static iep_thread_driver_t *noit_stomp_allocate(noit_conf_section_t conf) { struct stomp_driver *dr; dr = calloc(1, sizeof(*dr)); if(apr_pool_create(&dr->pool, NULL) != APR_SUCCESS) { free(dr); return NULL; } (void)noit_conf_get_string(conf, "exchange", &dr->exchange); if(!noit_conf_get_string(conf, "destination", &dr->destination)) if(!dr->destination) dr->destination = strdup("/queue/noit.firehose"); (void)noit_conf_get_string(conf, "username", &dr->user); (void)noit_conf_get_string(conf, "password", &dr->pass); (void)noit_conf_get_string(conf, "hostname", &dr->hostname); if(!dr->hostname) dr->hostname = strdup("127.0.0.1"); if(!noit_conf_get_int(conf, "port", &dr->port)) dr->port = 61613; return (iep_thread_driver_t *)dr; }
static int ip_acl_onload(noit_image_t *self) { int i, cnt; noit_conf_section_t *acl_c; ip_acl_module_id = noit_check_register_module("ip_acl"); if(ip_acl_module_id < 0) return -1; acl_c = noit_conf_get_sections(NULL, "/noit/acls//acl", &cnt); if(acl_c) { for(i=0; i<cnt; i++) { char *name; int j, rcnt, arcnt = 0; noit_conf_section_t *rule_c; if(noit_conf_get_string(acl_c[i], "@name", &name)) { rule_c = noit_conf_get_sections(acl_c[i], "rule", &rcnt); if(rule_c) { btrie *acl = calloc(1, sizeof(*acl)); for(j=0; j<rcnt; j++) { int mask = -1, rv; char dirstr[16] = "unspecified"; char *cp, target[256] = ""; union { struct in_addr addr4; struct in6_addr addr6; } a; noit_conf_get_stringbuf(rule_c[j], "self::node()", target, sizeof(target)); if(NULL != (cp = strchr(target, '/'))) { *cp++ = '\0'; mask = atoi(cp); } if(!noit_conf_get_stringbuf(rule_c[j], "@type", dirstr, sizeof(dirstr)) || (strcmp(dirstr, "deny") && strcmp(dirstr, "allow"))) { noitL(noit_error, "Unknown acl rule type \"%s\" in acl \"%s\"\n", dirstr, name); } else if(inet_pton(AF_INET, target, &a) == 1) { if(mask == -1) mask = 32; noit_add_route_ipv4(acl, &a.addr4, mask, strcmp(dirstr, "allow") ? DENY_PTR : ALLOW_PTR); arcnt++; } else if(inet_pton(AF_INET6, target, &a) == 1) { if(mask == -1) mask = 128; noit_add_route_ipv6(acl, &a.addr6, mask, strcmp(dirstr, "allow") ? DENY_PTR : ALLOW_PTR); arcnt++; } } noitL(noit_error, "ACL %s/%p -> %d/%d rules\n", name, acl, arcnt, rcnt); noit_hash_replace(&acls, name, strlen(name), acl, free, free_btrie); free(rule_c); } } } free(acl_c); } return 0; }
static iep_thread_driver_t *noit_fq_allocate(noit_conf_section_t conf) { char *hostname, *cp, *brk; int i; #define GETCONFSTR(w) noit_conf_get_stringbuf(conf, #w, global_fq_ctx.w, sizeof(global_fq_ctx.w)) snprintf(global_fq_ctx.exchange, sizeof(global_fq_ctx.exchange), "%s", "noit.firehose"); GETCONFSTR(exchange); if(!GETCONFSTR(routingkey)) snprintf(global_fq_ctx.routingkey, sizeof(global_fq_ctx.routingkey), "%s", "check"); snprintf(global_fq_ctx.username, sizeof(global_fq_ctx.username), "%s", "guest"); GETCONFSTR(username); snprintf(global_fq_ctx.password, sizeof(global_fq_ctx.password), "%s", "guest"); GETCONFSTR(password); if(!noit_conf_get_int(conf, "heartbeat", &global_fq_ctx.heartbeat)) global_fq_ctx.heartbeat = 2000; if(!noit_conf_get_int(conf, "backlog", &global_fq_ctx.backlog)) global_fq_ctx.backlog = 