lucas.orth/GDPR-Content-Blocker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: release per URL registrieren (gitea-asset) - /api/v1/releases/from-url

Browse Source 
- Admin-Endpoint laedt die ZIP einmal von einer URL (z.B. Gitea-Release-Asset),
  speichert sie lokal; Kunden-Download bleibt token-/lizenzgeschuetzt.
- Guards: Produkt/Version/URL-Pruefung, GITEA_BASE_URL-Restriktion, DNS-SSRF-Schutz,
  optional GITEA_TOKEN fuer private Repos, ZIP-Signatur + 50MB-Limit.
- env-Beispiele + README + Tests.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
s4luorth
2026-06-07 15:51:19 +02:00
parent 576ad1f74a
commit e691b675cd
4 changed files with 102 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
license-backend/.env.example
View File

@@ -20,6 +20,12 @@ PUBLIC_BASE_URL=https://hub.lucas-orth.de
# If left empty, ADMIN_API_TOKEN is used as a fallback.
DOWNLOAD_SECRET=
# Optional: for "release from URL" (POST /api/v1/releases/from-url).
# Restrict which host release ZIPs may be fetched from (recommended):
GITEA_BASE_URL=https://gitea.lucas-orth.de
# Token to download release assets from PRIVATE Gitea repos (leave empty if public):
GITEA_TOKEN=
# Name of the existing Docker network that Nginx Proxy Manager runs on, so NPM
# can reach this container as "license-backend:8080". Find it with:
# docker network ls