2023-11-16 15:06:59 +00:00
|
|
|
package hypertext
|
|
|
|
|
|
|
|
|
|
import (
|
2024-01-31 07:13:57 +00:00
|
|
|
"code.smartsheep.studio/goatworks/roadsign/pkg/hypertext/status"
|
2024-01-29 11:25:10 +00:00
|
|
|
"crypto/tls"
|
2023-12-16 04:35:42 +00:00
|
|
|
jsoniter "github.com/json-iterator/go"
|
2024-01-29 11:25:10 +00:00
|
|
|
"net"
|
2024-01-31 07:13:57 +00:00
|
|
|
"net/http"
|
2023-12-31 17:42:32 +00:00
|
|
|
"strings"
|
2023-11-25 15:06:23 +00:00
|
|
|
"time"
|
|
|
|
|
|
2023-11-16 15:06:59 +00:00
|
|
|
"github.com/gofiber/fiber/v2"
|
|
|
|
|
"github.com/gofiber/fiber/v2/middleware/limiter"
|
2023-11-25 15:06:23 +00:00
|
|
|
"github.com/gofiber/fiber/v2/middleware/logger"
|
2024-01-31 07:13:57 +00:00
|
|
|
"github.com/gofiber/template/html/v2"
|
2023-11-16 15:06:59 +00:00
|
|
|
"github.com/rs/zerolog/log"
|
|
|
|
|
"github.com/spf13/viper"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
func InitServer() *fiber.App {
|
2024-01-31 07:13:57 +00:00
|
|
|
views := html.NewFileSystem(http.FS(status.FS), ".gohtml")
|
2023-11-16 15:06:59 +00:00
|
|
|
app := fiber.New(fiber.Config{
|
2024-01-31 07:13:57 +00:00
|
|
|
ViewsLayout: "views/index",
|
2023-11-16 15:06:59 +00:00
|
|
|
AppName: "RoadSign",
|
2023-12-16 04:03:25 +00:00
|
|
|
ServerHeader: "RoadSign",
|
2023-11-16 15:06:59 +00:00
|
|
|
DisableStartupMessage: true,
|
|
|
|
|
EnableIPValidation: true,
|
2024-01-31 07:13:57 +00:00
|
|
|
Views: views,
|
|
|
|
|
ErrorHandler: status.StatusPageHandler,
|
2023-12-16 04:35:42 +00:00
|
|
|
JSONDecoder: jsoniter.ConfigCompatibleWithStandardLibrary.Unmarshal,
|
|
|
|
|
JSONEncoder: jsoniter.ConfigCompatibleWithStandardLibrary.Marshal,
|
2023-11-16 15:06:59 +00:00
|
|
|
Prefork: viper.GetBool("performance.prefork"),
|
|
|
|
|
BodyLimit: viper.GetInt("hypertext.limitation.max_body_size"),
|
|
|
|
|
})
|
|
|
|
|
|
2024-01-30 16:36:04 +00:00
|
|
|
if viper.GetBool("hypertext.force_https") {
|
|
|
|
|
app.Use(func(c *fiber.Ctx) error {
|
|
|
|
|
if !c.Secure() {
|
|
|
|
|
return c.Redirect(
|
|
|
|
|
strings.Replace(c.Request().URI().String(), "http", "https", 1),
|
|
|
|
|
fiber.StatusMovedPermanently,
|
|
|
|
|
)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return c.Next()
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
2024-01-26 07:31:19 +00:00
|
|
|
if viper.GetBool("telemetry.request_logging") {
|
2023-11-30 14:35:40 +00:00
|
|
|
app.Use(logger.New(logger.Config{
|
|
|
|
|
Output: log.Logger,
|
|
|
|
|
Format: "[Proxies] [${time}] ${status} - ${latency} ${method} ${path}\n",
|
|
|
|
|
}))
|
|
|
|
|
}
|
2023-11-25 15:06:23 +00:00
|
|
|
|
2023-11-16 15:06:59 +00:00
|
|
|
if viper.GetInt("hypertext.limitation.max_qps") > 0 {
|
|
|
|
|
app.Use(limiter.New(limiter.Config{
|
|
|
|
|
Max: viper.GetInt("hypertext.limitation.max_qps"),
|
|
|
|
|
Expiration: 1 * time.Second,
|
2024-01-31 07:13:57 +00:00
|
|
|
LimitReached: func(c *fiber.Ctx) error {
|
|
|
|
|
return fiber.ErrTooManyRequests
|
|
|
|
|
},
|
2023-11-16 15:06:59 +00:00
|
|
|
}))
|
|
|
|
|
}
|
|
|
|
|
|
2024-01-31 07:13:57 +00:00
|
|
|
app.All("/*", ProxiesHandler)
|
2023-11-16 15:06:59 +00:00
|
|
|
|
|
|
|
|
return app
|
|
|
|
|
}
|
|
|
|
|
|
2024-01-29 11:25:10 +00:00
|
|
|
type CertificateConfig struct {
|
|
|
|
|
Key string `json:"key"`
|
|
|
|
|
Pem string `json:"pem"`
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func RunServer(app *fiber.App, ports []string, securedPorts []string) {
|
|
|
|
|
var certs []CertificateConfig
|
|
|
|
|
raw, _ := jsoniter.Marshal(viper.Get("hypertext.certificate"))
|
|
|
|
|
jsoniter.Unmarshal(raw, &certs)
|
|
|
|
|
|
|
|
|
|
tlsCfg := &tls.Config{
|
|
|
|
|
MinVersion: tls.VersionTLS12,
|
|
|
|
|
Certificates: []tls.Certificate{},
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for _, info := range certs {
|
|
|
|
|
cert, err := tls.LoadX509KeyPair(info.Pem, info.Key)
|
|
|
|
|
if err != nil {
|
|
|
|
|
log.Error().Err(err).
|
|
|
|
|
Str("pem", info.Pem).
|
|
|
|
|
Str("key", info.Key).
|
|
|
|
|
Msg("An error occurred when loading certificate.")
|
|
|
|
|
} else {
|
|
|
|
|
tlsCfg.Certificates = append(tlsCfg.Certificates, cert)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2023-11-17 16:23:40 +00:00
|
|
|
for _, port := range ports {
|
2023-11-16 15:06:59 +00:00
|
|
|
port := port
|
|
|
|
|
go func() {
|
2024-01-26 07:31:19 +00:00
|
|
|
if viper.GetBool("hypertext.redirect_to_https") {
|
2023-12-31 17:42:32 +00:00
|
|
|
redirector := fiber.New(fiber.Config{
|
|
|
|
|
AppName: "RoadSign",
|
|
|
|
|
ServerHeader: "RoadSign",
|
|
|
|
|
DisableStartupMessage: true,
|
|
|
|
|
EnableIPValidation: true,
|
|
|
|
|
})
|
|
|
|
|
redirector.All("/", func(c *fiber.Ctx) error {
|
|
|
|
|
return c.Redirect(strings.ReplaceAll(string(c.Request().URI().FullURI()), "http", "https"))
|
|
|
|
|
})
|
|
|
|
|
if err := redirector.Listen(port); err != nil {
|
2024-01-29 11:25:10 +00:00
|
|
|
log.Panic().Err(err).Msg("An error occurred when listening hypertext non-tls ports.")
|
2023-12-31 17:42:32 +00:00
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
if err := app.Listen(port); err != nil {
|
2024-01-29 11:25:10 +00:00
|
|
|
log.Panic().Err(err).Msg("An error occurred when listening hypertext non-tls ports.")
|
2023-12-31 17:42:32 +00:00
|
|
|
}
|
2023-11-16 15:06:59 +00:00
|
|
|
}
|
|
|
|
|
}()
|
|
|
|
|
}
|
|
|
|
|
|
2023-11-17 16:23:40 +00:00
|
|
|
for _, port := range securedPorts {
|
2023-11-16 15:06:59 +00:00
|
|
|
port := port
|
|
|
|
|
go func() {
|
2024-01-29 11:25:10 +00:00
|
|
|
listener, err := net.Listen("tcp", port)
|
|
|
|
|
if err != nil {
|
|
|
|
|
log.Panic().Err(err).Msg("An error occurred when listening hypertext tls ports.")
|
|
|
|
|
}
|
|
|
|
|
if err := app.Listener(tls.NewListener(listener, tlsCfg)); err != nil {
|
2023-11-16 15:06:59 +00:00
|
|
|
log.Panic().Err(err).Msg("An error occurred when listening hypertext tls ports.")
|
|
|
|
|
}
|
|
|
|
|
}()
|
|
|
|
|
}
|
|
|
|
|
}
|
