Improve client port handling and fix IPv6 client port testing

Using [golines](https://github.com/segmentio/golines):
`golines -w .`

.github/workflows/main.yml

@@ -0,0 +1,66 @@
+name: CI
+
+on:
+  push:
+    branches:
+      - main
+    tags:
+      - '*'
+  pull_request:
+
+jobs:
+  tests:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2.4.0
+
+      - name: install go
+        uses: actions/setup-go@v2
+        with:
+          go-version: "^1.17"
+
+      - name: Lint
+        run: make lint
+
+      - name: Tests
+        run: make test
+
+  deploy:
+    runs-on: ubuntu-latest
+    needs: tests
+    if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags')
+    strategy:
+      matrix:
+        goosarch: [linux-amd64]
+    steps:
+      - uses: actions/checkout@v2.4.0
+        with:
+          fetch-depth: 0
+
+      - name: Set env
+        run: echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV
+
+      - name: Sign in to dockerhub
+        run: echo "${{ secrets.DOCKERHUB_TOKEN }}" | docker login -u ${{ secrets.DOCKERHUB_USERNAME }} --password-stdin
+
+      - name: Deploy image
+        run: make docker-push VERSION=$RELEASE_VERSION
+
+      - name: Build
+        run: make build VERSION=$RELEASE_VERSION
+
+      - name: Prepare release
+        run: |
+          git log $(git describe HEAD~ --tags --abbrev=0)..HEAD --pretty='format:%h - %s (%cr) <%an>' --no-merges > changelog.txt
+          tar  zcvf whatismyip-$RELEASE_VERSION-${{matrix.goosarch}}.tar.gz whatismyip LICENSE README.md
+          sha256sum whatismyip-$RELEASE_VERSION-${{matrix.goosarch}}.tar.gz > whatismyip-$RELEASE_VERSION-${{matrix.goosarch}}.tar.gz.sha256
+
+      - name: Release
+        uses: softprops/action-gh-release@v0.1.14
+        with:
+          body_path: changelog.txt
+          files: |
+            whatismyip-${{env.RELEASE_VERSION}}-${{matrix.goosarch}}.tar.gz
+            whatismyip-${{env.RELEASE_VERSION}}-${{matrix.goosarch}}.tar.gz.sha256
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

Dockerfile

@@ -1,10 +1,13 @@
 FROM golang:1.17-alpine as builder
 
+ARG ARG_VERSION
+ENV VERSION $ARG_VERSION
+
 WORKDIR /app
 
 COPY . .
 
-RUN apk add make && make build
+RUN apk add make && make build VERSION=$VERSION
 
 # Build final image
 FROM scratch

Makefile

@@ -1,3 +1,4 @@
+GOPATH ?= $(shell go env GOPATH)
 VERSION ?= devel-$(shell git rev-parse --short HEAD)
 DOCKER_URL ?= dcarrillo/whatismyip
 
@@ -13,13 +14,13 @@ integration-test:
 	go test ./integration-tests -v
 
 .PHONY: install-tools
-install-int:
-	@hash golangci-lint > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
-		curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin v1.43.0
+install-tools:
+	@command golangci-lint > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
+		curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(GOPATH)/bin v1.43.0; \
 	fi
 
-	@hash shadow > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
-		go install golang.org/x/tools/go/analysis/passes/shadow/cmd/shadow@v0.1.7
+	@command $(GOPATH)/shadow > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
+		go install golang.org/x/tools/go/analysis/passes/shadow/cmd/shadow@v0.1.7; \
 	fi
 .PHONY: lint
 lint: install-tools
@@ -28,17 +29,28 @@ lint: install-tools
 
 .PHONY: build
 build:
-	CGO_ENABLED=0 go build -ldflags="-X 'github.com/dcarrillo/whatismyip/internal/core.Version=${VERSION}'" -o whatismyip ./cmd
+	CGO_ENABLED=0 go build -ldflags="-s -w -X 'github.com/dcarrillo/whatismyip/internal/core.Version=${VERSION}'" -o whatismyip ./cmd
 
 .PHONY: docker-build
 docker-build:
-	docker build --tag ${DOCKER_URL}:${VERSION} .
+	docker build --build-arg=ARG_VERSION="${VERSION}" --tag ${DOCKER_URL}:${VERSION} .
+
+.PHONY: docker-push
+docker-push: docker-build
+ifneq (,$(findstring devel-,$(VERSION)))
+	@echo "VERSION is set to ${VERSION}, I can't push devel builds"
+	exit 1
+else
+	docker push ${DOCKER_URL}:${VERSION}
+	docker tag ${DOCKER_URL}:${VERSION} ${DOCKER_URL}:latest
+	docker push ${DOCKER_URL}:latest
+endif
 
 .PHONY: docker-run
 docker-run: docker-build
 	docker run --tty --interactive --rm \
-	-v $$PWD/test/GeoIP2-City-Test.mmdb:/tmp/GeoIP2-City-Test.mmdb:ro \
-	-v $$PWD/test/GeoLite2-ASN-Test.mmdb:/tmp/GeoLite2-ASN-Test.mmdb:ro -p 8080:8080 \
+	-v ${PWD}/test/GeoIP2-City-Test.mmdb:/tmp/GeoIP2-City-Test.mmdb:ro \
+	-v ${PWD}/test/GeoLite2-ASN-Test.mmdb:/tmp/GeoLite2-ASN-Test.mmdb:ro -p 8080:8080 \
 	${DOCKER_URL}:${VERSION} \
 		-geoip2-city /tmp/GeoIP2-City-Test.mmdb \
 		-geoip2-asn /tmp/GeoLite2-ASN-Test.mmdb \

README.md

@@ -5,6 +5,11 @@
   - [Endpoints](#endpoints)
   - [Build](#build)
   - [Usage](#usage)
+  - [Examples](#examples)
+    - [Run a default TCP server](#run-a-default-tcp-server)
+    - [Run a TLS (HTTP/2) server only](#run-a-tls-http2-server-only)
+    - [Run a default TCP server with a custom template and trust a custom header set by an upstream proxy](#run-a-default-tcp-server-with-a-custom-template-and-trust-a-custom-header-set-by-an-upstream-proxy)
+  - [Download](#download)
   - [Docker](#docker)
     - [Running a container locally using test databases](#running-a-container-locally-using-test-databases)
     - [From Docker Hub](#from-docker-hub)
@@ -25,12 +30,14 @@ curl -6 ifconfig.es
 
 ## Features
 
-- TLS available
+- TLS and HTTP/2.
 - Can run behind a proxy by trusting a custom header (usually `X-Real-IP`) to figure out the source IP address.
 - IPv4 and IPv6.
-- Geolocation info including ASN. This feature is possible thanks to [maxmind](https://dev.maxmind.com/geoip/geolite2-free-geolocation-data?lang=en) GeoLite2 databases. In order to use these databases, a -icense key is needed. Please visit Maxmind site for further instructions and get a free license.
-- High performance
-- HTML with templates, text plain and JSON output.
+- Geolocation info including ASN. This feature is possible thanks to [maxmind](https://dev.maxmind.com/geoip/geolite2-free-geolocation-data?lang=en) GeoLite2 databases. In order to use these databases, a license key is needed. Please visit Maxmind site for further instructions and get a free license.
+- High performance.
+- Self-contained server what can reload GeoLite2 databases and/or SSL certificates without stop/start. The `hup` signal is honored.
+- HTML templates for the landing page.
+- Text plain and JSON output.
 
 ## Endpoints
 
@@ -81,9 +88,33 @@ Usage of ./whatismyip:
         Output version information and exit
 ```
 
+## Examples
+
+### Run a default TCP server
+
+```bash
+./whatismyip -geoip2-city ./test/GeoIP2-City-Test.mmdb -geoip2-asn ./test/GeoLite2-ASN-Test.mmdb
+```
+
+### Run a TLS (HTTP/2) server only
+
+```bash
+./whatismyip -geoip2-city ./test/GeoIP2-City-Test.mmdb -geoip2-asn ./test/GeoLite2-ASN-Test.mmdb -bind "" -tls-bind :8081 -tls-crt ./test/server.pem -tls-key ./test/server.key
+```
+
+### Run a default TCP server with a custom template and trust a custom header set by an upstream proxy
+
+```bash
+./whatismyip -geoip2-city ./test/GeoIP2-City-Test.mmdb -geoip2-asn ./test/GeoLite2-ASN-Test.mmdb -trusted-header X-Real-IP -template mytemplate.tmpl
+```
+
+## Download
+
+Download latest version from https://github.com/dcarrillo/whatismyip/releases
+
 ## Docker
 
-An ultra-light (13MB) image is available.
+An ultra-light (~9MB) image is available.
 
 ### Running a container locally using test databases
 

cmd/whatismyip.go

@@ -112,7 +112,8 @@ func runTLSServer() {
 
 	go func() {
 		log.Printf("Starting TLS server listening on %s", setting.App.TLSAddress)
-		if err := tlsServer.ListenAndServeTLS(setting.App.TLSCrtPath, setting.App.TLSKeyPath); err != nil && !errors.Is(err, http.ErrServerClosed) {
+		if err := tlsServer.ListenAndServeTLS(setting.App.TLSCrtPath, setting.App.TLSKeyPath); err != nil &&
+			!errors.Is(err, http.ErrServerClosed) {
 			log.Fatal(err)
 		}
 		log.Printf("Stopping TLS server...")

internal/setting/app.go

@@ -36,17 +36,29 @@ func Setup() {
 	city := flag.String("geoip2-city", "", "Path to GeoIP2 city database")
 	asn := flag.String("geoip2-asn", "", "Path to GeoIP2 ASN database")
 	template := flag.String("template", "", "Path to template file")
-	address := flag.String("bind", defaultAddress, "Listening address (see https://pkg.go.dev/net?#Listen)")
-	addressTLS := flag.String("tls-bind", "", "Listening address for TLS (see https://pkg.go.dev/net?#Listen)")
+	address := flag.String(
+		"bind",
+		defaultAddress,
+		"Listening address (see https://pkg.go.dev/net?#Listen)",
+	)
+	addressTLS := flag.String(
+		"tls-bind",
+		"",
+		"Listening address for TLS (see https://pkg.go.dev/net?#Listen)",
+	)
 	tlsCrtPath := flag.String("tls-crt", "", "When using TLS, path to certificate file")
 	tlsKeyPath := flag.String("tls-key", "", "When using TLS, path to private key file")
-	trustedHeader := flag.String("trusted-header", "", "Trusted request header for remote IP (e.g. X-Real-IP)")
+	trustedHeader := flag.String(
+		"trusted-header",
+		"",
+		"Trusted request header for remote IP (e.g. X-Real-IP)",
+	)
 	ver := flag.Bool("version", false, "Output version information and exit")
 
 	flag.Parse()
 
 	if *ver {
-		fmt.Printf("whaismyip version %s", core.Version)
+		fmt.Printf("whatismyip version %s", core.Version)
 		os.Exit(0)
 	}
 

router/generic.go

@@ -5,7 +5,6 @@ import (
 	"net/http"
 	"path/filepath"
 	"regexp"
-	"strings"
 
 	"github.com/dcarrillo/whatismyip/internal/httputils"
 	"github.com/dcarrillo/whatismyip/internal/setting"
@@ -46,12 +45,14 @@ func getRoot(ctx *gin.Context) {
 }
 
 func getClientPortAsString(ctx *gin.Context) {
-	ctx.String(http.StatusOK, strings.Split(ctx.Request.RemoteAddr, ":")[1]+"\n")
+	_, port, _ := net.SplitHostPort(ctx.Request.RemoteAddr)
+	ctx.String(http.StatusOK, port+"\n")
 }
 
 func getAllAsString(ctx *gin.Context) {
 	output := "IP: " + ctx.ClientIP() + "\n"
-	output += "Client Port: " + strings.Split(ctx.Request.RemoteAddr, ":")[1] + "\n"
+	_, port, _ := net.SplitHostPort(ctx.Request.RemoteAddr)
+	output += "Client Port: " + port + "\n"
 
 	r := service.Geo{IP: net.ParseIP(ctx.ClientIP())}
 	if record := r.LookUpCity(); record != nil {
@@ -82,10 +83,11 @@ func jsonOutput(ctx *gin.Context) JSONResponse {
 		version = 6
 	}
 
+	_, port, _ := net.SplitHostPort(ctx.Request.RemoteAddr)
 	return JSONResponse{
 		IP:              ctx.ClientIP(),
 		IPVersion:       version,
-		ClientPort:      strings.Split(ctx.Request.RemoteAddr, ":")[1],
+		ClientPort:      port,
 		Country:         cityRecord.Country.Names["en"],
 		CountryCode:     cityRecord.Country.ISOCode,
 		City:            cityRecord.City.Names["en"],

router/generic_test.go

@@ -1,6 +1,7 @@
 package router
 
 import (
+	"net"
 	"net/http"
 	"net/http/httptest"
 	"testing"
@@ -9,7 +10,18 @@ import (
 )
 
 func TestIP4RootFromCli(t *testing.T) {
-	uas := []string{"", "curl", "wget", "libwww-perl", "python", "ansible-httpget", "HTTPie", "WindowsPowerShell", "http_request", "Go-http-client"}
+	uas := []string{
+		"",
+		"curl",
+		"wget",
+		"libwww-perl",
+		"python",
+		"ansible-httpget",
+		"HTTPie",
+		"WindowsPowerShell",
+		"http_request",
+		"Go-http-client",
+	}
 
 	req, _ := http.NewRequest("GET", "/", nil)
 	req.Header.Set("X-Real-IP", testIP.ipv4)
@@ -37,7 +49,7 @@ func TestHost(t *testing.T) {
 
 func TestClientPort(t *testing.T) {
 	req, _ := http.NewRequest("GET", "/client-port", nil)
-	req.RemoteAddr = testIP.ipv4 + ":" + "1000"
+	req.RemoteAddr = net.JoinHostPort(testIP.ipv4 , "1000")
 	req.Header.Set("X-Real-IP", testIP.ipv4)
 
 	w := httptest.NewRecorder()
@@ -60,10 +72,10 @@ func TestNotFound(t *testing.T) {
 
 func TestJSON(t *testing.T) {
 	expectedIPv4 := `{"client_port":"1000","ip":"81.2.69.192","ip_version":4,"country":"United Kingdom","country_code":"GB","city":"London","latitude":51.5142,"longitude":-0.0931,"postal_code":"","time_zone":"Europe/London","asn":0,"asn_organization":"","host":"test","headers":{"X-Real-Ip":["81.2.69.192"]}}`
-	expectedIPv6 := `{"asn":3352, "asn_organization":"TELEFONICA DE ESPANA", "city":"", "client_port":"9000", "country":"", "country_code":"", "headers":{"X-Real-Ip":["2a02:9000::1"]}, "host":"test", "ip":"2a02:9000::1", "ip_version":6, "latitude":0, "longitude":0, "postal_code":"", "time_zone":""}`
+	expectedIPv6 := `{"asn":3352, "asn_organization":"TELEFONICA DE ESPANA", "city":"", "client_port":"1000", "country":"", "country_code":"", "headers":{"X-Real-Ip":["2a02:9000::1"]}, "host":"test", "ip":"2a02:9000::1", "ip_version":6, "latitude":0, "longitude":0, "postal_code":"", "time_zone":""}`
 
 	req, _ := http.NewRequest("GET", "/json", nil)
-	req.RemoteAddr = testIP.ipv4 + ":" + "1000"
+	req.RemoteAddr = net.JoinHostPort(testIP.ipv4, "1000")
 	req.Host = "test"
 	req.Header.Set("X-Real-IP", testIP.ipv4)
 
@@ -74,7 +86,7 @@ func TestJSON(t *testing.T) {
 	assert.Equal(t, contentType.json, w.Header().Get("Content-Type"))
 	assert.JSONEq(t, expectedIPv4, w.Body.String())
 
-	req.RemoteAddr = testIP.ipv6 + ":" + "1000"
+	req.RemoteAddr = net.JoinHostPort(testIP.ipv6, "1000")
 	req.Host = "test"
 	req.Header.Set("X-Real-IP", testIP.ipv6)
 
@@ -106,7 +118,7 @@ X-Real-Ip: 81.2.69.192
 `
 
 	req, _ := http.NewRequest("GET", "/all", nil)
-	req.RemoteAddr = testIP.ipv4 + ":" + "1000"
+	req.RemoteAddr = net.JoinHostPort(testIP.ipv4 , "1000")
 	req.Host = "test"
 	req.Header.Set("X-Real-IP", testIP.ipv4)
 	req.Header.Set("Header1", "one")