Update monolith -api behaviour (#1484)

* Update monolith -api mode listeners

* Fix check

* Fix another check

* Update HTTP API addr behaviour

* Redefine NoExternalListener

* NoListener
This commit is contained in:
Neil Alexander 2020-10-07 16:59:22 +01:00 committed by GitHub
parent bf7e85848b
commit 8bca7a83a9
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
9 changed files with 65 additions and 59 deletions

View file

@ -31,8 +31,8 @@ func main() {
appservice.AddInternalRoutes(base.InternalAPIMux, intAPI) appservice.AddInternalRoutes(base.InternalAPIMux, intAPI)
base.SetupAndServeHTTP( base.SetupAndServeHTTP(
base.Cfg.AppServiceAPI.InternalAPI.Listen, base.Cfg.AppServiceAPI.InternalAPI.Listen, // internal listener
setup.NoExternalListener, setup.NoListener, // external listener
nil, nil, nil, nil,
) )
} }

View file

@ -34,8 +34,8 @@ func main() {
eduserver.AddInternalRoutes(base.InternalAPIMux, intAPI) eduserver.AddInternalRoutes(base.InternalAPIMux, intAPI)
base.SetupAndServeHTTP( base.SetupAndServeHTTP(
base.Cfg.EDUServer.InternalAPI.Listen, base.Cfg.EDUServer.InternalAPI.Listen, // internal listener
setup.NoExternalListener, setup.NoListener, // external listener
nil, nil, nil, nil,
) )
} }

View file

@ -36,8 +36,8 @@ func main() {
federationsender.AddInternalRoutes(base.InternalAPIMux, fsAPI) federationsender.AddInternalRoutes(base.InternalAPIMux, fsAPI)
base.SetupAndServeHTTP( base.SetupAndServeHTTP(
base.Cfg.FederationSender.InternalAPI.Listen, base.Cfg.FederationSender.InternalAPI.Listen, // internal listener
setup.NoExternalListener, setup.NoListener, // external listener
nil, nil, nil, nil,
) )
} }

View file

@ -30,8 +30,8 @@ func main() {
keyserver.AddInternalRoutes(base.InternalAPIMux, intAPI) keyserver.AddInternalRoutes(base.InternalAPIMux, intAPI)
base.SetupAndServeHTTP( base.SetupAndServeHTTP(
base.Cfg.KeyServer.InternalAPI.Listen, base.Cfg.KeyServer.InternalAPI.Listen, // internal listener
setup.NoExternalListener, setup.NoListener, // external listener
nil, nil, nil, nil,
) )
} }

