static iep_thread_driver_t *noit_stomp_allocate(noit_conf_section_t conf) {
struct stomp_driver *dr;
dr = calloc(1, sizeof(*dr));
if(apr_pool_create(&dr->pool, NULL) != APR_SUCCESS) {
free(dr);
return NULL;
}
(void)noit_conf_get_string(conf, "exchange", &dr->exchange);
if(!noit_conf_get_string(conf, "destination", &dr->destination))
if(!dr->destination) dr->destination = strdup("/queue/noit.firehose");
(void)noit_conf_get_string(conf, "username", &dr->user);
(void)noit_conf_get_string(conf, "password", &dr->pass);
(void)noit_conf_get_string(conf, "hostname", &dr->hostname);
if(!dr->hostname) dr->hostname = strdup("127.0.0.1");
if(!noit_conf_get_int(conf, "port", &dr->port))
dr->port = 61613;
return (iep_thread_driver_t *)dr;
}
static int
ip_acl_onload(noit_image_t *self) {
int i, cnt;
noit_conf_section_t *acl_c;
ip_acl_module_id = noit_check_register_module("ip_acl");
if(ip_acl_module_id < 0) return -1;
acl_c = noit_conf_get_sections(NULL, "/noit/acls//acl", &cnt);
if(acl_c) {
for(i=0; i<cnt; i++) {
char *name;
int j, rcnt, arcnt = 0;
noit_conf_section_t *rule_c;
if(noit_conf_get_string(acl_c[i], "@name", &name)) {
rule_c = noit_conf_get_sections(acl_c[i], "rule", &rcnt);
if(rule_c) {
btrie *acl = calloc(1, sizeof(*acl));
for(j=0; j<rcnt; j++) {
int mask = -1, rv;
char dirstr[16] = "unspecified";
char *cp, target[256] = "";
union {
struct in_addr addr4;
struct in6_addr addr6;
} a;
noit_conf_get_stringbuf(rule_c[j], "self::node()", target, sizeof(target));
if(NULL != (cp = strchr(target, '/'))) {
*cp++ = '\0';
mask = atoi(cp);
}
if(!noit_conf_get_stringbuf(rule_c[j], "@type", dirstr, sizeof(dirstr)) ||
(strcmp(dirstr, "deny") && strcmp(dirstr, "allow"))) {
noitL(noit_error, "Unknown acl rule type \"%s\" in acl \"%s\"\n",
dirstr, name);
}
else if(inet_pton(AF_INET, target, &a) == 1) {
if(mask == -1) mask = 32;
noit_add_route_ipv4(acl, &a.addr4, mask, strcmp(dirstr, "allow") ? DENY_PTR : ALLOW_PTR);
arcnt++;
}
else if(inet_pton(AF_INET6, target, &a) == 1) {
if(mask == -1) mask = 128;
noit_add_route_ipv6(acl, &a.addr6, mask, strcmp(dirstr, "allow") ? DENY_PTR : ALLOW_PTR);
arcnt++;
}
}
noitL(noit_error, "ACL %s/%p -> %d/%d rules\n", name, acl, arcnt, rcnt);
noit_hash_replace(&acls, name, strlen(name), acl, free, free_btrie);
free(rule_c);
}
}
}
free(acl_c);
}
return 0;
}
static iep_thread_driver_t *noit_fq_allocate(noit_conf_section_t conf) {
char *hostname, *cp, *brk;
int i;
#define GETCONFSTR(w) noit_conf_get_stringbuf(conf, #w, global_fq_ctx.w, sizeof(global_fq_ctx.w))
snprintf(global_fq_ctx.exchange, sizeof(global_fq_ctx.exchange), "%s",
"noit.firehose");
GETCONFSTR(exchange);
if(!GETCONFSTR(routingkey))
snprintf(global_fq_ctx.routingkey, sizeof(global_fq_ctx.routingkey), "%s", "check");
snprintf(global_fq_ctx.username, sizeof(global_fq_ctx.username), "%s", "guest");
GETCONFSTR(username);
snprintf(global_fq_ctx.password, sizeof(global_fq_ctx.password), "%s", "guest");
GETCONFSTR(password);
if(!noit_conf_get_int(conf, "heartbeat", &global_fq_ctx.heartbeat))
global_fq_ctx.heartbeat = 2000;
if(!noit_conf_get_int(conf, "backlog", &global_fq_ctx.backlog))
global_fq_ctx.backlog = 2000;
if(!noit_conf_get_int(conf, "port", &global_fq_ctx.port))
global_fq_ctx.port = 8765;
(void)noit_conf_get_string(conf, "hostname", &hostname);
if(!hostname) hostname = strdup("127.0.0.1");
for(cp = hostname; cp; cp = strchr(cp+1, ',')) global_fq_ctx.nhosts++;
if(global_fq_ctx.nhosts > MAX_HOSTS) global_fq_ctx.nhosts = MAX_HOSTS;
for(i = 0, cp = strtok_r(hostname, ",", &brk);
cp; cp = strtok_r(NULL, ",", &brk), i++) {
char *pcp;
fq_client *c = &global_fq_ctx.client[i];
global_fq_ctx.ports[i] = global_fq_ctx.port;
strlcpy(global_fq_ctx.hostname[i], cp, sizeof(global_fq_ctx.hostname[i]));
pcp = strchr(global_fq_ctx.hostname[i], ':');
if(pcp) {
*pcp++ = '\0';
global_fq_ctx.ports[i] = atoi(pcp);
}
fq_client_init(c, 0, fq_logger);
fq_client_creds(*c, global_fq_ctx.hostname[i], global_fq_ctx.ports[i],
global_fq_ctx.username, global_fq_ctx.password);
fq_client_heartbeat(*c, global_fq_ctx.heartbeat);
fq_client_set_nonblock(*c, 1);
fq_client_set_backlog(*c, global_fq_ctx.backlog, 0);
fq_client_connect(*c);
}
free(hostname);
return (iep_thread_driver_t *)&global_fq_ctx;
}
void
stratcon_datastore_core_init() {
static int initialized = 0;
if(initialized) return;
initialized = 1;
ds_err = noit_log_stream_find("error/datastore");
ds_deb = noit_log_stream_find("debug/datastore");
ds_pool_deb = noit_log_stream_find("debug/datastore_pool");
ingest_err = noit_log_stream_find("error/ingest");
if(!ds_err) ds_err = noit_error;
if(!ingest_err) ingest_err = noit_error;
if(!noit_conf_get_string(NULL, "//database/journal/path",
&basejpath)) {
noitL(noit_error, "//database/journal/path is unspecified\n");
exit(-1);
}
}
static int handoff_ingestor_init(noit_module_generic_t *self) {
ds_err = noit_log_stream_find("error/datastore");
ds_deb = noit_log_stream_find("debug/datastore");
ingest_err = noit_log_stream_find("error/ingest");
if(!ds_err) ds_err = noit_error;
if(!ingest_err) ingest_err = noit_error;
if(!noit_conf_get_string(NULL, "/stratcon/database/journal/path",
&basejpath)) {
noitL(noit_error, "/stratcon/database/journal/path is unspecified\n");
exit(-1);
}
noitL(noit_error, "registering /handoff/journals REST endpoint\n");
assert(noit_http_rest_register_auth(
"GET", "/handoff/", "^journals$", handoff_stream,
noit_http_rest_client_cert_auth
) == 0);
return stratcon_datastore_set_ingestor(&handoff_ingestor_api);
}
static iep_thread_driver_t *noit_rabbimq_allocate() {
char *hostname, *cp, *brk;
struct amqp_driver *dr = NULL;
int i;
pthread_mutex_lock(&driver_lock);
for(i=0; i<MAX_HOSTS; i++) {
if(stats.thread_states[i].owner == (pthread_t)NULL) {
stats.thread_states[i].owner = pthread_self();
dr = &stats.thread_states[i];
break;
}
}
pthread_mutex_unlock(&driver_lock);
if(!dr) return NULL;
dr->nconnects = rand();
#define GETCONFSTR(w) noit_conf_get_stringbuf(NULL, "/stratcon/iep/mq/" #w, dr->w, sizeof(dr->w))
GETCONFSTR(exchange);
if(!GETCONFSTR(routingkey))
dr->routingkey[0] = '\0';
GETCONFSTR(username);
GETCONFSTR(password);
if(!GETCONFSTR(vhost)) { dr->vhost[0] = '/'; dr->vhost[1] = '\0'; }
if(!noit_conf_get_int(NULL, "/stratcon/iep/mq/heartbeat", &dr->heartbeat))
dr->heartbeat = 5000;
dr->heartbeat = (dr->heartbeat + 999) / 1000;
