2017-08-03 08:13:53 -04:00
|
|
|
package main
|
|
|
|
|
|
|
|
import (
|
2021-09-06 06:37:52 -04:00
|
|
|
"embed"
|
2017-08-03 08:13:53 -04:00
|
|
|
"fmt"
|
2017-08-03 12:32:30 -04:00
|
|
|
"mime"
|
2017-08-03 08:13:53 -04:00
|
|
|
"net/http"
|
|
|
|
"os"
|
2017-08-03 12:32:30 -04:00
|
|
|
"path"
|
|
|
|
"strings"
|
2021-09-26 08:49:18 -04:00
|
|
|
"text/template"
|
2017-08-03 08:13:53 -04:00
|
|
|
|
|
|
|
"github.com/gorilla/mux"
|
2021-09-26 08:49:18 -04:00
|
|
|
"github.com/pkg/errors"
|
2017-08-03 08:13:53 -04:00
|
|
|
log "github.com/sirupsen/logrus"
|
2019-05-10 10:19:20 -04:00
|
|
|
|
2020-01-24 10:15:17 -05:00
|
|
|
http_helpers "github.com/Luzifer/go_helpers/v2/http"
|
|
|
|
"github.com/Luzifer/rconfig/v2"
|
2017-08-03 08:13:53 -04:00
|
|
|
)
|
|
|
|
|
|
|
|
var (
|
|
|
|
cfg struct {
|
|
|
|
Listen string `flag:"listen" default:":3000" description:"IP/Port to listen on"`
|
|
|
|
LogLevel string `flag:"log-level" default:"info" description:"Set log level (debug, info, warning, error)"`
|
|
|
|
StorageType string `flag:"storage-type" default:"mem" description:"Storage to use for putting secrets to" validate:"nonzero"`
|
|
|
|
VersionAndExit bool `flag:"version" default:"false" description:"Print version information and exit"`
|
|
|
|
}
|
|
|
|
|
|
|
|
product = "ots"
|
|
|
|
version = "dev"
|
|
|
|
)
|
|
|
|
|
2021-09-06 06:37:52 -04:00
|
|
|
//go:embed frontend/*
|
|
|
|
var assets embed.FS
|
|
|
|
|
2017-08-03 08:13:53 -04:00
|
|
|
func init() {
|
|
|
|
if err := rconfig.ParseAndValidate(&cfg); err != nil {
|
|
|
|
log.Fatalf("Error parsing CLI arguments: %s", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
if l, err := log.ParseLevel(cfg.LogLevel); err == nil {
|
|
|
|
log.SetLevel(l)
|
|
|
|
} else {
|
|
|
|
log.Fatalf("Invalid log level: %s", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
if cfg.VersionAndExit {
|
|
|
|
fmt.Printf("%s %s\n", product, version)
|
|
|
|
os.Exit(0)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func main() {
|
|
|
|
store, err := getStorageByType(cfg.StorageType)
|
|
|
|
if err != nil {
|
|
|
|
log.Fatalf("Could not initialize storage: %s", err)
|
|
|
|
}
|
|
|
|
api := newAPI(store)
|
|
|
|
|
|
|
|
r := mux.NewRouter()
|
2021-09-26 08:49:18 -04:00
|
|
|
r.Use(http_helpers.GzipHandler)
|
|
|
|
|
2017-08-03 08:13:53 -04:00
|
|
|
api.Register(r.PathPrefix("/api").Subrouter())
|
2021-09-26 08:49:18 -04:00
|
|
|
|
|
|
|
r.HandleFunc("/", handleIndex)
|
|
|
|
r.PathPrefix("/").HandlerFunc(assetDelivery)
|
2017-08-03 12:32:30 -04:00
|
|
|
|
|
|
|
log.Fatalf("HTTP server quit: %s", http.ListenAndServe(cfg.Listen, http_helpers.NewHTTPLogHandler(r)))
|
|
|
|
}
|
|
|
|
|
2021-09-26 08:49:18 -04:00
|
|
|
func assetDelivery(w http.ResponseWriter, r *http.Request) {
|
2017-08-03 12:32:30 -04:00
|
|
|
assetName := r.URL.Path
|
|
|
|
|
2021-09-06 06:33:38 -04:00
|
|
|
dot := strings.LastIndex(assetName, ".")
|
|
|
|
if dot < 0 {
|
2019-05-10 17:12:00 -04:00
|
|
|
// There are no assets with no dot in it
|
2021-09-26 08:49:18 -04:00
|
|
|
http.Error(w, "404 not found", http.StatusNotFound)
|
2019-05-10 17:12:00 -04:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2021-09-06 06:33:38 -04:00
|
|
|
ext := assetName[dot:]
|
2021-09-06 06:37:52 -04:00
|
|
|
assetData, err := assets.ReadFile(path.Join("frontend", assetName))
|
2017-08-03 12:32:30 -04:00
|
|
|
if err != nil {
|
2021-09-26 08:49:18 -04:00
|
|
|
http.Error(w, "404 not found", http.StatusNotFound)
|
2017-08-03 12:32:30 -04:00
|
|
|
return
|
|
|
|
}
|
2017-08-03 08:13:53 -04:00
|
|
|
|
2021-09-26 08:49:18 -04:00
|
|
|
w.Header().Set("Content-Type", mime.TypeByExtension(ext))
|
2021-09-26 10:47:25 -04:00
|
|
|
w.Header().Set("X-Content-Type-Options", "nosniff")
|
2021-09-26 08:49:18 -04:00
|
|
|
w.Write(assetData)
|
2019-05-10 17:12:00 -04:00
|
|
|
}
|
2017-08-04 15:16:00 -04:00
|
|
|
|
2021-09-26 10:47:25 -04:00
|
|
|
var (
|
|
|
|
// https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP
|
|
|
|
cspHeader = strings.Join([]string{
|
|
|
|
"default-src 'none'",
|
|
|
|
"connect-src 'self'",
|
|
|
|
"font-src 'self'",
|
|
|
|
"img-src 'self'",
|
|
|
|
"script-src 'self' 'unsafe-inline'",
|
|
|
|
"style-src 'self' 'unsafe-inline'",
|
|
|
|
}, ";")
|
|
|
|
|
|
|
|
indexTpl *template.Template
|
|
|
|
)
|
2017-08-04 15:16:00 -04:00
|
|
|
|
2021-09-26 10:47:25 -04:00
|
|
|
func init() {
|
|
|
|
source, err := assets.ReadFile("frontend/index.html")
|
2021-09-26 08:49:18 -04:00
|
|
|
if err != nil {
|
2021-09-26 10:47:25 -04:00
|
|
|
log.WithError(err).Fatal("frontend folder should contain index.html Go template")
|
2017-08-04 15:16:00 -04:00
|
|
|
}
|
2021-09-26 10:47:25 -04:00
|
|
|
indexTpl = template.Must(template.New("index.html").Funcs(tplFuncs).Parse(string(source)))
|
|
|
|
}
|
2017-08-04 15:16:00 -04:00
|
|
|
|
2021-09-26 10:47:25 -04:00
|
|
|
func handleIndex(w http.ResponseWriter, r *http.Request) {
|
|
|
|
w.Header().Set("Content-Type", "text/html; charset=utf-8")
|
|
|
|
w.Header().Set("Referrer-Policy", "no-referrer")
|
|
|
|
w.Header().Set("X-Frame-Options", "DENY")
|
|
|
|
w.Header().Set("X-Xss-Protection", "1; mode=block")
|
|
|
|
w.Header().Set("Content-Security-Policy", cspHeader)
|
|
|
|
w.Header().Set("X-Content-Type-Options", "nosniff")
|
|
|
|
|
|
|
|
if err := indexTpl.Execute(w, struct {
|
|
|
|
Version string
|
2021-09-26 08:49:18 -04:00
|
|
|
}{
|
2021-09-26 10:47:25 -04:00
|
|
|
Version: version,
|
2021-09-26 08:49:18 -04:00
|
|
|
}); err != nil {
|
2021-09-26 10:47:25 -04:00
|
|
|
http.Error(w, errors.Wrap(err, "executing template").Error(), http.StatusInternalServerError)
|
2021-09-26 08:49:18 -04:00
|
|
|
return
|
2019-05-10 17:12:00 -04:00
|
|
|
}
|
|
|
|
}
|