repalce redirect_to_https with entrypoint middleware

2025-05-20 04:42:33 +02:00 · 2024-11-30 08:50:23 +08:00 · 2024-11-30 08:50:23 +08:00 · f8bdc7044c
commit f8bdc7044c
parent 796a4a693a
8 changed files with 30 additions and 61 deletions
--- a/cmd/main.go
+++ b/cmd/main.go
@ -137,7 +137,6 @@ func main() {
 		HTTPAddr:     common.ProxyHTTPAddr,
 		HTTPSAddr:    common.ProxyHTTPSAddr,
 		Handler:      http.HandlerFunc(entrypoint.Handler),
-		RedirectToHTTPS: config.Value().Entrypoint.RedirectToHTTPS,
 	})
 	server.StartServer(server.Options{
 		Name:         "api",
--- a/compose.example.yml
+++ b/compose.example.yml
@ -12,13 +12,13 @@ services:
        labels:
            proxy.aliases: gp
            proxy.#1.port: 3000
-            proxy.#1.middlewares.cidr_whitelist.status_code: 403
-            proxy.#1.middlewares.cidr_whitelist.message: IP not allowed
-            proxy.#1.middlewares.cidr_whitelist.allow: |
-                - 127.0.0.1
-                - 10.0.0.0/8
-                - 192.168.0.0/16
-                - 172.16.0.0/12
+            # proxy.#1.middlewares.cidr_whitelist.status: 403
+            # proxy.#1.middlewares.cidr_whitelist.message: IP not allowed
+            # proxy.#1.middlewares.cidr_whitelist.allow: |
+            #     - 127.0.0.1
+            #     - 10.0.0.0/8
+            #     - 192.168.0.0/16
+            #     - 172.16.0.0/12
    app:
        image: ghcr.io/yusing/go-proxy:latest
        container_name: godoxy
--- a/config.example.yml
+++ b/config.example.yml
@ -21,10 +21,6 @@
 # 3. other providers, check docs/dns_providers.md for more

 entrypoint:
-  # global setting redirect http requests to https (if https available, otherwise this will be ignored)
-  # proxy.<alias>.middlewares.redirect_http will override this
-  #
-  redirect_to_https: false
  middlewares:
    - use: CIDRWhitelist
      allow:
@ -33,6 +29,7 @@ entrypoint:
        - "192.168.0.0/16"
      status: 403
      message: "Forbidden"
+    - use: RedirectHTTP

 providers:
  # include files are standalone yaml files under `config/` directory
--- a/internal/config/types/config.go
+++ b/internal/config/types/config.go
@ -15,8 +15,7 @@ type (
 		Notification []NotificationConfig `json:"notification" yaml:"notification"`
 	}
 	Entrypoint struct {
-		RedirectToHTTPS bool `json:"redirect_to_https" yaml:"redirect_to_https"`
-		Middlewares     []map[string]any
+		Middlewares []map[string]any `json:"middlewares" yaml:"middlewares"`
 	}
 	NotificationConfig map[string]any
 )
@ -27,8 +26,5 @@ func DefaultConfig() *Config {
 		Homepage: HomepageConfig{
 			UseDefaultCategories: true,
 		},
-		Entrypoint: Entrypoint{
-			RedirectToHTTPS: false,
-		},
 	}
 }
--- a/internal/net/http/middleware/cidr_whitelist.go
+++ b/internal/net/http/middleware/cidr_whitelist.go
@ -17,7 +17,7 @@ type cidrWhitelist struct {

 type cidrWhitelistOpts struct {
 	Allow      []*types.CIDR `validate:"min=1"`
-	StatusCode int           `json:"status" validate:"omitempty,gte=400,lte=599"`
+	StatusCode int           `json:"status_code" aliases:"status" validate:"omitempty,gte=400,lte=599"`
 	Message    string
 }

--- a/internal/net/http/server/server.go
+++ b/internal/net/http/server/server.go
@ -6,7 +6,6 @@ import (
 	"errors"
 	"io"
 	"log"
-	"net"
 	"net/http"
 	"time"

@ -35,7 +34,6 @@ type Options struct {
 	HTTPAddr     string
 	HTTPSAddr    string
 	CertProvider *autocert.Provider
-	RedirectToHTTPS bool
 	Handler      http.Handler
 }

@ -47,7 +45,6 @@ func StartServer(opt Options) (s *Server) {

 func NewServer(opt Options) (s *Server) {
 	var httpSer, httpsSer *http.Server
-	var httpHandler http.Handler

 	logger := logging.With().Str("module", "server").Str("name", opt.Name).Logger()

@ -57,20 +54,10 @@ func NewServer(opt Options) (s *Server) {
 		certAvailable = err == nil
 	}

-	if certAvailable && opt.RedirectToHTTPS && opt.HTTPSAddr != "" {
-		_, port, err := net.SplitHostPort(opt.HTTPSAddr)
-		if err != nil {
-			panic(err)
-		}
-		httpHandler = redirectToTLSHandler(port)
-	} else {
-		httpHandler = opt.Handler
-	}
-
 	if opt.HTTPAddr != "" {
 		httpSer = &http.Server{
 			Addr:     opt.HTTPAddr,
-			Handler:  httpHandler,
+			Handler:  opt.Handler,
 			ErrorLog: log.New(io.Discard, "", 0), // most are tls related
 		}
 	}
@ -152,18 +139,3 @@ func (s *Server) handleErr(scheme string, err error) {
 		s.l.Fatal().Err(err).Str("scheme", scheme).Msg("server error")
 	}
 }
-
-func redirectToTLSHandler(port string) http.HandlerFunc {
-	return func(w http.ResponseWriter, r *http.Request) {
-		r.URL.Scheme = "https"
-		r.URL.Host = r.URL.Hostname() + ":" + port
-
-		var redirectCode int
-		if r.Method == http.MethodGet {
-			redirectCode = http.StatusMovedPermanently
-		} else {
-			redirectCode = http.StatusPermanentRedirect
-		}
-		http.Redirect(w, r, r.URL.String(), redirectCode)
-	}
-}
--- a/internal/utils/serialization.go
+++ b/internal/utils/serialization.go
@ -193,10 +193,19 @@ func Deserialize(src SerializedObject, dst any) E.Error {
 			key = strutils.ToLowerNoSnake(key)
 			mapping[key] = dstV.FieldByName(field.Name)
 			fieldName[field.Name] = key
+
 			_, ok := field.Tag.Lookup("validate")
 			if ok {
 				needValidate = true
 			}
+
+			aliases, ok := field.Tag.Lookup("aliases")
+			if ok {
+				for _, alias := range strings.Split(aliases, ",") {
+					mapping[alias] = dstV.FieldByName(field.Name)
+					fieldName[field.Name] = alias
+				}
+			}
 		}
 		for k, v := range src {
 			if field, ok := mapping[strutils.ToLowerNoSnake(k)]; ok {
--- a/schema/config.schema.json
+++ b/schema/config.schema.json
@ -430,10 +430,6 @@
      "type": "object",
      "additionalProperties": false,
      "properties": {
-        "redirect_to_https": {
-          "title": "Redirect to HTTPS on HTTP requests",
-          "type": "boolean"
-        },
        "middlewares": {
          "title": "Entrypoint middlewares",
          "type": "array",