From 6981a1305f1db1dd5719766ca1b8b5145d21cc68 Mon Sep 17 00:00:00 2001 From: Chigozirim Igweamaka Date: Mon, 27 May 2024 00:54:25 +0100 Subject: [PATCH] Implement HTTPS server support; run server on HTTPS --- main.go | 74 ++++++++++++++++++++++++++------------- scripts/before_install.sh | 14 ++++++++ scripts/start_server.sh | 6 ++++ 3 files changed, 70 insertions(+), 24 deletions(-) diff --git a/main.go b/main.go index 1b3f639..fdc859c 100644 --- a/main.go +++ b/main.go @@ -2,6 +2,7 @@ package main import ( "context" + "crypto/tls" "encoding/base64" "encoding/json" "fmt" @@ -14,32 +15,21 @@ import ( "song-recognition/wav" "strings" - "github.com/gin-gonic/gin" "github.com/mdobak/go-xerrors" socketio "github.com/googollee/go-socket.io" + "github.com/googollee/go-socket.io/engineio" + "github.com/googollee/go-socket.io/engineio/transport" + "github.com/googollee/go-socket.io/engineio/transport/polling" + "github.com/googollee/go-socket.io/engineio/transport/websocket" ) const ( SONGS_DIR = "songs" ) -func GinMiddleware(allowOrigin string) gin.HandlerFunc { - return func(c *gin.Context) { - c.Writer.Header().Set("Access-Control-Allow-Origin", allowOrigin) - c.Writer.Header().Set("Access-Control-Allow-Credentials", "true") - c.Writer.Header().Set("Access-Control-Allow-Methods", "POST, OPTIONS, GET, PUT, DELETE") - c.Writer.Header().Set("Access-Control-Allow-Headers", "Accept, Authorization, Content-Type, Content-Length, X-CSRF-Token, Token, session, Origin, Host, Connection, Accept-Encoding, Accept-Language, X-Requested-With") - - if c.Request.Method == http.MethodOptions { - c.AbortWithStatus(http.StatusNoContent) - return - } - - c.Request.Header.Del("Origin") - - c.Next() - } +var allowOriginFunc = func(r *http.Request) bool { + return true } func downloadStatus(statusType, message string) string { @@ -63,9 +53,17 @@ type RecordData struct { } func main() { - router := gin.New() - server := socketio.NewServer(nil) + server := socketio.NewServer(&engineio.Options{ + Transports: []transport.Transport{ + &polling.Transport{ + CheckOrigin: allowOriginFunc, + }, + &websocket.Transport{ + CheckOrigin: allowOriginFunc, + }, + }, + }) logger := utils.GetLogger() ctx := context.Background() @@ -316,11 +314,39 @@ func main() { }() defer server.Close() - router.Use(GinMiddleware("http://localhost:3000")) - router.GET("/socket.io/*any", gin.WrapH(server)) - router.POST("/socket.io/*any", gin.WrapH(server)) + SERVE_HTTPS := strings.ToLower(utils.GetEnv("SERVE_HTTPS")) + serveHTTPS := SERVE_HTTPS == "true" - if err := router.Run(":5000"); err != nil { - log.Fatal("failed run app: ", err) + serveHTTP(server, serveHTTPS) +} + +func serveHTTP(socketServer *socketio.Server, serveHTTPS bool) { + http.Handle("/socket.io/", socketServer) + + if serveHTTPS { + httpsAddr := ":443" + httpsServer := &http.Server{ + Addr: httpsAddr, + TLSConfig: &tls.Config{ + MinVersion: tls.VersionTLS12, + }, + Handler: socketServer, + } + + cert_key := utils.GetEnv("CERT_KEY") + cert_file := utils.GetEnv("CERT_FILE") + if cert_key == "" || cert_file == "" { + log.Fatal("Missing cert") + } + + log.Printf("Starting HTTPS server on %s\n", httpsAddr) + if err := httpsServer.ListenAndServeTLS(cert_file, cert_key); err != nil { + log.Fatalf("HTTPS server ListenAndServeTLS: %v", err) + } + } + + log.Printf("Starting HTTP server on port 80") + if err := http.ListenAndServe(":80", nil); err != nil { + log.Fatalf("HTTP server ListenAndServe: %v", err) } } diff --git a/scripts/before_install.sh b/scripts/before_install.sh index 2433332..ef724ed 100644 --- a/scripts/before_install.sh +++ b/scripts/before_install.sh @@ -12,6 +12,20 @@ sudo apt -y install npm # install ffmpeg sudo apt-get -y install ffmpeg +# install Certbot +DOMAIN="localport.online" +EMAIL="cgzirim@gmail.com" +CERT_DIR="/etc/letsencrypt/live/$DOMAIN" + +if [ ! -f "$CERT_DIR" ]; then + sudo apt install -y certbot + sudo certbot certonly --standalone -d $DOMAIN --email $EMAIL --agree-tos --non-interactive + if [ $? -eq 0 ]; then + sudo chmod u+r "$CERT_DIR/privkey.pem" + sudo chmod u+r "$CERT_DIR/fullchain.pem" + fi +fi + # Install MongoDB only if not already present if [ ! -f "/usr/bin/mongod" ]; then sudo apt-get install gnupg curl diff --git a/scripts/start_server.sh b/scripts/start_server.sh index fef510a..b5e366f 100644 --- a/scripts/start_server.sh +++ b/scripts/start_server.sh @@ -2,7 +2,13 @@ start_server() { cd /home/ubuntu/song-recognition + + export SERVE_HTTPS="true" + export CERT_KEY_PATH="/etc/letsencrypt/live/localport.online/fullchain.pem" + export CERT_FILE_PATH="/etc/letsencrypt/live/localport.online/privkey.pem" + go build -tags netgo -ldflags '-s -w' -o app + sudo setcap CAP_NET_BIND_SERVICE+ep app nohup ./app > backend.log 2>&1 & }