extern/zrok
1
1
Fork 0
mirror of https://github.com/openziti/zrok.git synced 2024-11-21 23:53:19 +01:00
Code Issues Packages Projects Releases Wiki Activity

service -> share (#144)

Browse Source
This commit is contained in:
Michael Quigley 2023-01-04 14:42:58 -05:00
parent 74b9786a61
commit 3943aef40a
No known key found for this signature in database
GPG Key ID: 9B60314A9DD20A62
20 changed files with 111 additions and 116 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
cmd/zrok/accessPrivate.go
View File

@ -27,8 +27,8 @@ type accessPrivateCommand struct {
func newAccessPrivateCommand() *accessPrivateCommand {
cmd := &cobra.Command{
Use: "private <serviceToken>",
Short: "Create a private frontend to access a service",
Use: "private <shareToken>",
Short: "Create a private frontend to access a share",
Args: cobra.ExactArgs(1),
}
command := &accessPrivateCommand{cmd: cmd}
@ -79,7 +79,7 @@ func (cmd *accessPrivateCommand) run(_ *cobra.Command, args []string) {
logrus.Infof("allocated frontend '%v'", accessResp.Payload.FrontendToken)
cfg := privateFrontend.DefaultConfig("backend")
cfg.SvcToken = shrToken
cfg.ShrToken = shrToken
cfg.Address = cmd.bindAddress
c := make(chan os.Signal)
@ -98,7 +98,7 @@ func (cmd *accessPrivateCommand) run(_ *cobra.Command, args []string) {
panic(err)
}
logrus.Infof("access your service at: %v", endpointUrl.String())
logrus.Infof("access your share at: %v", endpointUrl.String())
if err := frontend.Run(); err != nil {
if !panicInstead {
@ -107,12 +107,12 @@ func (cmd *accessPrivateCommand) run(_ *cobra.Command, args []string) {
}
}
func (cmd *accessPrivateCommand) destroy(frotendName, envZId, svcToken string, zrok *rest_client_zrok.Zrok, auth runtime.ClientAuthInfoWriter) {
logrus.Debugf("shutting down '%v'", svcToken)
func (cmd *accessPrivateCommand) destroy(frotendName, envZId, shrToken string, zrok *rest_client_zrok.Zrok, auth runtime.ClientAuthInfoWriter) {
logrus.Debugf("shutting down '%v'", shrToken)
req := share.NewUnaccessParams()
req.Body = &rest_model_zrok.UnaccessRequest{
FrontendToken: frotendName,
ShrToken: svcToken,
ShrToken: shrToken,
EnvZID: envZId,
}
if _, err := zrok.Share.Unaccess(req, auth); err == nil {

4
cmd/zrok/disable.go
View File

@ -40,7 +40,7 @@ func (cmd *disableCommand) run(_ *cobra.Command, args []string) {
zrok, err := zrokdir.ZrokClient(env.ApiEndpoint)
if err != nil {
if !panicInstead {
showError("could not create zrok service client", err)
showError("could not create zrok client", err)
}
panic(err)
}
@ -51,7 +51,7 @@ func (cmd *disableCommand) run(_ *cobra.Command, args []string) {
}
_, err = zrok.Environment.Disable(req, auth)
if err != nil {
logrus.Warnf("service cleanup failed (%v); will clean up local environment", err)
logrus.Warnf("share cleanup failed (%v); will clean up local environment", err)
}
if err := zrokdir.DeleteEnvironment(); err != nil {
if !panicInstead {

4
cmd/zrok/main.go
View File

@ -40,7 +40,7 @@ var apiEndpoint string
var accessCmd = &cobra.Command{
Use: "access",
Short: "Create frontend access for services",
Short: "Create frontend access for shares",
}
var adminCmd = &cobra.Command{
@ -70,7 +70,7 @@ var adminUpdateCmd = &cobra.Command{
var shareCmd = &cobra.Command{
Use: "share",
Short: "Create backend access for services",
Short: "Create backend access for shares",
}
var testCmd = &cobra.Command{

12
cmd/zrok/release.go
View File

@ -20,8 +20,8 @@ type releaseCommand struct {
func newReleaseCommand() *releaseCommand {
cmd := &cobra.Command{
Use: "release <serviceToken>",
Short: "Release a reserved service",
Use: "release <shareToken>",
Short: "Release a reserved share",
Args: cobra.ExactArgs(1),
}
command := &releaseCommand{cmd: cmd}
@ -30,7 +30,7 @@ func newReleaseCommand() *releaseCommand {
}
func (cmd *releaseCommand) run(_ *cobra.Command, args []string) {
svcToken := args[0]
shrToken := args[0]
env, err := zrokdir.LoadEnvironment()
if err != nil {
ui.Close()
@ -52,15 +52,15 @@ func (cmd *releaseCommand) run(_ *cobra.Command, args []string) {
req := share.NewUnshareParams()
req.Body = &rest_model_zrok.UnshareRequest{
EnvZID: env.ZId,
ShrToken: svcToken,
ShrToken: shrToken,
Reserved: true,
}
if _, err := zrok.Share.Unshare(req, auth); err != nil {
if !panicInstead {
showError("error releasing service", err)
showError("error releasing share", err)
}
panic(err)
}
logrus.Infof("reserved service '%v' released", svcToken)
logrus.Infof("reserved share '%v' released", shrToken)
}

4
cmd/zrok/reserve.go
View File

@ -27,7 +27,7 @@ type reserveCommand struct {
func newReserveCommand() *reserveCommand {
cmd := &cobra.Command{
Use: "reserve <public|private> <targetEndpoint>",
Short: "Create a reserved service",
Short: "Create a reserved share",
Args: cobra.ExactArgs(2),
}
command := &reserveCommand{cmd: cmd}
@ -105,7 +105,7 @@ func (cmd *reserveCommand) run(_ *cobra.Command, args []string) {
panic(err)
}
logrus.Infof("your reserved service token is '%v'", resp.Payload.ShrToken)
logrus.Infof("your reserved share token is '%v'", resp.Payload.ShrToken)
for _, fpe := range resp.Payload.FrontendProxyEndpoints {
logrus.Infof("reserved frontend endpoint: %v", fpe)
}

12
cmd/zrok/sharePrivate.go
View File

@ -136,7 +136,7 @@ func (cmd *sharePrivateCommand) run(_ *cobra.Command, args []string) {
cfg := &proxyBackend.Config{
IdentityPath: zif,
EndpointAddress: target,
Service: resp.Payload.ShrToken,
ShrToken: resp.Payload.ShrToken,
}
_, err = cmd.proxyBackendMode(cfg)
if err != nil {
@ -151,7 +151,7 @@ func (cmd *sharePrivateCommand) run(_ *cobra.Command, args []string) {
cfg := &webBackend.Config{
IdentityPath: zif,
WebRoot: target,
Service: resp.Payload.ShrToken,
ShrToken: resp.Payload.ShrToken,
}
_, err = cmd.webBackendMode(cfg)
if err != nil {
@ -167,7 +167,7 @@ func (cmd *sharePrivateCommand) run(_ *cobra.Command, args []string) {
showError("invalid backend mode", nil)
}
logrus.Infof("share your zrok service; use this command for access: 'zrok access private %v'", resp.Payload.ShrToken)
logrus.Infof("share with others; they will use this command for access: 'zrok access private %v'", resp.Payload.ShrToken)
for {
time.Sleep(30 * time.Second)
@ -204,12 +204,12 @@ func (cmd *sharePrivateCommand) webBackendMode(cfg *webBackend.Config) (backendH
return be, nil
}
func (cmd *sharePrivateCommand) destroy(id string, svcToken string, zrok *rest_client_zrok.Zrok, auth runtime.ClientAuthInfoWriter) {
logrus.Debugf("shutting down '%v'", svcToken)
func (cmd *sharePrivateCommand) destroy(id string, shrToken string, zrok *rest_client_zrok.Zrok, auth runtime.ClientAuthInfoWriter) {
logrus.Debugf("shutting down '%v'", shrToken)
req := share.NewUnshareParams()
req.Body = &rest_model_zrok.UnshareRequest{
EnvZID: id,
ShrToken: svcToken,
ShrToken: shrToken,
}
if _, err := zrok.Share.Unshare(req, auth); err == nil {
logrus.Debugf("shutdown complete")

14
cmd/zrok/sharePublic.go
View File

@ -157,7 +157,7 @@ func (cmd *sharePublicCommand) run(_ *cobra.Command, args []string) {
cfg := &proxyBackend.Config{
IdentityPath: zif,
EndpointAddress: target,
Service: resp.Payload.ShrToken,
ShrToken: resp.Payload.ShrToken,
}
bh, err = cmd.proxyBackendMode(cfg)
if err != nil {
@ -172,7 +172,7 @@ func (cmd *sharePublicCommand) run(_ *cobra.Command, args []string) {
cfg := &webBackend.Config{
IdentityPath: zif,
WebRoot: target,
Service: resp.Payload.ShrToken,
ShrToken: resp.Payload.ShrToken,
}
bh, err = cmd.webBackendMode(cfg)
if err != nil {
@ -194,7 +194,7 @@ func (cmd *sharePublicCommand) run(_ *cobra.Command, args []string) {
p := widgets.NewParagraph()
p.Border = true
p.Title = " access your zrok service "
p.Title = " access your zrok share "
p.Text = fmt.Sprintf("%v%v", strings.Repeat(" ", (((w-12)-len(resp.Payload.FrontendProxyEndpoints[0]))/2)-1), resp.Payload.FrontendProxyEndpoints[0])
p.TextStyle = ui.Style{Fg: ui.ColorWhite}
p.PaddingTop = 1
@ -249,7 +249,7 @@ func (cmd *sharePublicCommand) run(_ *cobra.Command, args []string) {
}
}
} else {
logrus.Infof("access your zrok service: %v", resp.Payload.FrontendProxyEndpoints[0])
logrus.Infof("access your zrok share: %v", resp.Payload.FrontendProxyEndpoints[0])
for {
time.Sleep(30 * time.Second)
}
@ -286,12 +286,12 @@ func (cmd *sharePublicCommand) webBackendMode(cfg *webBackend.Config) (backendHa
return be, nil
}
func (cmd *sharePublicCommand) destroy(id string, svcToken string, zrok *rest_client_zrok.Zrok, auth runtime.ClientAuthInfoWriter) {
logrus.Debugf("shutting down '%v'", svcToken)
func (cmd *sharePublicCommand) destroy(id string, shrToken string, zrok *rest_client_zrok.Zrok, auth runtime.ClientAuthInfoWriter) {
logrus.Debugf("shutting down '%v'", shrToken)
req := share.NewUnshareParams()
req.Body = &rest_model_zrok.UnshareRequest{
EnvZID: id,
ShrToken: svcToken,
ShrToken: shrToken,
}
if _, err := zrok.Share.Unshare(req, auth); err == nil {
logrus.Debugf("shutdown complete")

12
cmd/zrok/shareReserved.go
View File

@ -25,8 +25,8 @@ type shareReservedCommand struct {
func newShareReservedCommand() *shareReservedCommand {
cmd := &cobra.Command{
Use: "reserved <serviceToken>",
Short: "Start a backend for a reserved service",
Use: "reserved <shareToken>",
Short: "Start a backend for a reserved share",
}
command := &shareReservedCommand{cmd: cmd}
cmd.Flags().StringVar(&command.overrideEndpoint, "override-endpoint", "", "Override the stored target endpoint with a replacement")
@ -73,7 +73,7 @@ func (cmd *shareReservedCommand) run(_ *cobra.Command, args []string) {
resp, err := zrok.Metadata.GetShareDetail(req, auth)
if err != nil {
if !panicInstead {
showError("unable to retrieve reserved service", err)
showError("unable to retrieve reserved share", err)
}
panic(err)
}
@ -92,7 +92,7 @@ func (cmd *shareReservedCommand) run(_ *cobra.Command, args []string) {
cfg := &proxyBackend.Config{
IdentityPath: zif,
EndpointAddress: targetEndpoint,
Service: shrToken,
ShrToken: shrToken,
}
logrus.Infof("sharing target endpoint: '%v'", cfg.EndpointAddress)
@ -133,10 +133,10 @@ func (cmd *shareReservedCommand) run(_ *cobra.Command, args []string) {
switch resp.Payload.ShareMode {
case "public":
logrus.Infof("access your zrok service: %v", resp.Payload.FrontendEndpoint)
logrus.Infof("access your zrok share: %v", resp.Payload.FrontendEndpoint)
case "private":
logrus.Infof("use this command to access your zrok service: 'zrok access private %v'", shrToken)
logrus.Infof("use this command to access your zrok share: 'zrok access private %v'", shrToken)
}
for {

