diff --git a/cmd/zrok/accessPrivate.go b/cmd/zrok/accessPrivate.go index e478c8a1..8bb1402f 100644 --- a/cmd/zrok/accessPrivate.go +++ b/cmd/zrok/accessPrivate.go @@ -143,6 +143,28 @@ func (cmd *accessPrivateCommand) run(_ *cobra.Command, args []string) { } }() + case "socks": + fe, err := tcpTunnel.NewFrontend(&tcpTunnel.FrontendConfig{ + BindAddress: cmd.bindAddress, + IdentityName: env.EnvironmentIdentityName(), + ShrToken: args[0], + RequestsChan: requests, + }) + if err != nil { + if !panicInstead { + tui.Error("unable to create private access", err) + } + panic(err) + } + go func() { + if err := fe.Run(); err != nil { + if !panicInstead { + tui.Error("error starting access", err) + } + panic(err) + } + }() + default: cfg := proxy.DefaultFrontendConfig(env.EnvironmentIdentityName()) cfg.ShrToken = shrToken diff --git a/cmd/zrok/reserve.go b/cmd/zrok/reserve.go index cb1ae2d8..94695827 100644 --- a/cmd/zrok/reserve.go +++ b/cmd/zrok/reserve.go @@ -38,7 +38,7 @@ func newReserveCommand() *reserveCommand { command := &reserveCommand{cmd: cmd} cmd.Flags().StringVarP(&command.uniqueName, "unique-name", "n", "", "A unique name for the reserved share (defaults to generated identifier)") cmd.Flags().StringArrayVar(&command.frontendSelection, "frontends", []string{"public"}, "Selected frontends to use for the share") - cmd.Flags().StringVarP(&command.backendMode, "backend-mode", "b", "proxy", "The backend mode (public|private: proxy, web, caddy, drive) (private: tcpTunnel, udpTunnel)") + cmd.Flags().StringVarP(&command.backendMode, "backend-mode", "b", "proxy", "The backend mode (public|private: proxy, web, caddy, drive) (private: tcpTunnel, udpTunnel, socks)") cmd.Flags().BoolVarP(&command.jsonOutput, "json-output", "j", false, "Emit JSON describing the created reserved share") cmd.Flags().StringArrayVar(&command.basicAuth, "basic-auth", []string{}, "Basic authentication users (,...)") cmd.Flags().StringVar(&command.oauthProvider, "oauth-provider", "", "Enable OAuth provider [google, github]") @@ -52,7 +52,7 @@ func newReserveCommand() *reserveCommand { func (cmd *reserveCommand) run(_ *cobra.Command, args []string) { shareMode := sdk.ShareMode(args[0]) - privateOnlyModes := []string{"tcpTunnel", "udpTunnel"} + privateOnlyModes := []string{"tcpTunnel", "udpTunnel", "socks"} if shareMode != sdk.PublicShareMode && shareMode != sdk.PrivateShareMode { tui.Error("invalid sharing mode; expecting 'public' or 'private'", nil) } else if shareMode == sdk.PublicShareMode && slices.Contains(privateOnlyModes, cmd.backendMode) { @@ -87,8 +87,11 @@ func (cmd *reserveCommand) run(_ *cobra.Command, args []string) { case "drive": target = args[1] + case "socks": + target = "" + default: - tui.Error(fmt.Sprintf("invalid backend mode '%v'; expected {proxy, web, tcpTunnel, udpTunnel, caddy, drive}", cmd.backendMode), nil) + tui.Error(fmt.Sprintf("invalid backend mode '%v'; expected {proxy, web, tcpTunnel, udpTunnel, caddy, drive, socks}", cmd.backendMode), nil) } env, err := environment.LoadRoot() diff --git a/cmd/zrok/sharePrivate.go b/cmd/zrok/sharePrivate.go index 962b5cdd..291d4849 100644 --- a/cmd/zrok/sharePrivate.go +++ b/cmd/zrok/sharePrivate.go @@ -6,6 +6,7 @@ import ( "github.com/openziti/zrok/endpoints" "github.com/openziti/zrok/endpoints/drive" "github.com/openziti/zrok/endpoints/proxy" + "github.com/openziti/zrok/endpoints/socks" "github.com/openziti/zrok/endpoints/tcpTunnel" "github.com/openziti/zrok/endpoints/udpTunnel" "github.com/openziti/zrok/environment" @@ -39,7 +40,7 @@ func newSharePrivateCommand() *sharePrivateCommand { } command := &sharePrivateCommand{cmd: cmd} cmd.Flags().StringArrayVar(&command.basicAuth, "basic-auth", []string{}, "Basic authentication users (,...") - cmd.Flags().StringVarP(&command.backendMode, "backend-mode", "b", "proxy", "The backend mode {proxy, web, tcpTunnel, udpTunnel, caddy, drive}") + cmd.Flags().StringVarP(&command.backendMode, "backend-mode", "b", "proxy", "The backend mode {proxy, web, tcpTunnel, udpTunnel, caddy, drive, socks}") cmd.Flags().BoolVar(&command.headless, "headless", false, "Disable TUI and run headless") cmd.Flags().BoolVar(&command.insecure, "insecure", false, "Enable insecure TLS certificate validation for ") cmd.Run = command.run @@ -76,6 +77,9 @@ func (cmd *sharePrivateCommand) run(_ *cobra.Command, args []string) { case "drive": target = args[0] + case "socks": + target = "" + default: tui.Error(fmt.Sprintf("invalid backend mode '%v'; expected {proxy, web, tcpTunnel, udpTunnel, caddy, drive}", cmd.backendMode), nil) } @@ -264,6 +268,27 @@ func (cmd *sharePrivateCommand) run(_ *cobra.Command, args []string) { } }() + case "socks": + cfg := &socks.BackendConfig{ + IdentityPath: zif, + ShrToken: shr.Token, + Requests: requests, + } + + be, err := socks.NewBackend(cfg) + if err != nil { + if !panicInstead { + tui.Error("error creating socks backend", err) + } + panic(err) + } + + go func() { + if err := be.Run(); err != nil { + logrus.Errorf("error running socks backend: %v", err) + } + }() + default: tui.Error("invalid backend mode", nil) } diff --git a/cmd/zrok/shareReserved.go b/cmd/zrok/shareReserved.go index b3c20d84..580ac3a4 100644 --- a/cmd/zrok/shareReserved.go +++ b/cmd/zrok/shareReserved.go @@ -7,6 +7,7 @@ import ( "github.com/openziti/zrok/endpoints" "github.com/openziti/zrok/endpoints/drive" "github.com/openziti/zrok/endpoints/proxy" + "github.com/openziti/zrok/endpoints/socks" "github.com/openziti/zrok/endpoints/tcpTunnel" "github.com/openziti/zrok/endpoints/udpTunnel" "github.com/openziti/zrok/environment" @@ -258,6 +259,27 @@ func (cmd *shareReservedCommand) run(_ *cobra.Command, args []string) { } }() + case "socks": + cfg := &socks.BackendConfig{ + IdentityPath: zif, + ShrToken: shrToken, + Requests: requests, + } + + be, err := socks.NewBackend(cfg) + if err != nil { + if !panicInstead { + tui.Error("error creating socks backend", err) + } + panic(err) + } + + go func() { + if err := be.Run(); err != nil { + logrus.Errorf("error running socks backend: %v", err) + } + }() + default: tui.Error("invalid backend mode", nil) }