-/*.cmd
-/ccerts
-/cert.pem
-/certs
+/VERSION
--- /dev/null
+redo-ifchange version.go
+perl -ne 'print "$1\n" if /Version.*"(.*)"$/' < version.go
+++ /dev/null
-redo-ifchange cert.pem tofuproxy.cmd fifos/ensure cmd/zstd/unzstd
-mkdir -p certs ccerts
--- /dev/null
+#!/bin/sh -e
+
+GO_FLAGS="${GO_FLAGS:--ldflags=-s}"
+GO_FLAGS="$GO_FLAGS -mod=vendor"
+${GO:-go} build -o cmd/certgen/certgen $GO_FLAGS cmd/certgen/main.go
+${GO:-go} build -o cmd/tofuproxy/tofuproxy $GO_FLAGS cmd/tofuproxy/main.go
+${GO:-go} build -o cmd/warc-extract/warc-extract $GO_FLAGS cmd/warc-extract/main.go
+cmd/zstd/build cmd/zstd/enzstd.c
+cmd/zstd/build cmd/zstd/unzstd.c
+++ /dev/null
-[ -e certgen.cmd ] || redo certgen.cmd
-umask 077
-./certgen.cmd > $3
--- /dev/null
+/tofuproxy
--- /dev/null
+/warc-extract
-/compile_flags.txt
/enzstd
/unzstd
+++ /dev/null
-redo-ifchange enzstd unzstd
--- /dev/null
+#!/bin/sh -e
+
+PKGCONF="${PKGCONF:-`command -v pkgconf || command -v pkg-config`}"
+${CC:-cc} -fstrict-aliasing $CFLAGS `$PKGCONF --cflags libzstd` -o ${1%%.c} $1 `$PKGCONF --libs libzstd` -lpthread
+++ /dev/null
-redo-ifchange $src conf/zstd.cflags.rc conf/zstd.libs.rc
-read ZSTD_CFLAGS < conf/zstd.cflags.rc
-read ZSTD_LIBS < conf/zstd.libs.rc
-printf "%s" "$CFLAGS $ZSTD_CFLAGS $LDFLAGS $ZSTD_LIBS" |
- tr " " "\n" | grep -v "^$" | sort | uniq
+++ /dev/null
-echo ${PKGCONF:-`command -v pkgconf || command -v pkg-config`}
+++ /dev/null
-redo-ifchange pkgconf.rc
-read PKGCONF < pkgconf.rc
-$PKGCONF --cflags libzstd
+++ /dev/null
-redo-ifchange pkgconf.rc
-read PKGCONF < pkgconf.rc
-$PKGCONF --libs libzstd
+++ /dev/null
-src=$1.c
-redo-ifchange $src conf/zstd.cflags.rc conf/zstd.libs.rc
-read ZSTD_CFLAGS < conf/zstd.cflags.rc
-read ZSTD_LIBS < conf/zstd.libs.rc
-${CC:-cc} -fstrict-aliasing $CFLAGS $ZSTD_CFLAGS -static -o $3 $src $ZSTD_LIBS -lpthread
+++ /dev/null
-redo-ifchange \
- *.go \
- caches/*.go \
- cmd/$2/*.go \
- fifos/*.go \
- rounds/*.go \
- tls/*.go \
- warc/*.go
-UNZSTD_PATH="`pwd`/cmd/zstd/unzstd"
-GO_LDFLAGS="${GO_LDFLAGS:--s}"
-GO_LDFLAGS="$GO_LDFLAGS -X go.stargrave.org/tofuproxy/warc.UnZSTDPath=$UNZSTD_PATH"
-${GO:-go} build -o $3 -ldflags="$GO_LDFLAGS" ./cmd/${1%.cmd}
--- /dev/null
+/tofuproxy.info
--- /dev/null
+@multitable {XXXXX} {XXXX-XX-XX} {XXXX KiB} {meta4 link sig} {xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx}
+@headitem Version @tab Date @tab Size @tab Tarball @tab SHA256 checksum
+
+@end multitable
@insertcopying
@include why.texi
+@include install.texi
@include usage.texi
@include spies.texi
@include certs.texi
--- /dev/null
+@node Install
+@unnumbered Install
+
+Download the tarball with the signature from website and build it.
+You need more or less modern @url{https://go.dev/, Go} and C-compiler
+with @url{https://facebook.github.io/zstd/, libzstd} headers if you need
+WARCs support.
+
+@example
+$ [fetch|wget] http://www.tofuproxy.stargrave.org/download/tofuproxy-@value{VERSION}.tar.zst
+$ [fetch|wget] http://www.tofuproxy.stargrave.org/download/tofuproxy-@value{VERSION}.tar.zst.sig
+$ gpg --verify tofuproxy-@value{VERSION}.tar.zst.sig tofuproxy-@value{VERSION}.tar.zst
+$ zstd -d < tofuproxy-@value{VERSION}.tar.zst | tar xf -
+$ cd tofuproxy-@value{VERSION}
+$ ./build
+@end example
+
+@include download.texi
+
+You @strong{have to} verify downloaded tarballs integrity and
+authenticity to be sure that you retrieved trusted and untampered
+software. @url{https://www.gnupg.org/, GNU Privacy Guard} is used
+for that purpose.
