Context Navigation

source: code/trunk/cmd/soju/main.go@ 692

Last change on this file since 692 was 691, checked in by contact, 4 years ago

Allow most config options to be reloaded

Closes: https://todo.sr.ht/~emersion/soju/42

File size: 7.1 KB

Line
1	package main
2
3	import (
4	"context"
5	"crypto/tls"
6	"flag"
7	"fmt"
8	"io/ioutil"
9	"log"
10	"net"
11	"net/http"
12	"net/url"
13	"os"
14	"os/signal"
15	"strings"
16	"sync/atomic"
17	"syscall"
18	"time"
19
20	"github.com/pires/go-proxyproto"
21
22	"git.sr.ht/~emersion/soju"
23	"git.sr.ht/~emersion/soju/config"
24	)
25
26	// TCP keep-alive interval for downstream TCP connections
27	const downstreamKeepAlive = 1 * time.Hour
28
29	type stringSliceFlag []string
30
31	func (v *stringSliceFlag) String() string {
32	return fmt.Sprint([]string(*v))
33	}
34
35	func (v *stringSliceFlag) Set(s string) error {
36	v = append(v, s)
37	return nil
38	}
39
40	func bumpOpenedFileLimit() error {
41	var rlimit syscall.Rlimit
42	if err := syscall.Getrlimit(syscall.RLIMIT_NOFILE, &rlimit); err != nil {
43	return fmt.Errorf("failed to get RLIMIT_NOFILE: %v", err)
44	}
45	rlimit.Cur = rlimit.Max
46	if err := syscall.Setrlimit(syscall.RLIMIT_NOFILE, &rlimit); err != nil {
47	return fmt.Errorf("failed to set RLIMIT_NOFILE: %v", err)
48	}
49	return nil
50	}
51
52	var (
53	configPath string
54	debug bool
55
56	tlsCert atomic.Value // *tls.Certificate
57	)
58
59	func loadConfig() (config.Server, soju.Config, error) {
60	var raw *config.Server
61	if configPath != "" {
62	var err error
63	raw, err = config.Load(configPath)
64	if err != nil {
65	return nil, nil, fmt.Errorf("failed to load config file: %v", err)
66	}
67	} else {
68	raw = config.Defaults()
69	}
70
71	var motd string
72	if raw.MOTDPath != "" {
73	b, err := ioutil.ReadFile(raw.MOTDPath)
74	if err != nil {
75	return nil, nil, fmt.Errorf("failed to load MOTD: %v", err)
76	}
77	motd = strings.TrimSuffix(string(b), "\n")
78	}
79
80	if raw.TLS != nil {
81	cert, err := tls.LoadX509KeyPair(raw.TLS.CertPath, raw.TLS.KeyPath)
82	if err != nil {
83	return nil, nil, fmt.Errorf("failed to load TLS certificate and key: %v", err)
84	}
85	tlsCert.Store(&cert)
86	}
87
88	cfg := &soju.Config{
89	Hostname: raw.Hostname,
90	Title: raw.Title,
91	LogPath: raw.LogPath,
92	HTTPOrigins: raw.HTTPOrigins,
93	AcceptProxyIPs: raw.AcceptProxyIPs,
94	MaxUserNetworks: raw.MaxUserNetworks,
95	Debug: debug,
96	MOTD: motd,
97	}
98	return raw, cfg, nil
99	}
100
101	func main() {
102	var listen []string
103	flag.Var((*stringSliceFlag)(&listen), "listen", "listening address")
104	flag.StringVar(&configPath, "config", "", "path to configuration file")
105	flag.BoolVar(&debug, "debug", false, "enable debug logging")
106	flag.Parse()
107
108	cfg, serverCfg, err := loadConfig()
109	if err != nil {
110	log.Fatal(err)
111	}
112
113	cfg.Listen = append(cfg.Listen, listen...)
114	if len(cfg.Listen) == 0 {
115	cfg.Listen = []string{":6697"}
116	}
117
118	if err := bumpOpenedFileLimit(); err != nil {
119	log.Printf("failed to bump max number of opened files: %v", err)
120	}
121
122	db, err := soju.OpenDB(cfg.SQLDriver, cfg.SQLSource)
123	if err != nil {
124	log.Fatalf("failed to open database: %v", err)
125	}
126
127	var tlsCfg *tls.Config
128	if cfg.TLS != nil {
129	tlsCfg = &tls.Config{
130	GetCertificate: func(tls.ClientHelloInfo) (tls.Certificate, error) {
131	return tlsCert.Load().(*tls.Certificate), nil
132	},
133	}
134	}
135
136	srv := soju.NewServer(db)
137	srv.SetConfig(serverCfg)
138
139	for _, listen := range cfg.Listen {
140	listenURI := listen
141	if !strings.Contains(listenURI, ":/") {
142	// This is a raw domain name, make it an URL with an empty scheme
143	listenURI = "//" + listenURI
144	}
145	u, err := url.Parse(listenURI)
146	if err != nil {
147	log.Fatalf("failed to parse listen URI %q: %v", listen, err)
148	}
149
150	switch u.Scheme {
151	case "ircs", "":
152	if tlsCfg == nil {
153	log.Fatalf("failed to listen on %q: missing TLS configuration", listen)
154	}
155	host := u.Host
156	if _, _, err := net.SplitHostPort(host); err != nil {
157	host = host + ":6697"
158	}
159	ircsTLSCfg := tlsCfg.Clone()
160	ircsTLSCfg.NextProtos = []string{"irc"}
161	lc := net.ListenConfig{
162	KeepAlive: downstreamKeepAlive,
163	}
164	l, err := lc.Listen(context.Background(), "tcp", host)
165	if err != nil {
166	log.Fatalf("failed to start TLS listener on %q: %v", listen, err)
167	}
168	ln := tls.NewListener(l, ircsTLSCfg)
169	ln = proxyProtoListener(ln, srv)
170	go func() {
171	if err := srv.Serve(ln); err != nil {
172	log.Printf("serving %q: %v", listen, err)
173	}
174	}()
175	case "irc+insecure":
176	host := u.Host
177	if _, _, err := net.SplitHostPort(host); err != nil {
178	host = host + ":6667"
179	}
180	lc := net.ListenConfig{
181	KeepAlive: downstreamKeepAlive,
182	}
183	ln, err := lc.Listen(context.Background(), "tcp", host)
184	if err != nil {
185	log.Fatalf("failed to start listener on %q: %v", listen, err)
186	}
187	ln = proxyProtoListener(ln, srv)
188	go func() {
189	if err := srv.Serve(ln); err != nil {
190	log.Printf("serving %q: %v", listen, err)
191	}
192	}()
193	case "unix":
194	ln, err := net.Listen("unix", u.Path)
195	if err != nil {
196	log.Fatalf("failed to start listener on %q: %v", listen, err)
197	}
198	ln = proxyProtoListener(ln, srv)
199	go func() {
200	if err := srv.Serve(ln); err != nil {
201	log.Printf("serving %q: %v", listen, err)
202	}
203	}()
204	case "wss":
205	if tlsCfg == nil {
206	log.Fatalf("failed to listen on %q: missing TLS configuration", listen)
207	}
208	addr := u.Host
209	if _, _, err := net.SplitHostPort(addr); err != nil {
210	addr = addr + ":https"
211	}
212	httpSrv := http.Server{
213	Addr: addr,
214	TLSConfig: tlsCfg,
215	Handler: srv,
216	}
217	go func() {
218	if err := httpSrv.ListenAndServeTLS("", ""); err != nil {
219	log.Fatalf("serving %q: %v", listen, err)
220	}
221	}()
222	case "ws+insecure":
223	addr := u.Host
224	if _, _, err := net.SplitHostPort(addr); err != nil {
225	addr = addr + ":http"
226	}
227	httpSrv := http.Server{
228	Addr: addr,
229	Handler: srv,
230	}
231	go func() {
232	if err := httpSrv.ListenAndServe(); err != nil {
233	log.Fatalf("serving %q: %v", listen, err)
234	}
235	}()
236	case "ident":
237	if srv.Identd == nil {
238	srv.Identd = soju.NewIdentd()
239	}
240
241	host := u.Host
242	if _, _, err := net.SplitHostPort(host); err != nil {
243	host = host + ":113"
244	}
245	ln, err := net.Listen("tcp", host)
246	if err != nil {
247	log.Fatalf("failed to start listener on %q: %v", listen, err)
248	}
249	ln = proxyProtoListener(ln, srv)
250	go func() {
251	if err := srv.Identd.Serve(ln); err != nil {
252	log.Printf("serving %q: %v", listen, err)
253	}
254	}()
255	default:
256	log.Fatalf("failed to listen on %q: unsupported scheme", listen)
257	}
258
259	log.Printf("server listening on %q", listen)
260	}
261
262	sigCh := make(chan os.Signal, 1)
263	signal.Notify(sigCh, syscall.SIGINT, syscall.SIGTERM, syscall.SIGHUP)
264
265	if err := srv.Start(); err != nil {
266	log.Fatal(err)
267	}
268
269	for sig := range sigCh {
270	switch sig {
271	case syscall.SIGHUP:
272	log.Print("reloading configuration")
273	_, serverCfg, err := loadConfig()
274	if err != nil {
275	log.Printf("failed to reloading configuration: %v", err)
276	} else {
277	srv.SetConfig(serverCfg)
278	}
279	case syscall.SIGINT, syscall.SIGTERM:
280	log.Print("shutting down server")
281	srv.Shutdown()
282	return
283	}
284	}
285	}
286
287	func proxyProtoListener(ln net.Listener, srv *soju.Server) net.Listener {
288	return &proxyproto.Listener{
289	Listener: ln,
290	Policy: func(upstream net.Addr) (proxyproto.Policy, error) {
291	tcpAddr, ok := upstream.(*net.TCPAddr)
292	if !ok {
293	return proxyproto.IGNORE, nil
294	}
295	if srv.Config().AcceptProxyIPs.Contains(tcpAddr.IP) {
296	return proxyproto.USE, nil
297	}
298	return proxyproto.IGNORE, nil
299	},
300	ReadHeaderTimeout: 5 * time.Second,
301	}
302	}

Note: See TracBrowser for help on using the repository browser.

Download in other formats: