OrgGo
/
caddy
mirror of https://github.com/caddyserver/caddy.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

cmd: Support admin endpoint on unix socket (#3320)

This commit is contained in:
Matt Holt 2020-05-29 14:21:55 -06:00 committed by GitHub
parent 6c051cd27d
commit 996af0915d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 61 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

94
cmd/commandfuncs.go
View File

@ -16,6 +16,7 @@ package caddycmd
import ( import (
"bytes" "bytes"
"context"
"crypto/rand" "crypto/rand"
"encoding/json" "encoding/json"
"fmt" "fmt"
@ -276,24 +277,9 @@ func cmdRun(fl Flags) (int, error) {
func cmdStop(fl Flags) (int, error) { func cmdStop(fl Flags) (int, error) {
stopCmdAddrFlag := fl.String("address") stopCmdAddrFlag := fl.String("address")
adminAddr := caddy.DefaultAdminListen err := apiRequest(stopCmdAddrFlag, http.MethodPost, "/stop", nil)
if stopCmdAddrFlag != "" {
adminAddr = stopCmdAddrFlag
}
stopEndpoint := fmt.Sprintf("http://%s/stop", adminAddr)
req, err := http.NewRequest(http.MethodPost, stopEndpoint, nil)
if err != nil { if err != nil {
return caddy.ExitCodeFailedStartup, fmt.Errorf("making request: %v", err) caddy.Log().Warn("failed using API to stop instance", zap.Error(err))
}
req.Header.Set("Origin", adminAddr)
err = apiRequest(req)
if err != nil {
caddy.Log().Warn("failed using API to stop instance",
zap.String("endpoint", stopEndpoint),
zap.Error(err),
)
return caddy.ExitCodeFailedStartup, err return caddy.ExitCodeFailedStartup, err
} }
@ -314,7 +300,7 @@ func cmdReload(fl Flags) (int, error) {
return caddy.ExitCodeFailedStartup, fmt.Errorf("no config file to load") return caddy.ExitCodeFailedStartup, fmt.Errorf("no config file to load")
} }
// get the address of the admin listener and craft endpoint URL // get the address of the admin listener; use flag if specified
adminAddr := reloadCmdAddrFlag adminAddr := reloadCmdAddrFlag
if adminAddr == "" && len(config) > 0 { if adminAddr == "" && len(config) > 0 {
var tmpStruct struct { var tmpStruct struct {
@ -327,20 +313,8 @@ func cmdReload(fl Flags) (int, error) {
} }
adminAddr = tmpStruct.Admin.Listen adminAddr = tmpStruct.Admin.Listen
} }
if adminAddr == "" {
adminAddr = caddy.DefaultAdminListen
}
loadEndpoint := fmt.Sprintf("http://%s/load", adminAddr)
// prepare the request to update the configuration err = apiRequest(adminAddr, http.MethodPost, "/load", bytes.NewReader(config))
req, err := http.NewRequest(http.MethodPost, loadEndpoint, bytes.NewReader(config))
if err != nil {
return caddy.ExitCodeFailedStartup, fmt.Errorf("making request: %v", err)
}
req.Header.Set("Content-Type", "application/json")
req.Header.Set("Origin", adminAddr)
err = apiRequest(req)
if err != nil { if err != nil {
return caddy.ExitCodeFailedStartup, fmt.Errorf("sending configuration to instance: %v", err) return caddy.ExitCodeFailedStartup, fmt.Errorf("sending configuration to instance: %v", err)
} }
@ -645,8 +619,62 @@ commands:
return caddy.ExitCodeSuccess, nil return caddy.ExitCodeSuccess, nil
} }
func apiRequest(req *http.Request) error { // apiRequest makes an API request to the endpoint adminAddr with the
resp, err := http.DefaultClient.Do(req) // given HTTP method and request URI. If body is non-nil, it will be
// assumed to be Content-Type application/json.
func apiRequest(adminAddr, method, uri string, body io.Reader) error {
// parse the admin address
if adminAddr == "" {
adminAddr = caddy.DefaultAdminListen
}
parsedAddr, err := caddy.ParseNetworkAddress(adminAddr)
if err != nil || parsedAddr.PortRangeSize() > 1 {
return fmt.Errorf("invalid admin address %s: %v", adminAddr, err)
}
origin := parsedAddr.JoinHostPort(0)
if parsedAddr.IsUnixNetwork() {
origin = "unixsocket" // hack so that http.NewRequest() is happy
}
// form the request
req, err := http.NewRequest(method, "http://"+origin+uri, body)
if err != nil {
return fmt.Errorf("making request: %v", err)
}
if parsedAddr.IsUnixNetwork() {
// When listening on a unix socket, the admin endpoint doesn't
// accept any Host header because there is no host:port for
// a unix socket's address. The server's host check is fairly
// strict for security reasons, so we don't allow just any
// Host header. For unix sockets, the Host header must be
// empty. Unfortunately, Go makes it impossible to make HTTP
// requests with an empty Host header... except with this one
// weird trick. (Hopefully they don't fix it. It's already
// hard enough to use HTTP over unix sockets.)
//
// An equivalent curl command would be something like:
// $ curl --unix-socket caddy.sock http:/:$REQUEST_URI
req.URL.Host = " "
req.Host = ""
} else {
req.Header.Set("Origin", origin)
}
if body != nil {
req.Header.Set("Content-Type", "application/json")
}
// make an HTTP client that dials our network type, since admin
// endpoints aren't always TCP, which is what the default transport
// expects; reuse is not of particular concern here
client := http.Client{
Transport: &http.Transport{
DialContext: func(_ context.Context, _, _ string) (net.Conn, error) {
return net.Dial(parsedAddr.Network, parsedAddr.JoinHostPort(0))
},
},
}
resp, err := client.Do(req)
if err != nil { if err != nil {
return fmt.Errorf("performing request: %v", err) return fmt.Errorf("performing request: %v", err)
} }