Architectural shift to using context for config and module state

This commit is contained in:
Matthew Holt 2019-05-16 16:05:38 -06:00
parent ff5b4639d5
commit 1f0c061ce3
11 changed files with 313 additions and 359 deletions

167
caddy.go
View file

@ -1,25 +1,23 @@
package caddy2 package caddy2
import ( import (
"context"
"encoding/json" "encoding/json"
"fmt" "fmt"
"log" "log"
"strings" "strings"
"sync" "sync"
"sync/atomic"
"time" "time"
"github.com/mholt/certmagic" "github.com/mholt/certmagic"
) )
// Run runs Caddy with the given config. // Run runs Caddy with the given config.
func Run(cfg *Config) error { func Run(newCfg *Config) error {
// allow only one call to Start at a time, currentCfgMu.Lock()
// since various calls to LoadModule() defer currentCfgMu.Unlock()
// access shared map moduleInstances
startMu.Lock()
defer startMu.Unlock()
if newCfg != nil {
// because we will need to roll back any state // because we will need to roll back any state
// modifications if this function errors, we // modifications if this function errors, we
// keep a single error value and scope all // keep a single error value and scope all
@ -30,26 +28,26 @@ func Run(cfg *Config) error {
var err error var err error
// prepare the new config for use // prepare the new config for use
cfg.apps = make(map[string]App) newCfg.apps = make(map[string]App)
cfg.moduleStates = make(map[string]interface{})
// reset the shared moduleInstances map; but // create a context within which to load
// keep a temporary reference to the current // modules - essentially our new config's
// one so we can transfer over any necessary // execution environment; be sure that
// state to the new modules or to roll back // cleanup occurs when we return if there
// if necessary // was an error; otherwise, it will get
oldModuleInstances := moduleInstances // cleaned up on next config cycle
ctx, cancel := NewContext(Context{Context: context.Background(), cfg: newCfg})
defer func() { defer func() {
if err != nil { if err != nil {
moduleInstances = oldModuleInstances cancel() // clean up now
} }
}() }()
moduleInstances = make(map[string][]interface{}) newCfg.cancelFunc = cancel // clean up later
// set up storage and make it CertMagic's default storage, too // set up storage and make it CertMagic's default storage, too
err = func() error { err = func() error {
if cfg.StorageRaw != nil { if newCfg.StorageRaw != nil {
val, err := LoadModuleInline("system", "caddy.storage", cfg.StorageRaw) val, err := ctx.LoadModuleInline("system", "caddy.storage", newCfg.StorageRaw)
if err != nil { if err != nil {
return fmt.Errorf("loading storage module: %v", err) return fmt.Errorf("loading storage module: %v", err)
} }
@ -57,13 +55,13 @@ func Run(cfg *Config) error {
if err != nil { if err != nil {
return fmt.Errorf("creating storage value: %v", err) return fmt.Errorf("creating storage value: %v", err)
} }
cfg.storage = stor newCfg.storage = stor
cfg.StorageRaw = nil // allow GC to deallocate - TODO: Does this help? newCfg.StorageRaw = nil // allow GC to deallocate - TODO: Does this help?
} }
if cfg.storage == nil { if newCfg.storage == nil {
cfg.storage = &certmagic.FileStorage{Path: dataDir()} newCfg.storage = &certmagic.FileStorage{Path: dataDir()}
} }
certmagic.Default.Storage = cfg.storage certmagic.Default.Storage = newCfg.storage
return nil return nil
}() }()
@ -73,12 +71,12 @@ func Run(cfg *Config) error {
// Load, Provision, Validate // Load, Provision, Validate
err = func() error { err = func() error {
for modName, rawMsg := range cfg.AppsRaw { for modName, rawMsg := range newCfg.AppsRaw {
val, err := LoadModule(modName, rawMsg) val, err := ctx.LoadModule(modName, rawMsg)
if err != nil { if err != nil {
return fmt.Errorf("loading app module '%s': %v", modName, err) return fmt.Errorf("loading app module '%s': %v", modName, err)
} }
cfg.apps[modName] = val.(App) newCfg.apps[modName] = val.(App)
} }
return nil return nil
}() }()
@ -86,42 +84,35 @@ func Run(cfg *Config) error {
return err return err
} }
// swap old config with the new one, and
// roll back this change if anything fails
currentCfgMu.Lock()
oldCfg := currentCfg
currentCfg = cfg
currentCfgMu.Unlock()
defer func() {
if err != nil {
currentCfgMu.Lock()
currentCfg = oldCfg
currentCfgMu.Unlock()
}
}()
// Start // Start
err = func() error { err = func() error {
h := Handle{cfg} var started []string
for name, a := range cfg.apps { for name, a := range newCfg.apps {
err := a.Start(h) err := a.Start()
if err != nil { if err != nil {
for otherAppName, otherApp := range cfg.apps { for _, otherAppName := range started {
err := otherApp.Stop() err2 := newCfg.apps[otherAppName].Stop()
if err != nil { if err2 != nil {
log.Printf("aborting app %s: %v", otherAppName, err) err = fmt.Errorf("%v; additionally, aborting app %s: %v",
err, otherAppName, err2)
} }
} }
return fmt.Errorf("%s app module: start: %v", name, err) return fmt.Errorf("%s app module: start: %v", name, err)
} }
started = append(started, name)
} }
return nil return nil
}() }()
if err != nil { if err != nil {
return err return err
} }
}
// Stop // swap old config with the new one
oldCfg := currentCfg
currentCfg = newCfg
// Stop, Cleanup
if oldCfg != nil { if oldCfg != nil {
for name, a := range oldCfg.apps { for name, a := range oldCfg.apps {
err := a.Stop() err := a.Stop()
@ -129,26 +120,9 @@ func Run(cfg *Config) error {
log.Printf("[ERROR] stop %s: %v", name, err) log.Printf("[ERROR] stop %s: %v", name, err)
} }
} }
}
// shut down listeners that are no longer being used // clean up old modules
err = func() error { oldCfg.cancelFunc()
listenersMu.Lock()
for key, info := range listeners {
if atomic.LoadInt32(&info.usage) == 0 {
err := info.ln.Close()
if err != nil {
log.Printf("[ERROR] closing listener %s: %v", info.ln.Addr(), err)
continue
}
delete(listeners, key)
}
}
listenersMu.Unlock()
return nil
}()
if err != nil {
return err
} }
return nil return nil
@ -156,7 +130,7 @@ func Run(cfg *Config) error {
// App is a thing that Caddy runs. // App is a thing that Caddy runs.
type App interface { type App interface {
Start(Handle) error Start() error
Stop() error Stop() error
} }
@ -172,46 +146,7 @@ type Config struct {
// keyed by module name. // keyed by module name.
apps map[string]App apps map[string]App
// moduleStates stores the optional "global" state cancelFunc context.CancelFunc
// values of every module used by this configuration,
// keyed by module name.
moduleStates map[string]interface{}
}
// Handle allows app modules to access
// the top-level Config in a controlled
// manner without needing to rely on
// global state.
type Handle struct {
current *Config
}
// App returns the configured app named name. If no app with
// that name is currently configured, a new empty one will be
// instantiated. (The app module must still be registered.)
func (h Handle) App(name string) (interface{}, error) {
if app, ok := h.current.apps[name]; ok {
return app, nil
}
modVal, err := LoadModule(name, nil)
if err != nil {
return nil, fmt.Errorf("instantiating new module %s: %v", name, err)
}
h.current.apps[name] = modVal.(App)
return modVal, nil
}
// GetStorage returns the configured Caddy storage implementation.
// If no storage implementation is explicitly configured, the
// default one is returned instead, as long as there is a current
// configuration loaded.
func GetStorage() certmagic.Storage {
currentCfgMu.RLock()
defer currentCfgMu.RUnlock()
if currentCfg == nil {
return nil
}
return currentCfg.storage
} }
// Duration is a JSON-string-unmarshable duration type. // Duration is a JSON-string-unmarshable duration type.
@ -236,17 +171,3 @@ var (
currentCfg *Config currentCfg *Config
currentCfgMu sync.RWMutex currentCfgMu sync.RWMutex
) )
// moduleInstances stores the individual instantiated
// values of modules, keyed by module name. The list
// of instances of each module get passed into the
// respective module's OnLoad callback, so they can
// set up any global state and/or make sure their
// configuration, when viewed as a whole, is valid.
// Since this list is shared, only one Start() routine
// must be allowed to happen at any given time.
var moduleInstances = make(map[string][]interface{})
// startMu ensures that only one Start() happens at a time.
// This is important since moduleInstances is shared state.
var startMu sync.Mutex

126
context.go Normal file
View file

@ -0,0 +1,126 @@
package caddy2
import (
"context"
"encoding/json"
"fmt"
"log"
"reflect"
"github.com/mholt/certmagic"
)
type Context struct {
context.Context
moduleInstances map[string][]interface{}
cfg *Config
}
func NewContext(ctx Context) (Context, context.CancelFunc) {
newCtx := Context{moduleInstances: make(map[string][]interface{}), cfg: ctx.cfg}
c, cancel := context.WithCancel(ctx.Context)
wrappedCancel := func() {
cancel()
for modName, modInstances := range newCtx.moduleInstances {
for _, inst := range modInstances {
if cu, ok := inst.(CleanerUpper); ok {
err := cu.Cleanup()
if err != nil {
log.Printf("[ERROR] %s (%p): cleanup: %v", modName, inst, err)
}
}
}
}
}
newCtx.Context = c
return newCtx, wrappedCancel
}
func (ctx Context) LoadModule(name string, rawMsg json.RawMessage) (interface{}, error) {
modulesMu.Lock()
mod, ok := modules[name]
modulesMu.Unlock()
if !ok {
return nil, fmt.Errorf("unknown module: %s", name)
}
if mod.New == nil {
return nil, fmt.Errorf("module '%s' has no constructor", mod.Name)
}
val, err := mod.New()
if err != nil {
return nil, fmt.Errorf("initializing module '%s': %v", mod.Name, err)
}
// value must be a pointer for unmarshaling into concrete type
if rv := reflect.ValueOf(val); rv.Kind() != reflect.Ptr {
val = reflect.New(rv.Type()).Elem().Addr().Interface()
}
// fill in its config only if there is a config to fill in
if len(rawMsg) > 0 {
err = json.Unmarshal(rawMsg, &val)
if err != nil {
return nil, fmt.Errorf("decoding module config: %s: %v", mod.Name, err)
}
}
if prov, ok := val.(Provisioner); ok {
err := prov.Provision(ctx)
if err != nil {
return nil, fmt.Errorf("provision %s: %v", mod.Name, err)
}
}
if validator, ok := val.(Validator); ok {
err := validator.Validate(ctx)
if err != nil {
if cleanerUpper, ok := val.(CleanerUpper); ok {
err2 := cleanerUpper.Cleanup()
if err2 != nil {
err = fmt.Errorf("%v; additionally, cleanup: %v", err, err2)
}
return nil, fmt.Errorf("%s: invalid configuration: %v", mod.Name, err)
}
}
}
ctx.moduleInstances[name] = append(ctx.moduleInstances[name], val)
return val, nil
}
func (ctx Context) LoadModuleInline(moduleNameKey, moduleScope string, raw json.RawMessage) (interface{}, error) {
moduleName, err := getModuleNameInline(moduleNameKey, raw)
if err != nil {
return nil, err
}
val, err := ctx.LoadModule(moduleScope+"."+moduleName, raw)
if err != nil {
return nil, fmt.Errorf("loading module '%s': %v", moduleName, err)
}
return val, nil
}
// App returns the configured app named name. If no app with
// that name is currently configured, a new empty one will be
// instantiated. (The app module must still be registered.)
func (ctx Context) App(name string) (interface{}, error) {
if app, ok := ctx.cfg.apps[name]; ok {
return app, nil
}
modVal, err := ctx.LoadModule(name, nil)
if err != nil {
return nil, fmt.Errorf("instantiating new module %s: %v", name, err)
}
ctx.cfg.apps[name] = modVal.(App)
return modVal, nil
}
// Storage returns the configured Caddy storage implementation.
func (ctx Context) Storage() certmagic.Storage {
return ctx.cfg.storage
}

