added env config COUNTER_FILE, DEBUG

adding new features to readme
deleted empty line in listing
2026-02-09 17:16:06 +01:00 · 2026-02-08 23:24:36 +01:00 · 2026-02-08 23:19:35 +01:00 · 2026-02-08 23:18:42 +01:00 · 2026-02-08 22:56:50 +01:00 · 2026-02-08 22:52:51 +01:00
3 changed files with 158 additions and 82 deletions
--- a/README.md
+++ b/README.md
@@ -10,6 +10,8 @@ _a web based password generator, with an API endpoint_
 * copy to clipboard
 * very small docker container, that only contains the application and has minimum attack surface
 * supports DarkMode and LightMode, you can toggle
+* prepared to run behind a reverse-proxy, like traefik.
+* logs in combined log format

 ## Demo

--- a/main.go
+++ b/main.go
@@ -1,16 +1,17 @@
 package main

 import (
-	"os"
+	"crypto/rand"
+	"encoding/json"
+	"html/template"
+	"log"
 	"net"
+	"net/http"
+	"os"
 	"strconv"
 	"strings"
 	"sync"
-	"crypto/rand"
-	"html/template"
-	"log"
-	"net/http"
-	"encoding/json"
+	"time"
 )

 const (
@@ -19,33 +20,85 @@ const (
 )

 var (
-	debug = false
-	templates = make(map[string]*template.Template)
-	AppVersion = "development"
+	debug       = false
+	templates   = make(map[string]*template.Template)
+	AppVersion  = "development"
 	counterFile = "/data/counter.txt"
-	mu sync.Mutex
+	mu          sync.Mutex
 )

+func initConfig() {
+	// 1. Counter-Pfad auslesen
+	if envFile := os.Getenv("COUNTER_FILE"); envFile != "" {
+		counterFile = envFile
+		log.Printf("counterFile st to %s, by ENV\n", envFile)
+	}
+
+	// 2. Debug-Modus auslesen (String zu Bool)
+	envDebug := strings.ToLower(os.Getenv("DEBUG"))
+	if envDebug == "true" || envDebug == "1" {
+		debug = true
+		log.Println("DEBUG-Modus ist aktiviert")
+	}
+}
+
+type responseWriter struct {
+	http.ResponseWriter
+	statusCode int
+}
+
+func (rw *responseWriter) WriteHeader(code int) {
+	rw.statusCode = code
+	rw.ResponseWriter.WriteHeader(code)
+}
+
+func newResponseWriter(w http.ResponseWriter) *responseWriter {
+	return &responseWriter{w, http.StatusOK} // Default 200 OK
+}
+
+func LoggingMiddleware(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		start := time.Now()
+		rw := newResponseWriter(w)
+		next.ServeHTTP(rw, r)
+		duration := time.Since(start)
+		clientIP := getClientIP(r)
+		userAgent := r.UserAgent()
+		// Format: IP - - [Datum] "Method Path Proto" Status Duration User-Agent
+		// "Combined Log Format"
+		log.Printf("%s - - [%s] \"%s %s %s\" %d %v \"%s\"\n",
+			clientIP,
+			time.Now().Format("02/Jan/2006:15:04:05 -0700"),
+			r.Method,
+			r.URL.Path,
+			r.Proto,
+			rw.statusCode,
+			duration,
+			userAgent,
+		)
+	})
+}
+
 func getClientIP(r *http.Request) string {
-    // 1. Prüfe den X-Forwarded-For Header (Standard für Proxies)
-    xForwardedFor := r.Header.Get("X-Forwarded-For")
-    if xForwardedFor != "" {
-        // Der Header kann eine Liste von IPs sein (Client, Proxy1, Proxy2)
-        // Die erste IP in der Liste ist die echte Client-IP
-        ips := strings.Split(xForwardedFor, ",")
-        return strings.TrimSpace(ips[0])
-    }
+	// 1. Prüfe den X-Forwarded-For Header (Standard für Proxies)
+	xForwardedFor := r.Header.Get("X-Forwarded-For")
+	if xForwardedFor != "" {
+		// Der Header kann eine Liste von IPs sein (Client, Proxy1, Proxy2)
+		// Die erste IP in der Liste ist die echte Client-IP
+		ips := strings.Split(xForwardedFor, ",")
+		return strings.TrimSpace(ips[0])
+	}

-    // 2. Fallback auf X-Real-IP (oft von Traefik/Nginx gesetzt)
-    xRealIP := r.Header.Get("X-Real-IP")
-    if xRealIP != "" {
-        return xRealIP
-    }
+	// 2. Fallback auf X-Real-IP (oft von Traefik/Nginx gesetzt)
+	xRealIP := r.Header.Get("X-Real-IP")
+	if xRealIP != "" {
+		return xRealIP
+	}

