From 3deb3705bf97e7cd5c70a9ac705d4bc46701d7e6 Mon Sep 17 00:00:00 2001 From: Waldemar Heinze Date: Thu, 24 Nov 2022 09:52:54 +0100 Subject: [PATCH] refactor: distinguish `host` between ldap and api listeners --- lldap_config.docker_template.toml | 8 +++-- server/src/infra/cli.rs | 8 +++++ server/src/infra/configuration.rs | 4 ++- server/src/infra/ldap_server.rs | 4 +-- server/src/infra/tcp_server.rs | 52 +++++++++++++++++-------------- 5 files changed, 47 insertions(+), 29 deletions(-) diff --git a/lldap_config.docker_template.toml b/lldap_config.docker_template.toml index 78c1cb8..1c290af 100644 --- a/lldap_config.docker_template.toml +++ b/lldap_config.docker_template.toml @@ -8,12 +8,16 @@ # verbose=false ## The host address that the LDAP server will be bound to. -## To enable IPv6 support, simply switch "host" to "::1": -#host = "0.0.0.0" +## To enable IPv6 support, simply switch "ldap_host" to "::1": +#ldap_host = "0.0.0.0" ## The port on which to have the LDAP server. #ldap_port = 3890 +## The host address that the HTTP server will be bound to. +## To enable IPv6 support, simply switch "api_host" to "::1": +#api_host = "0.0.0.0" + ## The port on which to have the HTTP server, for user login and ## administration. #http_port = 17170 diff --git a/server/src/infra/cli.rs b/server/src/infra/cli.rs index 031d67e..bc2f9c3 100644 --- a/server/src/infra/cli.rs +++ b/server/src/infra/cli.rs @@ -54,10 +54,18 @@ pub struct RunOpts { #[clap(long, env = "LLDAP_SERVER_KEY_FILE")] pub server_key_file: Option, + /// Change ldap host. Default: "0.0.0.0" + #[clap(long, env = "LLDAP_LDAP_HOST")] + pub ldap_host: Option, + /// Change ldap port. Default: 3890 #[clap(long, env = "LLDAP_LDAP_PORT")] pub ldap_port: Option, + /// Change HTTP API host. Default: "0.0.0.0" + #[clap(long, env = "LLDAP_API_HOST")] + pub api_host: Option, + /// Change HTTP API port. Default: 17170 #[clap(long, env = "LLDAP_HTTP_PORT")] pub http_port: Option, diff --git a/server/src/infra/configuration.rs b/server/src/infra/configuration.rs index ffb2b54..4ff8987 100644 --- a/server/src/infra/configuration.rs +++ b/server/src/infra/configuration.rs @@ -64,10 +64,12 @@ impl std::default::Default for LdapsOptions { #[derive(Clone, Debug, Deserialize, Serialize, derive_builder::Builder)] #[builder(pattern = "owned", build_fn(name = "private_build"))] pub struct Configuration { + #[builder(default = r#"String::from("0.0.0.0")"#)] + pub ldap_host: String, #[builder(default = "3890")] pub ldap_port: u16, #[builder(default = r#"String::from("0.0.0.0")"#)] - pub host: String, + pub api_host: String, #[builder(default = "17170")] pub http_port: u16, #[builder(default = r#"SecUtf8::from("secretjwtsecret")"#)] diff --git a/server/src/infra/ldap_server.rs b/server/src/infra/ldap_server.rs index 63cb016..80b8cf4 100644 --- a/server/src/infra/ldap_server.rs +++ b/server/src/infra/ldap_server.rs @@ -177,7 +177,7 @@ where info!("Starting the LDAP server on port {}", config.ldap_port); let server_builder = server_builder - .bind("ldap", (config.host.clone(), config.ldap_port), binder) + .bind("ldap", (config.ldap_host.clone(), config.ldap_port), binder) .with_context(|| format!("while binding to the port {}", config.ldap_port)); if config.ldaps_options.enabled { let tls_context = ( @@ -214,7 +214,7 @@ where server_builder.and_then(|s| { s.bind( "ldaps", - (config.host.clone(), config.ldaps_options.port), + (config.ldap_host.clone(), config.ldaps_options.port), tls_binder, ) .with_context(|| format!("while binding to the port {}", config.ldaps_options.port)) diff --git a/server/src/infra/tcp_server.rs b/server/src/infra/tcp_server.rs index fc440a8..481315d 100644 --- a/server/src/infra/tcp_server.rs +++ b/server/src/infra/tcp_server.rs @@ -129,30 +129,34 @@ where let mail_options = config.smtp_options.clone(); info!("Starting the API/web server on port {}", config.http_port); server_builder - .bind("http", (config.host.clone(), config.http_port), move || { - let backend_handler = backend_handler.clone(); - let jwt_secret = jwt_secret.clone(); - let jwt_blacklist = jwt_blacklist.clone(); - let server_url = server_url.clone(); - let mail_options = mail_options.clone(); - HttpServiceBuilder::new() - .finish(map_config( - App::new() - .wrap(tracing_actix_web::TracingLogger::::new()) - .configure(move |cfg| { - http_config( - cfg, - backend_handler, - jwt_secret, - jwt_blacklist, - server_url, - mail_options, - ) - }), - |_| AppConfig::default(), - )) - .tcp() - }) + .bind( + "http", + (config.api_host.clone(), config.http_port), + move || { + let backend_handler = backend_handler.clone(); + let jwt_secret = jwt_secret.clone(); + let jwt_blacklist = jwt_blacklist.clone(); + let server_url = server_url.clone(); + let mail_options = mail_options.clone(); + HttpServiceBuilder::new() + .finish(map_config( + App::new() + .wrap(tracing_actix_web::TracingLogger::::new()) + .configure(move |cfg| { + http_config( + cfg, + backend_handler, + jwt_secret, + jwt_blacklist, + server_url, + mail_options, + ) + }), + |_| AppConfig::default(), + )) + .tcp() + }, + ) .with_context(|| { format!( "While bringing up the TCP server with port {}",