Context Navigation

source: code/trunk/cmd/soju/main.go@ 699

Last change on this file since 699 was 694, checked in by contact, 4 years ago

Add config option to globally disable multi-upstream mode

Closes: https://todo.sr.ht/~emersion/soju/122

File size: 7.1 KB

Line
1	package main
2
3	import (
4	"context"
5	"crypto/tls"
6	"flag"
7	"fmt"
8	"io/ioutil"
9	"log"
10	"net"
11	"net/http"
12	"net/url"
13	"os"
14	"os/signal"
15	"strings"
16	"sync/atomic"
17	"syscall"
18	"time"
19
20	"github.com/pires/go-proxyproto"
21
22	"git.sr.ht/~emersion/soju"
23	"git.sr.ht/~emersion/soju/config"
24	)
25
26	// TCP keep-alive interval for downstream TCP connections
27	const downstreamKeepAlive = 1 * time.Hour
28
29	type stringSliceFlag []string
30
31	func (v *stringSliceFlag) String() string {
32	return fmt.Sprint([]string(*v))
33	}
34
35	func (v *stringSliceFlag) Set(s string) error {
36	v = append(v, s)
37	return nil
38	}
39
40	func bumpOpenedFileLimit() error {
41	var rlimit syscall.Rlimit
42	if err := syscall.Getrlimit(syscall.RLIMIT_NOFILE, &rlimit); err != nil {
43	return fmt.Errorf("failed to get RLIMIT_NOFILE: %v", err)
44	}
45	rlimit.Cur = rlimit.Max
46	if err := syscall.Setrlimit(syscall.RLIMIT_NOFILE, &rlimit); err != nil {
47	return fmt.Errorf("failed to set RLIMIT_NOFILE: %v", err)
48	}
49	return nil
50	}
51
52	var (
53	configPath string
54	debug bool
55
56	tlsCert atomic.Value // *tls.Certificate
57	)
58
59	func loadConfig() (config.Server, soju.Config, error) {
60	var raw *config.Server
61	if configPath != "" {
62	var err error
63	raw, err = config.Load(configPath)
64	if err != nil {
65	return nil, nil, fmt.Errorf("failed to load config file: %v", err)
66	}
67	} else {
68	raw = config.Defaults()
69	}
70
71	var motd string
72	if raw.MOTDPath != "" {
73	b, err := ioutil.ReadFile(raw.MOTDPath)
74	if err != nil {
75	return nil, nil, fmt.Errorf("failed to load MOTD: %v", err)
76	}
77	motd = strings.TrimSuffix(string(b), "\n")
78	}
79
80	if raw.TLS != nil {
81	cert, err := tls.LoadX509KeyPair(raw.TLS.CertPath, raw.TLS.KeyPath)
82	if err != nil {
83	return nil, nil, fmt.Errorf("failed to load TLS certificate and key: %v", err)
84	}
85	tlsCert.Store(&cert)
86	}
87
88	cfg := &soju.Config{
89	Hostname: raw.Hostname,
90	Title: raw.Title,
91	LogPath: raw.LogPath,
92	HTTPOrigins: raw.HTTPOrigins,
93	AcceptProxyIPs: raw.AcceptProxyIPs,
94	MaxUserNetworks: raw.MaxUserNetworks,
95	MultiUpstream: raw.MultiUpstream,
96	Debug: debug,
97	MOTD: motd,
98	}
99	return raw, cfg, nil
100	}
101
102	func main() {
103	var listen []string
104	flag.Var((*stringSliceFlag)(&listen), "listen", "listening address")
105	flag.StringVar(&configPath, "config", "", "path to configuration file")
106	flag.BoolVar(&debug, "debug", false, "enable debug logging")
107	flag.Parse()
108
109	cfg, serverCfg, err := loadConfig()
110	if err != nil {
111	log.Fatal(err)
112	}
113
114	cfg.Listen = append(cfg.Listen, listen...)
115	if len(cfg.Listen) == 0 {
116	cfg.Listen = []string{":6697"}
117	}
118
119	if err := bumpOpenedFileLimit(); err != nil {
120	log.Printf("failed to bump max number of opened files: %v", err)
121	}
122
123	db, err := soju.OpenDB(cfg.SQLDriver, cfg.SQLSource)
124	if err != nil {
125	log.Fatalf("failed to open database: %v", err)
126	}
127
128	var tlsCfg *tls.Config
129	if cfg.TLS != nil {
130	tlsCfg = &tls.Config{
131	GetCertificate: func(tls.ClientHelloInfo) (tls.Certificate, error) {
132	return tlsCert.Load().(*tls.Certificate), nil
133	},
134	}
135	}
136
137	srv := soju.NewServer(db)
138	srv.SetConfig(serverCfg)
139
140	for _, listen := range cfg.Listen {
141	listenURI := listen
142	if !strings.Contains(listenURI, ":/") {
143	// This is a raw domain name, make it an URL with an empty scheme
144	listenURI = "//" + listenURI
145	}
146	u, err := url.Parse(listenURI)
147	if err != nil {
148	log.Fatalf("failed to parse listen URI %q: %v", listen, err)
149	}
150
151	switch u.Scheme {
152	case "ircs", "":
153	if tlsCfg == nil {
154	log.Fatalf("failed to listen on %q: missing TLS configuration", listen)
