Support reloading ACLs with SIGHUP

Also continously listen for signals, not just once.

app.go

@@ -728,35 +728,48 @@ func (h *Headscale) Serve() error {
 		syscall.SIGHUP)
 	go func(c chan os.Signal) {
 		// Wait for a SIGINT or SIGKILL:
-		sig := <-c
+		for {
-		switch sig {
+			sig := <-c
-		case syscall.SIGHUP:
+			switch sig {
-			log.Info().
+			case syscall.SIGHUP:
-				Str("signal", sig.String()).
+				log.Info().
-				Msg("Received SIGHUP, reloading ACL and Config")
+					Str("signal", sig.String()).
+					Msg("Received SIGHUP, reloading ACL and Config")
 
-		// TODO(kradalby): Reload config on SIGHUP
+					// TODO(kradalby): Reload config on SIGHUP
 
-		default:
+				if h.cfg.ACL.PolicyPath != "" {
-			log.Info().
+					aclPath := AbsolutePathFromConfigPath(h.cfg.ACL.PolicyPath)
-				Str("signal", sig.String()).
+					err := h.LoadACLPolicy(aclPath)
-				Msg("Received signal to stop, shutting down gracefully")
+					if err != nil {
+						log.Error().Err(err).Msg("Failed to reload ACL policy")
+					}
+					log.Info().
+						Str("path", aclPath).
+						Msg("ACL policy successfully reloaded")
+				}
 
-			// Gracefully shut down servers
+			default:
-			promHTTPServer.Shutdown(ctx)
+				log.Info().
-			httpServer.Shutdown(ctx)
+					Str("signal", sig.String()).
-			grpcSocket.GracefulStop()
+					Msg("Received signal to stop, shutting down gracefully")
 
-			// Close network listeners
+				// Gracefully shut down servers
-			promHTTPListener.Close()
+				promHTTPServer.Shutdown(ctx)
-			httpListener.Close()
+				httpServer.Shutdown(ctx)
-			grpcGatewayConn.Close()
+				grpcSocket.GracefulStop()
 
-			// Stop listening (and unlink the socket if unix type):
+				// Close network listeners
-			socketListener.Close()
+				promHTTPListener.Close()
+				httpListener.Close()
+				grpcGatewayConn.Close()
 
-			// And we're done:
+				// Stop listening (and unlink the socket if unix type):
-			os.Exit(0)
+				socketListener.Close()
+
+				// And we're done:
+				os.Exit(0)
+			}
 		}
 	}(sigc)