2023-12-16 08:05:45 +03:00
# BinHost
2024-02-01 20:54:46 +03:00
> HTTP server to easily serve (prebuilt) binaries for any (UNIX-like) platform with authenticity check
2023-12-16 08:05:45 +03:00
## Installation
```shell
cargo install --git https://github.com/ivabus/binhost
```
## Server usage
List options with `--help`
2023-12-16 10:23:47 +03:00
Make sure to use proxy with rate limiter in prod.
2023-12-16 08:05:45 +03:00
#### Directory structure
Directory, passed to `binhost` `--dir` option (defaults to `./bin` ) should look like (for `hello` binary)
Note: list of binaries will be refreshed every 5 minutes (by default, see `--refresh` option)
```tree
bin
└── hello
├── Darwin
│ ├── arm64
│ │ └── hello
│ └── x86_64
│ └── hello
└── Linux
└── aarch64
└── hello
```
2024-02-01 20:54:46 +03:00
#### Runners
2023-12-16 08:05:45 +03:00
2024-02-01 20:54:46 +03:00
Runner is a (necessary) subprogram, that checks ED25519 signature of a binary file and needs to be statically compiled for every platform, that could use binaries from `binhost` server.
2023-12-16 08:05:45 +03:00
2024-02-01 20:54:46 +03:00
Directory, passed to `binhost` `--runners-dir` option (defaults to `./runners` ) should look like (for `Linux-x86_64` , `Linux-aarch64` and `Darwin-arm64` compiled runners)
2023-12-16 08:05:45 +03:00
2024-02-01 20:54:46 +03:00
```tree
runners
├── runner-Darwin-arm64
├── runner-Linux-aarch64
└── runner-Linux-x86_64
2023-12-16 08:05:45 +03:00
```
2024-02-01 20:54:46 +03:00
## Client usage
2023-12-16 08:05:45 +03:00
2024-02-01 20:54:46 +03:00
### Execute specific binary <bin> with manifest validity check
2023-12-16 08:05:45 +03:00
2024-02-01 20:54:46 +03:00
Manifest validity check provides a fully-secured binary distribution chain.
2023-12-16 08:05:45 +03:00
2024-02-01 20:54:46 +03:00
```shell
2024-02-03 22:31:40 +03:00
curl ADDRESS:PORT/< bin > | KEY=... sh
2023-12-16 08:05:45 +03:00
```
2024-02-01 20:54:46 +03:00
`KEY` first few symbols from hex representation of SHA256 sum of manifest (printed to stdout on `binhost` startup).
2023-12-16 08:05:45 +03:00
2024-02-03 22:31:40 +03:00
Additional arguments are set with `ARGS` environment variable
2024-02-01 20:54:46 +03:00
Only this option should be considered as secure.
2023-12-16 08:05:45 +03:00
2024-02-01 20:54:46 +03:00
### Execute specific binary <bin> without validity check
2023-12-16 08:05:45 +03:00
2024-02-01 20:54:46 +03:00
```shell
2024-02-03 22:31:40 +03:00
curl ADDRESS:PORT/< bin > | sh
2024-02-01 20:54:46 +03:00
```
2023-12-16 10:11:33 +03:00
2024-02-01 20:54:46 +03:00
### Download and reuse script
2023-12-16 08:05:45 +03:00
2024-02-01 20:54:46 +03:00
```shell
curl ADDRESS:PORT/< bin > -o script.sh
./script.sh # Execute preloaded bin configuration
BIN=< newbin > ./script.sh # Execute newbin (download)
BIN=< newbin > EXTERNAL_ADDRESS=< newaddress > ./script.sh # Execute newbin from newaddress
2023-12-16 08:05:45 +03:00
```
2024-02-01 20:54:46 +03:00
### API
2023-12-16 08:05:45 +03:00
2024-02-01 20:54:46 +03:00
See full HTTP API in [API.md ](./API.md )
2023-12-16 08:05:45 +03:00
## License
This project is licensed under [MIT License ](./LICENSE )
