Commits
After refactoring record deletion logic, we only need
`db.GetReactionStatus`
Signed-off-by: Seongmin Lee <git@boltless.me>
- upsert public key to handle record update event
- don't delete by pair of name and key. delete by name or rkey instead.
Signed-off-by: Seongmin Lee <git@boltless.me>
Most service flow will be:
1. start db transaction
2. run db operation
3. run PDS operation
4. rollback db if anything above failed
5. commit transaction
If PDS operation succeed, don't try rollback anymore. The ingester will
backfill the missed db operations.
Signed-off-by: Seongmin Lee <git@boltless.me>
Signed-off-by: Seongmin Lee <git@boltless.me>
migrate tables: `stars`, `reactions`, `follows`, `public_keys`
Two major changes:
1. Remove autoincrement id for these tables.
AUTOINCREMENT primary key does not help much for these tables and only
introduces slice performance overhead. Use default `rowid` with
non-autoincrement integer instead.
2. Remove unique constraints other than `(did, rkey)`
We cannot block users creating non-unique atproto records. Appview needs
to handle those properly. For example, if user unstar a repo, appview
should delete all existing star records pointing to that repo.
To allow this, remove all constraints other than `(did, rkey)`.
Minor changes done while migrating tables:
- rename `thread_at` in `reactions` to `subject_at` to match with other
tables
- follow common column names like `did` and `created`
- allow self-follow (similar reason to 2nd major change. we should block
it from service layer instead)
Signed-off-by: Seongmin Lee <git@boltless.me>
Signed-off-by: Seongmin Lee <git@boltless.me>
- RBAC should be enforced on service logic.
- We should not check for referenced records existence from db due to
the nature of atproto.
- Comment depth validation is not necessary. We can accept them and just
don't render replies with deeper depth.
Move markdown sanitizer to dedicated package to avoid import cycle
Signed-off-by: Seongmin Lee <git@boltless.me>
Signed-off-by: dawn <dawn@tangled.org>
Signed-off-by: Anirudh Oppiliappan <anirudh@tangled.org>
Lewis: May this revision serve well! <lewis@tangled.org>
Signed-off-by: dawn <dawn@tangled.org>
Signed-off-by: Jens Rømer Hesselbjerg <jh.roemer@gmail.com>
Signed-off-by: dawn <dawn@tangled.org>
Signed-off-by: dawn <dawn@tangled.org>
Lewis: May this revision serve well! <lewis@tangled.org>
Signed-off-by: dawn <dawn@tangled.org>
Signed-off-by: dawn <dawn@tangled.org>
Lewis: May this revision serve well! <lewis@tangled.org>
in mobile view, hide the focus button in the notifications page.
Signed-off-by: oppiliappan <me@oppi.li>
in the topbar, on smaller devices, shrink the full logotype to just the
logo.
Signed-off-by: oppiliappan <me@oppi.li>
Lewis: May this revision serve well! <lewis@tangled.org>
Signed-off-by: dawn <dawn@tangled.org>
Signed-off-by: dawn <dawn@tangled.org>
slirp4netns has a bug where it will break host devices on root user
if this is enabled. so to avoid this, let's disable it. the sandboxing
doesn't matter here because slirp4netns runs next to spindle anyway
so if slirp is compromised you have bigger issues, and seccomp is still
enabled, and if you really care your spindle should be a hardened
systemd service anyway.
Signed-off-by: dawn <dawn@tangled.org>
Signed-off-by: dawn <dawn@tangled.org>
Signed-off-by: dawn <dawn@tangled.org>
Signed-off-by: dawn <dawn@tangled.org>
Signed-off-by: dawn <dawn@tangled.org>
We can't trust `content-length` since blob might be gzipped. use `size`
from `getEntry` output instead.
