make all of the unix-specific things gated behind cfg

This commit is contained in:
Michael Zhang 2024-10-21 07:53:00 -05:00
parent a18b3f0d1f
commit 5339e4c41a
6 changed files with 57 additions and 23 deletions

View file

@ -1,6 +1,5 @@
use std::convert::Infallible; use std::convert::Infallible;
use std::fs::{self, Permissions}; use std::fs::{self, Permissions};
use std::os::unix::fs::PermissionsExt;
use std::sync::Arc; use std::sync::Arc;
use std::time::Duration; use std::time::Duration;
@ -18,7 +17,8 @@ use hyper::{HeaderMap, StatusCode};
use hyper_util::rt::TokioIo; use hyper_util::rt::TokioIo;
use tokio::io::{AsyncRead, AsyncWrite}; use tokio::io::{AsyncRead, AsyncWrite};
use tokio::net::{TcpListener, TcpStream, UnixListener, UnixStream}; use tokio::net::{TcpListener, TcpStream};
// , UnixListener, UnixStream};
use tokio::sync::watch; use tokio::sync::watch;
use tokio::time::{sleep_until, Instant}; use tokio::time::{sleep_until, Instant};
@ -119,6 +119,7 @@ impl<A: ApiHandler> ApiServer<A> {
let handler = move |request, socketaddr| self.clone().handler(request, socketaddr); let handler = move |request, socketaddr| self.clone().handler(request, socketaddr);
server_loop(server_name, listener, handler, must_exit).await server_loop(server_name, listener, handler, must_exit).await
} }
#[cfg(unix)]
UnixOrTCPSocketAddress::UnixSocket(ref path) => { UnixOrTCPSocketAddress::UnixSocket(ref path) => {
if path.exists() { if path.exists() {
fs::remove_file(path)? fs::remove_file(path)?
@ -264,8 +265,10 @@ impl Accept for TcpListener {
} }
} }
#[cfg(unix)]
pub struct UnixListenerOn(pub UnixListener, pub String); pub struct UnixListenerOn(pub UnixListener, pub String);
#[cfg(unix)]
#[async_trait] #[async_trait]
impl Accept for UnixListenerOn { impl Accept for UnixListenerOn {
type Stream = UnixStream; type Stream = UnixStream;

View file

@ -792,11 +792,16 @@ impl BlockManagerLocked {
// Now, we do an fsync on the containing directory, to ensure that the rename // Now, we do an fsync on the containing directory, to ensure that the rename
// is persisted properly. See: // is persisted properly. See:
// http://thedjbway.b0llix.net/qmail/syncdir.html // http://thedjbway.b0llix.net/qmail/syncdir.html
let dir = fs::OpenOptions::new() let mut dir = fs::OpenOptions::new();
.read(true) dir.read(true);
.mode(0)
.open(directory) // TODO: Windows open options?
.await?; #[cfg(unix)]
{
dir.mode(0);
}
let dir = dir.open(directory).await?;
dir.sync_all().await?; dir.sync_all().await?;
drop(dir); drop(dir);
} }

View file

@ -52,10 +52,14 @@ pub struct Secrets {
/// from config or CLI param or env variable or read from a file specified in config or CLI /// from config or CLI param or env variable or read from a file specified in config or CLI
/// param or env variable) /// param or env variable)
pub fn fill_secrets(mut config: Config, secrets: Secrets) -> Result<Config, Error> { pub fn fill_secrets(mut config: Config, secrets: Secrets) -> Result<Config, Error> {
#[cfg(unix)]
let allow_world_readable = secrets let allow_world_readable = secrets
.allow_world_readable_secrets .allow_world_readable_secrets
.unwrap_or(config.allow_world_readable_secrets); .unwrap_or(config.allow_world_readable_secrets);
#[cfg(not(unix))]
let allow_world_readable = config.allow_world_readable_secrets;
fill_secret( fill_secret(
&mut config.rpc_secret, &mut config.rpc_secret,
&config.rpc_secret_file, &config.rpc_secret_file,

View file

@ -218,6 +218,7 @@ pub fn gen_node_key(metadata_dir: &Path) -> Result<NodeKey, Error> {
info!("Generating new node key pair."); info!("Generating new node key pair.");
let (pubkey, key) = ed25519::gen_keypair(); let (pubkey, key) = ed25519::gen_keypair();
#[cfg(unix)]
{ {
use std::os::unix::fs::PermissionsExt; use std::os::unix::fs::PermissionsExt;
let mut f = std::fs::File::create(key_file.as_path())?; let mut f = std::fs::File::create(key_file.as_path())?;
@ -227,6 +228,17 @@ pub fn gen_node_key(metadata_dir: &Path) -> Result<NodeKey, Error> {
f.write_all(&key[..])?; f.write_all(&key[..])?;
} }
#[cfg(windows)]
{
// use std::os::windows::io::AsHandle;
let mut f = std::fs::File::create(key_file.as_path())?;
// TODO: Set ACL here?
let mut perm = f.metadata()?.permissions();
perm.set_readonly(true);
std::fs::set_permissions(key_file.as_path(), perm)?;
f.write_all(&key[..])?;
}
{ {
let mut pubkey_file = metadata_dir.to_path_buf(); let mut pubkey_file = metadata_dir.to_path_buf();
pubkey_file.push("node_key.pub"); pubkey_file.push("node_key.pub");
@ -806,16 +818,22 @@ impl NodeStatus {
} }
fn update_disk_usage(&mut self, meta_dir: &Path, data_dir: &DataDirEnum) { fn update_disk_usage(&mut self, meta_dir: &Path, data_dir: &DataDirEnum) {
#[cfg(unix)]
let mount_avail = {
use nix::sys::statvfs::statvfs; use nix::sys::statvfs::statvfs;
let mount_avail = |path: &Path| match statvfs(path) { |path: &Path| match statvfs(path) {
Ok(x) => { Ok(x) => {
let avail = x.blocks_available() as u64 * x.fragment_size() as u64; let avail = x.blocks_available() as u64 * x.fragment_size() as u64;
let total = x.blocks() as u64 * x.fragment_size() as u64; let total = x.blocks() as u64 * x.fragment_size() as u64;
Some((x.filesystem_id(), avail, total)) Some((x.filesystem_id(), avail, total))
} }
Err(_) => None, Err(_) => None,
}
}; };
#[cfg(windows)]
let mount_avail = |_path: &Path| None::<(u64, _, _)>;
self.meta_disk_avail = mount_avail(meta_dir).map(|(_, a, t)| (a, t)); self.meta_disk_avail = mount_avail(meta_dir).map(|(_, a, t)| (a, t));
self.data_disk_avail = match data_dir { self.data_disk_avail = match data_dir {
DataDirEnum::Single(dir) => mount_avail(dir).map(|(_, a, t)| (a, t)), DataDirEnum::Single(dir) => mount_avail(dir).map(|(_, a, t)| (a, t)),

View file

@ -9,6 +9,7 @@ use serde::{Deserialize, Deserializer};
#[derive(Debug, Clone)] #[derive(Debug, Clone)]
pub enum UnixOrTCPSocketAddress { pub enum UnixOrTCPSocketAddress {
TCPSocket(SocketAddr), TCPSocket(SocketAddr),
#[cfg(unix)]
UnixSocket(PathBuf), UnixSocket(PathBuf),
} }
@ -16,6 +17,7 @@ impl Display for UnixOrTCPSocketAddress {
fn fmt(&self, formatter: &mut Formatter<'_>) -> std::fmt::Result { fn fmt(&self, formatter: &mut Formatter<'_>) -> std::fmt::Result {
match self { match self {
UnixOrTCPSocketAddress::TCPSocket(address) => write!(formatter, "http://{}", address), UnixOrTCPSocketAddress::TCPSocket(address) => write!(formatter, "http://{}", address),
#[cfg(unix)]
UnixOrTCPSocketAddress::UnixSocket(path) => { UnixOrTCPSocketAddress::UnixSocket(path) => {
write!(formatter, "http+unix://{}", path.to_string_lossy()) write!(formatter, "http+unix://{}", path.to_string_lossy())
} }
@ -31,14 +33,15 @@ impl<'de> Deserialize<'de> for UnixOrTCPSocketAddress {
let string = String::deserialize(deserializer)?; let string = String::deserialize(deserializer)?;
let string = string.as_str(); let string = string.as_str();
#[cfg(unix)]
if string.starts_with("/") { if string.starts_with("/") {
Ok(UnixOrTCPSocketAddress::UnixSocket( return Ok(UnixOrTCPSocketAddress::UnixSocket(
PathBuf::from_str(string).map_err(Error::custom)?, PathBuf::from_str(string).map_err(Error::custom)?,
)) ));
} else { }
Ok(UnixOrTCPSocketAddress::TCPSocket( Ok(UnixOrTCPSocketAddress::TCPSocket(
SocketAddr::from_str(string).map_err(Error::custom)?, SocketAddr::from_str(string).map_err(Error::custom)?,
)) ))
} }
}
} }

View file

@ -1,8 +1,8 @@
use std::fs::{self, Permissions}; use std::fs::{self, Permissions};
use std::os::unix::prelude::PermissionsExt;
use std::{convert::Infallible, sync::Arc}; use std::{convert::Infallible, sync::Arc};
use tokio::net::{TcpListener, UnixListener}; use tokio::net::TcpListener;
// /, UnixListener};
use tokio::sync::watch; use tokio::sync::watch;
use hyper::{ use hyper::{
@ -20,7 +20,7 @@ use opentelemetry::{
use crate::error::*; use crate::error::*;
use garage_api::generic_server::{server_loop, UnixListenerOn}; use garage_api::generic_server::server_loop;
use garage_api::helpers::*; use garage_api::helpers::*;
use garage_api::s3::cors::{add_cors_headers, find_matching_cors_rule, handle_options_for_bucket}; use garage_api::s3::cors::{add_cors_headers, find_matching_cors_rule, handle_options_for_bucket};
use garage_api::s3::error::{ use garage_api::s3::error::{
@ -96,6 +96,7 @@ impl WebServer {
move |stream, socketaddr| self.clone().handle_request(stream, socketaddr); move |stream, socketaddr| self.clone().handle_request(stream, socketaddr);
server_loop(server_name, listener, handler, must_exit).await server_loop(server_name, listener, handler, must_exit).await
} }
#[cfg(unix)]
UnixOrTCPSocketAddress::UnixSocket(ref path) => { UnixOrTCPSocketAddress::UnixSocket(ref path) => {
if path.exists() { if path.exists() {
fs::remove_file(path)? fs::remove_file(path)?