2000; if(!noit_conf_get_int(conf, "port", &global_fq_ctx.port)) global_fq_ctx.port = 8765; (void)noit_conf_get_string(conf, "hostname", &hostname); if(!hostname) hostname = strdup("127.0.0.1"); for(cp = hostname; cp; cp = strchr(cp+1, ',')) global_fq_ctx.nhosts++; if(global_fq_ctx.nhosts > MAX_HOSTS) global_fq_ctx.nhosts = MAX_HOSTS; for(i = 0, cp = strtok_r(hostname, ",", &brk); cp; cp = strtok_r(NULL, ",", &brk), i++) { char *pcp; fq_client *c = &global_fq_ctx.client[i]; global_fq_ctx.ports[i] = global_fq_ctx.port; strlcpy(global_fq_ctx.hostname[i], cp, sizeof(global_fq_ctx.hostname[i])); pcp = strchr(global_fq_ctx.hostname[i], ':'); if(pcp) { *pcp++ = '\0'; global_fq_ctx.ports[i] = atoi(pcp); } fq_client_init(c, 0, fq_logger); fq_client_creds(*c, global_fq_ctx.hostname[i], global_fq_ctx.ports[i], global_fq_ctx.username, global_fq_ctx.password); fq_client_heartbeat(*c, global_fq_ctx.heartbeat); fq_client_set_nonblock(*c, 1); fq_client_set_backlog(*c, global_fq_ctx.backlog, 0); fq_client_connect(*c); } free(hostname); return (iep_thread_driver_t *)&global_fq_ctx; }
void stratcon_datastore_core_init() { static int initialized = 0; if(initialized) return; initialized = 1; ds_err = noit_log_stream_find("error/datastore"); ds_deb = noit_log_stream_find("debug/datastore"); ds_pool_deb = noit_log_stream_find("debug/datastore_pool"); ingest_err = noit_log_stream_find("error/ingest"); if(!ds_err) ds_err = noit_error; if(!ingest_err) ingest_err = noit_error; if(!noit_conf_get_string(NULL, "//database/journal/path", &basejpath)) { noitL(noit_error, "//database/journal/path is unspecified\n"); exit(-1); } }
static int handoff_ingestor_init(noit_module_generic_t *self) { ds_err = noit_log_stream_find("error/datastore"); ds_deb = noit_log_stream_find("debug/datastore"); ingest_err = noit_log_stream_find("error/ingest"); if(!ds_err) ds_err = noit_error; if(!ingest_err) ingest_err = noit_error; if(!noit_conf_get_string(NULL, "/stratcon/database/journal/path", &basejpath)) { noitL(noit_error, "/stratcon/database/journal/path is unspecified\n"); exit(-1); } noitL(noit_error, "registering /handoff/journals REST endpoint\n"); assert(noit_http_rest_register_auth( "GET", "/handoff/", "^journals$", handoff_stream, noit_http_rest_client_cert_auth ) == 0); return stratcon_datastore_set_ingestor(&handoff_ingestor_api); }
static iep_thread_driver_t *noit_rabbimq_allocate() { char *hostname, *cp, *brk; struct amqp_driver *dr = NULL; int i; pthread_mutex_lock(&driver_lock); for(i=0; i<MAX_HOSTS; i++) { if(stats.thread_states[i].owner == (pthread_t)NULL) { stats.thread_states[i].owner = pthread_self(); dr = &stats.thread_states[i]; break; } } pthread_mutex_unlock(&driver_lock); if(!dr) return NULL; dr->nconnects = rand(); #define GETCONFSTR(w) noit_conf_get_stringbuf(NULL, "/stratcon/iep/mq/" #w, dr->w, sizeof(dr->w)) GETCONFSTR(exchange); if(!GETCONFSTR(routingkey)) dr->routingkey[0] = '\0'; GETCONFSTR(username); GETCONFSTR(password); if(!GETCONFSTR(vhost)) { dr->vhost[0] = '/'; dr->vhost[1] = '\0'; } if(!noit_conf_get_int(NULL, "/stratcon/iep/mq/heartbeat", &dr->heartbeat)) dr->heartbeat = 5000; dr->heartbeat = (dr->heartbeat + 