2020-02-07 16:36:28 +00:00
|
|
|
// Copyright (C) 2020 Storj Labs, Inc.
|
|
|
|
|
// See LICENSE for copying information.
|
|
|
|
|
|
|
|
|
|
// Package admin implements administrative endpoints for satellite.
|
|
|
|
|
package admin
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"context"
|
2020-02-07 17:24:58 +00:00
|
|
|
"crypto/subtle"
|
2020-04-16 16:50:22 +01:00
|
|
|
"errors"
|
2020-02-07 16:36:28 +00:00
|
|
|
"net"
|
|
|
|
|
"net/http"
|
|
|
|
|
|
|
|
|
|
"github.com/gorilla/mux"
|
|
|
|
|
"go.uber.org/zap"
|
|
|
|
|
"golang.org/x/sync/errgroup"
|
2020-02-07 17:24:58 +00:00
|
|
|
|
2020-04-16 16:50:22 +01:00
|
|
|
"storj.io/common/errs2"
|
2020-02-07 17:24:58 +00:00
|
|
|
"storj.io/storj/satellite/accounting"
|
|
|
|
|
"storj.io/storj/satellite/console"
|
2020-05-18 18:36:09 +01:00
|
|
|
"storj.io/storj/satellite/metainfo"
|
2020-02-07 16:36:28 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
// Config defines configuration for debug server.
|
|
|
|
|
type Config struct {
|
|
|
|
|
Address string `help:"admin peer http listening address" releaseDefault:"" devDefault:""`
|
2020-02-07 17:24:58 +00:00
|
|
|
|
|
|
|
|
AuthorizationToken string `internal:"true"`
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// DB is databases needed for the admin server.
|
|
|
|
|
type DB interface {
|
|
|
|
|
// ProjectAccounting returns database for storing information about project data use
|
|
|
|
|
ProjectAccounting() accounting.ProjectAccounting
|
|
|
|
|
// Console returns database for satellite console
|
|
|
|
|
Console() console.DB
|
2020-05-18 18:36:09 +01:00
|
|
|
// Buckets returns database for satellite buckets
|
|
|
|
|
Buckets() metainfo.BucketsDB
|
2020-02-07 16:36:28 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Server provides endpoints for debugging.
|
|
|
|
|
type Server struct {
|
|
|
|
|
log *zap.Logger
|
|
|
|
|
|
|
|
|
|
listener net.Listener
|
|
|
|
|
server http.Server
|
2020-02-07 17:24:58 +00:00
|
|
|
mux *mux.Router
|
|
|
|
|
|
|
|
|
|
db DB
|
2020-02-07 16:36:28 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// NewServer returns a new debug.Server.
|
2020-02-07 17:24:58 +00:00
|
|
|
func NewServer(log *zap.Logger, listener net.Listener, db DB, config Config) *Server {
|
|
|
|
|
server := &Server{
|
|
|
|
|
log: log,
|
|
|
|
|
}
|
2020-02-07 16:36:28 +00:00
|
|
|
|
2020-02-07 17:24:58 +00:00
|
|
|
server.db = db
|
2020-02-07 16:36:28 +00:00
|
|
|
server.listener = listener
|
2020-02-07 17:24:58 +00:00
|
|
|
server.mux = mux.NewRouter()
|
|
|
|
|
server.server.Handler = &protectedServer{
|
|
|
|
|
allowedAuthorization: config.AuthorizationToken,
|
|
|
|
|
next: server.mux,
|
|
|
|
|
}
|
|
|
|
|
|
2020-04-28 18:06:59 +01:00
|
|
|
// When adding new options, also update README.md
|
2020-05-18 21:37:18 +01:00
|
|
|
server.mux.HandleFunc("/api/user", server.addUser).Methods("POST")
|
2020-04-06 19:29:32 +01:00
|
|
|
server.mux.HandleFunc("/api/user/{useremail}", server.userInfo).Methods("GET")
|
|
|
|
|
server.mux.HandleFunc("/api/project/{project}/limit", server.getProjectLimit).Methods("GET")
|
|
|
|
|
server.mux.HandleFunc("/api/project/{project}/limit", server.putProjectLimit).Methods("PUT", "POST")
|
2020-05-18 18:36:09 +01:00
|
|
|
server.mux.HandleFunc("/api/project/{project}", server.deleteProject).Methods("DELETE")
|
2020-05-11 17:05:36 +01:00
|
|
|
server.mux.HandleFunc("/api/project", server.addProject).Methods("POST")
|
2020-02-07 16:36:28 +00:00
|
|
|
|
|
|
|
|
return server
|
|
|
|
|
}
|
|
|
|
|
|
2020-02-07 17:24:58 +00:00
|
|
|
type protectedServer struct {
|
|
|
|
|
allowedAuthorization string
|
|
|
|
|
|
|
|
|
|
next http.Handler
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (server *protectedServer) ServeHTTP(w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
if server.allowedAuthorization == "" {
|
|
|
|
|
http.Error(w, "Authorization not enabled.", http.StatusForbidden)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
equality := subtle.ConstantTimeCompare(
|
|
|
|
|
[]byte(r.Header.Get("Authorization")),
|
|
|
|
|
[]byte(server.allowedAuthorization),
|
|
|
|
|
)
|
|
|
|
|
if equality != 1 {
|
|
|
|
|
http.Error(w, "Forbidden", http.StatusForbidden)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
r.Header.Set("Cache-Control", "must-revalidate")
|
|
|
|
|
|
|
|
|
|
server.next.ServeHTTP(w, r)
|
|
|
|
|
}
|
|
|
|
|
|
2020-02-07 16:36:28 +00:00
|
|
|
// Run starts the debug endpoint.
|
|
|
|
|
func (server *Server) Run(ctx context.Context) error {
|
|
|
|
|
if server.listener == nil {
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ctx, cancel := context.WithCancel(ctx)
|
|
|
|
|
var group errgroup.Group
|
|
|
|
|
group.Go(func() error {
|
|
|
|
|
<-ctx.Done()
|
|
|
|
|
return Error.Wrap(server.server.Shutdown(context.Background()))
|
|
|
|
|
})
|
|
|
|
|
group.Go(func() error {
|
|
|
|
|
defer cancel()
|
2020-04-16 16:50:22 +01:00
|
|
|
err := server.server.Serve(server.listener)
|
|
|
|
|
if errs2.IsCanceled(err) || errors.Is(err, http.ErrServerClosed) {
|
|
|
|
|
err = nil
|
|
|
|
|
}
|
|
|
|
|
return Error.Wrap(err)
|
2020-02-07 16:36:28 +00:00
|
|
|
})
|
|
|
|
|
return group.Wait()
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Close closes server and underlying listener.
|
|
|
|
|
func (server *Server) Close() error {
|
|
|
|
|
return Error.Wrap(server.server.Close())
|
|
|
|
|
}
|
