depot/web/fup/cmd/serve.go

// SPDX-FileCopyrightText: 2021 Luke Granger-Brown <depot@lukegb.com>
//
// SPDX-License-Identifier: Apache-2.0

package cmd

import (
	"context"
	"fmt"
	"log"
	"net/http"
	"os/exec"
	"strings"

	"github.com/coreos/go-systemd/v22/activation"
	"github.com/google/safehtml"
	"github.com/spf13/cobra"
	"github.com/spf13/viper"
	"hg.lukegb.com/lukegb/depot/web/fup/fuphttp"
	"hg.lukegb.com/lukegb/depot/web/fup/fupstatic"
	"hg.lukegb.com/lukegb/depot/web/fup/minicheddar"
)

func init() {
	rootCmd.AddCommand(serveCmd)

	serveCmd.Flags().StringVar(&serveRoot, "root", "http://localhost:8191/", "Application root address.")
	viper.BindPFlag("serve.app-root", serveCmd.Flags().Lookup("root"))
	serveCmd.Flags().StringVar(&serveStaticRoot, "static-root", "/static/", "Root address from which static assets should be referenced.")
	viper.BindPFlag("serve.static-root", serveCmd.Flags().Lookup("static-root"))
	serveCmd.Flags().StringVarP(&serveBind, "listen", "l", ":8191", "Bind address for HTTP server.")
	viper.BindPFlag("serve.listen", serveCmd.Flags().Lookup("listen"))
	serveCmd.Flags().BoolVar(&serveDirectOnly, "direct-only", false, "If set, all file serving will be proxied, even if the backend supports signed URLs.")
	viper.BindPFlag("serve.direct-only", serveCmd.Flags().Lookup("direct-only"))

	serveCmd.Flags().StringVar(&serveCheddarPath, "cheddar-path", "cheddar", "Path to 'cheddar' binary to use for syntax highlighting. If it cannot be found, syntax highlighting and markdown rendering will be disabled.")
	viper.BindPFlag("serve.cheddar.path", serveCmd.Flags().Lookup("cheddar-path"))
	serveCmd.Flags().StringVar(&serveCheddarAddr, "cheddar-address", "", "If non-empty, will be used instead of attempting to spawn a copy of cheddar.")
	viper.BindPFlag("serve.cheddar.address", serveCmd.Flags().Lookup("cheddar-address"))

	serveCmd.Flags().StringVar(&serveAuthToken, "auth-token", "", "If non-empty, this auth token will be required as the Basic Auth password.")
	viper.BindPFlag("serve.auth.token", serveCmd.Flags().Lookup("auth-token"))
	serveCmd.Flags().StringVar(&serveAuthRealm, "auth-realm", "fup", "Will be used as the realm for Basic Auth.")
	viper.BindPFlag("serve.auth.realm", serveCmd.Flags().Lookup("auth-realm"))
}

var (
	serveBind        string
	serveRoot        string
	serveStaticRoot  string
	serveDirectOnly  bool
	serveCheddarPath string
	serveCheddarAddr string
	serveAuthToken   string
	serveAuthRealm   string

	serveCmd = &cobra.Command{
		Use:   "serve",
		Short: "Serve HTTP",
		RunE: func(cmd *cobra.Command, args []string) error {
			if !strings.HasSuffix(serveRoot, "/") {
				return fmt.Errorf("--root flag should end in / (value is %q)", serveRoot)
			}
			if !strings.HasSuffix(serveStaticRoot, "/") {
				return fmt.Errorf("--static-root flag should end in / (value is %q)", serveStaticRoot)
			}

			ctx := context.Background()
			highlighter, err := serveCheddar(ctx)
			if err != nil {
				return fmt.Errorf("spawning cheddar syntax highlighter: %v", err)
			}

			cfg := &fuphttp.Config{
				Templates:           fupstatic.Templates,
				Static:              fupstatic.Static,
				StaticRoot:          safehtml.TrustedResourceURLFromFlag(cmd.Flag("static-root").Value),
				AppRoot:             serveRoot,
				StorageURL:          bucketURL,
				RedirectToBlobstore: !serveDirectOnly,
				Highlighter:         highlighter,
				AuthMiddleware:      fuphttp.TokenAuthMiddleware(serveAuthToken, serveAuthRealm),
			}
			a, err := fuphttp.New(ctx, cfg)
			if err != nil {
				return fmt.Errorf("constructing application: %w", err)
			}
			http.Handle("/", a.Handler())
			http.Handle("/static/", http.StripPrefix("/static/", http.FileServer(http.FS(fupstatic.Static))))
			log.Printf("Serving on %s", serveBind)
			if serveBind == "systemd" {
				listeners, err := activation.Listeners()
				if err != nil {
					return fmt.Errorf("getting systemd socket-activated listeners: %v", err)
				}
				if len(listeners) != 1 {
					return fmt.Errorf("unexpected systemd socket activation fds: got %d; want 1", len(listeners))
				}
				return http.Serve(listeners[0], nil)
			}
			return http.ListenAndServe(serveBind, nil)
		},
	}
)

