From 30bdb4b4e96cbaea0c759555c60743a7e04fde8c Mon Sep 17 00:00:00 2001
From: Viktor Lofgren <vlofgren@marginalia.nu>
Date: Tue, 20 Feb 2024 14:21:09 +0100
Subject: [PATCH] (config) Clean up service configuration for IP addresses

Adds new ways to configure the bind and external IP addresses for a service.  Notably, if the environment variable WMSA_IN_DOCKER is present, the system will grab the HOSTNAME variable and announce that as the external address in the service registry.

The default bind address is also changed to be 0.0.0.0 only if WMSA_IN_DOCKER is present, otherwise 127.0.0.1; as this is a more secure default.
---
 .../module/ServiceConfigurationModule.java    | 49 ++++++++++++++++---
 docker-service.gradle                         |  3 ++
 2 files changed, 44 insertions(+), 8 deletions(-)

diff --git a/code/common/service/src/main/java/nu/marginalia/service/module/ServiceConfigurationModule.java b/code/common/service/src/main/java/nu/marginalia/service/module/ServiceConfigurationModule.java
index c5484066..1502ec44 100644
--- a/code/common/service/src/main/java/nu/marginalia/service/module/ServiceConfigurationModule.java
+++ b/code/common/service/src/main/java/nu/marginalia/service/module/ServiceConfigurationModule.java
@@ -9,12 +9,15 @@ import nu.marginalia.service.id.ServiceId;
 import org.apache.curator.framework.CuratorFramework;
 import org.apache.curator.framework.CuratorFrameworkFactory;
 import org.apache.curator.retry.ExponentialBackoffRetry;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 import java.util.Objects;
 import java.util.UUID;
 
 public class ServiceConfigurationModule extends AbstractModule {
     private final ServiceId id;
+    private static final Logger logger = LoggerFactory.getLogger(ServiceConfigurationModule.class);
 
     public ServiceConfigurationModule(ServiceId id) {
         this.id = id;
@@ -26,11 +29,13 @@ public class ServiceConfigurationModule extends AbstractModule {
         var configObject = new ServiceConfiguration(id,
                 node,
                 getBindAddress(),
-                getHost(),
+                getExternalHost(),
                 getPrometheusPort(),
                 UUID.randomUUID()
         );
 
+        logger.info("Service configuration: {}", configObject);
+
         bind(Integer.class).annotatedWith(Names.named("wmsa-system-node")).toInstance(node);
         bind(ServiceConfiguration.class).toInstance(configObject);
 
@@ -63,18 +68,46 @@ public class ServiceConfigurationModule extends AbstractModule {
         return Integer.parseInt(nodeEnv);
     }
 
-    private String getHost() {
-        int node = getNode();
-        final String defaultValue;
+    /** Get the external host for the service. This is announced via the service registry,
+     * and should be an IP address or hostname that resolves to this machine */
+    private String getExternalHost() {
+        // Check for an environment variable override
+        String configuredValue;
+        if (null != (configuredValue = System.getenv("SERVICE_HOST"))) {
+            return configuredValue;
+        }
 
-        if (node > 0) defaultValue = STR."\{id.serviceName}-\{node}";
-        else defaultValue = id.serviceName;
+        // Check for a system property override
+        if (null != (configuredValue = System.getProperty("service.host"))) {
+            return configuredValue;
+        }
 
-        return System.getProperty("service.host", defaultValue);
+        // If we're in docker, we'll use the hostname
+        if (isDocker()) {
+            return System.getenv("HOSTNAME");
+        }
+
+        // If we've not been told about a host, and we're not in docker, we'll fall back to localhost
+        // and hope the operator's remembered to enable random port assignment via zookeeper
+        return "127.0.0.1";
     }
 
+    /** Get the bind address for the service. This is the address that the service will listen on.
+     */
     private String getBindAddress() {
-        return System.getProperty("service.bind-address", "0.0.0.0");
+        String configuredValue = System.getProperty("service.bind-address");
+        if (configuredValue != null) {
+            return configuredValue;
+        }
+
+        // If we're in docker, we'll bind to all interfaces
+        if (isDocker())
+            return "0.0.0.0";
+        else  // If we're not in docker, we'll default to binding to localhost to avoid exposing services
+            return "127.0.0.1";
     }
 
+    boolean isDocker() {
+        return System.getenv("WMSA_IN_DOCKER") != null;
+    }
 }
diff --git a/docker-service.gradle b/docker-service.gradle
index 9ac559c6..25dd0e17 100644
--- a/docker-service.gradle
+++ b/docker-service.gradle
@@ -18,6 +18,9 @@ RUN apt-get update && apt-get install -y curl
 ADD ${application.applicationName}.tar /
 RUN mkdir /wmsa
 
+# This will make the service grab the hostname from the HOSTNAME variable
+ENV WMSA_IN_DOCKER true
+
 ENTRYPOINT WMSA_HOME=/wmsa /${application.applicationName}/bin/${application.applicationName} \${arg0} \${arg1}
 """
     }