From 1aa9470f896360c056ea0972a901295d032ab165 Mon Sep 17 00:00:00 2001 From: zijiren233 Date: Fri, 20 Oct 2023 23:52:37 +0800 Subject: [PATCH] Feat: trim config common --- internal/bootstrap/db.go | 6 +++++- internal/conf/db.go | 28 ++++++++++++++-------------- internal/conf/jwt.go | 6 +++--- internal/conf/log.go | 14 +++++++------- internal/conf/oauth2.go | 5 ++--- internal/conf/proxy.go | 4 ++-- internal/conf/reatLimit.go | 4 ++-- internal/conf/room.go | 2 +- internal/conf/rtmp.go | 8 ++++---- internal/conf/server.go | 10 +++++----- server/middlewares/auth.go | 12 ++++++++++-- 11 files changed, 55 insertions(+), 44 deletions(-) diff --git a/internal/bootstrap/db.go b/internal/bootstrap/db.go index 55deb31..bd1103b 100644 --- a/internal/bootstrap/db.go +++ b/internal/bootstrap/db.go @@ -146,5 +146,9 @@ func newDBLogger() logger.Interface { func initRawDB(db *sql.DB) { db.SetMaxOpenConns(conf.Conf.Database.MaxOpenConns) db.SetMaxIdleConns(conf.Conf.Database.MaxIdleConns) - db.SetConnMaxLifetime(time.Duration(conf.Conf.Database.ConnMaxLifetime) * time.Second) + d, err := time.ParseDuration(conf.Conf.Database.ConnMaxLifetime) + if err != nil { + log.Fatalf("failed to parse conn_max_lifetime: %s", err.Error()) + } + db.SetConnMaxLifetime(d) } diff --git a/internal/conf/db.go b/internal/conf/db.go index d259884..681e8e3 100644 --- a/internal/conf/db.go +++ b/internal/conf/db.go @@ -9,19 +9,19 @@ const ( ) type DatabaseConfig struct { - Type DatabaseType `yaml:"type" lc:"database type, support sqlite3, mysql, postgres" env:"DATABASE_TYPE"` - Host string `yaml:"host" lc:"database host, when type is not sqlite3, and port is 0, it will use unix socket file" env:"DATABASE_HOST"` - Port uint16 `yaml:"port" lc:"database port" env:"DATABASE_PORT"` - User string `yaml:"user" lc:"database user" env:"DATABASE_USER"` - Password string `yaml:"password" lc:"database password" env:"DATABASE_PASSWORD"` - DBName string `yaml:"db_name" lc:"database name, when type is sqlite3, it will use sqlite db file or memory" env:"DATABASE_DB_NAME"` - SslMode string `yaml:"ssl_mode" lc:"database ssl mode, default disable" env:"DATABASE_SSL_MODE"` + Type DatabaseType `yaml:"type" lc:"default: sqlite3" hc:"support sqlite3, mysql, postgres" env:"DATABASE_TYPE"` + Host string `yaml:"host" hc:"when type is not sqlite3, and port is 0, it will use unix socket file" env:"DATABASE_HOST"` + Port uint16 `yaml:"port" env:"DATABASE_PORT"` + User string `yaml:"user" env:"DATABASE_USER"` + Password string `yaml:"password" env:"DATABASE_PASSWORD"` + DBName string `yaml:"db_name" lc:"default: synctv" hc:"when type is sqlite3, it will use sqlite db file or memory" env:"DATABASE_DB_NAME"` + SslMode string `yaml:"ssl_mode" env:"DATABASE_SSL_MODE"` - CustomDSN string `yaml:"custom_dsn" lc:"custom dsn, when not empty, it will ignore other config" env:"DATABASE_CUSTOM_DSN"` + CustomDSN string `yaml:"custom_dsn" hc:"when not empty, it will ignore other config" env:"DATABASE_CUSTOM_DSN"` - MaxIdleConns int `yaml:"max_idle_conns" lc:"max idle connections (default 10)" env:"DATABASE_MAX_IDLE_CONNS"` - MaxOpenConns int `yaml:"max_open_conns" lc:"max open connections (default 100)" env:"DATABASE_MAX_OPEN_CONNS"` - ConnMaxLifetime int `yaml:"conn_max_lifetime" lc:"connection max lifetime (default 3600 seconds)" env:"DATABASE_CONN_MAX_LIFETIME"` + MaxIdleConns int `yaml:"max_idle_conns" lc:"default: 4" hc:"the maximum number of connections in the idle connection pool." env:"DATABASE_MAX_IDLE_CONNS"` + MaxOpenConns int `yaml:"max_open_conns" lc:"default: 64" hc:"the maximum number of open connections to the database." env:"DATABASE_MAX_OPEN_CONNS"` + ConnMaxLifetime string `yaml:"conn_max_lifetime" lc:"default: 1h" hc:"maximum amount of time a connection may be reused." env:"DATABASE_CONN_MAX_LIFETIME"` } func DefaultDatabaseConfig() DatabaseConfig { @@ -31,8 +31,8 @@ func DefaultDatabaseConfig() DatabaseConfig { DBName: "synctv", SslMode: "disable", - MaxIdleConns: 10, - MaxOpenConns: 100, - ConnMaxLifetime: 3600, + MaxIdleConns: 4, + MaxOpenConns: 64, + ConnMaxLifetime: "1h", } } diff --git a/internal/conf/jwt.go b/internal/conf/jwt.go index 9f9865a..efb0954 100644 --- a/internal/conf/jwt.go +++ b/internal/conf/jwt.go @@ -5,13 +5,13 @@ import ( ) type JwtConfig struct { - Secret string `yaml:"secret" lc:"jwt secret (default rand string)" env:"JWT_SECRET"` - Expire int `yaml:"expire" lc:"expire time (default: 12 hour)" env:"JWT_EXPIRE"` + Secret string `yaml:"secret" env:"JWT_SECRET"` + Expire string `yaml:"expire" env:"JWT_EXPIRE"` } func DefaultJwtConfig() JwtConfig { return JwtConfig{ Secret: utils.RandString(32), - Expire: 12, + Expire: "12h", } } diff --git a/internal/conf/log.go b/internal/conf/log.go index 7b8a2b3..68720df 100644 --- a/internal/conf/log.go +++ b/internal/conf/log.go @@ -1,13 +1,13 @@ package conf type LogConfig struct { - Enable bool `yaml:"enable" lc:"enable log to file (default: true)" env:"LOG_ENABLE"` - LogFormat string `yaml:"log_format" lc:"log format, can be set: text | json (default: text)" env:"LOG_FORMAT"` - FilePath string `yaml:"file_path" lc:"log file path (default: log/log.log)" env:"LOG_FILE_PATH"` - MaxSize int `yaml:"max_size" lc:"max size per log file (default: 10 megabytes)" env:"LOG_MAX_SIZE"` - MaxBackups int `yaml:"max_backups" lc:"max backups (default: 10)" env:"LOG_MAX_BACKUPS"` - MaxAge int `yaml:"max_age" lc:"max age (default: 28 days)" env:"LOG_MAX_AGE"` - Compress bool `yaml:"compress" lc:"compress (default: false)" env:"LOG_COMPRESS"` + Enable bool `yaml:"enable" env:"LOG_ENABLE"` + LogFormat string `yaml:"log_format" hc:"can be set: text | json" env:"LOG_FORMAT"` + FilePath string `yaml:"file_path" hc:"if it is a relative path, the data-dir directory will be used." env:"LOG_FILE_PATH"` + MaxSize int `yaml:"max_size" cm:"mb" hc:"max size per log file" env:"LOG_MAX_SIZE"` + MaxBackups int `yaml:"max_backups" env:"LOG_MAX_BACKUPS"` + MaxAge int `yaml:"max_age" env:"LOG_MAX_AGE"` + Compress bool `yaml:"compress" env:"LOG_COMPRESS"` } func DefaultLogConfig() LogConfig { diff --git a/internal/conf/oauth2.go b/internal/conf/oauth2.go index b5aa485..6672ff2 100644 --- a/internal/conf/oauth2.go +++ b/internal/conf/oauth2.go @@ -7,9 +7,8 @@ import ( type OAuth2Config map[provider.OAuth2Provider]OAuth2ProviderConfig type OAuth2ProviderConfig struct { - ClientID string `yaml:"client_id" lc:"oauth2 client id"` - ClientSecret string `yaml:"client_secret" lc:"oauth2 