add castore

Cargo.toml

@@ -1,5 +1,6 @@
 [workspace]
 members = [
+    "chir-rs-castore",
     "chir-rs-config",
     "chir-rs-db",
     "chir-rs-gemini",
@@ -14,6 +15,7 @@ version = "0.1.0"
 edition = "2021"
 
 [dependencies]
+chir-rs-castore = { version = "0.1.0", path = "chir-rs-castore" }
 chir-rs-config = { version = "0.1.0", path = "chir-rs-config" }
 chir-rs-db = { version = "0.1.0", path = "chir-rs-db" }
 chir-rs-gemini = { version = "0.1.0", path = "chir-rs-gemini" }

chir-rs-castore/Cargo.toml

@@ -0,0 +1,59 @@
+[package]
+name = "chir-rs-castore"
+version = "0.1.0"
+edition = "2021"
+
+[dependencies]
+aws-config = { version = "1.5.10", features = ["behavior-version-latest"] }
+aws-sdk-s3 = "1.63.0"
+chir-rs-config = { version = "0.1.0", path = "../chir-rs-config" }
+eyre = "0.6.12"
+tokio = { version = "1.41.1", features = ["fs"] }
+[lints.rust]
+deprecated-safe = "forbid"
+elided_lifetimes_in_paths = "warn"
+explicit_outlives_requirements = "warn"
+impl-trait-overcaptures = "warn"
+keyword-idents-2024 = "forbid"
+let-underscore-drop = "warn"
+macro-use-extern-crate = "deny"
+meta-variable-misuse = "deny"
+missing-abi = "forbid"
+missing-copy-implementations = "warn"
+missing-debug-implementations = "deny"
+missing-docs = "warn"
+missing-unsafe-on-extern = "deny"
+non-local-definitions = "warn"
+redundant-lifetimes = "warn"
+single-use-lifetimes = "warn"
+trivial-casts = "warn"
+trivial-numeric-casts = "warn"
+unit-bindings = "deny"
+unnameable-types = "warn"
+unreachable-pub = "warn"
+unsafe-code = "forbid"
+unused-crate-dependencies = "warn"
+unused-extern-crates = "warn"
+unused-import-braces = "warn"
+unused-lifetimes = "warn"
+unused-macro-rules = "warn"
+unused-qualifications = "warn"
+variant-size-differences = "warn"
+
+[lints.clippy]
+nursery = { level = "warn", priority = -1 }
+pedantic = { level = "warn", priority = -1 }
+module-name-repetitions = "allow"
+alloc-instead-of-core = "warn"
+allow-attributes-without-reason = "deny"
+assertions-on-result-states = "forbid"
+clone-on-ref-ptr = "warn"
+empty-drop = "warn"
+expect-used = "deny"
+inline-asm-x86-att-syntax = "forbid"
+missing-docs-in-private-items = "warn"
+panic = "deny"
+panic-in-result-fn = "forbid"
+rc-buffer = "warn"
+rc-mutex = "deny"
+unwrap-used = "forbid"

chir-rs-castore/src/lib.rs

@@ -0,0 +1,50 @@
+//! Content addressed store for chir.rs
+
+use std::sync::Arc;
+
+use aws_config::{AppName, Region, SdkConfig};
+use aws_sdk_s3::{config::Credentials, Client};
+use chir_rs_config::ChirRs;
+use eyre::{Context as _, Result};
+use tokio::fs::read_to_string;
+
+/// Loads the AWS SDK config from the configuration file
+async fn get_aws_config(config: &Arc<ChirRs>) -> Result<SdkConfig> {
+    let access_key_id = read_to_string(&config.s3.access_key_id_file).await?;
+    let secret_access_key = read_to_string(&config.s3.secret_access_key_file).await?;
+
+    Ok(aws_config::from_env()
+        .region(Region::new(config.s3.region.clone()))
+        .endpoint_url(&config.s3.endpoint)
+        .credentials_provider(Credentials::new(
+            access_key_id,
+            secret_access_key,
+            None,
+            None,
+            "chir.rs configuration file",
+        ))
+        .app_name(AppName::new("chir-rs").context("Valid app name")?)
+        .load()
+        .await)
+}
+
+/// Content Addressed Data Store
+#[derive(Clone, Debug)]
+pub struct CaStore {
+    /// Inner client
+    client: Arc<Client>,
+}
+
+impl CaStore {
+    /// Creates a new CA Store client
+    ///
+    /// # Errors
+    ///
+    /// This function returns an error if the access or secret access key cannot be read.
+    pub async fn new(config: &Arc<ChirRs>) -> Result<Self> {
+        let sdk_config = get_aws_config(config).await?;
+        Ok(Self {
+            client: Arc::new(Client::new(&sdk_config)),
+        })
+    }
+}

