daemon

package
v1.19.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 26, 2025 License: GPL-3.0 Imports: 49 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	ErrRestartSocket         = fmt.Errorf("daemon stop requested to wait for socket activation")
	ErrRestartServiceFailure = fmt.Errorf("daemon stop requested due to service failure")
	ErrRestartCheckFailure   = fmt.Errorf("daemon stop requested due to check failure")
	ErrRestartExternal       = fmt.Errorf("daemon stop requested due to externally-handled reboot")
)
View Source
var (
	BadRequest       = makeErrorResponder(http.StatusBadRequest)
	Unauthorized     = makeErrorResponder(http.StatusUnauthorized)
	Forbidden        = makeErrorResponder(http.StatusForbidden)
	NotFound         = makeErrorResponder(http.StatusNotFound)
	MethodNotAllowed = makeErrorResponder(http.StatusMethodNotAllowed)
	InternalError    = makeErrorResponder(http.StatusInternalServerError)
	GatewayTimeout   = makeErrorResponder(http.StatusGatewayTimeout)
)

Standard error responses.

View Source
var API = []*Command{{
	Path:       "/v1/system-info",
	ReadAccess: OpenAccess{},
	GET:        v1SystemInfo,
}, {
	Path:       "/v1/health",
	ReadAccess: OpenAccess{},
	GET:        v1Health,
}, {
	Path:       "/v1/changes",
	ReadAccess: UserAccess{},
	GET:        v1GetChanges,
}, {
	Path:        "/v1/changes/{id}",
	ReadAccess:  UserAccess{},
	WriteAccess: AdminAccess{},
	GET:         v1GetChange,
	POST:        v1PostChange,
}, {
	Path:       "/v1/changes/{id}/wait",
	ReadAccess: UserAccess{},
	GET:        v1GetChangeWait,
}, {
	Path:        "/v1/services",
	ReadAccess:  UserAccess{},
	WriteAccess: AdminAccess{},
	GET:         v1GetServices,
	POST:        v1PostServices,
}, {
	Path:        "/v1/services/{name}",
	ReadAccess:  UserAccess{},
	WriteAccess: AdminAccess{},
	GET:         v1GetService,
	POST:        v1PostService,
}, {
	Path:       "/v1/plan",
	ReadAccess: UserAccess{},
	GET:        v1GetPlan,
}, {
	Path:        "/v1/layers",
	WriteAccess: AdminAccess{},
	POST:        v1PostLayers,
}, {
	Path:        "/v1/files",
	ReadAccess:  AdminAccess{},
	WriteAccess: AdminAccess{},
	GET:         v1GetFiles,
	POST:        v1PostFiles,
}, {
	Path:       "/v1/logs",
	ReadAccess: UserAccess{},
	GET:        v1GetLogs,
}, {
	Path:        "/v1/exec",
	WriteAccess: AdminAccess{},
	POST:        v1PostExec,
}, {
	Path:       "/v1/tasks/{task-id}/websocket/{websocket-id}",
	ReadAccess: AdminAccess{},
	GET:        v1GetTaskWebsocket,
}, {
	Path:        "/v1/signals",
	WriteAccess: AdminAccess{},
	POST:        v1PostSignals,
}, {
	Path:        "/v1/checks",
	ReadAccess:  UserAccess{},
	WriteAccess: AdminAccess{},
	GET:         v1GetChecks,
	POST:        v1PostChecks,
}, {
	Path:        "/v1/notices",
	ReadAccess:  UserAccess{},
	WriteAccess: UserAccess{},
	GET:         v1GetNotices,
	POST:        v1PostNotices,
}, {
	Path:       "/v1/notices/{id}",
	ReadAccess: UserAccess{},
	GET:        v1GetNotice,
}, {
	Path:        "/v1/identities",
	ReadAccess:  UserAccess{},
	WriteAccess: AdminAccess{},
	GET:         v1GetIdentities,
	POST:        v1PostIdentities,
}, {
	Path:       "/v1/metrics",
	ReadAccess: MetricsAccess{},
	GET:        v1GetMetrics,
}}

Functions

func SetRebootMode

func SetRebootMode(mode RebootMode)

SetRebootMode configures how the system issues a reboot. The default reboot handler mode is SystemdMode, which relies on systemd (or similar) provided functionality to reboot.

Types

type AccessChecker added in v1.9.0

type AccessChecker interface {
	// CheckAccess reports whether access should be granted or denied. If
	// access is granted, return nil. If access is denied, return a non-nil
	// error such as Unauthorized("access denied").
	CheckAccess(d *Daemon, r *http.Request, user *UserState) Response
}

AccessChecker checks whether a particular request is allowed.

type AdminAccess added in v1.9.0

type AdminAccess struct{}

AdminAccess allows requests over the unix domain socket from the root UID and the current user's UID.

func (AdminAccess) CheckAccess added in v1.9.0

func (ac AdminAccess) CheckAccess(d *Daemon, r *http.Request, user *UserState) Response

type Command

type Command struct {
	Path       string
	PathPrefix string
	//
	GET  ResponseFunc
	PUT  ResponseFunc
	POST ResponseFunc

	// Access control.
	ReadAccess  AccessChecker
	WriteAccess AccessChecker
	// contains filtered or unexported fields
}

A Command routes a request to an individual per-verb ResponseFUnc

func (*Command) Daemon

func (c *Command) Daemon() *Daemon

func (*Command) ServeHTTP

func (c *Command) ServeHTTP(w http.ResponseWriter, r *http.Request)

type Daemon

type Daemon struct {
	Version   string
	StartTime time.Time
	// contains filtered or unexported fields
}

