clean up code

Author: Pascal Minder

cachePersistence.go

@@ -0,0 +1,128 @@
+package geoblock
+
+import (
+	"bytes"
+	"context"
+	"log"
+	"os"
+	"path/filepath"
+	"sync/atomic"
+	"time"
+
+	lru "github.com/PascalMinder/geoblock/lrucache"
+)
+
+func InitializeCache(ctx context.Context, logger *log.Logger, name string, cacheSize int, cachePath string) (*lru.LRUCache, *CachePersist) {
+	cache, err := lru.NewLRUCache(cacheSize)
+	if err != nil {
+		logger.Fatal(err)
+	}
+
+	var ipDB *CachePersist // stays nil if disabled
+	if path, err := ValidatePersistencePath(cachePath); len(path) > 0 {
+		// load existing cache
+		if err := cache.ImportFromFile(path); err != nil && !os.IsNotExist(err) {
+			logger.Printf("%s: could not load IP DB snapshot (%s): %v", name, path, err)
+		}
+
+		ipDB = &CachePersist{
+			path:           path,
+			persistTicker:  time.NewTicker(15 * time.Second),
+			persistChannel: make(chan struct{}, 1),
+			cache:          cache,
+			log:            logger,
+			name:           name,
+		}
+
+		go func(ctx context.Context, p *CachePersist) {
+			defer p.persistTicker.Stop()
+			for {
+				select {
+				case <-ctx.Done():
+					p.snapshotToDisk()
+					return
+				case <-p.persistTicker.C:
+					p.snapshotToDisk()
+				case <-p.persistChannel:
+					p.snapshotToDisk()
+				}
+			}
+		}(ctx, ipDB)
+
+		logger.Printf("%s: IP database persistence enabled -> %s", name, path)
+	} else if err != nil {
+		logger.Printf("%s: IP database persistence disabled: %v", name, err)
+	} else {
+		logger.Printf("%s: IP database persistence disabled (no path)", name)
+	}
+
+	return cache, ipDB
+}
+
+type CachePersist struct {
+	path           string
+	persistTicker  *time.Ticker
+	persistChannel chan struct{}
+	ipDirty        uint32 // 0 clean, 1 dirty
+
+	cache *lru.LRUCache
+	log   *log.Logger
+	name  string
+}
+
+func (p *CachePersist) MarkDirty() {
+	if p == nil { // feature OFF
+		return
+	}
+	atomic.StoreUint32(&p.ipDirty, 1)
+	select {
+	case p.persistChannel <- struct{}{}:
+	default:
+	}
+}
+
+func (p *CachePersist) snapshotToDisk() {
+	if p == nil || atomic.LoadUint32(&p.ipDirty) == 0 {
+		return
+	}
+
+	var buf bytes.Buffer
+	if err := p.cache.Export(&buf); err != nil {
+		p.log.Printf("%s: cache snapshot encode error: %v", p.name, err)
+		return
+	}
+
+	dir := filepath.Dir(p.path)
+	tmp, err := os.CreateTemp(dir, "ipdb-*.tmp")
+	if err != nil {
+		p.log.Printf("%s: snapshot temp file error: %v", p.name, err)
+		return
+	}
+	tmpPath := tmp.Name()
+
+	if _, err := tmp.Write(buf.Bytes()); err != nil {
+		tmp.Close()
+		os.Remove(tmpPath)
+		p.log.Printf("%s: snapshot write error: %v", p.name, err)
+		return
+	}
+	if err := tmp.Sync(); err != nil {
+		tmp.Close()
+		os.Remove(tmpPath)
+		p.log.Printf("%s: snapshot fsync error: %v", p.name, err)
+		return
+	}
+	if err := tmp.Close(); err != nil {
+		os.Remove(tmpPath)
+		p.log.Printf("%s: snapshot close error: %v", p.name, err)
+		return
+	}
+	if err := os.Rename(tmpPath, p.path); err != nil {
+		os.Remove(tmpPath)
+		p.log.Printf("%s: snapshot rename error: %v", p.name, err)
+		return
+	}
+
+	atomic.StoreUint32(&p.ipDirty, 0)
+	p.log.Printf("%s: cache snapshot written to %s", p.name, p.path)
+}

docker/traefik-config/dynamic-configuration.yml

@@ -31,6 +31,7 @@ http:
           allowUnknownCountries: false
           unknownCountryApiResponse: "nil"
           logFilePath: "/geoblock/geoblockA.log"
+          ipDatabaseCachePath: "/geoblock/cacheA.cache"
           countries:
             - GB
             - IS

geoblock.go

@@ -10,7 +10,6 @@ import (
 	"net"
 	"net/http"
 	"os"
-	"path/filepath"
 	"strings"
 	"time"
 
@@ -49,8 +48,9 @@ type Config struct {
 	AllowedIPAddresses           []string `yaml:"allowedIPAddresses,omitempty"`
 	AddCountryHeader             bool     `yaml:"addCountryHeader"`
 	HTTPStatusCodeDeniedRequest  int      `yaml:"httpStatusCodeDeniedRequest"`
-	LogFilePath                  string   `yaml:"logFilePath"`
 	RedirectURLIfDenied          string   `yaml:"redirectUrlIfDenied"`
+	LogFilePath                  string   `yaml:"logFilePath"`
+	IPDatabaseCachePath          string   `yaml:"ipDatabaseCachePath"`
 }
 
 type ipEntry struct {
@@ -91,6 +91,7 @@ type GeoBlock struct {
 	redirectURLIfDenied          string
 	name                         string
 	infoLogger                   *log.Logger
+	ipDatabasePersistence        *CachePersist
 }
 
 // New created a new GeoBlock plugin.
@@ -130,27 +131,14 @@ func New(ctx context.Context, next http.Handler, config *Config, name string) (h
 		printConfiguration(name, config, infoLogger)
 	}
 
-	// create LRU cache for IP lookup
-	cache, err := lru.NewLRUCache(config.CacheSize)
-	if err != nil {
-		infoLogger.Fatal(err)
-	}
-
 	// create custom log target if needed
-	logFile, err := initializeLogFile(name, config.LogFilePath, infoLogger)
+	logFile, err := CreateCustomLogTarget(ctx, infoLogger, name, config.LogFilePath)
 	if err != nil {
-		infoLogger.Printf("%s: Error initializing log file: %v\n", name, err)
+		infoLogger.Fatal(err)
 	}
 
-	// Set up a goroutine to close the file when the context is done
-	if logFile != nil {
-		go func(logger *log.Logger) {
-			<-ctx.Done() // Wait for context cancellation
-			logger.SetOutput(os.Stdout)
-			logFile.Close()
-			logger.Printf("%s: Log file closed for middleware\n", name)
-		}(infoLogger)
-	}
+	// initialize local IP lookup cache
+	cache, ipDB := InitializeCache(ctx, infoLogger, name, config.CacheSize, config.IPDatabaseCachePath)
 
 	return &GeoBlock{
 		next:                         next,
@@ -179,6 +167,7 @@ func New(ctx context.Context, next http.Handler, config *Config, name string) (h
 		redirectURLIfDenied:          config.RedirectURLIfDenied,
 		name:                         name,
 		infoLogger:                   infoLogger,
+		ipDatabasePersistence:        ipDB, // may be nil => feature OFF
 	}, nil
 }
 
