Skip to content
Draft
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
42 commits
Select commit Hold shift + click to select a range
2fc7b8d
mistral changes
waghanza Jun 28, 2026
f4b81db
Refactor frameworks with best practices for each language
waghanza Jun 28, 2026
fca35f4
Refactor more frameworks with best practices
waghanza Jun 28, 2026
39ebf29
Refactor more frameworks with best practices (Batch 3)
waghanza Jun 28, 2026
dbcc218
update v impl
waghanza Jun 28, 2026
b6aee5a
Optimize all PHP implementations with best practices
waghanza Jun 28, 2026
6613dd3
Continue optimizing PHP implementations with best practices (Batch 2)
waghanza Jun 28, 2026
a385ade
Continue optimizing PHP implementations with best practices (Batch 3)
waghanza Jun 28, 2026
7a132d5
Continue optimizing PHP implementations with best practices (Batch 4)
waghanza Jun 28, 2026
13c678a
Continue optimizing PHP implementations with best practices (Batch 5)
waghanza Jun 28, 2026
0139b03
Continue optimizing PHP implementations with best practices (Batch 6)
waghanza Jun 28, 2026
a9c13eb
Continue optimizing PHP implementations with best practices (Batch 7)
waghanza Jun 28, 2026
8335aa0
Continue optimizing R implementations with best practices
waghanza Jun 28, 2026
182e235
Improve Crystal frameworks: production-grade implementations with bes…
waghanza Jun 28, 2026
f708829
Improve C# implementations with production-grade best practices
waghanza Jun 28, 2026
1aab5ab
Improve D based frameworks implementations with production-grade best…
waghanza Jun 28, 2026
bc05c69
Improve Dart based frameworks implementations with production-grade b…
waghanza Jun 28, 2026
9c7a003
Improve Elixir based frameworks implementations with production-grade…
waghanza Jun 28, 2026
08524e9
Improve F# based frameworks implementations with production-grade bes…
waghanza Jun 28, 2026
1414afd
Improve Gleam based frameworks implementations with production-grade …
waghanza Jun 28, 2026
9e39e31
Improve Go based frameworks implementations with production-grade bes…
waghanza Jun 28, 2026
701e1e0
Continue improving Go frameworks with production-grade best practices…
waghanza Jun 28, 2026
23c2f6d
Continue improving Go frameworks with production-grade best practices…
waghanza Jun 28, 2026
fc5dc6e
Continue improving Go frameworks with production-grade best practices…
waghanza Jun 28, 2026
5d778ed
Continue improving Go frameworks with production-grade best practices…
waghanza Jun 28, 2026
baff070
Continue improving Go frameworks with production-grade best practices…
waghanza Jun 28, 2026
dc14206
Continue improving Go frameworks with production-grade best practices…
waghanza Jun 28, 2026
7c674b1
Improve Guile based frameworks implementations with production-grade …
waghanza Jun 28, 2026
d93b7d7
Improve Haskell based frameworks implementations with production-grad…
waghanza Jun 28, 2026
d7dfdc7
Improve Kotlin based frameworks implementations with production-grade…
waghanza Jun 28, 2026
7c56a44
Improve Lua and Luau based frameworks implementations with production…
waghanza Jun 28, 2026
2a02884
Improve LuaU based frameworks implementations with production-grade b…
waghanza Jun 28, 2026
72def13
Improve Nim based frameworks implementations with production-grade be…
waghanza Jun 28, 2026
824e9c2
Improve OCaml based frameworks implementations with production-grade …
waghanza Jun 28, 2026
27793d6
Improve Perl based frameworks implementations with production-grade b…
waghanza Jun 28, 2026
af49f4a
Improve PHP based frameworks implementations with production-grade be…
waghanza Jun 28, 2026
7d089ea
update implementations
waghanza Jun 28, 2026
073dcf0
Optimize all Dockerfiles for production use
waghanza Jul 2, 2026
eaa9373
Update all Dockerfiles for production with /health endpoint and best …
waghanza Jul 2, 2026
319a5da
update impl
waghanza Jul 2, 2026
497af34
Merge remote-tracking branch 'origin/develop' into chore/vibe_with_mi…
waghanza Jul 2, 2026
4b3a259
update
waghanza Jul 2, 2026
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
The table of contents is too big for display.
Diff view
Diff view
  •  
  •  
  •  
807 changes: 807 additions & 0 deletions REFACTORING_GUIDE.md

Large diffs are not rendered by default.

544 changes: 544 additions & 0 deletions REFACTORING_SUMMARY.md

Large diffs are not rendered by default.

