2014-02-19 10:50:53 +01:00
|
|
|
// Copyright 2014 The Gogs Authors. All rights reserved.
|
|
|
|
|
// Use of this source code is governed by a MIT-style
|
|
|
|
|
// license that can be found in the LICENSE file.
|
|
|
|
|
|
2014-05-02 03:21:46 +02:00
|
|
|
package cmd
|
2014-02-19 10:50:53 +01:00
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"fmt"
|
2016-08-11 23:46:33 +02:00
|
|
|
"net"
|
2014-02-19 10:50:53 +01:00
|
|
|
"net/http"
|
2014-11-04 02:46:53 +01:00
|
|
|
"net/http/fcgi"
|
2017-02-05 14:06:25 +01:00
|
|
|
_ "net/http/pprof" // Used for debugging if enabled and a web server is running
|
2014-04-16 02:01:20 +02:00
|
|
|
"os"
|
2014-09-29 11:38:46 +02:00
|
|
|
"strings"
|
2014-02-19 10:50:53 +01:00
|
|
|
|
2019-10-23 17:32:19 +02:00
|
|
|
"code.gitea.io/gitea/modules/graceful"
|
2016-11-10 17:24:48 +01:00
|
|
|
"code.gitea.io/gitea/modules/log"
|
|
|
|
|
"code.gitea.io/gitea/modules/setting"
|
|
|
|
|
"code.gitea.io/gitea/routers"
|
2017-04-25 09:24:51 +02:00
|
|
|
"code.gitea.io/gitea/routers/routes"
|
2016-12-26 02:16:37 +01:00
|
|
|
|
2017-02-27 02:49:05 +01:00
|
|
|
context2 "github.com/gorilla/context"
|
2019-08-23 18:40:30 +02:00
|
|
|
"github.com/unknwon/com"
|
2016-11-05 17:56:35 +01:00
|
|
|
"github.com/urfave/cli"
|
2018-08-21 15:56:50 +02:00
|
|
|
"golang.org/x/crypto/acme/autocert"
|
2017-12-13 09:57:28 +01:00
|
|
|
ini "gopkg.in/ini.v1"
|
2014-02-19 10:50:53 +01:00
|
|
|
)
|
|
|
|
|
|
2016-11-04 12:42:18 +01:00
|
|
|
// CmdWeb represents the available web sub-command.
|
2014-02-19 10:50:53 +01:00
|
|
|
var CmdWeb = cli.Command{
|
|
|
|
|
Name: "web",
|
2016-12-21 13:13:17 +01:00
|
|
|
Usage: "Start Gitea web server",
|
|
|
|
|
Description: `Gitea web server is the only thing you need to run,
|
2014-03-24 12:36:38 +01:00
|
|
|
and it takes care of all the other things for you`,
|
2014-02-19 10:50:53 +01:00
|
|
|
Action: runWeb,
|
2015-02-01 18:41:03 +01:00
|
|
|
Flags: []cli.Flag{
|
2016-11-09 23:18:22 +01:00
|
|
|
cli.StringFlag{
|
|
|
|
|
Name: "port, p",
|
|
|
|
|
Value: "3000",
|
|
|
|
|
Usage: "Temporary port number to prevent conflict",
|
|
|
|
|
},
|
2017-01-09 12:54:57 +01:00
|
|
|
cli.StringFlag{
|
|
|
|
|
Name: "pid, P",
|
2017-01-14 03:15:43 +01:00
|
|
|
Value: "/var/run/gitea.pid",
|
2017-01-09 12:54:57 +01:00
|
|
|
Usage: "Custom pid file path",
|
|
|
|
|
},
|
2015-02-01 18:41:03 +01:00
|
|
|
},
|
2014-02-19 10:50:53 +01:00
|
|
|
}
|
|
|
|
|
|
2017-12-25 23:23:43 +01:00
|
|
|
func runHTTPRedirector() {
|
|
|
|
|
source := fmt.Sprintf("%s:%s", setting.HTTPAddr, setting.PortToRedirect)
|
|
|
|
|
dest := strings.TrimSuffix(setting.AppURL, "/")
|
|
|
|
|
log.Info("Redirecting: %s to %s", source, dest)
|
|
|
|
|
|
|
|
|
|
handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
target := dest + r.URL.Path
|
|
|
|
|
if len(r.URL.RawQuery) > 0 {
|
|
|
|
|
target += "?" + r.URL.RawQuery
|
|
|
|
|
}
|
|
|
|
|
http.Redirect(w, r, target, http.StatusTemporaryRedirect)
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
var err = runHTTP(source, context2.ClearHandler(handler))
