othman.suseno/atlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

scrub operation + ZFS Pool CRUD
Some checks failed
CI / test-build (push) Failing after 2m14s
Details

Browse Source
This commit is contained in:
othman hendy suseno
2025-12-15 01:19:44 +07:00
parent 9779b30a65
commit abd8cef10a
9 changed files with 1124 additions and 63 deletions
Download Patch File Download Diff File Expand all files Collapse all files

110
internal/httpapp/app.go
View File

@@ -18,6 +18,7 @@ import (
"gitea.avt.data-center.id/othman.suseno/atlas/internal/services"
"gitea.avt.data-center.id/othman.suseno/atlas/internal/snapshot"
"gitea.avt.data-center.id/othman.suseno/atlas/internal/storage"
"gitea.avt.data-center.id/othman.suseno/atlas/internal/tls"
"gitea.avt.data-center.id/othman.suseno/atlas/internal/zfs"
)
@@ -50,6 +51,7 @@ type App struct {
startTime time.Time
backupService *backup.Service
maintenanceService *maintenance.Service
tlsConfig *tls.Config
}
func New(cfg Config) (*App, error) {
@@ -112,27 +114,38 @@ func New(cfg Config) (*App, error) {
return nil, fmt.Errorf("init backup service: %w", err)
}
// Initialize maintenance service
maintenanceService := maintenance.NewService()
// Initialize TLS configuration
tlsConfig := tls.LoadConfig()
if err := tlsConfig.Validate(); err != nil {
return nil, fmt.Errorf("TLS configuration: %w", err)
}
a := &App{
cfg: cfg,
tmpl: tmpl,
mux: http.NewServeMux(),
zfs: zfsService,
snapshotPolicy: policyStore,
jobManager: jobMgr,
scheduler: scheduler,
authService: authService,
userStore: userStore,
auditStore: auditStore,
smbStore: smbStore,
nfsStore: nfsStore,
iscsiStore: iscsiStore,
database: database,
smbService: smbService,
nfsService: nfsService,
iscsiService: iscsiService,
metricsCollector: metricsCollector,
startTime: startTime,
backupService: backupService,
cfg: cfg,
tmpl: tmpl,
mux: http.NewServeMux(),
zfs: zfsService,
snapshotPolicy: policyStore,
jobManager: jobMgr,
scheduler: scheduler,
authService: authService,
userStore: userStore,
auditStore: auditStore,
smbStore: smbStore,
nfsStore: nfsStore,
iscsiStore: iscsiStore,
database: database,
smbService: smbService,
nfsService: nfsService,
iscsiService: iscsiService,
metricsCollector: metricsCollector,
startTime: startTime,
backupService: backupService,
maintenanceService: maintenanceService,
tlsConfig: tlsConfig,
}
// Start snapshot scheduler (runs every 15 minutes)
@@ -144,33 +157,36 @@ func New(cfg Config) (*App, error) {
func (a *App) Router() http.Handler {
// Middleware chain order (outer to inner):
// 1. CORS (handles preflight)
// 2. Compression (gzip)
// 3. Security headers
// 4. Request size limit (10MB)
// 5. Content-Type validation
// 6. Rate limiting
// 7. Caching (for GET requests)
// 8. Error recovery
// 9. Request ID
// 10. Logging
// 11. Audit
// 12. Authentication
// 13. Maintenance mode (blocks operations during maintenance)
// 14. Routes
return a.corsMiddleware(
a.compressionMiddleware(
a.securityHeadersMiddleware(
a.requestSizeMiddleware(10 * 1024 * 1024)(
a.validateContentTypeMiddleware(
a.rateLimitMiddleware(
a.cacheMiddleware(
a.errorMiddleware(
requestID(
logging(
a.auditMiddleware(
a.maintenanceMiddleware(
a.authMiddleware(a.mux),
// 1. HTTPS enforcement (redirect HTTP to HTTPS)
// 2. CORS (handles preflight)
// 3. Compression (gzip)
// 4. Security headers
// 5. Request size limit (10MB)
// 6. Content-Type validation
// 7. Rate limiting
// 8. Caching (for GET requests)
// 9. Error recovery
// 10. Request ID
// 11. Logging
// 12. Audit
// 13. Authentication
// 14. Maintenance mode (blocks operations during maintenance)
// 15. Routes
return a.httpsEnforcementMiddleware(
a.corsMiddleware(
a.compressionMiddleware(
a.securityHeadersMiddleware(
a.requestSizeMiddleware(10 * 1024 * 1024)(
a.validateContentTypeMiddleware(
a.rateLimitMiddleware(
a.cacheMiddleware(
a.errorMiddleware(
requestID(
logging(
a.auditMiddleware(
a.maintenanceMiddleware(
a.authMiddleware(a.mux),
),
),
),
),