|
1 | | -[](https://opensource.org/licenses/MPL-2.0) [](https://travis-ci.org/mozilla-services/megaphone) [](https://circleci.com/gh/mozilla-services/megaphone) |
| 1 | +[![License: MPL 2.0][mpl-svg]][mpl] [![Test Status][travis-badge]][travis] [![Build Status][circleci-badge]][circleci] |
2 | 2 |
|
3 | 3 | # Megaphone |
4 | | -**A rust based real-time update broadcast server for Firefox** |
5 | 4 |
|
6 | | -See [API doc](https://docs.google.com/document/d/1Wxqf1a4HDkKgHDIswPmhmdvk8KPoMEh2q6SPhaz4LNE) |
| 5 | +## What is it? |
7 | 6 |
|
| 7 | +Megaphone is an internal Mozilla system providing global broadcasts for Firefox. |
8 | 8 |
|
9 | | -***NOTE***: This will require: |
| 9 | +Traditionally Firefox has polled multiple services at different frequencies (e.g. every 24 hours) to check for updates. Megaphone serves as an alternative, notifying user agents of new updates in near real time (within 5 minutes) over the [WebPush WebSocket protocol]. |
10 | 10 |
|
11 | | - * rust nightly. See [rocket.rs Getting |
12 | | - Started](https://rocket.rs/guide/getting-started/) for additional steps. |
13 | | - To set nightly as the default for only megaphone, from the |
14 | | - megaphone directory run: rustup override set nightly |
15 | | - * mysql |
16 | | - * libmysqlclient installed (brew install mysql on macOS, apt-get install |
17 | | - libmysqlclient-dev on Ubuntu) |
| 11 | +This enables Firefox to: |
18 | 12 |
|
19 | | -Run: |
20 | | - * export ROCKET_DATABASE_URL=mysql://scott:tiger@mydatabase/megaphone |
21 | | - * cargo run |
| 13 | +* [Revoke HTTPS Certificates] or [malicious extensions] immediately after security incidents occur |
| 14 | +* Update quicker (Firefox itself, [tracking protection lists], or [general settings]) |
| 15 | +* Provide faster turn-around/feedback loops for studies/experiments ([Shield]) |
| 16 | + |
| 17 | +All via one unified, simpler client-side service that doesn't require polling. |
| 18 | + |
| 19 | +This repository provides a Rust based Megaphone endpoint (API). Broadcasts are sent to the Megaphone endpoint. The [autopush-rs service] polls the endpoint as the source of truth for current broadcasts, ultimately delivering them to clients. |
| 20 | + |
| 21 | +Also see the [API doc]. |
| 22 | + |
| 23 | + |
| 24 | +## Requirements |
| 25 | + |
| 26 | + * Rust nightly as specified in the `rust-toolchain` file (recognized by cargo) in the root of the project (recognized by cargo). |
| 27 | + * MySQL 5.7 (or compatible) |
| 28 | + * libmysqlclient (brew install mysql on macOS, apt-get install libmysqlclient-dev on Ubuntu) |
| 29 | + |
| 30 | + * *For running the docker image locally: docker-compose v1.21.0 or later |
| 31 | + |
| 32 | +## Setting Up |
| 33 | + |
| 34 | +1) [Install Rust] |
| 35 | + |
| 36 | +2) Create a `megaphone` user/database |
| 37 | + |
| 38 | +3) Run: |
| 39 | + |
| 40 | + $ export ROCKET_DATABASE_URL=mysql://scott:tiger@mydatabase/megaphone |
| 41 | + $ cargo run |
| 42 | + |
| 43 | +## Running the Docker Image |
| 44 | + |
| 45 | +1) [Install docker-compose] |
| 46 | + |
| 47 | +2) From a dedicated screen (or tmux window) |
| 48 | + |
| 49 | +$ `docker-compose up` |
| 50 | + |
| 51 | +This will create two intertwined docker images: |
| 52 | + |
| 53 | +***db_1*** - the database image. This image is a local test image. The database can be accessed via `mysql -umegaphone -ptest -h localhost --port 4306 megaphone`. |
| 54 | + |
| 55 | +***app_1*** - the **megaphone** application. This is accessible via port 8000. |
| 56 | + |
| 57 | + |
| 58 | +# API |
| 59 | + |
| 60 | +Megaphone is normally called via a HTTP interface using Authorized calls. Responses are generally JSON objects with appropriate HTTP status codes to indicate success/failure. |
| 61 | + |
| 62 | +## Authorization |
| 63 | + |
