-
Notifications
You must be signed in to change notification settings - Fork 1
/
main.go
114 lines (98 loc) · 3.6 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
package main
import (
"crypto/tls"
"crypto/x509/pkix"
"flag"
"os"
"os/signal"
"syscall"
"time"
cert "github.com/ron96G/go-common-utils/certificate"
log "github.com/ron96G/go-common-utils/log"
"github.com/ron96G/clamav-facade/api"
"github.com/ron96G/clamav-facade/clamav"
"github.com/ron96G/clamav-facade/cmd"
"net/http"
_ "net/http/pprof"
)
var (
enablePprof = flag.Bool("pprof", false, "enable pprof")
loglevel = flag.String("loglevel", "info", "loglevel of the application")
logformat = flag.String("logformat", "json", "logformat of the application")
hostname = flag.String("client.hostname", "localhost", "the hostname of clamd")
port = flag.Uint("client.port", 3310, "the port of clamd")
timeout = flag.Duration("client.timeout", time.Second*10, "clamd connection timeout")
maxSize = flag.Int("maxsize", 25, "file size limit in mb")
startAPI = flag.Bool("api", false, "start the API")
timeoutRead = flag.Duration("api.readtimeout", time.Second*15, "http server timeout for reading request (requires --api)")
timeoutWrite = flag.Duration("api.writetimeout", time.Second*15, "http server timeout for writing response (requires --api)")
address = flag.String("api.addr", "0.0.0.0:8080", "the address of the API (requires --api)")
prefix = flag.String("api.prefix", "", "the prefix of the API (requires --api)")
enableTLS = flag.Bool("api.tls", false, "enable TLS on the API (requires --api)")
pemFile = flag.String("pem", "", "PEM file for server TLS. If empty, a self-signed is generated")
p12File = flag.String("p12", "", "P12 file for server TLS. Use 'P12_PASSWORD' to provide the password. If empty, a self-signed is generated")
)
func main() {
flag.Parse()
log.Reset()
log.Configure(*loglevel, *logformat, os.Stdout)
if *enablePprof {
go func() {
log.Info("pprof server shutdown", "error", http.ListenAndServe("localhost:6060", nil))
}()
}
client, err := clamav.NewClamavClient(*hostname, *port, *timeout)
if err != nil {
log.Error("failed to create new clamav client", "error", err.Error())
}
client.SetMaxSize(*maxSize * 1024 * 1024)
client.Log = log.New("client_logger")
// API config
if *startAPI {
var tlsCfg *tls.Config
if *enableTLS {
tlsCfg, err = cert.GetServerTLS(cert.Options{
PemFile: *pemFile,
P12File: *p12File,
Password: os.Getenv("P12_PASSWORD"),
Subject: pkix.Name{
Organization: []string{"DMC Virusscanner Facade"},
Country: []string{"DE"},
Province: []string{"NRW"},
Locality: []string{"Bonn"},
},
})
if err != nil {
log.Error("failed to setup tls config", "error", err)
}
}
// If the API write timeout is lower than the client timeout, the api request will timeout without
// an error. Therefore, the client timeout must be lower to prevent this.
if *timeoutWrite <= *timeout {
// The new client timeout is 90% of the write timeout
newTimeout := time.Duration(float64(*timeoutWrite) * 0.9)
log.Warn("Client timeout exceeds write timeout...", "client_timeout", newTimeout)
client.SetDefaultTimeout(newTimeout)
}
stopChan := SetupSignalHandler()
api := api.NewAPI(*prefix, *address, client, stopChan, log.New("api_logger"), tlsCfg)
api.ReadTimeout = *timeoutRead
api.WriteTimeout = *timeoutWrite
api.Run()
} else {
// commands
cmd.Run(client, log.New("cmd_logger"))
}
}
func SetupSignalHandler() (stopCh <-chan struct{}) {
stop := make(chan struct{})
c := make(chan os.Signal, 2)
signal.Notify(c, os.Interrupt, syscall.SIGTERM)
go func() {
<-c
close(stop)
<-c
os.Exit(143) // second signal. Exit directly.
}()
return stop
}