twitch-bot/main.go
Knut Ahlers 5f07a66405
Disable authentication with Twitch token
aside of the `/login` endpoint for the editor

Signed-off-by: Knut Ahlers <knut@ahlers.me>
2024-11-25 00:41:20 +01:00

400 lines
13 KiB
Go

package main
import (
"fmt"
"math"
"net"
"net/http"
"net/http/pprof"
"os"
"strings"
"sync"
"time"
"github.com/getsentry/sentry-go"
"github.com/gofrs/uuid/v3"
"github.com/gorilla/mux"
"github.com/orandin/sentrus"
"github.com/pkg/errors"
"github.com/robfig/cron/v3"
log "github.com/sirupsen/logrus"
"github.com/Luzifer/go_helpers/v2/str"
"github.com/Luzifer/rconfig/v2"
"github.com/Luzifer/twitch-bot/v3/internal/helpers"
"github.com/Luzifer/twitch-bot/v3/internal/service/access"
"github.com/Luzifer/twitch-bot/v3/internal/service/authcache"
"github.com/Luzifer/twitch-bot/v3/internal/service/editortoken"
"github.com/Luzifer/twitch-bot/v3/internal/service/timer"
"github.com/Luzifer/twitch-bot/v3/pkg/database"
"github.com/Luzifer/twitch-bot/v3/pkg/twitch"
)
const (
ircReconnectDelay = 100 * time.Millisecond
initialIRCRetryBackoff = 500 * time.Millisecond
ircRetryBackoffMultiplier = 1.5
maxIRCRetryBackoff = time.Minute
httpReadHeaderTimeout = 5 * time.Second
)
var (
cfg = struct {
BaseURL string `flag:"base-url" default:"" description:"External URL of the config-editor interface (used to generate auth-urls)"`
CommandTimeout time.Duration `flag:"command-timeout" default:"30s" description:"Timeout for command execution"`
Config string `flag:"config,c" default:"./config.yaml" description:"Location of configuration file"`
IRCRateLimit time.Duration `flag:"rate-limit" default:"1500ms" description:"How often to send a message (default: 20/30s=1500ms, if your bot is mod everywhere: 100/30s=300ms, different for known/verified bots)"`
LogLevel string `flag:"log-level" default:"info" description:"Log level (debug, info, warn, error, fatal)"`
PluginDir string `flag:"plugin-dir" default:"/usr/lib/twitch-bot" description:"Where to find and load plugins"`
SentryDSN string `flag:"sentry-dsn" default:"" description:"Sentry / GlitchTip DSN for error reporting"`
SentryEnvironment string `flag:"sentry-environment" default:"" description:"Environment to submit to Sentry to distinguish bot instances"`
StorageConnString string `flag:"storage-conn-string" default:"./storage.db" description:"Connection string for the database"`
StorageConnType string `flag:"storage-conn-type" default:"sqlite" description:"One of: mysql, postgres, sqlite"`
StorageEncryptionPass string `flag:"storage-encryption-pass" default:"" description:"Passphrase to encrypt secrets inside storage (defaults to twitch-client:twitch-client-secret)"`
TwitchClient string `flag:"twitch-client" default:"" description:"Client ID to act as"`
TwitchClientSecret string `flag:"twitch-client-secret" default:"" description:"Secret for the Client ID"`
ValidateConfig bool `flag:"validate-config,v" default:"false" description:"Loads the config, logs any errors and quits with status 0 on success"`
VersionAndExit bool `flag:"version" default:"false" description:"Prints current version and exits"`
WaitForSelfcheck time.Duration `flag:"wait-for-selfcheck" default:"60s" description:"Maximum time to wait for the self-check to respond when behind load-balancers"`
}{}
config *configFile
configLock = new(sync.RWMutex)
cronService *cron.Cron
ircHdl *ircHandler
router = mux.NewRouter()
runID = uuid.Must(uuid.NewV4()).String()
db database.Connector
accessService *access.Service
authService *authcache.Service
editorTokenService *editortoken.Service
timerService *timer.Service
twitchClient *twitch.Client
version = "dev"
)
func initApp() error {
rconfig.AutoEnv(true)
if err := rconfig.ParseAndValidate(&cfg); err != nil {
return errors.Wrap(err, "parsing cli options")
}
if cfg.VersionAndExit {
fmt.Printf("twitch-bot %s\n", version) //nolint:forbidigo // Fine here
os.Exit(0) //revive:disable-line:deep-exit
}
