api: allow custom unix bind mode and use 0o220 for admin server
This commit is contained in:
parent
8ec6a53b35
commit
7907a09acc
4 changed files with 8 additions and 4 deletions
|
@ -66,7 +66,7 @@ impl AdminApiServer {
|
||||||
) -> Result<(), GarageError> {
|
) -> Result<(), GarageError> {
|
||||||
let region = self.garage.config.s3_api.s3_region.clone();
|
let region = self.garage.config.s3_api.s3_region.clone();
|
||||||
ApiServer::new(region, self)
|
ApiServer::new(region, self)
|
||||||
.run_server(bind_addr, shutdown_signal)
|
.run_server(bind_addr, Some(0o220), shutdown_signal)
|
||||||
.await
|
.await
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -98,6 +98,7 @@ impl<A: ApiHandler> ApiServer<A> {
|
||||||
pub async fn run_server(
|
pub async fn run_server(
|
||||||
self: Arc<Self>,
|
self: Arc<Self>,
|
||||||
bind_addr: UnixOrTCPSocketAddress,
|
bind_addr: UnixOrTCPSocketAddress,
|
||||||
|
unix_bind_addr_mode: Option<u32>,
|
||||||
shutdown_signal: impl Future<Output = ()>,
|
shutdown_signal: impl Future<Output = ()>,
|
||||||
) -> Result<(), GarageError> {
|
) -> Result<(), GarageError> {
|
||||||
let tcp_service = make_service_fn(|conn: &AddrStream| {
|
let tcp_service = make_service_fn(|conn: &AddrStream| {
|
||||||
|
@ -146,7 +147,10 @@ impl<A: ApiHandler> ApiServer<A> {
|
||||||
|
|
||||||
let bound = Server::bind_unix(path)?;
|
let bound = Server::bind_unix(path)?;
|
||||||
|
|
||||||
fs::set_permissions(path, Permissions::from_mode(0o222))?;
|
fs::set_permissions(
|
||||||
|
path,
|
||||||
|
Permissions::from_mode(unix_bind_addr_mode.unwrap_or(0o222)),
|
||||||
|
)?;
|
||||||
|
|
||||||
bound
|
bound
|
||||||
.serve(unix_service)
|
.serve(unix_service)
|
||||||
|
|
|
@ -42,7 +42,7 @@ impl K2VApiServer {
|
||||||
shutdown_signal: impl Future<Output = ()>,
|
shutdown_signal: impl Future<Output = ()>,
|
||||||
) -> Result<(), GarageError> {
|
) -> Result<(), GarageError> {
|
||||||
ApiServer::new(s3_region, K2VApiServer { garage })
|
ApiServer::new(s3_region, K2VApiServer { garage })
|
||||||
.run_server(bind_addr, shutdown_signal)
|
.run_server(bind_addr, None, shutdown_signal)
|
||||||
.await
|
.await
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -49,7 +49,7 @@ impl S3ApiServer {
|
||||||
shutdown_signal: impl Future<Output = ()>,
|
shutdown_signal: impl Future<Output = ()>,
|
||||||
) -> Result<(), GarageError> {
|
) -> Result<(), GarageError> {
|
||||||
ApiServer::new(s3_region, S3ApiServer { garage })
|
ApiServer::new(s3_region, S3ApiServer { garage })
|
||||||
.run_server(addr, shutdown_signal)
|
.run_server(addr, None, shutdown_signal)
|
||||||
.await
|
.await
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue