-
Notifications
You must be signed in to change notification settings - Fork 0
/
main.go
166 lines (142 loc) · 4.5 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
package main
import (
"context"
"crypto/tls"
"net/http"
"os"
"time"
"github.com/gorilla/handlers"
"github.com/gorilla/mux"
"github.com/sirupsen/logrus"
"github.com/stormforger/testapp/internal/ulimit"
"github.com/stormforger/testapp/server"
)
type testAppConfig struct {
Port string
PortTLS string
ShutdownCode string
HttpReadTimeout time.Duration
HttpWriteTimeout time.Duration
DisableTLS bool
ServerCertificateFile string
ServerPrivateKeyFile string
DebugTLS bool
}
func configFromENV() testAppConfig {
port := getEnv("PORT", "8080")
portTLS := getEnv("TLS_PORT", "8443")
shutdownCode := os.Getenv("SHUTDOWN_CODE")
httpReadTimeout, err := time.ParseDuration(getEnv("HTTP_READ_TIMEOUT", "15s"))
if err != nil {
logrus.WithError(err).Fatal("HTTP_READ_TIMEOUT parsing failed")
}
httpWriteTimeout, err := time.ParseDuration(getEnv("HTTP_WRITE_TIMEOUT", "15s"))
if err != nil {
logrus.WithError(err).Fatal("HTTP_WRITE_TIMEOUT parsing failed")
}
disableTLS := getEnv("DISABLE_TLS", "false") == "true"
serverCertificateFile := getEnv("TLS_CERT", "data/pki/server.cert.pem")
serverPrivateKeyFile := getEnv("TLS_KEY", "data/pki/server.key.pem")
tlsConnectionInspection := getEnv("TLS_DEBUG", "false") == "true"
return testAppConfig{
Port: port,
PortTLS: portTLS,
ShutdownCode: shutdownCode,
HttpReadTimeout: httpReadTimeout,
HttpWriteTimeout: httpWriteTimeout,
DisableTLS: disableTLS,
ServerCertificateFile: serverCertificateFile,
ServerPrivateKeyFile: serverPrivateKeyFile,
DebugTLS: tlsConnectionInspection,
}
}
func main() {
config := configFromENV()
if config.ShutdownCode == "" {
logrus.Warn("SHUTDOWN_CODE not configured!")
}
if _, _, _, err := ulimit.SetNoFileLimitToMax(); err != nil {
logrus.WithError(err).Error("failed to change ulimit")
}
ctx, cancel := context.WithCancel(context.Background()) // create a context for the shutdown handler to kill the servers
r := provideServerHandler(config, cancel)
if !config.DisableTLS {
httpsServer := provideHttpsServer(r, config)
if config.DebugTLS {
setupTLSConnectionInspection(httpsServer)
}
logrus.Infof("Starting HTTPS server at %s", httpsServer.Addr)
go func() {
err := httpsServer.ListenAndServeTLS(config.ServerCertificateFile, config.ServerPrivateKeyFile)
if err != nil && err != http.ErrServerClosed {
logrus.Fatal(err)
}
}()
go func() {
<-ctx.Done()
logrus.Info("Shutting down https server on request")
httpsServer.Shutdown(context.Background())
}()
}
// HTTP Server
httpServer := provideHttpServer(r, config)
logrus.Infof("Starting HTTP server at :%s", httpServer.Addr)
go func() {
err := httpServer.ListenAndServe()
if err != nil && err != http.ErrServerClosed {
logrus.Fatal(err)
}
}()
<-ctx.Done()
logrus.Info("Shutting down http server on request")
httpServer.Shutdown(context.Background())
}
func getEnv(key, fallback string) string {
if value, ok := os.LookupEnv(key); ok {
return value
}
return fallback
}
func provideServerHandler(config testAppConfig, cancel context.CancelFunc) http.Handler {
r := mux.NewRouter()
// Install our command routes
x := r.PathPrefix("/cmd").Subrouter()
x.HandleFunc("/shutdown", func(w http.ResponseWriter, r *http.Request) {
if config.ShutdownCode == "" || r.URL.Query().Get("code") != config.ShutdownCode {
http.Error(w, "Forbidden - code required", http.StatusForbidden)
return
}
w.Write([]byte("OK"))
cancel() // signal the shutdown workers
})
// Demo Server Routes
r.Use(server.DelayMiddleware)
r.Use(server.ReadRequestBodyMiddleware)
r.Use(handlers.CompressHandler)
server.RegisterTestAppRoutes(r)
if !config.DisableTLS {
server.RegisterX509Routes(r, config.ServerCertificateFile, config.ServerPrivateKeyFile)
}
server.RegisterStaticHandler(r)
return r
}
func provideHttpServer(handler http.Handler, config testAppConfig) *http.Server {
return &http.Server{
Handler: handler,
Addr: ":" + config.Port,
WriteTimeout: config.HttpWriteTimeout,
ReadTimeout: config.HttpReadTimeout,
}
}
func provideHttpsServer(handler http.Handler, config testAppConfig) *http.Server {
return &http.Server{
Handler: handler,
Addr: ":" + config.PortTLS,
WriteTimeout: config.HttpWriteTimeout,
ReadTimeout: config.HttpReadTimeout,
TLSConfig: &tls.Config{
InsecureSkipVerify: true,
ClientAuth: tls.RequestClientCert,
},
}
}