make all of the unix-specific things gated behind cfg

src/api/generic_server.rs

@@ -1,6 +1,5 @@
 use std::convert::Infallible;
 use std::fs::{self, Permissions};
-use std::os::unix::fs::PermissionsExt;
 use std::sync::Arc;
 use std::time::Duration;
 
@@ -18,7 +17,8 @@ use hyper::{HeaderMap, StatusCode};
 use hyper_util::rt::TokioIo;
 
 use tokio::io::{AsyncRead, AsyncWrite};
-use tokio::net::{TcpListener, TcpStream, UnixListener, UnixStream};
+use tokio::net::{TcpListener, TcpStream};
+// , UnixListener, UnixStream};
 use tokio::sync::watch;
 use tokio::time::{sleep_until, Instant};
 
@@ -119,6 +119,7 @@ impl<A: ApiHandler> ApiServer<A> {
 				let handler = move |request, socketaddr| self.clone().handler(request, socketaddr);
 				server_loop(server_name, listener, handler, must_exit).await
 			}
+			#[cfg(unix)]
 			UnixOrTCPSocketAddress::UnixSocket(ref path) => {
 				if path.exists() {
 					fs::remove_file(path)?
@@ -264,8 +265,10 @@ impl Accept for TcpListener {
 	}
 }
 
+#[cfg(unix)]
 pub struct UnixListenerOn(pub UnixListener, pub String);
 
+#[cfg(unix)]
 #[async_trait]
 impl Accept for UnixListenerOn {
 	type Stream = UnixStream;

src/block/manager.rs

@@ -792,11 +792,16 @@ impl BlockManagerLocked {
 			// Now, we do an fsync on the containing directory, to ensure that the rename
 			// is persisted properly. See:
 			// http://thedjbway.b0llix.net/qmail/syncdir.html
-			let dir = fs::OpenOptions::new()
+			let mut dir = fs::OpenOptions::new();
-				.read(true)
+			dir.read(true);
-				.mode(0)
+
-				.open(directory)
+			// TODO: Windows open options?
-				.await?;
+			#[cfg(unix)]
+			{
+				dir.mode(0);
+			}
+
+			let dir = dir.open(directory).await?;
 			dir.sync_all().await?;
 			drop(dir);
 		}

src/garage/secrets.rs

@@ -52,10 +52,14 @@ pub struct Secrets {
 /// from config or CLI param or env variable or read from a file specified in config or CLI
 /// param or env variable)
 pub fn fill_secrets(mut config: Config, secrets: Secrets) -> Result<Config, Error> {
+	#[cfg(unix)]
 	let allow_world_readable = secrets
 		.allow_world_readable_secrets
 		.unwrap_or(config.allow_world_readable_secrets);
 
+	#[cfg(not(unix))]
+	let allow_world_readable = config.allow_world_readable_secrets;
+
 	fill_secret(
 		&mut config.rpc_secret,
 		&config.rpc_secret_file,

src/rpc/system.rs

@@ -218,6 +218,7 @@ pub fn gen_node_key(metadata_dir: &Path) -> Result<NodeKey, Error> {
 		info!("Generating new node key pair.");
 		let (pubkey, key) = ed25519::gen_keypair();
 
+		#[cfg(unix)]
 		{
 			use std::os::unix::fs::PermissionsExt;
 			let mut f = std::fs::File::create(key_file.as_path())?;
@@ -227,6 +228,17 @@ pub fn gen_node_key(metadata_dir: &Path) -> Result<NodeKey, Error> {
 			f.write_all(&key[..])?;
 		}
 
