itsi-scheduler 0.1.5 → 0.2.3

data/ext/itsi_server/src/ruby_types/mod.rs

@@ -0,0 +1,48 @@
+use magnus::{value::Lazy, Module, RClass, RModule};
+
+pub mod itsi_body_proxy;
+pub mod itsi_grpc_call;
+pub mod itsi_grpc_response_stream;
+pub mod itsi_http_request;
+pub mod itsi_http_response;
+pub mod itsi_server;
+
+pub static ITSI_MODULE: Lazy<RModule> = Lazy::new(|ruby| ruby.define_module("Itsi").unwrap());
+pub static ITSI_SERVER: Lazy<RClass> = Lazy::new(|ruby| {
+    ruby.get_inner(&ITSI_MODULE)
+        .define_class("Server", ruby.class_object())
+        .unwrap()
+});
+
+pub static ITSI_SERVER_CONFIG: Lazy<RModule> =
+    Lazy::new(|ruby| ruby.get_inner(&ITSI_SERVER).const_get("Config").unwrap());
+
+pub static ITSI_REQUEST: Lazy<RClass> = Lazy::new(|ruby| {
+    ruby.get_inner(&ITSI_MODULE)
+        .define_class("HttpRequest", ruby.class_object())
+        .unwrap()
+});
+
+pub static ITSI_RESPONSE: Lazy<RClass> = Lazy::new(|ruby| {
+    ruby.get_inner(&ITSI_MODULE)
+        .define_class("HttpResponse", ruby.class_object())
+        .unwrap()
+});
+
+pub static ITSI_BODY_PROXY: Lazy<RClass> = Lazy::new(|ruby| {
+    ruby.get_inner(&ITSI_MODULE)
+        .define_class("BodyProxy", ruby.class_object())
+        .unwrap()
+});
+
+pub static ITSI_GRPC_CALL: Lazy<RClass> = Lazy::new(|ruby| {
+    ruby.get_inner(&ITSI_MODULE)
+        .define_class("GrpcCall", ruby.class_object())
+        .unwrap()
+});
+
+pub static ITSI_GRPC_RESPONSE_STREAM: Lazy<RClass> = Lazy::new(|ruby| {
+    ruby.get_inner(&ITSI_MODULE)
+        .define_class("GrpcResponseStream", ruby.class_object())
+        .unwrap()
+});

data/ext/itsi_server/src/server/{bind.rs → binds/bind.rs}

@@ -2,6 +2,7 @@ use super::{
     bind_protocol::BindProtocol,
     tls::{configure_tls, ItsiTlsAcceptor},
 };
+use crate::prelude::*;
 use itsi_error::ItsiError;
 use std::{
     collections::HashMap,
@@ -9,6 +10,8 @@ use std::{
     path::PathBuf,
     str::FromStr,
 };
+use tracing::{instrument, Level};
+
 #[derive(Debug, Clone)]
 pub enum BindAddress {
     Ip(IpAddr),
@@ -27,16 +30,36 @@ pub struct Bind {
     pub address: BindAddress,
     pub port: Option<u16>, // None for Unix Sockets
     pub protocol: BindProtocol,
-    pub tls_config: Option<ItsiTlsAcceptor>,
+    pub tls_config: Option<TlsOptions>,
+}
+
+#[derive(Default, Clone)]
+pub struct TlsOptions {
+    pub host: String,
+    pub options: HashMap<String, String>,
+}
+
+impl TlsOptions {
+    pub fn build_acceptor(&self) -> Result<ItsiTlsAcceptor> {
+        configure_tls(&self.host, &self.options)
+    }
+}
+
+impl Bind {
+    pub fn listener_address_string(&self) -> String {
+        match &self.address {
+            BindAddress::Ip(ip) => format!("tcp://{}:{}", ip.to_canonical(), self.port.unwrap()),
+            BindAddress::UnixSocket(path) => {
+                format!("unix://{}", path.as_path().to_str().unwrap())
+            }
+        }
+    }
 }
 
 impl std::fmt::Debug for Bind {
     fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
         match &self.address {
             BindAddress::Ip(ip) => match self.protocol {
-                BindProtocol::Unix | BindProtocol::Unixs => {
-                    write!(f, "{}://{}", self.protocol, ip)
-                }
                 BindProtocol::Https if self.port == Some(443) => {
                     write!(f, "{}://{}", self.protocol, ip)
                 }
@@ -64,7 +87,8 @@ impl std::fmt::Debug for Bind {
 impl FromStr for Bind {
     type Err = ItsiError;
 
-    fn from_str(s: &str) -> Result<Self, Self::Err> {
+    #[instrument(ret(level = Level::DEBUG))]
+    fn from_str(s: &str) -> std::result::Result<Self, Self::Err> {
         let (protocol, remainder) = if let Some((proto, rest)) = s.split_once("://") {
             (proto.parse::<BindProtocol>()?, rest)
         } else {
@@ -100,7 +124,7 @@ impl FromStr for Bind {
                     "IPv6 addresses must use [ ] when specifying a port".to_owned(),
                 ));
             } else {
-                (h, None) // Treat as a hostname
+                (h, p.parse::<u16>().ok()) // Treat as a hostname
             }
         } else {
             (url, None)
@@ -109,33 +133,43 @@ impl FromStr for Bind {
         let address = if let Ok(ip) = host.parse::<IpAddr>() {
             BindAddress::Ip(ip)
         } else {
-            resolve_hostname(host)
-                .map(BindAddress::Ip)
-                .ok_or(ItsiError::ArgumentError(format!(
-                    "Failed to resolve hostname {}",
-                    host
-                )))?
+            match protocol {
+                BindProtocol::Https | BindProtocol::Http => resolve_hostname(host)
+                    .map(BindAddress::Ip)
+                    .ok_or(ItsiError::ArgumentError(format!(
+                        "Failed to resolve hostname {}",
+                        host
+                    )))?,
+                BindProtocol::Unix | BindProtocol::Unixs => BindAddress::UnixSocket(host.into()),
+            }
         };
-        let (port, address) = match protocol {
-            BindProtocol::Http => (port.or(Some(80)), address),
-            BindProtocol::Https => (port.or(Some(443)), address),
-            BindProtocol::Unix => (None, BindAddress::UnixSocket(host.into())),
-            BindProtocol::Unixs => (None, BindAddress::UnixSocket(host.into())),
+
+        let port = match protocol {
+            BindProtocol::Http => port.or(Some(80)),
+            BindProtocol::Https => port.or(Some(443)),
+            BindProtocol::Unix => None,
+            BindProtocol::Unixs => None,
         };
 
         let tls_config = match protocol {
             BindProtocol::Http => None,
-            BindProtocol::Https => Some(configure_tls(host, &options)?),
+            BindProtocol::Https => Some(TlsOptions {
+                host: host.to_owned(),
+                options,
+            }),
             BindProtocol::Unix => None,
-            BindProtocol::Unixs => Some(configure_tls(host, &options)?),
+            BindProtocol::Unixs => Some(TlsOptions {
+                host: host.to_owned(),
+                options,
+            }),
         };
-
-        Ok(Self {
+        let bind = Self {
             address,
             port,
             protocol,
             tls_config,
-        })
+        };
+        Ok(bind)
     }
 }
 
@@ -148,13 +182,14 @@ fn parse_bind_options(query: &str) -> HashMap<String, String> {
 }
 
 /// Attempts to resolve a hostname into an IP address.
+#[instrument(ret(level = Level::DEBUG))]
 fn resolve_hostname(hostname: &str) -> Option<IpAddr> {
     (hostname, 0)
         .to_socket_addrs()
         .ok()?
         .find_map(|addr| {
-            if addr.is_ipv6() {
-                Some(addr.ip()) // Prefer IPv6
+            if addr.is_ipv4() {
+                Some(addr.ip()) // Prefer IPv4
             } else {
                 None
             }

