Beispiel #1
0
// Creates out basicAuth Filter
// The first params specifies the used htpasswd file
// The second is optional and defines the realm name
func (spec *basicSpec) CreateFilter(config []interface{}) (filters.Filter, error) {
	if len(config) == 0 {
		return nil, filters.ErrInvalidFilterParameters
	}

	configFile, ok := config[0].(string)
	if !ok {
		return nil, filters.ErrInvalidFilterParameters
	}

	realmName := DefaultRealmName

	if len(config) == 2 {
		if definedName, ok := config[1].(string); ok {
			realmName = definedName
		}
	}

	htpasswd := auth.HtpasswdFileProvider(configFile)
	authenticator := auth.NewBasicAuthenticator(realmName, htpasswd)

	return &basic{
		authenticator:   authenticator,
		realmDefinition: ForceBasicAuthHeaderValue + `"` + realmName + `"`,
	}, nil
}
Beispiel #2
0
// main sets up the routes (thanks Gorilla!).
func main() {
	r := mux.NewRouter()
	r.HandleFunc("/", showIndex)
	r.HandleFunc("/about", showAbout)
	r.HandleFunc("/archives", showArchives)
	r.PathPrefix("/static").
		Handler(http.StripPrefix("/static",
			http.FileServer(http.Dir(staticPath))))

	// Password protect data refreshing
	authenticator := auth.NewBasicAuthenticator(
		"Refresh data", auth.HtpasswdFileProvider(*htpasswd))
	r.HandleFunc("/refresh", auth.JustCheck(authenticator, showRefresh))

	// These must be last. The first shows blog posts, the second adds comments.
	r.HandleFunc("/{postname}", showPost).Methods("GET")
	r.HandleFunc("/{postname}", addComment).Methods("POST")

	// Captcha!
	http.Handle("/captcha/",
		captcha.Server(captcha.StdWidth, captcha.StdHeight))

	// Okay, let Gorilla do its work.
	http.Handle("/", r)
	http.ListenAndServe(":8082", nil)
}
Beispiel #3
0
func RegisterHandlers(mux httpMux.Mux, containerManager manager.Manager, httpAuthFile, httpAuthRealm, httpDigestFile, httpDigestRealm, prometheusEndpoint string) error {
	// Basic health handler.
	if err := healthz.RegisterHandler(mux); err != nil {
		return fmt.Errorf("failed to register healthz handler: %s", err)
	}

	// Validation/Debug handler.
	mux.HandleFunc(validate.ValidatePage, func(w http.ResponseWriter, r *http.Request) {
		err := validate.HandleRequest(w, containerManager)
		if err != nil {
			fmt.Fprintf(w, "%s", err)
		}
	})

	// Register API handler.
	if err := api.RegisterHandlers(mux, containerManager); err != nil {
		return fmt.Errorf("failed to register API handlers: %s", err)
	}

	// Redirect / to containers page.
	mux.Handle("/", http.RedirectHandler(pages.ContainersPage, http.StatusTemporaryRedirect))

	var authenticated bool = false

	// Setup the authenticator object
	if httpAuthFile != "" {
		glog.Infof("Using auth file %s", httpAuthFile)
		secrets := auth.HtpasswdFileProvider(httpAuthFile)
		authenticator := auth.NewBasicAuthenticator(httpAuthRealm, secrets)
		mux.HandleFunc(static.StaticResource, authenticator.Wrap(staticHandler))
		if err := pages.RegisterHandlersBasic(mux, containerManager, authenticator); err != nil {
			return fmt.Errorf("failed to register pages auth handlers: %s", err)
		}
		authenticated = true
	}
	if httpAuthFile == "" && httpDigestFile != "" {
		glog.Infof("Using digest file %s", httpDigestFile)
		secrets := auth.HtdigestFileProvider(httpDigestFile)
		authenticator := auth.NewDigestAuthenticator(httpDigestRealm, secrets)
		mux.HandleFunc(static.StaticResource, authenticator.Wrap(staticHandler))
		if err := pages.RegisterHandlersDigest(mux, containerManager, authenticator); err != nil {
			return fmt.Errorf("failed to register pages digest handlers: %s", err)
		}
		authenticated = true
	}

	// Change handler based on authenticator initalization
	if !authenticated {
		mux.HandleFunc(static.StaticResource, staticHandlerNoAuth)
		if err := pages.RegisterHandlersBasic(mux, containerManager, nil); err != nil {
			return fmt.Errorf("failed to register pages handlers: %s", err)
		}
	}

	collector := metrics.NewPrometheusCollector(containerManager)
	prometheus.MustRegister(collector)
	http.Handle(prometheusEndpoint, prometheus.Handler())

	return nil
}
Beispiel #4
0
func main() {
	flag.Parse()

	if *debugPtr == true {
		fmt.Println("Console debug output enabled.")
	}

	urlport := ":" + strconv.Itoa(*portPtr)

	authenticator := auth.NewBasicAuthenticator("sysreport", Secret)

	if *authPtr == true {
		http.HandleFunc("/", authenticator.Wrap(authRootViewHandler))
		http.HandleFunc("/packages", authenticator.Wrap(authPackagesViewHandler))
		http.HandleFunc("/facter", authenticator.Wrap(authFacterViewHandler))
		http.HandleFunc("/ohai", authenticator.Wrap(authOhaiViewHandler))
	} else {
		http.HandleFunc("/", rootViewHandler)
		http.HandleFunc("/packages", packagesViewHandler)
		http.HandleFunc("/facter", facterViewHandler)
		http.HandleFunc("/ohai", ohaiViewHandler)
	}

	if *sslPtr == true {
		http.ListenAndServeTLS(urlport, *cpemPtr, *kpemPtr, nil)
	} else {
		http.ListenAndServe(urlport, nil)
	}
}
Beispiel #5
0
func runControlServer() {
	authenticator := auth.NewBasicAuthenticator("localhost", Secret)
	http.HandleFunc("/server", authenticator.Wrap(ServerActionsHandler))
	http.HandleFunc("/server/status", authenticator.Wrap(ServerStatusHandler))
	http.Handle("/index.html", authenticator.Wrap(indexHandler))
	http.Handle("/", http.FileServer(http.Dir("."+pathSeparator+"html")))
	http.ListenAndServe(config["control-panel"]["address"]+":"+config["control-panel"]["port"], nil)
}
Beispiel #6
0
func main() {
	log.Printf("Init")
	dbinit()
	defer dbclose()
	authenticator := auth.NewBasicAuthenticator("127.0.0.1", Secret)
	http.HandleFunc("/", authenticator.Wrap(handle))
	log.Printf("Ready")
	http.ListenAndServe(":8080", nil)
}
Beispiel #7
0
func (mp *MainPage) ServeHTTP(w http.ResponseWriter, r *http.Request) {
	if mp.BasicAuth {
		staticContentHandler := &Authentication{User: mp.UserName, Password: mp.UserPassword}
		authWrapper := httpauth.NewBasicAuthenticator("Gotail", staticContentHandler.Secret)
		authWrapper.Wrap(mp.AuthTail).ServeHTTP(w, r)
	} else {
		mp.Tail(w, r)
	}
}
Beispiel #8
0
func middleware(h http.HandlerFunc, middleware ...func(http.HandlerFunc) http.HandlerFunc) http.HandlerFunc {
	for _, m := range middleware {
		h = m(h)
	}

	// TODO: Get this to only be setup once.
	authenticator := auth.NewBasicAuthenticator(
		"trajectory.com", GetSecret(getLoginConfig()))
	return auth.JustCheck(authenticator, h)
}
Beispiel #9
0
func setupWeb() {
	authenticator := auth.NewBasicAuthenticator(
		"trajectory.com", GetSecret(getLoginConfig()))
	http.HandleFunc(
		"/",
		authenticator.Wrap(func(
			res http.ResponseWriter, req *auth.AuthenticatedRequest) {
			http.FileServer(http.Dir("./web/")).ServeHTTP(res, &req.Request)
		}))
}
Beispiel #10
0
func StartHTTPServer(port string) {

	htpasswd := auth.HtpasswdFileProvider(conf.PasswdFile)
	authenticator := auth.NewBasicAuthenticator("Basic realm", htpasswd)

	http.HandleFunc(ROUTE_INSERT, authenticator.Wrap(insertHandler))
	http.HandleFunc(ROUTE_DELETE, authenticator.Wrap(deleteHandler))
	http.HandleFunc(ROUTE_STATIC, authenticator.Wrap(staticHandler))
	http.HandleFunc(ROUTE_GET, authenticator.Wrap(getHandler))
	http.HandleFunc(ROUTE_LIST, authenticator.Wrap(listHandler))
	//http.ListenAndServe(port, nil)
	http.ListenAndServeTLS(port, conf.TLSPemFile, conf.TLSKeyFile, nil)
}
func main() {

	flag.Parse()

	// seed the RNG, otherwise we would have same randomness on every startup
	// which should not, but might in worst case interfere with leftover-mails
	// from earlier starts of the binary
	rand.Seed(time.Now().Unix())

	err := parse_conf(*conf_path)

	if err != nil {
		fmt.Println(err)
		os.Exit(1)
	}

	wg := new(sync.WaitGroup)
	wg.Add(len(globalconf.Servers))

	// now fire up the monitoring jobs
	for _, c := range globalconf.Servers {
		fmt.Println("starting monitoring for config", c["Name"])
		go monitor(c, wg)

		// keep a timedelta between monitoring jobs to avoid strong interference
		time.Sleep(startupOffsetTime)
	}

	fmt.Println("starting HTTP-endpoint")
	if *useAuth {
		authenticator := auth.NewBasicAuthenticator("prometheus", Secret)
		http.HandleFunc(globalconf.Http_endpoint, auth.JustCheck(authenticator, prometheus.Handler().ServeHTTP))
	} else {
		http.Handle(globalconf.Http_endpoint, prometheus.Handler())
	}

	if *useTLS {
		err = http.ListenAndServeTLS(":"+globalconf.Http_port, globalconf.Crt_path, globalconf.Key_path, nil)
	} else {
		err = http.ListenAndServe(":"+globalconf.Http_port, nil)
	}

	if err != nil {
		fmt.Println(err)
	}

	// wait for goroutines to exit
	// otherwise main would terminate and the goroutines monitoring would be killed
	wg.Wait()

}
Beispiel #12
0
func main() {
	flag.Parse()

	PersistenceObj = GetPersistenceLayer(*persistence)
	if PersistenceObj == nil {
		log.Err("Unable to load persistence plugin " + *persistence)
		panic("Dying")
	}
	var err error
	ConfigObj, err = PersistenceObj.GetConfig()
	if err != nil {
		log.Err("Unable to load config from persistence plugin " + *persistence)
		panic("Dying")
	}

	if ConfigObj.PidFile != *haproxyPidFile {
		ConfigObj.PidFile = *haproxyPidFile
	}

	r := mux.NewRouter()

	// Define paths
	sub := r.PathPrefix("/api").Subrouter()

	// Wire the UI (outside of muxer)
	http.Handle("/ui/", http.StripPrefix("/ui/", http.FileServer(http.Dir(*uiLocation))))

