mirror of
https://github.com/garethgeorge/backrest.git
synced 2025-12-12 16:55:39 +00:00
190 lines
5.2 KiB
Go
190 lines
5.2 KiB
Go
package main
|
|
|
|
import (
|
|
"context"
|
|
"crypto/rand"
|
|
"errors"
|
|
"flag"
|
|
"net/http"
|
|
"os"
|
|
"os/signal"
|
|
"path"
|
|
"strings"
|
|
"sync"
|
|
"syscall"
|
|
|
|
rice "github.com/GeertJohan/go.rice"
|
|
"github.com/garethgeorge/backrest/gen/go/v1/v1connect"
|
|
"github.com/garethgeorge/backrest/internal/api"
|
|
"github.com/garethgeorge/backrest/internal/auth"
|
|
"github.com/garethgeorge/backrest/internal/config"
|
|
"github.com/garethgeorge/backrest/internal/oplog"
|
|
"github.com/garethgeorge/backrest/internal/orchestrator"
|
|
"github.com/garethgeorge/backrest/internal/resticinstaller"
|
|
"github.com/garethgeorge/backrest/internal/rotatinglog"
|
|
"github.com/mattn/go-colorable"
|
|
"go.etcd.io/bbolt"
|
|
"go.uber.org/zap"
|
|
"go.uber.org/zap/zapcore"
|
|
"golang.org/x/net/http2"
|
|
"golang.org/x/net/http2/h2c"
|
|
)
|
|
|
|
func main() {
|
|
flag.Parse()
|
|
ctx, cancel := context.WithCancel(context.Background())
|
|
go onterm(cancel)
|
|
|
|
resticPath, err := resticinstaller.FindOrInstallResticBinary()
|
|
if err != nil {
|
|
zap.S().Fatalf("Error finding or installing restic: %v", err)
|
|
}
|
|
|
|
// Load the configuration
|
|
configStore := createConfigProvider()
|
|
cfg, err := configStore.Get()
|
|
if err != nil {
|
|
zap.S().Fatalf("Error loading config: %v", err)
|
|
}
|
|
|
|
// Create the authenticator
|
|
authenticator := auth.NewAuthenticator(getSecret(), configStore)
|
|
|
|
var wg sync.WaitGroup
|
|
|
|
// Create / load the operation log
|
|
oplogFile := path.Join(config.DataDir(), "oplog.boltdb")
|
|
oplog, err := oplog.NewOpLog(oplogFile)
|
|
if err != nil {
|
|
if !errors.Is(err, bbolt.ErrTimeout) {
|
|
zap.S().Fatalf("Timeout while waiting to open database, is the database open elsewhere?")
|
|
}
|
|
zap.S().Warnf("Operation log may be corrupted, if errors recur delete the file %q and restart. Your backups stored in your repos are safe.", oplogFile)
|
|
zap.S().Fatalf("Error creating oplog : %v", err)
|
|
}
|
|
defer oplog.Close()
|
|
|
|
// Create rotating log storage
|
|
logStore := rotatinglog.NewRotatingLog(path.Join(config.DataDir(), "rotatinglogs"), 30)
|
|
if err != nil {
|
|
zap.S().Fatalf("Error creating rotating log storage: %v", err)
|
|
}
|
|
|
|
// Create orchestrator and start task loop.