data/ext/itsi_server/src/server/binds/listener.rs

@@ -0,0 +1,444 @@
+use crate::prelude::*;
+use crate::ruby_types::itsi_server::itsi_server_config::SocketOpts;
+use crate::server::io_stream::IoStream;
+use crate::server::serve_strategy::single_mode::RunningPhase;
+
+use super::bind::{Bind, BindAddress};
+use super::bind_protocol::BindProtocol;
+
+use super::tls::ItsiTlsAcceptor;
+use itsi_error::{ItsiError, Result};
+use itsi_tracing::info;
+use socket2::{Domain, Protocol, Socket, Type};
+use std::fmt::Display;
+use std::net::{IpAddr, SocketAddr, TcpListener};
+use std::os::fd::{AsRawFd, FromRawFd, RawFd};
+use std::sync::Arc;
+use std::{os::unix::net::UnixListener, path::PathBuf};
+use tokio::net::TcpListener as TokioTcpListener;
+use tokio::net::UnixListener as TokioUnixListener;
+use tokio::net::{unix, TcpStream, UnixStream};
+use tokio::sync::watch::Receiver;
+use tokio_rustls::TlsAcceptor;
+use tokio_stream::StreamExt;
+
+pub(crate) enum Listener {
+    Tcp(TcpListener),
+    TcpTls((TcpListener, ItsiTlsAcceptor)),
+    Unix(UnixListener),
+    UnixTls((UnixListener, ItsiTlsAcceptor)),
+}
+
+pub(crate) enum TokioListener {
+    Tcp(TokioTcpListener),
+    TcpTls(TokioTcpListener, ItsiTlsAcceptor),
+    Unix(TokioUnixListener),
+    UnixTls(TokioUnixListener, ItsiTlsAcceptor),
+}
+
+#[derive(Debug, Clone)]
+pub struct ListenerInfo {
+    pub host: String,
+    pub port: u16,
+    pub scheme: String,
+}
+
+impl TokioListener {
+    pub fn listener_info(&self) -> ListenerInfo {
+        match self {
+            TokioListener::Tcp(listener) => ListenerInfo {
+                host: listener
+                    .local_addr()
+                    .unwrap()
+                    .ip()
+                    .to_canonical()
+                    .to_string(),
+                port: listener.local_addr().unwrap().port(),
+                scheme: "http".to_string(),
+            },
+            TokioListener::TcpTls(listener, _) => ListenerInfo {
+                host: listener
+                    .local_addr()
+                    .unwrap()
+                    .ip()
+                    .to_canonical()
+                    .to_string(),
+                port: listener.local_addr().unwrap().port(),
+                scheme: "https".to_string(),
+            },
+            TokioListener::Unix(listener) => ListenerInfo {
+                host: listener
+                    .local_addr()
+                    .unwrap()
+                    .as_pathname()
+                    .unwrap()
+                    .to_str()
+                    .unwrap()
+                    .to_owned(),
+                port: 0,
+                scheme: "unix".to_string(),
+            },
+            TokioListener::UnixTls(listener, _) => ListenerInfo {
+                host: listener
+                    .local_addr()
+                    .unwrap()
+                    .as_pathname()
+                    .unwrap()
+                    .to_str()
+                    .unwrap()
+                    .to_owned(),
+                port: 0,
+                scheme: "ssl".to_string(),
+            },
+        }
+    }
+
+    pub(crate) async fn accept(&self) -> Result<IoStream> {
+        match self {
+            TokioListener::Tcp(listener) => TokioListener::accept_tcp(listener).await,
+            TokioListener::TcpTls(listener, acceptor) => {
+                TokioListener::accept_tls(listener, acceptor).await
+            }
+            TokioListener::Unix(listener) => TokioListener::accept_unix(listener).await,
+            TokioListener::UnixTls(listener, acceptor) => {
+                TokioListener::accept_unix_tls(listener, acceptor).await
+            }
+        }
+    }
+
+    async fn accept_tcp(listener: &TokioTcpListener) -> Result<IoStream> {
+        let tcp_stream = listener.accept().await?;
+        Self::to_tokio_io(Stream::TcpStream(tcp_stream), None).await
+    }
+
+    pub async fn spawn_state_task(&self, mut shutdown_receiver: Receiver<RunningPhase>) {
+        if let TokioListener::TcpTls(
+            _,
+            ItsiTlsAcceptor::Automatic(_acme_acceptor, state, _server_config),
+        ) = self
+        {
+            let mut state = state.lock().await;
