gitea/modules/private/internal.go

// Copyright 2017 The Gitea Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.

package private

import (
	"context"
	"crypto/tls"
	"fmt"
	"net"
	"net/http"

	"code.gitea.io/gitea/modules/httplib"
	"code.gitea.io/gitea/modules/json"
	"code.gitea.io/gitea/modules/log"
	"code.gitea.io/gitea/modules/setting"
)

func newRequest(ctx context.Context, url, method string) *httplib.Request {
	if setting.InternalToken == "" {
		log.Fatal(`The INTERNAL_TOKEN setting is missing from the configuration file: %q.
Ensure you are running in the correct environment or set the correct configuration file with -c.`, setting.CustomConf)
	}
	return httplib.NewRequest(url, method).
		SetContext(ctx).
		Header("Authorization", fmt.Sprintf("Bearer %s", setting.InternalToken))
}

// Response internal request response
type Response struct {
	Err string `json:"err"`
}

func decodeJSONError(resp *http.Response) *Response {
	var res Response
	err := json.NewDecoder(resp.Body).Decode(&res)
	if err != nil {
		res.Err = err.Error()
	}
	return &res
}

func newInternalRequest(ctx context.Context, url, method string) *httplib.Request {
	req := newRequest(ctx, url, method).SetTLSClientConfig(&tls.Config{
		InsecureSkipVerify: true,
		ServerName:         setting.Domain,
	})
	if setting.Protocol == setting.UnixSocket {
		req.SetTransport(&http.Transport{
			DialContext: func(ctx context.Context, _, _ string) (net.Conn, error) {
				var d net.Dialer
				return d.DialContext(ctx, "unix", setting.HTTPAddr)
			},
		})
	}
	return req
}
Drop db operations from hook commands (#1514) * move all database operations from hook command to web command and instead of internal routes * bug fixed * adjust the import path sequences * remove unused return value on hookSetup 2017-05-04 07:42:02 +02:00			`// Copyright 2017 The Gitea Authors. All rights reserved.`
			`// Use of this source code is governed by a MIT-style`
			`// license that can be found in the LICENSE file.`

Add internal routes for ssh hook comands (#1471) * add internal routes for ssh hook comands * fix lint * add comment on why package named private not internal but the route name is internal * add comment above package private why package named private not internal but the route name is internal * remove exp time on internal access * move routes from /internal to /api/internal * add comment and defer on UpdatePublicKeyUpdated 2017-04-19 05:45:01 +02:00			`package private`

			`import (`
Second attempt at preventing zombies (#16326) * Second attempt at preventing zombies * Ensure that the pipes are closed in ssh.go * Ensure that a cancellable context is passed up in cmd/* http requests * Make cmd.fail return properly so defers are obeyed * Ensure that something is sent to stdout in case of blocks here Signed-off-by: Andrew Thornton <art27@cantab.net> * placate lint Signed-off-by: Andrew Thornton <art27@cantab.net> * placate lint 2 Signed-off-by: Andrew Thornton <art27@cantab.net> * placate lint 3 Signed-off-by: Andrew Thornton <art27@cantab.net> * fixup Signed-off-by: Andrew Thornton <art27@cantab.net> * Apply suggestions from code review Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: Lauris BH <lauris@nix.lv> 2021-07-14 16:43:13 +02:00			`"context"`
Add internal routes for ssh hook comands (#1471) * add internal routes for ssh hook comands * fix lint * add comment on why package named private not internal but the route name is internal * add comment above package private why package named private not internal but the route name is internal * remove exp time on internal access * move routes from /internal to /api/internal * add comment and defer on UpdatePublicKeyUpdated 2017-04-19 05:45:01 +02:00			`"crypto/tls"`
			`"fmt"`
Fix internal requests when gitea listens to unix socket or only external IP (#2234) * Fix internal requests when gitea listens to unix socket or only external IP * When Gitea is set to listen using FastCGI use AppURL for LocalURL 2017-08-03 17:32:13 +02:00			`"net"`
Add internal routes for ssh hook comands (#1471) * add internal routes for ssh hook comands * fix lint * add comment on why package named private not internal but the route name is internal * add comment above package private why package named private not internal but the route name is internal * remove exp time on internal access * move routes from /internal to /api/internal * add comment and defer on UpdatePublicKeyUpdated 2017-04-19 05:45:01 +02:00			`"net/http"`