|
|
|
|
|
|
|
|
|
|
if err != nil {
|
2019-04-02 09:48:31 +02:00
|
|
|
log.Fatal("Failed to start port redirection: %v", err)
|
2017-12-25 23:23:43 +01:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2018-08-21 15:56:50 +02:00
|
|
|
func runLetsEncrypt(listenAddr, domain, directory, email string, m http.Handler) error {
|
|
|
|
|
certManager := autocert.Manager{
|
|
|
|
|
Prompt: autocert.AcceptTOS,
|
|
|
|
|
HostPolicy: autocert.HostWhitelist(domain),
|
|
|
|
|
Cache: autocert.DirCache(directory),
|
|
|
|
|
Email: email,
|
|
|
|
|
}
|
2018-12-11 16:46:12 +01:00
|
|
|
go func() {
|
|
|
|
|
log.Info("Running Let's Encrypt handler on %s", setting.HTTPAddr+":"+setting.PortToRedirect)
|
2019-10-15 15:39:51 +02:00
|
|
|
// all traffic coming into HTTP will be redirect to HTTPS automatically (LE HTTP-01 validation happens here)
|
|
|
|
|
var err = runHTTP(setting.HTTPAddr+":"+setting.PortToRedirect, certManager.HTTPHandler(http.HandlerFunc(runLetsEncryptFallbackHandler)))
|
2018-12-11 16:46:12 +01:00
|
|
|
if err != nil {
|
2019-04-02 09:48:31 +02:00
|
|
|
log.Fatal("Failed to start the Let's Encrypt handler on port %s: %v", setting.PortToRedirect, err)
|
2018-12-11 16:46:12 +01:00
|
|
|
}
|
|
|
|
|
}()
|
2019-10-15 15:39:51 +02:00
|
|
|
return runHTTPSWithTLSConfig(listenAddr, certManager.TLSConfig(), context2.ClearHandler(m))
|
2018-08-21 15:56:50 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func runLetsEncryptFallbackHandler(w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
if r.Method != "GET" && r.Method != "HEAD" {
|
|
|
|
|
http.Error(w, "Use HTTPS", http.StatusBadRequest)
|
|
|
|
|
return
|
|
|
|
|
}
|
2018-12-12 22:00:24 +01:00
|
|
|
// Remove the trailing slash at the end of setting.AppURL, the request
|
|
|
|
|
// URI always contains a leading slash, which would result in a double
|
|
|
|
|
// slash
|
|
|
|
|
target := strings.TrimRight(setting.AppURL, "/") + r.URL.RequestURI()
|
2018-08-21 15:56:50 +02:00
|
|
|
http.Redirect(w, r, target, http.StatusFound)
|
|
|
|
|
}
|
|
|
|
|
|
2016-05-12 20:32:28 +02:00
|
|
|
func runWeb(ctx *cli.Context) error {
|
2019-10-15 15:39:51 +02:00
|
|
|
if os.Getppid() > 1 && len(os.Getenv("LISTEN_FDS")) > 0 {
|
|
|
|
|
log.Info("Restarting Gitea on PID: %d from parent PID: %d", os.Getpid(), os.Getppid())
|
|
|
|
|
} else {
|
|
|
|
|
log.Info("Starting Gitea on PID: %d", os.Getpid())
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Set pid file setting
|
2017-01-09 12:54:57 +01:00
|
|
|
if ctx.IsSet("pid") {
|
|
|
|
|
setting.CustomPID = ctx.String("pid")
|
|
|
|
|
}
|
|
|
|
|
|
2019-10-15 15:39:51 +02:00
|
|
|
// Perform global initialization
|
2014-03-29 22:50:51 +01:00
|
|
|
routers.GlobalInit()
|
2014-02-19 10:50:53 +01:00
|
|
|
|
2019-10-15 15:39:51 +02:00
|
|
|
// Set up Macaron
|
2017-04-25 09:24:51 +02:00
|
|
|
m := routes.NewMacaron()
|
|
|
|
|
routes.RegisterRoutes(m)
|
2014-03-23 06:48:01 +01:00
|
|
|
|
2015-02-01 18:41:03 +01:00
|
|
|
// Flag for port number in case first time run conflict.
