Pull request: home: http conf

Updates #2860.

Squashed commit of the following:

commit 0d55a99d5c0b9f1d8c9497775dd69929e5091eaa
Merge: 73a203ac8 d4a4bda64
Author: Dimitry Kolyshev <dkolyshev@adguard.com>
Date:   Thu Jun 29 16:25:36 2023 +0400

    Merge remote-tracking branch 'origin/master' into http-yaml-conf

commit 73a203ac8acf083fa289015e1f301d05bf320ea7
Author: Dimitry Kolyshev <dkolyshev@adguard.com>
Date:   Thu Jun 29 16:21:48 2023 +0400

    home: imp docs

commit a4819ace94bfe4427f70f1b8341c9babc9234740
Author: Dimitry Kolyshev <dkolyshev@adguard.com>
Date:   Thu Jun 29 11:45:30 2023 +0400

    snap: imp script

commit b0913c7ac5c6c46d6a73790fd57d8c5f9d7ace75
Author: Dimitry Kolyshev <dkolyshev@adguard.com>
Date:   Wed Jun 28 17:34:03 2023 +0400

    all: docs

commit 14820d6d56f958081d9f236277fd34f356bdab33
Author: Dimitry Kolyshev <dkolyshev@adguard.com>
Date:   Wed Jun 28 13:21:43 2023 +0400

    home: imp tests

commit 9db800d3ce39c36da7959e37b4a46736f4217e5c
Author: Dimitry Kolyshev <dkolyshev@adguard.com>
Date:   Wed Jun 28 13:17:34 2023 +0400

    all: docs

commit 9174a0ae710da51d85b4e1b1af79eda6a61dd3a2
Merge: ca8c4ae95 d88181343
Author: Dimitry Kolyshev <dkolyshev@adguard.com>
Date:   Wed Jun 28 10:19:01 2023 +0400

    Merge remote-tracking branch 'origin/master' into http-yaml-conf

    # Conflicts:
    #	CHANGELOG.md
    #	internal/home/upgrade.go
    #	internal/home/upgrade_test.go

commit ca8c4ae954ece25d78ef2f873bb3ba71fa4b8fa9
Author: Dimitry Kolyshev <dkolyshev@adguard.com>
Date:   Wed Jun 28 10:07:15 2023 +0400

    snap: imp script

commit d84473f8e07b2c6e65023613eb4032fd01951521
Author: Dimitry Kolyshev <dkolyshev@adguard.com>
Date:   Wed Jun 28 09:59:57 2023 +0400

    snap: imp script

commit 8a0808e42ddbff7d9d3345d758f91b14bb4453be
Author: Dimitry Kolyshev <dkolyshev@adguard.com>
Date:   Tue Jun 27 15:03:53 2023 +0400

    home: http conf

commit e8fbb89cc5748f9d8fa4be9e702756bd8b869de9
Author: Dimitry Kolyshev <dkolyshev@adguard.com>
Date:   Tue Jun 27 14:59:37 2023 +0400

    home: imp code

commit 46541aabc421118562d564675dfd7e594d2056aa
Author: Dimitry Kolyshev <dkolyshev@adguard.com>
Date:   Tue Jun 27 12:36:14 2023 +0400

    snap: bind port

commit cecda5fcfd8c473db42f235b4f586b2193086997
Author: Dimitry Kolyshev <dkolyshev@adguard.com>
Date:   Tue Jun 27 12:12:39 2023 +0400

    docker: bind port

commit 8d8945b70366c6b018616a32421c77eb281a6ea1
Author: Dimitry Kolyshev <dkolyshev@adguard.com>
Date:   Tue Jun 27 11:06:32 2023 +0400

    home: imp code

commit ae5e8c1c4333d7b752c08605d80e41f55ee50e59
Author: Dimitry Kolyshev <dkolyshev@adguard.com>
Date:   Tue Jun 27 11:02:09 2023 +0400

