unicorn-shopify 4.8.2.5.23

data/ext/unicorn_http/unicorn_http_common.rl

@@ -0,0 +1,76 @@
+%%{
+
+  machine unicorn_http_common;
+
+#### HTTP PROTOCOL GRAMMAR
+# line endings
+  CRLF = "\r\n";
+
+# character types
+  CTL = (cntrl | 127);
+  safe = ("$" | "-" | "_" | ".");
+  extra = ("!" | "*" | "'" | "(" | ")" | ",");
+  reserved = (";" | "/" | "?" | ":" | "@" | "&" | "=" | "+");
+  sorta_safe = ("\"" | "<" | ">");
+  unsafe = (CTL | " " | "#" | "%" | sorta_safe);
+  national = any -- (alpha | digit | reserved | extra | safe | unsafe);
+  unreserved = (alpha | digit | safe | extra | national);
+  escape = ("%" xdigit xdigit);
+  uchar = (unreserved | escape | sorta_safe);
+  pchar = (uchar | ":" | "@" | "&" | "=" | "+");
+  tspecials = ("(" | ")" | "<" | ">" | "@" | "," | ";" | ":" | "\\" | "\"" | "/" | "[" | "]" | "?" | "=" | "{" | "}" | " " | "\t");
+  lws = (" " | "\t");
+  content = ((any -- CTL) | lws);
+
+# elements
+  token = (ascii -- (CTL | tspecials));
+
+# URI schemes and absolute paths
+  scheme = ( "http"i ("s"i)? ) $downcase_char >mark %scheme;
+  hostname = ((alnum | "-" | "." | "_")+ | ("[" (":" | xdigit)+ "]"));
+  host_with_port = (hostname (":" digit*)?) >mark %host;
+  userinfo = ((unreserved | escape | ";" | ":" | "&" | "=" | "+")+ "@")*;
+
+  path = ( pchar+ ( "/" pchar* )* ) ;
+  query = ( uchar | reserved )* %query_string ;
+  param = ( pchar | "/" )* ;
+  params = ( param ( ";" param )* ) ;
+  rel_path = (path? (";" params)? %request_path) ("?" %start_query query)?;
+  absolute_path = ( "/"+ rel_path );
+  path_uri = absolute_path > mark %request_uri;
+  Absolute_URI = (scheme "://" userinfo host_with_port path_uri);
+
+  Request_URI = ((absolute_path | "*") >mark %request_uri) | Absolute_URI;
+  Fragment = ( uchar | reserved )* >mark %fragment;
+  Method = (token){1,20} >mark %request_method;
+  GetOnly = "GET" >mark %request_method;
+
+  http_number = ( digit+ "." digit+ ) ;
+  HTTP_Version = ( "HTTP/" http_number ) >mark %http_version ;
+  Request_Line = ( Method " " Request_URI ("#" Fragment){0,1} " " HTTP_Version CRLF ) ;
+
+  field_name = ( token -- ":" )+ >start_field $snake_upcase_field %write_field;
+
+  field_value = content* >start_value %write_value;
+
+  value_cont = lws+ content* >start_value %write_cont_value;
+
+  message_header = ((field_name ":" lws* field_value)|value_cont) :> CRLF;
+  chunk_ext_val = token*;
+  chunk_ext_name = token*;
+  chunk_extension = ( ";" " "* chunk_ext_name ("=" chunk_ext_val)? )*;
+  last_chunk = "0"+ chunk_extension CRLF;
+  chunk_size = (xdigit* [1-9a-fA-F] xdigit*) $add_to_chunk_size;
+  chunk_end = CRLF;
+  chunk_body = any >skip_chunk_data;
+  chunk_begin = chunk_size chunk_extension CRLF;
+  chunk = chunk_begin chunk_body chunk_end;
+  ChunkedBody := chunk* last_chunk @end_chunked_body;
+  Trailers := (message_header)* CRLF @end_trailers;
+
+  FullRequest = Request_Line (message_header)* CRLF @header_done;
+  SimpleRequest = GetOnly " " Request_URI ("#"Fragment){0,1} CRLF @header_done;
+
+main := FullRequest | SimpleRequest;
+
+}%%

data/lib/unicorn.rb

@@ -0,0 +1,112 @@
+# -*- encoding: binary -*-
+require 'etc'
+require 'stringio'
+require 'rack'
+require 'kgio'
+
+# :stopdoc:
+# Unicorn module containing all of the classes (include C extensions) for
+# running a Unicorn web server.  It contains a minimalist HTTP server with just
+# enough functionality to service web application requests fast as possible.
+# :startdoc:
+
+# \Unicorn exposes very little of an user-visible API and most of its
+# internals are subject to change.  \Unicorn is designed to host Rack
+# applications, so applications should be written against the Rack SPEC
+# and not \Unicorn internals.
+module Unicorn
+
+  # Raised inside TeeInput when a client closes the socket inside the
+  # application dispatch.  This is always raised with an empty backtrace
+  # since there is nothing in the application stack that is responsible
+  # for client shutdowns/disconnects.  This exception is visible to Rack
+  # applications unless PrereadInput middleware is loaded.
+  ClientShutdown = Class.new(EOFError)
+
+  # :stopdoc:
+
+  # This returns a lambda to pass in as the app, this does not "build" the
+  # app (which we defer based on the outcome of "preload_app" in the
+  # Unicorn config).  The returned lambda will be called when it is
+  # time to build the app.
+  def self.builder(ru, op)
+    # allow Configurator to parse cli switches embedded in the ru file
+    op = Unicorn::Configurator::RACKUP.merge!(:file => ru, :optparse => op)
+
+    # Op is going to get cleared before the returned lambda is called, so
+    # save this value so that it's still there when we need it:
+    no_default_middleware = op[:no_default_middleware]
+
+    # always called after config file parsing, may be called after forking
+    lambda do ||
+      inner_app = case ru
+      when /\.ru$/
+        raw = File.read(ru)
+        raw.sub!(/^__END__\n.*/, '')
+        eval("Rack::Builder.new {(\n#{raw}\n)}.to_app", TOPLEVEL_BINDING, ru)
+      else
+        require ru
+        Object.const_get(File.basename(ru, '.rb').capitalize)
+      end
+
+      pp({ :inner_app => inner_app }) if $DEBUG
+
+      return inner_app if no_default_middleware
+
+      # return value, matches rackup defaults based on env
+      # Unicorn does not support persistent connections, but Rainbows!
+      # and Zbatery both do.  Users accustomed to the Rack::Server default
+      # middlewares will need ContentLength/Chunked middlewares.
+      case ENV["RACK_ENV"]
+      when "development"
+        Rack::Builder.new do
+          use Rack::ContentLength
+          use Rack::Chunked
+          use Rack::CommonLogger, $stderr
+          use Rack::ShowExceptions
+          use Rack::Lint
+          use Rack::TempfileReaper if Rack.const_defined?(:TempfileReaper)
+          run inner_app
+        end.to_app
+      when "deployment"
+        Rack::Builder.new do
+          use Rack::ContentLength
+          use Rack::Chunked
+          use Rack::CommonLogger, $stderr
+          use Rack::TempfileReaper if Rack.const_defined?(:TempfileReaper)
+          run inner_app
+        end.to_app
+      else
+        inner_app
+      end
+    end
+  end
+
+  # returns an array of strings representing TCP listen socket addresses
+  # and Unix domain socket paths.  This is useful for use with
+  # Raindrops::Middleware under Linux: http://raindrops.bogomips.org/
+  def self.listener_names
+    Unicorn::HttpServer::LISTENERS.map do |io|
+      Unicorn::SocketHelper.sock_name(io)
+    end + Unicorn::HttpServer::NEW_LISTENERS
+  end
+
+  def self.log_error(logger, prefix, exc)
+    message = exc.message
+    message = message.dump if /[[:cntrl:]]/ =~ message
+    logger.error "#{prefix}: #{message} (#{exc.class})"
+    exc.backtrace.each { |line| logger.error(line) }
+  end
+
+  # remove this when we only support Ruby >= 2.0
+  def self.pipe # :nodoc:
+    Kgio::Pipe.new.each { |io| io.close_on_exec = true }
+  end
+  # :startdoc:
+end
+# :enddoc:
+
+%w(const socket_helper stream_input tee_input http_request configurator
+   tmpio util http_response worker http_server).each do |s|
+  require_relative "unicorn/#{s}"
+end

data/lib/unicorn/app/old_rails.rb

@@ -0,0 +1,35 @@
+# -*- encoding: binary -*-
+
+# :enddoc:
+# This code is based on the original Rails handler in Mongrel
+# Copyright (c) 2005 Zed A. Shaw
+# Copyright (c) 2009 Eric Wong
+# You can redistribute it and/or modify it under the same terms as Ruby 1.8 or
+# the GPLv2+ (GPLv3+ preferred)
+# Additional work donated by contributors.  See CONTRIBUTORS for more info.
+require 'unicorn/cgi_wrapper'
+require 'dispatcher'
+
+module Unicorn; module App; end; end
+
+# Implements a handler that can run Rails.
+class Unicorn::App::OldRails
+
+  autoload :Static, "unicorn/app/old_rails/static"
+
+  def call(env)
+    cgi = Unicorn::CGIWrapper.new(env)
+    begin
+      Dispatcher.dispatch(cgi,
+          ActionController::CgiRequest::DEFAULT_SESSION_OPTIONS,
+          cgi.body)
+    rescue => e
+      err = env['rack.errors']
+      err.write("#{e} #{e.message}\n")
+      e.backtrace.each { |line| err.write("#{line}\n") }
+    end
+    cgi.out  # finalize the response
+    cgi.rack_response
+  end
+
+end

data/lib/unicorn/app/old_rails/static.rb

@@ -0,0 +1,59 @@
+# -*- encoding: binary -*-
+# :enddoc:
+# This code is based on the original Rails handler in Mongrel
+# Copyright (c) 2005 Zed A. Shaw
+# Copyright (c) 2009 Eric Wong
+# You can redistribute it and/or modify it under the same terms as Ruby 1.8 or
+# the GPLv3
+
+# Static file handler for Rails < 2.3.  This handler is only provided
+# as a convenience for developers.  Performance-minded deployments should
+# use nginx (or similar) for serving static files.
+#
+# This supports page caching directly and will try to resolve a
+# request in the following order:
+#
+# * If the requested exact PATH_INFO exists as a file then serve it.
+# * If it exists at PATH_INFO+rest_operator+".html" exists
+#   then serve that.
+#
+# This means that if you are using page caching it will actually work
+# with Unicorn and you should see a decent speed boost (but not as
+# fast as if you use a static server like nginx).
+class Unicorn::App::OldRails::Static < Struct.new(:app, :root, :file_server)
+  FILE_METHODS = { 'GET' => true, 'HEAD' => true }
+
+  # avoid allocating new strings for hash lookups
+  REQUEST_METHOD = 'REQUEST_METHOD'
+  REQUEST_URI = 'REQUEST_URI'
+  PATH_INFO = 'PATH_INFO'
+
+  def initialize(app)
+    self.app = app
+    self.root = "#{::RAILS_ROOT}/public"
+    self.file_server = ::Rack::File.new(root)
+  end
+
+  def call(env)
+    # short circuit this ASAP if serving non-file methods
+    FILE_METHODS.include?(env[REQUEST_METHOD]) or return app.call(env)
+
+    # first try the path as-is
+    path_info = env[PATH_INFO].chomp("/")
+    if File.file?("#{root}/#{::Rack::Utils.unescape(path_info)}")
+      # File exists as-is so serve it up
+      env[PATH_INFO] = path_info
+      return file_server.call(env)
+    end
+
+    # then try the cached version:
+    path_info << ActionController::Base.page_cache_extension
+
+    if File.file?("#{root}/#{::Rack::Utils.unescape(path_info)}")
+      env[PATH_INFO] = path_info
+      return file_server.call(env)
+    end
+
+    app.call(env) # call OldRails
+  end
+end if defined?(Unicorn::App::OldRails)

data/lib/unicorn/cgi_wrapper.rb

@@ -0,0 +1,147 @@
+# -*- encoding: binary -*-
+
+# :enddoc:
+# This code is based on the original CGIWrapper from Mongrel
+# Copyright (c) 2005 Zed A. Shaw
+# Copyright (c) 2009 Eric Wong
+# You can redistribute it and/or modify it under the same terms as Ruby 1.8 or
+# the GPLv2+ (GPLv3+ preferred)
+#
+# Additional work donated by contributors.  See CONTRIBUTORS for more info.
+
+require 'cgi'
+
+module Unicorn; end
+
+# The beginning of a complete wrapper around Unicorn's internal HTTP
+# processing system but maintaining the original Ruby CGI module.  Use
+# this only as a crutch to get existing CGI based systems working.  It
+# should handle everything, but please notify us if you see special
+# warnings.  This work is still very alpha so we need testers to help
+# work out the various corner cases.
+class Unicorn::CGIWrapper < ::CGI
+  undef_method :env_table
+  attr_reader :env_table
+  attr_reader :body
+
+  # these are stripped out of any keys passed to CGIWrapper.header function
+  NPH = 'nph'.freeze # Completely ignored, Unicorn outputs the date regardless
+  CONNECTION = 'connection'.freeze # Completely ignored. Why is CGI doing this?
+  CHARSET = 'charset'.freeze # this gets appended to Content-Type
+  COOKIE = 'cookie'.freeze # maps (Hash,Array,String) to "Set-Cookie" headers
+  STATUS = 'status'.freeze # stored as @status
+  Status = 'Status'.freeze # code + human-readable text, Rails sets this
+
+  # some of these are common strings, but this is the only module
+  # using them and the reason they're not in Unicorn::Const
+  SET_COOKIE = 'Set-Cookie'.freeze
+  CONTENT_TYPE = 'Content-Type'.freeze
+  CONTENT_LENGTH = 'Content-Length'.freeze # this is NOT Const::CONTENT_LENGTH
+  RACK_INPUT = 'rack.input'.freeze
+  RACK_ERRORS = 'rack.errors'.freeze
+
+  # this maps CGI header names to HTTP header names
+  HEADER_MAP = {
+    'status' => Status,
+    'type' => CONTENT_TYPE,
+    'server' => 'Server'.freeze,
+    'language' => 'Content-Language'.freeze,
+    'expires' => 'Expires'.freeze,
+    'length' => CONTENT_LENGTH,
+  }
+
+  # Takes an a Rackable environment, plus any additional CGI.new
+  # arguments These are used internally to create a wrapper around the
+  # real CGI while maintaining Rack/Unicorn's view of the world.  This
+  # this will NOT deal well with large responses that take up a lot of
+  # memory, but neither does the CGI nor the original CGIWrapper from
+  # Mongrel...
+  def initialize(rack_env, *args)
+    @env_table = rack_env
+    @status = nil
+    @head = {}
+    @headv = Hash.new { |hash,key| hash[key] = [] }
+    @body = StringIO.new("")
+    super(*args)
+  end
+
+  # finalizes the response in a way Rack applications would expect
+  def rack_response
+    # @head[CONTENT_LENGTH] ||= @body.size
+    @headv[SET_COOKIE].concat(@output_cookies) if @output_cookies
+    @headv.each_pair do |key,value|
+      @head[key] ||= value.join("\n") unless value.empty?
+    end
+
+    # Capitalized "Status:", with human-readable status code (e.g. "200 OK")
+    @status ||= @head.delete(Status)
+
+    [ @status || 500, @head, [ @body.string ] ]
+  end
+
+  # The header is typically called to send back the header.  In our case we
+  # collect it into a hash for later usage.  This can be called multiple
+  # times to set different cookies.
+  def header(options = "text/html")
+    # if they pass in a string then just write the Content-Type
+    if String === options
+      @head[CONTENT_TYPE] ||= options
+    else
+      HEADER_MAP.each_pair do |from, to|
+        from = options.delete(from) or next
+        @head[to] = from.to_s
+      end
+
+      @head[CONTENT_TYPE] ||= "text/html"
+      if charset = options.delete(CHARSET)
+        @head[CONTENT_TYPE] << "; charset=#{charset}"
+      end
+
+      # lots of ways to set cookies
+      if cookie = options.delete(COOKIE)
+        set_cookies = @headv[SET_COOKIE]
+        case cookie
+        when Array
+          cookie.each { |c| set_cookies << c.to_s }
+        when Hash
+          cookie.each_value { |c| set_cookies << c.to_s }
+        else
+          set_cookies << cookie.to_s
+        end
+      end
+      @status ||= options.delete(STATUS) # all lower-case
+
+      # drop the keys we don't want anymore
+      options.delete(NPH)
+      options.delete(CONNECTION)
+
+      # finally, set the rest of the headers as-is, allowing duplicates
+      options.each_pair { |k,v| @headv[k] << v }
+    end
+
+    # doing this fakes out the cgi library to think the headers are empty
+    # we then do the real headers in the out function call later
+    ""
+  end
+
+  # The dumb thing is people can call header or this or both and in
+  # any order.  So, we just reuse header and then finalize the
+  # HttpResponse the right way.  This will have no effect if called
+  # the second time if the first "outputted" anything.
+  def out(options = "text/html")
+    header(options)
+    @body.size == 0 or return
+    @body << yield if block_given?
+  end
+
+  # Used to wrap the normal stdinput variable used inside CGI.
+  def stdinput
+    @env_table[RACK_INPUT]
+  end
+
+  # return a pointer to the StringIO body since it's STDOUT-like
+  def stdoutput
+    @body
+  end
+
+end

data/lib/unicorn/configurator.rb

@@ -0,0 +1,686 @@
+# -*- encoding: binary -*-
+require 'logger'
+
+# Implements a simple DSL for configuring a \Unicorn server.
+#
+# See http://unicorn.bogomips.org/examples/unicorn.conf.rb and
+# http://unicorn.bogomips.org/examples/unicorn.conf.minimal.rb
+# example configuration files.  An example config file for use with
+# nginx is also available at
+# http://unicorn.bogomips.org/examples/nginx.conf
+#
+# See the link:/TUNING.html document for more information on tuning unicorn.
+class Unicorn::Configurator
+  include Unicorn
+
+  # :stopdoc:
+  attr_accessor :set, :config_file, :after_reload
+
+  # used to stash stuff for deferred processing of cli options in
+  # config.ru after "working_directory" is bound.  Do not rely on
+  # this being around later on...
+  RACKUP = {
+    :daemonize => false,
+    :host => Unicorn::Const::DEFAULT_HOST,
+    :port => Unicorn::Const::DEFAULT_PORT,
+    :set_listener => false,
+    :options => { :listeners => [] }
+  }
+
+  # Default settings for Unicorn
+  DEFAULTS = {
+    :timeout => 60,
+    :logger => Logger.new($stderr),
+    :worker_processes => 1,
+    :after_fork => lambda { |server, worker|
+        server.logger.info("worker=#{worker.nr} spawned pid=#{$$}")
+      },
+    :before_fork => lambda { |server, worker|
+        server.logger.info("worker=#{worker.nr} spawning...")
+      },
+    :before_exec => lambda { |server|
+        server.logger.info("forked child re-executing...")
+      },
+    :before_murder => nil,
+    :pid => nil,
+    :preload_app => false,
+    :check_client_connection => false,
+    :rewindable_input => true, # for Rack 2.x: (Rack::VERSION[0] <= 1),
+    :client_body_buffer_size => Unicorn::Const::MAX_BODY,
+  }
+  #:startdoc:
+
+  def initialize(defaults = {}) #:nodoc:
+    self.set = Hash.new(:unset)
+    @use_defaults = defaults.delete(:use_defaults)
+    self.config_file = defaults.delete(:config_file)
+
+    # after_reload is only used by unicorn_rails, unsupported otherwise
+    self.after_reload = defaults.delete(:after_reload)
+
+    set.merge!(DEFAULTS) if @use_defaults
+    defaults.each { |key, value| self.__send__(key, value) }
+    Hash === set[:listener_opts] or
+        set[:listener_opts] = Hash.new { |hash,key| hash[key] = {} }
+    Array === set[:listeners] or set[:listeners] = []
+    reload(false)
+  end
+
+  def reload(merge_defaults = true) #:nodoc:
+    if merge_defaults && @use_defaults
+      set.merge!(DEFAULTS) if @use_defaults
+    end
+    instance_eval(File.read(config_file), config_file) if config_file
+
+    parse_rackup_file
+
+    RACKUP[:set_listener] and
+      set[:listeners] << "#{RACKUP[:host]}:#{RACKUP[:port]}"
+
+    # unicorn_rails creates dirs here after working_directory is bound
+    after_reload.call if after_reload
+
+    # working_directory binds immediately (easier error checking that way),
+    # now ensure any paths we changed are correctly set.
+    [ :pid, :stderr_path, :stdout_path ].each do |var|
+      String === (path = set[var]) or next
+      path = File.expand_path(path)
+      File.writable?(path) || File.writable?(File.dirname(path)) or \
+            raise ArgumentError, "directory for #{var}=#{path} not writable"
+    end
+  end
+
+  def commit!(server, options = {}) #:nodoc:
+    skip = options[:skip] || []
+    if ready_pipe = RACKUP.delete(:ready_pipe)
+      server.ready_pipe = ready_pipe
+    end
+    if set[:check_client_connection]
+      set[:listeners].each do |address|
+        if set[:listener_opts][address][:tcp_nopush] == true
+          raise ArgumentError,
+            "check_client_connection is incompatible with tcp_nopush:true"
+        end
+      end
+    end
+    set.each do |key, value|
+      value == :unset and next
+      skip.include?(key) and next
+      server.__send__("#{key}=", value)
+    end
+  end
+
+  def [](key) # :nodoc:
+    set[key]
+  end
+
+  # sets object to the +obj+ Logger-like object.  The new Logger-like
+  # object must respond to the following methods:
+  # * debug
+  # * info
+  # * warn
+  # * error
+  # * fatal
+  # The default Logger will log its output to the path specified
+  # by +stderr_path+.  If you're running Unicorn daemonized, then
+  # you must specify a path to prevent error messages from going
+  # to /dev/null.
+  def logger(obj)
+    %w(debug info warn error fatal).each do |m|
+      obj.respond_to?(m) and next
+      raise ArgumentError, "logger=#{obj} does not respond to method=#{m}"
+    end
+
+    set[:logger] = obj
+  end
+
+  # sets after_fork hook to a given block.  This block will be called by
+  # the worker after forking.  The following is an example hook which adds
+  # a per-process listener to every worker:
+  #
+  #  after_fork do |server,worker|
+  #    # per-process listener ports for debugging/admin:
+  #    addr = "127.0.0.1:#{9293 + worker.nr}"
+  #
+  #    # the negative :tries parameter indicates we will retry forever
+  #    # waiting on the existing process to exit with a 5 second :delay
+  #    # Existing options for Unicorn::Configurator#listen such as
+  #    # :backlog, :rcvbuf, :sndbuf are available here as well.
+  #    server.listen(addr, :tries => -1, :delay => 5, :backlog => 128)
+  #  end
+  def after_fork(*args, &block)
+    set_hook(:after_fork, block_given? ? block : args[0])
+  end
+
+  # sets before_fork got be a given Proc object.  This Proc
+  # object will be called by the master process before forking
+  # each worker.
+  def before_fork(*args, &block)
+    set_hook(:before_fork, block_given? ? block : args[0])
+  end
+
+  # sets the before_exec hook to a given Proc object.  This
+  # Proc object will be called by the master process right
+  # before exec()-ing the new unicorn binary.  This is useful
+  # for freeing certain OS resources that you do NOT wish to
+  # share with the reexeced child process.
+  # There is no corresponding after_exec hook (for obvious reasons).
+  def before_exec(*args, &block)
+    set_hook(:before_exec, block_given? ? block : args[0], 1)
+  end
+
+  # Sets the before_murder hook to a given Proc object. This Proc object
+  # will be called by the master process before killing a lazy worker
+  # with SIGKILL, the point of this callback is NOT to prevent killing
+  # but to provide an instrumentation hook
+  def before_murder(*args, &block)
+    set_hook_arg = if block_given?
+      # This hook is meant a an instrumentation point, it should not prevent the
+      # worker from getting killed exception will be logged and move on
+      new_block = Proc.new do |server, worker, wpid|
+        begin
+          block.call(server, worker, wpid)
+        rescue StandardError => e
+          server.logger.error("Error executing before murder for PID: #{wpid} error: #{e.inspect}")
+          server.logger.error(e.backtrace.join("\n"))
+        end
+      end
+    else
+      args[0]
+    end
+
+    set_hook(:before_murder, set_hook_arg, 3)
+  end
+
+  # sets the timeout of worker processes to +seconds+.  Workers
+  # handling the request/app.call/response cycle taking longer than
+  # this time period will be forcibly killed (via SIGKILL).  This
+  # timeout is enforced by the master process itself and not subject
+  # to the scheduling limitations by the worker process.  Due the
+  # low-complexity, low-overhead implementation, timeouts of less
+  # than 3.0 seconds can be considered inaccurate and unsafe.
+  #
+  # For running Unicorn behind nginx, it is recommended to set
+  # "fail_timeout=0" for in your nginx configuration like this
+  # to have nginx always retry backends that may have had workers
+  # SIGKILL-ed due to timeouts.
+  #
+  #    # See http://wiki.nginx.org/NginxHttpUpstreamModule for more details
+  #    # on nginx upstream configuration:
+  #    upstream unicorn_backend {
+  #      # for UNIX domain socket setups:
+  #      server unix:/path/to/.unicorn.sock fail_timeout=0;
+  #
+  #      # for TCP setups
+  #      server 192.168.0.7:8080 fail_timeout=0;
+  #      server 192.168.0.8:8080 fail_timeout=0;
+  #      server 192.168.0.9:8080 fail_timeout=0;
+  #    }
+  def timeout(seconds)
+    set_int(:timeout, seconds, 3)
+    # POSIX says 31 days is the smallest allowed maximum timeout for select()
+    max = 30 * 60 * 60 * 24
+    set[:timeout] = seconds > max ? max : seconds
+  end
+
+  # sets the current number of worker_processes to +nr+.  Each worker
+  # process will serve exactly one client at a time.  You can
+  # increment or decrement this value at runtime by sending SIGTTIN
+  # or SIGTTOU respectively to the master process without reloading
+  # the rest of your Unicorn configuration.  See the SIGNALS document
+  # for more information.
+  def worker_processes(nr)
+    set_int(:worker_processes, nr, 1)
+  end
+
+  # sets listeners to the given +addresses+, replacing or augmenting the
+  # current set.  This is for the global listener pool shared by all
+  # worker processes.  For per-worker listeners, see the after_fork example
+  # This is for internal API use only, do not use it in your Unicorn
+  # config file.  Use listen instead.
+  def listeners(addresses) # :nodoc:
+    Array === addresses or addresses = Array(addresses)
+    addresses.map! { |addr| expand_addr(addr) }
+    set[:listeners] = addresses
+  end
+
+  # Adds an +address+ to the existing listener set.  May be specified more
+  # than once.  +address+ may be an Integer port number for a TCP port, an
+  # "IP_ADDRESS:PORT" for TCP listeners or a pathname for UNIX domain sockets.
+  #
+  #   listen 3000 # listen to port 3000 on all TCP interfaces
+  #   listen "127.0.0.1:3000"  # listen to port 3000 on the loopback interface
+  #   listen "/path/to/.unicorn.sock" # listen on the given Unix domain socket
+  #   listen "[::1]:3000" # listen to port 3000 on the IPv6 loopback interface
+  #
+  # When using Unix domain sockets, be sure:
+  # 1) the path matches the one used by nginx
+  # 2) uses the same filesystem namespace as the nginx process
+  # For systemd users using PrivateTmp=true (for either nginx or unicorn),
+  # this means Unix domain sockets must not be placed in /tmp
+  #
+  # The following options may be specified (but are generally not needed):
+  #
+  # [:backlog => number of clients]
+  #
+  #   This is the backlog of the listen() syscall.
+  #
+  #   Some operating systems allow negative values here to specify the
+  #   maximum allowable value.  In most cases, this number is only
+  #   recommendation and there are other OS-specific tunables and
+  #   variables that can affect this number.  See the listen(2)
+  #   syscall documentation of your OS for the exact semantics of
+  #   this.
+  #
+  #   If you are running unicorn on multiple machines, lowering this number
+  #   can help your load balancer detect when a machine is overloaded
+  #   and give requests to a different machine.
+  #
+  #   Default: 1024
+  #
+  # [:rcvbuf => bytes, :sndbuf => bytes]
+  #
+  #   Maximum receive and send buffer sizes (in bytes) of sockets.
+  #
+  #   These correspond to the SO_RCVBUF and SO_SNDBUF settings which
+  #   can be set via the setsockopt(2) syscall.  Some kernels
+  #   (e.g. Linux 2.4+) have intelligent auto-tuning mechanisms and
+  #   there is no need (and it is sometimes detrimental) to specify them.
+  #
+  #   See the socket API documentation of your operating system
+  #   to determine the exact semantics of these settings and
+  #   other operating system-specific knobs where they can be
+  #   specified.
+  #
+  #   Defaults: operating system defaults
+  #
+  # [:tcp_nodelay => true or false]
+  #
+  #   Disables Nagle's algorithm on TCP sockets if +true+.
+  #
+  #   Setting this to +true+ can make streaming responses in Rails 3.1
+  #   appear more quickly at the cost of slightly higher bandwidth usage.
+  #   The effect of this option is most visible if nginx is not used,
+  #   but nginx remains highly recommended with \Unicorn.
+  #
+  #   This has no effect on UNIX sockets.
+  #
+  #   Default: +true+ (Nagle's algorithm disabled) in \Unicorn,
+  #   +true+ in Rainbows!  This defaulted to +false+ in \Unicorn
+  #   3.x
+  #
+  # [:tcp_nopush => true or false]
+  #
+  #   Enables/disables TCP_CORK in Linux or TCP_NOPUSH in FreeBSD
+  #
+  #   This prevents partial TCP frames from being sent out and reduces
+  #   wakeups in nginx if it is on a different machine.  Since \Unicorn
+  #   is only designed for applications that send the response body
+  #   quickly without keepalive, sockets will always be flushed on close
+  #   to prevent delays.
+  #
+  #   This has no effect on UNIX sockets.
+  #
+  #   Default: +false+
+  #   This defaulted to +true+ in \Unicorn 3.4 - 3.7
+  #
+  # [:ipv6only => true or false]
+  #
+  #   This option makes IPv6-capable TCP listeners IPv6-only and unable
+  #   to receive IPv4 queries on dual-stack systems.  A separate IPv4-only
+  #   listener is required if this is true.
+  #
+  #   Enabling this option for the IPv6-only listener and having a
+  #   separate IPv4 listener is recommended if you wish to support IPv6
+  #   on the same TCP port.  Otherwise, the value of \env[\"REMOTE_ADDR\"]
+  #   will appear as an ugly IPv4-mapped-IPv6 address for IPv4 clients
+  #   (e.g ":ffff:10.0.0.1" instead of just "10.0.0.1").
+  #
+  #   Default: Operating-system dependent
+  #
+  # [:reuseport => true or false]
+  #
+  #   This enables multiple, independently-started unicorn instances to
+  #   bind to the same port (as long as all the processes enable this).
+  #
+  #   This option must be used when unicorn first binds the listen socket.
+  #   It cannot be enabled when a socket is inherited via SIGUSR2
+  #   (but it will remain on if inherited), and it cannot be enabled
+  #   directly via SIGHUP.
+  #
+  #   Note: there is a chance of connections being dropped if
+  #   one of the unicorn instances is stopped while using this.
+  #
+  #   This is supported on *BSD systems and Linux 3.9 or later.
+  #
+  #   ref: https://lwn.net/Articles/542629/
+  #
+  #   Default: false (unset)
+  #
+  # [:tries => Integer]
+  #
+  #   Times to retry binding a socket if it is already in use
+  #
+  #   A negative number indicates we will retry indefinitely, this is
+  #   useful for migrations and upgrades when individual workers
+  #   are binding to different ports.
+  #
+  #   Default: 5
+  #
+  # [:delay => seconds]
+  #
+  #   Seconds to wait between successive +tries+
+  #
+  #   Default: 0.5 seconds
+  #
+  # [:umask => mode]
+  #
+  #   Sets the file mode creation mask for UNIX sockets.  If specified,
+  #   this is usually in octal notation.
+  #
+  #   Typically UNIX domain sockets are created with more liberal
+  #   file permissions than the rest of the application.  By default,
+  #   we create UNIX domain sockets to be readable and writable by
+  #   all local users to give them the same accessibility as
+  #   locally-bound TCP listeners.
+  #
+  #   This has no effect on TCP listeners.
+  #
+  #   Default: 0000 (world-read/writable)
+  #
+  # [:tcp_defer_accept => Integer]
+  #
+  #   Defer accept() until data is ready (Linux-only)
+  #
+  #   For Linux 2.6.32 and later, this is the number of retransmits to
+  #   defer an accept() for if no data arrives, but the client will
+  #   eventually be accepted after the specified number of retransmits
+  #   regardless of whether data is ready.
+  #
+  #   For Linux before 2.6.32, this is a boolean option, and
+  #   accepts are _always_ deferred indefinitely if no data arrives.
+  #   This is similar to <code>:accept_filter => "dataready"</code>
+  #   under FreeBSD.
