From 73603079e29bc89c54296a9e12b5a779cd84c023 Mon Sep 17 00:00:00 2001 From: Alan Pearce Date: Thu, 2 May 2024 23:18:19 +0200 Subject: feat: serve a very basic html template --- internal/config/config.go | 51 +++++++++++++ internal/config/csp.go | 45 ++++++++++++ internal/server/headers.go | 17 +++++ internal/server/logging.go | 55 ++++++++++++++ internal/server/server.go | 175 +++++++++++++++++++++++++++++++++++++++++++++ 5 files changed, 343 insertions(+) create mode 100644 internal/config/config.go create mode 100644 internal/config/csp.go create mode 100644 internal/server/headers.go create mode 100644 internal/server/logging.go create mode 100644 internal/server/server.go (limited to 'internal') diff --git a/internal/config/config.go b/internal/config/config.go new file mode 100644 index 0000000..e9300ce --- /dev/null +++ b/internal/config/config.go @@ -0,0 +1,51 @@ +package config + +import ( + "log/slog" + "net/url" + "os" + + "github.com/pelletier/go-toml/v2" + "github.com/pkg/errors" +) + +type URL struct { + *url.URL +} + +func (u *URL) UnmarshalText(text []byte) (err error) { + u.URL, err = url.Parse(string(text)) + + if err != nil { + return errors.WithMessage(err, "could not parse URL") + } + + return nil +} + +type Config struct { + BaseURL URL `toml:"base_url"` + CSP *CSP `toml:"content-security-policy"` + Headers map[string]string +} + +func GetConfig() (*Config, error) { + config := Config{} + slog.Debug("reading config.toml") + file, err := os.Open("config.toml") + if err != nil { + return nil, errors.WithMessage(err, "error reading configuration") + } + dec := toml.NewDecoder(file) + err = dec.Decode(&config) + if err != nil { + var tomlError toml.DecodeError + if errors.As(err, &tomlError) { + return nil, errors.WithMessage(err, tomlError.Error()) + } + + return nil, errors.Wrap(err, "config error") + } + + return &config, nil +} diff --git a/internal/config/csp.go b/internal/config/csp.go new file mode 100644 index 0000000..970663c --- /dev/null +++ b/internal/config/csp.go @@ -0,0 +1,45 @@ +package config + +// Code generated DO NOT EDIT. + +import ( + "github.com/crewjam/csp" +) + +type CSP struct { + BaseURI []string `csp:"base-uri" toml:"base-uri"` + BlockAllMixedContent bool `csp:"block-all-mixed-content" toml:"block-all-mixed-content"` + ChildSrc []string `csp:"child-src" toml:"child-src"` + ConnectSrc []string `csp:"connect-src" toml:"connect-src"` + DefaultSrc []string `csp:"default-src" toml:"default-src"` + FontSrc []string `csp:"font-src" toml:"font-src"` + FormAction []string `csp:"form-action" toml:"form-action"` + FrameAncestors []string `csp:"frame-ancestors" toml:"frame-ancestors"` + FrameSrc []string `csp:"frame-src" toml:"frame-src"` + ImgSrc []string `csp:"img-src" toml:"img-src"` + ManifestSrc []string `csp:"manifest-src" toml:"manifest-src"` + MediaSrc []string `csp:"media-src" toml:"media-src"` + NavigateTo []string `csp:"navigate-to" toml:"navigate-to"` + ObjectSrc []string `csp:"object-src" toml:"object-src"` + PluginTypes []string `csp:"plugin-types" toml:"plugin-types"` + PrefetchSrc []string `csp:"prefetch-src" toml:"prefetch-src"` + Referrer csp.ReferrerPolicy `csp:"referrer" toml:"referrer"` + ReportTo string `csp:"report-to" toml:"report-to"` + ReportURI string `csp:"report-uri" toml:"report-uri"` + RequireSRIFor []csp.RequireSRIFor `csp:"require-sri-for" toml:"require-sri-for"` + RequireTrustedTypesFor []csp.RequireTrustedTypesFor `csp:"require-trusted-types-for" toml:"require-trusted-types-for"` + Sandbox csp.Sandbox `csp:"sandbox" toml:"sandbox"` + ScriptSrc []string `csp:"script-src" toml:"script-src"` + ScriptSrcAttr []string `csp:"script-src-attr" toml:"script-src-attr"` + ScriptSrcElem []string `csp:"script-src-elem" toml:"script-src-elem"` + StyleSrc []string `csp:"style-src" toml:"style-src"` + StyleSrcAttr []string `csp:"style-src-attr" toml:"style-src-attr"` + StyleSrcElem []string `csp:"style-src-elem" toml:"style-src-elem"` + TrustedTypes []string `csp:"trusted-types" toml:"trusted-types"` + UpgradeInsecureRequests bool `csp:"upgrade-insecure-requests" toml:"upgrade-insecure-requests"` + WorkerSrc []string `csp:"worker-src" toml:"worker-src"` +} + +func (c *CSP) String() string { + return csp.Header(*c).String() +} diff --git a/internal/server/headers.go b/internal/server/headers.go new file mode 100644 index 0000000..0efc384 --- /dev/null +++ b/internal/server/headers.go @@ -0,0 +1,17 @@ +package server + +import ( + "net/http" + cfg "searchix/internal/config" +) + +func AddHeadersMiddleware(next http.Handler, config *cfg.Config) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + for h, v := range config.Headers { + w.Header().Add(h, v) + } + w.Header().Add("Content-Security-Policy", config.CSP.String()) + + next.ServeHTTP(w, r) + }) +} diff --git a/internal/server/logging.go b/internal/server/logging.go new file mode 100644 index 0000000..6a16f42 --- /dev/null +++ b/internal/server/logging.go @@ -0,0 +1,55 @@ +package server + +import ( + "fmt" + "io" + "net/http" +) + +type LoggingResponseWriter struct { + http.ResponseWriter + statusCode int +} + +func (lrw *LoggingResponseWriter) WriteHeader(code int) { + lrw.statusCode = code + // avoids warning: superfluous response.WriteHeader call + if lrw.statusCode != http.StatusOK { + lrw.ResponseWriter.WriteHeader(code) + } +} + +func NewLoggingResponseWriter(w http.ResponseWriter) *LoggingResponseWriter { + return &LoggingResponseWriter{w, http.StatusOK} +} + +type wrappedHandlerOptions struct { + defaultHostname string + logger io.Writer +} + +func wrapHandlerWithLogging(wrappedHandler http.Handler, opts wrappedHandlerOptions) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + scheme := r.Header.Get("X-Forwarded-Proto") + if scheme == "" { + scheme = "http" + } + host := r.Header.Get("Host") + if host == "" { + host = opts.defaultHostname + } + lw := NewLoggingResponseWriter(w) + wrappedHandler.ServeHTTP(lw, r) + statusCode := lw.statusCode + fmt.Fprintf( + opts.logger, + "%s %s %d %s %s %s\n", + scheme, + r.Method, + statusCode, + host, + r.URL.Path, + lw.Header().Get("Location"), + ) + }) +} diff --git a/internal/server/server.go b/internal/server/server.go new file mode 100644 index 0000000..fc56d47 --- /dev/null +++ b/internal/server/server.go @@ -0,0 +1,175 @@ +package server + +import ( + "context" + "html/template" + "io" + "log" + "log/slog" + "net" + "net/http" + "os" + "path" + "slices" + "time" + + cfg "searchix/internal/config" + + "github.com/getsentry/sentry-go" + sentryhttp "github.com/getsentry/sentry-go/http" + "github.com/osdevisnot/sorvor/pkg/livereload" + "github.com/pkg/errors" + "github.com/shengyanli1982/law" +) + +var config *cfg.Config + +var ( + CommitSHA string + ShortSHA string +) + +type Config struct { + Production bool `conf:"default:false"` + InDevServer bool `conf:"default:false"` + LiveReload bool `conf:"default:false,flag:live"` + Root string `conf:"default:website"` + ListenAddress string `conf:"default:localhost"` + Port string `conf:"default:3000,short:p"` + BaseURL cfg.URL `conf:"default:http://localhost:3000,short:b"` +} + +type HTTPError struct { + Error error + Message string + Code int +} + +type Server struct { + *http.Server +} + +const jsSnippet = template.HTML(livereload.JsSnippet) // #nosec G203 + +type TemplateData struct { + LiveReload template.HTML + Data map[string]interface{} +} + +func applyDevModeOverrides(config *cfg.Config) { + config.CSP.ScriptSrc = slices.Insert(config.CSP.ScriptSrc, 0, "'unsafe-inline'") + config.CSP.ConnectSrc = slices.Insert(config.CSP.ConnectSrc, 0, "'self'") +} + +func New(runtimeConfig *Config) (*Server, error) { + var err error + config, err = cfg.GetConfig() + if err != nil { + return nil, errors.WithMessage(err, "error parsing configuration file") + } + + env := "development" + if runtimeConfig.Production { + env = "production" + } + err = sentry.Init(sentry.ClientOptions{ + EnableTracing: true, + TracesSampleRate: 1.0, + Dsn: os.Getenv("SENTRY_DSN"), + Release: CommitSHA, + Environment: env, + }) + if err != nil { + return nil, errors.WithMessage(err, "could not set up sentry") + } + defer sentry.Flush(2 * time.Second) + sentryHandler := sentryhttp.New(sentryhttp.Options{ + Repanic: true, + }) + + tpl := template.Must(template.ParseGlob(path.Join("frontend", "templates", "*.tmpl"))) + + top := http.NewServeMux() + mux := http.NewServeMux() + mux.HandleFunc("/", func(w http.ResponseWriter, _ *http.Request) { + tdata := TemplateData{ + LiveReload: jsSnippet, + Data: make(map[string]interface{}), + } + err := tpl.Execute(w, tdata) + if err != nil { + http.Error(w, err.Error(), http.StatusInternalServerError) + } + }) + + mux.Handle("/static/", http.StripPrefix("/static/", http.FileServer(http.Dir("frontend/static")))) + + if runtimeConfig.LiveReload { + applyDevModeOverrides(config) + liveReload := livereload.New() + liveReload.Start() + mux.Handle("/livereload", liveReload) + // liveReload.Reload() + } + + var logWriter io.Writer + if runtimeConfig.Production { + logWriter = law.NewWriteAsyncer(os.Stdout, nil) + } else { + logWriter = os.Stdout + } + top.Handle("/", + AddHeadersMiddleware( + sentryHandler.Handle( + wrapHandlerWithLogging(mux, wrappedHandlerOptions{ + defaultHostname: runtimeConfig.BaseURL.Hostname(), + logger: logWriter, + }), + ), + config, + ), + ) + // no logging, no sentry + top.HandleFunc("/health", func(w http.ResponseWriter, _ *http.Request) { + w.WriteHeader(http.StatusOK) + }) + + listenAddress := net.JoinHostPort(runtimeConfig.ListenAddress, runtimeConfig.Port) + + return &Server{ + &http.Server{ + Addr: listenAddress, + Handler: top, + ReadHeaderTimeout: 20 * time.Second, + }, + }, nil +} + +func (s *Server) Start() error { + if err := s.ListenAndServe(); err != http.ErrServerClosed { + return errors.WithMessage(err, "could not start server") + } + + return nil +} + +func (s *Server) Stop() chan struct{} { + slog.Debug("stop called") + + idleConnsClosed := make(chan struct{}) + + go func() { + slog.Debug("shutting down server") + ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second) + defer cancel() + err := s.Server.Shutdown(ctx) + slog.Debug("server shut down") + if err != nil { + // Error from closing listeners, or context timeout: + log.Printf("HTTP server Shutdown: %v", err) + } + close(idleConnsClosed) + }() + + return idleConnsClosed +} -- cgit 1.4.1