+            loop {
+                tokio::select! {
+                  stream_event = StreamExt::next(&mut *state) => {
+                      match stream_event {
+                        Some(event) => info!("ACME Event: {:?}", event),
+                        None => error!("Received no acme event"),
+                      }
+                  },
+                  _ = shutdown_receiver.changed() => {
+                      break;
+                  }
+                }
+            }
+        }
+    }
+
+    async fn accept_tls(
+        listener: &TokioTcpListener,
+        acceptor: &ItsiTlsAcceptor,
+    ) -> Result<IoStream> {
+        let tcp_stream = listener.accept().await?;
+        match acceptor {
+            ItsiTlsAcceptor::Manual(tls_acceptor) => {
+                Self::to_tokio_io(Stream::TcpStream(tcp_stream), Some(tls_acceptor)).await
+            }
+            ItsiTlsAcceptor::Automatic(acme_acceptor, _, rustls_config) => {
+                let accept_future = acme_acceptor.accept(tcp_stream.0);
+                match accept_future.await {
+                    Ok(None) => Err(ItsiError::Pass),
+                    Ok(Some(start_handshake)) => {
+                        let tls_stream = start_handshake.into_stream(rustls_config.clone()).await?;
+                        Ok(IoStream::TcpTls {
+                            stream: tls_stream,
+                            addr: SockAddr::Tcp(Arc::new(tcp_stream.1)),
+                        })
+                    }
+                    Err(error) => {
+                        error!(error = format!("{:?}", error));
+                        Err(ItsiError::Pass)
+                    }
+                }
+            }
+        }
+    }
+
+    async fn accept_unix(listener: &TokioUnixListener) -> Result<IoStream> {
+        let unix_stream = listener.accept().await?;
+        Self::to_tokio_io(Stream::UnixStream(unix_stream), None).await
+    }
+
+    async fn accept_unix_tls(
+        listener: &TokioUnixListener,
+        acceptor: &ItsiTlsAcceptor,
+    ) -> Result<IoStream> {
+        let unix_stream = listener.accept().await?;
+        match acceptor {
+            ItsiTlsAcceptor::Manual(tls_acceptor) => {
+                Self::to_tokio_io(Stream::UnixStream(unix_stream), Some(tls_acceptor)).await
+            }
+            ItsiTlsAcceptor::Automatic(_, _, _) => {
+                error!("Automatic TLS not supported on Unix sockets");
+                Err(ItsiError::UnsupportedProtocol(
+                    "Automatic TLS on Unix Sockets".to_owned(),
+                ))
+            }
+        }
+    }
+
+    async fn to_tokio_io(
+        input_stream: Stream,
+        tls_acceptor: Option<&TlsAcceptor>,
+    ) -> Result<IoStream> {
+        match tls_acceptor {
+            Some(acceptor) => match input_stream {
+                Stream::TcpStream((tcp_stream, socket_address)) => {
+                    match acceptor.accept(tcp_stream).await {
+                        Ok(tls_stream) => Ok(IoStream::TcpTls {
+                            stream: tls_stream,
+                            addr: SockAddr::Tcp(Arc::new(socket_address)),
+                        }),
+                        Err(err) => Err(err.into()),
+                    }
+                }
+                Stream::UnixStream((unix_stream, socket_address)) => {
+                    match acceptor.accept(unix_stream).await {
+                        Ok(tls_stream) => Ok(IoStream::UnixTls {
+                            stream: tls_stream,
+                            addr: SockAddr::Unix(Arc::new(socket_address)),
+                        }),
+                        Err(err) => Err(err.into()),
+                    }
+                }
+            },
+            None => match input_stream {
+                Stream::TcpStream((tcp_stream, socket_address)) => Ok(IoStream::Tcp {
+                    stream: tcp_stream,
+                    addr: SockAddr::Tcp(Arc::new(socket_address)),
+                }),
+                Stream::UnixStream((unix_stream, socket_address)) => Ok(IoStream::Unix {
+                    stream: unix_stream,
+                    addr: SockAddr::Unix(Arc::new(socket_address)),
