def _create_web_factory(self, config):
options = config.get('options', {})
# create Twisted Web root resource
if '/' in config['paths']:
root_config = config['paths']['/']
root = self._create_resource(root_config, nested=False)
else:
root = Resource404(self._templates, b'')
# create Twisted Web resources on all non-root paths configured
self._add_paths(root, config.get('paths', {}))
# create the actual transport factory
transport_factory = Site(root)
transport_factory.noisy = False
# Web access logging
if not options.get('access_log', False):
transport_factory.log = lambda _: None
# Traceback rendering
transport_factory.displayTracebacks = options.get('display_tracebacks', False)
# HSTS
if options.get('hsts', False):
if 'tls' in config['endpoint']:
hsts_max_age = int(options.get('hsts_max_age', 31536000))
transport_factory.requestFactory = createHSTSRequestFactory(transport_factory.requestFactory, hsts_max_age)
else:
self.log.warn("Warning: HSTS requested, but running on non-TLS - skipping HSTS")
return transport_factory
def _create_web_factory(self, config):
options = config.get('options', {})
# create Twisted Web root resource
if '/' in config['paths']:
root_config = config['paths']['/']
root = self._create_resource(root_config, nested=False)
else:
root = Resource404(self._templates, b'')
# create Twisted Web resources on all non-root paths configured
self._add_paths(root, config.get('paths', {}))
# create the actual transport factory
transport_factory = Site(root)
transport_factory.noisy = False
# Web access logging
if not options.get('access_log', False):
transport_factory.log = lambda _: None
# Traceback rendering
transport_factory.displayTracebacks = options.get('display_tracebacks', False)
# HSTS
if options.get('hsts', False):
if 'tls' in config['endpoint']:
hsts_max_age = int(options.get('hsts_max_age', 31536000))
transport_factory.requestFactory = createHSTSRequestFactory(transport_factory.requestFactory, hsts_max_age)
else:
self.log.warn("Warning: HSTS requested, but running on non-TLS - skipping HSTS")
return transport_factory
def start_server(self):
log_timer = Log(logging.DEBUG).start()
Log(logging.INFO).log("Service", "state", lambda: "[anode] starting")
web_root = File(os.path.dirname(__file__) + "/web")
web_root.putChild(b"ws", WebSocketResource(self.web_ws))
web_root.putChild(u"rest", KleinResource(self.web_rest.server))
web = Site(web_root, logPath="/dev/null")
web.noisy = False
self.core_reactor.addSystemEventTrigger("after", "shutdown", self.stop_server)
if self.certificate is None:
self.core_reactor.listenTCP(int(self.config["port"]), web)
else:
self.core_reactor.listenSSL(int(self.config["port"]), web, self.certificate)
if self.publish_service is not None:
self.publish_service.startService()
log_timer.log("Service", "timer", lambda: "[anode] started", context=self.start_server)
self.core_reactor.run()
def _create_web_factory(self, config, is_secure):
options = config.get('options', {})
# create Twisted Web root resource
if '/' in config['paths']:
root_config = config['paths']['/']
root = self._create_resource(root_config, nested=False)
else:
root = Resource404(self._templates, b'')
# create Twisted Web resources on all non-root paths configured
self._add_paths(root, config.get('paths', {}))
# create the actual transport factory
transport_factory = Site(
root,
timeout=options.get('client_timeout', None),
)
