From 3c12df52d9a01172c0078996b6ba1a7b0a21a588 Mon Sep 17 00:00:00 2001
From: Andrew Udvare <audvare@gmail.com>
Date: Wed, 23 Jun 2021 11:22:51 -0400
Subject: [PATCH] =?UTF-8?q?feat:=20=F0=9F=8E=B8=20add=20support=20for=20us?=
 =?UTF-8?q?ing=20a=20UNIX=20domain=20socket?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 README.md        |  1 +
 config/config.go | 19 ++++++++++---------
 main.go          | 36 +++++++++++++++++++++++++++++++++++-
 3 files changed, 46 insertions(+), 10 deletions(-)

diff --git a/README.md b/README.md
index 9995b80..c48d8bc 100644
--- a/README.md
+++ b/README.md
@@ -151,6 +151,7 @@ You can specify configuration options either via a config file (default: `config
 | `server.port`               | `WAKAPI_PORT`               | `3000`         | Port to listen on                                                   |
 | `server.listen_ipv4`        | `WAKAPI_LISTEN_IPV4`        | `127.0.0.1`    | IPv4 network address to listen on (leave blank to disable IPv4)     |
 | `server.listen_ipv6`        | `WAKAPI_LISTEN_IPV6`        | `::1`          | IPv6 network address to listen on (leave blank to disable IPv6)     |
+| `server.listen_socket`      | `WAKAPI_LISTEN_SOCKET`      | -              | UNIX socket to listen on (leave blank to disable UNIX socket)       |
 | `server.tls_cert_path`      | `WAKAPI_TLS_CERT_PATH`      | -              | Path of SSL server certificate (leave blank to not use HTTPS)       |
 | `server.tls_key_path`       | `WAKAPI_TLS_KEY_PATH`       | -              | Path of SSL server private key (leave blank to not use HTTPS)       |
 | `server.base_path`          | `WAKAPI_BASE_PATH`          | `/`            | Web base path (change when running behind a proxy under a sub-path) |
diff --git a/config/config.go b/config/config.go
index f500714..4872b1a 100644
--- a/config/config.go
+++ b/config/config.go
@@ -95,13 +95,14 @@ type dbConfig struct {
 }
 
 type serverConfig struct {
-	Port        int    `default:"3000" env:"WAKAPI_PORT"`
-	ListenIpV4  string `yaml:"listen_ipv4" default:"127.0.0.1" env:"WAKAPI_LISTEN_IPV4"`
-	ListenIpV6  string `yaml:"listen_ipv6" default:"::1" env:"WAKAPI_LISTEN_IPV6"`
-	BasePath    string `yaml:"base_path" default:"/" env:"WAKAPI_BASE_PATH"`
-	PublicUrl   string `yaml:"public_url" default:"http://localhost:3000" env:"WAKAPI_PUBLIC_URL"`
-	TlsCertPath string `yaml:"tls_cert_path" default:"" env:"WAKAPI_TLS_CERT_PATH"`
-	TlsKeyPath  string `yaml:"tls_key_path" default:"" env:"WAKAPI_TLS_KEY_PATH"`
+	Port         int    `default:"3000" env:"WAKAPI_PORT"`
+	ListenIpV4   string `yaml:"listen_ipv4" default:"127.0.0.1" env:"WAKAPI_LISTEN_IPV4"`
+	ListenIpV6   string `yaml:"listen_ipv6" default:"::1" env:"WAKAPI_LISTEN_IPV6"`
+	ListenSocket string `yaml:"listen_socket" default:"" env:"WAKAPI_LISTEN_SOCKET"`
+	BasePath     string `yaml:"base_path" default:"/" env:"WAKAPI_BASE_PATH"`
+	PublicUrl    string `yaml:"public_url" default:"http://localhost:3000" env:"WAKAPI_PUBLIC_URL"`
+	TlsCertPath  string `yaml:"tls_cert_path" default:"" env:"WAKAPI_TLS_CERT_PATH"`
+	TlsKeyPath   string `yaml:"tls_key_path" default:"" env:"WAKAPI_TLS_KEY_PATH"`
 }
 
 type sentryConfig struct {
@@ -350,8 +351,8 @@ func Load(version string) *Config {
 	}
 
 	// some validation checks
-	if config.Server.ListenIpV4 == "" && config.Server.ListenIpV6 == "" {
-		logbuch.Fatal("either of listen_ipv4 or listen_ipv6 must be set")
+	if config.Server.ListenIpV4 == "" && config.Server.ListenIpV6 == "" && config.Server.ListenSocket == "" {
+		logbuch.Fatal("either of listen_ipv4 or listen_ipv6 or listen_socket must be set")
 	}
 	if config.Db.MaxConn <= 0 {
 		logbuch.Fatal("you must allow at least one database connection")
diff --git a/main.go b/main.go
index 386e828..ec866db 100644
--- a/main.go
+++ b/main.go
@@ -4,6 +4,7 @@ import (
 	"embed"
 	"io/fs"
 	"log"
+	"net"
 	"net/http"
 	"os"
 	"strconv"
@@ -233,7 +234,7 @@ func main() {
 }
 
 func listen(handler http.Handler) {
-	var s4, s6 *http.Server
+	var s4, s6, sSocket *http.Server
 
 	// IPv4
 	if config.Server.ListenIpV4 != "" {
@@ -257,6 +258,15 @@ func listen(handler http.Handler) {
 		}
 	}
 
+	// UNIX domain socket
+	if config.Server.ListenSocket != "" {
+		sSocket = &http.Server{
+			Handler: handler,
+			ReadTimeout:  10 * time.Second,
+			WriteTimeout: 10 * time.Second,
+		}
+	}
+
 	if config.UseTLS() {
 		if s4 != nil {
 			logbuch.Info("--> Listening for HTTPS on %s... ✅", s4.Addr)
@@ -274,6 +284,18 @@ func listen(handler http.Handler) {
 				}
 			}()
 		}
+		if sSocket != nil {
+			logbuch.Info("--> Listening for HTTPS on %s... ✅", config.Server.ListenSocket)
+			go func() {
+				unixListener, err := net.Listen("unix", config.Server.ListenSocket)
+				if err != nil {
+					logbuch.Fatal(err.Error())
+				}
+				if err := sSocket.ServeTLS(unixListener, config.Server.TlsCertPath, config.Server.TlsKeyPath); err != nil {
+					logbuch.Fatal(err.Error())
+				}
+			}()
+		}
 	} else {
 		if s4 != nil {
 			logbuch.Info("--> Listening for HTTP on %s... ✅", s4.Addr)
@@ -291,6 +313,18 @@ func listen(handler http.Handler) {
 				}
 			}()
 		}
+		if sSocket != nil {
+			logbuch.Info("--> Listening for HTTP on %s... ✅", config.Server.ListenSocket)
+			go func() {
+				unixListener, err := net.Listen("unix", config.Server.ListenSocket)
+				if err != nil {
+					logbuch.Fatal(err.Error())
+				}
+				if err := sSocket.Serve(unixListener); err != nil {
+					logbuch.Fatal(err.Error())
+				}
+			}()
+		}
 	}
 
 	<-make(chan interface{}, 1)