corysanin/archery
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 6 Wiki Activity

require login to view (if enabled)
All checks were successful
App Image CI / Build app image (pull_request) Successful in -1m26s
Details
NPM Audit Check / Check NPM audit (pull_request) Successful in -2m13s
Details

Browse Source
This commit is contained in:
Cory Sanin
2025-09-23 15:02:25 -05:00
parent 5e95f22245
commit 24d7b37583
8 changed files with 433 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
config/config.example.json
View File

@@ -4,6 +4,12 @@
"password": "correcthorse"
},
"web": {
"port": 8080
"port": 8080,
"oidc": {
"server": "https://gitea.artixlinux.org/",
"clientId": "fakefake-fake-fake-fake-fakefakefake",
"clientSecret": "thisisnotarealsecret",
"appBaseUrl": "http://localhost:8080"
}
}
}

219
package-lock.json generated
View File

@@ -1,18 +1,22 @@
{
"name": "archery",
"version": "0.1.8",
"version": "0.2.0",
"lockfileVersion": 3,
"requires": true,
"packages": {
"": {
"name": "archery",
"version": "0.1.8",
"version": "0.2.0",
"license": "MIT",
"dependencies": {
"body-parser": "^2.2.0",
"ejs": "3.1.10",
"express": "^5.1.0",
"express-session": "1.18.2",
"express-ws": "^5.0.2",
"ky": "1.10.0",
"passport": "0.7.0",
"passport-openidconnect": "0.1.2",
"pg": "^8.16.3",
"pg-hstore": "^2.3.4",
"sequelize": "^6.37.7",
@@ -20,8 +24,11 @@
},
"devDependencies": {
"@types/express": "^5.0.3",
"@types/express-session": "^1.18.2",
"@types/express-ws": "3.0.5",
"@types/node": "^24.5.2",
"@types/passport": "1.0.17",
"@types/passport-openidconnect": "0.1.3",
"forking-build-shit": "1.0.4"
},
"peerDependencies": {
@@ -393,6 +400,16 @@
"@types/send": "*"
}
},
"node_modules/@types/express-session": {
"version": "1.18.2",
"resolved": "https://registry.npmjs.org/@types/express-session/-/express-session-1.18.2.tgz",
"integrity": "sha512-k+I0BxwVXsnEU2hV77cCobC08kIsn4y44C3gC0b46uxZVMaXA04lSPgRLR/bSL2w0t0ShJiG8o4jPzRG/nscFg==",
"dev": true,
"license": "MIT",
"dependencies": {
"@types/express": "*"
}
},
"node_modules/@types/express-ws": {
"version": "3.0.5",
"resolved": "https://registry.npmjs.org/@types/express-ws/-/express-ws-3.0.5.tgz",
@@ -434,6 +451,50 @@
"undici-types": "~7.12.0"
}
},
"node_modules/@types/oauth": {
"version": "0.9.6",
"resolved": "https://registry.npmjs.org/@types/oauth/-/oauth-0.9.6.tgz",
"integrity": "sha512-H9TRCVKBNOhZZmyHLqFt9drPM9l+ShWiqqJijU1B8P3DX3ub84NjxDuy+Hjrz+fEca5Kwip3qPMKNyiLgNJtIA==",
"dev": true,
"license": "MIT",
"dependencies": {
"@types/node": "*"
}
},
"node_modules/@types/passport": {
"version": "1.0.17",
"resolved": "https://registry.npmjs.org/@types/passport/-/passport-1.0.17.tgz",
"integrity": "sha512-aciLyx+wDwT2t2/kJGJR2AEeBz0nJU4WuRX04Wu9Dqc5lSUtwu0WERPHYsLhF9PtseiAMPBGNUOtFjxZ56prsg==",
"dev": true,
"license": "MIT",
"dependencies": {
"@types/express": "*"
}
},
"node_modules/@types/passport-openidconnect": {
"version": "0.1.3",
"resolved": "https://registry.npmjs.org/@types/passport-openidconnect/-/passport-openidconnect-0.1.3.tgz",
"integrity": "sha512-k1Ni7bG/9OZNo2Qpjg2W6GajL+pww6ZPaNWMXfpteCX4dXf4QgaZLt2hjR5IiPrqwBT9+W8KjCTJ/uhGIoBx/g==",
"dev": true,
"license": "MIT",
"dependencies": {
"@types/express": "*",
"@types/oauth": "*",
"@types/passport": "*",
"@types/passport-strategy": "*"
}
},
"node_modules/@types/passport-strategy": {
"version": "0.2.38",
"resolved": "https://registry.npmjs.org/@types/passport-strategy/-/passport-strategy-0.2.38.tgz",