+		#[cfg(windows)]
+		{
+			// use std::os::windows::io::AsHandle;
+			let mut f = std::fs::File::create(key_file.as_path())?;
+			// TODO: Set ACL here?
+			let mut perm = f.metadata()?.permissions();
+			perm.set_readonly(true);
+			std::fs::set_permissions(key_file.as_path(), perm)?;
+			f.write_all(&key[..])?;
+		}
+
 		{
 			let mut pubkey_file = metadata_dir.to_path_buf();
 			pubkey_file.push("node_key.pub");
@@ -806,16 +818,22 @@ impl NodeStatus {
 	}
 
 	fn update_disk_usage(&mut self, meta_dir: &Path, data_dir: &DataDirEnum) {
+		#[cfg(unix)]
+		let mount_avail = {
 			use nix::sys::statvfs::statvfs;
-		let mount_avail = |path: &Path| match statvfs(path) {
+			|path: &Path| match statvfs(path) {
 				Ok(x) => {
 					let avail = x.blocks_available() as u64 * x.fragment_size() as u64;
 					let total = x.blocks() as u64 * x.fragment_size() as u64;
 					Some((x.filesystem_id(), avail, total))
 				}
 				Err(_) => None,
+			}
 		};
 
+		#[cfg(windows)]
+		let mount_avail = |_path: &Path| None::<(u64, _, _)>;
+
 		self.meta_disk_avail = mount_avail(meta_dir).map(|(_, a, t)| (a, t));
 		self.data_disk_avail = match data_dir {
 			DataDirEnum::Single(dir) => mount_avail(dir).map(|(_, a, t)| (a, t)),

src/util/socket_address.rs

@@ -9,6 +9,7 @@ use serde::{Deserialize, Deserializer};
 #[derive(Debug, Clone)]
 pub enum UnixOrTCPSocketAddress {
 	TCPSocket(SocketAddr),
+	#[cfg(unix)]
 	UnixSocket(PathBuf),
 }
 
@@ -16,6 +17,7 @@ impl Display for UnixOrTCPSocketAddress {
 	fn fmt(&self, formatter: &mut Formatter<'_>) -> std::fmt::Result {
 		match self {
 			UnixOrTCPSocketAddress::TCPSocket(address) => write!(formatter, "http://{}", address),
+			#[cfg(unix)]
 			UnixOrTCPSocketAddress::UnixSocket(path) => {
 				write!(formatter, "http+unix://{}", path.to_string_lossy())
 			}
@@ -31,14 +33,15 @@ impl<'de> Deserialize<'de> for UnixOrTCPSocketAddress {
 		let string = String::deserialize(deserializer)?;
 		let string = string.as_str();
 
+		#[cfg(unix)]
 		if string.starts_with("/") {
-			Ok(UnixOrTCPSocketAddress::UnixSocket(
+			return Ok(UnixOrTCPSocketAddress::UnixSocket(
 				PathBuf::from_str(string).map_err(Error::custom)?,
-			))
+			));
-		} else {
+		}
+
 		Ok(UnixOrTCPSocketAddress::TCPSocket(
 			SocketAddr::from_str(string).map_err(Error::custom)?,
 		))
 	}
 }
-}

src/web/web_server.rs

@@ -1,8 +1,8 @@
 use std::fs::{self, Permissions};
-use std::os::unix::prelude::PermissionsExt;
 use std::{convert::Infallible, sync::Arc};
 
-use tokio::net::{TcpListener, UnixListener};
+use tokio::net::TcpListener;
+// /, UnixListener};
 use tokio::sync::watch;
 
 use hyper::{
@@ -20,7 +20,7 @@ use opentelemetry::{
 
 use crate::error::*;
 
-use garage_api::generic_server::{server_loop, UnixListenerOn};
+use garage_api::generic_server::server_loop;
 use garage_api::helpers::*;
 use garage_api::s3::cors::{add_cors_headers, find_matching_cors_rule, handle_options_for_bucket};
 use garage_api::s3::error::{
@@ -96,6 +96,7 @@ impl WebServer {
 					move |stream, socketaddr| self.clone().handle_request(stream, socketaddr);
 				server_loop(server_name, listener, handler, must_exit).await
 			}
+			#[cfg(unix)]
 			UnixOrTCPSocketAddress::UnixSocket(ref path) => {
 				if path.exists() {
 					fs::remove_file(path)?