RoadSign/pkg/hypertext/server.go
2024-09-29 23:51:05 +08:00

140 lines
3.9 KiB
Go

package hypertext
import (
"crypto/tls"
"git.solsynth.dev/goatworks/roadsign/pkg/hypertext/status"
jsoniter "github.com/json-iterator/go"
"net"
"net/http"
"strings"
"time"
"github.com/gofiber/fiber/v2"
"github.com/gofiber/fiber/v2/middleware/limiter"
"github.com/gofiber/fiber/v2/middleware/logger"
"github.com/gofiber/template/html/v2"
"github.com/rs/zerolog/log"
"github.com/spf13/viper"
)
func InitServer() *fiber.App {
views := html.NewFileSystem(http.FS(status.FS), ".gohtml")
app := fiber.New(fiber.Config{
ViewsLayout: "views/index",
AppName: "RoadSign",
ServerHeader: "RoadSign",
DisableStartupMessage: true,
EnableIPValidation: true,
Views: views,
ErrorHandler: status.StatusPageHandler,
JSONDecoder: jsoniter.ConfigCompatibleWithStandardLibrary.Unmarshal,
JSONEncoder: jsoniter.ConfigCompatibleWithStandardLibrary.Marshal,
ProxyHeader: fiber.HeaderXForwardedFor,
Prefork: viper.GetBool("performance.prefork"),
BodyLimit: viper.GetInt("hypertext.limitation.max_body_size"),
})
if viper.GetBool("hypertext.force_https") {
app.Use(func(c *fiber.Ctx) error {
if !c.Secure() {
return c.Redirect(
strings.Replace(c.Request().URI().String(), "http", "https", 1),
fiber.StatusMovedPermanently,
)
}
return c.Next()
})
}
if viper.GetBool("telemetry.request_logging") {
app.Use(logger.New(logger.Config{
Output: log.Logger,
Format: "[Proxies] [${time}] ${status} - ${latency} ${method} ${path}\n",
}))
}
if viper.GetInt("hypertext.limitation.max_qps") > 0 {
app.Use(limiter.New(limiter.Config{
Max: viper.GetInt("hypertext.limitation.max_qps"),
Expiration: 1 * time.Second,
LimitReached: func(c *fiber.Ctx) error {
return fiber.ErrTooManyRequests
},
}))
}
app.All("/*", ProxiesHandler)
return app
}
type CertificateConfig struct {
Key string `json:"key"`
Pem string `json:"pem"`
}
func RunServer(app *fiber.App, ports []string, securedPorts []string) {
var certs []CertificateConfig
raw, _ := jsoniter.Marshal(viper.Get("hypertext.certificate"))
_ = jsoniter.Unmarshal(raw, &certs)
tlsCfg := &tls.Config{
MinVersion: tls.VersionTLS12,
Certificates: []tls.Certificate{},
}
for _, info := range certs {
cert, err := tls.LoadX509KeyPair(info.Pem, info.Key)
if err != nil {
log.Error().Err(err).
Str("pem", info.Pem).
Str("key", info.Key).
Msg("An error occurred when loading certificate.")
} else {
tlsCfg.Certificates = append(tlsCfg.Certificates, cert)
}
}
for _, port := range ports {
port := port
go func() {
if viper.GetBool("hypertext.redirect_to_https") {
redirector := fiber.New(fiber.Config{
AppName: "RoadSign",
ServerHeader: "RoadSign",
DisableStartupMessage: true,
EnableIPValidation: true,
})
redirector.All("/", func(c *fiber.Ctx) error {
return c.Redirect(strings.ReplaceAll(string(c.Request().URI().FullURI()), "http", "https"))
})
if err := redirector.Listen(port); err != nil {
log.Panic().Err(err).Msg("An error occurred when listening hypertext non-tls ports.")
}
} else {
if err := app.Listen(port); err != nil {
log.Panic().Err(err).Msg("An error occurred when listening hypertext non-tls ports.")
}
}
}()
log.Info().Msgf("Listening for %s... http://0.0.0.0%s", app.Config().AppName, port)
}
for _, port := range securedPorts {
port := port
go func() {
listener, err := net.Listen("tcp", port)
if err != nil {
log.Panic().Err(err).Msg("An error occurred when listening hypertext tls ports.")
}
if err := app.Listener(tls.NewListener(listener, tlsCfg)); err != nil {
log.Panic().Err(err).Msg("An error occurred when listening hypertext tls ports.")
}
}()
log.Info().Msgf("Listening for %s... https://0.0.0.0%s", app.Config().AppName, port)
}
}