fix pds-subscriberepos-no-auth patch

2025-12-10 13:40:27 +09:00
parent 67f6691740
commit 15ba3fa3e8
2 changed files with 168 additions and 8 deletions
--- a/install.zsh
+++ b/install.zsh
@@ -67,6 +67,7 @@ PATCH_FILES_CURL=(
 typeset -a PATCH_FILES
 PATCH_FILES=(
 	"170-pds-oauth-same-site-fix.patch"
+	"210-pds-subscriberepos-no-auth.patch"
 	"8980-social-app-disable-proxy.diff"
 	"disable-statsig-sdk.diff"
 	"140-social-app-yarn-network-timeout.patch"
@@ -411,28 +412,54 @@ function at-repos-reset-bgs-db() {
 	echo "⚙️  Updating Slurp Config..."
 	docker exec -i $dp psql -U postgres -d bgs -c "UPDATE slurp_configs SET new_subs_disabled = false, new_pds_per_day_limit = 1000 WHERE id = 1;"

-	echo "🔗 Registering Trusted Domain & Resetting Repos..."
+	echo "🔗 Registering Trusted Domain..."
 	# Retry loop for addTrustedDomain as BGS might still be warming up
 	for i in {1..5}; do
 		if curl -f -X POST "https://bgs.${host}/admin/pds/addTrustedDomain?domain=${host}" -H "Authorization: Bearer ${BGS_ADMIN_KEY}"; then
+			echo ""
 			echo "✅ Trusted domain registered"
 			break
 		fi
-		echo "Bot failed to contact BGS (attempt $i/5)... waiting 5s"
+		echo "Failed to contact BGS (attempt $i/5)... waiting 5s"
 		sleep 5
 	done

+	echo "🔗 Requesting PDS Crawl..."
+	# Request BGS to crawl the PDS - this registers the PDS and starts subscription
+	for i in {1..5}; do
+		result=$(curl -s -X POST "https://bgs.${host}/admin/pds/requestCrawl" \
+			-H "Authorization: Bearer ${BGS_ADMIN_KEY}" \
+			-H "Content-Type: application/json" \
+			-d "{\"hostname\":\"${host}\"}" \
+			-w "%{http_code}" -o /dev/null)
+		if [ "$result" = "200" ]; then
+			echo "✅ PDS crawl requested successfully"
+			break
+		fi
+		echo "Failed to request crawl (attempt $i/5, status: $result)... waiting 5s"
+		sleep 5
+	done
+
+	echo "⏳ Waiting 5s for BGS to connect to PDS..."
+	sleep 5
+
+	echo "🔄 Triggering repo sync for existing users..."
 	for ((i=1; i<=${#handles}; i++)); do
 		handle=${handles[$i]}
-		did=`curl -sL "https://${host}/xrpc/com.atproto.repo.describeRepo?repo=${handle}" |jq -r .did`
-		if [ ! -z "$did" ] && [ "$did" != "null" ]; then
-			echo "Resetting repo: $handle ($did)"
-			curl -X POST "https://bgs.${host}/admin/repo/reset?did=${did}" \
-				-H "Authorization: Bearer ${BGS_ADMIN_KEY}" 
+		did=$(curl -sL "https://${host}/xrpc/com.atproto.repo.describeRepo?repo=${handle}" | jq -r .did)
+		if [ -n "$did" ] && [ "$did" != "null" ]; then
+			echo "  Syncing repo: $handle ($did)"
+			# Use takedown=false to trigger a resync without actually taking down
+			curl -s -X POST "https://bgs.${host}/admin/repo/takedown?did=${did}&takedown=false" \
+				-H "Authorization: Bearer ${BGS_ADMIN_KEY}" || true
 		else
-			echo "Skipping reset for $handle (DID not found)"
+			echo "  Skipping $handle (DID not found)"
 		fi
 	done
+
+	echo ""
+	echo "✅ BGS reset complete!"
+	echo "   PDS should now be subscribed and syncing repos."
 }

