sieve: use block_list to filter authors

2023-10-18 16:38:02 +02:00 · 2023-10-18 16:38:02 +02:00 · 6a78081469
parent 321217563a
commit 6a78081469
3 changed files with 24 additions and 0 deletions
--- a/nixos-module.nix
+++ b/nixos-module.nix
@ -55,6 +55,7 @@ let
    redis_password_file = cfg.redis.passwordFile;
    in_topic = "relay-in";
    prometheus_port = 9102;
+    blocklist = blocklistPath;
  };

  sieveSettings = lib.recursiveUpdate sieveDefaultSettings cfg.sieve.settings;
--- a/sieve/src/config.rs
+++ b/sieve/src/config.rs
@ -9,6 +9,7 @@ pub struct Config {
    pub in_topic: String,
    priv_key_file: String,
    pub prometheus_port: u16,
+    pub blocklist: String,
 }

 impl Config {
--- a/sieve/src/main.rs
+++ b/sieve/src/main.rs
@ -10,6 +10,7 @@ use cave::{
        self,
        fetch::authorized_fetch,
    },
+    block_list::BlockList,
    config::LoadConfig,
    feed,
 };
@ -43,6 +44,7 @@ async fn main() {
    cave::init::init_logger(5557);

    let config = config::Config::load();
+    let block_list = BlockList::new(&config.blocklist).await;

    PrometheusBuilder::new()
        .with_http_listener(([0; 8], config.prometheus_port))
@ -86,6 +88,7 @@ async fn main() {
        }

        let posts_cache = posts_cache.clone();
+        let block_list = block_list.clone();
        let client = client.clone();
        let mut store = store.clone();
        let priv_key = priv_key.clone();
@ -137,6 +140,25 @@ async fn main() {
            };

            let author: activitypub::Actor = if let Some(author_url) = &post.attributed_to {
+                if let Ok(url) = Url::parse(author_url) {
+                    let host = if let Some(host) = url.host_str() {
+                        host
+                    } else {
+                        tracing::error!("No host in author {author_url}");
+                        return;
+                    };
+                    if block_list.is_blocked(host).await {
+                        tracing::warn!("Ignore blocked author {author_url}");
+                        metrics::counter!("sieve_activity", 1, "type" => "blocked_author");
+                        return;
+                    }
+                } else {
+                    tracing::error!("Invalid author: {author_url}");
+                    metrics::counter!("sieve_activity", 1, "type" => "invalid_author");
+                    return;
+
+                }
+
                match authorized_fetch(&client, author_url, KEY_ID, &priv_key).await {
                    Ok(author) => {
                        metrics::counter!("sieve_activity", 1, "type" => "fetch_author_ok");