noit_conf_get_string(NULL, "/stratcon/iep/mq/hostname", &hostname);
if(!hostname) hostname = strdup("127.0.0.1");
for(cp = hostname; cp; cp = strchr(cp+1, ',')) dr->nhosts++;
if(dr->nhosts > MAX_HOSTS) dr->nhosts = MAX_HOSTS;
for(i = 0, cp = strtok_r(hostname, ",", &brk);
cp; cp = strtok_r(NULL, ",", &brk), i++)
strlcpy(dr->hostname[i], cp, sizeof(dr->hostname[i]));
free(hostname);
if(!noit_conf_get_int(NULL, "/stratcon/iep/mq/port", &dr->port))
dr->port = 5672;
noit_atomic_inc64(&stats.concurrency);
return (iep_thread_driver_t *)dr;
}
int main(int argc, char **argv) {
int fd, lockfd = -1;
char lockfile[PATH_MAX];
char user[32], group[32];
char *trace_dir = NULL;
parse_clargs(argc, argv);
noit_log_init();
noit_log_stream_add_stream(noit_debug, noit_stderr);
noit_log_stream_add_stream(noit_error, noit_stderr);
/* Next load the configs */
noit_conf_init(APPNAME);
if(noit_conf_load(config_file) == -1) {
fprintf(stderr, "Cannot load config: '%s'\n", config_file);
exit(-1);
}
/* Reinitialize the logging system now that we have a config */
snprintf(user, sizeof(user), "%d", getuid());
snprintf(group, sizeof(group), "%d", getgid());
if(noit_security_usergroup(droptouser, droptogroup, noit_true)) {
noitL(noit_stderr, "Failed to drop privileges, exiting.\n");
exit(-1);
}
noit_conf_log_init(APPNAME);
cli_log_switches();
if(noit_security_usergroup(user, group, noit_true)) {
noitL(noit_stderr, "Failed to regain privileges, exiting.\n");
exit(-1);
}
if(debug)
noit_debug->enabled = 1;
if(!glider) noit_conf_get_string(NULL, "/" APPNAME "/watchdog/@glider", &glider);
noit_watchdog_glider(glider);
noit_conf_get_string(NULL, "/" APPNAME "/watchdog/@tracedir", &trace_dir);
if(trace_dir) noit_watchdog_glider_trace_dir(trace_dir);
if(chdir("/") != 0) {
fprintf(stderr, "cannot chdir(\"/\"): %s\n", strerror(errno));
exit(2);
}
noit_watchdog_prefork_init();
/* Acquire the lock so that we can throw an error if it doesn't work.
* If we've started -D, we'll have the lock.
* If not we will daemon and must reacquire the lock.
*/
lockfd = -1;
lockfile[0] = '\0';
if(noit_conf_get_stringbuf(NULL, "/" APPNAME "/@lockfile",
lockfile, sizeof(lockfile))) {
if((lockfd = noit_lockfile_acquire(lockfile)) < 0) {
noitL(noit_stderr, "Failed to acquire lock: %s\n", lockfile);
exit(-1);
}
}
if(foreground) exit(child_main());
/* This isn't inherited across forks... */
if(lockfd >= 0) noit_lockfile_release(lockfd);
fd = open("/dev/null", O_RDWR);
dup2(fd, STDIN_FILENO);
dup2(fd, STDOUT_FILENO);
dup2(fd, STDERR_FILENO);
if(fork()) exit(0);
setsid();
if(fork()) exit(0);
/* Reacquire the lock */
if(*lockfile) {
if(noit_lockfile_acquire(lockfile) < 0) {
noitL(noit_stderr, "Failed to acquire lock: %s\n", lockfile);
exit(-1);
}
}
return noit_watchdog_start_child("stratcond", child_main, 0);
}
int
noit_main(const char *appname,
const char *config_filename, int debug, int foreground,
const char *_glider,
const char *drop_to_user, const char *drop_to_group,
int (*passed_child_main)(void)) {
int fd, lockfd, watchdog_timeout = 0;
char conf_str[1024];
char lockfile[PATH_MAX];
char user[32], group[32];
char *trace_dir = NULL;
