Stage 10: admin console & dictionary ops (complaint review, hot-reload, broadcasts) (#11)
This commit was merged in pull request #11.
This commit is contained in:
+25
-21
@@ -2,8 +2,8 @@
|
||||
// the client's Connect-RPC/FlatBuffers traffic over h2c, validates platform /
|
||||
// email / guest credentials and mints opaque sessions, rate-limits, injects
|
||||
// X-User-ID when forwarding to the backend over REST, and bridges the backend's
|
||||
// gRPC push stream to each client's in-app live channel. It also fronts the
|
||||
// backend admin API behind HTTP Basic-Auth.
|
||||
// gRPC push stream to each client's in-app live channel. It also serves the
|
||||
// backend's admin console at /_gm on the public listener behind HTTP Basic-Auth.
|
||||
package main
|
||||
|
||||
import (
|
||||
@@ -57,8 +57,8 @@ func main() {
|
||||
}
|
||||
}
|
||||
|
||||
// run wires the gateway dependencies and serves the public (and optional admin)
|
||||
// listeners until the context is cancelled.
|
||||
// run wires the gateway dependencies and serves the public listener (which also
|
||||
// fronts the admin console at /_gm) until the context is cancelled.
|
||||
func run(ctx context.Context, cfg config.Config, logger *zap.Logger) error {
|
||||
ctx, cancel := context.WithCancel(ctx)
|
||||
defer cancel()
|
||||
@@ -86,15 +86,29 @@ func run(ctx context.Context, cfg config.Config, logger *zap.Logger) error {
|
||||
logger.Warn("telegram disabled (GATEWAY_CONNECTOR_ADDR unset)")
|
||||
}
|
||||
|
||||
// The admin console (backend /_gm) is fronted on the public listener behind
|
||||
// Basic-Auth, enabled when both credentials are set; it is mounted on the edge
|
||||
// mux so the Connect h2c handler stays the top-level handler.
|
||||
var adminProxy http.Handler
|
||||
if cfg.AdminEnabled() {
|
||||
adminProxy, err = admin.NewProxy(cfg.BackendHTTPURL, cfg.AdminUser, cfg.AdminPassword, logger)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
} else {
|
||||
logger.Info("admin console disabled (set GATEWAY_ADMIN_USER and GATEWAY_ADMIN_PASSWORD)")
|
||||
}
|
||||
|
||||
registry := transcode.NewRegistry(backend, validator)
|
||||
edge := connectsrv.NewServer(connectsrv.Deps{
|
||||
Registry: registry,
|
||||
Sessions: sessions,
|
||||
Limiter: limiter,
|
||||
Hub: hub,
|
||||
RateLimit: cfg.RateLimit,
|
||||
Heartbeat: cfg.PushHeartbeatInterval,
|
||||
Logger: logger,
|
||||
Registry: registry,
|
||||
Sessions: sessions,
|
||||
Limiter: limiter,
|
||||
Hub: hub,
|
||||
RateLimit: cfg.RateLimit,
|
||||
Heartbeat: cfg.PushHeartbeatInterval,
|
||||
Logger: logger,
|
||||
AdminProxy: adminProxy,
|
||||
})
|
||||
|
||||
// Bridge the backend push stream into the fan-out hub (and the out-of-app
|
||||
@@ -104,16 +118,6 @@ func run(ctx context.Context, cfg config.Config, logger *zap.Logger) error {
|
||||
public := &http.Server{Addr: cfg.HTTPAddr, Handler: edge.HTTPHandler()}
|
||||
servers := []*namedServer{{name: "public", srv: public}}
|
||||
|
||||
if cfg.AdminEnabled() {
|
||||
proxy, err := admin.NewProxy(cfg.BackendHTTPURL, cfg.AdminUser, cfg.AdminPassword, logger)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
servers = append(servers, &namedServer{name: "admin", srv: &http.Server{Addr: cfg.AdminAddr, Handler: proxy}})
|
||||
} else {
|
||||
logger.Info("admin proxy disabled (set GATEWAY_ADMIN_USER and GATEWAY_ADMIN_PASSWORD)")
|
||||
}
|
||||
|
||||
logger.Info("gateway starting",
|
||||
zap.String("http_addr", cfg.HTTPAddr),
|
||||
zap.String("backend_http", cfg.BackendHTTPURL),
|
||||
|
||||
Reference in New Issue
Block a user