Skip to content

Commit

Permalink
Make socket file group writable
Browse files Browse the repository at this point in the history
  • Loading branch information
@hongquan
hongquan committed Jan 3, 2025
1 parent 303a04b commit e2d832e
Show file tree
Hide file tree
Showing 2 changed files with 19 additions and 14 deletions.
2 changes: 1 addition & 1 deletion Cargo.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -70,7 +70,7 @@ syntect = { version = "5.0.0", default-features = false, features = [
] }
thiserror = "2.0.9"
tokio = { version = "1.40.0", features = ["full"] }
tokio-listener = { version = "0.4.3", default-features = false, features = ["axum07", "nix", "unix"] }
tokio-listener = { version = "0.4.3", default-features = false, features = ["axum07", "unix", "unix_path_tools"] }
tower = { version = "0.5.2", features = ["tokio", "tracing"] }
tower-http = { version = "0.6.2", features = ["trace"] }
tower-sessions = "0.13.0"
Expand Down
31 changes: 18 additions & 13 deletions src/main.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ use axum_login::AuthManagerLayerBuilder;
use clap::Parser;
use miette::{miette, IntoDiagnostic};
use tokio_listener::axum07::serve as axum_serve;
use tokio_listener::{Listener, ListenerAddress, SystemOptions, UserOptions};
use tokio_listener::{Listener, ListenerAddress, SystemOptions, UnixChmodVariant, UserOptions};
use tower_http::trace::TraceLayer;
use tower_sessions::SessionManagerLayer;
use tracing::info;
Expand All @@ -31,11 +31,21 @@ use types::AppState;
async fn main() -> miette::Result<()> {
let app_opts = AppOptions::parse();
config_logging(&app_opts);
let config = conf::get_config().map_err(|e| miette!("Error loading config: {e}"))?;
let addr = match &app_opts.bind {
Some(saddr) => get_binding_addr(saddr).map_err(|e| miette!("{e}")),
None => {
let port = conf::get_listening_port(&config);
Ok(ListenerAddress::Tcp(SocketAddr::from((
get_listening_addr(),
port,
))))
}
}?;
let (redis_store, redis_conn) = db::get_redis_store()
.await
.map_err(|_e| miette!("Error connecting to Redis"))?;

let config = conf::get_config().map_err(|e| miette!("Error loading config: {e}"))?;
let client = db::get_edgedb_client(&config).await.map_err(|e| {
info!("{e:?}");
miette!("Failed to create EdgeDB client")
Expand All @@ -62,20 +72,15 @@ async fn main() -> miette::Result<()> {
.layer(auth_layer)
.layer(TraceLayer::new_for_http());

let addr = match &app_opts.bind {
Some(saddr) => get_binding_addr(saddr).map_err(|e| miette!("{e}")),
None => {
let port = conf::get_listening_port(&config);
Ok(ListenerAddress::Tcp(SocketAddr::from((
get_listening_addr(),
port,
))))
}
}?;
let main_service = app.into_make_service();
tracing::info!("Listening on http://{}", addr);
let sys_opts = SystemOptions::default();
let usr_opts = UserOptions::default();
let mut usr_opts = UserOptions::default();
// TODO: We want to chmod the socket file to 660 (allow owner and group to read and write),
// but there is bug in tokio-listener which remove owner permission,
// so we temporary use the most open mode.
usr_opts.unix_listen_unlink = true;
usr_opts.unix_listen_chmod = Some(UnixChmodVariant::Everybody);
let listerner = Listener::bind(&addr, &sys_opts, &usr_opts)
.await
.into_diagnostic()?;
Expand Down

0 comments on commit e2d832e

Please sign in to comment.