10
controller/sharePrivate.go
View File

@ -13,7 +13,7 @@ func newPrivateResourceAllocator() *privateResourceAllocator {
return &privateResourceAllocator{}
}
func (a *privateResourceAllocator) allocate(envZId, shrToken string, params share.ShareParams, edge *rest_management_api_client.ZitiEdgeManagement) (svcZId string, frontendEndpoints []string, err error) {
func (a *privateResourceAllocator) allocate(envZId, shrToken string, params share.ShareParams, edge *rest_management_api_client.ZitiEdgeManagement) (shrZId string, frontendEndpoints []string, err error) {
var authUsers []*model.AuthUser
for _, authUser := range params.Body.AuthUsers {
authUsers = append(authUsers, &model.AuthUser{authUser.Username, authUser.Password})
@ -23,18 +23,18 @@ func (a *privateResourceAllocator) allocate(envZId, shrToken string, params shar
return "", nil, err
}
svcZId, err = zrokEdgeSdk.CreateShareService(envZId, shrToken, cfgZId, edge)
shrZId, err = zrokEdgeSdk.CreateShareService(envZId, shrToken, cfgZId, edge)
if err != nil {
return "", nil, err
}
if err := zrokEdgeSdk.CreateServicePolicyBind(envZId+"-"+svcZId+"-bind", svcZId, envZId, zrokEdgeSdk.ZrokShareTags(shrToken).SubTags, edge); err != nil {
if err := zrokEdgeSdk.CreateServicePolicyBind(envZId+"-"+shrZId+"-bind", shrZId, envZId, zrokEdgeSdk.ZrokShareTags(shrToken).SubTags, edge); err != nil {
return "", nil, err
}
if err := zrokEdgeSdk.CreateShareServiceEdgeRouterPolicy(envZId, shrToken, svcZId, edge); err != nil {
if err := zrokEdgeSdk.CreateShareServiceEdgeRouterPolicy(envZId, shrToken, shrZId, edge); err != nil {
return "", nil, err
}
return svcZId, nil, nil
return shrZId, nil, nil
}

16
controller/sharePublic.go
View File

@ -13,36 +13,36 @@ func newPublicResourceAllocator() *publicResourceAllocator {
return &publicResourceAllocator{}
}
func (a *publicResourceAllocator) allocate(envZId, svcToken string, frontendZIds, frontendTemplates []string, params share.ShareParams, edge *rest_management_api_client.ZitiEdgeManagement) (svcZId string, frontendEndpoints []string, err error) {
func (a *publicResourceAllocator) allocate(envZId, shrToken string, frontendZIds, frontendTemplates []string, params share.ShareParams, edge *rest_management_api_client.ZitiEdgeManagement) (shrZId string, frontendEndpoints []string, err error) {
var authUsers []*model.AuthUser
for _, authUser := range params.Body.AuthUsers {
authUsers = append(authUsers, &model.AuthUser{authUser.Username, authUser.Password})
}
cfgId, err := zrokEdgeSdk.CreateConfig(zrokProxyConfigId, envZId, svcToken, params.Body.AuthScheme, authUsers, edge)
cfgId, err := zrokEdgeSdk.CreateConfig(zrokProxyConfigId, envZId, shrToken, params.Body.AuthScheme, authUsers, edge)
if err != nil {
return "", nil, err
}
svcZId, err = zrokEdgeSdk.CreateShareService(envZId, svcToken, cfgId, edge)
shrZId, err = zrokEdgeSdk.CreateShareService(envZId, shrToken, cfgId, edge)
if err != nil {
return "", nil, err
}
if err := zrokEdgeSdk.CreateServicePolicyBind(envZId+"-"+svcZId+"-bind", svcZId, envZId, zrokEdgeSdk.ZrokShareTags(svcToken).SubTags, edge); err != nil {
if err := zrokEdgeSdk.CreateServicePolicyBind(envZId+"-"+shrZId+"-bind", shrZId, envZId, zrokEdgeSdk.ZrokShareTags(shrToken).SubTags, edge); err != nil {
return "", nil, err
}
if err := zrokEdgeSdk.CreateServicePolicyDial(envZId+"-"+svcZId+"-dial", svcZId, frontendZIds, zrokEdgeSdk.ZrokShareTags(svcToken).SubTags, edge); err != nil {
if err := zrokEdgeSdk.CreateServicePolicyDial(envZId+"-"+shrZId+"-dial", shrZId, frontendZIds, zrokEdgeSdk.ZrokShareTags(shrToken).SubTags, edge); err != nil {
return "", nil, err
}
if err := zrokEdgeSdk.CreateShareServiceEdgeRouterPolicy(envZId, svcToken, svcZId, edge); err != nil {
if err := zrokEdgeSdk.CreateShareServiceEdgeRouterPolicy(envZId, shrToken, shrZId, edge); err != nil {
return "", nil, err
}
for _, frontendTemplate := range frontendTemplates {
frontendEndpoints = append(frontendEndpoints, proxyUrl(svcToken, frontendTemplate))
frontendEndpoints = append(frontendEndpoints, proxyUrl(shrToken, frontendTemplate))
}
return svcZId, frontendEndpoints, nil
return shrZId, frontendEndpoints, nil
}

