diff options
| author | yo momma <shutup@oops.wtf> | 2026-01-27 03:33:16 +0000 |
|---|---|---|
| committer | yo momma <shutup@oops.wtf> | 2026-01-27 03:33:16 +0000 |
| commit | fc9a4ea22eb91757b95cbe1bf1708be17fc2337a (patch) | |
| tree | 76a0122149e3288ee21d7fb6d0410b1b7b8970a4 /src/utils.clj | |
| parent | 25b74138d68ade87689e714f10e1f3116da5bbee (diff) | |
- Replace hardcoded dump.fm URLs with host/scheme config\n- Add optional passwordless login flow\n- Update templates/static assets to avoid blocked HTTP resources\n- Ignore local uploads/SQL dumps
Diffstat (limited to 'src/utils.clj')
| -rwxr-xr-x | src/utils.clj | 26 |
1 files changed, 21 insertions, 5 deletions
diff --git a/src/utils.clj b/src/utils.clj index c0b8b28..57060a6 100755 --- a/src/utils.clj +++ b/src/utils.clj @@ -24,11 +24,14 @@ config )) -(let [db-name "dumpfm" - db-user (or (System/getenv "DUMP_DBNAME") "postgres") - db-pass "root"] +(let [db-name (or (System/getenv "DUMPFM_DB_NAME") "dumpfm") + db-user (or (System/getenv "DUMPFM_DB_USER") "postgres") + db-pass (or (System/getenv "DUMPFM_DB_PASSWORD") "") + db-port (let [p (System/getenv "DUMPFM_DB_PORT")] + (if p (Integer/parseInt p) 5432))] (def *db* {:datasource (doto (new PGPoolingDataSource) (.setServerName db-server) + (.setPortNumber db-port) (.setDatabaseName db-name) (.setUser db-user) (.setPassword db-pass) @@ -47,8 +50,21 @@ (throw (Exception. (str "Invalid url " u)))))) (defn get-ip [request] - (let [ip (get (:headers request) "x-real-ip") ; behind nginx - ip (if ip ip (:remote-addr request))] (str ip))) ; deployed locally + ;; Prefer reverse-proxy headers, falling back to :remote-addr when running directly. + ;; Caddy sets X-Forwarded-For by default. + (let [headers (:headers request) + x-real (get headers "x-real-ip") + xff (get headers "x-forwarded-for") + xff (when (and xff (string? xff) (not= "" xff)) + (let [ip (.trim (aget (.split xff ",") 0))] + (when-not (= "unknown" (.toLowerCase ip)) ip))) + ip (or x-real xff (:remote-addr request)) + ip (if (string? ip) (.trim ip) (str ip)) + ;; If a proxy includes an IPv4 port suffix, strip it (keep IPv6 intact). + ip (if (and (.contains ip ".") (.contains ip ":")) + (first (.split ip ":")) + ip)] + ip)) (defn append [& seqs] (reduce into (map vector seqs))) |