chir-rs-config/src/lib.rs

@@ -186,6 +186,21 @@ pub struct Database {
     pub path: String,
 }
 
+/// S3 configuration
+#[derive(Clone, Debug, PartialEq, Eq, Deserialize, Serialize)]
+pub struct S3Config {
+    /// S3 endpoint url
+    pub endpoint: String,
+    /// S3 Region name
+    pub region: String,
+    /// File containing the access key id
+    pub access_key_id_file: PathBuf,
+    /// File containing the secret access key
+    pub secret_access_key_file: PathBuf,
+    /// Bucket name
+    pub bucket: String,
+}
+
 /// Root configuration file
 #[derive(Clone, Debug, PartialEq, Eq, Deserialize, Serialize)]
 pub struct ChirRs {
@@ -199,6 +214,8 @@ pub struct ChirRs {
     pub gemini: Gemini,
     /// Database Configuration
     pub database: Database,
+    /// S3 configuration
+    pub s3: S3Config,
 }
 
 impl ChirRs {

chir-rs-gemini/Cargo.toml

@@ -5,6 +5,7 @@ edition = "2021"
 
 [dependencies]
 bytes = "1.8.0"
+chir-rs-castore = { version = "0.1.0", path = "../chir-rs-castore" }
 chir-rs-config = { version = "0.1.0", path = "../chir-rs-config" }
 chir-rs-db = { version = "0.1.0", path = "../chir-rs-db" }
 eyre = "0.6.12"

chir-rs-gemini/src/lib.rs

@@ -3,6 +3,7 @@
 use std::sync::Arc;
 
 use bytes::BytesMut;
+use chir_rs_castore::CaStore;
 use chir_rs_config::ChirRs;
 use chir_rs_db::Database;
 use eyre::Result;
@@ -19,7 +20,7 @@ use tracing::{error, info};
 /// # Errors
 ///
 /// This function returns an error if starting the gemini server fails
-pub async fn main(cfg: Arc<ChirRs>, _: Database) -> Result<()> {
+pub async fn main(cfg: Arc<ChirRs>, _: Database, _: CaStore) -> Result<()> {
     let certs =
         CertificateDer::pem_file_iter(&cfg.gemini.certificate)?.collect::<Result<Vec<_>, _>>()?;
     let key = PrivateKeyDer::from_pem_file(&cfg.gemini.private_key)?;

chir-rs-http/Cargo.toml

@@ -6,6 +6,7 @@ edition = "2021"
 [dependencies]
 axum = { version = "0.7.9", features = ["tracing"] }
 axum-prometheus = "0.7.0"
+chir-rs-castore = { version = "0.1.0", path = "../chir-rs-castore" }
 chir-rs-config = { version = "0.1.0", path = "../chir-rs-config" }
 chir-rs-db = { version = "0.1.0", path = "../chir-rs-db" }
 chir-rs-http-api = { version = "0.1.0", path = "../chir-rs-http-api", features = [

chir-rs-http/src/lib.rs

@@ -8,6 +8,7 @@ use axum::{
     Router,
 };
 use axum_prometheus::PrometheusMetricLayer;
+use chir_rs_castore::CaStore;
 use chir_rs_config::ChirRs;
 use chir_rs_db::{file::File, Database};
 use chir_rs_http_api::{axum::bincode::Bincode, readiness::ReadyState};
@@ -29,7 +30,7 @@ pub struct AppState {
 /// This function returns an error if the startup of the server fails.
 ///
 /// Errors it encounters during runtime should be automatically handled.
-pub async fn main(cfg: Arc<ChirRs>, db: Database) -> Result<()> {
+pub async fn main(cfg: Arc<ChirRs>, db: Database, _: CaStore) -> Result<()> {
     let (prometheus_layer, metric_handle) = PrometheusMetricLayer::pair();
     let app = Router::new()
         // Routes here

config-example.toml

@@ -13,3 +13,9 @@ private_key = "secrets/server.key"
 certificate = "secrets/server.crt"
 [database]
 path = "secrets/test.db"
+
+[s3]
+region = "us-east-1"
+access_key_id_file = "secrets/access_key_id.txt"
+secret_access_key_file = "secrets/secret_access_key.txt"
+bucket = "chir-rs"

src/main.rs

@@ -92,9 +92,10 @@ fn main() -> Result<()> {
         .block_on(async move {
             let cfg = Arc::new(cfg);
             let db = chir_rs_db::open_database(&cfg.database.path).await?;
+            let castore = chir_rs_castore::CaStore::new(&cfg).await?;
             try_join!(
-                chir_rs_http::main(Arc::clone(&cfg), db.clone()),
+                chir_rs_http::main(Arc::clone(&cfg), db.clone(), castore.clone()),
-                chir_rs_gemini::main(Arc::clone(&cfg), db.clone())
+                chir_rs_gemini::main(Arc::clone(&cfg), db.clone(), castore.clone())
             )
             .context("Starting server components")?;
             Ok::<_, eyre::Report>(())