issues/73: bind on 0.0.0.0 or localhost conditionally (#74)

golang/go#48723

CHANGELOG.md

@@ -29,3 +29,4 @@ Most recent version is listed first.
 - rename: https://github.com/komuw/ong/pull/68
 - make some updates to circular buffer: https://github.com/komuw/ong/pull/71
 - use acme for certificates: https://github.com/komuw/ong/pull/69
+- issues/73: bind on 0.0.0.0 or localhost conditionally: https://github.com/komuw/ong/pull/74

README.md

@@ -47,7 +47,7 @@ func main() {
 		   ),
 	    })
 
-	err := server.Run(mux, server.DefaultOpts())
+	err := server.Run(mux, server.DefaultDevOpts())
 	if err != nil {
 		mux.GetLogger().Error(err, log.F{"msg": "server.Run error"})
 		os.Exit(1)
@@ -76,7 +76,7 @@ func (s myAPI) check(msg string) http.HandlerFunc {
 To use tls:
 ```go
 _, _ = server.CreateDevCertKey()
-err := server.Run(mux, server.DefaultTlsOpts())
+err := server.Run(mux, server.DefaultDevTlsOpts())
 ```
 
 To use tls with certificates from letsencrypt:

example/main.go

@@ -43,7 +43,7 @@ func main() {
 		})
 
 	_, _ = server.CreateDevCertKey()
-	err := server.Run(mux, server.DefaultTlsOpts())
+	err := server.Run(mux, server.DefaultDevTlsOpts())
 	if err != nil {
 		mux.GetLogger().Error(err, log.F{
 			"msg": "server.Run error",

server/server.go

@@ -46,14 +46,14 @@ type tlsOpts struct {
 // opts defines parameters for running an HTTP server.
 type opts struct {
 	port              uint16 // tcp port is a 16bit unsigned integer.
-	host              string
 	readHeaderTimeout time.Duration
 	readTimeout       time.Duration
 	writeTimeout      time.Duration
 	handlerTimeout    time.Duration
 	idleTimeout       time.Duration
 	tls               tlsOpts
 	// this ones are created automatically
+	host          string
 	serverPort    string
 	serverAddress string
 	network       string
@@ -72,7 +72,6 @@ func (o opts) Equal(other opts) bool {
 // domain can be an exact domain, subdomain or wildcard.
 func NewOpts(
 	port uint16,
-	host string,
 	readHeaderTimeout time.Duration,
 	readTimeout time.Duration,
 	writeTimeout time.Duration,
@@ -84,7 +83,6 @@ func NewOpts(
 	domain string,
 ) opts {
 	serverPort := fmt.Sprintf(":%d", port)
-	serverAddress := fmt.Sprintf("%s%s", host, serverPort)
 
 	httpPort := port
 	tlsEnabled := certFile != "" || email != ""
@@ -96,9 +94,16 @@ func NewOpts(
 		}
 	}
 
+	host := "127.0.0.1"
+	if port == 80 || port == 443 {
+		// bind to both tcp4 and tcp6
+		// https://github.com/golang/go/issues/48723
+		host = "0.0.0.0"
+	}
+	serverAddress := fmt.Sprintf("%s%s", host, serverPort)
+
 	return opts{
 		port:              port,
-		host:              host,
 		readHeaderTimeout: readHeaderTimeout,
 		readTimeout:       readTimeout,
 		writeTimeout:      writeTimeout,
@@ -112,15 +117,16 @@ func NewOpts(
 			enabled:  tlsEnabled,
 		},
 		// this ones are created automatically
+		host:          host,
 		serverPort:    serverPort,
 		serverAddress: serverAddress,
 		network:       "tcp",
 		httpPort:      fmt.Sprintf(":%d", httpPort),
 	}
 }
 
-// WithOpts returns a new opts that has sensible defaults given port and host.
-func WithOpts(port uint16, host string) opts {
+// WithOpts returns a new opts that has sensible defaults given port.
+func WithOpts(port uint16) opts {
 	// readHeaderTimeout < readTimeout < writeTimeout < handlerTimeout < idleTimeout
 	// drainDuration = max(readHeaderTimeout , readTimeout , writeTimeout , handlerTimeout)
 
@@ -132,7 +138,6 @@ func WithOpts(port uint16, host string) opts {
 
 	return NewOpts(
 		port,
-		host,
 		readHeaderTimeout,
 		readTimeout,
 		writeTimeout,
@@ -145,17 +150,28 @@ func WithOpts(port uint16, host string) opts {
 	)
 }
 
-// WithTlsOpts returns a new opts that has sensible defaults given host, certFile & keyFile.
-func WithTlsOpts(host, certFile, keyFile string) opts {
-	return withTlsOpts(443, host, certFile, keyFile, "", "")
+// WithTlsOpts returns a new opts that has sensible defaults given certFile & keyFile.
+func WithTlsOpts(certFile, keyFile string) opts {
+	return withTlsOpts(443, certFile, keyFile, "", "")
+}
+
+// DefaultDevOpts returns a new opts that has sensible defaults especially for dev environments.
+func DefaultDevOpts() opts {
+	return WithOpts(8080)
+}
+
+// DefaultDevTlsOpts returns a new opts that has sensible defaults for tls, especially for dev environments.
+func DefaultDevTlsOpts() opts {
+	certFile, keyFile := certKeyPaths()
+	return withTlsOpts(8081, certFile, keyFile, "", "")
 }
 
 // WithLetsEncryptOpts returns a new opts that procures certificates from Letsencrypt.
-func WithLetsEncryptOpts(host, email, domain string) opts {
-	return withTlsOpts(443, host, "", "", email, domain)
+func WithLetsEncryptOpts(email, domain string) opts {
+	return withTlsOpts(443, "", "", email, domain)
 }
 
-func withTlsOpts(port uint16, host, certFile, keyFile, email, domain string) opts {
+func withTlsOpts(port uint16, certFile, keyFile, email, domain string) opts {
 	// readHeaderTimeout < readTimeout < writeTimeout < handlerTimeout < idleTimeout
 	// drainDuration = max(readHeaderTimeout , readTimeout , writeTimeout , handlerTimeout)
 
@@ -167,7 +183,6 @@ func withTlsOpts(port uint16, host, certFile, keyFile, email, domain string) opt
 
 	return NewOpts(
 		port,
-		host,
 		readHeaderTimeout,
 		readTimeout,
 		writeTimeout,
@@ -180,16 +195,6 @@ func withTlsOpts(port uint16, host, certFile, keyFile, email, domain string) opt
 	)
 }
 
-// DefaultOpts returns a new opts that has sensible defaults.
-func DefaultOpts() opts {
-	return WithOpts(8080, "127.0.0.1")
-}
-
-func DefaultTlsOpts() opts {
-	certFile, keyFile := certKeyPaths()
-	return withTlsOpts(8081, "127.0.0.1", certFile, keyFile, "", "")
-}
-
 // Run listens on a network address and then calls Serve to handle requests on incoming connections.
 // It sets up a server with the parameters provided by o.
 //
@@ -287,7 +292,7 @@ func serve(ctx context.Context, srv *http.Server, o opts, logger log.Logger) err
 		{
 			// HTTP(non-tls) LISTERNER:
 			redirectSrv := &http.Server{
-				Addr:              fmt.Sprintf("127.0.0.1%s", o.httpPort),
+				Addr:              fmt.Sprintf("%s%s", o.host, o.httpPort),
 				Handler:           middleware.HttpsRedirector(srv.Handler, o.port),
 				ReadHeaderTimeout: o.readHeaderTimeout,
 				ReadTimeout:       o.readTimeout,

server/server_test.go

@@ -63,7 +63,7 @@ func TestOpts(t *testing.T) {
 	t.Run("default opts", func(t *testing.T) {
 		t.Parallel()
 
-		got := DefaultOpts()
+		got := DefaultDevOpts()
 		want := opts{
 			port:              8080,
 			host:              "127.0.0.1",
@@ -83,18 +83,18 @@ func TestOpts(t *testing.T) {
 	t.Run("with opts", func(t *testing.T) {
 		t.Parallel()
 
-		got := WithOpts(80, "localhost")
+		got := WithOpts(80)
 		want := opts{
 			port:              80,
-			host:              "localhost",
+			host:              "0.0.0.0",
 			network:           "tcp",
 			readHeaderTimeout: 1 * time.Second,
 			readTimeout:       2 * time.Second,
 			writeTimeout:      3 * time.Second,
 			handlerTimeout:    13 * time.Second,
 			idleTimeout:       113 * time.Second,
 			serverPort:        ":80",
-			serverAddress:     "localhost:80",
+			serverAddress:     "0.0.0.0:80",
 			httpPort:          ":80",
 		}
 		attest.Equal(t, got, want)
@@ -103,7 +103,7 @@ func TestOpts(t *testing.T) {
 	t.Run("default tls opts", func(t *testing.T) {
 		t.Parallel()
 
-		got := DefaultTlsOpts()
+		got := DefaultDevTlsOpts()
 		want := opts{
 			port:              8081,
 			host:              "127.0.0.1",
@@ -159,7 +159,7 @@ func TestServer(t *testing.T) {
 			})
 
 		go func() {
-			err := Run(mux, WithOpts(port, "127.0.0.1"))
+			err := Run(mux, WithOpts(port))
 			attest.Ok(t, err)
 		}()
 
@@ -203,7 +203,7 @@ func TestServer(t *testing.T) {
 		go func() {
 			_, _ = CreateDevCertKey()
 			time.Sleep(1 * time.Second)
-			err := Run(mux, DefaultTlsOpts())
+			err := Run(mux, DefaultDevTlsOpts())
 			attest.Ok(t, err)
 		}()
 
@@ -272,7 +272,7 @@ func TestServer(t *testing.T) {
 			})
 
 		go func() {
-			err := Run(mux, WithOpts(port, "127.0.0.1"))
+			err := Run(mux, WithOpts(port))
 			attest.Ok(t, err)
 		}()