repalce redirect_to_https with entrypoint middleware

cmd/main.go

@@ -132,12 +132,11 @@ func main() {
 	}
 
 	server.StartServer(server.Options{
-		Name:            "proxy",
-		CertProvider:    autocert,
-		HTTPAddr:        common.ProxyHTTPAddr,
-		HTTPSAddr:       common.ProxyHTTPSAddr,
-		Handler:         http.HandlerFunc(entrypoint.Handler),
-		RedirectToHTTPS: config.Value().Entrypoint.RedirectToHTTPS,
+		Name:         "proxy",
+		CertProvider: autocert,
+		HTTPAddr:     common.ProxyHTTPAddr,
+		HTTPSAddr:    common.ProxyHTTPSAddr,
+		Handler:      http.HandlerFunc(entrypoint.Handler),
 	})
 	server.StartServer(server.Options{
 		Name:         "api",

compose.example.yml

@@ -12,13 +12,13 @@ services:
         labels:
             proxy.aliases: gp
             proxy.#1.port: 3000
-            proxy.#1.middlewares.cidr_whitelist.status_code: 403
-            proxy.#1.middlewares.cidr_whitelist.message: IP not allowed
-            proxy.#1.middlewares.cidr_whitelist.allow: |
-                - 127.0.0.1
-                - 10.0.0.0/8
-                - 192.168.0.0/16
-                - 172.16.0.0/12
+            # proxy.#1.middlewares.cidr_whitelist.status: 403
+            # proxy.#1.middlewares.cidr_whitelist.message: IP not allowed
+            # proxy.#1.middlewares.cidr_whitelist.allow: |
+            #     - 127.0.0.1
+            #     - 10.0.0.0/8
+            #     - 192.168.0.0/16
+            #     - 172.16.0.0/12
     app:
         image: ghcr.io/yusing/go-proxy:latest
         container_name: godoxy

config.example.yml

@@ -21,10 +21,6 @@
 # 3. other providers, check docs/dns_providers.md for more
 
 entrypoint:
-  # global setting redirect http requests to https (if https available, otherwise this will be ignored)
-  # proxy.<alias>.middlewares.redirect_http will override this
-  #
-  redirect_to_https: false
   middlewares:
     - use: CIDRWhitelist
       allow:
@@ -33,6 +29,7 @@ entrypoint:
         - "192.168.0.0/16"
       status: 403
       message: "Forbidden"
+    - use: RedirectHTTP
 
 providers:
   # include files are standalone yaml files under `config/` directory

internal/config/types/config.go

@@ -15,8 +15,7 @@ type (
 		Notification []NotificationConfig `json:"notification" yaml:"notification"`
 	}
 	Entrypoint struct {
-		RedirectToHTTPS bool `json:"redirect_to_https" yaml:"redirect_to_https"`
-		Middlewares     []map[string]any
+		Middlewares []map[string]any `json:"middlewares" yaml:"middlewares"`
 	}
 	NotificationConfig map[string]any
 )
@@ -27,8 +26,5 @@ func DefaultConfig() *Config {
 		Homepage: HomepageConfig{
 			UseDefaultCategories: true,
 		},
-		Entrypoint: Entrypoint{
-			RedirectToHTTPS: false,
-		},
 	}
 }

internal/net/http/middleware/cidr_whitelist.go

@@ -17,7 +17,7 @@ type cidrWhitelist struct {
 
 type cidrWhitelistOpts struct {
 	Allow      []*types.CIDR `validate:"min=1"`
-	StatusCode int           `json:"status" validate:"omitempty,gte=400,lte=599"`
+	StatusCode int           `json:"status_code" aliases:"status" validate:"omitempty,gte=400,lte=599"`
 	Message    string
 }
 

internal/net/http/server/server.go

@@ -6,7 +6,6 @@ import (
 	"errors"
 	"io"
 	"log"
-	"net"
 	"net/http"
 	"time"
 
@@ -31,12 +30,11 @@ type Server struct {
 }
 
 type Options struct {
-	Name            string
-	HTTPAddr        string
-	HTTPSAddr       string
-	CertProvider    *autocert.Provider
-	RedirectToHTTPS bool
-	Handler         http.Handler
+	Name         string
+	HTTPAddr     string
+	HTTPSAddr    string
+	CertProvider *autocert.Provider
+	Handler      http.Handler
 }
 
 func StartServer(opt Options) (s *Server) {
@@ -47,7 +45,6 @@ func StartServer(opt Options) (s *Server) {
 
 func NewServer(opt Options) (s *Server) {
 	var httpSer, httpsSer *http.Server
-	var httpHandler http.Handler
 
 	logger := logging.With().Str("module", "server").Str("name", opt.Name).Logger()
 
@@ -57,20 +54,10 @@ func NewServer(opt Options) (s *Server) {
 		certAvailable = err == nil
 	}
 
-	if certAvailable && opt.RedirectToHTTPS && opt.HTTPSAddr != "" {
-		_, port, err := net.SplitHostPort(opt.HTTPSAddr)
-		if err != nil {
-			panic(err)
-		}
-		httpHandler = redirectToTLSHandler(port)
-	} else {
-		httpHandler = opt.Handler
-	}
-
 	if opt.HTTPAddr != "" {
 		httpSer = &http.Server{
 			Addr:     opt.HTTPAddr,
-			Handler:  httpHandler,
+			Handler:  opt.Handler,
 			ErrorLog: log.New(io.Discard, "", 0), // most are tls related
 		}
 	}
@@ -152,18 +139,3 @@ func (s *Server) handleErr(scheme string, err error) {
 		s.l.Fatal().Err(err).Str("scheme", scheme).Msg("server error")
 	}
 }
-
-func redirectToTLSHandler(port string) http.HandlerFunc {
-	return func(w http.ResponseWriter, r *http.Request) {
-		r.URL.Scheme = "https"
-		r.URL.Host = r.URL.Hostname() + ":" + port
-
-		var redirectCode int
-		if r.Method == http.MethodGet {
-			redirectCode = http.StatusMovedPermanently
-		} else {
-			redirectCode = http.StatusPermanentRedirect
-		}
-		http.Redirect(w, r, r.URL.String(), redirectCode)
-	}
-}

internal/utils/serialization.go

@@ -193,10 +193,19 @@ func Deserialize(src SerializedObject, dst any) E.Error {
 			key = strutils.ToLowerNoSnake(key)
 			mapping[key] = dstV.FieldByName(field.Name)
 			fieldName[field.Name] = key
+
 			_, ok := field.Tag.Lookup("validate")
 			if ok {
 				needValidate = true
 			}
+
+			aliases, ok := field.Tag.Lookup("aliases")
+			if ok {
+				for _, alias := range strings.Split(aliases, ",") {
+					mapping[alias] = dstV.FieldByName(field.Name)
+					fieldName[field.Name] = alias
+				}
+			}
 		}
 		for k, v := range src {
 			if field, ok := mapping[strutils.ToLowerNoSnake(k)]; ok {

schema/config.schema.json

@@ -430,10 +430,6 @@
       "type": "object",
       "additionalProperties": false,
       "properties": {
-        "redirect_to_https": {
-          "title": "Redirect to HTTPS on HTTP requests",
-          "type": "boolean"
-        },
         "middlewares": {
           "title": "Entrypoint middlewares",
           "type": "array",