zrok/endpoints/proxy/backend.go

105 lines
2.3 KiB
Go
Raw Normal View History

package proxy
2022-07-20 19:18:40 +02:00
import (
"crypto/tls"
"fmt"
"github.com/openziti/sdk-golang/ziti"
"github.com/openziti/sdk-golang/ziti/config"
2022-08-09 19:57:45 +02:00
"github.com/openziti/sdk-golang/ziti/edge"
"github.com/openziti/zrok/endpoints"
"github.com/openziti/zrok/util"
"github.com/pkg/errors"
2022-08-10 21:16:36 +02:00
"github.com/sirupsen/logrus"
"net/http"
2022-08-10 21:16:36 +02:00
"net/http/httputil"
"net/url"
"time"
)
type BackendConfig struct {
2022-08-10 21:16:36 +02:00
IdentityPath string
EndpointAddress string
2023-01-04 20:42:58 +01:00
ShrToken string
Insecure bool
2023-01-10 23:40:20 +01:00
RequestsChan chan *endpoints.Request
2022-08-10 21:16:36 +02:00
}
2023-04-14 19:09:54 +02:00
type Backend struct {
cfg *BackendConfig
requests func() int32
2022-08-09 19:57:45 +02:00
listener edge.Listener
handler http.Handler
}
func NewBackend(cfg *BackendConfig) (*Backend, error) {
options := ziti.ListenOptions{
ConnectTimeout: 5 * time.Minute,
MaxConnections: 64,
}
zcfg, err := config.NewFromFile(cfg.IdentityPath)
if err != nil {
2022-08-09 19:57:45 +02:00
return nil, errors.Wrap(err, "error loading config")
}
2023-01-04 20:42:58 +01:00
listener, err := ziti.NewContextWithConfig(zcfg).ListenWithOptions(cfg.ShrToken, &options)
if err != nil {
2022-08-09 19:57:45 +02:00
return nil, errors.Wrap(err, "error listening")
}
proxy, err := newReverseProxy(cfg)
2022-07-21 21:46:14 +02:00
if err != nil {
2022-08-09 19:57:45 +02:00
return nil, err
}
2022-08-09 19:57:45 +02:00
handler := util.NewProxyHandler(proxy)
2023-04-14 19:09:54 +02:00
return &Backend{
2022-08-18 22:57:38 +02:00
cfg: cfg,
requests: handler.Requests,
2022-08-09 19:57:45 +02:00
listener: listener,
handler: handler,
}, nil
}
2023-04-14 19:09:54 +02:00
func (b *Backend) Run() error {
if err := http.Serve(b.listener, b.handler); err != nil {
2022-07-21 21:46:14 +02:00
return err
}
2022-07-21 21:46:14 +02:00
return nil
}
2022-08-10 21:16:36 +02:00
2023-04-14 19:09:54 +02:00
func (b *Backend) Requests() func() int32 {
return b.requests
}
func newReverseProxy(cfg *BackendConfig) (*httputil.ReverseProxy, error) {
targetURL, err := url.Parse(cfg.EndpointAddress)
2022-08-10 21:16:36 +02:00
if err != nil {
return nil, err
}
tpt := http.DefaultTransport.(*http.Transport).Clone()
if cfg.Insecure {
tpt.TLSClientConfig = &tls.Config{InsecureSkipVerify: true}
}
2022-08-10 21:16:36 +02:00
proxy := httputil.NewSingleHostReverseProxy(targetURL)
proxy.Transport = tpt
2022-08-10 21:16:36 +02:00
director := proxy.Director
proxy.Director = func(req *http.Request) {
if cfg.RequestsChan != nil {
cfg.RequestsChan <- &endpoints.Request{
2023-01-10 20:52:28 +01:00
Stamp: time.Now(),
RemoteAddr: fmt.Sprintf("%v", req.Header["X-Real-Ip"]),
Method: req.Method,
Path: req.URL.String(),
}
}
2022-08-10 21:16:36 +02:00
director(req)
req.Header.Set("X-Proxy", "zrok")
}
proxy.ErrorHandler = func(w http.ResponseWriter, r *http.Request, err error) {
logrus.Errorf("error proxying: %v", err)
}
return proxy, nil
}