transport_factory.noisy = False
# we override this factory so that we can inject
# _LessNoisyHTTPChannel to avoid info-level logging on timing
# out web clients (which happens all the time).
def channel_protocol_factory():
return _GenericHTTPChannelProtocol(_LessNoisyHTTPChannel())
transport_factory.protocol = channel_protocol_factory
# Web access logging
if not options.get('access_log', False):
transport_factory.log = lambda _: None
# Traceback rendering
transport_factory.displayTracebacks = options.get('display_tracebacks', False)
# HSTS
if options.get('hsts', False):
if is_secure:
hsts_max_age = int(options.get('hsts_max_age', 31536000))
transport_factory.requestFactory = createHSTSRequestFactory(transport_factory.requestFactory, hsts_max_age)
else:
self.log.warn("Warning: HSTS requested, but running on non-TLS - skipping HSTS")
return transport_factory
def __init__(self, queue):
self.queue = queue
# set up handler to drop emails from the 'queue' into the main queue
lc = task.LoopingCall(self.processSockets)
lc.start(2)
# fire up static server while we're here
staticResource = File('./static/dist')
staticFactory = Site(staticResource, logPath=os.devnull)
staticFactory.noisy = False
if Config.useSSL:
contextFactory = ssl.DefaultOpenSSLContextFactory(
Config.keyFile,
Config.certFile
)
# static HTTPS serving
reactor.listenSSL(Config.httpsPort, staticFactory, contextFactory)
# WSS
WSfactory = WebSocketServerFactory(u"wss://localhost:9000", debug=False)
WSfactory.protocol = self.MyServerProtocol
WSfactory.noisy = False
listenWS(WSfactory, contextFactory)
else:
# static HTTP serving
reactor.listenTCP(Config.httpPort, staticFactory)
# WS
WSfactory = WebSocketServerFactory(u"ws://localhost:9000", debug=False)
WSfactory.protocol = self.MyServerProtocol
WSfactory.noisy = False
listenWS(WSfactory)
# no handlers because threads
reactor.run(installSignalHandlers=0)
def __init__(self, queue):
self.queue = queue
# set up handler to drop emails from the 'queue' into the main queue
lc = task.LoopingCall(self.processSockets)
lc.start(2)
# fire up static server while we're here
staticResource = File('./static/dist')
staticFactory = Site(staticResource, logPath=os.devnull)
staticFactory.noisy = False
if Config.useSSL:
contextFactory = ssl.DefaultOpenSSLContextFactory(
Config.keyFile, Config.certFile)
# static HTTPS serving
reactor.listenSSL(443, staticFactory, contextFactory)
# WSS
WSfactory = WebSocketServerFactory(u"wss://localhost:9000",
debug=False)
WSfactory.protocol = self.MyServerProtocol
WSfactory.noisy = False
listenWS(WSfactory, contextFactory)
else:
# static HTTP serving
reactor.listenTCP(80, staticFactory)
# WS
WSfactory = WebSocketServerFactory(u"ws://localhost:9000",
debug=False)
WSfactory.protocol = self.MyServerProtocol
WSfactory.noisy = False
listenWS(WSfactory)
# no handlers because threads
reactor.run(installSignalHandlers=0)
def main(pm):
from sputnik.webserver.router.twisted.wamp import RouterFactory
router_factory = RouterFactory()
router_factory.router = SputnikRouter
router_factory.authz_plugins = \
pm.services.get("sputnik.webserver.plugins.authz", [])
router_factory.schema_plugins = \
pm.services.get("sputnik.webserver.plugins.schema", [])
from sputnik.webserver.router.twisted.wamp import RouterSessionFactory
session_factory = RouterSessionFactory(router_factory)
session_factory.session = SputnikRouterSession
authn_stack = [("ip.IPFilter", "requisite"),
("anonymous.AnonymousLogin", "sufficient"),
("cookie.CookieLogin", "sufficient"),
("wampcra.WAMPCRALogin", "requisite"),
("totp.TOTPVerification", "requisite")]
session_factory.plugins = []
for plugin_name, flag in authn_stack:
path = "sputnik.webserver.plugins.authn." + plugin_name
session_factory.plugins.append((pm.plugins[path], flag))
rpc_plugins = pm.services.get("sputnik.webserver.plugins.rpc", [])
feeds_plugins = pm.services.get("sputnik.webserver.plugins.feeds", [])
svc_plugins = rpc_plugins + feeds_plugins
for plugin in svc_plugins:
component_session = plugin
component_session.config.realm = u"sputnik"
session_factory.add(component_session,
plugin.plugin_path.decode("ascii"), u"trusted")
uri = "ws://"
if config.getboolean("webserver", "ssl"):
uri = "wss://"
address = config.get("webserver", "ws_address")
port = config.getint("webserver", "ws_port")
uri += "%s:%s/" % (address, port)
from autobahn.twisted.websocket import WampWebSocketServerFactory
transport_factory = WampWebSocketServerFactory(session_factory,
uri, debug = False, debug_wamp = False)
transport_factory.setProtocolOptions(failByDrop = False)
watchdog(config.get("watchdog", "webserver"))
from twisted.web.server import Site
from autobahn.twisted.resource import WebSocketResource
root = Root()
ws_resource = WebSocketResource(transport_factory)
rest_resource = pm.plugins['sputnik.webserver.rest.RESTProxy']
root.putChild("ws", ws_resource)
root.putChild("api", rest_resource)
site = Site(root)
site.noisy = False
site.log = lambda _: None
from twisted.internet.endpoints import serverFromString, quoteStringArgument
if config.getboolean("webserver", "ssl"):
key = config.get("webserver", "ssl_key")
