Initial shared instances backend (#3800)

* Create base shared instance migration and initial routes * Fix build * Add version uploads * Add permissions field for shared instance users * Actually use permissions field * Add "public" flag to shared instances that allow GETing them without authorization * Add the ability to get and list shared instance versions * Add the ability to delete shared instance versions * Fix build after merge * Secured file hosting (#3784) * Remove Backblaze-specific file-hosting backend * Added S3_USES_PATH_STYLE_BUCKETS * Remove unused file_id parameter from delete_file_version * Add support for separate public and private buckets in labrinth::file_hosting * Rename delete_file_version to delete_file * Add (untested) get_url_for_private_file * Remove url field from shared instance routes * Remove url field from shared instance routes * Use private bucket for shared instance versions * Make S3 environment variables fully separate between public and private buckets * Change file host expiry for shared instances to 180 seconds * Fix lint * Merge shared instance migrations into a single migration * Replace shared instance owners with Ghost instead of deleting the instance
2025-06-19 14:46:12 -05:00
parent d4864deac5
commit cc34e69524
61 changed files with 2161 additions and 491 deletions
--- a/apps/labrinth/src/lib.rs
+++ b/apps/labrinth/src/lib.rs
@@ -334,7 +334,7 @@ pub fn app_config(
 pub fn check_env_vars() -> bool {
    let mut failed = false;

-    fn check_var<T: std::str::FromStr>(var: &'static str) -> bool {
+    fn check_var<T: std::str::FromStr>(var: &str) -> bool {
        let check = parse_var::<T>(var).is_none();
        if check {
            warn!(
@@ -361,25 +361,33 @@ pub fn check_env_vars() -> bool {

    let storage_backend = dotenvy::var("STORAGE_BACKEND").ok();
    match storage_backend.as_deref() {
-        Some("backblaze") => {
-            failed |= check_var::<String>("BACKBLAZE_KEY_ID");
-            failed |= check_var::<String>("BACKBLAZE_KEY");
-            failed |= check_var::<String>("BACKBLAZE_BUCKET_ID");
-        }
        Some("s3") => {
-            failed |= check_var::<String>("S3_ACCESS_TOKEN");
-            failed |= check_var::<String>("S3_SECRET");
-            failed |= check_var::<String>("S3_URL");
-            failed |= check_var::<String>("S3_REGION");
-            failed |= check_var::<String>("S3_BUCKET_NAME");
+            let mut check_var_set = |var_prefix| {
+                failed |= check_var::<String>(&format!(
+                    "S3_{var_prefix}_BUCKET_NAME"
+                ));
+                failed |= check_var::<bool>(&format!(
+                    "S3_{var_prefix}_USES_PATH_STYLE_BUCKET"
+                ));
+                failed |=
+                    check_var::<String>(&format!("S3_{var_prefix}_REGION"));
+                failed |= check_var::<String>(&format!("S3_{var_prefix}_URL"));
+                failed |= check_var::<String>(&format!(
+                    "S3_{var_prefix}_ACCESS_TOKEN"
+                ));
+                failed |=
+                    check_var::<String>(&format!("S3_{var_prefix}_SECRET"));
+            };
+
+            check_var_set("PUBLIC");
+            check_var_set("PRIVATE");
        }
        Some("local") => {
            failed |= check_var::<String>("MOCK_FILE_PATH");
        }
        Some(backend) => {
            warn!(
-                "Variable `STORAGE_BACKEND` contains an invalid value: {}. Expected \"backblaze\", \"s3\", or \"local\".",
-                backend
+                "Variable `STORAGE_BACKEND` contains an invalid value: {backend}. Expected \"s3\" or \"local\"."
            );
            failed |= true;
        }