	// Display handlers
	sub.HandleFunc("/config", configHandler).Methods("GET")
	sub.HandleFunc("/reload", configReloadHandler).Methods("GET")
	sub.HandleFunc("/backend/{backend}", backendHandler).Methods("GET")
	sub.HandleFunc("/backend/{backend}", backendAddHandler).Methods("POST")
	sub.HandleFunc("/backend/{backend}", backendDeleteHandler).Methods("DELETE")
	sub.HandleFunc("/backend/{backend}/server/{server}", backendServerHandler).Methods("GET")
	sub.HandleFunc("/backend/{backend}/server/{server}", backendServerAddHandler).Methods("POST")
	sub.HandleFunc("/backend/{backend}/server/{server}", backendServerDeleteHandler).Methods("DELETE")

	s := &http.Server{
		Addr:           *bind,
		ReadTimeout:    10 * time.Second,
		WriteTimeout:   10 * time.Second,
		MaxHeaderBytes: 1 << 20,
	}
	h := auth.HtpasswdFileProvider(*htpasswd)
	a := auth.NewBasicAuthenticator("haproxy config", h)
	http.Handle("/", a.Wrap(func(w http.ResponseWriter, ar *auth.AuthenticatedRequest) {
		r.ServeHTTP(w, &ar.Request)
	}))
	log.Err(s.ListenAndServe().Error())
}
func main() {
	setLogging()
	config = readConfig(getPath("conf"))

	authenticator := auth.NewBasicAuthenticator(
		"example.com",
		func(user, realm string) string {
			return Secret(config, user, realm)
		})

	http.HandleFunc("/", authenticator.Wrap(handle))
	http.HandleFunc("/last-seen-employees", authenticator.Wrap(showLastSeenEmployees))
	http.ListenAndServe(":8080", nil)

}
Beispiel #14
0
func (h *httpServer) Listen(address string) error {

	fs := http.FileServer(http.Dir("web/assets"))

	secrets := auth.HtpasswdFileProvider(h.secrets)
	authenticator := auth.NewBasicAuthenticator("Basic Realm", secrets)

	http.HandleFunc("/", h.Root)
	http.Handle("/assets/", http.StripPrefix("/assets/", fs))
	http.HandleFunc("/songs", h.Songs)
	http.HandleFunc("/song/", h.Song)
	http.HandleFunc("/ws", ws.Handle)
	http.HandleFunc("/play/", authenticator.Wrap(h.Play))

	return http.ListenAndServe(address, nil)
}
Beispiel #15
0
func main() {

	pwd, _ := os.Getwd()

	//Set config path and type
	viper.SetConfigName("config")
	viper.AddConfigPath(pwd)
	viper.AddConfigPath("/etc/ddesktop/")
	viper.SetConfigType("yaml")

	//Read config
	err := viper.ReadInConfig()
	if err != nil {
		log.Fatalln(err)
	}

	log.Println(viper.GetString("container.prefix"))

	//Cleanup existing containers
	dockerhandler.CleanUp()

	//Pull new docker image
	if viper.GetBool("container.pull") {
		dockerhandler.PullImage()
	}

	//Get authentication setting
	htpasswd := auth.HtpasswdFileProvider(viper.GetString("htpasswd.path"))
	authenticator := auth.NewBasicAuthenticator(".ddesktop", htpasswd)

	//Start server
	log.Printf("Starting server on http://0.0.0.0:" + viper.GetString("server.port.http") + " and https://0.0.0.0:" + viper.GetString("server.port.https") + "...")
	http.Handle("/websockify", auth.JustCheck(authenticator, wsproxy.WsProxy()))
	http.HandleFunc("/", auth.JustCheck(authenticator, server.Static()))

	go func() {
		if err := http.ListenAndServeTLS(":"+viper.GetString("server.port.https"), viper.GetString("ssl.cert"), viper.GetString("ssl.key"), nil); err != nil {
			log.Fatalln(err)
		}
	}()
	if err := http.ListenAndServe(":"+viper.GetString("server.port.http"), http.HandlerFunc(server.RedirectHttps)); err != nil {
		log.Fatalln(err)
	}
}
Beispiel #16
0
func main() {
	var mongoUrl = flag.String("db", "petrucho-db", "MongoDB URL")
	flag.Parse()

	ctx := context.Background()
	ctx = db.OpenMongoDB(ctx, "main", *mongoUrl)
	defer db.Close(ctx)
	kami.Context = ctx

	secret := func(email, realm string) string {
		u := User{}
		users := userStorage(ctx)
		err := users.Find(bson.M{"email": email, "confirmed": true}).One(&u)
		if err != nil {
			return ""
		}
		return u.Password
	}

	authenticator := auth.NewBasicAuthenticator("Restricted", secret)

	kami.Get("/", homeHandler)
	kami.Get("/register", registrationForm)
	kami.Post("/register", registerUser)
	kami.Get("/confirm/:token", confirmRegistration)
	kami.Get("/users", viewAllUsers)
	kami.Get("/users/:email", viewUser)
	kami.Use("/users/:email/edit", func(ctx context.Context, w http.ResponseWriter, r *http.Request) context.Context {
		var username string
		authenticator.Wrap(func(w http.ResponseWriter, r *auth.AuthenticatedRequest) {
			username = r.Username
		})(w, r)
		if len(username) == 0 {
			return nil
		}
		return context.WithValue(ctx, "auth", username)
	})
	kami.Get("/users/:email/edit", editProfileForm)
	kami.Post("/users/:email/edit", updateProfile)

	kami.Serve()
}
Beispiel #17
0
func main() {
	folderPath, errpath := osext.ExecutableFolder()

	if errpath != nil {
		fmt.Printf("Couldn't get cwd. Check permissions!\n")
		return
	}

	if _, err := os.Stat(folderPath + ".htpasswd"); os.IsNotExist(err) {
		fmt.Printf(folderPath + ".htpasswd doesn't exist in cwd!\n")
		return
	}

	secrets := auth.HtpasswdFileProvider(folderPath + ".htpasswd")
	authenticator := auth.NewBasicAuthenticator("Seyes Echelon", secrets)

	http.HandleFunc("/record_log", auth.JustCheck(authenticator, handle))

