// Creates out basicAuth Filter
// The first params specifies the used htpasswd file
// The second is optional and defines the realm name
func (spec *basicSpec) CreateFilter(config []interface{}) (filters.Filter, error) {
if len(config) == 0 {
return nil, filters.ErrInvalidFilterParameters
}
configFile, ok := config[0].(string)
if !ok {
return nil, filters.ErrInvalidFilterParameters
}
realmName := DefaultRealmName
if len(config) == 2 {
if definedName, ok := config[1].(string); ok {
realmName = definedName
}
}
htpasswd := auth.HtpasswdFileProvider(configFile)
authenticator := auth.NewBasicAuthenticator(realmName, htpasswd)
return &basic{
authenticator: authenticator,
realmDefinition: ForceBasicAuthHeaderValue + `"` + realmName + `"`,
}, nil
}
// main sets up the routes (thanks Gorilla!).
func main() {
r := mux.NewRouter()
r.HandleFunc("/", showIndex)
r.HandleFunc("/about", showAbout)
r.HandleFunc("/archives", showArchives)
r.PathPrefix("/static").
Handler(http.StripPrefix("/static",
http.FileServer(http.Dir(staticPath))))
// Password protect data refreshing
authenticator := auth.NewBasicAuthenticator(
"Refresh data", auth.HtpasswdFileProvider(*htpasswd))
r.HandleFunc("/refresh", auth.JustCheck(authenticator, showRefresh))
// These must be last. The first shows blog posts, the second adds comments.
r.HandleFunc("/{postname}", showPost).Methods("GET")
r.HandleFunc("/{postname}", addComment).Methods("POST")
// Captcha!
http.Handle("/captcha/",
captcha.Server(captcha.StdWidth, captcha.StdHeight))
// Okay, let Gorilla do its work.
http.Handle("/", r)
http.ListenAndServe(":8082", nil)
}
func RegisterHandlers(mux httpMux.Mux, containerManager manager.Manager, httpAuthFile, httpAuthRealm, httpDigestFile, httpDigestRealm, prometheusEndpoint string) error {
// Basic health handler.
if err := healthz.RegisterHandler(mux); err != nil {
return fmt.Errorf("failed to register healthz handler: %s", err)
}
// Validation/Debug handler.
mux.HandleFunc(validate.ValidatePage, func(w http.ResponseWriter, r *http.Request) {
err := validate.HandleRequest(w, containerManager)
if err != nil {
fmt.Fprintf(w, "%s", err)
}
})
// Register API handler.
if err := api.RegisterHandlers(mux, containerManager); err != nil {
return fmt.Errorf("failed to register API handlers: %s", err)
}
// Redirect / to containers page.
mux.Handle("/", http.RedirectHandler(pages.ContainersPage, http.StatusTemporaryRedirect))
var authenticated bool = false
// Setup the authenticator object
if httpAuthFile != "" {
glog.Infof("Using auth file %s", httpAuthFile)
secrets := auth.HtpasswdFileProvider(httpAuthFile)
authenticator := auth.NewBasicAuthenticator(httpAuthRealm, secrets)
mux.HandleFunc(static.StaticResource, authenticator.Wrap(staticHandler))
if err := pages.RegisterHandlersBasic(mux, containerManager, authenticator); err != nil {
return fmt.Errorf("failed to register pages auth handlers: %s", err)
}
authenticated = true
}
if httpAuthFile == "" && httpDigestFile != "" {
glog.Infof("Using digest file %s", httpDigestFile)
secrets := auth.HtdigestFileProvider(httpDigestFile)
authenticator := auth.NewDigestAuthenticator(httpDigestRealm, secrets)
mux.HandleFunc(static.StaticResource, authenticator.Wrap(staticHandler))
if err := pages.RegisterHandlersDigest(mux, containerManager, authenticator); err != nil {
return fmt.Errorf("failed to register pages digest handlers: %s", err)
}
authenticated = true
}
// Change handler based on authenticator initalization
if !authenticated {
mux.HandleFunc(static.StaticResource, staticHandlerNoAuth)
if err := pages.RegisterHandlersBasic(mux, containerManager, nil); err != nil {
return fmt.Errorf("failed to register pages handlers: %s", err)
}
}
collector := metrics.NewPrometheusCollector(containerManager)
prometheus.MustRegister(collector)
http.Handle(prometheusEndpoint, prometheus.Handler())
return nil
}
func main() {
flag.Parse()
if *debugPtr == true {
fmt.Println("Console debug output enabled.")