"integrity": "sha512-GC6eMqqojOooq993Tmnmp7AUTbbQSgilyvpCYQjT+H6JfG/g6RGc7nXEniZlp0zyKJ0WUdOiZWLBZft9Yug1uA==",
"dev": true,
"license": "MIT",
"dependencies": {
"@types/express": "*",
"@types/passport": "*"
}
},
"node_modules/@types/qs": {
"version": "6.9.17",
"resolved": "https://registry.npmjs.org/@types/qs/-/qs-6.9.17.tgz",
@@ -910,6 +971,55 @@
"url": "https://opencollective.com/express"
}
},
"node_modules/express-session": {
"version": "1.18.2",
"resolved": "https://registry.npmjs.org/express-session/-/express-session-1.18.2.tgz",
"integrity": "sha512-SZjssGQC7TzTs9rpPDuUrR23GNZ9+2+IkA/+IJWmvQilTr5OSliEHGF+D9scbIpdC6yGtTI0/VhaHoVes2AN/A==",
"license": "MIT",
"dependencies": {
"cookie": "0.7.2",
"cookie-signature": "1.0.7",
"debug": "2.6.9",
"depd": "~2.0.0",
"on-headers": "~1.1.0",
"parseurl": "~1.3.3",
"safe-buffer": "5.2.1",
"uid-safe": "~2.1.5"
},
"engines": {
"node": ">= 0.8.0"
}
},
"node_modules/express-session/node_modules/cookie": {
"version": "0.7.2",
"resolved": "https://registry.npmjs.org/cookie/-/cookie-0.7.2.tgz",
"integrity": "sha512-yki5XnKuf750l50uGTllt6kKILY4nQ1eNIQatoXEByZ5dWgnKqbnqmTrBE5B4N7lrMJKQ2ytWMiTO2o0v6Ew/w==",
"license": "MIT",
"engines": {
"node": ">= 0.6"
}
},
"node_modules/express-session/node_modules/cookie-signature": {
"version": "1.0.7",
"resolved": "https://registry.npmjs.org/cookie-signature/-/cookie-signature-1.0.7.tgz",
"integrity": "sha512-NXdYc3dLr47pBkpUCHtKSwIOQXLVn8dZEuywboCOJY/osA0wFSLlSawr3KN8qXJEyX66FcONTH8EIlVuK0yyFA==",
"license": "MIT"
},
"node_modules/express-session/node_modules/debug": {
"version": "2.6.9",
"resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz",
"integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==",
"license": "MIT",
"dependencies": {
"ms": "2.0.0"
}
},
"node_modules/express-session/node_modules/ms": {
"version": "2.0.0",
"resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz",
"integrity": "sha512-Tpp60P6IUJDTuOq/5Z8cdskzJujfwqfOTkrwIwj7IRISpnkJnT6SyJ4PCPnGMoFjC9ddhal5KVIYtAt97ix05A==",
"license": "MIT"
},
"node_modules/express-ws": {
"version": "5.0.2",
"resolved": "https://registry.npmjs.org/express-ws/-/express-ws-5.0.2.tgz",
@@ -1230,6 +1340,18 @@
"node": ">=10"
}
},
"node_modules/ky": {
"version": "1.10.0",
"resolved": "https://registry.npmjs.org/ky/-/ky-1.10.0.tgz",
"integrity": "sha512-YRPCzHEWZffbfvmRrfwa+5nwBHwZuYiTrfDX0wuhGBPV0pA/zCqcOq93MDssON/baIkpYbvehIX5aLpMxrRhaA==",
"license": "MIT",
"engines": {
"node": ">=18"
},
"funding": {
"url": "https://github.com/sindresorhus/ky?sponsor=1"
}
},
"node_modules/lodash": {
"version": "4.17.21",
"resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz",
@@ -1365,6 +1487,12 @@
"license": "MIT",
"optional": true
},
"node_modules/oauth": {
"version": "0.10.2",
"resolved": "https://registry.npmjs.org/oauth/-/oauth-0.10.2.tgz",
"integrity": "sha512-JtFnB+8nxDEXgNyniwz573xxbKSOu3R8D40xQKqcjwJ2CDkYqUDI53o6IuzDJBx60Z8VKCm271+t8iFjakrl8Q==",
"license": "MIT"
},
"node_modules/object-inspect": {
"version": "1.13.4",
"resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.13.4.tgz",
@@ -1389,6 +1517,15 @@
"node": ">= 0.8"
}
},
"node_modules/on-headers": {
"version": "1.1.0",
"resolved": "https://registry.npmjs.org/on-headers/-/on-headers-1.1.0.tgz",
"integrity": "sha512-737ZY3yNnXy37FHkQxPzt4UZ2UWPWiCZWLvFZ4fu5cueciegX0zGPnrlY6bwRg4FdQOe9YU8MkmJwGhoMybl8A==",