A Daemon listens for requests and routes them to the right command

func New

func New(opts *Options) (*Daemon, error)

func (*Daemon) CanStandby

func (d *Daemon) CanStandby() bool

func (*Daemon) Dying

func (d *Daemon) Dying() <-chan struct{}

func (*Daemon) Err added in v1.16.0

func (d *Daemon) Err() error

Err returns the death reason, or ErrStillAlive if the tomb is not in a dying or dead state.

func (*Daemon) HandleRestart

func (d *Daemon) HandleRestart(t restart.RestartType)

HandleRestart implements overlord.RestartBehavior.

func (*Daemon) Init

func (d *Daemon) Init() error

Init sets up the Daemon's internal workings. Don't call more than once.

func (*Daemon) Overlord

func (d *Daemon) Overlord() *overlord.Overlord

func (*Daemon) RebootAsExpected added in v1.16.0

func (d *Daemon) RebootAsExpected(st *state.State) error

RebootAsExpected implements part of overlord.RestartBehavior.

func (*Daemon) RebootDidNotHappen added in v1.16.0

func (d *Daemon) RebootDidNotHappen(st *state.State) error

RebootDidNotHappen implements part of overlord.RestartBehavior.

func (*Daemon) SetDegradedMode

func (d *Daemon) SetDegradedMode(err error)

SetDegradedMode puts the daemon into a degraded mode which will the error given in the "err" argument for commands that are not marked as readonlyOK.

This is useful to report errors to the client when the daemon cannot work because e.g. a sanity check failed or the system is out of diskspace.

When the system is fine again calling "DegradedMode(nil)" is enough to put the daemon into full operation again.

func (*Daemon) SetServiceArgs

func (d *Daemon) SetServiceArgs(serviceArgs map[string][]string) error

SetServiceArgs updates the specified service commands by replacing existing arguments with the newly specified arguments.

func (*Daemon) Start

func (d *Daemon) Start() error

func (*Daemon) Stop

func (d *Daemon) Stop(sigCh chan<- os.Signal) error

Stop shuts down the Daemon.

type MetricsAccess added in v1.19.0

type MetricsAccess struct{}

MetricsAccess allows requests over HTTP from authenticated users.

func (MetricsAccess) CheckAccess added in v1.19.0

func (ac MetricsAccess) CheckAccess(d *Daemon, r *http.Request, user *UserState) Response

type OpenAccess added in v1.9.0

type OpenAccess struct{}

OpenAccess allows all requests, including non-local sockets (for example, TCP).

func (OpenAccess) CheckAccess added in v1.9.0

func (ac OpenAccess) CheckAccess(d *Daemon, r *http.Request, user *UserState) Response

type Options

type Options struct {
	// Dir is the pebble directory where all setup is found. Defaults to /var/lib/pebble/default.
	Dir string

	// LayersDir is an optional path for the layers directory.
	// Defaults to "layers" inside the pebble directory.
	LayersDir string

	// SocketPath is an optional path for the unix socket used for the client
	// to communicate with the daemon. Defaults to a hidden (dotted) name inside
	// the pebble directory.
	SocketPath string

	// HTTPAddress is the address for the plain HTTP API server, for example
	// ":4000" to listen on any address, port 4000. If not set, the HTTP API
	// server is not started.
	HTTPAddress string

	// ServiceOuput is an optional io.Writer for the service log output, if set, all services
	// log output will be written to the writer.
	ServiceOutput io.Writer

	// OverlordExtension is an optional interface used to extend the capabilities
	// of the Overlord.
	OverlordExtension overlord.Extension
}

Options holds the daemon setup required for the initialization of a new daemon.

type RebootMode

type RebootMode int
const (
	// Reboot uses systemd
	SystemdMode RebootMode = iota + 1
	// Reboot uses direct kernel syscalls
	SyscallMode
	// Reboot is handled externally after the daemon stops
	ExternalMode
)

type Response

type Response interface {
	ServeHTTP(w http.ResponseWriter, r *http.Request)
}

Response knows how to serve itself, and how to find itself

func AsyncResponse

func AsyncResponse(result map[string]any, change string) Response

func ErrorResponse added in v1.5.0

func ErrorResponse(status int, format string, v ...any) Response

ErrorResponse builds an error Response that returns the status and formatted message.

If no arguments are provided, formatting is disabled, and the format string is used as is and not interpreted in any way.

func SyncResponse

func SyncResponse(result any) Response

type ResponseFunc

type ResponseFunc func(*Command, *http.Request, *UserState) Response

A ResponseFunc handles one of the individual verbs for a method

type ResponseType

type ResponseType string
const (
	ResponseTypeSync  ResponseType = "sync"
	ResponseTypeAsync ResponseType = "async"
	ResponseTypeError ResponseType = "error"
)

type Ucrednet added in v1.9.0

type Ucrednet struct {
	Pid    int32
	Uid    uint32
	Socket string
}

func (*Ucrednet) String added in v1.9.0

func (un *Ucrednet) String() string

type UserAccess added in v1.9.0

type UserAccess struct{}

UserAccess allows requests over the UNIX domain socket from any local user

func (UserAccess) CheckAccess added in v1.9.0

func (ac UserAccess) CheckAccess(d *Daemon, r *http.Request, user *UserState) Response

type UserState

type UserState struct {
	Access state.IdentityAccess
	UID    *uint32
}

UserState represents the state of an authenticated API user.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL