// Creates out basicAuth Filter // The first params specifies the used htpasswd file // The second is optional and defines the realm name func (spec *basicSpec) CreateFilter(config []interface{}) (filters.Filter, error) { if len(config) == 0 { return nil, filters.ErrInvalidFilterParameters } configFile, ok := config[0].(string) if !ok { return nil, filters.ErrInvalidFilterParameters } realmName := DefaultRealmName if len(config) == 2 { if definedName, ok := config[1].(string); ok { realmName = definedName } } htpasswd := auth.HtpasswdFileProvider(configFile) authenticator := auth.NewBasicAuthenticator(realmName, htpasswd) return &basic{ authenticator: authenticator, realmDefinition: ForceBasicAuthHeaderValue + `"` + realmName + `"`, }, nil }
// main sets up the routes (thanks Gorilla!). func main() { r := mux.NewRouter() r.HandleFunc("/", showIndex) r.HandleFunc("/about", showAbout) r.HandleFunc("/archives", showArchives) r.PathPrefix("/static"). Handler(http.StripPrefix("/static", http.FileServer(http.Dir(staticPath)))) // Password protect data refreshing authenticator := auth.NewBasicAuthenticator( "Refresh data", auth.HtpasswdFileProvider(*htpasswd)) r.HandleFunc("/refresh", auth.JustCheck(authenticator, showRefresh)) // These must be last. The first shows blog posts, the second adds comments. r.HandleFunc("/{postname}", showPost).Methods("GET") r.HandleFunc("/{postname}", addComment).Methods("POST") // Captcha! http.Handle("/captcha/", captcha.Server(captcha.StdWidth, captcha.StdHeight)) // Okay, let Gorilla do its work. http.Handle("/", r) http.ListenAndServe(":8082", nil) }
func RegisterHandlers(mux httpMux.Mux, containerManager manager.Manager, httpAuthFile, httpAuthRealm, httpDigestFile, httpDigestRealm, prometheusEndpoint string) error { // Basic health handler. if err := healthz.RegisterHandler(mux); err != nil { return fmt.Errorf("failed to register healthz handler: %s", err) } // Validation/Debug handler. mux.HandleFunc(validate.ValidatePage, func(w http.ResponseWriter, r *http.Request) { err := validate.HandleRequest(w, containerManager) if err != nil { fmt.Fprintf(w, "%s", err) } }) // Register API handler. if err := api.RegisterHandlers(mux, containerManager); err != nil { return fmt.Errorf("failed to register API handlers: %s", err) } // Redirect / to containers page. mux.Handle("/", http.RedirectHandler(pages.ContainersPage, http.StatusTemporaryRedirect)) var authenticated bool = false // Setup the authenticator object if httpAuthFile != "" { glog.Infof("Using auth file %s", httpAuthFile) secrets := auth.HtpasswdFileProvider(httpAuthFile) authenticator := auth.NewBasicAuthenticator(httpAuthRealm, secrets) mux.HandleFunc(static.StaticResource, authenticator.Wrap(staticHandler)) if err := pages.RegisterHandlersBasic(mux, containerManager, authenticator); err != nil { return fmt.Errorf("failed to register pages auth handlers: %s", err) } authenticated = true } if httpAuthFile == "" && httpDigestFile != "" { glog.Infof("Using digest file %s", httpDigestFile) secrets := auth.HtdigestFileProvider(httpDigestFile) authenticator := auth.NewDigestAuthenticator(httpDigestRealm, secrets) mux.HandleFunc(static.StaticResource, authenticator.Wrap(staticHandler)) if err := pages.RegisterHandlersDigest(mux, containerManager, authenticator); err != nil { return fmt.Errorf("failed to register pages digest handlers: %s", err) } authenticated = true } // Change handler based on authenticator initalization if !authenticated { mux.HandleFunc(static.StaticResource, staticHandlerNoAuth) if err := pages.RegisterHandlersBasic(mux, containerManager, nil); err != nil { return fmt.Errorf("failed to register pages handlers: %s", err) } } collector := metrics.NewPrometheusCollector(containerManager) prometheus.MustRegister(collector) http.Handle(prometheusEndpoint, prometheus.Handler()) return nil }
func main() { flag.Parse() if *debugPtr == true { fmt.Println("Console debug output enabled.") } urlport := ":" + strconv.Itoa(*portPtr) authenticator := auth.NewBasicAuthenticator("sysreport", Secret) if *authPtr == true { http.HandleFunc("/", authenticator.Wrap(authRootViewHandler)) http.HandleFunc("/packages", authenticator.Wrap(authPackagesViewHandler)) http.HandleFunc("/facter", authenticator.Wrap(authFacterViewHandler)) http.HandleFunc("/ohai", authenticator.Wrap(authOhaiViewHandler)) } else { http.HandleFunc("/", rootViewHandler) http.HandleFunc("/packages", packagesViewHandler) http.HandleFunc("/facter", facterViewHandler) http.HandleFunc("/ohai", ohaiViewHandler) } if *sslPtr == true { http.ListenAndServeTLS(urlport, *cpemPtr, *kpemPtr, nil) } else { http.ListenAndServe(urlport, nil) } }