l, err := log.ParseLevel(cfg.LogLevel)
if err != nil {
return errors.Wrap(err, "parsing log level")
}
log.SetLevel(l)
if cfg.SentryDSN != "" {
if err := sentry.Init(sentry.ClientOptions{
Dsn: cfg.SentryDSN,
Environment: cfg.SentryEnvironment,
Release: strings.Join([]string{"twitch-bot", version}, "@"),
}); err != nil {
return errors.Wrap(err, "initializing sentry sdk")
}
log.AddHook(sentrus.NewHook(
[]log.Level{log.ErrorLevel, log.FatalLevel, log.PanicLevel},
))
}
if cfg.StorageEncryptionPass == "" {
log.Warn("No storage encryption passphrase was set, falling back to client-id:client-secret")
cfg.StorageEncryptionPass = strings.Join([]string{
cfg.TwitchClient,
cfg.TwitchClientSecret,
}, ":")
}
return nil
}
//nolint:funlen,gocognit,gocyclo // Complexity is a little too high but makes no sense to split
func main() {
var err error
if err = initApp(); err != nil {
log.WithError(err).Fatal("initializing application")
}
if db, err = database.New(cfg.StorageConnType, cfg.StorageConnString, cfg.StorageEncryptionPass); err != nil {
log.WithError(err).Fatal("opening storage backend")
}
if accessService, err = access.New(db); err != nil {
log.WithError(err).Fatal("applying access migration")
}
authService = authcache.New(
authBackendInternalAppToken,
authBackendInternalEditorToken,
)
cronService = cron.New(cron.WithSeconds())
editorTokenService = editortoken.New(db)
if timerService, err = timer.New(db, cronService); err != nil {
log.WithError(err).Fatal("applying timer migration")
}
// Allow config to subscribe to external rules
updCron := updateConfigCron()
if _, err = cronService.AddFunc(updCron, updateConfigFromRemote); err != nil {
log.WithError(err).Error("adding remote-update cron")
}
log.WithField("cron", updCron).Debug("Initialized remote update cron")
router.Use(corsMiddleware)
router.HandleFunc("/openapi.html", handleSwaggerHTML)
router.HandleFunc("/openapi.json", handleSwaggerRequest)
router.HandleFunc("/selfcheck", func(w http.ResponseWriter, _ *http.Request) {
http.Error(w, runID, http.StatusOK)
})
if os.Getenv("ENABLE_PROFILING") == "true" {
router.HandleFunc("/debug/pprof/", pprof.Index)
router.Handle("/debug/pprof/allocs", pprof.Handler("allocs"))
router.Handle("/debug/pprof/block", pprof.Handler("block"))
router.HandleFunc("/debug/pprof/cmdline", pprof.Cmdline)
router.Handle("/debug/pprof/goroutine", pprof.Handler("goroutine"))
router.Handle("/debug/pprof/heap", pprof.Handler("heap"))
router.Handle("/debug/pprof/mutex", pprof.Handler("mutex"))
router.HandleFunc("/debug/pprof/profile", pprof.Profile)
router.HandleFunc("/debug/pprof/symbol", pprof.Symbol)
router.Handle("/debug/pprof/threadcreate", pprof.Handler("threadcreate"))
router.HandleFunc("/debug/pprof/trace", pprof.Trace)
}
router.MethodNotAllowedHandler = corsMiddleware(http.HandlerFunc(func(res http.ResponseWriter, r *http.Request) {
if r.Method == http.MethodOptions {
// Most likely JS client asking for CORS headers
res.WriteHeader(http.StatusNoContent)
return
}
res.WriteHeader(http.StatusMethodNotAllowed)
}))
if err = initCorePlugins(); err != nil {
log.WithError(err).Fatal("Unable to load core plugins")
}
if err = loadPlugins(cfg.PluginDir); err != nil {
log.WithError(err).Fatal("Unable to load plugins")
}
if len(rconfig.Args()) > 1 {
if err = cliTool.Call(rconfig.Args()[1:]); err != nil {
log.Fatalf("error in command: %s", err)
}
return
}
if err = db.ValidateEncryption(); err != nil {
log.WithError(err).Fatal("validation of database encryption failed, fix encryption passphrase or use 'twitch-bot reset-secrets' to wipe encrypted data")
}
if err = loadConfig(cfg.Config); err != nil {
if os.IsNotExist(errors.Cause(err)) {
if err = writeDefaultConfigFile(cfg.Config); err != nil {
log.WithError(err).Fatal("Initial config not found and not able to create example config")
}
log.WithField("filename", cfg.Config).Warn("No config was found, created example config: Please review that config!")
