[feature/performance] Wrap incoming HTTP requests in timeout handler (#2353)

* deinterface router, start messing about with deadlines

* weeeee

* thanks linter (thinter)

* write Connection: close when timing out requests

* update wording

* don't replace req

* don't bother with fancy Cause functions (I'll use them one day...)
This commit is contained in:
tobi 2023-11-13 19:48:51 +01:00 committed by GitHub
parent 7753f42132
commit 8d0c017cf2
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
14 changed files with 305 additions and 175 deletions

View file

@ -35,7 +35,7 @@ type ActivityPub struct {
signatureCheckMiddleware gin.HandlerFunc signatureCheckMiddleware gin.HandlerFunc
} }
func (a *ActivityPub) Route(r router.Router, m ...gin.HandlerFunc) { func (a *ActivityPub) Route(r *router.Router, m ...gin.HandlerFunc) {
// create groupings for the 'emoji' and 'users' prefixes // create groupings for the 'emoji' and 'users' prefixes
emojiGroup := r.AttachGroup("emoji") emojiGroup := r.AttachGroup("emoji")
usersGroup := r.AttachGroup("users") usersGroup := r.AttachGroup("users")
@ -54,7 +54,7 @@ func (a *ActivityPub) Route(r router.Router, m ...gin.HandlerFunc) {
} }
// Public key endpoint requires different middleware + cache policies from other AP endpoints. // Public key endpoint requires different middleware + cache policies from other AP endpoints.
func (a *ActivityPub) RoutePublicKey(r router.Router, m ...gin.HandlerFunc) { func (a *ActivityPub) RoutePublicKey(r *router.Router, m ...gin.HandlerFunc) {
// Create grouping for the 'users/[username]/main-key' prefix. // Create grouping for the 'users/[username]/main-key' prefix.
publicKeyGroup := r.AttachGroup(publickey.PublicKeyPath) publicKeyGroup := r.AttachGroup(publickey.PublicKeyPath)

View file

@ -36,7 +36,7 @@ type Auth struct {
} }
// Route attaches 'auth' and 'oauth' groups to the given router. // Route attaches 'auth' and 'oauth' groups to the given router.
func (a *Auth) Route(r router.Router, m ...gin.HandlerFunc) { func (a *Auth) Route(r *router.Router, m ...gin.HandlerFunc) {
// create groupings for the 'auth' and 'oauth' prefixes // create groupings for the 'auth' and 'oauth' prefixes
authGroup := r.AttachGroup("auth") authGroup := r.AttachGroup("auth")
oauthGroup := r.AttachGroup("oauth") oauthGroup := r.AttachGroup("oauth")

View file

@ -79,7 +79,7 @@ type Client struct {
user *user.Module // api/v1/user user *user.Module // api/v1/user
} }
func (c *Client) Route(r router.Router, m ...gin.HandlerFunc) { func (c *Client) Route(r *router.Router, m ...gin.HandlerFunc) {
// create a new group on the top level client 'api' prefix // create a new group on the top level client 'api' prefix
apiGroup := r.AttachGroup("api") apiGroup := r.AttachGroup("api")

View file

@ -30,7 +30,7 @@ type Fileserver struct {
fileserver *fileserver.Module fileserver *fileserver.Module
} }
func (f *Fileserver) Route(r router.Router, m ...gin.HandlerFunc) { func (f *Fileserver) Route(r *router.Router, m ...gin.HandlerFunc) {
fileserverGroup := r.AttachGroup("fileserver") fileserverGroup := r.AttachGroup("fileserver")
// Attach middlewares appropriate for this group. // Attach middlewares appropriate for this group.

