The database file was truncated before writes the complete list of
pastas from memory back into it. If power failed in between or microbin
crashed all pasta's would be lost.
This creates a new file then replaces the old with it once the writing
is done. Note the replace (rename) is usually (definitly on linux)
atomic. Therefore it either succeeds or fails and only the new changes
are lost.
With `no-c-deps` enabled microbin can be compiled for aarch64 by simply
passing in `--no-default-features`, `--no-c-deps` & `--target
aarch64-unknown-linux-musl`. The resulting binary is fully static and
does *not* depend on glibc. Therefore it can be deployed to any linux
target running an aarch64 cpu (arm). There is no need for any
containers.
There where four obstactles to easily statically linking microbin
with musl.
- The syntect library depended on the onigura regex engine. With
`no-c-deps` it uses `fancy-regex` a slower alternative fully written
in rust.
- Dependency actix-web supported zstd compression requiring the system
zstd library to be present.
- The rusqlite library build and linked the C-library sqlite. That needs
a crosscompiler and various crosscompile packages. With `no-c-deps`
enabled the sqlite db option is disabled and the -json-db arg must be
used. If the user does not pass -json-db microbin will panic when
starting with a clear error message.
- reqwest was using openssl for reporting telemetry and checking for new
versions. With `no-c-deps` it uses rustls with crypto provider
rustcrypto. While rustcrypto has not been formally verified it should
be good enough for sending telemetry (which should not contain any
secure/personal data anyway) and checking versions.
Uses NamedFile from actix_files for unencrypted files instead of
reading them into memory and setting them as body.
Note the content_type is set by NamedFile now. The code for it is about
identical to what was previously there.
Realistically this privacy level should not allow modifying the data, but even if we did support that, the UX would be very annoying - it is better to make a new upload
- We understand what a pasta is, but let's avoid the situation when you send a link to your mom that ends with microbin.eu/pasta/dog-bat-cat and they misunderstand it.
- Also replaced /pastalist with just /list
- Internally kept "pasta" instead of "upload" to confuse everyone adopting MicroBin after v2
Minimal implementation of an auth mode that is read-only unless a password is provided. Enable MICROBIN_READONLY and set MICROBIN_UPLOADER_PASSWORD to try it out.
Fixes#106
- Implemented configuration telemetry
- Added option to disable version checking
- Updated URL for versioning and telemetry endpoint
- Added option to opt-in for a public MicroBin server list in the future
- Implemented password protection for removals
- Added success message on password-protected upload creation and editing for clarity
- Made auth page focus password field when it's left empty
