AdGuardHome/internal/home/web.go

301 lines
8.1 KiB
Go
Raw Normal View History

2020-02-19 15:24:55 +03:00
package home
import (
"context"
"crypto/tls"
"io/fs"
2020-02-19 15:24:55 +03:00
"net/http"
2022-11-02 16:18:02 +03:00
"net/netip"
2020-02-19 15:24:55 +03:00
"sync"
"time"
2020-02-19 15:24:55 +03:00
2022-09-29 17:36:01 +03:00
"github.com/AdguardTeam/AdGuardHome/internal/aghhttp"
"github.com/AdguardTeam/AdGuardHome/internal/aghnet"
"github.com/AdguardTeam/golibs/errors"
2020-02-19 15:24:55 +03:00
"github.com/AdguardTeam/golibs/log"
"github.com/AdguardTeam/golibs/netutil"
2020-02-19 15:24:55 +03:00
"github.com/NYTimes/gziphandler"
2023-02-15 16:53:29 +03:00
"github.com/quic-go/quic-go"
"github.com/quic-go/quic-go/http3"
2022-09-29 17:36:01 +03:00
"golang.org/x/net/http2"
"golang.org/x/net/http2/h2c"
)
const (
// readTimeout is the maximum duration for reading the entire request,
// including the body.
readTimeout = 60 * time.Second
// readHdrTimeout is the amount of time allowed to read request headers.
readHdrTimeout = 60 * time.Second
// writeTimeout is the maximum duration before timing out writes of the
// response.
writeTimeout = 60 * time.Second
)
type webConfig struct {
2023-02-01 15:41:34 +03:00
clientFS fs.FS
2022-06-02 17:55:48 +03:00
2023-04-12 14:48:42 +03:00
BindHost netip.Addr
BindPort int
// ReadTimeout is an option to pass to http.Server for setting an
// appropriate field.
ReadTimeout time.Duration
// ReadHeaderTimeout is an option to pass to http.Server for setting an
// appropriate field.
ReadHeaderTimeout time.Duration
// WriteTimeout is an option to pass to http.Server for setting an
// appropriate field.
WriteTimeout time.Duration
2022-06-02 17:55:48 +03:00
firstRun bool
2022-10-03 18:52:20 +03:00
serveHTTP3 bool
2020-02-19 15:24:55 +03:00
}
2022-10-03 18:52:20 +03:00
// httpsServer contains the data for the HTTPS server.
type httpsServer struct {
// server is the pre-HTTP/3 HTTPS server.
server *http.Server
// server3 is the HTTP/3 HTTPS server. If it is not nil,
// [httpsServer.server] must also be non-nil.
server3 *http3.Server
// TODO(a.garipov): Why is there a *sync.Cond here? Remove.
cond *sync.Cond
condLock sync.Mutex
cert tls.Certificate
inShutdown bool
enabled bool
2020-02-19 15:24:55 +03:00
}
2023-04-12 14:48:42 +03:00
// webAPI is the web UI and API server.
type webAPI struct {
2022-10-03 18:52:20 +03:00
conf *webConfig
// TODO(a.garipov): Refactor all these servers.
httpServer *http.Server
// httpsServer is the server that handles HTTPS traffic. If it is not nil,
// [Web.http3Server] must also not be nil.
httpsServer httpsServer
2020-02-19 15:24:55 +03:00
}
2023-04-12 14:48:42 +03:00
// newWebAPI creates a new instance of the web UI and API server.