-    // 3. Letzter Ausweg: Die direkte IP (wird in deinem Fall die Traefik-IP sein)
-    // RemoteAddr enthält oft auch den Port (z.B. "127.0.0.1:1234")
-    ip, _, _ := net.SplitHostPort(r.RemoteAddr)
-    return ip
+	// 3. Letzter Ausweg: Die direkte IP (wird in deinem Fall die Traefik-IP sein)
+	// RemoteAddr enthält oft auch den Port (z.B. "127.0.0.1:1234")
+	ip, _, _ := net.SplitHostPort(r.RemoteAddr)
+	return ip
 }

 // Diese Funktion wird nur intern aufgerufen, wenn der Mutex bereits gesperrt ist
@@ -78,29 +131,31 @@ func IncrementPasswordCount() {
 }

 func loadTemplates() {
-    // 1. FuncMap definieren
-    funcMap := template.FuncMap{
-        "getAppVersion": func() string { return AppVersion },
-        "getPassCount": func() int { return GetPasswordCount() },
-    }
+	// 1. FuncMap definieren
+	funcMap := template.FuncMap{
+		"getAppVersion": func() string { return AppVersion },
+		"getPassCount":  func() int { return GetPasswordCount() },
+	}

-    // 2. Templates mit FuncMap laden
-    // Wir nutzen New("base.html"), da base.html meist das Haupt-Layout definiert
-    templates["index.html"] = template.Must(template.New("base.html").Funcs(funcMap).ParseFiles(
-        "templates/base.html", 
-        "templates/index.html",
-    ))
+	// 2. Templates mit FuncMap laden
+	// Wir nutzen New("base.html"), da base.html meist das Haupt-Layout definiert
+	templates["index.html"] = template.Must(template.New("base.html").Funcs(funcMap).ParseFiles(
+		"templates/base.html",
+		"templates/index.html",
+	))

-    templates["help.html"] = template.Must(template.New("base.html").Funcs(funcMap).ParseFiles(
-        "templates/base.html", 
-        "templates/help.html",
-    ))
+	templates["help.html"] = template.Must(template.New("base.html").Funcs(funcMap).ParseFiles(
+		"templates/base.html",
+		"templates/help.html",
+	))

-    log.Printf("Alle Templates erfolgreich geladen")
+	log.Printf("Alle Templates erfolgreich geladen")
 }

 func generatePassword() string {
-	if debug { log.Printf("called generatePassword\n") }
+	if debug {
+		log.Printf("called generatePassword\n")
+	}
 	password := make([]byte, passwordLength)
 	_, err := rand.Read(password)
 	if err != nil {
@@ -114,37 +169,37 @@ func generatePassword() string {
 }

 func passwordHandler(w http.ResponseWriter, r *http.Request) {
-    clientIP := getClientIP(r)
-    log.Printf("passwordHandler aufrerufen von IP: %s\n", clientIP)
-    if debug { log.Printf("called passwordHandler\n") }
-    password := generatePassword()
-    currentCount := GetPasswordCount()
-    response := map[string]interface{}{
-        "password": password,
-        "count":    currentCount,
-    }
-    w.Header().Set("Content-Type", "application/json")
-    err := json.NewEncoder(w).Encode(response)
-    if err != nil {
-        log.Printf("Fehler beim Senden des JSON: %v", err)
-        http.Error(w, "Interner Fehler", http.StatusInternalServerError)
-        return
-    }
+	if debug {
+		log.Printf("called passwordHandler\n")
+	}
+	password := generatePassword()
+	currentCount := GetPasswordCount()
+	response := map[string]interface{}{
+		"password": password,
+		"count":    currentCount,
+	}
+	w.Header().Set("Content-Type", "application/json")
+	err := json.NewEncoder(w).Encode(response)
+	if err != nil {
+		log.Printf("Fehler beim Senden des JSON: %v", err)
+		http.Error(w, "Interner Fehler", http.StatusInternalServerError)
+		return
+	}
 }

 func passwordAPIHandler(w http.ResponseWriter, r *http.Request) {
-	clientIP := getClientIP(r)
-	log.Printf("passwordAPIHandler aufrerufen von IP: %s\n", clientIP)
-	if debug { log.Printf("called passwordHandler\n") }
+	if debug {
+		log.Printf("called passwordHandler\n")
+	}
 	password := generatePassword()
 	w.Header().Set("Content-Type", "text/plain")
 	w.Write([]byte(password))
 }