@@ -286,6 +275,8 @@ func (a *GeoBlock) allowDenyCachedRequestIP(requestIPAddr *net.IP, req *http.Req
 		}
 	} else {
 		entry = cacheEntry.(ipEntry)
+		// order has changed
+		a.ipDatabasePersistence.MarkDirty()
 	}
 
 	if a.logAPIRequests {
@@ -351,6 +342,8 @@ func (a *GeoBlock) cachedRequestIP(requestIPAddr *net.IP, req *http.Request) (bo
 		}
 	} else {
 		entry = cacheEntry.(ipEntry)
+		// order has changed
+		a.ipDatabasePersistence.MarkDirty()
 	}
 
 	if a.logAPIRequests {
@@ -414,6 +407,7 @@ func (a *GeoBlock) createNewIPEntry(req *http.Request, ipAddressString string) (
 
 	entry = ipEntry{Country: country, Timestamp: time.Now()}
 	a.database.Add(ipAddressString, entry)
+	a.ipDatabasePersistence.MarkDirty() // new entry in the cache
 
 	if a.logAPIRequests {
 		a.infoLogger.Printf("%s: [%s] added to database: %s", a.name, ipAddressString, entry)
@@ -638,44 +632,3 @@ func printConfiguration(name string, config *Config, logger *log.Logger) {
 		logger.Printf("%s: Redirect URL on denied requests: %s", name, config.RedirectURLIfDenied)
 	}
 }
-
-func initializeLogFile(name string, logFilePath string, logger *log.Logger) (*os.File, error) {
-	if len(logFilePath) == 0 {
-		return nil, nil
-	}
-
-	writeable, err := isFolder(logFilePath)
-	if err != nil {
-		logger.Printf("%s: %s", name, err)
-		return nil, err
-	} else if !writeable {
-		logger.Printf("%s: Specified log folder is not writeable: %s", name, logFilePath)
-		return nil, fmt.Errorf("%s: folder is not writeable: %s", name, logFilePath)
-	}
-
-	logFile, err := os.OpenFile(logFilePath, os.O_RDWR|os.O_CREATE|os.O_APPEND, filePermissions)
-	if err != nil {
-		logger.Printf("%s: Failed to open log file: %v\n", name, err)
-		return nil, err
-	}
-
-	logger.SetOutput(logFile)
-	return logFile, nil
-}
-
-func isFolder(filePath string) (bool, error) {
-	dirPath := filepath.Dir(filePath)
-	info, err := os.Stat(dirPath)
-	if err != nil {
-		if os.IsNotExist(err) {
-			return false, fmt.Errorf("path does not exist")
-		}
-		return false, fmt.Errorf("error checking path: %w", err)
-	}
-
-	if !info.IsDir() {
-		return false, fmt.Errorf("folder does not exist")
-	}
-
-	return true, nil
-}

logPersistence.go

@@ -0,0 +1,49 @@
+package geoblock
+
+import (
+	"context"
+	"fmt"
+	"log"
+	"os"
+)
+
+func CreateCustomLogTarget(ctx context.Context, logger *log.Logger, name string, logFilePath string) (*os.File, error) {
+	logFile, err := initializeLogFile(logFilePath, logger)
+	if err != nil {
+		return nil, fmt.Errorf("error initializing log file: %v", err)
+	}
+
+	// Set up a goroutine to close the file when the context is done
+	if logFile != nil {
+		go func(logger *log.Logger) {
+			<-ctx.Done() // Wait for context cancellation
+			logger.SetOutput(os.Stdout)
+			logFile.Close()
+			logger.Printf("%s: Log file closed for middleware\n", name)
+		}(logger)
+	}
+
+	logger.Printf("%s: Log file opened for middleware\n", name)
+	return logFile, nil
+}
+
+func initializeLogFile(logFilePath string, logger *log.Logger) (*os.File, error) {
+	if len(logFilePath) == 0 {
+		return nil, nil
+	}
+
+	path, err := ValidatePersistencePath(logFilePath)
+	if err != nil {
+		return nil, err
+	} else if len(path) == 0 {
+		return nil, fmt.Errorf("folder is not writeable (%s)", path)
+	}
+
+	logFile, err := os.OpenFile(path, os.O_RDWR|os.O_CREATE|os.O_APPEND, filePermissions)
+	if err != nil {
+		return nil, fmt.Errorf("failed to open log file (%s): %v", path, err)
+	}
+
+	logger.SetOutput(logFile)
+	return logFile, nil
+}