-
Notifications
You must be signed in to change notification settings - Fork 5
/
main.me
executable file
·377 lines (326 loc) · 13.9 KB
/
main.me
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
/*
main.me -- Main MakeMe file for GoAhead
This file contains the rules for targets to build and default settings for configuration.
The MakeMe utility (https://embedthis.com/me) may be used to build GoAhead instead of make.
MakeMe provides for configured builds and generates projects files.
Alternatively, build using the 'make' utility in which case this file is not used.
*/
Me.load({
makeme: '>=0.9.0',
plugins: [ 'installs' ],
blend: [
'src/*/*.me',
'test/test.me',
'paks/ssl/*.me',
'doc/doc.me',
],
configure: {
requires: [ 'osdep' ],
discovers: [ 'ssl' ],
},
settings: {
integrate: true,
/*
Installation prefix set
*/
prefixes: 'install-prefixes',
manifest: 'installs/manifest.me',
certs: {
gendh: true
},
compiler: {
fortify: true
},
/*
Set to true for a static link, or use 'configure --static'
static: false,
*/
goahead: {
/*
Log for request access logging
*/
accessLog: false,
/*
User authentication
*/
auth: true,
/*
Select the password store mechanism. Set to: pam, file, custom
If using PAM, must also set authPam to true
*/
authStore: 'file',
/*
Automatically login. Useful for debugging.
*/
autoLogin: false,
clientCache: [ 'css', 'gif', 'ico', 'jpg', 'js', 'png', ],
clientCacheLifespan: 86400,
/*
Build with CGI support and directory for CGI programs.
*/
cgi: true,
/*
Prefix for CGI environment variables
*/
cgiVarPrefix: "CGI_"
/*
Build with support for digest authentication
*/
digest: true,
/*
Directory containing web documents to serve
*/
documents: 'web',
/*
Build with support for javascript web templates
*/
javascript: true,
/*
Define legacy APIs for compatibility with old GoAhead web server applications
*/
legacy: false,
/*
Sandbox limits and allocation sizes
*/
limitBuffer: 1024, /* I/O Buffer size. Also chunk size. */
limitCgiArgs: 4096, /* Max number of CGI args */
limitFiles: 0, /* Maximum files/sockets. Set to zero for unlimited. Unix only */
limitFilename: 256, /* Maximum filename size */
limitHeader: 2048, /* Maximum HTTP single header size */
limitHeaders: 4096, /* Maximum HTTP header size */
limitNumHeaders: 64, /* Maximum number of headers */
limitParseTimeout: 5, /* Maximum time to parse the request headers */
limitPassword: 32, /* Maximum password size */
limitPost: 16384, /* Maximum POST incoming body size */
limitPut: 204800000, /* Maximum PUT body size ~ 200MB */
limitSessionLife: 1800, /* Session lifespan in seconds (30 mins) */
limitSessionCount: 512, /* Maximum number of sessions to support */
limitString: 256, /* Default string size */
limitTimeout: 60, /* Request inactivity timeout in seconds */
limitUri: 2048, /* Maximum URI size */
limitUpload: 204800000, /* Maximum upload size ~ 200MB */
/*
Addresses to listen on. This specifies the protocol, interface and port.
*/
listen: ['http://*:80', 'https://*:443']
/*
Enable application logging and tracing
*/
logging: true,
logfile: 'stderr:0',
tracing: true,
/*
Temporary directory to hold PUT files
This must be on the same filesystem as the web documents directory.
*/
putDir: '.',
/*
Authentication realm. Replace with your realm.
*/
realm: 'example.com',
/*
Replace malloc with a non-fragmenting allocator
*/
replaceMalloc: false,
/*
Enable stealth options. Disable OPTIONS and TRACE methods.
