All predicatesShow -- Run SWI-Prolog HTTP server as a Unix system daemon

This module provides the logic that is needed to integrate a process into the Unix service (daemon) architecture. It deals with the following aspects, all of which may be used/ignored and configured using commandline options:

The typical use scenario is to write a file that loads the following components:

  1. The application code, including http handlers (see http_handler/3).
  2. This library

In the code below, ?- [load]. loads the remainder of the webserver code. This is often a sequence of use_module/1 directives.

:- use_module(library(http/http_unix_daemon)).

:- [load].

The program entry point is http_daemon/0, declared using initialization/2. This may be overruled using a new declaration after loading this library. The new entry point will typically call http_daemon/1 to start the server in a preconfigured way.

:- use_module(library(http/http_unix_daemon)).
:- initialization(run, main).

run :-

Now, the server may be started using the command below. See http_daemon/0 for supported options.

% [sudo] swipl [option ...]

Below are some examples. Our first example is completely silent, running on port 80 as user www.

% swipl --user=www --pidfile=/var/run/

Our second example logs HTTP interaction with the syslog daemon for debugging purposes. Note that the argument to --debug= is a Prolog term and must often be escaped to avoid misinterpretation by the Unix shell. The debug option can be repeated to log multiple debug topics.

% swipl --user=www --pidfile=/var/run/ \
        --debug='http(request)' --syslog=http

Broadcasting The library uses broadcast/1 to allow hooking certain events:

Run after fork, just before starting the HTTP server. Can be used to load additional files or perform additional initialisation, such as starting additional threads. Recall that it is not possible to start threads before forking.
Run after starting the HTTP server.
See also
- The file <swi-home>/doc/packages/examples/http/linux-init-script provides a /etc/init.d script for controlling a server as a normal Unix service.
To be done
- Cleanup issues wrt. loading and initialization of xpce.
Source http_daemon
Start the HTTP server as a daemon process. This predicate processes the commandline arguments below. Commandline arguments that specify servers are processed in the order they appear using the following schema:
  1. Arguments that act as default for all servers.
  2. --http=Spec or --https=Spec is followed by arguments for that server until the next --http=Spec or --https=Spec or the end of the options.
  3. If no --http=Spec or --https=Spec appears, one HTTP server is created from the specified parameters.


    --workers=10 --http --https
    --http=8080 --https=8443
    --http=localhost:8080 --workers=1 --https=8443 --workers=25
Start HTTP server at Port. It requires root permission and the option --user=User to open ports below 1000. The default port is 80. If --https is used, the default port is 443.
Only listen to the given IP address. Typically used as --ip=localhost to restrict access to connections from localhost if the server itself is behind an (Apache) proxy server running on the same host.
Enable debugging Topic. See debug/3.
Write debug messages to the syslog daemon using Ident
When started as root to open a port below 1000, this option must be provided to switch to the target user for operating the server. The following actions are performed as root, i.e., before switching to User:
  • open the socket(s)
  • write the pidfile
  • setup syslog interaction
  • Read the certificate, key and password file (--pwfile=File)
May be used in addition to --user. If omitted, the login group of the target user is used.
Write the PID of the daemon process to File.
Send output of the process to File. By default, all Prolog console output is discarded.
If given as --no-fork or --fork=false, the process runs in the foreground.
Create a plain HTTP server. If the argument is missing or true, create at the specified or default address. Else use the given port and interface. Thus, --http creates a server at port 80, --http=8080 creates one at port 8080 and --http=localhost:8080 creates one at port 8080 that is only accessible from localhost.
As --http, but creates an HTTPS server. Use --certfile, --keyfile, -pwfile, --password and --cipherlist to configure SSL for this server.
The server certificate for HTTPS.
The server private key for HTTPS.
File holding the password for accessing the private key. This is preferred over using --password=PW as it allows using file protection to avoid leaking the password. The file is read before the server drops privileges when started with the --user option.
The password for accessing the private key. See also `--pwfile`.
One or more cipher strings separated by colons. See the OpenSSL documentation for more information. Starting with SWI-Prolog 7.5.11, the default value is always a set of ciphers that was considered secure enough to prevent all critical attacks at the time of the SWI-Prolog release.
If true (default false) implies --no-fork and presents the Prolog toplevel after starting the server.
Use the debugger to trace http_daemon/1.
Action to perform on kill -HUP <pid>. Default is reload (running make/0). Alternative is quit, stopping the server.

Other options are converted by argv_options/3 and passed to http_server/1. For example, this allows for:

Set the number of workers for the multi-threaded server.

http_daemon/0 is defined as below. The start code for a specific server can use this as a starting point, for example for specifying defaults.

http_daemon :-
    current_prolog_flag(argv, Argv),
    argv_options(Argv, _RestArgv, Options),
See also
- http_daemon/1
Source http_daemon(+Options)
Start the HTTP server as a daemon process. This predicate processes a Prolog option list. It is normally called from http_daemon/0, which derives the option list from the command line arguments.

Error handling depends on whether or not interactive(true) is in effect. If so, the error is printed before entering the toplevel. In non-interactive mode this predicate calls halt(1).

Source http_daemon_guarded(+Options)[private]
Helper that is started from http_daemon/1. See http_daemon/1 for options that are processed.
Source option_servers(+Options, -Sockets:list)[private]
Find all sockets that must be created according to Options. Each socket is a term server(Scheme, Address, Opts), where Address is either a plain port (integer) or Host:Port. The latter binds the port to the interface belonging to Host. For example: socket(http, localhost:8080, Opts) creates an HTTP socket that binds to the localhost interface on port 80. Opts are the options specific for the given server.
Source http_certificate_hook(+CertFile, +KeyFile, -Password) is semidet[multifile]
Hook called before starting the server if the --https option is used. This hook may be used to create or refresh the certificate. If the hook binds Password to a string, this string will be used to decrypt the server private key as if the --password=Password option was given.
Source start_server(+Server) is det[private]
Start the HTTP server. It performs the following steps:
  1. Call broadcast(http(pre_server_start))
  2. Call http_server(http_dispatch, Options)
  3. Call broadcast(http(post_server_start))

This predicate can be hooked using http_server_hook/1. This predicate is executed after

  • Forking
  • Setting I/O (e.g., to talk to the syslog daemon)
  • Dropping root privileges (--user)
  • Setting up signal handling
Source disable_development_system[private]
Disable some development stuff.
Source enable_development_system[private]
Re-enable the development environment. Currently re-enables xpce if this was loaded, but not initialised and causes the interactive toplevel to be re-enabled.
Source setup_syslog(+Options) is det[private]
Setup syslog interaction.
Source setup_output(+Options) is det[private]
Setup output from the daemon process. The default is to send all output to a null-stream (see open_null_stream/1). With the option output(File), all output is written to File.
Source write_pid(+Options) is det[private]
If the option pidfile(File) is present, write the PID of the daemon to this file.
Source switch_user(+Options) is det[private]
Switch to the target user and group. If the server is started as root, this option must be present.
Source can_switch_user(Options) is det[private]
Verify the user options before forking, so we can print the message in time.
Source server_redirect(+To, +Request)[private]
Redirect al requests for this server to the specified server. To is one of:
A port (integer)
Redirect to the server running on that port in the same Prolog process.
Results from just passing --redirect. Redirects to an HTTPS server in the same Prolog process.
Redirect to the the given URL + the request uri. This can be used if the server cannot find its public address. For example:
--http --redirect= --https
Source setup_debug(+Options) is det[private]
Initialse debug/3 topics. The --debug option may be used multiple times.
Source kill_x11(+Options) is det[private]
Get rid of X11 access if interactive is false.
Source setup_signals(+Options)[private]
Prepare the server for signal handling. By default SIGINT and SIGTERM terminate the server. SIGHUP causes the server to run make/0.
Source wait(+Options)[private]
This predicate runs in the main thread, waiting for messages send by signal handlers to control the server. In addition, it broadcasts maintenance(Interval, Deadline) messages every Interval seconds. These messages may be trapped using listen/2 for performing scheduled maintenance such as rotating log files, cleaning stale data, etc.
Source http_server_hook(+Options) is semidet[multifile]
Hook that is called to start the HTTP server. This hook must be compatible to http_server(Handler, Options). The default is provided by start_server/1.
 http:sni_options(-HostName, -SSLOptions) is multi[multifile]
Hook to provide Server Name Indication (SNI) for TLS servers. When starting an HTTPS server, all solutions of this predicate are collected and a suitable sni_hook/1 is defined for ssl_context/3 to use different contexts depending on the host name of the client request. This hook is executed before privileges are dropped.