| 64 | +All calls to Megaphone (minus the Dockerflow Status Checks) require authorization. Authorization is specified by the `Authorization` header via Bearer tokens specified in the application's configurtion. |
| 65 | + |
| 66 | +e.g. |
| 67 | + |
| 68 | +``` |
| 69 | +export ROCKET_BROADCASTER_AUTH={test="foobar"} |
| 70 | +export ROCKET_READER_AUTH={autopush="quux"} |
| 71 | +``` |
| 72 | + |
| 73 | +The *test* broadcaster would specify: |
| 74 | + |
| 75 | +``` |
| 76 | +Authorization: Bearer foobar |
| 77 | +``` |
| 78 | + |
| 79 | +The *autopush* reader would specify: |
| 80 | + |
| 81 | +``` |
| 82 | +Authorization: Bearer quux |
| 83 | +``` |
| 84 | + |
| 85 | + |
| 86 | +## PUT /v1/broadcasts/< broadcaster_id > /< bchannel_id > |
| 87 | + |
| 88 | +Broadcast a new version. |
| 89 | + |
| 90 | +The body of the PUT request becomes the new version value. |
| 91 | + |
| 92 | +A special version value of "____NOP____" (the string "NOP" prefixed and suffixed by four underscores) signals a "No Operation" to clients: that no action should take place, effectively overwriting and cancelling any pending version update. |
| 93 | + |
| 94 | +The return value is a JSON structure including the HTTP status of the result: successful results either being a `201` code for newly created broadcasts or `200` for an update to an existing broadcast. |
| 95 | + |
| 96 | +```javascript |
| 97 | +{ |
| 98 | + "code": 200 |
| 99 | +} |
| 100 | +``` |
| 101 | + |
| 102 | + |
| 103 | +## GET /v1/broadcasts |
| 104 | + |
| 105 | +Read the current broadcasts. |
| 106 | + |
| 107 | +The return value is a JSON structure including the HTTP status of the result and a `broadcasts` object consisting of broadcastIDs and their current versions. |
| 108 | + |
| 109 | +```javascript |
| 110 | +{ |
| 111 | + "code": 200, |
| 112 | + "broadcasts": { |
| 113 | + "test/broadcast1": "v3", |
| 114 | + "test/broadcast2": "v0" |
| 115 | + } |
| 116 | +} |
| 117 | +``` |
| 118 | + |
| 119 | +## Dockerflow Status Checks: |
| 120 | + |
| 121 | +## GET /\_\_heartbeat__ |
| 122 | + |
| 123 | +Return the status of the server. |
| 124 | + |
| 125 | +This call is only used for server status checks. |
| 126 | + |
| 127 | + |
| 128 | +## GET /\_\_lbheartbeat__ |
| 129 | + |
| 130 | +Return a light weight status check (200 OK). |
| 131 | + |
| 132 | +This call is only used for the Load Balancer's check. |
| 133 | + |
| 134 | + |
| 135 | +## GET /\_\_version__ |
| 136 | + |
| 137 | +Return a JSON response of the version information of the server. |
| 138 | + |
| 139 | + |
| 140 | +[mpl-svg]: https://img.shields.io/badge/License-MPL%202.0-blue.svg |
| 141 | +[mpl]: https://opensource.org/licenses/MPL-2.0 |
| 142 | +[travis-badge]: https://travis-ci.org/mozilla-services/megaphone.svg?branch=master |
| 143 | +[travis]: https://travis-ci.org/mozilla-services/megaphone |
| 144 | +[circleci-badge]: https://circleci.com/gh/mozilla-services/megaphone.svg?style=shield&circle-token=074ae89011d1a7601378c41a4351e1e03f1e8177 |
| 145 | +[circleci]: https://circleci.com/gh/mozilla-services/megaphone |
| 146 | + |
| 147 | +[WebPush WebSocket protocol]: https://mozilla-push-service.readthedocs.io/en/latest/design/#simplepush-protocol |
| 148 | +[revoke HTTPS Certificates]: https://blog.mozilla.org/security/2015/03/03/revoking-intermediate-certificates-introducing-onecrl/ |
| 149 | +[malicious extensions]: https://wiki.mozilla.org/Blocklisting |
| 150 | +[tracking protection lists]: https://wiki.mozilla.org/Security/Safe_Browsing |
| 151 | +[general settings]: https://wiki.mozilla.org/Firefox/RemoteSettings |
| 152 | +[Shield]: https://wiki.mozilla.org/Firefox/Shield/Shield_Studies |
| 153 | +[autopush-rs service]: https://github.com/mozilla-services/autopush-rs |
| 154 | +[API doc]: https://docs.google.com/document/d/1Wxqf1a4HDkKgHDIswPmhmdvk8KPoMEh2q6SPhaz4LNE |
| 155 | + |
| 156 | +[Install Rust]: https://rustup.rs/ |
| 157 | +[Install docker-compose]: https://docs.docker.com/compose/install/ |
0 commit comments