HTTP unix domain socket

cmd/circologd/main.go

@@ -3,6 +3,7 @@ package main
 import (
 	"flag"
 	"fmt"
+	"net"
 	"net/http"
 	"os"
 
@@ -17,6 +18,7 @@ func main() {
 	bufsize := flag.Int("buffer-size", 1000, "Number of messages to keep")
 	syslogAddr := flag.String("syslog-addr", "127.0.0.1:9514", "Address:port where to listen for syslog messages")
 	queryAddr := flag.String("query-addr", "127.0.0.1:9080", "Address:port where to bind the query service")
+	querySocket := flag.String("query-socket", "", "Path to a unix domain socket for the HTTP server; recommended for security reasons!")
 	flag.Parse()
 
 	hub := circolog.NewHub(*bufsize)
@@ -45,7 +47,17 @@ func main() {
 	go hub.Run()
 
 	setupHttp(hub)
-	fmt.Printf("Binding address `%s` [http]\n", *queryAddr)
-	http.ListenAndServe(*queryAddr, nil)
+	if *querySocket != "" {
+		fmt.Printf("Binding address `%s` [http]\n", *querySocket)
+		unixListener, err := net.Listen("unix", *querySocket)
+		if err != nil {
+			fmt.Fprintln(os.Stderr, "Error binding HTTP unix domain socket", err)
+		}
+		defer os.Remove(*querySocket)
+		http.Serve(unixListener, nil)
+	} else {
+		fmt.Printf("Binding address `%s` [http]\n", *queryAddr)
+		http.ListenAndServe(*queryAddr, nil)
+	}
 	server.Wait()
 }