"license": "MIT",
"engines": {
"node": ">= 0.8"
}
},
"node_modules/once": {
"version": "1.4.0",
"resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz",
@@ -1407,6 +1544,49 @@
"node": ">= 0.8"
}
},
"node_modules/passport": {
"version": "0.7.0",
"resolved": "https://registry.npmjs.org/passport/-/passport-0.7.0.tgz",
"integrity": "sha512-cPLl+qZpSc+ireUvt+IzqbED1cHHkDoVYMo30jbJIdOOjQ1MQYZBPiNvmi8UM6lJuOpTPXJGZQk0DtC4y61MYQ==",
"license": "MIT",
"dependencies": {
"passport-strategy": "1.x.x",
"pause": "0.0.1",
"utils-merge": "^1.0.1"
},
"engines": {
"node": ">= 0.4.0"
},
"funding": {
"type": "github",
"url": "https://github.com/sponsors/jaredhanson"
}
},
"node_modules/passport-openidconnect": {
"version": "0.1.2",
"resolved": "https://registry.npmjs.org/passport-openidconnect/-/passport-openidconnect-0.1.2.tgz",
"integrity": "sha512-JX3rTyW+KFZ/E9OF/IpXJPbyLO9vGzcmXB5FgSP2jfL3LGKJPdV7zUE8rWeKeeI/iueQggOeFa3onrCmhxXZTg==",
"license": "MIT",
"dependencies": {
"oauth": "0.10.x",
"passport-strategy": "1.x.x"
},
"engines": {
"node": ">= 0.6.0"
},
"funding": {
"type": "github",
"url": "https://github.com/sponsors/jaredhanson"
}
},
"node_modules/passport-strategy": {
"version": "1.0.0",
"resolved": "https://registry.npmjs.org/passport-strategy/-/passport-strategy-1.0.0.tgz",
"integrity": "sha512-CB97UUvDKJde2V0KDWWB3lyf6PC3FaZP7YxZ2G8OAtn9p4HI9j9JLP9qjOGZFvyl8uwNT8qM+hGnz/n16NI7oA==",
"engines": {
"node": ">= 0.4.0"
}
},
"node_modules/path-to-regexp": {
"version": "8.3.0",
"resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-8.3.0.tgz",
@@ -1417,6 +1597,11 @@
"url": "https://opencollective.com/express"
}
},
"node_modules/pause": {
"version": "0.0.1",
"resolved": "https://registry.npmjs.org/pause/-/pause-0.0.1.tgz",
"integrity": "sha512-KG8UEiEVkR3wGEb4m5yZkVCzigAD+cVEJck2CzYZO37ZGJfctvVptVO192MwrtPhzONn6go8ylnOdMhKqi4nfg=="
},
"node_modules/pg": {
"version": "8.16.3",
"resolved": "https://registry.npmjs.org/pg/-/pg-8.16.3.tgz",
@@ -1599,6 +1784,15 @@
"url": "https://github.com/sponsors/ljharb"
}
},
"node_modules/random-bytes": {
"version": "1.0.0",
"resolved": "https://registry.npmjs.org/random-bytes/-/random-bytes-1.0.0.tgz",
"integrity": "sha512-iv7LhNVO047HzYR3InF6pUcUsPQiHTM1Qal51DcGSuZFBil1aBBWG5eHPNek7bvILMaYJ/8RU1e8w1AMdHmLQQ==",
"license": "MIT",
"engines": {
"node": ">= 0.8"
}
},
"node_modules/range-parser": {
"version": "1.2.1",
"resolved": "https://registry.npmjs.org/range-parser/-/range-parser-1.2.1.tgz",
@@ -2036,6 +2230,18 @@
"node": ">=0.8.0"
}
},
"node_modules/uid-safe": {
"version": "2.1.5",
"resolved": "https://registry.npmjs.org/uid-safe/-/uid-safe-2.1.5.tgz",
"integrity": "sha512-KPHm4VL5dDXKz01UuEd88Df+KzynaohSL9fBh096KWAxSKZQDI2uBrVqtvRM4rwrIrRRKsdLNML/lnaaVSRioA==",
"license": "MIT",
"dependencies": {
"random-bytes": "~1.0.0"
},
"engines": {
"node": ">= 0.8"
}
},
"node_modules/underscore": {
"version": "1.13.7",
"resolved": "https://registry.npmjs.org/underscore/-/underscore-1.13.7.tgz",
@@ -2057,6 +2263,15 @@
"node": ">= 0.8"
}
},
"node_modules/utils-merge": {
"version": "1.0.1",
"resolved": "https://registry.npmjs.org/utils-merge/-/utils-merge-1.0.1.tgz",
"integrity": "sha512-pMZTvIkT1d+TFGvDOqodOclx0QWkkgi6Tdoa8gC8ffGAAqz9pzPTZWAybbsHHoED/ztMtkv/VoYTYyShUn81hA==",
"license": "MIT",
"engines": {
"node": ">= 0.4.0"
}
},
"node_modules/uuid": {
"version": "8.3.2",
"resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz",

9
package.json
View File

@@ -1,6 +1,6 @@
{
"name": "archery",
"version": "0.1.8",
"version": "0.2.0",
"description": "Build Arch packages through a web interface",
"keywords": [
"docker",
@@ -23,7 +23,11 @@
"body-parser": "^2.2.0",
"ejs": "3.1.10",
"express": "^5.1.0",
"express-session": "1.18.2",
"express-ws": "^5.0.2",
"ky": "1.10.0",
"passport": "0.7.0",
"passport-openidconnect": "0.1.2",
"pg": "^8.16.3",
"pg-hstore": "^2.3.4",
"sequelize": "^6.37.7",
@@ -31,8 +35,11 @@
},
"devDependencies": {
"@types/express": "^5.0.3",
"@types/express-session": "^1.18.2",
"@types/express-ws": "3.0.5",
"@types/node": "^24.5.2",
"@types/passport": "1.0.17",
"@types/passport-openidconnect": "0.1.3",
"forking-build-shit": "1.0.4"
},
"peerDependencies": {

37
src/DB.ts
View File

@@ -27,6 +27,12 @@ interface Build {
sqid?: string;
}
interface User {
id: string;
username: string;
displayName?: string;
}
interface LogChunk {
id: number
buildId: number
@@ -46,6 +52,7 @@ const SELECT = ['id', 'repo', 'commit', 'distro', 'dependencies', 'startTime', '
class DB {
private build: ModelStatic<any>;
private logChunk: ModelStatic<any>;
private user: ModelStatic<any>;
private sequelize: Sequelize;
constructor(config: DBConfig = {}) {
@@ -128,12 +135,40 @@ class DB {
}
});
this.user = this.sequelize.define('users', {
id: {
type: DataTypes.STRING,
primaryKey: true,
},
username: {
type: DataTypes.STRING,
},
displayName: {
type: DataTypes.STRING,
allowNull: true
}
});
this.sync();
}
private async sync(): Promise<void> {
await this.build.sync();
await this.logChunk.sync();
await this.user.sync();
}
public async getUser(id: string): Promise<User> {
return await this.user.findByPk(id);
}
public async createUser(user: User): Promise<string> {
await this.user.create({
id: user.id,
username: user.username,
displayName: user.displayName || null
});
return user.id;
}
public async createBuild(repo: string, commit: string, patch: string, distro: string, dependencies: string): Promise<number> {
@@ -271,4 +306,4 @@ class DB {
export default DB;
export { DB };
export type { DBConfig, Status, Build, LogChunk };
export type { DBConfig, Status, Build, LogChunk, User };