func serveCheddar(ctx context.Context) (*minicheddar.Cheddar, error) {
	if serveCheddarAddr != "" {
		return minicheddar.Remote(serveCheddarAddr), nil
	}

	cpath, err := exec.LookPath(serveCheddarPath)
	if err != nil {
		log.Printf("couldn't find cheddar at %q; disabling syntax highlighting", serveCheddarPath)
		return nil, nil
	}

	return minicheddar.Spawn(ctx, cpath)
}
fup: add SPDX headers 2021-03-20 20:40:40 +00:00			`// SPDX-FileCopyrightText: 2021 Luke Granger-Brown <depot@lukegb.com>`
			`//`
			`// SPDX-License-Identifier: Apache-2.0`

fup: create serve subcommand and fuphttp package This is the skeleton of the application. Let's goooo! 2021-03-20 19:53:43 +00:00			`package cmd`

			`import (`
			`"context"`
			`"fmt"`
fup: add file serving This adds both redirect-to-signed-URL and proxy fileserving. The proxy fileserving is somewhat limited: we don't support the Range header, and it isn't easy to reuse the net/http ServeContent implementation because that requires a SeekCloser. I think it might be possible to "bodge" a SeekCloser on top of dynamically opening files, but it'll be a bit wonky and will be slower than strictly necessary. 2021-03-21 03:04:38 +00:00			`"log"`
fup: create serve subcommand and fuphttp package This is the skeleton of the application. Let's goooo! 2021-03-20 19:53:43 +00:00			`"net/http"`
fup: add cheddar as a syntax highlighter 2021-03-21 18:52:22 +00:00			`"os/exec"`
fup: implement file uploads! TODO: tests for this. 2021-03-21 18:04:37 +00:00			`"strings"`
fup: create serve subcommand and fuphttp package This is the skeleton of the application. Let's goooo! 2021-03-20 19:53:43 +00:00
fup: add systemd socket activation support to `fup serve` 2021-03-22 02:41:59 +00:00			`"github.com/coreos/go-systemd/v22/activation"`
fup: add file serving This adds both redirect-to-signed-URL and proxy fileserving. The proxy fileserving is somewhat limited: we don't support the Range header, and it isn't easy to reuse the net/http ServeContent implementation because that requires a SeekCloser. I think it might be possible to "bodge" a SeekCloser on top of dynamically opening files, but it'll be a bit wonky and will be slower than strictly necessary. 2021-03-21 03:04:38 +00:00			`"github.com/google/safehtml"`
fup: create serve subcommand and fuphttp package This is the skeleton of the application. Let's goooo! 2021-03-20 19:53:43 +00:00			`"github.com/spf13/cobra"`
fup/cmd/serve: add viper bindings for all the flags 2021-03-23 00:45:51 +00:00			`"github.com/spf13/viper"`
fup: create serve subcommand and fuphttp package This is the skeleton of the application. Let's goooo! 2021-03-20 19:53:43 +00:00			`"hg.lukegb.com/lukegb/depot/web/fup/fuphttp"`
			`"hg.lukegb.com/lukegb/depot/web/fup/fupstatic"`
fup: add cheddar as a syntax highlighter 2021-03-21 18:52:22 +00:00			`"hg.lukegb.com/lukegb/depot/web/fup/minicheddar"`
fup: create serve subcommand and fuphttp package This is the skeleton of the application. Let's goooo! 2021-03-20 19:53:43 +00:00			`)`