|
|
orchestrator, err := orchestrator.NewOrchestrator(resticPath, cfg, oplog, logStore)
|
|
if err != nil {
|
|
zap.S().Fatalf("Error creating orchestrator: %v", err)
|
|
}
|
|
|
|
wg.Add(1)
|
|
go func() {
|
|
orchestrator.Run(ctx)
|
|
wg.Done()
|
|
}()
|
|
|
|
// Create and serve the HTTP gateway
|
|
apiBackrestHandler := api.NewBackrestHandler(
|
|
configStore,
|
|
orchestrator,
|
|
oplog,
|
|
logStore,
|
|
)
|
|
|
|
apiAuthenticationHandler := api.NewAuthenticationHandler(authenticator)
|
|
|
|
mux := http.NewServeMux()
|
|
|
|
if box, err := rice.FindBox("webui/dist"); err == nil {
|
|
mux.Handle("/", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
if strings.HasSuffix(r.URL.Path, "/") {
|
|
r.URL.Path += "index.html"
|
|
}
|
|
f, err := box.Open(r.URL.Path + ".gz")
|
|
if err == nil {
|
|
defer f.Close()
|
|
w.Header().Set("Content-Encoding", "gzip")
|
|
http.ServeContent(w, r, r.URL.Path, box.Time(), f)
|
|
return
|
|
}
|
|
f, err = box.Open(r.URL.Path)
|
|
if err == nil {
|
|
defer f.Close()
|
|
http.ServeContent(w, r, r.URL.Path, box.Time(), f)
|
|
return
|
|
}
|
|
http.Error(w, "Not found", http.StatusNotFound)
|
|
}))
|
|
} else {
|
|
zap.S().Warnf("Error loading static assets, not serving UI: %v", err)
|
|
}
|
|
|
|
mux.Handle(v1connect.NewAuthenticationHandler(apiAuthenticationHandler))
|
|
backrestHandlerPath, backrestHandler := v1connect.NewBackrestHandler(apiBackrestHandler)
|
|
mux.Handle(backrestHandlerPath, auth.RequireAuthentication(backrestHandler, authenticator))
|
|
|
|
// Serve the HTTP gateway
|
|
server := &http.Server{
|
|
Addr: config.BindAddress(),
|
|
Handler: h2c.NewHandler(mux, &http2.Server{}), // h2c is HTTP/2 without TLS for grpc-connect support.
|
|
}
|
|
|
|
zap.S().Infof("Starting web server %v", server.Addr)
|
|
go func() {
|
|
<-ctx.Done()
|
|
server.Shutdown(context.Background())
|
|
}()
|
|
if err := server.ListenAndServe(); !errors.Is(err, http.ErrServerClosed) {
|
|
zap.L().Error("Error starting server", zap.Error(err))
|
|
}
|
|
zap.L().Info("HTTP gateway shutdown")
|
|
|
|
wg.Wait()
|
|
}
|
|
|
|
func init() {
|
|
zap.ReplaceGlobals(zap.Must(zap.NewProduction()))
|
|
if !strings.HasPrefix(os.Getenv("ENV"), "prod") {
|
|
c := zap.NewDevelopmentEncoderConfig()
|
|
c.EncodeLevel = zapcore.CapitalColorLevelEncoder
|
|
c.EncodeTime = zapcore.ISO8601TimeEncoder
|
|
l := zap.New(zapcore.NewCore(
|
|
zapcore.NewConsoleEncoder(c),
|
|
zapcore.AddSync(colorable.NewColorableStdout()),
|
|
zapcore.DebugLevel,
|
|
))
|
|
zap.ReplaceGlobals(l)
|
|
}
|
|
}
|
|
|
|
func createConfigProvider() config.ConfigStore {
|
|
return &config.CachingValidatingStore{
|
|
ConfigStore: &config.JsonFileStore{Path: config.ConfigFilePath()},
|
|
}
|
|
}
|
|
|
|
func onterm(callback func()) {
|
|
sigchan := make(chan os.Signal, 1)
|
|
signal.Notify(sigchan, os.Interrupt, syscall.SIGTERM)
|
|
<-sigchan
|
|
callback()
|
|
}
|
|
|
|
func getSecret() []byte {
|
|
secretFile := path.Join(config.DataDir(), "jwt-secret")
|
|
data, err := os.ReadFile(secretFile)
|
|
if err == nil {
|
|
zap.L().Debug("Loaded auth secret from file")
|
|
return data
|
|
}
|
|
|
|
zap.L().Info("Generating new auth secret")
|
|
secret := make([]byte, 64)
|
|
if n, err := rand.Read(secret); err != nil || n != 64 {
|
|
zap.S().Fatalf("Error generating secret: %v", err)
|
|
}
|
|
if err := os.WriteFile(secretFile, secret, 0600); err != nil {
|
|
zap.S().Fatalf("Error writing secret to file: %v", err)
|
|
}
|
|
return secret
|
|
}
|