source: code/trunk/cmd/soju/main.go@ 694

Last change on this file since 694 was 694, checked in by contact, 4 years ago

Add config option to globally disable multi-upstream mode

Closes: https://todo.sr.ht/~emersion/soju/122
File size: 7.1 KB
RevLine 
[98]1package main
2
3import (
[477]4 "context"
[98]5 "crypto/tls"
6 "flag"
[491]7 "fmt"
[636]8 "io/ioutil"
[98]9 "log"
10 "net"
[323]11 "net/http"
[317]12 "net/url"
[449]13 "os"
14 "os/signal"
[317]15 "strings"
[475]16 "sync/atomic"
[449]17 "syscall"
[477]18 "time"
[98]19
[418]20 "github.com/pires/go-proxyproto"
21
[98]22 "git.sr.ht/~emersion/soju"
23 "git.sr.ht/~emersion/soju/config"
24)
25
[477]26// TCP keep-alive interval for downstream TCP connections
27const downstreamKeepAlive = 1 * time.Hour
28
[491]29type stringSliceFlag []string
30
31func (v *stringSliceFlag) String() string {
32 return fmt.Sprint([]string(*v))
33}
34
35func (v *stringSliceFlag) Set(s string) error {
36 *v = append(*v, s)
37 return nil
38}
39
[687]40func bumpOpenedFileLimit() error {
41 var rlimit syscall.Rlimit
42 if err := syscall.Getrlimit(syscall.RLIMIT_NOFILE, &rlimit); err != nil {
43 return fmt.Errorf("failed to get RLIMIT_NOFILE: %v", err)
44 }
45 rlimit.Cur = rlimit.Max
46 if err := syscall.Setrlimit(syscall.RLIMIT_NOFILE, &rlimit); err != nil {
47 return fmt.Errorf("failed to set RLIMIT_NOFILE: %v", err)
48 }
49 return nil
50}
51
[691]52var (
53 configPath string
54 debug bool
55
56 tlsCert atomic.Value // *tls.Certificate
57)
58
59func loadConfig() (*config.Server, *soju.Config, error) {
60 var raw *config.Server
61 if configPath != "" {
62 var err error
63 raw, err = config.Load(configPath)
64 if err != nil {
65 return nil, nil, fmt.Errorf("failed to load config file: %v", err)
66 }
67 } else {
68 raw = config.Defaults()
69 }
70
71 var motd string
72 if raw.MOTDPath != "" {
73 b, err := ioutil.ReadFile(raw.MOTDPath)
74 if err != nil {
75 return nil, nil, fmt.Errorf("failed to load MOTD: %v", err)
76 }
77 motd = strings.TrimSuffix(string(b), "\n")
78 }
79
80 if raw.TLS != nil {
81 cert, err := tls.LoadX509KeyPair(raw.TLS.CertPath, raw.TLS.KeyPath)
82 if err != nil {
83 return nil, nil, fmt.Errorf("failed to load TLS certificate and key: %v", err)
84 }
85 tlsCert.Store(&cert)
86 }
87
88 cfg := &soju.Config{
89 Hostname: raw.Hostname,
90 Title: raw.Title,
91 LogPath: raw.LogPath,
92 HTTPOrigins: raw.HTTPOrigins,
93 AcceptProxyIPs: raw.AcceptProxyIPs,
94 MaxUserNetworks: raw.MaxUserNetworks,
[694]95 MultiUpstream: raw.MultiUpstream,
[691]96 Debug: debug,
97 MOTD: motd,
98 }
99 return raw, cfg, nil
100}
101
[98]102func main() {
[491]103 var listen []string
104 flag.Var((*stringSliceFlag)(&listen), "listen", "listening address")
[98]105 flag.StringVar(&configPath, "config", "", "path to configuration file")
106 flag.BoolVar(&debug, "debug", false, "enable debug logging")
107 flag.Parse()
108
[691]109 cfg, serverCfg, err := loadConfig()
110 if err != nil {
111 log.Fatal(err)
[98]112 }
113
[491]114 cfg.Listen = append(cfg.Listen, listen...)
[317]115 if len(cfg.Listen) == 0 {
116 cfg.Listen = []string{":6697"}
117 }
[98]118
[687]119 if err := bumpOpenedFileLimit(); err != nil {
120 log.Printf("failed to bump max number of opened files: %v", err)
121 }
122
[620]123 db, err := soju.OpenDB(cfg.SQLDriver, cfg.SQLSource)
[98]124 if err != nil {
125 log.Fatalf("failed to open database: %v", err)
126 }
127
[317]128 var tlsCfg *tls.Config
[98]129 if cfg.TLS != nil {
[475]130 tlsCfg = &tls.Config{
131 GetCertificate: func(*tls.ClientHelloInfo) (*tls.Certificate, error) {
132 return tlsCert.Load().(*tls.Certificate), nil
133 },
134 }
[98]135 }
136
137 srv := soju.NewServer(db)
[691]138 srv.SetConfig(serverCfg)
[98]139
[317]140 for _, listen := range cfg.Listen {
141 listenURI := listen
142 if !strings.Contains(listenURI, ":/") {
143 // This is a raw domain name, make it an URL with an empty scheme
144 listenURI = "//" + listenURI
[98]145 }
[317]146 u, err := url.Parse(listenURI)
147 if err != nil {
148 log.Fatalf("failed to parse listen URI %q: %v", listen, err)
149 }
150
151 switch u.Scheme {
152 case "ircs", "":
153 if tlsCfg == nil {
154 log.Fatalf("failed to listen on %q: missing TLS configuration", listen)