|
|
|
|
|
if ctx.IsSet("port") {
|
2016-11-27 11:14:25 +01:00
|
|
|
setting.AppURL = strings.Replace(setting.AppURL, setting.HTTPPort, ctx.String("port"), 1)
|
2016-08-11 23:55:10 +02:00
|
|
|
setting.HTTPPort = ctx.String("port")
|
2017-12-13 09:57:28 +01:00
|
|
|
|
|
|
|
|
switch setting.Protocol {
|
|
|
|
|
case setting.UnixSocket:
|
|
|
|
|
case setting.FCGI:
|
|
|
|
|
default:
|
|
|
|
|
// Save LOCAL_ROOT_URL if port changed
|
|
|
|
|
cfg := ini.Empty()
|
|
|
|
|
if com.IsFile(setting.CustomConf) {
|
|
|
|
|
// Keeps custom settings if there is already something.
|
|
|
|
|
if err := cfg.Append(setting.CustomConf); err != nil {
|
|
|
|
|
return fmt.Errorf("Failed to load custom conf '%s': %v", setting.CustomConf, err)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
defaultLocalURL := string(setting.Protocol) + "://"
|
|
|
|
|
if setting.HTTPAddr == "0.0.0.0" {
|
|
|
|
|
defaultLocalURL += "localhost"
|
|
|
|
|
} else {
|
|
|
|
|
defaultLocalURL += setting.HTTPAddr
|
|
|
|
|
}
|
|
|
|
|
defaultLocalURL += ":" + setting.HTTPPort + "/"
|
|
|
|
|
|
|
|
|
|
cfg.Section("server").Key("LOCAL_ROOT_URL").SetValue(defaultLocalURL)
|
|
|
|
|
|
|
|
|
|
if err := cfg.SaveTo(setting.CustomConf); err != nil {
|
|
|
|
|
return fmt.Errorf("Error saving generated JWT Secret to custom config: %v", err)
|
|
|
|
|
}
|
|
|
|
|
}
|
2015-02-01 18:41:03 +01:00
|
|
|
}
|
|
|
|
|
|
2018-01-12 23:16:49 +01:00
|
|
|
listenAddr := setting.HTTPAddr
|
|
|
|
|
if setting.Protocol != setting.UnixSocket {
|
|
|
|
|
listenAddr += ":" + setting.HTTPPort
|
2016-08-11 23:46:33 +02:00
|
|
|
}
|
2016-11-27 11:14:25 +01:00
|
|
|
log.Info("Listen: %v://%s%s", setting.Protocol, listenAddr, setting.AppSubURL)
|
2016-08-11 23:55:10 +02:00
|
|
|
|
2016-12-26 02:16:37 +01:00
|
|
|
if setting.LFS.StartServer {
|
|
|
|
|
log.Info("LFS server enabled")
|
|
|
|
|
}
|
|
|
|
|
|
2017-02-05 14:06:25 +01:00
|
|
|
if setting.EnablePprof {
|
|
|
|
|
go func() {
|
2018-01-12 23:16:49 +01:00
|
|
|
log.Info("Starting pprof server on localhost:6060")
|
2017-02-05 14:06:25 +01:00
|
|
|
log.Info("%v", http.ListenAndServe("localhost:6060", nil))
|
|
|
|
|
}()
|
|
|
|
|
}
|
|
|
|
|
|
2016-08-11 23:55:10 +02:00
|
|
|
var err error
|
2014-05-26 02:11:25 +02:00
|
|
|
switch setting.Protocol {
|
|
|
|
|
case setting.HTTP:
|
2019-10-15 15:39:51 +02:00
|
|
|
NoHTTPRedirector()
|
2017-02-22 08:14:37 +01:00
|
|
|
err = runHTTP(listenAddr, context2.ClearHandler(m))
|
2014-05-26 02:11:25 +02:00
|
|
|
case setting.HTTPS:
|
2018-08-21 15:56:50 +02:00
|
|
|
if setting.EnableLetsEncrypt {
|
|
|
|
|
err = runLetsEncrypt(listenAddr, setting.Domain, setting.LetsEncryptDirectory, setting.LetsEncryptEmail, context2.ClearHandler(m))
|
|
|
|
|
break
|
|
|
|
|
}
|
2017-12-25 23:23:43 +01:00
|
|
|
if setting.RedirectOtherPort {
|
|
|
|
|
go runHTTPRedirector()
|
2019-10-15 15:39:51 +02:00
|
|
|
} else {
|
|
|
|
|
NoHTTPRedirector()
|
2017-12-25 23:23:43 +01:00
|
|
|
}
|
2017-02-22 08:14:37 +01:00