	fmt.Println("Server starting on port " + os.Args[1] + " ....\n")
	http.ListenAndServe(":"+os.Args[1], nil)
}
Beispiel #18
0
func New(runInDebugMode bool, templatesLocation string, usersPasswordFileLocation string, storageFactory model.VFStorageGroup, srvlog *logs.ServerLog) http.Handler {

	if defaultRouter != nil {
		return defaultRouter
	}

	serverlog = srvlog
	defaultUserAuthenticator = auth.NewBasicAuthenticator("myrealm", auth.HtpasswdFileProvider(usersPasswordFileLocation))
	defaultStorageFactory = storageFactory
	results.TemplatesDir = templatesLocation
	results.DebugMode = runInDebugMode

	defaultRouter = mux.NewRouter()
	adminRouter := mux.NewRouter()
	apiRouter := mux.NewRouter()

	handleVFolder(apiRouter)
	handleCtrlPanel(adminRouter)
	handlePlayground(apiRouter)

	defaultRouter.PathPrefix("/api").Handler(
		negroni.New(
			negroni.HandlerFunc(authorized),
			negroni.Wrap(apiRouter),
		),
	)

	defaultRouter.PathPrefix("/admin").Handler(
		negroni.New(
			negroni.HandlerFunc(authorized),
			negroni.HandlerFunc(adminOnly),
			negroni.Wrap(adminRouter),
		),
	)

	defaultRouter.PathPrefix("/static").Handler(http.StripPrefix("/static", http.FileServer(http.Dir("./server/static"))))

	return defaultRouter
}
Beispiel #19
0
func main() {

	programName := os.Args[0]
	absPath, _ := filepath.Abs(programName)
	haproxyConsoleRoot = path.Dir(path.Dir(absPath))

	port := flag.String("p", "9090", "port to run the web server")
	configuration := flag.String("config", "", "path to the app config file")
	toolMode := flag.Bool("t", false, "run this program as a tool to export data from database to json or from json to database")

	flag.Parse()

	configPath := *configuration

	if configPath == "" {
		defaultConfigPath := haproxyConsoleRoot + "/conf/app_conf.ini"
		fmt.Printf("You not set the configPath, so try to use the default config path: %s\n", defaultConfigPath)
		if _, e := os.Stat(defaultConfigPath); os.IsNotExist(e) {
			fmt.Println("Not Exit default config file")
			os.Exit(1)
		} else {
			configPath = defaultConfigPath
		}
	}

	var err error
	logger = getLogger()

	appConf, err = config.ParseConfig(configPath)
	if err != nil {
		fmt.Println(err)
		return
	}

	if *toolMode {
		// 数据转换存储方式
		err := tools.StorageTransform(appConf)
		tools.CheckError(err)
	} else {
		// 存储连接初始化
		db, err = applicationDB.InitStoreConnection(appConf)
		if err != nil {
			logger.Fatalln(err)
			os.Exit(1)
		}
		defer db.Close()

		// 请求路由
		http.Handle("/static/", http.StripPrefix("/static/", http.FileServer(http.Dir(haproxyConsoleRoot+"/static/"))))
		// basic auth user: admin, passwd: 1qazXSW@
		authenticator := auth.NewBasicAuthenticator("HAProxyConsole", auth.HtpasswdFileProvider(haproxyConsoleRoot+"/conf/md5passwd"))
		http.HandleFunc("/applyvport", authenticator.Wrap(applyVPort))
		http.HandleFunc("/edittask", authenticator.Wrap(editTask))
		http.HandleFunc("/listenlist", authenticator.Wrap(getListenList))
		http.HandleFunc("/dellistentask", authenticator.Wrap(delListenTask))
		http.HandleFunc("/applyconf", authenticator.Wrap(applyConf))
		http.HandleFunc("/statspage", statsPage)
		http.HandleFunc("/", authenticator.Wrap(getHomePage))

		// 启动http服务
		err = http.ListenAndServe(":"+*port, nil)
		if err != nil {
			logger.Fatalln("ListenAndServe: ", err)
		}
	}
}
Beispiel #20
0
func NewHttpBasicAuthenticator(htpasswdFile string) *HttpBasicAuthenticator {
	return &HttpBasicAuthenticator{
		//secretFunc: httpauth.HtpasswdFileProvider(htpasswdFile),
		basicAuth: httpauth.NewBasicAuthenticator("vindalu", httpauth.HtpasswdFileProvider(htpasswdFile)),
	}
}
func main() {
	parseConfig()
	bootstrap()

	if wikiConfig.version {
		fmt.Printf("Strapdown Wiki Server - v%s\n", SERVER_VERSION)
		os.Exit(0)
	}

	// try open the repo
	repo, err := git.OpenRepository(".")
	if err != nil {
		log.Printf("git repository not found at current directory. please use `-init` switch or run `git init` in this directory")
		log.Fatal(err)
		os.Exit(2)
	} else {
		repo.Free()
	}

	// load auth file
	if _, err := os.Stat(wikiConfig.auth); len(wikiConfig.auth) > 0 && (!os.IsNotExist(err)) {
		authenticator = auth.NewBasicAuthenticator("strapdown.ztx.io", auth.HtpasswdFileProvider(wikiConfig.auth)) // should we replace the url here?
		log.Printf("use authentication file: %s", wikiConfig.auth)
	} else {
		log.Printf("authentication file not exist, disable http authentication")
	}

	if _, err := os.Stat("_static"); os.IsNotExist(err) {
		// release the files
		log.Print("Seems you don't have `_static` folder, release one to hold the static file")
		files := AssetNames()

		for _, name := range files {
			if strings.HasSuffix(name, ".html") || strings.HasSuffix(name, "fav.ico") {
				continue
			}
			file, err := Asset(name)
			if err != nil {
				log.Printf("[ WARN ] fail to load: %s", name)
			}
			err = os.MkdirAll(path.Dir(name), 0700)
			if err != nil {
				log.Printf("[ WARN ] fail to create folder: %s", path.Dir(name))
			}
			err = ioutil.WriteFile(name, file, 0644)
			if err != nil {
				log.Printf("[ WARN ] cannot write file: %v", err)
			}
		}
	}

