diff options
Diffstat (limited to 'src/routes')
| -rw-r--r-- | src/routes/+layout.svelte | 54 | ||||
| -rw-r--r-- | src/routes/api/v1/fs.ts | 20 | ||||
| -rw-r--r-- | src/routes/aup/+page.svelte | 83 | ||||
| -rw-r--r-- | src/routes/home/+page.svelte | 2 | ||||
| -rw-r--r-- | src/routes/login/+server.ts | 4 |
5 files changed, 143 insertions, 20 deletions
diff --git a/src/routes/+layout.svelte b/src/routes/+layout.svelte index dc81706..61bd14e 100644 --- a/src/routes/+layout.svelte +++ b/src/routes/+layout.svelte @@ -10,22 +10,40 @@ <link rel="icon" href={favicon} /> </svelte:head> -<nav class="header"> - <h1 class="text-4xl">crunched</h1> - <p> - <a href="/">home</a> - {#if page.data.session}<a href="/vms">vms</a> - - <a - href="/login/undo?next={encodeURIComponent( - page.url.pathname + page.url.search - )}">logout</a - >{:else}<a - href="/login?scope=default&next={encodeURIComponent( - page.url.pathname + page.url.search - )}">login</a - >{/if} +<div id="app"> + <nav class="header"> + <h1 class="text-4xl">crunched</h1> + <p> + <a href="/home">home</a> - {#if page.data.session}<a href="/vms">vms</a> - + <a + href="/login/undo?next={encodeURIComponent( + page.url.pathname + page.url.search + )}">logout</a + >{:else}<a + href="/login?scope=default&next={encodeURIComponent( + page.url.pathname + page.url.search + )}">login</a + >{/if} + </p> + <div class="my-2"> + <hr /> + </div> + </nav> + {@render children?.()} +</div> + +<footer class="-mb-3 mt-3"> + <p class="text-xs"> + <span class="opacity-60 hover:opacity-100 transition-opacity"> + Copyright (c) 2025 Neobot Verein. + </span><br /> + <span class="opacity-60 hover:opacity-100 transition-opacity"> + <a href="https://git.estrogen.zone/crunched.git/">Source Code</a> + <small>AGPL3</small> + </span> + <span class="opacity-60"> - </span> + <span class="opacity-60 hover:opacity-100 transition-opacity" + ><a href="/aup">Acceptable Use Policy</a></span + > </p> - <div class="my-2"> - <hr /> - </div> -</nav> -{@render children?.()} +</footer> diff --git a/src/routes/api/v1/fs.ts b/src/routes/api/v1/fs.ts new file mode 100644 index 0000000..92714f3 --- /dev/null +++ b/src/routes/api/v1/fs.ts @@ -0,0 +1,20 @@ +import { LockSet } from '$lib/vendor/lock'; +import fs from 'node:fs/promises'; +import process from 'node:process'; +import path from 'node:path'; + +const lockSet = new LockSet(); +const baseDataPath = + process.env.BASE_DATA_PATH ?? path.join(process.cwd(), 'data'); +const usersDir = path.join(baseDataPath, 'users'); +const disksDir = path.join(baseDataPath, 'disks'); + +export const userExists = async (username: string) => { + const unlock = await lockSet.get(username).acquireRead(); + try { + fs.open(path.join(baseDataPath, '')); + } catch (error) { + unlock(); + throw error; + } +}; diff --git a/src/routes/aup/+page.svelte b/src/routes/aup/+page.svelte new file mode 100644 index 0000000..767ee2d --- /dev/null +++ b/src/routes/aup/+page.svelte @@ -0,0 +1,83 @@ +<svelte:head> + <title>Crunched - Acceptable Use Policy</title> +</svelte:head> + +<article> + <h1 class="text-3xl">Crunched - Acceptable Use Policy</h1> + <p> + The Neobot Verein does our best to provide rules limited to preserving our + morality, integrity, reliability and legality of our services.<br /> + We kindly request you follow the following rules: + </p> + <ol class="pl-4 list-decimal"> + <li>No pornography involving minors - real or fictional.</li> + <li>No crypto mining, please.</li> + <li> + No training LLMs. Only run them if their resource usage over time is + similar to any other server we'd see. + </li> + <li> + No hosting black-hat phishing sites or command and control (C&C) servers. + No launching (D)DoS attacks from our infrastructure. No outgoing spam. + </li> + <li> + No Tor Exit Nodes/Open Proxies/i2p Outproxies. Sorry, we don't want the + feds knocking on our door. + </li> + <li>Make an attempt to not have the server wide open for any attacker.