			`func init() {`
			`rootCmd.AddCommand(serveCmd)`

fup: implement file uploads! TODO: tests for this. 2021-03-21 18:04:37 +00:00			`serveCmd.Flags().StringVar(&serveRoot, "root", "http://localhost:8191/", "Application root address.")`
fup/cmd/serve: add viper bindings for all the flags 2021-03-23 00:45:51 +00:00			`viper.BindPFlag("serve.app-root", serveCmd.Flags().Lookup("root"))`
fup: implement file uploads! TODO: tests for this. 2021-03-21 18:04:37 +00:00			`serveCmd.Flags().StringVar(&serveStaticRoot, "static-root", "/static/", "Root address from which static assets should be referenced.")`
fup/cmd/serve: add viper bindings for all the flags 2021-03-23 00:45:51 +00:00			`viper.BindPFlag("serve.static-root", serveCmd.Flags().Lookup("static-root"))`
fup: create serve subcommand and fuphttp package This is the skeleton of the application. Let's goooo! 2021-03-20 19:53:43 +00:00			`serveCmd.Flags().StringVarP(&serveBind, "listen", "l", ":8191", "Bind address for HTTP server.")`
fup/cmd/serve: add viper bindings for all the flags 2021-03-23 00:45:51 +00:00			`viper.BindPFlag("serve.listen", serveCmd.Flags().Lookup("listen"))`
fup: add file serving This adds both redirect-to-signed-URL and proxy fileserving. The proxy fileserving is somewhat limited: we don't support the Range header, and it isn't easy to reuse the net/http ServeContent implementation because that requires a SeekCloser. I think it might be possible to "bodge" a SeekCloser on top of dynamically opening files, but it'll be a bit wonky and will be slower than strictly necessary. 2021-03-21 03:04:38 +00:00			`serveCmd.Flags().BoolVar(&serveDirectOnly, "direct-only", false, "If set, all file serving will be proxied, even if the backend supports signed URLs.")`
fup/cmd/serve: add viper bindings for all the flags 2021-03-23 00:45:51 +00:00			`viper.BindPFlag("serve.direct-only", serveCmd.Flags().Lookup("direct-only"))`
fup: add cheddar as a syntax highlighter 2021-03-21 18:52:22 +00:00
			`serveCmd.Flags().StringVar(&serveCheddarPath, "cheddar-path", "cheddar", "Path to 'cheddar' binary to use for syntax highlighting. If it cannot be found, syntax highlighting and markdown rendering will be disabled.")`
fup/cmd/serve: add viper bindings for all the flags 2021-03-23 00:45:51 +00:00			`viper.BindPFlag("serve.cheddar.path", serveCmd.Flags().Lookup("cheddar-path"))`
fup: add cheddar as a syntax highlighter 2021-03-21 18:52:22 +00:00			`serveCmd.Flags().StringVar(&serveCheddarAddr, "cheddar-address", "", "If non-empty, will be used instead of attempting to spawn a copy of cheddar.")`
fup/cmd/serve: add viper bindings for all the flags 2021-03-23 00:45:51 +00:00			`viper.BindPFlag("serve.cheddar.address", serveCmd.Flags().Lookup("cheddar-address"))`
fup: add TokenAuthMiddleware This is an example middleware which can be used as an AuthMiddleware for only allowing requests to non-view pages which are accompanied by an auth token via HTTP basic auth. 2021-03-23 00:46:33 +00:00
			`serveCmd.Flags().StringVar(&serveAuthToken, "auth-token", "", "If non-empty, this auth token will be required as the Basic Auth password.")`
			`viper.BindPFlag("serve.auth.token", serveCmd.Flags().Lookup("auth-token"))`
			`serveCmd.Flags().StringVar(&serveAuthRealm, "auth-realm", "fup", "Will be used as the realm for Basic Auth.")`
			`viper.BindPFlag("serve.auth.realm", serveCmd.Flags().Lookup("auth-realm"))`
fup: create serve subcommand and fuphttp package This is the skeleton of the application. Let's goooo! 2021-03-20 19:53:43 +00:00			`}`

			`var (`
fup: add cheddar as a syntax highlighter 2021-03-21 18:52:22 +00:00			`serveBind string`
			`serveRoot string`
			`serveStaticRoot string`
			`serveDirectOnly bool`
			`serveCheddarPath string`
			`serveCheddarAddr string`
fup: add TokenAuthMiddleware This is an example middleware which can be used as an AuthMiddleware for only allowing requests to non-view pages which are accompanied by an auth token via HTTP basic auth. 2021-03-23 00:46:33 +00:00			`serveAuthToken string`
			`serveAuthRealm string`
fup: create serve subcommand and fuphttp package This is the skeleton of the application. Let's goooo! 2021-03-20 19:53:43 +00:00
			`serveCmd = &cobra.Command{`
			`Use: "serve",`
			`Short: "Serve HTTP",`
			`RunE: func(cmd *cobra.Command, args []string) error {`
fup: implement file uploads! TODO: tests for this. 2021-03-21 18:04:37 +00:00			`if !strings.HasSuffix(serveRoot, "/") {`
			`return fmt.Errorf("--root flag should end in / (value is %q)", serveRoot)`
			`}`
			`if !strings.HasSuffix(serveStaticRoot, "/") {`
			`return fmt.Errorf("--static-root flag should end in / (value is %q)", serveStaticRoot)`
			`}`

fup: create serve subcommand and fuphttp package This is the skeleton of the application. Let's goooo! 2021-03-20 19:53:43 +00:00			`ctx := context.Background()`
fup: add cheddar as a syntax highlighter 2021-03-21 18:52:22 +00:00			`highlighter, err := serveCheddar(ctx)`
			`if err != nil {`
			`return fmt.Errorf("spawning cheddar syntax highlighter: %v", err)`
			`}`

fup: create serve subcommand and fuphttp package This is the skeleton of the application. Let's goooo! 2021-03-20 19:53:43 +00:00			`cfg := &fuphttp.Config{`
fup: add file serving This adds both redirect-to-signed-URL and proxy fileserving. The proxy fileserving is somewhat limited: we don't support the Range header, and it isn't easy to reuse the net/http ServeContent implementation because that requires a SeekCloser. I think it might be possible to "bodge" a SeekCloser on top of dynamically opening files, but it'll be a bit wonky and will be slower than strictly necessary. 2021-03-21 03:04:38 +00:00			`Templates: fupstatic.Templates,`
			`Static: fupstatic.Static,`
fup: implement file uploads! TODO: tests for this. 2021-03-21 18:04:37 +00:00			`StaticRoot: safehtml.TrustedResourceURLFromFlag(cmd.Flag("static-root").Value),`
			`AppRoot: serveRoot,`
fup: add file serving This adds both redirect-to-signed-URL and proxy fileserving. The proxy fileserving is somewhat limited: we don't support the Range header, and it isn't easy to reuse the net/http ServeContent implementation because that requires a SeekCloser. I think it might be possible to "bodge" a SeekCloser on top of dynamically opening files, but it'll be a bit wonky and will be slower than strictly necessary. 2021-03-21 03:04:38 +00:00			`StorageURL: bucketURL,`
			`RedirectToBlobstore: !serveDirectOnly,`
fup: add cheddar as a syntax highlighter 2021-03-21 18:52:22 +00:00			`Highlighter: highlighter,`
fup: add TokenAuthMiddleware This is an example middleware which can be used as an AuthMiddleware for only allowing requests to non-view pages which are accompanied by an auth token via HTTP basic auth. 2021-03-23 00:46:33 +00:00			`AuthMiddleware: fuphttp.TokenAuthMiddleware(serveAuthToken, serveAuthRealm),`
fup: create serve subcommand and fuphttp package This is the skeleton of the application. Let's goooo! 2021-03-20 19:53:43 +00:00			`}`
			`a, err := fuphttp.New(ctx, cfg)`
			`if err != nil {`
			`return fmt.Errorf("constructing application: %w", err)`
			`}`
			`http.Handle("/", a.Handler())`
			`http.Handle("/static/", http.StripPrefix("/static/", http.FileServer(http.FS(fupstatic.Static))))`
fup: add file serving This adds both redirect-to-signed-URL and proxy fileserving. The proxy fileserving is somewhat limited: we don't support the Range header, and it isn't easy to reuse the net/http ServeContent implementation because that requires a SeekCloser. I think it might be possible to "bodge" a SeekCloser on top of dynamically opening files, but it'll be a bit wonky and will be slower than strictly necessary. 2021-03-21 03:04:38 +00:00			`log.Printf("Serving on %s", serveBind)`
fup: add systemd socket activation support to `fup serve` 2021-03-22 02:41:59 +00:00			`if serveBind == "systemd" {`
			`listeners, err := activation.Listeners()`
			`if err != nil {`
			`return fmt.Errorf("getting systemd socket-activated listeners: %v", err)`
			`}`
			`if len(listeners) != 1 {`
			`return fmt.Errorf("unexpected systemd socket activation fds: got %d; want 1", len(listeners))`
			`}`
			`return http.Serve(listeners[0], nil)`
			`}`
fup: create serve subcommand and fuphttp package This is the skeleton of the application. Let's goooo! 2021-03-20 19:53:43 +00:00			`return http.ListenAndServe(serveBind, nil)`
			`},`
			`}`
			`)`
fup: add cheddar as a syntax highlighter 2021-03-21 18:52:22 +00:00
			`func serveCheddar(ctx context.Context) (*minicheddar.Cheddar, error) {`
			`if serveCheddarAddr != "" {`
			`return minicheddar.Remote(serveCheddarAddr), nil`
			`}`

			`cpath, err := exec.LookPath(serveCheddarPath)`
			`if err != nil {`
			`log.Printf("couldn't find cheddar at %q; disabling syntax highlighting", serveCheddarPath)`
			`return nil, nil`
			`}`

			`return minicheddar.Spawn(ctx, cpath)`
			`}`