git-echo/linux_patch_api
Private
Public Access
1
0
Fork 0
Code Releases 32 Wiki Activity
Files
13225985818db086163689b4366b9c71a0d56622
linux_patch_api/Cargo.toml
git-echo 1322598581 feat: add auto-enrollment, cert validation, and crash loop fixes 
- Auto-enrollment on startup when certs are missing/invalid and enrollment.manager_url configured
- Certificate validation (existence, parse, expiry, key match, CA trust)
- --enroll exits after completion (no port conflict with systemd service)
- --renew-certs flag for manual cert renewal
- SO_REUSEADDR on TcpListener::bind (prevents Address already in use)
- Polling token persistence for enrollment resume after restart
- Exit code strategy (0=clean, 1=error, 2=enrollment in progress)
- HTTP 409 (host already exists) handling during enrollment
- Move 'Listening on' log after actual bind
- Increase RestartSec to 10s and add StartLimitBurst=5
- Postinst checks for certs and enrollment URL, prints guidance
- EnrollmentConfig.manager_url changed to Option<String>
- cert_renewal_threshold_days and polling_token config fields
- Updated SPEC.md and DEPLOYMENT_GUIDE.md with new workflow
- RCA document for crash loop root cause analysis
- Version bumped to 1.2.0
2026-05-29 10:44:42 -05:00

125 lines
2.6 KiB
TOML
Raw Blame History

[package]
name = "linux-patch-api"
version = "1.2.0"
edition = "2021"
authors = ["Echo <echo@moon-dragon.us>"]
description = "Secure remote package management API for Linux systems"
license = "MIT"
repository = "https://gitea.moon-dragon.us/echo/linux_patch_api"
rust-version = "1.75"
[dependencies]
# Web framework (Actix-web for HTTP API)
actix-web = { version = "4", features = ["rustls-0_23"] }
actix-rt = "2"
actix-web-actors = "4"
actix = "0.13"
actix-tls = { version = "3", features = ["rustls-0_23"] }
# Async runtime
tokio = { version = "1", features = ["full"] }
# TLS/mTLS (rustls for modern TLS 1.3)
rustls = { version = "0.23", features = ["aws_lc_rs"] }
rustls-pemfile = "2"
tokio-rustls = "0.26"
x509-parser = "0.16"
# WebSocket support (actix-web-actors provides WebSocket for Actix-web)
tokio-tungstenite = "0.21"
futures-util = "0.3"
# Serialization
serde = { version = "1", features = ["derive"] }
serde_json = "1"
serde_yaml = "0.9"
# Configuration
config = "0.14"
notify = "6"
# Logging
tracing = "0.1"
tracing-subscriber = { version = "0.3", features = ["env-filter", "json"] }
tracing-appender = "0.2"
# UUID for request IDs and job IDs
uuid = { version = "1", features = ["v4", "serde"] }
# Time/Date
chrono = { version = "0.4", features = ["serde"] }
time = "0.3"
# Error handling
thiserror = "1"
anyhow = "1"
# Async channels
async-channel = "2"
# Process management (for package operations)
sysinfo = "0.30"
# Network utilities
addr = "0.15"
if-addrs = "0.13"
# HTTP client for enrollment communication
reqwest = { version = "0.12", default-features = false, features = ["json", "rustls-tls"] }
# Clap for CLI arguments
clap = { version = "4", features = ["derive", "env"] }
# Systemd integration
systemd = "0.10"
pidlock = "0.2"
# URL parsing
url = "2"
# Socket options (SO_REUSEADDR)
socket2 = { version = "0.5", features = ["all"] }
# File locking for concurrent-safe whitelist modifications
fs2 = "0.4"
[dev-dependencies]
actix-rt = "2"
tokio-test = "0.4"
wiremock = "0.6"
serial_test = "3"
tempfile = "3"
criterion = { version = "0.5", features = ["html_reports"] }
# Integration tests in subdirectories
[[test]]
name = "enroll_identity"
path = "tests/unit/enroll_identity.rs"
[[test]]
name = "enrollment_test"
path = "tests/integration/enrollment_test.rs"
[[test]]
name = "enrollment_e2e"
path = "tests/e2e/test_enrollment_e2e.rs"
[[bench]]
name = "api_benchmarks"
harness = false
[profile.release]
lto = true
codegen-units = 1
panic = "abort"
strip = true
opt-level = 3
[profile.dev]
opt-level = 0
debug = true
[[bin]]
name = "linux-patch-api"
path = "src/main.rs"
View Git Blame Copy Permalink