163
src/Web.ts
View File

@@ -1,15 +1,33 @@
import * as http from "http";
import crypto from 'crypto';
import type { Express } from "express";
import type { Express } from 'express';
import express from 'express';
import expressWs from "express-ws";
import bodyParser from "body-parser";
import expressWs from 'express-ws';
import session from 'express-session';
import ky from 'ky';
import passport from 'passport';
import OpenIDConnectStrategy from 'passport-openidconnect';
import bodyParser from 'body-parser';
import Sqids from 'sqids';
import type { DB, LogChunk } from "./DB.ts";
import type { DB, LogChunk, Build, User } from "./DB.ts";
import type { BuildController, BuildEvent } from "./BuildController.ts";
interface WebConfig {
sessionSecret?: string;
port?: number;
oidc?: {
server: string;
clientId: string;
clientSecret: string;
appBaseUrl: string;
};
}
interface OpenIdConfiguration {
issuer: string;
authorization_endpoint: string;
token_endpoint: string;
userinfo_endpoint: string;
}
/**
@@ -42,12 +60,18 @@ class Web {
private port: number;
constructor(options: WebConfig = {}) {
this.initialize(options)
}
initialize = async (options: WebConfig) => {
const sessionSecret = process.env['SESSIONSECRET'] || options.sessionSecret;
const sqids = new Sqids({
minLength: 6,
alphabet: 'abcdefghijkmnprstuvwxyz'
});
const app: Express = express();
const wsApp = this.app = expressWs(app).app;
const oidc = await this.initializeOIDC(options);
this.port = notStupidParseInt(process.env.PORT) || options['port'] as number || 8080;
app.set('trust proxy', 1);
@@ -68,6 +92,87 @@ class Web {
});
});
const showBuild = async (req: express.Request, res: express.Response, build: Build) => {
if (!build) {
res.sendStatus(404);
return;
}
build.sqid = sqids.encode([build.id]);
const log = splitLines(await this.db.getLog(build.id));
res.render('build', {
page: {
title: 'Archery',
titlesuffix: `Build #${build.id}`,
description: `Building ${build.repo} on ${build.distro}`,
},
user: req?.user,
build,
log,
ended: build.status !== 'queued' && build.status !== 'running'
});
}
if (oidc) {
if (!sessionSecret) {
throw new Error('sessionSecret must be set.');
}
app.use(session({
secret: sessionSecret,
resave: false,
saveUninitialized: false
}));
passport.serializeUser(function (user: User, done) {
done(null, user.id);
});
passport.deserializeUser(async (id: string, done) => {
const user = await this.db.getUser(id);
done(null, {
id: user.id,
username: user.username,
name: user.displayName
});
});
passport.use(oidc);
app.use(passport.initialize());
app.use(passport.session());
app.get('/login', (req, res) => {
if(req?.user) {
return res.redirect('/');
}
res.append('X-Robots-Tag', 'none');
res.render('login-required', {
page: {
title: 'Archery',
titlesuffix: 'Log In',
description: 'Authentication required',
}
});
});
app.post('/login', passport.authenticate('openidconnect'));
app.get('/cb', passport.authenticate('openidconnect', { failureRedirect: '/login', failureMessage: true }),
function (_, res) {
res.redirect('/');
}
);
app.get('/logout', (req, res) => {
req.logOut((err) => {
if (err) {
console.error(`Failed to log out user: ${err}`);
}
res.redirect('/login');
});
});
app.use((req, res, next) => {
if (!req?.user) {
res.redirect('/login');
return;
}
next();
});
}
app.get('/', async (req, res) => {
try {
const builds = 'q' in req.query ? await this.db.searchBuilds(req.query.q as string) : await this.db.getBuildsBy(req.query);
@@ -80,6 +185,7 @@ class Web {
titlesuffix: 'Dashboard',
description: 'PKGBUILD central'
},
user: req?.user,
builds,
timeElapsed
});
@@ -98,6 +204,7 @@ class Web {
titlesuffix: 'New Build',
description: 'Kick off a build',
},
user: req?.user,
query
});
});
@@ -116,23 +223,7 @@ class Web {
app.get('/build/:id{/}', async (req, res) => {
const build = await this.db.getBuild(sqids.decode(req.params.id)?.[0]);
if (!build) {
res.sendStatus(404);
return;
}
build.sqid = sqids.encode([build.id]);
const log = splitLines(await this.db.getLog(build.id));
res.render('build', {
page: {
title: 'Archery',
titlesuffix: `Build #${build.id}`,
description: `Building ${build.repo} on ${build.distro}`
},
build,
log,
ended: build.status !== 'queued' && build.status !== 'running'
});
showBuild(req, res, build);
});
app.get('/build/:id/cancel', async (req, res) => {
@@ -187,7 +278,6 @@ class Web {
this.buildController.removeListener('log', eventListener);
});
});
}
close = () => {
@@ -203,6 +293,35 @@ class Web {
}
}
initializeOIDC = async (options: WebConfig): Promise<OpenIDConnectStrategy | false> => {
if (!options.oidc || !options.oidc.server || !options.oidc.clientId || !options.oidc.clientSecret) {
return false;
}
const server = options.oidc.server.endsWith('/') ? options.oidc.server : `${options.oidc.server}/`;
const baseUrl = options.oidc.appBaseUrl.endsWith('/') ? options.oidc.appBaseUrl : `${options.oidc.appBaseUrl}/`;
const openidconf = await ky.get(`${server}.well-known/openid-configuration`).json<OpenIdConfiguration>();
return new OpenIDConnectStrategy({
issuer: openidconf.issuer,
authorizationURL: openidconf.authorization_endpoint,
tokenURL: openidconf.token_endpoint,
userInfoURL: openidconf.userinfo_endpoint,
clientID: options.oidc.clientId,
clientSecret: options.oidc.clientSecret,
callbackURL: `${baseUrl}cb`
}, async (_: string, profile: passport.Profile, cb: OpenIDConnectStrategy.VerifyCallback) => {
const userObj: User = {
id: profile.id,
username: profile.username,
displayName: profile.displayName
};
const user = await this.db.getUser(profile.id);
if (!user) {
await this.db.createUser(userObj);
}
return cb(null, userObj);
});
}
setBuildController = (buildController: BuildController) => {
this.buildController = buildController;
}

