package http import ( "time" "github.com/portainer/portainer/api/http/handler/edgegroups" "github.com/portainer/portainer/api/http/handler/edgestacks" "github.com/portainer/portainer/api/http/handler/edgetemplates" "github.com/portainer/portainer/api/http/handler/endpointedge" "github.com/portainer/portainer/api/http/handler/support" "github.com/portainer/portainer/api/http/handler/roles" portainer "github.com/portainer/portainer/api" "github.com/portainer/portainer/api/docker" "github.com/portainer/portainer/api/http/handler" "github.com/portainer/portainer/api/http/handler/auth" "github.com/portainer/portainer/api/http/handler/dockerhub" "github.com/portainer/portainer/api/http/handler/endpointgroups" "github.com/portainer/portainer/api/http/handler/endpointproxy" "github.com/portainer/portainer/api/http/handler/endpoints" "github.com/portainer/portainer/api/http/handler/extensions" "github.com/portainer/portainer/api/http/handler/file" "github.com/portainer/portainer/api/http/handler/motd" "github.com/portainer/portainer/api/http/handler/registries" "github.com/portainer/portainer/api/http/handler/resourcecontrols" "github.com/portainer/portainer/api/http/handler/schedules" "github.com/portainer/portainer/api/http/handler/settings" "github.com/portainer/portainer/api/http/handler/stacks" "github.com/portainer/portainer/api/http/handler/status" "github.com/portainer/portainer/api/http/handler/tags" "github.com/portainer/portainer/api/http/handler/teammemberships" "github.com/portainer/portainer/api/http/handler/teams" "github.com/portainer/portainer/api/http/handler/templates" "github.com/portainer/portainer/api/http/handler/upload" "github.com/portainer/portainer/api/http/handler/users" "github.com/portainer/portainer/api/http/handler/webhooks" "github.com/portainer/portainer/api/http/handler/websocket" "github.com/portainer/portainer/api/http/proxy" "github.com/portainer/portainer/api/http/security" "net/http" "path/filepath" ) // Server implements the portainer.Server interface type Server struct { BindAddress string AssetsPath string AuthDisabled bool EndpointManagement bool Status *portainer.Status ReverseTunnelService portainer.ReverseTunnelService ExtensionManager portainer.ExtensionManager ComposeStackManager portainer.ComposeStackManager CryptoService portainer.CryptoService SignatureService portainer.DigitalSignatureService JobScheduler portainer.JobScheduler Snapshotter portainer.Snapshotter RoleService portainer.RoleService DockerHubService portainer.DockerHubService EdgeGroupService portainer.EdgeGroupService EdgeStackService portainer.EdgeStackService EndpointService portainer.EndpointService EndpointGroupService portainer.EndpointGroupService EndpointRelationService portainer.EndpointRelationService FileService portainer.FileService GitService portainer.GitService JWTService portainer.JWTService LDAPService portainer.LDAPService ExtensionService portainer.ExtensionService RegistryService portainer.RegistryService ResourceControlService portainer.ResourceControlService ScheduleService portainer.ScheduleService SettingsService portainer.SettingsService StackService portainer.StackService SwarmStackManager portainer.SwarmStackManager TagService portainer.TagService TeamService portainer.TeamService TeamMembershipService portainer.TeamMembershipService UserService portainer.UserService WebhookService portainer.WebhookService Handler *handler.Handler SSL bool SSLCert string SSLKey string DockerClientFactory *docker.ClientFactory JobService portainer.JobService } // Start starts the HTTP server func (server *Server) Start() error { proxyManagerParameters := &proxy.ManagerParams{ ResourceControlService: server.ResourceControlService, UserService: server.UserService, TeamService: server.TeamService, TeamMembershipService: server.TeamMembershipService, SettingsService: server.SettingsService, RegistryService: server.RegistryService, DockerHubService: server.DockerHubService, SignatureService: server.SignatureService, ReverseTunnelService: server.ReverseTunnelService, ExtensionService: server.ExtensionService, DockerClientFactory: server.DockerClientFactory, } proxyManager := proxy.NewManager(proxyManagerParameters) authorizationServiceParameters := &portainer.AuthorizationServiceParameters{ EndpointService: server.EndpointService, EndpointGroupService: server.EndpointGroupService, RegistryService: server.RegistryService, RoleService: server.RoleService, TeamMembershipService: server.TeamMembershipService, UserService: server.UserService, } authorizationService := portainer.NewAuthorizationService(authorizationServiceParameters) requestBouncerParameters := &security.RequestBouncerParams{ JWTService: server.JWTService, UserService: server.UserService, TeamMembershipService: server.TeamMembershipService, EndpointService: server.EndpointService, EndpointGroupService: server.EndpointGroupService, ExtensionService: server.ExtensionService, RBACExtensionURL: proxyManager.GetExtensionURL(portainer.RBACExtension), AuthDisabled: server.AuthDisabled, } requestBouncer := security.NewRequestBouncer(requestBouncerParameters) rateLimiter := security.NewRateLimiter(10, 1*time.Second, 1*time.Hour) var authHandler = auth.NewHandler(requestBouncer, rateLimiter, server.AuthDisabled) authHandler.UserService = server.UserService authHandler.CryptoService = server.CryptoService authHandler.JWTService = server.JWTService authHandler.LDAPService = server.LDAPService authHandler.SettingsService = server.SettingsService authHandler.TeamService = server.TeamService authHandler.TeamMembershipService = server.TeamMembershipService authHandler.ExtensionService = server.ExtensionService authHandler.EndpointService = server.EndpointService authHandler.EndpointGroupService = server.EndpointGroupService authHandler.RoleService = server.RoleService authHandler.ProxyManager = proxyManager authHandler.AuthorizationService = authorizationService var roleHandler = roles.NewHandler(requestBouncer) roleHandler.RoleService = server.RoleService var dockerHubHandler = dockerhub.NewHandler(requestBouncer) dockerHubHandler.DockerHubService = server.DockerHubService var edgeGroupsHandler = edgegroups.NewHandler(requestBouncer) edgeGroupsHandler.EdgeGroupService = server.EdgeGroupService edgeGroupsHandler.EdgeStackService = server.EdgeStackService edgeGroupsHandler.EndpointService = server.EndpointService edgeGroupsHandler.EndpointGroupService = server.EndpointGroupService edgeGroupsHandler.EndpointRelationService = server.EndpointRelationService edgeGroupsHandler.TagService = server.TagService var edgeStacksHandler = edgestacks.NewHandler(requestBouncer) edgeStacksHandler.EdgeGroupService = server.EdgeGroupService edgeStacksHandler.EdgeStackService = server.EdgeStackService edgeStacksHandler.EndpointService = server.EndpointService edgeStacksHandler.EndpointGroupService = server.EndpointGroupService edgeStacksHandler.EndpointRelationService = server.EndpointRelationService edgeStacksHandler.FileService = server.FileService edgeStacksHandler.GitService = server.GitService var edgeTemplatesHandler = edgetemplates.NewHandler(requestBouncer) edgeTemplatesHandler.SettingsService = server.SettingsService var endpointHandler = endpoints.NewHandler(requestBouncer, server.EndpointManagement) endpointHandler.AuthorizationService = authorizationService endpointHandler.EdgeGroupService = server.EdgeGroupService endpointHandler.EdgeStackService = server.EdgeStackService endpointHandler.EndpointService = server.EndpointService endpointHandler.EndpointGroupService = server.EndpointGroupService endpointHandler.EndpointRelationService = server.EndpointRelationService endpointHandler.FileService = server.FileService endpointHandler.JobService = server.JobService endpointHandler.ProxyManager = proxyManager endpointHandler.ReverseTunnelService = server.ReverseTunnelService endpointHandler.SettingsService = server.SettingsService endpointHandler.Snapshotter = server.Snapshotter endpointHandler.TagService = server.TagService var endpointEdgeHandler = endpointedge.NewHandler(requestBouncer) endpointEdgeHandler.EdgeStackService = server.EdgeStackService endpointEdgeHandler.EndpointService = server.EndpointService endpointEdgeHandler.FileService = server.FileService var endpointGroupHandler = endpointgroups.NewHandler(requestBouncer) endpointGroupHandler.AuthorizationService = authorizationService endpointGroupHandler.EdgeGroupService = server.EdgeGroupService endpointGroupHandler.EdgeStackService = server.EdgeStackService endpointGroupHandler.EndpointService = server.EndpointService endpointGroupHandler.EndpointGroupService = server.EndpointGroupService endpointGroupHandler.EndpointRelationService = server.EndpointRelationService endpointGroupHandler.TagService = server.TagService var endpointProxyHandler = endpointproxy.NewHandler(requestBouncer) endpointProxyHandler.EndpointService = server.EndpointService endpointProxyHandler.ProxyManager = proxyManager endpointProxyHandler.SettingsService = server.SettingsService endpointProxyHandler.ReverseTunnelService = server.ReverseTunnelService var fileHandler = file.NewHandler(filepath.Join(server.AssetsPath, "public")) var motdHandler = motd.NewHandler(requestBouncer) var extensionHandler = extensions.NewHandler(requestBouncer) extensionHandler.ExtensionService = server.ExtensionService extensionHandler.ExtensionManager = server.ExtensionManager extensionHandler.EndpointGroupService = server.EndpointGroupService extensionHandler.EndpointService = server.EndpointService extensionHandler.RegistryService = server.RegistryService extensionHandler.AuthorizationService = authorizationService var registryHandler = registries.NewHandler(requestBouncer) registryHandler.RegistryService = server.RegistryService registryHandler.ExtensionService = server.ExtensionService registryHandler.FileService = server.FileService registryHandler.ProxyManager = proxyManager var resourceControlHandler = resourcecontrols.NewHandler(requestBouncer) resourceControlHandler.ResourceControlService = server.ResourceControlService var schedulesHandler = schedules.NewHandler(requestBouncer) schedulesHandler.ScheduleService = server.ScheduleService schedulesHandler.EndpointService = server.EndpointService schedulesHandler.FileService = server.FileService schedulesHandler.JobService = server.JobService schedulesHandler.JobScheduler = server.JobScheduler schedulesHandler.SettingsService = server.SettingsService schedulesHandler.ReverseTunnelService = server.ReverseTunnelService var settingsHandler = settings.NewHandler(requestBouncer) settingsHandler.SettingsService = server.SettingsService settingsHandler.LDAPService = server.LDAPService settingsHandler.FileService = server.FileService settingsHandler.JobScheduler = server.JobScheduler settingsHandler.ScheduleService = server.ScheduleService settingsHandler.RoleService = server.RoleService settingsHandler.ExtensionService = server.ExtensionService settingsHandler.AuthorizationService = authorizationService var stackHandler = stacks.NewHandler(requestBouncer) stackHandler.FileService = server.FileService stackHandler.StackService = server.StackService stackHandler.EndpointService = server.EndpointService stackHandler.ResourceControlService = server.ResourceControlService stackHandler.SwarmStackManager = server.SwarmStackManager stackHandler.ComposeStackManager = server.ComposeStackManager stackHandler.GitService = server.GitService stackHandler.RegistryService = server.RegistryService stackHandler.DockerHubService = server.DockerHubService stackHandler.SettingsService = server.SettingsService stackHandler.UserService = server.UserService stackHandler.ExtensionService = server.ExtensionService var tagHandler = tags.NewHandler(requestBouncer) tagHandler.EdgeGroupService = server.EdgeGroupService tagHandler.EdgeStackService = server.EdgeStackService tagHandler.EndpointService = server.EndpointService tagHandler.EndpointGroupService = server.EndpointGroupService tagHandler.EndpointRelationService = server.EndpointRelationService tagHandler.TagService = server.TagService var teamHandler = teams.NewHandler(requestBouncer) teamHandler.TeamService = server.TeamService teamHandler.TeamMembershipService = server.TeamMembershipService teamHandler.AuthorizationService = authorizationService var teamMembershipHandler = teammemberships.NewHandler(requestBouncer) teamMembershipHandler.TeamMembershipService = server.TeamMembershipService teamMembershipHandler.AuthorizationService = authorizationService var statusHandler = status.NewHandler(requestBouncer, server.Status) var supportHandler = support.NewHandler(requestBouncer) var templatesHandler = templates.NewHandler(requestBouncer) templatesHandler.SettingsService = server.SettingsService var uploadHandler = upload.NewHandler(requestBouncer) uploadHandler.FileService = server.FileService var userHandler = users.NewHandler(requestBouncer, rateLimiter) userHandler.UserService = server.UserService userHandler.TeamService = server.TeamService userHandler.TeamMembershipService = server.TeamMembershipService userHandler.CryptoService = server.CryptoService userHandler.ResourceControlService = server.ResourceControlService userHandler.SettingsService = server.SettingsService userHandler.AuthorizationService = authorizationService var websocketHandler = websocket.NewHandler(requestBouncer) websocketHandler.EndpointService = server.EndpointService websocketHandler.SignatureService = server.SignatureService websocketHandler.ReverseTunnelService = server.ReverseTunnelService var webhookHandler = webhooks.NewHandler(requestBouncer) webhookHandler.WebhookService = server.WebhookService webhookHandler.EndpointService = server.EndpointService webhookHandler.DockerClientFactory = server.DockerClientFactory server.Handler = &handler.Handler{ RoleHandler: roleHandler, AuthHandler: authHandler, DockerHubHandler: dockerHubHandler, EdgeGroupsHandler: edgeGroupsHandler, EdgeStacksHandler: edgeStacksHandler, EdgeTemplatesHandler: edgeTemplatesHandler, EndpointGroupHandler: endpointGroupHandler, EndpointHandler: endpointHandler, EndpointEdgeHandler: endpointEdgeHandler, EndpointProxyHandler: endpointProxyHandler, FileHandler: fileHandler, MOTDHandler: motdHandler, ExtensionHandler: extensionHandler, RegistryHandler: registryHandler, ResourceControlHandler: resourceControlHandler, SettingsHandler: settingsHandler, StatusHandler: statusHandler, StackHandler: stackHandler, SupportHandler: supportHandler, TagHandler: tagHandler, TeamHandler: teamHandler, TeamMembershipHandler: teamMembershipHandler, TemplatesHandler: templatesHandler, UploadHandler: uploadHandler, UserHandler: userHandler, WebSocketHandler: websocketHandler, WebhookHandler: webhookHandler, SchedulesHanlder: schedulesHandler, } if server.SSL { return http.ListenAndServeTLS(server.BindAddress, server.SSLCert, server.SSLKey, server.Handler) } return http.ListenAndServe(server.BindAddress, server.Handler) }