From 92cb32d36f3e7de87715dab8849c4395df435ba1 Mon Sep 17 00:00:00 2001 From: Vincent Breitmoser Date: Fri, 31 Jan 2020 12:35:58 +0100 Subject: [PATCH] wkd: add nginx routes --- dist/errors-static/400-wkd-invalid.htm | 2 ++ dist/errors-static/404-wkd.htm | 1 + hagrid-routes.conf | 28 ++++++++++++++++++++++++++ 3 files changed, 31 insertions(+) create mode 100644 dist/errors-static/400-wkd-invalid.htm create mode 100644 dist/errors-static/404-wkd.htm diff --git a/dist/errors-static/400-wkd-invalid.htm b/dist/errors-static/400-wkd-invalid.htm new file mode 100644 index 0000000..2cfd37d --- /dev/null +++ b/dist/errors-static/400-wkd-invalid.htm @@ -0,0 +1,2 @@ +

Error 400 Invalid request

+

See https://keys.openpgp.org/about/api

diff --git a/dist/errors-static/404-wkd.htm b/dist/errors-static/404-wkd.htm new file mode 100644 index 0000000..0ea2f84 --- /dev/null +++ b/dist/errors-static/404-wkd.htm @@ -0,0 +1 @@ +No key found for this email address. diff --git a/hagrid-routes.conf b/hagrid-routes.conf index 9464b59..c530cdc 100644 --- a/hagrid-routes.conf +++ b/hagrid-routes.conf @@ -93,6 +93,34 @@ location /pks/lookup { return 400; } +# WKD requests +location /.well-known/openpgpkey { + etag off; + + location ~ "^/.well-known/openpgpkey/([^/]+)/hu/([^/][^/])([^/][^/])(.*)" { + limit_req zone=search_email burst=50 nodelay; + error_page 429 /errors-static/429-rate-limit-vks-email.htm; + + error_page 404 /errors-static/404-wkd.htm; + default_type application/pgp-keys; + add_header Content-Disposition 'attachment; filename="$2$3$4.asc"'; + add_header 'Access-Control-Allow-Origin' '*'; + add_header 'Cache-Control' 'no-cache'; + try_files /keys/links/wkd/$1/$2/$3/$4 =404; + } + + location = /.well-known/openpgpkey/policy { + default_type text/plain; + add_header 'Access-Control-Allow-Origin' '*'; + add_header 'Cache-Control' 'no-cache'; + return 200 ''; + } + + add_header 'Access-Control-Allow-Origin' '*'; + error_page 400 /errors-static/400-wkd-invalid.htm; + return 400; +} + location /pks/internal { internal;