1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
|
package main
import (
"context"
"crypto/tls"
"fmt"
stdlog "log"
"net"
"net/http"
"path/filepath"
"github.com/pires/go-proxyproto"
"github.com/sirupsen/logrus"
"gitlab.com/gitlab-org/labkit/log"
"gitlab.com/gitlab-org/gitlab-pages/internal/netutil"
)
type listenerConfig struct {
isProxyV2 bool
tlsConfig *tls.Config
limiter *netutil.Limiter
}
func newHTTPServer(a *theApp) *http.Server {
return &http.Server{
ReadTimeout: a.config.Server.ReadTimeout,
ReadHeaderTimeout: a.config.Server.ReadHeaderTimeout,
WriteTimeout: a.config.Server.WriteTimeout,
ErrorLog: stdlog.New(logrus.StandardLogger().Writer(), "", 0),
}
}
func (a *theApp) listenAndServe(server *http.Server, addr string, h http.Handler, opts ...option) error {
config := &listenerConfig{}
for _, opt := range opts {
opt(config)
}
// create server
server.Handler = h
server.TLSConfig = config.tlsConfig
// ensure http2 is enabled even if TLSConfig is not null
// See https://github.com/golang/go/blob/97cee43c93cfccded197cd281f0a5885cdb605b4/src/net/http/server.go#L2947-L2954
if server.TLSConfig != nil {
server.TLSConfig.NextProtos = append(server.TLSConfig.NextProtos, "h2")
}
lc := net.ListenConfig{
KeepAlive: a.config.Server.ListenKeepAlive,
}
l, err := listenAddr(context.Background(), &lc, addr)
if err != nil {
return fmt.Errorf("failed to listen on addr %s: %w", addr, err)
}
if config.limiter != nil {
l = netutil.SharedLimitListener(l, config.limiter)
}
if config.isProxyV2 {
l = &proxyproto.Listener{
Listener: l,
Policy: func(upstream net.Addr) (proxyproto.Policy, error) {
return proxyproto.REQUIRE, nil
},
}
}
if config.tlsConfig != nil {
l = tls.NewListener(l, server.TLSConfig)
}
log.WithFields(log.Fields{
"config_addr": addr,
"listen_addr": l.Addr(),
}).Infof("server listening on: %s", l.Addr())
return server.Serve(l)
}
func listenAddr(ctx context.Context, lc *net.ListenConfig, address string) (net.Listener, error) {
if filepath.IsAbs(address) {
return lc.Listen(ctx, "unix", address)
}
return lc.Listen(ctx, "tcp", address)
}
type option func(*listenerConfig)
func withProxyV2() option {
return func(conf *listenerConfig) {
conf.isProxyV2 = true
}
}
func withTLSConfig(c *tls.Config) option {
return func(conf *listenerConfig) {
conf.tlsConfig = c
}
}
func withLimiter(l *netutil.Limiter) option {
return func(conf *listenerConfig) {
conf.limiter = l
}
}
|