Signed-off-by: Seongmin Lee <git@boltless.me>
Signed-off-by: Seongmin Lee <git@boltless.me>
Signed-off-by: Seongmin Lee <git@boltless.me>
Signed-off-by: Seongmin Lee <git@boltless.me>
spindle,shuttle,nix: add an alpine microvm image
spindle/microvm: allow user defined binary caches in workflows
shuttle,nix/microvm: get rid of the hacky nix config parsing / rendering, use nix directly so we can access module options
spindle/engine: generalize scheduler out of microvm, make it work-conserving with aging and per-user fairness
spindle/microvm: add resource budget limits and optional cgroup enforcement
Signed-off-by: dawn <dawn@tangled.org>
Lewis: May this revision serve well! <lewis@tangled.org>
Signed-off-by: Anirudh Oppiliappan <x@icyphox.sh>
Signed-off-by: eti <eti@eti.tf>
Lewis: May this revision serve well! <lewis@tangled.org>
Lewis: May this revision serve well! <lewis@tangled.org>
Signed-off-by: Seongmin Lee <git@boltless.me>
Lewis: May this revision serve well! <lewis@tangled.org>
Lewis: May this revision serve well! <lewis@tangled.org>
Signed-off-by: oppiliappan <me@oppi.li>
- move pages.ParseWith to blog.parseLayout
- blog now builds against a new layouts/blogbase instead of inheriting
appview's base layout
Signed-off-by: oppiliappan <me@oppi.li>
- Add unit and integration tests for sandbox and path behavior
- Define a RuleSpec to construct Landlock ruleset
- Enforce $HOME/.config/git/config for git config (was previously
granting the entirety of $HOME)
Signed-off-by: Anirudh Oppiliappan <anirudh@tangled.org>
Signed-off-by: Anirudh Oppiliappan <anirudh@tangled.org>
Lewis: May this revision serve well! <lewis@tangled.org>
Lewis: May this revision serve well! <lewis@tangled.org>
Lewis: May this revision serve well! <lewis@tangled.org>
After refactoring record deletion logic, we only need
`db.GetReactionStatus`
Signed-off-by: Seongmin Lee <git@boltless.me>
migrate tables: `stars`, `reactions`, `follows`, `public_keys`
Two major changes:
1. Remove autoincrement id for these tables.
AUTOINCREMENT primary key does not help much for these tables and only
introduces slice performance overhead. Use default `rowid` with
non-autoincrement integer instead.
2. Remove unique constraints other than `(did, rkey)`
We cannot block users creating non-unique atproto records. Appview needs
to handle those properly. For example, if user unstar a repo, appview
should delete all existing star records pointing to that repo.
To allow this, remove all constraints other than `(did, rkey)`.
Minor changes done while migrating tables:
- rename `thread_at` in `reactions` to `subject_at` to match with other
tables
- follow common column names like `did` and `created`
- allow self-follow (similar reason to 2nd major change. we should block
it from service layer instead)
Signed-off-by: Seongmin Lee <git@boltless.me>
- RBAC should be enforced on service logic.
- We should not check for referenced records existence from db due to
the nature of atproto.
- Comment depth validation is not necessary. We can accept them and just
don't render replies with deeper depth.
Move markdown sanitizer to dedicated package to avoid import cycle
Signed-off-by: Seongmin Lee <git@boltless.me>
slirp4netns has a bug where it will break host devices on root user
if this is enabled. so to avoid this, let's disable it. the sandboxing
doesn't matter here because slirp4netns runs next to spindle anyway
so if slirp is compromised you have bigger issues, and seccomp is still
enabled, and if you really care your spindle should be a hardened
systemd service anyway.
Signed-off-by: dawn <dawn@tangled.org>
spindle,shuttle,nix: add an alpine microvm image
spindle/microvm: allow user defined binary caches in workflows
shuttle,nix/microvm: get rid of the hacky nix config parsing / rendering, use nix directly so we can access module options
spindle/engine: generalize scheduler out of microvm, make it work-conserving with aging and per-user fairness
spindle/microvm: add resource budget limits and optional cgroup enforcement
Signed-off-by: dawn <dawn@tangled.org>
Signed-off-by: Seongmin Lee <git@boltless.me>
Lewis: May this revision serve well! <lewis@tangled.org>