Enhancement: option to send HTTP over unix socket

[ghost]

What does this PR change? What problem does it solve?

Add one method to send HTTP traffic (for any backend) over a unix socket.

I'm not sure this is the best way, but it certainly seemed an easy way without a large refactor.

Was the change previously discussed in an issue or on the forum?

Closes #4287

Checklist

• I have read the contribution guidelines.
• I have enabled maintainer edits.
• I have added tests for all code changes.
• I have added documentation for relevant changes (in the manual).
• There's a new file in changelog/unreleased/ that describes the changes for our users (see template).
• I have run gofmt on the code in all commits.
• All commit messages are formatted in the same style as the other commits in the repo.
• I'm done! This pull request is ready for review.

Happy to add tests but wanted feedback on approach first.

While adding syntax like -r rest:unix:/tmp/socket looked simple in the original issue, the way the code is structured it's difficult to get access to the http.Transport object from within the rest backend. Hence I added a global option, which means this would also work for tunnelling other HTTP based backends over a socket if desired.

Our intended use-case is in conjunction with the rest-server (see restic/rest-server#272) where a central backup server essentially makes the following SSH calls out to hosts to back them up:

rest-server --listen unix:/tmp/socket --data /path/to/data &
scp restic host:/tmp
ssh -R /tmp/socket:/tmp/socket host /tmp/restic -use-unix-socket-for-http /tmp/socket -r rest:http://ignored/repo

(the ignored bit is ugly)

We can do the above with ephermal ports today, but unix sockets feels like it might be cleaner for this-use case.

[MichaelEischer]

I strongly dislike adding a CLI option that then goes on to override the path passed to the backend. That just feels wrong. (It would also introduce multiple weird failure cases for other backends).

My suggestion is to use "github.com/peterbourgon/unixtransport" instead. With a call to unixtransport.Register(tr) it becomes possible to use rest:http+unix:///path/to/socket without requiring a messy CLI option. That adds a new (very small) dependency, but that's better than the alternative.

[ghost]

My suggestion is to use "github.com/peterbourgon/unixtransport" instead. With a call to unixtransport.Register(tr) it becomes possible to use rest:http+unix:///path/to/socket without requiring a messy CLI option. That adds a new (very small) dependency, but that's better than the alternative.

Thanks, that library looks good and that's a much cleaner outcome. Have made change as suggested. On my system I also needed to make a fix to that library (so that it will ignore HTTP proxies when invoked). We might want to wait to verify that patch is accepted (and version bumped) before merging this one:
peterbourgon/unixtransport#7

I've tested the above against the rest-server PR I made here:
restic/rest-server#272

and it seems to work.

[MichaelEischer]

The code is ok now, but I'd really like to see a small test, that connecting to a http+unix server does work. Otherwise, there's a too large chance that we accidentally break this feature.

Waiting for a fix to the proxy support is probably a good idea. And restic/rest-server#272 also has to be completed first.

[ghost]

Happy to add tests once the server-part lands.

[ghost]

Rebased to fix conflicts, and have bumped the unixtransport library to the new release which fixes the proxy issue.

[ghost]

Integration test added and cleaned up regular HTTP based rest-server test at same time.

[ghost]

Rebased to fix go.sum conflicts. This remains ready for review.

[MichaelEischer]

LGTM. I've fixed the test failures (we'll have to switch rest-server back to latest once the next version is released) and there's now a changelog. Please take a look at it, afterwards we should be ready to merge this PR.

[ghost]

Looks good. Thanks for fixing up and following this through.