2014-02-19 17:50:53 +08:00
// Copyright 2014 The Gogs Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.
2014-05-02 09:21:46 +08:00
package cmd
2014-02-19 17:50:53 +08:00
import (
2018-08-21 21:56:50 +08:00
"crypto/tls"
2014-02-19 17:50:53 +08:00
"fmt"
2016-08-12 05:46:33 +08:00
"net"
2014-02-19 17:50:53 +08:00
"net/http"
2014-11-04 09:46:53 +08:00
"net/http/fcgi"
2017-02-05 21:06:25 +08:00
_ "net/http/pprof" // Used for debugging if enabled and a web server is running
2014-04-16 08:01:20 +08:00
"os"
2014-09-29 17:38:46 +08:00
"strings"
2014-02-19 17:50:53 +08:00
2016-11-11 00:24:48 +08:00
"code.gitea.io/gitea/modules/log"
"code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/routers"
2017-04-25 15:24:51 +08:00
"code.gitea.io/gitea/routers/routes"
2016-12-26 09:16:37 +08:00
2017-12-13 16:57:28 +08:00
"github.com/Unknwon/com"
2017-02-27 09:49:05 +08:00
context2 "github.com/gorilla/context"
2016-11-06 00:56:35 +08:00
"github.com/urfave/cli"
2018-08-21 21:56:50 +08:00
"golang.org/x/crypto/acme/autocert"
2017-12-13 16:57:28 +08:00
ini "gopkg.in/ini.v1"
2014-02-19 17:50:53 +08:00
)
2016-11-04 19:42:18 +08:00
// CmdWeb represents the available web sub-command.
2014-02-19 17:50:53 +08:00
var CmdWeb = cli . Command {
Name : "web" ,
2016-12-21 20:13:17 +08:00
Usage : "Start Gitea web server" ,
Description : ` Gitea web server is the only thing you need to run ,
2014-03-24 19:36:38 +08:00
and it takes care of all the other things for you ` ,
2014-02-19 17:50:53 +08:00
Action : runWeb ,
2015-02-02 01:41:03 +08:00
Flags : [ ] cli . Flag {
2016-11-10 06:18:22 +08:00
cli . StringFlag {
Name : "port, p" ,
Value : "3000" ,
Usage : "Temporary port number to prevent conflict" ,
} ,
2017-01-09 19:54:57 +08:00
cli . StringFlag {
Name : "pid, P" ,
2017-01-14 10:15:43 +08:00
Value : "/var/run/gitea.pid" ,
2017-01-09 19:54:57 +08:00
Usage : "Custom pid file path" ,
} ,
2015-02-02 01:41:03 +08:00
} ,
2014-02-19 17:50:53 +08:00
}
2017-12-26 06:23:43 +08:00
func runHTTPRedirector ( ) {
source := fmt . Sprintf ( "%s:%s" , setting . HTTPAddr , setting . PortToRedirect )
dest := strings . TrimSuffix ( setting . AppURL , "/" )
log . Info ( "Redirecting: %s to %s" , source , dest )
handler := http . HandlerFunc ( func ( w http . ResponseWriter , r * http . Request ) {
target := dest + r . URL . Path
if len ( r . URL . RawQuery ) > 0 {
target += "?" + r . URL . RawQuery
}
http . Redirect ( w , r , target , http . StatusTemporaryRedirect )
} )
var err = runHTTP ( source , context2 . ClearHandler ( handler ) )
if err != nil {
2019-04-02 15:48:31 +08:00
log . Fatal ( "Failed to start port redirection: %v" , err )
2017-12-26 06:23:43 +08:00
}
}
2018-08-21 21:56:50 +08:00
func runLetsEncrypt ( listenAddr , domain , directory , email string , m http . Handler ) error {
certManager := autocert . Manager {
Prompt : autocert . AcceptTOS ,
HostPolicy : autocert . HostWhitelist ( domain ) ,
Cache : autocert . DirCache ( directory ) ,
Email : email ,
}
2018-12-11 23:46:12 +08:00
go func ( ) {
log . Info ( "Running Let's Encrypt handler on %s" , setting . HTTPAddr + ":" + setting . PortToRedirect )
var err = http . ListenAndServe ( setting . HTTPAddr + ":" + setting . PortToRedirect , certManager . HTTPHandler ( http . HandlerFunc ( runLetsEncryptFallbackHandler ) ) ) // all traffic coming into HTTP will be redirect to HTTPS automatically (LE HTTP-01 validation happens here)
if err != nil {
2019-04-02 15:48:31 +08:00
log . Fatal ( "Failed to start the Let's Encrypt handler on port %s: %v" , setting . PortToRedirect , err )
2018-12-11 23:46:12 +08:00
}
} ( )
2018-08-21 21:56:50 +08:00
server := & http . Server {
Addr : listenAddr ,
Handler : m ,
TLSConfig : & tls . Config {
GetCertificate : certManager . GetCertificate ,
} ,
}
return server . ListenAndServeTLS ( "" , "" )
}
func runLetsEncryptFallbackHandler ( w http . ResponseWriter , r * http . Request ) {
if r . Method != "GET" && r . Method != "HEAD" {
http . Error ( w , "Use HTTPS" , http . StatusBadRequest )
return
}
2018-12-13 05:00:24 +08:00
// Remove the trailing slash at the end of setting.AppURL, the request
// URI always contains a leading slash, which would result in a double
// slash
target := strings . TrimRight ( setting . AppURL , "/" ) + r . URL . RequestURI ( )
2018-08-21 21:56:50 +08:00
http . Redirect ( w , r , target , http . StatusFound )
}
2016-05-13 02:32:28 +08:00
func runWeb ( ctx * cli . Context ) error {
2017-01-09 19:54:57 +08:00
if ctx . IsSet ( "pid" ) {
setting . CustomPID = ctx . String ( "pid" )
}
2014-03-30 05:50:51 +08:00
routers . GlobalInit ( )
2014-02-19 17:50:53 +08:00
2017-04-25 15:24:51 +08:00
m := routes . NewMacaron ( )
routes . RegisterRoutes ( m )
2014-03-23 13:48:01 +08:00
2015-02-02 01:41:03 +08:00
// Flag for port number in case first time run conflict.
if ctx . IsSet ( "port" ) {
2016-11-27 18:14:25 +08:00
setting . AppURL = strings . Replace ( setting . AppURL , setting . HTTPPort , ctx . String ( "port" ) , 1 )
2016-08-12 05:55:10 +08:00
setting . HTTPPort = ctx . String ( "port" )
2017-12-13 16:57:28 +08:00
switch setting . Protocol {
case setting . UnixSocket :
case setting . FCGI :
default :
// Save LOCAL_ROOT_URL if port changed
cfg := ini . Empty ( )
if com . IsFile ( setting . CustomConf ) {
// Keeps custom settings if there is already something.
