Allow configuration of BindAddr and TLS certs

This commit is contained in:
Rob Watson 2021-11-26 17:22:25 +01:00
parent 4c999cd5a2
commit abf5398d24
4 changed files with 41 additions and 10 deletions

View File

@ -7,5 +7,7 @@ S3_BUCKET=
DATABASE_URL=
BIND_ADDR=
# If set, files in this location will be served over HTTP at /.
ASSETS_HTTP_BASE_PATH=

View File

@ -17,7 +17,6 @@ import (
)
const (
DefaultHTTPBindAddr = "0.0.0.0:8888"
DefaultTimeout = 600 * time.Second
)
@ -57,7 +56,6 @@ func main() {
serverOptions := server.Options{
Config: config,
BindAddr: DefaultHTTPBindAddr,
Timeout: DefaultTimeout,
Store: store,
YoutubeClient: &youtubeClient,

View File

@ -15,6 +15,9 @@ const (
type Config struct {
Environment Environment
BindAddr string
TLSCertFile string
TLSKeyFile string
DatabaseURL string
AWSAccessKeyID string
AWSSecretAccessKey string
@ -37,6 +40,17 @@ func NewFromEnv() (Config, error) {
return Config{}, fmt.Errorf("invalid ENV value: %s", envString)
}
bindAddr := os.Getenv("BIND_ADDR")
if bindAddr == "" {
bindAddr = "localhost:8888"
}
tlsCertFile := os.Getenv("TLS_CERT_FILE")
tlsKeyFile := os.Getenv("TLS_KEY_FILE")
if (tlsCertFile == "" && tlsKeyFile != "") || (tlsCertFile != "" && tlsKeyFile == "") {
return Config{}, errors.New("Both TLS_CERT_FILE and TLS_KEY_FILE must be set")
}
databaseURL := os.Getenv("DATABASE_URL")
if databaseURL == "" {
return Config{}, errors.New("DATABASE_URL not set")
@ -66,6 +80,9 @@ func NewFromEnv() (Config, error) {
return Config{
Environment: env,
BindAddr: bindAddr,
TLSCertFile: tlsCertFile,
TLSKeyFile: tlsKeyFile,
DatabaseURL: databaseURL,
AWSAccessKeyID: awsAccessKeyID,
AWSSecretAccessKey: awsSecretAccessKey,

View File

@ -18,6 +18,7 @@ import (
"go.uber.org/zap"
"google.golang.org/grpc"
"google.golang.org/grpc/codes"
"google.golang.org/grpc/credentials"
"google.golang.org/grpc/status"
"google.golang.org/protobuf/types/known/durationpb"
)
@ -61,7 +62,6 @@ func newResponseError(err error) *ResponseError {
type Options struct {
Config config.Config
BindAddr string
Timeout time.Duration
Store media.Store
YoutubeClient media.YoutubeClient
@ -240,7 +240,11 @@ func Start(options Options) error {
logger,
)
grpcServer := buildGRPCServer(options.Config, logger)
grpcServer, err := buildGRPCServer(options.Config, logger)
if err != nil {
return fmt.Errorf("error building server: %v", err)
}
mediaSetController := &mediaSetServiceController{mediaSetService: fetchMediaSetService, logger: logger.Sugar().Named("controller")}
pbmediaset.RegisterMediaSetServiceServer(grpcServer, mediaSetController)
@ -255,7 +259,7 @@ func Start(options Options) error {
}
httpServer := http.Server{
Addr: options.BindAddr,
Addr: options.Config.BindAddr,
ReadTimeout: options.Timeout,
WriteTimeout: options.Timeout,
Handler: http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
@ -267,7 +271,7 @@ func Start(options Options) error {
}),
}
log.Infof("Listening at %s", options.BindAddr)
log.Infof("Listening at %s", options.Config.BindAddr)
return httpServer.ListenAndServe()
}
@ -279,7 +283,7 @@ func buildLogger(c config.Config) (*zap.Logger, error) {
return zap.NewDevelopment()
}
func buildGRPCServer(c config.Config, logger *zap.Logger) *grpc.Server {
func buildGRPCServer(c config.Config, logger *zap.Logger) (*grpc.Server, error) {
unaryInterceptors := []grpc.UnaryServerInterceptor{
grpczap.UnaryServerInterceptor(logger),
}
@ -296,8 +300,18 @@ func buildGRPCServer(c config.Config, logger *zap.Logger) *grpc.Server {
streamInterceptors = append(streamInterceptors, grpcrecovery.StreamServerInterceptor(panicOpts...))
}
return grpc.NewServer(
options := []grpc.ServerOption{
grpc.StreamInterceptor(grpcmiddleware.ChainStreamServer(streamInterceptors...)),
grpc.UnaryInterceptor(grpcmiddleware.ChainUnaryServer(unaryInterceptors...)),
)
}
if c.TLSCertFile != "" && c.TLSKeyFile != "" {
creds, err := credentials.NewServerTLSFromFile(c.TLSCertFile, c.TLSKeyFile)
if err != nil {
return nil, fmt.Errorf("error building credentials: %v", err)
}
options = append(options, grpc.Creds(creds))
}
return grpc.NewServer(options...), nil
}