diff --git a/cmd/main.go b/cmd/main.go index 394b469..30fbab1 100755 --- a/cmd/main.go +++ b/cmd/main.go @@ -132,12 +132,11 @@ func main() { } server.StartServer(server.Options{ - Name: "proxy", - CertProvider: autocert, - HTTPAddr: common.ProxyHTTPAddr, - HTTPSAddr: common.ProxyHTTPSAddr, - Handler: http.HandlerFunc(entrypoint.Handler), - RedirectToHTTPS: config.Value().Entrypoint.RedirectToHTTPS, + Name: "proxy", + CertProvider: autocert, + HTTPAddr: common.ProxyHTTPAddr, + HTTPSAddr: common.ProxyHTTPSAddr, + Handler: http.HandlerFunc(entrypoint.Handler), }) server.StartServer(server.Options{ Name: "api", diff --git a/compose.example.yml b/compose.example.yml index 2974382..3e96a63 100755 --- a/compose.example.yml +++ b/compose.example.yml @@ -12,13 +12,13 @@ services: labels: proxy.aliases: gp proxy.#1.port: 3000 - proxy.#1.middlewares.cidr_whitelist.status_code: 403 - proxy.#1.middlewares.cidr_whitelist.message: IP not allowed - proxy.#1.middlewares.cidr_whitelist.allow: | - - 127.0.0.1 - - 10.0.0.0/8 - - 192.168.0.0/16 - - 172.16.0.0/12 + # proxy.#1.middlewares.cidr_whitelist.status: 403 + # proxy.#1.middlewares.cidr_whitelist.message: IP not allowed + # proxy.#1.middlewares.cidr_whitelist.allow: | + # - 127.0.0.1 + # - 10.0.0.0/8 + # - 192.168.0.0/16 + # - 172.16.0.0/12 app: image: ghcr.io/yusing/go-proxy:latest container_name: godoxy diff --git a/config.example.yml b/config.example.yml index a9bd66b..a6e1ed1 100644 --- a/config.example.yml +++ b/config.example.yml @@ -21,10 +21,6 @@ # 3. other providers, check docs/dns_providers.md for more entrypoint: - # global setting redirect http requests to https (if https available, otherwise this will be ignored) - # proxy..middlewares.redirect_http will override this - # - redirect_to_https: false middlewares: - use: CIDRWhitelist allow: @@ -33,6 +29,7 @@ entrypoint: - "192.168.0.0/16" status: 403 message: "Forbidden" + - use: RedirectHTTP providers: # include files are standalone yaml files under `config/` directory diff --git a/internal/config/types/config.go b/internal/config/types/config.go index 3c59e53..f619a10 100644 --- a/internal/config/types/config.go +++ b/internal/config/types/config.go @@ -15,8 +15,7 @@ type ( Notification []NotificationConfig `json:"notification" yaml:"notification"` } Entrypoint struct { - RedirectToHTTPS bool `json:"redirect_to_https" yaml:"redirect_to_https"` - Middlewares []map[string]any + Middlewares []map[string]any `json:"middlewares" yaml:"middlewares"` } NotificationConfig map[string]any ) @@ -27,8 +26,5 @@ func DefaultConfig() *Config { Homepage: HomepageConfig{ UseDefaultCategories: true, }, - Entrypoint: Entrypoint{ - RedirectToHTTPS: false, - }, } } diff --git a/internal/net/http/middleware/cidr_whitelist.go b/internal/net/http/middleware/cidr_whitelist.go index 32172a6..8945030 100644 --- a/internal/net/http/middleware/cidr_whitelist.go +++ b/internal/net/http/middleware/cidr_whitelist.go @@ -17,7 +17,7 @@ type cidrWhitelist struct { type cidrWhitelistOpts struct { Allow []*types.CIDR `validate:"min=1"` - StatusCode int `json:"status" validate:"omitempty,gte=400,lte=599"` + StatusCode int `json:"status_code" aliases:"status" validate:"omitempty,gte=400,lte=599"` Message string } diff --git a/internal/net/http/server/server.go b/internal/net/http/server/server.go index 650d99e..2597c46 100644 --- a/internal/net/http/server/server.go +++ b/internal/net/http/server/server.go @@ -6,7 +6,6 @@ import ( "errors" "io" "log" - "net" "net/http" "time" @@ -31,12 +30,11 @@ type Server struct { } type Options struct { - Name string - HTTPAddr string - HTTPSAddr string - CertProvider *autocert.Provider - RedirectToHTTPS bool - Handler http.Handler + Name string + HTTPAddr string + HTTPSAddr string + CertProvider *autocert.Provider + Handler http.Handler } func StartServer(opt Options) (s *Server) { @@ -47,7 +45,6 @@ func StartServer(opt Options) (s *Server) { func NewServer(opt Options) (s *Server) { var httpSer, httpsSer *http.Server - var httpHandler http.Handler logger := logging.With().Str("module", "server").Str("name", opt.Name).Logger() @@ -57,20 +54,10 @@ func NewServer(opt Options) (s *Server) { certAvailable = err == nil } - if certAvailable && opt.RedirectToHTTPS && opt.HTTPSAddr != "" { - _, port, err := net.SplitHostPort(opt.HTTPSAddr) - if err != nil { - panic(err) - } - httpHandler = redirectToTLSHandler(port) - } else { - httpHandler = opt.Handler - } - if opt.HTTPAddr != "" { httpSer = &http.Server{ Addr: opt.HTTPAddr, - Handler: httpHandler, + Handler: opt.Handler, ErrorLog: log.New(io.Discard, "", 0), // most are tls related } } @@ -152,18 +139,3 @@ func (s *Server) handleErr(scheme string, err error) { s.l.Fatal().Err(err).Str("scheme", scheme).Msg("server error") } } - -func redirectToTLSHandler(port string) http.HandlerFunc { - return func(w http.ResponseWriter, r *http.Request) { - r.URL.Scheme = "https" - r.URL.Host = r.URL.Hostname() + ":" + port - - var redirectCode int - if r.Method == http.MethodGet { - redirectCode = http.StatusMovedPermanently - } else { - redirectCode = http.StatusPermanentRedirect - } - http.Redirect(w, r, r.URL.String(), redirectCode) - } -} diff --git a/internal/utils/serialization.go b/internal/utils/serialization.go index 1312957..74b031e 100644 --- a/internal/utils/serialization.go +++ b/internal/utils/serialization.go @@ -193,10 +193,19 @@ func Deserialize(src SerializedObject, dst any) E.Error { key = strutils.ToLowerNoSnake(key) mapping[key] = dstV.FieldByName(field.Name) fieldName[field.Name] = key + _, ok := field.Tag.Lookup("validate") if ok { needValidate = true } + + aliases, ok := field.Tag.Lookup("aliases") + if ok { + for _, alias := range strings.Split(aliases, ",") { + mapping[alias] = dstV.FieldByName(field.Name) + fieldName[field.Name] = alias + } + } } for k, v := range src { if field, ok := mapping[strutils.ToLowerNoSnake(k)]; ok { diff --git a/schema/config.schema.json b/schema/config.schema.json index 9364dff..4ffebb4 100644 --- a/schema/config.schema.json +++ b/schema/config.schema.json @@ -430,10 +430,6 @@ "type": "object", "additionalProperties": false, "properties": { - "redirect_to_https": { - "title": "Redirect to HTTPS on HTTP requests", - "type": "boolean" - }, "middlewares": { "title": "Entrypoint middlewares", "type": "array",