Merge pull request #14 from cybozu-go/metrics2

Add metrics server

.github/workflows/main.yml

@@ -0,0 +1,36 @@
+name: main
+on:
+  pull_request:
+  push:
+    branches:
+    - 'master'
+env:
+  go-version: 1.20.1
+jobs:
+  lint:
+    name: Lint
+    runs-on: ubuntu-20.04
+    steps:
+    - uses: actions/checkout@v3
+    - uses: actions/setup-go@v3
+      with:
+        go-version: ${{ env.go-version }}
+    - uses: golangci/golangci-lint-action@v3
+  build:
+    name: Build
+    runs-on: ubuntu-20.04
+    steps:
+    - uses: actions/checkout@v3
+    - uses: actions/setup-go@v3
+      with:
+        go-version: ${{ env.go-version }}
+    - run: go build -trimpath ./...
+  test:
+    name: Test
+    runs-on: ubuntu-20.04
+    steps:
+    - uses: actions/checkout@v3
+    - uses: actions/setup-go@v3
+      with:
+        go-version: ${{ env.go-version }}
+    - run: NO_PROXY= go test -race -v -coverprofile cover.out ./...

.gitignore

@@ -28,6 +28,4 @@ _testmain.go
 *.exe
 *.test
 *.prof
-
-# Ignore go.sum
-/go.sum
+*.out

.golangci.yml

@@ -3,6 +3,9 @@ linters:
         - dupl
         - goconst
         - gofmt
-        - golint
+        - revive
         - typecheck
         - unparam
+linters-settings:
+    staticcheck:
+        checks: ["all", "-SA6002"]

README.md

@@ -61,7 +61,7 @@ Features
 Install
 -------
 
-Use Go 1.7 or better.
+Use a recent version of Go.
 
 ```
 go get -u github.com/cybozu-go/usocksd/...

address_group.go

@@ -70,7 +70,7 @@ func (a *AddressGroup) detectInvalid() {
 		}
 		a.lock.Lock()
 		if len(invalids) > 0 && len(a.invalids) != len(invalids) {
-			log.Warn("detect black-listed IP", map[string]interface{}{
+			_ = log.Warn("detect black-listed IP", map[string]interface{}{
 				"_bad_ips": toStringList(invalids),
 			})
 		}

cmd/usocksd/main.go

@@ -2,6 +2,7 @@ package main
 
 import (
 	"flag"
+	"fmt"
 	"net"
 	"os"
 
@@ -18,13 +19,24 @@ var (
 	optFile = flag.String("f", "", "configuration file name")
 )
 
+func serveMetrics(c *usocksd.Config) error {
+	metricsServer := usocksd.NewMetricsServer(c)
+	mln, err := usocksd.MetricsListener(c)
+	if err != nil {
+		return fmt.Errorf("could not initialize metrics server: %w", err)
+	}
+	return metricsServer.Serve(mln)
+}
+
 func serve(lns []net.Listener, c *usocksd.Config) {
 	socksServer := usocksd.NewServer(c)
 	for _, ln := range lns {
 		socksServer.Serve(ln)
 	}
-	err := well.Wait()
-	if err != nil && !well.IsSignaled(err) {
+	if err := serveMetrics(c); err != nil {
+		log.ErrorExit(err)
+	}
+	if err := well.Wait(); err != nil && !well.IsSignaled(err) {
 		log.ErrorExit(err)
 	}
 }

config.go

@@ -10,12 +10,14 @@ import (
 )
 
 const (
-	defaultPort = 1080
+	defaultPort        = 1080
+	defaultMetricsPort = 1081
 )
 
 // IncomingConfig is a set of configurations to accept clients.
 type IncomingConfig struct {
 	Port         int
+	MetricsPort  int `toml:"metrics_port"`
 	Addresses    []net.IP
 	AllowFrom    []string `toml:"allow_from"`
 	allowSubnets []*net.IPNet
@@ -42,6 +44,7 @@ type Config struct {
 func NewConfig() *Config {
 	c := new(Config)
 	c.Incoming.Port = defaultPort
+	c.Incoming.MetricsPort = defaultMetricsPort
 	return c
 }
 

config_test.go

@@ -3,17 +3,29 @@ package usocksd
 import (
 	"net"
 	"testing"
+
+	"github.com/google/go-cmp/cmp"
+	"github.com/google/go-cmp/cmp/cmpopts"
 )
 
 func TestEmptyConfig(t *testing.T) {
 	t.Parallel()
 
 	c := NewConfig()
-	if c.Incoming.Port != defaultPort {
-		t.Errorf("default port != %d", defaultPort)
+	expected := &Config{
+		Incoming: IncomingConfig{
+			Port:        defaultPort,
+			MetricsPort: defaultMetricsPort,
+		},
+		Outgoing: OutgoingConfig{},
+	}
+	options := []cmp.Option{
+		cmpopts.IgnoreUnexported(Config{}),
+		cmpopts.IgnoreUnexported(IncomingConfig{}),
+		cmpopts.IgnoreUnexported(OutgoingConfig{}),
 	}
-	if len(c.Outgoing.Addresses) != 0 {
-		t.Error("outgoing.addresses must be empty")
+	if diff := cmp.Diff(c, expected, options...); diff != "" {
+		t.Fatalf("unexpected config (-actual +expected):\n%s", diff)
 	}
 	if !c.allowPort(443) {
 		t.Error("port 443 must be allowed")
@@ -27,29 +39,50 @@ func TestConfig(t *testing.T) {
 	if err := c.Load("test/test1.toml"); err != nil {
 		t.Fatal(err)
 	}
-	if c.Incoming.Port != 1080 {
-		t.Error("incoming.port != 1080")
-	}
-	if len(c.Incoming.Addresses) != 1 {
-		t.Error("empty incoming.addresses")
-	} else {
-		ip1 := net.ParseIP("127.0.0.1")
-		if !c.Incoming.Addresses[0].Equal(ip1) {
-			t.Error(`c.incoming.addresses != ["127.0.0.1"]`)
-		}
-	}
-	if len(c.Incoming.allowSubnets) == 0 {
-		t.Error("empty incoming.allow_from")
-	} else {
-		if !c.allowIP(net.ParseIP("10.1.32.4")) {
-			t.Error("10.1.32.4 is not allowed")
-		}
-		if !c.allowIP(net.ParseIP("192.168.1.1")) {
-			t.Error("192.168.1.1 is not allowed")
-		}
-		if c.allowIP(net.ParseIP("12.34.56.78")) {
-			t.Error("12.34.56.78 shout not be allowed")
-		}