18
controller/unshare.go
View File

@ -35,7 +35,7 @@ func (h *unshareHandler) Handle(params share.UnshareParams, principal *rest_mode
return share.NewUnshareInternalServerError()
}
shrToken := params.Body.ShrToken
svcZId, err := h.findServiceZId(shrToken, edge)
shrZId, err := h.findShareZId(shrToken, edge)
if err != nil {
logrus.Error(err)
return share.NewUnshareNotFound()
@ -61,13 +61,13 @@ func (h *unshareHandler) Handle(params share.UnshareParams, principal *rest_mode
var sshr *store.Share
if shrs, err := str.FindSharesForEnvironment(senv.Id, tx); err == nil {
for _, shr := range shrs {
if shr.ZId == svcZId {
if shr.ZId == shrZId {
sshr = shr
break
}
}
if sshr == nil {
err := errors.Errorf("share with id '%v' not found for '%v'", svcZId, principal.Email)
err := errors.Errorf("share with id '%v' not found for '%v'", shrZId, principal.Email)
logrus.Error(err)
return share.NewUnshareNotFound()
}
@ -78,7 +78,7 @@ func (h *unshareHandler) Handle(params share.UnshareParams, principal *rest_mode
if sshr.Reserved == params.Body.Reserved {
// single tag-based share deallocator; should work regardless of sharing mode
if err := h.deallocateResources(senv, shrToken, svcZId, edge); err != nil {
if err := h.deallocateResources(senv, shrToken, shrZId, edge); err != nil {
logrus.Errorf("error unsharing ziti resources for '%v': %v", sshr, err)
return share.NewUnshareInternalServerError()
}
@ -86,11 +86,11 @@ func (h *unshareHandler) Handle(params share.UnshareParams, principal *rest_mode
logrus.Debugf("deallocated share '%v'", shrToken)
if err := str.DeleteShare(sshr.Id, tx); err != nil {
logrus.Errorf("error deactivating share '%v': %v", svcZId, err)
logrus.Errorf("error deactivating share '%v': %v", shrZId, err)
return share.NewUnshareInternalServerError()
}
if err := tx.Commit(); err != nil {
logrus.Errorf("error committing transaction for '%v': %v", svcZId, err)
logrus.Errorf("error committing transaction for '%v': %v", shrZId, err)
return share.NewUnshareInternalServerError()
}
@ -101,7 +101,7 @@ func (h *unshareHandler) Handle(params share.UnshareParams, principal *rest_mode
return share.NewUnshareOK()
}
func (h *unshareHandler) findServiceZId(shrToken string, edge *rest_management_api_client.ZitiEdgeManagement) (string, error) {
func (h *unshareHandler) findShareZId(shrToken string, edge *rest_management_api_client.ZitiEdgeManagement) (string, error) {
filter := fmt.Sprintf("name=\"%v\"", shrToken)
limit := int64(1)
offset := int64(0)
@ -122,7 +122,7 @@ func (h *unshareHandler) findServiceZId(shrToken string, edge *rest_management_a
return "", errors.Errorf("share '%v' not found", shrToken)
}
func (h *unshareHandler) deallocateResources(senv *store.Environment, shrToken, svcZId string, edge *rest_management_api_client.ZitiEdgeManagement) error {
func (h *unshareHandler) deallocateResources(senv *store.Environment, shrToken, shrZId string, edge *rest_management_api_client.ZitiEdgeManagement) error {
if err := zrokEdgeSdk.DeleteServiceEdgeRouterPolicy(senv.ZId, shrToken, edge); err != nil {
return err
}
@ -135,7 +135,7 @@ func (h *unshareHandler) deallocateResources(senv *store.Environment, shrToken,
if err := zrokEdgeSdk.DeleteConfig(senv.ZId, shrToken, edge); err != nil {
return err
}
if err := zrokEdgeSdk.DeleteService(senv.ZId, svcZId, edge); err != nil {
if err := zrokEdgeSdk.DeleteService(senv.ZId, shrZId, edge); err != nil {
return err
}
return nil

6
controller/zrokEdgeSdk/serp.go
View File

@ -11,12 +11,12 @@ import (
"time"
)
func CreateShareServiceEdgeRouterPolicy(envZId, shrToken, svcZId string, edge *rest_management_api_client.ZitiEdgeManagement) error {
serpZId, err := CreateServiceEdgeRouterPolicy(shrToken, svcZId, ZrokShareTags(shrToken).SubTags, edge)
func CreateShareServiceEdgeRouterPolicy(envZId, shrToken, shrZId string, edge *rest_management_api_client.ZitiEdgeManagement) error {
serpZId, err := CreateServiceEdgeRouterPolicy(shrToken, shrZId, ZrokShareTags(shrToken).SubTags, edge)
if err != nil {
return err
}
logrus.Infof("created service edge router policy '%v' for service '%v' for environment '%v'", serpZId, svcZId, envZId)
logrus.Infof("created service edge router policy '%v' for service '%v' for environment '%v'", serpZId, shrZId, envZId)
return nil
}

6
controller/zrokEdgeSdk/service.go
View File

@ -41,9 +41,9 @@ func CreateService(name string, cfgZIds []string, addlTags map[string]interface{
return resp.Payload.Data.ID, nil
}
func DeleteService(envZId, svcZId string, edge *rest_management_api_client.ZitiEdgeManagement) error {
func DeleteService(envZId, shrZId string, edge *rest_management_api_client.ZitiEdgeManagement) error {
req := &edge_service.DeleteServiceParams{
ID: svcZId,
ID: shrZId,
Context: context.Background(),
}
req.SetTimeout(30 * time.Second)
@ -51,6 +51,6 @@ func DeleteService(envZId, svcZId string, edge *rest_management_api_client.ZitiE
if err != nil {
return err
}
logrus.Infof("deleted service '%v' for environment '%v'", svcZId, envZId)
logrus.Infof("deleted service '%v' for environment '%v'", shrZId, envZId)
return nil
}

5
docs/network/prod/zrok-ctrl.yml
View File

@ -8,11 +8,6 @@ endpoint:
host: 0.0.0.0
port: 8080
proxy:
url_template: "https://{svcName}.in.zrok.io/"
identities:
- "e6gMfeD4y"
store:
path: /home/ubuntu/local/etc/zrok.io/db/zrok-ctrl.db

2
endpoints/privateFrontend/config.go
View File

@ -2,7 +2,7 @@ package privateFrontend
type Config struct {
IdentityName string
SvcToken string
ShrToken string
Address string
}

32
endpoints/privateFrontend/http.go
View File

@ -21,7 +21,7 @@ import (
type httpFrontend struct {
cfg *Config
zCtx ziti.Context
svcToken string
shrToken string
handler http.Handler
}
@ -36,7 +36,7 @@ func NewHTTP(cfg *Config) (*httpFrontend, error) {
}
zCfg.ConfigTypes = []string{model.ZrokProxyConfig}
zCtx := ziti.NewContextWithConfig(zCfg)
zDialCtx := zitiDialContext{ctx: zCtx, svcToken: cfg.SvcToken}
zDialCtx := zitiDialContext{ctx: zCtx, shrToken: cfg.ShrToken}
zTransport := http.DefaultTransport.(*http.Transport).Clone()
zTransport.DialContext = zDialCtx.Dial
@ -46,7 +46,7 @@ func NewHTTP(cfg *Config) (*httpFrontend, error) {
}
proxy.Transport = zTransport
handler := authHandler(cfg.SvcToken, util.NewProxyHandler(proxy), "zrok", cfg, zCtx)
handler := authHandler(cfg.ShrToken, util.NewProxyHandler(proxy), "zrok", cfg, zCtx)
return &httpFrontend{
cfg: cfg,
zCtx: zCtx,
@ -60,11 +60,11 @@ func (h *httpFrontend) Run() error {
type zitiDialContext struct {
ctx ziti.Context
svcToken string
shrToken string
}
func (zdc *zitiDialContext) Dial(_ context.Context, _ string, addr string) (net.Conn, error) {
conn, err := zdc.ctx.Dial(zdc.svcToken)
conn, err := zdc.ctx.Dial(zdc.shrToken)
if err != nil {
return conn, err
}
@ -90,15 +90,15 @@ func newServiceProxy(cfg *Config, ctx ziti.Context) (*httputil.ReverseProxy, err
func serviceTargetProxy(cfg *Config, ctx ziti.Context) *httputil.ReverseProxy {
director := func(req *http.Request) {
targetSvc := cfg.SvcToken
if svc, found := endpoints.GetRefreshedService(targetSvc, ctx); found {
targetShrToken := cfg.ShrToken
if svc, found := endpoints.GetRefreshedService(targetShrToken, ctx); found {
if cfg, found := svc.Configs[model.ZrokProxyConfig]; found {
logrus.Debugf("auth model: %v", cfg)
} else {
logrus.Warn("no config!")
}
if target, err := url.Parse(fmt.Sprintf("http://%v", targetSvc)); err == nil {
logrus.Infof("[%v] -> %v", targetSvc, req.URL)
if target, err := url.Parse(fmt.Sprintf("http://%v", targetShrToken)); err == nil {
logrus.Infof("[%v] -> %v", targetShrToken, req.URL)
targetQuery := target.RawQuery
req.URL.Scheme = target.Scheme
@ -121,19 +121,19 @@ func serviceTargetProxy(cfg *Config, ctx ziti.Context) *httputil.ReverseProxy {
return &httputil.ReverseProxy{Director: director}
}
func authHandler(svcToken string, handler http.Handler, realm string, cfg *Config, ctx ziti.Context) http.HandlerFunc {
func authHandler(shrToken string, handler http.Handler, realm string, cfg *Config, ctx ziti.Context) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
if svc, found := endpoints.GetRefreshedService(svcToken, ctx); found {
if svc, found := endpoints.GetRefreshedService(shrToken, ctx); found {
if cfg, found := svc.Configs[model.ZrokProxyConfig]; found {
if scheme, found := cfg["auth_scheme"]; found {
switch scheme {
case string(model.None):
logrus.Debugf("auth scheme none '%v'", svcToken)
logrus.Debugf("auth scheme none '%v'", shrToken)
handler.ServeHTTP(w, r)
return
case string(model.Basic):
logrus.Debugf("auth scheme basic '%v", svcToken)
logrus.Debugf("auth scheme basic '%v", shrToken)
inUser, inPass, ok := r.BasicAuth()
if !ok {
writeUnauthorizedResponse(w, realm)
@ -182,15 +182,15 @@ func authHandler(svcToken string, handler http.Handler, realm string, cfg *Confi
return
}
} else {
logrus.Warnf("%v -> no auth scheme for '%v'", r.RemoteAddr, svcToken)
logrus.Warnf("%v -> no auth scheme for '%v'", r.RemoteAddr, shrToken)
notFoundUi.WriteNotFound(w)
}
} else {
logrus.Warnf("%v -> no proxy config for '%v'", r.RemoteAddr, svcToken)
logrus.Warnf("%v -> no proxy config for '%v'", r.RemoteAddr, shrToken)
notFoundUi.WriteNotFound(w)
}
} else {
logrus.Warnf("%v -> service '%v' not found", r.RemoteAddr, svcToken)
logrus.Warnf("%v -> service '%v' not found", r.RemoteAddr, shrToken)
notFoundUi.WriteNotFound(w)
}
}

4
endpoints/proxyBackend/http.go
View File

@ -18,7 +18,7 @@ import (
type Config struct {
IdentityPath string
EndpointAddress string
Service string
ShrToken string
}
type backend struct {
@ -37,7 +37,7 @@ func NewBackend(cfg *Config) (*backend, error) {
if err != nil {
return nil, errors.Wrap(err, "error loading config")
}
listener, err := ziti.NewContextWithConfig(zcfg).ListenWithOptions(cfg.Service, &options)
listener, err := ziti.NewContextWithConfig(zcfg).ListenWithOptions(cfg.ShrToken, &options)
if err != nil {
return nil, errors.Wrap(err, "error listening")
}

30
endpoints/publicFrontend/http.go
View File

@ -73,12 +73,12 @@ type zitiDialContext struct {
}
func (self *zitiDialContext) Dial(_ context.Context, _ string, addr string) (net.Conn, error) {
svcToken := strings.Split(addr, ":")[0] // ignore :port (we get passed 'host:port')
conn, err := self.ctx.Dial(svcToken)
shrToken := strings.Split(addr, ":")[0] // ignore :port (we get passed 'host:port')
conn, err := self.ctx.Dial(shrToken)
if err != nil {
return conn, err
}
return newMetricsConn(svcToken, conn, self.updates), nil
return newMetricsConn(shrToken, conn, self.updates), nil
}
func newServiceProxy(cfg *Config, ctx ziti.Context) (*httputil.ReverseProxy, error) {
@ -100,15 +100,15 @@ func newServiceProxy(cfg *Config, ctx ziti.Context) (*httputil.ReverseProxy, err
func hostTargetReverseProxy(cfg *Config, ctx ziti.Context) *httputil.ReverseProxy {
director := func(req *http.Request) {
targetSvc := resolveService(cfg.HostMatch, req.Host)
if svc, found := endpoints.GetRefreshedService(targetSvc, ctx); found {
targetShrToken := resolveService(cfg.HostMatch, req.Host)
if svc, found := endpoints.GetRefreshedService(targetShrToken, ctx); found {
if cfg, found := svc.Configs[model.ZrokProxyConfig]; found {
logrus.Debugf("auth model: %v", cfg)
} else {
logrus.Warn("no config!")
}
if target, err := url.Parse(fmt.Sprintf("http://%v", targetSvc)); err == nil {
logrus.Infof("[%v] -> %v", targetSvc, req.URL)
if target, err := url.Parse(fmt.Sprintf("http://%v", targetShrToken)); err == nil {
logrus.Infof("[%v] -> %v", targetShrToken, req.URL)
targetQuery := target.RawQuery
req.URL.Scheme = target.Scheme
@ -133,19 +133,19 @@ func hostTargetReverseProxy(cfg *Config, ctx ziti.Context) *httputil.ReverseProx
func authHandler(handler http.Handler, realm string, cfg *Config, ctx ziti.Context) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
svcToken := resolveService(cfg.HostMatch, r.Host)
if svcToken != "" {
if svc, found := endpoints.GetRefreshedService(svcToken, ctx); found {
shrToken := resolveService(cfg.HostMatch, r.Host)
if shrToken != "" {
if svc, found := endpoints.GetRefreshedService(shrToken, ctx); found {
if cfg, found := svc.Configs[model.ZrokProxyConfig]; found {
if scheme, found := cfg["auth_scheme"]; found {
switch scheme {
case string(model.None):
logrus.Debugf("auth scheme none '%v'", svcToken)
logrus.Debugf("auth scheme none '%v'", shrToken)
handler.ServeHTTP(w, r)
return
case string(model.Basic):
logrus.Debugf("auth scheme basic '%v", svcToken)
logrus.Debugf("auth scheme basic '%v", shrToken)
inUser, inPass, ok := r.BasicAuth()
if !ok {
writeUnauthorizedResponse(w, realm)
@ -194,15 +194,15 @@ func authHandler(handler http.Handler, realm string, cfg *Config, ctx ziti.Conte
return
}
} else {
logrus.Warnf("%v -> no auth scheme for '%v'", r.RemoteAddr, svcToken)
logrus.Warnf("%v -> no auth scheme for '%v'", r.RemoteAddr, shrToken)
notFoundUi.WriteNotFound(w)
}
} else {
logrus.Warnf("%v -> no proxy config for '%v'", r.RemoteAddr, svcToken)
logrus.Warnf("%v -> no proxy config for '%v'", r.RemoteAddr, shrToken)
notFoundUi.WriteNotFound(w)
}
} else {
logrus.Warnf("%v -> service '%v' not found", r.RemoteAddr, svcToken)
logrus.Warnf("%v -> service '%v' not found", r.RemoteAddr, shrToken)
notFoundUi.WriteNotFound(w)
}
} else {

4
endpoints/webBackend/web.go
View File

@ -12,7 +12,7 @@ import (
type Config struct {
IdentityPath string
WebRoot string
Service string
ShrToken string
}
type backend struct {
@ -30,7 +30,7 @@ func NewBackend(cfg *Config) (*backend, error) {
if err != nil {
return nil, errors.Wrap(err, "error loading config")
}
listener, err := ziti.NewContextWithConfig(zcfg).ListenWithOptions(cfg.Service, &options)
listener, err := ziti.NewContextWithConfig(zcfg).ListenWithOptions(cfg.ShrToken, &options)
if err != nil {
return nil, errors.Wrap(err, "error listening")
}

18
ui/src/console/visualizer/graph.js
View File

@ -43,21 +43,21 @@ export const mergeGraph = (oldGraph, user, newOverview) => {
color: "#777"
});
if(env.shares) {
env.shares.forEach(svc => {
let svcLabel = svc.token;
if(svc.backendProxyEndpoint !== "") {
svcLabel = svc.backendProxyEndpoint;
env.shares.forEach(shr => {
let shrLabel = shr.token;
if(shr.backendProxyEndpoint !== "") {
shrLabel = shr.backendProxyEndpoint;
}
let svcNode = {
id: svc.token,
label: svcLabel,
let shrNode = {
id: shr.token,
label: shrLabel,
type: "share",
val: 50
};
newGraph.nodes.push(svcNode);
newGraph.nodes.push(shrNode);
newGraph.links.push({
target: envNode.id,
source: svcNode.id,
source: shrNode.id,
color: "#777"
});
});