func newWebAPI(conf *webConfig) (w *webAPI) {
2022-10-03 18:52:20 +03:00
log.Info("web: initializing")
2020-04-15 15:17:57 +03:00
2023-04-12 14:48:42 +03:00
w = &webAPI{
2022-10-03 18:52:20 +03:00
conf: conf,
}
2020-02-19 15:24:55 +03:00
clientFS := http.FileServer(http.FS(conf.clientFS))
2020-02-19 15:24:55 +03:00
// if not configured, redirect / to /install.html, otherwise redirect /install.html to /
Context.mux.Handle("/", withMiddlewares(clientFS, gziphandler.GzipHandler, optionalAuthHandler, postInstallHandler))
2020-02-19 15:24:55 +03:00
// add handlers for /install paths, we only need them when we're not configured yet
if conf.firstRun {
log.Info("This is the first launch of AdGuard Home, redirecting everything to /install.html ")
Context.mux.Handle("/install.html", preInstallHandler(clientFS))
2020-02-19 15:24:55 +03:00
w.registerInstallHandlers()
} else {
registerControlHandlers()
}
w.httpsServer.cond = sync.NewCond(&w.httpsServer.condLock)
2022-10-03 18:52:20 +03:00
return w
2020-02-19 15:24:55 +03:00
}
2022-10-03 18:52:20 +03:00
// webCheckPortAvailable checks if port, which is considered an HTTPS port, is
// available, unless the HTTPS server isn't active.
//
// TODO(a.garipov): Adapt for HTTP/3.
func webCheckPortAvailable(port int) (ok bool) {
2022-11-02 16:18:02 +03:00
if Context.web.httpsServer.server != nil {
return true
}
return aghnet.CheckPort("tcp", netip.AddrPortFrom(config.BindHost, uint16(port))) == nil
2020-02-19 15:24:55 +03:00
}
2023-04-12 14:48:42 +03:00
// tlsConfigChanged updates the TLS configuration and restarts the HTTPS server
// if necessary.
2023-04-12 14:48:42 +03:00
func (web *webAPI) tlsConfigChanged(ctx context.Context, tlsConf tlsConfigSettings) {
2022-10-03 18:52:20 +03:00
log.Debug("web: applying new tls configuration")
2020-02-19 15:24:55 +03:00
enabled := tlsConf.Enabled &&
tlsConf.PortHTTPS != 0 &&
len(tlsConf.PrivateKeyData) != 0 &&
len(tlsConf.CertificateChainData) != 0
var cert tls.Certificate
var err error
if enabled {
cert, err = tls.X509KeyPair(tlsConf.CertificateChainData, tlsConf.PrivateKeyData)
if err != nil {
log.Fatal(err)
}
}
2020-04-05 18:34:43 +03:00
web.httpsServer.cond.L.Lock()
if web.httpsServer.server != nil {
var cancel context.CancelFunc
ctx, cancel = context.WithTimeout(ctx, shutdownTimeout)
Pull request: 3890 fix anonymization Merge in DNS/adguard-home from 3890-fix-stats to master Updates #3890. Squashed commit of the following: commit a77a6204bc8a58f62a4fac70efdcae4267a64810 Merge: 834493a2 90e65b66 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Dec 6 17:22:16 2021 +0300 Merge branch 'master' into 3890-fix-stats commit 834493a22ae79199efcc44e0715e2ac6f6272963 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Dec 6 17:09:30 2021 +0300 querylog: load once commit b8000e7ba7a998fcd4553230ec5e5f9c90106e31 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Dec 6 16:54:41 2021 +0300 querylog: fix docs commit 7db99ccfa19b58100950c11d67b23bca7af3e5cb Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Dec 6 16:51:31 2021 +0300 querylog: imp docs commit 2a84650bd7ac5195730a7ab47b9562a83f721499 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Dec 6 15:48:09 2021 +0300 querylog: imp anonyization commit 