View file

@ -9,6 +9,7 @@ import (
) )
// Listen returns a listener suitable for use in a Caddy module. // Listen returns a listener suitable for use in a Caddy module.
// Always be sure to close listeners when you are done with them.
func Listen(network, addr string) (net.Listener, error) { func Listen(network, addr string) (net.Listener, error) {
lnKey := network + "/" + addr lnKey := network + "/" + addr
@ -16,9 +17,9 @@ func Listen(network, addr string) (net.Listener, error) {
defer listenersMu.Unlock() defer listenersMu.Unlock()
// if listener already exists, increment usage counter, then return listener // if listener already exists, increment usage counter, then return listener
if lnInfo, ok := listeners[lnKey]; ok { if lnUsage, ok := listeners[lnKey]; ok {
atomic.AddInt32(&lnInfo.usage, 1) atomic.AddInt32(&lnUsage.usage, 1)
return &fakeCloseListener{usage: &lnInfo.usage, Listener: lnInfo.ln}, nil return &fakeCloseListener{usage: &lnUsage.usage, key: lnKey, Listener: lnUsage.ln}, nil
} }
// or, create new one and save it // or, create new one and save it
@ -28,10 +29,10 @@ func Listen(network, addr string) (net.Listener, error) {
} }
// make sure to start its usage counter at 1 // make sure to start its usage counter at 1
lnInfo := &listenerUsage{usage: 1, ln: ln} lnUsage := &listenerUsage{usage: 1, ln: ln}
listeners[lnKey] = lnInfo listeners[lnKey] = lnUsage
return &fakeCloseListener{usage: &lnInfo.usage, Listener: ln}, nil return &fakeCloseListener{usage: &lnUsage.usage, key: lnKey, Listener: ln}, nil
} }
// fakeCloseListener's Close() method is a no-op. This allows // fakeCloseListener's Close() method is a no-op. This allows
@ -42,6 +43,7 @@ func Listen(network, addr string) (net.Listener, error) {
type fakeCloseListener struct { type fakeCloseListener struct {
closed int32 // accessed atomically closed int32 // accessed atomically
usage *int32 // accessed atomically usage *int32 // accessed atomically
key string
net.Listener net.Listener
} }
@ -80,8 +82,9 @@ func (fcl *fakeCloseListener) Accept() (net.Conn, error) {
return nil, err return nil, err
} }
// Close stops accepting new connections, but does not // Close stops accepting new connections without
// actually close the underlying listener. // closing the underlying listener, unless no one
// else is using it.
func (fcl *fakeCloseListener) Close() error { func (fcl *fakeCloseListener) Close() error {
if atomic.CompareAndSwapInt32(&fcl.closed, 0, 1) { if atomic.CompareAndSwapInt32(&fcl.closed, 0, 1) {
// unfortunately, there is no way to cancel any // unfortunately, there is no way to cancel any
@ -99,8 +102,18 @@ func (fcl *fakeCloseListener) Close() error {
} }
// since we're no longer using this listener, // since we're no longer using this listener,
// decrement the usage counter // decrement the usage counter and, if no one
atomic.AddInt32(fcl.usage, -1) // else is using it, close underlying listener
if atomic.AddInt32(fcl.usage, -1) == 0 {
listenersMu.Lock()
delete(listeners, fcl.key)
listenersMu.Unlock()
err := fcl.Listener.Close()
if err != nil {
return err
}
}
} }
return nil return nil