    home: imp code

commit c9ee460f37e32941b84ea5fa94d21b186d6dd82b
Author: Dimitry Kolyshev <dkolyshev@adguard.com>
Date:   Mon Jun 26 17:11:10 2023 +0400

    home: imp code

commit 44c72445112ef38d6ec9c25b197c119edd6c959f
Author: Dimitry Kolyshev <dkolyshev@adguard.com>
Date:   Mon Jun 26 11:52:19 2023 +0400

    all: docs

commit e3bf5faeb748f347b1202a496788739ff9219ed0
Merge: 38cc0f639 e7e638443
Author: Dimitry Kolyshev <dkolyshev@adguard.com>
Date:   Mon Jun 26 11:39:12 2023 +0400

    Merge remote-tracking branch 'origin/master' into http-yaml-conf

commit 38cc0f6399040f1fa39d9da31ad6db65a6bdd4cc
Author: Dimitry Kolyshev <dkolyshev@adguard.com>
Date:   Mon Jun 26 11:38:17 2023 +0400

    snap: bind port

commit 3b9cb9e8cc89a67e55cecc7a2040c150f8675b4c
Author: Dimitry Kolyshev <dkolyshev@adguard.com>
Date:   Mon Jun 26 11:25:03 2023 +0400

    docker: bind port

... and 4 more commits
This commit is contained in:
Dimitry Kolyshev 2023-06-29 15:29:52 +03:00
parent d4a4bda645
commit 39f5c50acd
12 changed files with 247 additions and 77 deletions

View file

@ -37,8 +37,27 @@ NOTE: Add new changes BELOW THIS COMMENT.
#### Configuration Changes #### Configuration Changes
In this release, the schema version has changed from 20 to 22. In this release, the schema version has changed from 20 to 23.
- Properties `bind_host`, `bind_port`, and `web_session_ttl` which used to setup
web UI binding configuration, are now moved to a new object `http` containing
new properties `address` and `session_ttl`:
```yaml
# BEFORE:
'bind_host': '1.2.3.4'
'bind_port': 8080
'web_session_ttl': 720
# AFTER:
'http':
'address': '1.2.3.4:8080'
'session_ttl': '720h'
```
Note that the new `http.session_ttl` property is now a duration string. To
rollback this change, remove the new object `http`, set back `bind_host`,
`bind_port`, `web_session_ttl`, and change the `schema_version` back to `22`.
- Property `clients.persistent.blocked_services`, which in schema versions 21 - Property `clients.persistent.blocked_services`, which in schema versions 21
and earlier used to be a list containing ids of blocked services, is now an and earlier used to be a list containing ids of blocked services, is now an
object containing ids and schedule for blocked services: object containing ids and schedule for blocked services:

View file

@ -1,13 +1,5 @@
# Don't consider the HTTPS hostname since the enforced HTTPS redirection should # Don't consider the HTTPS hostname since the enforced HTTPS redirection should
# work if the SSL check skipped. See file docker/healthcheck.sh. # work if the SSL check skipped. See file docker/healthcheck.sh.
/^bind_host:/ { host = $2 } /^[^[:space:]]/ { is_http = /^http:/ }
/^bind_port:/ { port = $2 } /^[[:space:]]+address:/ { if (is_http) print "http://" $2 }
END {
if (match(host, ":")) {
print "http://[" host "]:" port
} else {
print "http://" host ":" port
}
}

View file

@ -91,18 +91,17 @@ type clientSourcesConfig struct {
HostsFile bool `yaml:"hosts"` HostsFile bool `yaml:"hosts"`
} }
// configuration is loaded from YAML // configuration is loaded from YAML.
// field ordering is important -- yaml fields will mirror ordering from here //
// Field ordering is important, YAML fields better not to be reordered, if it's
// not absolutely necessary.
type configuration struct { type configuration struct {
// Raw file data to avoid re-reading of configuration file // Raw file data to avoid re-reading of configuration file
// It's reset after config is parsed // It's reset after config is parsed
fileData []byte fileData []byte
// BindHost is the address for the web interface server to listen on. // HTTPConfig is the block with http conf.
BindHost netip.Addr `yaml:"bind_host"` HTTPConfig httpConfig `yaml:"http"`
// BindPort is the port for the web interface server to listen on.
BindPort int `yaml:"bind_port"`
// Users are the clients capable for accessing the web interface. // Users are the clients capable for accessing the web interface.
Users []webUser `yaml:"users"` Users []webUser `yaml:"users"`
// AuthAttempts is the maximum number of failed login attempts a user // AuthAttempts is the maximum number of failed login attempts a user
@ -120,10 +119,6 @@ type configuration struct {
// DebugPProf defines if the profiling HTTP handler will listen on :6060. // DebugPProf defines if the profiling HTTP handler will listen on :6060.
DebugPProf bool `yaml:"debug_pprof"` DebugPProf bool `yaml:"debug_pprof"`
// TTL for a web session (in hours)
// An active session is automatically refreshed once a day.
WebSessionTTLHours uint32 `yaml:"web_session_ttl"`
DNS dnsConfig `yaml:"dns"` DNS dnsConfig `yaml:"dns"`
TLS tlsConfigSettings `yaml:"tls"` TLS tlsConfigSettings `yaml:"tls"`
QueryLog queryLogConfig `yaml:"querylog"` QueryLog queryLogConfig `yaml:"querylog"`
@ -156,7 +151,23 @@ type configuration struct {
SchemaVersion int `yaml:"schema_version"` // keeping last so that users will be less tempted to change it -- used when upgrading between versions SchemaVersion int `yaml:"schema_version"` // keeping last so that users will be less tempted to change it -- used when upgrading between versions
} }
// field ordering is important -- yaml fields will mirror ordering from here // httpConfig is a block with HTTP configuration params.
//
// Field ordering is important, YAML fields better not to be reordered, if it's
// not absolutely necessary.
type httpConfig struct {
// Address is the address to serve the web UI on.
Address netip.AddrPort
// SessionTTL for a web session.
// An active session is automatically refreshed once a day.
SessionTTL timeutil.Duration `yaml:"session_ttl"`
}
// dnsConfig is a block with DNS configuration params.
//
// Field ordering is important, YAML fields better not to be reordered, if it's
// not absolutely necessary.
type dnsConfig struct { type dnsConfig struct {
BindHosts []netip.Addr `yaml:"bind_hosts"` BindHosts []netip.Addr `yaml:"bind_hosts"`
Port int `yaml:"port"` Port int `yaml:"port"`
@ -261,11 +272,12 @@ type statsConfig struct {
// //
// TODO(a.garipov, e.burkov): This global is awful and must be removed. // TODO(a.garipov, e.burkov): This global is awful and must be removed.
var config = &configuration{ var config = &configuration{
BindPort: 3000, AuthAttempts: 5,
BindHost: netip.IPv4Unspecified(), AuthBlockMin: 15,
AuthAttempts: 5, HTTPConfig: httpConfig{
AuthBlockMin: 15, Address: netip.AddrPortFrom(netip.IPv4Unspecified(), 3000),
WebSessionTTLHours: 30 * 24, SessionTTL: timeutil.Duration{Duration: 30 * timeutil.Day},
},
DNS: dnsConfig{ DNS: dnsConfig{
BindHosts: []netip.Addr{netip.IPv4Unspecified()}, BindHosts: []netip.Addr{netip.IPv4Unspecified()},
Port: defaultPortDNS, Port: defaultPortDNS,
@ -427,8 +439,8 @@ func readLogSettings() (ls *logSettings) {
// validateBindHosts returns error if any of binding hosts from configuration is // validateBindHosts returns error if any of binding hosts from configuration is
// not a valid IP address. // not a valid IP address.
func validateBindHosts(conf *configuration) (err error) { func validateBindHosts(conf *configuration) (err error) {
if !conf.BindHost.IsValid() { if !conf.HTTPConfig.Address.IsValid() {
return errors.Error("bind_host is not a valid ip address") return errors.Error("http.address is not a valid ip address")
} }
for i, addr := range conf.DNS.BindHosts { for i, addr := range conf.DNS.BindHosts {
@ -462,7 +474,7 @@ func parseConfig() (err error) {
} }
tcpPorts := aghalg.UniqChecker[tcpPort]{} tcpPorts := aghalg.UniqChecker[tcpPort]{}
addPorts(tcpPorts, tcpPort(config.BindPort)) addPorts(tcpPorts, tcpPort(config.HTTPConfig.Address.Port()))
udpPorts := aghalg.UniqChecker[udpPort]{} udpPorts := aghalg.UniqChecker[udpPort]{}
addPorts(udpPorts, udpPort(config.DNS.Port)) addPorts(udpPorts, udpPort(config.DNS.Port))

View file

@ -103,7 +103,7 @@ type statusResponse struct {
Language string `json:"language"` Language string `json:"language"`
DNSAddrs []string `json:"dns_addresses"` DNSAddrs []string `json:"dns_addresses"`
DNSPort int `json:"dns_port"` DNSPort int `json:"dns_port"`
HTTPPort int `json:"http_port"` HTTPPort uint16 `json:"http_port"`
// ProtectionDisabledDuration is the duration of the protection pause in // ProtectionDisabledDuration is the duration of the protection pause in
// milliseconds. // milliseconds.
@ -158,7 +158,7 @@ func handleStatus(w http.ResponseWriter, r *http.Request) {
Language: config.Language, Language: config.Language,
DNSAddrs: dnsAddrs, DNSAddrs: dnsAddrs,
DNSPort: config.DNS.Port, DNSPort: config.DNS.Port,
HTTPPort: config.BindPort, HTTPPort: config.HTTPConfig.Address.Port(),
ProtectionDisabledDuration: protectionDisabledDuration, ProtectionDisabledDuration: protectionDisabledDuration,
ProtectionEnabled: protectionEnabled, ProtectionEnabled: protectionEnabled,
IsRunning: isRunning(), IsRunning: isRunning(),

View file

@ -96,8 +96,9 @@ type checkConfResp struct {
func (req *checkConfReq) validateWeb(tcpPorts aghalg.UniqChecker[tcpPort]) (err error) { func (req *checkConfReq) validateWeb(tcpPorts aghalg.UniqChecker[tcpPort]) (err error) {
defer func() { err = errors.Annotate(err, "validating ports: %w") }() defer func() { err = errors.Annotate(err, "validating ports: %w") }()
portInt := req.Web.Port // TODO(a.garipov): Declare all port variables anywhere as uint16.
port := tcpPort(portInt) reqPort := uint16(req.Web.Port)
port := tcpPort(reqPort)
addPorts(tcpPorts, port) addPorts(tcpPorts, port)
if err = tcpPorts.Validate(); err != nil { if err = tcpPorts.Validate(); err != nil {
// Reset the value for the port to 1 to make sure that validateDNS // Reset the value for the port to 1 to make sure that validateDNS
@ -108,15 +109,15 @@ func (req *checkConfReq) validateWeb(tcpPorts aghalg.UniqChecker[tcpPort]) (err
return err return err
} }
switch portInt { switch reqPort {
case 0, config.BindPort: case 0, config.HTTPConfig.Address.Port():
return nil return nil
default: default:
// Go on and check the port binding only if it's not zero or won't be // Go on and check the port binding only if it's not zero or won't be
// unbound after install. // unbound after install.
} }
return aghnet.CheckPort("tcp", netip.AddrPortFrom(req.Web.IP, uint16(portInt))) return aghnet.CheckPort("tcp", netip.AddrPortFrom(req.Web.IP, reqPort))
} }
// validateDNS returns error if the DNS part of the initial configuration can't // validateDNS returns error if the DNS part of the initial configuration can't
@ -127,11 +128,11 @@ func (req *checkConfReq) validateDNS(
) (canAutofix bool, err error) { ) (canAutofix bool, err error) {
defer func() { err = errors.Annotate(err, "validating ports: %w") }() defer func() { err = errors.Annotate(err, "validating ports: %w") }()
port := req.DNS.Port port := uint16(req.DNS.Port)
switch port { switch port {
case 0: case 0:
return false, nil return false, nil
case config.BindPort: case config.HTTPConfig.Address.Port():
// Go on and only check the UDP port since the TCP one is already bound // Go on and only check the UDP port since the TCP one is already bound
// by AdGuard Home for web interface. // by AdGuard Home for web interface.
default: default:
@ -318,8 +319,7 @@ type applyConfigReq struct {
// copyInstallSettings copies the installation parameters between two // copyInstallSettings copies the installation parameters between two
// configuration structures. // configuration structures.
func copyInstallSettings(dst, src *configuration) { func copyInstallSettings(dst, src *configuration) {
dst.BindHost = src.BindHost dst.HTTPConfig = src.HTTPConfig
dst.BindPort = src.BindPort
dst.DNS.BindHosts = src.DNS.BindHosts dst.DNS.BindHosts = src.DNS.BindHosts
dst.DNS.Port = src.DNS.Port dst.DNS.Port = src.DNS.Port
} }
@ -413,8 +413,7 @@ func (web *webAPI) handleInstallConfigure(w http.ResponseWriter, r *http.Request
copyInstallSettings(curConfig, config) copyInstallSettings(curConfig, config)
Context.firstRun = false Context.firstRun = false
config.BindHost = req.Web.IP config.HTTPConfig.Address = netip.AddrPortFrom(req.Web.IP, uint16(req.Web.Port))
config.BindPort = req.Web.Port
config.DNS.BindHosts = []netip.Addr{req.DNS.IP} config.DNS.BindHosts = []netip.Addr{req.DNS.IP}
config.DNS.Port = req.DNS.Port config.DNS.Port = req.DNS.Port
@ -487,7 +486,8 @@ func decodeApplyConfigReq(r io.Reader) (req *applyConfigReq, restartHTTP bool, e
return nil, false, errors.Error("ports cannot be 0") return nil, false, errors.Error("ports cannot be 0")
} }
restartHTTP = config.BindHost != req.Web.IP || config.BindPort != req.Web.Port addrPort := config.HTTPConfig.Address
restartHTTP = addrPort.Addr() != req.Web.IP || int(addrPort.Port()) != req.Web.Port
if restartHTTP { if restartHTTP {
err = aghnet.CheckPort("tcp", netip.AddrPortFrom(req.Web.IP, uint16(req.Web.Port))) err = aghnet.CheckPort("tcp", netip.AddrPortFrom(req.Web.IP, uint16(req.Web.Port)))
if err != nil { if err != nil {

View file

@ -157,7 +157,9 @@ func (vr *versionResponse) setAllowedToAutoUpdate() (err error) {
Context.tls.WriteDiskConfig(tlsConf) Context.tls.WriteDiskConfig(tlsConf)
canUpdate := true canUpdate := true
if tlsConfUsesPrivilegedPorts(tlsConf) || config.BindPort < 1024 || config.DNS.Port < 1024 { if tlsConfUsesPrivilegedPorts(tlsConf) ||
config.HTTPConfig.Address.Port() < 1024 ||
config.DNS.Port < 1024 {
canUpdate, err = aghnet.CanBindPrivilegedPorts() canUpdate, err = aghnet.CanBindPrivilegedPorts()
if err != nil { if err != nil {
return fmt.Errorf("checking ability to bind privileged ports: %w", err) return fmt.Errorf("checking ability to bind privileged ports: %w", err)

View file

@ -372,8 +372,26 @@ func initContextClients() (err error) {
// setupBindOpts overrides bind host/port from the opts. // setupBindOpts overrides bind host/port from the opts.
func setupBindOpts(opts options) (err error) { func setupBindOpts(opts options) (err error) {
bindAddr := opts.bindAddr
if bindAddr != (netip.AddrPort{}) {
config.HTTPConfig.Address = bindAddr
if config.HTTPConfig.Address.Port() != 0 {
err = checkPorts()
if err != nil {
// Don't wrap the error, because it's informative enough as is.
return err
}
}
return nil
}
if opts.bindPort != 0 { if opts.bindPort != 0 {
config.BindPort = opts.bindPort config.HTTPConfig.Address = netip.AddrPortFrom(
config.HTTPConfig.Address.Addr(),
uint16(opts.bindPort),
)
err = checkPorts() err = checkPorts()
if err != nil { if err != nil {
@ -383,20 +401,10 @@ func setupBindOpts(opts options) (err error) {
} }
if opts.bindHost.IsValid() { if opts.bindHost.IsValid() {
config.BindHost = opts.bindHost config.HTTPConfig.Address = netip.AddrPortFrom(
} opts.bindHost,
config.HTTPConfig.Address.Port(),
// Rewrite deprecated options. )
bindAddr := opts.bindAddr
if bindAddr.IsValid() {
config.BindHost = bindAddr.Addr()
config.BindPort = int(bindAddr.Port())
err = checkPorts()
if err != nil {
// Don't wrap the error, because it's informative enough as is.
return err
}
} }
return nil return nil
@ -480,7 +488,7 @@ func setupDNSFilteringConf(conf *filtering.Config) (err error) {
// checkPorts is a helper for ports validation in config. // checkPorts is a helper for ports validation in config.
func checkPorts() (err error) { func checkPorts() (err error) {
tcpPorts := aghalg.UniqChecker[tcpPort]{} tcpPorts := aghalg.UniqChecker[tcpPort]{}
addPorts(tcpPorts, tcpPort(config.BindPort)) addPorts(tcpPorts, tcpPort(config.HTTPConfig.Address.Port()))
udpPorts := aghalg.UniqChecker[udpPort]{} udpPorts := aghalg.UniqChecker[udpPort]{}
addPorts(udpPorts, udpPort(config.DNS.Port)) addPorts(udpPorts, udpPort(config.DNS.Port))
@ -520,8 +528,8 @@ func initWeb(opts options, clientBuildFS fs.FS) (web *webAPI, err error) {
webConf := webConfig{ webConf := webConfig{
firstRun: Context.firstRun, firstRun: Context.firstRun,
BindHost: config.BindHost, BindHost: config.HTTPConfig.Address.Addr(),
BindPort: config.BindPort, BindPort: int(config.HTTPConfig.Address.Port()),
ReadTimeout: readTimeout, ReadTimeout: readTimeout,
ReadHeaderTimeout: readHdrTimeout, ReadHeaderTimeout: readHdrTimeout,
@ -657,8 +665,8 @@ func initUsers() (auth *Auth, err error) {
log.Info("authratelimiter is disabled") log.Info("authratelimiter is disabled")
} }
sessionTTL := config.WebSessionTTLHours * 60 * 60 sessionTTL := config.HTTPConfig.SessionTTL.Seconds()
auth = InitAuth(sessFilename, config.Users, sessionTTL, rateLimiter) auth = InitAuth(sessFilename, config.Users, uint32(sessionTTL), rateLimiter)
if auth == nil { if auth == nil {
return nil, errors.Error("initializing auth module failed") return nil, errors.Error("initializing auth module failed")
} }
@ -936,7 +944,7 @@ func printHTTPAddresses(proto string) {
Context.tls.WriteDiskConfig(&tlsConf) Context.tls.WriteDiskConfig(&tlsConf)
} }
port := config.BindPort port := int(config.HTTPConfig.Address.Port())
if proto == aghhttp.SchemeHTTPS { if proto == aghhttp.SchemeHTTPS {
port = tlsConf.PortHTTPS port = tlsConf.PortHTTPS
} }
@ -948,9 +956,9 @@ func printHTTPAddresses(proto string) {
return return
} }
bindhost := config.BindHost bindHost := config.HTTPConfig.Address.Addr()
if !bindhost.IsUnspecified() { if !bindHost.IsUnspecified() {
printWebAddrs(proto, bindhost.String(), port) printWebAddrs(proto, bindHost.String(), port)
return return
} }
@ -961,14 +969,14 @@ func printHTTPAddresses(proto string) {
// That's weird, but we'll ignore it. // That's weird, but we'll ignore it.
// //
// TODO(e.burkov): Find out when it happens. // TODO(e.burkov): Find out when it happens.
printWebAddrs(proto, bindhost.String(), port) printWebAddrs(proto, bindHost.String(), port)
return return
} }
for _, iface := range ifaces { for _, iface := range ifaces {
for _, addr := range iface.Addresses { for _, addr := range iface.Addresses {
printWebAddrs(proto, addr.String(), config.BindPort) printWebAddrs(proto, addr.String(), port)
} }
} }
} }

View file

@ -320,7 +320,7 @@ func (m *tlsManager) handleTLSValidate(w http.ResponseWriter, r *http.Request) {
if setts.Enabled { if setts.Enabled {
err = validatePorts( err = validatePorts(
tcpPort(config.BindPort), tcpPort(config.HTTPConfig.Address.Port()),
tcpPort(setts.PortHTTPS), tcpPort(setts.PortHTTPS),
tcpPort(setts.PortDNSOverTLS), tcpPort(setts.PortDNSOverTLS),
tcpPort(setts.PortDNSCrypt), tcpPort(setts.PortDNSCrypt),
@ -407,7 +407,7 @@ func (m *tlsManager) handleTLSConfigure(w http.ResponseWriter, r *http.Request)
if req.Enabled { if req.Enabled {
err = validatePorts( err = validatePorts(
tcpPort(config.BindPort), tcpPort(config.HTTPConfig.Address.Port()),
tcpPort(req.PortHTTPS), tcpPort(req.PortHTTPS),
tcpPort(req.PortDNSOverTLS), tcpPort(req.PortDNSOverTLS),
tcpPort(req.PortDNSCrypt), tcpPort(req.PortDNSCrypt),

View file

@ -3,6 +3,7 @@ package home
import ( import (
"bytes" "bytes"
"fmt" "fmt"
"net/netip"
"net/url" "net/url"
"os" "os"
"path" "path"
@ -22,7 +23,7 @@ import (
) )
// currentSchemaVersion is the current schema version. // currentSchemaVersion is the current schema version.
const currentSchemaVersion = 22 const currentSchemaVersion = 23
// These aliases are provided for convenience. // These aliases are provided for convenience.
type ( type (
@ -96,6 +97,7 @@ func upgradeConfigSchema(oldVersion int, diskConf yobj) (err error) {
upgradeSchema19to20, upgradeSchema19to20,
upgradeSchema20to21, upgradeSchema20to21,
upgradeSchema21to22, upgradeSchema21to22,
upgradeSchema22to23,
} }
n := 0 n := 0
@ -1256,6 +1258,73 @@ func upgradeSchema21to22(diskConf yobj) (err error) {
return nil return nil
} }
// upgradeSchema22to23 performs the following changes:
//
// # BEFORE:
// 'bind_host': '1.2.3.4'
// 'bind_port': 8080
// 'web_session_ttl': 720
//
// # AFTER:
// 'http':
// 'address': '1.2.3.4:8080'
// 'session_ttl': '720h'
func upgradeSchema22to23(diskConf yobj) (err error) {
log.Printf("Upgrade yaml: 22 to 23")
diskConf["schema_version"] = 23
bindHostVal, ok := diskConf["bind_host"]
if !ok {
return nil
}
bindHost, ok := bindHostVal.(string)
if !ok {
return fmt.Errorf("unexpected type of bind_host: %T", bindHostVal)
}
bindHostAddr, err := netip.ParseAddr(bindHost)
if err != nil {
return fmt.Errorf("invalid bind_host value: %s", bindHost)
}
bindPortVal, ok := diskConf["bind_port"]
if !ok {
return nil
}
bindPort, ok := bindPortVal.(int)
if !ok {
return fmt.Errorf("unexpected type of bind_port: %T", bindPortVal)
}
sessionTTLVal, ok := diskConf["web_session_ttl"]
if !ok {
return nil
}
sessionTTL, ok := sessionTTLVal.(int)
if !ok {
return fmt.Errorf("unexpected type of web_session_ttl: %T", sessionTTLVal)
}
addr := netip.AddrPortFrom(bindHostAddr, uint16(bindPort))
if !addr.IsValid() {
return fmt.Errorf("invalid address: %s", addr)
}
diskConf["http"] = yobj{
"address": addr.String(),
"session_ttl": timeutil.Duration{Duration: time.Duration(sessionTTL) * time.Hour}.String(),
}
delete(diskConf, "bind_host")
delete(diskConf, "bind_port")
delete(diskConf, "web_session_ttl")
return nil
}
// TODO(a.garipov): Replace with log.Output when we port it to our logging // TODO(a.garipov): Replace with log.Output when we port it to our logging
// package. // package.
func funcName() string { func funcName() string {

View file

@ -1253,3 +1253,56 @@ func TestUpgradeSchema21to22(t *testing.T) {
}) })
} }
} }
func TestUpgradeSchema22to23(t *testing.T) {
const newSchemaVer = 23
testCases := []struct {
in yobj
want yobj
name string
}{{
name: "empty",
in: yobj{},
want: yobj{
"schema_version": newSchemaVer,
},
}, {
name: "ok",
in: yobj{
"bind_host": "1.2.3.4",
"bind_port": 8081,
"web_session_ttl": 720,
},
want: yobj{
"http": yobj{
"address": "1.2.3.4:8081",
"session_ttl": "720h",
},
"schema_version": newSchemaVer,
},
}, {
name: "v6_address",
in: yobj{
"bind_host": "2001:db8::1",
"bind_port": 8081,
"web_session_ttl": 720,
},
want: yobj{
"http": yobj{
"address": "[2001:db8::1]:8081",
"session_ttl": "720h",
},
"schema_version": newSchemaVer,
},
}}
for _, tc := range testCases {
t.Run(tc.name, func(t *testing.T) {
err := upgradeSchema22to23(tc.in)
require.NoError(t, err)
assert.Equal(t, tc.want, tc.in)
})
}
}

View file

@ -119,7 +119,9 @@ func webCheckPortAvailable(port int) (ok bool) {
return true return true
} }
return aghnet.CheckPort("tcp", netip.AddrPortFrom(config.BindHost, uint16(port))) == nil addrPort := netip.AddrPortFrom(config.HTTPConfig.Address.Addr(), uint16(port))
return aghnet.CheckPort("tcp", addrPort) == nil
} }
// tlsConfigChanged updates the TLS configuration and restarts the HTTPS server // tlsConfigChanged updates the TLS configuration and restarts the HTTPS server

View file

@ -1,7 +1,20 @@
#!/bin/sh #!/bin/sh
conf_file="${SNAP_DATA}/AdGuardHome.yaml"
readonly conf_file
if ! [ -f "$conf_file" ]
then
xdg-open 'http://localhost:3000'
exit
fi
# Get the admin interface port from the configuration. # Get the admin interface port from the configuration.
bind_port="$( grep -e 'bind_port' "${SNAP_DATA}/AdGuardHome.yaml" | awk -F ' ' '{print $2}' )" awk_prog='/^[^[:space:]]/ { is_http = /^http:/ };/^[[:space:]]+address:/ { if (is_http) print $2 }'
readonly awk_prog
bind_port="$( awk "$awk_prog" "$conf_file" | awk -F ':' '{print $NF}' )"
readonly bind_port readonly bind_port
if [ "$bind_port" = '' ] if [ "$bind_port" = '' ]