Better trie implementations

cmd/styx/config.go

@@ -3,6 +3,10 @@ package main
 import (
 	"crypto/tls"
 	"fmt"
+	"os"
+	"path/filepath"
+	"strings"
+	"time"
 
 	"github.com/hashicorp/hcl/v2"
 	"github.com/hashicorp/hcl/v2/gohcl"
@@ -24,8 +28,25 @@ type Config struct {
 }
 
 func (c Config) Proxies(log logger.Structured) ([]*proxy.Proxy, error) {
+	log.Debug("Loading policies")
 	policies := make(map[string]*policy.Policy)
 	for _, pc := range c.Policy {
+		if !filepath.IsAbs(pc.Path) {
+			var err error
+			if pc.Path, err = filepath.Abs(pc.Path); err != nil {
+				return nil, fmt.Errorf("invalid policy path: %w", err)
+			}
+		}
+		if pc.Package == "" {
+			var err error
+			if pc.Package, err = policy.PackageFromFile(pc.Path); err != nil {
+				return nil, fmt.Errorf("can't determine package in %s: %w", pc.Path, err)
+			}
+		}
+		log.Values(logger.Values{
+			"path":    pc.Path,
+			"package": pc.Package,
+		}).Debug("Loading policy definition")
 		p, err := policy.New(pc.Path, pc.Package)
 		if err != nil {
 			return nil, fmt.Errorf("policy %s: %w", pc.Name, err)
@@ -39,6 +60,7 @@ func (c Config) Proxies(log logger.Structured) ([]*proxy.Proxy, error) {
 		onForward  []proxy.ForwardHandler
 		onResponse []proxy.ResponseHandler
 	)
+	log.Debug("Resolving policy handlers")
 	for _, name := range c.Proxy.On.Request {
 		log.Value("policy", name).Debug("Resolving request policy")
 		p, ok := policies[name]
@@ -109,10 +131,18 @@ type PortTLSConfig struct {
 }
 
 func (c PortConfig) Proxy() (*proxy.Proxy, error) {
-	p := proxy.New()
+	log := logger.StandardLog.Value("port", c.Listen)
+	port := proxy.New()
 	if c.Transparent > 0 {
-		p.OnConnect = append(p.OnConnect, proxy.Transparent(c.Transparent))
+		log.Debug("Configuring transparent proxy handler")
+		port.OnConnect = append(port.OnConnect, proxy.Transparent(c.Transparent))
 	} else if c.TLS != nil {
+		if strings.ContainsRune(c.TLS.Cert, os.PathSeparator) {
+			log = log.Value("cert", c.TLS.Cert)
+		} else {
+			log = log.Value("cert", "<data>")
+		}
+		log.Debug("Configuring TLS handler")
 		cert, err := cryptutil.LoadTLSCertificate(c.TLS.Cert, c.TLS.Key)
 		if err != nil {
 			return nil, err
@@ -121,6 +151,7 @@ func (c PortConfig) Proxy() (*proxy.Proxy, error) {
 		config := new(tls.Config)
 		config.Certificates = []tls.Certificate{cert}
 		if c.TLS.CA != "" {
+			log.Value("ca", c.TLS.CA).Debug("Loading trusted roots")
 			roots, err := cryptutil.LoadRoots(c.TLS.CA)
 			if err != nil {
 				return nil, err
@@ -128,9 +159,9 @@ func (c PortConfig) Proxy() (*proxy.Proxy, error) {
 			config.RootCAs = roots
 		}
 
-		p.OnConnect = append(p.OnConnect, proxy.TLS(config))
+		port.OnConnect = append(port.OnConnect, proxy.TLS(config))
 	}
-	return p, nil
+	return port, nil
 }
 
 type ProxyPolicyConfig struct {
@@ -177,17 +208,23 @@ func (c DataConfig) Configure() error {
 	return nil
 }
 
-func (c DataConfig) OpenStorage() (dataset.Storage, error) {
+func (c DataConfig) OpenStorage() (s dataset.Storage, err error) {
+	var cache time.Duration
 	switch c.Storage.Type {
 	case "", "bolt", "boltdb":
 		var config struct {
-			Path string `hcl:"path"`
+			Path  string  `hcl:"path"`
+			Cache float64 `hcl:"cache,optional"`
 		}
 		if diag := gohcl.DecodeBody(c.Storage.Body, nil, &config); diag.HasErrors() {
 			return nil, diag
 		}
-		//return dataset.OpenBolt(config.Path)
-		return dataset.OpenBStore(config.Path)
+		if s, err = dataset.OpenBStore(config.Path); err != nil {
+			return
+		}
+		if config.Cache > 0 {
+			cache = time.Duration(config.Cache * float64(time.Second))
+		}
 
 	/*
 		case "sqlite", "sqlite3":
@@ -203,6 +240,11 @@ func (c DataConfig) OpenStorage() (dataset.Storage, error) {
 	default:
 		return nil, fmt.Errorf("storage: no %q driver", c.Storage.Type)
 	}
+
+	if s != nil && cache > 0 {
+		return dataset.Cache(s, cache), nil
+	}
+	return
 }
 
 type DataStorageConfig struct {