mirror of
https://github.com/opencloud-eu/opencloud.git
synced 2026-01-03 19:48:31 -05:00
105 lines
3.1 KiB
Go
105 lines
3.1 KiB
Go
package http
|
|
|
|
import (
|
|
"crypto/tls"
|
|
"fmt"
|
|
"net"
|
|
"strings"
|
|
|
|
"github.com/opencloud-eu/opencloud/pkg/broker"
|
|
"github.com/opencloud-eu/opencloud/pkg/registry"
|
|
netx "github.com/opencloud-eu/opencloud/pkg/x/net"
|
|
|
|
mhttps "github.com/go-micro/plugins/v4/server/http"
|
|
mtracer "github.com/go-micro/plugins/v4/wrapper/trace/opentelemetry"
|
|
"go-micro.dev/v4"
|
|
|
|
occrypto "github.com/opencloud-eu/opencloud/pkg/crypto"
|
|
)
|
|
|
|
// Service simply wraps the go-micro web service.
|
|
type Service struct {
|
|
micro.Service
|
|
}
|
|
|
|
// NewService initializes a new http service.
|
|
func NewService(opts ...Option) (Service, error) {
|
|
noopBroker := broker.NoOp{}
|
|
sopts := newOptions(opts...)
|
|
|
|
var listener net.Listener
|
|
var err error
|
|
if sopts.TLSConfig.Enabled {
|
|
var cert tls.Certificate
|
|
var err error
|
|
if sopts.TLSConfig.Cert != "" {
|
|
cert, err = tls.LoadX509KeyPair(sopts.TLSConfig.Cert, sopts.TLSConfig.Key)
|
|
if err != nil {
|
|
sopts.Logger.Error().Err(err).
|
|
Str("cert", sopts.TLSConfig.Cert).
|
|
Str("key", sopts.TLSConfig.Key).
|
|
Msg("error loading server certifcate and key")
|
|
return Service{}, fmt.Errorf("error loading server certificate and key: %w", err)
|
|
}
|
|
} else {
|
|
// Generate a self-signed server certificate on the fly. This requires the clients
|
|
// to connect with InsecureSkipVerify.
|
|
sopts.Logger.Warn().Str("address", sopts.Address).
|
|
Msg("No server certificate configured. Generating a temporary self-signed certificate")
|
|
cert, err = occrypto.GenTempCertForAddr(sopts.Address)
|
|
if err != nil {
|
|
return Service{}, fmt.Errorf("error creating temporary self-signed certificate: %w", err)
|
|
}
|
|
}
|
|
tlsConfig := &tls.Config{
|
|
Certificates: []tls.Certificate{cert},
|
|
}
|
|
// Create TLS listener
|
|
listener, err = tls.Listen("tcp", sopts.Address, tlsConfig)
|
|
if err != nil {
|
|
return Service{}, fmt.Errorf("error starting TLS listener: %w", err)
|
|
}
|
|
} else {
|
|
// Create Non-TLS listener
|
|
listener, err = net.Listen("tcp", sopts.Address)
|
|
if err != nil {
|
|
return Service{}, fmt.Errorf("error starting TCP listener: %w", err)
|
|
}
|
|
}
|
|
|
|
mServer := mhttps.NewServer(
|
|
// Wrap listener with timeoutListener to set a read timeout
|
|
mhttps.Listener(netx.TimeoutListener{
|
|
Listener: listener,
|
|
ReadTimeout: sopts.TimeoutConfig.Read,
|
|
}),
|
|
)
|
|
|
|
wopts := []micro.Option{
|
|
micro.Server(mServer),
|
|
micro.Broker(noopBroker),
|
|
micro.Address(sopts.Address),
|
|
micro.Name(strings.Join([]string{sopts.Namespace, sopts.Name}, ".")),
|
|
micro.Version(sopts.Version),
|
|
micro.Context(sopts.Context),
|
|
micro.Flags(sopts.Flags...),
|
|
micro.Registry(registry.GetRegistry()),
|
|
micro.RegisterTTL(registry.GetRegisterTTL()),
|
|
micro.RegisterInterval(registry.GetRegisterInterval()),
|
|
micro.WrapClient(mtracer.NewClientWrapper(
|
|
mtracer.WithTraceProvider(sopts.TraceProvider),
|
|
)),
|
|
micro.WrapHandler(mtracer.NewHandlerWrapper(
|
|
mtracer.WithTraceProvider(sopts.TraceProvider),
|
|
)),
|
|
micro.WrapSubscriber(mtracer.NewSubscriberWrapper(
|
|
mtracer.WithTraceProvider(sopts.TraceProvider),
|
|
)),
|
|
}
|
|
if sopts.TLSConfig.Enabled {
|
|
wopts = append(wopts, micro.Metadata(map[string]string{"use_tls": "true"}))
|
|
}
|
|
|
|
return Service{micro.NewService(wopts...)}, nil
|
|
}
|