999) / 1000; noit_conf_get_string(NULL, "/stratcon/iep/mq/hostname", &hostname); if(!hostname) hostname = strdup("127.0.0.1"); for(cp = hostname; cp; cp = strchr(cp+1, ',')) dr->nhosts++; if(dr->nhosts > MAX_HOSTS) dr->nhosts = MAX_HOSTS; for(i = 0, cp = strtok_r(hostname, ",", &brk); cp; cp = strtok_r(NULL, ",", &brk), i++) strlcpy(dr->hostname[i], cp, sizeof(dr->hostname[i])); free(hostname); if(!noit_conf_get_int(NULL, "/stratcon/iep/mq/port", &dr->port)) dr->port = 5672; noit_atomic_inc64(&stats.concurrency); return (iep_thread_driver_t *)dr; }
int main(int argc, char **argv) { int fd, lockfd = -1; char lockfile[PATH_MAX]; char user[32], group[32]; char *trace_dir = NULL; parse_clargs(argc, argv); noit_log_init(); noit_log_stream_add_stream(noit_debug, noit_stderr); noit_log_stream_add_stream(noit_error, noit_stderr); /* Next load the configs */ noit_conf_init(APPNAME); if(noit_conf_load(config_file) == -1) { fprintf(stderr, "Cannot load config: '%s'\n", config_file); exit(-1); } /* Reinitialize the logging system now that we have a config */ snprintf(user, sizeof(user), "%d", getuid()); snprintf(group, sizeof(group), "%d", getgid()); if(noit_security_usergroup(droptouser, droptogroup, noit_true)) { noitL(noit_stderr, "Failed to drop privileges, exiting.\n"); exit(-1); } noit_conf_log_init(APPNAME); cli_log_switches(); if(noit_security_usergroup(user, group, noit_true)) { noitL(noit_stderr, "Failed to regain privileges, exiting.\n"); exit(-1); } if(debug) noit_debug->enabled = 1; if(!glider) noit_conf_get_string(NULL, "/" APPNAME "/watchdog/@glider", &glider); noit_watchdog_glider(glider); noit_conf_get_string(NULL, "/" APPNAME "/watchdog/@tracedir", &trace_dir); if(trace_dir) noit_watchdog_glider_trace_dir(trace_dir); if(chdir("/") != 0) { fprintf(stderr, "cannot chdir(\"/\"): %s\n", strerror(errno)); exit(2); } noit_watchdog_prefork_init(); /* Acquire the lock so that we can throw an error if it doesn't work. * If we've started -D, we'll have the lock. * If not we will daemon and must reacquire the lock. */ lockfd = -1; lockfile[0] = '\0'; if(noit_conf_get_stringbuf(NULL, "/" APPNAME "/@lockfile", lockfile, sizeof(lockfile))) { if((lockfd = noit_lockfile_acquire(lockfile)) < 0) { noitL(noit_stderr, "Failed to acquire lock: %s\n", lockfile); exit(-1); } } if(foreground) exit(child_main()); /* This isn't inherited across forks... */ if(lockfd >= 0) noit_lockfile_release(lockfd); fd = open("/dev/null", O_RDWR); dup2(fd, STDIN_FILENO); dup2(fd, STDOUT_FILENO); dup2(fd, STDERR_FILENO); if(fork()) exit(0); setsid(); if(fork()) exit(0); /* Reacquire the lock */ if(*lockfile) { if(noit_lockfile_acquire(lockfile) < 0) { noitL(noit_stderr, "Failed to acquire lock: %s\n", lockfile); exit(-1); } } return noit_watchdog_start_child("stratcond", child_main, 0); }