func runControlServer() { authenticator := auth.NewBasicAuthenticator("localhost", Secret) http.HandleFunc("/server", authenticator.Wrap(ServerActionsHandler)) http.HandleFunc("/server/status", authenticator.Wrap(ServerStatusHandler)) http.Handle("/index.html", authenticator.Wrap(indexHandler)) http.Handle("/", http.FileServer(http.Dir("."+pathSeparator+"html"))) http.ListenAndServe(config["control-panel"]["address"]+":"+config["control-panel"]["port"], nil) }
func main() { log.Printf("Init") dbinit() defer dbclose() authenticator := auth.NewBasicAuthenticator("127.0.0.1", Secret) http.HandleFunc("/", authenticator.Wrap(handle)) log.Printf("Ready") http.ListenAndServe(":8080", nil) }
func (mp *MainPage) ServeHTTP(w http.ResponseWriter, r *http.Request) { if mp.BasicAuth { staticContentHandler := &Authentication{User: mp.UserName, Password: mp.UserPassword} authWrapper := httpauth.NewBasicAuthenticator("Gotail", staticContentHandler.Secret) authWrapper.Wrap(mp.AuthTail).ServeHTTP(w, r) } else { mp.Tail(w, r) } }
func middleware(h http.HandlerFunc, middleware ...func(http.HandlerFunc) http.HandlerFunc) http.HandlerFunc { for _, m := range middleware { h = m(h) } // TODO: Get this to only be setup once. authenticator := auth.NewBasicAuthenticator( "trajectory.com", GetSecret(getLoginConfig())) return auth.JustCheck(authenticator, h) }
func setupWeb() { authenticator := auth.NewBasicAuthenticator( "trajectory.com", GetSecret(getLoginConfig())) http.HandleFunc( "/", authenticator.Wrap(func( res http.ResponseWriter, req *auth.AuthenticatedRequest) { http.FileServer(http.Dir("./web/")).ServeHTTP(res, &req.Request) })) }
func StartHTTPServer(port string) { htpasswd := auth.HtpasswdFileProvider(conf.PasswdFile) authenticator := auth.NewBasicAuthenticator("Basic realm", htpasswd) http.HandleFunc(ROUTE_INSERT, authenticator.Wrap(insertHandler)) http.HandleFunc(ROUTE_DELETE, authenticator.Wrap(deleteHandler)) http.HandleFunc(ROUTE_STATIC, authenticator.Wrap(staticHandler)) http.HandleFunc(ROUTE_GET, authenticator.Wrap(getHandler)) http.HandleFunc(ROUTE_LIST, authenticator.Wrap(listHandler)) //http.ListenAndServe(port, nil) http.ListenAndServeTLS(port, conf.TLSPemFile, conf.TLSKeyFile, nil) }
func main() { flag.Parse() // seed the RNG, otherwise we would have same randomness on every startup // which should not, but might in worst case interfere with leftover-mails // from earlier starts of the binary rand.Seed(time.Now().Unix()) err := parse_conf(*conf_path) if err != nil { fmt.Println(err) os.Exit(1) } wg := new(sync.WaitGroup) wg.Add(len(globalconf.Servers)) // now fire up the monitoring jobs for _, c := range globalconf.Servers { fmt.Println("starting monitoring for config", c["Name"]) go monitor(c, wg) // keep a timedelta between monitoring jobs to avoid strong interference time.Sleep(startupOffsetTime) } fmt.Println("starting HTTP-endpoint") if *useAuth { authenticator := auth.NewBasicAuthenticator("prometheus", Secret) http.HandleFunc(globalconf.Http_endpoint, auth.JustCheck(authenticator, prometheus.Handler().ServeHTTP)) } else { http.Handle(globalconf.Http_endpoint, prometheus.Handler()) } if *useTLS { err = http.ListenAndServeTLS(":"+globalconf.Http_port, globalconf.Crt_path, globalconf.Key_path, nil) } else { err = http.ListenAndServe(":"+globalconf.Http_port, nil) } if err != nil { fmt.Println(err) } // wait for goroutines to exit // otherwise main would terminate and the goroutines monitoring would be killed wg.Wait() }
func main() { flag.Parse() PersistenceObj = GetPersistenceLayer(*persistence) if PersistenceObj == nil { log.Err("Unable to load persistence plugin " + *persistence) panic("Dying") } var err error ConfigObj, err = PersistenceObj.GetConfig() if err != nil { log.Err("Unable to load config from persistence plugin " + *persistence) panic("Dying") } if ConfigObj.PidFile != *haproxyPidFile { ConfigObj.PidFile = *haproxyPidFile } r := mux.NewRouter() // Define paths sub := r.PathPrefix("/api").Subrouter() // Wire the UI (outside of muxer) http.Handle("/ui/", http.StripPrefix("/ui/", http.FileServer(http.Dir(*uiLocation)))) // Display handlers sub.HandleFunc("/config", configHandler).Methods("GET") sub.HandleFunc("/reload", configReloadHandler).Methods("GET") sub.HandleFunc("/backend/{backend}", backendHandler).Methods("GET") sub.HandleFunc("/backend/{backend}", backendAddHandler).Methods("POST") sub.HandleFunc("/backend/{backend}", backendDeleteHandler).Methods("DELETE") sub.HandleFunc("/backend/{backend}/server/{server}", backendServerHandler).Methods("GET") sub.HandleFunc("/backend/{backend}/server/{server}", backendServerAddHandler).Methods("POST") sub.HandleFunc("/backend/{backend}/server/{server}", backendServerDeleteHandler).Methods("DELETE") s := &http.Server{ Addr: *bind, ReadTimeout: 10 * time.Second, WriteTimeout: 10 * time.Second, MaxHeaderBytes: 1 << 20, } h := auth.HtpasswdFileProvider(*htpasswd) a := auth.NewBasicAuthenticator("haproxy config", h) http.Handle("/", a.Wrap(func(w http.ResponseWriter, ar *auth.AuthenticatedRequest) { r.ServeHTTP(w, &ar.Request) })) log.Err(s.ListenAndServe().Error()) }
func main() { setLogging() config = readConfig(getPath("conf")) authenticator := auth.NewBasicAuthenticator( "example.com", func(user, realm string) string { return Secret(config, user, realm) }) http.HandleFunc("/", authenticator.Wrap(handle)) http.HandleFunc("/last-seen-employees", authenticator.Wrap(showLastSeenEmployees)) http.ListenAndServe(":8080", nil) }
func (h *httpServer) Listen(address string) error { fs := http.FileServer(http.Dir("web/assets")) secrets := auth.HtpasswdFileProvider(h.secrets) authenticator := auth.NewBasicAuthenticator("Basic Realm", secrets) http.HandleFunc("/", h.Root) http.Handle("/assets/", http.StripPrefix("/assets/", fs)) http.HandleFunc("/songs", h.Songs) http.HandleFunc("/song/", h.Song) http.HandleFunc("/ws", ws.Handle) http.HandleFunc("/play/", authenticator.Wrap(h.Play)) return http.ListenAndServe(address, nil) }
func main() { pwd, _ := os.Getwd() //Set config path and type viper.SetConfigName("config") viper.AddConfigPath(pwd) viper.AddConfigPath("/etc/ddesktop/") viper.SetConfigType("yaml") //Read config err := viper.ReadInConfig() if err != nil { log.Fatalln(err) } log.Println(viper.GetString("container.prefix")) //Cleanup existing containers dockerhandler.CleanUp() //Pull new docker image if viper.GetBool("container.pull") { dockerhandler.PullImage() } //Get authentication setting htpasswd := auth.HtpasswdFileProvider(viper.GetString("htpasswd.path")) authenticator := auth.NewBasicAuthenticator(".ddesktop", htpasswd) //Start server log.Printf("Starting server on http://0.0.0.0:" + viper.GetString("server.port.http") + " and https://0.0.0.0:" + viper.GetString("server.port.https") + "...") http.Handle("/websockify", auth.JustCheck(authenticator, wsproxy.WsProxy())) http.HandleFunc("/", auth.JustCheck(authenticator, server.Static())) go func() { if err := http.ListenAndServeTLS(":"+viper.GetString("server.port.https"), viper.GetString("ssl.cert"), viper.GetString("ssl.key"), nil); err != nil { log.Fatalln(err) } }() if err := http.ListenAndServe(":"+viper.GetString("server.port.http"), http.HandlerFunc(server.RedirectHttps)); err != nil { log.Fatalln(err) } }
func main() { var mongoUrl = flag.String("db", "petrucho-db", "MongoDB URL") flag.Parse() ctx := context.Background() ctx = db.OpenMongoDB(ctx, "main", *mongoUrl) defer db.Close(ctx) kami.Context = ctx secret := func(email, realm string) string { u := User{} users := userStorage(ctx) err := users.Find(bson.M{"email": email, "confirmed": true}).One(&u) if err != nil { return "" } return u.Password } authenticator := auth.NewBasicAuthenticator("Restricted", secret) kami.Get("/", homeHandler) kami.Get("/register", registrationForm) kami.Post("/register", registerUser) kami.Get("/confirm/:token", confirmRegistration) kami.Get("/users", viewAllUsers) kami.Get("/users/:email", viewUser) kami.Use("/users/:email/edit", func(ctx context.Context, w http.ResponseWriter, r *http.Request) context.Context { var username string authenticator.Wrap(func(w http.ResponseWriter, r *auth.AuthenticatedRequest) { username = r.Username })(w, r) if len(username) == 0 { return nil } return context.WithValue(ctx, "auth", username) }) kami.Get("/users/:email/edit", editProfileForm) kami.Post("/users/:email/edit", updateProfile) kami.Serve() }
func main() { folderPath, errpath := osext.ExecutableFolder() if errpath != nil { fmt.Printf("Couldn't get cwd. Check permissions!\n") return } if _, err := os.Stat(folderPath + ".htpasswd"); os.IsNotExist(err) { fmt.Printf(folderPath + ".htpasswd doesn't exist in cwd!\n") return } secrets := auth.HtpasswdFileProvider(folderPath + ".htpasswd") authenticator := auth.NewBasicAuthenticator("Seyes Echelon", secrets) http.HandleFunc("/record_log", auth.JustCheck(authenticator, handle)) fmt.Println("Server starting on port " + os.Args[1] + " ....\n") http.ListenAndServe(":"+os.Args[1], nil) }
