mattermost/app/server.go

// Copyright (c) 2015-present Mattermost, Inc. All Rights Reserved.
// See License.txt for license information.

package app

import (
	"crypto/tls"
	"net"
	"net/http"
	"strings"
	"time"

	l4g "github.com/alecthomas/log4go"
	"github.com/gorilla/handlers"
	"github.com/gorilla/mux"
	"github.com/rsc/letsencrypt"
	"github.com/tylerb/graceful"
	"gopkg.in/throttled/throttled.v2"
	"gopkg.in/throttled/throttled.v2/store/memstore"

	"github.com/mattermost/mattermost-server/model"
	"github.com/mattermost/mattermost-server/store"
	"github.com/mattermost/mattermost-server/store/sqlstore"
	"github.com/mattermost/mattermost-server/utils"
)

type Server struct {
	Store           store.Store
	WebSocketRouter *WebSocketRouter
	Router          *mux.Router
	GracefulServer  *graceful.Server
}

var allowedMethods []string = []string{
	"POST",
	"GET",
	"OPTIONS",
	"PUT",
	"PATCH",
	"DELETE",
}

type RecoveryLogger struct {
}

func (rl *RecoveryLogger) Println(i ...interface{}) {
	l4g.Error("Please check the std error output for the stack trace")
	l4g.Error(i)
}

type CorsWrapper struct {
	router *mux.Router
}

func (cw *CorsWrapper) ServeHTTP(w http.ResponseWriter, r *http.Request) {
	if len(*utils.Cfg.ServiceSettings.AllowCorsFrom) > 0 {
		if utils.OriginChecker(r) {
			w.Header().Set("Access-Control-Allow-Origin", r.Header.Get("Origin"))

			if r.Method == "OPTIONS" {
				w.Header().Set(
					"Access-Control-Allow-Methods",
					strings.Join(allowedMethods, ", "))

				w.Header().Set(
					"Access-Control-Allow-Headers",
					r.Header.Get("Access-Control-Request-Headers"))
			}
		}
	}

	if r.Method == "OPTIONS" {
		return
	}

	cw.router.ServeHTTP(w, r)
}

const TIME_TO_WAIT_FOR_CONNECTIONS_TO_CLOSE_ON_SERVER_SHUTDOWN = time.Second

func (a *App) NewServer() {
	l4g.Info(utils.T("api.server.new_server.init.info"))

	a.Srv = &Server{}
}

func (a *App) InitStores() {
	a.Srv.Store = store.NewLayeredStore(sqlstore.NewSqlSupplier(a.Metrics), a.Metrics, a.Cluster)
}

type VaryBy struct{}

func (m *VaryBy) Key(r *http.Request) string {
	return utils.GetIpAddress(r)
}

func initalizeThrottledVaryBy() *throttled.VaryBy {
	vary := throttled.VaryBy{}

	if utils.Cfg.RateLimitSettings.VaryByRemoteAddr {
		vary.RemoteAddr = true
	}

	if len(utils.Cfg.RateLimitSettings.VaryByHeader) > 0 {
		vary.Headers = strings.Fields(utils.Cfg.RateLimitSettings.VaryByHeader)

		if utils.Cfg.RateLimitSettings.VaryByRemoteAddr {
			l4g.Warn(utils.T("api.server.start_server.rate.warn"))
			vary.RemoteAddr = false
		}
	}

	return &vary
}

func redirectHTTPToHTTPS(w http.ResponseWriter, r *http.Request) {
	if r.Host == "" {
		http.Error(w, "Not Found", http.StatusNotFound)
	}

	url := r.URL
	url.Host = r.Host
	url.Scheme = "https"
	http.Redirect(w, r, url.String(), http.StatusFound)
}

func (a *App) StartServer() {
	l4g.Info(utils.T("api.server.start_server.starting.info"))

	var handler http.Handler = &CorsWrapper{a.Srv.Router}

	if *utils.Cfg.RateLimitSettings.Enable {
		l4g.Info(utils.T("api.server.start_server.rate.info"))

		store, err := memstore.New(*utils.Cfg.RateLimitSettings.MemoryStoreSize)
		if err != nil {
			l4g.Critical(utils.T("api.server.start_server.rate_limiting_memory_store"))
			return
		}

		quota := throttled.RateQuota{
			MaxRate:  throttled.PerSec(*utils.Cfg.RateLimitSettings.PerSec),
			MaxBurst: *utils.Cfg.RateLimitSettings.MaxBurst,
		}

		rateLimiter, err := throttled.NewGCRARateLimiter(store, quota)
		if err != nil {
			l4g.Critical(utils.T("api.server.start_server.rate_limiting_rate_limiter"))
			return
		}

		httpRateLimiter := throttled.HTTPRateLimiter{
			RateLimiter: rateLimiter,
			VaryBy:      &VaryBy{},
			DeniedHandler: http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
				l4g.Error("%v: Denied due to throttling settings code=429 ip=%v", r.URL.Path, utils.GetIpAddress(r))
				throttled.DefaultDeniedHandler.ServeHTTP(w, r)
			}),
		}

		handler = httpRateLimiter.RateLimit(handler)
	}

	a.Srv.GracefulServer = &graceful.Server{
		Timeout: TIME_TO_WAIT_FOR_CONNECTIONS_TO_CLOSE_ON_SERVER_SHUTDOWN,
		Server: &http.Server{
			Addr:         *utils.Cfg.ServiceSettings.ListenAddress,
			Handler:      handlers.RecoveryHandler(handlers.RecoveryLogger(&RecoveryLogger{}), handlers.PrintRecoveryStack(true))(handler),
			ReadTimeout:  time.Duration(*utils.Cfg.ServiceSettings.ReadTimeout) * time.Second,
			WriteTimeout: time.Duration(*utils.Cfg.ServiceSettings.WriteTimeout) * time.Second,
		},
	}
	l4g.Info(utils.T("api.server.start_server.listening.info"), *utils.Cfg.ServiceSettings.ListenAddress)

	if *utils.Cfg.ServiceSettings.Forward80To443 {
		go func() {
			listener, err := net.Listen("tcp", ":80")
			if err != nil {
				l4g.Error("Unable to setup forwarding")
				return
			}
			defer listener.Close()

			http.Serve(listener, http.HandlerFunc(redirectHTTPToHTTPS))
		}()
	}

	go func() {
		var err error
		if *utils.Cfg.ServiceSettings.ConnectionSecurity == model.CONN_SECURITY_TLS {
			if *utils.Cfg.ServiceSettings.UseLetsEncrypt {
				var m letsencrypt.Manager
				m.CacheFile(*utils.Cfg.ServiceSettings.LetsEncryptCertificateCacheFile)

				tlsConfig := &tls.Config{
					GetCertificate: m.GetCertificate,
				}

				tlsConfig.NextProtos = append(tlsConfig.NextProtos, "h2")

				err = a.Srv.GracefulServer.ListenAndServeTLSConfig(tlsConfig)
			} else {
				err = a.Srv.GracefulServer.ListenAndServeTLS(*utils.Cfg.ServiceSettings.TLSCertFile, *utils.Cfg.ServiceSettings.TLSKeyFile)
			}
		} else {
			err = a.Srv.GracefulServer.ListenAndServe()
		}
		if err != nil {
			l4g.Critical(utils.T("api.server.start_server.starting.critical"), err)
			time.Sleep(time.Second)
		}
	}()
}

func (a *App) StopServer() {

	l4g.Info(utils.T("api.server.stop_server.stopping.info"))

	a.Srv.GracefulServer.Stop(TIME_TO_WAIT_FOR_CONNECTIONS_TO_CLOSE_ON_SERVER_SHUTDOWN)
	a.Srv.Store.Close()
	a.HubStop()

	a.ShutDownPlugins()

	l4g.Info(utils.T("api.server.stop_server.stopped.info"))
}
PLT-5860 Updated copyright date (#6058) * PLT-5860 Updated copyright date in about modal * PLT-5860 Updated copyright notice in JSX files * PLT-5860 Updated copyright notice in go files * Fixed misc copyright dates * Fixed component snapshots 2017-04-12 08:27:57 -04:00			`// Copyright (c) 2015-present Mattermost, Inc. All Rights Reserved.`
first commit 2015-06-14 23:53:32 -08:00			`// See License.txt for license information.`

PLT-4938 Add app package and move logic over from api package (#4931) * Add app package and move logic over from api package * Change app package functions to return errors * Move non-api tests into app package * Fix merge 2017-01-13 13:53:37 -05:00			`package app`
first commit 2015-06-14 23:53:32 -08:00
			`import (`
Adding ability to serve TLS directly from Mattermost server (#4119) 2016-10-03 16:03:15 -04:00			`"crypto/tls"`
			`"net"`
Modifications to rate limiting settings. (#4091) 2016-09-26 12:56:12 -04:00			`"net/http"`
			`"strings"`
			`"time"`

Upgrade logging package 2016-01-11 09:12:51 -06:00			`l4g "github.com/alecthomas/log4go"`
PLT-2057 User as a first class object (#2648) * Adding TeamMember to system * Fixing all unit tests on the backend * Fixing merge conflicts * Fixing merge conflict * Adding javascript unit tests * Adding TeamMember to system * Fixing all unit tests on the backend * Fixing merge conflicts * Fixing merge conflict * Adding javascript unit tests * Adding client side unit test * Cleaning up the clint side tests * Fixing msg * Adding more client side unit tests * Adding more using tests * Adding last bit of client side unit tests and adding make cmd * Fixing bad merge * Fixing libraries * Updating to new client side API * Fixing borken unit test * Fixing unit tests * ugg...trying to beat gofmt * ugg...trying to beat gofmt * Cleaning up remainder of the server side routes * Adding inital load api * Increased coverage of webhook unit tests (#2660) * Adding loading ... to root html * Fixing bad merge * Removing explicit content type so superagent will guess corectly (#2685) * Fixing merge and unit tests * Adding create team UI * Fixing signup flows * Adding LDAP unit tests and enterprise unit test helper (#2702) * Add the ability to reset MFA from the commandline (#2706) * Fixing compliance unit tests * Fixing client side tests * Adding open server to system console * Moving websocket connection * Fixing unit test * Fixing unit tests * Fixing unit tests * Adding nickname and more LDAP unit tests (#2717) * Adding join open teams * Cleaning up all TODOs in the code * Fixing web sockets * Removing unused webockets file * PLT-2533 Add the ability to reset a user's MFA from the system console (#2715) * Add the ability to reset a user's MFA from the system console * Add client side unit test for adminResetMfa * Reorganizing authentication to fix LDAP error message (#2723) * Fixing failing unit test * Initial upgrade db code * Adding upgrade script * Fixing upgrade script after running on core * Update OAuth and Claim routes to work with user model changes (#2739) * Fixing perminant deletion. Adding ability to delete all user and the entire database (#2740) * Fixing team invite ldap login call (#2741) * Fixing bluebar and some img stuff * Fix all the different file upload web utils (#2743) * Fixing invalid session redirect (#2744) * Redirect on bad channel name (#2746) * Fixing a bunch of issue and removing dead code * Patch to fix error message on leave channel (#2747) * Setting EnableOpenServer to false by default * Fixing config * Fixing upgrade * Fixing reported bugs * Bug fixes for PLT-2057 * PLT-2563 Redo password recovery to use a database table (#2745) * Redo password recovery to use a database table * Update reset password audits * Split out admin and user reset password APIs to be separate * Delete password recovery when user is permanently deleted * Consolidate password resetting into a single function * Removed private channels as an option for outgoing webhooks (#2752) * PLT-2577/PLT-2552 Fixes for backstage (#2753) * Added URL to incoming webhook list * Fixed client functions for adding/removing integrations * Disallowed slash commands without trigger words * Fixed clientside handling of errors on AddCommand page * Minor auth cleanup (#2758) * Changed EditPostModal to just close if you save without making any changes (#2759) * Renamed client -> Client in async_client.jsx and fixed eslint warnings (#2756) * Fixed url in channel info modal (#2755) * Fixing reported issues * Moving to version 3 of the apis * Fixing command unit tests (#2760) * Adding team admins * Fixing DM issue * Fixing eslint error * Properly set EditPostModal's originalText state in all cases (#2762) * Update client config check to assume features is defined if server is licensed (#2772) * Fixing url link * Fixing issue with websocket crashing when sending messages to different teams 2016-04-21 22:37:01 -07:00			`"github.com/gorilla/handlers"`
first commit 2015-06-14 23:53:32 -08:00			`"github.com/gorilla/mux"`
Adding ability to serve TLS directly from Mattermost server (#4119) 2016-10-03 16:03:15 -04:00			`"github.com/rsc/letsencrypt"`
			`"github.com/tylerb/graceful"`
Updating golang dependancies (#4075) 2016-09-23 10:17:51 -04:00			`"gopkg.in/throttled/throttled.v2"`
			`"gopkg.in/throttled/throttled.v2/store/memstore"`
Writing message to our logs when system panics and recovers (#6458) 2017-05-24 07:55:52 -07:00
Renaming repo 2017-09-06 23:05:10 -07:00			`"github.com/mattermost/mattermost-server/model"`
			`"github.com/mattermost/mattermost-server/store"`
Move sql store code into store/sqlstore package (#7502) * move sql store code into store/sqlstore package * move non-sql constants back up to store * fix api test * derp 2017-09-25 09:11:25 -05:00			`"github.com/mattermost/mattermost-server/store/sqlstore"`
Renaming repo 2017-09-06 23:05:10 -07:00			`"github.com/mattermost/mattermost-server/utils"`
first commit 2015-06-14 23:53:32 -08:00			`)`

			`type Server struct {`
PLT-4938 Add app package and move logic over from api package (#4931) * Add app package and move logic over from api package * Change app package functions to return errors * Move non-api tests into app package * Fix merge 2017-01-13 13:53:37 -05:00			`Store store.Store`
			`WebSocketRouter *WebSocketRouter`
			`Router *mux.Router`
			`GracefulServer *graceful.Server`
			`}`

			`var allowedMethods []string = []string{`
			`"POST",`
			`"GET",`
			`"OPTIONS",`
			`"PUT",`
			`"PATCH",`
			`"DELETE",`
first commit 2015-06-14 23:53:32 -08:00			`}`

Writing message to our logs when system panics and recovers (#6458) 2017-05-24 07:55:52 -07:00			`type RecoveryLogger struct {`
			`}`

			`func (rl *RecoveryLogger) Println(i ...interface{}) {`
			`l4g.Error("Please check the std error output for the stack trace")`
			`l4g.Error(i)`
			`}`

Add Cors Handler 2016-03-01 22:12:05 -03:00			`type CorsWrapper struct {`
			`router *mux.Router`
			`}`

PLT-4938 Add app package and move logic over from api package (#4931) * Add app package and move logic over from api package * Change app package functions to return errors * Move non-api tests into app package * Fix merge 2017-01-13 13:53:37 -05:00			`func (cw CorsWrapper) ServeHTTP(w http.ResponseWriter, r http.Request) {`
			`if len(*utils.Cfg.ServiceSettings.AllowCorsFrom) > 0 {`
Tweak WebSocket header-processing (#6929) * fix * consolidate code 2017-07-13 14:02:33 -07:00			`if utils.OriginChecker(r) {`
			`w.Header().Set("Access-Control-Allow-Origin", r.Header.Get("Origin"))`
PLT-4938 Add app package and move logic over from api package (#4931) * Add app package and move logic over from api package * Change app package functions to return errors * Move non-api tests into app package * Fix merge 2017-01-13 13:53:37 -05:00
			`if r.Method == "OPTIONS" {`
			`w.Header().Set(`
			`"Access-Control-Allow-Methods",`
			`strings.Join(allowedMethods, ", "))`

			`w.Header().Set(`
			`"Access-Control-Allow-Headers",`
			`r.Header.Get("Access-Control-Request-Headers"))`
			`}`
			`}`
			`}`

			`if r.Method == "OPTIONS" {`
			`return`
			`}`

			`cw.router.ServeHTTP(w, r)`
			`}`

Adding ability to serve TLS directly from Mattermost server (#4119) 2016-10-03 16:03:15 -04:00			`const TIME_TO_WAIT_FOR_CONNECTIONS_TO_CLOSE_ON_SERVER_SHUTDOWN = time.Second`

app type transition (#7167) 2017-09-06 17:12:54 -05:00			`func (a *App) NewServer() {`
Refactoring api to use translations (chunk 2) - Add spanish translations - Does not include tests - Add func to get the translations for a user locale 2016-01-22 01:37:11 -03:00			`l4g.Info(utils.T("api.server.new_server.init.info"))`
first commit 2015-06-14 23:53:32 -08:00
app type transition (#7167) 2017-09-06 17:12:54 -05:00			`a.Srv = &Server{}`
Improving command line interface (#4689) 2016-12-06 10:49:34 -05:00			`}`

app type transition (#7167) 2017-09-06 17:12:54 -05:00			`func (a *App) InitStores() {`
Move sql store code into store/sqlstore package (#7502) * move sql store code into store/sqlstore package * move non-sql constants back up to store * fix api test * derp 2017-09-25 09:11:25 -05:00			`a.Srv.Store = store.NewLayeredStore(sqlstore.NewSqlSupplier(a.Metrics), a.Metrics, a.Cluster)`
Improving command line interface (#4689) 2016-12-06 10:49:34 -05:00			`}`
first commit 2015-06-14 23:53:32 -08:00
Updating golang dependancies (#4075) 2016-09-23 10:17:51 -04:00			`type VaryBy struct{}`

			`func (m VaryBy) Key(r http.Request) string {`
PLT-4938 Add app package and move logic over from api package (#4931) * Add app package and move logic over from api package * Change app package functions to return errors * Move non-api tests into app package * Fix merge 2017-01-13 13:53:37 -05:00			`return utils.GetIpAddress(r)`
Updating golang dependancies (#4075) 2016-09-23 10:17:51 -04:00			`}`

			`func initalizeThrottledVaryBy() *throttled.VaryBy {`
			`vary := throttled.VaryBy{}`

			`if utils.Cfg.RateLimitSettings.VaryByRemoteAddr {`
			`vary.RemoteAddr = true`
			`}`

			`if len(utils.Cfg.RateLimitSettings.VaryByHeader) > 0 {`
			`vary.Headers = strings.Fields(utils.Cfg.RateLimitSettings.VaryByHeader)`

			`if utils.Cfg.RateLimitSettings.VaryByRemoteAddr {`
			`l4g.Warn(utils.T("api.server.start_server.rate.warn"))`
			`vary.RemoteAddr = false`
			`}`
			`}`

			`return &vary`
			`}`

Adding ability to serve TLS directly from Mattermost server (#4119) 2016-10-03 16:03:15 -04:00			`func redirectHTTPToHTTPS(w http.ResponseWriter, r *http.Request) {`
			`if r.Host == "" {`
			`http.Error(w, "Not Found", http.StatusNotFound)`
			`}`

			`url := r.URL`
			`url.Host = r.Host`
			`url.Scheme = "https"`
			`http.Redirect(w, r, url.String(), http.StatusFound)`
			`}`

app type transition (#7167) 2017-09-06 17:12:54 -05:00			`func (a *App) StartServer() {`
Refactoring api to use translations (chunk 2) - Add spanish translations - Does not include tests - Add func to get the translations for a user locale 2016-01-22 01:37:11 -03:00			`l4g.Info(utils.T("api.server.start_server.starting.info"))`
Fixes mm-1355 adds rate limiting apis 2015-07-29 01:26:10 -08:00
app type transition (#7167) 2017-09-06 17:12:54 -05:00			`var handler http.Handler = &CorsWrapper{a.Srv.Router}`
Fixes mm-1355 adds rate limiting apis 2015-07-29 01:26:10 -08:00
Modifications to rate limiting settings. (#4091) 2016-09-26 12:56:12 -04:00			`if *utils.Cfg.RateLimitSettings.Enable {`
Refactoring api to use translations (chunk 2) - Add spanish translations - Does not include tests - Add func to get the translations for a user locale 2016-01-22 01:37:11 -03:00			`l4g.Info(utils.T("api.server.start_server.rate.info"))`
Fixes mm-1355 adds rate limiting apis 2015-07-29 01:26:10 -08:00
set to default value with config is missing (#7320) 2017-08-31 01:54:16 +08:00			`store, err := memstore.New(*utils.Cfg.RateLimitSettings.MemoryStoreSize)`
Updating golang dependancies (#4075) 2016-09-23 10:17:51 -04:00			`if err != nil {`
			`l4g.Critical(utils.T("api.server.start_server.rate_limiting_memory_store"))`
			`return`
Fixes mm-1355 adds rate limiting apis 2015-07-29 01:26:10 -08:00			`}`