+  #
+  #   Specifying +true+ is synonymous for the default value(s) below,
+  #   and +false+ or +nil+ is synonymous for a value of zero.
+  #
+  #   A value of +1+ is a good optimization for local networks
+  #   and trusted clients.  For Rainbows! and Zbatery users, a higher
+  #   value (e.g. +60+) provides more protection against some
+  #   denial-of-service attacks.  There is no good reason to ever
+  #   disable this with a +zero+ value when serving HTTP.
+  #
+  #   Default: 1 retransmit for \Unicorn, 60 for Rainbows! 0.95.0\+
+  #
+  # [:accept_filter => String]
+  #
+  #   defer accept() until data is ready (FreeBSD-only)
+  #
+  #   This enables either the "dataready" or (default) "httpready"
+  #   accept() filter under FreeBSD.  This is intended as an
+  #   optimization to reduce context switches with common GET/HEAD
+  #   requests.  For Rainbows! and Zbatery users, this provides
+  #   some protection against certain denial-of-service attacks, too.
+  #
+  #   There is no good reason to change from the default.
+  #
+  #   Default: "httpready"
+  def listen(address, options = {})
+    address = expand_addr(address)
+    if String === address
+      [ :umask, :backlog, :sndbuf, :rcvbuf, :tries ].each do |key|
+        value = options[key] or next
+        Integer === value or
+          raise ArgumentError, "not an integer: #{key}=#{value.inspect}"
+      end
+      [ :tcp_nodelay, :tcp_nopush, :ipv6only, :reuseport ].each do |key|
+        (value = options[key]).nil? and next
+        TrueClass === value || FalseClass === value or
+          raise ArgumentError, "not boolean: #{key}=#{value.inspect}"
+      end
+      unless (value = options[:delay]).nil?
+        Numeric === value or
+          raise ArgumentError, "not numeric: delay=#{value.inspect}"
+      end
+      set[:listener_opts][address].merge!(options)
+    end
+
+    set[:listeners] << address
+  end
+
+  # sets the +path+ for the PID file of the unicorn master process
+  def pid(path); set_path(:pid, path); end
+
+  # Enabling this preloads an application before forking worker
+  # processes.  This allows memory savings when using a
+  # copy-on-write-friendly GC but can cause bad things to happen when
+  # resources like sockets are opened at load time by the master
+  # process and shared by multiple children.  People enabling this are
+  # highly encouraged to look at the before_fork/after_fork hooks to
+  # properly close/reopen sockets.  Files opened for logging do not
+  # have to be reopened as (unbuffered-in-userspace) files opened with
+  # the File::APPEND flag are written to atomically on UNIX.
+  #
+  # In addition to reloading the unicorn-specific config settings,
+  # SIGHUP will reload application code in the working
+  # directory/symlink when workers are gracefully restarted when
+  # preload_app=false (the default).  As reloading the application
+  # sometimes requires RubyGems updates, +Gem.refresh+ is always
+  # called before the application is loaded (for RubyGems users).
+  #
+  # During deployments, care should _always_ be taken to ensure your
+  # applications are properly deployed and running.  Using
+  # preload_app=false (the default) means you _must_ check if
+  # your application is responding properly after a deployment.
+  # Improperly deployed applications can go into a spawn loop
+  # if the application fails to load.  While your children are
+  # in a spawn loop, it is is possible to fix an application
+  # by properly deploying all required code and dependencies.
+  # Using preload_app=true means any application load error will
+  # cause the master process to exit with an error.
+
+  def preload_app(bool)
+    set_bool(:preload_app, bool)
+  end
+
+  # Toggles making \env[\"rack.input\"] rewindable.
+  # Disabling rewindability can improve performance by lowering
+  # I/O and memory usage for applications that accept uploads.
+  # Keep in mind that the Rack 1.x spec requires
+  # \env[\"rack.input\"] to be rewindable, so this allows
+  # intentionally violating the current Rack 1.x spec.
+  #
+  # +rewindable_input+ defaults to +true+ when used with Rack 1.x for
+  # Rack conformance.  When Rack 2.x is finalized, this will most
+  # likely default to +false+ while still conforming to the newer
+  # (less demanding) spec.
+  def rewindable_input(bool)
+    set_bool(:rewindable_input, bool)
+  end
+
+  # The maximum size (in +bytes+) to buffer in memory before
+  # resorting to a temporary file.  Default is 112 kilobytes.
+  # This option has no effect if "rewindable_input" is set to
+  # +false+.
+  def client_body_buffer_size(bytes)
+    set_int(:client_body_buffer_size, bytes, 0)
+  end
+
+  # When enabled, unicorn will check the client connection by writing
+  # the beginning of the HTTP headers before calling the application.
+  #
+  # This will prevent calling the application for clients who have
+  # disconnected while their connection was queued.
+  #
+  # This only affects clients connecting over Unix domain sockets
+  # and TCP via loopback (127.*.*.*).  It is unlikely to detect
+  # disconnects if the client is on a remote host (even on a fast LAN).
+  #
+  # This option cannot be used in conjunction with :tcp_nopush.
+  def check_client_connection(bool)
+    set_bool(:check_client_connection, bool)
+  end
+
+  # Allow redirecting $stderr to a given path.  Unlike doing this from
+  # the shell, this allows the unicorn process to know the path its
+  # writing to and rotate the file if it is used for logging.  The
+  # file will be opened with the File::APPEND flag and writes
+  # synchronized to the kernel (but not necessarily to _disk_) so
+  # multiple processes can safely append to it.
+  #
+  # If you are daemonizing and using the default +logger+, it is important
+  # to specify this as errors will otherwise be lost to /dev/null.
+  # Some applications/libraries may also triggering warnings that go to
+  # stderr, and they will end up here.
