package main import ( "context" "log/slog" "net/http" "os" "os/signal" "syscall" "time" ) func main() { cfg := loadConfig() slog.SetDefault(slog.New(slog.NewTextHandler(os.Stdout, nil))) db, err := initDB(cfg.DBPath) if err != nil { slog.Error("failed to init database", "error", err) os.Exit(1) } defer db.Close() perm := newPermanentWhitelist() tw := newTempWhitelist() watcher := newPermanentWhitelistWatcher(cfg.PermanentWhitelistFile, cfg.WatchInterval, perm) watcher.start() go cleanupLoop(tw, cfg.CleanupInterval) server := newAuthServer(cfg, tw, perm, db) addr := ":" + cfg.Port go func() { slog.Info("starting server", "addr", addr) if err := server.ListenAndServe(); err != nil && err != http.ErrServerClosed { slog.Error("server error", "error", err) os.Exit(1) } }() quit := make(chan os.Signal, 1) signal.Notify(quit, syscall.SIGTERM, syscall.SIGINT) <-quit slog.Info("shutting down...") ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second) defer cancel() if err := server.Shutdown(ctx); err != nil { slog.Error("shutdown error", "error", err) } } func newAuthServer(cfg Config, tw *tempWhitelist, perm *PermanentWhitelist, db *sql.DB) *http.Server { mux := http.NewServeMux() mux.HandleFunc("/auth", authHandler(cfg, tw, perm)) mux.HandleFunc("/api/whitelist/temp", tw.whitelistTempHandler(cfg, db)) mux.HandleFunc("/api/whitelist", tw.whitelistListHandler(cfg)) mux.HandleFunc("/api/whitelist/{ip}", tw.whitelistDeleteHandler(cfg, db)) mux.HandleFunc("/api/logs", logsHandler(cfg, db)) mux.HandleFunc("/status", statusHandler) return &http.Server{ Addr: ":" + cfg.Port, Handler: mux, ReadTimeout: 10 * time.Second, WriteTimeout: 30 * time.Second, } }