From 2a4c795d5a165f995e9f7dc84e07465b140f3770 Mon Sep 17 00:00:00 2001
From: Alan Pearce
Date: Sat, 27 Apr 2024 21:18:03 +0200
Subject: implement live-reloading dev server

Squashed commit of the following:

commit 02f077432202af4d633eb2cad81dfdaa6921317f
Author: Alan Pearce <alan@alanpearce.eu>
Date:   Sat Apr 27 21:09:14 2024 +0200

    builder: only remove output directory if set and in dev mode

commit 47001e01c55fa6e74aafeda04ebc3e4e7c47eba0
Author: Alan Pearce <alan@alanpearce.eu>
Date:   Sat Apr 27 21:03:37 2024 +0200

    implement live reload on dev server

commit 411ec969f61e4b73439f1c54ea29f75135ecc618
Author: Alan Pearce <alan@alanpearce.eu>
Date:   Sat Apr 27 20:59:26 2024 +0200

    server: implement graceful shutdown

commit 5400132eb6eb1b638e0b3fd4265f51611c92d473
Author: Alan Pearce <alan@alanpearce.eu>
Date:   Sat Apr 27 20:41:07 2024 +0200

    add some debug logs

commit 3c9b678197c044603950232d222f501ef74d7873
Author: Alan Pearce <alan@alanpearce.eu>
Date:   Sat Apr 27 20:39:09 2024 +0200

    prefix log output with executable name

commit 300e24c179e390e9d3f5aeab4471c97f17f1fa64
Author: Alan Pearce <alan@alanpearce.eu>
Date:   Sat Apr 27 20:29:42 2024 +0200

    don't panic inside internal packages, return error instead

commit fe2715d330402ad67fe866471bed89c7238ad2ec
Author: Alan Pearce <alan@alanpearce.eu>
Date:   Fri Apr 26 01:18:29 2024 +0200

    config: use a table to configure CSP headers

commit d012553aaf78a436fa8871830b5d720a9e292d4b
Author: Alan Pearce <alan@alanpearce.eu>
Date:   Thu Apr 25 17:13:39 2024 +0200

    dev: create basic dev server to build and serve from a temporary directory

commit a1d11d3e69650d9b43ca1b1d7b7ccc05a808d5c1
Author: Alan Pearce <alan@alanpearce.eu>
Date:   Thu Apr 25 13:02:22 2024 +0200

    remove unused redirect_other_hostnames config option

commit fd67b19b5c7f76f0c3579e8a05ef20a618e90be7
Author: Alan Pearce <alan@alanpearce.eu>
Date:   Thu Apr 25 12:58:53 2024 +0200

    server: make port a string, which is what go uses

commit c798e8e736c0649008cade337158399470a9099b
Author: Alan Pearce <alan@alanpearce.eu>
Date:   Thu Apr 25 12:58:33 2024 +0200

    config: remove unused port variable

commit f94882b9001f3b0855e26b26b4a84b96e3deb22b
Author: Alan Pearce <alan@alanpearce.eu>
Date:   Thu Apr 25 12:49:10 2024 +0200

    re-organise module layout
---
 internal/config/config.go       | 29 ++++++---------
 internal/config/csp.go          | 44 +++++++++++++++++++++++
 internal/config/cspgenerator.go | 79 +++++++++++++++++++++++++++++++++++++++++
 3 files changed, 134 insertions(+), 18 deletions(-)
 create mode 100644 internal/config/csp.go
 create mode 100644 internal/config/cspgenerator.go

(limited to 'internal/config')

diff --git a/internal/config/config.go b/internal/config/config.go
index d2eabf0..578390e 100644
--- a/internal/config/config.go
+++ b/internal/config/config.go
@@ -5,7 +5,6 @@ import (
 	"log/slog"
 	"net/url"
 	"os"
-	"strconv"
 
 	"github.com/BurntSushi/toml"
 	"github.com/pkg/errors"
@@ -31,18 +30,17 @@ func (u *URL) UnmarshalText(text []byte) (err error) {
 }
 
