akhttpd

command
Version: v0.0.0-...-dfae85e Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 4, 2021 License: Unlicense Imports: 9 Imported by: 0

Documentation

Overview

Command akhttpd is the authorized_keys http daemon. It implements a RESTFUL API which serves authorized_keys files for every GitHub user.

API

This daemon exposes the following API.

GET /
GET /index.html

Returns a human-readable index document.

GET /${username}

When requested from common command line clients, behave like /${username}/authorized_keys. Else, behave like /${username}.html`.

GET /${username}/authorized_keys

Returns an authorized_keys file for the provided username. When successful, returns HTTP 200 along with appropriate Content-Disposition and Content-Type Headers. When the user does not exist, returns HTTP 404. When something goes wrong, returns HTTP 500.

GET /${username}.html

Returns a user-facing page to display keys for the provided username. When successful, returns HTTP 200. When the user does not exist, returns HTTP 404. When something goes wrong, returns HTTP 500.

GET /${username}.sh

Returns a shell script that automatically fills the file '.ssh/authorized_keys' with the keys for the requested user. Any non-existent directories are created. Existing files are overwritten. This script intended to be piped into /bin/sh using a command like

curl http://localhost:8080/username.sh | /bin/sh

When the user does not exist, returns HTTP 404. When something goes wrong, returns HTTP 500.

GET /robots.txt

Returns a robots.txt file.

GET /_/

Optionally serves a static folder for more information and detailed documentation of the current server.

Configuration

akhttpd can be configured using an environment variable as well as command line arguments.

host:port

By default akhttpd listens on localhost, port 8080 only. To change this, pass an argument of the form 'host:port' to the akhttpd command.

GITHUB_TOKEN=token, -token TOKEN

akhttpd interacts with the GitHub API. By default, this interaction is unauthenticated. Instead a GitHub Personal Access Token can be used. It does not need access to any Scopes. It should be provided using either the GITHUB_TOKEN environment variable or the -token flag.

-api-timeout duration

When interacting with the GitHub API, akhttp uses a default timeout of 1s. After this timeout expires, any response is considered invalid and an HTTP 500 is returned to the client. Use this flag to change the default timeout.

-cache-age duration, -cache-size bytes

To avoid unneccessary GitHub API requests, akhttpd caches responses. Respones are cached for 1h by default, with a maximum cache size of 25kb. Use these flags to change the defaults.

-index filename

A sensible default index.html file is served on the root directory. Use this flag to select a different file instead.

-serve path

akhttpd can in addition to the standard routes serve a '_' route. Use this flag to configure a directory to be served from this path

LEGAL_BLOCK=user1,user2

For legal reasons it might be neccessary to block specific users from being served using this service. To block a specific user, use the LEGAL_BLOCK variable. It contains a comma-seperated list of users to be blocked.

Source Files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
t or T : Toggle theme light dark auto
y or Y : Canonical URL