+                }),
+            },
+        }
+    }
+}
+
+enum Stream {
+    TcpStream((TcpStream, SocketAddr)),
+    UnixStream((UnixStream, unix::SocketAddr)),
+}
+
+#[derive(Clone, Debug)]
+pub enum SockAddr {
+    Tcp(Arc<SocketAddr>),
+    Unix(Arc<unix::SocketAddr>),
+}
+impl std::fmt::Display for SockAddr {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+        match self {
+            SockAddr::Tcp(socket_addr) => write!(f, "{}", socket_addr.ip().to_canonical()),
+            SockAddr::Unix(socket_addr) => match socket_addr.as_pathname() {
+                Some(path) => write!(f, "{:?}", path),
+                None => write!(f, ""),
+            },
+        }
+    }
+}
+impl Display for Listener {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+        match self {
+            Listener::Tcp(listener) | Listener::TcpTls((listener, _)) => write!(
+                f,
+                "{}",
+                listener
+                    .local_addr()
+                    .map(|addr| addr.to_string())
+                    .unwrap_or_else(|_| "".to_string())
+            ),
+
+            Listener::Unix(listener) | Listener::UnixTls((listener, _)) => write!(
+                f,
+                "{}",
+                listener
+                    .local_addr()
+                    .map(|addr| addr
+                        .as_pathname()
+                        .map(|path| path.to_str().unwrap_or("").to_owned())
+                        .unwrap_or_default())
+                    .unwrap_or_else(|_| "".to_string())
+            ),
+        }
+    }
+}
+
+impl Listener {
+    pub fn into_tokio_listener(self) -> TokioListener {
+        match self {
+            Listener::Tcp(listener) => {
+                TokioListener::Tcp(TokioTcpListener::from_std(listener).unwrap())
+            }
+            Listener::TcpTls((listener, acceptor)) => TokioListener::TcpTls(
+                TokioTcpListener::from_std(listener).unwrap(),
+                acceptor.clone(),
+            ),
+            Listener::Unix(listener) => {
+                TokioListener::Unix(TokioUnixListener::from_std(listener).unwrap())
+            }
+            Listener::UnixTls((listener, acceptor)) => TokioListener::UnixTls(
+                TokioUnixListener::from_std(listener).unwrap(),
+                acceptor.clone(),
+            ),
+        }
+    }
+
+    /// Handover information when using exec to hand over the listener to a replacement process.
+    pub fn handover(&self) -> Result<(String, i32)> {
+        match self {
+            Listener::Tcp(listener) => {
+                let addr = listener.local_addr()?;
+                Ok((
+                    format!("tcp://{}:{}", addr.ip().to_canonical(), addr.port()),
+                    listener.as_raw_fd(),
+                ))
+            }
+            Listener::TcpTls((listener, _)) => {
+                let addr = listener.local_addr()?;
+                Ok((
+                    format!("tcp://{}:{}", addr.ip().to_canonical(), addr.port()),
+                    listener.as_raw_fd(),
+                ))
+            }
+            Listener::Unix(listener) => {
+                let addr = listener.local_addr()?;
+                Ok((
+                    format!("unix://{}", addr.as_pathname().unwrap().to_str().unwrap()),
+                    listener.as_raw_fd(),
+                ))
+            }
+            Listener::UnixTls((listener, _)) => {
+                let addr = listener.local_addr()?;
+                Ok((
+                    format!("unix://{}", addr.as_pathname().unwrap().to_str().unwrap()),
+                    listener.as_raw_fd(),
+                ))
+            }
+        }
+    }
+
+    pub fn inherit_fd(bind: Bind, fd: RawFd, socket_opts: &SocketOpts) -> Result<Self> {
+        let bound = match bind.address {
+            BindAddress::Ip(_) => match bind.protocol {
+                BindProtocol::Http => Listener::Tcp(revive_tcp_socket(fd, socket_opts)?),
+                BindProtocol::Https => {
+                    let tcp_listener = revive_tcp_socket(fd, socket_opts)?;
+                    Listener::TcpTls((
+                        tcp_listener,