View file

@ -3,7 +3,6 @@ package caddy2
import ( import (
"encoding/json" "encoding/json"
"fmt" "fmt"
"reflect"
"sort" "sort"
"strings" "strings"
"sync" "sync"
@ -32,9 +31,6 @@ func RegisterModule(mod Module) error {
if mod.Name == "caddy" { if mod.Name == "caddy" {
return fmt.Errorf("modules cannot be named 'caddy'") return fmt.Errorf("modules cannot be named 'caddy'")
} }
if strings.HasPrefix(mod.Name, "caddy.") {
return fmt.Errorf("modules cannot be namespaced in 'caddy'")
}
modulesMu.Lock() modulesMu.Lock()
defer modulesMu.Unlock() defer modulesMu.Unlock()
@ -123,88 +119,6 @@ func Modules() []string {
return names return names
} }
// LoadModule decodes rawMsg into a new instance of mod and
// returns the value. If mod.New() does not return a pointer
// value, it is converted to one so that it is unmarshaled
// into the underlying concrete type. If mod.New is nil, an
// error is returned. If the module implements Validator or
// Provisioner interfaces, those methods are invoked to
// ensure the module is fully configured and valid before
// being used.
func LoadModule(name string, rawMsg json.RawMessage) (interface{}, error) {
modulesMu.Lock()
mod, ok := modules[name]
modulesMu.Unlock()
if !ok {
return nil, fmt.Errorf("unknown module: %s", name)
}
if mod.New == nil {
return nil, fmt.Errorf("module '%s' has no constructor", mod.Name)
}
val, err := mod.New()
if err != nil {
return nil, fmt.Errorf("initializing module '%s': %v", mod.Name, err)
}
// value must be a pointer for unmarshaling into concrete type
if rv := reflect.ValueOf(val); rv.Kind() != reflect.Ptr {
val = reflect.New(rv.Type()).Elem().Addr().Interface()
}
// fill in its config only if there is a config to fill in
if len(rawMsg) > 0 {
err = json.Unmarshal(rawMsg, &val)
if err != nil {
return nil, fmt.Errorf("decoding module config: %s: %v", mod.Name, err)
}
}
if prov, ok := val.(Provisioner); ok {
err := prov.Provision()
if err != nil {
return nil, fmt.Errorf("provision %s: %v", mod.Name, err)
}
}
if validator, ok := val.(Validator); ok {
err := validator.Validate()
if err != nil {
return nil, fmt.Errorf("%s: invalid configuration: %v", mod.Name, err)
}
}
moduleInstances[mod.Name] = append(moduleInstances[mod.Name], val)
return val, nil
}
// LoadModuleInline loads a module from a JSON raw message which decodes
// to a map[string]interface{}, where one of the keys is moduleNameKey
// and the corresponding value is the module name as a string, which
// can be found in the given scope.
//
// This allows modules to be decoded into their concrete types and
// used when their names cannot be the unique key in a map, such as
// when there are multiple instances in the map or it appears in an
// array (where there are no custom keys). In other words, the key
// containing the module name is treated special/separate from all
// the other keys.
func LoadModuleInline(moduleNameKey, moduleScope string, raw json.RawMessage) (interface{}, error) {
moduleName, err := getModuleNameInline(moduleNameKey, raw)
if err != nil {
return nil, err
}
val, err := LoadModule(moduleScope+"."+moduleName, raw)
if err != nil {
return nil, fmt.Errorf("loading module '%s': %v", moduleName, err)
}
return val, nil
}
// getModuleNameInline loads the string value from raw of moduleNameKey, // getModuleNameInline loads the string value from raw of moduleNameKey,
// where raw must be a JSON encoding of a map. // where raw must be a JSON encoding of a map.
func getModuleNameInline(moduleNameKey string, raw json.RawMessage) (string, error) { func getModuleNameInline(moduleNameKey string, raw json.RawMessage) (string, error) {
@ -228,14 +142,19 @@ func getModuleNameInline(moduleNameKey string, raw json.RawMessage) (string, err
// always be fast (imperceptible running time) and an error should // always be fast (imperceptible running time) and an error should
// be returned only if the value's configuration is invalid. // be returned only if the value's configuration is invalid.
type Validator interface { type Validator interface {
Validate() error Validate(Context) error
} }
// Provisioner is implemented by modules which may need to perform // Provisioner is implemented by modules which may need to perform
// some additional "setup" steps immediately after being loaded. // some additional "setup" steps immediately after being loaded.
// This method will be called after Validate() (if implemented). // This method will be called after Validate() (if implemented).
type Provisioner interface { type Provisioner interface {
Provision() error Provision(Context) error
}
// TODO: different name...
type CleanerUpper interface {
Cleanup() error
} }
var ( var (

