mirror of
https://github.com/openziti/zrok.git
synced 2025-06-20 09:48:07 +02:00
caddy integration for reserved shares (#392); sdk refactoring; cleanup and tweaks
This commit is contained in:
Michael Quigley
parent
7bc8976951
commit
2b12f1c6cd
@ -1,16 +1,12 @@
|
|||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
httptransport "github.com/go-openapi/runtime/client"
|
"fmt"
|
||||||
"github.com/openziti/zrok/environment"
|
"github.com/openziti/zrok/environment"
|
||||||
"github.com/openziti/zrok/rest_client_zrok/share"
|
|
||||||
"github.com/openziti/zrok/rest_model_zrok"
|
|
||||||
"github.com/openziti/zrok/sdk"
|
"github.com/openziti/zrok/sdk"
|
||||||
"github.com/openziti/zrok/tui"
|
"github.com/openziti/zrok/tui"
|
||||||
"github.com/pkg/errors"
|
|
||||||
"github.com/sirupsen/logrus"
|
"github.com/sirupsen/logrus"
|
||||||
"github.com/spf13/cobra"
|
"github.com/spf13/cobra"
|
||||||
"strings"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
func init() {
|
func init() {
|
||||||
@ -33,7 +29,7 @@ func newReserveCommand() *reserveCommand {
|
|||||||
command := &reserveCommand{cmd: cmd}
|
command := &reserveCommand{cmd: cmd}
|
||||||
cmd.Flags().StringArrayVar(&command.basicAuth, "basic-auth", []string{}, "Basic authentication users (<username:password>,...)")
|
cmd.Flags().StringArrayVar(&command.basicAuth, "basic-auth", []string{}, "Basic authentication users (<username:password>,...)")
|
||||||
cmd.Flags().StringArrayVar(&command.frontendSelection, "frontends", []string{"public"}, "Selected frontends to use for the share")
|
cmd.Flags().StringArrayVar(&command.frontendSelection, "frontends", []string{"public"}, "Selected frontends to use for the share")
|
||||||
cmd.Flags().StringVar(&command.backendMode, "backend-mode", "proxy", "The backend mode {proxy, web, <tcpTunnel, udpTunnel>}")
|
cmd.Flags().StringVar(&command.backendMode, "backend-mode", "proxy", "The backend mode {proxy, web, <tcpTunnel, udpTunnel>, caddy}")
|
||||||
cmd.Run = command.run
|
cmd.Run = command.run
|
||||||
return command
|
return command
|
||||||
}
|
}
|
||||||
@ -58,6 +54,18 @@ func (cmd *reserveCommand) run(_ *cobra.Command, args []string) {
|
|||||||
|
|
||||||
case "web":
|
case "web":
|
||||||
target = args[1]
|
target = args[1]
|
||||||
|
|
||||||
|
case "tcpTunnel":
|
||||||
|
target = args[1]
|
||||||
|
|
||||||
|
case "udpTunnel":
|
||||||
|
target = args[1]
|
||||||
|
|
||||||
|
case "caddy":
|
||||||
|
target = args[1]
|
||||||
|
|
||||||
|
default:
|
||||||
|
tui.Error(fmt.Sprintf("invalid backend mode '%v'; expected {proxy, web, tcpTunnel, udpTunnel, caddy}", cmd.backendMode), nil)
|
||||||
}
|
}
|
||||||
|
|
||||||
env, err := environment.LoadRoot()
|
env, err := environment.LoadRoot()
|
||||||
@ -72,49 +80,25 @@ func (cmd *reserveCommand) run(_ *cobra.Command, args []string) {
|
|||||||
tui.Error("unable to load environment; did you 'zrok enable'?", nil)
|
tui.Error("unable to load environment; did you 'zrok enable'?", nil)
|
||||||
}
|
}
|
||||||
|
|
||||||
zrok, err := env.Client()
|
req := &sdk.ShareRequest{
|
||||||
if err != nil {
|
BackendMode: sdk.BackendMode(cmd.backendMode),
|
||||||
if !panicInstead {
|
ShareMode: shareMode,
|
||||||
tui.Error("unable to create zrok client", err)
|
Auth: cmd.basicAuth,
|
||||||
}
|
Target: target,
|
||||||
panic(err)
