github-mirrors/netris-nestri
1
0
Fork 0
mirror of https://github.com/nestriness/nestri.git synced 2025-12-12 00:35:38 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix: Nuke everything

Browse Source
This commit is contained in:
Wanjohi
2025-07-16 19:55:36 +03:00
parent 41dca22d9d
commit b668bd48b9
20 changed files with 140 additions and 283 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
README.md
View File

@@ -1,6 +1,7 @@
# nestri
Opensource and selfhostable cloud gaming platform
> TIP
> TODO: Finish up on this README
<p align="center">
<a href="https://nestri.io">
<picture>
<source srcset="packages/www/public/" />
</picture>
</a>
</p>

9
apps/docs/sst-env.d.ts vendored Normal file
View File

@@ -0,0 +1,9 @@
/* This file is auto-generated by SST. Do not edit. */
/* tslint:disable */
/* eslint-disable */
/* deno-fmt-ignore-file */
/// <reference path="../../sst-env.d.ts" />
import "sst"
export {}

120
infra-old/api.ts Normal file
View File

@@ -0,0 +1,120 @@
import { bus } from "./bus";
import { vpc } from "./vpc";
import { auth } from "./auth";
import { domain } from "./dns";
import { secret } from "./secret";
import { postgres } from "./postgres";
const urls = new sst.Linkable("Urls", {
properties: {
api: `https://api.${domain}`,
auth: `https://auth.${domain}`,
site: $dev ? "http://localhost:3000" : `https://console.${domain}`,
}
})
const apiFn = new sst.aws.Function("ApiFn", {
vpc,
handler: "packages/functions/src/api/index.handler",
streaming: !$dev,
link: [
bus,
urls,
auth,
postgres,
secret.SteamApiKey,
secret.PolarSecret,
secret.PolarWebhookSecret,
secret.NestriFamilyMonthly,
secret.NestriFamilyYearly,
secret.NestriFreeMonthly,
secret.NestriProMonthly,
secret.NestriProYearly,
],
url: true,
});
const provider = new aws.Provider("UsEast1", { region: "us-east-1" });
const webAcl = new aws.wafv2.WebAcl(
"ApiWaf",
{
scope: "CLOUDFRONT",
defaultAction: {
allow: {},
},
visibilityConfig: {
cloudwatchMetricsEnabled: true,
metricName: "api-rate-limit-metric",
sampledRequestsEnabled: true,
},
rules: [
{
name: "rate-limit-rule",
priority: 1,
action: {
block: {
customResponse: {
responseCode: 429,
customResponseBodyKey: "rate-limit-response",
},
},
},
statement: {
rateBasedStatement: {
limit: 2 * 60, // 2 rps per authorization header
evaluationWindowSec: 60,
aggregateKeyType: "CUSTOM_KEYS",
customKeys: [
{
header: {
name: "Authorization",
textTransformations: [{ priority: 0, type: "NONE" }],
},
},
],
},
},
visibilityConfig: {
cloudwatchMetricsEnabled: true,
metricName: "rate-limit-rule-metric",
sampledRequestsEnabled: true,
},
},
],
customResponseBodies: [
{
key: "rate-limit-response",
content: JSON.stringify({
type: "rate_limit",
code: "too_many_requests",
message: "Rate limit exceeded. Please try again later.",
}),
contentType: "APPLICATION_JSON",
},
],
},
{ provider },
);
export const api = new sst.aws.Router("Api", {
routes: {
"/*": apiFn.url,
},
domain: {
name: "api." + domain,
dns: sst.cloudflare.dns(),
},
transform: {
cdn(args) {
if (!args.transform) {
args.transform = {
distribution: {},
};
}
args.transform!.distribution = {
webAclId: webAcl.arn,
};
},
},
});