*/
stealth: true,
ssl: {
authority: '', /* Root certificates for verifying client certificates */
cache: 512, /* Set the session cache size (items) */
certificate: 'self.crt', /* Server certificate file. A valid certificate must be obtained */
ciphers: '', /* Override cipher suite for SSL. */
key: 'self.key', /* Server SSL key. This is by default set to a test key. This must be regenerated */
logLevel: 5 /* Starting logging level for SSL messages */
handshakes: 3, /* Set maximum number of renegotiations (zero means infinite) */
revoke: '', /* List of revoked client certificates */
ticket: true, /* Enable session resumption via ticketing - client side session caching */
timeout: 86400, /* Session and ticketing duration in seconds */
verifyIssuer: false, /* Verify issuer of client certificate */
verifyPeer: false, /* Verify client certificates */
},
/*
Upload file support
*/
upload: true,
uploadDir: 'tmp',
/*
Enable X-Frame-Origin to prevent clickjacking. Set to empty to disable.
Set to: DENY, SAMEORIGIN, ALLOW uri
*/
xframeHeader: 'SAMEORIGIN',
},
mbedtls: {
compact: true, /* Compact edition - Disable non-essential ciphers and features */
},
openssl: {
version: '1.0', /* Base edition */
},
/*
Build without a file system (from ROM)
*/
rom: false,
/*
Default modifiecation time for rommed files.
Set to the number of seconds since Jan 1 1970.
*/
romTime: 1505449519432,
},
usage: {
'goahead.accessLog': 'Enable request access log (true|false)',
'goahead.caFile': 'File of client certificates (path)',
'goahead.certificate': 'Server certificate for SSL (path)',
'goahead.ciphers': 'SSL cipher suite (string)',
'goahead.cgi': 'Enable the CGI handler (true|false)',
'goahead.cgiBin': 'Directory CGI programs (path)',
'goahead.clientCache': 'Extensions to cache in the client (Array)',
'goahead.clientCacheLifespan':'Lifespan in seconds to cache in the client',
'goahead.javascript': 'Enable the Javascript JST handler (true|false)',
'goahead.key': 'Server private key for SSL (path)',
'goahead.legacy': 'Enable the GoAhead 2.X legacy APIs (true|false)',
'goahead.limitBuffer': 'I/O Buffer size. Also chunk size.',
'goahead.limitFilename': 'Maximum filename size',
'goahead.limitHeader': 'Maximum HTTP single header size',
'goahead.limitHeaders': 'Maximum HTTP header size',
'goahead.limitNumHeaders': 'Maximum number of headers',
'goahead.limitPassword': 'Maximum password size',
'goahead.limitPost': 'Maximum POST (and other method) incoming body size',
'goahead.limitPut': 'Maximum PUT body size ~ 200MB',
'goahead.limitSessionLife': 'Session lifespan in seconds (30 mins)',
'goahead.limitSessionCount': 'Maximum number of sessions to support',
'goahead.limitString': 'Default string allocation size',
'goahead.limitTimeout': 'Request inactivity timeout in seconds',
'goahead.limitUri': 'Maximum URI size',
'goahead.limitUpload': 'Maximum upload size ~ 200MB',
'goahead.listen': 'Addresses to listen to (["http://IP:port", ...])',
'goahead.logfile': 'Default location and level for debug log (path:level)',
'goahead.logging': 'Enable application logging (true|false)',
'goahead.pam': 'Enable Unix Pluggable Auth Module (true|false)',
'goahead.putDir': 'Define the directory for file uploaded via HTTP PUT (path)',
'goahead.realm': 'Authentication realm (string)',
'goahead.revoke': 'List of revoked client certificates',
'goahead.replaceMalloc': 'Replace malloc with non-fragmenting allocator (true|false)',
'goahead.ssl.cache': 'Set the session cache size (items)',
'goahead.ssl.logLevel': 'Starting logging level for SSL messages',
'goahead.ssl.renegotiate': 'Enable/Disable SSL renegotiation (defaults to true)',
'goahead.ssl.ticket': 'Enable session resumption via ticketing - client side session caching',
'goahead.ssl.timeout': 'Session and ticketing duration in seconds',
'goahead.stealth': 'Run in stealth mode. Disable OPTIONS, TRACE (true|false)',
'goahead.tune': 'Optimize (size|speed|balanced)',
'goahead.upload': 'Enable file upload (true|false)',
'goahead.uploadDir': 'Define directory for uploaded files (path)',
'rom': 'Build without a file system (true|false)',
},
customize: [
/*
The optional custom.me file is loaded after main.me is fully processed. It can
thus override any setting. Feel free to create and customize.
*/
'custom.me',
],
scripts: {
postconfig: `
if (me.settings.goahead.authStore != 'pam') {
me.settings.compiler.hasPam = false
}
`,
},
targets: {
libgo: {
type: 'lib',
sources: [ 'src/*.c' ],
headers: [ 'src/*.h' ],
exclude: /goahead\.c/,
depends: [ 'osdep', 'ssl' ],
scripts: {
prebuild: `
if (me.settings.compiler.hasPam && me.settings.goahead.pam) {
me.target.libraries.push('pam')
}
`
},
},
goahead: {
type: 'exe',
sources: [ 'src/goahead.c' ],
headers: [ 'src/*.h' ],
depends: [ 'libgo', 'install-certs' ],
scripts: {
prebuild: `
if (me.settings.compiler.hasPam) {
me.target.libraries.push('pam')
}
cp(['${BIN}/self.key', '${BIN}/self.crt'], 'src')
cp(['${BIN}/self.key', '${BIN}/self.crt'], 'test')
`,
},
},
/*
Compiler for web pages into C code
*/
gopass: {
enable: 'me.settings.goahead.auth',
type: 'exe',
sources: [ 'src/utils/gopass.c' ],
headers: [ 'src/*.h' ],
depends: [ 'libgo' ],
},
/*
Compiler for web pages into C code
*/
webcomp: {
enable: 'me.settings.rom',
type: 'exe',
sources: [ 'src/utils/webcomp.c' ],
headers: [ 'src/*.h' ],
depends: [ ],
},
run: {
home: 'src',
run: 'goahead -v',
},
rom: {
action: `
let path = Path('src/rom.c')
trace('Create', path)
path.write(Cmd.run('webcomp rom.files', {dir: 'src'}))
`,
},
install: {
home: '${TOP}',
generate: ' ',
depends: [ 'all', 'stop', 'installBinary', 'start' ],
action: `
trace('Info', me.settings.title + ' installed at ' + me.prefixes.vapp)
trace('Info', 'Configuration directory ' + me.prefixes.etc)
trace('Info', 'Documents directory ' + me.prefixes.web)
trace('Info', 'Executables directory ' + me.prefixes.vapp.join('bin'))
trace('Info', 'Use "man goahead" for usage')
trace('Info', 'Run via "cd ' + me.prefixes.etc + ' ; sudo goahead -v ' + me.prefixes.web + '"')
trace('Info', 'Browse to ' + me.settings.goahead.listen[0].replace('*', 'localhost').replace(':80', '/'))
let pid = Cmd.ps('goahead')
if (pid && pid.length > 0) {
trace('Info', me.settings.title + ' PID: ' + pid[0].pid)
}
`,
},
projects: {
action: `
genProjects('--set openssl.version=1.0 --with openssl', 'openssl_10', 'windows-x64')
genProjects('--set openssl.version=1.1 --with openssl', 'openssl_11', 'windows-x64')
genProjects('--with openssl', 'openssl', 'macosx-x64')
genProjects('')
`
},
publish: {
action: `publish()`,
},
mine: {
action: `genProjects('', 'mine', Config.OS + '-' + Config.CPU)`,
},
mgen: {
action: `genProjects('-with mbedtls', 'mine', Config.OS + '-' + Config.CPU)`,
}
},
})