2 godlighty -- highly-customizable HTTP, HTTP/2, HTTPS server
3 Copyright (C) 2021 Sergey Matveev <stargrave@stargrave.org>
5 This program is free software: you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation, version 3 of the License.
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
14 You should have received a copy of the GNU General Public License
15 along with this program. If not, see <http://www.gnu.org/licenses/>.
34 "golang.org/x/net/netutil"
36 "go.stargrave.org/godlighty"
37 _ "go.stargrave.org/godlighty/rc/cfg"
42 var GracefulTime = 10 * time.Second
45 bind := flag.String("bind", "[::]:80", "Address to bind and listen on")
46 doTLS := flag.Bool("tls", false, "Enable TLS")
47 doSetUID := flag.Int("setuid", 0, "Set that UID after binding the socket")
48 doSetGID := flag.Int("setgid", 0, "Set that GID after binding the socket")
49 doSetGIDs := flag.String("setgids", "", "Comma-separated GIDs to set")
50 log.SetFlags(log.Lshortfile)
51 log.SetOutput(os.Stdout)
54 godlighty.LoadCertificates()
56 shutdown := make(chan os.Signal)
57 signal.Notify(shutdown, syscall.SIGTERM, syscall.SIGINT, syscall.SIGHUP)
58 exitErr := make(chan error)
59 l, err := net.Listen("tcp", *bind)
65 if err := syscall.Setregid(*doSetGID, *doSetGID); err != nil {
71 if err := syscall.Setgroups([]int{*doSetGID}); err != nil {
77 for _, g := range strings.Split(*doSetGIDs, ",") {
78 gid, err := strconv.Atoi(g)
82 gids = append(gids, gid)
84 if err := syscall.Setgroups(gids); err != nil {
89 if err := syscall.Setreuid(*doSetUID, *doSetUID); err != nil {
94 srv := http.Server{Handler: godlighty.MainHandler}
97 log.Println("shutting down")
98 ctx, cancel := context.WithTimeout(context.TODO(), GracefulTime)
99 exitErr <- srv.Shutdown(ctx)
104 tlsCfg := godlighty.NewTLSConfig()
105 ll = tls.NewListener(netutil.LimitListener(l, MaxConns), tlsCfg)
107 ll = netutil.LimitListener(l, MaxConns)
113 "hosts:", len(godlighty.Hosts),
115 if err = srv.Serve(ll); err != http.ErrServerClosed {
118 if err := <-exitErr; err != nil {