}
urlport := ":" + strconv.Itoa(*portPtr)
authenticator := auth.NewBasicAuthenticator("sysreport", Secret)
if *authPtr == true {
http.HandleFunc("/", authenticator.Wrap(authRootViewHandler))
http.HandleFunc("/packages", authenticator.Wrap(authPackagesViewHandler))
http.HandleFunc("/facter", authenticator.Wrap(authFacterViewHandler))
http.HandleFunc("/ohai", authenticator.Wrap(authOhaiViewHandler))
} else {
http.HandleFunc("/", rootViewHandler)
http.HandleFunc("/packages", packagesViewHandler)
http.HandleFunc("/facter", facterViewHandler)
http.HandleFunc("/ohai", ohaiViewHandler)
}
if *sslPtr == true {
http.ListenAndServeTLS(urlport, *cpemPtr, *kpemPtr, nil)
} else {
http.ListenAndServe(urlport, nil)
}
}
func runControlServer() {
authenticator := auth.NewBasicAuthenticator("localhost", Secret)
http.HandleFunc("/server", authenticator.Wrap(ServerActionsHandler))
http.HandleFunc("/server/status", authenticator.Wrap(ServerStatusHandler))
http.Handle("/index.html", authenticator.Wrap(indexHandler))
http.Handle("/", http.FileServer(http.Dir("."+pathSeparator+"html")))
http.ListenAndServe(config["control-panel"]["address"]+":"+config["control-panel"]["port"], nil)
}
func main() {
log.Printf("Init")
dbinit()
defer dbclose()
authenticator := auth.NewBasicAuthenticator("127.0.0.1", Secret)
http.HandleFunc("/", authenticator.Wrap(handle))
log.Printf("Ready")
http.ListenAndServe(":8080", nil)
}
func (mp *MainPage) ServeHTTP(w http.ResponseWriter, r *http.Request) {
if mp.BasicAuth {
staticContentHandler := &Authentication{User: mp.UserName, Password: mp.UserPassword}
authWrapper := httpauth.NewBasicAuthenticator("Gotail", staticContentHandler.Secret)
authWrapper.Wrap(mp.AuthTail).ServeHTTP(w, r)
} else {
mp.Tail(w, r)
}
}
func middleware(h http.HandlerFunc, middleware ...func(http.HandlerFunc) http.HandlerFunc) http.HandlerFunc {
for _, m := range middleware {
h = m(h)
}
// TODO: Get this to only be setup once.
authenticator := auth.NewBasicAuthenticator(
"trajectory.com", GetSecret(getLoginConfig()))
return auth.JustCheck(authenticator, h)
}
func setupWeb() {
authenticator := auth.NewBasicAuthenticator(
"trajectory.com", GetSecret(getLoginConfig()))
http.HandleFunc(
"/",
authenticator.Wrap(func(
res http.ResponseWriter, req *auth.AuthenticatedRequest) {
http.FileServer(http.Dir("./web/")).ServeHTTP(res, &req.Request)
}))
}
func StartHTTPServer(port string) {
htpasswd := auth.HtpasswdFileProvider(conf.PasswdFile)
authenticator := auth.NewBasicAuthenticator("Basic realm", htpasswd)
http.HandleFunc(ROUTE_INSERT, authenticator.Wrap(insertHandler))
http.HandleFunc(ROUTE_DELETE, authenticator.Wrap(deleteHandler))
http.HandleFunc(ROUTE_STATIC, authenticator.Wrap(staticHandler))
http.HandleFunc(ROUTE_GET, authenticator.Wrap(getHandler))
http.HandleFunc(ROUTE_LIST, authenticator.Wrap(listHandler))
//http.ListenAndServe(port, nil)
http.ListenAndServeTLS(port, conf.TLSPemFile, conf.TLSKeyFile, nil)
}
func main() {
flag.Parse()
// seed the RNG, otherwise we would have same randomness on every startup
// which should not, but might in worst case interfere with leftover-mails
// from earlier starts of the binary
rand.Seed(time.Now().Unix())
err := parse_conf(*conf_path)
if err != nil {
fmt.Println(err)
os.Exit(1)
}
wg := new(sync.WaitGroup)
wg.Add(len(globalconf.Servers))
// now fire up the monitoring jobs
for _, c := range globalconf.Servers {
fmt.Println("starting monitoring for config", c["Name"])
go monitor(c, wg)
// keep a timedelta between monitoring jobs to avoid strong interference
time.Sleep(startupOffsetTime)
}
fmt.Println("starting HTTP-endpoint")
if *useAuth {
authenticator := auth.NewBasicAuthenticator("prometheus", Secret)
http.HandleFunc(globalconf.Http_endpoint, auth.JustCheck(authenticator, prometheus.Handler().ServeHTTP))
} else {
http.Handle(globalconf.Http_endpoint, prometheus.Handler())
}
if *useTLS {
err = http.ListenAndServeTLS(":"+globalconf.Http_port, globalconf.Crt_path, globalconf.Key_path, nil)
} else {
err = http.ListenAndServe(":"+globalconf.Http_port, nil)
}
if err != nil {
fmt.Println(err)
}
// wait for goroutines to exit
// otherwise main would terminate and the goroutines monitoring would be killed
wg.Wait()
}
func main() {
flag.Parse()
PersistenceObj = GetPersistenceLayer(*persistence)
if PersistenceObj == nil {
log.Err("Unable to load persistence plugin " + *persistence)
panic("Dying")
}
var err error
ConfigObj, err = PersistenceObj.GetConfig()
if err != nil {
log.Err("Unable to load config from persistence plugin " + *persistence)
panic("Dying")
