From c63a090569d6ef8d12743f802b0361e22c4422cd Mon Sep 17 00:00:00 2001 From: ari melody Date: Sat, 16 Aug 2025 22:35:49 +0100 Subject: [PATCH 1/4] fix HTTPLog panic with no User-Agent --- main.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.go b/main.go index 53f2883..edd4c87 100644 --- a/main.go +++ b/main.go @@ -626,6 +626,6 @@ func HTTPLog(next http.Handler) http.Handler { lrw.Status, colour.Reset, elapsed, - r.Header["User-Agent"][0]) + r.Header.Get("User-Agent")) }) } From 5a330ad7fa631ea331dbf02846262acabbd9ab3e Mon Sep 17 00:00:00 2001 From: ari melody Date: Tue, 19 Aug 2025 15:22:59 +0100 Subject: [PATCH 2/4] fix some opengraph --- views/index.html | 2 +- views/music-gateway.html | 6 +++--- views/music.html | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/views/index.html b/views/index.html index 23f40ea..23764e1 100644 --- a/views/index.html +++ b/views/index.html @@ -8,7 +8,7 @@ - + diff --git a/views/music-gateway.html b/views/music-gateway.html index 9007c02..febef4d 100644 --- a/views/music-gateway.html +++ b/views/music-gateway.html @@ -9,8 +9,8 @@ - - + + @@ -19,7 +19,7 @@ - + diff --git a/views/music.html b/views/music.html index 51f712d..e0a5110 100644 --- a/views/music.html +++ b/views/music.html @@ -8,7 +8,7 @@ - + From c82709084b32837956a86d2aa0ccdc4031f4dabf Mon Sep 17 00:00:00 2001 From: ari melody Date: Wed, 20 Aug 2025 12:41:55 +0100 Subject: [PATCH 3/4] add quick security check to requests --- main.go | 33 ++++++++++++++++++++++++++++++++- 1 file changed, 32 insertions(+), 1 deletion(-) diff --git a/main.go b/main.go index edd4c87..9133958 100644 --- a/main.go +++ b/main.go @@ -515,7 +515,7 @@ func main() { fmt.Printf("Now serving at http://%s:%d\n", app.Config.Host, app.Config.Port) stdLog.Fatal( http.ListenAndServe(fmt.Sprintf("%s:%d", app.Config.Host, app.Config.Port), - HTTPLog(DefaultHeaders(mux)), + CheckRequest(&app, HTTPLog(DefaultHeaders(mux))), )) } @@ -562,6 +562,37 @@ var PoweredByStrings = []string{ "30 billion dollars in VC funding", } +func CheckRequest(app *model.AppState, next http.Handler) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + // requests with empty user agents are considered suspicious. + // every browser supplies them; hell, even curl supplies them. + // i only ever see null user-agents paired with malicious requests, + // so i'm canning them altogether. + if len(r.Header.Get("User-Agent")) == 