TyleoDvDelaware3217/GoDoxy
1
0
Fork 0
mirror of https://github.com/yusing/godoxy.git synced 2025-05-20 04:42:33 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

repalce redirect_to_https with entrypoint middleware

Browse source
This commit is contained in:
yusing 2024-11-30 08:50:23 +08:00
parent 796a4a693a
commit f8bdc7044c
8 changed files with 30 additions and 61 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
cmd/main.go
View file

@ -132,12 +132,11 @@ func main() {
} }
server.StartServer(server.Options{ server.StartServer(server.Options{
Name: "proxy", Name: "proxy",
CertProvider: autocert, CertProvider: autocert,
HTTPAddr: common.ProxyHTTPAddr, HTTPAddr: common.ProxyHTTPAddr,
HTTPSAddr: common.ProxyHTTPSAddr, HTTPSAddr: common.ProxyHTTPSAddr,
Handler: http.HandlerFunc(entrypoint.Handler), Handler: http.HandlerFunc(entrypoint.Handler),
RedirectToHTTPS: config.Value().Entrypoint.RedirectToHTTPS,
}) })
server.StartServer(server.Options{ server.StartServer(server.Options{
Name: "api", Name: "api",

14
compose.example.yml
View file

@ -12,13 +12,13 @@ services:
labels: labels:
proxy.aliases: gp proxy.aliases: gp
proxy.#1.port: 3000 proxy.#1.port: 3000
proxy.#1.middlewares.cidr_whitelist.status_code: 403 # proxy.#1.middlewares.cidr_whitelist.status: 403
proxy.#1.middlewares.cidr_whitelist.message: IP not allowed # proxy.#1.middlewares.cidr_whitelist.message: IP not allowed
proxy.#1.middlewares.cidr_whitelist.allow: | # proxy.#1.middlewares.cidr_whitelist.allow: |
- 127.0.0.1 # - 127.0.0.1
- 10.0.0.0/8 # - 10.0.0.0/8
- 192.168.0.0/16 # - 192.168.0.0/16
- 172.16.0.0/12 # - 172.16.0.0/12
app: app:
image: ghcr.io/yusing/go-proxy:latest image: ghcr.io/yusing/go-proxy:latest
container_name: godoxy container_name: godoxy

5
config.example.yml
View file

@ -21,10 +21,6 @@
# 3. other providers, check docs/dns_providers.md for more # 3. other providers, check docs/dns_providers.md for more
entrypoint: entrypoint:
# global setting redirect http requests to https (if https available, otherwise this will be ignored)
# proxy.<alias>.middlewares.redirect_http will override this
#
redirect_to_https: false
middlewares: middlewares:
- use: CIDRWhitelist - use: CIDRWhitelist
allow: allow:
@ -33,6 +29,7 @@ entrypoint:
- "192.168.0.0/16" - "192.168.0.0/16"
status: 403 status: 403
message: "Forbidden" message: "Forbidden"
- use: RedirectHTTP
providers: providers:
# include files are standalone yaml files under `config/` directory # include files are standalone yaml files under `config/` directory

6
internal/config/types/config.go
View file

@ -15,8 +15,7 @@ type (
Notification []NotificationConfig `json:"notification" yaml:"notification"` Notification []NotificationConfig `json:"notification" yaml:"notification"`
} }
Entrypoint struct { Entrypoint struct {
RedirectToHTTPS bool `json:"redirect_to_https" yaml:"redirect_to_https"` Middlewares []map[string]any `json:"middlewares" yaml:"middlewares"`
Middlewares []map[string]any
} }
NotificationConfig map[string]any NotificationConfig map[string]any
) )
@ -27,8 +26,5 @@ func DefaultConfig() *Config {
Homepage: HomepageConfig{ Homepage: HomepageConfig{
UseDefaultCategories: true, UseDefaultCategories: true,
}, },
Entrypoint: Entrypoint{
RedirectToHTTPS: false,
},
} }
} }

2
internal/net/http/middleware/cidr_whitelist.go
View file

@ -17,7 +17,7 @@ type cidrWhitelist struct {
type cidrWhitelistOpts struct { type cidrWhitelistOpts struct {
Allow []*types.CIDR `validate:"min=1"` Allow []*types.CIDR `validate:"min=1"`
StatusCode int `json:"status" validate:"omitempty,gte=400,lte=599"` StatusCode int `json:"status_code" aliases:"status" validate:"omitempty,gte=400,lte=599"`
Message string Message string
} }

40
internal/net/http/server/server.go
View file

@ -6,7 +6,6 @@ import (
"errors" "errors"
"io" "io"
"log" "log"
"net"
"net/http" "net/http"
"time" "time"
@ -31,12 +30,11 @@ type Server struct {
} }
type Options struct { type Options struct {
Name string Name string
HTTPAddr string HTTPAddr string
HTTPSAddr string HTTPSAddr string
CertProvider *autocert.Provider CertProvider *autocert.Provider
RedirectToHTTPS bool Handler http.Handler
Handler http.Handler
} }
func StartServer(opt Options) (s *Server) { func StartServer(opt Options) (s *Server) {
@ -47,7 +45,6 @@ func StartServer(opt Options) (s *Server) {
func NewServer(opt Options) (s *Server) { func NewServer(opt Options) (s *Server) {
var httpSer, httpsSer *http.Server var httpSer, httpsSer *http.Server
var httpHandler http.Handler
logger := logging.With().Str("module", "server").Str("name", opt.Name).Logger() logger := logging.With().Str("module", "server").Str("name", opt.Name).Logger()
@ -57,20 +54,10 @@ func NewServer(opt Options) (s *Server) {
certAvailable = err == nil certAvailable = err == nil
} }
if certAvailable && opt.RedirectToHTTPS && opt.HTTPSAddr != "" {
_, port, err := net.SplitHostPort(opt.HTTPSAddr)
if err != nil {
panic(err)
}
httpHandler = redirectToTLSHandler(port)
} else {
httpHandler = opt.Handler
}
if opt.HTTPAddr != "" { if opt.HTTPAddr != "" {
httpSer = &http.Server{ httpSer = &http.Server{
Addr: opt.HTTPAddr, Addr: opt.HTTPAddr,
Handler: httpHandler, Handler: opt.Handler,
ErrorLog: log.New(io.Discard, "", 0), // most are tls related ErrorLog: log.New(io.Discard, "", 0), // most are tls related
} }
} }
@ -152,18 +139,3 @@ func (s *Server) handleErr(scheme string, err error) {
s.l.Fatal().Err(err).Str("scheme", scheme).Msg("server error") s.l.Fatal().Err(err).Str("scheme", scheme).Msg("server error")
} }
} }
func redirectToTLSHandler(port string) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
r.URL.Scheme = "https"
r.URL.Host = r.URL.Hostname() + ":" + port
var redirectCode int
if r.Method == http.MethodGet {
redirectCode = http.StatusMovedPermanently
} else {
redirectCode = http.StatusPermanentRedirect
}
http.Redirect(w, r, r.URL.String(), redirectCode)
}
}

9
internal/utils/serialization.go
View file

@ -193,10 +193,19 @@ func Deserialize(src SerializedObject, dst any) E.Error {
key = strutils.ToLowerNoSnake(key) key = strutils.ToLowerNoSnake(key)
mapping[key] = dstV.FieldByName(field.Name) mapping[key] = dstV.FieldByName(field.Name)
fieldName[field.Name] = key fieldName[field.Name] = key
_, ok := field.Tag.Lookup("validate") _, ok := field.Tag.Lookup("validate")
if ok { if ok {
needValidate = true needValidate = true
} }
aliases, ok := field.Tag.Lookup("aliases")
if ok {
for _, alias := range strings.Split(aliases, ",") {
mapping[alias] = dstV.FieldByName(field.Name)
fieldName[field.Name] = alias
}
}
} }
for k, v := range src { for k, v := range src {
if field, ok := mapping[strutils.ToLowerNoSnake(k)]; ok { if field, ok := mapping[strutils.ToLowerNoSnake(k)]; ok {

4
schema/config.schema.json
View file

@ -430,10 +430,6 @@
"type": "object", "type": "object",
"additionalProperties": false, "additionalProperties": false,
"properties": { "properties": {
"redirect_to_https": {
"title": "Redirect to HTTPS on HTTP requests",
"type": "boolean"
},
"middlewares": { "middlewares": {
"title": "Entrypoint middlewares", "title": "Entrypoint middlewares",
"type": "array", "type": "array",