}
if ConfigObj.PidFile != *haproxyPidFile {
ConfigObj.PidFile = *haproxyPidFile
}
r := mux.NewRouter()
// Define paths
sub := r.PathPrefix("/api").Subrouter()
// Wire the UI (outside of muxer)
http.Handle("/ui/", http.StripPrefix("/ui/", http.FileServer(http.Dir(*uiLocation))))
// Display handlers
sub.HandleFunc("/config", configHandler).Methods("GET")
sub.HandleFunc("/reload", configReloadHandler).Methods("GET")
sub.HandleFunc("/backend/{backend}", backendHandler).Methods("GET")
sub.HandleFunc("/backend/{backend}", backendAddHandler).Methods("POST")
sub.HandleFunc("/backend/{backend}", backendDeleteHandler).Methods("DELETE")
sub.HandleFunc("/backend/{backend}/server/{server}", backendServerHandler).Methods("GET")
sub.HandleFunc("/backend/{backend}/server/{server}", backendServerAddHandler).Methods("POST")
sub.HandleFunc("/backend/{backend}/server/{server}", backendServerDeleteHandler).Methods("DELETE")
s := &http.Server{
Addr: *bind,
ReadTimeout: 10 * time.Second,
WriteTimeout: 10 * time.Second,
MaxHeaderBytes: 1 << 20,
}
h := auth.HtpasswdFileProvider(*htpasswd)
a := auth.NewBasicAuthenticator("haproxy config", h)
http.Handle("/", a.Wrap(func(w http.ResponseWriter, ar *auth.AuthenticatedRequest) {
r.ServeHTTP(w, &ar.Request)
}))
log.Err(s.ListenAndServe().Error())
}
func main() {
setLogging()
config = readConfig(getPath("conf"))
authenticator := auth.NewBasicAuthenticator(
"example.com",
func(user, realm string) string {
return Secret(config, user, realm)
})
http.HandleFunc("/", authenticator.Wrap(handle))
http.HandleFunc("/last-seen-employees", authenticator.Wrap(showLastSeenEmployees))
http.ListenAndServe(":8080", nil)
}
func (h *httpServer) Listen(address string) error {
fs := http.FileServer(http.Dir("web/assets"))
secrets := auth.HtpasswdFileProvider(h.secrets)
authenticator := auth.NewBasicAuthenticator("Basic Realm", secrets)
http.HandleFunc("/", h.Root)
http.Handle("/assets/", http.StripPrefix("/assets/", fs))
http.HandleFunc("/songs", h.Songs)
http.HandleFunc("/song/", h.Song)
http.HandleFunc("/ws", ws.Handle)
http.HandleFunc("/play/", authenticator.Wrap(h.Play))
return http.ListenAndServe(address, nil)
}
func main() {
pwd, _ := os.Getwd()
//Set config path and type
viper.SetConfigName("config")
viper.AddConfigPath(pwd)
viper.AddConfigPath("/etc/ddesktop/")
viper.SetConfigType("yaml")
//Read config
err := viper.ReadInConfig()
if err != nil {
log.Fatalln(err)
}
log.Println(viper.GetString("container.prefix"))
//Cleanup existing containers
dockerhandler.CleanUp()
//Pull new docker image
if viper.GetBool("container.pull") {
dockerhandler.PullImage()
}
//Get authentication setting
htpasswd := auth.HtpasswdFileProvider(viper.GetString("htpasswd.path"))
authenticator := auth.NewBasicAuthenticator(".ddesktop", htpasswd)
//Start server
log.Printf("Starting server on http://0.0.0.0:" + viper.GetString("server.port.http") + " and https://0.0.0.0:" + viper.GetString("server.port.https") + "...")
http.Handle("/websockify", auth.JustCheck(authenticator, wsproxy.WsProxy()))
http.HandleFunc("/", auth.JustCheck(authenticator, server.Static()))
go func() {
if err := http.ListenAndServeTLS(":"+viper.GetString("server.port.https"), viper.GetString("ssl.cert"), viper.GetString("ssl.key"), nil); err != nil {
log.Fatalln(err)
}
}()
if err := http.ListenAndServe(":"+viper.GetString("server.port.http"), http.HandlerFunc(server.RedirectHttps)); err != nil {
log.Fatalln(err)
}
}
func main() {
var mongoUrl = flag.String("db", "petrucho-db", "MongoDB URL")
flag.Parse()
ctx := context.Background()
ctx = db.OpenMongoDB(ctx, "main", *mongoUrl)
defer db.Close(ctx)
kami.Context = ctx
secret := func(email, realm string) string {
u := User{}
users := userStorage(ctx)
err := users.Find(bson.M{"email": email, "confirmed": true}).One(&u)
if err != nil {
return ""
}
return u.Password
}
authenticator := auth.NewBasicAuthenticator("Restricted", secret)
kami.Get("/", homeHandler)
kami.Get("/register", registrationForm)
kami.Post("/register", registerUser)
kami.Get("/confirm/:token", confirmRegistration)
kami.Get("/users", viewAllUsers)
kami.Get("/users/:email", viewUser)
kami.Use("/users/:email/edit", func(ctx context.Context, w http.ResponseWriter, r *http.Request) context.Context {
var username string
authenticator.Wrap(func(w http.ResponseWriter, r *auth.AuthenticatedRequest) {
username = r.Username
})(w, r)
if len(username) == 0 {
return nil
}
return context.WithValue(ctx, "auth", username)
})
kami.Get("/users/:email/edit", editProfileForm)
kami.Post("/users/:email/edit", updateProfile)
