kato/warpbox-dev
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
1ab5021667dd11c4ea1cc22a06505c197420775a
warpbox-dev/backend/libs/httpserver/server.go
Daniel Legt 1ab5021667
All checks were successful
Build and Publish Docker Image / deploy (push) Successful in 1m40s
Details
feat(config): support large uploads with read header timeout 
Disable default read and write timeouts (set to 0s) to prevent Go from
prematurely closing connections during large multi-GB uploads.

Introduce `WARPBOX_READ_HEADER_TIMEOUT` (defaulting to 15s) to protect
against slowloris-style attacks while still allowing long-running
uploads to complete. Update documentation and example configurations
accordingly.
2026-06-01 15:23:28 +03:00

73 lines
2.0 KiB
Go
Raw Blame History

package httpserver
import (
"log/slog"
"net/http"
"warpbox.dev/backend/libs/config"
"warpbox.dev/backend/libs/handlers"
"warpbox.dev/backend/libs/jobs"
"warpbox.dev/backend/libs/middleware"
"warpbox.dev/backend/libs/services"
"warpbox.dev/backend/libs/web"
)
func New(cfg config.Config, logger *slog.Logger) (*http.Server, error) {
renderer, err := web.NewRenderer(cfg.TemplateDir, cfg.AppName, cfg.AppVersion, cfg.BaseURL)
if err != nil {
return nil, err
}
uploadService, err := services.NewUploadService(cfg.MaxUploadSize, cfg.DataDir, cfg.BaseURL, logger)
if err != nil {
return nil, err
}
authService, err := services.NewAuthService(uploadService.DB(), cfg.BaseURL)
if err != nil {
uploadService.Close()
return nil, err
}
settingsService, err := services.NewSettingsService(uploadService.DB(), cfg.DefaultSettings)
if err != nil {
uploadService.Close()
return nil, err
}
banService, err := services.NewBanService(uploadService.DB())
if err != nil {
uploadService.Close()
return nil, err
}
stopJobs := jobs.StartAll(cfg, logger, uploadService, banService)
app := handlers.NewApp(cfg, logger, renderer, uploadService, authService, settingsService, banService)
router := http.NewServeMux()
app.RegisterRoutes(router)
handler := middleware.Chain(
router,
middleware.Recoverer(logger),
middleware.RequestID,
middleware.SecurityHeaders,
middleware.Gzip,
middleware.ClientIP(cfg.TrustedProxies),
middleware.Bans(logger, banService, cfg.TrustedProxies),
)
server := &http.Server{
Addr: cfg.Addr,
Handler: handler,
ReadHeaderTimeout: cfg.ReadHeaderTimeout,
ReadTimeout: cfg.ReadTimeout,
WriteTimeout: cfg.WriteTimeout,
IdleTimeout: cfg.IdleTimeout,
}
server.RegisterOnShutdown(func() {
stopJobs()
if err := uploadService.Close(); err != nil {
logger.Error("failed to close upload service", "source", "shutdown", "severity", "error", "error", err.Error())
}
})
return server, nil
}
Reference in New Issue View Git Blame Copy Permalink