falcon 0.36.4

data/lib/falcon/configuration/lets_encrypt_tls.rb

@@ -0,0 +1,30 @@
+# frozen_string_literal: true
+
+# Copyright, 2019, by Samuel G. D. Williams. <http://www.codeotaku.com>
+# 
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+# 
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+# 
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+load(:tls)
+
+add(:lets_encrypt_tls, :tls) do
+	lets_encrypt_root '/etc/letsencrypt/live'
+	
+	ssl_certificate_path {File.join(lets_encrypt_root, authority, "fullchain.pem")}
+	ssl_private_key_path {File.join(lets_encrypt_root, authority, "privkey.pem")}
+end

data/lib/falcon/configuration/proxy.rb

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+# Copyright, 2019, by Samuel G. D. Williams. <http://www.codeotaku.com>
+# 
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+# 
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+# 
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+add(:proxy) do
+	endpoint {::Async::HTTP::Endpoint.parse(url)}
+	
+	service ::Falcon::Service::Proxy
+end

data/lib/falcon/configuration/rack.rb

@@ -0,0 +1,38 @@
+# frozen_string_literal: true
+
+# Copyright, 2019, by Samuel G. D. Williams. <http://www.codeotaku.com>
+# 
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+# 
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+# 
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+load :application
+
+add(:rack, :application) do
+	config_path {::File.expand_path("config.ru", root)}
+	
+	cache false
+	
+	middleware do
+		app, _ = ::Rack::Builder.parse_file(config_path)
+		
+		::Falcon::Server.middleware(app,
+			verbose: verbose,
+			cache: cache
+		)
+	end
+end

data/lib/falcon/configuration/self_signed_tls.rb

@@ -0,0 +1,47 @@
+# frozen_string_literal: true
+
+# Copyright, 2019, by Samuel G. D. Williams. <http://www.codeotaku.com>
+# 
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+# 
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+# 
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+require 'localhost/authority'
+
+add(:self_signed_tls) do
+	ssl_session_id {"falcon"}
+	
+	ssl_context do
+		contexts = Localhost::Authority.fetch(authority)
+		
+		contexts.server_context.tap do |context|
+			context.alpn_select_cb = lambda do |protocols|
+				if protocols.include? "h2"
+					return "h2"
+				elsif protocols.include? "http/1.1"
+					return "http/1.1"
+				elsif protocols.include? "http/1.0"
+					return "http/1.0"
+				else
+					return nil
+				end
+			end
+			
+			context.session_id_context = ssl_session_id
+		end
+	end
+end

data/lib/falcon/configuration/supervisor.rb

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+
+# Copyright, 2019, by Samuel G. D. Williams. <http://www.codeotaku.com>
+# 
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+# 
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+# 
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+require_relative '../service/supervisor'
+
+add(:supervisor) do
+	start true
+	
+	name "supervisor"
+	
+	ipc_path {::File.expand_path("supervisor.ipc", root)}
+	
+	endpoint {Async::IO::Endpoint.unix(ipc_path)}
+	
+	service do
+		::Falcon::Service::Supervisor
+	end
+end

data/lib/falcon/configuration/tls.rb

@@ -0,0 +1,70 @@
+# frozen_string_literal: true
+
+# Copyright, 2019, by Samuel G. D. Williams. <http://www.codeotaku.com>
+# 
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+# 
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+# 
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+require_relative '../extensions/openssl'
+require_relative '../controller/proxy'
+require_relative '../tls'
+
+add(:tls) do
+	ssl_session_id "falcon"
+	ssl_ciphers Falcon::TLS::SERVER_CIPHERS
+	
+	ssl_certificate_path {File.expand_path("ssl/certificate.pem", root)}
+	ssl_certificates {OpenSSL::X509.load_certificates(ssl_certificate_path)}
+	
+	ssl_certificate {ssl_certificates[0]}
+	ssl_certificate_chain {ssl_certificates[1..-1]}
+	
+	ssl_private_key_path {File.expand_path("ssl/private.key", root)}
+	ssl_private_key {OpenSSL::PKey::RSA.new(File.read(ssl_private_key_path))}
+	
+	ssl_context do
+		OpenSSL::SSL::SSLContext.new.tap do |context|
+			context.add_certificate(ssl_certificate, ssl_private_key, ssl_certificate_chain)
+			
+			context.session_cache_mode = OpenSSL::SSL::SSLContext::SESSION_CACHE_CLIENT
+			context.session_id_context = ssl_session_id
+			
+			context.alpn_select_cb = lambda do |protocols|
+				if protocols.include? "h2"
+					return "h2"
+				elsif protocols.include? "http/1.1"
+					return "http/1.1"
+				elsif protocols.include? "http/1.0"
+					return "http/1.0"
+				else
+					return nil
+				end
+			end
+			
+			# TODO Ruby 2.4 requires using ssl_version.
+			context.ssl_version = :TLSv1_2_server
+			
+			context.set_params(
+				ciphers: ssl_ciphers,
+				verify_mode: OpenSSL::SSL::VERIFY_NONE,
+			)
+			
+			context.setup
+		end
+	end
+end