|
|
|
err = runHTTPS(listenAddr, setting.CertFile, setting.KeyFile, context2.ClearHandler(m))
|
2014-11-04 02:46:53 +01:00
|
|
|
case setting.FCGI:
|
2019-10-15 15:39:51 +02:00
|
|
|
NoHTTPRedirector()
|
|
|
|
|
// FCGI listeners are provided as stdin - this is orthogonal to the LISTEN_FDS approach
|
|
|
|
|
// in graceful and systemD
|
|
|
|
|
NoMainListener()
|
2019-06-12 21:41:28 +02:00
|
|
|
var listener net.Listener
|
|
|
|
|
listener, err = net.Listen("tcp", listenAddr)
|
2017-03-23 08:57:43 +01:00
|
|
|
if err != nil {
|
2019-04-02 09:48:31 +02:00
|
|
|
log.Fatal("Failed to bind %s: %v", listenAddr, err)
|
2017-03-23 08:57:43 +01:00
|
|
|
}
|
2019-06-12 21:41:28 +02:00
|
|
|
defer func() {
|
|
|
|
|
if err := listener.Close(); err != nil {
|
|
|
|
|
log.Fatal("Failed to stop server: %v", err)
|
|
|
|
|
}
|
|
|
|
|
}()
|
2017-03-23 08:57:43 +01:00
|
|
|
err = fcgi.Serve(listener, context2.ClearHandler(m))
|
2016-11-27 11:14:25 +01:00
|
|
|
case setting.UnixSocket:
|
2019-10-15 15:39:51 +02:00
|
|
|
// This could potentially be inherited using LISTEN_FDS but currently
|
|
|
|
|
// these cannot be inherited
|
|
|
|
|
NoHTTPRedirector()
|
|
|
|
|
NoMainListener()
|
2017-02-05 13:27:37 +01:00
|
|
|
if err := os.Remove(listenAddr); err != nil && !os.IsNotExist(err) {
|
2019-04-02 09:48:31 +02:00
|
|
|
log.Fatal("Failed to remove unix socket directory %s: %v", listenAddr, err)
|
2016-12-01 00:56:15 +01:00
|
|
|
}
|
2016-08-11 23:55:10 +02:00
|
|
|
var listener *net.UnixListener
|
2016-11-04 14:15:55 +01:00
|
|
|
listener, err = net.ListenUnix("unix", &net.UnixAddr{Name: listenAddr, Net: "unix"})
|
2016-08-11 23:46:33 +02:00
|
|
|
if err != nil {
|
2016-08-11 23:55:10 +02:00
|
|
|
break // Handle error after switch
|
2016-08-11 23:46:33 +02:00
|
|
|
}
|
2016-08-11 23:55:10 +02:00
|
|
|
|
|
|
|
|
// FIXME: add proper implementation of signal capture on all protocols
|
2016-08-11 23:46:33 +02:00
|
|
|
// execute this on SIGTERM or SIGINT: listener.Close()
|
2016-08-11 23:55:10 +02:00
|
|
|
if err = os.Chmod(listenAddr, os.FileMode(setting.UnixSocketPermission)); err != nil {
|
2019-04-02 09:48:31 +02:00
|
|
|
log.Fatal("Failed to set permission of unix socket: %v", err)
|
2016-08-11 23:46:33 +02:00
|
|
|
}
|
2017-02-22 08:14:37 +01:00
|
|
|
err = http.Serve(listener, context2.ClearHandler(m))
|
2014-05-26 02:11:25 +02:00
|
|
|
default:
|
2019-04-02 09:48:31 +02:00
|
|
|
log.Fatal("Invalid protocol: %s", setting.Protocol)
|
2014-05-26 02:11:25 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if err != nil {
|
2019-10-15 15:39:51 +02:00
|
|
|
log.Critical("Failed to start server: %v", err)
|
2014-03-18 14:58:58 +01:00
|
|
|
}
|
2019-10-15 15:39:51 +02:00
|
|
|
log.Info("HTTP Listener: %s Closed", listenAddr)
|
2019-10-23 17:32:19 +02:00
|
|
|
graceful.WaitForServers()
|
2019-10-15 15:39:51 +02:00
|
|
|
log.Close()
|
2016-05-12 20:32:28 +02:00
|
|
|
return nil
|
2014-02-19 10:50:53 +01:00
|
|
|
}
|
