From 1315282c7ff46f1ac048022f7eeb0b4d09eedb57 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20Guillot?= <fred@miniflux.net>
Date: Sun, 11 Nov 2018 16:21:57 -0800
Subject: [PATCH] Add the possiblity to listen on Unix socket

---
 miniflux.1             |  4 +++-
 service/httpd/httpd.go | 33 +++++++++++++++++++++++++++++----
 2 files changed, 32 insertions(+), 5 deletions(-)

diff --git a/miniflux.1 b/miniflux.1
index 4a687d4e..1730af9f 100644
--- a/miniflux.1
+++ b/miniflux.1
@@ -89,7 +89,9 @@ Maximum number of database connections (default is 20)\&.
 Minimum number of database connections (default is 1)\&.
 .TP
 .B LISTEN_ADDR
-HTTP server listening address\&.
+Address to listen on. Default is 127.0.0.1:8080\&.
+.br
+Use absolute path to listen on Unix socket (/var/run/miniflux.sock)\&.
 .TP
 .B PORT
 Override LISTEN_ADDR to 0.0.0.0:$PORT\&.
diff --git a/service/httpd/httpd.go b/service/httpd/httpd.go
index 4ab7cfd3..a365353d 100644
--- a/service/httpd/httpd.go
+++ b/service/httpd/httpd.go
@@ -6,7 +6,10 @@ package httpd // import "miniflux.app/service/httpd"
 
 import (
 	"crypto/tls"
+	"net"
 	"net/http"
+	"os"
+	"strings"
 	"time"
 
 	"miniflux.app/api"
@@ -29,27 +32,49 @@ func Serve(cfg *config.Config, store *storage.Storage, pool *worker.Pool, feedHa
 	keyFile := cfg.KeyFile()
 	certDomain := cfg.CertDomain()
 	certCache := cfg.CertCache()
+	listenAddr := cfg.ListenAddr()
 	server := &http.Server{
 		ReadTimeout:  30 * time.Second,
 		WriteTimeout: 30 * time.Second,
 		IdleTimeout:  60 * time.Second,
-		Addr:         cfg.ListenAddr(),
 		Handler:      setupHandler(cfg, store, feedHandler, pool),
 	}
 
-	if certDomain != "" && certCache != "" {
+	switch {
+	case strings.HasPrefix(listenAddr, "/"):
+		startUnixSocketServer(server, listenAddr)
+	case certDomain != "" && certCache != "":
 		cfg.IsHTTPS = true
 		startAutoCertTLSServer(server, certDomain, certCache)
-	} else if certFile != "" && keyFile != "" {
+	case certFile != "" && keyFile != "":
 		cfg.IsHTTPS = true
+		server.Addr = listenAddr
 		startTLSServer(server, certFile, keyFile)
-	} else {
+	default:
+		server.Addr = listenAddr
 		startHTTPServer(server)
 	}
 
 	return server
 }
 
+func startUnixSocketServer(server *http.Server, socketFile string) {
+	os.Remove(socketFile)
+
+	go func(sock string) {
+		listener, err := net.Listen("unix", sock)
+		if err != nil {
+			logger.Fatal(`Server failed to start: %v`, err)
+		}
+		defer listener.Close()
+
+		logger.Info(`Listening on Unix socket %q`, sock)
+		if err := server.Serve(listener); err != http.ErrServerClosed {
+			logger.Fatal(`Server failed to start: %v`, err)
+		}
+	}(socketFile)
+}
+
 func startAutoCertTLSServer(server *http.Server, certDomain, certCache string) {
 	server.Addr = ":https"
 	certManager := autocert.Manager{