Fix documentation and code formatting issues

- cmd/lerproxy/README.md - Fixed grammar and punctuation in note about certificate selection - Improved clarity in instructions for appending intermediate certificates - Corrected wording in explanation of CLI tool issues with certificates - cmd/lerproxy/app/reverse.go - Split long line for X-Forwarded-Host header comment to improve readability - pkg/app/relay/server-publish.go - Reformatted comment block for function description to fit within line length limits - Added comments explaining why certain events aren't deleted from the database - don't delete any kind of directory events - pkg/protocol/socketapi/handleReq.go - Split long lines for better readability in error message and log statements - Improved formatting of the notice envelope message - pkg/app/config/config.go - Added new configuration fields for relay cluster replication authentication - pkg/app/relay/publish/publisher.go - Removed redundant package imports and logging statements
2025-07-30 15:45:47 +01:00
parent 72c6d16739
commit c68654dccc
6 changed files with 37 additions and 19 deletions
--- a/cmd/lerproxy/README.md
+++ b/cmd/lerproxy/README.md
@@ -56,17 +56,17 @@ as:
  extensions and become active in place of the LetsEncrypt certificates

  > Note that the match is greedy, so you can explicitly separately give a subdomain
-  certificate and it will be selected even if there is a wildcard that also matches.
+  certificate, and it will be selected even if there is a wildcard that also matches.

 # IMPORTANT

-With Comodo SSL (sectigo RSA) certificates you also need to append the intermediate certificate 
-to the `.crt` file in order to get it to work properly with openssl library based tools like 
+With Comodo SSL (sectigo RSA) certificates you also need to append the intermediate certificate
+to the `.crt` file to get it to work properly with openssl library based tools like
 wget, curl and the go tool, which is quite important if you want to do subdomains on a wildcard
 certificate.

-Probably the same applies to some of the other certificate authorities. If you sometimes get 
-issues with CLI tools refusing to accept these certificates on your web server or other, this 
+Probably the same applies to some of the other certificate authorities. If you sometimes get
+issues with CLI tools refusing to accept these certificates on your web server or other, this
 may be the problem.

 ## example mapping.txt
--- a/cmd/lerproxy/app/reverse.go
+++ b/cmd/lerproxy/app/reverse.go
@@ -11,7 +11,8 @@ import (
 // NewSingleHostReverseProxy is a copy of httputil.NewSingleHostReverseProxy
 // with the addition of forwarding headers:
 //
-// - Legacy X-Forwarded-* headers (X-Forwarded-Proto, X-Forwarded-For, X-Forwarded-Host)
+// - Legacy X-Forwarded-* headers (X-Forwarded-Proto, X-Forwarded-For,
+// X-Forwarded-Host)
 //
 // - Standardized Forwarded header according to RFC 7239
 // (https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Forwarded)
--- a/pkg/app/config/config.go
+++ b/pkg/app/config/config.go
@@ -41,6 +41,9 @@ type C struct {
 	Owners         []string `env:"ORLY_OWNERS" usage:"list of users whose follow lists designate whitelisted users who can publish events, and who can read if public readable is false (comma separated)"`
 	Private        bool     `env:"ORLY_PRIVATE" usage:"do not spider for user metadata because the relay is private and this would leak relay memberships" default:"false"`
 	Whitelist      []string `env:"ORLY_WHITELIST" usage:"only allow connections from this list of IP addresses"`
+	RelaySecret    string   `env:"ORLY_SECRET_KEY" usage:"secret key for relay cluster replication authentication"`
+	PeerRelayURLs  []string `env:"ORLY_PEER_RELAY_URLS" usage:"list of peer relays URLs that new events are pushed to"`
+	PeerRelayKeys  []string `env:"ORLY_PEER_RELAY_KEYS" usage:"list of peer relay public keys that have full read/write privilege"`
 }

 // New creates and initializes a new configuration object for the relay
--- a/pkg/app/relay/publish/publisher.go
+++ b/pkg/app/relay/publish/publisher.go
@@ -1,13 +1,9 @@
-// Package publisher is a singleton package that keeps track of subscriptions in
-// both websockets and http SSE, including managing the authentication state of
-// a connection.
 package publish

 import (
 	"orly.dev/pkg/encoders/event"
 	"orly.dev/pkg/interfaces/publisher"
 	"orly.dev/pkg/interfaces/typer"
-	"orly.dev/pkg/utils/log"
 )

 // S is the control structure for the subscription management scheme.
@@ -26,9 +22,7 @@ var _ publisher.I = &S{}
 func (s *S) Type() string { return "publish" }

 func (s *S) Deliver(ev *event.E) {
-	log.I.F("number of publishers: %d", len(s.Publishers))
 	for _, p := range s.Publishers {
-		log.I.F("delivering to subscriber type %s", p.Type())
 		p.Deliver(ev)
 	}
 }
--- a/pkg/app/relay/server-publish.go
+++ b/pkg/app/relay/server-publish.go
@@ -18,7 +18,9 @@ import (
 	"orly.dev/pkg/utils/normalize"
 )

-// Publish processes and stores an event in the server's storage. It handles different types of events: ephemeral, replaceable, and parameterized replaceable.
+// Publish processes and stores an event in the server's storage. It handles
+// different types of events: ephemeral, replaceable, and parameterized
+// replaceable.
 //
 // # Parameters
 //
@@ -61,7 +63,13 @@ func (s *Server) Publish(c context.T, evt *event.E) (err error) {
 			for _, ev := range evs {
 				del := true
 				if bytes.Equal(ev.ID, evt.ID) {
-					continue
+					return errorf.W(
+						string(
+							normalize.Duplicate.F(
+								"event already in relay database",
+							),
+						),
+					)
 				}
 				log.I.F(
 					"maybe replace %s with %s", ev.Serialize(), evt.Serialize(),
@@ -75,6 +83,12 @@ func (s *Server) Publish(c context.T, evt *event.E) (err error) {
 						),
 					)
 				}
+				// not deleting these events because some clients are retarded
+				// and the query will pull the new one, but a backup can recover
+				// the data of old ones
+				if ev.Kind.IsDirectoryEvent() {
+					del = false
+				}
 				if evt.Kind.Equal(kind.FollowList) {
 					// if the event is from someone on ownersFollowed or
 					// followedFollows, for now add to this list so they're
@@ -99,7 +113,7 @@ func (s *Server) Publish(c context.T, evt *event.E) (err error) {
 							err = nil
 						}
 						// event has been saved and lists updated.
-						return
+						// return
 					}

 				}
@@ -121,7 +135,7 @@ func (s *Server) Publish(c context.T, evt *event.E) (err error) {
 								err = nil
 							}
 							// event has been saved and lists updated.
-							return
+							// return
 						}
 					}
 				}
--- a/pkg/protocol/socketapi/handleReq.go
+++ b/pkg/protocol/socketapi/handleReq.go
@@ -90,7 +90,11 @@ func (a *A) HandleReq(c context.T, req []byte, srv server.I) (r []byte) {
 					npubList += ", "
 				}
 			}
-			if err = noticeenvelope.NewFrom("relay whitelists read access to users within the second degree of the social graph of " + npubList).Write(a.Listener); chk.E(err) {
+			if err = noticeenvelope.NewFrom(
+				"relay whitelists read access to users within the second " +
+					"degree of the follow list graph of " +
+					npubList,
+			).Write(a.Listener); chk.E(err) {
 				err = nil
 			}
 			// request processing terminates here because auth is required and
@@ -131,7 +135,8 @@ func (a *A) HandleReq(c context.T, req []byte, srv server.I) (r []byte) {
 			for _, ev := range events {
 				if !auth.CheckPrivilege(a.Listener.AuthedPubkey(), ev) {
 					log.W.F(
-						"not privileged: client pubkey '%0x' event pubkey '%0x' kind %s privileged: %v",
+						"not privileged: client pubkey '%0x' event "+
+							"pubkey '%0x' kind %s privileged: %v",
 						a.Listener.AuthedPubkey(), ev.Pubkey, ev.Kind.Name(),
 						ev.Kind.IsPrivileged(),
 					)
@@ -155,7 +160,8 @@ func (a *A) HandleReq(c context.T, req []byte, srv server.I) (r []byte) {
 			}
 		}
 	}
-	if err = eoseenvelope.NewFrom(env.Subscription).Write(a.Listener); chk.E(err) {
+	if err = eoseenvelope.NewFrom(env.Subscription).
+		Write(a.Listener); chk.E(err) {
 		return
 	}
 	receiver := make(event.C, 32)