98 lines
2.0 KiB
Go
98 lines
2.0 KiB
Go
package main
|
|
|
|
import (
|
|
"context"
|
|
"os"
|
|
"os/signal"
|
|
"os/user"
|
|
"strconv"
|
|
"strings"
|
|
"syscall"
|
|
|
|
"tildegit.org/tjp/sliderule/logging"
|
|
)
|
|
|
|
type config struct {
|
|
hostname string
|
|
|
|
geminiRoot string
|
|
gopherRoot string
|
|
|
|
tlsKeyFile string
|
|
tlsCertFile string
|
|
|
|
privilegedUsers []string
|
|
|
|
fingerResponses map[string]string
|
|
|
|
geminiAutoAtom bool
|
|
}
|
|
|
|
func configure() config {
|
|
privileged := strings.Split(os.Getenv("PRIVILEGED_FINGERPRINTS"), ",")
|
|
|
|
fingers := map[string]string{}
|
|
for _, pair := range os.Environ() {
|
|
key, val, _ := strings.Cut(pair, "=")
|
|
if !strings.HasPrefix(key, "FINGER_") {
|
|
continue
|
|
}
|
|
fingers[strings.ToLower(key[7:])] = val
|
|
}
|
|
|
|
autoatom, err := strconv.ParseBool(os.Getenv("GEMINI_AUTOATOM"))
|
|
if err != nil {
|
|
autoatom = false
|
|
}
|
|
|
|
return config{
|
|
hostname: os.Getenv("HOST_NAME"),
|
|
geminiRoot: os.Getenv("GEMINI_ROOT"),
|
|
gopherRoot: os.Getenv("GOPHER_ROOT"),
|
|
tlsKeyFile: os.Getenv("TLS_KEY_FILE"),
|
|
tlsCertFile: os.Getenv("TLS_CERT_FILE"),
|
|
|
|
privilegedUsers: privileged,
|
|
|
|
fingerResponses: fingers,
|
|
|
|
geminiAutoAtom: autoatom,
|
|
}
|
|
}
|
|
|
|
func dropPrivileges() (bool, error) {
|
|
me, err := user.Current()
|
|
if err != nil {
|
|
return false, err
|
|
}
|
|
|
|
if me.Uid != "0" {
|
|
return false, nil
|
|
}
|
|
|
|
nobody, err := user.Lookup("nobody")
|
|
if err != nil {
|
|
return false, err
|
|
}
|
|
uid, err := strconv.Atoi(nobody.Uid)
|
|
if err != nil {
|
|
return false, err
|
|
}
|
|
|
|
if err := syscall.Setuid(uid); err != nil {
|
|
return false, err
|
|
}
|
|
return true, nil
|
|
}
|
|
|
|
func serverContext() (context.Context, logging.Logger, logging.Logger, logging.Logger, logging.Logger) {
|
|
debug, info, warn, err := logging.DefaultLoggers()
|
|
ctx, _ := signal.NotifyContext(context.Background(), syscall.SIGINT, syscall.SIGHUP)
|
|
ctx = context.WithValue(ctx, "debuglog", debug) //nolint:staticcheck
|
|
ctx = context.WithValue(ctx, "infolog", info) //nolint:staticcheck
|
|
ctx = context.WithValue(ctx, "warnlog", warn) //nolint:staticcheck
|
|
ctx = context.WithValue(ctx, "errorlog", err) //nolint:staticcheck
|
|
|
|
return ctx, debug, info, warn, err
|
|
}
|