+
+Also there is @url{https://yggdrasil-network.github.io/, Yggdrasil}
+accessible address: @url{http://y.www.tofuproxy.stargrave.org}.
to domains only in @code{stargrave.org} tree:
@example
-$ tee fifos/add-restricted < restricted.txt
+$ tee fifos/add-restricted < contrib/restricted.txt
9215d9eeddeb403b0ffebb228cfc13104da825117d3640a0dfbfc0c08a012124 stargrave.org
[...]
@end example
(for advertisements and better user experience, they say).
@example
-$ tee fifos/add-spies < spies.txt
+$ tee fifos/add-spies < contrib/spies.txt
ads.google.com
advertising.yandex.ru
[...]
--- /dev/null
+redo-ifchange *.texi ../VERSION
+${MAKEINFO:=makeinfo} \
+ -D "VERSION `cat ../VERSION`" \
+ --set-customization-variable SECTION_NAME_IN_TITLE=1 \
+ --set-customization-variable TREE_TRANSFORMATIONS=complete_tree_nodes_menus \
+ --set-customization-variable ASCII_PUNCTUATION=1 \
+ --output $3 index.texi
Currently @command{tofuproxy} uses:
GnuTLS'es @url{https://www.gnutls.org/manual/html_node/certtool-Invocation.html, certtool},
-@url{http://cr.yp.to/redo.html, redo} build system,
@url{https://www.tcl.tk/, Tcl/Tk}'s @command{wish} shell for GUI dialogues,
@command{dwebp}, @command{djxl}, @command{avifdec} for images transcoding,
@url{https://vanheusden.com/multitail/, multitail} for logs viewing.
@itemize
-@item Download and build @command{tofuproxy}:
-
-@example
-$ git clone git://git.stargrave.org/tofuproxy.git
-$ cd tofuproxy
-$ redo all
-@end example
+@item @ref{Install, Download} and build it.
@item
-If build fails because of untrusted @code{ca.cypherpunks.ru} certificate, then:
+Create separate @file{state/} directory, generate @command{tofuproxy}'s
+certificate and create necessary FIFOs by executing @command{state-init}
+helper:
@example
-$ [fetch|wget] http://www.ca.cypherpunks.ru/cert.pem
-$ [fetch|wget] http://www.ca.cypherpunks.ru/cert.pem.asc
-$ gpg --auto-key-locate dane --locate-keys stargrave at stargrave dot org
-$ gpg --auto-key-locate wkd --locate-keys stargrave at gnupg dot net
-$ gpg --verify cert.pem.asc
-$ SSL_CERT_FILE=`pwd`/cert.pem GIT_SSL_CAINFO=`pwd`/cert.pem redo all
+$ mkdir state ; cd state
+$ ../state-init
@end example
@item
-Run @command{tofuproxy} itself. By default it will bind to
+Run @command{tofuproxy} itself then. By default it will bind to
@code{[::1]:8080} and use @code{[::1]:53} DNS server for DANE requests
(set to an empty string to disable DANE lookups):
@example
-$ ./tofuproxy.cmd
+$ ../cmd/tofuproxy/tofuproxy [-ai ecdsa] -unzstd ../cmd/zstd/unzstd
main.go:70: listening: [::1]:8080 dns: [::1]:53 certs: ./certs ccerts: ./ccerts
@end example
@item Watch logs:
@example
-$ ( cd fifos ; ./multitail.sh )
+$ ( cd fifos ; ../../fifos/multitail )
@end example
@image{logs,,,Example logs,.webp}
the next load, if those files exists, they are used as index immediately,
without expensive WARC parsing.
-@code{redo warc-extract.cmd} utility uses exactly the same code for
-parsing WARCs. It can be used to check if WARCs can be successfully
+@code{cmd/warc-extract/warc-extract} utility uses exactly the same code
+for parsing WARCs. It can be used to check if WARCs can be successfully
loaded, to list all URIs after, to extract some specified URI and to
pre-generate @file{.idx.gob} indices.
@example
-$ warc-extract.cmd -idx \
+$ cmd/warc-extract/warc-extract -idx \
smth.warc-00000.warc.gz \
smth.warc-00001.warc.gz \
smth.warc-00002.warc.gz
-$ warc-extract.cmd -uri http://some/uri \
+$ cmd/warc-extract/warc-extract -uri http://some/uri \
smth.warc-00000.warc.gz \
smth.warc-00001.warc.gz \
smth.warc-00002.warc.gz
and much higher decompression speed, than @file{.warc.gz}.
