all: sync with master; upd chlog

Updates #4557.

* commit 'e3624ec5880361b8afccd0ddac9dc31fd7ce4a07':
  all: fix abbreviation
  Update README.md

.github/ISSUE_TEMPLATE/bug.yml

@@ -10,58 +10,52 @@
           - 'label': >
                 I have checked the
                 [Wiki](https://github.com/AdguardTeam/AdGuardHome/wiki) and
-                [Discussions](https://github.com/AdguardTeam/AdGuardHome/discussions/categories/q-a)
+                [Discussions](https://github.com/AdguardTeam/AdGuardHome/discussions)
                 and found no answer
             'required': true
           - 'label': >
                 I have searched other issues and found no duplicates
             'required': true
           - 'label': >
-                I want to report a bug and not [ask a question or ask for
-                help](https://github.com/AdguardTeam/AdGuardHome/discussions/categories/q-a)
-            'required': true
-          - 'label': >
-                I have set up AdGuard Home correctly and [configured clients to
-                use it](https://github.com/AdguardTeam/AdGuardHome/wiki/Clients).
-                (Use the
-                [Discussions](https://github.com/AdguardTeam/AdGuardHome/discussions/categories/q-a)
-                for help with installing and configuring clients.)
+                I want to report a bug and not ask a question
             'required': true
     'id': 'prerequisites'
     'type': 'checkboxes'
   - 'attributes':
-        'description': 'On which Platform does the issue occur?'
-        'label': 'Platform (OS and CPU architecture)'
+        'description': 'On which operating system type does the issue occur?'
+        'label': 'Operating system type'
         'options':
-          - 'Darwin (aka macOS)/AMD64 (aka x86_64)'
-          - 'Darwin (aka macOS)/ARM64'
-          - 'FreeBSD/386'
-          - 'FreeBSD/AMD64 (aka x86_64)'
-          - 'FreeBSD/ARM64'
-          - 'FreeBSD/ARMv5'
-          - 'FreeBSD/ARMv6'
-          - 'FreeBSD/ARMv7'
-          - 'Linux/386'
-          - 'Linux/AMD64 (aka x86_64)'
-          - 'Linux/ARM64'
-          - 'Linux/ARMv5'
-          - 'Linux/ARMv6'
-          - 'Linux/ARMv7'
-          - 'Linux/MIPS LE'
-          - 'Linux/MIPS'
-          - 'Linux/MIPS64 LE'
-          - 'Linux/MIPS64'
-          - 'Linux/PPC64 LE'
-          - 'OpenBSD/AMD64 (aka x86_64)'
-          - 'OpenBSD/ARM64'
-          - 'Windows/386'
-          - 'Windows/AMD64 (aka x86_64)'
-          - 'Windows/ARM64'
-          - 'Custom (please mention in the description)'
+          - 'FreeBSD'
+          - 'Linux, OpenWrt'
+          - 'Linux, Other (please mention the version in the description)'
+          - 'macOS (aka Darwin)'
+          - 'OpenBSD'
+          - 'Windows'
+          - 'Other (please mention in the description)'
     'id': 'os'
     'type': 'dropdown'
     'validations':
         'required': true
+  - 'attributes':
+        'description': 'On which CPU architecture does the issue occur?'
+        'label': 'CPU architecture'
+        'options':
+          - 'AMD64'
+          - 'x86'
+          - '64-bit ARM'
+          - 'ARMv5'
+          - 'ARMv6'
+          - 'ARMv7'
+          - '64-bit MIPS'
+          - '64-bit MIPS LE'
+          - '32-bit MIPS'
+          - '32-bit MIPS LE'
+          - '64-bit PowerPC LE'
+          - 'Other (please mention in the description)'
+    'id': 'arch'
+    'type': 'dropdown'
+    'validations':
+        'required': true
   - 'attributes':
         'description': 'How did you install AdGuard Home?'
         'label': 'Installation'
@@ -69,7 +63,7 @@
           - 'GitHub releases or script from README'
           - 'Docker'
           - 'Snapcraft'
-          - 'Custom package (OpenWrt, HomeAssistant, etc; please mention in the description)'
+          - 'Custom port'
           - 'Other (please mention in the description)'
     'id': 'install'
     'type': 'dropdown'
@@ -95,55 +89,21 @@
     'validations':
         'required': true
   - 'attributes':
-        'description': >
-            Please describe what you did.  An `nslookup` or a `dig` command is
-            the best way.  For crashes, please provide a full failure log.
-        'label': 'Action'
+        'description': 'Please describe the bug'
+        'label': 'Description'
         'value': |
-            ```sh
-            nslookup -debug -type=a 'www.example.com' '$YOUR_AGH_ADDRESS'
-            ```
-    'id': 'failing_action'
+            #### What did you do?
+
+            #### Expected result
+
+            #### Actual result
+
+            #### Screenshots (if applicable)
+
+            #### Additional information
+    'id': 'description'
     'type': 'textarea'
     'validations':
         'required': true
-  - 'attributes':
-        'description': >
-            What did you expect to see?  Please add a description and/or
-            screenshots, if applicable.
-        'label': 'Expected result'
-        'placeholder': >
-            What did you expect to see?
-    'id': 'expected'
-    'type': 'textarea'
-    'validations':
-        'required': true
-  - 'attributes':
-        'description': >
-            What happened instead?  Please add a description and/or screenshots,
-            if applicable.
-        'label': 'Actual result'
-        'placeholder': >
-            What did you see instead?
-    'id': 'result'
-    'type': 'textarea'
-    'validations':
-        'required': true
-  - 'attributes':
-        'description': >
-            Please add additional information, such as non-standard OS or port,
-            here.  You can also put screenshots here, if applicable.  For
-            example, it is better to copy and paste text from a terminal instead
-            of posting a screenshot of the terminal.
-        'label': 'Additional information and/or screenshots'
-        'placeholder': >
-            Additional OS information, screenshots of the UI, etc.
-    'id': 'additional'
-    'type': 'textarea'
-    'validations':
-        'required': false
-'description': >
-    Open a bug report.  Please do not open bug reports for questions or help
-    with configuring clients.  If you want to ask for help, use the Discussions
-    section.
+'description': 'File a bug report'
 'name': 'Bug'

.github/ISSUE_TEMPLATE/feature.yml

@@ -23,32 +23,19 @@
     'id': 'prerequisites'
     'type': 'checkboxes'
   - 'attributes':
-        'description': 'Please describe the problem you are trying to solve'
-        'label': 'The problem'
-        'placeholder': >
-            Please describe the problem you are trying to solve
-    'id': 'problem'
+        'description': 'Please describe the request'
+        'label': 'Description'
+        'value': |
+            #### What problem are you trying to solve?
+
+            #### Proposed solution
+
+            #### Alternatives considered
+
+            #### Additional information
+    'id': 'description'
     'type': 'textarea'
     'validations':
         'required': true
-  - 'attributes':
-        'description': 'What feature are you proposing to solve this problem?'
-        'label': 'Proposed solution'
-        'placeholder': >
-            What feature are you proposing to solve this problem?
-    'id': 'proposed_solution'
-    'type': 'textarea'
-    'validations':
-        'required': true
-  - 'attributes':
-        'label': 'Alternatives considered and additional information'
-        'placeholder': >
-            Are there any other ways to solve the problem?
-    'id': 'additional'
-    'type': 'textarea'
-    'validations':
-        'required': false
 'description': 'Suggest a feature or an enhancement for AdGuard Home'
-'labels':
-  - 'feature request'
 'name': 'Feature request or enhancement'

.github/PULL_REQUEST_TEMPLATE

@@ -1,20 +0,0 @@
-Before submitting a PR please make sure that:
-
-1.  You have discussed your solution in an issue and have got an
-    approval from a maintainer.
-
-2.  This isn't a localization fix; please send those to our
-    [CrowdIn](https://crowdin.com/project/adguard-applications/en#/adguard-home)
-    page.
-
-3.  Your code follows our
-    [code guidelines](https://github.com/AdguardTeam/CodeGuidelines/blob/master/Go/Go.md).
-
-Add a short description here.  The description should include:
-
-1.  Which issue this PR closes (`Closes #NNNN.`) or updates (`Updates
-    #NNNN.`).
-
-2.  A short description of how the change achieves that.
-
-Do not forget to remove these instructions.

.github/workflows/potential-duplicates.yml

@@ -1,18 +0,0 @@
-'name': 'potential-duplicates'
-'on':
-    'issues':
-        'types':
-          - 'opened'
-'jobs':
-    'run':
-        'runs-on': 'ubuntu-latest'
-        'steps':
-          - 'uses': 'wow-actions/potential-duplicates@v1'
-            'with':
-                'GITHUB_TOKEN': '${{ secrets.GITHUB_TOKEN }}'
-                'state': 'all'
-                'threshold': 0.6
-                'comment': |
-                    Potential duplicates: {{#issues}}
-                     *  [#{{ number }}] {{ title }} ({{ accuracy }}%)
-                    {{/issues}}

CHANGELOG.md

@@ -14,87 +14,21 @@ and this project adheres to
 <!--
 ## [v0.108.0] - TBA
 
-## [v0.107.33] - 2023-06-28 (APPROX.)
+## [v0.107.31] - 2023-06-28 (APPROX.)
 
-See also the [v0.107.33 GitHub milestone][ms-v0.107.33].
+See also the [v0.107.31 GitHub milestone][ms-v0.107.31].
 
-[ms-v0.107.33]: https://github.com/AdguardTeam/AdGuardHome/milestone/68?closed=1
+[ms-v0.107.31]: https://github.com/AdguardTeam/AdGuardHome/milestone/67?closed=1
 
 NOTE: Add new changes BELOW THIS COMMENT.
 -->
 
 ### Added
 
-- The new HTTP API, `GET /control/querylog/export`, which can be used to
-  export query log items.  See `openapi/openapi.yaml` for the full description
-  ([#3389]).
-- The ability to set inactivity periods for filtering blocked services in the
-  configuration file ([#951]).  The UI changes are coming in the upcoming
-  releases.
 - The ability to edit rewrite rules via `PUT /control/rewrite/update` HTTP API
   ([#1577]).
 
-### Changed
-
-#### Configuration Changes
-
-In this release, the schema version has changed from 20 to 21.
-
-- Property `dns.blocked_services`, which in schema versions 20 and earlier used
-  to be a list containing ids of blocked services, is now an object containing
-  ids and schedule for blocked services:
-
-  ```yaml
-  # BEFORE:
-  'blocked_services':
-  - id_1
-  - id_2
-
-  # AFTER:
-  'blocked_services':
-    'ids':
-    - id_1
-    - id_2
-    'schedule':
-      'time_zone': 'Local'
-      'sun':
-        'start': '0s'
-        'end': '24h'
-      'mon':
-        'start': '10m'
-        'end': '23h30m'
-      'tue':
-        'start': '20m'
-        'end': '23h'
-      'wed':
-        'start': '30m'
-        'end': '22h30m'
-      'thu':
-        'start': '40m'
-        'end': '22h'
-      'fri':
-        'start': '50m'
-        'end': '21h30m'
-      'sat':
-        'start': '1h'
-        'end': '21h'
-  ```
-
-  To rollback this change, replace `dns.blocked_services` object with the list
-  of ids of blocked services and change the `schema_version` back to `20`.
-
-### Fixed
-
-- Queries with the question-section target `.`, for example `NS .`, are now
-  counted in the statistics and correctly shown in the query log ([#5910]).
-- Safe Search not working with `AAAA` queries for domains that don't have `AAAA`
-  records ([#5913]).
-
-[#951]:  https://github.com/AdguardTeam/AdGuardHome/issues/951
 [#1577]: https://github.com/AdguardTeam/AdGuardHome/issues/1577
-[#3389]: https://github.com/AdguardTeam/AdGuardHome/issues/3389
-[#5910]: https://github.com/AdguardTeam/AdGuardHome/issues/5910
-[#5913]: https://github.com/AdguardTeam/AdGuardHome/issues/5913
 
 <!--
 NOTE: Add new changes ABOVE THIS COMMENT.
@@ -102,34 +36,6 @@ NOTE: Add new changes ABOVE THIS COMMENT.
 
 
 
-## [v0.107.32] - 2023-06-13
-
-### Fixed
-
-- DNSCrypt upstream not resetting the client and resolver information on
-  dialing errors ([#5872]).
-
-
-
-
-## [v0.107.31] - 2023-06-08
-
-See also the [v0.107.31 GitHub milestone][ms-v0.107.31].
-
-### Fixed
-
-- Startup errors on OpenWrt ([#5872]).
-- Plain-UDP upstreams always falling back to TCP, causing outages and slowdowns
-  ([#5873], [#5874]).
-
-[#5872]: https://github.com/AdguardTeam/AdGuardHome/issues/5872
-[#5873]: https://github.com/AdguardTeam/AdGuardHome/issues/5873
-[#5874]: https://github.com/AdguardTeam/AdGuardHome/issues/5874
-
-[ms-v0.107.31]: https://github.com/AdguardTeam/AdGuardHome/milestone/67?closed=1
-
-
-
 ## [v0.107.30] - 2023-06-07
 
 See also the [v0.107.30 GitHub milestone][ms-v0.107.30].
@@ -2080,13 +1986,11 @@ See also the [v0.104.2 GitHub milestone][ms-v0.104.2].
 
 
 <!--
-[Unreleased]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.33...HEAD
-[v0.107.33]:  https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.32...v0.107.33
+[Unreleased]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.31...HEAD
+[v0.107.31]:  https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.30...v0.107.31
 -->
 
-[Unreleased]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.32...HEAD
-[v0.107.32]:  https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.31...v0.107.32
-[v0.107.31]:  https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.30...v0.107.31
+[Unreleased]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.30...HEAD
 [v0.107.30]:  https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.29...v0.107.30
 [v0.107.29]:  https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.28...v0.107.29
 [v0.107.28]:  https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.27...v0.107.28

Makefile

@@ -37,8 +37,6 @@ SIGN = 1
 VERSION = v0.0.0
 YARN = yarn
 
-NEXTAPI = 0
-
 # Macros for the build-release target.  If FRONTEND_PREBUILT is 0, the
 # default, the macro $(BUILD_RELEASE_DEPS_$(FRONTEND_PREBUILT)) expands
 # into BUILD_RELEASE_DEPS_0, and so both frontend and backend
@@ -66,7 +64,6 @@ ENV = env\
 	PATH="$${PWD}/bin:$$( "$(GO.MACRO)" env GOPATH )/bin:$${PATH}"\
 	RACE='$(RACE)'\
 	SIGN='$(SIGN)'\
-	NEXTAPI='$(NEXTAPI)'\
 	VERBOSE="$(VERBOSE.MACRO)"\
 	VERSION='$(VERSION)'\
 

bamboo-specs/bamboo.yaml

@@ -1,8 +1,5 @@
----
-!include release.yaml
-
----
-!include snapcraft.yaml
-
 ---
 !include test.yaml
+
+---
+!include release.yaml

bamboo-specs/release.yaml

@@ -1,290 +1,348 @@
 ---
 'version': 2
 'plan':
-    'project-key': 'AGH'
-    'key': 'AGHBSNAPSPECS'
-    'name': 'AdGuard Home - Build and publish release'
+  'project-key': 'AGH'
+  'key': 'AGHBSNAPSPECS'
+  'name': 'AdGuard Home - Build and publish release'
 # Make sure to sync any changes with the branch overrides below.
 'variables':
-    'channel': 'edge'
-    'dockerGo': 'adguard/golang-ubuntu:6.7'
+  'channel': 'edge'
+  'dockerGo': 'adguard/golang-ubuntu:6.7'
 
 'stages':
-  - 'Build frontend':
-        'manual': false
-        'final': false
-        'jobs':
-          - 'Build frontend'
+- 'Build frontend':
+    'manual': false
+    'final': false
+    'jobs':
+    - 'Build frontend'
 
-  - 'Make release':
-        'manual': false
-        'final': false
-        'jobs':
-          - 'Make release'
+- 'Make release':
+    'manual': false
+    'final': false
+    'jobs':
+    - 'Make release'
 
-  - 'Make and publish docker':
-        'manual': false
-        'final': false
-        'jobs':
-          - 'Make and publish docker'
+- 'Make and publish docker':
+    'manual': false
+    'final': false
+    'jobs':
+    - 'Make and publish docker'
 
-  - 'Publish to static storage':
-        'manual': false
-        'final': false
-        'jobs':
-          - 'Publish to static storage'
+- 'Publish to static storage':
+    'manual': false
+    'final': false
+    'jobs':
+    - 'Publish to static storage'
 
-  - 'Publish to GitHub Releases':
-        'manual': false
-        'final': false
-        'jobs':
-          - 'Publish to GitHub Releases'
+- 'Publish to Snapstore':
+    'manual': false
+    'final': false
+    'jobs':
+    - 'Publish to Snapstore'
+
+- 'Publish to GitHub Releases':
+    'manual': false
+    'final': false
+    'jobs':
+    - 'Publish to GitHub Releases'
 
 'Build frontend':
-    'docker':
-        'image': '${bamboo.dockerGo}'
-        'volumes':
-            '${system.YARN_DIR}': '${bamboo.cacheYarn}'
-    'key': 'BF'
-    'other':
-        'clean-working-dir': true
-    'tasks':
-      - 'checkout':
-            'force-clean-build': true
-      - 'script':
-            'interpreter': 'SHELL'
-            'scripts':
-              - |
-                #!/bin/sh
+  'docker':
+    'image': '${bamboo.dockerGo}'
+    'volumes':
+      '${system.YARN_DIR}': '${bamboo.cacheYarn}'
+  'key': 'BF'
+  'other':
+    'clean-working-dir': true
+  'tasks':
+  - 'checkout':
+      'force-clean-build': true
+  - 'script':
+      'interpreter': 'SHELL'
+      'scripts':
+      - |
+        #!/bin/sh
 
-                set -e -f -u -x
+        set -e -f -u -x
 
-                # Explicitly checkout the revision that we need.
-                git checkout "${bamboo.repository.revision.number}"
+        # Explicitly checkout the revision that we need.
+        git checkout "${bamboo.repository.revision.number}"
 
-                make js-deps js-build
-    'artifacts':
-      - 'name': 'AdGuardHome frontend'
-        'pattern': 'build/**'
-        'shared': true
-        'required': true
-    'requirements':
-      - 'adg-docker': 'true'
+        make js-deps js-build
+  'artifacts':
+  - 'name': 'AdGuardHome frontend'
+    'pattern': 'build*/**'
+    'shared': true
+    'required': true
+  'requirements':
+  - 'adg-docker': 'true'
 
 'Make release':
-    'docker':
-        'image': '${bamboo.dockerGo}'
-        'volumes':
-            '${system.GO_CACHE_DIR}': '${bamboo.cacheGo}'
-            '${system.GO_PKG_CACHE_DIR}': '${bamboo.cacheGoPkg}'
-    'key': 'MR'
-    'other':
-        'clean-working-dir': true
-    'tasks':
-      - 'checkout':
-            'force-clean-build': true
-      - 'script':
-            'interpreter': 'SHELL'
-            'scripts':
-              - |
-                #!/bin/sh
+  'docker':
+    'image': '${bamboo.dockerGo}'
+    'volumes':
+      '${system.GO_CACHE_DIR}': '${bamboo.cacheGo}'
+      '${system.GO_PKG_CACHE_DIR}': '${bamboo.cacheGoPkg}'
+  'key': 'MR'
+  'other':
+    'clean-working-dir': true
+  'tasks':
+  - 'checkout':
+      'force-clean-build': true
+  - 'script':
+      'interpreter': 'SHELL'
+      'scripts':
+      - |
+        #!/bin/sh
 
-                set -e -f -u -x
+        set -e -f -u -x
 
-                # Explicitly checkout the revision that we need.
-                git checkout "${bamboo.repository.revision.number}"
+        # Explicitly checkout the revision that we need.
+        git checkout "${bamboo.repository.revision.number}"
 
-                # Run the build with the specified channel.
-                echo "${bamboo.gpgSecretKeyPart1}${bamboo.gpgSecretKeyPart2}"\
-                        | awk '{ gsub(/\\n/, "\n"); print; }'\
-                        | gpg --import --batch --yes
+        # Run the build with the specified channel.
+        echo "${bamboo.gpgSecretKeyPart1}${bamboo.gpgSecretKeyPart2}"\
+                | awk '{ gsub(/\\n/, "\n"); print; }'\
+                | gpg --import --batch --yes
 
-                make\
-                        CHANNEL=${bamboo.channel}\
-                        GPG_KEY_PASSPHRASE=${bamboo.gpgPassword}\
-                        FRONTEND_PREBUILT=1\
-                        PARALLELISM=1\
-                        VERBOSE=2\
-                        build-release
-    # TODO(a.garipov): Use more fine-grained artifact rules.
-    'artifacts':
-      - 'name': 'AdGuardHome dists'
-        'pattern': 'dist/**'
-        'shared': true
-        'required': true
-    'requirements':
-      - 'adg-docker': 'true'
+        make\
+                CHANNEL=${bamboo.channel}\
+                GPG_KEY_PASSPHRASE=${bamboo.gpgPassword}\
+                FRONTEND_PREBUILT=1\
+                PARALLELISM=1\
+                VERBOSE=2\
+                build-release
+  # TODO(a.garipov): Use more fine-grained artifact rules.
+  'artifacts':
+  - 'name': 'AdGuardHome dists'
+    'pattern': 'dist/**'
+    'shared': true
+    'required': true
+  'requirements':
+  - 'adg-docker': 'true'
 
 'Make and publish docker':
-    'key': 'MPD'
-    'other':
-        'clean-working-dir': true
-    'tasks':
-      - 'checkout':
-            'force-clean-build': true
-      - 'script':
-            'interpreter': 'SHELL'
-            'scripts':
-              - |
-                #!/bin/sh
+  'key': 'MPD'
+  'other':
+    'clean-working-dir': true
+  'tasks':
+  - 'checkout':
+      'force-clean-build': true
+  - 'script':
+      'interpreter': 'SHELL'
+      'scripts':
+      - |
+        #!/bin/sh
 
-                set -e -f -u -x
+        set -e -f -u -x
 
-                COMMIT="${bamboo.repository.revision.number}"
-                export COMMIT
-                readonly COMMIT
+        COMMIT="${bamboo.repository.revision.number}"
+        export COMMIT
+        readonly COMMIT
 
-                # Explicitly checkout the revision that we need.
-                git checkout "$COMMIT"
+        # Explicitly checkout the revision that we need.
+        git checkout "$COMMIT"
 
-                # Install Qemu, create builder.
-                docker version -f '{{ .Server.Experimental }}'
-                docker buildx rm buildx-builder || :
-                docker buildx create --name buildx-builder --driver docker-container\
-                                --use
-                docker buildx inspect --bootstrap
+        # Install Qemu, create builder.
+        docker version -f '{{ .Server.Experimental }}'
+        docker buildx rm buildx-builder || :
+        docker buildx create --name buildx-builder --driver docker-container\
+                --use
+        docker buildx inspect --bootstrap
 
-                # Login to DockerHub.
-                docker login -u="${bamboo.dockerHubUsername}"\
-                        -p="${bamboo.dockerHubPassword}"
+        # Login to DockerHub.
+        docker login -u="${bamboo.dockerHubUsername}"\
+                -p="${bamboo.dockerHubPassword}"
 
-                # Boot the builder.
-                docker buildx inspect --bootstrap
+        # Boot the builder.
+        docker buildx inspect --bootstrap
 
-                # Print Docker info.
-                docker info
+        # Print Docker info.
+        docker info
 
-                # Prepare and push the build.
-                env\
-                        CHANNEL="${bamboo.channel}"\
-                        DIST_DIR='dist'\
-                        DOCKER_IMAGE_NAME='adguard/adguardhome'\
-                        DOCKER_OUTPUT="type=image,name=adguard/adguardhome,push=true"\
-                        VERBOSE='1'\
-                        sh ./scripts/make/build-docker.sh
-            'environment':
-                DOCKER_CLI_EXPERIMENTAL=enabled
-    'final-tasks':
-      - 'clean'
-    'requirements':
-      - 'adg-docker': 'true'
+        # Prepare and push the build.
+        env\
+                CHANNEL="${bamboo.channel}"\
+                DIST_DIR='dist'\
+                DOCKER_IMAGE_NAME='adguard/adguardhome'\
+                DOCKER_OUTPUT="type=image,name=adguard/adguardhome,push=true"\
+                VERBOSE='1'\
+                sh ./scripts/make/build-docker.sh
+      'environment':
+        DOCKER_CLI_EXPERIMENTAL=enabled
+  'final-tasks':
+  - 'clean'
+  'requirements':
+  - 'adg-docker': 'true'
 
 'Publish to static storage':
-    'key': 'PUB'
-    'other':
-        'clean-working-dir': true
-    'tasks':
-      - 'clean'
-      - 'checkout':
-            'repository': 'bamboo-deploy-publisher'
-            'path': 'bamboo-deploy-publisher'
-            'force-clean-build': true
-      - 'script':
-            'interpreter': 'SHELL'
-            'scripts':
-              - |
-                #!/bin/sh
+  'key': 'PUB'
+  'other':
+    'clean-working-dir': true
+  'tasks':
+  - 'clean'
+  - 'checkout':
+      'repository': 'bamboo-deploy-publisher'
+      'path': 'bamboo-deploy-publisher'
+      'force-clean-build': true
+  - 'script':
+      'interpreter': 'SHELL'
+      'scripts':
+      - |
+        #!/bin/sh
 
-                set -e -f -u -x
+        set -e -f -u -x
 
-                cd ./dist/
+        cd ./dist/
 
-                CHANNEL="${bamboo.channel}"
-                export CHANNEL
+        CHANNEL="${bamboo.channel}"
+        export CHANNEL
 
-                ../bamboo-deploy-publisher/deploy.sh adguard-home-"$CHANNEL"
-    'final-tasks':
-      - 'clean'
-    'requirements':
-      - 'adg-docker': 'true'
+        ../bamboo-deploy-publisher/deploy.sh adguard-home-"$CHANNEL"
+  'final-tasks':
+  - 'clean'
+  'requirements':
+  - 'adg-docker': 'true'
+
+'Publish to Snapstore':
+  'docker':
+    'image': '${bamboo.dockerGo}'
+  'key': 'PTS'
+  'other':
+    'clean-working-dir': true
+  'tasks':
+  - 'clean'
+  - 'checkout':
+      'repository': 'bamboo-deploy-publisher'
+      'path': 'bamboo-deploy-publisher'
+      'force-clean-build': true
+  - 'script':
+      'interpreter': 'SHELL'
+      'scripts':
+      - |
+        #!/bin/sh
+
+        set -e -f -u -x
+
+        cd ./dist/
+
+        channel="${bamboo.channel}"
+        readonly channel
+
+        case "$channel"
+        in
+        ('release')
+                snapchannel='candidate'
+                ;;
+        ('beta')
+                snapchannel='beta'
+                ;;
+        ('edge')
+                snapchannel='edge'
+                ;;
+        (*)
+                echo "invalid channel '$channel'"
+                exit 1
+                ;;
+        esac
+
+        env\
+                SNAPCRAFT_CHANNEL="$snapchannel"\
+                SNAPCRAFT_EMAIL="${bamboo.snapcraftEmail}"\
+                SNAPCRAFT_STORE_CREDENTIALS="${bamboo.snapcraftMacaroonPassword}"\
+                ../bamboo-deploy-publisher/deploy.sh adguard-home-snap
+  'final-tasks':
+  - 'clean'
+  'requirements':
+  - 'adg-docker': 'true'
 
 'Publish to GitHub Releases':
-    'key': 'PTGR'
-    'other':
-        'clean-working-dir': true
-    'tasks':
-      - 'clean'
-      - 'checkout':
-            'repository': 'bamboo-deploy-publisher'
-            'path': 'bamboo-deploy-publisher'
-            'force-clean-build': true
-      - 'script':
-            'interpreter': 'SHELL'
-            'scripts':
-              - |
-                #!/bin/sh
+  'key': 'PTGR'
+  'other':
+    'clean-working-dir': true
+  'tasks':
+  - 'clean'
+  - 'checkout':
+      'repository': 'bamboo-deploy-publisher'
+      'path': 'bamboo-deploy-publisher'
+      'force-clean-build': true
+  - 'script':
+      'interpreter': 'SHELL'
+      'scripts':
+      - |
+        #!/bin/sh
 
-                set -e -f -u -x
+        set -e -f -u -x
 
-                channel="${bamboo.channel}"
-                readonly channel
+        channel="${bamboo.channel}"
+        readonly channel
 
-                if [ "$channel" != 'release' ] && [ "${channel}" != 'beta' ]
-                then
-                        echo "don't publish to GitHub Releases for this channel"
+        if [ "$channel" != 'release' ] && [ "${channel}" != 'beta' ]
+        then
+                echo "don't publish to GitHub Releases for this channel"
 
-                        exit 0
-                fi
+                exit 0
+        fi
 
-                cd ./dist/
+        cd ./dist/
 
-                env\
-                        GITHUB_TOKEN="${bamboo.githubPublicRepoPassword}"\
-                        ../bamboo-deploy-publisher/deploy.sh adguard-home-github
-    'final-tasks':
-      - 'clean'
-    'requirements':
-      - 'adg-docker': 'true'
+        env\
+                GITHUB_TOKEN="${bamboo.githubPublicRepoPassword}"\
+                ../bamboo-deploy-publisher/deploy.sh adguard-home-github
+  'final-tasks':
+  - 'clean'
+  'requirements':
+  - 'adg-docker': 'true'
 
 'triggers':
-    # Don't use minute values that end with a zero or a five as these are often
-    # used in CI and so resources during these minutes can be quite busy.
-  - 'cron': '0 42 13 ? * MON-FRI *'
+# Don't use minute values that end with a zero or a five as these are often used
+# in CI and so resources during these minutes can be quite busy.
+- 'cron': '0 42 13 ? * MON-FRI *'
 'branches':
-    'create': 'manually'
-    'delete':
-        'after-deleted-days': 1
-        'after-inactive-days': 30
-    'integration':
-        'push-on-success': false
-        'merge-from': 'AdGuard Home   - Build and publish release'
-    'link-to-jira': true
+  'create': 'manually'
+  'delete':
+    'after-deleted-days': 1
+    'after-inactive-days': 30
+  'integration':
+    'push-on-success': false
+    'merge-from': 'AdGuard Home - Build and publish release'
+  'link-to-jira': true
 
 'notifications':
-  - 'events':
-      - 'plan-completed'
-    'recipients':
-      - 'webhook':
-            'name': 'Build webhook'
-            'url': 'http://prod.jirahub.service.eu.consul/v1/webhook/bamboo?channel=adguard-qa'
+- 'events':
+  - 'plan-completed'
+  'recipients':
+  - 'webhook':
+      'name': 'Build webhook'
+      'url': 'http://prod.jirahub.service.eu.consul/v1/webhook/bamboo?channel=adguard-qa'
 
 'labels': []
 'other':
-    'concurrent-build-plugin': 'system-default'
+  'concurrent-build-plugin': 'system-default'
 
 'branch-overrides':
-    # beta-vX.Y branches are the branches into which the commits that are needed
-    # to release a new patch version are initially cherry-picked.
-  - '^beta-v[0-9]+\.[0-9]+':
-        # Build betas on release branches manually.
-        'triggers': []
-        # Set the default release channel on the release branch to beta, as we may
-        # need to build a few of these.
-        'variables':
-            'channel': 'beta'
-            'dockerGo': 'adguard/golang-ubuntu:6.7'
-    # release-vX.Y.Z branches are the branches from which the actual final
-    # release is built.
-  - '^release-v[0-9]+\.[0-9]+\.[0-9]+':
-        # Disable integration branches for release branches.
-        'branch-config':
-            'integration':
-                'push-on-success': false
-                'merge-from': 'beta-v0.107'
-        # Build final releases on release branches manually.
-        'triggers': []
-        # Set the default release channel on the final branch to release, as these
-        # are the ones that actually get released.
-        'variables':
-            'channel': 'release'
-            'dockerGo': 'adguard/golang-ubuntu:6.7'
+# beta-vX.Y branches are the branches into which the commits that are needed to
+# release a new patch version are initially cherry-picked.
+- '^beta-v[0-9]+\.[0-9]+':
+    # Build betas on release branches manually.
+    'triggers': []
+    # Set the default release channel on the release branch to beta, as we may
+    # need to build a few of these.
+    'variables':
+      'channel': 'beta'
+      'dockerGo': 'adguard/golang-ubuntu:6.7'
+# release-vX.Y.Z branches are the branches from which the actual final release
+# is built.
+- '^release-v[0-9]+\.[0-9]+\.[0-9]+':
+    # Disable integration branches for release branches.
+    'branch-config':
+      'integration':
+        'push-on-success': false
+        'merge-from': 'beta-v0.107'
+    # Build final releases on release branches manually.
+    'triggers': []
+    # Set the default release channel on the final branch to release, as these
+    # are the ones that actually get released.
+    'variables':
+      'channel': 'release'
+      'dockerGo': 'adguard/golang-ubuntu:6.7'

bamboo-specs/snapcraft.yaml

@@ -1,211 +0,0 @@
----
-# This part of the release build is separate from the one described in
-# release.yaml, because the Snapcraft infrastructure is brittle, and timeouts
-# during logins and uploads often lead to release blocking.
-'version': 2
-'plan':
-    'project-key': 'AGH'
-    'key': 'AGHSNAP'
-    'name': 'AdGuard Home - Build and publish Snapcraft release'
-# Make sure to sync any changes with the branch overrides below.
-'variables':
-    'channel': 'edge'
-    'dockerGo': 'adguard/golang-ubuntu:6.7'
-    'snapcraftChannel': 'edge'
-
-'stages':
-  - 'Download release':
-        'manual': false
-        'final': false
-        'jobs':
-          - 'Download release'
-
-  - 'Build packages':
-        'manual': false
-        'final': false
-        'jobs':
-          - 'Build packages'
-
-  - 'Publish to Snapstore':
-        'manual': false
-        'final': false
-        'jobs':
-          - 'Publish to Snapstore'
-
-# TODO(a.garipov): Consider using the Artifact Downloader Task if it ever learns
-# about plan branches.
-'Download release':
-    'artifacts':
-      - 'name': 'i386_binary'
-        'pattern': 'AdGuardHome_i386'
-        'shared': true
-        'required': true
-      - 'name': 'amd64_binary'
-        'pattern': 'AdGuardHome_amd64'
-        'shared': true
-        'required': true
-      - 'name': 'armhf_binary'
-        'pattern': 'AdGuardHome_armhf'
-        'shared': true
-        'required': true
-      - 'name': 'arm64_binary'
-        'pattern': 'AdGuardHome_arm64'
-        'shared': true
-        'required': true
-    'docker':
-        'image': '${bamboo.dockerGo}'
-    'key': 'DR'
-    'other':
-        'clean-working-dir': true
-    'tasks':
-      - 'checkout':
-            'force-clean-build': true
-      - 'script':
-            'interpreter': 'SHELL'
-            'scripts':
-            - |
-              #!/bin/sh
-
-              set -e -f -u -x
-
-              env\
-                      CHANNEL="${bamboo.channel}"\
-                      VERBOSE='1'\
-                      sh ./scripts/snap/download.sh
-    'requirements':
-      - 'adg-docker': 'true'
-
-'Build packages':
-    'artifact-subscriptions':
-      - 'artifact': 'i386_binary'
-      - 'artifact': 'amd64_binary'
-      - 'artifact': 'armhf_binary'
-      - 'artifact': 'arm64_binary'
-    'artifacts':
-      - 'name': 'i386_snap'
-        'pattern': 'AdGuardHome_i386.snap'
-        'shared': true
-        'required': true
-      - 'name': 'amd64_snap'
-        'pattern': 'AdGuardHome_amd64.snap'
-        'shared': true
-        'required': true
-      - 'name': 'armhf_snap'
-        'pattern': 'AdGuardHome_armhf.snap'
-        'shared': true
-        'required': true
-      - 'name': 'arm64_snap'
-        'pattern': 'AdGuardHome_arm64.snap'
-        'shared': true
-        'required': true
-    'docker':
-        'image': '${bamboo.dockerGo}'
-    'key': 'BP'
-    'other':
-        'clean-working-dir': true
-    'tasks':
-      - 'checkout':
-            'force-clean-build': true
-      - 'script':
-            'interpreter': 'SHELL'
-            'scripts':
-            - |
-              #!/bin/sh
-
-              set -e -f -u -x
-
-              env\
-                      VERBOSE='1'\
-                      sh ./scripts/snap/build.sh
-    'requirements':
-      - 'adg-docker': 'true'
-
-'Publish to Snapstore':
-    'artifact-subscriptions':
-      - 'artifact': 'i386_snap'
-      - 'artifact': 'amd64_snap'
-      - 'artifact': 'armhf_snap'
-      - 'artifact': 'arm64_snap'
-    'docker':
-        'image': '${bamboo.dockerGo}'
-    'key': 'PTS'
-    'other':
-        'clean-working-dir': true
-    'tasks':
-      - 'checkout':
-            'force-clean-build': true
-      - 'script':
-            'interpreter': 'SHELL'
-            'scripts':
-              - |
-                #!/bin/sh
-
-                set -e -f -u -x
-
-                env\
-                        SNAPCRAFT_CHANNEL="${bamboo.snapcraftChannel}"\
-                        SNAPCRAFT_STORE_CREDENTIALS="${bamboo.snapcraftMacaroonPassword}"\
-                        VERBOSE='1'\
-                        sh ./scripts/snap/upload.sh
-    'final-tasks':
-      - 'clean'
-    'requirements':
-      - 'adg-docker': 'true'
-
-'triggers':
-    # Don't use minute values that end with a zero or a five as these are often
-    # used in CI and so resources during these minutes can be quite busy.
-    #
-    # NOTE: The time is chosen to be exactly one hour after the main release
-    # build as defined as in release.yaml.
-  - 'cron': '0 42 14 ? * MON-FRI *'
-'branches':
-    'create': 'manually'
-    'delete':
-        'after-deleted-days': 1
-        'after-inactive-days': 30
-    'integration':
-        'push-on-success': false
-        'merge-from': 'AdGuard Home - Build and publish Snapcraft release'
-    'link-to-jira': true
-
-'notifications':
-  - 'events':
-      - 'plan-completed'
-    'recipients':
-      - 'webhook':
-            'name': 'Build webhook'
-            'url': 'http://prod.jirahub.service.eu.consul/v1/webhook/bamboo?channel=adguard-qa'
-
-'labels': []
-'other':
-    'concurrent-build-plugin': 'system-default'
-
-'branch-overrides':
-    # beta-vX.Y branches are the branches into which the commits that are needed
-    # to release a new patch version are initially cherry-picked.
-  - '^beta-v[0-9]+\.[0-9]+':
-        # Build betas on release branches manually.
-        'triggers': []
-        # Set the default release channel on the release branch to beta, as we may
-        # need to build a few of these.
-        'variables':
-            'channel': 'beta'
-            'dockerGo': 'adguard/golang-ubuntu:6.7'
-            'snapcraftChannel': 'beta'
-    # release-vX.Y.Z branches are the branches from which the actual final
-    # release is built.
-  - '^release-v[0-9]+\.[0-9]+\.[0-9]+':
-        # Disable integration branches for release branches.
-        'branch-config':
-            'integration':
-                'push-on-success': false
-                'merge-from': 'beta-v0.107'
-        # Build final releases on release branches manually.
-        'triggers': []
-        # Set the default release channel on the final branch to release, as these
-        # are the ones that actually get released.
-        'variables':
-            'channel': 'release'
-            'dockerGo': 'adguard/golang-ubuntu:6.7'
-            'snapcraftChannel': 'candidate'

bamboo-specs/test.yaml

@@ -1,64 +1,64 @@
 ---
 'version': 2
 'plan':
-    'project-key': 'AGH'
-    'key': 'AHBRTSPECS'
-    'name': 'AdGuard Home - Build and run tests'
+  'project-key': 'AGH'
+  'key': 'AHBRTSPECS'
+  'name': 'AdGuard Home - Build and run tests'
 'variables':
-    'dockerGo': 'adguard/golang-ubuntu:6.7'
+  'dockerGo': 'adguard/golang-ubuntu:6.7'
 
 'stages':
-  - 'Tests':
-        'manual': false
-        'final': false
-        'jobs':
-          - 'Test'
+- 'Tests':
+    'manual': false
+    'final': false
+    'jobs':
+    - 'Test'
 
 'Test':
-    'docker':
-        'image': '${bamboo.dockerGo}'
-        'volumes':
-            '${system.YARN_DIR}': '${bamboo.cacheYarn}'
-            '${system.GO_CACHE_DIR}': '${bamboo.cacheGo}'
-            '${system.GO_PKG_CACHE_DIR}': '${bamboo.cacheGoPkg}'
-    'key': 'TEST'
-    'other':
-        'clean-working-dir': true
-    'tasks':
-      - 'checkout':
-            'force-clean-build': true
-      - 'script':
-            'interpreter': 'SHELL'
-            'scripts':
-              - |
-                #!/bin/sh
+  'docker':
+    'image': '${bamboo.dockerGo}'
+    'volumes':
+      '${system.YARN_DIR}': '${bamboo.cacheYarn}'
+      '${system.GO_CACHE_DIR}': '${bamboo.cacheGo}'
+      '${system.GO_PKG_CACHE_DIR}': '${bamboo.cacheGoPkg}'
+  'key': 'TEST'
+  'other':
+    'clean-working-dir': true
+  'tasks':
+  - 'checkout':
+      'force-clean-build': true
+  - 'script':
+      'interpreter': 'SHELL'
+      'scripts':
+      - |
+        #!/bin/sh
 
-                set -e -f -u -x
+        set -e -f -u -x
 
-                make VERBOSE=1 ci go-tools lint
-    'final-tasks':
-      - 'clean'
-    'requirements':
-      - 'adg-docker': 'true'
+        make VERBOSE=1 ci go-tools lint
+  'final-tasks':
+  - 'clean'
+  'requirements':
+  - 'adg-docker': 'true'
 
 'branches':
-    'create': 'for-pull-request'
-    'delete':
-        'after-deleted-days': 1
-        'after-inactive-days': 5
-    'integration':
-        'push-on-success': false
-        'merge-from': 'AdGuard Home - Build and run tests'
-    'link-to-jira': true
+  'create': 'for-pull-request'
+  'delete':
+    'after-deleted-days': 1
+    'after-inactive-days': 5
+  'integration':
+    'push-on-success': false
+    'merge-from': 'AdGuard Home - Build and run tests'
+  'link-to-jira': true
 
 'notifications':
-  - 'events':
-      - 'plan-status-changed'
-    'recipients':
-      - 'webhook':
-            'name': 'Build webhook'
-            'url': 'http://prod.jirahub.service.eu.consul/v1/webhook/bamboo'
+- 'events':
+  - 'plan-status-changed'
+  'recipients':
+  - 'webhook':
+      'name': 'Build webhook'
+      'url': 'http://prod.jirahub.service.eu.consul/v1/webhook/bamboo'
 
 'labels': []
 'other':
-    'concurrent-build-plugin': 'system-default'
+  'concurrent-build-plugin': 'system-default'

go.mod

@@ -3,12 +3,11 @@ module github.com/AdguardTeam/AdGuardHome
 go 1.19
 
 require (
-	github.com/AdguardTeam/dnsproxy v0.50.2
-	github.com/AdguardTeam/golibs v0.13.3
+	github.com/AdguardTeam/dnsproxy v0.50.0
+	github.com/AdguardTeam/golibs v0.13.2
 	github.com/AdguardTeam/urlfilter v0.16.1
 	github.com/NYTimes/gziphandler v1.1.1
 	github.com/ameshkov/dnscrypt/v2 v2.2.7
-	github.com/bluele/gcache v0.0.2
 	github.com/digineo/go-ipset/v2 v2.2.1
 	github.com/dimfeld/httptreemux/v5 v5.5.0
 	github.com/fsnotify/fsnotify v1.6.0
@@ -28,13 +27,13 @@ require (
 	github.com/mdlayher/raw v0.1.0
 	github.com/miekg/dns v1.1.54
 	github.com/quic-go/quic-go v0.35.1
-	github.com/stretchr/testify v1.8.4
+	github.com/stretchr/testify v1.8.2
 	github.com/ti-mo/netfilter v0.5.0
 	go.etcd.io/bbolt v1.3.7
-	golang.org/x/crypto v0.10.0
+	golang.org/x/crypto v0.9.0
 	golang.org/x/exp v0.0.0-20230522175609-2e198f4a06a1
-	golang.org/x/net v0.11.0
-	golang.org/x/sys v0.9.0
+	golang.org/x/net v0.10.0
+	golang.org/x/sys v0.8.0
 	gopkg.in/natefinch/lumberjack.v2 v2.2.1
 	gopkg.in/yaml.v3 v3.0.1
 	howett.net/plist v1.0.0
@@ -45,6 +44,7 @@ require (
 	github.com/aead/poly1305 v0.0.0-20180717145839-3fee0db0b635 // indirect
 	github.com/ameshkov/dnsstamps v1.0.3 // indirect
 	github.com/beefsack/go-rate v0.0.0-20220214233405-116f4ca011a0 // indirect
+	github.com/bluele/gcache v0.0.2 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect
 	github.com/golang/mock v1.6.0 // indirect
@@ -61,6 +61,6 @@ require (
 	github.com/u-root/uio v0.0.0-20230305220412-3e8cd9d6bf63 // indirect
 	golang.org/x/mod v0.10.0 // indirect
 	golang.org/x/sync v0.2.0 // indirect
-	golang.org/x/text v0.10.0 // indirect
+	golang.org/x/text v0.9.0 // indirect
 	golang.org/x/tools v0.9.3 // indirect
 )

go.sum

@@ -1,9 +1,9 @@
-github.com/AdguardTeam/dnsproxy v0.50.2 h1:p1471SsMZ6SMo7T51Olw4aNluahvMwSLMorwxYV18ts=
-github.com/AdguardTeam/dnsproxy v0.50.2/go.mod h1:CQhZTkqC8X0ID6glrtyaxgqRRdiYfn1gJulC1cZ5Dn8=
+github.com/AdguardTeam/dnsproxy v0.50.0 h1:gqImxUMBVS8VQmGdXw0U7MjJNVzXkYaZ9NM5TKl3JBU=
+github.com/AdguardTeam/dnsproxy v0.50.0/go.mod h1:CQhZTkqC8X0ID6glrtyaxgqRRdiYfn1gJulC1cZ5Dn8=
 github.com/AdguardTeam/golibs v0.4.0/go.mod h1:skKsDKIBB7kkFflLJBpfGX+G8QFTx0WKUzB6TIgtUj4=
 github.com/AdguardTeam/golibs v0.10.4/go.mod h1:rSfQRGHIdgfxriDDNgNJ7HmE5zRoURq8R+VdR81Zuzw=
-github.com/AdguardTeam/golibs v0.13.3 h1:RT3QbzThtaLiFLkIUDS6/hlGEXrh0zYvdf4bd7UWpGo=
-github.com/AdguardTeam/golibs v0.13.3/go.mod h1:wkJ6EUsN4np/9Gp7+9QeooY9E2U2WCLJYAioLCzkHsI=
+github.com/AdguardTeam/golibs v0.13.2 h1:BPASsyQKmb+b8VnvsNOHp7bKfcZl9Z+Z2UhPjOiupSc=
+github.com/AdguardTeam/golibs v0.13.2/go.mod h1:7ylQLv2Lqsc3UW3jHoITynYk6Y1tYtgEMkR09ppfsN8=
 github.com/AdguardTeam/gomitmproxy v0.2.0/go.mod h1:Qdv0Mktnzer5zpdpi5rAwixNJzW2FN91LjKJCkVbYGU=
 github.com/AdguardTeam/urlfilter v0.16.1 h1:ZPi0rjqo8cQf2FVdzo6cqumNoHZx2KPXj2yZa1A5BBw=
 github.com/AdguardTeam/urlfilter v0.16.1/go.mod h1:46YZDOV1+qtdRDuhZKVPSSp7JWWes0KayqHrKAFBdEI=
@@ -113,13 +113,17 @@ github.com/quic-go/quic-go v0.35.1/go.mod h1:+4CVgVppm0FNjpG3UcX8Joi/frKOH7/ciD5
 github.com/shirou/gopsutil/v3 v3.21.8 h1:nKct+uP0TV8DjjNiHanKf8SAuub+GNsbrOtM9Nl9biA=
 github.com/shirou/gopsutil/v3 v3.21.8/go.mod h1:YWp/H8Qs5fVmf17v7JNZzA0mPJ+mS2e9JdiUF9LlKzQ=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
 github.com/stretchr/objx v0.5.0 h1:1zr/of2m5FGMsad5YfcqgdqdWrIhu+EBEJRhR1U7z/c=
+github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
 github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
 github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
-github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
-github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
+github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
+github.com/stretchr/testify v1.8.2 h1:+h33VjcLVPDHtOdpUCuF+7gSuG3yGIftsP1YvFihtJ8=
+github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
 github.com/ti-mo/netfilter v0.2.0/go.mod h1:8GbBGsY/8fxtyIdfwy29JiluNcPK4K7wIT+x42ipqUU=
 github.com/ti-mo/netfilter v0.5.0 h1:MZmsUw5bFRecOb0AeyjOPxTHg4UxYzyEs0Ek/6Lxoy8=
 github.com/ti-mo/netfilter v0.5.0/go.mod h1:nt+8B9hx/QpqHr7Hazq+2qMCCA8u2OTkyc/7+U9ARz8=
@@ -134,8 +138,8 @@ go.etcd.io/bbolt v1.3.7 h1:j+zJOnnEjF/kyHlDDgGnVL/AIqIJPq8UoB2GSNfkUfQ=
 go.etcd.io/bbolt v1.3.7/go.mod h1:N9Mkw9X8x5fupy0IKsmuqVtoGDyxsaDlbk4Rd05IAQw=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
-golang.org/x/crypto v0.10.0 h1:LKqV2xt9+kDzSTfOhx4FrkEBcMrAgHSYgzywV9zcGmM=
-golang.org/x/crypto v0.10.0/go.mod h1:o4eNf7Ede1fv+hwOwZsTHl9EsPFO6q6ZvYR8vYfY45I=
+golang.org/x/crypto v0.9.0 h1:LF6fAI+IutBocDJ2OT0Q1g8plpYljMZ4+lty+dsqw3g=
+golang.org/x/crypto v0.9.0/go.mod h1:yrmDGqONDYtNj3tH8X9dzUun2m2lzPa9ngI6/RUPGR0=
 golang.org/x/exp v0.0.0-20230522175609-2e198f4a06a1 h1:k/i9J1pBpvlfR+9QsetwPyERsqu1GIbi967PQMq3Ivc=
 golang.org/x/exp v0.0.0-20230522175609-2e198f4a06a1/go.mod h1:V1LtkGg67GoY2N1AnLN78QLrzxkLyJw7RJb1gzOOz9w=
 golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
@@ -152,8 +156,8 @@ golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v
 golang.org/x/net v0.0.0-20210316092652-d523dce5a7f4/go.mod h1:RBQZq4jEuRlivfhVLdyRGr576XBO4/greRjx4P4O3yc=
 golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
 golang.org/x/net v0.0.0-20210929193557-e81a3d93ecf6/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
-golang.org/x/net v0.11.0 h1:Gi2tvZIJyBtO9SDr1q9h5hEQCp/4L2RQ+ar0qjx2oNU=
-golang.org/x/net v0.11.0/go.mod h1:2L/ixqYpgIVXmeoSA/4Lu7BzTG4KIyPIryS4IsOd1oQ=
+golang.org/x/net v0.10.0 h1:X2//UzNDwYmtCLn7To6G58Wr6f5ahEAQgKNzv9Y951M=
+golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.2.0 h1:PUR+T4wwASmuSTYdKjYHI5TD22Wy5ogLU5qZCOLxBrI=
@@ -177,16 +181,16 @@ golang.org/x/sys v0.0.0-20220209214540-3681064d5158/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20220622161953-175b2fd9d664/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.4.1-0.20230131160137-e7d7f63158de/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.9.0 h1:KS/R3tvhPqvJvwcKfnBHJwwthS11LRhmM5D59eEXa0s=
-golang.org/x/sys v0.9.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.8.0 h1:EBmGv8NaZBZTWvrbjNoL6HVt+IVy3QDQpJs7VRIw3tU=
+golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
-golang.org/x/text v0.10.0 h1:UpjohKhiEgNc0CSauXmwYftY1+LlaC75SJwh0SgCX58=
-golang.org/x/text v0.10.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
+golang.org/x/text v0.9.0 h1:2sjJmO8cDvYveuX97RDLsxlyUxLl+GHoLxBiRdHllBE=
+golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=

internal/aghnet/interfaces_windows.go

@@ -0,0 +1,17 @@
+//go:build windows
+
+package aghnet
+
+import (
+	"net"
+
+	"github.com/AdguardTeam/AdGuardHome/internal/aghos"
+)
+
+// listenPacketReusable announces on the local network address additionally
+// configuring the socket to have a reusable binding.
+func listenPacketReusable(_, _, _ string) (c net.PacketConn, err error) {
+	// TODO(e.burkov):  Check if we are able to control sockets on Windows
+	// in the same way as on Unix.
+	return nil, aghos.Unsupported("listening packet reusable")
+}

internal/aghtest/interface.go

@@ -1,12 +1,10 @@
 package aghtest
 
 import (
-	"context"
 	"io/fs"
 	"net"
 
 	"github.com/AdguardTeam/AdGuardHome/internal/aghos"
-	"github.com/AdguardTeam/AdGuardHome/internal/next/agh"
 	"github.com/AdguardTeam/dnsproxy/upstream"
 	"github.com/miekg/dns"
 )
@@ -118,36 +116,6 @@ func (w *FSWatcher) Close() (err error) {
 	return w.OnClose()
 }
 
-// Package agh
-
-// type check
-var _ agh.ServiceWithConfig[struct{}] = (*ServiceWithConfig[struct{}])(nil)
-
-// ServiceWithConfig is a mock [agh.ServiceWithConfig] implementation for tests.
-type ServiceWithConfig[ConfigType any] struct {
-	OnStart    func() (err error)
-	OnShutdown func(ctx context.Context) (err error)
-	OnConfig   func() (c ConfigType)
-}
-
-// Start implements the [agh.ServiceWithConfig] interface for
-// *ServiceWithConfig.
-func (s *ServiceWithConfig[_]) Start() (err error) {
-	return s.OnStart()
-}
-
-// Shutdown implements the [agh.ServiceWithConfig] interface for
-// *ServiceWithConfig.
-func (s *ServiceWithConfig[_]) Shutdown(ctx context.Context) (err error) {
-	return s.OnShutdown(ctx)
-}
-
-// Config implements the [agh.ServiceWithConfig] interface for
-// *ServiceWithConfig.
-func (s *ServiceWithConfig[ConfigType]) Config() (c ConfigType) {
-	return s.OnConfig()
-}
-
 // Module dnsproxy
 
 // Package upstream

internal/dhcpd/os_windows.go

@@ -0,0 +1,15 @@
+//go:build windows
+
+package dhcpd
+
+import (
+	"net"
+
+	"github.com/AdguardTeam/AdGuardHome/internal/aghos"
+	"golang.org/x/net/ipv4"
+)
+
+// Create a socket for receiving broadcast packets
+func newBroadcastPacketConn(_ net.IP, _ int, _ string) (*ipv4.PacketConn, error) {
+	return nil, aghos.Unsupported("newBroadcastPacketConn")
+}

internal/dnsforward/filter.go

@@ -53,14 +53,14 @@ func (s *Server) beforeRequestHandler(
 // getClientRequestFilteringSettings looks up client filtering settings using
 // the client's IP address and ID, if any, from dctx.
 func (s *Server) getClientRequestFilteringSettings(dctx *dnsContext) *filtering.Settings {
-	setts := s.dnsFilter.Settings()
+	setts := s.dnsFilter.GetConfig()
 	setts.ProtectionEnabled = dctx.protectionEnabled
 	if s.conf.FilterHandler != nil {
 		ip, _ := netutil.IPAndPortFromAddr(dctx.proxyCtx.Addr)
-		s.conf.FilterHandler(ip, dctx.clientID, setts)
+		s.conf.FilterHandler(ip, dctx.clientID, &setts)
 	}
 
-	return setts
+	return &setts
 }
 
 // filterDNSRequest applies the dnsFilter and sets dctx.proxyCtx.Res if the

internal/dnsforward/msg.go

@@ -57,13 +57,16 @@ func (s *Server) genDNSFilterMessage(
 		return s.genBlockedHost(req, s.conf.SafeBrowsingBlockHost, dctx)
 	case filtering.FilteredParental:
 		return s.genBlockedHost(req, s.conf.ParentalBlockHost, dctx)
-	case filtering.FilteredSafeSearch:
-		// If Safe Search generated the necessary IP addresses, use them.
-		// Otherwise, if there were no errors, there are no addresses for the
-		// requested IP version, so produce a NODATA response.
-		return s.genResponseWithIPs(req, ipsFromRules(res.Rules))
 	default:
-		return s.genForBlockingMode(req, ipsFromRules(res.Rules))
+		// If the query was filtered by Safe Search, filtering also must return
+		// the IP addresses that must be used in response.  Return them
+		// regardless of the filtering method.
+		ips := ipsFromRules(res.Rules)
+		if res.Reason == filtering.FilteredSafeSearch && len(ips) > 0 {
+			return s.genResponseWithIPs(req, ips)
+		}
+
+		return s.genForBlockingMode(req, ips)
 	}
 }
 

internal/dnsforward/stats.go

@@ -123,10 +123,7 @@ func (s *Server) updateStats(
 	pctx := ctx.proxyCtx
 	e := stats.Entry{}
 	e.Domain = strings.ToLower(pctx.Req.Question[0].Name)
-	if e.Domain != "." {
-		// Remove last ".", but save the domain as is for "." queries.
-		e.Domain = e.Domain[:len(e.Domain)-1]
-	}
+	e.Domain = e.Domain[:len(e.Domain)-1] // remove last "."
 
 	if clientID := ctx.clientID; clientID != "" {
 		e.Client = clientID

internal/dnsforward/stats_test.go

@@ -46,10 +46,6 @@ type testStats struct {
 
 // Update implements the [stats.Interface] interface for *testStats.
 func (l *testStats) Update(e stats.Entry) {
-	if e.Domain == "" {
-		return
-	}
-
 	l.lastEntry = e
 }
 
@@ -58,12 +54,9 @@ func (l *testStats) ShouldCount(string, uint16, uint16, []string) bool {
 	return true
 }
 
-func TestServer_ProcessQueryLogsAndStats(t *testing.T) {
-	const domain = "example.com."
-
+func TestProcessQueryLogsAndStats(t *testing.T) {
 	testCases := []struct {
 		name           string
-		domain         string
 		proto          proxy.Proto
 		addr           net.Addr
 		clientID       string
@@ -74,7 +67,6 @@ func TestServer_ProcessQueryLogsAndStats(t *testing.T) {
 		wantStatResult stats.Result
 	}{{
 		name:           "success_udp",
-		domain:         domain,
 		proto:          proxy.ProtoUDP,
 		addr:           &net.UDPAddr{IP: net.IP{1, 2, 3, 4}, Port: 1234},
 		clientID:       "",
@@ -85,7 +77,6 @@ func TestServer_ProcessQueryLogsAndStats(t *testing.T) {
 		wantStatResult: stats.RNotFiltered,
 	}, {
 		name:           "success_tls_clientid",
-		domain:         domain,
 		proto:          proxy.ProtoTLS,
 		addr:           &net.TCPAddr{IP: net.IP{1, 2, 3, 4}, Port: 1234},
 		clientID:       "cli42",
@@ -96,7 +87,6 @@ func TestServer_ProcessQueryLogsAndStats(t *testing.T) {
 		wantStatResult: stats.RNotFiltered,
 	}, {
 		name:           "success_tls",
-		domain:         domain,
 		proto:          proxy.ProtoTLS,
 		addr:           &net.TCPAddr{IP: net.IP{1, 2, 3, 4}, Port: 1234},
 		clientID:       "",
@@ -107,7 +97,6 @@ func TestServer_ProcessQueryLogsAndStats(t *testing.T) {
 		wantStatResult: stats.RNotFiltered,
 	}, {
 		name:           "success_quic",
-		domain:         domain,
 		proto:          proxy.ProtoQUIC,
 		addr:           &net.UDPAddr{IP: net.IP{1, 2, 3, 4}, Port: 1234},
 		clientID:       "",
@@ -118,7 +107,6 @@ func TestServer_ProcessQueryLogsAndStats(t *testing.T) {
 		wantStatResult: stats.RNotFiltered,
 	}, {
 		name:           "success_https",
-		domain:         domain,
 		proto:          proxy.ProtoHTTPS,
 		addr:           &net.TCPAddr{IP: net.IP{1, 2, 3, 4}, Port: 1234},
 		clientID:       "",
@@ -129,7 +117,6 @@ func TestServer_ProcessQueryLogsAndStats(t *testing.T) {
 		wantStatResult: stats.RNotFiltered,
 	}, {
 		name:           "success_dnscrypt",
-		domain:         domain,
 		proto:          proxy.ProtoDNSCrypt,
 		addr:           &net.TCPAddr{IP: net.IP{1, 2, 3, 4}, Port: 1234},
 		clientID:       "",
@@ -140,7 +127,6 @@ func TestServer_ProcessQueryLogsAndStats(t *testing.T) {
 		wantStatResult: stats.RNotFiltered,
 	}, {
 		name:           "success_udp_filtered",
-		domain:         domain,
 		proto:          proxy.ProtoUDP,
 		addr:           &net.UDPAddr{IP: net.IP{1, 2, 3, 4}, Port: 1234},
 		clientID:       "",
@@ -151,7 +137,6 @@ func TestServer_ProcessQueryLogsAndStats(t *testing.T) {
 		wantStatResult: stats.RFiltered,
 	}, {
 		name:           "success_udp_sb",
-		domain:         domain,
 		proto:          proxy.ProtoUDP,
 		addr:           &net.UDPAddr{IP: net.IP{1, 2, 3, 4}, Port: 1234},
 		clientID:       "",
@@ -162,7 +147,6 @@ func TestServer_ProcessQueryLogsAndStats(t *testing.T) {
 		wantStatResult: stats.RSafeBrowsing,
 	}, {
 		name:           "success_udp_ss",
-		domain:         domain,
 		proto:          proxy.ProtoUDP,
 		addr:           &net.UDPAddr{IP: net.IP{1, 2, 3, 4}, Port: 1234},
 		clientID:       "",
@@ -173,7 +157,6 @@ func TestServer_ProcessQueryLogsAndStats(t *testing.T) {
 		wantStatResult: stats.RSafeSearch,
 	}, {
 		name:           "success_udp_pc",
-		domain:         domain,
 		proto:          proxy.ProtoUDP,
 		addr:           &net.UDPAddr{IP: net.IP{1, 2, 3, 4}, Port: 1234},
 		clientID:       "",
@@ -182,17 +165,6 @@ func TestServer_ProcessQueryLogsAndStats(t *testing.T) {
 		wantCode:       resultCodeSuccess,
 		reason:         filtering.FilteredParental,
 		wantStatResult: stats.RParental,
-	}, {
-		name:           "success_udp_pc_empty_fqdn",
-		domain:         ".",
-		proto:          proxy.ProtoUDP,
-		addr:           &net.UDPAddr{IP: net.IP{1, 2, 3, 5}, Port: 1234},
-		clientID:       "",
-		wantLogProto:   "",
-		wantStatClient: "1.2.3.5",
-		wantCode:       resultCodeSuccess,
-		reason:         filtering.FilteredParental,
-		wantStatResult: stats.RParental,
 	}}
 
 	ups, err := upstream.AddressToUpstream("1.1.1.1", nil)
@@ -209,7 +181,7 @@ func TestServer_ProcessQueryLogsAndStats(t *testing.T) {
 		t.Run(tc.name, func(t *testing.T) {
 			req := &dns.Msg{
 				Question: []dns.Question{{
-					Name: tc.domain,
+					Name: "example.com.",
 				}},
 			}
 			pctx := &proxy.DNSContext{

internal/filtering/blocked.go

@@ -3,10 +3,8 @@ package filtering
 import (
 	"encoding/json"
 	"net/http"
-	"time"
 
 	"github.com/AdguardTeam/AdGuardHome/internal/aghhttp"
-	"github.com/AdguardTeam/AdGuardHome/internal/schedule"
 	"github.com/AdguardTeam/golibs/log"
 	"github.com/AdguardTeam/urlfilter/rules"
 	"golang.org/x/exp/slices"
@@ -46,15 +44,6 @@ func initBlockedServices() {
 	log.Debug("filtering: initialized %d services", l)
 }
 
-// BlockedServices is the configuration of blocked services.
-type BlockedServices struct {
-	// Schedule is blocked services schedule for every day of the week.
-	Schedule *schedule.Weekly `yaml:"schedule"`
-
-	// IDs is the names of blocked services.
-	IDs []string `yaml:"ids"`
-}
-
 // BlockedSvcKnown returns true if a blocked service ID is known.
 func BlockedSvcKnown(s string) (ok bool) {
 	_, ok = serviceRules[s]
@@ -63,22 +52,15 @@ func BlockedSvcKnown(s string) (ok bool) {
 }
 
 // ApplyBlockedServices - set blocked services settings for this DNS request
-func (d *DNSFilter) ApplyBlockedServices(setts *Settings) {
-	d.confLock.RLock()
-	defer d.confLock.RUnlock()
-
+func (d *DNSFilter) ApplyBlockedServices(setts *Settings, list []string) {
 	setts.ServicesRules = []ServiceEntry{}
+	if list == nil {
+		d.confLock.RLock()
+		defer d.confLock.RUnlock()
 
-	bsvc := d.BlockedServices
-
-	// TODO(s.chzhen):  Use startTime from [dnsforward.dnsContext].
-	if !bsvc.Schedule.Contains(time.Now()) {
-		d.ApplyBlockedServicesList(setts, bsvc.IDs)
+		list = d.Config.BlockedServices
 	}
-}
 
-// ApplyBlockedServicesList appends filtering rules to the settings.
-func (d *DNSFilter) ApplyBlockedServicesList(setts *Settings, list []string) {
 	for _, name := range list {
 		rules, ok := serviceRules[name]
 		if !ok {
@@ -108,7 +90,7 @@ func (d *DNSFilter) handleBlockedServicesAll(w http.ResponseWriter, r *http.Requ
 
 func (d *DNSFilter) handleBlockedServicesList(w http.ResponseWriter, r *http.Request) {
 	d.confLock.RLock()
-	list := d.Config.BlockedServices.IDs
+	list := d.Config.BlockedServices
 	d.confLock.RUnlock()
 
 	_ = aghhttp.WriteJSONResponse(w, r, list)
@@ -124,7 +106,7 @@ func (d *DNSFilter) handleBlockedServicesSet(w http.ResponseWriter, r *http.Requ
 	}
 
 	d.confLock.Lock()
-	d.Config.BlockedServices.IDs = list
+	d.Config.BlockedServices = list
 	d.confLock.Unlock()
 
 	log.Debug("Updated blocked services list: %d", len(list))

internal/filtering/filtering.go

@@ -103,9 +103,9 @@ type Config struct {
 
 	Rewrites []*LegacyRewrite `yaml:"rewrites"`
 
-	// BlockedServices is the configuration of blocked services.
+	// Names of services to block (globally).
 	// Per-client settings can override this configuration.
-	BlockedServices *BlockedServices `yaml:"blocked_services"`
+	BlockedServices []string `yaml:"blocked_services"`
 
 	// EtcHosts is a container of IP-hostname pairs taken from the operating
 	// system configuration files (e.g. /etc/hosts).
@@ -298,12 +298,12 @@ func (d *DNSFilter) SetEnabled(enabled bool) {
 	atomic.StoreUint32(&d.enabled, mathutil.BoolToNumber[uint32](enabled))
 }
 
-// Settings returns filtering settings.
-func (d *DNSFilter) Settings() (s *Settings) {
+// GetConfig - get configuration
+func (d *DNSFilter) GetConfig() (s Settings) {
 	d.confLock.RLock()
 	defer d.confLock.RUnlock()
 
-	return &Settings{
+	return Settings{
 		FilteringEnabled:    atomic.LoadUint32(&d.Config.enabled) != 0,
 		SafeSearchEnabled:   d.Config.SafeSearchConf.Enabled,
 		SafeBrowsingEnabled: d.Config.SafeBrowsingEnabled,
@@ -987,19 +987,16 @@ func New(c *Config, blockFilters []Filter) (d *DNSFilter, err error) {
 		return nil, fmt.Errorf("rewrites: preparing: %s", err)
 	}
 
-	if d.BlockedServices != nil {
-		bsvcs := []string{}
-		for _, s := range d.BlockedServices.IDs {
-			if !BlockedSvcKnown(s) {
-				log.Debug("skipping unknown blocked-service %q", s)
+	bsvcs := []string{}
+	for _, s := range d.BlockedServices {
+		if !BlockedSvcKnown(s) {
+			log.Debug("skipping unknown blocked-service %q", s)
 
-				continue
-			}
-
-			bsvcs = append(bsvcs, s)
+			continue
 		}
-		d.BlockedServices.IDs = bsvcs
+		bsvcs = append(bsvcs, s)
 	}
+	d.BlockedServices = bsvcs
 
 	if blockFilters != nil {
 		err = d.initFiltering(nil, blockFilters)

internal/filtering/http.go

@@ -416,12 +416,12 @@ type checkHostResp struct {
 func (d *DNSFilter) handleCheckHost(w http.ResponseWriter, r *http.Request) {
 	host := r.URL.Query().Get("name")
 
-	setts := d.Settings()
+	setts := d.GetConfig()
 	setts.FilteringEnabled = true
 	setts.ProtectionEnabled = true
 
-	d.ApplyBlockedServices(setts)
-	result, err := d.CheckHost(host, dns.TypeA, setts)
+	d.ApplyBlockedServices(&setts, nil)
+	result, err := d.CheckHost(host, dns.TypeA, &setts)
 	if err != nil {
 		aghhttp.Error(
 			r,
@@ -555,7 +555,6 @@ func (d *DNSFilter) RegisterFilteringHandlers() {
 
 	registerHTTP(http.MethodGet, "/control/rewrite/list", d.handleRewriteList)
 	registerHTTP(http.MethodPost, "/control/rewrite/add", d.handleRewriteAdd)
-	registerHTTP(http.MethodPut, "/control/rewrite/update", d.handleRewriteUpdate)
 	registerHTTP(http.MethodPost, "/control/rewrite/delete", d.handleRewriteDelete)
 
 	registerHTTP(http.MethodGet, "/control/blocked_services/services", d.handleBlockedServicesIDs)

internal/filtering/rewrite/storage.go

@@ -84,7 +84,7 @@ func (s *DefaultStorage) MatchRequest(dReq *urlfilter.DNSRequest) (rws []*rules.
 		return nil
 	}
 
-	// TODO(a.garipov): Check cnames for cycles on initialization.
+	// TODO(a.garipov): Check cnames for cycles on initialisation.
 	cnames := stringutil.NewSet()
 	host := dReq.Hostname
 	for len(rrules) > 0 && rrules[0].DNSRewrite != nil && rrules[0].DNSRewrite.NewCNAME != "" {

internal/filtering/rewritehttp.go

@@ -6,7 +6,6 @@ import (
 
 	"github.com/AdguardTeam/AdGuardHome/internal/aghhttp"
 	"github.com/AdguardTeam/golibs/log"
-	"golang.org/x/exp/slices"
 )
 
 // TODO(d.kolyshev): Use [rewrite.Item] instead.
@@ -92,62 +91,3 @@ func (d *DNSFilter) handleRewriteDelete(w http.ResponseWriter, r *http.Request)
 
 	d.Config.ConfigModified()
 }
-
-// rewriteUpdateJSON is a struct for JSON object with rewrite rule update info.
-type rewriteUpdateJSON struct {
-	Target rewriteEntryJSON `json:"target"`
-	Update rewriteEntryJSON `json:"update"`
-}
-
-// handleRewriteUpdate is the handler for the PUT /control/rewrite/update HTTP
-// API.
-func (d *DNSFilter) handleRewriteUpdate(w http.ResponseWriter, r *http.Request) {
-	updateJSON := rewriteUpdateJSON{}
-	err := json.NewDecoder(r.Body).Decode(&updateJSON)
-	if err != nil {
-		aghhttp.Error(r, w, http.StatusBadRequest, "json.Decode: %s", err)
-
-		return
-	}
-
-	rwDel := &LegacyRewrite{
-		Domain: updateJSON.Target.Domain,
-		Answer: updateJSON.Target.Answer,
-	}
-
-	rwAdd := &LegacyRewrite{
-		Domain: updateJSON.Update.Domain,
-		Answer: updateJSON.Update.Answer,
-	}
-
-	err = rwAdd.normalize()
-	if err != nil {
-		// Shouldn't happen currently, since normalize only returns a non-nil
-		// error when a rewrite is nil, but be change-proof.
-		aghhttp.Error(r, w, http.StatusBadRequest, "normalizing: %s", err)
-
-		return
-	}
-
-	index := -1
-	defer func() {
-		if index >= 0 {
-			d.Config.ConfigModified()
-		}
-	}()
-
-	d.confLock.Lock()
-	defer d.confLock.Unlock()
-
-	index = slices.IndexFunc(d.Config.Rewrites, rwDel.equal)
-	if index == -1 {
-		aghhttp.Error(r, w, http.StatusBadRequest, "target rule not found")
-
-		return
-	}
-
-	d.Config.Rewrites = slices.Replace(d.Config.Rewrites, index, index+1, rwAdd)
-
-	log.Debug("rewrite: removed element: %s -> %s", rwDel.Domain, rwDel.Answer)
-	log.Debug("rewrite: added element: %s -> %s", rwAdd.Domain, rwAdd.Answer)
-}

internal/filtering/rewritehttp_test.go

@@ -1,237 +0,0 @@
-package filtering_test
-
-import (
-	"bytes"
-	"encoding/json"
-	"io"
-	"net/http"
-	"net/http/httptest"
-	"testing"
-	"time"
-
-	"github.com/AdguardTeam/AdGuardHome/internal/filtering"
-	"github.com/AdguardTeam/golibs/testutil"
-	"github.com/stretchr/testify/assert"
-	"github.com/stretchr/testify/require"
-)
-
-// TODO(d.kolyshev): Use [rewrite.Item] instead.
-type rewriteJSON struct {
-	Domain string `json:"domain"`
-	Answer string `json:"answer"`
-}
-
-type rewriteUpdateJSON struct {
-	Target rewriteJSON `json:"target"`
-	Update rewriteJSON `json:"update"`
-}
-
-const (
-	// testTimeout is the common timeout for tests.
-	testTimeout = 100 * time.Millisecond
-
-	listURL   = "/control/rewrite/list"
-	addURL    = "/control/rewrite/add"
-	deleteURL = "/control/rewrite/delete"
-	updateURL = "/control/rewrite/update"
-
-	decodeErrorMsg = "json.Decode: json: cannot unmarshal string into Go value of type" +
-		" filtering.rewriteEntryJSON\n"
-)
-
-func TestDNSFilter_handleRewriteHTTP(t *testing.T) {
-	confModCh := make(chan struct{})
-	reqCh := make(chan struct{})
-	testRewrites := []*rewriteJSON{
-		{Domain: "example.local", Answer: "example.rewrite"},
-		{Domain: "one.local", Answer: "one.rewrite"},
-	}
-
-	testRewritesJSON, mErr := json.Marshal(testRewrites)
-	require.NoError(t, mErr)
-
-	testCases := []struct {
-		reqData     any
-		name        string
-		url         string
-		method      string
-		wantList    []*rewriteJSON
-		wantBody    string
-		wantConfMod bool
-		wantStatus  int
-	}{{
-		name:        "list",
-		url:         listURL,
-		method:      http.MethodGet,
-		reqData:     nil,
-		wantConfMod: false,
-		wantStatus:  http.StatusOK,
-		wantBody:    string(testRewritesJSON) + "\n",
-		wantList:    testRewrites,
-	}, {
-		name:        "add",
-		url:         addURL,
-		method:      http.MethodPost,
-		reqData:     rewriteJSON{Domain: "add.local", Answer: "add.rewrite"},
-		wantConfMod: true,
-		wantStatus:  http.StatusOK,
-		wantBody:    "",
-		wantList: append(
-			testRewrites,
-			&rewriteJSON{Domain: "add.local", Answer: "add.rewrite"},
-		),
-	}, {
-		name:        "add_error",
-		url:         addURL,
-		method:      http.MethodPost,
-		reqData:     "invalid_json",
-		wantConfMod: false,
-		wantStatus:  http.StatusBadRequest,
-		wantBody:    decodeErrorMsg,
-		wantList:    testRewrites,
-	}, {
-		name:        "delete",
-		url:         deleteURL,
-		method:      http.MethodPost,
-		reqData:     rewriteJSON{Domain: "one.local", Answer: "one.rewrite"},
-		wantConfMod: true,
-		wantStatus:  http.StatusOK,
-		wantBody:    "",
-		wantList:    []*rewriteJSON{{Domain: "example.local", Answer: "example.rewrite"}},
-	}, {
-		name:        "delete_error",
-		url:         deleteURL,
-		method:      http.MethodPost,
-		reqData:     "invalid_json",
-		wantConfMod: false,
-		wantStatus:  http.StatusBadRequest,
-		wantBody:    decodeErrorMsg,
-		wantList:    testRewrites,
-	}, {
-		name:   "update",
-		url:    updateURL,
-		method: http.MethodPut,
-		reqData: rewriteUpdateJSON{
-			Target: rewriteJSON{Domain: "one.local", Answer: "one.rewrite"},
-			Update: rewriteJSON{Domain: "upd.local", Answer: "upd.rewrite"},
-		},
-		wantConfMod: true,
-		wantStatus:  http.StatusOK,
-		wantBody:    "",
-		wantList: []*rewriteJSON{
-			{Domain: "example.local", Answer: "example.rewrite"},
-			{Domain: "upd.local", Answer: "upd.rewrite"},
-		},
-	}, {
-		name:        "update_error",
-		url:         updateURL,
-		method:      http.MethodPut,
-		reqData:     "invalid_json",
-		wantConfMod: false,
-		wantStatus:  http.StatusBadRequest,
-		wantBody: "json.Decode: json: cannot unmarshal string into Go value of type" +
-			" filtering.rewriteUpdateJSON\n",
-		wantList: testRewrites,
-	}, {
-		name:   "update_error_target",
-		url:    updateURL,
-		method: http.MethodPut,
-		reqData: rewriteUpdateJSON{
-			Target: rewriteJSON{Domain: "inv.local", Answer: "inv.rewrite"},
-			Update: rewriteJSON{Domain: "upd.local", Answer: "upd.rewrite"},
-		},
-		wantConfMod: false,
-		wantStatus:  http.StatusBadRequest,
-		wantBody:    "target rule not found\n",
-		wantList:    testRewrites,
-	}}
-
-	for _, tc := range testCases {
-		onConfModified := func() {
-			if !tc.wantConfMod {
-				panic("config modified has been fired")
-			}
-
-			testutil.RequireSend(testutil.PanicT{}, confModCh, struct{}{}, testTimeout)
-		}
-
-		t.Run(tc.name, func(t *testing.T) {
-			handlers := make(map[string]http.Handler)
-
-			d, err := filtering.New(&filtering.Config{
-				ConfigModified: onConfModified,
-				HTTPRegister: func(_, url string, handler http.HandlerFunc) {
-					handlers[url] = handler
-				},
-				Rewrites: rewriteEntriesToLegacyRewrites(testRewrites),
-			}, nil)
-			require.NoError(t, err)
-			t.Cleanup(d.Close)
-
-			d.RegisterFilteringHandlers()
-			require.NotEmpty(t, handlers)
-			require.Contains(t, handlers, listURL)
-			require.Contains(t, handlers, tc.url)
-
-			var body io.Reader
-			if tc.reqData != nil {
-				data, rErr := json.Marshal(tc.reqData)
-				require.NoError(t, rErr)
-
-				body = bytes.NewReader(data)
-			}
-
-			r := httptest.NewRequest(tc.method, tc.url, body)
-			w := httptest.NewRecorder()
-
-			go func() {
-				handlers[tc.url].ServeHTTP(w, r)
-
-				testutil.RequireSend(testutil.PanicT{}, reqCh, struct{}{}, testTimeout)
-			}()
-
-			if tc.wantConfMod {
-				testutil.RequireReceive(t, confModCh, testTimeout)
-			}
-
-			testutil.RequireReceive(t, reqCh, testTimeout)
-			assert.Equal(t, tc.wantStatus, w.Code)
-
-			respBody, err := io.ReadAll(w.Body)
-			require.NoError(t, err)
-			assert.Equal(t, []byte(tc.wantBody), respBody)
-
-			assertRewritesList(t, handlers[listURL], tc.wantList)
-		})
-	}
-}
-
-// assertRewritesList checks if rewrites list equals the list received from the
-// handler by listURL.
-func assertRewritesList(t *testing.T, handler http.Handler, wantList []*rewriteJSON) {
-	t.Helper()
-
-	r := httptest.NewRequest(http.MethodGet, listURL, nil)
-	w := httptest.NewRecorder()
-
-	handler.ServeHTTP(w, r)
-	require.Equal(t, http.StatusOK, w.Code)
-
-	var actual []*rewriteJSON
-	err := json.NewDecoder(w.Body).Decode(&actual)
-	require.NoError(t, err)
-
-	assert.Equal(t, wantList, actual)
-}
-
-// rewriteEntriesToLegacyRewrites gets legacy rewrites from json entries.
-func rewriteEntriesToLegacyRewrites(entries []*rewriteJSON) (rw []*filtering.LegacyRewrite) {
-	for _, entry := range entries {
-		rw = append(rw, &filtering.LegacyRewrite{
-			Domain: entry.Domain,
-			Answer: entry.Answer,
-		})
-	}
-
-	return rw
-}

internal/filtering/safesearch/safesearch.go

@@ -161,8 +161,12 @@ func (ss *Default) resetEngine(
 // type check
 var _ filtering.SafeSearch = (*Default)(nil)
 
-// CheckHost implements the [filtering.SafeSearch] interface for *Default.
-func (ss *Default) CheckHost(host string, qtype rules.RRType) (res filtering.Result, err error) {
+// CheckHost implements the [filtering.SafeSearch] interface for
+// *DefaultSafeSearch.
+func (ss *Default) CheckHost(
+	host string,
+	qtype rules.RRType,
+) (res filtering.Result, err error) {
 	start := time.Now()
 	defer func() {
 		ss.log(log.DEBUG, "lookup for %q finished in %s", host, time.Since(start))
@@ -192,10 +196,14 @@ func (ss *Default) CheckHost(host string, qtype rules.RRType) (res filtering.Res
 		return filtering.Result{}, err
 	}
 
-	res = *fltRes
-	ss.setCacheResult(host, qtype, res)
+	if fltRes != nil {
+		res = *fltRes
+		ss.setCacheResult(host, qtype, res)
 
-	return res, nil
+		return res, nil
+	}
+
+	return filtering.Result{}, fmt.Errorf("no ipv4 addresses for %q", host)
 }
 
 // searchHost looks up DNS rewrites in the internal DNS filtering engine.
@@ -221,11 +229,7 @@ func (ss *Default) searchHost(host string, qtype rules.RRType) (res *rules.DNSRe
 }
 
 // newResult creates Result object from rewrite rule.  qtype must be either
-// [dns.TypeA] or [dns.TypeAAAA].  If err is nil, res is never nil, so that the
-// empty result is converted into a NODATA response.
-//
-// TODO(a.garipov): Use the main rewrite result mechanism used in
-// [dnsforward.Server.filterDNSRequest].
+// [dns.TypeA] or [dns.TypeAAAA].
 func (ss *Default) newResult(
 	rewrite *rules.DNSRewrite,
 	qtype rules.RRType,
@@ -239,10 +243,9 @@ func (ss *Default) newResult(
 	}
 
 	if rewrite.RRType == qtype {
-		v := rewrite.Value
-		ip, ok := v.(net.IP)
+		ip, ok := rewrite.Value.(net.IP)
 		if !ok || ip == nil {
-			return nil, fmt.Errorf("expected ip rewrite value, got %T(%[1]v)", v)
+			return nil, nil
 		}
 
 		res.Rules[0].IP = ip
@@ -252,14 +255,14 @@ func (ss *Default) newResult(
 
 	host := rewrite.NewCNAME
 	if host == "" {
-		return res, nil
+		return nil, nil
 	}
 
 	ss.log(log.DEBUG, "resolving %q", host)
 
 	ips, err := ss.resolver.LookupIP(context.Background(), qtypeToProto(qtype), host)
 	if err != nil {
-		return nil, fmt.Errorf("resolving cname: %w", err)
+		return nil, err
 	}
 
 	ss.log(log.DEBUG, "resolved %s", ips)
@@ -273,9 +276,11 @@ func (ss *Default) newResult(
 		}
 
 		res.Rules[0].IP = ip
+
+		return res, nil
 	}
 
-	return res, nil
+	return nil, nil
 }
 
 // qtypeToProto returns "ip4" for [dns.TypeA] and "ip6" for [dns.TypeAAAA].

internal/filtering/safesearch/safesearch_test.go

@@ -1,7 +1,6 @@
 package safesearch_test
 
 import (
-	"context"
 	"net"
 	"testing"
 	"time"
@@ -72,25 +71,6 @@ func TestDefault_CheckHost_yandex(t *testing.T) {
 	}
 }
 
-func TestDefault_CheckHost_yandexAAAA(t *testing.T) {
-	conf := testConf
-	ss, err := safesearch.NewDefault(conf, "", testCacheSize, testCacheTTL)
-	require.NoError(t, err)
-
-	res, err := ss.CheckHost("www.yandex.ru", dns.TypeAAAA)
-	require.NoError(t, err)
-
-	assert.True(t, res.IsFiltered)
-
-	// TODO(a.garipov): Currently, the safe-search filter returns a single rule
-	// with a nil IP address.  This isn't really necessary and should be changed
-	// once the TODO in [safesearch.Default.newResult] is resolved.
-	require.Len(t, res.Rules, 1)
-
-	assert.Nil(t, res.Rules[0].IP)
-	assert.EqualValues(t, filtering.SafeSearchListID, res.Rules[0].FilterListID)
-}
-
 func TestDefault_CheckHost_google(t *testing.T) {
 	resolver := &aghtest.TestResolver{}
 	ip, _ := resolver.HostToIPs("forcesafesearch.google.com")
@@ -125,56 +105,6 @@ func TestDefault_CheckHost_google(t *testing.T) {
 	}
 }
 
-// testResolver is a [filtering.Resolver] for tests.
-//
-// TODO(a.garipov): Move to aghtest and use everywhere.
-type testResolver struct {
-	OnLookupIP func(ctx context.Context, network, host string) (ips []net.IP, err error)
-}
-
-// type check
-var _ filtering.Resolver = (*testResolver)(nil)
-
-// LookupIP implements the [filtering.Resolver] interface for *testResolver.
-func (r *testResolver) LookupIP(
-	ctx context.Context,
-	network string,
-	host string,
-) (ips []net.IP, err error) {
-	return r.OnLookupIP(ctx, network, host)
-}
-
-func TestDefault_CheckHost_duckduckgoAAAA(t *testing.T) {
-	conf := testConf
-	conf.CustomResolver = &testResolver{
-		OnLookupIP: func(_ context.Context, network, host string) (ips []net.IP, err error) {
-			assert.Equal(t, "ip6", network)
-			assert.Equal(t, "safe.duckduckgo.com", host)
-
-			return nil, nil
-		},
-	}
-
-	ss, err := safesearch.NewDefault(conf, "", testCacheSize, testCacheTTL)
-	require.NoError(t, err)
-
-	// The DuckDuckGo safe-search addresses are resolved through CNAMEs, but
-	// DuckDuckGo doesn't have a safe-search IPv6 address.  The result should be
-	// the same as the one for Yandex IPv6.  That is, a NODATA response.
-	res, err := ss.CheckHost("www.duckduckgo.com", dns.TypeAAAA)
-	require.NoError(t, err)
-
-	assert.True(t, res.IsFiltered)
-
-	// TODO(a.garipov): Currently, the safe-search filter returns a single rule
-	// with a nil IP address.  This isn't really necessary and should be changed
-	// once the TODO in [safesearch.Default.newResult] is resolved.
-	require.Len(t, res.Rules, 1)
-
-	assert.Nil(t, res.Rules[0].IP)
-	assert.EqualValues(t, filtering.SafeSearchListID, res.Rules[0].FilterListID)
-}
-
 func TestDefault_Update(t *testing.T) {
 	conf := testConf
 	ss, err := safesearch.NewDefault(conf, "", testCacheSize, testCacheTTL)

internal/home/client.go

@@ -7,7 +7,6 @@ import (
 
 	"github.com/AdguardTeam/AdGuardHome/internal/filtering"
 	"github.com/AdguardTeam/AdGuardHome/internal/filtering/safesearch"
-	"github.com/AdguardTeam/AdGuardHome/internal/whois"
 	"github.com/AdguardTeam/dnsproxy/proxy"
 	"github.com/AdguardTeam/golibs/stringutil"
 )
@@ -128,13 +127,14 @@ func (cs clientSource) MarshalText() (text []byte, err error) {
 // RuntimeClient is a client information about which has been obtained using the
 // source described in the Source field.
 type RuntimeClient struct {
-	// WHOIS is the filtered WHOIS data of a client.
-	WHOIS *whois.Info
-
-	// Host is the host name of a client.
-	Host string
-
-	// Source is the source from which the information about the client has
-	// been obtained.
-	Source clientSource
+	WHOISInfo *RuntimeClientWHOISInfo
+	Host      string
+	Source    clientSource
+}
+
+// RuntimeClientWHOISInfo is the filtered WHOIS data for a runtime client.
+type RuntimeClientWHOISInfo struct {
+	City    string `json:"city,omitempty"`
+	Country string `json:"country,omitempty"`
+	Orgname string `json:"orgname,omitempty"`
 }

internal/home/clients.go

@@ -14,7 +14,6 @@ import (
 	"github.com/AdguardTeam/AdGuardHome/internal/dnsforward"
 	"github.com/AdguardTeam/AdGuardHome/internal/filtering"
 	"github.com/AdguardTeam/AdGuardHome/internal/querylog"
-	"github.com/AdguardTeam/AdGuardHome/internal/whois"
 	"github.com/AdguardTeam/dnsproxy/proxy"
 	"github.com/AdguardTeam/dnsproxy/upstream"
 	"github.com/AdguardTeam/golibs/errors"
@@ -308,6 +307,18 @@ func (clients *clientsContainer) clientSource(ip netip.Addr) (src clientSource)
 	return rc.Source
 }
 
+func toQueryLogWHOIS(wi *RuntimeClientWHOISInfo) (cw *querylog.ClientWHOIS) {
+	if wi == nil {
+		return &querylog.ClientWHOIS{}
+	}
+
+	return &querylog.ClientWHOIS{
+		City:    wi.City,
+		Country: wi.Country,
+		Orgname: wi.Orgname,
+	}
+}
+
 // findMultiple is a wrapper around Find to make it a valid client finder for
 // the query log.  c is never nil; if no information about the client is found,
 // it returns an artificial client record by only setting the blocking-related
@@ -341,7 +352,7 @@ func (clients *clientsContainer) clientOrArtificial(
 	defer func() {
 		c.Disallowed, c.DisallowedRule = clients.dnsServer.IsBlockedClient(ip, id)
 		if c.WHOIS == nil {
-			c.WHOIS = &whois.Info{}
+			c.WHOIS = &querylog.ClientWHOIS{}
 		}
 	}()
 
@@ -358,7 +369,7 @@ func (clients *clientsContainer) clientOrArtificial(
 	if ok {
 		return &querylog.Client{
 			Name:  rc.Host,
-			WHOIS: rc.WHOIS,
+			WHOIS: toQueryLogWHOIS(rc.WHOISInfo),
 		}, false
 	}
 
@@ -690,7 +701,7 @@ func (clients *clientsContainer) Update(prev, c *Client) (err error) {
 }
 
 // setWHOISInfo sets the WHOIS information for a client.
-func (clients *clientsContainer) setWHOISInfo(ip netip.Addr, wi *whois.Info) {
+func (clients *clientsContainer) setWHOISInfo(ip netip.Addr, wi *RuntimeClientWHOISInfo) {
 	clients.lock.Lock()
 	defer clients.lock.Unlock()
 
@@ -702,7 +713,7 @@ func (clients *clientsContainer) setWHOISInfo(ip netip.Addr, wi *whois.Info) {
 
 	rc, ok := clients.ipToRC[ip]
 	if ok {
-		rc.WHOIS = wi
+		rc.WHOISInfo = wi
 		log.Debug("clients: set whois info for runtime client %s: %+v", rc.Host, wi)
 
 		return
@@ -714,7 +725,7 @@ func (clients *clientsContainer) setWHOISInfo(ip netip.Addr, wi *whois.Info) {
 		Source: ClientSourceWHOIS,
 	}
 
-	rc.WHOIS = wi
+	rc.WHOISInfo = wi
 
 	clients.ipToRC[ip] = rc
 
@@ -751,9 +762,9 @@ func (clients *clientsContainer) addHostLocked(
 		rc.Source = src
 	} else {
 		rc = &RuntimeClient{
-			Host:   host,
-			Source: src,
-			WHOIS:  &whois.Info{},
+			Host:      host,
+			Source:    src,
+			WHOISInfo: &RuntimeClientWHOISInfo{},
 		}
 
 		clients.ipToRC[ip] = rc

internal/home/clients_test.go

@@ -9,7 +9,7 @@ import (
 
 	"github.com/AdguardTeam/AdGuardHome/internal/dhcpd"
 	"github.com/AdguardTeam/AdGuardHome/internal/filtering"
-	"github.com/AdguardTeam/AdGuardHome/internal/whois"
+
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 )
@@ -199,7 +199,7 @@ func TestClients(t *testing.T) {
 
 func TestClientsWHOIS(t *testing.T) {
 	clients := newClientsContainer()
-	whois := &whois.Info{
+	whois := &RuntimeClientWHOISInfo{
 		Country: "AU",
 		Orgname: "Example Org",
 	}
@@ -210,7 +210,7 @@ func TestClientsWHOIS(t *testing.T) {
 		rc := clients.ipToRC[ip]
 		require.NotNil(t, rc)
 
-		assert.Equal(t, rc.WHOIS, whois)
+		assert.Equal(t, rc.WHOISInfo, whois)
 	})
 
 	t.Run("existing_auto-client", func(t *testing.T) {
@@ -222,7 +222,7 @@ func TestClientsWHOIS(t *testing.T) {
 		rc := clients.ipToRC[ip]
 		require.NotNil(t, rc)
 
-		assert.Equal(t, rc.WHOIS, whois)
+		assert.Equal(t, rc.WHOISInfo, whois)
 	})
 
 	t.Run("can't_set_manually-added", func(t *testing.T) {

internal/home/clientshttp.go

@@ -9,7 +9,6 @@ import (
 	"github.com/AdguardTeam/AdGuardHome/internal/aghalg"
 	"github.com/AdguardTeam/AdGuardHome/internal/aghhttp"
 	"github.com/AdguardTeam/AdGuardHome/internal/filtering"
-	"github.com/AdguardTeam/AdGuardHome/internal/whois"
 )
 
 // clientJSON is a common structure used by several handlers to deal with
@@ -29,8 +28,7 @@ type clientJSON struct {
 	// the allowlist.
 	DisallowedRule *string `json:"disallowed_rule,omitempty"`
 
-	// WHOIS is the filtered WHOIS data of a client.
-	WHOIS          *whois.Info                 `json:"whois_info,omitempty"`
+	WHOISInfo      *RuntimeClientWHOISInfo     `json:"whois_info,omitempty"`
 	SafeSearchConf *filtering.SafeSearchConfig `json:"safe_search"`
 
 	Name string `json:"name"`
@@ -53,7 +51,7 @@ type clientJSON struct {
 }
 
 type runtimeClientJSON struct {
-	WHOIS *whois.Info `json:"whois_info"`
+	WHOISInfo *RuntimeClientWHOISInfo `json:"whois_info"`
 
 	IP     netip.Addr   `json:"ip"`
 	Name   string       `json:"name"`
@@ -80,7 +78,7 @@ func (clients *clientsContainer) handleGetClients(w http.ResponseWriter, r *http
 
 	for ip, rc := range clients.ipToRC {
 		cj := runtimeClientJSON{
-			WHOIS: rc.WHOIS,
+			WHOISInfo: rc.WHOISInfo,
 
 			Name:   rc.Host,
 			Source: rc.Source,
@@ -346,16 +344,16 @@ func (clients *clientsContainer) findRuntime(ip netip.Addr, idStr string) (cj *c
 			IDs:            []string{idStr},
 			Disallowed:     &disallowed,
 			DisallowedRule: &rule,
-			WHOIS:          &whois.Info{},
+			WHOISInfo:      &RuntimeClientWHOISInfo{},
 		}
 
 		return cj
 	}
 
 	cj = &clientJSON{
-		Name:  rc.Host,
-		IDs:   []string{idStr},
-		WHOIS: rc.WHOIS,
+		Name:      rc.Host,
+		IDs:       []string{idStr},
+		WHOISInfo: rc.WHOISInfo,
 	}
 
 	disallowed, rule := clients.dnsServer.IsBlockedClient(ip, idStr)

internal/home/config.go

@@ -14,7 +14,6 @@ import (
 	"github.com/AdguardTeam/AdGuardHome/internal/dnsforward"
 	"github.com/AdguardTeam/AdGuardHome/internal/filtering"
 	"github.com/AdguardTeam/AdGuardHome/internal/querylog"
-	"github.com/AdguardTeam/AdGuardHome/internal/schedule"
 	"github.com/AdguardTeam/AdGuardHome/internal/stats"
 	"github.com/AdguardTeam/dnsproxy/fastip"
 	"github.com/AdguardTeam/golibs/errors"
@@ -317,11 +316,6 @@ var config = &configuration{
 				Yandex:     true,
 				YouTube:    true,
 			},
-
-			BlockedServices: &filtering.BlockedServices{
-				Schedule: schedule.EmptyWeekly(),
-				IDs:      []string{},
-			},
 		},
 		UpstreamTimeout: timeutil.Duration{Duration: dnsforward.DefaultTimeout},
 		UsePrivateRDNS:  true,

internal/home/dns.go

@@ -8,7 +8,6 @@ import (
 	"net/url"
 	"os"
 	"path/filepath"
-	"time"
 
 	"github.com/AdguardTeam/AdGuardHome/internal/aghalg"
 	"github.com/AdguardTeam/AdGuardHome/internal/aghhttp"
@@ -18,7 +17,6 @@ import (
 	"github.com/AdguardTeam/AdGuardHome/internal/filtering"
 	"github.com/AdguardTeam/AdGuardHome/internal/querylog"
 	"github.com/AdguardTeam/AdGuardHome/internal/stats"
-	"github.com/AdguardTeam/AdGuardHome/internal/whois"
 	"github.com/AdguardTeam/dnsproxy/proxy"
 	"github.com/AdguardTeam/golibs/errors"
 	"github.com/AdguardTeam/golibs/log"
@@ -27,7 +25,7 @@ import (
 	yaml "gopkg.in/yaml.v3"
 )
 
-// Default listening ports.
+// Default ports.
 const (
 	defaultPortDNS   = 53
 	defaultPortHTTP  = 80
@@ -171,70 +169,11 @@ func initDNSServer(
 		Context.rdns = NewRDNS(Context.dnsServer, &Context.clients, config.DNS.UsePrivateRDNS)
 	}
 
-	initWHOIS()
-
-	return nil
-}
-
-// initWHOIS initializes the WHOIS.
-//
-// TODO(s.chzhen):  Consider making configurable.
-func initWHOIS() {
-	const (
-		// defaultQueueSize is the size of queue of IPs for WHOIS processing.
-		defaultQueueSize = 255
-
-		// defaultTimeout is the timeout for WHOIS requests.
-		defaultTimeout = 5 * time.Second
-
-		// defaultCacheSize is the maximum size of the cache.  If it's zero,
-		// cache size is unlimited.
-		defaultCacheSize = 10_000
-
-		// defaultMaxConnReadSize is an upper limit in bytes for reading from
-		// net.Conn.
-		defaultMaxConnReadSize = 64 * 1024
-
-		// defaultMaxRedirects is the maximum redirects count.
-		defaultMaxRedirects = 5
-
-		// defaultMaxInfoLen is the maximum length of whois.Info fields.
-		defaultMaxInfoLen = 250
-
-		// defaultIPTTL is the Time to Live duration for cached IP addresses.
-		defaultIPTTL = 1 * time.Hour
-	)
-
-	Context.whoisCh = make(chan netip.Addr, defaultQueueSize)
-
-	var w whois.Interface
-
 	if config.Clients.Sources.WHOIS {
-		w = whois.New(&whois.Config{
-			DialContext:     customDialContext,
-			ServerAddr:      whois.DefaultServer,
-			Port:            whois.DefaultPort,
-			Timeout:         defaultTimeout,
-			CacheSize:       defaultCacheSize,
-			MaxConnReadSize: defaultMaxConnReadSize,
-			MaxRedirects:    defaultMaxRedirects,
-			MaxInfoLen:      defaultMaxInfoLen,
-			CacheTTL:        defaultIPTTL,
-		})
-	} else {
-		w = whois.Empty{}
+		Context.whois = initWHOIS(&Context.clients)
 	}
 
-	go func() {
-		defer log.OnPanic("whois")
-
-		for ip := range Context.whoisCh {
-			info, changed := w.Process(context.Background(), ip)
-			if info != nil && changed {
-				Context.clients.setWHOISInfo(ip, info)
-			}
-		}
-	}()
+	return nil
 }
 
 // parseSubnetSet parses a slice of subnets.  If the slice is empty, it returns
@@ -279,7 +218,9 @@ func onDNSRequest(pctx *proxy.DNSContext) {
 		Context.rdns.Begin(ip)
 	}
 
-	Context.whoisCh <- ip
+	if srcs.WHOIS && !netutil.IsSpecialPurposeAddr(ip) {
+		Context.whois.Begin(ip)
+	}
 }
 
 func ipsToTCPAddrs(ips []netip.Addr, port int) (tcpAddrs []*net.TCPAddr) {
@@ -449,7 +390,7 @@ func applyAdditionalFiltering(clientIP net.IP, clientID string, setts *filtering
 	// pref is a prefix for logging messages around the scope.
 	const pref = "applying filters"
 
-	Context.filters.ApplyBlockedServices(setts)
+	Context.filters.ApplyBlockedServices(setts, nil)
 
 	log.Debug("%s: looking for client with ip %s and clientid %q", pref, clientIP, clientID)
 
@@ -477,7 +418,7 @@ func applyAdditionalFiltering(clientIP net.IP, clientID string, setts *filtering
 		if svcs == nil {
 			svcs = []string{}
 		}
-		Context.filters.ApplyBlockedServicesList(setts, svcs)
+		Context.filters.ApplyBlockedServices(setts, svcs)
 		log.Debug("%s: services for client %q set: %s", pref, c.Name, svcs)
 	}
 
@@ -522,7 +463,9 @@ func startDNSServer() error {
 			Context.rdns.Begin(ip)
 		}
 
-		Context.whoisCh <- ip
+		if srcs.WHOIS && !netutil.IsSpecialPurposeAddr(ip) {
+			Context.whois.Begin(ip)
+		}
 	}
 
 	return nil

internal/home/home.go

@@ -57,6 +57,7 @@ type homeContext struct {
 	queryLog   querylog.QueryLog    // query log module
 	dnsServer  *dnsforward.Server   // DNS module
 	rdns       *RDNS                // rDNS module
+	whois      *WHOIS               // WHOIS module
 	dhcpServer dhcpd.Interface      // DHCP module
 	auth       *Auth                // HTTP authentication module
 	filters    *filtering.DNSFilter // DNS filtering module
@@ -83,9 +84,6 @@ type homeContext struct {
 	client           *http.Client
 	appSignalChannel chan os.Signal // Channel for receiving OS signals by the console app
 
-	// whoisCh is the channel for receiving IPs for WHOIS processing.
-	whoisCh chan netip.Addr
-
 	// tlsCipherIDs are the ID of the cipher suites that AdGuard Home must use.
 	tlsCipherIDs []uint16
 

internal/home/middlewares.go

@@ -3,13 +3,13 @@ package home
 import (
 	"io"
 	"net/http"
-	"time"
 
 	"github.com/AdguardTeam/AdGuardHome/internal/aghio"
+
 	"github.com/AdguardTeam/golibs/log"
 )
 
-// middleware is a wrapper function signature.
+// middlerware is a wrapper function signature.
 type middleware func(http.Handler) http.Handler
 
 // withMiddlewares consequently wraps h with all the middlewares.
@@ -75,48 +75,3 @@ func limitRequestBody(h http.Handler) (limited http.Handler) {
 		h.ServeHTTP(w, rr)
 	})
 }
-
-const (
-	// defaultWriteTimeout is the maximum duration before timing out writes of
-	// the response.
-	defaultWriteTimeout = 60 * time.Second
-
-	// longerWriteTimeout is the maximum duration before timing out for APIs
-	// expecting longer response requests.
-	longerWriteTimeout = 5 * time.Minute
-)
-
-// expectsLongTimeoutRequests shows if this request should use a bigger write
-// timeout value.  These are exceptions for poorly designed current APIs as
-// well as APIs that are designed to expect large files and requests.  Remove
-// once the new, better APIs are up.
-//
-// TODO(d.kolyshev): This could be achieved with [http.NewResponseController]
-// with go v1.20.
-func expectsLongTimeoutRequests(r *http.Request) (ok bool) {
-	if r.Method != http.MethodGet {
-		return false
-	}
-
-	return r.URL.Path == "/control/querylog/export"
-}
-
-// addWriteTimeout wraps underlying handler h, adding a response write timeout.
-func addWriteTimeout(h http.Handler) (limited http.Handler) {
-	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		var handler http.Handler
-		if expectsLongTimeoutRequests(r) {
-			handler = http.TimeoutHandler(h, longerWriteTimeout, "write timeout exceeded")
-		} else {
-			handler = http.TimeoutHandler(h, defaultWriteTimeout, "write timeout exceeded")
-		}
-
-		handler.ServeHTTP(w, r)
-	})
-}
-
-// limitHandler wraps underlying handler h with default limits, such as request
-// body limit and write timeout.
-func limitHandler(h http.Handler) (limited http.Handler) {
-	return limitRequestBody(addWriteTimeout(h))
-}

internal/home/upgrade.go

@@ -22,7 +22,7 @@ import (
 )
 
 // currentSchemaVersion is the current schema version.
-const currentSchemaVersion = 21
+const currentSchemaVersion = 20
 
 // These aliases are provided for convenience.
 type (
@@ -94,7 +94,6 @@ func upgradeConfigSchema(oldVersion int, diskConf yobj) (err error) {
 		upgradeSchema17to18,
 		upgradeSchema18to19,
 		upgradeSchema19to20,
-		upgradeSchema20to21,
 	}
 
 	n := 0
@@ -1129,56 +1128,6 @@ func upgradeSchema19to20(diskConf yobj) (err error) {
 	return nil
 }
 
-// upgradeSchema20to21 performs the following changes:
-//
-//	# BEFORE:
-//	'dns':
-//	  'blocked_services':
-//	  - 'svc_name'
-//
-//	# AFTER:
-//	'dns':
-//	  'blocked_services':
-//	    'ids':
-//	    - 'svc_name'
-//	    'schedule':
-//	      'time_zone': 'Local'
-func upgradeSchema20to21(diskConf yobj) (err error) {
-	log.Printf("Upgrade yaml: 20 to 21")
-	diskConf["schema_version"] = 21
-
-	const field = "blocked_services"
-
-	dnsVal, ok := diskConf["dns"]
-	if !ok {
-		return nil
-	}
-
-	dns, ok := dnsVal.(yobj)
-	if !ok {
-		return fmt.Errorf("unexpected type of dns: %T", dnsVal)
-	}
-
-	blockedVal, ok := dns[field]
-	if !ok {
-		return nil
-	}
-
-	services, ok := blockedVal.(yarr)
-	if !ok {
-		return fmt.Errorf("unexpected type of blocked: %T", blockedVal)
-	}
-
-	dns[field] = yobj{
-		"ids": services,
-		"schedule": yobj{
-			"time_zone": "Local",
-		},
-	}
-
-	return nil
-}
-
 // TODO(a.garipov): Replace with log.Output when we port it to our logging
 // package.
 func funcName() string {

internal/home/upgrade_test.go

@@ -1140,46 +1140,3 @@ func TestUpgradeSchema19to20(t *testing.T) {
 		assert.Equal(t, 24*time.Hour, ivlVal.Duration)
 	})
 }
-
-func TestUpgradeSchema20to21(t *testing.T) {
-	const newSchemaVer = 21
-
-	testCases := []struct {
-		in   yobj
-		want yobj
-		name string
-	}{{
-		name: "nothing",
-		in:   yobj{},
-		want: yobj{
-			"schema_version": newSchemaVer,
-		},
-	}, {
-		name: "no_clients",
-		in: yobj{
-			"dns": yobj{
-				"blocked_services": yarr{"ok"},
-			},
-		},
-		want: yobj{
-			"dns": yobj{
-				"blocked_services": yobj{
-					"ids": yarr{"ok"},
-					"schedule": yobj{
-						"time_zone": "Local",
-					},
-				},
-			},
-			"schema_version": newSchemaVer,
-		},
-	}}
-
-	for _, tc := range testCases {
-		t.Run(tc.name, func(t *testing.T) {
-			err := upgradeSchema20to21(tc.in)
-			require.NoError(t, err)
-
-			assert.Equal(t, tc.want, tc.in)
-		})
-	}
-}

internal/home/web.go

@@ -25,13 +25,11 @@ const (
 	// readTimeout is the maximum duration for reading the entire request,
 	// including the body.
 	readTimeout = 60 * time.Second
-
 	// readHdrTimeout is the amount of time allowed to read request headers.
 	readHdrTimeout = 60 * time.Second
-
 	// writeTimeout is the maximum duration before timing out writes of the
-	// response.  This limit is overwritten by [addWriteTimeout] middleware.
-	writeTimeout = 10 * time.Minute
+	// response.
+	writeTimeout = 60 * time.Second
 )
 
 type webConfig struct {
@@ -171,7 +169,7 @@ func (web *webAPI) start() {
 		errs := make(chan error, 2)
 
 		// Use an h2c handler to support unencrypted HTTP/2, e.g. for proxies.
-		hdlr := h2c.NewHandler(withMiddlewares(Context.mux, limitHandler), &http2.Server{})
+		hdlr := h2c.NewHandler(withMiddlewares(Context.mux, limitRequestBody), &http2.Server{})
 