</li> + <li> + Be reasonable with resource usage. We don't want to start needing to limit + network interfaces. + </li> + <li> + Try not to get <a + href="https://www.init7.net/de/kleingedrucktes/gtc-init7-2024.pdf" + target="_blank" + rel="noopener noreferrer">init7</a + > + to contact us about your use of our services. + <span class="opacity-70 text-sm">(Link goes to their ToS)</span> + </li> + <li> + Follow regional laws in Zurich, Switzerland - atleast in regards to the + contents hosted here.<br /> + We dislike the feds knocking on our door just as much as anyone else. + </li> + </ol> + <p class="mt-2"> + Tl;dr: Abide by the same general rules any other provider provides. Try not + to violate regional laws in Zurich, Switzerland. + </p> + <h2 class="text-2xl mt-4">Excessive Resource Use Policy</h2> + <p> + In case of excessive resource use, we will try to inform you prior to taking + action. However, if the resource use severely affects other users, or the + server's operations as a whole, we may take actions without prior notice. + </p> + <h2 class="text-2xl mt-4">UGC</h2> + <p> + If you allow user-generated content, you should really try to make sure you + moderate it so illegal material is removed before any complaints reach us. + </p> + <p class="mt-2"> + If you clearly state that your site hosts user-generated content, law + enforcement and child-protection agencies will typically contact you first + rather than contacting us, so ensure you put easily-accessible contact + information. + </p> + <h2 class="text-2xl mt-4">Contact</h2> + <p> + As a user, due to the invite-only nature of this service, if you have + questions regarding the AUP, please just contact the creature that sent you + here. Only admins can generate invites, as of now. + </p> + <p class="mt-2"> + Are you a law enforcement agency and need contact with us? Contact us at <br + /><span class="text-sm p-1 bg-black/10">law-enforcement</span>[at]<span + class="text-sm p-1 bg-black/10">neobot</span + >[dot]<span class="text-sm p-1 bg-black/10">systems</span><br /> + Note that if you are requesting user data, unless you have a legally valid Durchsuchungsbefehl + (or similar) from the Staatsanwaltschaft, we are very likely to deny any requests + for data belonging to our users. + </p> +</article> diff --git a/src/routes/home/+page.svelte b/src/routes/home/+page.svelte index 8fa9ddd..2fc52e6 100644 --- a/src/routes/home/+page.svelte +++ b/src/routes/home/+page.svelte @@ -23,7 +23,7 @@ </div> <button onclick={() => { - alert(checkScope(session, ['vm-own-write'], true)); + alert(checkScope(session, ['vm-own-rm'], true)); }}>need scope</button > <!-- <div slot="submitButton" class="buttonPrimary">Sign out</div> --> diff --git a/src/routes/login/+server.ts b/src/routes/login/+server.ts index 7313f13..d206e7e 100644 --- a/src/routes/login/+server.ts +++ b/src/routes/login/+server.ts @@ -6,14 +6,16 @@ export const GET = async (event) => { let desiredScopes = event.url.searchParams.get('scope') ?? 'default'; desiredScopes = desiredScopes .split(' ') - .flatMap((v) => (v === 'default' ? 'vm-own-read vm-own-write' : '')) + .flatMap((v) => (v === 'default' ? 'vm-own-read vm-own-write' : v)) .join(' '); if (new URL(target, event.url.href).host !== event.url.host) target = '/'; const existingScopes = (event.cookies.get('oid__scopes') ?? '').split(' '); const authed = await event.locals.auth(); const missingScopes = !!desiredScopes .split(' ') + .filter((v) => v) .find((v) => !existingScopes.includes(v)); + if ( // if we're not authenticated !authed || |