@example
-$ redo cmd/zstd/enzstd
-$ ./warc-extract.cmd -for-enzstd /path/to.warc.gz |
+$ cmd/warc-extract/warc-extract -for-enzstd /path/to.warc.gz |
cmd/zstd/enzstd > /path/to.warc.zst
@end example
-redo-ifchange *.texi
+redo-ifchange *.texi ../VERSION
html=tofuproxy.html
rm -f $html/*.html
${MAKEINFO:=makeinfo} --html \
--css-include style.css \
+ -D "VERSION `cat ../VERSION`" \
--set-customization-variable SECTION_NAME_IN_TITLE=1 \
--set-customization-variable TREE_TRANSFORMATIONS=complete_tree_nodes_menus \
--set-customization-variable FORMAT_MENU=menu \
+#!/bin/sh -e
+
for f in cert dane err http-auth non-ok ok redir req tls tls-auth various warc ; do
[ -p log-$f ] || mkfifo log-$f
done
#!/bin/sh
-multitail \
+exec multitail \
-wh 10 \
-t "Trust" -ci magenta -l "while :; do tai64nlocal < log-cert ; done" \
-t "DANE" --label "DANE " -L "while :; do tai64nlocal < log-dane ; done" \
--- /dev/null
+#!/bin/sh -ex
+
+cur=$(pwd)
+tmp=$(mktemp -d)
+release=$1
+[ -n "$release" ]
+
+git clone . $tmp/tofuproxy-$release
+cd $tmp/tofuproxy-$release
+git checkout v$release
+
+redo-ifchange VERSION
+
+########################################################################
+cd doc
+cat > download.texi <<EOF
+You can obtain releases source code prepared tarballs on
+@url{http://www.tofuproxy.stargrave.org}.
+EOF
+
+mkinfo() {
+ ${MAKEINFO:-makeinfo} --plaintext \
+ --set-customization-variable ASCII_PUNCTUATION=1 \
+ -D "VERSION `cat ../VERSION`" $@
+}
+
+texi=$(mktemp)
+
+cat > $texi <<EOF
+\input texinfo
+@documentencoding UTF-8
+@settitle INSTALL
+@include install.texi
+@bye
+EOF
+mkinfo --output INSTALL $texi
+
+rm $texi
+redo tofuproxy.info
+mv tofuproxy.info INSTALL ..
+cd ..
+
+########################################################################
+
+go mod vendor
+rm -rf vendor/golang.org/x/sys/windows
+find . \( -name .gitignore -o -name .travis.yml \) -delete
+
+########################################################################
+
+rm -rf .redo .git makedist VERSION.do
+find . -type d -exec chmod 755 {} +
+find . -type f -exec chmod 644 {} +
+chmod +x build state-init fifos/ensure fifos/multitail cmd/zstd/build
+
+cd ..
+tar cvf tofuproxy-"$release".tar --uid=0 --gid=0 --numeric-owner tofuproxy-"$release"
+zstd -19 -v tofuproxy-"$release".tar
+tarball=tofuproxy-"$release".tar.zst
+gpg --detach-sign --sign --local-user 12AD32689C660D426967FD75CB8205632107AD8A "$tarball"
+gpg --enarmor < "$tarball".sig |
+ sed "/^Comment:/d ; s/ARMORED FILE/SIGNATURE/" > "$tarball".asc
+meta4-create -file "$tarball" -mtime "$tarball" -sig "$tarball".asc \
+ http://www.tofuproxy.stargrave.org/download/"$tarball" \
+ http://y.www.tofuproxy.stargrave.org/download/"$tarball" > "$tarball".meta4
+
+size=$(( $(stat -f %z $tarball) / 1024 ))
+hash=$(gpg --print-md SHA256 < $tarball)
+release_date=$(date "+%Y-%m-%d")
+
+release_underscored=`echo $release | tr . _`
+cat <<EOF
+An entry for documentation:
+@item $release @tab $release_date @tab $size KiB
+@tab
+ @url{download/$tarball.meta4, meta4}
+ @url{download/$tarball, link}
+ @url{download/$tarball.sig, sig}
+@tab @code{$hash}
+EOF
+
+mv $tmp/$tarball $tmp/"$tarball".sig $tarball.meta4 $cur/doc/tofuproxy.html/download
--- /dev/null
+#!/bin/sh -e
+
+root="$(dirname "$(realpath -- "$0")")"
+[ -s cert.pem ] || {
+ prev=`umask`
+ umask 077
+ "$root"/cmd/certgen/certgen > cert.pem
+ umask $prev
+}
+mkdir -p fifos
+cd fifos
+"$root"/fifos/ensure
+cd ..
+for e in "$root"/contrib/*.txt ; do
+ [ -s "${e##*/}" ] || cp $e .
+done
--- /dev/null
+package tofuproxy
+
+const Version = "0.1.0"