-
-
Notifications
You must be signed in to change notification settings - Fork 4.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Implement issue #6296 passing FDs / socket activation #6543
Conversation
I tested the above config with a systemd socket unit.
|
Keep in mind, those gosec workarounds won't be needed once their bug is fixed. |
yeah, it might be worth adding a TODO to remove most of them. for now i just wanted the tests to turn green. |
I'll take a stab at windows support, but now I'm not sure if it's worth nolinting all the G115 errors :[ |
support for non unix builds was simple enough, but I don't want to nolint all those integer conversions. I feel it'd be better to remove the ones I added, and let G115 stay red / disable it. otherwise, this where I want it to be. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for working on this. It's quite a big change, and I'm not sure I follow every aspect of it. If we merge this in are you able to commit to helping fix any bugs that are reported related to this? Especially since the need seems to be fairly niche.
But all things considered this looks doable... just complicated 😵
listeners.go
Outdated
// ListenQUIC returns a quic.EarlyListener suitable for use in a Caddy module. | ||
// The network will be transformed into a QUIC-compatible type (if unix, then | ||
// unixgram will be used; otherwise, udp will be used). | ||
// | ||
// NOTE: This API is EXPERIMENTAL and may be changed or removed. | ||
func (na NetworkAddress) ListenQUIC(ctx context.Context, portOffset uint, config net.ListenConfig, tlsConf *tls.Config) (http3.QUICEarlyListener, error) { | ||
func (na NetworkAddress) ListenQUICWithSocket(ctx context.Context, portOffset uint, config net.ListenConfig, tlsConf *tls.Config, socket string) (http3.QUICEarlyListener, error) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Update the godoc to describe the socket parameter
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
📝
listeners.go
Outdated
@@ -400,16 +453,20 @@ func JoinNetworkAddress(network, host, port string) string { | |||
return a | |||
} | |||
|
|||
func (na NetworkAddress) ListenQUIC(ctx context.Context, portOffset uint, config net.ListenConfig, tlsConf *tls.Config) (http3.QUICEarlyListener, error) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Let's put a godoc comment on this; you could even do something like "LisenQUIC is the same as ListenQUICWithSocket but without a special socket."
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
both funcs have doc comments now 👍
listeners.go
Outdated
return na.ListenWithSocket(ctx, portOffset, config, "") | ||
} | ||
|
||
func (na NetworkAddress) ListenWithSocket(ctx context.Context, portOffset uint, config net.ListenConfig, socket string) (any, error) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Godoc; describe the socket parameter. (Do this for all new/changed methods.)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
all the socket
and socketFile
parameters have been documented
yep, and I'll need those bugs fixed as much as anyone who reports them. a big part of the diff is the optional block for to decide which addresses to serve h3 with, protocols are mapped the way that listener addresses already were, where each address is 1:N with protocols, and each protocol is 1:N with server blocks. then all three are reduced to an N:N:N association, "which listen addresses serve which protocols from which servers". so we can still assume that when h3 is enabled on a tcp/ address it is intentional, "i want to serve h3 on this host and port with udp", but now if h3 is enabled on a unix/ address, that is an error even when h3 is the only protocol enabled. h3 can be disabled for each address individually, so it can be served from any udp or unixgram address you want instead. I'll document those |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you so much. This is probably a high-quality change, from the looks of it, so I'd say we can give this a shot. I am sorry it has taken me so long to get to this point. I don't fully grok all the changes here, but I like seeing test cases and the ongoing maintenance of this PR. Thanks again, and please stick around and contribute again :)
of course, I really think the changes are simpler than the diff makes them seem. if you are available for a voice call tomorrow, i can probably talk through them better than i can write them out here. thinking from the angle that every listener needs to read at most one unique file descriptor number from the config, and then make a listener from it, each chunk is just the next most necessary change. |
@mholt today i thought more about the approach in https://github.com/WeidiDeng/caddy-socket-activation , and considered that we could also register two networks, with addresses like but i think socket fds really have the same requirements as unix sockets in the pool, just without needing being unlinked. so instead, we could treat this interface feels much better in my head, so if it is ok to superset the net.go known networks I'll make a third branch for it. then as a bonus i can make a really funny plugin that uses |
@MayCXC Actually I really like the sound of that. If it's not too much trouble I would like to see it! I was about to merge this -- but again, its complexity caused hesitation. Would definitely be curious about this other approach :) |
just in time for me to talk you out of it 😆 |
closing in favor of #6573 |
Implements #6296 without the changes to existing config fields made by #6507. Example Caddyfile:
the
sockets
global option is now used instead ofservers
, to differentiate that while its first argument is a listen address, it applies to all the servers that bind to it, not just the ones that bind to it first. thebind
directive can now be followed with an optional block and aprotocols
subdirective, which specifies which protocols to serve that listen address with.this can be used to separate the tcp and udp listeners for a h1+h2+h3 server, which is needed for socket activation. it also allows for other configurations that previously resulted in errors, like serving h1 and h2 on a unix socket and h3 on a unixgram socket with the same server.