diff options
Diffstat (limited to 'hosts/surtr/email/spm/server/Spm')
-rw-r--r-- | hosts/surtr/email/spm/server/Spm/Server.hs | 194 | ||||
-rw-r--r-- | hosts/surtr/email/spm/server/Spm/Server/Database.hs | 72 |
2 files changed, 266 insertions, 0 deletions
diff --git a/hosts/surtr/email/spm/server/Spm/Server.hs b/hosts/surtr/email/spm/server/Spm/Server.hs new file mode 100644 index 00000000..7690f51a --- /dev/null +++ b/hosts/surtr/email/spm/server/Spm/Server.hs | |||
@@ -0,0 +1,194 @@ | |||
1 | {-# LANGUAGE OverloadedStrings, TemplateHaskell #-} | ||
2 | |||
3 | module Spm.Server | ||
4 | ( main | ||
5 | ) where | ||
6 | |||
7 | import Prelude | ||
8 | import Spm.Api | ||
9 | import Servant | ||
10 | import Servant.Server.Experimental.Auth | ||
11 | |||
12 | import Network.Wai | ||
13 | import Network.Wai.Handler.Warp | ||
14 | import Network.Wai.Handler.Warp.Systemd | ||
15 | import Network.Wai.Middleware.RequestLogger | ||
16 | |||
17 | import Network.HTTP.Types | ||
18 | |||
19 | import Data.Text (Text) | ||
20 | import qualified Data.Text as Text | ||
21 | import qualified Data.Text.Encoding as Text | ||
22 | import Data.Attoparsec.Text | ||
23 | |||
24 | import qualified Data.ByteString.Lazy as LBS | ||
25 | |||
26 | import GHC.Generics (Generic) | ||
27 | import Type.Reflection (Typeable) | ||
28 | |||
29 | import Control.Applicative | ||
30 | import Control.Monad | ||
31 | import Control.Arrow | ||
32 | import Control.Monad.IO.Class | ||
33 | import Control.Monad.IO.Unlift | ||
34 | |||
35 | import Control.Lens hiding (Context) | ||
36 | |||
37 | import qualified Data.CaseInsensitive as CI | ||
38 | |||
39 | import System.IO | ||
40 | |||
41 | import Spm.Server.Database | ||
42 | |||
43 | import Database.Persist | ||
44 | import Database.Persist.Postgresql | ||
45 | import Data.Pool | ||
46 | |||
47 | import Control.Monad.Trans.Reader (ReaderT, runReaderT) | ||
48 | |||
49 | import Control.Monad.Logger | ||
50 | |||
51 | import Control.Monad.Morph | ||
52 | |||
53 | import System.Environment | ||
54 | |||
55 | import Control.Monad.Catch (Exception, MonadThrow(..)) | ||
56 | |||
57 | import Data.UUID (UUID) | ||
58 | import qualified Data.UUID as UUID | ||
59 | |||
60 | import qualified Data.Aeson as JSON | ||
61 | |||
62 | import System.FilePath ((</>), isRelative) | ||
63 | |||
64 | import Crypto.JOSE.JWK hiding (Context) | ||
65 | import Crypto.JOSE.JWK.Instances () | ||
66 | |||
67 | import Data.Maybe | ||
68 | |||
69 | |||
70 | hSslClientVerify, hSslClientSDn :: HeaderName | ||
71 | hSslClientVerify = "SSL-Client-Verify" | ||
72 | hSslClientSDn = "SSL-Client-S-DN" | ||
73 | |||
74 | |||
75 | data SSLClientVerify | ||
76 | = SSLClientVerifySuccess | ||
77 | | SSLClientVerifyOther Text | ||
78 | deriving (Eq, Ord, Read, Show, Generic, Typeable) | ||
79 | instance FromHttpApiData SSLClientVerify where | ||
80 | parseUrlPiece = (left Text.pack .) . parseOnly $ p <* endOfInput | ||
81 | where | ||
82 | p :: Parser SSLClientVerify | ||
83 | p = (SSLClientVerifySuccess <$ asciiCI "success") | ||
84 | <|> (SSLClientVerifyOther <$> takeText) | ||
85 | |||
86 | type instance AuthServerData (AuthProtect "spm_mailbox") = MailMailbox | ||
87 | |||
88 | type SpmServerApi = Header' '[Required, Strict] "SPM-Domain" MailDomain | ||
89 | :> AuthProtect "spm_mailbox" | ||
90 | :> SpmApi | ||
91 | |||
92 | spmServerApi :: Proxy SpmServerApi | ||
93 | spmServerApi = Proxy | ||
94 | |||
95 | |||
96 | requestMailMailbox :: Request -> Either Text MailMailbox | ||
97 | requestMailMailbox req = do | ||
98 | clientVerify <- getHeader hSslClientVerify | ||
99 | clientSDN <- getHeader hSslClientSDn | ||
100 | |||
101 | case clientVerify of | ||
102 | SSLClientVerifySuccess -> return () | ||
