- Added a new entry point in JavaScript to handle zero-copy streaming uploads to R2. - Updated the Rust backend to support the new upload route with JWT validation. - Enhanced the API to generate full URLs for the new azure-upload endpoint. - Introduced new dependencies: `futures-util` and `wasm-streams` for improved async handling.
101 lines
No EOL
3 KiB
TOML
101 lines
No EOL
3 KiB
TOML
name = "warden-worker"
|
|
main = "src/entry.js"
|
|
compatibility_date = "2025-09-19"
|
|
keep_vars = true
|
|
|
|
[build]
|
|
command = "cargo install -q worker-build && worker-build --release"
|
|
|
|
# Rate limiting configuration for protecting sensitive endpoints
|
|
# See: https://developers.cloudflare.com/workers/runtime-apis/bindings/rate-limit/
|
|
[[ratelimits]]
|
|
name = "LOGIN_RATE_LIMITER"
|
|
# A unique identifier for this rate limiter within your Cloudflare account
|
|
# You can use any positive integer
|
|
namespace_id = "1001"
|
|
# Allow 5 requests per 60 seconds per key (email or IP)
|
|
# This prevents brute force attacks while allowing legitimate login attempts
|
|
simple = { limit = 5, period = 60 }
|
|
|
|
# Static assets configuration for serving frontend
|
|
# Frontend files should be placed in ./public directory before deployment
|
|
[assets]
|
|
directory = "./public"
|
|
not_found_handling = "404-page"
|
|
html_handling = "auto-trailing-slash"
|
|
# Only invoke Worker for API and Identity routes, serve static files directly for other routes
|
|
run_worker_first = ["/api/*", "/identity/*"]
|
|
|
|
[vars]
|
|
# Optional: Set the batch size for imports. Defaults to 30 if not set.
|
|
# Set to 0 means no batching (all records imported in a single batch).
|
|
# IMPORT_BATCH_SIZE = "30"
|
|
|
|
# Number of days to keep soft-deleted items before auto-purging.
|
|
# Defaults to 30 days if not set. Set to 0 to disable auto-purge.
|
|
# TRASH_AUTO_DELETE_DAYS = "30"
|
|
|
|
# Attachment configuration (optional)
|
|
# Maximum size for individual attachment files in bytes.
|
|
# Defaults to no limit if not set.
|
|
# ATTACHMENT_MAX_BYTES = "104857600" # 100MB
|
|
|
|
# Maximum total attachment storage per user in KB.
|
|
# Defaults to no limit if not set.
|
|
# ATTACHMENT_TOTAL_LIMIT_KB = "1048576" # 1GB
|
|
|
|
# Cron triggers for scheduled tasks
|
|
# Runs daily at 03:00 UTC to purge soft-deleted ciphers
|
|
[triggers]
|
|
crons = ["0 3 * * *"]
|
|
|
|
[[d1_databases]]
|
|
binding = "vault1"
|
|
database_name = "vault1"
|
|
database_id = "${D1_DATABASE_ID}"
|
|
migrations_dir = "migrations"
|
|
|
|
# R2 bucket for file attachments (optional)
|
|
# Uncomment and configure this section to enable file attachments
|
|
# [[r2_buckets]]
|
|
# binding = "ATTACHMENTS_BUCKET"
|
|
# bucket_name = "warden-attachments"
|
|
|
|
[env.dev]
|
|
name = "warden-worker-dev"
|
|
keep_vars = true
|
|
|
|
# Dev environment also needs cron triggers
|
|
[env.dev.triggers]
|
|
crons = ["0 3 * * *"]
|
|
|
|
# Rate limiting for dev environment (same settings as production)
|
|
[[env.dev.ratelimits]]
|
|
name = "LOGIN_RATE_LIMITER"
|
|
namespace_id = "1002"
|
|
simple = { limit = 5, period = 60 }
|
|
|
|
[[env.dev.d1_databases]]
|
|
binding = "vault1"
|
|
database_name = "vault1-dev"
|
|
database_id = "${D1_DATABASE_ID_DEV}"
|
|
migrations_dir = "migrations"
|
|
|
|
# R2 bucket for file attachments in dev environment (optional)
|
|
# Uncomment and configure this section to enable file attachments
|
|
# [[env.dev.r2_buckets]]
|
|
# binding = "ATTACHMENTS_BUCKET"
|
|
# bucket_name = "warden-attachments-dev"
|
|
|
|
# logs
|
|
[env.dev.observability]
|
|
[env.dev.observability.logs]
|
|
enabled = true
|
|
head_sampling_rate = 1
|
|
invocation_logs = true
|
|
persist = true
|
|
|
|
[env.dev.observability.traces]
|
|
enabled = false
|
|
persist = true
|
|
head_sampling_rate = 1 |