			`"code.gitea.io/gitea/modules/httplib"`
Add an abstract json layout to make it's easier to change json library (#16528) * Add an abstract json layout to make it's easier to change json library * Fix import * Fix import sequence * Fix blank lines * Fix blank lines 2021-07-24 18:03:58 +02:00			`"code.gitea.io/gitea/modules/json"`
Improve install code to avoid low-level mistakes. (#17779) * Improve install code to avoid low-level mistakes. If a user tries to do a re-install in a Gitea database, they gets a warning and double check. When Gitea runs, it never create empty app.ini automatically. Also some small (related) refactoring: * Refactor db.InitEngine related logic make it more clean (especially for the install code) * Move some i18n strings out from setting.go to make the setting.go can be easily maintained. * Show errors in CLI code if an incorrect app.ini is used. * APP_DATA_PATH is created when installing, and checked when starting (no empty directory is created any more). 2021-12-01 08:50:01 +01:00			`"code.gitea.io/gitea/modules/log"`
Add internal routes for ssh hook comands (#1471) * add internal routes for ssh hook comands * fix lint * add comment on why package named private not internal but the route name is internal * add comment above package private why package named private not internal but the route name is internal * remove exp time on internal access * move routes from /internal to /api/internal * add comment and defer on UpdatePublicKeyUpdated 2017-04-19 05:45:01 +02:00			`"code.gitea.io/gitea/modules/setting"`
			`)`

Second attempt at preventing zombies (#16326) * Second attempt at preventing zombies * Ensure that the pipes are closed in ssh.go * Ensure that a cancellable context is passed up in cmd/* http requests * Make cmd.fail return properly so defers are obeyed * Ensure that something is sent to stdout in case of blocks here Signed-off-by: Andrew Thornton <art27@cantab.net> * placate lint Signed-off-by: Andrew Thornton <art27@cantab.net> * placate lint 2 Signed-off-by: Andrew Thornton <art27@cantab.net> * placate lint 3 Signed-off-by: Andrew Thornton <art27@cantab.net> * fixup Signed-off-by: Andrew Thornton <art27@cantab.net> * Apply suggestions from code review Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: Lauris BH <lauris@nix.lv> 2021-07-14 16:43:13 +02:00			`func newRequest(ctx context.Context, url, method string) *httplib.Request {`
Improve install code to avoid low-level mistakes. (#17779) * Improve install code to avoid low-level mistakes. If a user tries to do a re-install in a Gitea database, they gets a warning and double check. When Gitea runs, it never create empty app.ini automatically. Also some small (related) refactoring: * Refactor db.InitEngine related logic make it more clean (especially for the install code) * Move some i18n strings out from setting.go to make the setting.go can be easily maintained. * Show errors in CLI code if an incorrect app.ini is used. * APP_DATA_PATH is created when installing, and checked when starting (no empty directory is created any more). 2021-12-01 08:50:01 +01:00			`if setting.InternalToken == "" {`
			log.Fatal(`The INTERNAL_TOKEN setting is missing from the configuration file: %q.
			Ensure you are running in the correct environment or set the correct configuration file with -c.`, setting.CustomConf)
			`}`
Second attempt at preventing zombies (#16326) * Second attempt at preventing zombies * Ensure that the pipes are closed in ssh.go * Ensure that a cancellable context is passed up in cmd/* http requests * Make cmd.fail return properly so defers are obeyed * Ensure that something is sent to stdout in case of blocks here Signed-off-by: Andrew Thornton <art27@cantab.net> * placate lint Signed-off-by: Andrew Thornton <art27@cantab.net> * placate lint 2 Signed-off-by: Andrew Thornton <art27@cantab.net> * placate lint 3 Signed-off-by: Andrew Thornton <art27@cantab.net> * fixup Signed-off-by: Andrew Thornton <art27@cantab.net> * Apply suggestions from code review Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: Lauris BH <lauris@nix.lv> 2021-07-14 16:43:13 +02:00			`return httplib.NewRequest(url, method).`
			`SetContext(ctx).`
Improve install code to avoid low-level mistakes. (#17779) * Improve install code to avoid low-level mistakes. If a user tries to do a re-install in a Gitea database, they gets a warning and double check. When Gitea runs, it never create empty app.ini automatically. Also some small (related) refactoring: * Refactor db.InitEngine related logic make it more clean (especially for the install code) * Move some i18n strings out from setting.go to make the setting.go can be easily maintained. * Show errors in CLI code if an incorrect app.ini is used. * APP_DATA_PATH is created when installing, and checked when starting (no empty directory is created any more). 2021-12-01 08:50:01 +01:00			`Header("Authorization", fmt.Sprintf("Bearer %s", setting.InternalToken))`
Add internal routes for ssh hook comands (#1471) * add internal routes for ssh hook comands * fix lint * add comment on why package named private not internal but the route name is internal * add comment above package private why package named private not internal but the route name is internal * remove exp time on internal access * move routes from /internal to /api/internal * add comment and defer on UpdatePublicKeyUpdated 2017-04-19 05:45:01 +02:00			`}`