103 | o@(SSLClientVerifyOther _) -> Left $ "Expected “SSLClientVerifySuccess”, but got “" <> Text.pack (show o) <> "”" | ||
104 | spmMailbox <- left Text.pack $ parseOnly (asciiCI "CN=" *> (CI.mk <$> takeText) <* endOfInput) clientSDN | ||
105 | |||
106 | return $ _Wrapped # spmMailbox | ||
107 | where | ||
108 | getHeader :: forall a. FromHttpApiData a => HeaderName -> Either Text a | ||
109 | getHeader hdrName = parseHeader <=< maybeToEither ("Missing “" <> Text.decodeUtf8 (CI.original hdrName) <> "”") . lookup hdrName $ requestHeaders req | ||
110 | |||
111 | maybeToEither e = maybe (Left e) Right | ||
112 | |||
113 | mailboxAuthHandler :: AuthHandler Request MailMailbox | ||
114 | mailboxAuthHandler = mkAuthHandler handler | ||
115 | where | ||
116 | throw401 msg = throwError $ err401 { errBody = LBS.fromStrict $ Text.encodeUtf8 msg } | ||
117 | handler = either throw401 return . requestMailMailbox | ||
118 | |||
119 | mkSpmRequestLogger :: MonadIO m => m Middleware | ||
120 | mkSpmRequestLogger = liftIO $ mkRequestLogger loggerSettings | ||
121 | where | ||
122 | loggerSettings = defaultRequestLoggerSettings | ||
123 | { destination = Handle stderr | ||
124 | , outputFormat = ApacheWithSettings $ defaultApacheSettings | ||
125 | & setApacheUserGetter (preview (_Right . _Wrapped . to (Text.encodeUtf8. CI.original)) . requestMailMailbox) | ||
126 | & setApacheIPAddrSource FromFallback | ||
127 | } | ||
128 | |||
129 | data ServerCtx = ServerCtx | ||
130 | { _sctxSqlPool :: Pool SqlBackend | ||
131 | , _sctxInstanceId :: UUID | ||
132 | , _sctxJwkSet :: JWKSet | ||
133 | } deriving (Generic, Typeable) | ||
134 | makeLenses ''ServerCtx | ||
135 | |||
136 | type Handler' = ReaderT ServerCtx (LoggingT Handler) | ||
137 | type Server' api = ServerT api Handler' | ||
138 | |||
139 | data ServerCtxError | ||
140 | = ServerCtxNoInstanceId | ServerCtxInvalidInstanceId | ||
141 | | ServerCtxJwkSetCredentialFileNotRelative | ||
142 | | ServerCtxNoCredentialsDirectory | ||
143 | | ServerCtxJwkSetDecodeError String | ||
144 | | ServerCtxJwkSetEmpty | ||
145 | deriving stock (Eq, Ord, Read, Show, Generic, Typeable) | ||
146 | deriving anyclass (Exception) | ||
147 | |||
148 | mkSpmApp :: (MonadUnliftIO m, MonadThrow m) => m Application | ||
149 | mkSpmApp = do | ||
150 | requestLogger <- mkSpmRequestLogger | ||
151 | |||
152 | connStr <- liftIO $ maybe mempty (Text.encodeUtf8 . Text.pack) <$> lookupEnv "PGCONNSTR" | ||
153 | _sctxInstanceId <- maybe (throwM ServerCtxInvalidInstanceId) return . UUID.fromString =<< maybe (throwM ServerCtxNoInstanceId) return =<< liftIO (lookupEnv "SPM_INSTANCE") | ||
154 | jwksetCredentialFile <- liftIO $ fromMaybe "spm-keys.json" <$> lookupEnv "SPM_KEYS_CREDENTIAL" | ||
155 | unless (isRelative jwksetCredentialFile) $ throwM ServerCtxJwkSetCredentialFileNotRelative | ||
156 | credentialsDir <- maybe (throwM ServerCtxNoCredentialsDirectory) return =<< liftIO (lookupEnv "CREDENTIALS_DIRECTORY") | ||
157 | _sctxJwkSet@(JWKSet jwks) <- either (throwM . ServerCtxJwkSetDecodeError) return =<< liftIO (JSON.eitherDecodeFileStrict' $ credentialsDir </> jwksetCredentialFile) | ||
158 | when (null jwks) $ throwM ServerCtxJwkSetEmpty | ||
159 | |||
160 | runStderrLoggingT . withPostgresqlPool connStr 1 $ \_sctxSqlPool -> do | ||
161 | let | ||
162 | spmServerContext :: Context (AuthHandler Request MailMailbox ': '[]) | ||
163 | spmServerContext = mailboxAuthHandler :. EmptyContext | ||
164 | |||
165 | spmServer' = spmServer | ||
166 | |||
167 | logger <- askLoggerIO | ||
168 | return $ serveWithContextT spmServerApi spmServerContext ((runReaderT ?? ServerCtx{..}) . hoist (runLoggingT ?? logger)) spmServer' | ||
169 | & requestLogger | ||
170 | |||
171 | spmSql :: ReaderT SqlBackend Handler' a -> Handler' a | ||
