Hi… I am well aware that this diff view is very suboptimal. It will be fixed when the refactored server comes along!
Linting
version: "2"
linters:
default: all
disable:
- depguard
- wsl_v5 # tmp
- wsl # tmp
- unused # tmp
- nonamedreturns
- err113 # tmp
- gochecknoinits # tmp
- nlreturn # tmp
- cyclop # tmp
- gocognit # tmp
- varnamelen # tmp
- funlen # tmp
- lll
- mnd # tmp
- revive # tmp
- godox # tmp
linters-settings:
revive:
rules:
- name: error-strings
disabled: true
issues:
max-issues-per-linter: 0
max-same-issues: 0
package hooks
import (
"context"
"errors"
"fmt"
"net"
"time"
"github.com/gliderlabs/ssh"
"go.lindenii.runxiyu.org/forge/forged/internal/common/cmap"
"go.lindenii.runxiyu.org/forge/forged/internal/common/misc"
)
type Server struct {
hookMap cmap.Map[string, hookInfo]
socketPath string
executablesPath string
}
type Config struct {
Socket string `scfg:"socket"`
Execs string `scfg:"execs"`
}
type hookInfo struct {
session ssh.Session
pubkey string
directAccess bool
repoPath string
userID int
userType string
repoID int
groupPath []string
repoName string
contribReq string
}
func New(config Config) (server *Server) {
return &Server{
socketPath: config.Socket,
executablesPath: config.Execs,
hookMap: cmap.Map[string, hookInfo]{},
}
}
func (server *Server) Run(ctx context.Context) error {
listener, _, err := misc.ListenUnixSocket(server.socketPath)
if err != nil {
return fmt.Errorf("listen unix socket for hooks: %w", err)
}
defer func() {
_ = listener.Close()
}()
stop := context.AfterFunc(ctx, func() {
_ = listener.Close()
})
defer stop()
for {
conn, err := listener.Accept()
if err != nil {
if errors.Is(err, net.ErrClosed) || ctx.Err() != nil {
return nil
}
return fmt.Errorf("accept conn: %w", err)
}
go server.handleConn(ctx, conn)
}
}
func (server *Server) handleConn(ctx context.Context, conn net.Conn) {
defer conn.Close()
defer func() {
_ = conn.Close()
}()
unblock := context.AfterFunc(ctx, func() {
_ = conn.SetDeadline(time.Now())
_ = conn.Close()
})
defer unblock()
}
package lmtp
import (
"context"
"errors"
"fmt"
"net"
"time"
"go.lindenii.runxiyu.org/forge/forged/internal/common/misc"
)
type Server struct {
socket string
domain string
maxSize int64
writeTimeout uint32
readTimeout uint32
}
type Config struct {
Socket string `scfg:"socket"`
Domain string `scfg:"domain"`
MaxSize int64 `scfg:"max_size"`
WriteTimeout uint32 `scfg:"write_timeout"`
ReadTimeout uint32 `scfg:"read_timeout"`
}
func New(config Config) (server *Server) {
return &Server{
socket: config.Socket,
domain: config.Domain,
maxSize: config.MaxSize,
writeTimeout: config.WriteTimeout,
readTimeout: config.ReadTimeout,
}
}
func (server *Server) Run(ctx context.Context) error {
listener, _, err := misc.ListenUnixSocket(server.socket)
if err != nil {
return fmt.Errorf("listen unix socket for LMTP: %w", err)
}
defer func() {
_ = listener.Close()
}()
stop := context.AfterFunc(ctx, func() {
_ = listener.Close()
})
defer stop()
for {
conn, err := listener.Accept()
if err != nil {
if errors.Is(err, net.ErrClosed) || ctx.Err() != nil {
return nil
}
return fmt.Errorf("accept conn: %w", err)
}
go server.handleConn(ctx, conn)
}
}
func (server *Server) handleConn(ctx context.Context, conn net.Conn) {
defer conn.Close()
defer func() {
_ = conn.Close()
}()
unblock := context.AfterFunc(ctx, func() {
_ = conn.SetDeadline(time.Now())
_ = conn.Close()
})
defer unblock()
}
package ssh
import (
"context"
"errors"
"fmt"
"os"
"time"
gliderssh "github.com/gliderlabs/ssh"
"go.lindenii.runxiyu.org/forge/forged/internal/common/misc"
gossh "golang.org/x/crypto/ssh"
)
type Config struct {
Net string `scfg:"net"`
Addr string `scfg:"addr"`
Key string `scfg:"key"`
Root string `scfg:"root"`
ShutdownTimeout uint32 `scfg:"shutdown_timeout"`
}
type Server struct {
gliderServer *gliderssh.Server
privkey gossh.Signer
pubkeyString string
pubkeyFP string
net string
addr string
root string
shutdownTimeout uint32
}
func New(config Config) (server *Server, err error) {
server = &Server{
net: config.Net,
addr: config.Addr,
root: config.Root,
shutdownTimeout: config.ShutdownTimeout,
}
} //exhaustruct:ignore
var privkeyBytes []byte
if privkeyBytes, err = os.ReadFile(config.Key); err != nil {
privkeyBytes, err = os.ReadFile(config.Key)
if err != nil {
return server, fmt.Errorf("read SSH private key: %w", err)
}
if server.privkey, err = gossh.ParsePrivateKey(privkeyBytes); err != nil {
server.privkey, err = gossh.ParsePrivateKey(privkeyBytes)
if err != nil {
return server, fmt.Errorf("parse SSH private key: %w", err)
}
server.pubkeyString = misc.BytesToString(gossh.MarshalAuthorizedKey(server.privkey.PublicKey()))
server.pubkeyFP = gossh.FingerprintSHA256(server.privkey.PublicKey())
server.gliderServer = &gliderssh.Server{
Handler: handle,
PublicKeyHandler: func(ctx gliderssh.Context, key gliderssh.PublicKey) bool { return true },
KeyboardInteractiveHandler: func(ctx gliderssh.Context, challenge gossh.KeyboardInteractiveChallenge) bool { return true },
}
} //exhaustruct:ignore
server.gliderServer.AddHostKey(server.privkey)
return
return server, nil
}
func (server *Server) Run(ctx context.Context) (err error) {
listener, err := misc.Listen(server.net, server.addr)
if err != nil {
return fmt.Errorf("listen for SSH: %w", err)
}
defer func() {
_ = listener.Close()
}()
stop := context.AfterFunc(ctx, func() {
shCtx, cancel := context.WithTimeout(context.WithoutCancel(ctx), time.Duration(server.shutdownTimeout)*time.Second)
defer cancel()
_ = server.gliderServer.Shutdown(shCtx)
_ = listener.Close()
})
defer stop()
if err = server.gliderServer.Serve(listener); err != nil {
err = server.gliderServer.Serve(listener)
if err != nil {
if errors.Is(err, gliderssh.ErrServerClosed) || ctx.Err() != nil {
return nil
}
return fmt.Errorf("serve SSH: %w", err)
}
panic("unreachable")
}
func handle(session gliderssh.Session) {
panic("SSH server handler not implemented yet")
}
package web import ( "context"
"errors"
"fmt"
"net"
"net/http"
"time"
"go.lindenii.runxiyu.org/forge/forged/internal/common/misc"
)
type Server struct {
net string
addr string
root string
httpServer *http.Server
shutdownTimeout uint32
}
type handler struct{}
func (h *handler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
}
type Config struct {
Net string `scfg:"net"`
Addr string `scfg:"addr"`
Root string `scfg:"root"`
CookieExpiry int `scfg:"cookie_expiry"`
ReadTimeout uint32 `scfg:"read_timeout"`
WriteTimeout uint32 `scfg:"write_timeout"`
IdleTimeout uint32 `scfg:"idle_timeout"`
MaxHeaderBytes int `scfg:"max_header_bytes"`
ReverseProxy bool `scfg:"reverse_proxy"`
ShutdownTimeout uint32 `scfg:"shutdown_timeout"`
}
func New(config Config) (server *Server) {
handler := &handler{}
httpServer := &http.Server{
Handler: &handler{},
ReadTimeout: time.Duration(config.ReadTimeout) * time.Second,
WriteTimeout: time.Duration(config.WriteTimeout) * time.Second,
IdleTimeout: time.Duration(config.IdleTimeout) * time.Second,
MaxHeaderBytes: config.MaxHeaderBytes,
} //exhaustruct:ignore
return &Server{
net: config.Net,
addr: config.Addr,
root: config.Root,
shutdownTimeout: config.ShutdownTimeout,
httpServer: &http.Server{
Handler: handler,
ReadTimeout: time.Duration(config.ReadTimeout) * time.Second,
WriteTimeout: time.Duration(config.WriteTimeout) * time.Second,
IdleTimeout: time.Duration(config.IdleTimeout) * time.Second,
MaxHeaderBytes: config.MaxHeaderBytes,
},
httpServer: httpServer,
}
}
func (server *Server) Run(ctx context.Context) (err error) {
server.httpServer.BaseContext = func(_ net.Listener) context.Context { return ctx }
listener, err := misc.Listen(server.net, server.addr)
if err != nil {
return fmt.Errorf("listen for web: %w", err)
}
defer func() {
_ = listener.Close()
}()
stop := context.AfterFunc(ctx, func() {
shCtx, cancel := context.WithTimeout(context.WithoutCancel(ctx), time.Duration(server.shutdownTimeout)*time.Second)
defer cancel()
_ = server.httpServer.Shutdown(shCtx)
_ = listener.Close()
})
defer stop()
if err = server.httpServer.Serve(listener); err != nil {
if err == http.ErrServerClosed || ctx.Err() != nil {
err = server.httpServer.Serve(listener)
if err != nil {
if errors.Is(err, http.ErrServerClosed) || ctx.Err() != nil {
return nil
}
return fmt.Errorf("serve web: %w", err)
}
panic("unreachable")
}
package server
import (
"context"
"fmt"
"go.lindenii.runxiyu.org/forge/forged/internal/config"
"go.lindenii.runxiyu.org/forge/forged/internal/database"
"go.lindenii.runxiyu.org/forge/forged/internal/incoming/hooks"
"go.lindenii.runxiyu.org/forge/forged/internal/incoming/lmtp"
"go.lindenii.runxiyu.org/forge/forged/internal/incoming/ssh"
"go.lindenii.runxiyu.org/forge/forged/internal/incoming/web"
"golang.org/x/sync/errgroup"
)
type Server struct {
config config.Config
database database.Database
hookServer *hooks.Server
lmtpServer *lmtp.Server
webServer *web.Server
sshServer *ssh.Server
globalData struct {
SSHPubkey string
SSHFingerprint string
Version string
}
}
func New(configPath string) (server *Server, err error) {
server = &Server{}
server = &Server{} //exhaustruct:ignore
server.config, err = config.Open(configPath)
if err != nil {
return server, fmt.Errorf("open config: %w", err)
}
server.hookServer = hooks.New(server.config.Hooks)
server.lmtpServer = lmtp.New(server.config.LMTP)
server.webServer = web.New(server.config.Web)
server.sshServer, err = ssh.New(server.config.SSH)
if err != nil {
return server, fmt.Errorf("create SSH server: %w", err)
}
return server, nil
}
func (server *Server) Run(ctx context.Context) (err error) {
// TODO: Not running git2d because it should be run separately.
// This needs to be documented somewhere, hence a TODO here for now.
g, gctx := errgroup.WithContext(ctx)
server.database, err = database.Open(gctx, server.config.DB)
if err != nil {
return fmt.Errorf("open database: %w", err)
}
defer server.database.Close()
g.Go(func() error { return server.hookServer.Run(gctx) })
g.Go(func() error { return server.lmtpServer.Run(gctx) })
g.Go(func() error { return server.webServer.Run(gctx) })
g.Go(func() error { return server.sshServer.Run(gctx) })
if err := g.Wait(); err != nil {
err = g.Wait()
if err != nil {
return fmt.Errorf("server error: %w", err)
}
return ctx.Err()
err = ctx.Err()
if err != nil {
return fmt.Errorf("context exceeded: %w", err)
}
return nil
}