func New(runInDebugMode bool, templatesLocation string, usersPasswordFileLocation string, storageFactory model.VFStorageGroup, srvlog *logs.ServerLog) http.Handler { if defaultRouter != nil { return defaultRouter } serverlog = srvlog defaultUserAuthenticator = auth.NewBasicAuthenticator("myrealm", auth.HtpasswdFileProvider(usersPasswordFileLocation)) defaultStorageFactory = storageFactory results.TemplatesDir = templatesLocation results.DebugMode = runInDebugMode defaultRouter = mux.NewRouter() adminRouter := mux.NewRouter() apiRouter := mux.NewRouter() handleVFolder(apiRouter) handleCtrlPanel(adminRouter) handlePlayground(apiRouter) defaultRouter.PathPrefix("/api").Handler( negroni.New( negroni.HandlerFunc(authorized), negroni.Wrap(apiRouter), ), ) defaultRouter.PathPrefix("/admin").Handler( negroni.New( negroni.HandlerFunc(authorized), negroni.HandlerFunc(adminOnly), negroni.Wrap(adminRouter), ), ) defaultRouter.PathPrefix("/static").Handler(http.StripPrefix("/static", http.FileServer(http.Dir("./server/static")))) return defaultRouter }
func main() { programName := os.Args[0] absPath, _ := filepath.Abs(programName) haproxyConsoleRoot = path.Dir(path.Dir(absPath)) port := flag.String("p", "9090", "port to run the web server") configuration := flag.String("config", "", "path to the app config file") toolMode := flag.Bool("t", false, "run this program as a tool to export data from database to json or from json to database") flag.Parse() configPath := *configuration if configPath == "" { defaultConfigPath := haproxyConsoleRoot + "/conf/app_conf.ini" fmt.Printf("You not set the configPath, so try to use the default config path: %s\n", defaultConfigPath) if _, e := os.Stat(defaultConfigPath); os.IsNotExist(e) { fmt.Println("Not Exit default config file") os.Exit(1) } else { configPath = defaultConfigPath } } var err error logger = getLogger() appConf, err = config.ParseConfig(configPath) if err != nil { fmt.Println(err) return } if *toolMode { // 数据转换存储方式 err := tools.StorageTransform(appConf) tools.CheckError(err) } else { // 存储连接初始化 db, err = applicationDB.InitStoreConnection(appConf) if err != nil { logger.Fatalln(err) os.Exit(1) } defer db.Close() // 请求路由 http.Handle("/static/", http.StripPrefix("/static/", http.FileServer(http.Dir(haproxyConsoleRoot+"/static/")))) // basic auth user: admin, passwd: 1qazXSW@ authenticator := auth.NewBasicAuthenticator("HAProxyConsole", auth.HtpasswdFileProvider(haproxyConsoleRoot+"/conf/md5passwd")) http.HandleFunc("/applyvport", authenticator.Wrap(applyVPort)) http.HandleFunc("/edittask", authenticator.Wrap(editTask)) http.HandleFunc("/listenlist", authenticator.Wrap(getListenList)) http.HandleFunc("/dellistentask", authenticator.Wrap(delListenTask)) http.HandleFunc("/applyconf", authenticator.Wrap(applyConf)) http.HandleFunc("/statspage", statsPage) http.HandleFunc("/", authenticator.Wrap(getHomePage)) // 启动http服务 err = http.ListenAndServe(":"+*port, nil) if err != nil { logger.Fatalln("ListenAndServe: ", err) } } }
func NewHttpBasicAuthenticator(htpasswdFile string) *HttpBasicAuthenticator { return &HttpBasicAuthenticator{ //secretFunc: httpauth.HtpasswdFileProvider(htpasswdFile), basicAuth: httpauth.NewBasicAuthenticator("vindalu", httpauth.HtpasswdFileProvider(htpasswdFile)), } }
func main() { parseConfig() bootstrap() if wikiConfig.version { fmt.Printf("Strapdown Wiki Server - v%s\n", SERVER_VERSION) os.Exit(0) } // try open the repo repo, err := git.OpenRepository(".") if err != nil { log.Printf("git repository not found at current directory. please use `-init` switch or run `git init` in this directory") log.Fatal(err) os.Exit(2) } else { repo.Free() } // load auth file if _, err := os.Stat(wikiConfig.auth); len(wikiConfig.auth) > 0 && (!os.IsNotExist(err)) { authenticator = auth.NewBasicAuthenticator("strapdown.ztx.io", auth.HtpasswdFileProvider(wikiConfig.auth)) // should we replace the url here? log.Printf("use authentication file: %s", wikiConfig.auth) } else { log.Printf("authentication file not exist, disable http authentication") } if _, err := os.Stat("_static"); os.IsNotExist(err) { // release the files log.Print("Seems you don't have `_static` folder, release one to hold the static file") files := AssetNames() for _, name := range files { if strings.HasSuffix(name, ".html") || strings.HasSuffix(name, "fav.ico") { continue } file, err := Asset(name) if err != nil { log.Printf("[ WARN ] fail to load: %s", name) } err = os.MkdirAll(path.Dir(name), 0700) if err != nil { log.Printf("[ WARN ] fail to create folder: %s", path.Dir(name)) } err = ioutil.WriteFile(name, file, 0644) if err != nil { log.Printf("[ WARN ] cannot write file: %v", err) } } } if _, err := os.Stat(".md"); os.IsNotExist(err) { // release a default .md log.Print("Release default .md") file, err := Asset("_static/.md") if err != nil { log.Printf("[ WARN ] fail to load .md") } err = ioutil.WriteFile(".md", file, 0644) if err != nil { log.Printf("[ WARN ] cannot write default .md: %v", err) } } if _, err := os.Stat("favicon.ico"); os.IsNotExist(err) { // release the files log.Print("Release the favicon.ico") file, err := Asset("_static/fav.ico") if err != nil { log.Printf("[ WARN ] fail to load favicon.ico") } err = ioutil.WriteFile("favicon.ico", file, 0644) if err != nil { log.Printf("[ WARN ] cannot write default favicon.ico: %v", err) } } http.HandleFunc("/", handleFunc) // listen on the (multi) addresss cnt := 0 ch := make(chan bool) for _, host := range strings.Split(wikiConfig.addr, ",") { cnt += 1 log.Printf("[ %d ] listening on %s", cnt, host) go func(h string, aid int) { e := http.ListenAndServe(h, nil) if e != nil { log.Printf("[ %d ] failed to bind on %s: %v", aid, h, e) ch <- false } else { ch <- true } }(host, cnt) } for cnt > 0 { <-ch cnt -= 1 } }
func main() { authenticator := auth.NewBasicAuthenticator("example.com", Secret) http.HandleFunc("/", authenticator.Wrap(handle)) http.ListenAndServe(":8080", nil) }
func main() { flag.Usage = func() { // It is unfortunate that we need to re-implement flag.PrintDefaults(), // but I cannot see any other way to achieve the grouping of flags. fmt.Fprintf(os.Stderr, "RobustIRC server (= node)\n") fmt.Fprintf(os.Stderr, "\n") fmt.Fprintf(os.Stderr, "The following flags are REQUIRED:\n") printDefault(flag.Lookup("network_name")) printDefault(flag.Lookup("network_password")) printDefault(flag.Lookup("peer_addr")) printDefault(flag.Lookup("tls_cert_path")) printDefault(flag.Lookup("tls_key_path")) fmt.Fprintf(os.Stderr, "\n") fmt.Fprintf(os.Stderr, "The following flags are only relevant when bootstrapping the network (once):\n") printDefault(flag.Lookup("join")) printDefault(flag.Lookup("singlenode")) fmt.Fprintf(os.Stderr, "\n") fmt.Fprintf(os.Stderr, "The following flags are optional:\n") printDefault(flag.Lookup("dump_canary_state")) printDefault(flag.Lookup("dump_heap_profile")) printDefault(flag.Lookup("canary_compaction_start")) printDefault(flag.Lookup("listen")) printDefault(flag.Lookup("raftdir")) printDefault(flag.Lookup("tls_ca_file")) printDefault(flag.Lookup("version")) fmt.Fprintf(os.Stderr, "\n") fmt.Fprintf(os.Stderr, "The following flags are optional and provided by glog:\n") printDefault(flag.Lookup("alsologtostderr")) printDefault(flag.Lookup("log_backtrace_at")) printDefault(flag.Lookup("log_dir")) printDefault(flag.Lookup("log_total_bytes")) printDefault(flag.Lookup("logtostderr")) printDefault(flag.Lookup("stderrthreshold")) printDefault(flag.Lookup("v")) printDefault(flag.Lookup("vmodule")) } flag.Parse() // Store logs in -raftdir, unless otherwise specified. if flag.Lookup("log_dir").Value.String() == "" { flag.Set("log_dir", *raftDir) } defer glog.Flush() glog.MaxSize = 64 * 1024 * 1024 glog.CopyStandardLogTo("INFO") log.Printf("RobustIRC %s\n", Version) if *version { return } if _, err := os.Stat(filepath.Join(*raftDir, "deletestate")); err == nil { if err := os.RemoveAll(*raftDir); err != nil { log.Fatal(err) } if err := os.Mkdir(*raftDir, 0700); err != nil { log.Fatal(err) } log.Printf("Deleted %q because %q existed\n", *raftDir, filepath.Join(*raftDir, "deletestate")) } if err := outputstream.DeleteOldDatabases(*raftDir); err != nil { log.Fatalf("Could not delete old outputstream databases: %v\n", err) } if err := deleteOldCompactionDatabases(*raftDir); err != nil { glog.Errorf("Could not delete old compaction databases: %v (ignoring)\n", err) } log.Printf("Initializing RobustIRC…\n") if *networkPassword == "" { *networkPassword = os.Getenv("ROBUSTIRC_NETWORK_PASSWORD") } if *networkPassword == "" { log.Fatalf("-network_password not set. You MUST protect your network.\n") } digest := sha1.New() digest.Write([]byte(*networkPassword)) passwordHash := "{SHA}" + base64.StdEncoding.EncodeToString(digest.Sum(nil)) if *network == "" { log.Fatalf("-network_name not set, but required.\n") } if *peerAddr == "" { log.Printf("-peer_addr not set, initializing to %q. Make sure %q is a host:port string that other raft nodes can connect to!\n", *listen, *listen) *peerAddr = *listen } ircServer = ircserver.NewIRCServer(*raftDir, *network, time.Now()) transport := rafthttp.NewHTTPTransport( *peerAddr, // Not deadlined, otherwise snapshot installments fail. robusthttp.Client(*networkPassword, false), nil, "") peerStore = raft.NewJSONPeers(*raftDir, transport) if *join == "" && !*singleNode { peers, err := peerStore.Peers() if err != nil { log.Fatal(err.Error()) } if len(peers) == 0 { if !*timesafeguard.DisableTimesafeguard { log.Fatalf("No peers known and -join not specified. Joining the network is not safe because timesafeguard cannot be called.\n") } } else { if len(peers) == 1 && peers[0] == *peerAddr { // To prevent crashlooping too frequently in case the init system directly restarts our process. time.Sleep(10 * time.Second) log.Fatalf("Only known peer is myself (%q), implying this node was removed from the network. Please kill the process and remove the data.\n", *peerAddr) } if err := timesafeguard.SynchronizedWithNetwork(*peerAddr, peers, *networkPassword); err != nil { log.Fatal(err.Error()) } } } var p []string config := raft.DefaultConfig() config.Logger = log.New(glog.LogBridgeFor("INFO"), "", log.Lshortfile) if *singleNode { config.EnableSingleNode = true } // Keep 5 snapshots in *raftDir/snapshots, log to stderr. fss, err := raft.NewFileSnapshotStore(*raftDir, 5, nil) if err != nil { log.Fatal(err) } // How often to check whether a snapshot should be taken. The check is // cheap, and the default value far too high for networks with a high // number of messages/s. // At the same time, it is important that we don’t check too early, // otherwise recovering from the most recent snapshot doesn’t work because // after recovering, a new snapshot (over the 0 committed messages) will be // taken immediately, effectively overwriting the result of the snapshot // recovery. config.SnapshotInterval = 300 * time.Second // Batch as many messages as possible into a single appendEntries RPC. // There is no downside to setting this too high. config.MaxAppendEntries = 1024 // It could be that the heartbeat goroutine is not scheduled for a while, // so relax the default of 500ms. config.LeaderLeaseTimeout = timesafeguard.ElectionTimeout config.HeartbeatTimeout = timesafeguard.ElectionTimeout config.ElectionTimeout = timesafeguard.ElectionTimeout // We use prometheus, so hook up the metrics package (used by raft) to // prometheus as well. sink, err := metrics_prometheus.NewPrometheusSink() if err != nil { log.Fatal(err) } metrics.NewGlobal(metrics.DefaultConfig("raftmetrics"), sink) bootstrapping := *singleNode || *join != "" logStore, err := raft_store.NewLevelDBStore(filepath.Join(*raftDir, "raftlog"), bootstrapping) if err != nil { log.Fatal(err) } ircStore, err = raft_store.NewLevelDBStore(filepath.Join(*raftDir, "irclog"), bootstrapping) if err != nil { log.Fatal(err) } fsm := &FSM{ store: logStore, ircstore: ircStore, lastSnapshotState: make(map[uint64][]byte), } logcache, err := raft.NewLogCache(config.MaxAppendEntries, logStore) if err != nil { log.Fatal(err) } node, err = raft.NewRaft(config, fsm, logcache, logStore, fss, peerStore, transport) if err != nil { log.Fatal(err) } if *dumpCanaryState != "" { canary(fsm, *dumpCanaryState) if *dumpHeapProfile != "" { debug.FreeOSMemory() f, err := os.Create(*dumpHeapProfile) if err != nil { log.Fatal(err) } defer f.Close() pprof.WriteHeapProfile(f) } return } go func() { for { secondsInState.WithLabelValues(node.State().String()).Inc() time.Sleep(1 * time.Second) } }() privaterouter := httprouter.New() privaterouter.Handler("GET", "/", exitOnRecoverHandleFunc(handleStatus)) privaterouter.Handler("GET", "/irclog", exitOnRecoverHandleFunc(handleIrclog)) privaterouter.Handler("POST", "/raft/*rest", exitOnRecoverHandler(transport)) privaterouter.Handler("POST", "/join", exitOnRecoverHandleFunc(handleJoin)) privaterouter.Handler("POST", "/part", exitOnRecoverHandleFunc(handlePart)) privaterouter.Handler("GET", "/snapshot", exitOnRecoverHandleFunc(handleSnapshot)) privaterouter.Handler("GET", "/leader", exitOnRecoverHandleFunc(handleLeader)) privaterouter.Handler("POST", "/quit", exitOnRecoverHandleFunc(handleQuit)) privaterouter.Handler("GET", "/config", exitOnRecoverHandleFunc(handleGetConfig)) privaterouter.Handler("POST", "/config", exitOnRecoverHandleFunc(handlePostConfig)) privaterouter.Handler("GET", "/metrics", exitOnRecoverHandler(prometheus.Handler())) publicrouter := httprouter.New() publicrouter.Handle("POST", "/robustirc/v1/:sessionid", exitOnRecoverHandle(handleCreateSession)) publicrouter.Handle("POST", "/robustirc/v1/:sessionid/message", exitOnRecoverHandle(handlePostMessage)) publicrouter.Handle("GET", "/robustirc/v1/:sessionid/messages", exitOnRecoverHandle(handleGetMessages)) publicrouter.Handle("DELETE", "/robustirc/v1/:sessionid", exitOnRecoverHandle(handleDeleteSession)) a := auth.NewBasicAuthenticator("robustirc", func(user, realm string) string { if user == "robustirc" { return passwordHash } return "" }) http.Handle("/robustirc/", publicrouter) http.Handle("/", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { if username := a.CheckAuth(r); username == "" { a.RequireAuth(w, r) } else { privaterouter.ServeHTTP(w, r) } })) srv := http.Server{Addr: *listen} if err := http2.ConfigureServer(&srv, nil); err != nil { log.Fatal(err) } // Manually create the net.TCPListener so that joinMaster() does not run // into connection refused errors (the master will try to contact the // node before acknowledging the join). srv.TLSConfig.Certificates = make([]tls.Certificate, 1) srv.TLSConfig.Certificates[0], err = tls.LoadX509KeyPair(*tlsCertPath, *tlsKeyPath) if err != nil { log.Fatal(err) } ln, err := net.Listen("tcp", *listen) if err != nil { log.Fatal(err) } tlsListener := tls.NewListener(tcpKeepAliveListener{ln.(*net.TCPListener)}, srv.TLSConfig) go srv.Serve(tlsListener) log.Printf("RobustIRC listening on %q. For status, see %s\n", *peerAddr, fmt.Sprintf("https://*****:*****@%s/", *networkPassword, *peerAddr)) if *join != "" { if err := timesafeguard.SynchronizedWithMasterAndNetwork(*peerAddr, *join, *networkPassword); err != nil { log.Fatal(err.Error()) } p = joinMaster(*join, peerStore) // TODO(secure): properly handle joins on the server-side where the joining node is already in the network. } if len(p) > 0 { node.SetPeers(p) } expireSessionsTimer := time.After(expireSessionsInterval) secondTicker := time.Tick(1 * time.Second) for { select { case <-secondTicker: if node.State() == raft.Shutdown { log.Fatal("Node removed from the network (in raft state shutdown), terminating.") } case <-expireSessionsTimer: expireSessionsTimer = time.After(expireSessionsInterval) // Race conditions (a node becoming a leader or ceasing to be the // leader shortly before/after this runs) are okay, since the timer // is triggered often enough on every node so that it will // eventually run on the leader. if node.State() != raft.Leader { continue } applyMu.Lock() for _, msg := range ircServer.ExpireSessions() { // Cannot fail, no user input. msgbytes, _ := json.Marshal(msg) f := node.Apply(msgbytes, 10*time.Second) if err := f.Error(); err != nil { log.Printf("Apply(): %v\n", err) break } } applyMu.Unlock() } } }
func main() { flag.Parse() instances := flag.Args() if len(instances) < 1 { log.Print("No Octopress instances were specified.") flag.PrintDefaults() return } log.Print("Octopress API v" + Version + " / API v" + CurrentApiVersion) // Compile all instances into sites log.Print("Compiling instances into sites") for i := range instances { log.Print("Processing site " + instances[i]) site, err := getSite(instances[i]) if err != nil { panic(err) } log.Print("Identified site name " + site.Name) MySitesMap[site.Key] = site } r := mux.NewRouter() // Handle UI prefix http.Handle("/ui/", http.StripPrefix("/ui/", http.FileServer(http.Dir(*uiLocation)))) api := r.PathPrefix("/api").Subrouter() // Common to all version api.HandleFunc("/version", versionHandler).Methods("GET") // API Version 1.0 subV1_0 := api.PathPrefix("/1.0").Subrouter() subV1_0.HandleFunc("/version", versionHandler).Methods("GET") subV1_0.HandleFunc("/sites", sitesHandler).Methods("GET") subV1_0.HandleFunc("/site/commit/{site}", gitCommitHandler).Methods("GET") subV1_0.HandleFunc("/site/deploy/{site}", deployHandler).Methods("GET") subV1_0.HandleFunc("/post/categories/{site}", postCategoriesHandler).Methods("GET") subV1_0.HandleFunc("/post/list/{site}", listPostsHandler).Methods("GET") subV1_0.HandleFunc("/post/get/{site}/{slug}", getPostHandler).Methods("GET") subV1_0.HandleFunc("/post/new/{site}/{postname}", newPostHandler).Methods("GET") subV1_0.HandleFunc("/post/update/{site}/{slug}", updatePostHandler).Methods("POST") // Redirection for home r.HandleFunc("/", homeRedirectHandler) s := &http.Server{ Addr: *bind, ReadTimeout: 90 * time.Second, WriteTimeout: 90 * time.Second, MaxHeaderBytes: 1 << 20, } // Handle authentication a := auth.NewBasicAuthenticator("Octopress API", SimpleSecurityProvider(*username, *password)) http.Handle("/", a.Wrap(func(w http.ResponseWriter, ar *auth.AuthenticatedRequest) { r.ServeHTTP(w, &ar.Request) })) // Run actual server log.Print("Starting server on " + *bind) log.Print(s.ListenAndServe().Error()) }