0
infra/auth.ts → infra-old/auth.ts
View File

0
infra/bus.ts → infra-old/bus.ts
View File

0
infra/cluster.ts → infra-old/cluster.ts
View File

0
infra/dns.ts → infra-old/dns.ts
View File

0
infra/email.ts → infra-old/email.ts
View File

0
infra/postgres.ts → infra-old/postgres.ts
View File

0
infra/realtime.ts → infra-old/realtime.ts
View File

0
infra/secret.ts → infra-old/secret.ts
View File

0
infra/stage.ts → infra-old/stage.ts
View File

0
infra/storage.ts → infra-old/storage.ts
View File

0
infra/vpc.ts → infra-old/vpc.ts
View File

0
infra/www.ts → infra-old/www.ts
View File

0
infra/zero.ts → infra-old/zero.ts
View File

119
infra/api.ts
View File

@@ -1,120 +1 @@
import { bus } from "./bus";
import { vpc } from "./vpc";
import { auth } from "./auth";
import { domain } from "./dns";
import { secret } from "./secret";
import { postgres } from "./postgres";
const urls = new sst.Linkable("Urls", {
properties: {
api: `https://api.${domain}`,
auth: `https://auth.${domain}`,
site: $dev ? "http://localhost:3000" : `https://console.${domain}`,
}
})
const apiFn = new sst.aws.Function("ApiFn", {
vpc,
handler: "packages/functions/src/api/index.handler",
streaming: !$dev,
link: [
bus,
urls,
auth,
postgres,
secret.SteamApiKey,
secret.PolarSecret,
secret.PolarWebhookSecret,
secret.NestriFamilyMonthly,
secret.NestriFamilyYearly,
secret.NestriFreeMonthly,
secret.NestriProMonthly,
secret.NestriProYearly,
],
url: true,
});
const provider = new aws.Provider("UsEast1", { region: "us-east-1" });
const webAcl = new aws.wafv2.WebAcl(
"ApiWaf",
{
scope: "CLOUDFRONT",
defaultAction: {
allow: {},
},
visibilityConfig: {
cloudwatchMetricsEnabled: true,
metricName: "api-rate-limit-metric",
sampledRequestsEnabled: true,
},
rules: [
{
name: "rate-limit-rule",
priority: 1,
action: {
block: {
customResponse: {
responseCode: 429,
customResponseBodyKey: "rate-limit-response",
},
},
},
statement: {
rateBasedStatement: {
limit: 2 * 60, // 2 rps per authorization header
evaluationWindowSec: 60,
aggregateKeyType: "CUSTOM_KEYS",
customKeys: [
{
header: {
name: "Authorization",
textTransformations: [{ priority: 0, type: "NONE" }],
},
},
],
},
},
visibilityConfig: {
cloudwatchMetricsEnabled: true,
metricName: "rate-limit-rule-metric",
sampledRequestsEnabled: true,
},
},
],
customResponseBodies: [
{
key: "rate-limit-response",
content: JSON.stringify({
type: "rate_limit",
code: "too_many_requests",
message: "Rate limit exceeded. Please try again later.",
}),
contentType: "APPLICATION_JSON",
},
],
},
{ provider },
);
export const api = new sst.aws.Router("Api", {
routes: {
"/*": apiFn.url,
},
domain: {
name: "api." + domain,
dns: sst.cloudflare.dns(),
},
transform: {
cdn(args) {
if (!args.transform) {
args.transform = {
distribution: {},
};
}
args.transform!.distribution = {
webAclId: webAcl.arn,
};
},
},
});

10
package.json
View File

@@ -11,20 +11,18 @@
"engines": {
"node": ">=18"
},
"packageManager": "bun@1.2.4",
"packageManager": "bun@1.2.18",
"private": true,
"scripts": {
"format": "prettier --write \"**/*.{ts,tsx,md}\"",
"sso": "aws sso login --sso-session=nestri --no-browser --use-device-code"
},
"overrides": {
"@openauthjs/openauth": "0.4.3",
"steam-session": "1.9.3"
"@openauthjs/openauth": "0.4.3"
},
"patchedDependencies": {
"@macaron-css/solid@1.5.3": "patches/@macaron-css%2Fsolid@1.5.3.patch",
"drizzle-orm@0.36.1": "patches/drizzle-orm@0.36.1.patch",
"steam-session@1.9.3": "patches/steam-session@1.9.3.patch"
"drizzle-orm@0.36.1": "patches/drizzle-orm@0.36.1.patch"
},
"trustedDependencies": [
"core-js-pure",
@@ -39,4 +37,4 @@
"dependencies": {
"sst": "^3.17.8"
}
}
}