	if _, err := os.Stat(".md"); os.IsNotExist(err) {
		// release a default .md
		log.Print("Release default .md")

		file, err := Asset("_static/.md")
		if err != nil {
			log.Printf("[ WARN ] fail to load .md")
		}
		err = ioutil.WriteFile(".md", file, 0644)
		if err != nil {
			log.Printf("[ WARN ] cannot write default .md: %v", err)
		}
	}

	if _, err := os.Stat("favicon.ico"); os.IsNotExist(err) {
		// release the files
		log.Print("Release the favicon.ico")

		file, err := Asset("_static/fav.ico")
		if err != nil {
			log.Printf("[ WARN ] fail to load favicon.ico")
		}
		err = ioutil.WriteFile("favicon.ico", file, 0644)
		if err != nil {
			log.Printf("[ WARN ] cannot write default favicon.ico: %v", err)
		}
	}

	http.HandleFunc("/", handleFunc)

	// listen on the (multi) addresss
	cnt := 0
	ch := make(chan bool)
	for _, host := range strings.Split(wikiConfig.addr, ",") {
		cnt += 1
		log.Printf("[ %d ] listening on %s", cnt, host)
		go func(h string, aid int) {
			e := http.ListenAndServe(h, nil)
			if e != nil {
				log.Printf("[ %d ] failed to bind on %s: %v", aid, h, e)
				ch <- false
			} else {
				ch <- true
			}
		}(host, cnt)
	}

	for cnt > 0 {
		<-ch
		cnt -= 1
	}
}
Beispiel #22
0
func main() {
	authenticator := auth.NewBasicAuthenticator("example.com", Secret)
	http.HandleFunc("/", authenticator.Wrap(handle))
	http.ListenAndServe(":8080", nil)
}
Beispiel #23
0
func main() {
	flag.Usage = func() {
		// It is unfortunate that we need to re-implement flag.PrintDefaults(),
		// but I cannot see any other way to achieve the grouping of flags.
		fmt.Fprintf(os.Stderr, "RobustIRC server (= node)\n")
		fmt.Fprintf(os.Stderr, "\n")
		fmt.Fprintf(os.Stderr, "The following flags are REQUIRED:\n")
		printDefault(flag.Lookup("network_name"))
		printDefault(flag.Lookup("network_password"))
		printDefault(flag.Lookup("peer_addr"))
		printDefault(flag.Lookup("tls_cert_path"))
		printDefault(flag.Lookup("tls_key_path"))
		fmt.Fprintf(os.Stderr, "\n")
		fmt.Fprintf(os.Stderr, "The following flags are only relevant when bootstrapping the network (once):\n")
		printDefault(flag.Lookup("join"))
		printDefault(flag.Lookup("singlenode"))
		fmt.Fprintf(os.Stderr, "\n")
		fmt.Fprintf(os.Stderr, "The following flags are optional:\n")
		printDefault(flag.Lookup("dump_canary_state"))
		printDefault(flag.Lookup("dump_heap_profile"))
		printDefault(flag.Lookup("canary_compaction_start"))
		printDefault(flag.Lookup("listen"))
		printDefault(flag.Lookup("raftdir"))
		printDefault(flag.Lookup("tls_ca_file"))
		printDefault(flag.Lookup("version"))
		fmt.Fprintf(os.Stderr, "\n")
		fmt.Fprintf(os.Stderr, "The following flags are optional and provided by glog:\n")
		printDefault(flag.Lookup("alsologtostderr"))
		printDefault(flag.Lookup("log_backtrace_at"))
		printDefault(flag.Lookup("log_dir"))
		printDefault(flag.Lookup("log_total_bytes"))
		printDefault(flag.Lookup("logtostderr"))
		printDefault(flag.Lookup("stderrthreshold"))
		printDefault(flag.Lookup("v"))
		printDefault(flag.Lookup("vmodule"))
	}
	flag.Parse()

	// Store logs in -raftdir, unless otherwise specified.
	if flag.Lookup("log_dir").Value.String() == "" {
		flag.Set("log_dir", *raftDir)
	}

	defer glog.Flush()
	glog.MaxSize = 64 * 1024 * 1024
	glog.CopyStandardLogTo("INFO")

	log.Printf("RobustIRC %s\n", Version)
	if *version {
		return
	}

	if _, err := os.Stat(filepath.Join(*raftDir, "deletestate")); err == nil {
		if err := os.RemoveAll(*raftDir); err != nil {
			log.Fatal(err)
		}
		if err := os.Mkdir(*raftDir, 0700); err != nil {
			log.Fatal(err)
		}
		log.Printf("Deleted %q because %q existed\n", *raftDir, filepath.Join(*raftDir, "deletestate"))
	}

	if err := outputstream.DeleteOldDatabases(*raftDir); err != nil {
		log.Fatalf("Could not delete old outputstream databases: %v\n", err)
	}

	if err := deleteOldCompactionDatabases(*raftDir); err != nil {
		glog.Errorf("Could not delete old compaction databases: %v (ignoring)\n", err)
	}

	log.Printf("Initializing RobustIRC…\n")

	if *networkPassword == "" {
		*networkPassword = os.Getenv("ROBUSTIRC_NETWORK_PASSWORD")
	}
	if *networkPassword == "" {
		log.Fatalf("-network_password not set. You MUST protect your network.\n")
	}
	digest := sha1.New()
	digest.Write([]byte(*networkPassword))
	passwordHash := "{SHA}" + base64.StdEncoding.EncodeToString(digest.Sum(nil))

	if *network == "" {
		log.Fatalf("-network_name not set, but required.\n")
	}

	if *peerAddr == "" {
		log.Printf("-peer_addr not set, initializing to %q. Make sure %q is a host:port string that other raft nodes can connect to!\n", *listen, *listen)
		*peerAddr = *listen
	}