 		// Create a new instance, because the Web is not usable after Shutdown.
 		hostStr := web.conf.BindHost.String()
@@ -256,7 +254,7 @@ func (web *webAPI) tlsServerLoop() {
 				CipherSuites: Context.tlsCipherIDs,
 				MinVersion:   tls.VersionTLS12,
 			},
-			Handler:           withMiddlewares(Context.mux, limitHandler),
+			Handler:           withMiddlewares(Context.mux, limitRequestBody),
 			ReadTimeout:       web.conf.ReadTimeout,
 			ReadHeaderTimeout: web.conf.ReadHeaderTimeout,
 			WriteTimeout:      web.conf.WriteTimeout,
@@ -290,7 +288,7 @@ func (web *webAPI) mustStartHTTP3(address string) {
 			CipherSuites: Context.tlsCipherIDs,
 			MinVersion:   tls.VersionTLS12,
 		},
-		Handler: withMiddlewares(Context.mux, limitHandler),
+		Handler: withMiddlewares(Context.mux, limitRequestBody),
 	}
 
 	log.Debug("web: starting http/3 server")

internal/home/whois.go

@@ -0,0 +1,259 @@
+package home
+
+import (
+	"context"
+	"encoding/binary"
+	"fmt"
+	"io"
+	"net"
+	"net/netip"
+	"strings"
+	"time"
+
+	"github.com/AdguardTeam/AdGuardHome/internal/aghio"
+	"github.com/AdguardTeam/golibs/cache"
+	"github.com/AdguardTeam/golibs/errors"
+	"github.com/AdguardTeam/golibs/log"
+	"github.com/AdguardTeam/golibs/stringutil"
+)
+
+const (
+	defaultServer  = "whois.arin.net"
+	defaultPort    = "43"
+	maxValueLength = 250
+	whoisTTL       = 1 * 60 * 60 // 1 hour
+)
+
+// WHOIS - module context
+type WHOIS struct {
+	clients *clientsContainer
+	ipChan  chan netip.Addr
+
+	// dialContext specifies the dial function for creating unencrypted TCP
+	// connections.
+	dialContext func(ctx context.Context, network, addr string) (conn net.Conn, err error)
+
+	// Contains IP addresses of clients
+	// An active IP address is resolved once again after it expires.
+	// If IP address couldn't be resolved, it stays here for some time to prevent further attempts to resolve the same IP.
+	ipAddrs cache.Cache
+
+	// TODO(a.garipov): Rewrite to use time.Duration.  Like, seriously, why?
+	timeoutMsec uint
+}
+
+// initWHOIS creates the WHOIS module context.
+func initWHOIS(clients *clientsContainer) *WHOIS {
+	w := WHOIS{
+		timeoutMsec: 5000,
+		clients:     clients,
+		ipAddrs: cache.New(cache.Config{
+			EnableLRU: true,
+			MaxCount:  10000,
+		}),
+		dialContext: customDialContext,
+		ipChan:      make(chan netip.Addr, 255),
+	}
+
+	go w.workerLoop()
+
+	return &w
+}
+
+// If the value is too large - cut it and append "..."
+func trimValue(s string) string {
+	if len(s) <= maxValueLength {
+		return s
+	}
+	return s[:maxValueLength-3] + "..."
+}
+
+// isWHOISComment returns true if the string is empty or is a WHOIS comment.
+func isWHOISComment(s string) (ok bool) {
+	return len(s) == 0 || s[0] == '#' || s[0] == '%'
+}
+
+// strmap is an alias for convenience.
+type strmap = map[string]string
+
+// whoisParse parses a subset of plain-text data from the WHOIS response into
+// a string map.
+func whoisParse(data string) (m strmap) {
+	m = strmap{}
+
+	var orgname string
+	lines := strings.Split(data, "\n")
+	for _, l := range lines {
+		if isWHOISComment(l) {
+			continue
+		}
+
+		kv := strings.SplitN(l, ":", 2)
+		if len(kv) != 2 {
+			continue
+		}
+
+		k := strings.ToLower(strings.TrimSpace(kv[0]))
+		v := strings.TrimSpace(kv[1])
+		if v == "" {
+			continue
+		}
+
+		switch k {
+		case "orgname", "org-name":
+			k = "orgname"
+			v = trimValue(v)
+			orgname = v
+		case "city", "country":
+			v = trimValue(v)
+		case "descr", "netname":
+			k = "orgname"
+			v = stringutil.Coalesce(orgname, v)
+			orgname = v
+		case "whois":
+			k = "whois"
+		case "referralserver":
+			k = "whois"
+			v = strings.TrimPrefix(v, "whois://")
+		default:
+			continue
+		}
+
+		m[k] = v
+	}
+
+	return m
+}
+
+// MaxConnReadSize is an upper limit in bytes for reading from net.Conn.
+const MaxConnReadSize = 64 * 1024
+
+// Send request to a server and receive the response
+func (w *WHOIS) query(ctx context.Context, target, serverAddr string) (data string, err error) {
+	addr, _, _ := net.SplitHostPort(serverAddr)
+	if addr == "whois.arin.net" {
+		target = "n + " + target
+	}
+
+	conn, err := w.dialContext(ctx, "tcp", serverAddr)
+	if err != nil {
+		return "", err
+	}
+	defer func() { err = errors.WithDeferred(err, conn.Close()) }()
+
+	r, err := aghio.LimitReader(conn, MaxConnReadSize)
+	if err != nil {
+		return "", err
+	}
+
+	_ = conn.SetReadDeadline(time.Now().Add(time.Duration(w.timeoutMsec) * time.Millisecond))
+	_, err = conn.Write([]byte(target + "\r\n"))
+	if err != nil {
+		return "", err
+	}
+
+	// This use of ReadAll is now safe, because we limited the conn Reader.
+	var whoisData []byte
+	whoisData, err = io.ReadAll(r)
+	if err != nil {
+		return "", err
+	}
+
+	return string(whoisData), nil
+}
+
+// Query WHOIS servers (handle redirects)
+func (w *WHOIS) queryAll(ctx context.Context, target string) (string, error) {
+	server := net.JoinHostPort(defaultServer, defaultPort)
+	const maxRedirects = 5
+	for i := 0; i != maxRedirects; i++ {
+		resp, err := w.query(ctx, target, server)
+		if err != nil {
+			return "", err
+		}
+		log.Debug("whois: received response (%d bytes) from %s  IP:%s", len(resp), server, target)
+
+		m := whoisParse(resp)
+		redir, ok := m["whois"]
+		if !ok {
+			return resp, nil
+		}
+		redir = strings.ToLower(redir)
+
+		_, _, err = net.SplitHostPort(redir)
+		if err != nil {
+			server = net.JoinHostPort(redir, defaultPort)
+		} else {
+			server = redir
+		}
+
+		log.Debug("whois: redirected to %s  IP:%s", redir, target)
+	}
+	return "", fmt.Errorf("whois: redirect loop")
+}
+
+// Request WHOIS information
+func (w *WHOIS) process(ctx context.Context, ip netip.Addr) (wi *RuntimeClientWHOISInfo) {
+	resp, err := w.queryAll(ctx, ip.String())
+	if err != nil {
+		log.Debug("whois: error: %s  IP:%s", err, ip)
+
+		return nil
+	}
+
+	log.Debug("whois: IP:%s  response: %d bytes", ip, len(resp))
+
+	m := whoisParse(resp)
+
+	wi = &RuntimeClientWHOISInfo{
+		City:    m["city"],
+		Country: m["country"],
+		Orgname: m["orgname"],
+	}
+
+	// Don't return an empty struct so that the frontend doesn't get
+	// confused.
+	if *wi == (RuntimeClientWHOISInfo{}) {
+		return nil
+	}
+
+	return wi
+}
+
+// Begin - begin requesting WHOIS info
+func (w *WHOIS) Begin(ip netip.Addr) {
+	ipBytes := ip.AsSlice()
+	now := uint64(time.Now().Unix())
+	expire := w.ipAddrs.Get(ipBytes)
+	if len(expire) != 0 {
+		exp := binary.BigEndian.Uint64(expire)
+		if exp > now {
+			return
+		}
+	}
+
+	expire = make([]byte, 8)
+	binary.BigEndian.PutUint64(expire, now+whoisTTL)
+	_ = w.ipAddrs.Set(ipBytes, expire)
+
+	log.Debug("whois: adding %s", ip)
+
+	select {
+	case w.ipChan <- ip:
+	default:
+		log.Debug("whois: queue is full")
+	}
+}
+
+// workerLoop processes the IP addresses it got from the channel and associates
+// the retrieving WHOIS info with a client.
+func (w *WHOIS) workerLoop() {
+	for ip := range w.ipChan {
+		info := w.process(context.Background(), ip)
+		if info == nil {
+			continue
+		}
+
+		w.clients.setWHOISInfo(ip, info)
+	}
+}

internal/home/whois_test.go

@@ -0,0 +1,152 @@
+package home
+
+import (
+	"context"
+	"io"
+	"net"
+	"testing"
+	"time"
+
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+)
+
+// fakeConn is a mock implementation of net.Conn to simplify testing.
+//
+// TODO(e.burkov): Search for other places in code where it may be used. Move
+// into aghtest then.
+type fakeConn struct {
+	// Conn is embedded here simply to make *fakeConn a net.Conn without
+	// actually implementing all methods.
+	net.Conn
+	data []byte
+}
+
+// Write implements net.Conn interface for *fakeConn.  It always returns 0 and a
+// nil error without mutating the slice.
+func (c *fakeConn) Write(_ []byte) (n int, err error) {
+	return 0, nil
+}
+
+// Read implements net.Conn interface for *fakeConn.  It puts the content of
+// c.data field into b up to the b's capacity.
+func (c *fakeConn) Read(b []byte) (n int, err error) {
+	return copy(b, c.data), io.EOF
+}
+
+// Close implements net.Conn interface for *fakeConn.  It always returns nil.
+func (c *fakeConn) Close() (err error) {
+	return nil
+}
+
+// SetReadDeadline implements net.Conn interface for *fakeConn.  It always
+// returns nil.
+func (c *fakeConn) SetReadDeadline(_ time.Time) (err error) {
+	return nil
+}
+
+// fakeDial is a mock implementation of customDialContext to simplify testing.
+func (c *fakeConn) fakeDial(ctx context.Context, network, addr string) (conn net.Conn, err error) {
+	return c, nil
+}
+
+func TestWHOIS(t *testing.T) {
+	const (
+		nl   = "\n"
+		data = `OrgName:        FakeOrg LLC` + nl +
+			`City:           Nonreal` + nl +
+			`Country:        Imagiland` + nl
+	)
+
+	fc := &fakeConn{
+		data: []byte(data),
+	}
+
+	w := WHOIS{
+		timeoutMsec: 5000,
+		dialContext: fc.fakeDial,
+	}
+	resp, err := w.queryAll(context.Background(), "1.2.3.4")
+	assert.NoError(t, err)
+
+	m := whoisParse(resp)
+	require.NotEmpty(t, m)
+
+	assert.Equal(t, "FakeOrg LLC", m["orgname"])
+	assert.Equal(t, "Imagiland", m["country"])
+	assert.Equal(t, "Nonreal", m["city"])
+}
+
+func TestWHOISParse(t *testing.T) {
+	const (
+		city    = "Nonreal"
+		country = "Imagiland"
+		orgname = "FakeOrgLLC"
+		whois   = "whois.example.net"
+	)
+
+	testCases := []struct {
+		want strmap
+		name string
+		in   string
+	}{{
+		want: strmap{},
+		name: "empty",
+		in:   ``,
+	}, {
+		want: strmap{},
+		name: "comments",
+		in:   "%\n#",
+	}, {
+		want: strmap{},
+		name: "no_colon",
+		in:   "city",
+	}, {
+		want: strmap{},
+		name: "no_value",
+		in:   "city:",
+	}, {
+		want: strmap{"city": city},
+		name: "city",
+		in:   `city: ` + city,
+	}, {
+		want: strmap{"country": country},
+		name: "country",
+		in:   `country: ` + country,
+	}, {
+		want: strmap{"orgname": orgname},
+		name: "orgname",
+		in:   `orgname: ` + orgname,
+	}, {
+		want: strmap{"orgname": orgname},
+		name: "orgname_hyphen",
+		in:   `org-name: ` + orgname,
+	}, {
+		want: strmap{"orgname": orgname},
+		name: "orgname_descr",
+		in:   `descr: ` + orgname,
+	}, {
+		want: strmap{"orgname": orgname},
+		name: "orgname_netname",
+		in:   `netname: ` + orgname,
+	}, {
+		want: strmap{"whois": whois},
+		name: "whois",
+		in:   `whois: ` + whois,
+	}, {
+		want: strmap{"whois": whois},
+		name: "referralserver",
+		in:   `referralserver: whois://` + whois,
+	}, {
+		want: strmap{},
+		name: "other",
+		in:   `other: value`,
+	}}
+
+	for _, tc := range testCases {
+		t.Run(tc.name, func(t *testing.T) {
+			got := whoisParse(tc.in)
+			assert.Equal(t, tc.want, got)
+		})
+	}
+}

internal/next/agh/agh.go

@@ -1,63 +0,0 @@
-// Package agh contains common entities and interfaces of AdGuard Home.
-package agh
-
-import "context"
-
-// Service is the interface for API servers.
-//
-// TODO(a.garipov): Consider adding a context to Start.
-//
-// TODO(a.garipov): Consider adding a Wait method or making an extension
-// interface for that.
-type Service interface {
-	// Start starts the service.  It does not block.
-	Start() (err error)
-
-	// Shutdown gracefully stops the service.  ctx is used to determine
-	// a timeout before trying to stop the service less gracefully.
-	Shutdown(ctx context.Context) (err error)
-}
-
-// type check
-var _ Service = EmptyService{}
-
-// EmptyService is a [Service] that does nothing.
-//
-// TODO(a.garipov): Remove if unnecessary.
-type EmptyService struct{}
-
-// Start implements the [Service] interface for EmptyService.
-func (EmptyService) Start() (err error) { return nil }
-
-// Shutdown implements the [Service] interface for EmptyService.
-func (EmptyService) Shutdown(_ context.Context) (err error) { return nil }
-
-// ServiceWithConfig is an extension of the [Service] interface for services
-// that can return their configuration.
-//
-// TODO(a.garipov): Consider removing this generic interface if we figure out
-// how to make it testable in a better way.
-type ServiceWithConfig[ConfigType any] interface {
-	Service
-
-	Config() (c ConfigType)
-}
-
-// type check
-var _ ServiceWithConfig[struct{}] = (*EmptyServiceWithConfig[struct{}])(nil)
-
-// EmptyServiceWithConfig is a ServiceWithConfig that does nothing.  Its Config
-// method returns Conf.
-//
-// TODO(a.garipov): Remove if unnecessary.
-type EmptyServiceWithConfig[ConfigType any] struct {
-	EmptyService
-
-	Conf ConfigType
-}
-
-// Config implements the [ServiceWithConfig] interface for
-// *EmptyServiceWithConfig.
-func (s *EmptyServiceWithConfig[ConfigType]) Config() (conf ConfigType) {
-	return s.Conf
-}

internal/next/changelog.md

@@ -1,39 +0,0 @@
-# AdGuard Home v0.108.0 Changelog DRAFT
-
-This changelog should be merged into the main one once the next API matures
-enough.
-
-## [v0.108.0] - TODO
-
-### Added
-
-- The ability to log to stderr using `--logFile=stderr`.
-- The new `--web-addr` flag to set the Web UI address in a `host:port` form.
-- `SIGHUP` now reloads all configuration from the configuration file ([#5676]).
-
-### Changed
-
-#### New HTTP API
-
-**TODO(a.garipov):** Describe the new API and add a link to the new OpenAPI doc.
-
-#### Other changes
-
-- `-h` is now an alias for `--help` instead of the removed `--host`, see below.
-  Use `--web-addr=host:port` to set an address on which to serve the Web UI.
-
-### Fixed
-
-- Inconsistent application of `--work-dir/-w` ([#2598], [#2902]).
-- The order of `-v/--verbose` and `--version` being significant ([#2893]).
-
-### Removed
-
-- The deprecated `--no-mem-optimization` and `--no-etc-hosts` flags.
-- `--host` and `-p/--port` flags.  Use `--web-addr=host:port` to set an address
-  on which to serve the Web UI.  `-h` is now an alias for `--help`, see above.
-
-[#2598]: https://github.com/AdguardTeam/AdGuardHome/issues/2598
-[#2893]: https://github.com/AdguardTeam/AdGuardHome/issues/2893
-[#2902]: https://github.com/AdguardTeam/AdGuardHome/issues/2902
-[#5676]: https://github.com/AdguardTeam/AdGuardHome/issues/5676

internal/next/cmd/cmd.go

@@ -1,81 +0,0 @@
-// Package cmd is the AdGuard Home entry point.  It assembles the configuration
-// file manager, sets up signal processing logic, and so on.
-//
-// TODO(a.garipov): Move to the upper-level internal/.
-package cmd
-
-import (
-	"context"
-	"io/fs"
-	"os"
-	"time"
-
-	"github.com/AdguardTeam/AdGuardHome/internal/next/configmgr"
-	"github.com/AdguardTeam/AdGuardHome/internal/version"
-	"github.com/AdguardTeam/golibs/log"
-)
-
-// Main is the entry point of AdGuard Home.
-func Main(frontend fs.FS) {
-	start := time.Now()
-
-	// Initial Configuration
-
-	cmdName := os.Args[0]
-	opts, err := parseOptions(cmdName, os.Args[1:])
-	exitCode, needExit := processOptions(opts, cmdName, err)
-	if needExit {
-		os.Exit(exitCode)
-	}
-
-	err = setLog(opts)
-	check(err)
-
-	log.Info("starting adguard home, version %s, pid %d", version.Version(), os.Getpid())
-
-	if opts.workDir != "" {
-		log.Info("changing working directory to %q", opts.workDir)
-		err = os.Chdir(opts.workDir)
-		check(err)
-	}
-
-	// Web Service
-
-	confMgr, err := configmgr.New(opts.confFile, frontend, start)
-	check(err)
-
-	web := confMgr.Web()
-	err = web.Start()
-	check(err)
-
-	dns := confMgr.DNS()
-	err = dns.Start()
-	check(err)
-
-	sigHdlr := newSignalHandler(
-		opts.confFile,
-		frontend,
-		start,
-		web,
-		dns,
-	)
-
-	sigHdlr.handle()
-}
-
-// defaultTimeout is the timeout used for some operations where another timeout
-// hasn't been defined yet.
-const defaultTimeout = 5 * time.Second
-
-// ctxWithDefaultTimeout is a helper function that returns a context with
-// timeout set to defaultTimeout.
-func ctxWithDefaultTimeout() (ctx context.Context, cancel context.CancelFunc) {
-	return context.WithTimeout(context.Background(), defaultTimeout)
-}
-
-// check is a simple error-checking helper.  It must only be used within Main.
-func check(err error) {
-	if err != nil {
-		panic(err)
-	}
-}

internal/next/cmd/log.go

@@ -1,39 +0,0 @@
-package cmd
-
-import (
-	"fmt"
-	"os"
-
-	"github.com/AdguardTeam/AdGuardHome/internal/aghos"
-	"github.com/AdguardTeam/golibs/log"
-)
-
-// syslogServiceName is the name of the AdGuard Home service used for writing
-// logs to the system log.
-const syslogServiceName = "AdGuardHome"
-
-// setLog sets up the text logging.
-//
-// TODO(a.garipov): Add parameters from configuration file.
-func setLog(opts *options) (err error) {
-	switch opts.confFile {
-	case "stdout":
-		log.SetOutput(os.Stdout)
-	case "stderr":
-		log.SetOutput(os.Stderr)
-	case "syslog":
-		err = aghos.ConfigureSyslog(syslogServiceName)
-		if err != nil {
-			return fmt.Errorf("initializing syslog: %w", err)
-		}
-	default:
-		// TODO(a.garipov): Use the path.
-	}
-
-	if opts.verbose {
-		log.SetLevel(log.DEBUG)
-		log.Debug("verbose logging enabled")
-	}
-
-	return nil
-}

internal/next/cmd/opt.go

@@ -1,403 +0,0 @@
-package cmd
-
-import (
-	"flag"
-	"fmt"
-	"io"
-	"net/netip"
-	"os"
-	"strings"
-
-	"github.com/AdguardTeam/AdGuardHome/internal/version"
-	"golang.org/x/exp/slices"
-)
-
-// options contains all command-line options for the AdGuardHome(.exe) binary.
-type options struct {
-	// confFile is the path to the configuration file.
-	confFile string
-
-	// logFile is the path to the log file.  Special values:
-	//
-	//   - "stdout":  Write to stdout (the default).
-	//   - "stderr":  Write to stderr.
-	//   - "syslog":  Write to the system log.
-	logFile string
-
-	// pidFile is the path to the file where to store the PID.
-	//
-	// TODO(a.garipov): Use.
-	pidFile string
-
-	// serviceAction is the service control action to perform:
-	//
-	//   - "install":  Installs AdGuard Home as a system service.
-	//   - "uninstall":  Uninstalls it.
-	//   - "status":  Prints the service status.
-	//   - "start":  Starts the previously installed service.
-	//   - "stop":  Stops the previously installed service.
-	//   - "restart":  Restarts the previously installed service.
-	//   - "reload":  Reloads the configuration.
-	//   - "run":  This is a special command that is not supposed to be used
-	//     directly it is specified when we register a service, and it indicates
-	//     to the app that it is being run as a service.
-	//
-	// TODO(a.garipov): Use.
-	serviceAction string
-
-	// workDir is the path to the working directory.  It is applied before all
-	// other configuration is read, so all relative paths are relative to it.
-	workDir string
-
-	// webAddrs contains the addresses on which to serve the web UI.
-	//
-	// TODO(a.garipov): Use.
-	webAddrs []netip.AddrPort
-
-	// checkConfig, if true, instructs AdGuard Home to check the configuration
-	// file and exit with a corresponding exit code.
-	//
-	// TODO(a.garipov): Use.
-	checkConfig bool
-
-	// disableUpdate, if true, prevents AdGuard Home from automatically checking
-	// for updates.
-	//
-	// TODO(a.garipov): Use.
-	disableUpdate bool
-
-	// glinetMode enables the GL-Inet compatibility mode.
-	//
-	// TODO(a.garipov): Use.
-	glinetMode bool
-
-	// help, if true, instructs AdGuard Home to print the command-line option
-	// help message and quit with a successful exit-code.
-	help bool
-
-	// localFrontend, if true, instructs AdGuard Home to use the local frontend
-	// directory instead of the files compiled into the binary.
-	//
-	// TODO(a.garipov): Use.
-	localFrontend bool
-
-	// performUpdate, if true, instructs AdGuard Home to update the current
-	// binary and restart the service in case it's installed.
-	//
-	// TODO(a.garipov): Use.
-	performUpdate bool
-
-	// verbose, if true, instructs AdGuard Home to enable verbose logging.
-	verbose bool
-
-	// version, if true, instructs AdGuard Home to print the version to stdout
-	// and quit with a successful exit-code.  If verbose is also true, print a
-	// more detailed version description.
-	version bool
-}
-
-// Indexes to help with the [commandLineOptions] initialization.
-const (
-	confFileIdx = iota
-	logFileIdx
-	pidFileIdx
-	serviceActionIdx
-	workDirIdx
-	webAddrsIdx
-	checkConfigIdx
-	disableUpdateIdx
-	glinetModeIdx
-	helpIdx
-	localFrontend
-	performUpdateIdx
-	verboseIdx
-	versionIdx
-)
-
-// commandLineOption contains information about a command-line option: its long
-// and, if there is one, short forms, the value type, the description, and the
-// default value.
-type commandLineOption struct {
-	defaultValue any
-	description  string
-	long         string
-	short        string
-	valueType    string
-}
-
-// commandLineOptions are all command-line options currently supported by
-// AdGuard Home.
-var commandLineOptions = []*commandLineOption{
-	confFileIdx: {
-		// TODO(a.garipov): Remove the ".1" when the new code is ready.
-		defaultValue: "AdGuardHome.1.yaml",
-		description:  "Path to the config file.",
-		long:         "config",
-		short:        "c",
-		valueType:    "path",
-	},
-
-	logFileIdx: {
-		defaultValue: "stdout",
-		description:  `Path to log file.  Special values include "stdout", "stderr", and "syslog".`,
-		long:         "logfile",
-		short:        "l",
-		valueType:    "path",
-	},
-
-	pidFileIdx: {
-		defaultValue: "",
-		description:  "Path to the file where to store the PID.",
-		long:         "pidfile",
-		short:        "",
-		valueType:    "path",
-	},
-
-	serviceActionIdx: {
-		defaultValue: "",
-		description: `Service control action: "status", "install" (as a service), ` +
-			`"uninstall" (as a service), "start", "stop", "restart", "reload" (configuration).`,
-		long:      "service",
-		short:     "s",
-		valueType: "action",
-	},
-
-	workDirIdx: {
-		defaultValue: "",
-		description: `Path to the working directory.  ` +
-			`It is applied before all other configuration is read, ` +
-			`so all relative paths are relative to it.`,
-		long:      "work-dir",
-		short:     "w",
-		valueType: "path",
-	},
-
-	webAddrsIdx: {
-		defaultValue: []netip.AddrPort(nil),
-		description: `Address(es) to serve the web UI on, in the host:port format.  ` +
-			`Can be used multiple times.`,
-		long:      "web-addr",
-		short:     "",
-		valueType: "host:port",
-	},
-
-	checkConfigIdx: {
-		defaultValue: false,
-		description:  "Check configuration and quit.",
-		long:         "check-config",
-		short:        "",
-		valueType:    "",
-	},
-
-	disableUpdateIdx: {
-		defaultValue: false,
-		description:  "Disable automatic update checking.",
-		long:         "no-check-update",
-		short:        "",
-		valueType:    "",
-	},
-
-	glinetModeIdx: {
-		defaultValue: false,
-		description:  "Run in GL-Inet compatibility mode.",
-		long:         "glinet",
-		short:        "",
-		valueType:    "",
-	},
-
-	helpIdx: {
-		defaultValue: false,
-		description:  "Print this help message and quit.",
-		long:         "help",
-		short:        "h",
-		valueType:    "",
-	},
-
-	localFrontend: {
-		defaultValue: false,
-		description:  "Use local frontend directories.",
-		long:         "local-frontend",
-		short:        "",
-		valueType:    "",
-	},
-
-	performUpdateIdx: {
-		defaultValue: false,
-		description:  "Update the current binary and restart the service in case it's installed.",
-		long:         "update",
-		short:        "",
-		valueType:    "",
-	},
-
-	verboseIdx: {
-		defaultValue: false,
-		description:  "Enable verbose logging.",
-		long:         "verbose",
-		short:        "v",
-		valueType:    "",
-	},
-
-	versionIdx: {
-		defaultValue: false,
-		description: `Print the version to stdout and quit.  ` +
-			`Print a more detailed version description with -v.`,
-		long:      "version",
-		short:     "",
-		valueType: "",
-	},
-}
-
-// parseOptions parses the command-line options for AdGuardHome.
-func parseOptions(cmdName string, args []string) (opts *options, err error) {
-	flags := flag.NewFlagSet(cmdName, flag.ContinueOnError)
-
-	opts = &options{}
-	for i, fieldPtr := range []any{
-		confFileIdx:      &opts.confFile,
-		logFileIdx:       &opts.logFile,
-		pidFileIdx:       &opts.pidFile,
-		serviceActionIdx: &opts.serviceAction,
-		workDirIdx:       &opts.workDir,
-		webAddrsIdx:      &opts.webAddrs,
-		checkConfigIdx:   &opts.checkConfig,
-		disableUpdateIdx: &opts.disableUpdate,
-		glinetModeIdx:    &opts.glinetMode,
-		helpIdx:          &opts.help,
-		localFrontend:    &opts.localFrontend,
-		performUpdateIdx: &opts.performUpdate,
-		verboseIdx:       &opts.verbose,
-		versionIdx:       &opts.version,
-	} {
-		addOption(flags, fieldPtr, commandLineOptions[i])
-	}
-
-	flags.Usage = func() { usage(cmdName, os.Stderr) }
-
-	err = flags.Parse(args)
-	if err != nil {
-		// Don't wrap the error, because it's informative enough as is.
-		return nil, err
-	}
-
-	return opts, nil
-}
-
-// addOption adds the command-line option described by o to flags using fieldPtr
-// as the pointer to the value.
-func addOption(flags *flag.FlagSet, fieldPtr any, o *commandLineOption) {
-	switch fieldPtr := fieldPtr.(type) {
-	case *string:
-		flags.StringVar(fieldPtr, o.long, o.defaultValue.(string), o.description)
-		if o.short != "" {
-			flags.StringVar(fieldPtr, o.short, o.defaultValue.(string), o.description)
-		}
-	case *[]netip.AddrPort:
-		flags.Func(o.long, o.description, func(s string) (err error) {
-			addr, err := netip.ParseAddrPort(s)
-			if err != nil {
-				// Don't wrap the error, because it's informative enough as is.
-				return err
-			}
-
-			*fieldPtr = append(*fieldPtr, addr)
-
-			return nil
-		})
-	case *bool:
-		flags.BoolVar(fieldPtr, o.long, o.defaultValue.(bool), o.description)
-		if o.short != "" {
-			flags.BoolVar(fieldPtr, o.short, o.defaultValue.(bool), o.description)
-		}
-	default:
-		panic(fmt.Errorf("unexpected field pointer type %T", fieldPtr))
-	}
-}
-
-// usage prints a usage message similar to the one printed by package flag but
-// taking long vs. short versions into account as well as using more informative
-// value hints.
-func usage(cmdName string, output io.Writer) {
-	options := slices.Clone(commandLineOptions)
-	slices.SortStableFunc(options, func(a, b *commandLineOption) (sortsBefore bool) {
-		return a.long < b.long
-	})
-
-	b := &strings.Builder{}
-	_, _ = fmt.Fprintf(b, "Usage of %s:\n", cmdName)
-
-	for _, o := range options {
-		writeUsageLine(b, o)
-
-		// Use four spaces before the tab to trigger good alignment for both 4-
-		// and 8-space tab stops.
-		if shouldIncludeDefault(o.defaultValue) {
-			_, _ = fmt.Fprintf(b, "    \t%s  (Default value: %q)\n", o.description, o.defaultValue)
-		} else {
-			_, _ = fmt.Fprintf(b, "    \t%s\n", o.description)
-		}
-	}
-
-	_, _ = io.WriteString(output, b.String())
-}
-
-// shouldIncludeDefault returns true if this default value should be printed.
-func shouldIncludeDefault(v any) (ok bool) {
-	switch v := v.(type) {
-	case bool:
-		return v
-	case string:
-		return v != ""
-	default:
-		return v == nil
-	}
-}
-
-// writeUsageLine writes the usage line for the provided command-line option.
-func writeUsageLine(b *strings.Builder, o *commandLineOption) {
-	if o.short == "" {
-		if o.valueType == "" {
-			_, _ = fmt.Fprintf(b, "  --%s\n", o.long)
-		} else {
-			_, _ = fmt.Fprintf(b, "  --%s=%s\n", o.long, o.valueType)
-		}
-
-		return
-	}
-
-	if o.valueType == "" {
-		_, _ = fmt.Fprintf(b, "  --%s/-%s\n", o.long, o.short)
-	} else {
-		_, _ = fmt.Fprintf(b, "  --%[1]s=%[3]s/-%[2]s %[3]s\n", o.long, o.short, o.valueType)
-	}
-}
-
-// processOptions decides if AdGuard Home should exit depending on the results
-// of command-line option parsing.
-func processOptions(
-	opts *options,
-	cmdName string,
-	parseErr error,
-) (exitCode int, needExit bool) {
-	if parseErr != nil {
-		// Assume that usage has already been printed.
-		return 2, true
-	}
-
-	if opts.help {
-		usage(cmdName, os.Stdout)
-
-		return 0, true
-	}
-
-	if opts.version {
-		if opts.verbose {
-			fmt.Println(version.Verbose())
-		} else {
-			fmt.Printf("AdGuard Home %s\n", version.Version())
-		}
-
-		return 0, true
-	}
-
-	return 0, false
-}

internal/next/cmd/signal.go

@@ -1,129 +0,0 @@
-package cmd
-
-import (
-	"io/fs"
-	"os"
-	"time"
-
-	"github.com/AdguardTeam/AdGuardHome/internal/aghos"
-	"github.com/AdguardTeam/AdGuardHome/internal/next/agh"
-	"github.com/AdguardTeam/AdGuardHome/internal/next/configmgr"
-	"github.com/AdguardTeam/golibs/log"
-)
-
-// signalHandler processes incoming signals and shuts services down.
-type signalHandler struct {
-	// signal is the channel to which OS signals are sent.
-	signal chan os.Signal
-
-	// confFile is the path to the configuration file.
-	confFile string
-
-	// frontend is the filesystem with the frontend and other statically
-	// compiled files.
-	frontend fs.FS
-
-	// start is the time at which AdGuard Home has been started.
-	start time.Time
-
-	// services are the services that are shut down before application exiting.
-	services []agh.Service
-}
-
-// handle processes OS signals.
-func (h *signalHandler) handle() {
-	defer log.OnPanic("signalHandler.handle")
-
-	for sig := range h.signal {
-		log.Info("sighdlr: received signal %q", sig)
-
-		if aghos.IsReconfigureSignal(sig) {
-			h.reconfigure()
-		} else if aghos.IsShutdownSignal(sig) {
-			status := h.shutdown()
-			log.Info("sighdlr: exiting with status %d", status)
-
-			os.Exit(status)
-		}
-	}
-}
-
-// reconfigure rereads the configuration file and updates and restarts services.
-func (h *signalHandler) reconfigure() {
-	log.Info("sighdlr: reconfiguring adguard home")
-
-	status := h.shutdown()
-	if status != statusSuccess {
-		log.Info("sighdlr: reconfiguring: exiting with status %d", status)
-
-		os.Exit(status)
-	}
-
-	// TODO(a.garipov): This is a very rough way to do it.  Some services can be
-	// reconfigured without the full shutdown, and the error handling is
-	// currently not the best.
-
-	confMgr, err := configmgr.New(h.confFile, h.frontend, h.start)
-	check(err)
-
-	web := confMgr.Web()
-	err = web.Start()
-	check(err)
-
-	dns := confMgr.DNS()
-	err = dns.Start()
-	check(err)
-
-	h.services = []agh.Service{
-		dns,
-		web,
-	}
-
-	log.Info("sighdlr: successfully reconfigured adguard home")
-}
-
-// Exit status constants.
-const (
-	statusSuccess = 0
-	statusError   = 1
-)
-
-// shutdown gracefully shuts down all services.
-func (h *signalHandler) shutdown() (status int) {
-	ctx, cancel := ctxWithDefaultTimeout()
-	defer cancel()
-
-	status = statusSuccess
-
-	log.Info("sighdlr: shutting down services")
-	for i, service := range h.services {
-		err := service.Shutdown(ctx)
-		if err != nil {
-			log.Error("sighdlr: shutting down service at index %d: %s", i, err)
-			status = statusError
-		}
-	}
-
-	return status
-}
-
-// newSignalHandler returns a new signalHandler that shuts down svcs.
-func newSignalHandler(
-	confFile string,
-	frontend fs.FS,
-	start time.Time,
-	svcs ...agh.Service,
-) (h *signalHandler) {
-	h = &signalHandler{
-		signal:   make(chan os.Signal, 1),
-		confFile: confFile,
-		frontend: frontend,
-		start:    start,
-		services: svcs,
-	}
-
-	aghos.NotifyShutdownSignal(h.signal)
-	aghos.NotifyReconfigureSignal(h.signal)
-
-	return h
-}

internal/next/configmgr/config.go

@@ -1,40 +0,0 @@
-package configmgr
-
-import (
-	"net/netip"
-
-	"github.com/AdguardTeam/golibs/timeutil"
-)
-
-// Configuration Structures
-
-// config is the top-level on-disk configuration structure.
-type config struct {
-	DNS  *dnsConfig  `yaml:"dns"`
-	HTTP *httpConfig `yaml:"http"`
-	// TODO(a.garipov): Use.
-	SchemaVersion int `yaml:"schema_version"`
-	// TODO(a.garipov): Use.
-	DebugPprof bool `yaml:"debug_pprof"`
-	Verbose    bool `yaml:"verbose"`
-}
-
-// dnsConfig is the on-disk DNS configuration.
-//
-// TODO(a.garipov): Validate.
-type dnsConfig struct {
-	Addresses       []netip.AddrPort  `yaml:"addresses"`
-	BootstrapDNS    []string          `yaml:"bootstrap_dns"`
-	UpstreamDNS     []string          `yaml:"upstream_dns"`
-	UpstreamTimeout timeutil.Duration `yaml:"upstream_timeout"`
-}
-
-// httpConfig is the on-disk web API configuration.
-//
-// TODO(a.garipov): Validate.
-type httpConfig struct {
-	Addresses       []netip.AddrPort  `yaml:"addresses"`
-	SecureAddresses []netip.AddrPort  `yaml:"secure_addresses"`
-	Timeout         timeutil.Duration `yaml:"timeout"`
-	ForceHTTPS      bool              `yaml:"force_https"`
-}

internal/next/configmgr/configmgr.go

@@ -1,219 +0,0 @@
-// Package configmgr defines the AdGuard Home on-disk configuration entities and
-// configuration manager.
-package configmgr
-
-import (
-	"context"
-	"fmt"
-	"io/fs"
-	"os"
-	"sync"
-	"time"
-
-	"github.com/AdguardTeam/AdGuardHome/internal/next/agh"
-	"github.com/AdguardTeam/AdGuardHome/internal/next/dnssvc"
-	"github.com/AdguardTeam/AdGuardHome/internal/next/websvc"
-	"github.com/AdguardTeam/golibs/errors"
-	"github.com/AdguardTeam/golibs/log"
-	"gopkg.in/yaml.v3"
-)
-
-// Configuration Manager
-
-// Manager handles full and partial changes in the configuration, persisting
-// them to disk if necessary.
-type Manager struct {
-	// updMu makes sure that at most one reconfiguration is performed at a time.
-	// updMu protects all fields below.
-	updMu *sync.RWMutex
-
-	// dns is the DNS service.
-	dns *dnssvc.Service
-
-	// Web is the Web API service.
-	web *websvc.Service
-
-	// current is the current configuration.
-	current *config
-
-	// fileName is the name of the configuration file.
-	fileName string
-}
-
-// New creates a new *Manager that persists changes to the file pointed to by
-// fileName.  It reads the configuration file and populates the service fields.
-// start is the startup time of AdGuard Home.
-func New(
-	fileName string,
-	frontend fs.FS,
-	start time.Time,
-) (m *Manager, err error) {
-	defer func() { err = errors.Annotate(err, "reading config: %w") }()
-
-	conf := &config{}
-	f, err := os.Open(fileName)
-	if err != nil {
-		// Don't wrap the error, because it's informative enough as is.
-		return nil, err
-	}
-	defer func() { err = errors.WithDeferred(err, f.Close()) }()
-
-	err = yaml.NewDecoder(f).Decode(conf)
-	if err != nil {
-		// Don't wrap the error, because it's informative enough as is.
-		return nil, err
-	}
-
-	// TODO(a.garipov): Move into a separate function and add other logging
-	// settings.
-	if conf.Verbose {
-		log.SetLevel(log.DEBUG)
-	}
-
-	// TODO(a.garipov): Validate the configuration structure.  Return an error
-	// if it's incorrect.
-
-	m = &Manager{
-		updMu:    &sync.RWMutex{},
-		current:  conf,
-		fileName: fileName,
-	}
-
-	// TODO(a.garipov): Get the context with the timeout from the arguments?
-	const assemblyTimeout = 5 * time.Second
-	ctx, cancel := context.WithTimeout(context.Background(), assemblyTimeout)
-	defer cancel()
-
-	err = m.assemble(ctx, conf, frontend, start)
-	if err != nil {
-		// Don't wrap the error, because it's informative enough as is.
-		return nil, err
-	}
-
-	return m, nil
-}
-
-// assemble creates all services and puts them into the corresponding fields.
-// The fields of conf must not be modified after calling assemble.
-func (m *Manager) assemble(
-	ctx context.Context,
-	conf *config,
-	frontend fs.FS,
-	start time.Time,
-) (err error) {
-	dnsConf := &dnssvc.Config{
-		Addresses:        conf.DNS.Addresses,
-		BootstrapServers: conf.DNS.BootstrapDNS,
-		UpstreamServers:  conf.DNS.UpstreamDNS,
-		UpstreamTimeout:  conf.DNS.UpstreamTimeout.Duration,
-	}
-	err = m.updateDNS(ctx, dnsConf)
-	if err != nil {
-		return fmt.Errorf("assembling dnssvc: %w", err)
-	}
-
-	webSvcConf := &websvc.Config{
-		ConfigManager: m,
-		Frontend:      frontend,
-		// TODO(a.garipov): Fill from config file.
-		TLS:             nil,
-		Start:           start,
-		Addresses:       conf.HTTP.Addresses,
-		SecureAddresses: conf.HTTP.SecureAddresses,
-		Timeout:         conf.HTTP.Timeout.Duration,
-		ForceHTTPS:      conf.HTTP.ForceHTTPS,
-	}
-
-	err = m.updateWeb(ctx, webSvcConf)
-	if err != nil {
-		return fmt.Errorf("assembling websvc: %w", err)
-	}
-
-	return nil
-}
-
-// DNS returns the current DNS service.  It is safe for concurrent use.
-func (m *Manager) DNS() (dns agh.ServiceWithConfig[*dnssvc.Config]) {
-	m.updMu.RLock()
-	defer m.updMu.RUnlock()
-
-	return m.dns
-}
-
-// UpdateDNS implements the [websvc.ConfigManager] interface for *Manager.  The
-// fields of c must not be modified after calling UpdateDNS.
-func (m *Manager) UpdateDNS(ctx context.Context, c *dnssvc.Config) (err error) {
-	m.updMu.Lock()
-	defer m.updMu.Unlock()
-
-	// TODO(a.garipov): Update and write the configuration file.  Return an
-	// error if something went wrong.
-
-	err = m.updateDNS(ctx, c)
-	if err != nil {
-		return fmt.Errorf("reassembling dnssvc: %w", err)
-	}
-
-	return nil
-}
-
-// updateDNS recreates the DNS service.  m.updMu is expected to be locked.
-func (m *Manager) updateDNS(ctx context.Context, c *dnssvc.Config) (err error) {
-	if prev := m.dns; prev != nil {
-		err = prev.Shutdown(ctx)
-		if err != nil {
-			return fmt.Errorf("shutting down dns svc: %w", err)
-		}
-	}
-
-	svc, err := dnssvc.New(c)
-	if err != nil {
-		return fmt.Errorf("creating dns svc: %w", err)
-	}
-
-	m.dns = svc
-
-	return nil
-}
-
-// Web returns the current web service.  It is safe for concurrent use.
-func (m *Manager) Web() (web agh.ServiceWithConfig[*websvc.Config]) {
-	m.updMu.RLock()
-	defer m.updMu.RUnlock()
-
-	return m.web
-}
-
-// UpdateWeb implements the [websvc.ConfigManager] interface for *Manager.  The
-// fields of c must not be modified after calling UpdateWeb.
-func (m *Manager) UpdateWeb(ctx context.Context, c *websvc.Config) (err error) {
-	m.updMu.Lock()
-	defer m.updMu.Unlock()
-
-	// TODO(a.garipov): Update and write the configuration file.  Return an
-	// error if something went wrong.
-
-	err = m.updateWeb(ctx, c)
-	if err != nil {
-		return fmt.Errorf("reassembling websvc: %w", err)
-	}
-
-	return nil
-}
-
-// updateWeb recreates the web service.  m.upd is expected to be locked.
-func (m *Manager) updateWeb(ctx context.Context, c *websvc.Config) (err error) {
-	if prev := m.web; prev != nil {
-		err = prev.Shutdown(ctx)
-		if err != nil {
-			return fmt.Errorf("shutting down web svc: %w", err)
-		}
-	}
-
-	m.web, err = websvc.New(c)
-	if err != nil {
-		return fmt.Errorf("creating web svc: %w", err)
-	}
-
-	return nil
-}

