Commit Graph

81 Commits

Author SHA1 Message Date
Scott Lamb 7d12e8033d upgrade Rust deps including Retina 2023-12-29 15:30:17 -08:00
Scott Lamb 882596c7f6 prep v0.7.10 2023-11-28 10:37:23 -08:00
Scott Lamb 5b1f7807f9 changelog updates 2023-11-28 10:29:12 -08:00
Leandro Silva 5ea5d27908 Fix typo in v0.7.8 change log note 2023-10-21 20:13:49 -07:00
Scott Lamb a2d243d3a4 support systemd socket activation 2023-10-20 21:44:34 -07:00
Scott Lamb 89ee2d0269 systemd Ready/Stopping notification 2023-10-20 11:51:55 -07:00
Scott Lamb ee98bf5236 no more Docker!
* use `termion` rather than `ncurses` to limit runtime deps
* cross-compile with `cross` instead of our own dockerfiles/scripts
* update instructions
* update release procedure and GitHub actions to match
* prep changelog for `v0.7.8`

Fixes #160
Closes #265
2023-10-18 21:55:47 -07:00
Scott Lamb ef62ebfc6c Merge remote-tracking branch 'origin/release-0.7.7' 2023-10-16 22:05:54 -07:00
Scott Lamb faba358925 bundle UI files into the binary
This is optional but now enabled for release builds.

Why?

* It shrinks the release docker images a bit, as the binary
  includes only the gzipped version of files and uncompressed into RAM
  at startup (which should be fast).

* It's a step toward #160.
2023-08-06 08:16:27 -05:00
Scott Lamb cff832e646 prep v0.7.7 2023-08-03 14:03:48 -07:00
Scott Lamb 02ac1a5570 fix #289: crash on sample dir `Add` button press 2023-08-03 15:58:57 -05:00
Scott Lamb 0f019b6fb3 log to stderr, not stdout 2023-08-03 15:48:59 -05:00
Scott Lamb 4ad627b997 prep 0.7.6 release 2023-07-08 10:22:04 -07:00
Scott Lamb aa60bc991c test and fix #282
Sessions' last use updates weren't getting persisted to the database
because the update statement wasn't passing through the hash.

Also address a TODO of tracing in tests by using the same tracing
setup as in production.
2023-07-04 20:53:53 -07:00
Scott Lamb 028243532a upgrade to Rust 1.70, use `std::sync::OnceLock`
The most notable part of this is that `db::auth` no longer holds a lock
during password hashing operations. That was probably never a great
idea...
2023-07-04 20:44:21 -07:00
Scott Lamb ebcdd76084 switch from `log` to `tracing`
I think this is a big improvement in readability.

I removed the `lnav` config, which is a little sad, but I don't think it
supports this structured logging format well. Still seems worthwhile on
balance.
2023-07-04 16:51:22 -07:00
Skye db2e0f1d39 Bump minimum Rust version to 1.65 2023-07-04 16:37:36 -07:00
Scott Lamb 53414ed903 upgrade to Retina 0.4.5 2023-07-04 13:46:15 -07:00
Scott Lamb 438de38202
rework WebSocket error return protocol
This gives much better information to the UI layer, getting rid of a
whole troubleshooting guide entry. See #119 #132 #218 #219

I also restructured the code in anticipation of a new WebSocket event
stream (#40).
2023-02-15 17:26:40 -08:00
Scott Lamb 015dfef9c9
fix #257
Apparently a `MenuItem` with a value of `undefined` is possible but
doesn't actually fire a change event. Strange. Use the string `"null"`
instead.
2023-02-13 11:05:27 -08:00
Scott Lamb f7718edc7f
`moonfire-nvr login --permissions`: take JSON
This improves usability and shrinks the binary: 12.0 MiB to 11.0 MiB
just now.
2023-02-11 12:08:50 -08:00
Scott Lamb dac0f44ed8
user admin UI 2023-01-08 03:30:53 -06:00
Scott Lamb 8c4e69f772
user admin api improvements 2023-01-08 03:21:42 -06:00
Scott Lamb a4bc7f5218
config file reference and doc reorganization 2023-01-06 14:25:13 -06:00
Scott Lamb 689765ea97
upgrade Rust deps 2023-01-05 17:43:45 -06:00
Scott Lamb cc34a1aef5
Retina 0.4.4 2023-01-05 16:38:13 -06:00
Scott Lamb dfa949815b
tweaks to api and docs
In particular, the docs now talk about the CSRF protection. This is
increasing relevant as we start having more mutation endpoints. And
make the signals api expect a csrf for session auth to match the newer
users api.
2023-01-05 12:21:35 -06:00
Scott Lamb 42fe054d46
make `GET /api/` return current permissions
This is useful for e.g. deciding whether or not to present the user
admin UI in navigation.

As part of this change, I adjusted the casing in Permissions, and then
all the toml stuff for consistency. Noted in changelog.
2022-12-31 12:43:13 -05:00
Scott Lamb c02fc6f439 more user admin actions 2022-12-25 23:01:17 -05:00
Scott Lamb 3ab30a318f add GET /users/ endpoint 2022-12-25 23:01:17 -05:00
Scott Lamb dffec68b2f retrieve and set users' permissions 2022-12-25 23:01:17 -05:00
Scott Lamb ae502200c0 upgrade various Rust dependencies
This stops using parking_lot entirely. Since Rust 1.62, the std
implementations on Linux are direct futexes, not the boxed pthread
mutexes they used to be. No real reason to use parking_lot anymore, so
shed this dependency.
2022-09-28 22:20:48 -07:00
Scott Lamb b03eceb21a upgrade to Retina 0.4.1
Fixes #234
2022-08-09 08:02:07 -07:00
Scott Lamb 8e8b48b906 prepare 0.7.5 with Retina 0.3.10
Fixes #224
2022-05-09 13:17:18 -07:00
Scott Lamb 841e06e354 update a few deps 2022-05-02 11:23:03 -07:00
Scott Lamb 2e49a1a0c8 bump minimum Rust to 1.57
Addresses a breakage with cdfb61f. the `named-profile` feature
wasn't available in 1.56.
2022-04-14 10:58:23 -07:00
Scott Lamb cdfb61fb35 build docker image with lto 2022-04-14 10:53:03 -07:00
Scott Lamb fd7438dd28 ignore port number in ws origin check
Fixes #219
2022-04-13 21:49:18 -07:00
Scott Lamb 9e6ac27cb0 mention #206 in v0.7.4 changelog 2022-04-13 18:14:57 -07:00
Scott Lamb 13bfb76855 prepare v0.7.4 2022-04-13 15:08:15 -07:00
Scott Lamb 18f29f8bdb create gh release on tag
For #210

*   update changelog format so that `parse-changelog` is happy.
*   add the example from taiki-e/create-gh-release-action verbatim.
    Fingers crossed it works in my setup.
2022-04-13 15:00:49 -07:00
Scott Lamb 3bc552b950 seamless mid-stream video parameter changes
For #217. This handles the recording logic. May still need fixes to
playback and/or live stream logic.
2022-04-13 14:39:47 -07:00
Scott Lamb 5e7d558f99 upgrade to Retina v0.3.9
This alone improves interop and diagnostics, as noted in Retina's
release notes. We also now give the camera name to the session group
(for improved logging of TEARDOWN operations) and expose the RTSP
server's "tool" attribute in debug logs and the config UI's "Test"
button.

Fixes #209
Fixes #213
2022-04-12 15:00:35 -07:00
Scott Lamb 3bc410b417 prepare v0.7.3 2022-03-22 14:56:15 -07:00
Scott Lamb 4c9aa93fdf check WebSocket origin
This fixes a real cross-site WebSocket hijacking (CSWSH) vulnerability.
If the attacker knows the URL of an NVR installation this user is
authenticated to and the UUID of a camera, and can trick the user into
visiting their webpage, they can grab the live stream. At least there's
some entropy in the camera UUID, but it was never intended to be a
secret.
2022-03-22 14:51:12 -07:00
Scott Lamb be3a5b200e prepare v0.7.2 2022-03-16 18:31:12 -07:00
Scott Lamb 892427592e tweak config format (#133)
* switch from json to toml.
  I think this will be more user-friendly. It allows comments and has
  less punctuation. Fewer surprises than yaml (which has e.g. the
  "Norway problem"). I might have stayed with JSON if I could see a
  good serde json library that allows comments, but hson is unmaintained
  and serde-json strictly follows the spec.

* switch from camelCase to snake_case. Seems more idiomatic for TOML
  and matches the Rust source.

* forbid unknown keys. Better to spot errors sooner.

* rename "trust_forward_hdrs" to "trust_forward_headers". Nothing else
  is abbreviated.
2022-03-16 12:34:39 -07:00
Scott Lamb ceaef46ea9 introduce /etc/moonfire-nvr.json (#133) 2022-03-09 13:18:33 -08:00
Scott Lamb 9d70d68710 fix #187 via a dependency upgrade
I did a full `cargo upgrade` and fixed what it broke:

*   a couple things for the latest protobuf 3.0 alphas
    (note alphas don't promise API stability)
*   new minimum supported Rust version

This should have some other nice effects: parking_lot now uses inline
assembler, tokio has gotten faster, etc.
2022-03-08 11:24:44 -08:00
Scott Lamb 0406e09ca4 reduce debug output in release/bench builds
This reduces the binary size from 154 MiB to 70 MiB (#70 progress).
Tools like `cargo flamegraph` still work fine.

As suggested by "EarthFeet" on reddit:
https://www.reddit.com/r/rust/comments/rw0jad/cargos_strip_profile_option_has_been_stabilized/hra193k/
2022-01-05 10:28:32 -08:00