155	}
156	host := u.Host
157	if _, _, err := net.SplitHostPort(host); err != nil {
158	host = host + ":6697"
159	}
160	ircsTLSCfg := tlsCfg.Clone()
161	ircsTLSCfg.NextProtos = []string{"irc"}
162	lc := net.ListenConfig{
163	KeepAlive: downstreamKeepAlive,
164	}
165	l, err := lc.Listen(context.Background(), "tcp", host)
166	if err != nil {
167	log.Fatalf("failed to start TLS listener on %q: %v", listen, err)
168	}
169	ln := tls.NewListener(l, ircsTLSCfg)
170	ln = proxyProtoListener(ln, srv)
171	go func() {
172	if err := srv.Serve(ln); err != nil {
173	log.Printf("serving %q: %v", listen, err)
174	}
175	}()
176	case "irc+insecure":
177	host := u.Host
178	if _, _, err := net.SplitHostPort(host); err != nil {
179	host = host + ":6667"
180	}
181	lc := net.ListenConfig{
182	KeepAlive: downstreamKeepAlive,
183	}
184	ln, err := lc.Listen(context.Background(), "tcp", host)
185	if err != nil {
186	log.Fatalf("failed to start listener on %q: %v", listen, err)
187	}
188	ln = proxyProtoListener(ln, srv)
189	go func() {
190	if err := srv.Serve(ln); err != nil {
191	log.Printf("serving %q: %v", listen, err)
192	}
193	}()
194	case "unix":
195	ln, err := net.Listen("unix", u.Path)
196	if err != nil {
197	log.Fatalf("failed to start listener on %q: %v", listen, err)
198	}
199	ln = proxyProtoListener(ln, srv)
200	go func() {
201	if err := srv.Serve(ln); err != nil {
202	log.Printf("serving %q: %v", listen, err)
203	}
204	}()
205	case "wss":
206	if tlsCfg == nil {
207	log.Fatalf("failed to listen on %q: missing TLS configuration", listen)
208	}
209	addr := u.Host
210	if _, _, err := net.SplitHostPort(addr); err != nil {
211	addr = addr + ":https"
212	}
213	httpSrv := http.Server{
214	Addr: addr,
215	TLSConfig: tlsCfg,
216	Handler: srv,
217	}
218	go func() {
219	if err := httpSrv.ListenAndServeTLS("", ""); err != nil {
220	log.Fatalf("serving %q: %v", listen, err)
221	}
222	}()
223	case "ws+insecure":
224	addr := u.Host
225	if _, _, err := net.SplitHostPort(addr); err != nil {
226	addr = addr + ":http"
227	}
228	httpSrv := http.Server{
229	Addr: addr,
230	Handler: srv,
231	}
232	go func() {
233	if err := httpSrv.ListenAndServe(); err != nil {
234	log.Fatalf("serving %q: %v", listen, err)
235	}
236	}()
237	case "ident":
238	if srv.Identd == nil {
239	srv.Identd = soju.NewIdentd()
240	}
241
242	host := u.Host
243	if _, _, err := net.SplitHostPort(host); err != nil {
244	host = host + ":113"
245	}
246	ln, err := net.Listen("tcp", host)
247	if err != nil {
248	log.Fatalf("failed to start listener on %q: %v", listen, err)
249	}
250	ln = proxyProtoListener(ln, srv)
251	go func() {
252	if err := srv.Identd.Serve(ln); err != nil {
253	log.Printf("serving %q: %v", listen, err)
254	}
255	}()
256	default:
257	log.Fatalf("failed to listen on %q: unsupported scheme", listen)
258	}
259
260	log.Printf("server listening on %q", listen)
261	}
262
263	sigCh := make(chan os.Signal, 1)
264	signal.Notify(sigCh, syscall.SIGINT, syscall.SIGTERM, syscall.SIGHUP)
265
266	if err := srv.Start(); err != nil {
267	log.Fatal(err)
268	}
269
270	for sig := range sigCh {
271	switch sig {
272	case syscall.SIGHUP:
273	log.Print("reloading configuration")
274	_, serverCfg, err := loadConfig()
275	if err != nil {
276	log.Printf("failed to reloading configuration: %v", err)
277	} else {
278	srv.SetConfig(serverCfg)
279	}
280	case syscall.SIGINT, syscall.SIGTERM:
281	log.Print("shutting down server")
282	srv.Shutdown()
283	return
284	}
285	}
286	}
287
288	func proxyProtoListener(ln net.Listener, srv *soju.Server) net.Listener {
289	return &proxyproto.Listener{
290	Listener: ln,
291	Policy: func(upstream net.Addr) (proxyproto.Policy, error) {
292	tcpAddr, ok := upstream.(*net.TCPAddr)
293	if !ok {
294	return proxyproto.IGNORE, nil
295	}
296	if srv.Config().AcceptProxyIPs.Contains(tcpAddr.IP) {
297	return proxyproto.USE, nil
298	}
299	return proxyproto.IGNORE, nil
300	},
301	ReadHeaderTimeout: 5 * time.Second,
302	}
303	}

Note: See TracBrowser for help on using the repository browser.

Download in other formats: