aef9d27706
* stages/authenticator_sms: initial implementation Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/admin: add initial stage UI Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/elements: clear invalid state when old input was invalid but new input is correct Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * stages/authenticator_sms: add more logic Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/user: add basic SMS settings Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * stages/authenticator_sms: initial working version Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * stages/authenticator_sms: add tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/flows: optimise totp password manager entry on authenticator_validation stage Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/elements: add grouping support for table Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/admin: allow sms class in authenticator stage Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/admin: add grouping to more pages Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * stages/authenticator_validate: add SMS support Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * api: add throttling for flow executor based on session key and pending user Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: fix style issues Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * ci: add workflow to compile backend translations Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
95 lines
1.9 KiB
Go
95 lines
1.9 KiB
Go
package gounicorn
|
|
|
|
import (
|
|
"net/http"
|
|
"os"
|
|
"os/exec"
|
|
"time"
|
|
|
|
log "github.com/sirupsen/logrus"
|
|
"goauthentik.io/internal/outpost/ak"
|
|
)
|
|
|
|
type GoUnicorn struct {
|
|
log *log.Entry
|
|
p *exec.Cmd
|
|
started bool
|
|
killed bool
|
|
alive bool
|
|
}
|
|
|
|
func NewGoUnicorn() *GoUnicorn {
|
|
logger := log.WithField("logger", "authentik.router.unicorn")
|
|
g := &GoUnicorn{
|
|
log: logger,
|
|
started: false,
|
|
killed: false,
|
|
alive: false,
|
|
}
|
|
g.initCmd()
|
|
return g
|
|
}
|
|
|
|
func (g *GoUnicorn) initCmd() {
|
|
command := "gunicorn"
|
|
args := []string{"-c", "./lifecycle/gunicorn.conf.py", "authentik.root.asgi.app:application"}
|
|
g.log.WithField("args", args).WithField("cmd", command).Debug("Starting gunicorn")
|
|
g.p = exec.Command(command, args...)
|
|
g.p.Env = os.Environ()
|
|
g.p.Stdout = os.Stdout
|
|
g.p.Stderr = os.Stderr
|
|
}
|
|
|
|
func (g *GoUnicorn) IsRunning() bool {
|
|
return g.alive
|
|
}
|
|
|
|
func (g *GoUnicorn) Start() error {
|
|
if g.killed {
|
|
g.log.Debug("Not restarting gunicorn since we're killed")
|
|
return nil
|
|
}
|
|
if g.started {
|
|
g.initCmd()
|
|
}
|
|
g.started = true
|
|
go g.healthcheck()
|
|
return g.p.Run()
|
|
}
|
|
|
|
func (g *GoUnicorn) healthcheck() {
|
|
g.log.Debug("starting healthcheck")
|
|
h := &http.Client{
|
|
Transport: ak.NewUserAgentTransport("goauthentik.io go proxy healthcheck", http.DefaultTransport),
|
|
}
|
|
check := func() bool {
|
|
res, err := h.Get("http://localhost:8000/-/health/live/")
|
|
if err == nil && res.StatusCode == 204 {
|
|
g.alive = true
|
|
return true
|
|
}
|
|
return false
|
|
}
|
|
|
|
// Default healthcheck is every 1 second on startup
|
|
// once we've been healthy once, increase to 30 seconds
|
|
for range time.Tick(time.Second) {
|
|
if check() {
|
|
g.log.Info("backend is alive, backing off with healthchecks")
|
|
break
|
|
}
|
|
g.log.Debug("backend not alive yet")
|
|
}
|
|
for range time.Tick(30 * time.Second) {
|
|
check()
|
|
}
|
|
}
|
|
|
|
func (g *GoUnicorn) Kill() {
|
|
g.killed = true
|
|
err := g.p.Process.Kill()
|
|
if err != nil {
|
|
g.log.WithError(err).Warning("failed to kill gunicorn")
|
|
}
|
|
}
|