Update Scripts,Add HSTS Redirect Server And HTTPS Server

2022-02-17 12:03:21 +08:00 · 2022-02-17 12:03:21 +08:00 · da6e06edd6
parent 2e7d1789c7
commit da6e06edd6
4 changed files with 159 additions and 67 deletions
--- a/backend/Cargo.toml
+++ b/backend/Cargo.toml
@ -47,7 +47,7 @@ tokio = { version = "1", features = ["fs", "io-util", "macros", "rt", "rt-multi-
 uuid = { version = "0.8", features = ["v5"] }
 urlencoding = "2"
 v_htmlescape = "0.14"
-warp = "0.3"
+warp = {version="0.3",features=["tls"]}
 zip = { version = "0.5", default-features = false }

 # https://doc.rust-lang.org/cargo/reference/specifying-dependencies.html#platform-specific-dependencies
--- a/backend/src/main.rs
+++ b/backend/src/main.rs
@ -3,7 +3,8 @@ use tokio::{
    runtime::{Builder, Runtime},
    sync::oneshot,
 };
-
+use futures::{future::{BoxFuture, join_all}, Future};
+use std::{net::SocketAddr};
 use blog_backend::{db, service, util::result};

 #[derive(Debug, PartialEq)]
@ -16,19 +17,41 @@ enum RunMode {
 #[derive(Parser, Debug)]
 #[clap(name = "Songday blog backend", author, version, about, long_about = None)]
 struct Args {
-    /// Specify run mode: 's' is for static file serve, otherwise is Blog backend
-    #[clap(short, long)]
-    mode: Option<String>,
+    /// Specify run mode: 'static' is for static file serve, 'blog' is blog warp server mode
+    #[clap( long , default_value ="blog")]
+    mode: String,

-    /// Specify listening address, default value is '127.0.0.1'
-    #[clap(short, long)]
-    address: Option<String>,
+   /// Enable HTTP Server
+    #[clap(long)]
+    http_enable:bool,
+    /// Specify http listening address, default value is '127.0.0.1'
+    #[clap(long , default_value="127.0.0.1")]
+    http_address: String,

-    /// Specify listening port, default value is '9270'
-    #[clap(short, long)]
-    port: Option<String>,
+    /// Specify listening port, default value is '80'
+    #[clap( long, default_value_t=80)]
+    http_port: u16,
+    /// Enable HTTPS Server
+    #[clap(long)]
+    https_enable:bool,
+    /// Specify https listening address, default value is '127.0.0.1'
+    #[clap( long , default_value="127.0.0.1")]
+    https_address: String,
+
+    /// Specify listening port, default value is '443'
+    #[clap( long, default_value_t=443)]
+    https_port: u16,
+    /// Enable HSTS Redirect Server
+    #[clap(long)]
+    hsts_enable:bool,
+}
+pub struct HttpConfig{
+    pub enabled:bool,
+}
+pub struct HttpsConfig{
+    pub enabled:bool,
+    pub hsts:bool,
 }
-
 fn main() -> result::Result<()> {
    let args = Args::parse();

@ -39,13 +62,28 @@ fn main() -> result::Result<()> {
        .thread_stack_size(1024 * 1024)
        .build()?;

-    let (tx, rx) = oneshot::channel::<()>();
+        let (tx1, rx1) = oneshot::channel::<()>();
+        let (tx2, rx2) = oneshot::channel::<()>();

    runtime.spawn(async {
        match tokio::signal::ctrl_c().await {
            Ok(()) => {
                println!("Shutting down web server...");
-                match tx.send(()) {
+                match tx1.send(()) {
+                    Ok(()) => {},
+                    Err(_) => println!("the receiver dropped"),
+                }
+            },
+            Err(e) => {
+                eprintln!("{}", e);
+            },
+        }
+    });
+    runtime.spawn(async {
+        match tokio::signal::ctrl_c().await {
+            Ok(()) => {
+                println!("Shutting down web server...");
+                match tx2.send(()) {
                    Ok(()) => {},
                    Err(_) => println!("the receiver dropped"),
                }
@ -56,46 +94,56 @@ fn main() -> result::Result<()> {
        }
    });

-    // let run_mode = if args.mode.is_none() {
-    //     let mut line = String::with_capacity(16);
-    //     println!("指定运行模式, 直接回车是博客后台，按 s 是静态文件服务");
-    //     println!("Specify run mode, default (Press 'Enter' directly) is Blog backend, `s` is static file serve");
-    //     let _b1 = std::io::stdin().read_line(&mut line).unwrap();
-    //     // println!("Hello , {}", line);
-    //     // println!("no of bytes read , {}", b1);
-    //     String::from(line.trim())
-    // } else {
-    //     args.mode.unwrap()
-    // };

-    let run_mode = args.mode.unwrap_or(String::new());
-    let mut address = args.address.unwrap_or(String::from("127.0.0.1"));
-    let port = args.port.unwrap_or(String::from("9270"));
-    address.push_str(":");
-    address.push_str(&port);

-    if run_mode.eq("s") {
+    let run_mode = args.mode;
+    if run_mode.eq("static") {
        println!("Creating server instance...");
-        let server = runtime.block_on(service::server::create_static_file_server(&address, rx))?;
+        let http_address=args.http_address.parse::<SocketAddr>()?;
+        let server = runtime.block_on(service::server::create_static_file_server(http_address, rx1))?;

        println!("Starting static file server...");
        runtime.block_on(server);
-    } else {
+    } else if run_mode.eq("blog"){
+        let mut https_address = args.https_address;
+        https_address.push_str(":");
+        https_address.push_str(&args.https_port.to_string());
+        let https_address=https_address.parse::<SocketAddr>()?;
+        let mut http_address = args.http_address;
+        http_address.push_str(":");
+        http_address.push_str(&args.http_port.to_string());
+        let http_address=http_address.parse::<SocketAddr>()?;
+        let https_config=HttpsConfig{
+            enabled:args.https_enable,
+            hsts:args.hsts_enable,
+           };
+        let http_config=HttpConfig{
+            enabled:args.http_enable,
+           };
        println!("Initializing database connection...");
        runtime.block_on(db::init_datasource());
-
+        
        println!("Creating server instance...");
-        let server = runtime.block_on(service::server::create_blog_server(&address, rx))?;
+        let mut vec:Vec<BoxFuture<()>> = Vec::new();
+        if http_config.enabled{
+            if https_config.hsts{
+                let server=runtime.block_on( service::server::create_blog_server_hsts(http_address, rx1));
+                vec.push(Box::pin(server.unwrap()));              
+                println!("Creating HSTS Redirect server instance...");
+            }else{
+                let server= runtime.block_on(service::server::create_blog_server(http_address, rx1));
+                println!("Starting http blog backend server...");
+                vec.push(Box::pin(server.unwrap()));
+            }
+        }
+        if https_config.enabled{
+            let server=runtime.block_on(service::server::create_tls_blog_server(https_address, rx2));
+            println!("Starting https blog backend server...");
+            vec.push(Box::pin(server.unwrap()));
+        }
+        let server=join_all(vec);

-        runtime.spawn(service::status::scanner());
-
-        println!("Starting blog backend server...");
        runtime.block_on(server);
-
-        // println!("Starting web server...");
-        // let server = runtime.block_on(async { server::create_server("127.0.0.1:9270", rx).await.unwrap() });
-        // runtime.block_on(server);
-
        println!("Closing database connections...");
        runtime.block_on(db::shutdown());
    }
@ -103,12 +151,4 @@ fn main() -> result::Result<()> {
    println!("Bye...");

    Ok(())
-    /*
-    tokio::spawn(async move {
-        let r = tokio::signal::ctrl_c().await;
-        println!("ctrl-c received!");
-    });
-    println!("Starting web server...");
-    server::start("127.0.0.1:9270").await
-    */
 }
--- a/backend/src/service/server.rs
+++ b/backend/src/service/server.rs
@ -1,8 +1,10 @@
 use std::{collections::HashMap, convert::Infallible, net::SocketAddr};

 use futures::future::Future;
+use hyper::{Uri, header::HeaderValue, HeaderMap};
+use password_hash::Output;
 use tokio::sync::oneshot::Receiver;
-use warp::{self, reject, Filter};
+use warp::{self, reject, Filter, Server, TlsServer};

 use blog_common::{
    dto::{
@ -69,7 +71,7 @@ fn auth() -> impl Filter<Extract = (Option<UserInfo>,), Error = Infallible> + Cl
 // }

 pub async fn create_static_file_server(
-    address: &str,
+    address: SocketAddr,
    receiver: Receiver<()>,
 ) -> Result<impl Future<Output = ()> + 'static> {
    let dir = std::env::current_dir().unwrap();
@ -77,16 +79,55 @@ pub async fn create_static_file_server(
    println!("Serving directory path is {}", dir.as_path().display());
    let routes = warp::get().and(warp::fs::dir(dir));

