lerkolabs/uptop
1
1
Fork 0
Code Issues 1 Pull Requests 1 Actions Packages Projects Releases 2 Wiki Activity
Files
0e6dc774cb55048112ac6e5bf3690a00469cd96f
uptop/internal/cluster/cluster.go
T
lerko 11848ce674 fix(security): harden TLS, timeouts, validation, logging, and token generation 
- Default TLS verification on, opt-in UPKEEP_INSECURE_SKIP_VERIFY
- Alert webhooks use 10s timeout client, close response bodies
- URL input validates http/https scheme for HTTP monitors
- Stdlib logs route to stderr instead of discard
- Panic on crypto/rand failure in token generation
- Cluster startup warnings for non-HTTPS and missing secret
- Replace demo SMTP creds with obvious placeholders
- Color-coded log entries and scroll hints in logs tab
2026-05-14 15:28:04 -04:00

77 lines
1.8 KiB
Go
Raw Blame History

package cluster
import (
"fmt"
"go-upkeep/internal/monitor"
"net/http"
"strings"
"time"
)
type Config struct {
Mode string // "leader" or "follower"
PeerURL string // URL of the Leader (e.g., http://primary:8080)
SharedKey string // Security Key
}
func Start(cfg Config) {
if cfg.Mode == "leader" {
fmt.Println("Cluster: Running as LEADER (Active)")
if cfg.SharedKey != "" {
fmt.Println("WARNING: Cluster mode enabled. Ensure the HTTP server is behind a TLS-terminating proxy.")
}
monitor.SetEngineActive(true)
return
}
if cfg.Mode == "follower" {
fmt.Println("Cluster: Running as FOLLOWER (Passive)")
if cfg.PeerURL != "" && !strings.HasPrefix(cfg.PeerURL, "https://") {
fmt.Println("WARNING: Cluster peer URL is not HTTPS. Cluster secret will be sent in cleartext.")
}
monitor.SetEngineActive(false)
go runFollowerLoop(cfg)
}
}
func runFollowerLoop(cfg Config) {
client := http.Client{Timeout: 2 * time.Second}
// Failover Configuration
failures := 0
threshold := 3
for {
time.Sleep(5 * time.Second)
req, _ := http.NewRequest("GET", cfg.PeerURL+"/api/health", nil)
if cfg.SharedKey != "" {
req.Header.Set("X-Upkeep-Secret", cfg.SharedKey)
}
resp, err := client.Do(req)
isLeaderHealthy := false
if err == nil && resp.StatusCode == 200 {
isLeaderHealthy = true
resp.Body.Close()
}
if isLeaderHealthy {
failures = 0
if monitor.IsEngineActive() {
// Leader is back, yield
monitor.SetEngineActive(false)
monitor.AddLog("Cluster: Leader detected. Switching to PASSIVE.")
}
} else {
failures++
// If failures exceed threshold, take over
if failures >= threshold && !monitor.IsEngineActive() {
monitor.SetEngineActive(true)
monitor.AddLog("Cluster: Leader Unreachable. Switching to ACTIVE.")
}
}
}
}
Reference in New Issue View Git Blame Copy Permalink