int noit_main(const char *appname, const char *config_filename, int debug, int foreground, const char *_glider, const char *drop_to_user, const char *drop_to_group, int (*passed_child_main)(void)) { int fd, lockfd, watchdog_timeout = 0; char conf_str[1024]; char lockfile[PATH_MAX]; char user[32], group[32]; char *trace_dir = NULL; char appscratch[1024]; char *glider = (char *)_glider; char *watchdog_timeout_str; /* First initialize logging, so we can log errors */ noit_log_init(); noit_log_stream_add_stream(noit_debug, noit_stderr); noit_log_stream_add_stream(noit_error, noit_stderr); /* Next load the configs */ noit_conf_init(appname); if(noit_conf_load(config_filename) == -1) { fprintf(stderr, "Cannot load config: '%s'\n", config_filename); exit(-1); } /* Reinitialize the logging system now that we have a config */ snprintf(user, sizeof(user), "%d", getuid()); snprintf(group, sizeof(group), "%d", getgid()); if(noit_security_usergroup(drop_to_user, drop_to_group, noit_true)) { noitL(noit_stderr, "Failed to drop privileges, exiting.\n"); exit(-1); } noit_conf_log_init(appname); cli_log_switches(); if(noit_security_usergroup(user, group, noit_true)) { noitL(noit_stderr, "Failed to regain privileges, exiting.\n"); exit(-1); } if(debug) noit_debug->enabled = 1; snprintf(appscratch, sizeof(appscratch), "/%s/watchdog/@glider", appname); if(!glider) noit_conf_get_string(NULL, appscratch, &glider); noit_watchdog_glider(glider); snprintf(appscratch, sizeof(appscratch), "/%s/watchdog/@tracedir", appname); noit_conf_get_string(NULL, appscratch, &trace_dir); if(trace_dir) noit_watchdog_glider_trace_dir(trace_dir); /* Lastly, run through all other system inits */ snprintf(appscratch, sizeof(appscratch), "/%s/eventer/@implementation", appname); if(!noit_conf_get_stringbuf(NULL, appscratch, conf_str, sizeof(conf_str))) { noitL(noit_stderr, "Cannot find '%s' in configuration\n", appscratch); exit(-1); } if(eventer_choose(conf_str) == -1) { noitL(noit_stderr, "Cannot choose eventer %s\n", conf_str); exit(-1); } if(configure_eventer(appname) != 0) { noitL(noit_stderr, "Cannot configure eventer\n"); exit(-1); } noit_watchdog_prefork_init(); if(chdir("/") != 0) { noitL(noit_stderr, "Failed chdir(\"/\"): %s\n", strerror(errno)); exit(-1); } /* Acquire the lock so that we can throw an error if it doesn't work. * If we've started -D, we'll have the lock. * If not we will daemon and must reacquire the lock. */ lockfd = -1; lockfile[0] = '\0'; snprintf(appscratch, sizeof(appscratch), "/%s/@lockfile", appname); if(noit_conf_get_stringbuf(NULL, appscratch, lockfile, sizeof(lockfile))) { if((lockfd = noit_lockfile_acquire(lockfile)) < 0) { noitL(noit_stderr, "Failed to acquire lock: %s\n", lockfile); exit(-1); } } if(foreground) return passed_child_main(); watchdog_timeout_str = getenv("WATCHDOG_TIMEOUT"); if(watchdog_timeout_str) { watchdog_timeout = atoi(watchdog_timeout_str); noitL(noit_error, "Setting watchdog timeout to %d\n", watchdog_timeout); } /* This isn't inherited across forks... */ if(lockfd >= 0) noit_lockfile_release(lockfd); fd = open("/dev/null", O_RDWR); dup2(fd, STDIN_FILENO); dup2(fd, STDOUT_FILENO); dup2(fd, STDERR_FILENO); if(fork()) exit(0); setsid(); if(fork()) exit(0); /* Reacquire the lock */ if(*lockfile) { if(noit_lockfile_acquire(lockfile) < 0) { noitL(noit_stderr, "Failed to acquire lock: %s\n", lockfile); exit(-1); } } signal(SIGHUP, SIG_IGN); return noit_watchdog_start_child("noitd", passed_child_main, watchdog_timeout); }