0f63feb1ff5f006fc528c3b681ef3b9d2199581e Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Dec 6 14:44:37 2021 +0300 all: imp code & docs commit c4ccdcbb7248897edd178fd5cb77127e39ada73d Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Dec 6 14:24:30 2021 +0300 all: log changes commit 60bb777a5aff36bba129a078fa11ae566298178a Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Dec 6 14:08:41 2021 +0300 all: use atomic value commit c45886bd20eee2212b42686ff369830d8c08fe36 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Tue Nov 30 18:50:02 2021 +0300 all: anonymize separately
2021-12-06 17:26:43 +03:00
shutdownSrv(ctx, web.httpsServer.server)
2022-10-03 18:52:20 +03:00
shutdownSrv3(web.httpsServer.server3)
Pull request: 3890 fix anonymization Merge in DNS/adguard-home from 3890-fix-stats to master Updates #3890. Squashed commit of the following: commit a77a6204bc8a58f62a4fac70efdcae4267a64810 Merge: 834493a2 90e65b66 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Dec 6 17:22:16 2021 +0300 Merge branch 'master' into 3890-fix-stats commit 834493a22ae79199efcc44e0715e2ac6f6272963 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Dec 6 17:09:30 2021 +0300 querylog: load once commit b8000e7ba7a998fcd4553230ec5e5f9c90106e31 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Dec 6 16:54:41 2021 +0300 querylog: fix docs commit 7db99ccfa19b58100950c11d67b23bca7af3e5cb Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Dec 6 16:51:31 2021 +0300 querylog: imp docs commit 2a84650bd7ac5195730a7ab47b9562a83f721499 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Dec 6 15:48:09 2021 +0300 querylog: imp anonyization commit 0f63feb1ff5f006fc528c3b681ef3b9d2199581e Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Dec 6 14:44:37 2021 +0300 all: imp code & docs commit c4ccdcbb7248897edd178fd5cb77127e39ada73d Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Dec 6 14:24:30 2021 +0300 all: log changes commit 60bb777a5aff36bba129a078fa11ae566298178a Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Dec 6 14:08:41 2021 +0300 all: use atomic value commit c45886bd20eee2212b42686ff369830d8c08fe36 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Tue Nov 30 18:50:02 2021 +0300 all: anonymize separately
2021-12-06 17:26:43 +03:00
cancel()
2020-02-19 15:24:55 +03:00
}
2020-04-05 18:34:43 +03:00
web.httpsServer.enabled = enabled
web.httpsServer.cert = cert
web.httpsServer.cond.Broadcast()
web.httpsServer.cond.L.Unlock()
2020-02-19 15:24:55 +03:00
}
2023-04-12 14:48:42 +03:00
// start - start serving HTTP requests
func (web *webAPI) start() {
log.Println("AdGuard Home is available at the following addresses:")
2020-02-19 15:24:55 +03:00
// for https, we have a separate goroutine loop
go web.tlsServerLoop()
2020-02-19 15:24:55 +03:00
// this loop is used as an ability to change listening host and/or port
2022-10-03 18:52:20 +03:00
for !web.httpsServer.inShutdown {
2022-09-29 17:36:01 +03:00
printHTTPAddresses(aghhttp.SchemeHTTP)
errs := make(chan error, 2)
2020-02-19 15:24:55 +03:00
2022-09-29 17:36:01 +03:00
// Use an h2c handler to support unencrypted HTTP/2, e.g. for proxies.
hdlr := h2c.NewHandler(withMiddlewares(Context.mux, limitRequestBody), &http2.Server{})
// Create a new instance, because the Web is not usable after Shutdown.
