mirror of
https://github.com/0xJacky/nginx-ui.git
synced 2025-05-12 10:55:51 +02:00
585 lines
16 KiB
Go
585 lines
16 KiB
Go
package cache
|
|
|
|
import (
|
|
"os"
|
|
"path/filepath"
|
|
"regexp"
|
|
"strings"
|
|
"sync"
|
|
"time"
|
|
|
|
"github.com/0xJacky/Nginx-UI/internal/helper"
|
|
"github.com/0xJacky/Nginx-UI/internal/nginx"
|
|
"github.com/0xJacky/Nginx-UI/settings"
|
|
"github.com/fsnotify/fsnotify"
|
|
"github.com/uozi-tech/cosy/logger"
|
|
)
|
|
|
|
// NginxLogCache represents a cached log entry from nginx configuration
|
|
type NginxLogCache struct {
|
|
Path string `json:"path"` // Path to the log file
|
|
Type string `json:"type"` // Type of log: "access" or "error"
|
|
Name string `json:"name"` // Name of the log file
|
|
}
|
|
|
|
// NginxLogScanner is responsible for scanning and watching nginx config files for log directives
|
|
type NginxLogScanner struct {
|
|
logCache map[string]*NginxLogCache // Map of log path to cache entry
|
|
cacheMutex sync.RWMutex // Mutex for protecting the cache
|
|
watcher *fsnotify.Watcher // File system watcher
|
|
scanTicker *time.Ticker // Ticker for periodic scanning
|
|
initialized bool // Whether the scanner has been initialized
|
|
scanning bool // Whether a scan is currently in progress
|
|
scanMutex sync.RWMutex // Mutex for protecting the scanning state
|
|
statusChan chan bool // Channel to broadcast scanning status changes
|
|
subscribers map[chan bool]struct{} // Set of subscribers
|
|
subscriberMux sync.RWMutex // Mutex for protecting the subscribers map
|
|
}
|
|
|
|
// Add regex constants at package level
|
|
var (
|
|
// logScanner is the singleton instance of NginxLogScanner
|
|
logScanner *NginxLogScanner
|
|
scannerInitMux sync.Mutex
|
|
)
|
|
|
|
// Compile the regular expressions for matching log directives
|
|
var (
|
|
// This regex matches: access_log or error_log, followed by a path, and optional parameters ending with semicolon
|
|
logDirectiveRegex = regexp.MustCompile(`(?m)(access_log|error_log)\s+([^\s;]+)(?:\s+[^;]+)?;`)
|
|
)
|
|
|
|
// InitNginxLogScanner initializes the nginx log scanner
|
|
func InitNginxLogScanner() {
|
|
scanner := GetNginxLogScanner()
|
|
err := scanner.Initialize()
|
|
if err != nil {
|
|
logger.Error("Failed to initialize nginx log scanner:", err)
|
|
}
|
|
}
|
|
|
|
// GetNginxLogScanner returns the singleton instance of NginxLogScanner
|
|
func GetNginxLogScanner() *NginxLogScanner {
|
|
scannerInitMux.Lock()
|
|
defer scannerInitMux.Unlock()
|
|
|
|
if logScanner == nil {
|
|
logScanner = &NginxLogScanner{
|
|
logCache: make(map[string]*NginxLogCache),
|
|
statusChan: make(chan bool, 10), // Buffer to prevent blocking
|
|
subscribers: make(map[chan bool]struct{}),
|
|
}
|
|
|
|
// Start broadcaster goroutine
|
|
go logScanner.broadcastStatus()
|
|
}
|
|
return logScanner
|
|
}
|
|
|
|
// broadcastStatus listens for status changes and broadcasts to all subscribers
|
|
func (s *NginxLogScanner) broadcastStatus() {
|
|
for status := range s.statusChan {
|
|
s.subscriberMux.RLock()
|
|
for ch := range s.subscribers {
|
|
// Non-blocking send to prevent slow subscribers from blocking others
|
|
select {
|
|
case ch <- status:
|
|
default:
|
|
// Skip if channel buffer is full
|
|
}
|
|
}
|
|
s.subscriberMux.RUnlock()
|
|
}
|
|
}
|
|
|
|
// SubscribeStatusChanges allows a client to subscribe to scanning status changes
|
|
func SubscribeStatusChanges() chan bool {
|
|
s := GetNginxLogScanner()
|
|
ch := make(chan bool, 5) // Buffer to prevent blocking
|
|
|
|
// Add to subscribers
|
|
s.subscriberMux.Lock()
|
|
s.subscribers[ch] = struct{}{}
|
|
s.subscriberMux.Unlock()
|
|
|
|
// Send current status immediately
|
|
s.scanMutex.RLock()
|
|
currentStatus := s.scanning
|
|
s.scanMutex.RUnlock()
|
|
|
|
// Non-blocking send
|
|
select {
|
|
case ch <- currentStatus:
|
|
default:
|
|
}
|
|
|
|
return ch
|
|
}
|
|
|
|
// UnsubscribeStatusChanges removes a subscriber from receiving status updates
|
|
func UnsubscribeStatusChanges(ch chan bool) {
|
|
s := GetNginxLogScanner()
|
|
|
|
s.subscriberMux.Lock()
|
|
delete(s.subscribers, ch)
|
|
s.subscriberMux.Unlock()
|
|
|
|
// Close the channel so the client knows it's unsubscribed
|
|
close(ch)
|
|
}
|
|
|
|
// Initialize sets up the log scanner and starts watching for file changes
|
|
func (s *NginxLogScanner) Initialize() error {
|
|
if s.initialized {
|
|
return nil
|
|
}
|
|
|
|
// Create a new watcher
|
|
watcher, err := fsnotify.NewWatcher()
|
|
if err != nil {
|
|
return err
|
|
}
|
|
s.watcher = watcher
|
|
|
|
// Scan for the first time
|
|
err = s.ScanAllConfigs()
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
// Setup watcher for config directory
|
|
configDir := filepath.Dir(nginx.GetConfPath("", ""))
|
|
availableDir := nginx.GetConfPath("sites-available", "")
|
|
enabledDir := nginx.GetConfPath("sites-enabled", "")
|
|
streamAvailableDir := nginx.GetConfPath("stream-available", "")
|
|
streamEnabledDir := nginx.GetConfPath("stream-enabled", "")
|
|
|
|
// Watch the main directories
|
|
err = s.watcher.Add(configDir)
|
|
if err != nil {
|
|
logger.Error("Failed to watch config directory:", err)
|
|
}
|
|
|
|
// Watch sites-available and sites-enabled if they exist
|
|
if _, err := os.Stat(availableDir); err == nil {
|
|
err = s.watcher.Add(availableDir)
|
|
if err != nil {
|
|
logger.Error("Failed to watch sites-available directory:", err)
|
|
}
|
|
}
|
|
|
|
if _, err := os.Stat(enabledDir); err == nil {
|
|
err = s.watcher.Add(enabledDir)
|
|
if err != nil {
|
|
logger.Error("Failed to watch sites-enabled directory:", err)
|
|
}
|
|
}
|
|
|
|
// Watch stream-available and stream-enabled if they exist
|
|
if _, err := os.Stat(streamAvailableDir); err == nil {
|
|
err = s.watcher.Add(streamAvailableDir)
|
|
if err != nil {
|
|
logger.Error("Failed to watch stream-available directory:", err)
|
|
}
|
|
}
|
|
|
|
if _, err := os.Stat(streamEnabledDir); err == nil {
|
|
err = s.watcher.Add(streamEnabledDir)
|
|
if err != nil {
|
|
logger.Error("Failed to watch stream-enabled directory:", err)
|
|
}
|
|
}
|
|
|
|
// Start the watcher goroutine
|
|
go s.watchForChanges()
|
|
|
|
// Setup a ticker for periodic scanning (every 5 minutes)
|
|
s.scanTicker = time.NewTicker(5 * time.Minute)
|
|
go func() {
|
|
for range s.scanTicker.C {
|
|
err := s.ScanAllConfigs()
|
|
if err != nil {
|
|
logger.Error("Periodic config scan failed:", err)
|
|
}
|
|
}
|
|
}()
|
|
|
|
s.initialized = true
|
|
return nil
|
|
}
|
|
|
|
// watchForChanges handles the fsnotify events and triggers rescans when necessary
|
|
func (s *NginxLogScanner) watchForChanges() {
|
|
for {
|
|
select {
|
|
case event, ok := <-s.watcher.Events:
|
|
if !ok {
|
|
return
|
|
}
|
|
|
|
// Check if this is a relevant event (create, write, rename, remove)
|
|
if event.Has(fsnotify.Create) || event.Has(fsnotify.Write) ||
|
|
event.Has(fsnotify.Rename) || event.Has(fsnotify.Remove) {
|
|
// If it's a directory, add it to the watch list
|
|
if event.Has(fsnotify.Create) {
|
|
fi, err := os.Stat(event.Name)
|
|
if err == nil && fi.IsDir() {
|
|
_ = s.watcher.Add(event.Name)
|
|
}
|
|
}
|
|
|
|
// Process file changes - no .conf restriction anymore
|
|
if !event.Has(fsnotify.Remove) {
|
|
logger.Debug("Config file changed:", event.Name)
|
|
// Give the system a moment to finish writing the file
|
|
time.Sleep(100 * time.Millisecond)
|
|
// Only scan the changed file instead of all configs
|
|
err := s.scanSingleFile(event.Name)
|
|
if err != nil {
|
|
logger.Error("Failed to scan changed file:", err)
|
|
}
|
|
} else {
|
|
// For removed files, we need to clean up any log entries that came from this file
|
|
// This would require tracking which logs came from which config files
|
|
// For now, we'll do a full rescan which is simpler but less efficient
|
|
err := s.ScanAllConfigs()
|
|
if err != nil {
|
|
logger.Error("Failed to rescan configs after file removal:", err)
|
|
}
|
|
}
|
|
}
|
|
case err, ok := <-s.watcher.Errors:
|
|
if !ok {
|
|
return
|
|
}
|
|
logger.Error("Watcher error:", err)
|
|
}
|
|
}
|
|
}
|
|
|
|
// scanSingleFile scans a single file and updates the log cache accordingly
|
|
func (s *NginxLogScanner) scanSingleFile(filePath string) error {
|
|
// Set scanning state to true
|
|
s.scanMutex.Lock()
|
|
wasScanning := s.scanning
|
|
s.scanning = true
|
|
if !wasScanning {
|
|
// Only broadcast if status changed from not scanning to scanning
|
|
s.statusChan <- true
|
|
}
|
|
s.scanMutex.Unlock()
|
|
|
|
// Ensure we reset scanning state when done
|
|
defer func() {
|
|
s.scanMutex.Lock()
|
|
s.scanning = false
|
|
// Broadcast the completion
|
|
s.statusChan <- false
|
|
s.scanMutex.Unlock()
|
|
}()
|
|
|
|
// Create a temporary cache for new entries from this file
|
|
newEntries := make(map[string]*NginxLogCache)
|
|
|
|
// Scan the file
|
|
err := s.scanConfigFile(filePath, newEntries)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
// Update the main cache with new entries
|
|
s.cacheMutex.Lock()
|
|
for path, entry := range newEntries {
|
|
s.logCache[path] = entry
|
|
}
|
|
s.cacheMutex.Unlock()
|
|
|
|
return nil
|
|
}
|
|
|
|
// ScanAllConfigs scans all nginx config files for log directives
|
|
func (s *NginxLogScanner) ScanAllConfigs() error {
|
|
// Set scanning state to true
|
|
s.scanMutex.Lock()
|
|
wasScanning := s.scanning
|
|
s.scanning = true
|
|
if !wasScanning {
|
|
// Only broadcast if status changed from not scanning to scanning
|
|
s.statusChan <- true
|
|
}
|
|
s.scanMutex.Unlock()
|
|
|
|
// Ensure we reset scanning state when done
|
|
defer func() {
|
|
s.scanMutex.Lock()
|
|
s.scanning = false
|
|
// Broadcast the completion
|
|
s.statusChan <- false
|
|
s.scanMutex.Unlock()
|
|
}()
|
|
|
|
// Initialize a new cache to replace the old one
|
|
newCache := make(map[string]*NginxLogCache)
|
|
|
|
// Get the main config file
|
|
mainConfigPath := nginx.GetConfPath("", "nginx.conf")
|
|
err := s.scanConfigFile(mainConfigPath, newCache)
|
|
if err != nil {
|
|
logger.Error("Failed to scan main config:", err)
|
|
}
|
|
|
|
// Scan sites-available directory - no .conf restriction anymore
|
|
sitesAvailablePath := nginx.GetConfPath("sites-available", "")
|
|
sitesAvailableFiles, err := os.ReadDir(sitesAvailablePath)
|
|
if err == nil {
|
|
for _, file := range sitesAvailableFiles {
|
|
if !file.IsDir() {
|
|
configPath := filepath.Join(sitesAvailablePath, file.Name())
|
|
err := s.scanConfigFile(configPath, newCache)
|
|
if err != nil {
|
|
logger.Error("Failed to scan config:", configPath, err)
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
// Scan stream-available directory if it exists
|
|
streamAvailablePath := nginx.GetConfPath("stream-available", "")
|
|
streamAvailableFiles, err := os.ReadDir(streamAvailablePath)
|
|
if err == nil {
|
|
for _, file := range streamAvailableFiles {
|
|
if !file.IsDir() {
|
|
configPath := filepath.Join(streamAvailablePath, file.Name())
|
|
err := s.scanConfigFile(configPath, newCache)
|
|
if err != nil {
|
|
logger.Error("Failed to scan stream config:", configPath, err)
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
// Replace the old cache with the new one
|
|
s.cacheMutex.Lock()
|
|
s.logCache = newCache
|
|
s.cacheMutex.Unlock()
|
|
|
|
return nil
|
|
}
|
|
|
|
// scanConfigFile scans a single config file for log directives using regex
|
|
func (s *NginxLogScanner) scanConfigFile(configPath string, cache map[string]*NginxLogCache) error {
|
|
// Open the file
|
|
file, err := os.Open(configPath)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
defer file.Close()
|
|
|
|
// Read the entire file content
|
|
content, err := os.ReadFile(configPath)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
// Find all matches of log directives
|
|
matches := logDirectiveRegex.FindAllSubmatch(content, -1)
|
|
for _, match := range matches {
|
|
if len(match) >= 3 {
|
|
directiveType := string(match[1]) // "access_log" or "error_log"
|
|
logPath := string(match[2]) // The log file path
|
|
|
|
// Validate the log path
|
|
if isValidLogPath(logPath) {
|
|
logType := "access"
|
|
if directiveType == "error_log" {
|
|
logType = "error"
|
|
}
|
|
|
|
cache[logPath] = &NginxLogCache{
|
|
Path: logPath,
|
|
Type: logType,
|
|
Name: filepath.Base(logPath),
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
// Look for include directives to process included files
|
|
includeRegex := regexp.MustCompile(`include\s+([^;]+);`)
|
|
includeMatches := includeRegex.FindAllSubmatch(content, -1)
|
|
|
|
for _, match := range includeMatches {
|
|
if len(match) >= 2 {
|
|
includePath := string(match[1])
|
|
// Handle glob patterns in include directives
|
|
if strings.Contains(includePath, "*") {
|
|
// If it's a relative path, make it absolute based on nginx config dir
|
|
if !filepath.IsAbs(includePath) {
|
|
configDir := filepath.Dir(nginx.GetConfPath("", ""))
|
|
includePath = filepath.Join(configDir, includePath)
|
|
}
|
|
|
|
// Expand the glob pattern
|
|
matchedFiles, err := filepath.Glob(includePath)
|
|
if err != nil {
|
|
logger.Error("Error expanding glob pattern:", includePath, err)
|
|
continue
|
|
}
|
|
|
|
// Process each matched file
|
|
for _, matchedFile := range matchedFiles {
|
|
fileInfo, err := os.Stat(matchedFile)
|
|
if err == nil && !fileInfo.IsDir() {
|
|
err = s.scanConfigFile(matchedFile, cache)
|
|
if err != nil {
|
|
logger.Error("Failed to scan included file:", matchedFile, err)
|
|
}
|
|
}
|
|
}
|
|
} else {
|
|
// Handle single file include
|
|
// If it's a relative path, make it absolute based on nginx config dir
|
|
if !filepath.IsAbs(includePath) {
|
|
configDir := filepath.Dir(nginx.GetConfPath("", ""))
|
|
includePath = filepath.Join(configDir, includePath)
|
|
}
|
|
|
|
fileInfo, err := os.Stat(includePath)
|
|
if err == nil && !fileInfo.IsDir() {
|
|
err = s.scanConfigFile(includePath, cache)
|
|
if err != nil {
|
|
logger.Error("Failed to scan included file:", includePath, err)
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
// isLogPathUnderWhiteList checks if the log path is under one of the paths in LogDirWhiteList
|
|
// This is a duplicate of the function in nginx_log package to avoid import cycle
|
|
func isLogPathUnderWhiteList(path string) bool {
|
|
// deep copy
|
|
logDirWhiteList := append([]string{}, settings.NginxSettings.LogDirWhiteList...)
