189 lines
5.1 KiB
Go
189 lines
5.1 KiB
Go
//go:build operator
|
|
// +build operator
|
|
|
|
// This file is part of MinIO Console Server
|
|
// Copyright (c) 2022 MinIO, Inc.
|
|
//
|
|
// This program is free software: you can redistribute it and/or modify
|
|
// it under the terms of the GNU Affero General Public License as published by
|
|
// the Free Software Foundation, either version 3 of the License, or
|
|
// (at your option) any later version.
|
|
//
|
|
// This program is distributed in the hope that it will be useful,
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
// GNU Affero General Public License for more details.
|
|
//
|
|
// You should have received a copy of the GNU Affero General Public License
|
|
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
package main
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
"strconv"
|
|
"time"
|
|
|
|
"github.com/minio/console/pkg/logger"
|
|
|
|
"github.com/minio/console/restapi"
|
|
|
|
"github.com/go-openapi/loads"
|
|
"github.com/jessevdk/go-flags"
|
|
"github.com/minio/cli"
|
|
"github.com/minio/console/operatorapi"
|
|
"github.com/minio/console/operatorapi/operations"
|
|
"github.com/minio/console/pkg/certs"
|
|
)
|
|
|
|
// starts the server
|
|
var operatorCmd = cli.Command{
|
|
Name: "operator",
|
|
Aliases: []string{"opr"},
|
|
Usage: "Start MinIO Operator UI server",
|
|
Action: startOperatorServer,
|
|
Flags: []cli.Flag{
|
|
cli.StringFlag{
|
|
Name: "host",
|
|
Value: restapi.GetHostname(),
|
|
Usage: "bind to a specific HOST, HOST can be an IP or hostname",
|
|
},
|
|
cli.IntFlag{
|
|
Name: "port",
|
|
Value: restapi.GetPort(),
|
|
Usage: "bind to specific HTTP port",
|
|
},
|
|
// This is kept here for backward compatibility,
|
|
// hostname's do not have HTTP or HTTPs
|
|
// hostnames are opaque so using --host
|
|
// works for both HTTP and HTTPS setup.
|
|
cli.StringFlag{
|
|
Name: "tls-host",
|
|
Value: restapi.GetHostname(),
|
|
Hidden: true,
|
|
},
|
|
cli.StringFlag{
|
|
Name: "certs-dir",
|
|
Value: certs.GlobalCertsCADir.Get(),
|
|
Usage: "path to certs directory",
|
|
},
|
|
cli.IntFlag{
|
|
Name: "tls-port",
|
|
Value: restapi.GetTLSPort(),
|
|
Usage: "bind to specific HTTPS port",
|
|
},
|
|
cli.StringFlag{
|
|
Name: "tls-redirect",
|
|
Value: restapi.GetTLSRedirect(),
|
|
Usage: "toggle HTTP->HTTPS redirect",
|
|
},
|
|
cli.StringFlag{
|
|
Name: "tls-certificate",
|
|
Value: "",
|
|
Usage: "path to TLS public certificate",
|
|
Hidden: true,
|
|
},
|
|
cli.StringFlag{
|
|
Name: "tls-key",
|
|
Value: "",
|
|
Usage: "path to TLS private key",
|
|
Hidden: true,
|
|
},
|
|
cli.StringFlag{
|
|
Name: "tls-ca",
|
|
Value: "",
|
|
Usage: "path to TLS Certificate Authority",
|
|
Hidden: true,
|
|
},
|
|
},
|
|
}
|
|
|
|
func buildOperatorServer() (*operatorapi.Server, error) {
|
|
swaggerSpec, err := loads.Embedded(operatorapi.SwaggerJSON, operatorapi.FlatSwaggerJSON)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
api := operations.NewOperatorAPI(swaggerSpec)
|
|
api.Logger = restapi.LogInfo
|
|
server := operatorapi.NewServer(api)
|
|
|
|
parser := flags.NewParser(server, flags.Default)
|
|
parser.ShortDescription = "MinIO Console Server"
|
|
parser.LongDescription = swaggerSpec.Spec().Info.Description
|
|
|
|
server.ConfigureFlags()
|
|
|
|
// register all APIs
|
|
server.ConfigureAPI()
|
|
|
|
for _, optsGroup := range api.CommandLineOptionsGroups {
|
|
_, err := parser.AddGroup(optsGroup.ShortDescription, optsGroup.LongDescription, optsGroup.Options)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
}
|
|
|
|
if _, err := parser.Parse(); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return server, nil
|
|
}
|
|
|
|
// StartServer starts the console service
|
|
func startOperatorServer(ctx *cli.Context) error {
|
|
if err := loadAllCerts(ctx); err != nil {
|
|
// Log this as a warning and continue running console without TLS certificates
|
|
restapi.LogError("Unable to load certs: %v", err)
|
|
}
|
|
|
|
xctx := context.Background()
|
|
transport := restapi.PrepareSTSClientTransport(false)
|
|
if err := logger.InitializeLogger(xctx, transport); err != nil {
|
|
fmt.Println("error InitializeLogger", err)
|
|
logger.CriticalIf(xctx, err)
|
|
}
|
|
// custom error configuration
|
|
restapi.LogInfo = logger.Info
|
|
restapi.LogError = logger.Error
|
|
restapi.LogIf = logger.LogIf
|
|
|
|
var rctx operatorapi.Context
|
|
if err := rctx.Load(ctx); err != nil {
|
|
restapi.LogError("argument validation failed: %v", err)
|
|
return err
|
|
}
|
|
|
|
server, err := buildOperatorServer()
|
|
if err != nil {
|
|
restapi.LogError("Unable to initialize console server: %v", err)
|
|
return err
|
|
}
|
|
|
|
server.Host = rctx.Host
|
|
server.Port = rctx.HTTPPort
|
|
// set conservative timesout for uploads
|
|
server.ReadTimeout = 1 * time.Hour
|
|
// no timeouts for response for downloads
|
|
server.WriteTimeout = 0
|
|
operatorapi.Port = strconv.Itoa(server.Port)
|
|
operatorapi.Hostname = server.Host
|
|
|
|
if len(restapi.GlobalPublicCerts) > 0 {
|
|
// If TLS certificates are provided enforce the HTTPS schema, meaning console will redirect
|
|
// plain HTTP connections to HTTPS server
|
|
server.EnabledListeners = []string{"http", "https"}
|
|
server.TLSPort = rctx.HTTPSPort
|
|
// Need to store tls-port, tls-host un config variables so secure.middleware can read from there
|
|
operatorapi.TLSPort = strconv.Itoa(server.TLSPort)
|
|
operatorapi.Hostname = rctx.Host
|
|
operatorapi.TLSRedirect = rctx.TLSRedirect
|
|
}
|
|
|
|
defer server.Shutdown()
|
|
|
|
return server.Serve()
|
|
}
|