|
|
||||||
}
|
|
||||||
auth := httptransport.APIKeyAuth("X-TOKEN", "header", env.Environment().Token)
|
|
||||||
req := share.NewShareParams()
|
|
||||||
req.Body = &rest_model_zrok.ShareRequest{
|
|
||||||
EnvZID: env.Environment().ZitiIdentity,
|
|
||||||
ShareMode: string(shareMode),
|
|
||||||
BackendMode: cmd.backendMode,
|
|
||||||
BackendProxyEndpoint: target,
|
|
||||||
AuthScheme: string(sdk.None),
|
|
||||||
Reserved: true,
|
|
||||||
}
|
}
|
||||||
if shareMode == sdk.PublicShareMode {
|
if shareMode == sdk.PublicShareMode {
|
||||||
req.Body.FrontendSelection = cmd.frontendSelection
|
req.Frontends = cmd.frontendSelection
|
||||||
}
|
}
|
||||||
if len(cmd.basicAuth) > 0 {
|
shr, err := sdk.CreateShare(env, req)
|
||||||
logrus.Infof("configuring basic auth")
|
|
||||||
req.Body.AuthScheme = string(sdk.Basic)
|
|
||||||
for _, pair := range cmd.basicAuth {
|
|
||||||
tokens := strings.Split(pair, ":")
|
|
||||||
if len(tokens) == 2 {
|
|
||||||
req.Body.AuthUsers = append(req.Body.AuthUsers, &rest_model_zrok.AuthUser{Username: strings.TrimSpace(tokens[0]), Password: strings.TrimSpace(tokens[1])})
|
|
||||||
} else {
|
|
||||||
panic(errors.Errorf("invalid username:password pair '%v'", pair))
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
resp, err := zrok.Share.Share(req, auth)
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
if !panicInstead {
|
if !panicInstead {
|
||||||
tui.Error("unable to create tunnel", err)
|
tui.Error("unable to create share", err)
|
||||||
}
|
}
|
||||||
panic(err)
|
panic(err)
|
||||||
}
|
}
|
||||||
|
|
||||||
logrus.Infof("your reserved share token is '%v'", resp.Payload.ShrToken)
|
logrus.Infof("your reserved share token is '%v'", shr.Token)
|
||||||
for _, fpe := range resp.Payload.FrontendProxyEndpoints {
|
for _, fpe := range shr.FrontendEndpoints {
|
||||||
logrus.Infof("reserved frontend endpoint: %v", fpe)
|
logrus.Infof("reserved frontend endpoint: %v", fpe)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -70,9 +70,10 @@ func (cmd *sharePrivateCommand) run(_ *cobra.Command, args []string) {
|
|||||||
|
|
||||||
case "caddy":
|
case "caddy":
|
||||||
target = args[0]
|
target = args[0]
|
||||||
|
cmd.headless = true
|
||||||
|
|
||||||
default:
|
default:
|
||||||
tui.Error(fmt.Sprintf("invalid backend mode '%v'; expected {proxy, web, tcpTunnel}", cmd.backendMode), nil)
|
tui.Error(fmt.Sprintf("invalid backend mode '%v'; expected {proxy, web, tcpTunnel, udpTunnel, caddy}", cmd.backendMode), nil)
|
||||||
}
|
}
|
||||||
|
|
||||||
root, err := environment.LoadRoot()
|
root, err := environment.LoadRoot()
|
||||||
@ -160,7 +161,7 @@ func (cmd *sharePrivateCommand) run(_ *cobra.Command, args []string) {
|
|||||||
be, err := proxy.NewCaddyWebBackend(cfg)
|
be, err := proxy.NewCaddyWebBackend(cfg)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
if !panicInstead {
|
if !panicInstead {
|
||||||
tui.Error("unable to create web backend handler", err)
|
tui.Error("error creating web backend", err)
|
||||||
}
|
}
|
||||||
panic(err)
|
panic(err)
|
||||||
}
|
}
|
||||||
@ -182,7 +183,7 @@ func (cmd *sharePrivateCommand) run(_ *cobra.Command, args []string) {
|
|||||||
be, err := tcpTunnel.NewBackend(cfg)
|
be, err := tcpTunnel.NewBackend(cfg)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
if !panicInstead {
|
if !panicInstead {
|
||||||
tui.Error("unable to create tcpTunnel backend", err)
|
tui.Error("error creating tcpTunnel backend", err)
|
||||||
}
|
}
|
||||||
panic(err)
|
panic(err)
|
||||||
}
|
}
|
||||||
@ -204,7 +205,7 @@ func (cmd *sharePrivateCommand) run(_ *cobra.Command, args []string) {
|
|||||||
be, err := udpTunnel.NewBackend(cfg)
|
be, err := udpTunnel.NewBackend(cfg)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
if !panicInstead {
|
if !panicInstead {
|
||||||
tui.Error("unable to create udpTunnel backend", err)
|
tui.Error("error creating udpTunnel backend", err)
|
||||||
}
|
}
|
||||||
panic(err)
|
panic(err)
|
||||||
}
|
}
|
||||||
@ -225,7 +226,7 @@ func (cmd *sharePrivateCommand) run(_ *cobra.Command, args []string) {
|
|||||||
be, err := proxy.NewCaddyfileBackend(cfg)
|
be, err := proxy.NewCaddyfileBackend(cfg)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
if !panicInstead {
|
if !panicInstead {
|
||||||
tui.Error("unable to create caddy backend", err)
|
tui.Error("error creating caddy backend", err)
|
||||||
}
|
}
|
||||||
panic(err)
|
panic(err)
|
||||||
}
|
}
|
||||||
|
|||||||
@ -6,13 +6,14 @@ import (
|
|||||||
httptransport "github.com/go-openapi/runtime/client"
|
httptransport "github.com/go-openapi/runtime/client"
|
||||||
"github.com/openziti/zrok/endpoints"
|
"github.com/openziti/zrok/endpoints"
|
||||||
"github.com/openziti/zrok/endpoints/proxy"
|
"github.com/openziti/zrok/endpoints/proxy"
|
||||||
|
"github.com/openziti/zrok/endpoints/tcpTunnel"
|
||||||
|
"github.com/openziti/zrok/endpoints/udpTunnel"
|
||||||
"github.com/openziti/zrok/environment"
|
"github.com/openziti/zrok/environment"
|
||||||
"github.com/openziti/zrok/rest_client_zrok/metadata"
|
"github.com/openziti/zrok/rest_client_zrok/metadata"
|
||||||
"github.com/openziti/zrok/rest_client_zrok/share"
|
"github.com/openziti/zrok/rest_client_zrok/share"
|
||||||
"github.com/openziti/zrok/rest_model_zrok"
|
"github.com/openziti/zrok/rest_model_zrok"
|
||||||
"github.com/openziti/zrok/sdk"
|
"github.com/openziti/zrok/sdk"
|
||||||
"github.com/openziti/zrok/tui"
|
"github.com/openziti/zrok/tui"
|
||||||
"github.com/pkg/errors"
|
|
||||||
"github.com/sirupsen/logrus"
|
"github.com/sirupsen/logrus"
|
||||||
"github.com/spf13/cobra"
|
"github.com/spf13/cobra"
|
||||||
)
|
)
|
||||||
@ -45,7 +46,7 @@ func (cmd *shareReservedCommand) run(_ *cobra.Command, args []string) {
|
|||||||
shrToken := args[0]
|
shrToken := args[0]
|
||||||
var target string
|
var target string
|
||||||
|
|
||||||
env, err := environment.LoadRoot()
|
root, err := environment.LoadRoot()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
if !panicInstead {
|
if !panicInstead {
|
||||||
tui.Error("error loading environment", err)
|
tui.Error("error loading environment", err)
|
||||||
@ -53,18 +54,18 @@ func (cmd *shareReservedCommand) run(_ *cobra.Command, args []string) {
|
|||||||
panic(err)
|
panic(err)
|
||||||
}
|
}
|
||||||
|
|
||||||
if !env.IsEnabled() {
|
if !root.IsEnabled() {
|
||||||
tui.Error("unable to load environment; did you 'zrok enable'?", nil)
|
tui.Error("unable to load environment; did you 'zrok enable'?", nil)
|
||||||
}
|
}
|
||||||
|
|
||||||
zrok, err := env.Client()
|
zrok, err := root.Client()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
if !panicInstead {
|
if !panicInstead {
|
||||||
tui.Error("unable to create zrok client", err)
|
tui.Error("unable to create zrok client", err)
|
||||||
}
|
}
|
||||||
panic(err)
|
panic(err)
|
||||||
}
|
}
|
||||||
auth := httptransport.APIKeyAuth("X-TOKEN", "header", env.Environment().Token)
|
auth := httptransport.APIKeyAuth("X-TOKEN", "header", root.Environment().Token)
|
||||||
req := metadata.NewGetShareDetailParams()
|
req := metadata.NewGetShareDetailParams()
|
||||||
req.ShrToken = shrToken
|
req.ShrToken = shrToken
|
||||||
resp, err := zrok.Metadata.GetShareDetail(req, auth)
|
resp, err := zrok.Metadata.GetShareDetail(req, auth)
|
||||||
@ -78,8 +79,11 @@ func (cmd *shareReservedCommand) run(_ *cobra.Command, args []string) {
|
|||||||
if target == "" {
|
if target == "" {
|
||||||
target = resp.Payload.BackendProxyEndpoint
|
target = resp.Payload.BackendProxyEndpoint
|
||||||
}
|
}
|
||||||
|
if sdk.BackendMode(resp.Payload.BackendMode) == sdk.CaddyBackendMode {
|
||||||
|
cmd.headless = true
|
||||||
|
}
|
||||||
|
|
||||||
zif, err := env.ZitiIdentityNamed(env.EnvironmentIdentityName())
|
zif, err := root.ZitiIdentityNamed(root.EnvironmentIdentityName())
|
||||||
if err != nil {
|
if err != nil {
|
||||||
if !panicInstead {
|
if !panicInstead {
|
||||||
tui.Error("unable to load ziti identity configuration", err)
|
tui.Error("unable to load ziti identity configuration", err)
|
||||||
@ -129,7 +133,8 @@ func (cmd *shareReservedCommand) run(_ *cobra.Command, args []string) {
|
|||||||
Insecure: cmd.insecure,
|
Insecure: cmd.insecure,
|
||||||
Requests: requestsChan,
|
Requests: requestsChan,
|
||||||
}
|
}
|
||||||
_, err := cmd.proxyBackendMode(cfg)
|
|
||||||
|
be, err := proxy.NewBackend(cfg)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
if !panicInstead {
|
if !panicInstead {
|
||||||
tui.Error("unable to create proxy backend handler", err)
|
tui.Error("unable to create proxy backend handler", err)
|
||||||
@ -137,6 +142,12 @@ func (cmd *shareReservedCommand) run(_ *cobra.Command, args []string) {
|
|||||||
panic(err)
|
panic(err)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
go func() {
|
||||||
|
if err := be.Run(); err != nil {
|
||||||
|
logrus.Errorf("error running http proxy backend: %v", err)
|
||||||
|
}
|
||||||
|
}()
|
||||||
|
|
||||||
case "web":
|
case "web":
|
||||||
cfg := &proxy.CaddyWebBackendConfig{
|
cfg := &proxy.CaddyWebBackendConfig{
|
||||||
IdentityPath: zif,
|
IdentityPath: zif,
|
||||||
@ -144,14 +155,86 @@ func (cmd *shareReservedCommand) run(_ *cobra.Command, args []string) {
|
|||||||
ShrToken: shrToken,
|
ShrToken: shrToken,
|
||||||
Requests: requestsChan,
|
Requests: requestsChan,
|
||||||
}
|
}
|
||||||
_, err := cmd.webBackendMode(cfg)
|
|
||||||
|
be, err := proxy.NewCaddyWebBackend(cfg)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
if !panicInstead {
|
if !panicInstead {
|
||||||
tui.Error("unable to create web backend handler", err)
|
tui.Error("error creating web backend", err)
|
||||||
}
|
}
|
||||||
panic(err)
|
panic(err)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
go func() {
|
||||||
|
if err := be.Run(); err != nil {
|
||||||
|
logrus.Errorf("error running http web backend: %v", err)
|
||||||
|
}
|
||||||
|
}()
|
||||||
|
|
||||||
|
case "tcpTunnel":
|
||||||
|
cfg := &tcpTunnel.BackendConfig{
|
||||||
|
IdentityPath: zif,
|
||||||
|
EndpointAddress: target,
|
||||||
|
ShrToken: shrToken,
|
||||||
|
RequestsChan: requestsChan,
|
||||||
|
}
|
||||||
|
|
||||||
|
be, err := tcpTunnel.NewBackend(cfg)
|
||||||
|
if err != nil {
|
||||||
|
if !panicInstead {
|
||||||
|
tui.Error("error creating tcpTunnel backend", err)
|
||||||
|
}
|
||||||
|
panic(err)
|
||||||
|
}
|
||||||
|
|
||||||
|
go func() {
|
||||||
|
if err := be.Run(); err != nil {
|
||||||
|
logrus.Errorf("error running tcpTunnel backend: %v", err)
|
||||||
|
}
|
||||||
|
}()
|
||||||
|
|
||||||
|
case "udpTunnel":
|
||||||
|
cfg := &udpTunnel.BackendConfig{
|
||||||
|
IdentityPath: zif,
|
||||||
|
EndpointAddress: target,
|
||||||
|
ShrToken: shrToken,
|
||||||
|
RequestsChan: requestsChan,
|
||||||
|
}
|
||||||
|
|
||||||
|
be, err := udpTunnel.NewBackend(cfg)
|
||||||
|
if err != nil {
|
||||||
|
if !panicInstead {
|
||||||
|
tui.Error("error creating udpTunnel backend", err)
|
||||||
|
}
|
||||||
|
panic(err)
|
||||||
|
}
|
||||||
|
|
||||||
|
go func() {
|
||||||
|
if err := be.Run(); err != nil {
|
||||||
|
logrus.Errorf("error running udpTunnel backend: %v", err)
|
||||||
|
}
|
||||||
|
}()
|
||||||
|
|
||||||
|
case "caddy":
|
||||||
|
cfg := &proxy.CaddyfileBackendConfig{
|
||||||
|
CaddyfilePath: target,
|
||||||
|
Shr: &sdk.Share{Token: shrToken, FrontendEndpoints: []string{resp.Payload.FrontendEndpoint}},
|
||||||
|
Requests: requestsChan,
|
||||||
|
}
|
||||||
|
|
||||||
|
be, err := proxy.NewCaddyfileBackend(cfg)
|
||||||
|
if err != nil {
|
||||||
|
if !panicInstead {
|
||||||
|
tui.Error("error creating caddy backend", err)
|
||||||
|
}
|
||||||
|
panic(err)
|
||||||
|
}
|
||||||
|
|
||||||
|
go func() {
|
||||||
|
if err := be.Run(); err != nil {
|
||||||
|
logrus.Errorf("error running caddy backend: %v", err)
|
||||||
|
}
|
||||||
|
}()
|
||||||
|
|
||||||
default:
|
default:
|
||||||
tui.Error("invalid backend mode", nil)
|
tui.Error("invalid backend mode", nil)
|
||||||
}
|
}
|
||||||
@ -191,33 +274,3 @@ func (cmd *shareReservedCommand) run(_ *cobra.Command, args []string) {
|
|||||||
close(requestsChan)
|
close(requestsChan)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func (cmd *shareReservedCommand) proxyBackendMode(cfg *proxy.BackendConfig) (endpoints.RequestHandler, error) {
|
|
||||||
be, err := proxy.NewBackend(cfg)
|
|
||||||
if err != nil {
|
|
||||||
return nil, errors.Wrap(err, "error creating http proxy backend")
|
|
||||||
}
|
|
||||||
|
|
||||||
go func() {
|
|
||||||
if err := be.Run(); err != nil {
|
|
||||||
logrus.Errorf("error running http proxy backend: %v", err)
|
|
||||||
}
|
|
||||||
}()
|
|
||||||
|
|
||||||
return be, nil
|
|
||||||
}
|
|
||||||
|
|
||||||
func (cmd *shareReservedCommand) webBackendMode(cfg *proxy.CaddyWebBackendConfig) (endpoints.RequestHandler, error) {
|
|
||||||
be, err := proxy.NewCaddyWebBackend(cfg)
|
|
||||||
if err != nil {
|
|
||||||
return nil, errors.Wrap(err, "error creating http web backend")
|
|
||||||
}
|
|
||||||
|
|
||||||
go func() {
|
|
||||||
if err := be.Run(); err != nil {
|
|
||||||
logrus.Errorf("error running http web backend: %v", err)
|
|
||||||
}
|
|
||||||
}()
|
|
||||||
|
|
||||||
return be, nil
|
|
||||||
}
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user