Quad4-Software/software-station
2
0
Fork 0
Code Issues Pull Requests 5 Actions Packages Projects Releases 1 Wiki Activity
Files
5b8daa638d6cc81e3725faa637d21c1931fae650
software-station/README.md
Sudo-Ivan 5b8daa638d Update asset verification and documentation features 
- Added a flag to disable the verifier UI and logic for user preferences.
- Implemented Cache-Control headers for static assets in production.
- Updated the SoftwareCard component to include a copy hash feature and display release dates.
- Introduced a Markdown component for rendering documentation content.
- Enhanced the verification process with speed updates during asset downloads.
- Improved the user interface for verification toasts and modals.
- Updated legal documents with new versions and additional privacy features.
- Added new API documentation and routes for better user guidance.
2025-12-27 18:07:12 -06:00

3.8 KiB
Raw Blame History

Software Station

A software distribution platform for assets built and hosted on Gitea. Built with Go and Svelte 5.

Features

  • Gitea Integration: Fetches releases, assets, and metadata from Gitea repositories.
  • Download Proxy: Handles downloads with HTTP Range support for resuming and SHA256 checksum verification.
  • Client-Side Verification: Optional WASM-powered SHA256 verification directly in the browser.
  • Bot & Abuse Prevention:
    • Filters requests using User-Agent blocklists.
    • Fingerprints requests (IP, UA, TLS) to prevent rate-limit evasion.
    • Uses hashed IDs for download links.
    • SSRF protection for proxy requests.
  • Throttling: Tiered download speed limits and global API rate limiting.
  • RSS Feed: XML feed for tracking new software releases.
  • i18n: Support for English, German, Italian, and Russian.

Upcoming

  • S3, SFTP, WebDAV for software assets.
  • Gitea Packages support (containers, npm, etc.).
  • ISOs support (Linux distributions)
  • Automatic Torrent generation and seeding for software assets.
  • Software dependencies page and licenses information.
  • SBOM and SPDX viewer.
  • CDN support
  • OSV integration for vulnerability scanning.
  • Container scanning
  • Authentication for certain software/containers
  • Admin panel
  • Infisical support for secrets management.
  • Sqlite for database
  • Webhook support to force refresh of specific software/containers or add a new software/container.
  • Reticulum Network Stack support
  • GPG, SBOM client-side verification via WASM.

Getting Started

Prerequisites

  • Go 1.25+
  • Node.js & pnpm (for frontend)
  • A Gitea instance

Configuration

  1. Software List: Create a software.txt file in the root directory. Add your Gitea repositories in Owner/Repo format:

    Quad4-Software/software-station
Another-Owner/Project-B

  2. Bot Blocklist: Create a ua-blocklist.txt to add URLs of User-Agent blocklists (one per line). These will be fetched and cached automatically.

  3. Environment Variables:

    • GITEA_TOKEN: Your Gitea personal access token (optional, required for private repos).
    • NODE_ENV: Set to production for production builds.

Installation

  1. Build the Frontend:

    cd frontend
pnpm install
pnpm build
cd ..

  2. Build and Run the Backend:

    go build -o software-station .
./software-station -t YOUR_TOKEN -s https://your-gitea-instance.com -ua-blocklist ua-blocklist.txt

Docker (Recommended)

Run Software Station using Docker Compose:

# Set your Gitea token in the environment
export GITEA_TOKEN=your_token_here

# Build and start the container
docker compose up -d

Customization

Adding Locales

To add a new language:

  1. Create a JSON file in frontend/src/lib/i18n/locales/ (e.g., fr.json).
  2. Register the locale in frontend/src/lib/i18n/index.ts.

Changing Security Rules

Modify internal/security/constants.go or ua-blocklist.txt to adjust:

  • ForbiddenPatterns: Block specific URL patterns.
  • BotUserAgents: Block specific scrapers or bots (static list).
  • ua-blocklist.txt: External lists for dynamic bot blocking.
  • DefaultDownloadLimit: Adjust the global download speed limit.

UI Themes

The frontend uses Tailwind CSS. You can customize the look and feel in frontend/tailwind.config.js and frontend/src/app.css.

Development

Run the backend and frontend separately for a better development experience:

# Backend (with live reload using Air or just go run)
go run main.go

# Frontend (Vite dev server)
cd frontend
pnpm dev

Testing

We maintain a high test coverage (>60%). Run the test suite:

go test -v -coverpkg=./... ./...

License

This project is licensed under the MIT License - see the LICENSE file for details.

Copyright (c) 2025 Quad4. All rights reserved.

Reference in New Issue View Git Blame Copy Permalink