diff --git a/Makefile b/Makefile index 11aec020c..8e463614a 100644 --- a/Makefile +++ b/Makefile @@ -35,6 +35,7 @@ lint-fix: lint: bandit -r authentik tests lifecycle -x node_modules pylint authentik tests lifecycle + golangci-lint run -v i18n-extract: i18n-extract-core web-extract diff --git a/internal/outpost/ldap/ldap.go b/internal/outpost/ldap/ldap.go index 4886abbec..ebec8d5e5 100644 --- a/internal/outpost/ldap/ldap.go +++ b/internal/outpost/ldap/ldap.go @@ -62,7 +62,7 @@ func (ls *LDAPServer) StartLDAPServer() error { if err != nil { return err } - ls.log.Printf("closing %s", ln.Addr()) + ls.log.WithField("listen", listen).Info("Stopping LDAP server") return ls.s.ListenAndServe(listen) } diff --git a/internal/outpost/ldap/ldap_tls.go b/internal/outpost/ldap/ldap_tls.go index 8ab93cc01..d5afe8b3a 100644 --- a/internal/outpost/ldap/ldap_tls.go +++ b/internal/outpost/ldap/ldap_tls.go @@ -50,6 +50,6 @@ func (ls *LDAPServer) StartLDAPTLSServer() error { if err != nil { return err } - ls.log.Printf("closing %s", ln.Addr()) - return ls.s.ListenAndServe(listen) + ls.log.WithField("listen", listen).Info("Stopping LDAP SSL Server") + return nil } diff --git a/internal/outpost/proxyv2/proxyv2.go b/internal/outpost/proxyv2/proxyv2.go index afa5b8d7f..cb2006fe0 100644 --- a/internal/outpost/proxyv2/proxyv2.go +++ b/internal/outpost/proxyv2/proxyv2.go @@ -8,7 +8,6 @@ import ( "net" "net/http" "sync" - "time" sentryhttp "github.com/getsentry/sentry-go/http" "github.com/gorilla/mux" @@ -119,9 +118,9 @@ func (ps *ProxyServer) ServeHTTP() { proxyListener := &proxyproto.Listener{Listener: listener} defer proxyListener.Close() - ps.log.Printf("listening on %s", listener.Addr()) + ps.log.WithField("listen", listenAddress).Info("Starting HTTP server") ps.serve(proxyListener) - ps.log.Printf("closing %s", listener.Addr()) + ps.log.WithField("listen", listenAddress).Info("Stopping HTTP server") } // ServeHTTPS constructs a net.Listener and starts handling HTTPS requests @@ -135,16 +134,15 @@ func (ps *ProxyServer) ServeHTTPS() { ln, err := net.Listen("tcp", listenAddress) if err != nil { - ps.log.Fatalf("listen (%s) failed - %s", listenAddress, err) + ps.log.WithError(err).Warning("Failed to listen for HTTPS") } - ps.log.Printf("listening on %s", ln.Addr()) - - proxyListener := &proxyproto.Listener{Listener: tcpKeepAliveListener{ln.(*net.TCPListener)}} + proxyListener := &proxyproto.Listener{Listener: web.TCPKeepAliveListener{TCPListener: ln.(*net.TCPListener)}} defer proxyListener.Close() tlsListener := tls.NewListener(proxyListener, config) + ps.log.WithField("listen", listenAddress).Info("Starting HTTPS server") ps.serve(tlsListener) - ps.log.Printf("closing %s", tlsListener.Addr()) + ps.log.WithField("listen", listenAddress).Info("Stopping HTTPS server") } func (ps *ProxyServer) Start() error { @@ -179,7 +177,7 @@ func (ps *ProxyServer) serve(listener net.Listener) { // We received an interrupt signal, shut down. if err := srv.Shutdown(context.Background()); err != nil { // Error from closing listeners, or context timeout: - ps.log.Printf("HTTP server Shutdown: %v", err) + ps.log.WithError(err).Info("HTTP server Shutdown") } close(idleConnsClosed) }() @@ -190,27 +188,3 @@ func (ps *ProxyServer) serve(listener net.Listener) { } <-idleConnsClosed } - -// tcpKeepAliveListener sets TCP keep-alive timeouts on accepted -// connections. It's used by ListenAndServe and ListenAndServeTLS so -// dead TCP connections (e.g. closing laptop mid-download) eventually -// go away. -type tcpKeepAliveListener struct { - *net.TCPListener -} - -func (ln tcpKeepAliveListener) Accept() (net.Conn, error) { - tc, err := ln.AcceptTCP() - if err != nil { - return nil, err - } - err = tc.SetKeepAlive(true) - if err != nil { - log.Printf("Error setting Keep-Alive: %v", err) - } - err = tc.SetKeepAlivePeriod(3 * time.Minute) - if err != nil { - log.Printf("Error setting Keep-Alive period: %v", err) - } - return tc, nil -} diff --git a/internal/web/utils.go b/internal/utils/web/keepalive.go similarity index 65% rename from internal/web/utils.go rename to internal/utils/web/keepalive.go index 08c71e68c..5ac75549a 100644 --- a/internal/web/utils.go +++ b/internal/utils/web/keepalive.go @@ -1,31 +1,32 @@ package web import ( - "log" "net" "time" + + log "github.com/sirupsen/logrus" ) // tcpKeepAliveListener sets TCP keep-alive timeouts on accepted // connections. It's used by ListenAndServe and ListenAndServeTLS so // dead TCP connections (e.g. closing laptop mid-download) eventually // go away. -type tcpKeepAliveListener struct { +type TCPKeepAliveListener struct { *net.TCPListener } -func (ln tcpKeepAliveListener) Accept() (net.Conn, error) { +func (ln TCPKeepAliveListener) Accept() (net.Conn, error) { tc, err := ln.AcceptTCP() if err != nil { return nil, err } err = tc.SetKeepAlive(true) if err != nil { - log.Printf("Error setting Keep-Alive: %v", err) + log.WithError(err).Warning("Error setting Keep-Alive") } err = tc.SetKeepAlivePeriod(3 * time.Minute) if err != nil { - log.Printf("Error setting Keep-Alive period: %v", err) + log.WithError(err).Warning("Error setting Keep-Alive period") } return tc, nil } diff --git a/internal/web/metrics.go b/internal/web/metrics.go index 2b584bdf6..8762910bb 100644 --- a/internal/web/metrics.go +++ b/internal/web/metrics.go @@ -52,9 +52,10 @@ func RunMetricsServer() { return } }) - l.WithField("listen", config.G.Web.ListenMetrics).Info("Listening (metrics)") + l.WithField("listen", config.G.Web.ListenMetrics).Info("Starting Metrics server") err := http.ListenAndServe(config.G.Web.ListenMetrics, m) if err != nil { - panic(err) + l.WithError(err).Warning("Failed to start metrics server") } + l.WithField("listen", config.G.Web.ListenMetrics).Info("Stopping Metrics server") } diff --git a/internal/web/tls.go b/internal/web/tls.go index da1c9d4a1..71efbacdd 100644 --- a/internal/web/tls.go +++ b/internal/web/tls.go @@ -7,6 +7,7 @@ import ( "github.com/pires/go-proxyproto" "goauthentik.io/internal/config" "goauthentik.io/internal/crypto" + "goauthentik.io/internal/utils/web" ) func (ws *WebServer) GetCertificate() func(ch *tls.ClientHelloInfo) (*tls.Certificate, error) { @@ -39,12 +40,11 @@ func (ws *WebServer) listenTLS() { ws.log.WithError(err).Fatalf("failed to listen") return } - ws.log.WithField("listen", config.G.Web.ListenTLS).Info("Listening (TLS)") - - proxyListener := &proxyproto.Listener{Listener: tcpKeepAliveListener{ln.(*net.TCPListener)}} + proxyListener := &proxyproto.Listener{Listener: web.TCPKeepAliveListener{TCPListener: ln.(*net.TCPListener)}} defer proxyListener.Close() tlsListener := tls.NewListener(proxyListener, tlsConfig) + ws.log.WithField("listen", config.G.Web.ListenTLS).Info("Starting HTTPS server") ws.serve(tlsListener) - ws.log.Printf("closing %s", tlsListener.Addr()) + ws.log.WithField("listen", config.G.Web.ListenTLS).Info("Stopping HTTPS server") } diff --git a/internal/web/web.go b/internal/web/web.go index 5ddd21f72..3198247f5 100644 --- a/internal/web/web.go +++ b/internal/web/web.go @@ -74,17 +74,12 @@ func (ws *WebServer) listenPlain() { if err != nil { ws.log.WithError(err).Fatal("failed to listen") } - ws.log.WithField("listen", config.G.Web.Listen).Info("Listening") - proxyListener := &proxyproto.Listener{Listener: ln} defer proxyListener.Close() + ws.log.WithField("listen", config.G.Web.Listen).Info("Starting HTTP server") ws.serve(proxyListener) - - err = http.ListenAndServe(config.G.Web.Listen, ws.m) - if err != nil && !errors.Is(err, http.ErrServerClosed) { - ws.log.WithError(err).Error("failed to listen") - } + ws.log.WithField("listen", config.G.Web.Listen).Info("Stopping HTTP server") } func (ws *WebServer) serve(listener net.Listener) {