cert = config.get("webserver", "ssl_cert")
cert_chain = config.get("webserver", "ssl_cert_chain")
# TODO: Add dhparameters
# See https://twistedmatrix.com/documents/14.0.0/core/howto/endpoints.html
server = serverFromString(reactor, b"ssl:%d:privateKey=%s:certKey=%s:extraCertChain=%s:sslmethod=TLSv1_METHOD"
% (port,
quoteStringArgument(key),
quoteStringArgument(cert),
quoteStringArgument(cert_chain)))
else:
server = serverFromString(reactor, b"tcp:%d" % port)
server.listen(site)
def run(pm, reactor):
from sputnik.webserver.router.twisted.wamp import RouterFactory
router_factory = RouterFactory()
router_factory.router = SputnikRouter
router_factory.authz_plugins = \
pm.services.get("sputnik.webserver.plugins.authz", [])
router_factory.schema_plugins = \
pm.services.get("sputnik.webserver.plugins.schema", [])
from sputnik.webserver.router.twisted.wamp import RouterSessionFactory
session_factory = RouterSessionFactory(router_factory)
session_factory.session = SputnikRouterSession
authn_stack = [("ip.IPFilter", "requisite"),
("anonymous.AnonymousLogin", "sufficient"),
("cookie.CookieLogin", "sufficient"),
("wampcra.WAMPCRALogin", "requisite"),
("totp.TOTPVerification", "requisite")]
session_factory.plugins = []
for plugin_name, flag in authn_stack:
path = "sputnik.webserver.plugins.authn." + plugin_name
session_factory.plugins.append((pm.plugins[path], flag))
rpc_plugins = pm.services.get("sputnik.webserver.plugins.rpc", [])
feeds_plugins = pm.services.get("sputnik.webserver.plugins.feeds", [])
svc_plugins = rpc_plugins + feeds_plugins
for plugin in svc_plugins:
component_session = plugin
component_session.config.realm = u"sputnik"
session_factory.add(component_session,
plugin.plugin_path.decode("ascii"), u"trusted")
uri = "ws://"
if config.getboolean("webserver", "ssl"):
uri = "wss://"
address = config.get("webserver", "ws_address")
port = config.getint("webserver", "ws_port")
uri += "%s:%s/" % (address, port)
from autobahn.twisted.websocket import WampWebSocketServerFactory
transport_factory = WampWebSocketServerFactory(session_factory,
uri,
debug=False,
debug_wamp=False)
transport_factory.setProtocolOptions(failByDrop=False)
watchdog(config.get("watchdog", "webserver"))
from twisted.web.server import Site
from autobahn.twisted.resource import WebSocketResource
root = Root()
ws_resource = WebSocketResource(transport_factory)
rest_resource = pm.plugins['sputnik.webserver.rest.RESTProxy']
root.putChild("ws", ws_resource)
root.putChild("api", rest_resource)
site = Site(root)
site.noisy = False
site.log = lambda _: None
from twisted.internet.endpoints import serverFromString, quoteStringArgument
if config.getboolean("webserver", "ssl"):
key = config.get("webserver", "ssl_key")
cert = config.get("webserver", "ssl_cert")
cert_chain = config.get("webserver", "ssl_cert_chain")
# TODO: Add dhparameters
# See https://twistedmatrix.com/documents/14.0.0/core/howto/endpoints.html
server = serverFromString(
reactor,
b"ssl:%d:privateKey=%s:certKey=%s:extraCertChain=%s:sslmethod=TLSv1_METHOD"
% (port, quoteStringArgument(key), quoteStringArgument(cert),
quoteStringArgument(cert_chain)))
else:
server = serverFromString(reactor, b"tcp:%d" % port)
server.listen(site)
if __name__ == '__main__':
log.startLogging(sys.stdout)
router_factory = router.RouterFactory()
session_factory = wamp.RouterSessionFactory(router_factory)
component_config = types.ComponentConfig(realm = "realm1")
component_session = MyBackendComponent(component_config)
session_factory.add(component_session)
ws_factory = websocket.WampWebSocketServerFactory(session_factory, \
debug = False, \
debug_wamp = False)
ws_factory.startFactory()
ws_resource = WebSocketResource(ws_factory)
lp_resource = WampLongPollResource(session_factory, debug = True, debug_session_id = "kjmd3sBLOUnb3Fyr")
root = File(".")
root.putChild("ws", ws_resource)
root.putChild("lp", lp_resource)
web_factory = Site(root)
web_factory.noisy = False
server = serverFromString(reactor, "tcp:8080")
server.listen(web_factory)
reactor.run()
transport_factory = WampWebSocketServerFactory(session_factory,
args.wsurl,
debug=False,
debug_wamp=args.debug)
transport_factory.setProtocolOptions(failByDrop=False)
from twisted.web.server import Site
from twisted.web.static import File
from autobahn.twisted.resource import WebSocketResource
# we serve static files under "/" ..
root = File(".")
# .. and our WebSocket server under "/ws"
resource = WebSocketResource(transport_factory)
root.putChild("ws", resource)
# run both under one Twisted Web Site
site = Site(root)
site.noisy = False
site.log = lambda _: None
# start the WebSocket server from an endpoint
##
server = serverFromString(reactor, args.websocket)
server.listen(site)
# now enter the Twisted reactor loop
##
reactor.run()
transport_factory = WampWebSocketServerFactory(session_factory, args.wsurl, debug = False, debug_wamp = args.debug)
transport_factory.setProtocolOptions(failByDrop = False)
from twisted.web.server import Site
from twisted.web.static import File
from autobahn.twisted.resource import WebSocketResource
## we serve static files under "/" ..
root = File(".")
