forked from Luzifer/ots
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathmain.go
More file actions
131 lines (108 loc) · 3.27 KB
/
Copy pathmain.go
File metadata and controls
131 lines (108 loc) · 3.27 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
package main
import (
"embed"
"fmt"
"mime"
"net/http"
"os"
"path"
"strings"
"text/template"
"github.com/gorilla/mux"
"github.com/pkg/errors"
log "github.com/sirupsen/logrus"
http_helpers "github.com/Luzifer/go_helpers/v2/http"
"github.com/Luzifer/rconfig/v2"
)
var (
cfg struct {
Listen string `flag:"listen" default:":3000" description:"IP/Port to listen on"`
LogLevel string `flag:"log-level" default:"info" description:"Set log level (debug, info, warning, error)"`
StorageType string `flag:"storage-type" default:"mem" description:"Storage to use for putting secrets to" validate:"nonzero"`
VersionAndExit bool `flag:"version" default:"false" description:"Print version information and exit"`
}
product = "ots"
version = "dev"
)
//go:embed frontend/*
var assets embed.FS
func init() {
if err := rconfig.ParseAndValidate(&cfg); err != nil {
log.Fatalf("Error parsing CLI arguments: %s", err)
}
if l, err := log.ParseLevel(cfg.LogLevel); err == nil {
log.SetLevel(l)
} else {
log.Fatalf("Invalid log level: %s", err)
}
if cfg.VersionAndExit {
fmt.Printf("%s %s\n", product, version)
os.Exit(0)
}
}
func main() {
store, err := getStorageByType(cfg.StorageType)
if err != nil {
log.Fatalf("Could not initialize storage: %s", err)
}
api := newAPI(store)
r := mux.NewRouter()
r.Use(http_helpers.GzipHandler)
api.Register(r.PathPrefix("/api").Subrouter())
r.HandleFunc("/", handleIndex)
r.PathPrefix("/").HandlerFunc(assetDelivery)
log.Fatalf("HTTP server quit: %s", http.ListenAndServe(cfg.Listen, http_helpers.NewHTTPLogHandler(r)))
}
func assetDelivery(w http.ResponseWriter, r *http.Request) {
assetName := r.URL.Path
dot := strings.LastIndex(assetName, ".")
if dot < 0 {
// There are no assets with no dot in it
http.Error(w, "404 not found", http.StatusNotFound)
return
}
ext := assetName[dot:]
assetData, err := assets.ReadFile(path.Join("frontend", assetName))
if err != nil {
http.Error(w, "404 not found", http.StatusNotFound)
return
}
w.Header().Set("Content-Type", mime.TypeByExtension(ext))
w.Header().Set("X-Content-Type-Options", "nosniff")
w.Write(assetData)
}
var (
// https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP
cspHeader = strings.Join([]string{
"default-src 'none'",
"connect-src 'self'",
"font-src 'self'",
"img-src 'self'",
"script-src 'self' 'unsafe-inline'",
"style-src 'self' 'unsafe-inline'",
}, ";")
indexTpl *template.Template
)
func init() {
source, err := assets.ReadFile("frontend/index.html")
if err != nil {
log.WithError(err).Fatal("frontend folder should contain index.html Go template")
}
indexTpl = template.Must(template.New("index.html").Funcs(tplFuncs).Parse(string(source)))
}
func handleIndex(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "text/html; charset=utf-8")
w.Header().Set("Referrer-Policy", "no-referrer")
w.Header().Set("X-Frame-Options", "DENY")
w.Header().Set("X-Xss-Protection", "1; mode=block")
w.Header().Set("Content-Security-Policy", cspHeader)
w.Header().Set("X-Content-Type-Options", "nosniff")
if err := indexTpl.Execute(w, struct {
Version string
}{
Version: version,
}); err != nil {
http.Error(w, errors.Wrap(err, "executing template").Error(), http.StatusInternalServerError)
return
}
}