			`// Response internal request response`
			`type Response struct {`
			Err string `json:"err"`
			`}`

			`func decodeJSONError(resp http.Response) Response {`
			`var res Response`
			`err := json.NewDecoder(resp.Body).Decode(&res)`
			`if err != nil {`
			`res.Err = err.Error()`
			`}`
			`return &res`
			`}`

Second attempt at preventing zombies (#16326) * Second attempt at preventing zombies * Ensure that the pipes are closed in ssh.go * Ensure that a cancellable context is passed up in cmd/* http requests * Make cmd.fail return properly so defers are obeyed * Ensure that something is sent to stdout in case of blocks here Signed-off-by: Andrew Thornton <art27@cantab.net> * placate lint Signed-off-by: Andrew Thornton <art27@cantab.net> * placate lint 2 Signed-off-by: Andrew Thornton <art27@cantab.net> * placate lint 3 Signed-off-by: Andrew Thornton <art27@cantab.net> * fixup Signed-off-by: Andrew Thornton <art27@cantab.net> * Apply suggestions from code review Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: Lauris BH <lauris@nix.lv> 2021-07-14 16:43:13 +02:00			`func newInternalRequest(ctx context.Context, url, method string) *httplib.Request {`
			`req := newRequest(ctx, url, method).SetTLSClientConfig(&tls.Config{`
Fix internal requests when gitea listens to unix socket or only external IP (#2234) * Fix internal requests when gitea listens to unix socket or only external IP * When Gitea is set to listen using FastCGI use AppURL for LocalURL 2017-08-03 17:32:13 +02:00			`InsecureSkipVerify: true,`
Fix TLS errors when using acme/autocert for local connections (#5820) 2019-01-24 01:47:54 +01:00			`ServerName: setting.Domain,`
Fix internal requests when gitea listens to unix socket or only external IP (#2234) * Fix internal requests when gitea listens to unix socket or only external IP * When Gitea is set to listen using FastCGI use AppURL for LocalURL 2017-08-03 17:32:13 +02:00			`})`
			`if setting.Protocol == setting.UnixSocket {`
			`req.SetTransport(&http.Transport{`
Second attempt at preventing zombies (#16326) * Second attempt at preventing zombies * Ensure that the pipes are closed in ssh.go * Ensure that a cancellable context is passed up in cmd/* http requests * Make cmd.fail return properly so defers are obeyed * Ensure that something is sent to stdout in case of blocks here Signed-off-by: Andrew Thornton <art27@cantab.net> * placate lint Signed-off-by: Andrew Thornton <art27@cantab.net> * placate lint 2 Signed-off-by: Andrew Thornton <art27@cantab.net> * placate lint 3 Signed-off-by: Andrew Thornton <art27@cantab.net> * fixup Signed-off-by: Andrew Thornton <art27@cantab.net> * Apply suggestions from code review Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: Lauris BH <lauris@nix.lv> 2021-07-14 16:43:13 +02:00			`DialContext: func(ctx context.Context, _, _ string) (net.Conn, error) {`
			`var d net.Dialer`
			`return d.DialContext(ctx, "unix", setting.HTTPAddr)`
			`},`
Fix internal requests when gitea listens to unix socket or only external IP (#2234) * Fix internal requests when gitea listens to unix socket or only external IP * When Gitea is set to listen using FastCGI use AppURL for LocalURL 2017-08-03 17:32:13 +02:00			`})`
			`}`
			`return req`
			`}`