## .. and our WebSocket server under "/ws"
resource = WebSocketResource(transport_factory)
root.putChild("ws", resource)
## run both under one Twisted Web Site
site = Site(root)
site.noisy = False
site.log = lambda _: None
## start the WebSocket server from an endpoint
##
server = serverFromString(reactor, args.websocket)
server.listen(site)
## now enter the Twisted reactor loop
##
reactor.run()
parser.add_argument("--root",
type=str,
default=".",
help='Web document root directory')
parser.add_argument(
"--endpoint",
type=str,
default="tcp:8080",
help=
'Twisted server endpoint descriptor, e.g. "tcp:8080" or "unix:/tmp/mywebsocket".'
)
parser.add_argument("-s",
"--silence",
action="store_true",
help="Disable access logging.")
args = parser.parse_args()
log.startLogging(sys.stdout)
factory = Site(File(args.root))
if args.silence:
factory.log = lambda _: None
factory.noisy = False
server = serverFromString(reactor, args.endpoint)
server.listen(factory)
reactor.run()
def connection_main(sysargs=None, use_files=True):
"""Main entry point to setup a connection node, aka the autopush script"""
args, parser = _parse_connection(sysargs, use_files)
log_format = "text" if args.human_logs else "json"
log_level = args.log_level or ("debug" if args.debug else "info")
sentry_dsn = bool(os.environ.get("SENTRY_DSN"))
PushLogger.setup_logging(
"Autopush",
log_level=log_level,
log_format=log_format,
log_output=args.log_output,
sentry_dsn=sentry_dsn,
firehose_delivery_stream=args.firehose_stream_name)
# Add some entropy to prevent potential conflicts.
postfix = os.urandom(4).encode('hex').ljust(8, '0')
settings = make_settings(
args,
port=args.port,
endpoint_scheme=args.endpoint_scheme,
endpoint_hostname=args.endpoint_hostname,
endpoint_port=args.endpoint_port,
router_scheme="https" if args.router_ssl_key else "http",
router_hostname=args.router_hostname,
router_port=args.router_port,
env=args.env,
hello_timeout=args.hello_timeout,
preflight_uaid="deadbeef000000000deadbeef" + postfix,
debug=args.debug,
)
if not settings:
return 1 # pragma: nocover
# Internal HTTP notification router
h_kwargs = dict(ap_settings=settings)
site = cyclone.web.Application([
(endpoint_paths['route'], RouterHandler, h_kwargs),
(endpoint_paths['notification'], NotificationHandler, h_kwargs),
],
default_host=settings.router_hostname,
debug=args.debug,
log_function=skip_request_logging)
site.noisy = args.debug
mount_health_handlers(site, settings)
# Public websocket server
proto = "wss" if args.ssl_key else "ws"
factory = PushServerFactory(
settings,
"%s://%s:%s/" % (proto, args.hostname, args.port),
)
factory.setProtocolOptions(
webStatus=False,
openHandshakeTimeout=5,
autoPingInterval=args.auto_ping_interval,
autoPingTimeout=args.auto_ping_timeout,
maxConnections=args.max_connections,
closeHandshakeTimeout=args.close_handshake_timeout,
)
settings.metrics.start()
# Wrap the WebSocket server in a default resource that exposes the
# `/status` handler, and delegates to the WebSocket resource for all
# other requests.
resource = DefaultResource(WebSocketResource(factory))
resource.putChild("status", StatusResource())
site_factory = Site(resource)
# Silence starting/stopping messages
site_factory.noisy = args.debug
site.noisy = args.debug
# Start the WebSocket listener.
if args.ssl_key:
context_factory = AutopushSSLContextFactory(args.ssl_key,
args.ssl_cert,
dh_file=args.ssl_dh_param)
reactor.listenSSL(args.port, site_factory, context_factory)
else:
reactor.listenTCP(args.port, site_factory)
# Start the internal routing listener.
if args.router_ssl_key:
context_factory = AutopushSSLContextFactory(args.router_ssl_key,
args.router_ssl_cert,
dh_file=args.ssl_dh_param)
reactor.listenSSL(args.router_port, site, context_factory)
else:
reactor.listenTCP(args.router_port, site)
reactor.suggestThreadPoolSize(50)
start_looping_call(1.0, periodic_reporter, settings, factory)
# Start the table rotation checker/updater
start_looping_call(60, settings.update_rotating_tables)
if args.memusage_port:
create_memusage_site(settings, args.memusage_port, args.debug)
reactor.run()