	ircServer = ircserver.NewIRCServer(*raftDir, *network, time.Now())

	transport := rafthttp.NewHTTPTransport(
		*peerAddr,
		// Not deadlined, otherwise snapshot installments fail.
		robusthttp.Client(*networkPassword, false),
		nil,
		"")

	peerStore = raft.NewJSONPeers(*raftDir, transport)

	if *join == "" && !*singleNode {
		peers, err := peerStore.Peers()
		if err != nil {
			log.Fatal(err.Error())
		}
		if len(peers) == 0 {
			if !*timesafeguard.DisableTimesafeguard {
				log.Fatalf("No peers known and -join not specified. Joining the network is not safe because timesafeguard cannot be called.\n")
			}
		} else {
			if len(peers) == 1 && peers[0] == *peerAddr {
				// To prevent crashlooping too frequently in case the init system directly restarts our process.
				time.Sleep(10 * time.Second)
				log.Fatalf("Only known peer is myself (%q), implying this node was removed from the network. Please kill the process and remove the data.\n", *peerAddr)
			}
			if err := timesafeguard.SynchronizedWithNetwork(*peerAddr, peers, *networkPassword); err != nil {
				log.Fatal(err.Error())
			}
		}
	}

	var p []string

	config := raft.DefaultConfig()
	config.Logger = log.New(glog.LogBridgeFor("INFO"), "", log.Lshortfile)
	if *singleNode {
		config.EnableSingleNode = true
	}

	// Keep 5 snapshots in *raftDir/snapshots, log to stderr.
	fss, err := raft.NewFileSnapshotStore(*raftDir, 5, nil)
	if err != nil {
		log.Fatal(err)
	}

	// How often to check whether a snapshot should be taken. The check is
	// cheap, and the default value far too high for networks with a high
	// number of messages/s.
	// At the same time, it is important that we don’t check too early,
	// otherwise recovering from the most recent snapshot doesn’t work because
	// after recovering, a new snapshot (over the 0 committed messages) will be
	// taken immediately, effectively overwriting the result of the snapshot
	// recovery.
	config.SnapshotInterval = 300 * time.Second

	// Batch as many messages as possible into a single appendEntries RPC.
	// There is no downside to setting this too high.
	config.MaxAppendEntries = 1024

	// It could be that the heartbeat goroutine is not scheduled for a while,
	// so relax the default of 500ms.
	config.LeaderLeaseTimeout = timesafeguard.ElectionTimeout
	config.HeartbeatTimeout = timesafeguard.ElectionTimeout
	config.ElectionTimeout = timesafeguard.ElectionTimeout

	// We use prometheus, so hook up the metrics package (used by raft) to
	// prometheus as well.
	sink, err := metrics_prometheus.NewPrometheusSink()
	if err != nil {
		log.Fatal(err)
	}
	metrics.NewGlobal(metrics.DefaultConfig("raftmetrics"), sink)

	bootstrapping := *singleNode || *join != ""
	logStore, err := raft_store.NewLevelDBStore(filepath.Join(*raftDir, "raftlog"), bootstrapping)
	if err != nil {
		log.Fatal(err)
	}
	ircStore, err = raft_store.NewLevelDBStore(filepath.Join(*raftDir, "irclog"), bootstrapping)
	if err != nil {
		log.Fatal(err)
	}
	fsm := &FSM{
		store:             logStore,
		ircstore:          ircStore,
		lastSnapshotState: make(map[uint64][]byte),
	}
	logcache, err := raft.NewLogCache(config.MaxAppendEntries, logStore)
	if err != nil {
		log.Fatal(err)
	}

	node, err = raft.NewRaft(config, fsm, logcache, logStore, fss, peerStore, transport)
	if err != nil {
		log.Fatal(err)
	}

	if *dumpCanaryState != "" {
		canary(fsm, *dumpCanaryState)
		if *dumpHeapProfile != "" {
			debug.FreeOSMemory()
			f, err := os.Create(*dumpHeapProfile)
			if err != nil {
				log.Fatal(err)
			}
			defer f.Close()
			pprof.WriteHeapProfile(f)
		}
		return
	}

	go func() {
		for {
			secondsInState.WithLabelValues(node.State().String()).Inc()
			time.Sleep(1 * time.Second)
		}
	}()

	privaterouter := httprouter.New()
	privaterouter.Handler("GET", "/", exitOnRecoverHandleFunc(handleStatus))
	privaterouter.Handler("GET", "/irclog", exitOnRecoverHandleFunc(handleIrclog))
	privaterouter.Handler("POST", "/raft/*rest", exitOnRecoverHandler(transport))
	privaterouter.Handler("POST", "/join", exitOnRecoverHandleFunc(handleJoin))
	privaterouter.Handler("POST", "/part", exitOnRecoverHandleFunc(handlePart))
	privaterouter.Handler("GET", "/snapshot", exitOnRecoverHandleFunc(handleSnapshot))
	privaterouter.Handler("GET", "/leader", exitOnRecoverHandleFunc(handleLeader))
	privaterouter.Handler("POST", "/quit", exitOnRecoverHandleFunc(handleQuit))
	privaterouter.Handler("GET", "/config", exitOnRecoverHandleFunc(handleGetConfig))
	privaterouter.Handler("POST", "/config", exitOnRecoverHandleFunc(handlePostConfig))
	privaterouter.Handler("GET", "/metrics", exitOnRecoverHandler(prometheus.Handler()))

	publicrouter := httprouter.New()
	publicrouter.Handle("POST", "/robustirc/v1/:sessionid", exitOnRecoverHandle(handleCreateSession))
	publicrouter.Handle("POST", "/robustirc/v1/:sessionid/message", exitOnRecoverHandle(handlePostMessage))
	publicrouter.Handle("GET", "/robustirc/v1/:sessionid/messages", exitOnRecoverHandle(handleGetMessages))
	publicrouter.Handle("DELETE", "/robustirc/v1/:sessionid", exitOnRecoverHandle(handleDeleteSession))

	a := auth.NewBasicAuthenticator("robustirc", func(user, realm string) string {
		if user == "robustirc" {
			return passwordHash
		}
		return ""
	})

	http.Handle("/robustirc/", publicrouter)

	http.Handle("/", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		if username := a.CheckAuth(r); username == "" {
			a.RequireAuth(w, r)
		} else {
			privaterouter.ServeHTTP(w, r)
		}
	}))

	srv := http.Server{Addr: *listen}
	if err := http2.ConfigureServer(&srv, nil); err != nil {
		log.Fatal(err)
	}