func main() { parseConfig() bootstrap() // try open the repo repo, err := git.OpenRepository(".") if err != nil { log.Printf("git repository not found at current directory. please use `-init` switch or run `git init` in this directory") log.Fatal(err) os.Exit(2) } else { repo.Free() } // load auth file if _, err := os.Stat(wikiConfig.auth); len(wikiConfig.auth) > 0 && (!os.IsNotExist(err)) { authenticator = auth.NewBasicAuthenticator("strapdown.ztx.io", auth.HtpasswdFileProvider(wikiConfig.auth)) // should we replace the url here? log.Printf("use authentication file: %s", wikiConfig.auth) } else { log.Printf("authentication file not exist, disable http authentication") } if _, err := os.Stat(".md"); os.IsNotExist(err) { // release a default .md log.Print("Release default .md") file, err := Asset("_static/.md") if err != nil { log.Printf("[ WARN ] fail to load .md") } err = ioutil.WriteFile(".md", file, 0644) if err != nil { log.Printf("[ WARN ] cannot write default .md: %v", err) } } if _, err := os.Stat("favicon.ico"); os.IsNotExist(err) { // release the files log.Print("Release the favicon.ico") file, err := Asset("_static/fav.ico") if err != nil { log.Printf("[ WARN ] fail to load favicon.ico") } err = ioutil.WriteFile("favicon.ico", file, 0644) if err != nil { log.Printf("[ WARN ] cannot write default favicon.ico: %v", err) } } http.HandleFunc("/", handleFunc) // listen on the (multi) addresss cnt := 0 ch := make(chan bool) for _, host := range strings.Split(wikiConfig.addr, ",") { cnt += 1 log.Printf("[ %d ] listening on %s", cnt, host) go func(h string, aid int) { e := http.ListenAndServe(h, nil) if e != nil { log.Printf("[ %d ] failed to bind on %s: %v", aid, h, e) ch <- false } else { ch <- true } }(host, cnt) } for cnt > 0 { <-ch cnt -= 1 } }
func main() { defer glog.Flush() flag.Parse() if *versionFlag { fmt.Printf("cAdvisor version %s\n", info.VERSION) os.Exit(0) } setMaxProcs() storageDriver, err := NewStorageDriver(*argDbDriver) if err != nil { glog.Fatalf("Failed to connect to database: %s", err) } sysFs, err := sysfs.NewRealSysFs() if err != nil { glog.Fatalf("Failed to create a system interface: %s", err) } containerManager, err := manager.New(storageDriver, sysFs) if err != nil { glog.Fatalf("Failed to create a Container Manager: %s", err) } // Register Docker. if err := docker.Register(containerManager); err != nil { glog.Errorf("Docker registration failed: %v.", err) } // Register the raw driver. if err := raw.Register(containerManager); err != nil { glog.Fatalf("Raw registration failed: %v.", err) } // Basic health handler. if err := healthz.RegisterHandler(); err != nil { glog.Fatalf("Failed to register healthz handler: %s", err) } // Validation/Debug handler. http.HandleFunc(validate.ValidatePage, func(w http.ResponseWriter, r *http.Request) { err := validate.HandleRequest(w, containerManager) if err != nil { fmt.Fprintf(w, "%s", err) } }) // Register API handler. if err := api.RegisterHandlers(containerManager); err != nil { glog.Fatalf("Failed to register API handlers: %s", err) } // Redirect / to containers page. http.Handle("/", http.RedirectHandler(pages.ContainersPage, http.StatusTemporaryRedirect)) var authenticated bool = false // Setup the authenticator object if *httpAuthFile != "" { glog.Infof("Using auth file %s", *httpAuthFile) secrets := auth.HtpasswdFileProvider(*httpAuthFile) authenticator := auth.NewBasicAuthenticator(*httpAuthRealm, secrets) http.HandleFunc(static.StaticResource, authenticator.Wrap(staticHandler)) if err := pages.RegisterHandlersBasic(containerManager, authenticator); err != nil { glog.Fatalf("Failed to register pages auth handlers: %s", err) } authenticated = true } if *httpAuthFile == "" && *httpDigestFile != "" { glog.Infof("Using digest file %s", *httpDigestFile) secrets := auth.HtdigestFileProvider(*httpDigestFile) authenticator := auth.NewDigestAuthenticator(*httpDigestRealm, secrets) http.HandleFunc(static.StaticResource, authenticator.Wrap(staticHandler)) if err := pages.RegisterHandlersDigest(containerManager, authenticator); err != nil { glog.Fatalf("Failed to register pages digest handlers: %s", err) } authenticated = true } // Change handler based on authenticator initalization if !authenticated { http.HandleFunc(static.StaticResource, staticHandlerNoAuth) if err := pages.RegisterHandlersBasic(containerManager, nil); err != nil { glog.Fatalf("Failed to register pages handlers: %s", err) } } // Start the manager. if err := containerManager.Start(); err != nil { glog.Fatalf("Failed to start container manager: %v", err) } // Install signal handler. installSignalHandler(containerManager) glog.Infof("Starting cAdvisor version: %q on port %d", info.VERSION, *argPort) addr := fmt.Sprintf("%s:%d", *argIp, *argPort) glog.Fatal(http.ListenAndServe(addr, nil)) }