Top Level Namespace

Defined Under Namespace

Modules: Falcon, Rack

Instance Method Summary collapse

Instance Method Details

#applicationObject

A general application environment. Suitable for use with any Protocol::HTTP::Middleware.



33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
 
# File 'lib/falcon/environments/application.rb', line 33

environment(:application) do
	# The middleware stack for the application.
	# @attribute [Protocol::HTTP::Middleware]
	middleware do
		::Protocol::HTTP::Middleware::HelloWorld
	end
	
	# The scheme to use to communicate with the application.
	# @attribute [String]
	scheme 'https'
	
	# The protocol to use to communicate with the application.
	#
	# Typically one of {Async::HTTP::Protocol::HTTP1} or {Async::HTTP::Protocl::HTTP2}.
	#
	# @attribute [Async::HTTP::Protocol]
	protocol {Async::HTTP::Protocol::HTTP2}
	
	# The IPC path to use for communication with the application.
	# @attribute [String]
	ipc_path {::File.expand_path("application.ipc", root)}
	
	# The endpoint that will be used for communicating with the application server.
	# @attribute [Async::IO::Endpoint]
	endpoint do
		::Falcon::ProxyEndpoint.unix(ipc_path,
			protocol: protocol,
			scheme: scheme,
			authority: authority
		)
	end
	
	# The service class to use for the application.
	# @attribute [Class]
	service ::Falcon::Service::Application
	
	# Number of instances to start.
	# @attribute [Integer | nil]
	count nil
end

#lets_encrypt_tlsObject

A Lets Encrypt SSL context environment.

Derived from #tls.



31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
 
# File 'lib/falcon/environments/lets_encrypt_tls.rb', line 31

environment(:lets_encrypt_tls, :tls) do
	# The Lets Encrypt certificate store path.
	# @parameter [String]
	lets_encrypt_root '/etc/letsencrypt/live'
	
	# The public certificate path.
	# @attribute [String]
	ssl_certificate_path do
		File.join(lets_encrypt_root, authority, "fullchain.pem")
	end
	
	# The private key path.
	# @attribute [String]
	ssl_private_key_path do
		File.join(lets_encrypt_root, authority, "privkey.pem")
	end
end

#proxyObject

A HTTP proxy environment.

Derived from #application.



29
30
31
32
33
34
35
36
37
 
# File 'lib/falcon/environments/proxy.rb', line 29

environment(:proxy) do
	# The upstream endpoint that will handle incoming requests.
	# @attribute [Async::HTTP::Endpoint]
	endpoint {::Async::HTTP::Endpoint.parse(url)}
	
	# The service class to use for the proxy.
	# @attribute [Class]
	service ::Falcon::Service::Proxy
end

#rackObject

A rack application environment.

Derived from #application.



31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
 
# File 'lib/falcon/environments/rack.rb', line 31

environment(:rack, :application) do
	# The rack configuration path.
	# @attribute [String]
	config_path {::File.expand_path("config.ru", root)}
	
	# Whether to enable the application layer cache.
	# @attribute [String]
	cache false
	
	# The middleware stack for the rack application.
	# @attribute [Protocol::HTTP::Middleware]
	middleware do
		app, _ = ::Rack::Builder.parse_file(config_path)
		
		::Falcon::Server.middleware(app,
			verbose: verbose,
			cache: cache
		)
	end
end

#self_signed_tlsObject

A self-signed SSL context environment.



29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
 
# File 'lib/falcon/environments/self_signed_tls.rb', line 29

environment(:self_signed_tls) do
	# The default session identifier for the session cache.
	# @attribute [String]
	ssl_session_id {"falcon"}
	
	# The SSL context to use for incoming connections.
	# @attribute [OpenSSL::SSL::SSLContext]
	ssl_context do
		contexts = Localhost::Authority.fetch(authority)
		
		contexts.server_context.tap do |context|
			context.alpn_select_cb = lambda do |protocols|
				if protocols.include? "h2"
					return "h2"
				elsif protocols.include? "http/1.1"
					return "http/1.1"
				elsif protocols.include? "http/1.0"
					return "http/1.0"
				else
					return nil
				end
			end
			
			context.session_id_context = ssl_session_id
		end
	end
end

#supervisorObject

A application process monitor environment.



29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
 
# File 'lib/falcon/environments/supervisor.rb', line 29

environment(:supervisor) do
	# The name of the supervisor
	# @attribute [String]
	name "supervisor"
	
	# The IPC path to use for communication with the supervisor.
	# @attribute [String]
	ipc_path do
		::File.expand_path("supervisor.ipc", root)
	end
	
	# The endpoint the supervisor will bind to.
	# @attribute [Async::IO::Endpoint]
	endpoint do
		Async::IO::Endpoint.unix(ipc_path)
	end
	
	# The service class to use for the supervisor.
	# @attribute [Class]
	service do
		::Falcon::Service::Supervisor
	end
end

#tlsObject

A general SSL context environment.



31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
 
# File 'lib/falcon/environments/tls.rb', line 31

environment(:tls) do
	# The default session identifier for the session cache.
	# @attribute [String]
	ssl_session_id "falcon"
	
	# The supported ciphers.
	# @attribute [Array(String)]
	ssl_ciphers Falcon::TLS::SERVER_CIPHERS
	
	# The public certificate path.
	# @attribute [String]
	ssl_certificate_path do
		File.expand_path("ssl/certificate.pem", root)
	end
	
	# The list of certificates loaded from that path.
	# @attribute [Array(OpenSSL::X509::Certificate)]
	ssl_certificates do
		OpenSSL::X509.load_certificates(ssl_certificate_path)
	end
	
	# The main certificate.
	# @attribute [OpenSSL::X509::Certificate]
	ssl_certificate {ssl_certificates[0]}
	
	# The certificate chain.
	# @attribute [Array(OpenSSL::X509::Certificate)]
	ssl_certificate_chain {ssl_certificates[1..-1]}
	
	# The private key path.
	# @attribute [String]
	ssl_private_key_path do
		File.expand_path("ssl/private.key", root)
	end
	
	# The private key.
	# @attribute [OpenSSL::PKey::RSA]
	ssl_private_key do
		OpenSSL::PKey::RSA.new(File.read(ssl_private_key_path))
	end
	
	# The SSL context to use for incoming connections.
	# @attribute [OpenSSL::SSL::SSLContext]
	ssl_context do
		OpenSSL::SSL::SSLContext.new.tap do |context|
			context.add_certificate(ssl_certificate, ssl_private_key, ssl_certificate_chain)
			
			context.session_cache_mode = OpenSSL::SSL::SSLContext::SESSION_CACHE_CLIENT
			context.session_id_context = ssl_session_id
			
			context.alpn_select_cb = lambda do |protocols|
				if protocols.include? "h2"
					return "h2"
				elsif protocols.include? "http/1.1"
					return "http/1.1"
				elsif protocols.include? "http/1.0"
					return "http/1.0"
				else
					return nil
				end
			end
			
			# TODO Ruby 2.4 requires using ssl_version.
			context.ssl_version = :TLSv1_2_server
			
			context.set_params(
				ciphers: ssl_ciphers,
				verify_mode: OpenSSL::SSL::VERIFY_NONE,
			)
			
			context.setup
		end
	end
end