	// Manually create the net.TCPListener so that joinMaster() does not run
	// into connection refused errors (the master will try to contact the
	// node before acknowledging the join).
	srv.TLSConfig.Certificates = make([]tls.Certificate, 1)
	srv.TLSConfig.Certificates[0], err = tls.LoadX509KeyPair(*tlsCertPath, *tlsKeyPath)
	if err != nil {
		log.Fatal(err)
	}

	ln, err := net.Listen("tcp", *listen)
	if err != nil {
		log.Fatal(err)
	}

	tlsListener := tls.NewListener(tcpKeepAliveListener{ln.(*net.TCPListener)}, srv.TLSConfig)
	go srv.Serve(tlsListener)

	log.Printf("RobustIRC listening on %q. For status, see %s\n",
		*peerAddr,
		fmt.Sprintf("https://*****:*****@%s/", *networkPassword, *peerAddr))

	if *join != "" {
		if err := timesafeguard.SynchronizedWithMasterAndNetwork(*peerAddr, *join, *networkPassword); err != nil {
			log.Fatal(err.Error())
		}

		p = joinMaster(*join, peerStore)
		// TODO(secure): properly handle joins on the server-side where the joining node is already in the network.
	}

	if len(p) > 0 {
		node.SetPeers(p)
	}

	expireSessionsTimer := time.After(expireSessionsInterval)
	secondTicker := time.Tick(1 * time.Second)
	for {
		select {
		case <-secondTicker:
			if node.State() == raft.Shutdown {
				log.Fatal("Node removed from the network (in raft state shutdown), terminating.")
			}
		case <-expireSessionsTimer:
			expireSessionsTimer = time.After(expireSessionsInterval)

			// Race conditions (a node becoming a leader or ceasing to be the
			// leader shortly before/after this runs) are okay, since the timer
			// is triggered often enough on every node so that it will
			// eventually run on the leader.
			if node.State() != raft.Leader {
				continue
			}

			applyMu.Lock()
			for _, msg := range ircServer.ExpireSessions() {
				// Cannot fail, no user input.
				msgbytes, _ := json.Marshal(msg)
				f := node.Apply(msgbytes, 10*time.Second)
				if err := f.Error(); err != nil {
					log.Printf("Apply(): %v\n", err)
					break
				}
			}
			applyMu.Unlock()
		}
	}
}
Beispiel #24
0
func main() {
	flag.Parse()
	instances := flag.Args()

	if len(instances) < 1 {
		log.Print("No Octopress instances were specified.")
		flag.PrintDefaults()
		return
	}

	log.Print("Octopress API v" + Version + " / API v" + CurrentApiVersion)

	// Compile all instances into sites
	log.Print("Compiling instances into sites")
	for i := range instances {
		log.Print("Processing site " + instances[i])
		site, err := getSite(instances[i])
		if err != nil {
			panic(err)
		}
		log.Print("Identified site name " + site.Name)
		MySitesMap[site.Key] = site
	}

	r := mux.NewRouter()

	// Handle UI prefix
	http.Handle("/ui/", http.StripPrefix("/ui/", http.FileServer(http.Dir(*uiLocation))))

	api := r.PathPrefix("/api").Subrouter()

	// Common to all version
	api.HandleFunc("/version", versionHandler).Methods("GET")

	// API Version 1.0
	subV1_0 := api.PathPrefix("/1.0").Subrouter()
	subV1_0.HandleFunc("/version", versionHandler).Methods("GET")
	subV1_0.HandleFunc("/sites", sitesHandler).Methods("GET")
	subV1_0.HandleFunc("/site/commit/{site}", gitCommitHandler).Methods("GET")
	subV1_0.HandleFunc("/site/deploy/{site}", deployHandler).Methods("GET")
	subV1_0.HandleFunc("/post/categories/{site}", postCategoriesHandler).Methods("GET")
	subV1_0.HandleFunc("/post/list/{site}", listPostsHandler).Methods("GET")
	subV1_0.HandleFunc("/post/get/{site}/{slug}", getPostHandler).Methods("GET")
	subV1_0.HandleFunc("/post/new/{site}/{postname}", newPostHandler).Methods("GET")
	subV1_0.HandleFunc("/post/update/{site}/{slug}", updatePostHandler).Methods("POST")

	// Redirection for home
	r.HandleFunc("/", homeRedirectHandler)

	s := &http.Server{
		Addr:           *bind,
		ReadTimeout:    90 * time.Second,
		WriteTimeout:   90 * time.Second,
		MaxHeaderBytes: 1 << 20,
	}

	// Handle authentication
	a := auth.NewBasicAuthenticator("Octopress API", SimpleSecurityProvider(*username, *password))
	http.Handle("/", a.Wrap(func(w http.ResponseWriter, ar *auth.AuthenticatedRequest) {
		r.ServeHTTP(w, &ar.Request)
	}))

	// Run actual server
	log.Print("Starting server on " + *bind)
	log.Print(s.ListenAndServe().Error())
}
func main() {
	parseConfig()
	bootstrap()