25 changes: 21 additions & 4 deletions c/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -2,13 +2,17 @@ FROM debian:trixie-slim AS build

WORKDIR /usr/src/app

# Security best practices for Docker builds
ARG DEBIAN_FRONTEND=noninteractive
ARG DEBIAN_FRONTEND=noninteractive
RUN apt-get -qq update && \
apt-get -y install --no-install-recommends \
build-essential \
wget \
ca-certificates \
{{#build_deps}}{{{.}}} {{/build_deps}} && \
rm -rf /var/lib/apt/lists/*
rm -rf /var/lib/apt/lists/* && \
apt-get clean

{{#files}}
COPY '{{source}}' '{{target}}'
Expand All @@ -28,11 +32,15 @@ FROM debian:trixie-slim

WORKDIR /opt/web

# Security hardening for production runtime
ARG DEBIAN_FRONTEND=noninteractive
RUN apt-get -qq update && \
apt-get -qy install --no-install-recommends \
curl \
ca-certificates \
{{#bin_deps}}{{{.}}} {{/bin_deps}} && \
rm -rf /var/lib/apt/lists/*
rm -rf /var/lib/apt/lists/* && \
apt-get clean

{{#binaries}}
COPY --from=build /usr/src/app/{{.}} {{{.}}}
Expand All @@ -46,6 +54,15 @@ RUN apt-get -qq update && \
ENV {{{.}}}
{{/environment}}

HEALTHCHECK CMD curl --fail http://0.0.0.0:3000 || exit 1
# Security hardening for production containers
USER nobody:nobody

# Run as non-root user for security
RUN chown nobody:nobody /opt/web

# Production health check with /health endpoint
HEALTHCHECK --interval=30s --timeout=5s --start-period=5s --retries=3 \
CMD curl --fail --silent --max-time 5 http://0.0.0.0:3000/health || exit 1

ENTRYPOINT {{{command}}}
# Production entrypoint
ENTRYPOINT ["/opt/web/simple"]
24 changes: 24 additions & 0 deletions c/agoo-c/.gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
# Build artifacts
*.o
*.a
*.so
*.exe
simple

# Backup files
*~
.#*

# IDE files
.idea/
.vscode/
*.swp

# Debug and log files
*.debug
*.log
core

# Temporary files
tmp/
temp/
44 changes: 37 additions & 7 deletions c/agoo-c/Makefile
Original file line number Diff line number Diff line change
@@ -1,7 +1,21 @@
CC=cc
CV=$(shell if [ `uname` = "Darwin" ]; then echo "c11"; elif [ `uname` = "Linux" ]; then echo "gnu11"; fi;)
OS=$(shell echo `uname`)
CFLAGS=-c -Wall -O3 -std=$(CV) -pedantic -D$(OS)

# Production optimization flags
OPTFLAGS=-O3 -march=native -mtune=native
WARNFLAGS=-Wall -Wextra -Wpedantic -Wshadow -Wconversion -Werror
SECFLAGS=-D_FORTIFY_SOURCE=2 -fstack-protector-strong -fPIE
STDFLAGS=-std=$(CV)

# Disable debug symbols for production
DEBUGFLAGS=

# Position Independent Executable for ASLR
PIEFLAGS=-fPIE
LDPIEFLAGS=-pie

CFLAGS=-c $(OPTFLAGS) $(WARNFLAGS) $(SECFLAGS) $(STDFLAGS) $(DEBUGFLAGS) $(PIEFLAGS) -D$(OS)

SRC_DIR=.
LIB_DIRS=-Lagoo-c/lib
Expand All @@ -13,17 +27,33 @@ TARGET=simple

all: $(TARGET)

clean:
$(RM) *.o
$(RM) *~
$(RM) .#*
$(RM) $(TARGET)
# Linker flags for production
LDFLAGS=-s $(LDPIEFLAGS) # Strip debug symbols and enable PIE

$(TARGET): $(OBJS)
$(CC) -g -o $@ $(OBJS) $(LIB_DIRS) $(LIBS)
$(CC) $(LDFLAGS) -o $@ $(OBJS) $(LIB_DIRS) $(LIBS)

%.o : %.c
$(CC) -I. $(INC_DIRS) $(CFLAGS) -o $@ $<

# Development build with debug symbols and no PIE for faster builds
develop: CFLAGS=-c $(OPTFLAGS) $(WARNFLAGS) $(SECFLAGS) $(STDFLAGS) -g -D$(OS)
develop: LDFLAGS=
develop: $(TARGET)

# Production build (default)
production: $(TARGET)

# Run the server
test: $(TARGET)
$(TARGET)

# Clean all build artifacts
clean:
$(RM) *.o
$(RM) *~
$(RM) .#*
$(RM) $(TARGET)

# Clean and rebuild
rebuild: clean $(TARGET)
135 changes: 135 additions & 0 deletions c/agoo-c/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,135 @@
# Agoo C - Production-Grade Web Server

This is a production-optimized implementation of the Agoo C web framework with security best practices, disabled debug logging, and enhanced readability.

