SSL Support

[Lucu.git] / Network / HTTP / Lucu / Config.hs

-- |Configurations for the Lucu httpd like a port to listen.
module Network.HTTP.Lucu.Config
    ( Config(..)
    , SSLConfig(..)
    , defaultConfig
    )
    where

import qualified Data.ByteString as Strict (ByteString)
import qualified Data.ByteString.Char8 as C8 hiding (ByteString)
import           Network
import           Network.BSD
import           Network.HTTP.Lucu.MIMEType.Guess
import           Network.HTTP.Lucu.MIMEType.DefaultExtensionMap
import           OpenSSL.Session
import           System.IO.Unsafe

-- |Configuration record for the Lucu httpd. You need to use
-- 'defaultConfig' or setup your own configuration to run the httpd.
data Config = Config {
    -- |A string which will be sent to clients as \"Server\" field.
      cnfServerSoftware :: !Strict.ByteString
    -- |The host name of the server. This value will be used in
    -- built-in pages like \"404 Not Found\".
    , cnfServerHost :: !Strict.ByteString
    -- |A port ID to listen to HTTP clients.
    , cnfServerPort :: !PortID
    -- |Configuration for HTTPS connections. Set this 'Nothing' to
    -- disable HTTPS.
    , cnfSSLConfig :: !(Maybe SSLConfig)
    -- |The maximum number of requests to accept in one connection
    -- simultaneously. If a client exceeds this limitation, its last
    -- request won't be processed until a response for its earliest
    -- pending request is sent back to the client.
    , cnfMaxPipelineDepth :: !Int
    -- |The maximum length of request entity to accept in bytes. Note
    -- that this is nothing but the default value which is used when
    -- 'Network.HTTP.Lucu.Resource.input' and such like are applied to
    -- 'Network.HTTP.Lucu.Resource.defaultLimit', so there is no
    -- guarantee that this value always constrains all the requests.
    , cnfMaxEntityLength :: !Int
    -- |The maximum length of chunk to output. This value is used by
    -- 'Network.HTTP.Lucu.Resource.output' and such like to limit the
    -- chunk length so you can safely output an infinite string (like
    -- a lazy stream of \/dev\/random) using those actions.
    , cnfMaxOutputChunkLength :: !Int
    -- | Whether to dump too late abortion to the stderr or not. See
    -- 'Network.HTTP.Lucu.Abortion.abort'.
    , cnfDumpTooLateAbortionToStderr :: !Bool
    -- |A mapping from extension to MIME Type. This value is used by
    -- 'Network.HTTP.Lucu.StaticFile.staticFile' to guess the MIME
    -- Type of static files. Note that MIME Types are currently
    -- guessed only by file name. 
    -- 
    -- Guessing by file magic is indeed a wonderful idea but that is
    -- not implemented (yet). But, don't you think it's better a file
    -- system got a MIME Type as a part of inode? Or it might be a
    -- good idea to use GnomeVFS
    -- (<http://developer.gnome.org/doc/API/2.0/gnome-vfs-2.0/>)
    -- instead of vanilla FS.
    , cnfExtToMIMEType :: !ExtMap
    }

-- |Configuration record for HTTPS connections.
data SSLConfig
    = SSLConfig {
        -- |A port ID to listen to HTTPS clients.
        sslServerPort :: !PortID
        -- |An SSL context for accepting connections.
      , sslContext    :: !SSLContext
      }

-- |The default configuration. Generally you can use this value as-is,
-- or possibly you just want to replace the 'cnfServerSoftware' and
-- 'cnfServerPort'. SSL connections are disabled by default.
defaultConfig :: Config
defaultConfig = Config {
                  cnfServerSoftware              = C8.pack "Lucu/1.0"
                , cnfServerHost                  = C8.pack (unsafePerformIO getHostName)
                , cnfServerPort                  = Service "http"
                , cnfSSLConfig                   = Nothing
                , cnfMaxPipelineDepth            = 100
                , cnfMaxEntityLength             = 16 * 1024 * 1024 -- 16 MiB
                , cnfMaxOutputChunkLength        = 5 * 1024 * 1024  -- 5 MiB
                , cnfDumpTooLateAbortionToStderr = True
                , cnfExtToMIMEType               = defaultExtensionMap
                }