// standardHttp starts serving standard HTTP (api/web) requests, to be used by normal clients
func standardHttp(discovery bool) {
m := martini.Classic()
switch strings.ToLower(config.Config.AuthenticationMethod) {
case "basic":
{
if config.Config.HTTPAuthUser == "" {
// Still allowed; may be disallowed in future versions
log.Warning("AuthenticationMethod is configured as 'basic' but HTTPAuthUser undefined. Running without authentication.")
}
m.Use(auth.Basic(config.Config.HTTPAuthUser, config.Config.HTTPAuthPassword))
}
case "multi":
{
if config.Config.HTTPAuthUser == "" {
// Still allowed; may be disallowed in future versions
log.Fatal("AuthenticationMethod is configured as 'multi' but HTTPAuthUser undefined")
}
m.Use(auth.BasicFunc(func(username, password string) bool {
if username == "readonly" {
// Will be treated as "read-only"
return true
}
return auth.SecureCompare(username, config.Config.HTTPAuthUser) && auth.SecureCompare(password, config.Config.HTTPAuthPassword)
}))
}
default:
{
// We inject a dummy User object because we have function signatures with User argument in api.go
m.Map(auth.User(""))
}
}
m.Use(gzip.All())
// Render html templates from templates directory
m.Use(render.Renderer(render.Options{
Directory: "resources",
Layout: "templates/layout",
HTMLContentType: "text/html",
}))
m.Use(martini.Static("resources/public"))
inst.SetMaintenanceOwner(logic.ThisHostname)
log.Info("Starting HTTP")
if discovery {
go logic.ContinuousDiscovery()
}
inst.ReadClusterAliases()
http.API.RegisterRequests(m)
http.Web.RegisterRequests(m)
// Serve
if err := nethttp.ListenAndServe(config.Config.ListenAddress, m); err != nil {
log.Fatale(err)
}
}
func main() {
if conf, e := LoadConfig("conf/string_keeper.conf"); e != nil {
if os.IsNotExist(e) {
fmt.Println("'conf/string_keeper.conf' not exist, it will use default config.")
keeperConf = DefaultConfig()
} else {
fmt.Printf("load config file 'conf/string_keeper.conf' failed, err: %s\n", e.Error())
os.Exit(1)
}
} else {
keeperConf = conf
}
m := martini.Classic()
m.Post("/", GetBucketString)
m.Get("/ping", func() string {
return "pong"
})
if cwd, e := os.Getwd(); e != nil {
fmt.Printf("get current dir failed, err: %s", e.Error())
os.Exit(1)
} else if !filepath.IsAbs(cwd) {
if absPath, e := filepath.Abs(cwd); e != nil {
fmt.Printf("get current dir abs path failed, err: %s", e.Error())
os.Exit(1)
return
} else {
resDir = filepath.Join(absPath, "public")
}
} else {
resDir = filepath.Join(cwd, "public")
}
m.Use(cors.Allow(&cors.Options{
AllowOrigins: keeperConf.HTTP.CORS.AllowOrigins,
AllowMethods: keeperConf.HTTP.CORS.AllowMethods,
AllowHeaders: keeperConf.HTTP.CORS.AllowHeaders,
ExposeHeaders: keeperConf.HTTP.CORS.ExposeHeaders,
AllowCredentials: keeperConf.HTTP.CORS.AllowCerdentials,
}))
if keeperConf.ACL.AuthEnabled {
m.Use(auth.BasicFunc(AuthCheck))
} else {
m.Map(auth.User(""))
}
m.RunOnAddr(keeperConf.HTTP.Address)
}
// standardHttp starts serving HTTP or HTTPS (api/web) requests, to be used by normal clients
func standardHttp(discovery bool) {
m := martini.Classic()
switch strings.ToLower(config.Config.AuthenticationMethod) {
case "basic":
{
if config.Config.HTTPAuthUser == "" {
// Still allowed; may be disallowed in future versions
log.Warning("AuthenticationMethod is configured as 'basic' but HTTPAuthUser undefined. Running without authentication.")
}
m.Use(auth.Basic(config.Config.HTTPAuthUser, config.Config.HTTPAuthPassword))
}
case "multi":
{
if config.Config.HTTPAuthUser == "" {
// Still allowed; may be disallowed in future versions
log.Fatal("AuthenticationMethod is configured as 'multi' but HTTPAuthUser undefined")
}
m.Use(auth.BasicFunc(func(username, password string) bool {
if username == "readonly" {
// Will be treated as "read-only"
return true
}
return auth.SecureCompare(username, config.Config.HTTPAuthUser) && auth.SecureCompare(password, config.Config.HTTPAuthPassword)
}))
}
default:
{
// We inject a dummy User object because we have function signatures with User argument in api.go
m.Map(auth.User(""))
}
}
m.Use(gzip.All())
// Render html templates from templates directory
m.Use(render.Renderer(render.Options{
Directory: "resources",
Layout: "templates/layout",
HTMLContentType: "text/html",
}))
m.Use(martini.Static("resources/public"))
if config.Config.UseMutualTLS {
m.Use(ssl.VerifyOUs(config.Config.SSLValidOUs))
}
inst.SetMaintenanceOwner(process.ThisHostname)
if discovery {
log.Info("Starting Discovery")
go logic.ContinuousDiscovery()
}
log.Info("Registering endpoints")
http.API.RegisterRequests(m)
http.Web.RegisterRequests(m)
// Serve
if config.Config.ListenSocket != "" {
log.Infof("Starting HTTP listener on unix socket %v", config.Config.ListenSocket)
unixListener, err := net.Listen("unix", config.Config.ListenSocket)
if err != nil {
log.Fatale(err)
}
defer unixListener.Close()
if err := nethttp.Serve(unixListener, m); err != nil {
log.Fatale(err)
}
} else if config.Config.UseSSL {
log.Info("Starting HTTPS listener")
tlsConfig, err := ssl.NewTLSConfig(config.Config.SSLCAFile, config.Config.UseMutualTLS)
if err != nil {
log.Fatale(err)
}
tlsConfig.InsecureSkipVerify = config.Config.SSLSkipVerify
if err = ssl.AppendKeyPairWithPassword(tlsConfig, config.Config.SSLCertFile, config.Config.SSLPrivateKeyFile, sslPEMPassword); err != nil {
log.Fatale(err)
}
if err = ssl.ListenAndServeTLS(config.Config.ListenAddress, m, tlsConfig); err != nil {
log.Fatale(err)
}
} else {
log.Infof("Starting HTTP listener on %+v", config.Config.ListenAddress)
if err := nethttp.ListenAndServe(config.Config.ListenAddress, m); err != nil {
log.Fatale(err)
}
}
log.Info("Web server started")
}