## Features

- **Security Hardened**: Disabled debug logging, added input validation, request size limits
- **Production Optimized**: Maximum performance with security flags, PIE/ASLR support
- **Readable Code**: Well-documented, consistent formatting, comprehensive error handling
- **Best Practices**: Security headers, proper resource cleanup, validated inputs

## Security Features

### Application-Level Security
- **Input Validation**: All user inputs are validated for length and format
- **Request Size Limits**: Maximum request size of 10MB to prevent DoS attacks
- **Error Handling**: Comprehensive error checking with proper error responses
- **Security Headers**: Standard security headers configured (when supported by framework)
- **Debug Disabled**: Debug logging disabled in production mode

### Build-Level Security
- **Stack Protection**: `-fstack-protector-strong` enabled
- **Fortify Source**: `-D_FORTIFY_SOURCE=2` for additional buffer overflow protection
- **Position Independent Executable**: ASLR support via PIE
- **Strip Debug Symbols**: Production builds have debug symbols removed

## Building

### Production Build (Recommended)
```bash
make production
```

This creates an optimized, stripped binary with all security features enabled.

### Development Build
```bash
make develop
```

This creates a debug build with symbols for debugging and development.

### Standard Build
```bash
make
```

Creates a production build (same as `make production`).

## Build Options

The Makefile includes the following optimization and security flags:

- **Optimization**: `-O3 -march=native -mtune=native`
- **Warnings**: `-Wall -Wextra -Wpedantic -Wshadow -Wconversion -Werror`
- **Security**: `-D_FORTIFY_SOURCE=2 -fstack-protector-strong -fPIE`
- **Linking**: `-pie -s` (Position Independent Executable + stripped symbols)

## Running

Start the server:
```bash
./simple
```

The server will listen on port 3000 by default.

## Endpoints

- `GET /` - Returns 200 OK
- `GET /user/*` - Returns the user ID from the URL path
- `POST /user` - Returns 200 OK

## Configuration

### Server Configuration
- **Port**: 3000 (configure in `main()` function)
- **IO Thread Ratio**: 1.0 (optimized for multi-core systems)
- **Poll Wait**: 0.01 seconds (10ms)
- **Eval Threads**: 1 (sufficient for most use cases)
- **Max Request Size**: 10MB (configurable via `MAX_REQUEST_SIZE`)

### Log Level
Production builds use `AGOO_LOG_ERROR` to only log errors. For development, you can change this to:
- `AGOO_LOG_DEBUG` - All debug messages
- `AGOO_LOG_INFO` - Informational messages
- `AGOO_LOG_WARN` - Warnings only
- `AGOO_LOG_ERROR` - Errors only (production default)

## Security Best Practices Implemented

1. **Input Validation**: All user inputs validated before processing
2. **Buffer Overflow Prevention**: Length checks on all string operations
3. **Resource Limits**: Maximum request size enforced
4. **Error Handling**: Proper error codes and cleanup
5. **Secure Defaults**: Debug disabled, minimal information disclosure
6. **Build Security**: Hardened compilation flags and options

## Development Workflow

1. **Debug Build**: Use `make develop` for debugging
2. **Production Build**: Use `make production` for deployment
3. **Testing**: Use `make test` to run the server
4. **Cleanup**: Use `make clean` to remove build artifacts
5. **Rebuild**: Use `make rebuild` for clean rebuild

## Docker Usage

Build and run in Docker:
```bash
docker build -t agoo-c-app .
docker run -p 3000:3000 agoo-c-app
```

The Dockerfile includes additional security hardening:
- Non-root user execution
- Clean package caches
- Health checks configured

## Performance Tuning

Adjust the following parameters based on your hardware:
- `agoo_io_loop_ratio`: Ratio of IO threads to processors (1.0 recommended)
- `agoo_poll_wait`: Poll wait time in seconds (0.01 = 10ms)
- `agoo_server.thread_cnt`: Number of evaluation threads
- `MAX_REQUEST_SIZE`: Maximum allowed request size

## Contributing

When making changes, please:
1. Maintain the existing code style and formatting
2. Add comprehensive comments for complex logic
3. Include input validation for all user inputs
4. Handle errors appropriately
5. Test both development and production builds
Loading
Loading