Merge pull request #26 from nuclearcat/get-client-ip

logging: Get client IP from headers as we operate behind proxy (k8s/docker/nginx)

Author: nuclearcat

Cargo.toml

@@ -36,3 +36,11 @@ tower = "0.5.2"
 tower-http = { version = "0.6.2", features = ["trace", "fs", "limit"] }
 tracing = "0.1.41"
 tracing-subscriber = "0.3.19"
+
+[dev-dependencies]
+reqwest = { version = "0.12.9", features = ["blocking", "multipart"] }
+hmac = "0.12.1"
+jwt = "0.16.0"
+sha2 = "0.10.8"
+tokio = { version = "1.42.0", features = ["rt", "rt-multi-thread", "macros", "time", "process"] }
+tempfile = "3.14.0"

src/main.rs

@@ -399,7 +399,10 @@ async fn main() {
     logging::init(get_args().verbose);
     tracing_subscriber::fmt::init();
     let tlscfg = initial_setup().await;
-    let port = 3000;
+    let port: u16 = std::env::var("KCI_STORAGE_PORT")
+        .ok()
+        .and_then(|p| p.parse().ok())
+        .unwrap_or(3000);
     let state = AppState {
         file_locks: Arc::new(RwLock::new(HashMap::new())),
     };
@@ -436,7 +439,8 @@ async fn main() {
     } else {
         //let listener = tokio::net::TcpListener::bind("0.0.0.0:3000").await.unwrap();
         //axum::serve(listener, app).await.unwrap();
-        axum_server::bind("0.0.0.0:3000".parse().unwrap())
+        let addr = SocketAddr::from(([0, 0, 0, 0], port));
+        axum_server::bind(addr)
             .serve(app.into_make_service_with_connect_info::<SocketAddr>())
             .await
             .unwrap();
@@ -963,6 +967,8 @@ async fn ax_get_file(
         None => "",
     };
 
+    let client_ip = client_ip_from_headers(&rxheaders, remote_addr);
+
     let semaphore = get_or_create_semaphore(&state.file_locks, &filepath).await;
     // Wait for permit with timeout
     let _permit =
@@ -986,8 +992,8 @@ async fn ax_get_file(
 
     if !received_file.valid {
         println!(
-            "{:?} 404 0 {} {} {} {}",
-            remote_addr, human_time, method, filepath, user_agent_str
+            "{} 404 0 {} {} {} {}",
+            client_ip, human_time, method, filepath, user_agent_str
         );
         return (StatusCode::NOT_FOUND, format!("Not Found: {}", filepath)).into_response();
     }
@@ -1033,8 +1039,8 @@ async fn ax_get_file(
         if let Some(etag) = upstream_headers.get(ETAG) {
             if if_none_match == etag {
                 println!(
-                    "{:?} 304 0 {} {} {} {}",
-                    remote_addr, human_time, method, filepath, user_agent_str
+                    "{} 304 0 {} {} {} {}",
+                    client_ip, human_time, method, filepath, user_agent_str
                 );
                 return (StatusCode::NOT_MODIFIED, headers, Body::empty()).into_response();
             }
@@ -1045,8 +1051,8 @@ async fn ax_get_file(
             // TODO: Validate properly last_modified
             if if_modified_since == last_modified {
                 println!(
-                    "{:?} 304 0 {} {} {} {}",
-                    remote_addr, human_time, method, filepath, user_agent_str
+                    "{} 304 0 {} {} {} {}",
+                    client_ip, human_time, method, filepath, user_agent_str
                 );
                 return (StatusCode::NOT_MODIFIED, headers, Body::empty()).into_response();
             }
@@ -1059,8 +1065,8 @@ async fn ax_get_file(
             headers.insert(header::CONTENT_LENGTH, val);
         }
         println!(
-            "{:?} 200 0 {} {} {} {}",
-            remote_addr, human_time, method, filepath, user_agent_str
+            "{} 200 0 {} {} {} {}",
+            client_ip, human_time, method, filepath, user_agent_str
         );
         return (headers, Body::empty()).into_response();
     }
@@ -1114,14 +1120,14 @@ async fn ax_get_file(
             if start != 0 {
                 let body_size = end - start;
                 println!(
-                    "{:?} 206 {} {} {} {} {}",
-                    remote_addr, body_size, human_time, method, filepath, user_agent_str
+                    "{} 206 {} {} {} {} {}",
+                    client_ip, body_size, human_time, method, filepath, user_agent_str
                 );
                 return (StatusCode::PARTIAL_CONTENT, headers, axbody).into_response();
             }
             println!(
-                "{:?} 200 {} {} {} {} {}",
-                remote_addr,
+                "{} 200 {} {} {} {} {}",
+                client_ip,
                 metadata.len(),
                 human_time,
                 method,
@@ -1133,8 +1139,8 @@ async fn ax_get_file(
         Err(_) => {
             eprintln!("Error opening file in ax_get_file");
             println!(
-                "{:?} 404 0 {} {} {} {}",
-                remote_addr, human_time, method, filepath, user_agent_str
+                "{} 404 0 {} {} {} {}",
+                client_ip, human_time, method, filepath, user_agent_str
             );
             (StatusCode::NOT_FOUND, headers, Body::empty()).into_response()
         }