mirror of
https://github.com/fatedier/frp.git
synced 2025-01-07 14:39:26 +01:00
add subdomain configuration; add conn auth timeout
This commit is contained in:
parent
4c69a4810e
commit
396e148f80
@ -40,6 +40,8 @@ pool_count = 20
|
|||||||
# if not set, you can access this custom_domains without certification
|
# if not set, you can access this custom_domains without certification
|
||||||
http_username = admin
|
http_username = admin
|
||||||
http_password = admin
|
http_password = admin
|
||||||
|
# if domain for frps is frps.com, then you can access [web01] proxy by URL http://test.frps.com
|
||||||
|
subdomain = test
|
||||||
|
|
||||||
[web02]
|
[web02]
|
||||||
type = http
|
type = http
|
||||||
@ -64,3 +66,4 @@ local_port = 80
|
|||||||
use_gzip = true
|
use_gzip = true
|
||||||
custom_domains = web03.yourdomain.com
|
custom_domains = web03.yourdomain.com
|
||||||
host_header_rewrite = example.com
|
host_header_rewrite = example.com
|
||||||
|
subdomain = dev
|
||||||
|
@ -26,6 +26,10 @@ privilege_token = 12345678
|
|||||||
privilege_allow_ports = 2000-3000,3001,3003,4000-50000
|
privilege_allow_ports = 2000-3000,3001,3003,4000-50000
|
||||||
# pool_count in each proxy will change to max_pool_count if they exceed the maximum value
|
# pool_count in each proxy will change to max_pool_count if they exceed the maximum value
|
||||||
max_pool_count = 100
|
max_pool_count = 100
|
||||||
|
# conn_timeout set the timeout interval (seconds) when the frpc connects frps
|
||||||
|
conn_timeout = 10
|
||||||
|
# domain for frps
|
||||||
|
domain = codermao.com
|
||||||
|
|
||||||
# ssh is the proxy name, client will use this name and auth_token to connect to server
|
# ssh is the proxy name, client will use this name and auth_token to connect to server
|
||||||
[ssh]
|
[ssh]
|
||||||
|
@ -152,6 +152,7 @@ func loginToServer(cli *client.ProxyClient) (c *conn.Conn, err error) {
|
|||||||
HostHeaderRewrite: cli.HostHeaderRewrite,
|
HostHeaderRewrite: cli.HostHeaderRewrite,
|
||||||
HttpUserName: cli.HttpUserName,
|
HttpUserName: cli.HttpUserName,
|
||||||
HttpPassWord: cli.HttpPassWord,
|
HttpPassWord: cli.HttpPassWord,
|
||||||
|
SubDomain: cli.SubDomain,
|
||||||
Timestamp: nowTime,
|
Timestamp: nowTime,
|
||||||
}
|
}
|
||||||
if cli.PrivilegeMode {
|
if cli.PrivilegeMode {
|
||||||
|
@ -221,8 +221,8 @@ func doLogin(req *msg.ControlReq, c *conn.Conn) (ret int64, info string) {
|
|||||||
nowTime := time.Now().Unix()
|
nowTime := time.Now().Unix()
|
||||||
if req.PrivilegeMode {
|
if req.PrivilegeMode {
|
||||||
privilegeKey := pcrypto.GetAuthKey(req.ProxyName + server.PrivilegeToken + fmt.Sprintf("%d", req.Timestamp))
|
privilegeKey := pcrypto.GetAuthKey(req.ProxyName + server.PrivilegeToken + fmt.Sprintf("%d", req.Timestamp))
|
||||||
// privilegeKey avaiable in 15 minutes
|
// privilegeKey unavaiable after server.CtrlConnTimeout seconds
|
||||||
if nowTime-req.Timestamp > 15*60 {
|
if server.CtrlConnTimeout != 0 && nowTime-req.Timestamp > server.CtrlConnTimeout {
|
||||||
info = fmt.Sprintf("ProxyName [%s], privilege mode authorization timeout", req.ProxyName)