172 | spmSql act = do | ||
173 | sqlPool <- view sctxSqlPool | ||
174 | withResource sqlPool $ runReaderT act | ||
175 | |||
176 | spmServer :: MailDomain -> MailMailbox -> Server' SpmApi | ||
177 | spmServer _dom mbox = whoami | ||
178 | :<|> jwkSet | ||
179 | :<|> instanceId | ||
180 | where | ||
181 | whoami = do | ||
182 | Entity _ Mailbox{mailboxIdent} <- maybe (throwError err404) return <=< spmSql . getBy $ UniqueMailbox mbox | ||
183 | return $ mailboxIdent ^. _Wrapped . re _Wrapped | ||
184 | |||
185 | jwkSet = views sctxJwkSet $ over _Wrapped (^.. folded . asPublicKey . _Just) | ||
186 | |||
187 | instanceId = view sctxInstanceId | ||
188 | |||
189 | main :: IO () | ||
190 | main = runSystemdWarp systemdSettings warpSettings =<< mkSpmApp | ||
191 | where | ||
192 | systemdSettings = defaultSystemdSettings | ||
193 | & requireSocketActivation .~ True | ||
194 | warpSettings = defaultSettings | ||
diff --git a/hosts/surtr/email/spm/server/Spm/Server/Database.hs b/hosts/surtr/email/spm/server/Spm/Server/Database.hs new file mode 100644 index 00000000..09b4c67b --- /dev/null +++ b/hosts/surtr/email/spm/server/Spm/Server/Database.hs | |||
@@ -0,0 +1,72 @@ | |||
1 | {-# LANGUAGE OverloadedStrings, TemplateHaskell, QuasiQuotes, UndecidableInstances #-} | ||
2 | |||
3 | module Spm.Server.Database | ||
4 | ( MailMailbox, MailLocal, MailExtension, MailDomain | ||
5 | , Mailbox(..), MailboxMapping(..) | ||
6 | , Unique(..) | ||
7 | ) where | ||
8 | |||
9 | import Prelude | ||
10 | |||
11 | import Database.Persist | ||
12 | import Database.Persist.Sql | ||
13 | import Database.Persist.TH | ||
14 | |||
15 | import GHC.Generics (Generic) | ||
16 | import Type.Reflection (Typeable) | ||
17 | |||
18 | import Data.Text (Text) | ||
19 | |||
20 | import Data.CaseInsensitive (CI) | ||
21 | import qualified Data.CaseInsensitive as CI | ||
22 | import Data.CaseInsensitive.Instances () | ||
23 | |||
24 | import Data.UUID (UUID) | ||
25 | import Data.UUID.Instances () | ||
26 | |||
27 | import Data.Int (Int64) | ||
28 | |||
29 | import Control.Lens | ||
30 | |||
31 | import Web.HttpApiData | ||
32 | |||
33 | |||
34 | newtype MailMailbox = MailMailbox | ||
35 | { unMailMailbox :: CI Text | ||
36 | } deriving stock (Eq, Ord, Read, Show, Generic, Typeable) | ||
37 | deriving newtype (PersistField, PersistFieldSql) | ||
38 | makeWrapped ''MailMailbox | ||
39 | newtype MailLocal = MailLocal | ||
40 | { unMailLocal :: CI Text | ||
41 | } deriving stock (Eq, Ord, Read, Show, Generic, Typeable) | ||
42 | deriving newtype (PersistField, PersistFieldSql) | ||
43 | makeWrapped ''MailLocal | ||
44 | newtype MailExtension = MailExtension | ||
45 | { unMailExtension :: CI Text | ||
46 | } deriving stock (Eq, Ord, Read, Show, Generic, Typeable) | ||
47 | deriving newtype (PersistField, PersistFieldSql) | ||
48 | makeWrapped ''MailExtension | ||
49 | newtype MailDomain = MailDomain | ||
50 | { unMailDomain :: CI Text | ||
51 | } deriving stock (Eq, Ord, Read, Show, Generic, Typeable) | ||
52 | deriving newtype (PersistField, PersistFieldSql) | ||
53 | makeWrapped ''MailDomain | ||
54 | |||
55 | instance FromHttpApiData MailDomain where | ||
56 | parseUrlPiece = fmap (review _Wrapped . CI.mk) . parseUrlPiece | ||
57 | |||
58 | |||
59 | share [mkPersist sqlSettings] [persistLowerCase| | ||
60 | Mailbox | ||
61 | Id UUID sqltype=uuid default=gen_random_uuid() | ||
62 | ident MailMailbox sql=mailbox | ||
63 | quota Int64 Maybe sql=quota_bytes MigrationOnly | ||
64 | UniqueMailbox ident | ||
65 | deriving Show | ||
66 | MailboxMapping | ||
67 | Id UUID sqltype=uuid default=gen_random_uuid() | ||
68 | local MailLocal Maybe | ||
69 | extension MailExtension Maybe | ||
70 | domain MailDomain | ||
71 | mailbox MailboxId | ||
72 | |] | ||