26
patches/steam-session@1.9.3.patch
View File

@@ -1,26 +0,0 @@
diff --git a/dist/AuthenticationClient.js b/dist/AuthenticationClient.js
index a7144534a4c27b25e63804aeb4ae87a1f9c7a4e0..068250690a7b6bc4c2c5270cd603f7190a925956 100644
--- a/dist/AuthenticationClient.js
+++ b/dist/AuthenticationClient.js
@@ -314,7 +314,7 @@ class AuthenticationClient extends events_1.EventEmitter {
cookie: 'mobileClient=android; mobileClientVersion=777777 3.0.0'
},
deviceDetails: {
- device_friendly_name: 'Galaxy S22',
+ device_friendly_name: 'Nestri Mobile',
platform_type: EAuthTokenPlatformType_1.default.MobileApp,
os_type: EOSType_1.default.AndroidUnknown,
gaming_device_type: 528 // dunno
diff --git a/src/AuthenticationClient.ts b/src/AuthenticationClient.ts
index 9e1c5bcf8b36d304d313c5b35795b4b543da27dd..17bce1acc689c7210060e5cea196ca63e973355b 100644
--- a/src/AuthenticationClient.ts
+++ b/src/AuthenticationClient.ts
@@ -414,7 +414,7 @@ export default class AuthenticationClient extends EventEmitter {
cookie: 'mobileClient=android; mobileClientVersion=777777 3.0.0'
},
deviceDetails: {
- device_friendly_name: 'Galaxy S22',
+ device_friendly_name: 'Nestri Mobile',
platform_type: EAuthTokenPlatformType.MobileApp,
os_type: EOSType.AndroidUnknown,
gaming_device_type: 528 // dunno

126
sst-env.d.ts vendored
View File

@@ -6,132 +6,6 @@
import "sst"
declare module "sst" {
export interface Resource {
"Api": {
"type": "sst.aws.Router"
"url": string
}
"ApiFn": {
"name": string
"type": "sst.aws.Function"
"url": string
}
"Auth": {
"type": "sst.aws.Auth"
"url": string
}
"Bus": {
"arn": string
"name": string
"type": "sst.aws.Bus"
}
"CDNRouter": {
"type": "sst.aws.Router"
"url": string
}
"Database": {
"clusterArn": string
"database": string
"host": string
"password": string
"port": number
"reader": string
"secretArn": string
"type": "sst.aws.Aurora"
"username": string
}
"DiscordClientID": {
"type": "sst.sst.Secret"
"value": string
}
"DiscordClientSecret": {
"type": "sst.sst.Secret"
"value": string
}
"Dlq": {
"type": "sst.aws.Queue"
"url": string
}
"Email": {
"configSet": string
"sender": string
"type": "sst.aws.Email"
}
"GithubClientID": {
"type": "sst.sst.Secret"
"value": string
}
"GithubClientSecret": {
"type": "sst.sst.Secret"
"value": string
}
"NestriFamilyMonthly": {
"type": "sst.sst.Secret"
"value": string
}
"NestriFamilyYearly": {
"type": "sst.sst.Secret"
"value": string
}
"NestriFreeMonthly": {
"type": "sst.sst.Secret"
"value": string
}
"NestriProMonthly": {
"type": "sst.sst.Secret"
"value": string
}
"NestriProYearly": {
"type": "sst.sst.Secret"
"value": string
}
"PolarSecret": {
"type": "sst.sst.Secret"
"value": string
}
"PolarWebhookSecret": {
"type": "sst.sst.Secret"
"value": string
}
"Realtime": {
"authorizer": string
"endpoint": string
"type": "sst.aws.Realtime"
}
"RetryQueue": {
"type": "sst.aws.Queue"
"url": string
}
"SteamApiKey": {
"type": "sst.sst.Secret"
"value": string
}
"Storage": {
"name": string
"type": "sst.aws.Bucket"
}
"Urls": {
"api": string
"auth": string
"site": string
"type": "sst.sst.Linkable"
}
"VPC": {
"bastion": string
"type": "sst.aws.Vpc"
}
"Web": {
"type": "sst.aws.StaticSite"
"url": string
}
"Zero": {
"service": string
"type": "sst.aws.Service"
"url": string
}
"ZeroStorage": {
"name": string
"type": "sst.aws.Bucket"
}
}
}