Merge pull request #28 from Minei3oat/socket

Allow binding to UNIX domain sockets
2025-10-01 15:39:40 +02:00
parent 0492f16cea 88f4f54b55
commit bb4addf590
3 changed files with 37 additions and 8 deletions
--- a/backend/app.py
+++ b/backend/app.py
@@ -8,7 +8,7 @@ from fastapi import FastAPI, HTTPException, Depends, APIRouter
 from fastapi.security import OAuth2PasswordBearer, OAuth2PasswordRequestForm
 from jose import jwt
 from utils.sqlite import SQLite
-from utils import API_VERSION, FIREGEX_PORT, FIREGEX_HOST, JWT_ALGORITHM, get_interfaces, socketio_emit, DEBUG, SysctlManager, NORELOAD
+from utils import API_VERSION, FIREGEX_PORT, FIREGEX_HOST, FIREGEX_SOCKET, JWT_ALGORITHM, get_interfaces, socketio_emit, DEBUG, SysctlManager, NORELOAD
 from utils.loader import frontend_deploy, load_routers
 from utils.models import ChangePasswordModel, IpInterface, PasswordChangeForm, PasswordForm, ResetRequest, StatusModel, StatusMessageModel
 from contextlib import asynccontextmanager
@@ -229,6 +229,7 @@ if __name__ == '__main__':
        # None allows to bind also on ipv6, and is selected if FIREGEX_HOST is any
        host="" if FIREGEX_HOST == "any" else FIREGEX_HOST,
        port=FIREGEX_PORT,
+        uds=FIREGEX_SOCKET,
        reload=DEBUG and not NORELOAD,
        access_log=True,
        workers=1, # Firewall module can't be replicated in multiple workers
--- a/backend/utils/init.py
+++ b/backend/utils/init.py
@@ -26,6 +26,8 @@ DEBUG = "DEBUG" in sys.argv
 NORELOAD = "NORELOAD" in sys.argv
 FIREGEX_PORT = int(os.getenv("PORT","4444"))
 FIREGEX_HOST = os.getenv("HOST","0.0.0.0")
+FIREGEX_SOCKET_DIR = os.getenv("SOCKET_DIR", None)
+FIREGEX_SOCKET = os.path.join(FIREGEX_SOCKET_DIR, "firegex.sock") if FIREGEX_SOCKET_DIR else None
 JWT_ALGORITHM: str = "HS256"
 API_VERSION = "{{VERSION_PLACEHOLDER}}" if "{" not in "{{VERSION_PLACEHOLDER}}" else "0.0.0"