Top Level Namespace

Defined Under Namespace

Modules: Falcon, Rack

Instance Method Summary collapse

Instance Method Details

#applicationObject

A general application environment. Suitable for use with any Protocol::HTTP::Middleware.

[View source]

33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
# File 'lib/falcon/environments/application.rb', line 33

environment(:application) do
	# The middleware stack for the application.
	# @attribute [Protocol::HTTP::Middleware]
	middleware do
		::Protocol::HTTP::Middleware::HelloWorld
	end
	
	# The scheme to use to communicate with the application.
	# @attribute [String]
	scheme 'https'
	
	# The protocol to use to communicate with the application.
	#
	# Typically one of {Async::HTTP::Protocol::HTTP1} or {Async::HTTP::Protocl::HTTP2}.
	#
	# @attribute [Async::HTTP::Protocol]
	protocol {Async::HTTP::Protocol::HTTP2}
	
	# The IPC path to use for communication with the application.
	# @attribute [String]
	ipc_path {::File.expand_path("application.ipc", root)}
	
	# The endpoint that will be used for communicating with the application server.
	# @attribute [Async::IO::Endpoint]
	endpoint do
		::Falcon::ProxyEndpoint.unix(ipc_path,
			protocol: protocol,
			scheme: scheme,
			authority: authority
		)
	end
	
	# The service class to use for the application.
	# @attribute [Class]
	service ::Falcon::Service::Application
	
	# Number of instances to start.
	# @attribute [Integer | nil]
	count nil
end

#lets_encrypt_tlsObject

A Lets Encrypt SSL context environment.

Derived from #tls.

[View source]

31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
# File 'lib/falcon/environments/lets_encrypt_tls.rb', line 31

environment(:lets_encrypt_tls, :tls) do
	# The Lets Encrypt certificate store path.
	# @parameter [String]
	lets_encrypt_root '/etc/letsencrypt/live'
	
	# The public certificate path.
	# @attribute [String]
	ssl_certificate_path do
		File.join(lets_encrypt_root, authority, "fullchain.pem")
	end
	
	# The private key path.
	# @attribute [String]
	ssl_private_key_path do
		File.join(lets_encrypt_root, authority, "privkey.pem")
	end
end

#proxyObject

A HTTP proxy environment.

Derived from #application.

[View source]

29
30
31
32
33
34
35
36
37
# File 'lib/falcon/environments/proxy.rb', line 29

environment(:proxy) do
	# The upstream endpoint that will handle incoming requests.
	# @attribute [Async::HTTP::Endpoint]
	endpoint {::Async::HTTP::Endpoint.parse(url)}
	
	# The service class to use for the proxy.
	# @attribute [Class]
	service ::Falcon::Service::Proxy
end

#rackObject

A rack application environment.

Derived from #application.

[View source]

31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
# File 'lib/falcon/environments/rack.rb', line 31

environment(:rack, :application) do
	# The rack configuration path.
	# @attribute [String]
	config_path {::File.expand_path("config.ru", root)}
	
	# Whether to enable the application layer cache.
	# @attribute [String]
	cache false
	
	# The middleware stack for the rack application.
	# @attribute [Protocol::HTTP::Middleware]
	middleware do
		app, _ = ::Rack::Builder.parse_file(config_path)
		
		::Falcon::Server.middleware(app,
			verbose: verbose,
			cache: cache
		)
	end
end

#self_signed_tlsObject

A self-signed SSL context environment.

[View source]

29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
# File 'lib/falcon/environments/self_signed_tls.rb', line 29

environment(:self_signed_tls) do
	# The default session identifier for the session cache.
	# @attribute [String]
	ssl_session_id {"falcon"}
	
	# The SSL context to use for incoming connections.
	# @attribute [OpenSSL::SSL::SSLContext]
	ssl_context do
		contexts = Localhost::Authority.fetch(authority)
		
		contexts.server_context.tap do |context|
			context.alpn_select_cb = lambda do |protocols|
				if protocols.include? "h2"
					return "h2"
				elsif protocols.include? "http/1.1"
					return "http/1.1"
				elsif protocols.include? "http/1.0"
					return "http/1.0"
				else
					return nil
				end
			end
			
			context.session_id_context = ssl_session_id
		end
	end
end

#supervisorObject

A application process monitor environment.

[View source]

29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
# File 'lib/falcon/environments/supervisor.rb', line 29

environment(:supervisor) do
	# The name of the supervisor
	# @attribute [String]
	name "supervisor"
	
	# The IPC path to use for communication with the supervisor.
	# @attribute [String]
	ipc_path do
		::File.expand_path("supervisor.ipc", root)
	end
	
	# The endpoint the supervisor will bind to.
	# @attribute [Async::IO::Endpoint]
	endpoint do
		Async::IO::Endpoint.unix(ipc_path)
	end
	
	# The service class to use for the supervisor.
	# @attribute [Class]
	service do
		::Falcon::Service::Supervisor
	end
end

#tlsObject

A general SSL context environment.

[View source]

31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
# File 'lib/falcon/environments/tls.rb', line 31

environment(:tls) do
	# The default session identifier for the session cache.
	# @attribute [String]
	ssl_session_id "falcon"
	
	# The supported ciphers.
	# @attribute [Array(String)]
	ssl_ciphers Falcon::TLS::SERVER_CIPHERS
	
	# The public certificate path.
	# @attribute [String]
	ssl_certificate_path do
		File.expand_path("ssl/certificate.pem", root)
	end
	
	# The list of certificates loaded from that path.
	# @attribute [Array(OpenSSL::X509::Certificate)]
	ssl_certificates do
		OpenSSL::X509.load_certificates(ssl_certificate_path)
	end
	
	# The main certificate.
	# @attribute [OpenSSL::X509::Certificate]
	ssl_certificate {ssl_certificates[0]}
	
	# The certificate chain.
	# @attribute [Array(OpenSSL::X509::Certificate)]
	ssl_certificate_chain {ssl_certificates[1..-1]}
	
	# The private key path.
	# @attribute [String]
	ssl_private_key_path do
		File.expand_path("ssl/private.key", root)
	end
	
	# The private key.
	# @attribute [OpenSSL::PKey::RSA]
	ssl_private_key do
		OpenSSL::PKey::RSA.new(File.read(ssl_private_key_path))
	end
	
	# The SSL context to use for incoming connections.
	# @attribute [OpenSSL::SSL::SSLContext]
	ssl_context do
		OpenSSL::SSL::SSLContext.new.tap do |context|
			context.add_certificate(ssl_certificate, ssl_private_key, ssl_certificate_chain)
			
			context.session_cache_mode = OpenSSL::SSL::SSLContext::SESSION_CACHE_CLIENT
			context.session_id_context = ssl_session_id
			
			context.alpn_select_cb = lambda do |protocols|
				if protocols.include? "h2"
					return "h2"
				elsif protocols.include? "http/1.1"
					return "http/1.1"
				elsif protocols.include? "http/1.0"
					return "http/1.0"
				else
					return nil
				end
			end
			
			# TODO Ruby 2.4 requires using ssl_version.
			context.ssl_version = :TLSv1_2_server
			
			context.set_params(
				ciphers: ssl_ciphers,
				verify_mode: OpenSSL::SSL::VERIFY_NONE,
			)
			
			context.setup
		end
	end
end