+                        bind.tls_config.unwrap().build_acceptor().unwrap(),
+                    ))
+                }
+                _ => unreachable!(),
+            },
+            BindAddress::UnixSocket(_) => match bind.tls_config {
+                Some(tls_config) => Listener::UnixTls((
+                    revive_unix_socket(fd, socket_opts)?,
+                    tls_config.build_acceptor().unwrap(),
+                )),
+                None => Listener::Unix(revive_unix_socket(fd, socket_opts)?),
+            },
+        };
+        Ok(bound)
+    }
+}
+
+impl Listener {
+    pub fn build(bind: Bind, socket_opts: &SocketOpts) -> Result<Self> {
+        let bound = match bind.address {
+            BindAddress::Ip(addr) => match bind.protocol {
+                BindProtocol::Http => {
+                    Listener::Tcp(connect_tcp_socket(addr, bind.port.unwrap(), socket_opts)?)
+                }
+                BindProtocol::Https => {
+                    let tcp_listener = connect_tcp_socket(addr, bind.port.unwrap(), socket_opts)?;
+                    Listener::TcpTls((
+                        tcp_listener,
+                        bind.tls_config.unwrap().build_acceptor().unwrap(),
+                    ))
+                }
+                _ => unreachable!(),
+            },
+            BindAddress::UnixSocket(path) => match bind.tls_config {
+                Some(tls_config) => Listener::UnixTls((
+                    connect_unix_socket(&path, socket_opts)?,
+                    tls_config.build_acceptor().unwrap(),
+                )),
+                None => Listener::Unix(connect_unix_socket(&path, socket_opts)?),
+            },
+        };
+        Ok(bound)
+    }
+}
+
+fn revive_tcp_socket(fd: RawFd, socket_opts: &SocketOpts) -> Result<TcpListener> {
+    let socket = unsafe { Socket::from_raw_fd(fd) };
+    socket.set_reuse_port(socket_opts.reuse_port).ok();
+    socket.set_reuse_address(socket_opts.reuse_address).ok();
+    socket.set_nonblocking(true).ok();
+    socket.set_nodelay(socket_opts.nodelay).ok();
+    socket
+        .set_recv_buffer_size(socket_opts.recv_buffer_size)
+        .ok();
+    socket.set_cloexec(true)?;
+    socket.listen(socket_opts.listen_backlog as i32)?;
+    Ok(socket.into())
+}
+
+fn revive_unix_socket(fd: RawFd, socket_opts: &SocketOpts) -> Result<UnixListener> {
+    let socket = unsafe { Socket::from_raw_fd(fd) };
+    socket.set_nonblocking(true).ok();
+    socket.listen(socket_opts.listen_backlog as i32)?;
+    socket.set_cloexec(true)?;
+
+    Ok(socket.into())
+}
+
+fn connect_tcp_socket(addr: IpAddr, port: u16, socket_opts: &SocketOpts) -> Result<TcpListener> {
+    let domain = match addr {
+        IpAddr::V4(_) => Domain::IPV4,
+        IpAddr::V6(_) => Domain::IPV6,
+    };
+    let socket = Socket::new(domain, Type::STREAM, Some(Protocol::TCP))?;
+    let socket_address: SocketAddr = SocketAddr::new(addr, port);
+    socket.set_reuse_address(socket_opts.reuse_address).ok();
+    socket.set_reuse_port(socket_opts.reuse_port).ok();
+    socket.set_nonblocking(true).ok();
+    socket.set_nodelay(socket_opts.nodelay).ok();
+    socket
+        .set_recv_buffer_size(socket_opts.recv_buffer_size)
+        .ok();
+    socket.set_only_v6(false).ok();
+    if let Err(e) = socket.bind(&socket_address.into()) {
+        error!("Failed to bind socket: {}", e);
+    };
+    if let Err(e) = socket.listen(socket_opts.listen_backlog as i32) {
+        error!("Failed to listen on socket: {}", e);
+    };
+    Ok(socket.into())
+}
+
+fn connect_unix_socket(path: &PathBuf, socket_opts: &SocketOpts) -> Result<UnixListener> {
+    let _ = std::fs::remove_file(path);
+    let socket = Socket::new(Domain::UNIX, Type::STREAM, None)?;
+    socket.set_nonblocking(true).ok();
+
+    let socket_address = socket2::SockAddr::unix(path)?;
+
+    if let Err(e) = socket.bind(&socket_address) {
+        error!("Failed to bind socket: {}", e);
+    };
+    if let Err(e) = socket.listen(socket_opts.listen_backlog as i32) {
+        error!("Failed to listen on socket: {}", e);
+    };
+    Ok(socket.into())
+}

data/ext/itsi_server/src/server/binds/mod.rs

@@ -0,0 +1,4 @@
+pub mod bind;
+pub mod bind_protocol;
+pub mod listener;
+pub mod tls;