+  def stderr_path(path)
+    set_path(:stderr_path, path)
+  end
+
+  # Same as stderr_path, except for $stdout.  Not many Rack applications
+  # write to $stdout, but any that do will have their output written here.
+  # It is safe to point this to the same location a stderr_path.
+  # Like stderr_path, this defaults to /dev/null when daemonized.
+  def stdout_path(path)
+    set_path(:stdout_path, path)
+  end
+
+  # sets the working directory for Unicorn.  This ensures SIGUSR2 will
+  # start a new instance of Unicorn in this directory.  This may be
+  # a symlink, a common scenario for Capistrano users.  Unlike
+  # all other Unicorn configuration directives, this binds immediately
+  # for error checking and cannot be undone by unsetting it in the
+  # configuration file and reloading.
+  def working_directory(path)
+    # just let chdir raise errors
+    path = File.expand_path(path)
+    if config_file &&
+       config_file[0] != ?/ &&
+       ! File.readable?("#{path}/#{config_file}")
+      raise ArgumentError,
+            "config_file=#{config_file} would not be accessible in" \
+            " working_directory=#{path}"
+    end
+    Dir.chdir(path)
+    Unicorn::HttpServer::START_CTX[:cwd] = ENV["PWD"] = path
+  end
+
+  # Runs worker processes as the specified +user+ and +group+.
+  # The master process always stays running as the user who started it.
+  # This switch will occur after calling the after_fork hook, and only
+  # if the Worker#user method is not called in the after_fork hook
+  # +group+ is optional and will not change if unspecified.
+  def user(user, group = nil)
+    # raises ArgumentError on invalid user/group
+    Etc.getpwnam(user)
+    Etc.getgrnam(group) if group
+    set[:user] = [ user, group ]
+  end
+
+  # expands "unix:path/to/foo" to a socket relative to the current path
+  # expands pathnames of sockets if relative to "~" or "~username"
+  # expands "*:port and ":port" to "0.0.0.0:port"
+  def expand_addr(address) #:nodoc:
+    return "0.0.0.0:#{address}" if Integer === address
+    return address unless String === address
+
+    case address
+    when %r{\Aunix:(.*)\z}
+      File.expand_path($1)
+    when %r{\A~}
+      File.expand_path(address)
+    when %r{\A(?:\*:)?(\d+)\z}
+      "0.0.0.0:#$1"
+    when %r{\A\[([a-fA-F0-9:]+)\]\z}, %r/\A((?:\d+\.){3}\d+)\z/
+      canonicalize_tcp($1, 80)
+    when %r{\A\[([a-fA-F0-9:]+)\]:(\d+)\z}, %r{\A(.*):(\d+)\z}
+      canonicalize_tcp($1, $2.to_i)
+    else
+      address
+    end
+  end
+
+private
+  def set_int(var, n, min) #:nodoc:
+    Integer === n or raise ArgumentError, "not an integer: #{var}=#{n.inspect}"
+    n >= min or raise ArgumentError, "too low (< #{min}): #{var}=#{n.inspect}"
+    set[var] = n
+  end
+
+  def canonicalize_tcp(addr, port)
+    packed = Socket.pack_sockaddr_in(port, addr)
+    port, addr = Socket.unpack_sockaddr_in(packed)
+    addr.include?(':') ? "[#{addr}]:#{port}" : "#{addr}:#{port}"
+  end
+
+  def set_path(var, path) #:nodoc:
+    case path
+    when NilClass, String
+      set[var] = path
+    else
+      raise ArgumentError
+    end
+  end
+
+  def check_bool(var, bool) # :nodoc:
+    case bool
+    when true, false
+      return bool
+    end
+    raise ArgumentError, "#{var}=#{bool.inspect} not a boolean"
+  end
+
+  def set_bool(var, bool) #:nodoc:
+    set[var] = check_bool(var, bool)
+  end
+
+  def set_hook(var, my_proc, req_arity = 2) #:nodoc:
+    case my_proc
+    when Proc
+      arity = my_proc.arity
+      (arity == req_arity) or \
+        raise ArgumentError,
+              "#{var}=#{my_proc.inspect} has invalid arity: " \
+              "#{arity} (need #{req_arity})"
+    when NilClass
+      my_proc = DEFAULTS[var]
+    else
+      raise ArgumentError, "invalid type: #{var}=#{my_proc.inspect}"
+    end
+    set[var] = my_proc
+  end
+
+  # this is called _after_ working_directory is bound.  This only
+  # parses the embedded switches in .ru files
+  # (for "rackup" compatibility)
+  def parse_rackup_file # :nodoc:
+    ru = RACKUP[:file] or return # we only return here in unit tests
+
+    # :rails means use (old) Rails autodetect
+    if ru == :rails
+      File.readable?('config.ru') or return
+      ru = 'config.ru'
+    end
+
+    File.readable?(ru) or
+      raise ArgumentError, "rackup file (#{ru}) not readable"
+
+    # it could be a .rb file, too, we don't parse those manually
+    ru.end_with?('.ru') or return
+
+    /^#\\(.*)/ =~ File.read(ru) or return
+    RACKUP[:optparse].parse!($1.split(/\s+/))
+
+    if RACKUP[:daemonize]
+      # unicorn_rails wants a default pid path, (not plain 'unicorn')
+      if after_reload
+        spid = set[:pid]
+        pid('tmp/pids/unicorn.pid') if spid.nil? || spid == :unset
+      end
+      unless RACKUP[:daemonized]
+        Unicorn::Launcher.daemonize!(RACKUP[:options])
+        RACKUP[:ready_pipe] = RACKUP[:options].delete(:ready_pipe)
+      end
+    end
+  end
+end