ZDDC/zddc/cmd/zddc-server at df1c32ff541c602d63b366881df66aeb469eaee4 - VARASYS/ZDDC

History

ZDDC df1c32ff54 feat(server): HTTP timeouts + audit log default-on with hostname tagging Two related operational improvements: 1. HTTP timeouts on http.Server (ReadHeaderTimeout 10s, ReadTimeout + WriteTimeout 60s, IdleTimeout 120s). Caps slow-client connection hold time; closes the slowloris vector. Listing + tool-HTML responses complete in milliseconds even with gzip, so 60s is generous for legit traffic. 2. --access-log defaults to <ZDDC_ROOT>/.zddc.d/logs/access-<host>.log instead of stderr-only. The server auto-creates the parent tree (mode 0750), so a fresh deployment gets an audit trail without operator setup. Every JSON record carries a `host` field (from os.Hostname) — multi-replica deployments share the .zddc.d/logs/ directory but write to per-host filenames, and downstream aggregators can disambiguate via the host field. Opt-out: --access-log= (explicit empty). Distinguishing "unset" from "set to empty" follows the same pattern config.go already uses for --cors-origin. Live verification: $ zddc-server -root /tmp/r -addr 127.0.0.1:8765 -tls-cert none -insecure-direct $ curl http://127.0.0.1:8765/ $ ls /tmp/r/.zddc.d/logs/ access-bizon.log $ tail -1 /tmp/r/.zddc.d/logs/access-bizon.log {"time":...,"level":"INFO","msg":"access","host":"bizon",...,"email":"anonymous","method":"GET","path":"/","status":200,...} $ zddc-server -root /tmp/r ... -access-log= # opt-out $ ls /tmp/r/.zddc.d/ # empty: no logs/ created	2026-05-04 07:49:17 -05:00
..
main.go	feat(server): HTTP timeouts + audit log default-on with hostname tagging	2026-05-04 07:49:17 -05:00
main_test.go	perf(server): gzip compression middleware on the entire mux	2026-05-04 07:49:17 -05:00

ZDDC df1c32ff54 feat(server): HTTP timeouts + audit log default-on with hostname tagging

Two related operational improvements:

1. HTTP timeouts on http.Server (ReadHeaderTimeout 10s, ReadTimeout +
   WriteTimeout 60s, IdleTimeout 120s). Caps slow-client connection
   hold time; closes the slowloris vector. Listing + tool-HTML
   responses complete in milliseconds even with gzip, so 60s is
   generous for legit traffic.

2. --access-log defaults to <ZDDC_ROOT>/.zddc.d/logs/access-<host>.log
   instead of stderr-only. The server auto-creates the parent tree
   (mode 0750), so a fresh deployment gets an audit trail without
   operator setup. Every JSON record carries a `host` field (from
   os.Hostname) — multi-replica deployments share the .zddc.d/logs/
   directory but write to per-host filenames, and downstream
   aggregators can disambiguate via the host field.

   Opt-out: --access-log= (explicit empty). Distinguishing "unset"
   from "set to empty" follows the same pattern config.go already
   uses for --cors-origin.

Live verification:
  $ zddc-server -root /tmp/r -addr 127.0.0.1:8765 -tls-cert none -insecure-direct
  $ curl http://127.0.0.1:8765/
  $ ls /tmp/r/.zddc.d/logs/
  access-bizon.log
  $ tail -1 /tmp/r/.zddc.d/logs/access-bizon.log
  {"time":...,"level":"INFO","msg":"access","host":"bizon",...,"email":"anonymous","method":"GET","path":"/","status":200,...}

  $ zddc-server -root /tmp/r ... -access-log=  # opt-out
  $ ls /tmp/r/.zddc.d/  # empty: no logs/ created

2026-05-04 07:49:17 -05:00

main.go

feat(server): HTTP timeouts + audit log default-on with hostname tagging

2026-05-04 07:49:17 -05:00

main_test.go

perf(server): gzip compression middleware on the entire mux

2026-05-04 07:49:17 -05:00