update hagrid-routes again

2019-05-04 02:42:56 +02:00 · 2019-05-04 02:42:56 +02:00 · 676f2613d1
parent 979257cb97
commit 676f2613d1
1 changed files with 30 additions and 34 deletions
--- a/hagrid-routes.conf
+++ b/hagrid-routes.conf
@ -4,25 +4,26 @@
 # To protect against DOS, we limit the size of possible uploads.
 client_max_body_size 1m;

-location /vks/v1/by-email/ {
-    rewrite "^/vks/v1/by-email/([^/][^/])([^/][^/])([^/]*)$" /by-email/$1$2$3 break;
-    default_type application/pgp-keys;
-    add_header Content-Disposition 'attachment; filename="$1$2$3.asc"';
-    try_files /by-email/$1/$2/$3 @fallback;
-}
+location /vks/v1/ {
+    location ~ ^/vks/v1/by-email/([^/][^/])([^/][^/])([^/]*)$ {
+        default_type application/pgp-keys;
+        add_header Content-Disposition 'attachment; filename="$1$2$3.asc"';
+        try_files /keys/by-email/$1/$2/$3 @fallback;
+    }

-location /vks/v1/by-fingerprint/ {
-    rewrite ^/vks/v1/by-fingerprint/(0x)?([^/][^/])([^/][^/])(..*)$ /vks/v1/by-fingerprint/$2$3$4 break;
-    default_type application/pgp-keys;
-    add_header Content-Disposition 'attachment; filename="$2$3$4.asc"';
-    try_files /by-fpr/$2/$3/$4 @fallback;
-}
+    location ~ ^/vks/v1/by-fingerprint/(?:0x)?([^/][^/])([^/][^/])(..*)$ {
+        default_type application/pgp-keys;
+        add_header Content-Disposition 'attachment; filename="$1$2$3.asc"';
+        try_files /keys/by-fpr/$1/$2/$3 @fallback;
+    }

-location /vks/v1/by-keyid/ {
-    rewrite ^/vks/v1/by-keyid/(0x)?([^/][^/])([^/][^/])(.*)$ /vks/v1/by-keyid/$2$3$4 break;
-    default_type application/pgp-keys;
-    add_header Content-Disposition 'attachment; filename="$2$3$4.asc"';
-    try_files /by-keyid/$2/$3/$4 @fallback;
+    location ~ ^/vks/v1/by-keyid/(?:0x)?([^/][^/])([^/][^/])(.*)$ {
+        default_type application/pgp-keys;
+        add_header Content-Disposition 'attachment; filename="$1$2$3.asc"';
+        try_files /keys/by-keyid/$1/$2/$3 @fallback;
+    }
+
+    proxy_pass http://127.0.0.1:8080;
 }

 # Pass queries that we do not understand to hagrid.
@ -33,25 +34,24 @@ location @fallback {
 # Common HKP requests.
 location /pks/lookup {
    # sq keyserver get <KEYID>, gpg --receive-keys <KEYID>
-    if ($args ~ "^op=get&options=mr&?search=(0x)?([A-F0-9]{2})([A-F0-9]{14})$") {
-        set $dir $2;
-        set $file $3;
-        rewrite . /vks/v1/by-keyid/$dir$file;
+    if ($args ~ "^op=get&options=mr&search=(?:0x)?([a-fA-F0-9]{16})$") {
+        set $keyid $1;
+        set $args "";
+        rewrite . /vks/v1/by-keyid/$keyid last;
    }

    # gpg --receive-keys <FINGERPRINT>
-    if ($args ~ "^op=get&options=mr&?search=(0x)?([A-F0-9]{2})([A-F0-9]{38})$") {
-        set $dir $2;
-        set $file $3;
-        rewrite . /vks/v1/by-fingerprint/$dir$file;
+    if ($args ~ "^op=get&options=mr&search=(?:0x)?([a-fA-F0-9]{40})$") {
+        set $fingerprint $1;
+        set $args "";
+        rewrite . /vks/v1/by-fingerprint/$fingerprint last;
    }

    # gpg --locate-key <EMAIL>
-    if ($args ~ "^op=get&options=mr&?search=(..)([^&]*)(@|%40)([^&]*)") {
-        set $dir $1;
-        set $local $2;
-        set $horst $4;
-        rewrite . /vks/v1/by-email/$dir$local%40$horst;
+    if ($request_uri ~ "^/pks/lookup\?op=get&options=mr&search=([^&]{3,}%40[^&]+)") {
+        set $email $1;
+        set $args "";
+        rewrite . /vks/v1/by-email/$email last;
    }

    proxy_pass http://127.0.0.1:8080;
@ -61,10 +61,6 @@ location /pks {
    proxy_pass http://127.0.0.1:8080;
 }

-location /vks/v1/ {
-    proxy_pass http://127.0.0.1:8080;
-}
-
 location /manage {
    proxy_pass http://127.0.0.1:8080;
 }