Pull request: 2508 ip conversion vol.2 Merge in DNS/adguard-home from 2508-ip-conversion-vol2 to master Closes #2508. Squashed commit of the following: commit 5b9d33f9cd352756831f63e34c4aea48674628c1 Author: Eugene Burkov <e.burkov@adguard.com> Date: Wed Jan 20 17:15:17 2021 +0300 util: replace net.IPNet with pointer commit 680126de7d59464077f9edf1bbaa925dd3fcee19 Merge: d3ba6a6c 5a50efad Author: Eugene Burkov <e.burkov@adguard.com> Date: Wed Jan 20 17:02:41 2021 +0300 Merge branch 'master' into 2508-ip-conversion-vol2 commit d3ba6a6cdd01c0aa736418fdb86ed40120169fe9 Author: Eugene Burkov <e.burkov@adguard.com> Date: Tue Jan 19 18:29:54 2021 +0300 all: remove last conversion commit 88b63f11a6c3f8705d7fa0c448c50dd646cc9214 Author: Eugene Burkov <e.burkov@adguard.com> Date: Tue Jan 19 14:12:45 2021 +0300 all: improve code quality commit 71af60c70a0dbaf55e2221023d6d2e4993c9e9a7 Merge: 98af3784 9f75725d Author: Eugene Burkov <e.burkov@adguard.com> Date: Mon Jan 18 17:13:27 2021 +0300 Merge branch 'master' into 2508-ip-conversion-vol2 commit 98af3784ce44d0993d171653c13d6e83bb8d1e6a Author: Eugene Burkov <e.burkov@adguard.com> Date: Mon Jan 18 16:32:53 2021 +0300 all: log changes commit e99595a172bae1e844019d344544be84ddd65e4e Author: Eugene Burkov <e.burkov@adguard.com> Date: Mon Jan 18 16:06:49 2021 +0300 all: fix or remove remaining net.IP <-> string conversions commit 7fd0634ce945f7e4c9b856684c5199f8a84a543e Author: Eugene Burkov <e.burkov@adguard.com> Date: Fri Jan 15 15:36:17 2021 +0300 all: remove redundant net.IP <-> string converions commit 5df8af030421237d41b67ed659f83526cc258199 Author: Eugene Burkov <e.burkov@adguard.com> Date: Thu Jan 14 16:35:25 2021 +0300 stats: remove redundant net.IP <-> string conversion commit fbe4e3fc015e6898063543a90c04401d76dbb18f Author: Eugene Burkov <e.burkov@adguard.com> Date: Thu Jan 14 16:20:35 2021 +0300 querylog: remove redundant net.IP <-> string conversion
2021-01-20 17:27:53 +03:00
hostStr := web.conf.BindHost.String()
2020-04-05 18:34:43 +03:00
web.httpServer = &http.Server{
ErrorLog: log.StdLog("web: plain", log.DEBUG),
Addr: netutil.JoinHostPort(hostStr, web.conf.BindPort),
2022-09-29 17:36:01 +03:00
Handler: hdlr,
ReadTimeout: web.conf.ReadTimeout,
ReadHeaderTimeout: web.conf.ReadHeaderTimeout,
WriteTimeout: web.conf.WriteTimeout,
2020-02-19 15:24:55 +03:00
}
go func() {
defer log.OnPanic("web: plain")
errs <- web.httpServer.ListenAndServe()
}()
err := <-errs
if !errors.Is(err, http.ErrServerClosed) {
2020-02-19 15:24:55 +03:00
cleanupAlways()
log.Fatal(err)
}
// We use ErrServerClosed as a sign that we need to rebind on a new
// address, so go back to the start of the loop.
}
}
2023-04-12 14:48:42 +03:00
// close gracefully shuts down the HTTP servers.
func (web *webAPI) close(ctx context.Context) {
log.Info("stopping http server...")
2020-04-05 18:34:43 +03:00
web.httpsServer.cond.L.Lock()
2022-10-03 18:52:20 +03:00
web.httpsServer.inShutdown = true
2020-04-05 18:34:43 +03:00
web.httpsServer.cond.L.Unlock()
var cancel context.CancelFunc
ctx, cancel = context.WithTimeout(ctx, shutdownTimeout)