|
info = fmt.Sprintf("ProxyName [%s], privilege mode authorization timeout", req.ProxyName)
|
||||||
log.Warn(info)
|
log.Warn(info)
|
||||||
return
|
return
|
||||||
@ -234,8 +234,8 @@ func doLogin(req *msg.ControlReq, c *conn.Conn) (ret int64, info string) {
|
|||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
authKey := pcrypto.GetAuthKey(req.ProxyName + s.AuthToken + fmt.Sprintf("%d", req.Timestamp))
|
authKey := pcrypto.GetAuthKey(req.ProxyName + s.AuthToken + fmt.Sprintf("%d", req.Timestamp))
|
||||||
// authKey avaiable in 15 minutes
|
// privilegeKey unavaiable after server.CtrlConnTimeout seconds
|
||||||
if nowTime-req.Timestamp > 15*60 {
|
if server.CtrlConnTimeout != 0 && nowTime-req.Timestamp > server.CtrlConnTimeout {
|
||||||
info = fmt.Sprintf("ProxyName [%s], authorization timeout", req.ProxyName)
|
info = fmt.Sprintf("ProxyName [%s], authorization timeout", req.ProxyName)
|
||||||
log.Warn(info)
|
log.Warn(info)
|
||||||
return
|
return
|
||||||
@ -289,6 +289,10 @@ func doLogin(req *msg.ControlReq, c *conn.Conn) (ret int64, info string) {
|
|||||||
s.HostHeaderRewrite = req.HostHeaderRewrite
|
s.HostHeaderRewrite = req.HostHeaderRewrite
|
||||||
s.HttpUserName = req.HttpUserName
|
s.HttpUserName = req.HttpUserName
|
||||||
s.HttpPassWord = req.HttpPassWord
|
s.HttpPassWord = req.HttpPassWord
|
||||||
|
// package URL
|
||||||
|
if req.SubDomain != "" {
|
||||||
|
s.SubDomain = req.SubDomain + "." + server.Domain
|
||||||
|
}
|
||||||
if req.PoolCount > server.MaxPoolCount {
|
if req.PoolCount > server.MaxPoolCount {
|
||||||
s.PoolCount = server.MaxPoolCount
|
s.PoolCount = server.MaxPoolCount
|
||||||
} else if req.PoolCount < 0 {
|
} else if req.PoolCount < 0 {
|
||||||
@ -302,6 +306,7 @@ func doLogin(req *msg.ControlReq, c *conn.Conn) (ret int64, info string) {
|
|||||||
log.Warn(info)
|
log.Warn(info)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
log.Info("serverProxy: %+v", s)
|
||||||
|
|
||||||
// update metric's proxy status
|
// update metric's proxy status
|
||||||
metric.SetProxyInfo(s.Name, s.Type, s.BindAddr, s.UseEncryption, s.UseGzip, s.PrivilegeMode, s.CustomDomains, s.ListenPort)
|
metric.SetProxyInfo(s.Name, s.Type, s.BindAddr, s.UseEncryption, s.UseGzip, s.PrivilegeMode, s.CustomDomains, s.ListenPort)
|
||||||
|
@ -166,6 +166,11 @@ func LoadConf(confFile string) (err error) {
|
|||||||
if ok {
|
if ok {
|
||||||
proxyClient.HttpPassWord = tmpStr
|
proxyClient.HttpPassWord = tmpStr
|
||||||
}
|
}
|
||||||
|
// subdomain
|
||||||
|
tmpStr, ok = section["subdomain"]
|
||||||
|
if ok {
|
||||||
|
proxyClient.SubDomain = tmpStr
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// privilege_mode
|
// privilege_mode
|
||||||
@ -219,6 +224,9 @@ func LoadConf(confFile string) (err error) {
|
|||||||
} else {
|
} else {
|
||||||
return fmt.Errorf("Parse conf error: proxy [%s] custom_domains must be set when type equals http", proxyClient.Name)
|
return fmt.Errorf("Parse conf error: proxy [%s] custom_domains must be set when type equals http", proxyClient.Name)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// subdomain
