docs: update CHANGELOG

Signed-off-by: Xe Iaso <me@xeiaso.net>

.github/actions/spelling/expect.txt

@@ -1,7 +1,4 @@
 acs
-Actorified
-actorifiedstore
-actorify
 Aibrew
 alibaba
 alrest
@@ -160,7 +157,6 @@ ifm
 Imagesift
 imgproxy
 impressum
-inbox
 inp
 internets
 IPTo

.github/workflows/ssh-ci.yml

@@ -12,14 +12,12 @@ permissions:
 jobs:
   ssh:
     if: github.repository == 'TecharoHQ/anubis'
-    runs-on: alrest-techarohq
+    runs-on: ubuntu-24.04
     strategy:
       matrix:
         host:
-          - riscv64
+          - ubuntu@riscv64.techaro.lol
-          - ppc64le
+          - ci@ppc64le.techaro.lol
-          - aarch64-4k
-          - aarch64-16k
     steps:
       - name: Checkout code
         uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0

cmd/anubis/main.go

@@ -56,7 +56,6 @@ var (
 	forcedLanguage           = flag.String("forced-language", "", "if set, this language is being used instead of the one from the request's Accept-Language header")
 	hs512Secret              = flag.String("hs512-secret", "", "secret used to sign JWTs, uses ed25519 if not set")
 	cookieSecure             = flag.Bool("cookie-secure", true, "if true, sets the secure flag on Anubis cookies")
-	cookieSameSite           = flag.String("cookie-same-site", "None", "sets the same site option on Anubis cookies, will auto-downgrade None to Lax if cookie-secure is false. Valid values are None, Lax, Strict, and Default.")
 	ed25519PrivateKeyHex     = flag.String("ed25519-private-key-hex", "", "private key used to sign JWTs, if not set a random one will be assigned")
 	ed25519PrivateKeyHexFile = flag.String("ed25519-private-key-hex-file", "", "file name containing value for ed25519-private-key-hex")
 	metricsBind              = flag.String("metrics-bind", ":9090", "network address to bind metrics to")
@@ -144,22 +143,6 @@ func parseBindNetFromAddr(address string) (string, string) {
 	return "", address
 }
 
-func parseSameSite(s string) (http.SameSite) {
-    switch strings.ToLower(s) {
-    case "none":
-        return http.SameSiteNoneMode
-    case "lax":
-        return http.SameSiteLaxMode
-    case "strict":
-        return http.SameSiteStrictMode
-	case "default":
-		return http.SameSiteDefaultMode
-    default:
-        log.Fatalf("invalid cookie same-site mode: %s, valid values are None, Lax, Strict, and Default", s)
-    }
-	return http.SameSiteDefaultMode
-}
-
 func setupListener(network string, address string) (net.Listener, string) {
 	formattedAddress := ""
 
@@ -449,7 +432,6 @@ func main() {
 		WebmasterEmail:       *webmasterEmail,
 		OpenGraph:            policy.OpenGraph,
 		CookieSecure:         *cookieSecure,
-		CookieSameSite:       parseSameSite(*cookieSameSite),
 		PublicUrl:            *publicUrl,
 		JWTRestrictionHeader: *jwtRestrictionHeader,
 		DifficultyInJWT:      *difficultyInJWT,

docs/docs/CHANGELOG.md

@@ -13,15 +13,13 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 <!-- This changes the project to: -->
 