View file

@ -29,11 +29,13 @@ import (
"github.com/matrix-org/dendrite/roomserver/api" "github.com/matrix-org/dendrite/roomserver/api"
"github.com/matrix-org/dendrite/signingkeyserver" "github.com/matrix-org/dendrite/signingkeyserver"
"github.com/matrix-org/dendrite/userapi" "github.com/matrix-org/dendrite/userapi"
"github.com/sirupsen/logrus"
) )
var ( var (
httpBindAddr = flag.String("http-bind-address", ":8008", "The HTTP listening port for the server") httpBindAddr = flag.String("http-bind-address", ":8008", "The HTTP listening port for the server")
httpsBindAddr = flag.String("https-bind-address", ":8448", "The HTTPS listening port for the server") httpsBindAddr = flag.String("https-bind-address", ":8448", "The HTTPS listening port for the server")
apiBindAddr = flag.String("api-bind-address", "localhost:18008", "The HTTP listening port for the internal HTTP APIs (if -api is enabled)")
certFile = flag.String("tls-cert", "", "The PEM formatted X509 certificate to use for TLS") certFile = flag.String("tls-cert", "", "The PEM formatted X509 certificate to use for TLS")
keyFile = flag.String("tls-key", "", "The PEM private key to use for TLS") keyFile = flag.String("tls-key", "", "The PEM private key to use for TLS")
enableHTTPAPIs = flag.Bool("api", false, "Use HTTP APIs instead of short-circuiting (warning: exposes API endpoints!)") enableHTTPAPIs = flag.Bool("api", false, "Use HTTP APIs instead of short-circuiting (warning: exposes API endpoints!)")
@ -44,22 +46,25 @@ func main() {
cfg := setup.ParseFlags(true) cfg := setup.ParseFlags(true)
httpAddr := config.HTTPAddress("http://" + *httpBindAddr) httpAddr := config.HTTPAddress("http://" + *httpBindAddr)
httpsAddr := config.HTTPAddress("https://" + *httpsBindAddr) httpsAddr := config.HTTPAddress("https://" + *httpsBindAddr)
httpAPIAddr := httpAddr
if *enableHTTPAPIs { if *enableHTTPAPIs {
logrus.Warnf("DANGER! The -api option is enabled, exposing internal APIs on %q!", *apiBindAddr)
httpAPIAddr = config.HTTPAddress("http://" + *apiBindAddr)
// If the HTTP APIs are enabled then we need to update the Listen // If the HTTP APIs are enabled then we need to update the Listen
// statements in the configuration so that we know where to find // statements in the configuration so that we know where to find
// the API endpoints. They'll listen on the same port as the monolith // the API endpoints. They'll listen on the same port as the monolith
// itself. // itself.
cfg.AppServiceAPI.InternalAPI.Connect = httpAddr cfg.AppServiceAPI.InternalAPI.Connect = httpAPIAddr
cfg.ClientAPI.InternalAPI.Connect = httpAddr cfg.ClientAPI.InternalAPI.Connect = httpAPIAddr
cfg.EDUServer.InternalAPI.Connect = httpAddr cfg.EDUServer.InternalAPI.Connect = httpAPIAddr
cfg.FederationAPI.InternalAPI.Connect = httpAddr cfg.FederationAPI.InternalAPI.Connect = httpAPIAddr
cfg.FederationSender.InternalAPI.Connect = httpAddr cfg.FederationSender.InternalAPI.Connect = httpAPIAddr
cfg.KeyServer.InternalAPI.Connect = httpAddr cfg.KeyServer.InternalAPI.Connect = httpAPIAddr
cfg.MediaAPI.InternalAPI.Connect = httpAddr cfg.MediaAPI.InternalAPI.Connect = httpAPIAddr
cfg.RoomServer.InternalAPI.Connect = httpAddr cfg.RoomServer.InternalAPI.Connect = httpAPIAddr
cfg.SigningKeyServer.InternalAPI.Connect = httpAddr cfg.SigningKeyServer.InternalAPI.Connect = httpAPIAddr
cfg.SyncAPI.InternalAPI.Connect = httpAddr cfg.SyncAPI.InternalAPI.Connect = httpAPIAddr
} }
base := setup.NewBaseDendrite(cfg, "Monolith", *enableHTTPAPIs) base := setup.NewBaseDendrite(cfg, "Monolith", *enableHTTPAPIs)
@ -148,18 +153,18 @@ func main() {
// Expose the matrix APIs directly rather than putting them under a /api path. // Expose the matrix APIs directly rather than putting them under a /api path.
go func() { go func() {
base.SetupAndServeHTTP( base.SetupAndServeHTTP(
config.HTTPAddress(httpAddr), // internal API httpAPIAddr, // internal API
config.HTTPAddress(httpAddr), // external API httpAddr, // external API
nil, nil, // TLS settings nil, nil, // TLS settings
) )
}() }()
// Handle HTTPS if certificate and key are provided // Handle HTTPS if certificate and key are provided
if *certFile != "" && *keyFile != "" { if *certFile != "" && *keyFile != "" {
go func() { go func() {
base.SetupAndServeHTTP( base.SetupAndServeHTTP(
config.HTTPAddress(httpsAddr), // internal API setup.NoListener, // internal API
config.HTTPAddress(httpsAddr), // external API httpsAddr, // external API
certFile, keyFile, // TLS settings certFile, keyFile, // TLS settings
) )
}() }()
} }

View file

@ -33,8 +33,8 @@ func main() {
roomserver.AddInternalRoutes(base.InternalAPIMux, rsAPI) roomserver.AddInternalRoutes(base.InternalAPIMux, rsAPI)
base.SetupAndServeHTTP( base.SetupAndServeHTTP(
base.Cfg.RoomServer.InternalAPI.Listen, base.Cfg.RoomServer.InternalAPI.Listen, // internal listener
setup.NoExternalListener, setup.NoListener, // external listener
nil, nil, nil, nil,
) )
} }

View file

@ -31,7 +31,7 @@ func main() {
base.SetupAndServeHTTP( base.SetupAndServeHTTP(
base.Cfg.SigningKeyServer.InternalAPI.Listen, base.Cfg.SigningKeyServer.InternalAPI.Listen,
setup.NoExternalListener, setup.NoListener,
nil, nil, nil, nil,
) )
} }

View file

@ -31,8 +31,8 @@ func main() {
userapi.AddInternalRoutes(base.InternalAPIMux, userAPI) userapi.AddInternalRoutes(base.InternalAPIMux, userAPI)
base.SetupAndServeHTTP( base.SetupAndServeHTTP(
base.Cfg.UserAPI.InternalAPI.Listen, base.Cfg.UserAPI.InternalAPI.Listen, // internal listener
setup.NoExternalListener, setup.NoListener, // external listener
nil, nil, nil, nil,
) )
} }