return
}
log.WithError(err).Fatal("Initial config load failed")
}
defer func() {
config.CloseRawMessageWriter() //nolint:errcheck,gosec,revive // That close is enforced by process exit
}()
if cfg.ValidateConfig {
// We were asked to only validate the config, this was successful
log.Info("Config validated successfully")
return
}
if err = startCheck(); err != nil {
log.WithError(err).Fatal("Missing required parameters")
}
if twitchClient, err = accessService.GetBotTwitchClient(access.ClientConfig{
TwitchClient: cfg.TwitchClient,
TwitchClientSecret: cfg.TwitchClientSecret,
TokenUpdateHook: func() {
// make frontend reload its state as of token change
frontendNotifyHooks.Ping(frontendNotifyTypeReload)
},
}); err != nil {
if !errors.Is(err, access.ErrChannelNotAuthorized) {
log.WithError(err).Fatal("initializing Twitch client")
}
twitchClient = twitch.New(cfg.TwitchClient, cfg.TwitchClientSecret, "", "")
}
twitchWatch := newTwitchWatcher()
// Query may run that often as the twitchClient has an internal
// cache but shouldn't run more often as EventSub subscriptions
// are retried on error each time
if _, err = cronService.AddFunc("@every 30s", twitchWatch.Check); err != nil {
log.WithError(err).Fatal("registering twitchWatch cron")
}
fsEvents := make(chan configChangeEvent, 1)
go watchConfigChanges(cfg.Config, fsEvents)
var (
ircDisconnected = make(chan struct{}, 1)
ircRetryBackoff = initialIRCRetryBackoff
autoMessageTicker = time.NewTicker(time.Second)
)
cronService.Start()
if config.HTTPListen != "" {
// If listen address is configured start HTTP server
listener, err := net.Listen("tcp", config.HTTPListen)
if err != nil {
log.WithError(err).Fatal("Unable to open http_listen port")
}
server := &http.Server{
ReadHeaderTimeout: httpReadHeaderTimeout, // gosec: G114 - Mitigate "slowloris" DoS attack vector
Handler: router,
}
go func() {
if err := server.Serve(listener); err != nil {
log.WithError(err).Fatal("running HTTP server")
}
}()
log.WithField("address", listener.Addr().String()).Info("HTTP server started")
}
for _, c := range config.Channels {
if err := twitchWatch.AddChannel(c); err != nil {
log.WithError(err).WithField("channel", c).Error("Unable to add channel to watcher")
}
}
ircDisconnected <- struct{}{}
for {
select {
case <-ircDisconnected:
if ircHdl != nil {
if err = ircHdl.Close(); err != nil {
log.WithError(err).Error("closing IRC handle")
}
}
if ircHdl, err = newIRCHandler(); err != nil {
log.WithError(err).Error("connecting to IRC")
go func() {
time.Sleep(ircRetryBackoff)
ircRetryBackoff = time.Duration(math.Min(float64(maxIRCRetryBackoff), float64(ircRetryBackoff)*ircRetryBackoffMultiplier))
ircDisconnected <- struct{}{}
}()
continue
}
ircRetryBackoff = initialIRCRetryBackoff // Successfully created, reset backoff
go func() {
log.Info("(re-)connecting IRC client")
if err := ircHdl.Run(); err != nil {
log.WithError(helpers.CleanNetworkAddressFromError(err)).Error("IRC run exited unexpectedly")
}
time.Sleep(ircReconnectDelay)
ircDisconnected <- struct{}{}
}()
case evt := <-fsEvents:
switch evt {
case configChangeEventUnkown:
continue
case configChangeEventNotExist:
log.Error("Config file is not available, not reloading config")
continue
case configChangeEventModified:
// Fine, reload
}
previousChannels := append([]string{}, config.Channels...)
if err := loadConfig(cfg.Config); err != nil {
log.WithError(err).Error("Unable to reload config")
continue
}
if ircHdl != nil {
ircHdl.ExecuteJoins(config.Channels)
}
for _, c := range config.Channels {
if err := twitchWatch.AddChannel(c); err != nil {
log.WithError(err).WithField("channel", c).Error("Unable to add channel to watcher")
}
}
for _, c := range previousChannels {
if !str.StringInSlice(c, config.Channels) {
log.WithField("channel", c).Info("Leaving removed channel...")
ircHdl.ExecutePart(c)
if err := twitchWatch.RemoveChannel(c); err != nil {
log.WithError(err).WithField("channel", c).Error("Unable to remove channel from watcher")
}
}
}
case <-autoMessageTicker.C:
configLock.RLock()
for _, am := range config.AutoMessages {
if !am.CanSend() {
continue
}
if err := am.Send(ircHdl.c); err != nil {
log.WithError(err).Error("Unable to send automated message")
}
}
configLock.RUnlock()
}
}
}
func startCheck() error {
var errs []string
if cfg.TwitchClient == "" {
errs = append(errs, "No Twitch-ClientId given")
}
if cfg.TwitchClientSecret == "" {
errs = append(errs, "No Twitch-ClientSecret given")
}
if len(errs) > 0 {
return errors.New(strings.Join(errs, ", "))
}
return nil
}