make all of the unix-specific things gated behind cfg

This commit is contained in:
Michael Zhang 2024-10-21 07:53:00 -05:00
parent a18b3f0d1f
commit 5339e4c41a
6 changed files with 57 additions and 23 deletions

View file

@ -1,6 +1,5 @@
use std::convert::Infallible;
use std::fs::{self, Permissions};
use std::os::unix::fs::PermissionsExt;
use std::sync::Arc;
use std::time::Duration;
@ -18,7 +17,8 @@ use hyper::{HeaderMap, StatusCode};
use hyper_util::rt::TokioIo;
use tokio::io::{AsyncRead, AsyncWrite};
use tokio::net::{TcpListener, TcpStream, UnixListener, UnixStream};
use tokio::net::{TcpListener, TcpStream};
// , UnixListener, UnixStream};
use tokio::sync::watch;
use tokio::time::{sleep_until, Instant};
@ -119,6 +119,7 @@ impl<A: ApiHandler> ApiServer<A> {
let handler = move |request, socketaddr| self.clone().handler(request, socketaddr);
server_loop(server_name, listener, handler, must_exit).await
}
#[cfg(unix)]
UnixOrTCPSocketAddress::UnixSocket(ref path) => {
if path.exists() {
fs::remove_file(path)?
@ -264,8 +265,10 @@ impl Accept for TcpListener {
}
}
#[cfg(unix)]
pub struct UnixListenerOn(pub UnixListener, pub String);
#[cfg(unix)]
#[async_trait]
impl Accept for UnixListenerOn {
type Stream = UnixStream;

View file

@ -792,11 +792,16 @@ impl BlockManagerLocked {
// Now, we do an fsync on the containing directory, to ensure that the rename
// is persisted properly. See:
// http://thedjbway.b0llix.net/qmail/syncdir.html
let dir = fs::OpenOptions::new()
.read(true)
.mode(0)
.open(directory)
.await?;
let mut dir = fs::OpenOptions::new();
dir.read(true);
// TODO: Windows open options?
#[cfg(unix)]
{
dir.mode(0);
}
let dir = dir.open(directory).await?;
dir.sync_all().await?;
drop(dir);
}

View file

@ -52,10 +52,14 @@ pub struct Secrets {
/// from config or CLI param or env variable or read from a file specified in config or CLI
/// param or env variable)
pub fn fill_secrets(mut config: Config, secrets: Secrets) -> Result<Config, Error> {
#[cfg(unix)]
let allow_world_readable = secrets
.allow_world_readable_secrets
.unwrap_or(config.allow_world_readable_secrets);
#[cfg(not(unix))]
let allow_world_readable = config.allow_world_readable_secrets;
fill_secret(
&mut config.rpc_secret,
&config.rpc_secret_file,

View file

@ -218,6 +218,7 @@ pub fn gen_node_key(metadata_dir: &Path) -> Result<NodeKey, Error> {
info!("Generating new node key pair.");
let (pubkey, key) = ed25519::gen_keypair();
#[cfg(unix)]
{
use std::os::unix::fs::PermissionsExt;
let mut f = std::fs::File::create(key_file.as_path())?;
@ -227,6 +228,17 @@ pub fn gen_node_key(metadata_dir: &Path) -> Result<NodeKey, Error> {
f.write_all(&key[..])?;
}
#[cfg(windows)]
{
// use std::os::windows::io::AsHandle;
let mut f = std::fs::File::create(key_file.as_path())?;
// TODO: Set ACL here?
let mut perm = f.metadata()?.permissions();
perm.set_readonly(true);
std::fs::set_permissions(key_file.as_path(), perm)?;
f.write_all(&key[..])?;
}
{
let mut pubkey_file = metadata_dir.to_path_buf();
pubkey_file.push("node_key.pub");
@ -806,16 +818,22 @@ impl NodeStatus {
}
fn update_disk_usage(&mut self, meta_dir: &Path, data_dir: &DataDirEnum) {
#[cfg(unix)]
let mount_avail = {
use nix::sys::statvfs::statvfs;
let mount_avail = |path: &Path| match statvfs(path) {
|path: &Path| match statvfs(path) {
Ok(x) => {
let avail = x.blocks_available() as u64 * x.fragment_size() as u64;
let total = x.blocks() as u64 * x.fragment_size() as u64;
Some((x.filesystem_id(), avail, total))
}
Err(_) => None,
}
};
#[cfg(windows)]
let mount_avail = |_path: &Path| None::<(u64, _, _)>;
self.meta_disk_avail = mount_avail(meta_dir).map(|(_, a, t)| (a, t));
self.data_disk_avail = match data_dir {
DataDirEnum::Single(dir) => mount_avail(dir).map(|(_, a, t)| (a, t)),

View file

@ -9,6 +9,7 @@ use serde::{Deserialize, Deserializer};
#[derive(Debug, Clone)]
pub enum UnixOrTCPSocketAddress {
TCPSocket(SocketAddr),
#[cfg(unix)]
UnixSocket(PathBuf),
}
@ -16,6 +17,7 @@ impl Display for UnixOrTCPSocketAddress {
fn fmt(&self, formatter: &mut Formatter<'_>) -> std::fmt::Result {
match self {
UnixOrTCPSocketAddress::TCPSocket(address) => write!(formatter, "http://{}", address),
#[cfg(unix)]
UnixOrTCPSocketAddress::UnixSocket(path) => {
write!(formatter, "http+unix://{}", path.to_string_lossy())
}
@ -31,14 +33,15 @@ impl<'de> Deserialize<'de> for UnixOrTCPSocketAddress {
let string = String::deserialize(deserializer)?;
let string = string.as_str();
#[cfg(unix)]
if string.starts_with("/") {
Ok(UnixOrTCPSocketAddress::UnixSocket(
return Ok(UnixOrTCPSocketAddress::UnixSocket(
PathBuf::from_str(string).map_err(Error::custom)?,
))
} else {
));
}
Ok(UnixOrTCPSocketAddress::TCPSocket(
SocketAddr::from_str(string).map_err(Error::custom)?,
))
}
}
}

View file

@ -1,8 +1,8 @@
use std::fs::{self, Permissions};
use std::os::unix::prelude::PermissionsExt;
use std::{convert::Infallible, sync::Arc};
use tokio::net::{TcpListener, UnixListener};
use tokio::net::TcpListener;
// /, UnixListener};
use tokio::sync::watch;
use hyper::{
@ -20,7 +20,7 @@ use opentelemetry::{
use crate::error::*;
use garage_api::generic_server::{server_loop, UnixListenerOn};
use garage_api::generic_server::server_loop;
use garage_api::helpers::*;
use garage_api::s3::cors::{add_cors_headers, find_matching_cors_rule, handle_options_for_bucket};
use garage_api::s3::error::{
@ -96,6 +96,7 @@ impl WebServer {
move |stream, socketaddr| self.clone().handle_request(stream, socketaddr);
server_loop(server_name, listener, handler, must_exit).await
}
#[cfg(unix)]
UnixOrTCPSocketAddress::UnixSocket(ref path) => {
if path.exists() {
fs::remove_file(path)?