 function at-repos-feed-generator-start-push() {
--- a/patching/210-pds-subscriberepos-no-auth.patch
+++ b/patching/210-pds-subscriberepos-no-auth.patch
@@ -0,0 +1,133 @@
+diff --git a/packages/pds/src/api/com/atproto/sync/subscribeRepos.ts b/packages/pds/src/api/com/atproto/sync/subscribeRepos.ts
+index c2418d343..f81789df0 100644
+--- a/packages/pds/src/api/com/atproto/sync/subscribeRepos.ts
+++ b/packages/pds/src/api/com/atproto/sync/subscribeRepos.ts
+@@ -5,68 +5,71 @@ import { httpLogger } from '../../../../logger'
+ import { Outbox } from '../../../../sequencer/outbox'
+ 
+ export default function (server: Server, ctx: AppContext) {
+-  server.com.atproto.sync.subscribeRepos(async function* ({ params, signal }) {
+-    const { cursor } = params
+-    const outbox = new Outbox(ctx.sequencer, {
+-      maxBufferSize: ctx.cfg.subscription.maxBuffer,
+-    })
+-    httpLogger.info({ cursor }, 'request to com.atproto.sync.subscribeRepos')
+  server.com.atproto.sync.subscribeRepos({
+    auth: undefined,
+    handler: async function* ({ params, signal }) {
+      const { cursor } = params
+      const outbox = new Outbox(ctx.sequencer, {
+        maxBufferSize: ctx.cfg.subscription.maxBuffer,
+      })
+      httpLogger.info({ cursor }, 'request to com.atproto.sync.subscribeRepos')
+ 
+-    const backfillTime = new Date(
+-      Date.now() - ctx.cfg.subscription.repoBackfillLimitMs,
+-    ).toISOString()
+-    let outboxCursor: number | undefined = undefined
+-    if (cursor !== undefined) {
+-      const [next, curr] = await Promise.all([
+-        ctx.sequencer.next(cursor),
+-        ctx.sequencer.curr(),
+-      ])
+-      if (cursor > (curr ?? 0)) {
+-        throw new InvalidRequestError('Cursor in the future.', 'FutureCursor')
+-      } else if (next && next.sequencedAt < backfillTime) {
+-        // if cursor is before backfill time, find earliest cursor from backfill window
+-        yield {
+-          $type: '#info',
+-          name: 'OutdatedCursor',
+-          message: 'Requested cursor exceeded limit. Possibly missing events',
+      const backfillTime = new Date(
+        Date.now() - ctx.cfg.subscription.repoBackfillLimitMs,
+      ).toISOString()
+      let outboxCursor: number | undefined = undefined
+      if (cursor !== undefined) {
+        const [next, curr] = await Promise.all([
+          ctx.sequencer.next(cursor),
+          ctx.sequencer.curr(),
+        ])
+        if (cursor > (curr ?? 0)) {
+          throw new InvalidRequestError('Cursor in the future.', 'FutureCursor')
+        } else if (next && next.sequencedAt < backfillTime) {
+          // if cursor is before backfill time, find earliest cursor from backfill window
+          yield {
+            $type: '#info',
+            name: 'OutdatedCursor',
+            message: 'Requested cursor exceeded limit. Possibly missing events',
+          }
+          const startEvt = await ctx.sequencer.earliestAfterTime(backfillTime)
+          outboxCursor = startEvt?.seq ? startEvt.seq - 1 : undefined
+        } else {
+          outboxCursor = cursor
+         }
+-        const startEvt = await ctx.sequencer.earliestAfterTime(backfillTime)
+-        outboxCursor = startEvt?.seq ? startEvt.seq - 1 : undefined
+-      } else {
+-        outboxCursor = cursor
+       }
+-    }
+ 
+-    for await (const evt of outbox.events(outboxCursor, signal)) {
+-      if (evt.type === 'commit') {
+-        yield {
+-          $type: '#commit',
+-          seq: evt.seq,
+-          time: evt.time,
+-          ...evt.evt,
+-        }
+-      } else if (evt.type === 'sync') {
+-        yield {
+-          $type: '#sync',
+-          seq: evt.seq,
+-          time: evt.time,
+-          ...evt.evt,
+-        }
+-      } else if (evt.type === 'identity') {
+-        yield {
+-          $type: '#identity',
+-          seq: evt.seq,
+-          time: evt.time,
+-          ...evt.evt,
+-        }
+-      } else if (evt.type === 'account') {
+-        yield {
+-          $type: '#account',
+-          seq: evt.seq,
+-          time: evt.time,
+-          ...evt.evt,
+      for await (const evt of outbox.events(outboxCursor, signal)) {
+        if (evt.type === 'commit') {
+          yield {
+            $type: '#commit',
+            seq: evt.seq,
+            time: evt.time,
+            ...evt.evt,
+          }
+        } else if (evt.type === 'sync') {
+          yield {
+            $type: '#sync',
+            seq: evt.seq,
+            time: evt.time,
+            ...evt.evt,
+          }
+        } else if (evt.type === 'identity') {
+          yield {
+            $type: '#identity',
+            seq: evt.seq,
+            time: evt.time,
+            ...evt.evt,
+          }
+        } else if (evt.type === 'account') {
+          yield {
+            $type: '#account',
+            seq: evt.seq,
+            time: evt.time,
+            ...evt.evt,
+          }
+         }
+       }
+-    }
+    },
+   })
+ }