diff options
author | Alan Pearce | 2024-06-29 19:33:16 +0200 |
---|---|---|
committer | Alan Pearce | 2024-06-29 19:33:16 +0200 |
commit | 0e50089ea4b4bbd89c58c379b252baa2d09853ed (patch) | |
tree | f07655896d75c33e31e2772b75725bf3980d258c | |
parent | f73b8d6770b0e3c3f6ccb50983083c2a4dc81a5f (diff) | |
download | website-0e50089ea4b4bbd89c58c379b252baa2d09853ed.tar.lz website-0e50089ea4b4bbd89c58c379b252baa2d09853ed.tar.zst website-0e50089ea4b4bbd89c58c379b252baa2d09853ed.zip |
set timeouts for secondary (http) server
-rw-r--r-- | internal/server/server.go | 26 | ||||
-rw-r--r-- | internal/server/tls.go | 38 |
2 files changed, 32 insertions, 32 deletions
diff --git a/internal/server/server.go b/internal/server/server.go index 6f933ef..dfb0f8c 100644 --- a/internal/server/server.go +++ b/internal/server/server.go @@ -46,9 +46,9 @@ type Config struct { type Server struct { *http.Server - redirectHandler func(http.ResponseWriter, *http.Request) - runtimeConfig *Config - config *cfg.Config + redirectServer *http.Server + runtimeConfig *Config + config *cfg.Config } func applyDevModeOverrides(config *cfg.Config, runtimeConfig *Config) { @@ -178,14 +178,15 @@ func New(runtimeConfig *Config) (*Server, error) { return nil, errors.Wrap(err, "could not create website mux") } - redirectHandler := func(w http.ResponseWriter, r *http.Request) { + rMux := http.NewServeMux() + rMux.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) { path, _ := website.CanonicalisePath(r.URL.Path) newURL := config.BaseURL.JoinPath(path) http.Redirect(w, r, newURL.String(), 301) - } + }) if runtimeConfig.Redirect { loggingMux.Handle(config.BaseURL.Hostname()+"/", mux) - loggingMux.HandleFunc("/", redirectHandler) + loggingMux.Handle("/", rMux) } else { loggingMux.Handle("/", mux) } @@ -209,9 +210,16 @@ func New(runtimeConfig *Config) (*Server, error) { Addr: listenAddress, Handler: top, }, - redirectHandler: redirectHandler, - config: config, - runtimeConfig: runtimeConfig, + redirectServer: &http.Server{ + ReadHeaderTimeout: 10 * time.Second, + ReadTimeout: 1 * time.Minute, + WriteTimeout: 2 * time.Minute, + IdleTimeout: 10 * time.Minute, + Addr: listenAddress, + Handler: rMux, + }, + config: config, + runtimeConfig: runtimeConfig, }, nil } diff --git a/internal/server/tls.go b/internal/server/tls.go index 7bd4a1c..254cd12 100644 --- a/internal/server/tls.go +++ b/internal/server/tls.go @@ -35,29 +35,6 @@ func (s *Server) serveTLS() (err error) { certmagic.DefaultACME.Agreed = true certmagic.DefaultACME.Email = s.config.Email - ln, err := listenfd.GetListener( - 1, - net.JoinHostPort(s.runtimeConfig.ListenAddress, strconv.Itoa(s.runtimeConfig.Port)), - ) - if err != nil { - return errors.Wrap(err, "could not bind plain socket") - } - - go func(ln net.Listener) { - redirecter := http.NewServeMux() - redirecter.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) { - if certmagic.LooksLikeHTTPChallenge(r) { - issuer.HandleHTTPChallenge(w, r) - } else { - s.redirectHandler(w, r) - } - }) - err := http.Serve(ln, redirecter) - if err != nil && !errors.Is(err, http.ErrServerClosed) { - log.Error("error in http handler", "error", err) - } - }(ln) - if s.runtimeConfig.Development { ca := s.runtimeConfig.ACMECA if ca == "" { @@ -114,6 +91,21 @@ func (s *Server) serveTLS() (err error) { } } + ln, err := listenfd.GetListener( + 1, + net.JoinHostPort(s.runtimeConfig.ListenAddress, strconv.Itoa(s.runtimeConfig.Port)), + ) + if err != nil { + return errors.Wrap(err, "could not bind plain socket") + } + + go func(ln net.Listener) { + s.redirectServer.Handler = issuer.HTTPChallengeHandler(s.redirectServer.Handler) + if err := s.redirectServer.Serve(ln); err != nil && !errors.Is(err, http.ErrServerClosed) { + log.Error("error in http handler", "error", err) + } + }(ln) + log.Debug( "starting certmagic", "http_port", |