-- Add `COOKIE_SAME_SITE_MODE` to force anubis cookies SameSite value, and downgrade automatically from `None` to `Lax` if cookie is insecure.
+- Fix lock convoy problem in decaymap ([#1103](https://github.com/TecharoHQ/anubis/issues/1103))
-- Fix lock convoy problem in decaymap ([#1103](https://github.com/TecharoHQ/anubis/issues/1103)).
+- Document missing environment variables in installation guide: `SLOG_LEVEL`, `COOKIE_PREFIX`, `FORCED_LANGUAGE`, and `TARGET_DISABLE_KEEPALIVE` ([#1086](https://github.com/TecharoHQ/anubis/pull/1086))
-- Fix lock convoy problem in bbolt by implementing the actor pattern ([#1103](https://github.com/TecharoHQ/anubis/issues/1103)).
+- Add validation warning when persistent storage is used without setting signing keys
-- Document missing environment variables in installation guide: `SLOG_LEVEL`, `COOKIE_PREFIX`, `FORCED_LANGUAGE`, and `TARGET_DISABLE_KEEPALIVE` ([#1086](https://github.com/TecharoHQ/anubis/pull/1086)).
+- Fixed `robots2policy` to properly group consecutive user agents into `any:` instead of only processing the last one ([#925](https://github.com/TecharoHQ/anubis/pull/925))
-- Add validation warning when persistent storage is used without setting signing keys.
-- Fixed `robots2policy` to properly group consecutive user agents into `any:` instead of only processing the last one ([#925](https://github.com/TecharoHQ/anubis/pull/925)).
 - Add the [`s3api` storage backend](./admin/policies.mdx#s3api) to allow Anubis to use S3 API compatible object storage as its storage backend.
 - Make `cmd/containerbuild` support commas for separating elements of the `--docker-tags` argument as well as newlines.
-- Add the `DIFFICULTY_IN_JWT` option, which allows one to add the `difficulty` field in the JWT claims which indicates the difficulty of the token ([#1063](https://github.com/TecharoHQ/anubis/pull/1063)).
+- Add the `DIFFICULTY_IN_JWT` option, which allows one to add the `difficulty` field in the JWT claims which indicates the difficulty of the token ([#1063](https://github.com/TecharoHQ/anubis/pull/1063))
 - Ported the client-side JS to TypeScript to avoid egregious errors in the future.
 - Fixes concurrency problems with very old browsers ([#1082](https://github.com/TecharoHQ/anubis/issues/1082)).
 

docs/docs/admin/configuration/challenges/index.mdx

@@ -3,7 +3,6 @@
 Anubis supports multiple challenge methods:
 
 - [Meta Refresh](./metarefresh.mdx)
-- [Preact](./preact.mdx)
 - [Proof of Work](./proof-of-work.mdx)
 
 Read the documentation to know which method is best for you.

docs/docs/admin/installation.mdx

@@ -69,7 +69,6 @@ Anubis uses these environment variables for configuration:
 | `COOKIE_PARTITIONED`           | `false`                 | If set to `true`, enables the [partitioned (CHIPS) flag](https://developers.google.com/privacy-sandbox/cookies/chips), meaning that Anubis inside an iframe has a different set of cookies than the domain hosting the iframe.                                                                                                                                                                                                                                                                          |
 | `COOKIE_PREFIX`                | `anubis-cookie`         | The prefix used for browser cookies created by Anubis. Useful for customization or avoiding conflicts with other applications.                                                                                                                                                                                                                                                                                                                                                                          |
 | `COOKIE_SECURE`                | `true`                  | If set to `true`, enables the [Secure flag](https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/Cookies#block_access_to_your_cookies), meaning that the cookies will only be transmitted over HTTPS. If Anubis is used in an unsecure context (plain HTTP), this will be need to be set to false                                                                                                                                                                                                   |
-| `COOKIE_SAME_SITE`             | `None`                 | Controls the cookie’s [`SameSite` attribute](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie#samesitesamesite-value). Allowed: `None`, `Lax`, `Strict`, `Default`. `None` permits cross-site use but modern browsers require it to be **Secure**—so if `COOKIE_SECURE=false` or you serve over plain HTTP, use `Lax` (recommended) or `Strict` or the cookie will be rejected. `Default` uses the Go runtime’s `SameSiteDefaultMode`. `None` will be downgraded to `Lax` automatically if cookie is set NOT to be secure. |
 | `DIFFICULTY`                   | `4`                     | The difficulty of the challenge, or the number of leading zeroes that must be in successful responses.                                                                                                                                                                                                                                                                                                                                                                                                  |
 | `DIFFICULTY_IN_JWT`            | `false`                 | If set to `true`, adds the `difficulty` field into JWT claims, which indicates the difficulty the token has been generated. This may be useful for statistics and debugging.                                                                                                                                                                                                                                                                                                                            |
 | `ED25519_PRIVATE_KEY_HEX`      | unset                   | The hex-encoded ed25519 private key used to sign Anubis responses. If this is not set, Anubis will generate one for you. This should be exactly 64 characters long. **Required when using persistent storage backends** (like bbolt) to ensure challenges survive service restarts. When running multiple instances on the same base domain, the key must be the same across all instances. See below for details.                                                                                      |

