From 71802da4e5af8fdc850d2f0e1db34d5df4c87721 Mon Sep 17 00:00:00 2001 From: r4ulcl Date: Thu, 5 Dec 2024 17:50:08 +0100 Subject: [PATCH] Port to int and set server timeouts --- README.md | 8 +++++--- manager.conf | 4 ++-- manager/manager.go | 27 ++++++++++++++++++++----- manager/sshTunnel/sshTunnel.go | 9 +++++---- manager/utils/structs.go | 4 ++-- worker.conf | 2 +- worker/managerrequest/managerRequest.go | 8 +++++--- worker/utils/structs.go | 2 +- 8 files changed, 43 insertions(+), 21 deletions(-) diff --git a/README.md b/README.md index 3083fe2..d74fc0f 100644 --- a/README.md +++ b/README.md @@ -140,7 +140,8 @@ The manager requires a configuration file named `manager.conf` to be present in }, "statusCheckSeconds": 10, "StatusCheckDown": 360, - "port": "8080", + "httpPort": 8080, + "httpsPort": 8443, "dbUsername": "your_username", "dbPassword": "your_password", "dbHost": "db", @@ -155,7 +156,8 @@ The manager requires a configuration file named `manager.conf` to be present in - `workers`: A map of worker names and their corresponding tokens for authentication. (In this case all workers use the same token called workers) - `statusCheckSeconds`: The interval in seconds between status check requests from the manager to the workers. - `StatusCheckDown`: The number of seconds after which a worker is marked as down if the status check request fails. -- `port`: The port on which the manager should listen for incoming connections. +- `httpPort`: The port on which the manager should listen for incoming connections without TLS. +- `httpsPort`: The port on which the manager should listen for incoming connections with TLS. - `dbUsername`: The username for the database connection. - `dbPassword`: The password for the database connection. - `dbHost`: The hostname of the database server. @@ -173,7 +175,7 @@ The worker requires a configuration file named `workerouter.conf` to be present "name": "", "iddleThreads": 2, "managerIP": "127.0.0.1", - "managerPort": "8080", + "managerPort": 8443, "managerOauthToken": "IeH0vpYFz2Yol6RdLvYZz62TFMv5FF", "CA": "./certs/ca-cert.pem", "insecureModules": true, diff --git a/manager.conf b/manager.conf index eb49bc0..f882bcc 100644 --- a/manager.conf +++ b/manager.conf @@ -9,8 +9,8 @@ }, "statusCheckSeconds": 10, "StatusCheckDown": 360, - "httpPort": "8080", - "httpsPort": "8443", + "httpPort": 8080, + "httpsPort": 8443, "dbUsername": "your_username", "dbPassword": "your_password", "dbHost": "db", diff --git a/manager/manager.go b/manager/manager.go index 56fc50d..05212e3 100644 --- a/manager/manager.go +++ b/manager/manager.go @@ -320,16 +320,25 @@ func StartManager(swagger bool, configFile, configSSHFile, configCloudFile strin http.Handle("/", router) // Start the servers - if config.CertFolder != "" { + if config.CertFolder != "" && config.HttpsPort > 0 && config.HttpsPort > 0 { + // Set string for the HTTPS port - httpsAddr := fmt.Sprintf(":%s", config.HttpsPort) + httpsAddr := fmt.Sprintf(":%d", config.HttpsPort) if verbose { log.Println("Starting HTTPS server on port", config.HttpsPort) } + // Start HTTPS server with timeouts + httpsServer := &http.Server{ + Addr: httpsAddr, + Handler: router, // Assuming you have a router defined + ReadTimeout: 10 * time.Second, + WriteTimeout: 10 * time.Second, + IdleTimeout: 15 * time.Second, + } // Start HTTPS server in a goroutine go func() { - err := http.ListenAndServeTLS(httpsAddr, config.CertFolder+"/cert.pem", config.CertFolder+"/key.pem", router) + err := httpsServer.ListenAndServeTLS(config.CertFolder+"/cert.pem", config.CertFolder+"/key.pem") if err != nil { log.Fatalf("Error starting HTTPS server: %v", err) } @@ -337,13 +346,21 @@ func StartManager(swagger bool, configFile, configSSHFile, configCloudFile strin } // Set string for the HTTP port - httpAddr := fmt.Sprintf(":%s", config.HttpPort) + httpAddr := fmt.Sprintf(":%d", config.HttpPort) if verbose { log.Println("Starting HTTP server on port", config.HttpPort) } + server := &http.Server{ + Addr: httpAddr, + Handler: nil, // or your router + ReadTimeout: 10 * time.Second, // Time to read the request + WriteTimeout: 10 * time.Second, // Time to send the response + IdleTimeout: 15 * time.Second, // Time to wait for the next request + } + // Start HTTP server - err = http.ListenAndServe(httpAddr, nil) + err = server.ListenAndServe() if err != nil { log.Fatalf("Error starting HTTP server: %v", err) } diff --git a/manager/sshTunnel/sshTunnel.go b/manager/sshTunnel/sshTunnel.go index 3a766c0..d077b51 100644 --- a/manager/sshTunnel/sshTunnel.go +++ b/manager/sshTunnel/sshTunnel.go @@ -7,6 +7,7 @@ import ( "log" "net" "os" + "strconv" "time" "github.com/r4ulcl/nTask/manager/utils" @@ -39,7 +40,7 @@ func publicKeyFile(file string) (ssh.AuthMethod, error) { // Maintain a map of active SSH connections var activeConnections = make(map[string]*ssh.Client) -func StartSSH(config *utils.ManagerSSHConfig, httpPort, httpsPort string, verbose, debug bool) { +func StartSSH(config *utils.ManagerSSHConfig, httpPort, httpsPort int, verbose, debug bool) { log.Println("SSH StartSSH") for { for ip, port := range config.IPPort { @@ -91,9 +92,9 @@ func StartSSH(config *utils.ManagerSSHConfig, httpPort, httpsPort string, verbos activeConnections[connectionKey] = sshClient // Port forwarding for HTTP and HTTPS - forwardPort := func(localPort, remotePort string) { - remoteAddr := "127.0.0.1:" + remotePort - localAddr := "127.0.0.1:" + localPort + forwardPort := func(localPort, remotePort int) { + remoteAddr := "127.0.0.1:" + strconv.Itoa(remotePort) + localAddr := "127.0.0.1:" + strconv.Itoa(localPort) if debug { log.Printf("SSH forwarding remoteAddr: %s to localAddr: %s", remoteAddr, localAddr) diff --git a/manager/utils/structs.go b/manager/utils/structs.go index f4e7047..b467da4 100644 --- a/manager/utils/structs.go +++ b/manager/utils/structs.go @@ -9,8 +9,8 @@ import ( type ManagerConfig struct { Users map[string]string `json:"users"` Workers map[string]string `json:"workers"` - HttpPort string `json:"httpPort"` - HttpsPort string `json:"httpsPort"` + HttpPort int `json:"httpPort"` + HttpsPort int `json:"httpsPort"` DBUsername string `json:"dbUsername"` DBPassword string `json:"dbPassword"` DBHost string `json:"dbHost"` diff --git a/worker.conf b/worker.conf index 7b3d8d3..5628986 100644 --- a/worker.conf +++ b/worker.conf @@ -2,7 +2,7 @@ "name": "", "defaultThreads": 2, "managerIP" : "nTask_manager", - "managerPort" : "8443", + "managerPort" : 8443, "managerOauthToken": "IeH0vpYFz2Yol6RdLvYZz62TFMv5FF", "CA": "./certs/ca-cert.pem", "insecureModules": false, diff --git a/worker/managerrequest/managerRequest.go b/worker/managerrequest/managerRequest.go index 21f5218..69a2df9 100644 --- a/worker/managerrequest/managerRequest.go +++ b/worker/managerrequest/managerRequest.go @@ -4,6 +4,7 @@ import ( "encoding/json" "log" "net/http" + "strconv" "sync" "github.com/gorilla/websocket" @@ -18,14 +19,15 @@ func CreateWebsocket(config *utils.WorkerConfig, caCertPath string, headers.Set("Authorization", config.ManagerOauthToken) var serverAddr string + portStr := strconv.Itoa(config.ManagerPort) if transport, ok := config.ClientHTTP.Transport.(*http.Transport); ok { if transport.TLSClientConfig != nil { - serverAddr = "wss://" + config.ManagerIP + ":" + config.ManagerPort + "/worker/websocket" + serverAddr = "wss://" + config.ManagerIP + ":" + portStr + "/worker/websocket" } else { - serverAddr = "ws://" + config.ManagerIP + ":" + config.ManagerPort + "/worker/websocket" + serverAddr = "ws://" + config.ManagerIP + ":" + portStr + "/worker/websocket" } } else { - serverAddr = "wss://" + config.ManagerIP + ":" + config.ManagerPort + "/worker/websocket" + serverAddr = "wss://" + config.ManagerIP + ":" + portStr + "/worker/websocket" } if debug { diff --git a/worker/utils/structs.go b/worker/utils/structs.go index d47142e..8b3b272 100644 --- a/worker/utils/structs.go +++ b/worker/utils/structs.go @@ -11,7 +11,7 @@ type WorkerConfig struct { Name string `json:"name"` DefaultThreads int `json:"defaultThreads"` ManagerIP string `json:"managerIP"` - ManagerPort string `json:"managerPort"` + ManagerPort int `json:"managerPort"` ManagerOauthToken string `json:"managerOauthToken"` CA string `json:"ca"` InsecureModules bool `json:"insecureModules"`