From 04622671253304153f26773643909e5f65cdf6c7 Mon Sep 17 00:00:00 2001
From: Daniel Sockwell <dsockwell@gmail.com>
Date: Thu, 9 Jan 2020 17:54:57 -0500
Subject: [PATCH] Unix sockets (#81)

* Fix unix socket permission issue

* Add support for Unix sockets

* Update README and bump version
---
 Cargo.lock  |  2 +-
 Cargo.toml  |  2 +-
 README.md   |  3 +++
 src/main.rs | 15 +++++++++------
 4 files changed, 14 insertions(+), 8 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index 11fd0bb..cfd8f20 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -404,7 +404,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 
 [[package]]
 name = "flodgatt"
-version = "0.4.5"
+version = "0.4.6"
 dependencies = [
  "criterion 0.3.0 (registry+https://github.com/rust-lang/crates.io-index)",
  "dotenv 0.14.0 (registry+https://github.com/rust-lang/crates.io-index)",
diff --git a/Cargo.toml b/Cargo.toml
index e10ef51..f500631 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,7 +1,7 @@
 [package]
 name = "flodgatt"
 description = "A blazingly fast drop-in replacement for the Mastodon streaming api server"
-version = "0.4.5"
+version = "0.4.6"
 authors = ["Daniel Long Sockwell <daniel@codesections.com", "Julian Laubstein <contact@julianlaubstein.de>"]
 edition = "2018"
 
diff --git a/README.md b/README.md
index 91cb5da..e58cd48 100644
--- a/README.md
+++ b/README.md
@@ -54,6 +54,9 @@ Note that the default values for the `postgres` connection do not correspond to
 used in production.  Thus, you will need to configure the connection either env vars or a `.env`
 file if you intend to connect Flóðgátt to a production database.
 
+If you set the `SOCKET` environmental variable, you must set the nginx `proxy_pass` variable to
+the same socket (with the file prefixed by `http://unix:`).
+
 Additionally, note that connecting Flóðgátt to Postgres with the `ident` method requires running
 Flóðgátt as the user who owns the mastodon database (typically `mastodon`).
 
diff --git a/src/main.rs b/src/main.rs
index 2ea8cff..78abaaa 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -4,7 +4,8 @@ use flodgatt::{
     redis_to_client_stream::{self, ClientAgent},
 };
 use log::warn;
-use std::{collections::HashMap, env, net};
+use std::{collections::HashMap, env, fs, net, os::unix::fs::PermissionsExt};
+use tokio::net::UnixListener;
 use warp::{path, ws::Ws2, Filter};
 
 fn main() {
@@ -59,6 +60,7 @@ fn main() {
     let websocket_routes = ws::extract_user_or_reject(pg_conn.clone())
         .and(warp::ws::ws2())
         .map(move |user: user::User, ws: Ws2| {
+            warn!("Incoming request");
             let token = user.access_token.clone();
             // Create a new ClientAgent
             let mut client_agent = client_agent_ws.clone_with_shared_receiver();
@@ -85,17 +87,18 @@ fn main() {
         .allow_methods(cfg.cors.allowed_methods)
         .allow_headers(cfg.cors.allowed_headers);
 
-    let server_addr = net::SocketAddr::new(*cfg.address, cfg.port.0);
-
     let health = warp::path!("api" / "v1" / "streaming" / "health").map(|| "OK");
 
     if let Some(socket) = &*cfg.unix_socket {
-        warn!("Using Unix sockets is a WIP that is currently unsupported and untested.");
-        std::fs::remove_file(socket).unwrap();
-        use tokio::net::UnixListener;
+        warn!("Using Unix socket {}", socket);
+        fs::remove_file(socket).unwrap_or_default();
         let incoming = UnixListener::bind(socket).unwrap().incoming();
+
+        fs::set_permissions(socket, PermissionsExt::from_mode(0o666)).unwrap();
+
         warp::serve(health.or(websocket_routes.or(sse_routes).with(cors))).run_incoming(incoming);
     } else {
+        let server_addr = net::SocketAddr::new(*cfg.address, cfg.port.0);
         warp::serve(health.or(websocket_routes.or(sse_routes).with(cors))).run(server_addr);
     }
 }