mirror of
https://github.com/photoprism/photoprism.git
synced 2025-10-11 03:31:09 +08:00
237 lines
6.1 KiB
Go
237 lines
6.1 KiB
Go
package server
|
|
|
|
import (
|
|
"context"
|
|
"crypto/tls"
|
|
"errors"
|
|
"fmt"
|
|
"net"
|
|
"net/http"
|
|
"time"
|
|
|
|
"golang.org/x/crypto/acme/autocert"
|
|
"golang.org/x/sync/errgroup"
|
|
|
|
"github.com/gin-contrib/gzip"
|
|
"github.com/gin-gonic/gin"
|
|
|
|
"github.com/photoprism/photoprism/internal/config"
|
|
"github.com/photoprism/photoprism/pkg/header"
|
|
)
|
|
|
|
// Start the REST API server using the configuration provided
|
|
func Start(ctx context.Context, conf *config.Config) {
|
|
defer func() {
|
|
if err := recover(); err != nil {
|
|
log.Error(err)
|
|
}
|
|
}()
|
|
|
|
start := time.Now()
|
|
|
|
// Set web server mode.
|
|
if conf.HttpMode() != "" {
|
|
gin.SetMode(conf.HttpMode())
|
|
} else if conf.Debug() == false {
|
|
gin.SetMode(gin.ReleaseMode)
|
|
}
|
|
|
|
// Create new router engine without standard middleware.
|
|
router := gin.New()
|
|
|
|
// Set proxy addresses from which headers related to the client and protocol can be trusted
|
|
if err := router.SetTrustedProxies(conf.TrustedProxies()); err != nil {
|
|
log.Warnf("server: %s", err)
|
|
}
|
|
|
|
// Register panic recovery middleware.
|
|
router.Use(Recovery())
|
|
|
|
// Register logger middleware if debug mode is enabled.
|
|
if conf.Debug() {
|
|
router.Use(Logger())
|
|
}
|
|
|
|
// Register compression middleware if enabled in the configuration.
|
|
switch conf.HttpCompression() {
|
|
case "br", "brotli":
|
|
log.Infof("server: brotli compression is currently not supported")
|
|
case "gzip":
|
|
router.Use(gzip.Gzip(
|
|
gzip.DefaultCompression,
|
|
gzip.WithExcludedExtensions([]string{
|
|
".png", ".gif", ".jpeg", ".jpg", ".webp", ".mp3", ".mp4", ".zip", ".gz",
|
|
}),
|
|
gzip.WithExcludedPaths([]string{
|
|
conf.BaseUri("/health"),
|
|
conf.BaseUri(config.ApiUri + "/t"),
|
|
conf.BaseUri(config.ApiUri + "/folders/t"),
|
|
conf.BaseUri(config.ApiUri + "/zip"),
|
|
conf.BaseUri(config.ApiUri + "/albums"),
|
|
conf.BaseUri(config.ApiUri + "/labels"),
|
|
conf.BaseUri(config.ApiUri + "/videos"),
|
|
}),
|
|
))
|
|
log.Infof("server: enabled gzip compression")
|
|
}
|
|
|
|
// Register security middleware.
|
|
router.Use(Security(conf))
|
|
|
|
// Register robots tag middleware.
|
|
router.Use(Robots(conf))
|
|
|
|
// Create REST API router group.
|
|
APIv1 = router.Group(conf.BaseUri(config.ApiUri), Api(conf))
|
|
|
|
// Initialize package extensions.
|
|
Ext().Init(router, conf)
|
|
|
|
// Find and load templates.
|
|
router.LoadHTMLFiles(conf.TemplateFiles()...)
|
|
|
|
// Register application routes.
|
|
registerRoutes(router, conf)
|
|
|
|
// Register "GET /health" route so clients can perform health checks.
|
|
router.GET(conf.BaseUri("/health"), func(c *gin.Context) {
|
|
c.Header(header.CacheControl, header.CacheControlNoStore)
|
|
c.Header(header.AccessControlAllowOrigin, header.Any)
|
|
c.String(http.StatusOK, "OK")
|
|
})
|
|
|
|
// Start web server.
|
|
var tlsErr error
|
|
var tlsManager *autocert.Manager
|
|
var server *http.Server
|
|
|
|
if unixSocket := conf.HttpSocket(); unixSocket != "" {
|
|
var listener net.Listener
|
|
var unixAddr *net.UnixAddr
|
|
var err error
|
|
|
|
if unixAddr, err = net.ResolveUnixAddr("unix", unixSocket); err != nil {
|
|
log.Errorf("server: invalid unix socket (%s)", err)
|
|
return
|
|
} else if listener, err = net.ListenUnix("unix", unixAddr); err != nil {
|
|
log.Errorf("server: failed to listen on unix socket (%s)", err)
|
|
return
|
|
} else {
|
|
server = &http.Server{
|
|
Addr: unixSocket,
|
|
Handler: router,
|
|
}
|
|
|
|
log.Infof("server: listening on %s [%s]", unixSocket, time.Since(start))
|
|
|
|
go StartHttp(server, listener)
|
|
}
|
|
} else if tlsManager, tlsErr = AutoTLS(conf); tlsErr == nil {
|
|
log.Infof("server: starting in auto tls mode")
|
|
|
|
tlsSocket := fmt.Sprintf("%s:%d", conf.HttpHost(), conf.HttpPort())
|
|
tlsConfig := tlsManager.TLSConfig()
|
|
tlsConfig.MinVersion = tls.VersionTLS12
|
|
|
|
server = &http.Server{
|
|
Addr: tlsSocket,
|
|
TLSConfig: tlsConfig,
|
|
Handler: router,
|
|
}
|
|
|
|
log.Infof("server: listening on %s [%s]", server.Addr, time.Since(start))
|
|
go StartAutoTLS(server, tlsManager, conf)
|
|
} else if publicCert, privateKey := conf.TLS(); unixSocket == "" && publicCert != "" && privateKey != "" {
|
|
log.Infof("server: starting in tls mode")
|
|
|
|
tlsSocket := fmt.Sprintf("%s:%d", conf.HttpHost(), conf.HttpPort())
|
|
tlsConfig := &tls.Config{
|
|
MinVersion: tls.VersionTLS12,
|
|
}
|
|
|
|
server = &http.Server{
|
|
Addr: tlsSocket,
|
|
TLSConfig: tlsConfig,
|
|
Handler: router,
|
|
}
|
|
|
|
log.Infof("server: listening on %s [%s]", server.Addr, time.Since(start))
|
|
go StartTLS(server, publicCert, privateKey)
|
|
} else {
|
|
log.Infof("server: %s", tlsErr)
|
|
|
|
tcpSocket := fmt.Sprintf("%s:%d", conf.HttpHost(), conf.HttpPort())
|
|
|
|
if listener, err := net.Listen("tcp", tcpSocket); err != nil {
|
|
log.Errorf("server: %s", err)
|
|
return
|
|
} else {
|
|
server = &http.Server{
|
|
Addr: tcpSocket,
|
|
Handler: router,
|
|
}
|
|
|
|
log.Infof("server: listening on %s [%s]", server.Addr, time.Since(start))
|
|
|
|
go StartHttp(server, listener)
|
|
}
|
|
}
|
|
|
|
// Graceful web server shutdown.
|
|
<-ctx.Done()
|
|
log.Info("server: shutting down")
|
|
err := server.Close()
|
|
if err != nil {
|
|
log.Errorf("server: shutdown failed (%s)", err)
|
|
}
|
|
}
|
|
|
|
// StartHttp starts the Web server in http mode.
|
|
func StartHttp(s *http.Server, l net.Listener) {
|
|
if err := s.Serve(l); err != nil {
|
|
if errors.Is(err, http.ErrServerClosed) {
|
|
log.Info("server: shutdown complete")
|
|
} else {
|
|
log.Errorf("server: %s", err)
|
|
}
|
|
}
|
|
}
|
|
|
|
// StartTLS starts the Web server in https mode.
|
|
func StartTLS(s *http.Server, httpsCert, privateKey string) {
|
|
if err := s.ListenAndServeTLS(httpsCert, privateKey); err != nil {
|
|
if errors.Is(err, http.ErrServerClosed) {
|
|
log.Info("server: shutdown complete")
|
|
} else {
|
|
log.Errorf("server: %s", err)
|
|
}
|
|
}
|
|
}
|
|
|
|
// StartAutoTLS starts the Web server with auto tls enabled.
|
|
func StartAutoTLS(s *http.Server, m *autocert.Manager, conf *config.Config) {
|
|
var g errgroup.Group
|
|
|
|
g.Go(func() error {
|
|
return http.ListenAndServe(fmt.Sprintf("%s:%d", conf.HttpHost(), conf.HttpPort()), m.HTTPHandler(http.HandlerFunc(redirect)))
|
|
})
|
|
|
|
g.Go(func() error {
|
|
return s.ListenAndServeTLS("", "")
|
|
})
|
|
|
|
if err := g.Wait(); err != nil {
|
|
if errors.Is(err, http.ErrServerClosed) {
|
|
log.Info("server: shutdown complete")
|
|
} else {
|
|
log.Errorf("server: %s", err)
|
|
}
|
|
}
|
|
}
|
|
|
|
func redirect(w http.ResponseWriter, req *http.Request) {
|
|
target := "https://" + req.Host + req.RequestURI
|
|
|
|
http.Redirect(w, req, target, httpsRedirect)
|
|
}
|