internal/next/dnssvc/dnssvc.go

@@ -1,216 +0,0 @@
-// Package dnssvc contains the AdGuard Home DNS service.
-//
-// TODO(a.garipov): Define, if all methods of a *Service should work with a nil
-// receiver.
-package dnssvc
-
-import (
-	"context"
-	"fmt"
-	"net"
-	"net/netip"
-	"sync/atomic"
-	"time"
-
-	"github.com/AdguardTeam/AdGuardHome/internal/next/agh"
-	// TODO(a.garipov): Add a “dnsproxy proxy” package to shield us from changes
-	// and replacement of module dnsproxy.
-	"github.com/AdguardTeam/dnsproxy/proxy"
-	"github.com/AdguardTeam/dnsproxy/upstream"
-)
-
-// Config is the AdGuard Home DNS service configuration structure.
-//
-// TODO(a.garipov): Add timeout for incoming requests.
-type Config struct {
-	// Addresses are the addresses on which to serve plain DNS queries.
-	Addresses []netip.AddrPort
-
-	// Upstreams are the DNS upstreams to use.  If not set, upstreams are
-	// created using data from BootstrapServers, UpstreamServers, and
-	// UpstreamTimeout.
-	//
-	// TODO(a.garipov): Think of a better scheme.  Those other three parameters
-	// are here only to make Config work properly.
-	Upstreams []upstream.Upstream
-
-	// BootstrapServers are the addresses for bootstrapping the upstream DNS
-	// server addresses.
-	BootstrapServers []string
-
-	// UpstreamServers are the upstream DNS server addresses to use.
-	UpstreamServers []string
-
-	// UpstreamTimeout is the timeout for upstream requests.
-	UpstreamTimeout time.Duration
-}
-
-// Service is the AdGuard Home DNS service.  A nil *Service is a valid
-// [agh.Service] that does nothing.
-type Service struct {
-	proxy      *proxy.Proxy
-	bootstraps []string
-	upstreams  []string
-	upsTimeout time.Duration
-	running    atomic.Bool
-}
-
-// New returns a new properly initialized *Service.  If c is nil, svc is a nil
-// *Service that does nothing.  The fields of c must not be modified after
-// calling New.
-func New(c *Config) (svc *Service, err error) {
-	if c == nil {
-		return nil, nil
-	}
-
-	svc = &Service{
-		bootstraps: c.BootstrapServers,
-		upstreams:  c.UpstreamServers,
-		upsTimeout: c.UpstreamTimeout,
-	}
-
-	var upstreams []upstream.Upstream
-	if len(c.Upstreams) > 0 {
-		upstreams = c.Upstreams
-	} else {
-		upstreams, err = addressesToUpstreams(
-			c.UpstreamServers,
-			c.BootstrapServers,
-			c.UpstreamTimeout,
-		)
-		if err != nil {
-			return nil, fmt.Errorf("converting upstreams: %w", err)
-		}
-	}
-
-	svc.proxy = &proxy.Proxy{
-		Config: proxy.Config{
-			UDPListenAddr: udpAddrs(c.Addresses),
-			TCPListenAddr: tcpAddrs(c.Addresses),
-			UpstreamConfig: &proxy.UpstreamConfig{
-				Upstreams: upstreams,
-			},
-		},
-	}
-
-	err = svc.proxy.Init()
-	if err != nil {
-		return nil, fmt.Errorf("proxy: %w", err)
-	}
-
-	return svc, nil
-}
-
-// addressesToUpstreams is a wrapper around [upstream.AddressToUpstream].  It
-// accepts a slice of addresses and other upstream parameters, and returns a
-// slice of upstreams.
-func addressesToUpstreams(
-	upsStrs []string,
-	bootstraps []string,
-	timeout time.Duration,
-) (upstreams []upstream.Upstream, err error) {
-	upstreams = make([]upstream.Upstream, len(upsStrs))
-	for i, upsStr := range upsStrs {
-		upstreams[i], err = upstream.AddressToUpstream(upsStr, &upstream.Options{
-			Bootstrap: bootstraps,
-			Timeout:   timeout,
-		})
-		if err != nil {
-			return nil, fmt.Errorf("upstream at index %d: %w", i, err)
-		}
-	}
-
-	return upstreams, nil
-}
-
-// tcpAddrs converts []netip.AddrPort into []*net.TCPAddr.
-func tcpAddrs(addrPorts []netip.AddrPort) (tcpAddrs []*net.TCPAddr) {
-	if addrPorts == nil {
-		return nil
-	}
-
-	tcpAddrs = make([]*net.TCPAddr, len(addrPorts))
-	for i, a := range addrPorts {
-		tcpAddrs[i] = net.TCPAddrFromAddrPort(a)
-	}
-
-	return tcpAddrs
-}
-
-// udpAddrs converts []netip.AddrPort into []*net.UDPAddr.
-func udpAddrs(addrPorts []netip.AddrPort) (udpAddrs []*net.UDPAddr) {
-	if addrPorts == nil {
-		return nil
-	}
-
-	udpAddrs = make([]*net.UDPAddr, len(addrPorts))
-	for i, a := range addrPorts {
-		udpAddrs[i] = net.UDPAddrFromAddrPort(a)
-	}
-
-	return udpAddrs
-}
-
-// type check
-var _ agh.Service = (*Service)(nil)
-
-// Start implements the [agh.Service] interface for *Service.  svc may be nil.
-// After Start exits, all DNS servers have tried to start, but there is no
-// guarantee that they did.  Errors from the servers are written to the log.
-func (svc *Service) Start() (err error) {
-	if svc == nil {
-		return nil
-	}
-
-	defer func() {
-		// TODO(a.garipov): [proxy.Proxy.Start] doesn't actually have any way to
-		// tell when all servers are actually up, so at best this is merely an
-		// assumption.
-		svc.running.Store(err == nil)
-	}()
-
-	return svc.proxy.Start()
-}
-
-// Shutdown implements the [agh.Service] interface for *Service.  svc may be
-// nil.
-func (svc *Service) Shutdown(ctx context.Context) (err error) {
-	if svc == nil {
-		return nil
-	}
-
-	return svc.proxy.Stop()
-}
-
-// Config returns the current configuration of the web service.  Config must not
-// be called simultaneously with Start.  If svc was initialized with ":0"
-// addresses, addrs will not return the actual bound ports until Start is
-// finished.
-func (svc *Service) Config() (c *Config) {
-	// TODO(a.garipov): Do we need to get the TCP addresses separately?
-
-	var addrs []netip.AddrPort
-	if svc.running.Load() {
-		udpAddrs := svc.proxy.Addrs(proxy.ProtoUDP)
-		addrs = make([]netip.AddrPort, len(udpAddrs))
-		for i, a := range udpAddrs {
-			addrs[i] = a.(*net.UDPAddr).AddrPort()
-		}
-	} else {
-		conf := svc.proxy.Config
-		udpAddrs := conf.UDPListenAddr
-		addrs = make([]netip.AddrPort, len(udpAddrs))
-		for i, a := range udpAddrs {
-			addrs[i] = a.AddrPort()
-		}
-	}
-
-	c = &Config{
-		Addresses:        addrs,
-		BootstrapServers: svc.bootstraps,
-		UpstreamServers:  svc.upstreams,
-		UpstreamTimeout:  svc.upsTimeout,
-	}
-
-	return c
-}

internal/next/dnssvc/dnssvc_test.go

@@ -1,96 +0,0 @@
-package dnssvc_test
-
-import (
-	"context"
-	"net/netip"
-	"testing"
-	"time"
-
-	"github.com/AdguardTeam/AdGuardHome/internal/aghtest"
-	"github.com/AdguardTeam/AdGuardHome/internal/next/dnssvc"
-	"github.com/AdguardTeam/dnsproxy/upstream"
-	"github.com/AdguardTeam/golibs/errors"
-	"github.com/AdguardTeam/golibs/testutil"
-	"github.com/miekg/dns"
-	"github.com/stretchr/testify/assert"
-	"github.com/stretchr/testify/require"
-)
-
-func TestMain(m *testing.M) {
-	testutil.DiscardLogOutput(m)
-}
-
-// testTimeout is the common timeout for tests.
-const testTimeout = 100 * time.Millisecond
-
-func TestService(t *testing.T) {
-	const (
-		bootstrapAddr = "bootstrap.example"
-		upstreamAddr  = "upstream.example"
-
-		closeErr errors.Error = "closing failed"
-	)
-
-	ups := &aghtest.UpstreamMock{
-		OnAddress: func() (addr string) {
-			return upstreamAddr
-		},
-		OnExchange: func(req *dns.Msg) (resp *dns.Msg, err error) {
-			resp = (&dns.Msg{}).SetReply(req)
-
-			return resp, nil
-		},
-		OnClose: func() (err error) {
-			return closeErr
-		},
-	}
-
-	c := &dnssvc.Config{
-		Addresses:        []netip.AddrPort{netip.MustParseAddrPort("127.0.0.1:0")},
-		Upstreams:        []upstream.Upstream{ups},
-		BootstrapServers: []string{bootstrapAddr},
-		UpstreamServers:  []string{upstreamAddr},
-		UpstreamTimeout:  testTimeout,
-	}
-
-	svc, err := dnssvc.New(c)
-	require.NoError(t, err)
-
-	err = svc.Start()
-	require.NoError(t, err)
-
-	gotConf := svc.Config()
-	require.NotNil(t, gotConf)
-	require.Len(t, gotConf.Addresses, 1)
-
-	addr := gotConf.Addresses[0]
-
-	t.Run("dns", func(t *testing.T) {
-		req := &dns.Msg{
-			MsgHdr: dns.MsgHdr{
-				Id:               dns.Id(),
-				RecursionDesired: true,
-			},
-			Question: []dns.Question{{
-				Name:   "example.com.",
-				Qtype:  dns.TypeA,
-				Qclass: dns.ClassINET,
-			}},
-		}
-
-		ctx, cancel := context.WithTimeout(context.Background(), testTimeout)
-		defer cancel()
-
-		cli := &dns.Client{}
-		resp, _, excErr := cli.ExchangeContext(ctx, req, addr.String())
-		require.NoError(t, excErr)
-
-		assert.NotNil(t, resp)
-	})
-
-	ctx, cancel := context.WithTimeout(context.Background(), testTimeout)
-	defer cancel()
-
-	err = svc.Shutdown(ctx)
-	require.ErrorIs(t, err, closeErr)
-}

internal/next/websvc/dns.go

@@ -1,84 +0,0 @@
-package websvc
-
-import (
-	"encoding/json"
-	"fmt"
-	"net/http"
-	"net/netip"
-	"time"
-
-	"github.com/AdguardTeam/AdGuardHome/internal/next/dnssvc"
-)
-
-// DNS Settings Handlers
-
-// ReqPatchSettingsDNS describes the request to the PATCH /api/v1/settings/dns
-// HTTP API.
-type ReqPatchSettingsDNS struct {
-	// TODO(a.garipov): Add more as we go.
-
-	Addresses        []netip.AddrPort `json:"addresses"`
-	BootstrapServers []string         `json:"bootstrap_servers"`
-	UpstreamServers  []string         `json:"upstream_servers"`
-	UpstreamTimeout  JSONDuration     `json:"upstream_timeout"`
-}
-
-// HTTPAPIDNSSettings are the DNS settings as used by the HTTP API.  See the
-// DnsSettings object in the OpenAPI specification.
-type HTTPAPIDNSSettings struct {
-	// TODO(a.garipov): Add more as we go.
-
-	Addresses        []netip.AddrPort `json:"addresses"`
-	BootstrapServers []string         `json:"bootstrap_servers"`
-	UpstreamServers  []string         `json:"upstream_servers"`
-	UpstreamTimeout  JSONDuration     `json:"upstream_timeout"`
-}
-
-// handlePatchSettingsDNS is the handler for the PATCH /api/v1/settings/dns HTTP
-// API.
-func (svc *Service) handlePatchSettingsDNS(w http.ResponseWriter, r *http.Request) {
-	req := &ReqPatchSettingsDNS{
-		Addresses:        []netip.AddrPort{},
-		BootstrapServers: []string{},
-		UpstreamServers:  []string{},
-	}
-
-	// TODO(a.garipov): Validate nulls and proper JSON patch.
-
-	err := json.NewDecoder(r.Body).Decode(&req)
-	if err != nil {
-		writeJSONErrorResponse(w, r, fmt.Errorf("decoding: %w", err))
-
-		return
-	}
-
-	newConf := &dnssvc.Config{
-		Addresses:        req.Addresses,
-		BootstrapServers: req.BootstrapServers,
-		UpstreamServers:  req.UpstreamServers,
-		UpstreamTimeout:  time.Duration(req.UpstreamTimeout),
-	}
-
-	ctx := r.Context()
-	err = svc.confMgr.UpdateDNS(ctx, newConf)
-	if err != nil {
-		writeJSONErrorResponse(w, r, fmt.Errorf("updating: %w", err))
-
-		return
-	}
-
-	newSvc := svc.confMgr.DNS()
-	err = newSvc.Start()
-	if err != nil {
-		writeJSONErrorResponse(w, r, fmt.Errorf("starting new service: %w", err))
-
-		return
-	}
-
-	writeJSONOKResponse(w, r, &HTTPAPIDNSSettings{
-		Addresses:        newConf.Addresses,
-		BootstrapServers: newConf.BootstrapServers,
-		UpstreamServers:  newConf.UpstreamServers,
-		UpstreamTimeout:  JSONDuration(newConf.UpstreamTimeout),
-	})
-}

internal/next/websvc/dns_test.go

@@ -1,68 +0,0 @@
-package websvc_test
-
-import (
-	"context"
-	"encoding/json"
-	"net/http"
-	"net/netip"
-	"net/url"
-	"sync/atomic"
-	"testing"
-	"time"
-
-	"github.com/AdguardTeam/AdGuardHome/internal/aghtest"
-	"github.com/AdguardTeam/AdGuardHome/internal/next/agh"
-	"github.com/AdguardTeam/AdGuardHome/internal/next/dnssvc"
-	"github.com/AdguardTeam/AdGuardHome/internal/next/websvc"
-	"github.com/stretchr/testify/assert"
-	"github.com/stretchr/testify/require"
-)
-
-func TestService_HandlePatchSettingsDNS(t *testing.T) {
-	wantDNS := &websvc.HTTPAPIDNSSettings{
-		Addresses:        []netip.AddrPort{netip.MustParseAddrPort("127.0.1.1:53")},
-		BootstrapServers: []string{"1.0.0.1"},
-		UpstreamServers:  []string{"1.1.1.1"},
-		UpstreamTimeout:  websvc.JSONDuration(2 * time.Second),
-	}
-
-	var started atomic.Bool
-	confMgr := newConfigManager()
-	confMgr.onDNS = func() (s agh.ServiceWithConfig[*dnssvc.Config]) {
-		return &aghtest.ServiceWithConfig[*dnssvc.Config]{
-			OnStart: func() (err error) {
-				started.Store(true)
-
-				return nil
-			},
-			OnShutdown: func(_ context.Context) (err error) { panic("not implemented") },
-			OnConfig:   func() (c *dnssvc.Config) { panic("not implemented") },
-		}
-	}
-	confMgr.onUpdateDNS = func(ctx context.Context, c *dnssvc.Config) (err error) {
-		return nil
-	}
-
-	_, addr := newTestServer(t, confMgr)
-	u := &url.URL{
-		Scheme: "http",
-		Host:   addr.String(),
-		Path:   websvc.PathV1SettingsDNS,
-	}
-
-	req := jobj{
-		"addresses":         wantDNS.Addresses,
-		"bootstrap_servers": wantDNS.BootstrapServers,
-		"upstream_servers":  wantDNS.UpstreamServers,
-		"upstream_timeout":  wantDNS.UpstreamTimeout,
-	}
-
-	respBody := httpPatch(t, u, req, http.StatusOK)
-	resp := &websvc.HTTPAPIDNSSettings{}
-	err := json.Unmarshal(respBody, resp)
-	require.NoError(t, err)
-
-	assert.True(t, started.Load())
-	assert.Equal(t, wantDNS, resp)
-	assert.Equal(t, wantDNS, resp)
-}

internal/next/websvc/http.go

@@ -1,118 +0,0 @@
-package websvc
-
-import (
-	"context"
-	"encoding/json"
-	"fmt"
-	"net/http"
-	"net/netip"
-	"time"
-
-	"github.com/AdguardTeam/AdGuardHome/internal/next/agh"
-	"github.com/AdguardTeam/golibs/log"
-)
-
-// HTTP Settings Handlers
-
-// ReqPatchSettingsHTTP describes the request to the PATCH /api/v1/settings/http
-// HTTP API.
-type ReqPatchSettingsHTTP struct {
-	// TODO(a.garipov): Add more as we go.
-	//
-	// TODO(a.garipov): Add wait time.
-
-	Addresses       []netip.AddrPort `json:"addresses"`
-	SecureAddresses []netip.AddrPort `json:"secure_addresses"`
-	Timeout         JSONDuration     `json:"timeout"`
-}
-
-// HTTPAPIHTTPSettings are the HTTP settings as used by the HTTP API.  See the
-// HttpSettings object in the OpenAPI specification.
-type HTTPAPIHTTPSettings struct {
-	// TODO(a.garipov): Add more as we go.
-
-	Addresses       []netip.AddrPort `json:"addresses"`
-	SecureAddresses []netip.AddrPort `json:"secure_addresses"`
-	Timeout         JSONDuration     `json:"timeout"`
-	ForceHTTPS      bool             `json:"force_https"`
-}
-
-// handlePatchSettingsHTTP is the handler for the PATCH /api/v1/settings/http
-// HTTP API.
-func (svc *Service) handlePatchSettingsHTTP(w http.ResponseWriter, r *http.Request) {
-	req := &ReqPatchSettingsHTTP{}
-
-	// TODO(a.garipov): Validate nulls and proper JSON patch.
-
-	err := json.NewDecoder(r.Body).Decode(&req)
-	if err != nil {
-		writeJSONErrorResponse(w, r, fmt.Errorf("decoding: %w", err))
-
-		return
-	}
-
-	newConf := &Config{
-		ConfigManager:   svc.confMgr,
-		Frontend:        svc.frontend,
-		TLS:             svc.tls,
-		Addresses:       req.Addresses,
-		SecureAddresses: req.SecureAddresses,
-		Timeout:         time.Duration(req.Timeout),
-		ForceHTTPS:      svc.forceHTTPS,
-	}
-
-	writeJSONOKResponse(w, r, &HTTPAPIHTTPSettings{
-		Addresses:       newConf.Addresses,
-		SecureAddresses: newConf.SecureAddresses,
-		Timeout:         JSONDuration(newConf.Timeout),
-		ForceHTTPS:      newConf.ForceHTTPS,
-	})
-
-	cancelUpd := func() {}
-	updCtx := context.Background()
-
-	ctx := r.Context()
-	if deadline, ok := ctx.Deadline(); ok {
-		updCtx, cancelUpd = context.WithDeadline(updCtx, deadline)
-	}
-
-	// Launch the new HTTP service in a separate goroutine to let this handler
-	// finish and thus, this server to shutdown.
-	go svc.relaunch(updCtx, cancelUpd, newConf)
-}
-
-// relaunch updates the web service in the configuration manager and starts it.
-// It is intended to be used as a goroutine.
-func (svc *Service) relaunch(ctx context.Context, cancel context.CancelFunc, newConf *Config) {
-	defer log.OnPanic("websvc: relaunching")
-
-	defer cancel()
-
-	err := svc.confMgr.UpdateWeb(ctx, newConf)
-	if err != nil {
-		log.Error("websvc: updating web: %s", err)
-
-		return
-	}
-
-	// TODO(a.garipov): Consider better ways to do this.
-	const maxUpdDur = 5 * time.Second
-	updStart := time.Now()
-	var newSvc agh.ServiceWithConfig[*Config]
-	for newSvc = svc.confMgr.Web(); newSvc == svc; {
-		if time.Since(updStart) >= maxUpdDur {
-			log.Error("websvc: failed to update svc after %s", maxUpdDur)
-
-			return
-		}
-
-		log.Debug("websvc: waiting for new websvc to be configured")
-
-		time.Sleep(100 * time.Millisecond)
-	}
-
-	err = newSvc.Start()
-	if err != nil {
-		log.Error("websvc: new svc failed to start with error: %s", err)
-	}
-}

internal/next/websvc/http_test.go

@@ -1,62 +0,0 @@
-package websvc_test
-
-import (
-	"context"
-	"crypto/tls"
-	"encoding/json"
-	"net/http"
-	"net/netip"
-	"net/url"
-	"testing"
-	"time"
-
-	"github.com/AdguardTeam/AdGuardHome/internal/next/agh"
-	"github.com/AdguardTeam/AdGuardHome/internal/next/websvc"
-	"github.com/stretchr/testify/assert"
-	"github.com/stretchr/testify/require"
-)
-
-func TestService_HandlePatchSettingsHTTP(t *testing.T) {
-	wantWeb := &websvc.HTTPAPIHTTPSettings{
-		Addresses:       []netip.AddrPort{netip.MustParseAddrPort("127.0.1.1:80")},
-		SecureAddresses: []netip.AddrPort{netip.MustParseAddrPort("127.0.1.1:443")},
-		Timeout:         websvc.JSONDuration(10 * time.Second),
-		ForceHTTPS:      false,
-	}
-
-	svc, err := websvc.New(&websvc.Config{
-		TLS: &tls.Config{
-			Certificates: []tls.Certificate{{}},
-		},
-		Addresses:       []netip.AddrPort{netip.MustParseAddrPort("127.0.0.1:80")},
-		SecureAddresses: []netip.AddrPort{netip.MustParseAddrPort("127.0.0.1:443")},
-		Timeout:         5 * time.Second,
-		ForceHTTPS:      true,
-	})
-	require.NoError(t, err)
-
-	confMgr := newConfigManager()
-	confMgr.onWeb = func() (s agh.ServiceWithConfig[*websvc.Config]) { return svc }
-	confMgr.onUpdateWeb = func(ctx context.Context, c *websvc.Config) (err error) { return nil }
-
-	_, addr := newTestServer(t, confMgr)
-	u := &url.URL{
-		Scheme: "http",
-		Host:   addr.String(),
-		Path:   websvc.PathV1SettingsHTTP,
-	}
-
-	req := jobj{
-		"addresses":        wantWeb.Addresses,
-		"secure_addresses": wantWeb.SecureAddresses,
-		"timeout":          wantWeb.Timeout,
-		"force_https":      wantWeb.ForceHTTPS,
-	}
-
-	respBody := httpPatch(t, u, req, http.StatusOK)
-	resp := &websvc.HTTPAPIHTTPSettings{}
-	err = json.Unmarshal(respBody, resp)
-	require.NoError(t, err)
-
-	assert.Equal(t, wantWeb, resp)
-}

internal/next/websvc/json.go

@@ -1,144 +0,0 @@
-package websvc
-
-import (
-	"encoding/json"
-	"fmt"
-	"net/http"
-	"strconv"
-	"time"
-
-	"github.com/AdguardTeam/AdGuardHome/internal/aghhttp"
-	"github.com/AdguardTeam/golibs/httphdr"
-	"github.com/AdguardTeam/golibs/log"
-)
-
-// JSON Utilities
-
-// nsecPerMsec is the number of nanoseconds in a millisecond.
-const nsecPerMsec = float64(time.Millisecond / time.Nanosecond)
-
-// JSONDuration is a time.Duration that can be decoded from JSON and encoded
-// into JSON according to our API conventions.
-type JSONDuration time.Duration
-
-// type check
-var _ json.Marshaler = JSONDuration(0)
-
-// MarshalJSON implements the json.Marshaler interface for JSONDuration.  err is
-// always nil.
-func (d JSONDuration) MarshalJSON() (b []byte, err error) {
-	msec := float64(time.Duration(d)) / nsecPerMsec
-	b = strconv.AppendFloat(nil, msec, 'f', -1, 64)
-
-	return b, nil
-}
-
-// type check
-var _ json.Unmarshaler = (*JSONDuration)(nil)
-
-// UnmarshalJSON implements the json.Marshaler interface for *JSONDuration.
-func (d *JSONDuration) UnmarshalJSON(b []byte) (err error) {
-	if d == nil {
-		return fmt.Errorf("json duration is nil")
-	}
-
-	msec, err := strconv.ParseFloat(string(b), 64)
-	if err != nil {
-		return fmt.Errorf("parsing json time: %w", err)
-	}
-
-	*d = JSONDuration(int64(msec * nsecPerMsec))
-
-	return nil
-}
-
-// JSONTime is a time.Time that can be decoded from JSON and encoded into JSON
-// according to our API conventions.
-type JSONTime time.Time
-
-// type check
-var _ json.Marshaler = JSONTime{}
-
-// MarshalJSON implements the json.Marshaler interface for JSONTime.  err is
-// always nil.
-func (t JSONTime) MarshalJSON() (b []byte, err error) {
-	msec := float64(time.Time(t).UnixNano()) / nsecPerMsec
-	b = strconv.AppendFloat(nil, msec, 'f', -1, 64)
-
-	return b, nil
-}
-
-// type check
-var _ json.Unmarshaler = (*JSONTime)(nil)
-
-// UnmarshalJSON implements the json.Marshaler interface for *JSONTime.
-func (t *JSONTime) UnmarshalJSON(b []byte) (err error) {
-	if t == nil {
-		return fmt.Errorf("json time is nil")
-	}
-
-	msec, err := strconv.ParseFloat(string(b), 64)
-	if err != nil {
-		return fmt.Errorf("parsing json time: %w", err)
-	}
-
-	*t = JSONTime(time.Unix(0, int64(msec*nsecPerMsec)).UTC())
-
-	return nil
-}
-
-// writeJSONOKResponse writes headers with the code 200 OK, encodes v into w,
-// and logs any errors it encounters.  r is used to get additional information
-// from the request.
-func writeJSONOKResponse(w http.ResponseWriter, r *http.Request, v any) {
-	writeJSONResponse(w, r, v, http.StatusOK)
-}
-
-// writeJSONResponse writes headers with code, encodes v into w, and logs any
-// errors it encounters.  r is used to get additional information from the
-// request.
-func writeJSONResponse(w http.ResponseWriter, r *http.Request, v any, code int) {
-	// TODO(a.garipov): Put some of these to a middleware.
-	h := w.Header()
-	h.Set(httphdr.ContentType, aghhttp.HdrValApplicationJSON)
-	h.Set(httphdr.Server, aghhttp.UserAgent())
-
-	w.WriteHeader(code)
-
-	err := json.NewEncoder(w).Encode(v)
-	if err != nil {
-		log.Error("websvc: writing resp to %s %s: %s", r.Method, r.URL.Path, err)
-	}
-}
-
-// ErrorCode is the error code as used by the HTTP API.  See the ErrorCode
-// definition in the OpenAPI specification.
-type ErrorCode string
-
-// ErrorCode constants.
-//
-// TODO(a.garipov): Expand and document codes.
-const (
-	// ErrorCodeTMP000 is the temporary error code used for all errors.
-	ErrorCodeTMP000 = ""
-)
-
-// HTTPAPIErrorResp is the error response as used by the HTTP API.  See the
-// BadRequestResp, InternalServerErrorResp, and similar objects in the OpenAPI
-// specification.
-type HTTPAPIErrorResp struct {
-	Code ErrorCode `json:"code"`
-	Msg  string    `json:"msg"`
-}
-
-// writeJSONErrorResponse encodes err as a JSON error into w, and logs any
-// errors it encounters.  r is used to get additional information from the
-// request.
-func writeJSONErrorResponse(w http.ResponseWriter, r *http.Request, err error) {
-	log.Error("websvc: %s %s: %s", r.Method, r.URL.Path, err)
-
-	writeJSONResponse(w, r, &HTTPAPIErrorResp{
-		Code: ErrorCodeTMP000,
-		Msg:  err.Error(),
-	}, http.StatusUnprocessableEntity)
-}

internal/next/websvc/json_test.go

@@ -1,114 +0,0 @@
-package websvc_test
-
-import (
-	"encoding/json"
-	"testing"
-	"time"
-
-	"github.com/AdguardTeam/AdGuardHome/internal/next/websvc"
-	"github.com/AdguardTeam/golibs/testutil"
-	"github.com/stretchr/testify/assert"
-	"github.com/stretchr/testify/require"
-)
-
-// testJSONTime is the JSON time for tests.
-var testJSONTime = websvc.JSONTime(time.Unix(1_234_567_890, 123_456_000).UTC())
-
-// testJSONTimeStr is the string with the JSON encoding of testJSONTime.
-const testJSONTimeStr = "1234567890123.456"
-
-func TestJSONTime_MarshalJSON(t *testing.T) {
-	testCases := []struct {
-		name       string
-		wantErrMsg string
-		in         websvc.JSONTime
-		want       []byte
-	}{{
-		name:       "unix_zero",
-		wantErrMsg: "",
-		in:         websvc.JSONTime(time.Unix(0, 0)),
-		want:       []byte("0"),
-	}, {
-		name:       "empty",
-		wantErrMsg: "",
-		in:         websvc.JSONTime{},
-		want:       []byte("-6795364578871.345"),
-	}, {
-		name:       "time",
-		wantErrMsg: "",
-		in:         testJSONTime,
-		want:       []byte(testJSONTimeStr),
-	}}
-
-	for _, tc := range testCases {
-		t.Run(tc.name, func(t *testing.T) {
-			got, err := tc.in.MarshalJSON()
-			testutil.AssertErrorMsg(t, tc.wantErrMsg, err)
-
-			assert.Equal(t, tc.want, got)
-		})
-	}
-
-	t.Run("json", func(t *testing.T) {
-		in := &struct {
-			A websvc.JSONTime
-		}{
-			A: testJSONTime,
-		}
-
-		got, err := json.Marshal(in)
-		require.NoError(t, err)
-
-		assert.Equal(t, []byte(`{"A":`+testJSONTimeStr+`}`), got)
-	})
-}
-
-func TestJSONTime_UnmarshalJSON(t *testing.T) {
-	testCases := []struct {
-		name       string
-		wantErrMsg string
-		want       websvc.JSONTime
-		data       []byte
-	}{{
-		name:       "time",
-		wantErrMsg: "",
-		want:       testJSONTime,
-		data:       []byte(testJSONTimeStr),
-	}, {
-		name: "bad",
-		wantErrMsg: `parsing json time: strconv.ParseFloat: parsing "{}": ` +
-			`invalid syntax`,
-		want: websvc.JSONTime{},
-		data: []byte(`{}`),
-	}}
-
-	for _, tc := range testCases {
-		t.Run(tc.name, func(t *testing.T) {
-			var got websvc.JSONTime
-			err := got.UnmarshalJSON(tc.data)
-			testutil.AssertErrorMsg(t, tc.wantErrMsg, err)
-
-			assert.Equal(t, tc.want, got)
-		})
-	}
-
-	t.Run("nil", func(t *testing.T) {
-		err := (*websvc.JSONTime)(nil).UnmarshalJSON([]byte("0"))
-		require.Error(t, err)
-
-		msg := err.Error()
-		assert.Equal(t, "json time is nil", msg)
-	})
-
-	t.Run("json", func(t *testing.T) {
-		want := testJSONTime
-		var got struct {
-			A websvc.JSONTime
-		}
-
-		err := json.Unmarshal([]byte(`{"A":`+testJSONTimeStr+`}`), &got)
-		require.NoError(t, err)
-
-		assert.Equal(t, want, got.A)
-	})
-}

internal/next/websvc/middleware.go

@@ -1,38 +0,0 @@
-package websvc
-
-import (
-	"net/http"
-	"time"
-
-	"github.com/AdguardTeam/AdGuardHome/internal/aghhttp"
-	"github.com/AdguardTeam/golibs/httphdr"
-	"github.com/AdguardTeam/golibs/log"
-)
-
-// Middlewares
-
-// jsonMw sets the content type of the response to application/json.
-func jsonMw(h http.Handler) (wrapped http.HandlerFunc) {
-	f := func(w http.ResponseWriter, r *http.Request) {
-		w.Header().Set(httphdr.ContentType, aghhttp.HdrValApplicationJSON)
-
-		h.ServeHTTP(w, r)
-	}
-
-	return http.HandlerFunc(f)
-}
-
-// logMw logs the queries with level debug.
-func logMw(h http.Handler) (wrapped http.HandlerFunc) {
-	f := func(w http.ResponseWriter, r *http.Request) {
-		start := time.Now()
-		m, u := r.Method, r.RequestURI
-
-		log.Debug("websvc: %s %s started", m, u)
-		defer func() { log.Debug("websvc: %s %s finished in %s", m, u, time.Since(start)) }()
-
-		h.ServeHTTP(w, r)
-	}
-
-	return http.HandlerFunc(f)
-}

internal/next/websvc/path.go

@@ -1,14 +0,0 @@
-package websvc
-
-// Path constants
-const (
-	PathRoot     = "/"
-	PathFrontend = "/*filepath"
-
-	PathHealthCheck = "/health-check"
-
-	PathV1SettingsAll  = "/api/v1/settings/all"
-	PathV1SettingsDNS  = "/api/v1/settings/dns"
-	PathV1SettingsHTTP = "/api/v1/settings/http"
-	PathV1SystemInfo   = "/api/v1/system/info"
-)

internal/next/websvc/settings.go

@@ -1,42 +0,0 @@
-package websvc
-
-import (
-	"net/http"
-)
-
-// All Settings Handlers
-
-// RespGetV1SettingsAll describes the response of the GET /api/v1/settings/all
-// HTTP API.
-type RespGetV1SettingsAll struct {
-	// TODO(a.garipov): Add more as we go.
-
-	DNS  *HTTPAPIDNSSettings  `json:"dns"`
-	HTTP *HTTPAPIHTTPSettings `json:"http"`
-}
-
-// handleGetSettingsAll is the handler for the GET /api/v1/settings/all HTTP
-// API.
-func (svc *Service) handleGetSettingsAll(w http.ResponseWriter, r *http.Request) {
-	dnsSvc := svc.confMgr.DNS()
-	dnsConf := dnsSvc.Config()
-
-	webSvc := svc.confMgr.Web()
-	httpConf := webSvc.Config()
-
-	// TODO(a.garipov): Add all currently supported parameters.
-	writeJSONOKResponse(w, r, &RespGetV1SettingsAll{
-		DNS: &HTTPAPIDNSSettings{
-			Addresses:        dnsConf.Addresses,
-			BootstrapServers: dnsConf.BootstrapServers,
-			UpstreamServers:  dnsConf.UpstreamServers,
-			UpstreamTimeout:  JSONDuration(dnsConf.UpstreamTimeout),
-		},
-		HTTP: &HTTPAPIHTTPSettings{
-			Addresses:       httpConf.Addresses,
-			SecureAddresses: httpConf.SecureAddresses,
-			Timeout:         JSONDuration(httpConf.Timeout),
-			ForceHTTPS:      httpConf.ForceHTTPS,
-		},
-	})
-}

internal/next/websvc/settings_test.go

@@ -1,78 +0,0 @@
-package websvc_test
-
-import (
-	"crypto/tls"
-	"encoding/json"
-	"net/http"
-	"net/netip"
-	"net/url"
-	"testing"
-	"time"
-
-	"github.com/AdguardTeam/AdGuardHome/internal/next/agh"
-	"github.com/AdguardTeam/AdGuardHome/internal/next/dnssvc"
-	"github.com/AdguardTeam/AdGuardHome/internal/next/websvc"
-	"github.com/stretchr/testify/assert"
-	"github.com/stretchr/testify/require"
-)
-
-func TestService_HandleGetSettingsAll(t *testing.T) {
-	// TODO(a.garipov): Add all currently supported parameters.
-
-	wantDNS := &websvc.HTTPAPIDNSSettings{
-		Addresses:        []netip.AddrPort{netip.MustParseAddrPort("127.0.0.1:53")},
-		BootstrapServers: []string{"94.140.14.140", "94.140.14.141"},
-		UpstreamServers:  []string{"94.140.14.14", "1.1.1.1"},
-		UpstreamTimeout:  websvc.JSONDuration(1 * time.Second),
-	}
-
-	wantWeb := &websvc.HTTPAPIHTTPSettings{
-		Addresses:       []netip.AddrPort{netip.MustParseAddrPort("127.0.0.1:80")},
-		SecureAddresses: []netip.AddrPort{netip.MustParseAddrPort("127.0.0.1:443")},
-		Timeout:         websvc.JSONDuration(5 * time.Second),
-		ForceHTTPS:      true,
-	}
-
-	confMgr := newConfigManager()
-	confMgr.onDNS = func() (s agh.ServiceWithConfig[*dnssvc.Config]) {
-		c, err := dnssvc.New(&dnssvc.Config{
-			Addresses:        wantDNS.Addresses,
-			UpstreamServers:  wantDNS.UpstreamServers,
-			BootstrapServers: wantDNS.BootstrapServers,
-			UpstreamTimeout:  time.Duration(wantDNS.UpstreamTimeout),
-		})
-		require.NoError(t, err)
-
-		return c
-	}
-
-	svc, err := websvc.New(&websvc.Config{
-		TLS: &tls.Config{
-			Certificates: []tls.Certificate{{}},
-		},
-		Addresses:       wantWeb.Addresses,
-		SecureAddresses: wantWeb.SecureAddresses,
-		Timeout:         time.Duration(wantWeb.Timeout),
-		ForceHTTPS:      true,
-	})
-	require.NoError(t, err)
-
-	confMgr.onWeb = func() (s agh.ServiceWithConfig[*websvc.Config]) {
-		return svc
-	}
-
-	_, addr := newTestServer(t, confMgr)
-	u := &url.URL{
-		Scheme: "http",
-		Host:   addr.String(),
-		Path:   websvc.PathV1SettingsAll,
-	}
-
-	body := httpGet(t, u, http.StatusOK)
-	resp := &websvc.RespGetV1SettingsAll{}
-	err = json.Unmarshal(body, resp)
-	require.NoError(t, err)
-
-	assert.Equal(t, wantDNS, resp.DNS)
-	assert.Equal(t, wantWeb, resp.HTTP)
-}