View file

@ -80,7 +80,7 @@ type BaseDendrite struct {
const HTTPServerTimeout = time.Minute * 5 const HTTPServerTimeout = time.Minute * 5
const HTTPClientTimeout = time.Second * 30 const HTTPClientTimeout = time.Second * 30
const NoExternalListener = "" const NoListener = ""
// NewBaseDendrite creates a new instance to be used by a component. // NewBaseDendrite creates a new instance to be used by a component.
// The componentName is used for logging purposes, and should be a friendly name // The componentName is used for logging purposes, and should be a friendly name
@ -272,22 +272,21 @@ func (b *BaseDendrite) SetupAndServeHTTP(
internalAddr, _ := internalHTTPAddr.Address() internalAddr, _ := internalHTTPAddr.Address()
externalAddr, _ := externalHTTPAddr.Address() externalAddr, _ := externalHTTPAddr.Address()
internalRouter := mux.NewRouter().SkipClean(true).UseEncodedPath() externalRouter := mux.NewRouter().SkipClean(true).UseEncodedPath()
externalRouter := internalRouter internalRouter := externalRouter
internalServ := &http.Server{ externalServ := &http.Server{
Addr: string(internalAddr), Addr: string(externalAddr),
WriteTimeout: HTTPServerTimeout, WriteTimeout: HTTPServerTimeout,
Handler: internalRouter, Handler: externalRouter,
} }
externalServ := internalServ internalServ := externalServ
if externalAddr != NoExternalListener && externalAddr != internalAddr { if internalAddr != NoListener && externalAddr != internalAddr {
externalRouter = mux.NewRouter().SkipClean(true).UseEncodedPath() internalRouter = mux.NewRouter().SkipClean(true).UseEncodedPath()
externalServ = &http.Server{ internalServ = &http.Server{
Addr: string(externalAddr), Addr: string(internalAddr),
WriteTimeout: HTTPServerTimeout, Handler: internalRouter,
Handler: externalRouter,
} }
} }
@ -301,23 +300,25 @@ func (b *BaseDendrite) SetupAndServeHTTP(
externalRouter.PathPrefix(httputil.PublicFederationPathPrefix).Handler(b.PublicFederationAPIMux) externalRouter.PathPrefix(httputil.PublicFederationPathPrefix).Handler(b.PublicFederationAPIMux)
externalRouter.PathPrefix(httputil.PublicMediaPathPrefix).Handler(b.PublicMediaAPIMux) externalRouter.PathPrefix(httputil.PublicMediaPathPrefix).Handler(b.PublicMediaAPIMux)
go func() { if internalAddr != NoListener && internalAddr != externalAddr {
logrus.Infof("Starting %s listener on %s", b.componentName, internalServ.Addr)
if certFile != nil && keyFile != nil {
if err := internalServ.ListenAndServeTLS(*certFile, *keyFile); err != nil {
logrus.WithError(err).Fatal("failed to serve HTTPS")
}
} else {
if err := internalServ.ListenAndServe(); err != nil {
logrus.WithError(err).Fatal("failed to serve HTTP")
}
}
logrus.Infof("Stopped %s listener on %s", b.componentName, internalServ.Addr)
}()
if externalAddr != NoExternalListener && internalAddr != externalAddr {
go func() { go func() {
logrus.Infof("Starting %s listener on %s", b.componentName, externalServ.Addr) logrus.Infof("Starting internal %s listener on %s", b.componentName, internalServ.Addr)
if certFile != nil && keyFile != nil {
if err := internalServ.ListenAndServeTLS(*certFile, *keyFile); err != nil {
logrus.WithError(err).Fatal("failed to serve HTTPS")
}
} else {
if err := internalServ.ListenAndServe(); err != nil {
logrus.WithError(err).Fatal("failed to serve HTTP")
}
}
logrus.Infof("Stopped internal %s listener on %s", b.componentName, internalServ.Addr)
}()
}
if externalAddr != NoListener {
go func() {
logrus.Infof("Starting external %s listener on %s", b.componentName, externalServ.Addr)
if certFile != nil && keyFile != nil { if certFile != nil && keyFile != nil {
if err := externalServ.ListenAndServeTLS(*certFile, *keyFile); err != nil { if err := externalServ.ListenAndServeTLS(*certFile, *keyFile); err != nil {
logrus.WithError(err).Fatal("failed to serve HTTPS") logrus.WithError(err).Fatal("failed to serve HTTPS")
@ -327,7 +328,7 @@ func (b *BaseDendrite) SetupAndServeHTTP(
logrus.WithError(err).Fatal("failed to serve HTTP") logrus.WithError(err).Fatal("failed to serve HTTP")
} }
} }
logrus.Infof("Stopped %s listener on %s", b.componentName, externalServ.Addr) logrus.Infof("Stopped external %s listener on %s", b.componentName, externalServ.Addr)
}() }()
} }