|
|
|
|
accessLogPath := nginx.GetAccessLogPath()
|
|
errorLogPath := nginx.GetErrorLogPath()
|
|
|
|
if accessLogPath != "" {
|
|
logDirWhiteList = append(logDirWhiteList, filepath.Dir(accessLogPath))
|
|
}
|
|
if errorLogPath != "" {
|
|
logDirWhiteList = append(logDirWhiteList, filepath.Dir(errorLogPath))
|
|
}
|
|
|
|
for _, whitePath := range logDirWhiteList {
|
|
if helper.IsUnderDirectory(path, whitePath) {
|
|
return true
|
|
}
|
|
}
|
|
return false
|
|
}
|
|
|
|
// isValidLogPath checks if a log path is valid:
|
|
// 1. It must be a regular file or a symlink to a regular file
|
|
// 2. It must not point to a console or special device
|
|
// 3. It must be under the whitelist directories
|
|
func isValidLogPath(logPath string) bool {
|
|
// First check if the path is under the whitelist
|
|
if !isLogPathUnderWhiteList(logPath) {
|
|
logger.Warn("Log path is not under whitelist:", logPath)
|
|
return false
|
|
}
|
|
|
|
// Check if the path exists
|
|
fileInfo, err := os.Lstat(logPath)
|
|
if err != nil {
|
|
// If file doesn't exist, it might be created later
|
|
// We'll assume it's valid for now
|
|
return true
|
|
}
|
|
|
|
// If it's a symlink, follow it
|
|
if fileInfo.Mode()&os.ModeSymlink != 0 {
|
|
linkTarget, err := os.Readlink(logPath)
|
|
if err != nil {
|
|
return false
|
|
}
|
|
|
|
// Make absolute path if the link target is relative
|
|
if !filepath.IsAbs(linkTarget) {
|
|
linkTarget = filepath.Join(filepath.Dir(logPath), linkTarget)
|
|
}
|
|
|
|
// Check the target file
|
|
targetInfo, err := os.Stat(linkTarget)
|
|
if err != nil {
|
|
return false
|
|
}
|
|
|
|
// Only accept regular files as targets
|
|
return targetInfo.Mode().IsRegular()
|
|
}
|
|
|
|
// For non-symlinks, just check if it's a regular file
|
|
return fileInfo.Mode().IsRegular()
|
|
}
|
|
|
|
// Shutdown cleans up resources used by the scanner
|
|
func (s *NginxLogScanner) Shutdown() {
|
|
if s.watcher != nil {
|
|
s.watcher.Close()
|
|
}
|
|
|
|
if s.scanTicker != nil {
|
|
s.scanTicker.Stop()
|
|
}
|
|
|
|
// Clean up subscriber resources
|
|
s.subscriberMux.Lock()
|
|
// Close all subscriber channels
|
|
for ch := range s.subscribers {
|
|
close(ch)
|
|
}
|
|
// Clear the map
|
|
s.subscribers = make(map[chan bool]struct{})
|
|
s.subscriberMux.Unlock()
|
|
|
|
// Close the status channel
|
|
close(s.statusChan)
|
|
}
|
|
|
|
// GetAllLogPaths returns all cached log paths
|
|
func GetAllLogPaths(filters ...func(*NginxLogCache) bool) []*NginxLogCache {
|
|
s := GetNginxLogScanner()
|
|
s.cacheMutex.RLock()
|
|
defer s.cacheMutex.RUnlock()
|
|
|
|
result := make([]*NginxLogCache, 0, len(s.logCache))
|
|
for _, cache := range s.logCache {
|
|
flag := true
|
|
if len(filters) > 0 {
|
|
for _, filter := range filters {
|
|
if !filter(cache) {
|
|
flag = false
|
|
break
|
|
}
|
|
}
|
|
}
|
|
if flag {
|
|
result = append(result, cache)
|
|
}
|
|
}
|
|
|
|
return result
|
|
}
|
|
|
|
// IsScanning returns whether a scan is currently in progress
|
|
func IsScanning() bool {
|
|
s := GetNginxLogScanner()
|
|
s.scanMutex.RLock()
|
|
defer s.scanMutex.RUnlock()
|
|
return s.scanning
|
|
}
|