155 }
156 host := u.Host
157 if _, _, err := net.SplitHostPort(host); err != nil {
158 host = host + ":6697"
159 }
[470]160 ircsTLSCfg := tlsCfg.Clone()
161 ircsTLSCfg.NextProtos = []string{"irc"}
[477]162 lc := net.ListenConfig{
163 KeepAlive: downstreamKeepAlive,
164 }
165 l, err := lc.Listen(context.Background(), "tcp", host)
[317]166 if err != nil {
167 log.Fatalf("failed to start TLS listener on %q: %v", listen, err)
168 }
[477]169 ln := tls.NewListener(l, ircsTLSCfg)
[418]170 ln = proxyProtoListener(ln, srv)
[317]171 go func() {
[449]172 if err := srv.Serve(ln); err != nil {
173 log.Printf("serving %q: %v", listen, err)
174 }
[317]175 }()
176 case "irc+insecure":
177 host := u.Host
178 if _, _, err := net.SplitHostPort(host); err != nil {
179 host = host + ":6667"
180 }
[477]181 lc := net.ListenConfig{
182 KeepAlive: downstreamKeepAlive,
183 }
184 ln, err := lc.Listen(context.Background(), "tcp", host)
[317]185 if err != nil {
186 log.Fatalf("failed to start listener on %q: %v", listen, err)
187 }
[418]188 ln = proxyProtoListener(ln, srv)
[317]189 go func() {
[449]190 if err := srv.Serve(ln); err != nil {
191 log.Printf("serving %q: %v", listen, err)
192 }
[317]193 }()
[466]194 case "unix":
195 ln, err := net.Listen("unix", u.Path)
196 if err != nil {
197 log.Fatalf("failed to start listener on %q: %v", listen, err)
198 }
199 ln = proxyProtoListener(ln, srv)
200 go func() {
201 if err := srv.Serve(ln); err != nil {
202 log.Printf("serving %q: %v", listen, err)
203 }
204 }()
[323]205 case "wss":
[581]206 if tlsCfg == nil {
207 log.Fatalf("failed to listen on %q: missing TLS configuration", listen)
208 }
[323]209 addr := u.Host
210 if _, _, err := net.SplitHostPort(addr); err != nil {
211 addr = addr + ":https"
212 }
213 httpSrv := http.Server{
214 Addr: addr,
215 TLSConfig: tlsCfg,
216 Handler: srv,
217 }
218 go func() {
[449]219 if err := httpSrv.ListenAndServeTLS("", ""); err != nil {
220 log.Fatalf("serving %q: %v", listen, err)
221 }
[323]222 }()
223 case "ws+insecure":
224 addr := u.Host
225 if _, _, err := net.SplitHostPort(addr); err != nil {
226 addr = addr + ":http"
227 }
228 httpSrv := http.Server{
229 Addr: addr,
230 Handler: srv,
231 }
232 go func() {
[449]233 if err := httpSrv.ListenAndServe(); err != nil {
234 log.Fatalf("serving %q: %v", listen, err)
235 }
[323]236 }()
[385]237 case "ident":
238 if srv.Identd == nil {
239 srv.Identd = soju.NewIdentd()
240 }
241
242 host := u.Host
243 if _, _, err := net.SplitHostPort(host); err != nil {
244 host = host + ":113"
245 }
246 ln, err := net.Listen("tcp", host)
247 if err != nil {
248 log.Fatalf("failed to start listener on %q: %v", listen, err)
249 }
[418]250 ln = proxyProtoListener(ln, srv)
[385]251 go func() {
[449]252 if err := srv.Identd.Serve(ln); err != nil {
253 log.Printf("serving %q: %v", listen, err)
254 }
[385]255 }()
[317]256 default:
257 log.Fatalf("failed to listen on %q: unsupported scheme", listen)
258 }
259
260 log.Printf("server listening on %q", listen)
261 }
[449]262
263 sigCh := make(chan os.Signal, 1)
[475]264 signal.Notify(sigCh, syscall.SIGINT, syscall.SIGTERM, syscall.SIGHUP)
[449]265
266 if err := srv.Start(); err != nil {
267 log.Fatal(err)
268 }
269
[475]270 for sig := range sigCh {
271 switch sig {
272 case syscall.SIGHUP:
[691]273 log.Print("reloading configuration")
274 _, serverCfg, err := loadConfig()
275 if err != nil {
276 log.Printf("failed to reloading configuration: %v", err)
277 } else {
278 srv.SetConfig(serverCfg)
[475]279 }
280 case syscall.SIGINT, syscall.SIGTERM:
281 log.Print("shutting down server")
282 srv.Shutdown()
283 return
284 }
285 }
[98]286}
[418]287
288func proxyProtoListener(ln net.Listener, srv *soju.Server) net.Listener {
289 return &proxyproto.Listener{
290 Listener: ln,
291 Policy: func(upstream net.Addr) (proxyproto.Policy, error) {
292 tcpAddr, ok := upstream.(*net.TCPAddr)
293 if !ok {
294 return proxyproto.IGNORE, nil
295 }
[691]296 if srv.Config().AcceptProxyIPs.Contains(tcpAddr.IP) {
[418]297 return proxyproto.USE, nil
298 }
299 return proxyproto.IGNORE, nil
300 },
[592]301 ReadHeaderTimeout: 5 * time.Second,
[418]302 }
303}
Note: See TracBrowser for help on using the repository browser.