|
||||||
|
proxyClient.SubDomain, ok = section["subdomain"]
|
||||||
} else if proxyClient.Type == "https" {
|
} else if proxyClient.Type == "https" {
|
||||||
// custom_domains
|
// custom_domains
|
||||||
domainStr, ok := section["custom_domains"]
|
domainStr, ok := section["custom_domains"]
|
||||||
|
@ -26,4 +26,5 @@ type BaseConf struct {
|
|||||||
HostHeaderRewrite string
|
HostHeaderRewrite string
|
||||||
HttpUserName string
|
HttpUserName string
|
||||||
HttpPassWord string
|
HttpPassWord string
|
||||||
|
SubDomain string
|
||||||
}
|
}
|
||||||
|
@ -37,6 +37,7 @@ type ControlReq struct {
|
|||||||
HostHeaderRewrite string `json:"host_header_rewrite"`
|
HostHeaderRewrite string `json:"host_header_rewrite"`
|
||||||
HttpUserName string `json:"http_username"`
|
HttpUserName string `json:"http_username"`
|
||||||
HttpPassWord string `json:"http_password"`
|
HttpPassWord string `json:"http_password"`
|
||||||
|
SubDomain string `json:"subdomain"`
|
||||||
Timestamp int64 `json:"timestamp"`
|
Timestamp int64 `json:"timestamp"`
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -45,6 +45,8 @@ var (
|
|||||||
LogMaxDays int64 = 3
|
LogMaxDays int64 = 3
|
||||||
PrivilegeMode bool = false
|
PrivilegeMode bool = false
|
||||||
PrivilegeToken string = ""
|
PrivilegeToken string = ""
|
||||||
|
CtrlConnTimeout int64 = 10
|
||||||
|
Domain string = ""
|
||||||
|
|
||||||
// if PrivilegeAllowPorts is not nil, tcp proxies which remote port exist in this map can be connected
|
// if PrivilegeAllowPorts is not nil, tcp proxies which remote port exist in this map can be connected
|
||||||
PrivilegeAllowPorts map[int64]struct{}
|
PrivilegeAllowPorts map[int64]struct{}
|
||||||
@ -222,6 +224,16 @@ func loadCommonConf(confFile string) error {
|
|||||||
MaxPoolCount = v
|
MaxPoolCount = v
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
tmpStr, ok = conf.Get("common", "conn_timeout")
|
||||||
|
if ok {
|
||||||
|
v, err := strconv.ParseInt(tmpStr, 10, 64)
|
||||||
|
if err != nil {
|
||||||
|
return fmt.Errorf("Parse conf error: conn_timeout is incorrect")
|
||||||
|
} else {
|
||||||
|
CtrlConnTimeout = v
|
||||||
|
}
|
||||||
|
}
|
||||||
|
Domain, ok = conf.Get("common", "domain")
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -130,6 +130,12 @@ func (p *ProxyServer) Start(c *conn.Conn) (err error) {
|
|||||||
}
|
}
|
||||||
p.listeners = append(p.listeners, l)
|
p.listeners = append(p.listeners, l)
|
||||||
}
|
}
|
||||||
|
l, err := VhostHttpMuxer.Listen(p.SubDomain, p.HostHeaderRewrite, p.HttpUserName, p.HttpPassWord)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
p.listeners = append(p.listeners, l)
|
||||||
|
|
||||||
} else if p.Type == "https" {
|
} else if p.Type == "https" {
|
||||||
for _, domain := range p.CustomDomains {
|
for _, domain := range p.CustomDomains {
|
||||||
l, err := VhostHttpsMuxer.Listen(domain, p.HostHeaderRewrite, p.HttpUserName, p.HttpPassWord)
|
l, err := VhostHttpsMuxer.Listen(domain, p.HostHeaderRewrite, p.HttpUserName, p.HttpPassWord)
|
||||||
|
Loading…
Reference in New Issue
Block a user