Serge Bazanski | 3fd70d8 | 2018-10-14 08:12:46 -0700 | [diff] [blame] | 1 | package mirko |
| 2 | |
| 3 | import ( |
Serge Bazanski | aa81aa2 | 2018-10-14 08:36:05 -0700 | [diff] [blame] | 4 | "context" |
Serge Bazanski | 3fd70d8 | 2018-10-14 08:12:46 -0700 | [diff] [blame] | 5 | "flag" |
| 6 | "fmt" |
| 7 | "net" |
| 8 | "net/http" |
| 9 | "time" |
| 10 | |
| 11 | "code.hackerspace.pl/q3k/hspki" |
| 12 | "github.com/golang/glog" |
| 13 | "github.com/q3k/statusz" |
| 14 | "golang.org/x/net/trace" |
| 15 | "google.golang.org/grpc" |
| 16 | "google.golang.org/grpc/reflection" |
| 17 | ) |
| 18 | |
| 19 | var ( |
| 20 | flagListenAddress string |
| 21 | flagDebugAddress string |
Serge Bazanski | 446c9e1 | 2018-10-14 17:06:09 +0100 | [diff] [blame] | 22 | flagDebugAllowAll bool |
Serge Bazanski | 3fd70d8 | 2018-10-14 08:12:46 -0700 | [diff] [blame] | 23 | ) |
| 24 | |
| 25 | func init() { |
Serge Bazanski | 69de9cb | 2018-10-14 08:49:04 -0700 | [diff] [blame] | 26 | flag.StringVar(&flagListenAddress, "listen_address", "127.0.0.1:4200", "gRPC listen address") |
| 27 | flag.StringVar(&flagDebugAddress, "debug_address", "127.0.0.1:4201", "HTTP debug/status listen address") |
Serge Bazanski | f77e7d3 | 2018-10-14 17:11:08 +0100 | [diff] [blame^] | 28 | flag.BoolVar(&flagDebugAllowAll, "debug_allow_all", false, "HTTP debug/status available to everyone") |
Serge Bazanski | aa81aa2 | 2018-10-14 08:36:05 -0700 | [diff] [blame] | 29 | flag.Set("logtostderr", "true") |
Serge Bazanski | 3fd70d8 | 2018-10-14 08:12:46 -0700 | [diff] [blame] | 30 | } |
| 31 | |
| 32 | type Mirko struct { |
| 33 | grpcListen net.Listener |
| 34 | grpcServer *grpc.Server |
| 35 | httpListen net.Listener |
| 36 | httpServer *http.Server |
| 37 | httpMux *http.ServeMux |
| 38 | } |
| 39 | |
| 40 | func New() *Mirko { |
| 41 | return &Mirko{} |
| 42 | } |
| 43 | |
Serge Bazanski | 446c9e1 | 2018-10-14 17:06:09 +0100 | [diff] [blame] | 44 | func authRequest(req *http.Request) (any, sensitive bool) { |
| 45 | host, _, err := net.SplitHostPort(req.RemoteAddr) |
| 46 | if err != nil { |
| 47 | host = req.RemoteAddr |
| 48 | } |
| 49 | |
| 50 | if flagDebugAllowAll { |
| 51 | return true, true |
| 52 | } |
| 53 | |
| 54 | switch host { |
| 55 | case "localhost", "127.0.0.1", "::1": |
| 56 | return true, true |
| 57 | default: |
| 58 | return false, false |
| 59 | } |
| 60 | } |
| 61 | |
Serge Bazanski | 3fd70d8 | 2018-10-14 08:12:46 -0700 | [diff] [blame] | 62 | func (m *Mirko) Listen() error { |
| 63 | grpc.EnableTracing = true |
Serge Bazanski | 446c9e1 | 2018-10-14 17:06:09 +0100 | [diff] [blame] | 64 | trace.AuthRequest = authRequest |
| 65 | |
Serge Bazanski | 3fd70d8 | 2018-10-14 08:12:46 -0700 | [diff] [blame] | 66 | grpcLis, err := net.Listen("tcp", flagListenAddress) |
| 67 | if err != nil { |
| 68 | return fmt.Errorf("net.Listen: %v", err) |
| 69 | } |
| 70 | m.grpcListen = grpcLis |
| 71 | m.grpcServer = grpc.NewServer(hspki.WithServerHSPKI()...) |
| 72 | reflection.Register(m.grpcServer) |
| 73 | |
| 74 | httpLis, err := net.Listen("tcp", flagDebugAddress) |
| 75 | if err != nil { |