View file

@ -37,16 +37,20 @@ type App struct {
Servers map[string]*Server `json:"servers"` Servers map[string]*Server `json:"servers"`
servers []*http.Server servers []*http.Server
ctx caddy2.Context
} }
// Provision sets up the app. // Provision sets up the app.
func (hc *App) Provision() error { func (app *App) Provision(ctx caddy2.Context) error {
for _, srv := range hc.Servers { app.ctx = ctx
err := srv.Routes.Provision()
for _, srv := range app.Servers {
err := srv.Routes.Provision(ctx)
if err != nil { if err != nil {
return fmt.Errorf("setting up server routes: %v", err) return fmt.Errorf("setting up server routes: %v", err)
} }
err = srv.Errors.Routes.Provision() err = srv.Errors.Routes.Provision(ctx)
if err != nil { if err != nil {
return fmt.Errorf("setting up server error handling routes: %v", err) return fmt.Errorf("setting up server error handling routes: %v", err)
} }
@ -56,10 +60,10 @@ func (hc *App) Provision() error {
} }
// Validate ensures the app's configuration is valid. // Validate ensures the app's configuration is valid.
func (hc *App) Validate() error { func (app *App) Validate() error {
// each server must use distinct listener addresses // each server must use distinct listener addresses
lnAddrs := make(map[string]string) lnAddrs := make(map[string]string)
for srvName, srv := range hc.Servers { for srvName, srv := range app.Servers {
for _, addr := range srv.Listen { for _, addr := range srv.Listen {
netw, expanded, err := parseListenAddr(addr) netw, expanded, err := parseListenAddr(addr)
if err != nil { if err != nil {
@ -78,13 +82,13 @@ func (hc *App) Validate() error {
} }
// Start runs the app. It sets up automatic HTTPS if enabled. // Start runs the app. It sets up automatic HTTPS if enabled.
func (hc *App) Start(handle caddy2.Handle) error { func (app *App) Start() error {
err := hc.automaticHTTPS(handle) err := app.automaticHTTPS()
if err != nil { if err != nil {
return fmt.Errorf("enabling automatic HTTPS: %v", err) return fmt.Errorf("enabling automatic HTTPS: %v", err)
} }
for srvName, srv := range hc.Servers { for srvName, srv := range app.Servers {
s := &http.Server{ s := &http.Server{
ReadTimeout: time.Duration(srv.ReadTimeout), ReadTimeout: time.Duration(srv.ReadTimeout),
ReadHeaderTimeout: time.Duration(srv.ReadHeaderTimeout), ReadHeaderTimeout: time.Duration(srv.ReadHeaderTimeout),
@ -110,13 +114,13 @@ func (hc *App) Start(handle caddy2.Handle) error {
} }
// enable TLS // enable TLS
httpPort := hc.HTTPPort httpPort := app.HTTPPort
if httpPort == 0 { if httpPort == 0 {
httpPort = DefaultHTTPPort httpPort = DefaultHTTPPort
} }
_, port, _ := net.SplitHostPort(addr) _, port, _ := net.SplitHostPort(addr)
if len(srv.TLSConnPolicies) > 0 && port != strconv.Itoa(httpPort) { if len(srv.TLSConnPolicies) > 0 && port != strconv.Itoa(httpPort) {
tlsCfg, err := srv.TLSConnPolicies.TLSConfig(handle) tlsCfg, err := srv.TLSConnPolicies.TLSConfig(app.ctx)
if err != nil { if err != nil {
return fmt.Errorf("%s/%s: making TLS configuration: %v", network, addr, err) return fmt.Errorf("%s/%s: making TLS configuration: %v", network, addr, err)
} }
@ -124,7 +128,7 @@ func (hc *App) Start(handle caddy2.Handle) error {
} }
go s.Serve(ln) go s.Serve(ln)
hc.servers = append(hc.servers, s) app.servers = append(app.servers, s)
} }
} }
} }
@ -133,14 +137,14 @@ func (hc *App) Start(handle caddy2.Handle) error {
} }
// Stop gracefully shuts down the HTTP server. // Stop gracefully shuts down the HTTP server.
func (hc *App) Stop() error { func (app *App) Stop() error {
ctx := context.Background() ctx := context.Background()
if hc.GracePeriod > 0 { if app.GracePeriod > 0 {
var cancel context.CancelFunc var cancel context.CancelFunc
ctx, cancel = context.WithTimeout(ctx, time.Duration(hc.GracePeriod)) ctx, cancel = context.WithTimeout(ctx, time.Duration(app.GracePeriod))
defer cancel() defer cancel()
} }
for _, s := range hc.servers { for _, s := range app.servers {
err := s.Shutdown(ctx) err := s.Shutdown(ctx)
if err != nil { if err != nil {
return err return err
@ -149,8 +153,8 @@ func (hc *App) Stop() error {
return nil return nil
} }
func (hc *App) automaticHTTPS(handle caddy2.Handle) error { func (app *App) automaticHTTPS() error {
tlsAppIface, err := handle.App("tls") tlsAppIface, err := app.ctx.App("tls")
if err != nil { if err != nil {
return fmt.Errorf("getting tls app: %v", err) return fmt.Errorf("getting tls app: %v", err)
} }
@ -159,7 +163,7 @@ func (hc *App) automaticHTTPS(handle caddy2.Handle) error {
lnAddrMap := make(map[string]struct{}) lnAddrMap := make(map[string]struct{})
var redirRoutes RouteList var redirRoutes RouteList
for srvName, srv := range hc.Servers { for srvName, srv := range app.Servers {
srv.tlsApp = tlsApp srv.tlsApp = tlsApp
if srv.DisableAutoHTTPS { if srv.DisableAutoHTTPS {
@ -209,7 +213,7 @@ func (hc *App) automaticHTTPS(handle caddy2.Handle) error {
if err != nil { if err != nil {
return fmt.Errorf("%s: invalid listener address: %v", srvName, addr) return fmt.Errorf("%s: invalid listener address: %v", srvName, addr)
} }
httpRedirLnAddr := joinListenAddr(netw, host, strconv.Itoa(hc.HTTPPort)) httpRedirLnAddr := joinListenAddr(netw, host, strconv.Itoa(app.HTTPPort))
lnAddrMap[httpRedirLnAddr] = struct{}{} lnAddrMap[httpRedirLnAddr] = struct{}{}
if parts := strings.SplitN(port, "-", 2); len(parts) == 2 { if parts := strings.SplitN(port, "-", 2); len(parts) == 2 {
@ -217,7 +221,7 @@ func (hc *App) automaticHTTPS(handle caddy2.Handle) error {
} }
redirTo := "https://{request.host}" redirTo := "https://{request.host}"
httpsPort := hc.HTTPSPort httpsPort := app.HTTPSPort
if httpsPort == 0 { if httpsPort == 0 {
httpsPort = DefaultHTTPSPort httpsPort = DefaultHTTPSPort
} }
@ -253,13 +257,13 @@ func (hc *App) automaticHTTPS(handle caddy2.Handle) error {
continue continue
} }
for _, a := range addrs { for _, a := range addrs {
if hc.listenerTaken(netw, a) { if app.listenerTaken(netw, a) {
continue mapLoop continue mapLoop
} }
} }
lnAddrs = append(lnAddrs, addr) lnAddrs = append(lnAddrs, addr)
} }
hc.Servers["auto_https_redirects"] = &Server{ app.Servers["auto_https_redirects"] = &Server{
Listen: lnAddrs, Listen: lnAddrs,
Routes: redirRoutes, Routes: redirRoutes,
DisableAutoHTTPS: true, DisableAutoHTTPS: true,
@ -269,8 +273,8 @@ func (hc *App) automaticHTTPS(handle caddy2.Handle) error {
return nil return nil
} }
func (hc *App) listenerTaken(network, address string) bool { func (app *App) listenerTaken(network, address string) bool {
for _, srv := range hc.Servers { for _, srv := range app.Servers {
for _, addr := range srv.Listen { for _, addr := range srv.Listen {
netw, addrs, err := parseListenAddr(addr) netw, addrs, err := parseListenAddr(addr)
if err != nil || netw != network { if err != nil || netw != network {
@ -491,3 +495,4 @@ const (
// Interface guards // Interface guards
var _ HTTPInterfaces = middlewareResponseWriter{} var _ HTTPInterfaces = middlewareResponseWriter{}
var _ caddy2.App = (*App)(nil)

View file

@ -1,8 +1,6 @@
package reverseproxy package reverseproxy
import ( import (
"fmt"
"bitbucket.org/lightcodelabs/caddy2" "bitbucket.org/lightcodelabs/caddy2"
) )
@ -11,36 +9,5 @@ func init() {
caddy2.RegisterModule(caddy2.Module{ caddy2.RegisterModule(caddy2.Module{
Name: "http.responders.reverse_proxy", Name: "http.responders.reverse_proxy",
New: func() (interface{}, error) { return new(LoadBalanced), nil }, New: func() (interface{}, error) { return new(LoadBalanced), nil },
OnLoad: func(instances []interface{}, _ interface{}) (interface{}, error) {
// we don't need to do anything with prior state because healthcheckers are
// cleaned up in OnUnload.
s := &State{
HealthCheckers: []*HealthChecker{},
}
for _, i := range instances {
lb := i.(*LoadBalanced)
err := NewLoadBalancedReverseProxy(lb, s)
if err != nil {
return nil, err
}
}
return s, nil
},
OnUnload: func(state interface{}) error {
s, ok := state.(*State)
if !ok {
return fmt.Errorf("proxy OnLoad: prior state not expected proxy.State type")
}
// cleanup old healthcheckers
for _, hc := range s.HealthCheckers {
hc.Stop()
}
return nil
},
}) })
} }

View file

@ -76,7 +76,7 @@ var (
) )
// NewLoadBalancedReverseProxy returns a collection of Upstreams that are to be loadbalanced. // NewLoadBalancedReverseProxy returns a collection of Upstreams that are to be loadbalanced.
func NewLoadBalancedReverseProxy(lb *LoadBalanced, state *State) error { func NewLoadBalancedReverseProxy(lb *LoadBalanced, state *State, ctx caddy2.Context) error {
// set defaults // set defaults
if lb.NoHealthyUpstreamsMessage == "" { if lb.NoHealthyUpstreamsMessage == "" {
lb.NoHealthyUpstreamsMessage = msgNoHealthyUpstreams lb.NoHealthyUpstreamsMessage = msgNoHealthyUpstreams
@ -115,7 +115,7 @@ func NewLoadBalancedReverseProxy(lb *LoadBalanced, state *State) error {
if uc.CircuitBreaker != nil { if uc.CircuitBreaker != nil {
if _, err := caddy2.GetModule(cbModule); err == nil { if _, err := caddy2.GetModule(cbModule); err == nil {
val, err := caddy2.LoadModule(cbModule, uc.CircuitBreaker) val, err := ctx.LoadModule(cbModule, uc.CircuitBreaker)
if err == nil { if err == nil {
cbv, ok := val.(CircuitBreaker) cbv, ok := val.(CircuitBreaker)
if ok { if ok {

View file

@ -29,11 +29,11 @@ type ServerRoute struct {
type RouteList []ServerRoute type RouteList []ServerRoute
// Provision sets up all the routes by loading the modules. // Provision sets up all the routes by loading the modules.
func (routes RouteList) Provision() error { func (routes RouteList) Provision(ctx caddy2.Context) error {
for i, route := range routes { for i, route := range routes {
// matchers // matchers
for modName, rawMsg := range route.Matchers { for modName, rawMsg := range route.Matchers {
val, err := caddy2.LoadModule("http.matchers."+modName, rawMsg) val, err := ctx.LoadModule("http.matchers."+modName, rawMsg)
if err != nil { if err != nil {
return fmt.Errorf("loading matcher module '%s': %v", modName, err) return fmt.Errorf("loading matcher module '%s': %v", modName, err)
} }
@ -43,7 +43,7 @@ func (routes RouteList) Provision() error {
// middleware // middleware
for j, rawMsg := range route.Apply { for j, rawMsg := range route.Apply {
mid, err := caddy2.LoadModuleInline("middleware", "http.middleware", rawMsg) mid, err := ctx.LoadModuleInline("middleware", "http.middleware", rawMsg)
if err != nil { if err != nil {
return fmt.Errorf("loading middleware module in position %d: %v", j, err) return fmt.Errorf("loading middleware module in position %d: %v", j, err)
} }
@ -53,7 +53,7 @@ func (routes RouteList) Provision() error {
// responder // responder
if route.Respond != nil { if route.Respond != nil {
resp, err := caddy2.LoadModuleInline("responder", "http.responders", route.Respond) resp, err := ctx.LoadModuleInline("responder", "http.responders", route.Respond)
if err != nil { if err != nil {
return fmt.Errorf("loading responder module: %v", err) return fmt.Errorf("loading responder module: %v", err)
} }

View file

@ -40,10 +40,10 @@ func (m *acmeManagerMaker) newManager(interactive bool) (certmagic.Manager, erro
return nil, nil return nil, nil
} }
func (m *acmeManagerMaker) Provision() error { func (m *acmeManagerMaker) Provision(ctx caddy2.Context) error {
// DNS providers // DNS providers
if m.Challenges.DNS != nil { if m.Challenges.DNS != nil {
val, err := caddy2.LoadModuleInline("provider", "tls.dns", m.Challenges.DNS) val, err := ctx.LoadModuleInline("provider", "tls.dns", m.Challenges.DNS)
if err != nil { if err != nil {
return fmt.Errorf("loading TLS storage module: %s", err) return fmt.Errorf("loading TLS storage module: %s", err)
} }
@ -53,7 +53,7 @@ func (m *acmeManagerMaker) Provision() error {
// policy-specific storage implementation // policy-specific storage implementation
if m.Storage != nil { if m.Storage != nil {
val, err := caddy2.LoadModuleInline("system", "caddy.storage", m.Storage) val, err := ctx.LoadModuleInline("system", "caddy.storage", m.Storage)
if err != nil { if err != nil {
return fmt.Errorf("loading TLS storage module: %s", err) return fmt.Errorf("loading TLS storage module: %s", err)
} }
@ -93,10 +93,10 @@ func (m *acmeManagerMaker) setDefaults() {
// makeCertMagicConfig converts m into a certmagic.Config, because // makeCertMagicConfig converts m into a certmagic.Config, because
// this is a special case where the default manager is the certmagic // this is a special case where the default manager is the certmagic
// Config and not a separate manager. // Config and not a separate manager.
func (m *acmeManagerMaker) makeCertMagicConfig() certmagic.Config { func (m *acmeManagerMaker) makeCertMagicConfig(ctx caddy2.Context) certmagic.Config {
storage := m.storage storage := m.storage
if storage == nil { if storage == nil {
storage = caddy2.GetStorage() storage = ctx.Storage()
} }
var ond *certmagic.OnDemandConfig var ond *certmagic.OnDemandConfig

View file

@ -18,11 +18,11 @@ type ConnectionPolicies []*ConnectionPolicy
// TLSConfig converts the group of policies to a standard-lib-compatible // TLSConfig converts the group of policies to a standard-lib-compatible
// TLS configuration which selects the first matching policy based on // TLS configuration which selects the first matching policy based on
// the ClientHello. // the ClientHello.
func (cp ConnectionPolicies) TLSConfig(handle caddy2.Handle) (*tls.Config, error) { func (cp ConnectionPolicies) TLSConfig(ctx caddy2.Context) (*tls.Config, error) {
// connection policy matchers // connection policy matchers
for i, pol := range cp { for i, pol := range cp {
for modName, rawMsg := range pol.MatchersRaw { for modName, rawMsg := range pol.MatchersRaw {
val, err := caddy2.LoadModule("tls.handshake_match."+modName, rawMsg) val, err := ctx.LoadModule("tls.handshake_match."+modName, rawMsg)
if err != nil { if err != nil {
return nil, fmt.Errorf("loading handshake matcher module '%s': %s", modName, err) return nil, fmt.Errorf("loading handshake matcher module '%s': %s", modName, err)
} }
@ -33,7 +33,7 @@ func (cp ConnectionPolicies) TLSConfig(handle caddy2.Handle) (*tls.Config, error
// pre-build standard TLS configs so we don't have to at handshake-time // pre-build standard TLS configs so we don't have to at handshake-time
for i := range cp { for i := range cp {
err := cp[i].buildStandardTLSConfig(handle) err := cp[i].buildStandardTLSConfig(ctx)
if err != nil { if err != nil {
return nil, fmt.Errorf("connection policy %d: building standard TLS config: %s", i, err) return nil, fmt.Errorf("connection policy %d: building standard TLS config: %s", i, err)
} }
@ -74,8 +74,8 @@ type ConnectionPolicy struct {
stdTLSConfig *tls.Config stdTLSConfig *tls.Config
} }
func (cp *ConnectionPolicy) buildStandardTLSConfig(handle caddy2.Handle) error { func (cp *ConnectionPolicy) buildStandardTLSConfig(ctx caddy2.Context) error {
tlsAppIface, err := handle.App("tls") tlsAppIface, err := ctx.App("tls")
if err != nil { if err != nil {
return fmt.Errorf("getting tls app: %v", err) return fmt.Errorf("getting tls app: %v", err)
} }

View file

@ -26,10 +26,13 @@ type TLS struct {
certificateLoaders []CertificateLoader certificateLoaders []CertificateLoader
certCache *certmagic.Cache certCache *certmagic.Cache
ctx caddy2.Context
} }
// Provision sets up the configuration for the TLS app. // Provision sets up the configuration for the TLS app.
func (t *TLS) Provision() error { func (t *TLS) Provision(ctx caddy2.Context) error {
t.ctx = ctx
// set up the certificate cache // set up the certificate cache
// TODO: this makes a new cache every time; better to only make a new // TODO: this makes a new cache every time; better to only make a new
// cache (or even better, add/remove only what is necessary) if the // cache (or even better, add/remove only what is necessary) if the
@ -41,7 +44,7 @@ func (t *TLS) Provision() error {
}) })
for i, ap := range t.Automation.Policies { for i, ap := range t.Automation.Policies {
val, err := caddy2.LoadModuleInline("module", "tls.management", ap.Management) val, err := ctx.LoadModuleInline("module", "tls.management", ap.Management)
if err != nil { if err != nil {
return fmt.Errorf("loading TLS automation management module: %s", err) return fmt.Errorf("loading TLS automation management module: %s", err)
} }
@ -54,7 +57,7 @@ func (t *TLS) Provision() error {
if modName == automateKey { if modName == automateKey {
continue // special case; these will be loaded in later continue // special case; these will be loaded in later
} }
val, err := caddy2.LoadModule("tls.certificates."+modName, rawMsg) val, err := ctx.LoadModule("tls.certificates."+modName, rawMsg)
if err != nil { if err != nil {
return fmt.Errorf("loading certificate module '%s': %s", modName, err) return fmt.Errorf("loading certificate module '%s': %s", modName, err)
} }
@ -65,7 +68,7 @@ func (t *TLS) Provision() error {
} }
// Start activates the TLS module. // Start activates the TLS module.
func (t *TLS) Start(handle caddy2.Handle) error { func (t *TLS) Start() error {
// load manual/static (unmanaged) certificates // load manual/static (unmanaged) certificates
for _, loader := range t.certificateLoaders { for _, loader := range t.certificateLoaders {
certs, err := loader.LoadCertificates() certs, err := loader.LoadCertificates()
@ -73,7 +76,7 @@ func (t *TLS) Start(handle caddy2.Handle) error {
return fmt.Errorf("loading certificates: %v", err) return fmt.Errorf("loading certificates: %v", err)
} }
magic := certmagic.New(t.certCache, certmagic.Config{ magic := certmagic.New(t.certCache, certmagic.Config{
Storage: caddy2.GetStorage(), Storage: t.ctx.Storage(),
}) })
for _, cert := range certs { for _, cert := range certs {
err := magic.CacheUnmanagedTLSCertificate(cert) err := magic.CacheUnmanagedTLSCertificate(cert)
@ -114,7 +117,7 @@ func (t *TLS) Stop() error {
func (t *TLS) Manage(names []string) error { func (t *TLS) Manage(names []string) error {
for _, name := range names { for _, name := range names {
ap := t.getAutomationPolicyForName(name) ap := t.getAutomationPolicyForName(name)
magic := certmagic.New(t.certCache, ap.makeCertMagicConfig()) magic := certmagic.New(t.certCache, ap.makeCertMagicConfig(t.ctx))
err := magic.Manage([]string{name}) err := magic.Manage([]string{name})
if err != nil { if err != nil {
return fmt.Errorf("automate: manage %s: %v", name, err) return fmt.Errorf("automate: manage %s: %v", name, err)
@ -130,13 +133,13 @@ func (t *TLS) HandleHTTPChallenge(w http.ResponseWriter, r *http.Request) bool {
return false return false
} }
ap := t.getAutomationPolicyForName(r.Host) ap := t.getAutomationPolicyForName(r.Host)
magic := certmagic.New(t.certCache, ap.makeCertMagicConfig()) magic := certmagic.New(t.certCache, ap.makeCertMagicConfig(t.ctx))
return magic.HandleHTTPChallenge(w, r) return magic.HandleHTTPChallenge(w, r)
} }
func (t *TLS) getConfigForName(name string) (certmagic.Config, error) { func (t *TLS) getConfigForName(name string) (certmagic.Config, error) {
ap := t.getAutomationPolicyForName(name) ap := t.getAutomationPolicyForName(name)
return ap.makeCertMagicConfig(), nil return ap.makeCertMagicConfig(t.ctx), nil
} }
func (t *TLS) getAutomationPolicyForName(name string) AutomationPolicy { func (t *TLS) getAutomationPolicyForName(name string) AutomationPolicy {
@ -178,12 +181,12 @@ type AutomationPolicy struct {
management ManagerMaker management ManagerMaker
} }
func (ap AutomationPolicy) makeCertMagicConfig() certmagic.Config { func (ap AutomationPolicy) makeCertMagicConfig(ctx caddy2.Context) certmagic.Config {
// default manager (ACME) is a special case because of how CertMagic is designed // default manager (ACME) is a special case because of how CertMagic is designed
// TODO: refactor certmagic so that ACME manager is not a special case by extracting // TODO: refactor certmagic so that ACME manager is not a special case by extracting
// its config fields out of the certmagic.Config struct, or something... // its config fields out of the certmagic.Config struct, or something...
if acmeMgmt, ok := ap.management.(*acmeManagerMaker); ok { if acmeMgmt, ok := ap.management.(*acmeManagerMaker); ok {
return acmeMgmt.makeCertMagicConfig() return acmeMgmt.makeCertMagicConfig(ctx)
} }
return certmagic.Config{ return certmagic.Config{