Updating golang dependancies (#4075) 2016-09-23 10:17:51 -04:00			`quota := throttled.RateQuota{`
set to default value with config is missing (#7320) 2017-08-31 01:54:16 +08:00			`MaxRate: throttled.PerSec(*utils.Cfg.RateLimitSettings.PerSec),`
Modifications to rate limiting settings. (#4091) 2016-09-26 12:56:12 -04:00			`MaxBurst: *utils.Cfg.RateLimitSettings.MaxBurst,`
Fixes mm-1355 adds rate limiting apis 2015-07-29 01:26:10 -08:00			`}`

Updating golang dependancies (#4075) 2016-09-23 10:17:51 -04:00			`rateLimiter, err := throttled.NewGCRARateLimiter(store, quota)`
			`if err != nil {`
			`l4g.Critical(utils.T("api.server.start_server.rate_limiting_rate_limiter"))`
			`return`
			`}`
Fixes mm-1355 adds rate limiting apis 2015-07-29 01:26:10 -08:00
Updating golang dependancies (#4075) 2016-09-23 10:17:51 -04:00			`httpRateLimiter := throttled.HTTPRateLimiter{`
			`RateLimiter: rateLimiter,`
			`VaryBy: &VaryBy{},`
			`DeniedHandler: http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {`
PLT-4938 Add app package and move logic over from api package (#4931) * Add app package and move logic over from api package * Change app package functions to return errors * Move non-api tests into app package * Fix merge 2017-01-13 13:53:37 -05:00			`l4g.Error("%v: Denied due to throttling settings code=429 ip=%v", r.URL.Path, utils.GetIpAddress(r))`
Updating golang dependancies (#4075) 2016-09-23 10:17:51 -04:00			`throttled.DefaultDeniedHandler.ServeHTTP(w, r)`
			`}),`
			`}`
Fixes mm-1355 adds rate limiting apis 2015-07-29 01:26:10 -08:00
Updating golang dependancies (#4075) 2016-09-23 10:17:51 -04:00			`handler = httpRateLimiter.RateLimit(handler)`
Fixes mm-1355 adds rate limiting apis 2015-07-29 01:26:10 -08:00			`}`

app type transition (#7167) 2017-09-06 17:12:54 -05:00			`a.Srv.GracefulServer = &graceful.Server{`
Adding ability to serve TLS directly from Mattermost server (#4119) 2016-10-03 16:03:15 -04:00			`Timeout: TIME_TO_WAIT_FOR_CONNECTIONS_TO_CLOSE_ON_SERVER_SHUTDOWN,`
			`Server: &http.Server{`
set to default value with config is missing (#7320) 2017-08-31 01:54:16 +08:00			`Addr: *utils.Cfg.ServiceSettings.ListenAddress,`
Writing message to our logs when system panics and recovers (#6458) 2017-05-24 07:55:52 -07:00			`Handler: handlers.RecoveryHandler(handlers.RecoveryLogger(&RecoveryLogger{}), handlers.PrintRecoveryStack(true))(handler),`
Adding ability to serve TLS directly from Mattermost server (#4119) 2016-10-03 16:03:15 -04:00			`ReadTimeout: time.Duration(utils.Cfg.ServiceSettings.ReadTimeout) time.Second,`
			`WriteTimeout: time.Duration(utils.Cfg.ServiceSettings.WriteTimeout) time.Second,`
			`},`
			`}`
set to default value with config is missing (#7320) 2017-08-31 01:54:16 +08:00			`l4g.Info(utils.T("api.server.start_server.listening.info"), *utils.Cfg.ServiceSettings.ListenAddress)`
Adding ability to serve TLS directly from Mattermost server (#4119) 2016-10-03 16:03:15 -04:00
			`if *utils.Cfg.ServiceSettings.Forward80To443 {`
			`go func() {`
			`listener, err := net.Listen("tcp", ":80")`
			`if err != nil {`
			`l4g.Error("Unable to setup forwarding")`
			`return`
			`}`
			`defer listener.Close()`

			`http.Serve(listener, http.HandlerFunc(redirectHTTPToHTTPS))`
			`}()`
			`}`

first commit 2015-06-14 23:53:32 -08:00			`go func() {`
Adding ability to serve TLS directly from Mattermost server (#4119) 2016-10-03 16:03:15 -04:00			`var err error`
			`if *utils.Cfg.ServiceSettings.ConnectionSecurity == model.CONN_SECURITY_TLS {`
			`if *utils.Cfg.ServiceSettings.UseLetsEncrypt {`
			`var m letsencrypt.Manager`
			`m.CacheFile(*utils.Cfg.ServiceSettings.LetsEncryptCertificateCacheFile)`

			`tlsConfig := &tls.Config{`
			`GetCertificate: m.GetCertificate,`
			`}`

			`tlsConfig.NextProtos = append(tlsConfig.NextProtos, "h2")`

app type transition (#7167) 2017-09-06 17:12:54 -05:00			`err = a.Srv.GracefulServer.ListenAndServeTLSConfig(tlsConfig)`
Adding ability to serve TLS directly from Mattermost server (#4119) 2016-10-03 16:03:15 -04:00			`} else {`
app type transition (#7167) 2017-09-06 17:12:54 -05:00			`err = a.Srv.GracefulServer.ListenAndServeTLS(utils.Cfg.ServiceSettings.TLSCertFile, utils.Cfg.ServiceSettings.TLSKeyFile)`
Adding ability to serve TLS directly from Mattermost server (#4119) 2016-10-03 16:03:15 -04:00			`}`
			`} else {`
app type transition (#7167) 2017-09-06 17:12:54 -05:00			`err = a.Srv.GracefulServer.ListenAndServe()`
Adding ability to serve TLS directly from Mattermost server (#4119) 2016-10-03 16:03:15 -04:00			`}`
first commit 2015-06-14 23:53:32 -08:00			`if err != nil {`
Refactoring api to use translations (chunk 2) - Add spanish translations - Does not include tests - Add func to get the translations for a user locale 2016-01-22 01:37:11 -03:00			`l4g.Critical(utils.T("api.server.start_server.starting.critical"), err)`
first commit 2015-06-14 23:53:32 -08:00			`time.Sleep(time.Second)`
			`}`
			`}()`
			`}`

app type transition (#7167) 2017-09-06 17:12:54 -05:00			`func (a *App) StopServer() {`
first commit 2015-06-14 23:53:32 -08:00
Refactoring api to use translations (chunk 2) - Add spanish translations - Does not include tests - Add func to get the translations for a user locale 2016-01-22 01:37:11 -03:00			`l4g.Info(utils.T("api.server.stop_server.stopping.info"))`
first commit 2015-06-14 23:53:32 -08:00
app type transition (#7167) 2017-09-06 17:12:54 -05:00			`a.Srv.GracefulServer.Stop(TIME_TO_WAIT_FOR_CONNECTIONS_TO_CLOSE_ON_SERVER_SHUTDOWN)`
			`a.Srv.Store.Close()`
remove remaining Global() calls (outside of tests) (#7521) 2017-09-27 11:52:34 -05:00			`a.HubStop()`
first commit 2015-06-14 23:53:32 -08:00
PLT-7407: Back-end plugins (#7409) * tie back-end plugins together * fix comment typo * add tests and a bit of polish * tests and polish * add test, don't let backend executable paths escape the plugin directory 2017-09-11 10:02:02 -05:00			`a.ShutDownPlugins()`
Implement experimental REST API endpoints for plugins (#7279) * Implement experimental REST API endpoints for plugins * Updates per feedback and rebase * Update tests * Further updates * Update extraction of plugins * Use OS temp dir for plugins instead of search path * Fail extraction on paths that attempt to traverse upward * Update pluginenv ActivePlugins() 2017-09-01 09:00:27 -04:00
PLT-7407: Back-end plugins (#7409) * tie back-end plugins together * fix comment typo * add tests and a bit of polish * tests and polish * add test, don't let backend executable paths escape the plugin directory 2017-09-11 10:02:02 -05:00			`l4g.Info(utils.T("api.server.stop_server.stopped.info"))`
Implement experimental REST API endpoints for plugins (#7279) * Implement experimental REST API endpoints for plugins * Updates per feedback and rebase * Update tests * Further updates * Update extraction of plugins * Use OS temp dir for plugins instead of search path * Fail extraction on paths that attempt to traverse upward * Update pluginenv ActivePlugins() 2017-09-01 09:00:27 -04:00			`}`