| 76 | return fmt.Errorf("net.Listen: %v", err) |
| 77 | } |
| 78 | |
| 79 | m.httpMux = http.NewServeMux() |
| 80 | // Canonical URLs |
Serge Bazanski | 446c9e1 | 2018-10-14 17:06:09 +0100 | [diff] [blame] | 81 | m.httpMux.HandleFunc("/debug/status", func(w http.ResponseWriter, r *http.Request) { |
| 82 | any, sensitive := authRequest(r) |
| 83 | if !any { |
| 84 | http.Error(w, "not allowed", http.StatusUnauthorized) |
| 85 | return |
| 86 | } |
| 87 | statusz.StatusHandler(w, r) |
| 88 | }) |
Serge Bazanski | 3fd70d8 | 2018-10-14 08:12:46 -0700 | [diff] [blame] | 89 | m.httpMux.HandleFunc("/debug/requests", trace.Traces) |
| 90 | |
| 91 | // -z legacy URLs |
| 92 | m.httpMux.HandleFunc("/statusz", func(w http.ResponseWriter, r *http.Request) { |
| 93 | http.Redirect(w, r, "/debug/status", http.StatusSeeOther) |
| 94 | }) |
| 95 | m.httpMux.HandleFunc("/rpcz", func(w http.ResponseWriter, r *http.Request) { |
| 96 | http.Redirect(w, r, "/debug/requests", http.StatusSeeOther) |
| 97 | }) |
| 98 | m.httpMux.HandleFunc("/requestz", func(w http.ResponseWriter, r *http.Request) { |
| 99 | http.Redirect(w, r, "/debug/requests", http.StatusSeeOther) |
| 100 | }) |
| 101 | |
| 102 | // root redirect |
| 103 | m.httpMux.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) { |
| 104 | http.Redirect(w, r, "/debug/status", http.StatusSeeOther) |
| 105 | }) |
| 106 | |
| 107 | m.httpListen = httpLis |
| 108 | m.httpServer = &http.Server{ |
| 109 | Addr: flagDebugAddress, |
| 110 | Handler: m.httpMux, |
| 111 | } |
| 112 | |
| 113 | return nil |
| 114 | } |
| 115 | |
Serge Bazanski | aa81aa2 | 2018-10-14 08:36:05 -0700 | [diff] [blame] | 116 | func (m *Mirko) Trace(ctx context.Context, f string, args ...interface{}) { |
| 117 | tr, ok := trace.FromContext(ctx) |
| 118 | if !ok { |
| 119 | fmtd := fmt.Sprintf(f, args...) |
| 120 | glog.Warningf("No trace in %v: %s", ctx, fmtd) |
| 121 | return |
| 122 | } |
| 123 | tr.LazyPrintf(f, args...) |
| 124 | } |
| 125 | |
Serge Bazanski | 3fd70d8 | 2018-10-14 08:12:46 -0700 | [diff] [blame] | 126 | func (m *Mirko) GRPC() *grpc.Server { |
| 127 | if m.grpcServer == nil { |
| 128 | panic("GRPC() called before Listen()") |
| 129 | } |
| 130 | return m.grpcServer |
| 131 | } |
| 132 | |
| 133 | func (m *Mirko) HTTPMux() *http.ServeMux { |
| 134 | if m.httpMux == nil { |
| 135 | panic("HTTPMux() called before Listen()") |
| 136 | } |
| 137 | return m.httpMux |
| 138 | } |
| 139 | |
| 140 | func (m *Mirko) Serve() error { |
| 141 | errs := make(chan error, 1) |
| 142 | go func() { |
| 143 | if err := m.grpcServer.Serve(m.grpcListen); err != nil { |
| 144 | errs <- err |
| 145 | } |
| 146 | }() |
| 147 | go func() { |
| 148 | if err := m.httpServer.Serve(m.httpListen); err != nil { |
| 149 | errs <- err |
| 150 | } |
| 151 | }() |
| 152 | |
| 153 | ticker := time.NewTicker(1 * time.Second) |
| 154 | select { |
| 155 | case <-ticker.C: |
| 156 | glog.Infof("gRPC listening on %s", flagListenAddress) |
| 157 | glog.Infof("HTTP listening on %s", flagDebugAddress) |
| 158 | return nil |
| 159 | case err := <-errs: |
| 160 | return err |
| 161 | } |
| 162 | } |