Pull request 2624: AGDNS-3869-rm-the-old-logger-from-some-entities

Squashed commit of the following:

commit dc9d1f9
Author: Maksim Kazantsev <m.kazantsev@adguard.com>
Date:   Fri Apr 10 12:39:28 2026 +0300

    home: upd var name;

commit ef34751
Merge: 1a2cfce 397ed06
Author: Ainar Garipov <a.garipov@adguard.com>
Date:   Fri Apr 10 12:26:58 2026 +0300

    Merge branch 'master' into AGDNS-3869-rm-the-old-logger-from-some-entities

commit 1a2cfce
Author: Maksim Kazantsev <m.kazantsev@adguard.com>
Date:   Thu Apr 9 16:47:50 2026 +0300

    home: imp docs; minor fix;

commit f5abd19
Author: Maksim Kazantsev <m.kazantsev@adguard.com>
Date:   Thu Apr 9 16:17:07 2026 +0300

    home: imp docs;

commit 6e1cf72
Author: Maksim Kazantsev <m.kazantsev@adguard.com>
Date:   Thu Apr 9 16:09:30 2026 +0300

    home: imp log;

commit 98c6fa0
Author: Maksim Kazantsev <m.kazantsev@adguard.com>
Date:   Wed Apr 8 15:08:43 2026 +0300

    ossvc: actialize docs;

commit dad5875
Author: Maksim Kazantsev <m.kazantsev@adguard.com>
Date:   Wed Apr 8 14:52:27 2026 +0300

    home: imp code; add docs, contracts;

commit 334a75e
Author: Maksim Kazantsev <m.kazantsev@adguard.com>
Date:   Wed Apr 8 13:36:04 2026 +0300

    home: rm old logger;

Author: makazantsev

internal/home/authhttp.go

@@ -18,7 +18,6 @@ import (
 	"github.com/AdguardTeam/AdGuardHome/internal/aghuser"
 	"github.com/AdguardTeam/golibs/errors"
 	"github.com/AdguardTeam/golibs/httphdr"
-	"github.com/AdguardTeam/golibs/log"
 	"github.com/AdguardTeam/golibs/logutil/slogutil"
 	"github.com/AdguardTeam/golibs/netutil"
 	"github.com/AdguardTeam/golibs/netutil/httputil"
@@ -82,18 +81,27 @@ func realIP(r *http.Request) (ip netip.Addr, err error) {
 }
 
 // writeErrorWithIP is like [aghhttp.Error], but includes the remote IP address
-// when it writes to the log.
-func writeErrorWithIP(
+// when it writes to the log.  r, w and err must not be nil.
+func (web *webAPI) writeErrorWithIP(
+	ctx context.Context,
+	err error,
 	r *http.Request,
 	w http.ResponseWriter,
 	code int,
 	remoteIP string,
-	format string,
-	args ...any,
 ) {
-	text := fmt.Sprintf(format, args...)
-	log.Error("%s %s %s: from ip %s: %s", r.Method, r.Host, r.URL, remoteIP, text)
-	http.Error(w, text, code)
+	web.logger.ErrorContext(
+		ctx,
+		"http error",
+		"host", r.Host,
+		"method", r.Method,
+		"url", r.URL,
+		"status", code,
+		"ip", remoteIP,
+		slogutil.KeyError, err,
+	)
+
+	http.Error(w, err.Error(), code)
 }
 
 // handleLogin is the handler for the POST /control/login HTTP API.
@@ -114,13 +122,13 @@ func (web *webAPI) handleLogin(w http.ResponseWriter, r *http.Request) {
 	//
 	// See https://github.com/AdguardTeam/AdGuardHome/issues/2799.
 	if remoteIPStr, err = netutil.SplitHost(r.RemoteAddr); err != nil {
-		writeErrorWithIP(
+		web.writeErrorWithIP(
+			ctx,
+			fmt.Errorf("auth: getting remote address: %w", err),
 			r,
 			w,
 			http.StatusBadRequest,
 			r.RemoteAddr,
-			"auth: getting remote address: %s",
-			err,
 		)
 
 		return
@@ -129,13 +137,13 @@ func (web *webAPI) handleLogin(w http.ResponseWriter, r *http.Request) {
 	if rateLimiter := web.auth.rateLimiter; rateLimiter != nil {
 		if left := rateLimiter.check(remoteIPStr); left > 0 {
 			w.Header().Set(httphdr.RetryAfter, strconv.Itoa(int(left.Seconds())))
-			writeErrorWithIP(
+			web.writeErrorWithIP(
+				ctx,
+				fmt.Errorf("auth: blocked for %s", left),
 				r,
 				w,
 				http.StatusTooManyRequests,
 				remoteIPStr,
-				"auth: blocked for %s",
-				left,
 			)
 
 			return
@@ -154,13 +162,13 @@ func (web *webAPI) handleLogin(w http.ResponseWriter, r *http.Request) {
 
 	remoteIP, err := netip.ParseAddr(remoteIPStr)
 	if err != nil {
-		writeErrorWithIP(
+		web.writeErrorWithIP(
+			ctx,
+			fmt.Errorf("auth: parsing remote address: %w", err),
 			r,
 			w,
 			http.StatusInternalServerError,
 			r.RemoteAddr,
-			"auth: parsing remote address: %s",
-			err,
 		)
 
 		return
@@ -173,7 +181,7 @@ func (web *webAPI) handleLogin(w http.ResponseWriter, r *http.Request) {
 
 	cookie, err := newCookie(ctx, web.auth, req, remoteIPStr)
 	if err != nil {
-		writeErrorWithIP(r, w, http.StatusForbidden, logIP, "%s", err)
+		web.writeErrorWithIP(ctx, err, r, w, http.StatusForbidden, logIP)
 
 		return
 	}

internal/home/control.go

@@ -199,14 +199,18 @@ func (web *webAPI) registerControlHandlers() {
 	web.httpReg.Register(http.MethodGet, "/control/profile", web.handleGetProfile)
 	web.httpReg.Register(http.MethodPut, "/control/profile/update", web.handlePutProfile)
 
+	mobileConfHandler := newMobileConfigHandler(&mobileConfigHandlerConfig{
+		logger: web.baseLogger,
+	})
+
 	// No authentication is required for DoH/DoT configuration endpoints.
 	mux.Handle(
 		"/apple/doh.mobileconfig",
-		web.postInstallHandler(http.HandlerFunc(handleMobileConfigDoH)),
+		web.postInstallHandler(http.HandlerFunc(mobileConfHandler.handleMobileConfigDoH)),
 	)
 	mux.Handle(
 		"/apple/dot.mobileconfig",
-		web.postInstallHandler(http.HandlerFunc(handleMobileConfigDoT)),
+		web.postInstallHandler(http.HandlerFunc(mobileConfHandler.handleMobileConfigDoT)),
 	)
 
 	web.registerAuthHandlers()

internal/home/home.go

@@ -204,51 +204,52 @@ func setupContext(
 // logIfUnsupported logs a formatted warning if the error is one of the
 // unsupported errors and returns nil.  If err is nil, logIfUnsupported returns
 // nil.  Otherwise, it returns err.
-func logIfUnsupported(msg string, err error) (outErr error) {
+func logIfUnsupported(ctx context.Context, l *slog.Logger, msg string, err error) (outErr error) {
 	if errors.Is(err, errors.ErrUnsupported) {
-		log.Debug(msg, err)
+		l.DebugContext(ctx, msg, slogutil.KeyError, err)
 
 		return nil
 	}
 
 	return err
 }
 
-// configureOS sets the OS-related configuration.
-func configureOS(conf *configuration) (err error) {
+// configureOS sets the OS-related configuration.  l and conf must not be nil.
+// conf must be valid.
+func configureOS(ctx context.Context, l *slog.Logger, conf *configuration) (err error) {
 	osConf := conf.OSConfig
 	if osConf == nil {
 		return nil
 	}
 
 	if osConf.Group != "" {
 		err = aghos.SetGroup(osConf.Group)
-		err = logIfUnsupported("warning: setting group", err)
+		err = logIfUnsupported(ctx, l, "warning: setting group", err)
 		if err != nil {
 			return fmt.Errorf("setting group: %w", err)
 		}
 
-		log.Info("group set to %s", osConf.Group)
+		l.InfoContext(ctx, "group set", "groupname", osConf.Group)
 	}
 
 	if osConf.User != "" {
 		err = aghos.SetUser(osConf.User)
-		err = logIfUnsupported("warning: setting user", err)
+		err = logIfUnsupported(ctx, l, "warning: setting user", err)
 		if err != nil {
 			return fmt.Errorf("setting user: %w", err)
 		}
 
-		log.Info("user set to %s", osConf.User)
+		l.InfoContext(ctx, "user set", "username", osConf.User)
 	}
 
 	if osConf.RlimitNoFile != 0 {
 		err = aghos.SetRlimit(osConf.RlimitNoFile)
-		err = logIfUnsupported("warning: setting rlimit", err)
+		err = logIfUnsupported(ctx, l, "warning: setting rlimit", err)
 		if err != nil {
 			return fmt.Errorf("setting rlimit: %w", err)
 		}
 
-		log.Info("rlimit_nofile set to %d", osConf.RlimitNoFile)
+		l.InfoContext(ctx, "rlimit_nofile set", "rlimit_nofile", osConf.RlimitNoFile)
 	}
 
 	return nil
@@ -754,7 +755,7 @@ func run(
 	err := setupContext(ctx, baseLogger, opts, workDir, confPath, isFirstRun)
 	fatalOnError(err)
 
-	err = configureOS(config)
+	err = configureOS(ctx, baseLogger, config)
 	fatalOnError(err)
 
 	// Clients package uses filtering package's static data
@@ -1254,19 +1255,24 @@ func loadCmdLineOpts() (opts options) {
 }
 
 // printWebAddrs prints addresses built from proto, addr, and an appropriate
-// port.  At least one address is printed with the value of port.  Output
-// example:
+// port.  At least one address is printed with the value of port.  l must not be
+// nil.  Output example:
 //
-//	go to http://127.0.0.1:80
-func printWebAddrs(proto, addr string, port uint16) {
-	log.Printf("go to %s://%s", proto, netutil.JoinHostPort(addr, port))
+//	2026/04/08 14:01:43.794575 56031#1 [info] serving url=http://127.0.0.1:3000
+func printWebAddrs(ctx context.Context, l *slog.Logger, proto, addr string, port uint16) {
+	u := &url.URL{
+		Scheme: proto,
+		Host:   netutil.JoinHostPort(addr, port),
+	}
+
+	l.InfoContext(ctx, "serving", "url", u.String())
 }
 
 // printHTTPAddresses prints the IP addresses which user can use to access the
 // admin interface.  proto is either schemeHTTP or schemeHTTPS.
 //
 // TODO(s.chzhen):  Implement separate functions for HTTP and HTTPS.
-func printHTTPAddresses(proto string, tlsMgr *tlsManager) {
+func printHTTPAddresses(ctx context.Context, l *slog.Logger, proto string, tlsMgr *tlsManager) {
 	var tlsConf *tlsConfigSettings
 	if tlsMgr != nil {
 		tlsConf = tlsMgr.config()
@@ -1278,32 +1284,32 @@ func printHTTPAddresses(proto string, tlsMgr *tlsManager) {
 	}
 
 	if proto == urlutil.SchemeHTTPS && tlsConf.ServerName != "" {
-		printWebAddrs(proto, tlsConf.ServerName, tlsConf.PortHTTPS)
+		printWebAddrs(ctx, l, proto, tlsConf.ServerName, tlsConf.PortHTTPS)
 
 		return
 	}
 
 	bindHost := config.HTTPConfig.Address.Addr()
 	if !bindHost.IsUnspecified() {
-		printWebAddrs(proto, bindHost.String(), port)
+		printWebAddrs(ctx, l, proto, bindHost.String(), port)
 
 		return
 	}
 
 	ifaces, err := aghnet.GetValidNetInterfacesForWeb()
 	if err != nil {
-		log.Error("web: getting iface ips: %s", err)
+		l.ErrorContext(ctx, "web: getting iface ips", slogutil.KeyError, err)
 		// That's weird, but we'll ignore it.
 		//
 		// TODO(e.burkov): Find out when it happens.
-		printWebAddrs(proto, bindHost.String(), port)
+		printWebAddrs(ctx, l, proto, bindHost.String(), port)
 
 		return
 	}
 
 	for _, iface := range ifaces {
 		for _, addr := range iface.Addresses {
-			printWebAddrs(proto, addr.String(), port)
+			printWebAddrs(ctx, l, proto, addr.String(), port)
 		}
 	}
 }

internal/home/mobileconfig.go

@@ -1,8 +1,10 @@
 package home
 
 import (
+	"context"
 	"encoding/json"
 	"fmt"
+	"log/slog"
 	"net"
 	"net/http"
 	"net/url"
@@ -12,7 +14,7 @@ import (
 	"github.com/AdguardTeam/AdGuardHome/internal/client"
 	"github.com/AdguardTeam/golibs/errors"
 	"github.com/AdguardTeam/golibs/httphdr"
-	"github.com/AdguardTeam/golibs/log"
+	"github.com/AdguardTeam/golibs/logutil/slogutil"
 	"github.com/AdguardTeam/golibs/netutil/urlutil"
 	"github.com/google/uuid"
 	"howett.net/plist"
@@ -90,6 +92,27 @@ const (
 	dnsProtoTLS   = "TLS"
 )
 
+// mobileConfigHandlerConfig is the configuration structure for
+// [newMobileConfigHandler].
+type mobileConfigHandlerConfig struct {
+	// logger is used for logging the operations of mobile config handler.  It
+	// must not be nil.
+	logger *slog.Logger
+}
+
+// mobileConfigHandler handles mobile-config related operations.
+type mobileConfigHandler struct {
+	logger *slog.Logger
+}
+
+// newMobileConfigHandler creates a new instance of [*mobileConfigHandler].  c
+// must not be nil and must be valid.
+func newMobileConfigHandler(c *mobileConfigHandlerConfig) *mobileConfigHandler {
+	return &mobileConfigHandler{
+		logger: c.logger.With(slogutil.KeyPrefix, "mobile_handler"),
+	}
+}
+
 func encodeMobileConfig(d *dnsSettings, clientID string) ([]byte, error) {
 	var dspName string
 	switch proto := d.DNSProtocol; proto {
@@ -142,25 +165,36 @@ func encodeMobileConfig(d *dnsSettings, clientID string) ([]byte, error) {
 	return plist.MarshalIndent(data, plist.XMLFormat, "\t")
 }
 
-func respondJSONError(w http.ResponseWriter, status int, msg string) {
+// respondJSONError writes an internal server error to the header and responds
+// to the client with an error.  l and w must not be nil.
+func respondJSONError(
+	ctx context.Context,
+	l *slog.Logger,
+	w http.ResponseWriter,
+	status int,
+	msg string,
+) {
 	w.WriteHeader(http.StatusInternalServerError)
 	err := json.NewEncoder(w).Encode(&jsonError{
 		Message: msg,
 	})
 	if err != nil {
-		log.Debug("writing %d json response: %s", status, err)
+		l.DebugContext(ctx, "writing json response", "status", status, slogutil.KeyError, err)
 	}
 }
 
+// errEmptyHost error indicates that the host and server names are missing from
+// the query parameters.
 const errEmptyHost errors.Error = "no host in query parameters and no server_name"
 
-func handleMobileConfig(w http.ResponseWriter, r *http.Request, dnsp string) {
+func (m *mobileConfigHandler) handleMobileConfig(w http.ResponseWriter, r *http.Request, dnsp string) {
 	var err error
 
+	ctx := r.Context()
 	q := r.URL.Query()
 	host := q.Get("host")
 	if host == "" {
-		respondJSONError(w, http.StatusInternalServerError, string(errEmptyHost))
+		respondJSONError(ctx, m.logger, w, http.StatusInternalServerError, string(errEmptyHost))
 
 		return
 	}
@@ -169,7 +203,7 @@ func handleMobileConfig(w http.ResponseWriter, r *http.Request, dnsp string) {
 	if clientID != "" {
 		err = client.ValidateClientID(clientID)
 		if err != nil {
-			respondJSONError(w, http.StatusBadRequest, err.Error())
+			respondJSONError(ctx, m.logger, w, http.StatusBadRequest, err.Error())
 
 			return
 		}
@@ -182,7 +216,7 @@ func handleMobileConfig(w http.ResponseWriter, r *http.Request, dnsp string) {
 
 	mobileconfig, err := encodeMobileConfig(d, clientID)
 	if err != nil {
-		respondJSONError(w, http.StatusInternalServerError, err.Error())
+		respondJSONError(ctx, m.logger, w, http.StatusInternalServerError, err.Error())
 
 		return
 	}
@@ -204,10 +238,12 @@ func handleMobileConfig(w http.ResponseWriter, r *http.Request, dnsp string) {
 	_, _ = w.Write(mobileconfig)
 }
 
-func handleMobileConfigDoH(w http.ResponseWriter, r *http.Request) {
-	handleMobileConfig(w, r, dnsProtoHTTPS)
+// handleMobileConfigDoH handles getting DNS-over-HTTPS .mobileconfig.
+func (m *mobileConfigHandler) handleMobileConfigDoH(w http.ResponseWriter, r *http.Request) {
+	m.handleMobileConfig(w, r, dnsProtoHTTPS)
 }
 
-func handleMobileConfigDoT(w http.ResponseWriter, r *http.Request) {
-	handleMobileConfig(w, r, dnsProtoTLS)
+// handleMobileConfigDoT handles getting DNS-over-TLS .mobileconfig.
+func (m *mobileConfigHandler) handleMobileConfigDoT(w http.ResponseWriter, r *http.Request) {
+	m.handleMobileConfig(w, r, dnsProtoTLS)
 }