	// try open the repo
	repo, err := git.OpenRepository(".")
	if err != nil {
		log.Printf("git repository not found at current directory. please use `-init` switch or run `git init` in this directory")
		log.Fatal(err)
		os.Exit(2)
	} else {
		repo.Free()
	}

	// load auth file
	if _, err := os.Stat(wikiConfig.auth); len(wikiConfig.auth) > 0 && (!os.IsNotExist(err)) {
		authenticator = auth.NewBasicAuthenticator("strapdown.ztx.io", auth.HtpasswdFileProvider(wikiConfig.auth)) // should we replace the url here?
		log.Printf("use authentication file: %s", wikiConfig.auth)
	} else {
		log.Printf("authentication file not exist, disable http authentication")
	}

	if _, err := os.Stat(".md"); os.IsNotExist(err) {
		// release a default .md
		log.Print("Release default .md")

		file, err := Asset("_static/.md")
		if err != nil {
			log.Printf("[ WARN ] fail to load .md")
		}
		err = ioutil.WriteFile(".md", file, 0644)
		if err != nil {
			log.Printf("[ WARN ] cannot write default .md: %v", err)
		}
	}

	if _, err := os.Stat("favicon.ico"); os.IsNotExist(err) {
		// release the files
		log.Print("Release the favicon.ico")

		file, err := Asset("_static/fav.ico")
		if err != nil {
			log.Printf("[ WARN ] fail to load favicon.ico")
		}
		err = ioutil.WriteFile("favicon.ico", file, 0644)
		if err != nil {
			log.Printf("[ WARN ] cannot write default favicon.ico: %v", err)
		}
	}

	http.HandleFunc("/", handleFunc)

	// listen on the (multi) addresss
	cnt := 0
	ch := make(chan bool)
	for _, host := range strings.Split(wikiConfig.addr, ",") {
		cnt += 1
		log.Printf("[ %d ] listening on %s", cnt, host)
		go func(h string, aid int) {
			e := http.ListenAndServe(h, nil)
			if e != nil {
				log.Printf("[ %d ] failed to bind on %s: %v", aid, h, e)
				ch <- false
			} else {
				ch <- true
			}
		}(host, cnt)
	}

	for cnt > 0 {
		<-ch
		cnt -= 1
	}
}
Beispiel #26
0
func main() {
	defer glog.Flush()
	flag.Parse()

	if *versionFlag {
		fmt.Printf("cAdvisor version %s\n", info.VERSION)
		os.Exit(0)
	}

	setMaxProcs()

	storageDriver, err := NewStorageDriver(*argDbDriver)
	if err != nil {
		glog.Fatalf("Failed to connect to database: %s", err)
	}

	sysFs, err := sysfs.NewRealSysFs()
	if err != nil {
		glog.Fatalf("Failed to create a system interface: %s", err)
	}

	containerManager, err := manager.New(storageDriver, sysFs)
	if err != nil {
		glog.Fatalf("Failed to create a Container Manager: %s", err)
	}

	// Register Docker.
	if err := docker.Register(containerManager); err != nil {
		glog.Errorf("Docker registration failed: %v.", err)
	}

	// Register the raw driver.
	if err := raw.Register(containerManager); err != nil {
		glog.Fatalf("Raw registration failed: %v.", err)
	}

	// Basic health handler.
	if err := healthz.RegisterHandler(); err != nil {
		glog.Fatalf("Failed to register healthz handler: %s", err)
	}

	// Validation/Debug handler.
	http.HandleFunc(validate.ValidatePage, func(w http.ResponseWriter, r *http.Request) {
		err := validate.HandleRequest(w, containerManager)
		if err != nil {
			fmt.Fprintf(w, "%s", err)
		}
	})

	// Register API handler.
	if err := api.RegisterHandlers(containerManager); err != nil {
		glog.Fatalf("Failed to register API handlers: %s", err)
	}

	// Redirect / to containers page.
	http.Handle("/", http.RedirectHandler(pages.ContainersPage, http.StatusTemporaryRedirect))

	var authenticated bool = false

	// Setup the authenticator object
	if *httpAuthFile != "" {
		glog.Infof("Using auth file %s", *httpAuthFile)
		secrets := auth.HtpasswdFileProvider(*httpAuthFile)
		authenticator := auth.NewBasicAuthenticator(*httpAuthRealm, secrets)
		http.HandleFunc(static.StaticResource, authenticator.Wrap(staticHandler))
		if err := pages.RegisterHandlersBasic(containerManager, authenticator); err != nil {
			glog.Fatalf("Failed to register pages auth handlers: %s", err)
		}
		authenticated = true
	}
	if *httpAuthFile == "" && *httpDigestFile != "" {
		glog.Infof("Using digest file %s", *httpDigestFile)
		secrets := auth.HtdigestFileProvider(*httpDigestFile)
		authenticator := auth.NewDigestAuthenticator(*httpDigestRealm, secrets)
		http.HandleFunc(static.StaticResource, authenticator.Wrap(staticHandler))
		if err := pages.RegisterHandlersDigest(containerManager, authenticator); err != nil {
			glog.Fatalf("Failed to register pages digest handlers: %s", err)
		}
		authenticated = true
	}

	// Change handler based on authenticator initalization
	if !authenticated {
		http.HandleFunc(static.StaticResource, staticHandlerNoAuth)
		if err := pages.RegisterHandlersBasic(containerManager, nil); err != nil {
			glog.Fatalf("Failed to register pages handlers: %s", err)
		}
	}

	// Start the manager.
	if err := containerManager.Start(); err != nil {
		glog.Fatalf("Failed to start container manager: %v", err)
	}

	// Install signal handler.
	installSignalHandler(containerManager)

	glog.Infof("Starting cAdvisor version: %q on port %d", info.VERSION, *argPort)

	addr := fmt.Sprintf("%s:%d", *argIp, *argPort)
	glog.Fatal(http.ListenAndServe(addr, nil))
}