internal/next/websvc/system.go

@@ -1,35 +0,0 @@
-package websvc
-
-import (
-	"net/http"
-	"runtime"
-
-	"github.com/AdguardTeam/AdGuardHome/internal/version"
-)
-
-// System Handlers
-
-// RespGetV1SystemInfo describes the response of the GET /api/v1/system/info
-// HTTP API.
-type RespGetV1SystemInfo struct {
-	Arch       string   `json:"arch"`
-	Channel    string   `json:"channel"`
-	OS         string   `json:"os"`
-	NewVersion string   `json:"new_version,omitempty"`
-	Start      JSONTime `json:"start"`
-	Version    string   `json:"version"`
-}
-
-// handleGetV1SystemInfo is the handler for the GET /api/v1/system/info HTTP
-// API.
-func (svc *Service) handleGetV1SystemInfo(w http.ResponseWriter, r *http.Request) {
-	writeJSONOKResponse(w, r, &RespGetV1SystemInfo{
-		Arch:    runtime.GOARCH,
-		Channel: version.Channel(),
-		OS:      runtime.GOOS,
-		// TODO(a.garipov): Fill this when we have an updater.
-		NewVersion: "",
-		Start:      JSONTime(svc.start),
-		Version:    version.Version(),
-	})
-}

internal/next/websvc/system_test.go

@@ -1,37 +0,0 @@
-package websvc_test
-
-import (
-	"encoding/json"
-	"net/http"
-	"net/url"
-	"runtime"
-	"testing"
-	"time"
-
-	"github.com/AdguardTeam/AdGuardHome/internal/next/websvc"
-	"github.com/stretchr/testify/assert"
-	"github.com/stretchr/testify/require"
-)
-
-func TestService_handleGetV1SystemInfo(t *testing.T) {
-	confMgr := newConfigManager()
-	_, addr := newTestServer(t, confMgr)
-	u := &url.URL{
-		Scheme: "http",
-		Host:   addr.String(),
-		Path:   websvc.PathV1SystemInfo,
-	}
-
-	body := httpGet(t, u, http.StatusOK)
-	resp := &websvc.RespGetV1SystemInfo{}
-	err := json.Unmarshal(body, resp)
-	require.NoError(t, err)
-
-	// TODO(a.garipov): Consider making version.Channel and version.Version
-	// testable and test these better.
-	assert.NotEmpty(t, resp.Channel)
-
-	assert.Equal(t, resp.Arch, runtime.GOARCH)
-	assert.Equal(t, resp.OS, runtime.GOOS)
-	assert.Equal(t, testStart, time.Time(resp.Start))
-}

internal/next/websvc/waitlistener.go

@@ -1,31 +0,0 @@
-package websvc
-
-import (
-	"net"
-	"sync"
-)
-
-// Wait Listener
-
-// waitListener is a wrapper around a listener that also calls wg.Done() on the
-// first call to Accept.  It is useful in situations where it is important to
-// catch the precise moment of the first call to Accept, for example when
-// starting an HTTP server.
-//
-// TODO(a.garipov): Move to aghnet?
-type waitListener struct {
-	net.Listener
-
-	firstAcceptWG   *sync.WaitGroup
-	firstAcceptOnce sync.Once
-}
-
-// type check
-var _ net.Listener = (*waitListener)(nil)
-
-// Accept implements the [net.Listener] interface for *waitListener.
-func (l *waitListener) Accept() (conn net.Conn, err error) {
-	l.firstAcceptOnce.Do(l.firstAcceptWG.Done)
-
-	return l.Listener.Accept()
-}

internal/next/websvc/waitlistener_internal_test.go

@@ -1,45 +0,0 @@
-package websvc
-
-import (
-	"net"
-	"sync"
-	"sync/atomic"
-	"testing"
-
-	"github.com/AdguardTeam/AdGuardHome/internal/aghchan"
-	"github.com/AdguardTeam/AdGuardHome/internal/aghtest"
-	"github.com/stretchr/testify/assert"
-)
-
-func TestWaitListener_Accept(t *testing.T) {
-	var accepted atomic.Bool
-	var l net.Listener = &aghtest.Listener{
-		OnAccept: func() (conn net.Conn, err error) {
-			accepted.Store(true)
-
-			return nil, nil
-		},
-		OnAddr:  func() (addr net.Addr) { panic("not implemented") },
-		OnClose: func() (err error) { panic("not implemented") },
-	}
-
-	wg := &sync.WaitGroup{}
-	wg.Add(1)
-
-	done := make(chan struct{})
-	go aghchan.MustReceive(done, testTimeout)
-
-	go func() {
-		var wrapper net.Listener = &waitListener{
-			Listener:      l,
-			firstAcceptWG: wg,
-		}
-
-		_, _ = wrapper.Accept()
-	}()
-
-	wg.Wait()
-	close(done)
-
-	assert.True(t, accepted.Load())
-}

internal/next/websvc/websvc.go

@@ -1,333 +0,0 @@
-// Package websvc contains the AdGuard Home HTTP API service.
-//
-// NOTE: Packages other than cmd must not import this package, as it imports
-// most other packages.
-//
-// TODO(a.garipov): Add tests.
-package websvc
-
-import (
-	"context"
-	"crypto/tls"
-	"fmt"
-	"io"
-	"io/fs"
-	"net"
-	"net/http"
-	"net/netip"
-	"sync"
-	"time"
-
-	"github.com/AdguardTeam/AdGuardHome/internal/next/agh"
-	"github.com/AdguardTeam/AdGuardHome/internal/next/dnssvc"
-	"github.com/AdguardTeam/golibs/errors"
-	"github.com/AdguardTeam/golibs/log"
-	httptreemux "github.com/dimfeld/httptreemux/v5"
-)
-
-// ConfigManager is the configuration manager interface.
-type ConfigManager interface {
-	DNS() (svc agh.ServiceWithConfig[*dnssvc.Config])
-	Web() (svc agh.ServiceWithConfig[*Config])
-
-	UpdateDNS(ctx context.Context, c *dnssvc.Config) (err error)
-	UpdateWeb(ctx context.Context, c *Config) (err error)
-}
-
-// Config is the AdGuard Home web service configuration structure.
-type Config struct {
-	// ConfigManager is used to show information about services as well as
-	// dynamically reconfigure them.
-	ConfigManager ConfigManager
-
-	// Frontend is the filesystem with the frontend and other statically
-	// compiled files.
-	Frontend fs.FS
-
-	// TLS is the optional TLS configuration.  If TLS is not nil,
-	// SecureAddresses must not be empty.
-	TLS *tls.Config
-
-	// Start is the time of start of AdGuard Home.
-	Start time.Time
-
-	// Addresses are the addresses on which to serve the plain HTTP API.
-	Addresses []netip.AddrPort
-
-	// SecureAddresses are the addresses on which to serve the HTTPS API.  If
-	// SecureAddresses is not empty, TLS must not be nil.
-	SecureAddresses []netip.AddrPort
-
-	// Timeout is the timeout for all server operations.
-	Timeout time.Duration
-
-	// ForceHTTPS tells if all requests to Addresses should be redirected to a
-	// secure address instead.
-	//
-	// TODO(a.garipov): Use; define rules, which address to redirect to.
-	ForceHTTPS bool
-}
-
-// Service is the AdGuard Home web service.  A nil *Service is a valid
-// [agh.Service] that does nothing.
-type Service struct {
-	confMgr    ConfigManager
-	frontend   fs.FS
-	tls        *tls.Config
-	start      time.Time
-	servers    []*http.Server
-	timeout    time.Duration
-	forceHTTPS bool
-}
-
-// New returns a new properly initialized *Service.  If c is nil, svc is a nil
-// *Service that does nothing.  The fields of c must not be modified after
-// calling New.
-//
-// TODO(a.garipov): Get rid of this special handling of nil or explain it
-// better.
-func New(c *Config) (svc *Service, err error) {
-	if c == nil {
-		return nil, nil
-	}
-
-	frontend, err := fs.Sub(c.Frontend, "build/static")
-	if err != nil {
-		return nil, fmt.Errorf("frontend fs: %w", err)
-	}
-
-	svc = &Service{
-		confMgr:    c.ConfigManager,
-		frontend:   frontend,
-		tls:        c.TLS,
-		start:      c.Start,
-		timeout:    c.Timeout,
-		forceHTTPS: c.ForceHTTPS,
-	}
-
-	mux := newMux(svc)
-
-	for _, a := range c.Addresses {
-		addr := a.String()
-		errLog := log.StdLog("websvc: plain http: "+addr, log.ERROR)
-		svc.servers = append(svc.servers, &http.Server{
-			Addr:              addr,
-			Handler:           mux,
-			ErrorLog:          errLog,
-			ReadTimeout:       c.Timeout,
-			WriteTimeout:      c.Timeout,
-			IdleTimeout:       c.Timeout,
-			ReadHeaderTimeout: c.Timeout,
-		})
-	}
-
-	for _, a := range c.SecureAddresses {
-		addr := a.String()
-		errLog := log.StdLog("websvc: https: "+addr, log.ERROR)
-		svc.servers = append(svc.servers, &http.Server{
-			Addr:              addr,
-			Handler:           mux,
-			TLSConfig:         c.TLS,
-			ErrorLog:          errLog,
-			ReadTimeout:       c.Timeout,
-			WriteTimeout:      c.Timeout,
-			IdleTimeout:       c.Timeout,
-			ReadHeaderTimeout: c.Timeout,
-		})
-	}
-
-	return svc, nil
-}
-
-// newMux returns a new HTTP request multiplexer for the AdGuard Home web
-// service.
-func newMux(svc *Service) (mux *httptreemux.ContextMux) {
-	mux = httptreemux.NewContextMux()
-
-	routes := []struct {
-		handler http.HandlerFunc
-		method  string
-		pattern string
-		isJSON  bool
-	}{{
-		handler: svc.handleGetHealthCheck,
-		method:  http.MethodGet,
-		pattern: PathHealthCheck,
-		isJSON:  false,
-	}, {
-		handler: http.FileServer(http.FS(svc.frontend)).ServeHTTP,
-		method:  http.MethodGet,
-		pattern: PathFrontend,
-		isJSON:  false,
-	}, {
-		handler: http.FileServer(http.FS(svc.frontend)).ServeHTTP,
-		method:  http.MethodGet,
-		pattern: PathRoot,
-		isJSON:  false,
-	}, {
-		handler: svc.handleGetSettingsAll,
-		method:  http.MethodGet,
-		pattern: PathV1SettingsAll,
-		isJSON:  true,
-	}, {
-		handler: svc.handlePatchSettingsDNS,
-		method:  http.MethodPatch,
-		pattern: PathV1SettingsDNS,
-		isJSON:  true,
-	}, {
-		handler: svc.handlePatchSettingsHTTP,
-		method:  http.MethodPatch,
-		pattern: PathV1SettingsHTTP,
-		isJSON:  true,
-	}, {
-		handler: svc.handleGetV1SystemInfo,
-		method:  http.MethodGet,
-		pattern: PathV1SystemInfo,
-		isJSON:  true,
-	}}
-
-	for _, r := range routes {
-		var hdlr http.Handler
-		if r.isJSON {
-			hdlr = jsonMw(r.handler)
-		} else {
-			hdlr = r.handler
-		}
-
-		mux.Handle(r.method, r.pattern, logMw(hdlr))
-	}
-
-	return mux
-}
-
-// addrs returns all addresses on which this server serves the HTTP API.  addrs
-// must not be called simultaneously with Start.  If svc was initialized with
-// ":0" addresses, addrs will not return the actual bound ports until Start is
-// finished.
-func (svc *Service) addrs() (addrs, secureAddrs []netip.AddrPort) {
-	for _, srv := range svc.servers {
-		addrPort, err := netip.ParseAddrPort(srv.Addr)
-		if err != nil {
-			// Technically shouldn't happen, since all servers must have a valid
-			// address.
-			panic(fmt.Errorf("websvc: server %q: bad address: %w", srv.Addr, err))
-		}
-
-		// srv.Serve will set TLSConfig to an almost empty value, so, instead of
-		// relying only on the nilness of TLSConfig, check the length of the
-		// certificates field as well.
-		if srv.TLSConfig == nil || len(srv.TLSConfig.Certificates) == 0 {
-			addrs = append(addrs, addrPort)
-		} else {
-			secureAddrs = append(secureAddrs, addrPort)
-		}
-
-	}
-
-	return addrs, secureAddrs
-}
-
-// handleGetHealthCheck is the handler for the GET /health-check HTTP API.
-func (svc *Service) handleGetHealthCheck(w http.ResponseWriter, _ *http.Request) {
-	_, _ = io.WriteString(w, "OK")
-}
-
-// type check
-var _ agh.Service = (*Service)(nil)
-
-// Start implements the [agh.Service] interface for *Service.  svc may be nil.
-// After Start exits, all HTTP servers have tried to start, possibly failing and
-// writing error messages to the log.
-func (svc *Service) Start() (err error) {
-	if svc == nil {
-		return nil
-	}
-
-	wg := &sync.WaitGroup{}
-	wg.Add(len(svc.servers))
-	for _, srv := range svc.servers {
-		go serve(srv, wg)
-	}
-
-	wg.Wait()
-
-	return nil
-}
-
-// serve starts and runs srv and writes all errors into its log.
-func serve(srv *http.Server, wg *sync.WaitGroup) {
-	addr := srv.Addr
-	defer log.OnPanic(addr)
-
-	var proto string
-	var l net.Listener
-	var err error
-	if srv.TLSConfig == nil {
-		proto = "http"
-		l, err = net.Listen("tcp", addr)
-	} else {
-		proto = "https"
-		l, err = tls.Listen("tcp", addr, srv.TLSConfig)
-	}
-	if err != nil {
-		srv.ErrorLog.Printf("starting srv %s: binding: %s", addr, err)
-	}
-
-	// Update the server's address in case the address had the port zero, which
-	// would mean that a random available port was automatically chosen.
-	srv.Addr = l.Addr().String()
-
-	log.Info("websvc: starting srv %s://%s", proto, srv.Addr)
-
-	l = &waitListener{
-		Listener:      l,
-		firstAcceptWG: wg,
-	}
-
-	err = srv.Serve(l)
-	if err != nil && !errors.Is(err, http.ErrServerClosed) {
-		srv.ErrorLog.Printf("starting srv %s: %s", addr, err)
-	}
-}
-
-// Shutdown implements the [agh.Service] interface for *Service.  svc may be
-// nil.
-func (svc *Service) Shutdown(ctx context.Context) (err error) {
-	if svc == nil {
-		return nil
-	}
-
-	var errs []error
-	for _, srv := range svc.servers {
-		serr := srv.Shutdown(ctx)
-		if serr != nil {
-			errs = append(errs, fmt.Errorf("shutting down srv %s: %w", srv.Addr, serr))
-		}
-	}
-
-	if len(errs) > 0 {
-		return errors.List("shutting down", errs...)
-	}
-
-	return nil
-}
-
-// Config returns the current configuration of the web service.  Config must not
-// be called simultaneously with Start.  If svc was initialized with ":0"
-// addresses, addrs will not return the actual bound ports until Start is
-// finished.
-func (svc *Service) Config() (c *Config) {
-	c = &Config{
-		ConfigManager: svc.confMgr,
-		TLS:           svc.tls,
-		// Leave Addresses and SecureAddresses empty and get the actual
-		// addresses that include the :0 ones later.
-		Start:      svc.start,
-		Timeout:    svc.timeout,
-		ForceHTTPS: svc.forceHTTPS,
-	}
-
-	c.Addresses, c.SecureAddresses = svc.addrs()
-
-	return c
-}

internal/next/websvc/websvc_internal_test.go

@@ -1,6 +0,0 @@
-package websvc
-
-import "time"
-
-// testTimeout is the common timeout for tests.
-const testTimeout = 1 * time.Second

internal/next/websvc/websvc_test.go

@@ -1,193 +0,0 @@
-package websvc_test
-
-import (
-	"bytes"
-	"context"
-	"encoding/json"
-	"io"
-	"io/fs"
-	"net/http"
-	"net/netip"
-	"net/url"
-	"testing"
-	"time"
-
-	"github.com/AdguardTeam/AdGuardHome/internal/aghtest"
-	"github.com/AdguardTeam/AdGuardHome/internal/next/agh"
-	"github.com/AdguardTeam/AdGuardHome/internal/next/dnssvc"
-	"github.com/AdguardTeam/AdGuardHome/internal/next/websvc"
-	"github.com/AdguardTeam/golibs/testutil"
-	"github.com/stretchr/testify/assert"
-	"github.com/stretchr/testify/require"
-)
-
-func TestMain(m *testing.M) {
-	testutil.DiscardLogOutput(m)
-}
-
-// testTimeout is the common timeout for tests.
-const testTimeout = 1 * time.Second
-
-// testStart is the server start value for tests.
-var testStart = time.Date(2022, 1, 1, 0, 0, 0, 0, time.UTC)
-
-// type check
-var _ websvc.ConfigManager = (*configManager)(nil)
-
-// configManager is a [websvc.ConfigManager] for tests.
-type configManager struct {
-	onDNS func() (svc agh.ServiceWithConfig[*dnssvc.Config])
-	onWeb func() (svc agh.ServiceWithConfig[*websvc.Config])
-
-	onUpdateDNS func(ctx context.Context, c *dnssvc.Config) (err error)
-	onUpdateWeb func(ctx context.Context, c *websvc.Config) (err error)
-}
-
-// DNS implements the [websvc.ConfigManager] interface for *configManager.
-func (m *configManager) DNS() (svc agh.ServiceWithConfig[*dnssvc.Config]) {
-	return m.onDNS()
-}
-
-// Web implements the [websvc.ConfigManager] interface for *configManager.
-func (m *configManager) Web() (svc agh.ServiceWithConfig[*websvc.Config]) {
-	return m.onWeb()
-}
-
-// UpdateDNS implements the [websvc.ConfigManager] interface for *configManager.
-func (m *configManager) UpdateDNS(ctx context.Context, c *dnssvc.Config) (err error) {
-	return m.onUpdateDNS(ctx, c)
-}
-
-// UpdateWeb implements the [websvc.ConfigManager] interface for *configManager.
-func (m *configManager) UpdateWeb(ctx context.Context, c *websvc.Config) (err error) {
-	return m.onUpdateWeb(ctx, c)
-}
-
-// newConfigManager returns a *configManager all methods of which panic.
-func newConfigManager() (m *configManager) {
-	return &configManager{
-		onDNS: func() (svc agh.ServiceWithConfig[*dnssvc.Config]) { panic("not implemented") },
-		onWeb: func() (svc agh.ServiceWithConfig[*websvc.Config]) { panic("not implemented") },
-		onUpdateDNS: func(_ context.Context, _ *dnssvc.Config) (err error) {
-			panic("not implemented")
-		},
-		onUpdateWeb: func(_ context.Context, _ *websvc.Config) (err error) {
-			panic("not implemented")
-		},
-	}
-}
-
-// newTestServer creates and starts a new web service instance as well as its
-// sole address.  It also registers a cleanup procedure, which shuts the
-// instance down.
-//
-// TODO(a.garipov): Use svc or remove it.
-func newTestServer(
-	t testing.TB,
-	confMgr websvc.ConfigManager,
-) (svc *websvc.Service, addr netip.AddrPort) {
-	t.Helper()
-
-	c := &websvc.Config{
-		ConfigManager: confMgr,
-		Frontend: &aghtest.FS{
-			OnOpen: func(_ string) (_ fs.File, _ error) { return nil, fs.ErrNotExist },
-		},
-		TLS:             nil,
-		Addresses:       []netip.AddrPort{netip.MustParseAddrPort("127.0.0.1:0")},
-		SecureAddresses: nil,
-		Timeout:         testTimeout,
-		Start:           testStart,
-		ForceHTTPS:      false,
-	}
-
-	svc, err := websvc.New(c)
-	require.NoError(t, err)
-
-	err = svc.Start()
-	require.NoError(t, err)
-	t.Cleanup(func() {
-		ctx, cancel := context.WithTimeout(context.Background(), testTimeout)
-		t.Cleanup(cancel)
-
-		err = svc.Shutdown(ctx)
-		require.NoError(t, err)
-	})
-
-	c = svc.Config()
-	require.NotNil(t, c)
-	require.Len(t, c.Addresses, 1)
-
-	return svc, c.Addresses[0]
-}
-
-// jobj is a utility alias for JSON objects.
-type jobj map[string]any
-
-// httpGet is a helper that performs an HTTP GET request and returns the body of
-// the response as well as checks that the status code is correct.
-//
-// TODO(a.garipov): Add helpers for other methods.
-func httpGet(t testing.TB, u *url.URL, wantCode int) (body []byte) {
-	t.Helper()
-
-	req, err := http.NewRequest(http.MethodGet, u.String(), nil)
-	require.NoErrorf(t, err, "creating req")
-
-	httpCli := &http.Client{
-		Timeout: testTimeout,
-	}
-	resp, err := httpCli.Do(req)
-	require.NoErrorf(t, err, "performing req")
-	require.Equal(t, wantCode, resp.StatusCode)
-
-	testutil.CleanupAndRequireSuccess(t, resp.Body.Close)
-
-	body, err = io.ReadAll(resp.Body)
-	require.NoErrorf(t, err, "reading body")
-
-	return body
-}
-
-// httpPatch is a helper that performs an HTTP PATCH request with JSON-encoded
-// reqBody as the request body and returns the body of the response as well as
-// checks that the status code is correct.
-//
-// TODO(a.garipov): Add helpers for other methods.
-func httpPatch(t testing.TB, u *url.URL, reqBody any, wantCode int) (body []byte) {
-	t.Helper()
-
-	b, err := json.Marshal(reqBody)
-	require.NoErrorf(t, err, "marshaling reqBody")
-
-	req, err := http.NewRequest(http.MethodPatch, u.String(), bytes.NewReader(b))
-	require.NoErrorf(t, err, "creating req")
-
-	httpCli := &http.Client{
-		Timeout: testTimeout,
-	}
-	resp, err := httpCli.Do(req)
-	require.NoErrorf(t, err, "performing req")
-	require.Equal(t, wantCode, resp.StatusCode)
-
-	testutil.CleanupAndRequireSuccess(t, resp.Body.Close)
-
-	body, err = io.ReadAll(resp.Body)
-	require.NoErrorf(t, err, "reading body")
-
-	return body
-}
-
-func TestService_Start_getHealthCheck(t *testing.T) {
-	confMgr := newConfigManager()
-	_, addr := newTestServer(t, confMgr)
-	u := &url.URL{
-		Scheme: "http",
-		Host:   addr.String(),
-		Path:   websvc.PathHealthCheck,
-	}
-
-	body := httpGet(t, u, http.StatusOK)
-
-	assert.Equal(t, []byte("OK"), body)
-}

internal/querylog/client.go

@@ -1,15 +1,23 @@
 package querylog
 
-import "github.com/AdguardTeam/AdGuardHome/internal/whois"
-
 // Client is the information required by the query log to match against clients
 // during searches.
 type Client struct {
-	WHOIS          *whois.Info `json:"whois,omitempty"`
-	Name           string      `json:"name"`
-	DisallowedRule string      `json:"disallowed_rule"`
-	Disallowed     bool        `json:"disallowed"`
-	IgnoreQueryLog bool        `json:"-"`
+	WHOIS          *ClientWHOIS `json:"whois,omitempty"`
+	Name           string       `json:"name"`
+	DisallowedRule string       `json:"disallowed_rule"`
+	Disallowed     bool         `json:"disallowed"`
+	IgnoreQueryLog bool         `json:"-"`
+}
+
+// ClientWHOIS is the filtered WHOIS data for the client.
+//
+// TODO(a.garipov): Merge with home.RuntimeClientWHOISInfo after the
+// refactoring is done.
+type ClientWHOIS struct {
+	City    string `json:"city,omitempty"`
+	Country string `json:"country,omitempty"`
+	Orgname string `json:"orgname,omitempty"`
 }
 
 // clientCacheKey is the key by which a cached client information is found.

internal/querylog/csv.go

@@ -1,108 +0,0 @@
-package querylog
-
-import (
-	"strconv"
-	"strings"
-	"time"
-
-	"github.com/AdguardTeam/golibs/log"
-	"github.com/miekg/dns"
-)
-
-// csvRow is an alias type for csv rows.
-type csvRow = [18]string
-
-// csvHeaderRow is a slice of strings with column names for CSV header row.
-var csvHeaderRow = csvRow{
-	"ans_dnssec",
-	"ans_rcode",
-	"ans_type",
-	"ans_value",
-	"cached",
-	"client_ip",
-	"client_id",
-	"ecs",
-	"elapsed",
-	"filter_id",
-	"filter_rule",
-	"proto",
-	"qclass",
-	"qname",
-	"qtype",
-	"reason",
-	"time",
-	"upstream",
-}
-
-// toCSV returns a slice of strings with entry fields according to the
-// csvHeaderRow slice.
-func (e *logEntry) toCSV() (out *csvRow) {
-	var filterID, filterRule string
-
-	if e.Result.IsFiltered && len(e.Result.Rules) > 0 {
-		rule := e.Result.Rules[0]
-		filterID = strconv.FormatInt(rule.FilterListID, 10)
-		filterRule = rule.Text
-	}
-
-	aData := ansData(e)
-
-	return &csvRow{
-		strconv.FormatBool(e.AuthenticatedData),
-		aData.rCode,
-		aData.typ,
-		aData.value,
-		strconv.FormatBool(e.Cached),
-		e.IP.String(),
-		e.ClientID,
-		e.ReqECS,
-		strconv.FormatFloat(e.Elapsed.Seconds()*1000, 'f', -1, 64),
-		filterID,
-		filterRule,
-		string(e.ClientProto),
-		e.QClass,
-		e.QHost,
-		e.QType,
-		e.Result.Reason.String(),
-		e.Time.Format(time.RFC3339Nano),
-		e.Upstream,
-	}
-}
-
-// csvAnswer is a helper struct for csv row answer fields.
-type csvAnswer struct {
-	rCode string
-	typ   string
-	value string
-}
-
-// ansData returns a map with message answer data.
-func ansData(entry *logEntry) (out csvAnswer) {
-	if len(entry.Answer) == 0 {
-		return out
-	}
-
-	msg := &dns.Msg{}
-	if err := msg.Unpack(entry.Answer); err != nil {
-		log.Debug("querylog: failed to unpack dns msg answer: %v: %s", entry.Answer, err)
-
-		return out
-	}
-
-	out.rCode = dns.RcodeToString[msg.Rcode]
-
-	if len(msg.Answer) == 0 {
-		return out
-	}
-
-	rr := msg.Answer[0]
-	header := rr.Header()
-
-	out.typ = dns.TypeToString[header.Rrtype]
-
-	// Remove the header string from the answer value since it's mostly
-	// unnecessary in the log.
-	out.value = strings.TrimPrefix(rr.String(), header.String())
-
-	return out
-}

internal/querylog/csv_test.go

@@ -1,73 +0,0 @@
-package querylog
-
-import (
-	"net"
-	"testing"
-	"time"
-
-	"github.com/AdguardTeam/AdGuardHome/internal/filtering"
-	"github.com/miekg/dns"
-	"github.com/stretchr/testify/assert"
-	"github.com/stretchr/testify/require"
-)
-
-var testDate = time.Date(2022, 1, 1, 0, 0, 0, 0, time.UTC)
-
-func TestLogEntry_toCSV(t *testing.T) {
-	ans, err := dns.NewRR("www.example.org. IN A 127.0.0.1")
-	require.NoError(t, err)
-
-	ansBytes, err := (&dns.Msg{Answer: []dns.RR{ans}}).Pack()
-	require.NoError(t, err)
-
-	testCases := []struct {
-		entry *logEntry
-		want  *csvRow
-		name  string
-	}{{
-		name: "simple",
-		entry: &logEntry{
-			Time:              testDate,
-			QHost:             "test.host",
-			QType:             "A",
-			QClass:            "IN",
-			ReqECS:            "",
-			ClientID:          "test-client-id",
-			ClientProto:       ClientProtoDoH,
-			Upstream:          "https://test.upstream:443/dns-query",
-			Answer:            ansBytes,
-			OrigAnswer:        nil,
-			IP:                net.IP{1, 2, 3, 4},
-			Result:            filtering.Result{},
-			Elapsed:           500 * time.Millisecond,
-			Cached:            false,
-			AuthenticatedData: false,
-		},
-		want: &[18]string{
-			"false",
-			"NOERROR",
-			"A",
-			"127.0.0.1",
-			"false",
-			"1.2.3.4",
-			"test-client-id",
-			"",
-			"500",
-			"",
-			"",
-			"doh",
-			"IN",
-			"test.host",
-			"A",
-			"NotFilteredNotFound",
-			"2022-01-01T00:00:00Z",
-			"https://test.upstream:443/dns-query",
-		},
-	}}
-
-	for _, tc := range testCases {
-		t.Run(tc.name, func(t *testing.T) {
-			assert.Equal(t, tc.want, tc.entry.toCSV())
-		})
-	}
-}

internal/querylog/http.go

@@ -1,7 +1,6 @@
 package querylog
 
 import (
-	"encoding/csv"
 	"encoding/json"
 	"fmt"
 	"math"
@@ -15,7 +14,6 @@ import (
 	"github.com/AdguardTeam/AdGuardHome/internal/aghalg"
 	"github.com/AdguardTeam/AdGuardHome/internal/aghhttp"
 	"github.com/AdguardTeam/AdGuardHome/internal/aghnet"
-	"github.com/AdguardTeam/golibs/httphdr"
 	"github.com/AdguardTeam/golibs/log"
 	"github.com/AdguardTeam/golibs/stringutil"
 	"github.com/AdguardTeam/golibs/timeutil"
@@ -64,7 +62,6 @@ func (l *queryLog) initWeb() {
 	l.conf.HTTPRegister(http.MethodGet, "/control/querylog", l.handleQueryLog)
 	l.conf.HTTPRegister(http.MethodPost, "/control/querylog_clear", l.handleQueryLogClear)
 	l.conf.HTTPRegister(http.MethodGet, "/control/querylog/config", l.handleGetQueryLogConfig)
-	l.conf.HTTPRegister(http.MethodGet, "/control/querylog/export", l.handleQueryLogExport)
 	l.conf.HTTPRegister(
 		http.MethodPut,
 		"/control/querylog/config/update",
@@ -99,73 +96,6 @@ func (l *queryLog) handleQueryLog(w http.ResponseWriter, r *http.Request) {
 	_ = aghhttp.WriteJSONResponse(w, r, resp)
 }
 
-// exportChunkSize is a size of one search-flush iteration for query log export.
-//
-// TODO(a.meshkov): Consider making configurable.
-const exportChunkSize = 500
-
-// handleQueryLogExport is the handler for the GET /control/querylog/export
-// HTTP API.
-func (l *queryLog) handleQueryLogExport(w http.ResponseWriter, r *http.Request) {
-	searchCriteria, err := parseSearchCriteria(r.URL.Query())
-	if err != nil {
-		aghhttp.Error(r, w, http.StatusBadRequest, "parsing params: %s", err)
-
-		return
-	}
-
-	params := &searchParams{
-		limit:          exportChunkSize,
-		searchCriteria: searchCriteria,
-	}
-
-	w.Header().Set(httphdr.ContentType, "text/csv; charset=UTF-8; header=present")
-	w.Header().Set(httphdr.ContentDisposition, "attachment;filename=data.csv")
-
-	csvWriter := csv.NewWriter(w)
-
-	// Write header.
-	if err = csvWriter.Write(csvHeaderRow[:]); err != nil {
-		http.Error(w, "writing csv header", http.StatusInternalServerError)
-
-		return
-	}
-	csvWriter.Flush()
-
-	var entries []*logEntry
-	for {
-		func() {
-			l.confMu.RLock()
-			defer l.confMu.RUnlock()
-
-			entries, _ = l.search(params)
-		}()
-
-		if len(entries) == 0 {
-			break
-		}
-
-		params.offset += params.limit
-
-		for _, entry := range entries {
-			row := entry.toCSV()
-			if err = csvWriter.Write(row[:]); err != nil {
-				// TODO(a.garipov): Set Trailer X-Error header.
-				log.Error("%s %s %s: %s: %s", r.Method, r.Host, r.URL, "writing csv record", err)
-
-				return
-			}
-		}
-
-		csvWriter.Flush()
-	}
-
-	if err = csvWriter.Error(); err != nil {
-		// TODO(a.garipov): Set Trailer X-Error header.
-		log.Error("%s %s %s: %s: %s", r.Method, r.Host, r.URL, "writing csv", err)
-	}
-}
-
 // handleQueryLogClear is the handler for the POST /control/querylog/clear HTTP
 // API.
 func (l *queryLog) handleQueryLogClear(_ http.ResponseWriter, _ *http.Request) {
@@ -430,17 +360,6 @@ func parseSearchParams(r *http.Request) (p *searchParams, err error) {
 		p.maxFileScanEntries = 0
 	}
 
-	p.searchCriteria, err = parseSearchCriteria(q)
-	if err != nil {
-		// Don't wrap the error, because it's informative enough as is.
-		return nil, err
-	}
-
-	return p, nil
-}
-
-// parseSearchCriteria parses a list of search criteria from the query.
-func parseSearchCriteria(q url.Values) (searchCriteria []searchCriterion, err error) {
 	for _, v := range []struct {
 		urlField string
 		ct       criterionType
@@ -459,9 +378,9 @@ func parseSearchCriteria(q url.Values) (searchCriteria []searchCriterion, err er
 		}
 
 		if ok {
-			searchCriteria = append(searchCriteria, c)
+			p.searchCriteria = append(p.searchCriteria, c)
 		}
 	}
 