Pull request: 3890 fix anonymization Merge in DNS/adguard-home from 3890-fix-stats to master Updates #3890. Squashed commit of the following: commit a77a6204bc8a58f62a4fac70efdcae4267a64810 Merge: 834493a2 90e65b66 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Dec 6 17:22:16 2021 +0300 Merge branch 'master' into 3890-fix-stats commit 834493a22ae79199efcc44e0715e2ac6f6272963 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Dec 6 17:09:30 2021 +0300 querylog: load once commit b8000e7ba7a998fcd4553230ec5e5f9c90106e31 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Dec 6 16:54:41 2021 +0300 querylog: fix docs commit 7db99ccfa19b58100950c11d67b23bca7af3e5cb Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Dec 6 16:51:31 2021 +0300 querylog: imp docs commit 2a84650bd7ac5195730a7ab47b9562a83f721499 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Dec 6 15:48:09 2021 +0300 querylog: imp anonyization commit 0f63feb1ff5f006fc528c3b681ef3b9d2199581e Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Dec 6 14:44:37 2021 +0300 all: imp code & docs commit c4ccdcbb7248897edd178fd5cb77127e39ada73d Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Dec 6 14:24:30 2021 +0300 all: log changes commit 60bb777a5aff36bba129a078fa11ae566298178a Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Dec 6 14:08:41 2021 +0300 all: use atomic value commit c45886bd20eee2212b42686ff369830d8c08fe36 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Tue Nov 30 18:50:02 2021 +0300 all: anonymize separately
2021-12-06 17:26:43 +03:00
defer cancel()
2020-02-19 15:24:55 +03:00
Pull request: 3890 fix anonymization Merge in DNS/adguard-home from 3890-fix-stats to master Updates #3890. Squashed commit of the following: commit a77a6204bc8a58f62a4fac70efdcae4267a64810 Merge: 834493a2 90e65b66 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Dec 6 17:22:16 2021 +0300 Merge branch 'master' into 3890-fix-stats commit 834493a22ae79199efcc44e0715e2ac6f6272963 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Dec 6 17:09:30 2021 +0300 querylog: load once commit b8000e7ba7a998fcd4553230ec5e5f9c90106e31 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Dec 6 16:54:41 2021 +0300 querylog: fix docs commit 7db99ccfa19b58100950c11d67b23bca7af3e5cb Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Dec 6 16:51:31 2021 +0300 querylog: imp docs commit 2a84650bd7ac5195730a7ab47b9562a83f721499 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Dec 6 15:48:09 2021 +0300 querylog: imp anonyization commit 0f63feb1ff5f006fc528c3b681ef3b9d2199581e Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Dec 6 14:44:37 2021 +0300 all: imp code & docs commit c4ccdcbb7248897edd178fd5cb77127e39ada73d Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Dec 6 14:24:30 2021 +0300 all: log changes commit 60bb777a5aff36bba129a078fa11ae566298178a Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Dec 6 14:08:41 2021 +0300 all: use atomic value commit c45886bd20eee2212b42686ff369830d8c08fe36 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Tue Nov 30 18:50:02 2021 +0300 all: anonymize separately
2021-12-06 17:26:43 +03:00
shutdownSrv(ctx, web.httpsServer.server)
2022-10-03 18:52:20 +03:00
shutdownSrv3(web.httpsServer.server3)
Pull request: 3890 fix anonymization Merge in DNS/adguard-home from 3890-fix-stats to master Updates #3890. Squashed commit of the following: commit a77a6204bc8a58f62a4fac70efdcae4267a64810 Merge: 834493a2 90e65b66 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Dec 6 17:22:16 2021 +0300 Merge branch 'master' into 3890-fix-stats commit 834493a22ae79199efcc44e0715e2ac6f6272963 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Dec 6 17:09:30 2021 +0300 querylog: load once commit b8000e7ba7a998fcd4553230ec5e5f9c90106e31 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Dec 6 16:54:41 2021 +0300 querylog: fix docs commit 7db99ccfa19b58100950c11d67b23bca7af3e5cb Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Dec 6 16:51:31 2021 +0300 querylog: imp docs commit 2a84650bd7ac5195730a7ab47b9562a83f721499 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Dec 6 15:48:09 2021 +0300 querylog: imp