-    let addr = address.parse::<SocketAddr>()?;
+    //let addr = address.parse::<SocketAddr>()?;

-    let (_addr, server) = warp::serve(routes).bind_with_graceful_shutdown(addr, async {
+    let (_addr, server) = warp::serve(routes).bind_with_graceful_shutdown(address, async {
        receiver.await.ok();
    });

    Ok(server)
 }

-pub async fn create_blog_server(address: &str, receiver: Receiver<()>) -> Result<impl Future<Output = ()> + 'static> {
+pub async fn create_blog_server(http_addr: SocketAddr,receiver: Receiver<()>)->Result<impl Future<Output = ()> + 'static>{
+    let routes = blog_filter();
+    let routes = routes.recover(facade::handle_rejection);
+    //let http_addr = http_config.http_address;
+    let server=warp::serve(routes);  
+    let server=server.bind_with_graceful_shutdown(http_addr, async {
+        receiver.await.ok();
+    }).1;
+    return Ok(server);
+}
+pub async fn create_blog_server_hsts(http_addr: SocketAddr,receiver: Receiver<()>)->Result<impl Future<Output = ()> + 'static>{
+
+    let mut HSTSheaders = HeaderMap::new();
+    HSTSheaders.insert("Strict-Transport-Security", HeaderValue::from_static("max-age=31536000; includeSubDomains; preload"));
+    let hsts = warp::any().map(warp::reply).with(warp::reply::with::headers(HSTSheaders));
+    let hsts_redir=warp::get().and(warp::path("http").map(|| {
+        println!("This is http server");
+        warp::redirect(Uri::from_static("https://127.0.0.1:443"))
+    }));
+    let hsts=hsts_redir.or(hsts);
+    let server=warp::serve(hsts);  
+    let server=server.bind_with_graceful_shutdown(http_addr, async {
+        receiver.await.ok();
+    }).1;
+    return Ok(server);
+}
+pub async fn create_tls_blog_server(https_addr: SocketAddr,receiver: Receiver<()>)->Result<impl Future<Output = ()> + 'static>{
+    let routes = blog_filter();
+    let routes = routes.recover(facade::handle_rejection);
+    //let https_addr = https_config.https_address;
+    let server=warp::serve(routes);
+    let server=server.tls()
+    .cert_path("cert.pem")
+    .key_path("priv.key");
+    let server=server.bind_with_graceful_shutdown(https_addr, async {
+        receiver.await.ok();
+    }).1;
+    return Ok(server);
+}
+pub fn blog_filter() -> impl Filter<Extract = impl warp::Reply,Error = warp::Rejection> + Clone{
    let index = warp::get().and(warp::path::end()).and_then(crate::facade::index::index);
    let asset = warp::get()
        .and(warp::path("asset"))
@ -238,8 +279,10 @@ pub async fn create_blog_server(address: &str, receiver: Receiver<()>) -> Result
        // .allow_any_origin()
        .allow_origins(
            vec![
-                "http://localhost:9270",
-                "http://127.0.0.1:9270",
+                "http://localhost:80",
+                "http://127.0.0.1:80",
+                "https://localhost:443",
+                "https://127.0.0.1:443",
                // todo 读取配置里面的域名信息，然后填写在这里
            ]
            .into_iter(),
@ -275,15 +318,9 @@ pub async fn create_blog_server(address: &str, receiver: Receiver<()>) -> Result
        .or(save_image)
        .or(export)
        .or(forgot_password)
-        .with(cors)
-        // .with(warp::service(session_id_wrapper))
-        .recover(facade::handle_rejection);
+        .with(cors);

-    let addr = address.parse::<SocketAddr>()?;
+    routes

-    let (_addr, server) = warp::serve(routes).bind_with_graceful_shutdown(addr, async {
-        receiver.await.ok();
-    });
-
-    Ok(server)
 }
+
--- a/scripts/build.sh
+++ b/scripts/build.sh
@ -0,0 +1,15 @@
+#!/bin/bash
+# author:FlyingBlackShark
+clear
+cd ../frontend
+rm -rf dist
+trunk build
+cd dist
+sed -i  's?"/?"/asset/?g' index.html
+sed -i  "s?'/?'/asset/?g" index.html
+cd ..
+rm -rf ../backend/src/resource/asset/*
+mv dist/index.html ../backend/src/resource/page/
+cp -r dist/* ../backend/src/resource/asset/
+cd ../backend
+cargo run