-	return searchCriteria, nil
+	return p, nil
 }

internal/querylog/qlog.go

@@ -161,15 +161,12 @@ func (l *queryLog) clear() {
 // newLogEntry creates an instance of logEntry from parameters.
 func newLogEntry(params *AddParams) (entry *logEntry) {
 	q := params.Question.Question[0]
-	qHost := q.Name
-	if qHost != "." {
-		qHost = strings.ToLower(q.Name[:len(q.Name)-1])
-	}
 
 	entry = &logEntry{
 		// TODO(d.kolyshev): Export this timestamp to func params.
-		Time:   time.Now(),
-		QHost:  qHost,
+		Time: time.Now(),
+
+		QHost:  strings.ToLower(q.Name[:len(q.Name)-1]),
 		QType:  dns.Type(q.Qtype).String(),
 		QClass: dns.Class(q.Qclass).String(),
 

internal/querylog/qlog_test.go

@@ -43,7 +43,6 @@ func TestQueryLog(t *testing.T) {
 	// Add memory entries.
 	addEntry(l, "test.example.org", net.IPv4(1, 1, 1, 3), net.IPv4(2, 2, 2, 3))
 	addEntry(l, "example.com", net.IPv4(1, 1, 1, 4), net.IPv4(2, 2, 2, 4))
-	addEntry(l, "", net.IPv4(1, 1, 1, 5), net.IPv4(2, 2, 2, 5))
 
 	type tcAssertion struct {
 		host   string
@@ -60,11 +59,10 @@ func TestQueryLog(t *testing.T) {
 		name: "all",
 		sCr:  []searchCriterion{},
 		want: []tcAssertion{
-			{num: 0, host: ".", answer: net.IPv4(1, 1, 1, 5), client: net.IPv4(2, 2, 2, 5)},
-			{num: 1, host: "example.com", answer: net.IPv4(1, 1, 1, 4), client: net.IPv4(2, 2, 2, 4)},
-			{num: 2, host: "test.example.org", answer: net.IPv4(1, 1, 1, 3), client: net.IPv4(2, 2, 2, 3)},
-			{num: 3, host: "example.org", answer: net.IPv4(1, 1, 1, 2), client: net.IPv4(2, 2, 2, 2)},
-			{num: 4, host: "example.org", answer: net.IPv4(1, 1, 1, 1), client: net.IPv4(2, 2, 2, 1)},
+			{num: 0, host: "example.com", answer: net.IPv4(1, 1, 1, 4), client: net.IPv4(2, 2, 2, 4)},
+			{num: 1, host: "test.example.org", answer: net.IPv4(1, 1, 1, 3), client: net.IPv4(2, 2, 2, 3)},
+			{num: 2, host: "example.org", answer: net.IPv4(1, 1, 1, 2), client: net.IPv4(2, 2, 2, 2)},
+			{num: 3, host: "example.org", answer: net.IPv4(1, 1, 1, 1), client: net.IPv4(2, 2, 2, 1)},
 		},
 	}, {
 		name: "by_domain_strict",
@@ -106,11 +104,10 @@ func TestQueryLog(t *testing.T) {
 			value:         "2.2.2",
 		}},
 		want: []tcAssertion{
-			{num: 0, host: ".", answer: net.IPv4(1, 1, 1, 5), client: net.IPv4(2, 2, 2, 5)},
-			{num: 1, host: "example.com", answer: net.IPv4(1, 1, 1, 4), client: net.IPv4(2, 2, 2, 4)},
-			{num: 2, host: "test.example.org", answer: net.IPv4(1, 1, 1, 3), client: net.IPv4(2, 2, 2, 3)},
-			{num: 3, host: "example.org", answer: net.IPv4(1, 1, 1, 2), client: net.IPv4(2, 2, 2, 2)},
-			{num: 4, host: "example.org", answer: net.IPv4(1, 1, 1, 1), client: net.IPv4(2, 2, 2, 1)},
+			{num: 0, host: "example.com", answer: net.IPv4(1, 1, 1, 4), client: net.IPv4(2, 2, 2, 4)},
+			{num: 1, host: "test.example.org", answer: net.IPv4(1, 1, 1, 3), client: net.IPv4(2, 2, 2, 3)},
+			{num: 2, host: "example.org", answer: net.IPv4(1, 1, 1, 2), client: net.IPv4(2, 2, 2, 2)},
+			{num: 3, host: "example.org", answer: net.IPv4(1, 1, 1, 1), client: net.IPv4(2, 2, 2, 1)},
 		},
 	}}
 

internal/querylog/search_test.go

@@ -93,67 +93,3 @@ func TestQueryLog_Search_findClient(t *testing.T) {
 
 	assert.Equal(t, knownClientName, gotClient.Name)
 }
-
-// BenchmarkQueryLog_Search compares the speed of search with limit-offset
-// parameters and the one with oldenThan timestamp specified.
-func BenchmarkQueryLog_Search(b *testing.B) {
-	l, err := newQueryLog(Config{
-		Enabled:     true,
-		RotationIvl: timeutil.Day,
-		MemSize:     100,
-		BaseDir:     b.TempDir(),
-	})
-	require.NoError(b, err)
-
-	const (
-		entNum           = 100000
-		firstPageDomain  = "first.example.org"
-		secondPageDomain = "second.example.org"
-	)
-	// Add entries to the log.
-	for i := 0; i < entNum; i++ {
-		addEntry(l, secondPageDomain, net.IPv4(1, 1, 1, 1), net.IPv4(2, 2, 2, 1))
-	}
-	// Write them to the first file.
-	require.NoError(b, l.flushLogBuffer())
-
-	// Add more to the in-memory part of log.
-	for i := 0; i < entNum; i++ {
-		addEntry(l, firstPageDomain, net.IPv4(1, 1, 1, 1), net.IPv4(2, 2, 2, 1))
-	}
-
-	b.Run("limit_offset", func(b *testing.B) {
-		params := newSearchParams()
-
-		b.ReportAllocs()
-
-		for i := 0; i < b.N; i++ {
-			params.offset += params.limit
-			_, _ = l.search(params)
-		}
-	})
-
-	b.Run("timestamp", func(b *testing.B) {
-		params := newSearchParams()
-		params.olderThan = time.Now().Add(-1 * time.Hour)
-
-		b.ReportAllocs()
-
-		for i := 0; i < b.N; i++ {
-			params.olderThan = params.olderThan.Add(1 * time.Minute)
-			_, _ = l.search(params)
-		}
-	})
-
-	// Most recent result, on a MBP15:
-	//
-	// goos: darwin
-	// goarch: amd64
-	// pkg: github.com/AdguardTeam/AdGuardHome/internal/querylog
-	// cpu: Intel(R) Core(TM) i7-8750H CPU @ 2.20GHz
-	// BenchmarkQueryLog_Search
-	// BenchmarkQueryLog_Search/limit_offset
-	// BenchmarkQueryLog_Search/limit_offset-12         	     547	   2066079 ns/op	 2325019 B/op	   26633 allocs/op
-	// BenchmarkQueryLog_Search/timestamp
-	// BenchmarkQueryLog_Search/timestamp-12            	    1303	   2028888 ns/op	 2219337 B/op	   25194 allocs/op
-}

internal/schedule/schedule.go

@@ -1,220 +0,0 @@
-// Package schedule provides types for scheduling.
-package schedule
-
-import (
-	"fmt"
-	"time"
-
-	"github.com/AdguardTeam/golibs/errors"
-	"github.com/AdguardTeam/golibs/timeutil"
-	"gopkg.in/yaml.v3"
-)
-
-// Weekly is a schedule for one week.  Each day of the week has one range with
-// a beginning and an end.
-type Weekly struct {
-	// location is used to calculate the offsets of the day ranges.
-	location *time.Location
-
-	// days are the day ranges of this schedule.  The indexes of this array are
-	// the [time.Weekday] values.
-	days [7]dayRange
-}
-
-// EmptyWeekly creates empty weekly schedule with local time zone.
-func EmptyWeekly() (w *Weekly) {
-	return &Weekly{
-		location: time.Local,
-	}
-}
-
-// Contains returns true if t is within the corresponding day range of the
-// schedule in the schedule's time zone.
-func (w *Weekly) Contains(t time.Time) (ok bool) {
-	t = t.In(w.location)
-	wd := t.Weekday()
-	dr := w.days[wd]
-
-	// Calculate the offset of the day range.
-	//
-	// NOTE: Do not use [time.Truncate] since it requires UTC time zone.
-	y, m, d := t.Date()
-	day := time.Date(y, m, d, 0, 0, 0, 0, w.location)
-	offset := t.Sub(day)
-
-	return dr.contains(offset)
-}
-
-// type check
-var _ yaml.Unmarshaler = (*Weekly)(nil)
-
-// UnmarshalYAML implements the [yaml.Unmarshaler] interface for *Weekly.
-func (w *Weekly) UnmarshalYAML(value *yaml.Node) (err error) {
-	conf := &weeklyConfig{}
-
-	err = value.Decode(conf)
-	if err != nil {
-		// Don't wrap the error since it's informative enough as is.
-		return err
-	}
-
-	weekly := Weekly{}
-
-	weekly.location, err = time.LoadLocation(conf.TimeZone)
-	if err != nil {
-		// Don't wrap the error since it's informative enough as is.
-		return err
-	}
-
-	days := []dayConfig{
-		time.Sunday:    conf.Sunday,
-		time.Monday:    conf.Monday,
-		time.Tuesday:   conf.Tuesday,
-		time.Wednesday: conf.Wednesday,
-		time.Thursday:  conf.Thursday,
-		time.Friday:    conf.Friday,
-		time.Saturday:  conf.Saturday,
-	}
-	for i, d := range days {
-		r := dayRange{
-			start: d.Start.Duration,
-			end:   d.End.Duration,
-		}
-
-		err = w.validate(r)
-		if err != nil {
-			return fmt.Errorf("weekday %s: %w", time.Weekday(i), err)
-		}
-
-		weekly.days[i] = r
-	}
-
-	*w = weekly
-
-	return nil
-}
-
-// weeklyConfig is the YAML configuration structure of Weekly.
-type weeklyConfig struct {
-	// TimeZone is the local time zone.
-	TimeZone string `yaml:"time_zone"`
-
-	// Days of the week.
-
-	Sunday    dayConfig `yaml:"sun,omitempty"`
-	Monday    dayConfig `yaml:"mon,omitempty"`
-	Tuesday   dayConfig `yaml:"tue,omitempty"`
-	Wednesday dayConfig `yaml:"wed,omitempty"`
-	Thursday  dayConfig `yaml:"thu,omitempty"`
-	Friday    dayConfig `yaml:"fri,omitempty"`
-	Saturday  dayConfig `yaml:"sat,omitempty"`
-}
-
-// dayConfig is the YAML configuration structure of dayRange.
-type dayConfig struct {
-	Start timeutil.Duration `yaml:"start"`
-	End   timeutil.Duration `yaml:"end"`
-}
-
-// maxDayRange is the maximum value for day range end.
-const maxDayRange = 24 * time.Hour
-
-// validate returns the day range rounding errors, if any.
-func (w *Weekly) validate(r dayRange) (err error) {
-	defer func() { err = errors.Annotate(err, "bad day range: %w") }()
-
-	err = r.validate()
-	if err != nil {
-		// Don't wrap the error since it's informative enough as is.
-		return err
-	}
-
-	start := r.start.Truncate(time.Minute)
-	end := r.end.Truncate(time.Minute)
-
-	switch {
-	case start != r.start:
-		return fmt.Errorf("start %s isn't rounded to minutes", r.start)
-	case end != r.end:
-		return fmt.Errorf("end %s isn't rounded to minutes", r.end)
-	default:
-		return nil
-	}
-}
-
-// type check
-var _ yaml.Marshaler = (*Weekly)(nil)
-
-// MarshalYAML implements the [yaml.Marshaler] interface for *Weekly.
-func (w *Weekly) MarshalYAML() (v any, err error) {
-	return weeklyConfig{
-		TimeZone: w.location.String(),
-		Sunday: dayConfig{
-			Start: timeutil.Duration{Duration: w.days[time.Sunday].start},
-			End:   timeutil.Duration{Duration: w.days[time.Sunday].end},
-		},
-		Monday: dayConfig{
-			Start: timeutil.Duration{Duration: w.days[time.Monday].start},
-			End:   timeutil.Duration{Duration: w.days[time.Monday].end},
-		},
-		Tuesday: dayConfig{
-			Start: timeutil.Duration{Duration: w.days[time.Tuesday].start},
-			End:   timeutil.Duration{Duration: w.days[time.Tuesday].end},
-		},
-		Wednesday: dayConfig{
-			Start: timeutil.Duration{Duration: w.days[time.Wednesday].start},
-			End:   timeutil.Duration{Duration: w.days[time.Wednesday].end},
-		},
-		Thursday: dayConfig{
-			Start: timeutil.Duration{Duration: w.days[time.Thursday].start},
-			End:   timeutil.Duration{Duration: w.days[time.Thursday].end},
-		},
-		Friday: dayConfig{
-			Start: timeutil.Duration{Duration: w.days[time.Friday].start},
-			End:   timeutil.Duration{Duration: w.days[time.Friday].end},
-		},
-		Saturday: dayConfig{
-			Start: timeutil.Duration{Duration: w.days[time.Saturday].start},
-			End:   timeutil.Duration{Duration: w.days[time.Saturday].end},
-		},
-	}, nil
-}
-
-// dayRange represents a single interval within a day.  The interval begins at
-// start and ends before end.  That is, it contains a time point T if start <=
-// T < end.
-type dayRange struct {
-	// start is an offset from the beginning of the day.  It must be greater
-	// than or equal to zero and less than 24h.
-	start time.Duration
-
-	// end is an offset from the beginning of the day.  It must be greater than
-	// or equal to zero and less than or equal to 24h.
-	end time.Duration
-}
-
-// validate returns the day range validation errors, if any.
-func (r dayRange) validate() (err error) {
-	switch {
-	case r == dayRange{}:
-		return nil
-	case r.start < 0:
-		return fmt.Errorf("start %s is negative", r.start)
-	case r.end < 0:
-		return fmt.Errorf("end %s is negative", r.end)
-	case r.start >= r.end:
-		return fmt.Errorf("start %s is greater or equal to end %s", r.start, r.end)
-	case r.start >= maxDayRange:
-		return fmt.Errorf("start %s is greater or equal to %s", r.start, maxDayRange)
-	case r.end > maxDayRange:
-		return fmt.Errorf("end %s is greater than %s", r.end, maxDayRange)
-	default:
-		return nil
-	}
-}
-
-// contains returns true if start <= offset < end, where offset is the time
-// duration from the beginning of the day.
-func (r *dayRange) contains(offset time.Duration) (ok bool) {
-	return r.start <= offset && offset < r.end
-}

internal/schedule/schedule_internal_test.go

@@ -1,371 +0,0 @@
-package schedule
-
-import (
-	"testing"
-	"time"
-
-	"github.com/AdguardTeam/golibs/testutil"
-	"github.com/AdguardTeam/golibs/timeutil"
-	"github.com/stretchr/testify/assert"
-	"github.com/stretchr/testify/require"
-	"gopkg.in/yaml.v3"
-)
-
-func TestWeekly_Contains(t *testing.T) {
-	baseTime := time.Date(2021, 1, 1, 0, 0, 0, 0, time.UTC)
-	otherTime := baseTime.Add(1 * timeutil.Day)
-
-	// NOTE: In the Etc area the sign of the offsets is flipped.  So, Etc/GMT-3
-	// is actually UTC+03:00.
-	otherTZ := time.FixedZone("Etc/GMT-3", 3*60*60)
-
-	// baseSchedule, 12:00 to 14:00.
-	baseSchedule := &Weekly{
-		days: [7]dayRange{
-			time.Friday: {start: 12 * time.Hour, end: 14 * time.Hour},
-		},
-		location: time.UTC,
-	}
-
-	// allDaySchedule, 00:00 to 24:00.
-	allDaySchedule := &Weekly{
-		days: [7]dayRange{
-			time.Friday: {start: 0, end: 24 * time.Hour},
-		},
-		location: time.UTC,
-	}
-
-	// oneMinSchedule, 00:00 to 00:01.
-	oneMinSchedule := &Weekly{
-		days: [7]dayRange{
-			time.Friday: {start: 0, end: 1 * time.Minute},
-		},
-		location: time.UTC,
-	}
-
-	testCases := []struct {
-		schedule *Weekly
-		assert   assert.BoolAssertionFunc
-		t        time.Time
-		name     string
-	}{{
-		schedule: EmptyWeekly(),
-		assert:   assert.False,
-		t:        baseTime,
-		name:     "empty",
-	}, {
-		schedule: allDaySchedule,
-		assert:   assert.True,
-		t:        baseTime,
-		name:     "same_day_all_day",
-	}, {
-		schedule: baseSchedule,
-		assert:   assert.True,
-		t:        baseTime.Add(13 * time.Hour),
-		name:     "same_day_inside",
-	}, {
-		schedule: baseSchedule,
-		assert:   assert.False,
-		t:        baseTime.Add(11 * time.Hour),
-		name:     "same_day_outside",
-	}, {
-		schedule: allDaySchedule,
-		assert:   assert.True,
-		t:        baseTime.Add(24*time.Hour - time.Second),
-		name:     "same_day_last_second",
-	}, {
-		schedule: allDaySchedule,
-		assert:   assert.False,
-		t:        otherTime,
-		name:     "other_day_all_day",
-	}, {
-		schedule: baseSchedule,
-		assert:   assert.False,
-		t:        otherTime.Add(13 * time.Hour),
-		name:     "other_day_inside",
-	}, {
-		schedule: baseSchedule,
-		assert:   assert.False,
-		t:        otherTime.Add(11 * time.Hour),
-		name:     "other_day_outside",
-	}, {
-		schedule: baseSchedule,
-		assert:   assert.True,
-		t:        baseTime.Add(13 * time.Hour).In(otherTZ),
-		name:     "same_day_inside_other_tz",
-	}, {
-		schedule: baseSchedule,
-		assert:   assert.False,
-		t:        baseTime.Add(11 * time.Hour).In(otherTZ),
-		name:     "same_day_outside_other_tz",
-	}, {
-		schedule: oneMinSchedule,
-		assert:   assert.True,
-		t:        baseTime,
-		name:     "one_minute_beginning",
-	}, {
-		schedule: oneMinSchedule,
-		assert:   assert.True,
-		t:        baseTime.Add(1*time.Minute - 1),
-		name:     "one_minute_end",
-	}, {
-		schedule: oneMinSchedule,
-		assert:   assert.False,
-		t:        baseTime.Add(1 * time.Minute),
-		name:     "one_minute_past_end",
-	}}
-
-	for _, tc := range testCases {
-		t.Run(tc.name, func(t *testing.T) {
-			tc.assert(t, tc.schedule.Contains(tc.t))
-		})
-	}
-}
-
-const brusselsSunday = `
-sun:
-    start: 12h
-    end: 14h
-time_zone: Europe/Brussels
-`
-
-func TestWeekly_UnmarshalYAML(t *testing.T) {
-	const (
-		sameTime = `
-sun:
-    start: 9h
-    end: 9h
-`
-		negativeStart = `
-sun:
-    start: -1h
-    end: 1h
-`
-		badTZ = `
-time_zone: "bad_timezone"
-`
-		badYAML = `
-yaml: "bad"
-yaml: "bad"
-`
-	)
-
-	brusseltsTZ, err := time.LoadLocation("Europe/Brussels")
-	require.NoError(t, err)
-
-	brusselsWeekly := &Weekly{
-		days: [7]dayRange{{
-			start: time.Hour * 12,
-			end:   time.Hour * 14,
-		}},
-		location: brusseltsTZ,
-	}
-
-	testCases := []struct {
-		name       string
-		wantErrMsg string
-		data       []byte
-		want       *Weekly
-	}{{
-		name:       "empty",
-		wantErrMsg: "",
-		data:       []byte(""),
-		want:       &Weekly{},
-	}, {
-		name:       "null",
-		wantErrMsg: "",
-		data:       []byte("null"),
-		want:       &Weekly{},
-	}, {
-		name:       "brussels_sunday",
-		wantErrMsg: "",
-		data:       []byte(brusselsSunday),
-		want:       brusselsWeekly,
-	}, {
-		name:       "start_equal_end",
-		wantErrMsg: "weekday Sunday: bad day range: start 9h0m0s is greater or equal to end 9h0m0s",
-		data:       []byte(sameTime),
-		want:       &Weekly{},
-	}, {
-		name:       "start_negative",
-		wantErrMsg: "weekday Sunday: bad day range: start -1h0m0s is negative",
-		data:       []byte(negativeStart),
-		want:       &Weekly{},
-	}, {
-		name:       "bad_time_zone",
-		wantErrMsg: "unknown time zone bad_timezone",
-		data:       []byte(badTZ),
-		want:       &Weekly{},
-	}, {
-		name:       "bad_yaml",
-		wantErrMsg: "yaml: unmarshal errors:\n  line 3: mapping key \"yaml\" already defined at line 2",
-		data:       []byte(badYAML),
-		want:       &Weekly{},
-	}}
-
-	for _, tc := range testCases {
-		t.Run(tc.name, func(t *testing.T) {
-			w := &Weekly{}
-			err = yaml.Unmarshal(tc.data, w)
-			testutil.AssertErrorMsg(t, tc.wantErrMsg, err)
-
-			assert.Equal(t, tc.want, w)
-		})
-	}
-}
-
-func TestWeekly_MarshalYAML(t *testing.T) {
-	brusselsTZ, err := time.LoadLocation("Europe/Brussels")
-	require.NoError(t, err)
-
-	brusselsWeekly := &Weekly{
-		days: [7]dayRange{time.Sunday: {
-			start: time.Hour * 12,
-			end:   time.Hour * 14,
-		}},
-		location: brusselsTZ,
-	}
-
-	testCases := []struct {
-		name string
-		data []byte
-		want *Weekly
-	}{{
-		name: "empty",
-		data: []byte(""),
-		want: &Weekly{},
-	}, {
-		name: "null",
-		data: []byte("null"),
-		want: &Weekly{},
-	}, {
-		name: "brussels_sunday",
-		data: []byte(brusselsSunday),
-		want: brusselsWeekly,
-	}}
-
-	for _, tc := range testCases {
-		t.Run(tc.name, func(t *testing.T) {
-			var data []byte
-			data, err = yaml.Marshal(brusselsWeekly)
-			require.NoError(t, err)
-
-			w := &Weekly{}
-			err = yaml.Unmarshal(data, w)
-			require.NoError(t, err)
-
-			assert.Equal(t, brusselsWeekly, w)
-		})
-	}
-}
-
-func TestWeekly_Validate(t *testing.T) {
-	testCases := []struct {
-		name       string
-		in         dayRange
-		wantErrMsg string
-	}{{
-		name:       "empty",
-		wantErrMsg: "",
-		in:         dayRange{},
-	}, {
-		name:       "start_seconds",
-		wantErrMsg: "bad day range: start 1s isn't rounded to minutes",
-		in: dayRange{
-			start: time.Second,
-			end:   time.Hour,
-		},
-	}, {
-		name:       "end_seconds",
-		wantErrMsg: "bad day range: end 1s isn't rounded to minutes",
-		in: dayRange{
-			start: 0,
-			end:   time.Second,
-		},
-	}}
-
-	for _, tc := range testCases {
-		t.Run(tc.name, func(t *testing.T) {
-			w := &Weekly{}
-			err := w.validate(tc.in)
-
-			testutil.AssertErrorMsg(t, tc.wantErrMsg, err)
-		})
-	}
-}
-
-func TestDayRange_Validate(t *testing.T) {
-	testCases := []struct {
-		name       string
-		in         dayRange
-		wantErrMsg string
-	}{{
-		name:       "empty",
-		wantErrMsg: "",
-		in:         dayRange{},
-	}, {
-		name:       "valid",
-		wantErrMsg: "",
-		in: dayRange{
-			start: time.Hour,
-			end:   time.Hour * 2,
-		},
-	}, {
-		name:       "valid_end_max",
-		wantErrMsg: "",
-		in: dayRange{
-			start: 0,
-			end:   time.Hour * 24,
-		},
-	}, {
-		name:       "start_negative",
-		wantErrMsg: "start -1h0m0s is negative",
-		in: dayRange{
-			start: time.Hour * -1,
-			end:   time.Hour * 2,
-		},
-	}, {
-		name:       "end_negative",
-		wantErrMsg: "end -1h0m0s is negative",
-		in: dayRange{
-			start: 0,
-			end:   time.Hour * -1,
-		},
-	}, {
-		name:       "start_equal_end",
-		wantErrMsg: "start 1h0m0s is greater or equal to end 1h0m0s",
-		in: dayRange{
-			start: time.Hour,
-			end:   time.Hour,
-		},
-	}, {
-		name:       "start_greater_end",
-		wantErrMsg: "start 2h0m0s is greater or equal to end 1h0m0s",
-		in: dayRange{
-			start: time.Hour * 2,
-			end:   time.Hour,
-		},
-	}, {
-		name:       "start_equal_max",
-		wantErrMsg: "start 24h0m0s is greater or equal to 24h0m0s",
-		in: dayRange{
-			start: time.Hour * 24,
-			end:   time.Hour * 48,
-		},
-	}, {
-		name:       "end_greater_max",
-		wantErrMsg: "end 48h0m0s is greater than 24h0m0s",
-		in: dayRange{
-			start: 0,
-			end:   time.Hour * 48,
-		},
-	}}
-
-	for _, tc := range testCases {
-		t.Run(tc.name, func(t *testing.T) {
-			err := tc.in.validate()
-
-			testutil.AssertErrorMsg(t, tc.wantErrMsg, err)
-		})
-	}
-}

internal/tools/go.mod

@@ -9,8 +9,7 @@ require (
 	github.com/kisielk/errcheck v1.6.3
 	github.com/kyoh86/looppointer v0.2.1
 	github.com/securego/gosec/v2 v2.16.0
-	github.com/uudashr/gocognit v1.0.6
-	golang.org/x/tools v0.10.0
+	golang.org/x/tools v0.9.3
 	golang.org/x/vuln v0.1.0
 	honnef.co/go/tools v0.4.3
 	mvdan.cc/gofumpt v0.5.0
@@ -27,8 +26,8 @@ require (
 	github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e // indirect
 	golang.org/x/exp v0.0.0-20230321023759-10a507213a29 // indirect
 	golang.org/x/exp/typeparams v0.0.0-20230522175609-2e198f4a06a1 // indirect
-	golang.org/x/mod v0.11.0 // indirect
-	golang.org/x/sync v0.3.0 // indirect
-	golang.org/x/sys v0.9.0 // indirect
+	golang.org/x/mod v0.10.0 // indirect
+	golang.org/x/sync v0.2.0 // indirect
+	golang.org/x/sys v0.8.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )

internal/tools/go.sum

@@ -40,8 +40,6 @@ github.com/securego/gosec/v2 v2.16.0 h1:Pi0JKoasQQ3NnoRao/ww/N/XdynIB9NRYYZT5CyO
 github.com/securego/gosec/v2 v2.16.0/go.mod h1:xvLcVZqUfo4aAQu56TNv7/Ltz6emAOQAEsrZrt7uGlI=
 github.com/stretchr/testify v1.1.4/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
 github.com/stretchr/testify v1.8.0 h1:pSgiaMZlXftHpm5L7V1+rVB+AZJydKsMxsQBIJw4PKk=
-github.com/uudashr/gocognit v1.0.6 h1:2Cgi6MweCsdB6kpcVQp7EW4U23iBFQWfTXiWlyp842Y=
-github.com/uudashr/gocognit v1.0.6/go.mod h1:nAIUuVBnYU7pcninia3BHOvQkpQCeO76Uscky5BOwcY=
 github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e h1:JVG44RsyaB9T2KIHavMF/ppJZNG9ZpyihvCd0w101no=
 github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e/go.mod h1:RbqR21r5mrJuqunuUZ/Dhy/avygyECGrLceyNeo4LiM=
 github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
@@ -58,21 +56,20 @@ golang.org/x/exp/typeparams v0.0.0-20230522175609-2e198f4a06a1/go.mod h1:AbB0pIl
 golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.6.0-dev.0.20220106191415-9b9b3d81d5e3/go.mod h1:3p9vT2HGsQu2K1YbXdKPJLVgG5VJdoTa1poYQBtP1AY=
-golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
-golang.org/x/mod v0.11.0 h1:bUO06HqtnRcc/7l71XBe4WcqTZ+3AH1J59zWDDwLKgU=
-golang.org/x/mod v0.11.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
+golang.org/x/mod v0.10.0 h1:lFO9qtOdlre5W1jxS3r/4szv2/6iXxScdzjoBMXNhYk=
+golang.org/x/mod v0.10.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
 golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
 golang.org/x/net v0.0.0-20211015210444-4f30a5c0130f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
-golang.org/x/net v0.11.0 h1:Gi2tvZIJyBtO9SDr1q9h5hEQCp/4L2RQ+ar0qjx2oNU=
+golang.org/x/net v0.10.0 h1:X2//UzNDwYmtCLn7To6G58Wr6f5ahEAQgKNzv9Y951M=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.3.0 h1:ftCYgMx6zT/asHUrPw8BLLscYtGznsLAnjq5RH9P66E=
-golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y=
+golang.org/x/sync v0.2.0 h1:PUR+T4wwASmuSTYdKjYHI5TD22Wy5ogLU5qZCOLxBrI=
+golang.org/x/sync v0.2.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -82,9 +79,8 @@ golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20211019181941-9d821ace8654/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20220702020025-31831981b65f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.9.0 h1:KS/R3tvhPqvJvwcKfnBHJwwthS11LRhmM5D59eEXa0s=
-golang.org/x/sys v0.9.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.8.0 h1:EBmGv8NaZBZTWvrbjNoL6HVt+IVy3QDQpJs7VRIw3tU=
+golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
@@ -96,9 +92,8 @@ golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtn
 golang.org/x/tools v0.0.0-20201007032633-0806396f153e/go.mod h1:z6u4i615ZeAfBE4XtMziQW1fSVJXACjjbWkB/mvPzlU=
 golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
 golang.org/x/tools v0.1.10/go.mod h1:Uh6Zz+xoGYZom868N8YTex3t7RhtHDBrE8Gzo9bV56E=
-golang.org/x/tools v0.1.11/go.mod h1:SgwaegtQh8clINPpECJMqnxLv9I09HLqnW3RMqW0CA4=
-golang.org/x/tools v0.10.0 h1:tvDr/iQoUqNdohiYm0LmmKcBk+q86lb9EprIUFhHHGg=
-golang.org/x/tools v0.10.0/go.mod h1:UJwyiVBsOA2uwvK/e5OY3GTpDUJriEd+/YlqAwLPmyM=
+golang.org/x/tools v0.9.3 h1:Gn1I8+64MsuTb/HpH+LmQtNas23LhUVr3rYZ0eKuaMM=
+golang.org/x/tools v0.9.3/go.mod h1:owI94Op576fPu3cIGQeHs3joujW/2Oc6MtlxbF5dfNc=
 golang.org/x/vuln v0.1.0 h1:9GRdj6wAIkDrsMevuolY+SXERPjQPp2P1ysYA0jpZe0=
 golang.org/x/vuln v0.1.0/go.mod h1:/YuzZYjGbwB8y19CisAppfyw3uTZnuCz3r+qgx/QRzU=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=

internal/tools/tools.go

@@ -9,7 +9,6 @@ import (
 	_ "github.com/kisielk/errcheck"
 	_ "github.com/kyoh86/looppointer"
 	_ "github.com/securego/gosec/v2/cmd/gosec"
-	_ "github.com/uudashr/gocognit/cmd/gocognit"
 	_ "golang.org/x/tools/go/analysis/passes/nilness/cmd/nilness"
 	_ "golang.org/x/tools/go/analysis/passes/shadow/cmd/shadow"
 	_ "golang.org/x/vuln/cmd/govulncheck"

internal/version/version.go

@@ -143,7 +143,14 @@ func Verbose() (v string) {
 		runtime.Version(),
 	)
 
-	writeCommitTime(b)
+	if committime != "" {
+		commitTimeUnix, err := strconv.ParseInt(committime, 10, 64)
+		if err != nil {
+			stringutil.WriteToBuilder(b, nl, vFmtTimeHdr, fmt.Sprintf("parse error: %s", err))
+		} else {
+			stringutil.WriteToBuilder(b, nl, vFmtTimeHdr, time.Unix(commitTimeUnix, 0).String())
+		}
+	}
 
 	stringutil.WriteToBuilder(b, nl, vFmtGOOSHdr, nl, vFmtGOARCHHdr)
 	if goarm != "" {
@@ -172,16 +179,3 @@ func Verbose() (v string) {
 
 	return b.String()
 }
-
-func writeCommitTime(b *strings.Builder) {
-	if committime == "" {
-		return
-	}
-
-	commitTimeUnix, err := strconv.ParseInt(committime, 10, 64)
-	if err != nil {
-		stringutil.WriteToBuilder(b, "\n", vFmtTimeHdr, fmt.Sprintf("parse error: %s", err))
-	} else {
-		stringutil.WriteToBuilder(b, "\n", vFmtTimeHdr, time.Unix(commitTimeUnix, 0).String())
-	}
-}

internal/whois/whois.go

@@ -1,376 +0,0 @@
-// Package whois provides WHOIS functionality.
-package whois
-
-import (
-	"bytes"
-	"context"
-	"fmt"
-	"io"
-	"net"
-	"net/netip"
-	"strconv"
-	"strings"
-	"time"
-
-	"github.com/AdguardTeam/AdGuardHome/internal/aghio"
-	"github.com/AdguardTeam/golibs/errors"
-	"github.com/AdguardTeam/golibs/log"
-	"github.com/AdguardTeam/golibs/netutil"
-	"github.com/AdguardTeam/golibs/stringutil"
-	"github.com/bluele/gcache"
-)
-
-const (
-	// DefaultServer is the default WHOIS server.
-	DefaultServer = "whois.arin.net"
-
-	// DefaultPort is the default port for WHOIS requests.
-	DefaultPort = 43
-)
-
-// Interface provides WHOIS functionality.
-type Interface interface {
-	// Process makes WHOIS request and returns WHOIS information or nil.
-	// changed indicates that Info was updated since last request.
-	Process(ctx context.Context, ip netip.Addr) (info *Info, changed bool)
-}
-
-// Empty is an empty [Interface] implementation which does nothing.
-type Empty struct{}
-
-// type check
-var _ Interface = (*Empty)(nil)
-
-// Process implements the [Interface] interface for Empty.
-func (Empty) Process(_ context.Context, _ netip.Addr) (info *Info, changed bool) {
-	return nil, false
-}
-
-// Config is the configuration structure for Default.
-type Config struct {
-	// DialContext specifies the dial function for creating unencrypted TCP
-	// connections.
-	DialContext func(ctx context.Context, network, addr string) (conn net.Conn, err error)
-
-	// ServerAddr is the address of the WHOIS server.
-	ServerAddr string
-
-	// Timeout is the timeout for WHOIS requests.
-	Timeout time.Duration
-
-	// CacheTTL is the Time to Live duration for cached IP addresses.
-	CacheTTL time.Duration
-
-	// MaxConnReadSize is an upper limit in bytes for reading from net.Conn.
-	MaxConnReadSize int64
-
-	// MaxRedirects is the maximum redirects count.
-	MaxRedirects int
-
-	// MaxInfoLen is the maximum length of Info fields returned by Process.
-	MaxInfoLen int
-
-	// CacheSize is the maximum size of the cache.  It must be greater than
-	// zero.
-	CacheSize int
-
-	// Port is the port for WHOIS requests.
-	Port uint16
-}
-
-// Default is the default WHOIS information processor.
-type Default struct {
-	// cache is the cache containing IP addresses of clients.  An active IP
-	// address is resolved once again after it expires.  If IP address couldn't
-	// be resolved, it stays here for some time to prevent further attempts to
-	// resolve the same IP.
-	cache gcache.Cache
-
-	// dialContext connects to a remote server resolving hostname using our own
-	// DNS server and unecrypted TCP connection.
-	dialContext func(ctx context.Context, network, addr string) (conn net.Conn, err error)
-
-	// serverAddr is the address of the WHOIS server.
-	serverAddr string
-
-	// portStr is the port for WHOIS requests.
-	portStr string
-
-	// timeout is the timeout for WHOIS requests.
-	timeout time.Duration
-
-	// cacheTTL is the Time to Live duration for cached IP addresses.
-	cacheTTL time.Duration
-
-	// maxConnReadSize is an upper limit in bytes for reading from net.Conn.
-	maxConnReadSize int64
-
-	// maxRedirects is the maximum redirects count.
-	maxRedirects int
-
-	// maxInfoLen is the maximum length of Info fields returned by Process.
-	maxInfoLen int
-}
-
-// New returns a new default WHOIS information processor.  conf must not be
-// nil.
-func New(conf *Config) (w *Default) {
-	return &Default{
-		serverAddr:      conf.ServerAddr,
-		dialContext:     conf.DialContext,
-		timeout:         conf.Timeout,
-		cache:           gcache.New(conf.CacheSize).LRU().Build(),
-		maxConnReadSize: conf.MaxConnReadSize,
-		maxRedirects:    conf.MaxRedirects,
-		portStr:         strconv.Itoa(int(conf.Port)),
-		maxInfoLen:      conf.MaxInfoLen,
-		cacheTTL:        conf.CacheTTL,
-	}
-}
-
-// trimValue trims s and replaces the last 3 characters of the cut with "..."
-// to fit into max.  max must be greater than 3.
-func trimValue(s string, max int) string {
-	if len(s) <= max {
-		return s
-	}
-
-	return s[:max-3] + "..."
-}
-
-// isWHOISComment returns true if the data is empty or is a WHOIS comment.
-func isWHOISComment(data []byte) (ok bool) {
-	return len(data) == 0 || data[0] == '#' || data[0] == '%'
-}
-
-// whoisParse parses a subset of plain-text data from the WHOIS response into a
-// string map.  It trims values of the returned map to maxLen.
-func whoisParse(data []byte, maxLen int) (info map[string]string) {
-	info = map[string]string{}
-
-	var orgname string
-	lines := bytes.Split(data, []byte("\n"))
-	for _, l := range lines {
-		if isWHOISComment(l) {
-			continue
-		}
-
-		before, after, found := bytes.Cut(l, []byte(":"))
-		if !found {
-			continue
-		}
-
-		key := strings.ToLower(string(before))
-		val := strings.TrimSpace(string(after))
-		if val == "" {
-			continue
-		}
-
-		switch key {
-		case "orgname", "org-name":
-			key = "orgname"
-			val = trimValue(val, maxLen)
-			orgname = val
-		case "city", "country":
-			val = trimValue(val, maxLen)
-		case "descr", "netname":
-			key = "orgname"
-			val = stringutil.Coalesce(orgname, val)
-			orgname = val
-		case "whois":
-			key = "whois"
-		case "referralserver":
-			key = "whois"
-			val = strings.TrimPrefix(val, "whois://")
-		default:
-			continue
-		}
-
-		info[key] = val
-	}
-
-	return info
-}
-
-// query sends request to a server and returns the response or error.
-func (w *Default) query(ctx context.Context, target, serverAddr string) (data []byte, err error) {
-	addr, _, _ := net.SplitHostPort(serverAddr)
-	if addr == DefaultServer {
-		// Display type flags for query.
-		//
-		// See https://www.arin.net/resources/registry/whois/rws/api/#nicname-whois-queries.
-		target = "n + " + target
-	}
-
-	conn, err := w.dialContext(ctx, "tcp", serverAddr)
-	if err != nil {
-		// Don't wrap the error since it's informative enough as is.
-		return nil, err
-	}
-	defer func() { err = errors.WithDeferred(err, conn.Close()) }()
-
-	r, err := aghio.LimitReader(conn, w.maxConnReadSize)
-	if err != nil {
-		// Don't wrap the error since it's informative enough as is.
-		return nil, err
-	}
-
-	_ = conn.SetReadDeadline(time.Now().Add(w.timeout))
-	_, err = io.WriteString(conn, target+"\r\n")
-	if err != nil {
-		// Don't wrap the error since it's informative enough as is.
-		return nil, err
-	}
-
-	// This use of ReadAll is now safe, because we limited the conn Reader.
-	data, err = io.ReadAll(r)
-	if err != nil {
-		// Don't wrap the error since it's informative enough as is.
-		return nil, err
-	}
-
-	return data, nil
-}
-
-// queryAll queries WHOIS server and handles redirects.
-func (w *Default) queryAll(ctx context.Context, target string) (info map[string]string, err error) {
-	server := net.JoinHostPort(w.serverAddr, w.portStr)
-	var data []byte
-
-	for i := 0; i < w.maxRedirects; i++ {
-		data, err = w.query(ctx, target, server)
-		if err != nil {
-			// Don't wrap the error since it's informative enough as is.
-			return nil, err
-		}
-
-		log.Debug("whois: received response (%d bytes) from %q about %q", len(data), server, target)
-
-		info = whoisParse(data, w.maxInfoLen)
-		redir, ok := info["whois"]
-		if !ok {
-			return info, nil
-		}
-
-		redir = strings.ToLower(redir)
-
-		_, _, err = net.SplitHostPort(redir)
-		if err != nil {
-			server = net.JoinHostPort(redir, w.portStr)
-		} else {
-			server = redir
-		}
-
-		log.Debug("whois: redirected to %q about %q", redir, target)
-	}
-
-	return nil, fmt.Errorf("whois: redirect loop")
-}
-
-// type check
-var _ Interface = (*Default)(nil)
-
-// Process makes WHOIS request and returns WHOIS information or nil.  changed
-// indicates that Info was updated since last request.
-func (w *Default) Process(ctx context.Context, ip netip.Addr) (wi *Info, changed bool) {
-	if netutil.IsSpecialPurposeAddr(ip) {
-		return nil, false
-	}
-
-	wi, expired := w.findInCache(ip)
-	if wi != nil && !expired {
-		// Don't return an empty struct so that the frontend doesn't get
-		// confused.
-		if (*wi == Info{}) {
-			return nil, false
-		}
-
-		return wi, false
-	}
-
-	var info Info
-
-	defer func() {
-		item := toCacheItem(info, w.cacheTTL)
-		err := w.cache.Set(ip, item)
-		if err != nil {
-			log.Debug("whois: cache: adding item %q: %s", ip, err)
-		}
-	}()
-
-	kv, err := w.queryAll(ctx, ip.String())
-	if err != nil {
-		log.Debug("whois: quering about %q: %s", ip, err)
-
-		return nil, true
-	}
-
-	info = Info{
-		City:    kv["city"],
-		Country: kv["country"],
-		Orgname: kv["orgname"],
-	}
-
-	// Don't return an empty struct so that the frontend doesn't get confused.
-	if (info == Info{}) {
-		return nil, true
-	}
-
-	return &info, wi == nil || info != *wi
-}
-
-// findInCache finds Info in the cache.  expired indicates that Info is valid.
-func (w *Default) findInCache(ip netip.Addr) (wi *Info, expired bool) {
-	val, err := w.cache.Get(ip)
-	if err != nil {
-		if !errors.Is(err, gcache.KeyNotFoundError) {
-			log.Debug("whois: cache: retrieving info about %q: %s", ip, err)
-		}
-
-		return nil, false
-	}
-
-	item, ok := val.(*cacheItem)
-	if !ok {
-		log.Debug("whois: cache: %q bad type %T", ip, val)
-
-		return nil, false
-	}
-
-	return fromCacheItem(item)
-}
-
-// Info is the filtered WHOIS data for a runtime client.
-type Info struct {
-	City    string `json:"city,omitempty"`
-	Country string `json:"country,omitempty"`
-	Orgname string `json:"orgname,omitempty"`
-}
-
-// cacheItem represents an item that we will store in the cache.
-type cacheItem struct {
-	// expiry is the time when cacheItem will expire.
-	expiry time.Time
-
-	// info is the WHOIS data for a runtime client.
-	info *Info
-}
-
-// toCacheItem creates a cached item from a WHOIS info and Time to Live
-// duration.
-func toCacheItem(info Info, ttl time.Duration) (item *cacheItem) {
-	return &cacheItem{
-		expiry: time.Now().Add(ttl),
-		info:   &info,
-	}
-}
-
-// fromCacheItem creates a WHOIS info from the cached item.  expired indicates
-// that WHOIS info is valid.  item must not be nil.
-func fromCacheItem(item *cacheItem) (info *Info, expired bool) {
-	if time.Now().After(item.expiry) {
-		return item.info, true
-	}
-
-	return item.info, false
-}

internal/whois/whois_test.go

@@ -1,155 +0,0 @@
-package whois_test
-
-import (
-	"context"
-	"io"
-	"net"
-	"net/netip"
-	"testing"
-	"time"
-
-	"github.com/AdguardTeam/AdGuardHome/internal/whois"
-	"github.com/AdguardTeam/golibs/testutil/fakenet"
-	"github.com/stretchr/testify/assert"
-	"github.com/stretchr/testify/require"
-)
-
-func TestDefault_Process(t *testing.T) {
-	const (
-		nl             = "\n"
-		city           = "Nonreal"
-		country        = "Imagiland"
-		orgname        = "FakeOrgLLC"
-		referralserver = "whois.example.net"
-	)
-
-	ip := netip.MustParseAddr("1.2.3.4")
-
-	testCases := []struct {
-		want *whois.Info
-		name string
-		data string
-	}{{
-		want: nil,
-		name: "empty",
-		data: "",
-	}, {
-		want: nil,
-		name: "comments",
-		data: "%\n#",
-	}, {
-		want: nil,
-		name: "no_colon",
-		data: "city",
-	}, {
-		want: nil,
-		name: "no_value",
-		data: "city:",
-	}, {
-		want: &whois.Info{
-			City: city,
-		},
-		name: "city",
-		data: "city: " + city,
-	}, {
-		want: &whois.Info{
-			Country: country,
-		},
-		name: "country",
-		data: "country: " + country,
-	}, {
-		want: &whois.Info{
-			Orgname: orgname,
-		},
-		name: "orgname",
-		data: "orgname: " + orgname,
-	}, {
-		want: &whois.Info{
-			Orgname: orgname,
-		},
-		name: "orgname_hyphen",
-		data: "org-name: " + orgname,
-	}, {
-		want: &whois.Info{
-			Orgname: orgname,
-		},
-		name: "orgname_descr",
-		data: "descr: " + orgname,
-	}, {
-		want: &whois.Info{
-			Orgname: orgname,
-		},
-		name: "orgname_netname",
-		data: "netname: " + orgname,
-	}, {
-		want: &whois.Info{
-			City:    city,
-			Country: country,
-			Orgname: orgname,
-		},
-		name: "full",
-		data: "OrgName: " + orgname + nl + "City: " + city + nl + "Country: " + country,
-	}, {
-		want: nil,
-		name: "whois",
-		data: "whois: " + referralserver,
-	}, {
-		want: nil,
-		name: "referralserver",
-		data: "referralserver: whois://" + referralserver,
-	}, {
-		want: nil,
-		name: "other",
-		data: "other: value",
-	}}
-
-	for _, tc := range testCases {
-		t.Run(tc.name, func(t *testing.T) {
-			hit := 0
-
-			fakeConn := &fakenet.Conn{
-				OnRead: func(b []byte) (n int, err error) {
-					hit++
-
-					return copy(b, tc.data), io.EOF
-				},
-				OnWrite: func(b []byte) (n int, err error) {
-					return len(b), nil
-				},
-				OnClose: func() (err error) {
-					return nil
-				},
-				OnSetReadDeadline: func(t time.Time) (err error) {
-					return nil
-				},
-			}
-
-			w := whois.New(&whois.Config{
-				Timeout: 5 * time.Second,
-				DialContext: func(_ context.Context, _, addr string) (_ net.Conn, _ error) {
-					hit = 0
-
-					return fakeConn, nil
-				},
-				MaxConnReadSize: 1024,
-				MaxRedirects:    3,
-				MaxInfoLen:      250,
-				CacheSize:       100,
-				CacheTTL:        time.Hour,
-			})
-
-			got, changed := w.Process(context.Background(), ip)
-			require.True(t, changed)
-
-			assert.Equal(t, tc.want, got)
-			assert.Equal(t, 1, hit)
-
-			// From cache.
-			got, changed = w.Process(context.Background(), ip)
-			require.False(t, changed)
-
-			assert.Equal(t, tc.want, got)
-			assert.Equal(t, 1, hit)
-		})
-	}
-}

main.go

@@ -1,5 +1,3 @@
-//go:build !next
-
 package main
 
 import (

main_next.go

@@ -1,20 +0,0 @@
-//go:build next
-
-package main
-
-import (
-	"embed"
-
-	"github.com/AdguardTeam/AdGuardHome/internal/next/cmd"
-)
-
-// Embed the prebuilt client here since we strive to keep .go files inside the
-// internal directory and the embed package is unable to embed files located
-// outside of the same or underlying directory.
-
-//go:embed build
-var frontend embed.FS
-
-func main() {
-	cmd.Main(frontend)
-}

openapi/CHANGELOG.md

@@ -6,17 +6,6 @@
 
 ## v0.107.30: API changes
 
-### New HTTP API 'GET /control/querylog/export'
-
-* The new `GET /control/querylog/export` HTTP API allows an export of query log
-  items in the CSV file.  It returns a CSV object with the following format:
-
-```csv
-ans_dnssec,ans_rcode,ans_type,ans_value,cached,client_ip,client_id,ecs,elapsed,filter_id,filter_rule,proto,qclass,qname,qtype,reason,time,upstream
-false,NOERROR,A,192.168.1.1,false,127.0.0.1,,,0.097409,,,,IN,example.com,A,Rewrite,2023-01-30T12:21:13.947563+07:00,
-false,NOERROR,A,45.33.2.79,false,127.0.0.1,,,482.967871,,,,IN,test.com,A,NotFilteredNotFound,2022-12-13T12:18:04.964403+07:00,https://dns10.quad9.net:443/dns-query
-```
-
 ### `POST /control/version.json` and `GET /control/dhcp/interfaces` content type
 
 * The value of the `Content-Type` header in the `POST /control/version.json` and

openapi/openapi.yaml

@@ -313,51 +313,6 @@
       'responses':
         '200':
           'description': 'OK.'
-  '/querylog/export':
-    'get':
-      'tags':
-        - 'log'
-      'description': >
-        Returns a CSV file stream with the following fields, sorted a-z:
-        ans_dnssec, ans_rcode, ans_type, ans_value, cached, client_ip,
-        clientid, ecs, elapsed, filter_id, filter_rule, proto, qclass, qname,
-        qtype, reason, time, upstream.  The fields list is a subject to change.
-        The content is UTF-8 encoded with quotation marks.
-
-      'operationId': 'getQueryLogExport'
-      'summary': 'Get DNS server query log items in a CSV stream.'
-      'parameters':
-        - 'name': 'search'
-          'in': 'query'
-          'description': 'Filter by domain name or client IP'
-          'schema':
-            'type': 'string'
-        - 'name': 'response_status'
-          'in': 'query'
-          'description': 'Filter by response status'
-          'schema':
-            'type': 'string'
-            'enum':
-              - 'all'
-              - 'filtered'
-              - 'blocked'
-              - 'blocked_safebrowsing'
-              - 'blocked_parental'
-              - 'whitelisted'
-              - 'rewritten'
-              - 'safe_search'
-              - 'processed'
-      'responses':
-        '200':
-          'description': 'OK.'
-          'content':
-            'text/csv':
-              'schema':
-                'type': 'string'
-                'example': >
-                  ans_dnssec,ans_rcode,ans_type,ans_value,cached,client_ip,client_id,ecs,elapsed,filter_id,filter_rule,proto,qclass,qname,qtype,reason,time,upstream
-                  false,NOERROR,A,192.168.1.1,false,127.0.0.1,,,0.097409,,,,IN,example.com,A,Rewrite,2023-01-30T12:21:13.947563+07:00,
-                  false,NOERROR,A,45.33.2.79,false,127.0.0.1,,,482.967871,,,,IN,test.com,A,NotFilteredNotFound,2022-12-13T12:18:04.964403+07:00,https://dns10.quad9.net:443/dns-query
   '/stats':
     'get':
       'tags':
@@ -1106,17 +1061,6 @@
       'responses':
         '200':
           'description': 'OK.'
-  '/rewrite/update':
-    'put':
-      'tags':
-        - 'rewrite'
-      'operationId': 'rewriteUpdate'
-      'summary': 'Update a Rewrite rule'
-      'requestBody':
-        '$ref': '#/components/requestBodies/RewriteUpdate'
-      'responses':
-        '200':
-          'description': 'OK.'
   '/i18n/change_language':
     'post':
       'deprecated': true
@@ -1367,12 +1311,6 @@
           'schema':
             '$ref': '#/components/schemas/RewriteEntry'
       'required': true
-    'RewriteUpdate':
-      'content':
-        'application/json':
-          'schema':
-            '$ref': '#/components/schemas/RewriteUpdate'
-      'required': true
   'schemas':
     'ServerStatus':
       'type': 'object'
@@ -2764,14 +2702,6 @@
       'items':
         '$ref': '#/components/schemas/RewriteEntry'
       'description': 'Rewrite rules array'
-    'RewriteUpdate':
-      'type': 'object'
-      'description': 'Rewrite rule update object'
-      'properties':
-        'target':
-          '$ref': '#/components/schemas/RewriteEntry'
-        'update':
-          '$ref': '#/components/schemas/RewriteEntry'
     'RewriteEntry':
       'type': 'object'
       'description': 'Rewrite rule'

scripts/README.md

@@ -2,7 +2,7 @@
 
 ##  `hooks/`: Git Hooks
 
-   ###  Usage
+ ###  Usage
 
 Run `make init` from the project root.
 
@@ -10,7 +10,7 @@ Run `make init` from the project root.
 
 ##  `querylog/`: Query Log Helpers
 
-   ###  Usage
+ ###  Usage
 
  *  `npm install`: install dependencies.  Run this first.
  *  `npm run anonymize <source> <dst>`: read the query log from the `<source>`
@@ -26,215 +26,157 @@ don't print anything, and `1`, be verbose.
 
 
 
-   ###  `build-docker.sh`: Build A Multi-Architecture Docker Image
+ ###  `build-docker.sh`: Build A Multi-Architecture Docker Image
 
 Required environment:
 
  *  `CHANNEL`: release channel, see above.
-
  *  `COMMIT`: current Git revision.
-
  *  `DIST_DIR`: the directory where a release has previously been built.
-
  *  `VERSION`: release version.
 
 Optional environment:
 
  *  `DOCKER_IMAGE_NAME`: the name of the resulting Docker container.  By default
     it's `adguardhome-dev`.
-
  *  `DOCKER_OUTPUT`: the `--output` parameters.  By default they are
     `type=image,name=${DOCKER_IMAGE_NAME},push=false`.
-
  *  `SUDO`: allow users to use `sudo` or `doas` with `docker`.  By default none
     is used.
 
 
 
-   ###  `build-release.sh`: Build A Release For All Platforms
+ ###  `build-release.sh`: Build A Release For All Platforms
 
 Required environment:
-
  *  `CHANNEL`: release channel, see above.
-
  *  `GPG_KEY` and `GPG_KEY_PASSPHRASE`: data for `gpg`.  Only required if `SIGN`
     is `1`.
 
 Optional environment:
-
  *  `ARCH` and `OS`: space-separated list of architectures and operating systems
     for which to build a release.  For example, to build only for 64-bit ARM and
     AMD on Linux and Darwin:
-
     ```sh
     make ARCH='amd64 arm64' OS='darwin linux' … build-release
     ```
     The default value is `''`, which means build everything.
-
+ *  `BUILD_SNAP`: `0` to not build Snapcraft packages, `1` to build.  The
+    default value is `1`.
  *  `DIST_DIR`: the directory to build a release into.  The default value is
     `dist`.
-
  *  `GO`: set an alternative name for the Go compiler.
-
  *  `SIGN`: `0` to not sign the resulting packages, `1` to sign.  The default
     value is `1`.
-
  *  `VERBOSE`: `1` to be verbose, `2` to also print environment.  This script
     calls `go-build.sh` with the verbosity level one level lower, so to get
     verbosity level `2` in `go-build.sh`, set this to `3` when calling
     `build-release.sh`.
-
  *  `VERSION`: release version.  Will be set by `version.sh` if it is unset or
     if it has the default `Makefile` value of `v0.0.0`.
 
 
 
-   ###  `clean.sh`: Cleanup
+ ###  `clean.sh`: Cleanup
 
 Optional environment:
-
  *  `GO`: set an alternative name for the Go compiler.
 
 Required environment:
-
  *  `DIST_DIR`: the directory where a release has previously been built.
 
 
 
-   ###  `go-build.sh`: Build The Backend
+ ###  `go-build.sh`: Build The Backend
 
 Optional environment:
-
  *  `GOARM`: ARM processor options for the Go compiler.
-
  *  `GOMIPS`: ARM processor options for the Go compiler.
-
  *  `GO`: set an alternative name for the Go compiler.
-
  *  `OUT`: output binary name.
-
  *  `PARALLELISM`: set the maximum number of concurrently run build commands
     (that is, compiler, linker, etc.).
-
  *  `SOURCE_DATE_EPOCH`: the [standardized][repr] environment variable for the
     Unix epoch time of the latest commit in the repository.  If set, overrides
     the default obtained from Git.  Useful for reproducible builds.
-
  *  `VERBOSE`: verbosity level.  `1` shows every command that is run and every
     Go package that is processed.  `2` also shows subcommands and environment.
     The default value is `0`, don't be verbose.
-
  *  `VERSION`: release version.  Will be set by `version.sh` if it is unset or
     if it has the default `Makefile` value of `v0.0.0`.
 
 Required environment:
-
  *  `CHANNEL`: release channel, see above.
 
 [repr]: https://reproducible-builds.org/docs/source-date-epoch/
 
 
 
-   ###  `go-deps.sh`: Install Backend Dependencies
+ ###  `go-deps.sh`: Install Backend Dependencies
 
 Optional environment:
-
  *  `GO`: set an alternative name for the Go compiler.
-
  *  `VERBOSE`: verbosity level.  `1` shows every command that is run and every
     Go package that is processed.  `2` also shows subcommands and environment.
     The default value is `0`, don't be verbose.
 
 
 
-   ###  `go-lint.sh`: Run Backend Static Analyzers
+ ###  `go-lint.sh`: Run Backend Static Analyzers
 
 Don't forget to run `make go-tools` once first!
 
 Optional environment:
-
  *  `EXIT_ON_ERROR`: if set to `0`, don't exit the script after the first
     encountered error.  The default value is `1`.
-
  *  `GO`: set an alternative name for the Go compiler.
-
  *  `VERBOSE`: verbosity level.  `1` shows every command that is run.  `2` also
     shows subcommands.  The default value is `0`, don't be verbose.
 
 
 
-   ###  `go-test.sh`: Run Backend Tests
+ ###  `go-test.sh`: Run Backend Tests
 
 Optional environment:
-
  *  `GO`: set an alternative name for the Go compiler.
-
  *  `RACE`: set to `0` to not use the Go race detector.  The default value is
     `1`, use the race detector.
-
  *  `TIMEOUT_FLAGS`: set timeout flags for tests.  The default value is
     `--timeout 30s`.
-
  *  `VERBOSE`: verbosity level.  `1` shows every command that is run and every
     Go package that is processed.  `2` also shows subcommands.  The default
     value is `0`, don't be verbose.
 
 
 
-   ###  `go-tools.sh`: Install Backend Tooling
+ ###  `go-tools.sh`: Install Backend Tooling
 
 Installs the Go static analysis and other tools into `${PWD}/bin`.  Either add
 `${PWD}/bin` to your `$PATH` before all other entries, or use the commands
 directly, or use the commands through `make` (for example, `make go-lint`).
 
 Optional environment:
-
  *  `GO`: set an alternative name for the Go compiler.
 
 
 
-   ###  `version.sh`: Generate And Print The Current Version
+ ###  `version.sh`: Generate And Print The Current Version
 
 Required environment:
-
  *  `CHANNEL`: release channel, see above.
 
 
 
-##  `snap/`: Snapcraft scripts
+##  `snap/`: Snap GUI Files
 
-   ###  `build.sh`
-
-Builds the Snapcraft packages from the binaries created by `download.sh`.
-
-   ###  `download.sh`
-
-Downloads the binaries to pack them into Snapcraft packages.
-
-Required environment:
-
- *  `CHANNEL`: release channel, see above.
-
-   ###  `upload.sh`
-
-Uploads the Snapcraft packages created by `build.sh`.
-
-Required environment:
-
- *  `SNAPCRAFT_CHANNEL`: Snapcraft release channel: `edge`, `beta`, or
-    `candidate`.
-
- *  `SNAPCRAFT_STORE_CREDENTIALS`: Credentials for Snapcraft store.
-
-Optional environment:
-
- *  `SNAPCRAFT_CMD`: Overrides the Snapcraft command.  Default: `snapcraft`.
+App icons (see https://github.com/AdguardTeam/AdGuardHome/pull/1836), Snap
+manifest file templates, and helper scripts.
 
 
 
 ##  `translations/`: Twosky Integration Script
 
-   ###  Usage
+ ###  Usage
 
  *  `go run main.go help`: print usage.
 
@@ -269,7 +211,7 @@ Optional environment:
 A simple script that downloads and updates the companies DB in the `client`
 code from [the repo][companiesrepo].
 
-   ###  Usage
+ ###  Usage
 
 ```sh
 sh ./scripts/companiesdb/download.sh
@@ -289,7 +231,7 @@ Optional environment:
  *  `URL`: the URL of the index file.  By default it's
     `https://adguardteam.github.io/HostlistsRegistry/assets/services.json`.
 
-   ###  Usage
+ ###  Usage
 
 ```sh
 go run ./scripts/blocked-services/main.go
@@ -309,7 +251,7 @@ Optional environment:
  *  `URL`: the URL of the index file.  By default it's
     `https://adguardteam.github.io/HostlistsRegistry/assets/filters.json`.
 
-   ###  Usage
+ ###  Usage
 
 ```sh
 go run ./scripts/vetted-filters/main.go

scripts/make/build-docker.sh

@@ -5,12 +5,11 @@ verbose="${VERBOSE:-0}"
 if [ "$verbose" -gt '0' ]
 then
 	set -x
-	debug_flags='--debug=1'
+	debug_flags='-D'
 else
 	set +x
-	debug_flags='--debug=0'
+	debug_flags=''
 fi
-readonly debug_flags
 
 set -e -f -u
 
@@ -62,16 +61,21 @@ readonly docker_output
 case "$channel"
 in
 ('release')
-	docker_tags="--tag=${docker_image_name}:${version},${docker_image_name}:latest"
+	docker_image_full_name="${docker_image_name}:${version}"
+	docker_tags="--tag ${docker_image_name}:latest"
 	;;
 ('beta')
-	docker_tags="--tag=${docker_image_name}:${version},${docker_image_name}:beta"
+	docker_image_full_name="${docker_image_name}:${version}"
+	docker_tags="--tag ${docker_image_name}:beta"
 	;;
 ('edge')
-	docker_tags="--tag=${docker_image_name}:edge"
+	# Don't set the version tag when pushing to the edge channel.
+	docker_image_full_name="${docker_image_name}:edge"
+	docker_tags=''
 	;;
 ('development')
-	docker_tags="--tag=${docker_image_name}"
+	docker_image_full_name="${docker_image_name}"
+	docker_tags=''
 	;;
 (*)
 	echo "invalid channel '$channel', supported values are\
@@ -79,7 +83,7 @@ in
 	exit 1
 	;;
 esac
-readonly docker_tags
+readonly docker_image_full_name docker_tags
 
 # Copy the binaries into a new directory under new names, so that it's easier to
 # COPY them later.  DO NOT remove the trailing underscores.  See file
@@ -113,8 +117,10 @@ cp "./docker/web-bind.awk"\
 cp "./docker/healthcheck.sh"\
 	"${dist_docker_scripts}/healthcheck.sh"
 
+# Don't use quotes with $docker_tags and $debug_flags because we want word
+# splitting and or an empty space if tags are empty.
 $sudo_cmd docker\
-	"$debug_flags"\
+	$debug_flags\
 	buildx build\
 	--build-arg BUILD_DATE="$build_date"\
 	--build-arg DIST_DIR="$dist_dir"\
@@ -122,6 +128,7 @@ $sudo_cmd docker\
 	--build-arg VERSION="$version"\
 	--output "$docker_output"\
 	--platform "$docker_platforms"\
-	"$docker_tags"\
+	$docker_tags\
+	-t "$docker_image_full_name"\
 	-f ./docker/Dockerfile\
 	.

scripts/make/build-release.sh

@@ -78,6 +78,14 @@ else
 fi
 readonly oses
 
+snap_enabled="${BUILD_SNAP:-1}"
+readonly snap_enabled
+
+if [ "$snap_enabled" -eq '0' ]
+then
+	log 'snap: disabled'
+fi
+
 # Require the gpg key and passphrase to be set if the signing is required.
 if [ "$sign" -eq '1' ]
 then
@@ -98,7 +106,7 @@ log "checking tools"
 # Make sure we fail gracefully if one of the tools we need is missing.  Use
 # alternatives when available.
 use_shasum='0'
-for tool in gpg gzip sed sha256sum tar zip
+for tool in gpg gzip sed sha256sum snapcraft tar zip
 do
 	if ! command -v "$tool" > /dev/null
 	then
@@ -120,36 +128,36 @@ readonly use_shasum
 # Data section.  Arrange data into space-separated tables for read -r to read.
 # Use a hyphen for missing values.
 
-#    os  arch      arm mips
+#    os  arch      arm mips       snap
 platforms="\
-darwin   amd64     -   -
-darwin   arm64     -   -
-freebsd  386       -   -
-freebsd  amd64     -   -
-freebsd  arm       5   -
-freebsd  arm       6   -
-freebsd  arm       7   -
-freebsd  arm64     -   -
-linux    386       -   -
-linux    amd64     -   -
-linux    arm       5   -
-linux    arm       6   -
-linux    arm       7   -
-linux    arm64     -   -
-linux    mips      -   softfloat
-linux    mips64    -   softfloat
-linux    mips64le  -   softfloat
-linux    mipsle    -   softfloat
-linux    ppc64le   -   -
-openbsd  amd64     -   -
-openbsd  arm64     -   -
-windows  386       -   -
-windows  amd64     -   -
-windows  arm64     -   -"
+darwin   amd64     -   -          -
+darwin   arm64     -   -          -
+freebsd  386       -   -          -
+freebsd  amd64     -   -          -
+freebsd  arm       5   -          -
+freebsd  arm       6   -          -
+freebsd  arm       7   -          -
+freebsd  arm64     -   -          -
+linux    386       -   -          i386
+linux    amd64     -   -          amd64
+linux    arm       5   -          -
+linux    arm       6   -          -
+linux    arm       7   -          armhf
+linux    arm64     -   -          arm64
+linux    mips      -   softfloat  -
+linux    mips64    -   softfloat  -
+linux    mips64le  -   softfloat  -
+linux    mipsle    -   softfloat  -
+linux    ppc64le   -   -          -
+openbsd  amd64     -   -          -
+openbsd  arm64     -   -          -
+windows  386       -   -          -
+windows  amd64     -   -          -
+windows  arm64     -   -          -"
 readonly platforms
 
-# Function build builds the release for one platform.  It builds a binary and an
-# archive.
+# Function build builds the release for one platform.  It builds a binary, an
+# archive and, if needed, a snap package.
 build() {
 	# Get the arguments.  Here and below, use the "build_" prefix for all
 	# variables local to function build.
@@ -159,6 +167,7 @@ build() {
 		build_arch="$4"\
 		build_arm="$5"\
 		build_mips="$6"\
+		build_snap="$7"\
 		;
 
 	# Use the ".exe" filename extension if we build a Windows release.
@@ -220,13 +229,52 @@ build() {
 	esac
 
 	log "$build_archive"
+
+	# Exit if we don't need to build the Snap package.
+	if [ "$build_snap" = '-' ] || [ "$snap_enabled" -eq '0' ]
+	then
+		return
+	fi
+
+	# Prepare the Snap build.
+	build_snap_output="./${dist}/AdGuardHome_${build_snap}.snap"
+	build_snap_dir="${build_snap_output}.dir"
+
+	# Create the meta subdirectory and copy files there.
+	mkdir -p "${build_snap_dir}/meta"
+	cp "$build_output" './scripts/snap/local/adguard-home-web.sh' "$build_snap_dir"
+	cp -r './scripts/snap/gui' "${build_snap_dir}/meta/"
+
+	# Create a snap.yaml file, setting the values.
+	sed -e 's/%VERSION%/'"$version"'/'\
+		-e 's/%ARCH%/'"$build_snap"'/'\
+		./scripts/snap/snap.tmpl.yaml\
+		>"${build_snap_dir}/meta/snap.yaml"
+
+	# TODO(a.garipov): The snapcraft tool will *always* write everything,
+	# including errors, to stdout.  And there doesn't seem to be a way to change
+	# that.  So, save the combined output, but only show it when snapcraft
+	# actually fails.
+	set +e
+	build_snapcraft_output="$(
+		snapcraft pack "$build_snap_dir" --output "$build_snap_output" 2>&1
+	)"
+	build_snapcraft_exit_code="$?"
+	set -e
+	if [ "$build_snapcraft_exit_code" -ne '0' ]
+	then
+		log "$build_snapcraft_output"
+		exit "$build_snapcraft_exit_code"
+	fi
+
+	log "$build_snap_output"
 }
 
 log "starting builds"
 
 # Go over all platforms defined in the space-separated table above, tweak the
 # values where necessary, and feed to build.
-echo "$platforms" | while read -r os arch arm mips
+echo "$platforms" | while read -r os arch arm mips snap
 do
 	# See if the architecture or the OS is in the allowlist.  To do so, try
 	# removing everything that matches the pattern (well, a prefix, but that
@@ -266,7 +314,7 @@ do
 		;;
 	esac
 
-	build "$dir" "$ar" "$os" "$arch" "$arm" "$mips"
+	build "$dir" "$ar" "$os" "$arch" "$arm" "$mips" "$snap"
 done
 
 log "packing frontend"
@@ -365,14 +413,14 @@ do
 	platform="$f"
 
 	# Remove the prefix.
-	platform="${platform#"./${dist}/AdGuardHome_"}"
+	platform="${platform#./${dist}/AdGuardHome_}"
 
 	# Remove the filename extensions.
 	platform="${platform%.zip}"
 	platform="${platform%.tar.gz}"
 
 	# Use the filename's base path.
-	filename="${f#"./${dist}/"}"
+	filename="${f#./${dist}/}"
 
 	if [ "$i" -eq "$ar_files_len" ]
 	then

scripts/make/go-build.sh

@@ -128,13 +128,7 @@ export CGO_ENABLED
 GO111MODULE='on'
 export GO111MODULE
 
-# Build the new binary if requested.
-if [ "${NEXTAPI:-0}" -eq '0' ]
-then
-	tags_flags='--tags='
-else
-	tags_flags='--tags=next'
-fi
+tags_flags='--tags='
 readonly tags_flags
 
 if [ "$verbose" -gt '0' ]

scripts/make/go-lint.sh

@@ -3,7 +3,7 @@
 # This comment is used to simplify checking local copies of the script.  Bump
 # this number every time a significant change is made to this script.
 #
-# AdGuard-Project-Version: 4
+# AdGuard-Project-Version: 3
 
 verbose="${VERBOSE:-0}"
 readonly verbose
@@ -80,12 +80,6 @@ esac
 #
 #   *  Package golang.org/x/net/context has been moved into stdlib.
 #
-# Currently, the only standard exception are files generated from protobuf
-# schemas, which use package reflect.  If your project needs more exceptions,
-# add and document them.
-#
-# TODO(a.garipov): Add deprecated packages golang.org/x/exp/maps and
-# golang.org/x/exp/slices once all projects switch to Go 1.21.
 blocklist_imports() {
 	git grep\
 		-e '[[:space:]]"errors"$'\
@@ -97,7 +91,6 @@ blocklist_imports() {
 		-e '[[:space:]]"golang.org/x/net/context"$'\
 		-n\
 		-- '*.go'\
-		':!*.pb.go'\
 		| sed -e 's/^\([^[:space:]]\+\)\(.*\)$/\1 blocked import:\2/'\
 		|| exit 0
 }
@@ -108,7 +101,6 @@ method_const() {
 	git grep -F\
 		-e '"DELETE"'\
 		-e '"GET"'\
-		-e '"PATCH"'\
 		-e '"POST"'\
 		-e '"PUT"'\
 		-n\
@@ -130,12 +122,11 @@ underscores() {
 			-e '_freebsd.go'\
 			-e '_linux.go'\
 			-e '_little.go'\
-			-e '_next.go'\
 			-e '_openbsd.go'\
 			-e '_others.go'\
 			-e '_test.go'\
 			-e '_unix.go'\
-			-e '_windows.go'\
+			-e '_windows.go' \
 			-v\
 			| sed -e 's/./\t\0/'
 	)"
@@ -170,24 +161,12 @@ run_linter govulncheck ./...
 
 run_linter gocyclo --over 10 .
 
-# TODO(a.garipov): Enable for all.
-run_linter gocognit --over 10\
-	./internal/aghalg/\
-	./internal/aghchan/\
-	./internal/aghhttp/\
-	./internal/aghio/\
-	./internal/tools/\
-	./internal/next/\
-	./internal/version/\
-	;
-
 run_linter ineffassign ./...
 
 run_linter unparam ./...
 
-git ls-files -- 'Makefile' '*.conf' '*.go' '*.mod' '*.sh' '*.yaml' '*.yml'\
-	| xargs misspell --error\
-	| sed -e 's/^/misspell: /'
+git ls-files -- 'Makefile' '*.go' '*.mod' '*.sh' '*.yaml' '*.yml'\
+	| xargs misspell --error
 
 run_linter looppointer ./...
 
@@ -203,13 +182,4 @@ run_linter -e shadow --strict ./...
 # TODO(a.garipov): Enable --blank?
 run_linter errcheck --asserts ./...
 
-staticcheck_matrix='
-darwin:  GOOS=darwin
-freebsd: GOOS=freebsd
-linux:   GOOS=linux
-openbsd: GOOS=openbsd
-windows: GOOS=windows
-'
-readonly staticcheck_matrix
-
-echo "$staticcheck_matrix" | run_linter staticcheck --matrix ./...
+run_linter staticcheck ./...

scripts/make/go-tools.sh

@@ -38,7 +38,6 @@ readonly go
 rm -f\
 	bin/errcheck\
 	bin/fieldalignment\
-	bin/gocognit\
 	bin/gocyclo\
 	bin/gofumpt\
 	bin/gosec\
@@ -70,7 +69,6 @@ env\
 	github.com/kisielk/errcheck\
 	github.com/kyoh86/looppointer/cmd/looppointer\
 	github.com/securego/gosec/v2/cmd/gosec\
-	github.com/uudashr/gocognit/cmd/gocognit\
 	golang.org/x/tools/go/analysis/passes/fieldalignment/cmd/fieldalignment\
 	golang.org/x/tools/go/analysis/passes/nilness/cmd/nilness\
 	golang.org/x/tools/go/analysis/passes/shadow/cmd/shadow\

scripts/snap/build.sh

@@ -1,77 +0,0 @@
-#!/bin/sh
-
-verbose="${VERBOSE:-0}"
-
-if [ "$verbose" -gt '0' ]
-then
-	set -x
-fi
-
-set -e -f -u
-
-# Function log is an echo wrapper that writes to stderr if the caller requested
-# verbosity level greater than 0.  Otherwise, it does nothing.
-#
-# TODO(a.garipov): Add to helpers.sh and use more actively in scripts.
-log() {
-	if [ "$verbose" -gt '0' ]
-	then
-		# Don't use quotes to get word splitting.
-		echo "$1" 1>&2
-	fi
-}
-
-version="$( ./AdGuardHome_amd64 --version | cut -d ' ' -f 4 )"
-if [ "$version" = '' ]
-then
-	log 'empty version from ./AdGuardHome_amd64'
-	exit 1
-fi
-readonly version
-
-log "version '$version'"
-
-for arch in\
-	'i386'\
-	'amd64'\
-	'armhf'\
-	'arm64'
-do
-	build_output="./AdGuardHome_${arch}"
-	snap_output="./AdGuardHome_${arch}.snap"
-	snap_dir="${snap_output}.dir"
-
-	# Create the meta subdirectory and copy files there.
-	mkdir -p "${snap_dir}/meta"
-	cp "$build_output" "${snap_dir}/AdGuardHome"
-	cp './snap/local/adguard-home-web.sh' "$snap_dir"
-	cp -r './snap/gui' "${snap_dir}/meta/"
-
-	# Create a snap.yaml file, setting the values.
-	sed\
-		-e 's/%VERSION%/'"$version"'/'\
-		-e 's/%ARCH%/'"$arch"'/'\
-		./snap/snap.tmpl.yaml\
-		> "${snap_dir}/meta/snap.yaml"
-
-	# TODO(a.garipov): The snapcraft tool will *always* write everything,
-	# including errors, to stdout.  And there doesn't seem to be a way to change
-	# that.  So, save the combined output, but only show it when snapcraft
-	# actually fails.
-	set +e
-	snapcraft_output="$(
-		snapcraft pack "$snap_dir" --output "$snap_output" 2>&1
-	)"
-	snapcraft_exit_code="$?"
-	set -e
-
-	if [ "$snapcraft_exit_code" -ne '0' ]
-	then
-		log "$snapcraft_output"
-		exit "$snapcraft_exit_code"
-	fi
-
-	log "$snap_output"
-
-	rm -f -r "$snap_dir"
-done

scripts/snap/download.sh

@@ -1,29 +0,0 @@
-#!/bin/sh
-
-verbose="${VERBOSE:-0}"
-
-if [ "$verbose" -gt '0' ]
-then
-	set -x
-fi
-
-set -e -f -u
-
-channel="${CHANNEL:?please set CHANNEL}"
-readonly channel
-
-printf '%s %s\n'\
-	'386'   'i386'\
-	'amd64' 'amd64'\
-	'armv7' 'armhf'\
-	'arm64' 'arm64' \
-| while read -r arch snap_arch
-do
-	release_url="https://static.adtidy.org/adguardhome/${channel}/AdGuardHome_linux_${arch}.tar.gz"
-	output="./AdGuardHome_linux_${arch}.tar.gz"
-
-	curl -o "$output" -v "$release_url"
-	tar -f "$output" -v -x -z
-	cp ./AdGuardHome/AdGuardHome "./AdGuardHome_${snap_arch}"
-	rm -f -r "$output" ./AdGuardHome
-done

scripts/snap/upload.sh

@@ -1,93 +0,0 @@
-#!/bin/sh
-
-verbose="${VERBOSE:-0}"
-
-if [ "$verbose" -gt '0' ]
-then
-	set -x
-fi
-
-set -e -f -u
-
-# Function log is an echo wrapper that writes to stderr if the caller requested
-# verbosity level greater than 0.  Otherwise, it does nothing.
-log() {
-	if [ "$verbose" -gt '0' ]
-	then
-		# Don't use quotes to get word splitting.
-		echo "$1" 1>&2
-	fi
-}
-
-# Do not set a new lowercase variable, because the snapcraft tool expects the
-# uppercase form.
-if [ "${SNAPCRAFT_STORE_CREDENTIALS:-}" = '' ]
-then
-	log 'please set SNAPCRAFT_STORE_CREDENTIALS'
-
-	exit 1
-fi
-export SNAPCRAFT_STORE_CREDENTIALS
-
-snapcraft_channel="${SNAPCRAFT_CHANNEL:?please set SNAPCRAFT_CHANNEL}"
-readonly snapcraft_channel
-
-# Allow developers to overwrite the command, e.g. for testing.
-snapcraft_cmd="${SNAPCRAFT_CMD:-snapcraft}"
-readonly snapcraft_cmd
-
-default_timeout='90s'
-kill_timeout='120s'
-readonly default_timeout kill_timeout
-
-for arch in\
-	'i386'\
-	'amd64'\
-	'armhf'\
-	'arm64'
-do
-	snap_file="./AdGuardHome_${arch}.snap"
-
-	# Catch the exit code and the combined output to later inspect it.
-	set +e
-	snapcraft_output="$(
-		# Use timeout(1) to force snapcraft to quit after a certain time.  There
-		# seems to be no environment variable or flag to force this behavior.
-		timeout\
-			--preserve-status\
-			-k "$kill_timeout"\
-			-v "$default_timeout"\
-			"$snapcraft_cmd" upload\
-			--release="${snapcraft_channel}"\
-			--quiet\
-			"${snap_file}"\
-			2>&1
-	)"
-	snapcraft_exit_code="$?"
-	set -e
-
-	if [ "$snapcraft_exit_code" -eq '0' ]
-	then
-		log "successful upload: ${snapcraft_output}"
-
-		continue
-	fi
-
-	# Skip the ones that were failed by a duplicate upload error.
-	case "$snapcraft_output"
-	in
-	(*'A file with this exact same content has already been uploaded'|\
-		'Error checking upload uniqueness'*)
-
-		log "warning: duplicate upload, skipping"
-		log "snapcraft upload error: ${snapcraft_output}"
-
-		continue
-		;;
-	(*)
-		echo "unexpected snapcraft upload error: ${snapcraft_output}"
-
-		return "$snapcraft_exit_code"
-		;;
-	esac
-done