client secret"` - // CustomRedirectURL string `yaml:"custom_redirect_url" lc:"oauth2 custom redirect url"` + ClientID string `yaml:"client_id"` + ClientSecret string `yaml:"client_secret"` } func DefaultOAuth2Config() OAuth2Config { diff --git a/internal/conf/proxy.go b/internal/conf/proxy.go index a121a7d..c70f37e 100644 --- a/internal/conf/proxy.go +++ b/internal/conf/proxy.go @@ -1,8 +1,8 @@ package conf type ProxyConfig struct { - MovieProxy bool `yaml:"movie_proxy" lc:"enable movie proxy (default: true)" env:"PROXY_MOVIE"` - LiveProxy bool `yaml:"live_proxy" lc:"enable live proxy (default: true)" env:"PROXY_LIVE"` + MovieProxy bool `yaml:"movie_proxy" env:"PROXY_MOVIE"` + LiveProxy bool `yaml:"live_proxy" env:"PROXY_LIVE"` } func DefaultProxyConfig() ProxyConfig { diff --git a/internal/conf/reatLimit.go b/internal/conf/reatLimit.go index 73ca717..0c3c1be 100644 --- a/internal/conf/reatLimit.go +++ b/internal/conf/reatLimit.go @@ -4,8 +4,8 @@ type RateLimitConfig struct { Enable bool `yaml:"enable" lc:"default: false" env:"SERVER_RATE_LIMIT_ENABLE"` Period string `yaml:"period" env:"SERVER_RATE_LIMIT_PERIOD"` Limit int64 `yaml:"limit" env:"SERVER_RATE_LIMIT_LIMIT"` - TrustForwardHeader bool `yaml:"trust_forward_header" lc:"default: false" hc:"it will configure the limiter to trust X-Real-IP and X-Forwarded-For headers. Please be advised that using this option could be insecure (ie: spoofed) if your reverse proxy is not configured properly to forward a trustworthy client IP." env:"SERVER_TRUST_FORWARD_HEADER"` - TrustedClientIPHeader string `yaml:"trusted_client_ip_header" hc:"will configure the limiter to use a custom header to obtain user IP. Please be advised that using this option could be insecure (ie: spoofed) if your reverse proxy is not configured properly to forward a trustworthy client IP." env:"SERVER_TRUSTED_CLIENT_IP_HEADER"` + TrustForwardHeader bool `yaml:"trust_forward_header" lc:"default: false" hc:"configure the limiter to trust X-Real-IP and X-Forwarded-For headers. Please be advised that using this option could be insecure (ie: spoofed) if your reverse proxy is not configured properly to forward a trustworthy client IP." env:"SERVER_TRUST_FORWARD_HEADER"` + TrustedClientIPHeader string `yaml:"trusted_client_ip_header" hc:"configure the limiter to use a custom header to obtain user IP. Please be advised that using this option could be insecure (ie: spoofed) if your reverse proxy is not configured properly to forward a trustworthy client IP." env:"SERVER_TRUSTED_CLIENT_IP_HEADER"` } func DefaultRateLimitConfig() RateLimitConfig { diff --git a/internal/conf/room.go b/internal/conf/room.go index 8ceeaaa..e57fd55 100644 --- a/internal/conf/room.go +++ b/internal/conf/room.go @@ -1,7 +1,7 @@ package conf type RoomConfig struct { - MustPassword bool `yaml:"must_password" lc:"must input password to create room (default: false)" env:"ROOM_MUST_PASSWORD"` + MustPassword bool `yaml:"must_password" hc:"must input password to create room" env:"ROOM_MUST_PASSWORD"` } func DefaultRoomConfig() RoomConfig { diff --git a/internal/conf/rtmp.go b/internal/conf/rtmp.go index 220d6bb..75ae125 100644 --- a/internal/conf/rtmp.go +++ b/internal/conf/rtmp.go @@ -1,11 +1,11 @@ package conf type RtmpConfig struct { - Enable bool `yaml:"enable" lc:"enable rtmp server (default: true)" env:"RTMP_ENABLE"` - Port uint16 `yaml:"port" lc:"rtmp server port (default use server port)" env:"RTMP_PORT"` + Enable bool `yaml:"enable" env:"RTMP_ENABLE"` + Port uint16 `yaml:"port" lc:"default use server port" env:"RTMP_PORT"` - CustomPublishHost string `yaml:"custom_publish_host" lc:"publish host (default use http header host)" env:"RTMP_CUSTOM_PUBLISH_HOST"` - RtmpPlayer bool `yaml:"rtmp_player" lc:"enable rtmp player (default: false)" env:"RTMP_PLAYER"` + CustomPublishHost string `yaml:"custom_publish_host" lc:"default use http header host" env:"RTMP_CUSTOM_PUBLISH_HOST"` + RtmpPlayer bool `yaml:"rtmp_player" hc:"can watch live streams through the RTMP protocol (without authentication, insecure)." env:"RTMP_PLAYER"` } func DefaultRtmpConfig() RtmpConfig { diff --git a/internal/conf/server.go b/internal/conf/server.go index 245a0f8..97303a8 100644 --- a/internal/conf/server.go +++ b/internal/conf/server.go @@ -1,12 +1,12 @@ package conf type ServerConfig struct { - Listen string `yaml:"listen" lc:"server listen addr (default: 0.0.0.0)" env:"SERVER_LISTEN"` - Port uint16 `yaml:"port" lc:"server listen port (default: 8080)" env:"SERVER_PORT"` - Quic bool `yaml:"quic" lc:"enable http3/quic, need enable ssl, set cert and key file (default: true)" env:"SERVER_QUIC"` + Listen string `yaml:"listen" lc:"default: 0.0.0.0" env:"SERVER_LISTEN"` + Port uint16 `yaml:"port" lc:"default: 8080" env:"SERVER_PORT"` + Quic bool `yaml:"quic" hc:"enable http3/quic, need set cert and key file" env:"SERVER_QUIC"` - CertPath string `yaml:"cert_path" lc:"cert path" env:"SERVER_CERT_PATH"` - KeyPath string `yaml:"key_path" lc:"key path" env:"SERVER_KEY_PATH"` + CertPath string `yaml:"cert_path" env:"SERVER_CERT_PATH"` + KeyPath string `yaml:"key_path" env:"SERVER_KEY_PATH"` } func DefaultServerConfig() ServerConfig { diff --git a/server/middlewares/auth.go b/server/middlewares/auth.go index 4c26051..1a40317 100644 --- a/server/middlewares/auth.go +++ b/server/middlewares/auth.go @@ -117,23 +117,31 @@ func AuthUser(Authorization string) (*op.User, error) { } func NewAuthUserToken(user *op.User) (string, error) { + t, err := time.ParseDuration(conf.Conf.Jwt.Expire) + if err != nil { + return "", err + } claims := &AuthClaims{ UserId: user.ID, RegisteredClaims: jwt.RegisteredClaims{ NotBefore: jwt.NewNumericDate(time.Now()), - ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Hour * time.Duration(conf.Conf.Jwt.Expire))), + ExpiresAt: jwt.NewNumericDate(time.Now().Add(t)), }, } return jwt.NewWithClaims(jwt.SigningMethodHS256, claims).SignedString(stream.StringToBytes(conf.Conf.Jwt.Secret)) } func NewAuthRoomToken(user *op.User, room *op.Room) (string, error) { + t, err := time.ParseDuration(conf.Conf.Jwt.Expire) + if err != nil { + return "", err + } claims := &AuthRoomClaims{ AuthClaims: AuthClaims{ UserId: user.ID, RegisteredClaims: jwt.RegisteredClaims{ NotBefore: jwt.NewNumericDate(time.Now()), - ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Hour * time.Duration(conf.Conf.Jwt.Expire))), + ExpiresAt: jwt.NewNumericDate(time.Now().Add(t)), }, }, RoomId: room.ID,