2
src/index.ts
View File

@@ -11,7 +11,7 @@ interface compositeConfig {
db?: DBConfig
}
const config: compositeConfig = JSON.parse(await fs.promises.readFile(process.env.config || process.env.CONFIG || path.join('config', 'config.json'), 'utf-8'));
const config: compositeConfig = JSON.parse(await fs.promises.readFile(process.env.config || process.env.CONFIG || path.join(process.cwd(), 'config', 'config.json'), 'utf-8'));
const web = new Web(config.web);
const buildController = new BuildController();

19
views/login-required.ejs Normal file
View File

@@ -0,0 +1,19 @@
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" lang="en">
<head>
<%- include("head", locals) %>
</head>
<body class="preload">
<%- include("navigation", locals) %>
<div class="content">
<h1>Authentication Required</h1>
You must log in to access that page.
<form action="/login" method="post">
<button type="submit">Log In</button>
</form>
</div>
<%- include("footer", locals) %>
</body>
</html>

3
views/navigation.ejs
View File

@@ -14,6 +14,9 @@
<li><a href="/?distro=arch">Arch Builds</a></li>
<li><a href="/?distro=artix">Artix Builds</a></li>
<li><a href="/build">New Build</a></li>
<% if (locals.user) { %>
<li><a href="/logout">Log Out</a></li>
<% } %>
</ul>
</nav>
</div>