Simplify HTTP configuration (#3840)

* Extract HTTP-related settings into HttpConfiguration

* Remove web_* configuration settings

* WIP - Replace rest_* configuration settings

* Make slash at the end of a web interface route optional.

* Properly rewrite location when synchronizing range with browser query.

* Use normalized URIs in Routes.qualifyUrls

* Improve documentation for http_* settings

[ci skip]

* Add section to upgrade notes

[ci skip]

* Fix link in upgrade notes

[ci skip]

* Use correct default for `web_thread_pool_size` in UPGRADING.rst

* Use GRAYLOG_DEFAULT_PORT constant instead of magic literal

* Inline single line HttpConfiguration#getUriScheme(boolean)

* Make HttpConfiguration#getDefaultHttpUri(String) private

* Remove unnecessary "namePrefix" parameter from JerseyService#setUp()

* Add support for IPv6 wildcard addresses in HttpConfiguration

UPGRADING.rst

@@ -1,9 +1,82 @@
 **************************
-Upgrading to Graylog 2.4.x
+Upgrading to Graylog 3.0.x
 **************************
 
-.. _upgrade-from-23-to-24:
+.. _upgrade-from-24-to-30:
 
 This file only contains the upgrade note for the upcoming release.
 Please see `our documentation <http://docs.graylog.org/en/latest/pages/upgrade.html>`_
 for the complete upgrade notes.
+
+Simplified HTTP interface configuration
+=======================================
+
+Graylog used to have a lot of different settings regarding the various HTTP interfaces it provides, namely the Graylog REST API and the Graylog web interface.
+
+This mostly originates from the fact that Graylog used to consist of two components before Graylog 2.0.0, a server component and a separate web interface.
+
+The changes in this release finally merge the HTTP listeners for the Graylog REST API and web interface into a single HTTP listener, which should make the initial configuration of Graylog simpler and reduce errors caused by conflicting settings.
+
+The path of the Graylog REST API is now hard-coded to ``/api``, so if you're still using the legacy URI on port 12900/tcp or have been using a custom path (via the ``rest_listen_uri`` or ``rest_transport_uri`` settings), you'll have to update the URI used to access the Graylog REST API.
+
+For a more detailed description of the new HTTP settings, please consult the annotated `Graylog configuration file <https://github.com/Graylog2/graylog2-server/blob/d9bb656275eeac7027e3fe12d9ee1b6a0905dcd1/misc/graylog.conf#L79-L81>`__.
+
+
+Overview of deprecated Graylog REST API settings:
+
++----------------------------------+----------------------------------+--------------------------------+
+| Deprecated Setting               | New Setting                      | Default                        |
++==================================+==================================+================================+
+| ``rest_listen_uri``              | ``http_bind_address``            | ``127.0.0.1:9000``             |
++----------------------------------+----------------------------------+--------------------------------+
+| ``rest_transport_uri``           | ``http_publish_uri``             | ``http://$http_bind_address/`` |
++----------------------------------+----------------------------------+--------------------------------+
+| ``web_endpoint_uri``             | ``http_external_uri``            | ``$http_publish_uri``          |
++----------------------------------+----------------------------------+--------------------------------+
+| ``rest_enable_cors``             | ``http_enable_cors``             | ``true``                       |
++----------------------------------+----------------------------------+--------------------------------+
+| ``rest_enable_gzip``             | ``http_enable_gzip``             | ``true``                       |
++----------------------------------+----------------------------------+--------------------------------+
+| ``rest_max_header_size``         | ``http_max_header_size``         | ``8192``                       |
++----------------------------------+----------------------------------+--------------------------------+
+| ``rest_max_initial_line_length`` | ``http_max_initial_line_length`` | ``4096``                       |
++----------------------------------+----------------------------------+--------------------------------+
+| ``rest_thread_pool_size``        | ``http_thread_pool_size``        | ``16``                         |
++----------------------------------+----------------------------------+--------------------------------+
+| ``rest_enable_tls``              | ``http_enable_tls``              | ``false``                      |
++----------------------------------+----------------------------------+--------------------------------+
+| ``rest_tls_cert_file``           | ``http_tls_cert_file``           | Empty                          |
++----------------------------------+----------------------------------+--------------------------------+
+| ``rest_tls_key_file``            | ``http_tls_key_file``            | Empty                          |
++----------------------------------+----------------------------------+--------------------------------+
+| ``rest_tls_key_password``        | ``http_tls_key_password``        | Empty                          |
++----------------------------------+----------------------------------+--------------------------------+
+
+
+Overview of deprecated Graylog web interface settings:
+
++---------------------------------+----------------------------------+--------------------+
+| Deprecated Setting              | New Setting                      | Default            |
++=================================+==================================+====================+
+| ``web_enable``                  | None                             |                    |
++---------------------------------+----------------------------------+--------------------+
+| ``web_listen_uri``              | ``http_bind_address``            | ``127.0.0.1:9000`` |
++---------------------------------+----------------------------------+--------------------+
+| ``web_enable_cors``             | ``http_enable_cors``             | ``true``           |
++---------------------------------+----------------------------------+--------------------+
+| ``web_enable_gzip``             | ``http_enable_gzip``             | ``true``           |
++---------------------------------+----------------------------------+--------------------+
+| ``web_max_header_size``         | ``http_max_header_size``         | ``8192``           |
++---------------------------------+----------------------------------+--------------------+
+| ``web_max_initial_line_length`` | ``http_max_initial_line_length`` | ``4096``           |
++---------------------------------+----------------------------------+--------------------+
+| ``web_thread_pool_size``        | ``http_thread_pool_size``        | ``16``             |
++---------------------------------+----------------------------------+--------------------+
+| ``web_enable_tls``              | ``http_enable_tls``              | ``false``          |
++---------------------------------+----------------------------------+--------------------+
+| ``web_tls_cert_file``           | ``http_tls_cert_file``           | Empty              |
++---------------------------------+----------------------------------+--------------------+
+| ``web_tls_key_file``            | ``http_tls_key_file``            | Empty              |
++---------------------------------+----------------------------------+--------------------+
+| ``web_tls_key_password``        | ``http_tls_key_password``        | Empty              |
++---------------------------------+----------------------------------+--------------------+

graylog2-server/src/main/java/org/graylog2/Configuration.java

@@ -26,20 +26,16 @@
 import com.github.joschi.jadconfig.validators.PositiveIntegerValidator;
 import com.github.joschi.jadconfig.validators.PositiveLongValidator;
 import com.github.joschi.jadconfig.validators.StringNotBlankValidator;
-import com.github.joschi.jadconfig.validators.URIAbsoluteValidator;
 import org.graylog2.plugin.BaseConfiguration;
 import org.graylog2.utilities.IPSubnetConverter;
 import org.graylog2.utilities.IpSubnet;
 import org.joda.time.DateTimeZone;
 
-import java.net.URI;
 import java.nio.file.Path;
 import java.nio.file.Paths;
 import java.util.Collections;
 import java.util.Set;
 
-import static org.graylog2.plugin.Tools.normalizeURI;
-
 /**
  * Helper class to hold configuration of Graylog
  */
@@ -51,12 +47,6 @@ public class Configuration extends BaseConfiguration {
     @Parameter(value = "password_secret", required = true, validator = StringNotBlankValidator.class)
     private String passwordSecret;
 
-    @Parameter(value = "rest_listen_uri", required = true, validator = URIAbsoluteValidator.class)
-    private URI restListenUri = URI.create("http://127.0.0.1:" + GRAYLOG_DEFAULT_PORT + "/api/");
-
-    @Parameter(value = "web_listen_uri", required = true, validator = URIAbsoluteValidator.class)
-    private URI webListenUri = URI.create("http://127.0.0.1:" + GRAYLOG_DEFAULT_WEB_PORT + "/");
-
     @Parameter(value = "output_batch_size", required = true, validator = PositiveIntegerValidator.class)
     private int outputBatchSize = 500;
 
@@ -204,16 +194,6 @@ public String getNodeIdFile() {
         return nodeIdFile;
     }
 
-    @Override
-    public URI getRestListenUri() {
-        return normalizeURI(restListenUri, getRestUriScheme(), GRAYLOG_DEFAULT_PORT, "/");
-    }
-
-    @Override
-    public URI getWebListenUri() {
-        return normalizeURI(webListenUri, getWebUriScheme(), GRAYLOG_DEFAULT_WEB_PORT, "/");
-    }
-
     public String getRootUsername() {
         return rootUsername;
     }
@@ -326,17 +306,4 @@ public void validatePasswordSecret() throws ValidationException {
             throw new ValidationException("The minimum length for \"password_secret\" is 16 characters.");
         }
     }
-
-    @ValidatorMethod
-    @SuppressWarnings("unused")
-    public void validateNetworkInterfaces() throws ValidationException {
-        final URI restListenUri = getRestListenUri();
-        final URI webListenUri = getWebListenUri();
-
-        if (restListenUri.getPort() == webListenUri.getPort() &&
-                !restListenUri.getHost().equals(webListenUri.getHost()) &&
-                (WILDCARD_IP_ADDRESS.equals(restListenUri.getHost()) || WILDCARD_IP_ADDRESS.equals(webListenUri.getHost()))) {
-            throw new ValidationException("Wildcard IP addresses cannot be used if the Graylog REST API and web interface listen on the same port.");
-        }
-    }
 }

graylog2-server/src/main/java/org/graylog2/cluster/NodeService.java

@@ -23,7 +23,7 @@
 import java.util.Map;
 
 public interface NodeService extends PersistedService {
-    String registerServer(String nodeId, boolean isMaster, URI restTransportUri, String hostname);
+    String registerServer(String nodeId, boolean isMaster, URI httpPublishUri, String hostname);
 
     Node byNodeId(String nodeId) throws NodeNotFoundException;
 

graylog2-server/src/main/java/org/graylog2/cluster/NodeServiceImpl.java

@@ -42,13 +42,13 @@ public NodeServiceImpl(final MongoConnection mongoConnection, final Configuratio
     }
 
     @Override
-    public String registerServer(String nodeId, boolean isMaster, URI restTransportUri, String hostname) {
+    public String registerServer(String nodeId, boolean isMaster, URI httpPublishUri, String hostname) {
         Map<String, Object> fields = Maps.newHashMap();
         fields.put("last_seen", Tools.getUTCTimestamp());
         fields.put("node_id", nodeId);
         fields.put("type", Node.Type.SERVER.toString());
         fields.put("is_master", isMaster);
-        fields.put("transport_address", restTransportUri.toString());
+        fields.put("transport_address", httpPublishUri.toString());
         fields.put("hostname", hostname);
 
         try {

graylog2-server/src/main/java/org/graylog2/commands/Server.java

@@ -46,6 +46,7 @@
 import org.graylog2.configuration.ElasticsearchClientConfiguration;
 import org.graylog2.configuration.ElasticsearchConfiguration;
 import org.graylog2.configuration.EmailConfiguration;
+import org.graylog2.configuration.HttpConfiguration;
 import org.graylog2.configuration.MongoDbConfiguration;
 import org.graylog2.configuration.VersionCheckConfiguration;
 import org.graylog2.dashboards.DashboardBindings;
@@ -85,6 +86,7 @@ public class Server extends ServerBootstrap {
     private static final Logger LOG = LoggerFactory.getLogger(Server.class);
 
     private static final Configuration configuration = new Configuration();
+    private final HttpConfiguration httpConfiguration = new HttpConfiguration();
     private final ElasticsearchConfiguration elasticsearchConfiguration = new ElasticsearchConfiguration();
     private final ElasticsearchClientConfiguration elasticsearchClientConfiguration = new ElasticsearchClientConfiguration();
     private final EmailConfiguration emailConfiguration = new EmailConfiguration();
@@ -137,6 +139,7 @@ protected List<Module> getCommandBindings() {
     @Override
     protected List<Object> getCommandConfigurationBeans() {
         return Arrays.asList(configuration,
+                httpConfiguration,
                 elasticsearchConfiguration,
                 elasticsearchClientConfiguration,
                 emailConfiguration,
@@ -153,7 +156,7 @@ protected void startNodeRegistration(Injector injector) {
         final ActivityWriter activityWriter = injector.getInstance(ActivityWriter.class);
         nodeService.registerServer(serverStatus.getNodeId().toString(),
                 configuration.isMaster(),
-                configuration.getRestTransportUri(),
+                httpConfiguration.getHttpPublishUri(),
                 Tools.getLocalCanonicalHostname());
         serverStatus.setLocalMode(isLocal());
         if (configuration.isMaster() && !nodeService.isOnlyMaster(serverStatus.getNodeId())) {