0 { + http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest) + return + } + + // same with .php and awkward double-slash requests. + // obviously these don't affect me, but these tend to be lazy intrusion + // attempts. if that's what you're about, i don't want you on my site. + if strings.HasPrefix(r.URL.Path, "//") || + strings.HasSuffix(r.URL.Path, ".php") || + strings.HasSuffix(r.URL.Path, ".php7") { + http.NotFound(w, r) + fmt.Fprintf( + os.Stderr, + "WARN: Suspicious activity blocked: {\"path\":\"%s\",\"address\":\"%s\"}\n", + r.URL.Path, + r.RemoteAddr, + ) + return + } + + next.ServeHTTP(w, r) + }) +} + func DefaultHeaders(next http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { w.Header().Add("Server", "ari melody webbed site") From d13cfc74ad7c1f8d68c11adeeaf633fae38f9f4e Mon Sep 17 00:00:00 2001 From: ari melody Date: Fri, 22 Aug 2025 01:06:37 +0100 Subject: [PATCH 4/4] =?UTF-8?q?complete=20arimelody.space=20migration!=20?= =?UTF-8?q?=F0=9F=8E=89?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- README.md | 11 +--- docker-compose.example.yml | 2 +- public/keys/ari melody_0x92678188_public.asc | 26 -------- public/keys/ari@arimelody.space_public.asc | 66 ++++++++++++++++++++ views/index.html | 4 +- views/music.html | 2 +- 6 files changed, 73 insertions(+), 38 deletions(-) delete mode 100644 public/keys/ari melody_0x92678188_public.asc create mode 100644 public/keys/ari@arimelody.space_public.asc diff --git a/README.md b/README.md index 75b2095..f1fd392 100644 --- a/README.md +++ b/README.md @@ -4,14 +4,9 @@ home to your local SPACEGIRL! 💫 --- -built up from the initial [static](https://forge.arimelody.space/ari/arimelody.me-static) -branch, this powerful, server-side rendered version comes complete with live -updates, powered by a new database and handy admin panel! - -the admin panel currently facilitates live updating of my music discography, -though i plan to expand it towards art portfolio and blog posts in the future. -if all goes well, i'd like to later separate these components into their own -library for others to use in their own sites. exciting stuff! +a slightly-overcomplicated webserver built to show off everything i've worked +on, and then some! this server comes complete with twitch live status tracking, +a portfolio database, and a full-fledged admin CMS panel to manage it all! ## build diff --git a/docker-compose.example.yml b/docker-compose.example.yml index 62843b9..5ba8cfa 100644 --- a/docker-compose.example.yml +++ b/docker-compose.example.yml @@ -1,6 +1,6 @@ services: web: - image: docker.arimelody.space/arimelody.me:latest + image: docker.arimelody.space/arimelody-web:latest build: . ports: - 8080:8080 diff --git a/public/keys/ari melody_0x92678188_public.asc b/public/keys/ari melody_0x92678188_public.asc deleted file mode 100644 index 80a4676..0000000 --- a/public/keys/ari melody_0x92678188_public.asc +++ /dev/null @@ -1,26 +0,0 @@ ------BEGIN PGP PUBLIC KEY BLOCK----- - -mDMEZNW03RYJKwYBBAHaRw8BAQdAuMUNVjXT7m/YisePPnSYY6lc1Xmm3oS79ZEO -JriRCZy0HWFyaSBtZWxvZHkgPGFyaUBhcmltZWxvZHkubWU+iJkEExYKAEECGwMF -CwkIBwICIgIGFQoJCAsCBBYCAwECHgcCF4AWIQTujeuNYocuegkeKt/PmYKckmeB -iAUCZ7UqUAUJCIMP8wAKCRDPmYKckmeBiO/NAP0SoJL4aKZqCeYiSoDF/Uw6nMmZ -+oR1Uig41wQ/IDbhCAEApP2vbjSIu6pcp0AQlL7qcoyPWv+XkqPSFqW9KEZZVwqI -kwQTFgoAOxYhBO6N641ihy56CR4q38+ZgpySZ4GIBQJk1bTdAhsDBQsJCAcCAiIC -BhUKCQgLAgQWAgMBAh4HAheAAAoJEM+ZgpySZ4GIYJsA/jBNwsJTlmV9JMmsW0aF -ApYDoPG1Q7sJ6CRW7xKCRjcqAQDX9iqNnW9Jqo8M3jXfu+aGSF926hg6M3SKm02P -f27bAbgzBGe1JooWCSsGAQQB2kcPAQEHQJbfh5iLHEpZndMgekqYzqTrUoAJ8ZIL -d4WH0dcw9tOaiPUEGBYKACYCGwIWIQTujeuNYocuegkeKt/PmYKckmeBiAUCZ7Uq -VgUJBaOeTACBdiAEGRYKAB0WIQQlu5dWmBR/P3ZxngxgtfA4bj3bfgUCZ7UmigAK -CRBgtfA4bj3bfux+AP4y5ydrjnGBMX7GuB2nh55SRdscSiXsZ66ntnjXyQcbWgEA -pDuu7FqXzXcnluuZxNFDT740Rnzs60tTeplDqGGWcAQJEM+ZgpySZ4GIc0kA/iSw -Nw+r3FC75omwrPpJF13B5fq93FweFx+oSaES6qzkAQDvgCK77qKKbvCju0g8zSsK -EZnv6xR4uvtGdVkvLpBdC7gzBGe1JpkWCSsGAQQB2kcPAQEHQGnU4lXFLchhKYkC -PshP+jvuRsNoedaDOK2p4dkQC8JuiH4EGBYKACYCGyAWIQTujeuNYocuegkeKt/P -mYKckmeBiAUCZ7UqXgUJBaOeRQAKCRDPmYKckmeBiL9KAQCJZIBhuSsoYa61I0XZ -cKzGZbB0h9pD6eg1VRswNIgHtQEAwu9Hgs1rs9cySvKbO7WgK6Qh6EfrvGgGOXCO -m3wVsg24OARntSo5EgorBgEEAZdVAQUBAQdA+/k586W1OHxndzDJNpbd+wqjyjr0 -D5IXxfDs00advB0DAQgHiH4EGBYKACYWIQTujeuNYocuegkeKt/PmYKckmeBiAUC -Z7UqOQIbDAUJBaOagAAKCRDPmYKckmeBiEFxAQCgziQt2l3u7jnZVij4zop+K2Lv -TVFtkbG61tf6brRzBgD/X6c6X5BRyQC51JV1I1RFRBdeMAIXzcLFg2v3WUMccQs= -=YmHI ------END PGP PUBLIC KEY BLOCK----- diff --git a/public/keys/ari@arimelody.space_public.asc b/public/keys/ari@arimelody.space_public.asc new file mode 100644 index 0000000..4323eba --- /dev/null +++ b/public/keys/ari@arimelody.space_public.asc @@ -0,0 +1,66 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mDMEZNW03RYJKwYBBAHaRw8BAQdAuMUNVjXT7m/YisePPnSYY6lc1Xmm3oS79ZEO +JriRCZy0IGFyaSBtZWxvZHkgPGFyaUBhcmltZWxvZHkuc3BhY2U+iQJJBBMWCgHx +AhsDBQkIgw/zBQsJCAcCAiICBhUKCQgLAgQWAgMBAh4HAheAAhkBFiEE7o3rjWKH +LnoJHirfz5mCnJJngYgFAmino5w1FIAAAAAAEAAccHJvb2ZAYXJpYWRuZS5pZGRu +czphcmltZWxvZHkuc3BhY2U/dHlwZT1UWFQ6FIAAAAAAEAAhcHJvb2ZAYXJpYWRu +ZS5pZGh0dHBzOi8vZmVkaS5hcmltZWxvZHkuc3BhY2UvQGFyaUQUgAAAAAAQACtw +cm9vZkBhcmlhZG5lLmlkaHR0cHM6Ly9mb3JnZS5ibGlzcy50b3duL2FyaS9rZXlv +eGlkZS1wcm9vZkkUgAAAAAAQADBwcm9vZkBhcmlhZG5lLmlkaHR0cHM6Ly9mb3Jn +ZS5hcmltZWxvZHkuc3BhY2UvYXJpL2tleW94aWRlLXByb29mRhSAAAAAABAALXBy +b29mQGFyaWFkbmUuaWRodHRwczovL2NvZGViZXJnLm9yZy9hcmltZWxvZHkva2V5 +b3hpZGUtcHJvb2ZlFIAAAAAAEABMcHJvb2ZAYXJpYWRuZS5pZGh0dHBzOi8vYnNr +eS5hcHAvcHJvZmlsZS9kaWQ6cGxjOnljdDZjdmdmaXBuZ2l6cnk1dW16a3hyMy9w +b3N0LzNsaWlucW90cXRjMjIACgkQz5mCnJJngYjDpQEAgFn3bXcxw3xF0dwrSURh +qpciMY31bkQy9eDMSKcbloIA/1hX1MnUKETdiAtrrK08z4udIXaJr52E5D7IAZk1 +pZwBtB1hcmkgbWVsb2R5IDxhcmlAYXJpbWVsb2R5Lm1lPoiTBBMWCgA7FiEE7o3r +jWKHLnoJHirfz5mCnJJngYgFAmTVtN0CGwMFCwkIBwICIgIGFQoJCAsCBBYCAwEC +HgcCF4AACgkQz5mCnJJngYhgmwD+ME3CwlOWZX0kyaxbRoUClgOg8bVDuwnoJFbv +EoJGNyoBANf2Ko2db0mqjwzeNd+75oZIX3bqGDozdIqbTY9/btsBiQIKBBMWCgGy +AhsDBQsJCAcCAiICBhUKCQgLAgQWAgMBAh4HAheABQkIgw/zFiEE7o3rjWKHLnoJ +Hirfz5mCnJJngYgFAme1wUA2FIAAAAAAEAAdcHJvb2ZAYXJpYWRuZS5pZGh0dHBz +Oi8vaWNlLmFyaW1lbG9keS5tZS9AYXJpWxSAAAAAABAAQnByb29mQGFyaWFkbmUu +aWRodHRwczovL2dpc3QuZ2l0aHViLmNvbS9hcmltZWxvZHkvMzY2ZGMyYjZhYWVk +ZWMxOWU2MTRiN2NlY2U5Yzg2OWQyFIAAAAAAEAAZcHJvb2ZAYXJpYWRuZS5pZGRu +czphcmltZWxvZHkubWU/dHlwZT1UWFRlFIAAAAAAEABMcHJvb2ZAYXJpYWRuZS5p +ZGh0dHBzOi8vYnNreS5hcHAvcHJvZmlsZS9kaWQ6cGxjOnljdDZjdmdmaXBuZ2l6 +cnk1dW16a3hyMy9wb3N0LzNsaWlucW90cXRjMjJEFIAAAAAAEAArcHJvb2ZAYXJp +YWRuZS5pZGh0dHBzOi8vZ2l0LmFyaW1lbG9keS5tZS9hcmkva2V5b3hpZGVfcHJv +b2YACgkQz5mCnJJngYh3+QD+Pbo3bM4oWtUicGUGEp4jiFoBqSNlyl9rFPY0ODDS +DxEBANaXz/No/Hn3mEwNdrFigj/YPm7TH/4UBbHAxN6hDggPiQJGBBMWCgHuAhsD +BQsJCAcCAiICBhUKCQgLAgQWAgMBAh4HAheABQkIgw/zFiEE7o3rjWKHLnoJHirf +z5mCnJJngYgFAmino5VJFIAAAAAAEAAwcHJvb2ZAYXJpYWRuZS5pZGh0dHBzOi8v +Zm9yZ2UuYXJpbWVsb2R5LnNwYWNlL2FyaS9rZXlveGlkZS1wcm9vZkYUgAAAAAAQ +AC1wcm9vZkBhcmlhZG5lLmlkaHR0cHM6Ly9jb2RlYmVyZy5vcmcvYXJpbWVsb2R5 +L2tleW94aWRlLXByb29mOhSAAAAAABAAIXByb29mQGFyaWFkbmUuaWRodHRwczov +L2ZlZGkuYXJpbWVsb2R5LnNwYWNlL0BhcmllFIAAAAAAEABMcHJvb2ZAYXJpYWRu +ZS5pZGh0dHBzOi8vYnNreS5hcHAvcHJvZmlsZS9kaWQ6cGxjOnljdDZjdmdmaXBu +Z2l6cnk1dW16a3hyMy9wb3N0LzNsaWlucW90cXRjMjI1FIAAAAAAEAAccHJvb2ZA +YXJpYWRuZS5pZGRuczphcmltZWxvZHkuc3BhY2U/dHlwZT1UWFREFIAAAAAAEAAr +cHJvb2ZAYXJpYWRuZS5pZGh0dHBzOi8vZm9yZ2UuYmxpc3MudG93bi9hcmkva2V5 +b3hpZGUtcHJvb2YACgkQz5mCnJJngYgKNQD/UA2THttICUvz2p5cbPlJIm/QStRE +6crttsTeFSsyocgBAPDXpkdssPNNnxxVvCNATTTxiS08Cy+xxQVrjWztjlUCuDME +Z7UmihYJKwYBBAHaRw8BAQdAlt+HmIscSlmd0yB6SpjOpOtSgAnxkgt3hYfR1zD2 +05qI9QQYFgoAJgIbAhYhBO6N641ihy56CR4q38+ZgpySZ4GIBQJntSpWBQkFo55M +AIF2IAQZFgoAHRYhBCW7l1aYFH8/dnGeDGC18DhuPdt+BQJntSaKAAoJEGC18Dhu +Pdt+7H4A/jLnJ2uOcYExfsa4HaeHnlJF2xxKJexnrqe2eNfJBxtaAQCkO67sWpfN +dyeW65nE0UNPvjRGfOzrS1N6mUOoYZZwBAkQz5mCnJJngYhzSQD+JLA3D6vcULvm +ibCs+kkXXcHl+r3cXB4XH6hJoRLqrOQBAO+AIrvuoopu8KO7SDzNKwoRme/rFHi6 ++0Z1WS8ukF0LuDMEZ7UmmRYJKwYBBAHaRw8BAQdAadTiVcUtyGEpiQI+yE/6O+5G +w2h51oM4ranh2RALwm6IfgQYFgoAJgIbIBYhBO6N641ihy56CR4q38+ZgpySZ4GI +BQJntSpeBQkFo55FAAoJEM+ZgpySZ4GIv0oBAIlkgGG5KyhhrrUjRdlwrMZlsHSH +2kPp6DVVGzA0iAe1AQDC70eCzWuz1zJK8ps7taArpCHoR+u8aAY5cI6bfBWyDbg4 +BGe1KjkSCisGAQQBl1UBBQEBB0D7+TnzpbU4fGd3MMk2lt37CqPKOvQPkhfF8OzT +Rp28HQMBCAeIfgQYFgoAJhYhBO6N641ihy56CR4q38+ZgpySZ4GIBQJntSo5AhsM +BQkFo5qAAAoJEM+ZgpySZ4GIQXEBAKDOJC3aXe7uOdlWKPjOin4rYu9NUW2RsbrW +1/putHMGAP9fpzpfkFHJALnUlXUjVEVEF14wAhfNwsWDa/dZQxxxC7g4BGTVtN0S +CisGAQQBl1UBBQEBB0CcDZ2s/NAGhc13AisWei+4XQKNf7z7xBK6AIXhrlkRcQMB +CAeIeAQoFgoAIBYhBO6N641ihy56CR4q38+ZgpySZ4GIBQJntT6fAh0DAAoJEM+Z +gpySZ4GIgX8A/1d8CZFSRB0TRU8h6ijTS1+O2bKJ0uwydfQHL5b3fA4OAQDOU6eG +Ml82IKGhbFoJl7wm5X4+l5+lNqwZymNoZjVhBIh4BBgWCgAgFiEE7o3rjWKHLnoJ +Hirfz5mCnJJngYgFAmTVtN0CGwwACgkQz5mCnJJngYgv8QEA9YbuFnLLUeNJZFMT +KoWeOMJos6wwPnhgnYexntxsu/cBAMd/ORp2KDaZTEwOAUxrO6K1eFkn0pKAcdPq +cdVDnsIL +=Mzcq +-----END PGP PUBLIC KEY BLOCK----- diff --git a/views/index.html b/views/index.html index 23764e1..6d0af2c 100644 --- a/views/index.html +++ b/views/index.html @@ -66,7 +66,7 @@

for anything else, you can reach me for any and all communications through - ari@arimelody.me. if your message + ari@arimelody.space. if your message contains anything beyond a silly gag, i strongly recommend encrypting your message using my public pgp key, listed below!

@@ -93,7 +93,7 @@ my keys 🔑

diff --git a/views/music.html b/views/music.html index e0a5110..e7b4bd9 100644 --- a/views/music.html +++ b/views/music.html @@ -84,7 +84,7 @@ if you do happen to use my work in something you're particularly proud of, feel free to send it my way!

- > ari@arimelody.me + > ari@arimelody.space