summaryrefslogtreecommitdiff
path: root/src/leap/soledad/server/app.py
diff options
context:
space:
mode:
Diffstat (limited to 'src/leap/soledad/server/app.py')
-rw-r--r--src/leap/soledad/server/app.py122
1 files changed, 122 insertions, 0 deletions
diff --git a/src/leap/soledad/server/app.py b/src/leap/soledad/server/app.py
new file mode 100644
index 00000000..4129ec95
--- /dev/null
+++ b/src/leap/soledad/server/app.py
@@ -0,0 +1,122 @@
+# -*- coding: utf-8 -*-
+# app.py
+# Copyright (C) 2017 LEAP
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+"""
+Soledad Server, as a Twisted Application.
+"""
+import sys
+import os
+
+from twisted.application import service, strports
+from twisted.web import server
+
+from leap.soledad.common.couch.check import check_schema_versions
+from leap.soledad.common.log import getLogger
+from leap.soledad.server import entrypoints
+from leap.soledad.server import get_config
+
+
+logger = getLogger(__name__)
+
+
+#
+# necessary checks
+#
+
+def check_env(local_port, public_port):
+ if local_port == public_port:
+ logger.error("LOCAL_SERVICES_PORT and HTTPS_PORT can't be the same!")
+ sys.exit(20)
+
+ if public_port is None and not os.getenv('DEBUG_SERVER'):
+ logger.error("HTTPS_PORT env var is required to be set!")
+ sys.exit(20)
+
+
+def check_conf(conf):
+ path = conf['blobs_path']
+ blobs_not_empty = bool(os.path.exists(path) and os.listdir(path))
+ if not conf['blobs'] and blobs_not_empty:
+ message = """
+** WARNING: Blobs is disabled, but blobs directory isn't empty. **
+** If it was previously enabled, disabling can cause data loss due blobs **
+** documents not being accessible to users. **
+** Blobs directory: %s
+** REFUSING TO START. Please double check your configuration. **
+ """
+ logger.error(message % path)
+ sys.exit(20)
+
+
+#
+# service creation functions
+#
+
+def create_local_service(port, application):
+ logger.info('Starting local Services HTTP API')
+ desc = 'tcp:%s:interface=127.0.0.1' % port
+ site = server.Site(entrypoints.ServicesEntrypoint())
+ service = strports.service(desc, site)
+ service.setServiceParent(application)
+
+
+def get_tls_service_description(port):
+ privateKey = os.getenv('PRIVKEY_PATH', '/etc/soledad/soledad-server.key')
+ certKey = os.getenv('CERT_PATH', '/etc/soledad/soledad-server.pem')
+ sslmethod = os.getenv('SSL_METHOD', 'SSLv23_METHOD')
+ desc = ':'.join([
+ 'ssl',
+ 'port=' + str(port),
+ 'privateKey=' + privateKey,
+ 'certKey=' + certKey,
+ 'sslmethod=' + sslmethod])
+ return desc
+
+
+def create_public_service(port, application):
+ logger.info('Starting public Users HTTP API')
+ if port:
+ desc = get_tls_service_description(port)
+ else:
+ logger.warn('Using plain HTTP on public Users API.')
+ desc = 'tcp:port=2424:interface=0.0.0.0'
+
+ site = server.Site(entrypoints.UsersEntrypoint())
+ service = strports.service(desc, site)
+ service.setServiceParent(application)
+
+
+def create_services(local_port, public_port, application):
+ create_local_service(local_port, application)
+ create_public_service(public_port, application)
+
+
+#
+# the application
+#
+
+def run(application):
+ local_port = os.getenv('LOCAL_SERVICES_PORT', 2525)
+ public_port = os.getenv('HTTPS_PORT', None)
+ conf = get_config()
+ check_env(local_port, public_port)
+ check_conf(conf)
+ d = check_schema_versions(conf['couch_url'])
+ d.addCallback(lambda _: create_services(local_port, public_port,
+ application))
+
+
+application = service.Application('soledad-server')