pitchfork_cli/
daemon.rs

1use crate::daemon_id::DaemonId;
2use crate::daemon_status::DaemonStatus;
3use crate::pitchfork_toml::CronRetrigger;
4use indexmap::IndexMap;
5use std::fmt::Display;
6use std::path::PathBuf;
7
8/// Validates a daemon ID to ensure it's safe for use in file paths and IPC.
9///
10/// A valid daemon ID:
11/// - Is not empty
12/// - Does not contain backslashes (`\`)
13/// - Does not contain parent directory references (`..`)
14/// - Does not contain spaces
15/// - Does not contain `--` (reserved for path encoding of `/`)
16/// - Is not `.` (current directory)
17/// - Contains only printable ASCII characters
18/// - If qualified (contains `/`), has exactly one `/` separating namespace and short ID
19///
20/// Format: `[namespace/]short_id`
21/// - Qualified: `project/api`, `global/web`
22/// - Short: `api`, `web`
23///
24/// This validation prevents path traversal attacks when daemon IDs are used
25/// to construct log file paths or other filesystem operations.
26pub fn is_valid_daemon_id(id: &str) -> bool {
27    if id.contains('/') {
28        DaemonId::parse(id).is_ok()
29    } else {
30        DaemonId::try_new("global", id).is_ok()
31    }
32}
33
34/// Converts a daemon ID to a filesystem-safe path component.
35///
36/// Replaces `/` with `--` to avoid issues with filesystem path separators.
37///
38/// Examples:
39/// - `"api"` → `"api"`
40/// - `"global/api"` → `"global--api"`
41/// - `"project-a/api"` → `"project-a--api"`
42pub fn daemon_id_to_path(id: &str) -> String {
43    id.replace('/', "--")
44}
45
46/// Returns the main log file path for a daemon.
47///
48/// The path is computed as: `$PITCHFORK_LOGS_DIR/{safe_id}/{safe_id}.log`
49/// where `safe_id` has `/` replaced with `--` for filesystem safety.
50///
51/// Prefer using `DaemonId::log_path()` when you have a structured ID.
52pub fn daemon_log_path(id: &str) -> std::path::PathBuf {
53    let safe_id = daemon_id_to_path(id);
54    crate::env::PITCHFORK_LOGS_DIR
55        .join(&safe_id)
56        .join(format!("{safe_id}.log"))
57}
58
59#[derive(Debug, Clone, serde::Serialize, serde::Deserialize)]
60pub struct Daemon {
61    pub id: DaemonId,
62    pub title: Option<String>,
63    pub pid: Option<u32>,
64    pub shell_pid: Option<u32>,
65    pub status: DaemonStatus,
66    pub dir: Option<PathBuf>,
67    #[serde(skip_serializing_if = "Option::is_none", default)]
68    pub cmd: Option<Vec<String>>,
69    pub autostop: bool,
70    #[serde(skip_serializing_if = "Option::is_none", default)]
71    pub cron_schedule: Option<String>,
72    #[serde(skip_serializing_if = "Option::is_none", default)]
73    pub cron_retrigger: Option<CronRetrigger>,
74    #[serde(skip_serializing_if = "Option::is_none", default)]
75    pub last_cron_triggered: Option<chrono::DateTime<chrono::Local>>,
76    #[serde(skip_serializing_if = "Option::is_none", default)]
77    pub last_exit_success: Option<bool>,
78    #[serde(default)]
79    pub retry: u32,
80    #[serde(default)]
81    pub retry_count: u32,
82    #[serde(skip_serializing_if = "Option::is_none", default)]
83    pub ready_delay: Option<u64>,
84    #[serde(skip_serializing_if = "Option::is_none", default)]
85    pub ready_output: Option<String>,
86    #[serde(skip_serializing_if = "Option::is_none", default)]
87    pub ready_http: Option<String>,
88    #[serde(skip_serializing_if = "Option::is_none", default)]
89    pub ready_port: Option<u16>,
90    #[serde(skip_serializing_if = "Option::is_none", default)]
91    pub ready_cmd: Option<String>,
92    /// Expected ports from configuration (before auto-bump resolution)
93    #[serde(skip_serializing_if = "Vec::is_empty", default)]
94    pub expected_port: Vec<u16>,
95    /// Resolved ports actually used after auto-bump (may differ from expected)
96    #[serde(skip_serializing_if = "Vec::is_empty", default)]
97    pub resolved_port: Vec<u16>,
98    #[serde(default)]
99    pub auto_bump_port: bool,
100    #[serde(default)]
101    pub port_bump_attempts: u32,
102    #[serde(skip_serializing_if = "Vec::is_empty", default)]
