api: allow custom unix bind mode and use 0o220 for admin server
This commit is contained in:
parent
8ec6a53b35
commit
7907a09acc
@ -66,7 +66,7 @@ impl AdminApiServer {
|
||||
) -> Result<(), GarageError> {
|
||||
let region = self.garage.config.s3_api.s3_region.clone();
|
||||
ApiServer::new(region, self)
|
||||
.run_server(bind_addr, shutdown_signal)
|
||||
.run_server(bind_addr, Some(0o220), shutdown_signal)
|
||||
.await
|
||||
}
|
||||
|
||||
|
@ -98,6 +98,7 @@ impl<A: ApiHandler> ApiServer<A> {
|
||||
pub async fn run_server(
|
||||
self: Arc<Self>,
|
||||
bind_addr: UnixOrTCPSocketAddress,
|
||||
unix_bind_addr_mode: Option<u32>,
|
||||
shutdown_signal: impl Future<Output = ()>,
|
||||
) -> Result<(), GarageError> {
|
||||
let tcp_service = make_service_fn(|conn: &AddrStream| {
|
||||
@ -146,7 +147,10 @@ impl<A: ApiHandler> ApiServer<A> {
|
||||
|
||||
let bound = Server::bind_unix(path)?;
|
||||
|
||||
fs::set_permissions(path, Permissions::from_mode(0o222))?;
|
||||
fs::set_permissions(
|
||||
path,
|
||||
Permissions::from_mode(unix_bind_addr_mode.unwrap_or(0o222)),
|
||||
)?;
|
||||
|
||||
bound
|
||||
.serve(unix_service)
|
||||
|
@ -42,7 +42,7 @@ impl K2VApiServer {
|
||||
shutdown_signal: impl Future<Output = ()>,
|
||||
) -> Result<(), GarageError> {
|
||||
ApiServer::new(s3_region, K2VApiServer { garage })
|
||||
.run_server(bind_addr, shutdown_signal)
|
||||
.run_server(bind_addr, None, shutdown_signal)
|
||||
.await
|
||||
}
|
||||
}
|
||||
|
@ -49,7 +49,7 @@ impl S3ApiServer {
|
||||
shutdown_signal: impl Future<Output = ()>,
|
||||
) -> Result<(), GarageError> {
|
||||
ApiServer::new(s3_region, S3ApiServer { garage })
|
||||
.run_server(addr, shutdown_signal)
|
||||
.run_server(addr, None, shutdown_signal)
|
||||
.await
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user