Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/ivabus/binhost

Serve binaries easily
https://github.com/ivabus/binhost

Last synced: 12 days ago
JSON representation

Serve binaries easily

Host: GitHub
URL: https://github.com/ivabus/binhost
Owner: ivabus
License: mit
Created: 2023-12-16T05:05:38.000Z (about 1 year ago)
Default Branch: master
Last Pushed: 2024-04-12T17:29:06.000Z (10 months ago)
Last Synced: 2025-01-01T20:09:57.605Z (about 1 month ago)
Language: Rust
Size: 34.2 KB
Stars: 0
Watchers: 2
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# BinHost

> HTTP server to easily serve (prebuilt) binaries for any (UNIX-like) platform with authenticity check

## Installation

```shell
cargo install --git https://github.com/ivabus/binhost
```

## Server usage

List options with `--help`

Make sure to use proxy with rate limiter in prod.

#### Directory structure

Directory, passed to `binhost` `--dir` option (defaults to `./bin`) should look like (for `hello` binary)

Note: list of binaries will be refreshed every 5 minutes (by default, see `--refresh` option)

```tree
bin
└── hello
├── Darwin
│ ├── arm64
│ │ └── hello
│ └── x86_64
│ └── hello
└── Linux
└── aarch64
└── hello
```

#### Runners

Runner is a (necessary) subprogram, that checks ED25519 signature of a binary file and needs to be statically compiled for every platform, that could use binaries from `binhost` server.

Directory, passed to `binhost` `--runners-dir` option (defaults to `./runners`) should look like (for `Linux-x86_64`, `Linux-aarch64` and `Darwin-arm64` compiled runners)

```tree
runners
├── runner-Darwin-arm64
├── runner-Linux-aarch64
└── runner-Linux-x86_64
```

## Client usage

### Execute specific binary with manifest validity check

Manifest validity check provides a fully-secured binary distribution chain.

```shell
curl ADDRESS:PORT/ | KEY=... sh
```

`KEY` first few symbols from hex representation of SHA256 sum of manifest (printed to stdout on `binhost` startup).

Additional arguments are set with `ARGS` environment variable

Only this option should be considered as secure.

### Execute specific binary without validity check

```shell
curl ADDRESS:PORT/ | sh
```

### Download and reuse script

```shell
curl ADDRESS:PORT/ -o script.sh
./script.sh # Execute preloaded bin configuration
BIN= ./script.sh # Execute newbin (download)
BIN= EXTERNAL_ADDRESS= ./script.sh # Execute newbin from newaddress
```

### API

See full HTTP API in [API.md](./API.md)

## License

This project is licensed under [MIT License](./LICENSE)