root: more code merging

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-29 16:21:00 +02:00 · 2021-06-29 16:21:00 +02:00 · ff42663d3c
parent ce49d7ea5b
commit ff42663d3c
14 changed files with 64 additions and 80 deletions
--- a/cmd/server/main.go
+++ b/cmd/server/main.go
@ -1,7 +1,6 @@
 package main

 import (
-	"errors"
 	"fmt"
 	"net/url"
 	"os"
@ -40,48 +39,67 @@ func main() {

 	u, _ := url.Parse("http://localhost:8000")

+	g := gounicorn.NewGoUnicorn()
+	ws := web.NewWebServer()
+	defer g.Kill()
+	defer ws.Shutdown()
 	for {
-		g := gounicorn.NewGoUnicorn()
-		go attemptStartBackend(g)
+		go attemptStartBackend(g, ex)
+		ws.Start()
+		go attemptProxyStart(u, ex)

-		ws := web.NewWebServer()
-		ws.Run()
-
-		proxy :=
-
-			<-ex
-		ws.Stop()
+		<-ex
+		log.WithField("logger", "authentik").Debug("shutting down webserver")
+		ws.Shutdown()
+		log.WithField("logger", "authentik").Debug("killing gunicorn")
 		g.Kill()
 	}
-	go func() {
-
-		maxTries := 100
-		attempt := 0
-		for {
-			err := attemptProxyStart(u, ex)
-			if err != nil {
-				attempt += 1
-				time.Sleep(5 * time.Second)
-				if attempt > maxTries {
-					break
-				}
-			}
-		}
-	}()
 }

-func attemptStartBackend(g *gounicorn.GoUnicorn) error {
+func attemptStartBackend(g *gounicorn.GoUnicorn, exitSignal chan os.Signal) error {
 	for {
 		err := g.Start()
-		log.WithField("logger", "authentik.g").WithError(err).Warning("gunicorn process died, restarting")
+		select {
+		case <-exitSignal:
+			return nil
+		default:
+			log.WithField("logger", "authentik.g").WithError(err).Warning("gunicorn process died, restarting")
+		}
 	}
 }

-func attemptProxyStart(u *url.URL, exitSignal chan os.Signal) (*ak.APIController, error) {
-	ac := ak.NewAPIController(*u, config.G.SecretKey)
-	if ac == nil {
-		return nil, errors.New("failed to start")
+func attemptProxyStart(u *url.URL, exitSignal chan os.Signal) error {
+	maxTries := 100
+	attempt := 0
+	for {
+		log.WithField("logger", "authentik").Debug("attempting to init outpost")
+		ac := ak.NewAPIController(*u, config.G.SecretKey)
+		if ac == nil {
+			attempt += 1
+			time.Sleep(1 * time.Second)
+			if attempt > maxTries {
+				break
+			}
+			continue
+		}
+		ac.Server = proxy.NewServer(ac)
+		err := ac.Start()
+		log.WithField("logger", "authentik").Debug("attempting to start outpost")
+		if err != nil {
+			attempt += 1
+			time.Sleep(5 * time.Second)
+			if attempt > maxTries {
+				break
+			}
+			continue
+		}
+		select {
+		case <-exitSignal:
+			ac.Shutdown()
+			return nil
+		default:
+			break
+		}
 	}
-	ac.Server = proxy.NewServer(ac)
-	return ac, nil
+	return nil
 }
--- a/internal/outpost/ak/api.go
+++ b/internal/outpost/ak/api.go
@ -13,7 +13,7 @@ import (
 	"github.com/pkg/errors"
 	"github.com/recws-org/recws"
 	"goauthentik.io/internal/constants"
-	"goauthentik.io/outpost/api"
+	"goauthentik.io/api"

 	log "github.com/sirupsen/logrus"
 )
--- a/internal/outpost/ak/api_update.go
+++ b/internal/outpost/ak/api_update.go
@ -3,7 +3,7 @@ package ak
 import (
 	"context"

-	"goauthentik.io/outpost/api"
+	"goauthentik.io/api"
 )

 func (a *APIController) Update() ([]api.ProxyOutpostConfig, error) {
--- a/internal/outpost/ldap/instance_bind.go
+++ b/internal/outpost/ldap/instance_bind.go
@ -13,9 +13,9 @@ import (

 	goldap "github.com/go-ldap/ldap/v3"
 	"github.com/nmcclain/ldap"
+	"goauthentik.io/api"
 	"goauthentik.io/internal/constants"
 	"goauthentik.io/internal/outpost/ak"
-	"goauthentik.io/outpost/api"
 )

 const ContextUserKey = "ak_user"
--- a/internal/outpost/ldap/instance_search.go
+++ b/internal/outpost/ldap/instance_search.go
@ -8,7 +8,7 @@ import (
 	"strings"

 	"github.com/nmcclain/ldap"
-	"goauthentik.io/outpost/api"
+	"goauthentik.io/api"
 )

 func (pi *ProviderInstance) SearchMe(user api.User, searchReq ldap.SearchRequest, conn net.Conn) (ldap.ServerSearchResult, error) {
--- a/internal/outpost/ldap/ldap.go
+++ b/internal/outpost/ldap/ldap.go
@ -5,7 +5,7 @@ import (

 	"github.com/go-openapi/strfmt"
 	log "github.com/sirupsen/logrus"
-	"goauthentik.io/outpost/api"
+	"goauthentik.io/api"
 	"goauthentik.io/internal/outpost/ak"

 	"github.com/nmcclain/ldap"
--- a/internal/outpost/ldap/utils.go
+++ b/internal/outpost/ldap/utils.go
@ -4,7 +4,7 @@ import (
 	"fmt"

 	"github.com/nmcclain/ldap"
-	"goauthentik.io/outpost/api"
+	"goauthentik.io/api"
 )

 func AKAttrsToLDAP(attrs interface{}) []*ldap.EntryAttribute {
--- a/internal/outpost/proxy/api.go
+++ b/internal/outpost/proxy/api.go
@ -4,7 +4,7 @@ import (
 	"net/url"

 	log "github.com/sirupsen/logrus"
-	"goauthentik.io/outpost/api"
+	"goauthentik.io/api"
 )

 func (s *Server) Refresh() error {
--- a/internal/outpost/proxy/api_bundle.go
+++ b/internal/outpost/proxy/api_bundle.go
@ -15,7 +15,7 @@ import (
 	"github.com/oauth2-proxy/oauth2-proxy/pkg/middleware"
 	"github.com/oauth2-proxy/oauth2-proxy/pkg/validation"
 	log "github.com/sirupsen/logrus"
-	"goauthentik.io/outpost/api"
+	"goauthentik.io/api"
 )

 type providerBundle struct {
--- a/internal/outpost/proxy/proxy.go
+++ b/internal/outpost/proxy/proxy.go
@ -21,7 +21,7 @@ import (
 	"github.com/oauth2-proxy/oauth2-proxy/pkg/sessions"
 	"github.com/oauth2-proxy/oauth2-proxy/pkg/upstream"
 	"github.com/oauth2-proxy/oauth2-proxy/providers"
-	"goauthentik.io/outpost/api"
+	"goauthentik.io/api"

 	log "github.com/sirupsen/logrus"
 )
--- a/internal/web/web.go
+++ b/internal/web/web.go
@ -47,12 +47,12 @@ func NewWebServer() *WebServer {
 	return ws
 }

-func (ws *WebServer) Run() {
-	ws.listenPlain()
-	ws.listenTLS()
+func (ws *WebServer) Start() {
+	go ws.listenPlain()
+	go ws.listenTLS()
 }

-func (ws *WebServer) Stop() {
+func (ws *WebServer) Shutdown() {
 	ws.stop <- struct{}{}
 }

--- a/outpost/.dockerignore
+++ b/outpost/.dockerignore
@ -1,2 +0,0 @@
-Dockerfile.*
-.git
--- a/outpost/Makefile
+++ b/outpost/Makefile
@ -1,5 +0,0 @@
-all: clean
-
-clean:
-	go mod tidy
-	go clean .
--- a/outpost/README.md
+++ b/outpost/README.md
@ -1,27 +0,0 @@
-# authentik outpost
-
-[![CI Build status](https://img.shields.io/azure-devops/build/beryjuorg/authentik/8?style=flat-square)](https://dev.azure.com/beryjuorg/authentik/_build?definitionId=8)
-![Docker pulls (proxy)](https://img.shields.io/docker/pulls/beryju/authentik-proxy.svg?style=flat-square)
-![Docker pulls (ldap)](https://img.shields.io/docker/pulls/beryju/authentik-ldap.svg?style=flat-square)
-
-Reverse Proxy based on [oauth2_proxy](https://github.com/oauth2-proxy/oauth2-proxy), completely managed and monitored by authentik.
-
-LDAP Server using [ldap](https://github.com/nmcclain/ldap), completely managed and monitored by authentik.
-
-## Usage
-
-authentik Outpost is built to be configured by authentik itself, hence the only options you can directly give it are connection params.
-
-The following environment variable are implemented:
-
-`AUTHENTIK_HOST`: Full URL to the authentik instance with protocol, i.e. "https://authentik.company.tld"
-
-`AUTHENTIK_TOKEN`: Token used to authenticate against authentik. This is generated after an Outpost instance is created.
-
-`AUTHENTIK_INSECURE`: This environment variable can optionally be set to ignore the SSL Certificate of the authentik instance. Applies to both HTTP and WS connections.
-
-## Development
-
-authentik outpost uses an auto-generated API Client to communicate with authentik. This client is not kept in git. To generate the client locally, run `make gen-outpost` in the root directory of the repo.
-
-Afterwards you can build the outpost like any other Go project, using `go build ./cmd/proxy/server.go` or `go build ./cmd/ldap/server.go`.