camo-rs 0.1.0

A Rust implementation of Camo - SSL image proxy
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146

use clap::{Parser, Subcommand};
use std::sync::Arc;

#[derive(Debug, Clone, Parser)]
#[command(name = "camo-rs", about = "SSL image proxy server")]
pub struct Cli {
    #[command(subcommand)]
    pub command: Option<Command>,

    /// HMAC key for URL signing
    #[arg(short, long, env = "CAMO_KEY", global = true)]
    pub key: Option<String>,

    /// Listen address
    #[arg(long, env = "CAMO_LISTEN", default_value = "0.0.0.0:8080")]
    pub listen: String,

    /// Maximum content length in bytes
    #[arg(long, env = "CAMO_LENGTH_LIMIT", default_value_t = 5 * 1024 * 1024)]
    pub max_size: u64,

    /// Maximum number of redirects to follow
    #[arg(long, env = "CAMO_MAX_REDIRECTS", default_value_t = 4)]
    pub max_redirects: u32,

    /// Socket timeout in seconds
    #[arg(long, env = "CAMO_SOCKET_TIMEOUT", default_value_t = 10)]
    pub timeout: u64,

    /// Allow video content types
    #[arg(long, env = "CAMO_ALLOW_VIDEO", default_value_t = false)]
    pub allow_video: bool,

    /// Allow audio content types
    #[arg(long, env = "CAMO_ALLOW_AUDIO", default_value_t = false)]
    pub allow_audio: bool,

    /// Block requests to private/internal networks (RFC1918)
    #[arg(long, env = "CAMO_BLOCK_PRIVATE", default_value_t = true)]
    pub block_private: bool,

    /// Enable metrics endpoint at /metrics
    #[arg(long, env = "CAMO_METRICS", default_value_t = false)]
    pub metrics: bool,

    /// Log level (trace, debug, info, warn, error)
    #[arg(long, env = "CAMO_LOG_LEVEL", default_value = "info")]
    pub log_level: String,
}

#[derive(Debug, Clone, Subcommand)]
pub enum Command {
    /// Start the proxy server (default)
    Serve,

    /// Generate a signed URL
    Sign {
        /// The URL to sign
        url: String,

        /// Camo server base URL
        #[arg(long, default_value = "")]
        base: String,

        /// Use base64 encoding instead of hex
        #[arg(long, default_value_t = false)]
        base64: bool,
    },
}

impl Cli {
    pub fn allowed_content_types(&self) -> Vec<&'static str> {
        let mut types = vec![
            "image/bmp",
            "image/cgm",
            "image/g3fax",
            "image/gif",
            "image/ief",
            "image/jp2",
            "image/jpeg",
            "image/jpg",
            "image/pict",
            "image/png",
            "image/prs.btif",
            "image/svg+xml",
            "image/tiff",
            "image/vnd.adobe.photoshop",
            "image/vnd.djvu",
            "image/vnd.dwg",
            "image/vnd.dxf",
            "image/vnd.fastbidsheet",
            "image/vnd.fpx",
            "image/vnd.fst",
            "image/vnd.fujixerox.edmics-mmr",
            "image/vnd.fujixerox.edmics-rlc",
            "image/vnd.microsoft.icon",
            "image/vnd.ms-modi",
            "image/vnd.net-fpx",
            "image/vnd.wap.wbmp",
            "image/vnd.xiff",
            "image/webp",
            "image/x-cmu-raster",
            "image/x-cmx",
            "image/x-icon",
            "image/x-macpaint",
            "image/x-pcx",
            "image/x-pict",
            "image/x-portable-anymap",
            "image/x-portable-bitmap",
            "image/x-portable-graymap",
            "image/x-portable-pixmap",
            "image/x-quicktime",
            "image/x-rgb",
            "image/x-xbitmap",
            "image/x-xpixmap",
            "image/x-xwindowdump",
            "image/avif",
            "image/heic",
            "image/heif",
        ];

        if self.allow_video {
            types.extend([
                "video/mp4",
                "video/webm",
                "video/ogg",
                "video/quicktime",
                "video/x-msvideo",
            ]);
        }

        if self.allow_audio {
            types.extend([
                "audio/mpeg",
                "audio/ogg",
                "audio/wav",
                "audio/webm",
                "audio/flac",
            ]);
        }

        types
    }
}

pub type SharedConfig = Arc<Cli>;