 func indexHandler(w http.ResponseWriter, r *http.Request) {
-	clientIP := getClientIP(r)
-	log.Printf("indexHandler aufrerufen von IP: %s\n", clientIP)
-	if debug { log.Printf("call indexHandler: Request %s %s\n", r.Method, r.URL) }
+	if debug {
+		log.Printf("call indexHandler: Request %s %s\n", r.Method, r.URL)
+	}
 	password := generatePassword()
 	//password := "load..."
 	data := struct {
@@ -152,7 +207,9 @@ func indexHandler(w http.ResponseWriter, r *http.Request) {
 	}{
 		Password: password,
 	}
-	if debug { log.Printf("prepare template for index\n") }
+	if debug {
+		log.Printf("prepare template for index\n")
+	}
 	err := templates["index.html"].ExecuteTemplate(w, "base.html", data)
 	if err != nil {
 		log.Printf("Fehler beim Rendern des Templates: %v", err)
@@ -161,9 +218,9 @@ func indexHandler(w http.ResponseWriter, r *http.Request) {
 }

 func helpHandler(w http.ResponseWriter, r *http.Request) {
-	clientIP := getClientIP(r)
-	log.Printf("helpHandler aufrerufen von IP: %s\n", clientIP)
-	if debug { log.Printf("call helpHandler\n") }
+	if debug {
+		log.Printf("call helpHandler\n")
+	}
 	err := templates["help.html"].ExecuteTemplate(w, "base.html", nil)
 	if err != nil {
 		log.Printf("Fehler beim Rendern des Templates: %v", err)
@@ -172,15 +229,21 @@ func helpHandler(w http.ResponseWriter, r *http.Request) {
 }

 func main() {
+	initConfig()
 	loadTemplates()
-	fs := http.FileServer(http.Dir("static"))
-	http.Handle("/static/", http.StripPrefix("/static/", fs))
+	mux := http.NewServeMux()

-	http.HandleFunc("/", indexHandler)
-	http.HandleFunc("/api/password", passwordAPIHandler)
-	http.HandleFunc("/json/password", passwordHandler)
-	http.HandleFunc("/help", helpHandler)
+	fs := http.FileServer(http.Dir("static"))
+	mux.Handle("/static/", http.StripPrefix("/static/", fs))
+
+	mux.HandleFunc("/", indexHandler)
+	mux.HandleFunc("/api/password", passwordAPIHandler)
+	mux.HandleFunc("/json/password", passwordHandler)
+	mux.HandleFunc("/help", helpHandler)
+
+	loggingRouter := LoggingMiddleware(mux)

 	log.Println("Server läuft auf http://localhost:8080")
-	log.Fatal(http.ListenAndServe(":8080", nil))
+
+	log.Fatal(http.ListenAndServe(":8080", loggingRouter))
 }
--- a/misc/MoreUsage.md
+++ b/misc/MoreUsage.md
@@ -25,21 +25,32 @@ for i in {1..10}; do echo $(curl -s https://passwd.scu.si/api/password); done
 you can build the app yourself like this:

 ```
-go build -o password-generator ./
+go build ./
 ```

+NOTE: If you build the app manually in go, like shown in this example, it will probably not run, since it misses a writeable `/data` directory.
+You can set the counterFile by environment variable `COUNTER_FILE`, like this:
+```
+COUNTER_FILE=./counter.txt ./Web-Password
+```

+## debuging the app
+
+You can turn on debug mode via environment variable `DEBUG`
+```
+DEBUG=true ./Web-Password
+```

 # build a docker container

 ```
-docker build -t password-generator .
+docker build -t web-password:dev .
 ```

 # start the docker container

 ```
-docker run -p 8080:8080 password-generator
+docker run -p 8080:8080 -v app_data:/data web-password:dev
 ```

 ## docker-compose
Author	SHA1	Message	Date
Florian Walther	25f5fae505	added env config COUNTER_FILE, DEBUG All checks were successful Docker Release Build / push_to_registry (push) Successful in 59s Details	2026-02-09 17:16:06 +01:00
Florian Walther	1d4849acff	adding new features to readme	2026-02-08 23:24:36 +01:00
Florian Walther	58205c20a0	deleted empty line in listing	2026-02-08 23:19:35 +01:00
Florian Walther	2a2f99dd76	updated build instructions	2026-02-08 23:18:42 +01:00
Florian Walther	6b93307f9e	fixed log printf All checks were successful Docker Release Build / push_to_registry (push) Successful in 53s Details	2026-02-08 22:56:50 +01:00
Florian Walther	a029a38787	changed log to combined log format All checks were successful Docker Release Build / push_to_registry (push) Successful in 54s Details	2026-02-08 22:52:51 +01:00
Florian Walther	4a83ab6bd6	logging middleware added All checks were successful Docker Release Build / push_to_registry (push) Successful in 56s Details	2026-02-08 22:42:31 +01:00