103    pub depends: Vec<DaemonId>,
104    #[serde(skip_serializing_if = "Option::is_none", default)]
105    pub env: Option<IndexMap<String, String>>,
106    #[serde(skip_serializing_if = "Vec::is_empty", default)]
107    pub watch: Vec<String>,
108    #[serde(skip_serializing_if = "Option::is_none", default)]
109    pub watch_base_dir: Option<PathBuf>,
110}
111
112#[derive(Clone, Debug, serde::Serialize, serde::Deserialize)]
113pub struct RunOptions {
114    pub id: DaemonId,
115    pub cmd: Vec<String>,
116    pub force: bool,
117    pub shell_pid: Option<u32>,
118    pub dir: PathBuf,
119    pub autostop: bool,
120    pub cron_schedule: Option<String>,
121    pub cron_retrigger: Option<CronRetrigger>,
122    pub retry: u32,
123    pub retry_count: u32,
124    pub ready_delay: Option<u64>,
125    pub ready_output: Option<String>,
126    pub ready_http: Option<String>,
127    pub ready_port: Option<u16>,
128    pub ready_cmd: Option<String>,
129    pub expected_port: Vec<u16>,
130    pub auto_bump_port: bool,
131    pub port_bump_attempts: u32,
132    pub wait_ready: bool,
133    #[serde(skip_serializing_if = "Vec::is_empty", default)]
134    pub depends: Vec<DaemonId>,
135    #[serde(skip_serializing_if = "Option::is_none", default)]
136    pub env: Option<IndexMap<String, String>>,
137    #[serde(skip_serializing_if = "Vec::is_empty", default)]
138    pub watch: Vec<String>,
139    #[serde(skip_serializing_if = "Option::is_none", default)]
140    pub watch_base_dir: Option<PathBuf>,
141}
142
143impl Display for Daemon {
144    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
145        write!(f, "{}", self.id.qualified())
146    }
147}
148
149#[cfg(test)]
150mod tests {
151    use super::*;
152
153    #[test]
154    fn test_valid_daemon_ids() {
155        // Short IDs
156        assert!(is_valid_daemon_id("myapp"));
157        assert!(is_valid_daemon_id("my-app"));
158        assert!(is_valid_daemon_id("my_app"));
159        assert!(is_valid_daemon_id("my.app"));
160        assert!(is_valid_daemon_id("MyApp123"));
161
162        // Qualified IDs (namespace/short_id)
163        assert!(is_valid_daemon_id("project/api"));
164        assert!(is_valid_daemon_id("global/web"));
165        assert!(is_valid_daemon_id("my-project/my-app"));
166    }
167
168    #[test]
169    fn test_invalid_daemon_ids() {
170        // Empty
171        assert!(!is_valid_daemon_id(""));
172
173        // Multiple slashes (invalid qualified format)
174        assert!(!is_valid_daemon_id("a/b/c"));
175        assert!(!is_valid_daemon_id("../etc/passwd"));
176
177        // Invalid qualified format (empty parts)
178        assert!(!is_valid_daemon_id("/api"));
179        assert!(!is_valid_daemon_id("project/"));
180
181        // Backslashes
182        assert!(!is_valid_daemon_id("foo\\bar"));
183
184        // Parent directory reference
185        assert!(!is_valid_daemon_id(".."));
186        assert!(!is_valid_daemon_id("foo..bar"));
187
188        // Double dash (reserved for path encoding)
189        assert!(!is_valid_daemon_id("my--app"));
190        assert!(!is_valid_daemon_id("project--api"));
191        assert!(!is_valid_daemon_id("--app"));
192        assert!(!is_valid_daemon_id("app--"));
193
194        // Spaces
195        assert!(!is_valid_daemon_id("my app"));
196        assert!(!is_valid_daemon_id(" myapp"));
197        assert!(!is_valid_daemon_id("myapp "));
198
199        // Current directory
200        assert!(!is_valid_daemon_id("."));
201
202        // Control characters
203        assert!(!is_valid_daemon_id("my\x00app"));
204        assert!(!is_valid_daemon_id("my\napp"));
205        assert!(!is_valid_daemon_id("my\tapp"));
206
207        // Non-ASCII
208        assert!(!is_valid_daemon_id("myäpp"));
209        assert!(!is_valid_daemon_id("приложение"));
210
211        // Unsupported punctuation under DaemonId rules
212        assert!(!is_valid_daemon_id("app@host"));
213        assert!(!is_valid_daemon_id("app:8080"));
214    }
215}
pitchfork_cli/daemon.rs

pitchfork_cli/
daemon.rs