kami.Serve()
}
func main() {
folderPath, errpath := osext.ExecutableFolder()
if errpath != nil {
fmt.Printf("Couldn't get cwd. Check permissions!\n")
return
}
if _, err := os.Stat(folderPath + ".htpasswd"); os.IsNotExist(err) {
fmt.Printf(folderPath + ".htpasswd doesn't exist in cwd!\n")
return
}
secrets := auth.HtpasswdFileProvider(folderPath + ".htpasswd")
authenticator := auth.NewBasicAuthenticator("Seyes Echelon", secrets)
http.HandleFunc("/record_log", auth.JustCheck(authenticator, handle))
fmt.Println("Server starting on port " + os.Args[1] + " ....\n")
http.ListenAndServe(":"+os.Args[1], nil)
}
func New(runInDebugMode bool, templatesLocation string, usersPasswordFileLocation string, storageFactory model.VFStorageGroup, srvlog *logs.ServerLog) http.Handler {
if defaultRouter != nil {
return defaultRouter
}
serverlog = srvlog
defaultUserAuthenticator = auth.NewBasicAuthenticator("myrealm", auth.HtpasswdFileProvider(usersPasswordFileLocation))
defaultStorageFactory = storageFactory
results.TemplatesDir = templatesLocation
results.DebugMode = runInDebugMode
defaultRouter = mux.NewRouter()
adminRouter := mux.NewRouter()
apiRouter := mux.NewRouter()
handleVFolder(apiRouter)
handleCtrlPanel(adminRouter)
handlePlayground(apiRouter)
defaultRouter.PathPrefix("/api").Handler(
negroni.New(
negroni.HandlerFunc(authorized),
negroni.Wrap(apiRouter),
),
)
defaultRouter.PathPrefix("/admin").Handler(
negroni.New(
negroni.HandlerFunc(authorized),
negroni.HandlerFunc(adminOnly),
negroni.Wrap(adminRouter),
),
)
defaultRouter.PathPrefix("/static").Handler(http.StripPrefix("/static", http.FileServer(http.Dir("./server/static"))))
return defaultRouter
}
func main() {
programName := os.Args[0]
absPath, _ := filepath.Abs(programName)
haproxyConsoleRoot = path.Dir(path.Dir(absPath))
port := flag.String("p", "9090", "port to run the web server")
configuration := flag.String("config", "", "path to the app config file")
toolMode := flag.Bool("t", false, "run this program as a tool to export data from database to json or from json to database")
flag.Parse()
configPath := *configuration
if configPath == "" {
defaultConfigPath := haproxyConsoleRoot + "/conf/app_conf.ini"
fmt.Printf("You not set the configPath, so try to use the default config path: %s\n", defaultConfigPath)
if _, e := os.Stat(defaultConfigPath); os.IsNotExist(e) {
fmt.Println("Not Exit default config file")
os.Exit(1)
} else {
configPath = defaultConfigPath
}
}
var err error
logger = getLogger()
appConf, err = config.ParseConfig(configPath)
if err != nil {
fmt.Println(err)
return
}
if *toolMode {
// 数据转换存储方式
err := tools.StorageTransform(appConf)
tools.CheckError(err)
} else {
// 存储连接初始化
db, err = applicationDB.InitStoreConnection(appConf)
if err != nil {
logger.Fatalln(err)
os.Exit(1)
}
defer db.Close()
// 请求路由
http.Handle("/static/", http.StripPrefix("/static/", http.FileServer(http.Dir(haproxyConsoleRoot+"/static/"))))
// basic auth user: admin, passwd: 1qazXSW@
authenticator := auth.NewBasicAuthenticator("HAProxyConsole", auth.HtpasswdFileProvider(haproxyConsoleRoot+"/conf/md5passwd"))
http.HandleFunc("/applyvport", authenticator.Wrap(applyVPort))
http.HandleFunc("/edittask", authenticator.Wrap(editTask))
http.HandleFunc("/listenlist", authenticator.Wrap(getListenList))
http.HandleFunc("/dellistentask", authenticator.Wrap(delListenTask))
http.HandleFunc("/applyconf", authenticator.Wrap(applyConf))
http.HandleFunc("/statspage", statsPage)
http.HandleFunc("/", authenticator.Wrap(getHomePage))
// 启动http服务
err = http.ListenAndServe(":"+*port, nil)
if err != nil {
logger.Fatalln("ListenAndServe: ", err)
}
}
}
func NewHttpBasicAuthenticator(htpasswdFile string) *HttpBasicAuthenticator {
return &HttpBasicAuthenticator{
//secretFunc: httpauth.HtpasswdFileProvider(htpasswdFile),
basicAuth: httpauth.NewBasicAuthenticator("vindalu", httpauth.HtpasswdFileProvider(htpasswdFile)),
}
}
func main() {
parseConfig()
bootstrap()
if wikiConfig.version {
fmt.Printf("Strapdown Wiki Server - v%s\n", SERVER_VERSION)
os.Exit(0)
}
// try open the repo
repo, err := git.OpenRepository(".")
if err != nil {
log.Printf("git repository not found at current directory. please use `-init` switch or run `git init` in this directory")
log.Fatal(err)
os.Exit(2)
} else {
repo.Free()
}
// load auth file
if _, err := os.Stat(wikiConfig.auth); len(wikiConfig.auth) > 0 && (!os.IsNotExist(err)) {
authenticator = auth.NewBasicAuthenticator("strapdown.ztx.io", auth.HtpasswdFileProvider(wikiConfig.auth)) // should we replace the url here?
log.Printf("use authentication file: %s", wikiConfig.auth)
} else {
log.Printf("authentication file not exist, disable http authentication")
}
if _, err := os.Stat("_static"); os.IsNotExist(err) {
// release the files
log.Print("Seems you don't have `_static` folder, release one to hold the static file")
files := AssetNames()
for _, name := range files {
if strings.HasSuffix(name, ".html") || strings.HasSuffix(name, "fav.ico") {
continue
}
file, err := Asset(name)
if err != nil {
log.Printf("[ WARN ] fail to load: %s", name)
}
err = os.MkdirAll(path.Dir(name), 0700)
if err != nil {
log.Printf("[ WARN ] fail to create folder: %s", path.Dir(name))
}
err = ioutil.WriteFile(name, file, 0644)
if err != nil {
log.Printf("[ WARN ] cannot write file: %v", err)
}
}
}
if _, err := os.Stat(".md"); os.IsNotExist(err) {
// release a default .md
log.Print("Release default .md")
file, err := Asset("_static/.md")
if err != nil {
log.Printf("[ WARN ] fail to load .md")
}
err = ioutil.WriteFile(".md", file, 0644)
if err != nil {
log.Printf("[ WARN ] cannot write default .md: %v", err)
}
}
if _, err := os.Stat("favicon.ico"); os.IsNotExist(err) {
// release the files
log.Print("Release the favicon.ico")
file, err := Asset("_static/fav.ico")
if err != nil {
log.Printf("[ WARN ] fail to load favicon.ico")
}
err = ioutil.WriteFile("favicon.ico", file, 0644)
if err != nil {
log.Printf("[ WARN ] cannot write default favicon.ico: %v", err)
}
}
http.HandleFunc("/", handleFunc)
// listen on the (multi) addresss
cnt := 0
ch := make(chan bool)
for _, host := range strings.Split(wikiConfig.addr, ",") {
cnt += 1
log.Printf("[ %d ] listening on %s", cnt, host)
go func(h string, aid int) {
e := http.ListenAndServe(h, nil)
if e != nil {
log.Printf("[ %d ] failed to bind on %s: %v", aid, h, e)
ch <- false
} else {
ch <- true
}
}(host, cnt)
}
for cnt > 0 {
<-ch
cnt -= 1
}
}
func main() {
authenticator := auth.NewBasicAuthenticator("example.com", Secret)
http.HandleFunc("/", authenticator.Wrap(handle))
http.ListenAndServe(":8080", nil)
}
func main() {
flag.Usage = func() {
// It is unfortunate that we need to re-implement flag.PrintDefaults(),
// but I cannot see any other way to achieve the grouping of flags.
fmt.Fprintf(os.Stderr, "RobustIRC server (= node)\n")
fmt.Fprintf(os.Stderr, "\n")
fmt.Fprintf(os.Stderr, "The following flags are REQUIRED:\n")
printDefault(flag.Lookup("network_name"))
printDefault(flag.Lookup("network_password"))
printDefault(flag.Lookup("peer_addr"))
printDefault(flag.Lookup("tls_cert_path"))
printDefault(flag.Lookup("tls_key_path"))
fmt.Fprintf(os.Stderr, "\n")
fmt.Fprintf(os.Stderr, "The following flags are only relevant when bootstrapping the network (once):\n")
printDefault(flag.Lookup("join"))
printDefault(flag.Lookup("singlenode"))
fmt.Fprintf(os.Stderr, "\n")
fmt.Fprintf(os.Stderr, "The following flags are optional:\n")
printDefault(flag.Lookup("dump_canary_state"))
printDefault(flag.Lookup("dump_heap_profile"))
printDefault(flag.Lookup("canary_compaction_start"))
printDefault(flag.Lookup("listen"))
printDefault(flag.Lookup("raftdir"))
printDefault(flag.Lookup("tls_ca_file"))
printDefault(flag.Lookup("version"))
fmt.Fprintf(os.Stderr, "\n")
fmt.Fprintf(os.Stderr, "The following flags are optional and provided by glog:\n")
printDefault(flag.Lookup("alsologtostderr"))
printDefault(flag.Lookup("log_backtrace_at"))
printDefault(flag.Lookup("log_dir"))
printDefault(flag.Lookup("log_total_bytes"))
printDefault(flag.Lookup("logtostderr"))
printDefault(flag.Lookup("stderrthreshold"))
printDefault(flag.Lookup("v"))
printDefault(flag.Lookup("vmodule"))
}
flag.Parse()
// Store logs in -raftdir, unless otherwise specified.
if flag.Lookup("log_dir").Value.String() == "" {
flag.Set("log_dir", *raftDir)
}
defer glog.Flush()
glog.MaxSize = 64 * 1024 * 1024
glog.CopyStandardLogTo("INFO")
log.Printf("RobustIRC %s\n", Version)
if *version {
return
}
if _, err := os.Stat(filepath.Join(*raftDir, "deletestate")); err == nil {
if err := os.RemoveAll(*raftDir); err != nil {
log.Fatal(err)
}
if err := os.Mkdir(*raftDir, 0700); err != nil {
log.Fatal(err)
}
log.Printf("Deleted %q because %q existed\n", *raftDir, filepath.Join(*raftDir, "deletestate"))
}
if err := outputstream.DeleteOldDatabases(*raftDir); err != nil {
log.Fatalf("Could not delete old outputstream databases: %v\n", err)
}
if err := deleteOldCompactionDatabases(*raftDir); err != nil {
glog.Errorf("Could not delete old compaction databases: %v (ignoring)\n", err)
}
log.Printf("Initializing RobustIRC…\n")
if *networkPassword == "" {
*networkPassword = os.Getenv("ROBUSTIRC_NETWORK_PASSWORD")
}
if *networkPassword == "" {
log.Fatalf("-network_password not set. You MUST protect your network.\n")
}
digest := sha1.New()
digest.Write([]byte(*networkPassword))
passwordHash := "{SHA}" + base64.StdEncoding.EncodeToString(digest.Sum(nil))
if *network == "" {
log.Fatalf("-network_name not set, but required.\n")
}
if *peerAddr == "" {
log.Printf("-peer_addr not set, initializing to %q. Make sure %q is a host:port string that other raft nodes can connect to!\n", *listen, *listen)
*peerAddr = *listen
}
ircServer = ircserver.NewIRCServer(*raftDir, *network, time.Now())
transport := rafthttp.NewHTTPTransport(
*peerAddr,
// Not deadlined, otherwise snapshot installments fail.