+	expected := &Config{
+		Incoming: IncomingConfig{
+			Port:        1080,
+			MetricsPort: 8081,
+			Addresses: []net.IP{
+				net.ParseIP("127.0.0.1"),
+			},
+			AllowFrom: []string{
+				"10.0.0.0/8",
+				"192.168.1.1",
+			},
+		},
+		Outgoing: OutgoingConfig{
+			AllowSites: []string{
+				"www.amazon.com",
+				".google.com",
+			},
+			DenySites: []string{
+				".2ch.net",
+				"bad.google.com",
+			},
+			Addresses: []net.IP{
+				net.ParseIP("12.34.56.78"),
+			},
+			DenyPorts:   []int{22, 25},
+			DNSBLDomain: "zen.spamhaus.org",
+		},
+	}
+	options := []cmp.Option{
+		cmpopts.IgnoreUnexported(Config{}),
+		cmpopts.IgnoreUnexported(IncomingConfig{}),
+		cmpopts.IgnoreUnexported(OutgoingConfig{}),
+	}
+	if diff := cmp.Diff(c, expected, options...); diff != "" {
+		t.Fatalf("unexpected config (-actual +expected):\n%s", diff)
+	}
+	if !c.allowIP(net.ParseIP("10.1.32.4")) {
+		t.Error("10.1.32.4 is not allowed")
+	}
+	if !c.allowIP(net.ParseIP("192.168.1.1")) {
+		t.Error("192.168.1.1 is not allowed")
+	}
+	if c.allowIP(net.ParseIP("12.34.56.78")) {
+		t.Error("12.34.56.78 shout not be allowed")
 	}
 	if !c.allowFQDN("www.amazon.com") {
 		t.Error("www.amazon.com should be allowed")
@@ -69,16 +102,6 @@ func TestConfig(t *testing.T) {
 	if !c.allowPort(443) {
 		t.Error("port 443 must be allowed")
 	}
-	if len(c.Outgoing.Addresses) != 1 {
-		t.Error("empty outgoing.addresses")
-	} else {
-		if c.Outgoing.Addresses[0].String() != "12.34.56.78" {
-			t.Error("failed to parse 12.34.56.78")
-		}
-	}
-	if c.Outgoing.DNSBLDomain != "zen.spamhaus.org" {
-		t.Error(`outgoing.dnsbl_domain != "zen.spamhaus.org"`)
-	}
 }
 
 func TestConfigFail(t *testing.T) {

go.mod

@@ -1,10 +1,44 @@
 module github.com/cybozu-go/usocksd
 
 require (
-	github.com/BurntSushi/toml v0.3.1
-	github.com/cybozu-go/log v1.6.0
-	github.com/cybozu-go/netutil v1.2.0
-	github.com/cybozu-go/well v1.10.0
+	github.com/BurntSushi/toml v1.1.0
+	github.com/cybozu-go/log v1.6.1
+	github.com/cybozu-go/netutil v1.4.2
+	github.com/cybozu-go/well v1.11.0
+	github.com/google/go-cmp v0.5.8
+	github.com/prometheus/client_golang v1.12.2
 )
 
-go 1.13
+require (
+	github.com/beorn7/perks v1.0.1 // indirect
+	github.com/cespare/xxhash/v2 v2.1.2 // indirect
+	github.com/fsnotify/fsnotify v1.5.4 // indirect
+	github.com/golang/protobuf v1.5.2 // indirect
+	github.com/hashicorp/hcl v1.0.0 // indirect
+	github.com/magiconair/properties v1.8.6 // indirect
+	github.com/matttproud/golang_protobuf_extensions v1.0.1 // indirect
+	github.com/mitchellh/mapstructure v1.5.0 // indirect
+	github.com/onsi/gomega v1.19.0 // indirect
+	github.com/pelletier/go-toml v1.9.5 // indirect
+	github.com/pelletier/go-toml/v2 v2.0.2 // indirect
+	github.com/prometheus/client_model v0.2.0 // indirect
+	github.com/prometheus/common v0.32.1 // indirect
+	github.com/prometheus/procfs v0.7.3 // indirect
+	github.com/spf13/afero v1.8.2 // indirect
+	github.com/spf13/cast v1.5.0 // indirect
+	github.com/spf13/jwalterweatherman v1.1.0 // indirect
+	github.com/spf13/pflag v1.0.5 // indirect
+	github.com/spf13/viper v1.12.0 // indirect
+	github.com/subosito/gotenv v1.4.0 // indirect
+	github.com/vishvananda/netlink v1.1.0 // indirect
+	github.com/vishvananda/netns v0.0.0-20211101163701-50045581ed74 // indirect
+	golang.org/x/net v0.0.0-20220706163947-c90051bbdb60 // indirect
+	golang.org/x/sys v0.0.0-20220704084225-05e143d24a9e // indirect
+	golang.org/x/text v0.3.7 // indirect
+	google.golang.org/protobuf v1.28.0 // indirect
+	gopkg.in/ini.v1 v1.66.6 // indirect
+	gopkg.in/yaml.v2 v2.4.0 // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
+)
+
+go 1.19