data/lib/falcon/controller/host.rb

@@ -0,0 +1,60 @@
+# frozen_string_literal: true
+
+# Copyright, 2019, by Samuel G. D. Williams. <http://www.codeotaku.com>
+# 
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+# 
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+# 
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+require_relative '../services'
+
+require 'async/container/controller'
+
+module Falcon
+	module Controller
+		class Host < Async::Container::Controller
+			def initialize(command, **options)
+				@command = command
+				
+				@configuration = command.configuration
+				@services = Services.new(@configuration)
+				
+				super(**options)
+			end
+			
+			def create_container
+				@command.container_class.new
+			end
+			
+			def start
+				@services.start
+				
+				super
+			end
+			
+			def setup(container)
+				@services.setup(container)
+			end
+			
+			def stop(*)
+				@services.stop
+				
+				super
+			end
+		end
+	end
+end

data/lib/falcon/controller/proxy.rb

@@ -0,0 +1,109 @@
+# frozen_string_literal: true
+
+# Copyright, 2018, by Samuel G. D. Williams. <http://www.codeotaku.com>
+# 
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+# 
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+# 
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+require 'async/container/controller'
+
+require_relative 'serve'
+require_relative '../middleware/proxy'
+require_relative '../service/proxy'
+
+require_relative '../tls'
+
+module Falcon
+	module Controller
+		class Proxy < Serve
+			DEFAULT_SESSION_ID = "falcon"
+			
+			def initialize(command, session_id: DEFAULT_SESSION_ID, **options)
+				super(command, **options)
+				
+				@session_id = session_id
+				@hosts = {}
+			end
+			
+			def load_app
+				return Middleware::Proxy.new(Middleware::BadRequest, @hosts)
+			end
+			
+			def name
+				"Falcon Proxy Server"
+			end
+			
+			def host_context(socket, hostname)
+				if host = @hosts[hostname]
+					Async.logger.debug(self) {"Resolving #{hostname} -> #{host}"}
+					
+					socket.hostname = hostname
+					
+					return host.ssl_context
+				else
+					Async.logger.warn(self) {"Unable to resolve #{hostname}!"}
+					
+					return nil
+				end
+			end
+			
+			def ssl_context
+				@server_context ||= OpenSSL::SSL::SSLContext.new.tap do |context|
+					context.servername_cb = Proc.new do |socket, hostname|
+						self.host_context(socket, hostname)
+					end
+					
+					context.session_id_context = @session_id
+					
+					context.ssl_version = :TLSv1_2_server
+					
+					context.set_params(
+						ciphers: TLS::SERVER_CIPHERS,
+						verify_mode: OpenSSL::SSL::VERIFY_NONE,
+					)
+					
+					context.setup
+				end
+			end
+			
+			def endpoint
+				@command.endpoint.with(
+					ssl_context: self.ssl_context,
+					reuse_address: true,
+				)
+			end
+			
+			def start
+				configuration = @command.configuration
+				
+				services = Services.new(configuration)
+				
+				@hosts = {}
+				
+				services.each do |service|
+					if service.is_a?(Service::Proxy)
+						Async.logger.info(self) {"Proxying #{service.authority} to #{service.endpoint}"}
+						@hosts[service.authority] = service
+					end
+				end
+				
+				super
+			end
+		end
+	end
+end

data/lib/falcon/controller/redirect.rb

@@ -0,0 +1,69 @@
+# frozen_string_literal: true
+
+# Copyright, 2018, by Samuel G. D. Williams. <http://www.codeotaku.com>
+# 
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+# 
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+# 
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+require 'async/container/controller'
+
+require_relative 'serve'
+require_relative '../middleware/redirect'
+require_relative '../service/proxy'
+
+module Falcon
+	module Controller
+		class Redirect < Serve
+			def initialize(command, **options)
+				super(command, **options)
+				
+				@hosts = {}
+			end
+			
+			def load_app
+				return Middleware::Redirect.new(Middleware::NotFound, @hosts, @command.redirect_endpoint)
+			end
+			
+			def name
+				"Falcon Redirect Server"
+			end
+			
+			def endpoint
+				@command.endpoint.with(
+					reuse_address: true,
+				)
+			end
+			
+			def start
+				configuration = @command.configuration
+				
+				services = Services.new(configuration)
+				
+				@hosts = {}
+				
+				services.each do |service|
+					if service.is_a?(Service::Proxy)
+						@hosts[service.authority] = service
+					end
+				end
+				
+				super
+			end
+		end
+	end
+end