robusthttp.Client(*networkPassword, false),
nil,
"")
peerStore = raft.NewJSONPeers(*raftDir, transport)
if *join == "" && !*singleNode {
peers, err := peerStore.Peers()
if err != nil {
log.Fatal(err.Error())
}
if len(peers) == 0 {
if !*timesafeguard.DisableTimesafeguard {
log.Fatalf("No peers known and -join not specified. Joining the network is not safe because timesafeguard cannot be called.\n")
}
} else {
if len(peers) == 1 && peers[0] == *peerAddr {
// To prevent crashlooping too frequently in case the init system directly restarts our process.
time.Sleep(10 * time.Second)
log.Fatalf("Only known peer is myself (%q), implying this node was removed from the network. Please kill the process and remove the data.\n", *peerAddr)
}
if err := timesafeguard.SynchronizedWithNetwork(*peerAddr, peers, *networkPassword); err != nil {
log.Fatal(err.Error())
}
}
}
var p []string
config := raft.DefaultConfig()
config.Logger = log.New(glog.LogBridgeFor("INFO"), "", log.Lshortfile)
if *singleNode {
config.EnableSingleNode = true
}
// Keep 5 snapshots in *raftDir/snapshots, log to stderr.
fss, err := raft.NewFileSnapshotStore(*raftDir, 5, nil)
if err != nil {
log.Fatal(err)
}
// How often to check whether a snapshot should be taken. The check is
// cheap, and the default value far too high for networks with a high
// number of messages/s.
// At the same time, it is important that we don’t check too early,
// otherwise recovering from the most recent snapshot doesn’t work because
// after recovering, a new snapshot (over the 0 committed messages) will be
// taken immediately, effectively overwriting the result of the snapshot
// recovery.
config.SnapshotInterval = 300 * time.Second
// Batch as many messages as possible into a single appendEntries RPC.
// There is no downside to setting this too high.
config.MaxAppendEntries = 1024
// It could be that the heartbeat goroutine is not scheduled for a while,
// so relax the default of 500ms.
config.LeaderLeaseTimeout = timesafeguard.ElectionTimeout
config.HeartbeatTimeout = timesafeguard.ElectionTimeout
config.ElectionTimeout = timesafeguard.ElectionTimeout
// We use prometheus, so hook up the metrics package (used by raft) to
// prometheus as well.
sink, err := metrics_prometheus.NewPrometheusSink()
if err != nil {
log.Fatal(err)
}
metrics.NewGlobal(metrics.DefaultConfig("raftmetrics"), sink)
bootstrapping := *singleNode || *join != ""
logStore, err := raft_store.NewLevelDBStore(filepath.Join(*raftDir, "raftlog"), bootstrapping)
if err != nil {
log.Fatal(err)
}
ircStore, err = raft_store.NewLevelDBStore(filepath.Join(*raftDir, "irclog"), bootstrapping)
if err != nil {
log.Fatal(err)
}
fsm := &FSM{
store: logStore,
ircstore: ircStore,
lastSnapshotState: make(map[uint64][]byte),
}
logcache, err := raft.NewLogCache(config.MaxAppendEntries, logStore)
if err != nil {
log.Fatal(err)
}
node, err = raft.NewRaft(config, fsm, logcache, logStore, fss, peerStore, transport)
if err != nil {
log.Fatal(err)
}
if *dumpCanaryState != "" {
canary(fsm, *dumpCanaryState)
if *dumpHeapProfile != "" {
debug.FreeOSMemory()
f, err := os.Create(*dumpHeapProfile)
if err != nil {
log.Fatal(err)
}
defer f.Close()
pprof.WriteHeapProfile(f)
}
return
}
go func() {
for {
secondsInState.WithLabelValues(node.State().String()).Inc()
time.Sleep(1 * time.Second)
}
}()
privaterouter := httprouter.New()
privaterouter.Handler("GET", "/", exitOnRecoverHandleFunc(handleStatus))
privaterouter.Handler("GET", "/irclog", exitOnRecoverHandleFunc(handleIrclog))
privaterouter.Handler("POST", "/raft/*rest", exitOnRecoverHandler(transport))
privaterouter.Handler("POST", "/join", exitOnRecoverHandleFunc(handleJoin))
privaterouter.Handler("POST", "/part", exitOnRecoverHandleFunc(handlePart))
privaterouter.Handler("GET", "/snapshot", exitOnRecoverHandleFunc(handleSnapshot))
privaterouter.Handler("GET", "/leader", exitOnRecoverHandleFunc(handleLeader))
privaterouter.Handler("POST", "/quit", exitOnRecoverHandleFunc(handleQuit))
privaterouter.Handler("GET", "/config", exitOnRecoverHandleFunc(handleGetConfig))
privaterouter.Handler("POST", "/config", exitOnRecoverHandleFunc(handlePostConfig))
privaterouter.Handler("GET", "/metrics", exitOnRecoverHandler(prometheus.Handler()))
publicrouter := httprouter.New()
publicrouter.Handle("POST", "/robustirc/v1/:sessionid", exitOnRecoverHandle(handleCreateSession))
publicrouter.Handle("POST", "/robustirc/v1/:sessionid/message", exitOnRecoverHandle(handlePostMessage))
publicrouter.Handle("GET", "/robustirc/v1/:sessionid/messages", exitOnRecoverHandle(handleGetMessages))
publicrouter.Handle("DELETE", "/robustirc/v1/:sessionid", exitOnRecoverHandle(handleDeleteSession))
a := auth.NewBasicAuthenticator("robustirc", func(user, realm string) string {
if user == "robustirc" {
return passwordHash
}
return ""
})
http.Handle("/robustirc/", publicrouter)
http.Handle("/", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if username := a.CheckAuth(r); username == "" {
a.RequireAuth(w, r)
} else {
privaterouter.ServeHTTP(w, r)
}
}))
srv := http.Server{Addr: *listen}
if err := http2.ConfigureServer(&srv, nil); err != nil {
log.Fatal(err)
}
// Manually create the net.TCPListener so that joinMaster() does not run
// into connection refused errors (the master will try to contact the
// node before acknowledging the join).
