[godlighty.git] / cmd / godlighty / main.go

/*
godlighty -- highly-customizable HTTP, HTTP/2, HTTPS server
Copyright (C) 2021 Sergey Matveev <stargrave@stargrave.org>

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, version 3 of the License.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program.  If not, see <http://www.gnu.org/licenses/>.
*/

package main

import (
        "context"
        "crypto/tls"
        "flag"
        "log"
        "net"
        "net/http"
        "os"
        "os/signal"
        "strconv"
        "strings"
        "syscall"
        "time"

        "golang.org/x/net/netutil"

        "go.stargrave.org/godlighty"
        _ "go.stargrave.org/godlighty/rc/cfg"
)

const MaxConns = 128

var GracefulTime = 10 * time.Second

func main() {
        bind := flag.String("bind", "[::]:80", "Address to bind and listen on")
        doTLS := flag.Bool("tls", false, "Enable TLS")
        doSetUID := flag.Int("setuid", 0, "Set that UID after binding the socket")
        doSetGID := flag.Int("setgid", 0, "Set that GID after binding the socket")
        doSetGIDs := flag.String("setgids", "", "Comma-separated GIDs to set")
        log.SetFlags(log.Lshortfile)
        log.SetOutput(os.Stdout)
        flag.Parse()
        if *doTLS {
                godlighty.LoadCertificates()
        }
        shutdown := make(chan os.Signal)
        signal.Notify(shutdown, syscall.SIGTERM, syscall.SIGINT, syscall.SIGHUP)
        exitErr := make(chan error)
        l, err := net.Listen("tcp", *bind)
        if err != nil {
                log.Fatalln(err)
        }

        if *doSetGID != 0 {
                if err := syscall.Setregid(*doSetGID, *doSetGID); err != nil {
                        log.Fatal(err)
                }
        }
        if *doSetGIDs == "" {
                if *doSetGID != 0 {
                        if err := syscall.Setgroups([]int{*doSetGID}); err != nil {
                                log.Fatal(err)
                        }
                }
        } else {
                gids := []int{}
                for _, g := range strings.Split(*doSetGIDs, ",") {
                        gid, err := strconv.Atoi(g)
                        if err != nil {
                                log.Fatalln(err)
                        }
                        gids = append(gids, gid)
                }
                if err := syscall.Setgroups(gids); err != nil {
                        log.Fatal(err)
                }
        }
        if *doSetUID != 0 {
                if err := syscall.Setreuid(*doSetUID, *doSetUID); err != nil {
                        log.Fatal(err)
                }
        }

        srv := http.Server{Handler: godlighty.MainHandler}
        go func() {
                <-shutdown
                log.Println("shutting down")
                ctx, cancel := context.WithTimeout(context.TODO(), GracefulTime)
                exitErr <- srv.Shutdown(ctx)
                cancel()
        }()
        var ll net.Listener
        if *doTLS {
                tlsCfg := godlighty.NewTLSConfig()
                ll = tls.NewListener(netutil.LimitListener(l, MaxConns), tlsCfg)
        } else {
                ll = netutil.LimitListener(l, MaxConns)
        }
        log.Println(
                godlighty.Version,
                "bind:", *bind,
                "tls:", *doTLS,
                "hosts:", len(godlighty.Hosts),
        )
        if err = srv.Serve(ll); err != http.ErrServerClosed {
                log.Fatalln(err)
        }
        if err := <-exitErr; err != nil {
                log.Fatal(err)
        }
}