This repository has been archived on 2024-05-31. You can view files and clone it, but cannot push or open issues or pull requests.
authentik/internal/gounicorn/gounicorn.go

99 lines
2 KiB
Go
Raw Normal View History

package gounicorn
import (
"net/http"
"os"
"os/exec"
"time"
log "github.com/sirupsen/logrus"
"goauthentik.io/internal/outpost/ak"
)
type GoUnicorn struct {
HealthyCallback func()
log *log.Entry
p *exec.Cmd
started bool
killed bool
alive bool
}
func NewGoUnicorn() *GoUnicorn {
stages/authenticator_sms: Add SMS Authenticator Stage (#1577) * stages/authenticator_sms: initial implementation Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/admin: add initial stage UI Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/elements: clear invalid state when old input was invalid but new input is correct Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * stages/authenticator_sms: add more logic Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/user: add basic SMS settings Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * stages/authenticator_sms: initial working version Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * stages/authenticator_sms: add tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/flows: optimise totp password manager entry on authenticator_validation stage Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/elements: add grouping support for table Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/admin: allow sms class in authenticator stage Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/admin: add grouping to more pages Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * stages/authenticator_validate: add SMS support Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * api: add throttling for flow executor based on session key and pending user Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: fix style issues Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * ci: add workflow to compile backend translations Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-11 15:51:49 +00:00
logger := log.WithField("logger", "authentik.router.unicorn")
g := &GoUnicorn{
log: logger,
started: false,
killed: false,
alive: false,
HealthyCallback: func() {},
}
g.initCmd()
return g
}
func (g *GoUnicorn) initCmd() {
command := "gunicorn"
args := []string{"-c", "./lifecycle/gunicorn.conf.py", "authentik.root.asgi.app:application"}
g.log.WithField("args", args).WithField("cmd", command).Debug("Starting gunicorn")
g.p = exec.Command(command, args...)
g.p.Env = os.Environ()
g.p.Stdout = os.Stdout
g.p.Stderr = os.Stderr
}
func (g *GoUnicorn) IsRunning() bool {
return g.alive
}
func (g *GoUnicorn) Start() error {
if g.killed {
g.log.Debug("Not restarting gunicorn since we're killed")
return nil
}
if g.started {
g.initCmd()
}
g.started = true
go g.healthcheck()
return g.p.Run()
}
func (g *GoUnicorn) healthcheck() {
g.log.Debug("starting healthcheck")
h := &http.Client{
Transport: ak.NewUserAgentTransport("goauthentik.io go proxy healthcheck", http.DefaultTransport),
}
check := func() bool {
res, err := h.Get("http://localhost:8000/-/health/live/")
if err == nil && res.StatusCode == 204 {
g.alive = true
return true
}
return false
}
// Default healthcheck is every 1 second on startup
// once we've been healthy once, increase to 30 seconds
for range time.Tick(time.Second) {
if check() {
g.log.Info("backend is alive, backing off with healthchecks")
g.HealthyCallback()
break
}
g.log.Debug("backend not alive yet")
}
for range time.Tick(30 * time.Second) {
check()
}
}
func (g *GoUnicorn) Kill() {
g.killed = true
err := g.p.Process.Kill()
if err != nil {
g.log.WithError(err).Warning("failed to kill gunicorn")
}
}