Unix sockets (#81)

* Fix unix socket permission issue

* Add support for Unix sockets

* Update README and bump version

Cargo.lock

@@ -404,7 +404,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 
 [[package]]
 name = "flodgatt"
-version = "0.4.5"
+version = "0.4.6"
 dependencies = [
  "criterion 0.3.0 (registry+https://github.com/rust-lang/crates.io-index)",
  "dotenv 0.14.0 (registry+https://github.com/rust-lang/crates.io-index)",

Cargo.toml

@@ -1,7 +1,7 @@
 [package]
 name = "flodgatt"
 description = "A blazingly fast drop-in replacement for the Mastodon streaming api server"
-version = "0.4.5"
+version = "0.4.6"
 authors = ["Daniel Long Sockwell <daniel@codesections.com", "Julian Laubstein <contact@julianlaubstein.de>"]
 edition = "2018"
 

README.md

@@ -54,6 +54,9 @@ Note that the default values for the `postgres` connection do not correspond to
 used in production.  Thus, you will need to configure the connection either env vars or a `.env`
 file if you intend to connect Flóðgátt to a production database.
 
+If you set the `SOCKET` environmental variable, you must set the nginx `proxy_pass` variable to
+the same socket (with the file prefixed by `http://unix:`).
+
 Additionally, note that connecting Flóðgátt to Postgres with the `ident` method requires running
 Flóðgátt as the user who owns the mastodon database (typically `mastodon`).
 

src/main.rs

@@ -4,7 +4,8 @@ use flodgatt::{
     redis_to_client_stream::{self, ClientAgent},
 };
 use log::warn;
-use std::{collections::HashMap, env, net};
+use std::{collections::HashMap, env, fs, net, os::unix::fs::PermissionsExt};
+use tokio::net::UnixListener;
 use warp::{path, ws::Ws2, Filter};
 
 fn main() {
@@ -59,6 +60,7 @@ fn main() {
     let websocket_routes = ws::extract_user_or_reject(pg_conn.clone())
         .and(warp::ws::ws2())
         .map(move |user: user::User, ws: Ws2| {
+            warn!("Incoming request");
             let token = user.access_token.clone();
             // Create a new ClientAgent
             let mut client_agent = client_agent_ws.clone_with_shared_receiver();
@@ -85,17 +87,18 @@ fn main() {
         .allow_methods(cfg.cors.allowed_methods)
         .allow_headers(cfg.cors.allowed_headers);
 
-    let server_addr = net::SocketAddr::new(*cfg.address, cfg.port.0);
-
     let health = warp::path!("api" / "v1" / "streaming" / "health").map(|| "OK");
 
     if let Some(socket) = &*cfg.unix_socket {
-        warn!("Using Unix sockets is a WIP that is currently unsupported and untested.");
-        std::fs::remove_file(socket).unwrap();
-        use tokio::net::UnixListener;
+        warn!("Using Unix socket {}", socket);
+        fs::remove_file(socket).unwrap_or_default();
         let incoming = UnixListener::bind(socket).unwrap().incoming();
+
+        fs::set_permissions(socket, PermissionsExt::from_mode(0o666)).unwrap();
+
         warp::serve(health.or(websocket_routes.or(sse_routes).with(cors))).run_incoming(incoming);
     } else {
+        let server_addr = net::SocketAddr::new(*cfg.address, cfg.port.0);
         warp::serve(health.or(websocket_routes.or(sse_routes).with(cors))).run(server_addr);
     }
 }