internal/actorify/actorify.go

@@ -1,107 +0,0 @@
-// Package actorify lets you transform a parallel operation into a serialized
-// operation via the Actor pattern[1].
-//
-// [1]: https://en.wikipedia.org/wiki/Actor_model
-package actorify
-
-import (
-	"context"
-	"errors"
-)
-
-func z[Z any]() Z {
-	var z Z
-	return z
-}
-
-var (
-	// ErrActorDied is returned when the actor inbox or reply channel was closed.
-	ErrActorDied = errors.New("actorify: the actor inbox or reply channel was closed")
-)
-
-// Handler is a function alias for the underlying logic the Actor should call.
-type Handler[Input, Output any] func(ctx context.Context, input Input) (Output, error)
-
-// Actor is a serializing wrapper that runs a function in a background goroutine.
-// Whenever the Call method is invoked, a message is sent to the actor's inbox and then
-// the callee waits for a response. Depending on how busy the actor is, this may take
-// a moment.
-type Actor[Input, Output any] struct {
-	handler Handler[Input, Output]
-	inbox   chan *message[Input, Output]
-}
-
-type message[Input, Output any] struct {
-	ctx   context.Context
-	arg   Input
-	reply chan reply[Output]
-}
-
-type reply[Output any] struct {
-	output Output
-	err    error
-}
-
-// New constructs a new Actor and starts its background thread. Cancel the context and you cancel
-// the Actor.
-func New[Input, Output any](ctx context.Context, handler Handler[Input, Output]) *Actor[Input, Output] {
-	result := &Actor[Input, Output]{
-		handler: handler,
-		inbox:   make(chan *message[Input, Output], 32),
-	}
-
-	go result.handle(ctx)
-
-	return result
-}
-
-func (a *Actor[Input, Output]) handle(ctx context.Context) {
-	for {
-		select {
-		case <-ctx.Done():
-			close(a.inbox)
-			return
-		case msg, ok := <-a.inbox:
-			if !ok {
-				if msg.reply != nil {
-					close(msg.reply)
-				}
-
-				return
-			}
-
-			result, err := a.handler(msg.ctx, msg.arg)
-
-			reply := reply[Output]{
-				output: result,
-				err:    err,
-			}
-
-			msg.reply <- reply
-		}
-	}
-}
-
-// Call calls the Actor with a given Input and returns the handler's Output.
-//
-// This only works with unary functions by design. If you need to have more inputs, define
-// a struct type to use as a container.
-func (a *Actor[Input, Output]) Call(ctx context.Context, input Input) (Output, error) {
-	replyCh := make(chan reply[Output])
-
-	a.inbox <- &message[Input, Output]{
-		arg:   input,
-		reply: replyCh,
-	}
-
-	select {
-	case reply, ok := <-replyCh:
-		if !ok {
-			return z[Output](), ErrActorDied
-		}
-
-		return reply.output, reply.err
-	case <-ctx.Done():
-		return z[Output](), context.Cause(ctx)
-	}
-}

lib/anubis_test.go

@@ -299,7 +299,6 @@ func TestCookieSettings(t *testing.T) {
 		CookieDomain:      "127.0.0.1",
 		CookiePartitioned: true,
 		CookieSecure:      true,
-		CookieSameSite:    http.SameSiteNoneMode,
 		CookieExpiration:  anubis.CookieDefaultExpirationTime,
 	})
 
@@ -340,65 +339,6 @@ func TestCookieSettings(t *testing.T) {
 	if ckie.Secure != srv.opts.CookieSecure {
 		t.Errorf("wanted secure flag %v, got: %v", srv.opts.CookieSecure, ckie.Secure)
 	}
-	if ckie.SameSite != srv.opts.CookieSameSite {
-		t.Errorf("wanted same site option %v, got: %v", srv.opts.CookieSameSite, ckie.SameSite)
-	}
-}
-
-func TestCookieSettingsSameSiteNoneModeDowngradedToLaxWhenUnsecure(t *testing.T) {
-	pol := loadPolicies(t, "testdata/zero_difficulty.yaml", 0)
-
-	srv := spawnAnubis(t, Options{
-		Next:   http.NewServeMux(),
-		Policy: pol,
-
-		CookieDomain:      "127.0.0.1",
-		CookiePartitioned: true,
-		CookieSecure:      false,
-		CookieSameSite:    http.SameSiteNoneMode,
-		CookieExpiration:  anubis.CookieDefaultExpirationTime,
-	})
-
-	ts := httptest.NewServer(internal.RemoteXRealIP(true, "tcp", srv))
-	defer ts.Close()
-
-	cli := httpClient(t)
-	chall := makeChallenge(t, ts, cli)
-
-	resp := handleChallengeZeroDifficulty(t, ts, cli, chall)
-
-	if resp.StatusCode != http.StatusFound {
-		resp.Write(os.Stderr)
-		t.Errorf("wanted %d, got: %d", http.StatusFound, resp.StatusCode)
-	}
-
-	var ckie *http.Cookie
-	for _, cookie := range resp.Cookies() {
-		t.Logf("%#v", cookie)
-		if cookie.Name == anubis.CookieName {
-			ckie = cookie
-			break
-		}
-	}
-	if ckie == nil {
-		t.Errorf("Cookie %q not found", anubis.CookieName)
-		return
-	}
-
-	if ckie.Domain != "127.0.0.1" {
-		t.Errorf("cookie domain is wrong, wanted 127.0.0.1, got: %s", ckie.Domain)
-	}
-
-	if ckie.Partitioned != srv.opts.CookiePartitioned {
-		t.Errorf("wanted partitioned flag %v, got: %v", srv.opts.CookiePartitioned, ckie.Partitioned)
-	}
-
-	if ckie.Secure != srv.opts.CookieSecure {
-		t.Errorf("wanted secure flag %v, got: %v", srv.opts.CookieSecure, ckie.Secure)
-	}
-	if ckie.SameSite != http.SameSiteLaxMode {
-		t.Errorf("wanted same site Lax option %v, got: %v", http.SameSiteLaxMode, ckie.SameSite)
-	}
 }
 
 func TestCheckDefaultDifficultyMatchesPolicy(t *testing.T) {

lib/config.go

@@ -43,7 +43,6 @@ type Options struct {
 	OpenGraph            config.OpenGraph
 	ServeRobotsTXT       bool
 	CookieSecure         bool
-	CookieSameSite       http.SameSite
 	Logger               *slog.Logger
 	PublicUrl            string
 	JWTRestrictionHeader string

lib/http.go

@@ -56,8 +56,6 @@ func (s *Server) SetCookie(w http.ResponseWriter, cookieOpts CookieOpts) {
 	var domain = s.opts.CookieDomain
 	var name = anubis.CookieName
 	var path = "/"
-	var sameSite = s.opts.CookieSameSite
-
 	if cookieOpts.Name != "" {
 		name = cookieOpts.Name
 	}
@@ -74,15 +72,11 @@ func (s *Server) SetCookie(w http.ResponseWriter, cookieOpts CookieOpts) {
 		cookieOpts.Expiry = s.opts.CookieExpiration
 	}
 
-	if s.opts.CookieSameSite == http.SameSiteNoneMode && !s.opts.CookieSecure {
-		sameSite = http.SameSiteLaxMode
-	}
-
 	http.SetCookie(w, &http.Cookie{
 		Name:        name,
 		Value:       cookieOpts.Value,
 		Expires:     time.Now().Add(cookieOpts.Expiry),
-		SameSite:    sameSite,
+		SameSite:    http.SameSiteNoneMode,
 		Domain:      domain,
 		Secure:      s.opts.CookieSecure,
 		Partitioned: s.opts.CookiePartitioned,
@@ -94,8 +88,6 @@ func (s *Server) ClearCookie(w http.ResponseWriter, cookieOpts CookieOpts) {
 	var domain = s.opts.CookieDomain
 	var name = anubis.CookieName
 	var path = "/"
-	var sameSite = s.opts.CookieSameSite
-
 	if cookieOpts.Name != "" {
 		name = cookieOpts.Name
 	}
@@ -107,16 +99,13 @@ func (s *Server) ClearCookie(w http.ResponseWriter, cookieOpts CookieOpts) {
 			domain = etld
 		}
 	}
-	if s.opts.CookieSameSite == http.SameSiteNoneMode && !s.opts.CookieSecure {
-		sameSite = http.SameSiteLaxMode
-	}
 
 	http.SetCookie(w, &http.Cookie{
 		Name:        name,
 		Value:       "",
 		MaxAge:      -1,
 		Expires:     time.Now().Add(-1 * time.Minute),
-		SameSite:    sameSite,
+		SameSite:    http.SameSiteNoneMode,
 		Partitioned: s.opts.CookiePartitioned,
 		Domain:      domain,
 		Secure:      s.opts.CookieSecure,

lib/store/actorifiedstore.go

@@ -1,82 +0,0 @@
-package store
-
-import (
-	"context"
-	"time"
-
-	"github.com/TecharoHQ/anubis/internal/actorify"
-)
-
-type unit struct{}
-
-type ActorifiedStore struct {
-	Interface
-
-	deleteActor *actorify.Actor[string, unit]
-	getActor    *actorify.Actor[string, []byte]
-	setActor    *actorify.Actor[*actorSetReq, unit]
-	cancel      context.CancelFunc
-}
-
-type actorSetReq struct {
-	key    string
-	value  []byte
-	expiry time.Duration
-}
-
-func NewActorifiedStore(backend Interface) *ActorifiedStore {
-	ctx, cancel := context.WithCancel(context.Background())
-
-	result := &ActorifiedStore{
-		Interface: backend,
-		cancel:    cancel,
-	}
-
-	result.deleteActor = actorify.New(ctx, result.actorDelete)
-	result.getActor = actorify.New(ctx, backend.Get)
-	result.setActor = actorify.New(ctx, result.actorSet)
-
-	return result
-}
-
-func (a *ActorifiedStore) Close() { a.cancel() }
-
-func (a *ActorifiedStore) Delete(ctx context.Context, key string) error {
-	if _, err := a.deleteActor.Call(ctx, key); err != nil {
-		return err
-	}
-
-	return nil
-}
-
-func (a *ActorifiedStore) Get(ctx context.Context, key string) ([]byte, error) {
-	return a.getActor.Call(ctx, key)
-}
-
-func (a *ActorifiedStore) Set(ctx context.Context, key string, value []byte, expiry time.Duration) error {
-	if _, err := a.setActor.Call(ctx, &actorSetReq{
-		key:    key,
-		value:  value,
-		expiry: expiry,
-	}); err != nil {
-		return err
-	}
-
-	return nil
-}
-
-func (a *ActorifiedStore) actorDelete(ctx context.Context, key string) (unit, error) {
-	if err := a.Interface.Delete(ctx, key); err != nil {
-		return unit{}, err
-	}
-
-	return unit{}, nil
-}
-
-func (a *ActorifiedStore) actorSet(ctx context.Context, req *actorSetReq) (unit, error) {
-	if err := a.Interface.Set(ctx, req.key, req.value, req.expiry); err != nil {
-		return unit{}, err
-	}
-
-	return unit{}, nil
-}

lib/store/bbolt/factory.go

@@ -48,7 +48,7 @@ func (Factory) Build(ctx context.Context, data json.RawMessage) (store.Interface
 
 	go result.cleanupThread(ctx)
 
-	return store.NewActorifiedStore(result), nil
+	return result, nil
 }
 
 // Valid parses and validates the bbolt store Config or returns

test/ssh-ci/rigging.sh

@@ -4,35 +4,28 @@ set -euo pipefail
 [ ! -z "${DEBUG:-}" ] && set -x
 
 if [ "$#" -ne 1 ]; then
-	echo "Usage: rigging.sh <user@host>"
+    echo "Usage: rigging.sh <user@host>"
 fi
 
-declare -A Hosts
-
-Hosts["riscv64"]="ubuntu@riscv64.techaro.lol" # GOARCH=riscv64 GOOS=linux
-Hosts["ppc64le"]="ci@ppc64le.techaro.lol"     # GOARCH=ppc64le GOOS=linux
-Hosts["aarch64-4k"]="rocky@192.168.2.52"      # GOARCH=arm64 GOOS=linux 4k page size
-Hosts["aarch64-16k"]="ci@192.168.2.28"        # GOARCH=arm64 GOOS=linux 16k page size
-
 CIRunnerImage="ghcr.io/techarohq/anubis/ci-runner:latest"
 RunID=${GITHUB_RUN_ID:-$(uuidgen)}
 RunFolder="anubis/runs/${RunID}"
-Target="${Hosts["$1"]}"
+Target="${1}"
 
 ssh "${Target}" uname -av
 ssh "${Target}" mkdir -p "${RunFolder}"
 git archive HEAD | ssh "${Target}" tar xC "${RunFolder}"
 
-ssh "${Target}" <<EOF
+ssh "${Target}" << EOF
   set -euo pipefail
   set -x
-  mkdir -p anubis/cache/{go,go-build,node}
+  mkdir -p "anubis/cache/{go,go-build,node}"
   podman pull ${CIRunnerImage}
   podman run --rm -it \
-    -v "\$HOME/${RunFolder}:/app/anubis:z" \
+    -v "\$HOME/${RunFolder}:/app/anubis" \
-    -v "\$HOME/anubis/cache/go:/root/go:z" \
+    -v "\$HOME/anubis/cache/go:/root/go" \
-    -v "\$HOME/anubis/cache/go-build:/root/.cache/go-build:z" \
+    -v "\$HOME/anubis/cache/go-build:/root/.cache/go-build" \
-    -v "\$HOME/anubis/cache/node:/root/.npm:z" \
+    -v "\$HOME/anubis/cache/node:/root/.npm" \
     -w /app/anubis \
     ${CIRunnerImage} \
     sh /app/anubis/test/ssh-ci/in-container.sh