redirect still works for all non-ACME requests

    See CHANGELOG.md for full details.

    Downloads
  • v0.0.3 eabc6b0930

    v0.0.3 - Custom Domain Support Stable

    ric released this 2025-11-29 00:14:38 +00:00 | 41 commits to main since this release

    Release v0.0.3 - Custom Domain Support

    This release adds full custom domain support with a scalable, registration-based approach.

    Key Features

    Custom Domain Support

    • Users can specify custom domains in .pages file
    • Registration-based activation (visit pages URL to activate)
    • Automatic SSL certificate provisioning via Traefik
    • Cache-only lookups for infinite scalability

    Performance

    • Infinite scalability: Performance independent of user/repository count
    • Fast all requests: <5ms response time with cache-only lookups
    • Efficient caching: Only active custom domains consume cache space

    Configuration

    • enableCustomDomains (bool, default: true) - Enable/disable custom domains
    • customDomainCacheTTL (int, default: 600) - Cache TTL in seconds

    How Custom Domains Work

    1. Add custom_domain: www.example.com to repository's .pages file
    2. Visit https://username.pages.domain.com/repository to activate
    3. Configure DNS (A or CNAME record) pointing to Traefik server
    4. Access site at https://www.example.com

    What's Changed

    Added

    • registerCustomDomain method for automatic domain registration
    • resolveCustomDomain method with cache-only lookup
    • parseCustomDomainPath method for custom domain URL parsing
    • Comprehensive test suite in custom_domain_test.go
    • CUSTOM_DOMAINS.md technical documentation
    • Configuration options: enableCustomDomains, customDomainCacheTTL

    Changed

    • ServeHTTP automatically registers custom domains when serving pages
    • Custom domains require activation via pages URL visit
    • Enhanced Traefik router examples with priority-based routing

    Improved

    • Test coverage: 78.2% (up from 74.9%)
    • Simplified architecture: Registration-based approach
    • Better UX: Clear activation steps and helpful error messages

    Installation

    experimental:
  plugins:
    pages-server:
      moduleName: code.squarecows.com/SquareCows/pages-server
      version: v0.0.3

    Documentation

    Full Changelog: https://code.squarecows.com/SquareCows/pages-server/compare/v0.0.2...v0.0.3

    Downloads
  • v0.0.2 fbf9d7a6cb

    v0.0.2 - GPLv3 License & Simplified Architecture Stable

    ric released this 2025-11-27 22:57:48 +00:00 | 42 commits to main since this release

    Version 0.0.2 Release

    This release adds GPLv3 licensing and simplifies the plugin architecture by removing external dependencies and letting Traefik handle what it does best.

    🎉 Added

    • GPLv3 License with full compliance
      • Complete GPLv3 license text in LICENSE file
      • License headers on all Go source files
      • License headers on YAML configuration files
      • Copyright (C) 2025 SquareCows

    🗑️ Removed

    • Cloudflare DNS management - Users now manually configure DNS with any DNS provider

      • Removed cloudflareAPIKey and cloudflareZoneID configuration
      • Removed cloudflare_dns.go and cloudflare_dns_test.go
      • More flexible: works with any DNS provider (Cloudflare, Route53, etc.)

    • Let's Encrypt certificate management - Traefik handles all SSL certificates

      • Removed letsEncryptEndpoint and letsEncryptEmail configuration
      • Removed cert_manager.go and cert_manager_test.go
      • Clearer separation: plugin serves files, Traefik manages SSL

    🔧 Changed

    • Simplified configuration - Only 2 required parameters:
      • pagesDomain - Base domain for pages
      • forgejoHost - Forgejo instance URL
    • Updated module path from github.com/SquareCows/pages-server to code.squarecows.com/SquareCows/pages-server
    • Custom domains require manual DNS A/CNAME record creation

    📈 Improved

    • Test coverage increased from 56.3% to 74.9%
    • Reduced codebase by 741 lines
    • Clearer architecture - plugin focuses on serving static files
    • More flexible DNS - works with any DNS provider

    📚 Documentation

    All documentation updated to reflect new architecture and DNS approach.

    🔗 Links

    Downloads