if err := cfg . Append ( setting . CustomConf ) ; err != nil {
return fmt . Errorf ( "Failed to load custom conf '%s': %v" , setting . CustomConf , err )
}
}
defaultLocalURL := string ( setting . Protocol ) + "://"
if setting . HTTPAddr == "0.0.0.0" {
defaultLocalURL += "localhost"
} else {
defaultLocalURL += setting . HTTPAddr
}
defaultLocalURL += ":" + setting . HTTPPort + "/"
cfg . Section ( "server" ) . Key ( "LOCAL_ROOT_URL" ) . SetValue ( defaultLocalURL )
if err := cfg . SaveTo ( setting . CustomConf ) ; err != nil {
return fmt . Errorf ( "Error saving generated JWT Secret to custom config: %v" , err )
}
}
2015-02-02 01:41:03 +08:00
}
2018-01-13 06:16:49 +08:00
listenAddr := setting . HTTPAddr
if setting . Protocol != setting . UnixSocket {
listenAddr += ":" + setting . HTTPPort
2016-08-12 05:46:33 +08:00
}
2016-11-27 18:14:25 +08:00
log . Info ( "Listen: %v://%s%s" , setting . Protocol , listenAddr , setting . AppSubURL )
2016-08-12 05:55:10 +08:00
2016-12-26 09:16:37 +08:00
if setting . LFS . StartServer {
log . Info ( "LFS server enabled" )
}
2017-02-05 21:06:25 +08:00
if setting . EnablePprof {
go func ( ) {
2018-01-13 06:16:49 +08:00
log . Info ( "Starting pprof server on localhost:6060" )
2017-02-05 21:06:25 +08:00
log . Info ( "%v" , http . ListenAndServe ( "localhost:6060" , nil ) )
} ( )
}
2016-08-12 05:55:10 +08:00
var err error
2014-05-26 08:11:25 +08:00
switch setting . Protocol {
case setting . HTTP :
2017-02-22 15:14:37 +08:00
err = runHTTP ( listenAddr , context2 . ClearHandler ( m ) )
2014-05-26 08:11:25 +08:00
case setting . HTTPS :
2018-08-21 21:56:50 +08:00
if setting . EnableLetsEncrypt {
err = runLetsEncrypt ( listenAddr , setting . Domain , setting . LetsEncryptDirectory , setting . LetsEncryptEmail , context2 . ClearHandler ( m ) )
break
}
2017-12-26 06:23:43 +08:00
if setting . RedirectOtherPort {
go runHTTPRedirector ( )
}
2017-02-22 15:14:37 +08:00
err = runHTTPS ( listenAddr , setting . CertFile , setting . KeyFile , context2 . ClearHandler ( m ) )
2014-11-04 09:46:53 +08:00
case setting . FCGI :
2017-03-23 15:57:43 +08:00
listener , err := net . Listen ( "tcp" , listenAddr )
if err != nil {
2019-04-02 15:48:31 +08:00
log . Fatal ( "Failed to bind %s: %v" , listenAddr , err )
2017-03-23 15:57:43 +08:00
}
defer listener . Close ( )
err = fcgi . Serve ( listener , context2 . ClearHandler ( m ) )
2016-11-27 18:14:25 +08:00
case setting . UnixSocket :
2017-02-05 20:27:37 +08:00
if err := os . Remove ( listenAddr ) ; err != nil && ! os . IsNotExist ( err ) {
2019-04-02 15:48:31 +08:00
log . Fatal ( "Failed to remove unix socket directory %s: %v" , listenAddr , err )
2016-12-01 07:56:15 +08:00
}
2016-08-12 05:55:10 +08:00
var listener * net . UnixListener
2016-11-04 21:15:55 +08:00
listener , err = net . ListenUnix ( "unix" , & net . UnixAddr { Name : listenAddr , Net : "unix" } )
2016-08-12 05:46:33 +08:00
if err != nil {
2016-08-12 05:55:10 +08:00
break // Handle error after switch
2016-08-12 05:46:33 +08:00
}
2016-08-12 05:55:10 +08:00
// FIXME: add proper implementation of signal capture on all protocols
2016-08-12 05:46:33 +08:00
// execute this on SIGTERM or SIGINT: listener.Close()
2016-08-12 05:55:10 +08:00
if err = os . Chmod ( listenAddr , os . FileMode ( setting . UnixSocketPermission ) ) ; err != nil {
2019-04-02 15:48:31 +08:00
log . Fatal ( "Failed to set permission of unix socket: %v" , err )
2016-08-12 05:46:33 +08:00
}
2017-02-22 15:14:37 +08:00
err = http . Serve ( listener , context2 . ClearHandler ( m ) )
2014-05-26 08:11:25 +08:00
default :
2019-04-02 15:48:31 +08:00
log . Fatal ( "Invalid protocol: %s" , setting . Protocol )
2014-05-26 08:11:25 +08:00
}
if err != nil {
2019-04-02 15:48:31 +08:00
log . Fatal ( "Failed to start server: %v" , err )
2014-03-18 21:58:58 +08:00
}
2016-05-13 02:32:28 +08:00
return nil
2014-02-19 17:50:53 +08:00
}