-
Notifications
You must be signed in to change notification settings - Fork 0
/
insecure_serving.go
66 lines (56 loc) · 2.19 KB
/
insecure_serving.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
// Copyright 2023 lichangao(李长傲) <changao.li.work@outlook.com>. All rights reserved.
// Use of this source code is governed by a MIT style
// license that can be found in the LICENSE file. The original repo for
// this file is https://github.com/changaolee/skeleton.
package options
import (
"fmt"
"net"
"strconv"
"github.com/spf13/pflag"
"github.com/changaolee/skeleton/internal/pkg/server"
)
// InsecureServingOptions 定义了 HTTP 服务配置,无需认证、鉴权.
type InsecureServingOptions struct {
BindAddress string `json:"bind-address" mapstructure:"bind-address"`
BindPort int `json:"bind-port" mapstructure:"bind-port"`
}
// NewInsecureServingOptions 创建了一个默认 HTTP 服务配置.
func NewInsecureServingOptions() *InsecureServingOptions {
return &InsecureServingOptions{
BindAddress: "127.0.0.1",
BindPort: 8080,
}
}
// ApplyTo 将当前选项绑定到 Config 中.
func (s *InsecureServingOptions) ApplyTo(c *server.Config) error {
c.InsecureServing = &server.InsecureServingInfo{
Address: net.JoinHostPort(s.BindAddress, strconv.Itoa(s.BindPort)),
}
return nil
}
// Validate 验证 HTTP 选项.
func (s *InsecureServingOptions) Validate() []error {
var errors []error
if s.BindPort < 0 || s.BindPort > 65535 {
errors = append(
errors,
fmt.Errorf(
"--insecure.bind-port %v must be between 0 and 65535, inclusive. 0 for turning off insecure (HTTP) port",
s.BindPort,
),
)
}
return errors
}
// AddFlags 向指定 FlagSet 中添加 HTTP 选项相关标志.
func (s *InsecureServingOptions) AddFlags(fs *pflag.FlagSet) {
fs.StringVar(&s.BindAddress, "insecure.bind-address", s.BindAddress, ""+
"The IP address on which to serve the --insecure.bind-port "+
"(set to 0.0.0.0 for all IPv4 interfaces and :: for all IPv6 interfaces).")
fs.IntVar(&s.BindPort, "insecure.bind-port", s.BindPort, ""+
"The port on which to serve unsecured, unauthenticated access. It is assumed "+
"that firewall rules are set up such that this port is not reachable from outside of "+
"the deployed machine and that port 443 on the skeleton public address is proxied to this "+
"port. This is performed by nginx in the default setup. Set to zero to disable.")
}