anonyization commit 0f63feb1ff5f006fc528c3b681ef3b9d2199581e Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Dec 6 14:44:37 2021 +0300 all: imp code & docs commit c4ccdcbb7248897edd178fd5cb77127e39ada73d Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Dec 6 14:24:30 2021 +0300 all: log changes commit 60bb777a5aff36bba129a078fa11ae566298178a Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Dec 6 14:08:41 2021 +0300 all: use atomic value commit c45886bd20eee2212b42686ff369830d8c08fe36 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Tue Nov 30 18:50:02 2021 +0300 all: anonymize separately
2021-12-06 17:26:43 +03:00
shutdownSrv(ctx, web.httpServer)
log.Info("stopped http server")
2020-02-19 15:24:55 +03:00
}
2023-04-12 14:48:42 +03:00
func (web *webAPI) tlsServerLoop() {
2020-02-19 15:24:55 +03:00
for {
2020-04-05 18:34:43 +03:00
web.httpsServer.cond.L.Lock()
2022-10-03 18:52:20 +03:00
if web.httpsServer.inShutdown {
2020-04-05 18:34:43 +03:00
web.httpsServer.cond.L.Unlock()
2020-02-19 15:24:55 +03:00
break
}
// this mechanism doesn't let us through until all conditions are met
2020-04-05 18:34:43 +03:00
for !web.httpsServer.enabled { // sleep until necessary data is supplied
web.httpsServer.cond.Wait()
2022-10-03 18:52:20 +03:00
if web.httpsServer.inShutdown {
2020-04-05 18:34:43 +03:00
web.httpsServer.cond.L.Unlock()
2020-02-19 15:24:55 +03:00
return
}
}
2020-04-05 18:34:43 +03:00
web.httpsServer.cond.L.Unlock()
2020-02-19 15:24:55 +03:00
2023-04-12 14:48:42 +03:00
var portHTTPS int
func() {
config.RLock()
defer config.RUnlock()
portHTTPS = config.TLS.PortHTTPS
}()
addr := netutil.JoinHostPort(web.conf.BindHost.String(), portHTTPS)
2020-04-05 18:34:43 +03:00
web.httpsServer.server = &http.Server{
ErrorLog: log.StdLog("web: https", log.DEBUG),
2022-10-03 18:52:20 +03:00
Addr: addr,
2020-02-19 15:24:55 +03:00
TLSConfig: &tls.Config{
2020-04-05 18:34:43 +03:00
Certificates: []tls.Certificate{web.httpsServer.cert},
2020-02-19 15:24:55 +03:00
RootCAs: Context.tlsRoots,
2022-11-02 16:18:02 +03:00
CipherSuites: Context.tlsCipherIDs,
2022-09-29 17:36:01 +03:00
MinVersion: tls.VersionTLS12,
2020-02-19 15:24:55 +03:00
},
Handler: withMiddlewares(Context.mux, limitRequestBody),
ReadTimeout: web.conf.ReadTimeout,
ReadHeaderTimeout: web.conf.ReadHeaderTimeout,
WriteTimeout: web.conf.WriteTimeout,
2020-02-19 15:24:55 +03:00
}
2022-09-29 17:36:01 +03:00
printHTTPAddresses(aghhttp.SchemeHTTPS)
2022-10-03 18:52:20 +03:00
if web.conf.serveHTTP3 {
go web.mustStartHTTP3(addr)
}
log.Debug("web: starting https server")
2020-04-05 18:34:43 +03:00
err := web.httpsServer.server.ListenAndServeTLS("", "")
2022-10-03 18:52:20 +03:00
if !errors.Is(err, http.ErrServerClosed) {
2020-02-19 15:24:55 +03:00
cleanupAlways()
2022-10-03 18:52:20 +03:00
log.Fatalf("web: https: %s", err)
2020-02-19 15:24:55 +03:00
}
}
}
2022-10-03 18:52:20 +03:00
2023-04-12 14:48:42 +03:00
func (web *webAPI) mustStartHTTP3(address string) {
2022-10-03 18:52:20 +03:00
defer log.OnPanic("web: http3")
web.httpsServer.server3 = &http3.Server{
// TODO(a.garipov): See if there is a way to use the error log as
// well as timeouts here.
Addr: address,
TLSConfig: &tls.Config{
Certificates: []tls.Certificate{web.httpsServer.cert},
RootCAs: Context.tlsRoots,
2022-11-02 16:18:02 +03:00
CipherSuites: Context.tlsCipherIDs,
2022-10-03 18:52:20 +03:00
MinVersion: tls.VersionTLS12,
},
Handler: withMiddlewares(Context.mux, limitRequestBody),
}
log.Debug("web: starting http/3 server")
err := web.httpsServer.server3.ListenAndServe()
if !errors.Is(err, quic.ErrServerClosed) {
cleanupAlways()
log.Fatalf("web: http3: %s", err)
}
}