View file

@ -29,7 +29,7 @@ type NodeInfo struct {
nodeInfo *nodeinfo.Module nodeInfo *nodeinfo.Module
} }
func (w *NodeInfo) Route(r router.Router, m ...gin.HandlerFunc) { func (w *NodeInfo) Route(r *router.Router, m ...gin.HandlerFunc) {
// group nodeinfo endpoints together // group nodeinfo endpoints together
nodeInfoGroup := r.AttachGroup("nodeinfo") nodeInfoGroup := r.AttachGroup("nodeinfo")

View file

@ -19,6 +19,7 @@ package util
import ( import (
"context" "context"
"errors"
"net/http" "net/http"
"codeberg.org/gruf/go-kv" "codeberg.org/gruf/go-kv"
@ -90,19 +91,40 @@ func genericErrorHandler(c *gin.Context, instanceGet func(ctx context.Context) (
// try to serve an appropriate application/json content-type error. // try to serve an appropriate application/json content-type error.
// To override the default response type, specify `offers`. // To override the default response type, specify `offers`.
// //
// If the requester already hung up on the request, ErrorHandler // If the requester already hung up on the request, or the server
// will overwrite the given errWithCode with a 499 error to indicate // timed out a very slow request, ErrorHandler will overwrite the
// that the failure wasn't due to something we did, and will avoid // given errWithCode with a 408 or 499 error to indicate that the
// trying to write extensive bytes to the caller by just aborting. // failure wasn't due to something we did, and will avoid trying
// to write extensive bytes to the caller by just aborting.
// //
// See: https://en.wikipedia.org/wiki/List_of_HTTP_status_codes#nginx. // For 499, see https://en.wikipedia.org/wiki/List_of_HTTP_status_codes#nginx.
func ErrorHandler(c *gin.Context, errWithCode gtserror.WithCode, instanceGet func(ctx context.Context) (*apimodel.InstanceV1, gtserror.WithCode), offers ...MIME) { func ErrorHandler(
if c.Request.Context().Err() != nil { c *gin.Context,
// Context error means requester probably left already. errWithCode gtserror.WithCode,
// Wrap original error with a less alarming one. Then instanceGet func(ctx context.Context) (*apimodel.InstanceV1, gtserror.WithCode),
// we can return early, because it doesn't matter what offers ...MIME,
// we send to the client at this point; they're gone. ) {
errWithCode = gtserror.NewErrorClientClosedRequest(errWithCode.Unwrap()) if ctxErr := c.Request.Context().Err(); ctxErr != nil {
// Context error means either client has left already,
// or server has timed out a very slow request.
//
// Rewrap the error with something less scary,
// and just abort the request gracelessly.
err := errWithCode.Unwrap()
if errors.Is(ctxErr, context.DeadlineExceeded) {
// We timed out the request.
errWithCode = gtserror.NewErrorRequestTimeout(err)
// Be correct and write "close".
// See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Connection#close
// and: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/408
c.Header("Connection", "close")
} else {
// Client timed out the request.
errWithCode = gtserror.NewErrorClientClosedRequest(err)
}
c.AbortWithStatus(errWithCode.Code()) c.AbortWithStatus(errWithCode.Code())
return return
} }

View file

@ -33,7 +33,7 @@ type WellKnown struct {
hostMeta *hostmeta.Module hostMeta *hostmeta.Module
} }
func (w *WellKnown) Route(r router.Router, m ...gin.HandlerFunc) { func (w *WellKnown) Route(r *router.Router, m ...gin.HandlerFunc) {
// group .well-known endpoints together // group .well-known endpoints together
wellKnownGroup := r.AttachGroup(".well-known") wellKnownGroup := r.AttachGroup(".well-known")

View file

@ -29,7 +29,7 @@ import (
// GoToSocial server instance. // GoToSocial server instance.
type Server struct { type Server struct {
db db.DB db db.DB
apiRouter router.Router apiRouter *router.Router
cleaner *cleaner.Cleaner cleaner *cleaner.Cleaner
} }
@ -37,7 +37,7 @@ type Server struct {
// GoToSocial server instance. // GoToSocial server instance.
func NewServer( func NewServer(
db db.DB, db db.DB,
apiRouter router.Router, apiRouter *router.Router,
cleaner *cleaner.Cleaner, cleaner *cleaner.Cleaner,
) *Server { ) *Server {
return &Server{ return &Server{

View file

@ -198,3 +198,14 @@ func NewErrorClientClosedRequest(original error) WithCode {
code: StatusClientClosedRequest, code: StatusClientClosedRequest,
} }
} }
// NewErrorRequestTimeout returns an ErrorWithCode 408 with the given original error.
// This error type should only be used when the server has decided to hang up a client
// request after x amount of time, to avoid keeping extremely slow client requests open.
func NewErrorRequestTimeout(original error) WithCode {
return withCode{
original: original,
safe: errors.New(http.StatusText(http.StatusRequestTimeout)),
code: http.StatusRequestTimeout,
}
}

View file

@ -19,18 +19,18 @@ package router
import "github.com/gin-gonic/gin" import "github.com/gin-gonic/gin"
func (r *router) AttachGlobalMiddleware(handlers ...gin.HandlerFunc) gin.IRoutes { func (r *Router) AttachGlobalMiddleware(handlers ...gin.HandlerFunc) gin.IRoutes {
return r.engine.Use(handlers...) return r.engine.Use(handlers...)
} }
func (r *router) AttachNoRouteHandler(handler gin.HandlerFunc) { func (r *Router) AttachNoRouteHandler(handler gin.HandlerFunc) {
r.engine.NoRoute(handler) r.engine.NoRoute(handler)
} }
func (r *router) AttachGroup(relativePath string, handlers ...gin.HandlerFunc) *gin.RouterGroup { func (r *Router) AttachGroup(relativePath string, handlers ...gin.HandlerFunc) *gin.RouterGroup {
return r.engine.Group(relativePath, handlers...) return r.engine.Group(relativePath, handlers...)
} }
func (r *router) AttachHandler(method string, path string, handler gin.HandlerFunc) { func (r *Router) AttachHandler(method string, path string, handler gin.HandlerFunc) {
r.engine.Handle(method, path, handler) r.engine.Handle(method, path, handler)
} }

View file

@ -29,6 +29,7 @@ import (
"codeberg.org/gruf/go-debug" "codeberg.org/gruf/go-debug"
"github.com/gin-gonic/gin" "github.com/gin-gonic/gin"
"github.com/superseriousbusiness/gotosocial/internal/config" "github.com/superseriousbusiness/gotosocial/internal/config"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/log" "github.com/superseriousbusiness/gotosocial/internal/log"
"golang.org/x/crypto/acme/autocert" "golang.org/x/crypto/acme/autocert"
) )
@ -42,94 +43,120 @@ const (
maxMultipartMemory = int64(8 * bytesize.MiB) maxMultipartMemory = int64(8 * bytesize.MiB)
) )
// Router provides the REST interface for gotosocial, using gin. // Router provides the HTTP REST
type Router interface { // interface for GoToSocial, using gin.
// Attach global gin middlewares to this router. type Router struct {
AttachGlobalMiddleware(handlers ...gin.HandlerFunc) gin.IRoutes engine *gin.Engine
// AttachGroup attaches the given handlers into a group with the given relativePath as srv *http.Server
// base path for that group. It then returns the *gin.RouterGroup so that the caller
// can add any extra middlewares etc specific to that group, as desired.
AttachGroup(relativePath string, handlers ...gin.HandlerFunc) *gin.RouterGroup
// Attach a single gin handler to the router with the given method and path.
// To make middleware management easier, AttachGroup should be preferred where possible.
// However, this function can be used for attaching single handlers that only require
// global middlewares.
AttachHandler(method string, path string, handler gin.HandlerFunc)
// Attach 404 NoRoute handler
AttachNoRouteHandler(handler gin.HandlerFunc)
// Start the router
Start()
// Stop the router
Stop(ctx context.Context) error
} }
// router fulfils the Router interface using gin and logrus // New returns a new Router, which wraps
type router struct { // an http server and gin handler engine.
engine *gin.Engine //
srv *http.Server // The router's Attach functions should be
certManager *autocert.Manager // used *before* the router is Started.
} //
// When the router's work is finished, Stop
// should be called on it to close connections
// gracefully.
//
// The provided context will be used as the base
// context for all requests passing through the
// underlying http.Server, so this should be a
// long-running context.
func New(ctx context.Context) (*Router, error) {
// TODO: make this configurable?
gin.SetMode(gin.ReleaseMode)
// Start starts the router nicely. It will serve two handlers if letsencrypt is enabled, and only the web/API handler if letsencrypt is not enabled. // Create the engine here -- this is the core
func (r *router) Start() { // request routing handler for GoToSocial.
// listen is the server start function, by engine := gin.New()
// default pointing to regular HTTP listener, engine.MaxMultipartMemory = maxMultipartMemory
// but updated to TLS if LetsEncrypt is enabled. engine.HandleMethodNotAllowed = true
listen := r.srv.ListenAndServe
// During config validation we already checked that both Chain and Key are set // Set up client IP forwarding via
// so we can forego checking for both here // trusted x-forwarded-* headers.
if chain := config.GetTLSCertificateChain(); chain != "" { trustedProxies := config.GetTrustedProxies()
pkey := config.GetTLSCertificateKey() if err := engine.SetTrustedProxies(trustedProxies); err != nil {
cer, err := tls.LoadX509KeyPair(chain, pkey) return nil, err
if err != nil {
log.Fatalf(
nil,
"tls: failed to load keypair from %s and %s, ensure they are PEM-encoded and can be read by this process: %s",
chain, pkey, err,
)
}
r.srv.TLSConfig = &tls.Config{
MinVersion: tls.VersionTLS12,
Certificates: []tls.Certificate{cer},
}
// TLS is enabled, update the listen function
listen = func() error { return r.srv.ListenAndServeTLS("", "") }
} }
if config.GetLetsEncryptEnabled() { // Attach functions used by HTML templating,
// LetsEncrypt support is enabled // and load HTML templates into the engine.
LoadTemplateFunctions(engine)
if err := LoadTemplates(engine); err != nil {
return nil, err
}
// Prepare an HTTPS-redirect handler for LetsEncrypt fallback // Use the passed-in cmd context as the base context for the
redirect := http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) { // server, since we'll never want the server to live past the
target := "https://" + r.Host + r.URL.Path // `server start` command anyway.
if len(r.URL.RawQuery) > 0 { baseCtx := func(_ net.Listener) context.Context { return ctx }
target += "?" + r.URL.RawQuery
}
http.Redirect(rw, r, target, http.StatusTemporaryRedirect)
})
go func() { addr := fmt.Sprintf("%s:%d",
// Take our own copy of HTTP server config.GetBindAddress(),
// with updated autocert manager endpoint config.GetPort(),
srv := (*r.srv) //nolint )
srv.Handler = r.certManager.HTTPHandler(redirect)
srv.Addr = fmt.Sprintf("%s:%d",
config.GetBindAddress(),
config.GetLetsEncryptPort(),
)
// Start the LetsEncrypt autocert manager HTTP server. // Wrap the gin engine handler in our
log.Infof(nil, "letsencrypt listening on %s", srv.Addr) // own timeout handler, to ensure we
if err := srv.ListenAndServe(); err != nil && // don't keep very slow requests around.
err != http.ErrServerClosed { handler := timeoutHandler{engine}
log.Fatalf(nil, "letsencrypt: listen: %s", err)
}
}()
// TLS is enabled, update the listen function s := &http.Server{
listen = func() error { return r.srv.ListenAndServeTLS("", "") } Addr: addr,
Handler: handler,
ReadTimeout: readTimeout,
ReadHeaderTimeout: readHeaderTimeout,
WriteTimeout: writeTimeout,
IdleTimeout: idleTimeout,
BaseContext: baseCtx,
}
return &Router{
engine: engine,
srv: s,
}, nil
}
// Start starts the router nicely.
//
// It will serve two handlers if letsencrypt is enabled,
// and only the web/API handler if letsencrypt is not enabled.
func (r *Router) Start() {
var (
// listen is the server start function.
// By default this points to a regular
// HTTP listener, but will be changed to
// TLS if custom certs or LE are enabled.
listen func() error
err error
certFile = config.GetTLSCertificateChain()
keyFile = config.GetTLSCertificateKey()
leEnabled = config.GetLetsEncryptEnabled()
)
switch {
// TLS with custom certs.
case certFile != "":
// During config validation we already checked
// that either both or neither of Chain and Key
// are set, so we can forego checking again here.
listen, err = r.customTLS(certFile, keyFile)
// TLS with letsencrypt.
case leEnabled:
listen, err = r.letsEncryptTLS()
// Default listen. TLS must
// be handled by reverse proxy.
default:
listen = r.srv.ListenAndServe
}
if err != nil {
log.Fatal(nil, err)
} }
// Pass the server handler through a debug pprof middleware handler. // Pass the server handler through a debug pprof middleware handler.
@ -154,7 +181,7 @@ func (r *router) Start() {
} }
// Stop shuts down the router nicely // Stop shuts down the router nicely
func (r *router) Stop(ctx context.Context) error { func (r *Router) Stop(ctx context.Context) error {
log.Infof(nil, "shutting down http router with %s grace period", shutdownTimeout) log.Infof(nil, "shutting down http router with %s grace period", shutdownTimeout)
timeout, cancel := context.WithTimeout(ctx, shutdownTimeout) timeout, cancel := context.WithTimeout(ctx, shutdownTimeout)
defer cancel() defer cancel()
@ -167,78 +194,87 @@ func (r *router) Stop(ctx context.Context) error {
return nil return nil
} }
// New returns a new Router. // customTLS modifies the router's underlying
// // http server to use custom TLS cert/key pair.
// The router's Attach functions should be used *before* the router is Started. func (r *Router) customTLS(
// certFile string,
// When the router's work is finished, Stop should be called on it to close connections gracefully. keyFile string,
// ) (func() error, error) {
// The provided context will be used as the base context for all requests passing // Load certificates from disk.
// through the underlying http.Server, so this should be a long-running context. cer, err := tls.LoadX509KeyPair(certFile, keyFile)
func New(ctx context.Context) (Router, error) { if err != nil {
gin.SetMode(gin.TestMode) err = gtserror.Newf(
"failed to load keypair from %s and %s, ensure they are "+
// create the actual engine here -- this is the core request routing handler for gts "PEM-encoded and can be read by this process: %w",
engine := gin.New() certFile, keyFile, err,
engine.MaxMultipartMemory = maxMultipartMemory )
engine.HandleMethodNotAllowed = true
// set up IP forwarding via x-forward-* headers.
trustedProxies := config.GetTrustedProxies()
if err := engine.SetTrustedProxies(trustedProxies); err != nil {
return nil, err return nil, err
} }
// set template functions // Override server's TLSConfig.
LoadTemplateFunctions(engine) r.srv.TLSConfig = &tls.Config{
MinVersion: tls.VersionTLS12,
// load templates onto the engine Certificates: []tls.Certificate{cer},
if err := LoadTemplates(engine); err != nil {
return nil, err
} }
// use the passed-in command context as the base context for the server, // Update listen function to use custom TLS.
// since we'll never want the server to live past the command anyway listen := func() error { return r.srv.ListenAndServeTLS("", "") }
baseCtx := func(_ net.Listener) context.Context { return listen, nil
return ctx }
}
// letsEncryptTLS modifies the router's underlying http
bindAddress := config.GetBindAddress() // server to use LetsEncrypt via an ACME Autocert manager.
port := config.GetPort() //
addr := fmt.Sprintf("%s:%d", bindAddress, port) // It also starts a listener on the configured LetsEncrypt
// port to validate LE requests.
s := &http.Server{ func (r *Router) letsEncryptTLS() (func() error, error) {
Addr: addr, acm := &autocert.Manager{
Handler: engine, // use gin engine as handler Prompt: autocert.AcceptTOS,
ReadTimeout: readTimeout, HostPolicy: autocert.HostWhitelist(config.GetHost()),
ReadHeaderTimeout: readHeaderTimeout, Cache: autocert.DirCache(config.GetLetsEncryptCertDir()),
WriteTimeout: writeTimeout, Email: config.GetLetsEncryptEmailAddress(),
IdleTimeout: idleTimeout, }
BaseContext: baseCtx,
} // Override server's TLSConfig.
r.srv.TLSConfig = acm.TLSConfig()
// We need to spawn the underlying server slightly differently depending on whether lets encrypt is enabled or not.
// In either case, the gin engine will still be used for routing requests. // Prepare a fallback handler for LetsEncrypt.
leEnabled := config.GetLetsEncryptEnabled() //
// This will redirect all non-LetsEncrypt http
var m *autocert.Manager // reqs to https, preserving path and query params.
if leEnabled { var fallback http.HandlerFunc = func(
// le IS enabled, so roll up an autocert manager for handling letsencrypt requests w http.ResponseWriter,
host := config.GetHost() r *http.Request,
leCertDir := config.GetLetsEncryptCertDir() ) {
leEmailAddress := config.GetLetsEncryptEmailAddress() // Rewrite target to https.
m = &autocert.Manager{ target := "https://" + r.Host + r.URL.Path
Prompt: autocert.AcceptTOS, if len(r.URL.RawQuery) > 0 {
HostPolicy: autocert.HostWhitelist(host), target += "?" + r.URL.RawQuery
Cache: autocert.DirCache(leCertDir), }
Email: leEmailAddress,
} http.Redirect(w, r, target, http.StatusTemporaryRedirect)
s.TLSConfig = m.TLSConfig() }
}
// Take our own copy of the HTTP server,
return &router{ // and update it to serve LetsEncrypt
engine: engine, // requests via the autocert manager.
srv: s, leSrv := (*r.srv) //nolint:govet
certManager: m, leSrv.Handler = acm.HTTPHandler(fallback)
}, nil leSrv.Addr = fmt.Sprintf("%s:%d",
config.GetBindAddress(),
config.GetLetsEncryptPort(),
)
go func() {
// Start the LetsEncrypt autocert manager HTTP server.
log.Infof(nil, "letsencrypt listening on %s", leSrv.Addr)
if err := leSrv.ListenAndServe(); err != nil &&
err != http.ErrServerClosed {
log.Fatalf(nil, "letsencrypt: listen: %s", err)
}
}()
// Update listen function to use LetsEncrypt TLS.
listen := func() error { return r.srv.ListenAndServeTLS("", "") }
return listen, nil
} }

View file

@ -0,0 +1,61 @@
// GoToSocial
// Copyright (C) GoToSocial Authors admin@gotosocial.org
// SPDX-License-Identifier: AGPL-3.0-or-later
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
package router
import (
"context"
"net/http"
"time"
"github.com/gin-gonic/gin"
)
const requestTimeout = 10 * time.Minute
type timeoutHandler struct {
*gin.Engine
}
// ServeHTTP wraps the embedded Gin engine's ServeHTTP
// function with an injected context which times out
// non-upgraded inbound requests after 10 minutes.
func (th timeoutHandler) ServeHTTP(
w http.ResponseWriter,
r *http.Request,
) {
if upgr := r.Header.Get("Upgrade"); upgr != "" {
// Upgrade to wss (probably).
// Leave well enough alone.
th.Engine.ServeHTTP(w, r)
return
}
// Create timeout ctx.
toCtx, cancelCtx := context.WithTimeout(
r.Context(),
requestTimeout,
)
defer cancelCtx()
// Serve the request using a shallow copy
// with the new context, without replacing
// the underlying request, since the latter
// may be used later outside of the Gin
// engine for post-request cleanup tasks.
th.Engine.ServeHTTP(w, r.WithContext(toCtx))
}

View file

@ -74,7 +74,7 @@ func New(db db.DB, processor *processing.Processor) *Module {
} }
} }
func (m *Module) Route(r router.Router, mi ...gin.HandlerFunc) { func (m *Module) Route(r *router.Router, mi ...gin.HandlerFunc) {
// Group all static files from assets dir at /assets, // Group all static files from assets dir at /assets,
// so that they can use the same cache control middleware. // so that they can use the same cache control middleware.
webAssetsAbsFilePath, err := filepath.Abs(config.GetWebAssetBaseDir()) webAssetsAbsFilePath, err := filepath.Abs(config.GetWebAssetBaseDir())

View file

@ -33,7 +33,7 @@ import (
// //
// If the environment variable GTS_WEB_TEMPLATE_BASE_DIR set, it will take that // If the environment variable GTS_WEB_TEMPLATE_BASE_DIR set, it will take that
// value as the template base directory instead. // value as the template base directory instead.
func NewTestRouter(db db.DB) router.Router { func NewTestRouter(db db.DB) *router.Router {
if alternativeTemplateBaseDir := os.Getenv("GTS_WEB_TEMPLATE_BASE_DIR"); alternativeTemplateBaseDir != "" { if alternativeTemplateBaseDir := os.Getenv("GTS_WEB_TEMPLATE_BASE_DIR"); alternativeTemplateBaseDir != "" {
config.Config(func(cfg *config.Configuration) { config.Config(func(cfg *config.Configuration) {
cfg.WebTemplateBaseDir = alternativeTemplateBaseDir cfg.WebTemplateBaseDir = alternativeTemplateBaseDir