 type Config struct {
-	DefaultLanguage        string `toml:"default_language"`
-	BaseURL                URL    `toml:"base_url"`
-	RedirectOtherHostnames bool   `toml:"redirect_other_hostnames"`
-	Port                   uint64
-	Production             bool
-	Title                  string
-	Email                  string
-	Description            string
-	DomainStartDate        string `toml:"domain_start_date"`
-	OriginalDomain         string `toml:"original_domain"`
-	Taxonomies             []Taxonomy
-	Extra                  struct {
+	DefaultLanguage  string `toml:"default_language"`
+	BaseURL          URL    `toml:"base_url"`
+	InjectLiveReload bool
+	Title            string
+	Email            string
+	Description      string
+	DomainStartDate  string `toml:"domain_start_date"`
+	OriginalDomain   string `toml:"original_domain"`
+	Taxonomies       []Taxonomy
+	CSP              *CSP `toml:"content-security-policy"`
+	Extra            struct {
 		Headers map[string]string
 	}
 	Menus map[string][]MenuItem
@@ -71,10 +69,5 @@ func GetConfig() (*Config, error) {
 			return nil, errors.Wrap(err, "config error")
 		}
 	}
-	port, err := strconv.ParseUint(getEnvFallback("PORT", "3000"), 10, 16)
-	if err != nil {
-		return nil, err
-	}
-	config.Port = port
 	return &config, nil
 }
diff --git a/internal/config/csp.go b/internal/config/csp.go
new file mode 100644
index 0000000..536d9fc
--- /dev/null
+++ b/internal/config/csp.go
@@ -0,0 +1,44 @@
+// Code generated  DO NOT EDIT.
+package config
+
+import (
+	"github.com/crewjam/csp"
+)
+
+type CSP struct {
+	BaseURI                 []string                     `csp:"base-uri" toml:"base-uri"`
+	BlockAllMixedContent    bool                         `csp:"block-all-mixed-content" toml:"block-all-mixed-content"`
+	ChildSrc                []string                     `csp:"child-src" toml:"child-src"`
+	ConnectSrc              []string                     `csp:"connect-src" toml:"connect-src"`
+	DefaultSrc              []string                     `csp:"default-src" toml:"default-src"`
+	FontSrc                 []string                     `csp:"font-src" toml:"font-src"`
+	FormAction              []string                     `csp:"form-action" toml:"form-action"`
+	FrameAncestors          []string                     `csp:"frame-ancestors" toml:"frame-ancestors"`
+	FrameSrc                []string                     `csp:"frame-src" toml:"frame-src"`
+	ImgSrc                  []string                     `csp:"img-src" toml:"img-src"`
+	ManifestSrc             []string                     `csp:"manifest-src" toml:"manifest-src"`
+	MediaSrc                []string                     `csp:"media-src" toml:"media-src"`
+	NavigateTo              []string                     `csp:"navigate-to" toml:"navigate-to"`
+	ObjectSrc               []string                     `csp:"object-src" toml:"object-src"`
+	PluginTypes             []string                     `csp:"plugin-types" toml:"plugin-types"`
+	PrefetchSrc             []string                     `csp:"prefetch-src" toml:"prefetch-src"`
+	Referrer                csp.ReferrerPolicy           `csp:"referrer" toml:"referrer"`
+	ReportTo                string                       `csp:"report-to" toml:"report-to"`
+	ReportURI               string                       `csp:"report-uri" toml:"report-uri"`
+	RequireSRIFor           []csp.RequireSRIFor          `csp:"require-sri-for" toml:"require-sri-for"`
+	RequireTrustedTypesFor  []csp.RequireTrustedTypesFor `csp:"require-trusted-types-for" toml:"require-trusted-types-for"`
+	Sandbox                 csp.Sandbox                  `csp:"sandbox" toml:"sandbox"`
+	ScriptSrc               []string                     `csp:"script-src" toml:"script-src"`
+	ScriptSrcAttr           []string                     `csp:"script-src-attr" toml:"script-src-attr"`
+	ScriptSrcElem           []string                     `csp:"script-src-elem" toml:"script-src-elem"`
+	StyleSrc                []string                     `csp:"style-src" toml:"style-src"`
+	StyleSrcAttr            []string                     `csp:"style-src-attr" toml:"style-src-attr"`
+	StyleSrcElem            []string                     `csp:"style-src-elem" toml:"style-src-elem"`
+	TrustedTypes            []string                     `csp:"trusted-types" toml:"trusted-types"`
+	UpgradeInsecureRequests bool                         `csp:"upgrade-insecure-requests" toml:"upgrade-insecure-requests"`
+	WorkerSrc               []string                     `csp:"worker-src" toml:"worker-src"`
+}
+
+func (c *CSP) String() string {
+	return csp.Header(*c).String()
+}
diff --git a/internal/config/cspgenerator.go b/internal/config/cspgenerator.go
new file mode 100644
index 0000000..4594d0d
--- /dev/null
+++ b/internal/config/cspgenerator.go
@@ -0,0 +1,79 @@
+package config
+
+//go:generate go run ../../cmd/cspgenerator/
+
+import (
+	"fmt"
+	"os"
+	"reflect"
+
+	"github.com/crewjam/csp"
+	"github.com/fatih/structtag"
+)
+
+func GenerateCSP() error {
+	t := reflect.TypeFor[csp.Header]()
+	file, err := os.OpenFile("./csp.go", os.O_CREATE|os.O_TRUNC|os.O_WRONLY, 0)
+	if err != nil {
+		return err
+	}
+	defer file.Close()
+
+	_, err = fmt.Fprintf(file, `// Code generated  DO NOT EDIT.
+package config
+
+import (
+	"github.com/crewjam/csp"
+)
+
+`)
+	if err != nil {
+		return err
+	}
+
+	_, err = fmt.Fprintf(file, "type CSP struct {\n")
+	if err != nil {
+		return err
+	}
+
+	for i := 0; i < t.NumField(); i++ {
+		field := t.Field(i)
+		var t reflect.Type
+		if field.Type.Kind() == reflect.Slice {
+			t = field.Type
+		} else {
+			t = field.Type
+		}
+		tags, err := structtag.Parse(string(field.Tag))
+		if err != nil {
+			return err
+		}
+		cspTag, err := tags.Get("csp")
+		if err != nil {
+			return err
+		}
+		tags.Set(&structtag.Tag{
+			Key:  "toml",
+			Name: cspTag.Name,
+		})
+
+		_, err = fmt.Fprintf(file, "\t%-23s %-28s `%s`\n", field.Name, t, tags.String())
+		if err != nil {
+			return err
+		}
+	}
+	_, err = fmt.Fprintln(file, "}")
+	if err != nil {
+		return err
+	}
+
+	_, err = fmt.Fprintln(file, `
+func (c *CSP) String() string {
+	return csp.Header(*c).String()
+}
+	`)
+	if err != nil {
+		return err
+	}
+	return nil
+}
-- 
cgit 1.4.1