srv.TLSConfig.Certificates = make([]tls.Certificate, 1)
srv.TLSConfig.Certificates[0], err = tls.LoadX509KeyPair(*tlsCertPath, *tlsKeyPath)
if err != nil {
log.Fatal(err)
}
ln, err := net.Listen("tcp", *listen)
if err != nil {
log.Fatal(err)
}
tlsListener := tls.NewListener(tcpKeepAliveListener{ln.(*net.TCPListener)}, srv.TLSConfig)
go srv.Serve(tlsListener)
log.Printf("RobustIRC listening on %q. For status, see %s\n",
*peerAddr,
fmt.Sprintf("https://*****:*****@%s/", *networkPassword, *peerAddr))
if *join != "" {
if err := timesafeguard.SynchronizedWithMasterAndNetwork(*peerAddr, *join, *networkPassword); err != nil {
log.Fatal(err.Error())
}
p = joinMaster(*join, peerStore)
// TODO(secure): properly handle joins on the server-side where the joining node is already in the network.
}
if len(p) > 0 {
node.SetPeers(p)
}
expireSessionsTimer := time.After(expireSessionsInterval)
secondTicker := time.Tick(1 * time.Second)
for {
select {
case <-secondTicker:
if node.State() == raft.Shutdown {
log.Fatal("Node removed from the network (in raft state shutdown), terminating.")
}
case <-expireSessionsTimer:
expireSessionsTimer = time.After(expireSessionsInterval)
// Race conditions (a node becoming a leader or ceasing to be the
// leader shortly before/after this runs) are okay, since the timer
// is triggered often enough on every node so that it will
// eventually run on the leader.
if node.State() != raft.Leader {
continue
}
applyMu.Lock()
for _, msg := range ircServer.ExpireSessions() {
// Cannot fail, no user input.
msgbytes, _ := json.Marshal(msg)
f := node.Apply(msgbytes, 10*time.Second)
if err := f.Error(); err != nil {
log.Printf("Apply(): %v\n", err)
break
}
}
applyMu.Unlock()
}
}
}
func main() {
flag.Parse()
instances := flag.Args()
if len(instances) < 1 {
log.Print("No Octopress instances were specified.")
flag.PrintDefaults()
return
}
log.Print("Octopress API v" + Version + " / API v" + CurrentApiVersion)
// Compile all instances into sites
log.Print("Compiling instances into sites")
for i := range instances {
log.Print("Processing site " + instances[i])
site, err := getSite(instances[i])
if err != nil {
panic(err)
}
log.Print("Identified site name " + site.Name)
MySitesMap[site.Key] = site
}
r := mux.NewRouter()
// Handle UI prefix
http.Handle("/ui/", http.StripPrefix("/ui/", http.FileServer(http.Dir(*uiLocation))))
api := r.PathPrefix("/api").Subrouter()
// Common to all version
api.HandleFunc("/version", versionHandler).Methods("GET")
// API Version 1.0
subV1_0 := api.PathPrefix("/1.0").Subrouter()
subV1_0.HandleFunc("/version", versionHandler).Methods("GET")
subV1_0.HandleFunc("/sites", sitesHandler).Methods("GET")
subV1_0.HandleFunc("/site/commit/{site}", gitCommitHandler).Methods("GET")
subV1_0.HandleFunc("/site/deploy/{site}", deployHandler).Methods("GET")
subV1_0.HandleFunc("/post/categories/{site}", postCategoriesHandler).Methods("GET")
subV1_0.HandleFunc("/post/list/{site}", listPostsHandler).Methods("GET")
subV1_0.HandleFunc("/post/get/{site}/{slug}", getPostHandler).Methods("GET")
subV1_0.HandleFunc("/post/new/{site}/{postname}", newPostHandler).Methods("GET")
subV1_0.HandleFunc("/post/update/{site}/{slug}", updatePostHandler).Methods("POST")
// Redirection for home
r.HandleFunc("/", homeRedirectHandler)
s := &http.Server{
Addr: *bind,
ReadTimeout: 90 * time.Second,
WriteTimeout: 90 * time.Second,
MaxHeaderBytes: 1 << 20,
}
// Handle authentication
a := auth.NewBasicAuthenticator("Octopress API", SimpleSecurityProvider(*username, *password))
http.Handle("/", a.Wrap(func(w http.ResponseWriter, ar *auth.AuthenticatedRequest) {
r.ServeHTTP(w, &ar.Request)
}))
// Run actual server
log.Print("Starting server on " + *bind)
log.Print(s.ListenAndServe().Error())
}
func main() {
parseConfig()
bootstrap()
// try open the repo
repo, err := git.OpenRepository(".")
if err != nil {
log.Printf("git repository not found at current directory. please use `-init` switch or run `git init` in this directory")
log.Fatal(err)
os.Exit(2)
} else {
repo.Free()
}
// load auth file
if _, err := os.Stat(wikiConfig.auth); len(wikiConfig.auth) > 0 && (!os.IsNotExist(err)) {
authenticator = auth.NewBasicAuthenticator("strapdown.ztx.io", auth.HtpasswdFileProvider(wikiConfig.auth)) // should we replace the url here?
log.Printf("use authentication file: %s", wikiConfig.auth)
} else {
log.Printf("authentication file not exist, disable http authentication")
}
if _, err := os.Stat(".md"); os.IsNotExist(err) {
// release a default .md
log.Print("Release default .md")
file, err := Asset("_static/.md")
if err != nil {
log.Printf("[ WARN ] fail to load .md")
}
err = ioutil.WriteFile(".md", file, 0644)
if err != nil {
log.Printf("[ WARN ] cannot write default .md: %v", err)
}
}
if _, err := os.Stat("favicon.ico"); os.IsNotExist(err) {
// release the files
log.Print("Release the favicon.ico")
file, err := Asset("_static/fav.ico")
if err != nil {
log.Printf("[ WARN ] fail to load favicon.ico")
}
err = ioutil.WriteFile("favicon.ico", file, 0644)
if err != nil {
log.Printf("[ WARN ] cannot write default favicon.ico: %v", err)
}
}
http.HandleFunc("/", handleFunc)
// listen on the (multi) addresss
cnt := 0
ch := make(chan bool)
for _, host := range strings.Split(wikiConfig.addr, ",") {
cnt += 1
log.Printf("[ %d ] listening on %s", cnt, host)
go func(h string, aid int) {
e := http.ListenAndServe(h, nil)
if e != nil {
log.Printf("[ %d ] failed to bind on %s: %v", aid, h, e)
ch <- false
} else {
ch <- true
}
}(host, cnt)
}
for cnt > 0 {
<-ch
cnt -= 1
}
}
func main() {
defer glog.Flush()
flag.Parse()
if *versionFlag {
fmt.Printf("cAdvisor version %s\n", info.VERSION)
os.Exit(0)
}
setMaxProcs()
storageDriver, err := NewStorageDriver(*argDbDriver)
if err != nil {
glog.Fatalf("Failed to connect to database: %s", err)
}
sysFs, err := sysfs.NewRealSysFs()
if err != nil {
glog.Fatalf("Failed to create a system interface: %s", err)
}
containerManager, err := manager.New(storageDriver, sysFs)
if err != nil {
glog.Fatalf("Failed to create a Container Manager: %s", err)
}
// Register Docker.
if err := docker.Register(containerManager); err != nil {
glog.Errorf("Docker registration failed: %v.", err)
}
// Register the raw driver.
if err := raw.Register(containerManager); err != nil {
glog.Fatalf("Raw registration failed: %v.", err)
}
// Basic health handler.
if err := healthz.RegisterHandler(); err != nil {
glog.Fatalf("Failed to register healthz handler: %s", err)
}
// Validation/Debug handler.
http.HandleFunc(validate.ValidatePage, func(w http.ResponseWriter, r *http.Request) {
err := validate.HandleRequest(w, containerManager)
if err != nil {
fmt.Fprintf(w, "%s", err)
}
})
// Register API handler.
if err := api.RegisterHandlers(containerManager); err != nil {
glog.Fatalf("Failed to register API handlers: %s", err)
}
// Redirect / to containers page.
http.Handle("/", http.RedirectHandler(pages.ContainersPage, http.StatusTemporaryRedirect))
var authenticated bool = false
// Setup the authenticator object
if *httpAuthFile != "" {
glog.Infof("Using auth file %s", *httpAuthFile)
secrets := auth.HtpasswdFileProvider(*httpAuthFile)
authenticator := auth.NewBasicAuthenticator(*httpAuthRealm, secrets)
http.HandleFunc(static.StaticResource, authenticator.Wrap(staticHandler))
if err := pages.RegisterHandlersBasic(containerManager, authenticator); err != nil {
glog.Fatalf("Failed to register pages auth handlers: %s", err)
}
authenticated = true
}
if *httpAuthFile == "" && *httpDigestFile != "" {
glog.Infof("Using digest file %s", *httpDigestFile)
secrets := auth.HtdigestFileProvider(*httpDigestFile)
authenticator := auth.NewDigestAuthenticator(*httpDigestRealm, secrets)
http.HandleFunc(static.StaticResource, authenticator.Wrap(staticHandler))
if err := pages.RegisterHandlersDigest(containerManager, authenticator); err != nil {
glog.Fatalf("Failed to register pages digest handlers: %s", err)
}
authenticated = true
}
// Change handler based on authenticator initalization
if !authenticated {
http.HandleFunc(static.StaticResource, staticHandlerNoAuth)
if err := pages.RegisterHandlersBasic(containerManager, nil); err != nil {
glog.Fatalf("Failed to register pages handlers: %s", err)
}
}
// Start the manager.
if err := containerManager.Start(); err != nil {
glog.Fatalf("Failed to start container manager: %v", err)
}
// Install signal handler.
installSignalHandler(containerManager)
glog.Infof("Starting cAdvisor version: %q on port %d", info.VERSION, *argPort)
addr := fmt.Sprintf("%s:%d", *argIp, *argPort)
glog.Fatal(http.ListenAndServe(addr, nil))
}