char appscratch[1024];
char *glider = (char *)_glider;
char *watchdog_timeout_str;
/* First initialize logging, so we can log errors */
noit_log_init();
noit_log_stream_add_stream(noit_debug, noit_stderr);
noit_log_stream_add_stream(noit_error, noit_stderr);
/* Next load the configs */
noit_conf_init(appname);
if(noit_conf_load(config_filename) == -1) {
fprintf(stderr, "Cannot load config: '%s'\n", config_filename);
exit(-1);
}
/* Reinitialize the logging system now that we have a config */
snprintf(user, sizeof(user), "%d", getuid());
snprintf(group, sizeof(group), "%d", getgid());
if(noit_security_usergroup(drop_to_user, drop_to_group, noit_true)) {
noitL(noit_stderr, "Failed to drop privileges, exiting.\n");
exit(-1);
}
noit_conf_log_init(appname);
cli_log_switches();
if(noit_security_usergroup(user, group, noit_true)) {
noitL(noit_stderr, "Failed to regain privileges, exiting.\n");
exit(-1);
}
if(debug)
noit_debug->enabled = 1;
snprintf(appscratch, sizeof(appscratch), "/%s/watchdog/@glider", appname);
if(!glider) noit_conf_get_string(NULL, appscratch, &glider);
noit_watchdog_glider(glider);
snprintf(appscratch, sizeof(appscratch), "/%s/watchdog/@tracedir", appname);
noit_conf_get_string(NULL, appscratch, &trace_dir);
if(trace_dir) noit_watchdog_glider_trace_dir(trace_dir);
/* Lastly, run through all other system inits */
snprintf(appscratch, sizeof(appscratch), "/%s/eventer/@implementation", appname);
if(!noit_conf_get_stringbuf(NULL, appscratch, conf_str, sizeof(conf_str))) {
noitL(noit_stderr, "Cannot find '%s' in configuration\n", appscratch);
exit(-1);
}
if(eventer_choose(conf_str) == -1) {
noitL(noit_stderr, "Cannot choose eventer %s\n", conf_str);
exit(-1);
}
if(configure_eventer(appname) != 0) {
noitL(noit_stderr, "Cannot configure eventer\n");
exit(-1);
}
noit_watchdog_prefork_init();
if(chdir("/") != 0) {
noitL(noit_stderr, "Failed chdir(\"/\"): %s\n", strerror(errno));
exit(-1);
}
/* Acquire the lock so that we can throw an error if it doesn't work.
* If we've started -D, we'll have the lock.
* If not we will daemon and must reacquire the lock.
*/
lockfd = -1;
lockfile[0] = '\0';
snprintf(appscratch, sizeof(appscratch), "/%s/@lockfile", appname);
if(noit_conf_get_stringbuf(NULL, appscratch,
lockfile, sizeof(lockfile))) {
if((lockfd = noit_lockfile_acquire(lockfile)) < 0) {
noitL(noit_stderr, "Failed to acquire lock: %s\n", lockfile);
exit(-1);
}
}
if(foreground) return passed_child_main();
watchdog_timeout_str = getenv("WATCHDOG_TIMEOUT");
if(watchdog_timeout_str) {
watchdog_timeout = atoi(watchdog_timeout_str);
noitL(noit_error, "Setting watchdog timeout to %d\n",
watchdog_timeout);
}
/* This isn't inherited across forks... */
if(lockfd >= 0) noit_lockfile_release(lockfd);
fd = open("/dev/null", O_RDWR);
dup2(fd, STDIN_FILENO);
dup2(fd, STDOUT_FILENO);
dup2(fd, STDERR_FILENO);
if(fork()) exit(0);
setsid();
if(fork()) exit(0);
/* Reacquire the lock */
if(*lockfile) {
if(noit_lockfile_acquire(lockfile) < 0) {
noitL(noit_stderr, "Failed to acquire lock: %s\n", lockfile);
exit(-1);
}
}
signal(SIGHUP, SIG_IGN);
return noit_watchdog_start_child("noitd", passed_child_main, watchdog_timeout);
}