extern/zrok
1
1
Fork 0
mirror of https://github.com/openziti/zrok.git synced 2024-12-23 15:18:52 +01:00
Code Issues Packages Projects Releases Wiki Activity

working 'zrok agent access private' (#463)

Browse Source
This commit is contained in:
Michael Quigley 2024-09-16 21:58:03 -04:00
parent e6a74ad5f3
commit fb23d238a0
No known key found for this signature in database
GPG Key ID: 9B60314A9DD20A62
4 changed files with 89 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
agent/agent.go
View File

@ -103,6 +103,24 @@ func (a *Agent) manager() {
} else { } else {
logrus.Debug("skipping unidentified (orphaned) share removal") logrus.Debug("skipping unidentified (orphaned) share removal")
} }
case inAccess := <-a.inAccesses:
logrus.Infof("adding new access '%v'", inAccess.frontendToken)
a.accesses[inAccess.frontendToken] = inAccess
case outAccess := <-a.outAccesses:
if outAccess.frontendToken != "" {
logrus.Infof("removing access '%v'", outAccess.frontendToken)
if err := proctree.StopChild(outAccess.process); err != nil {
logrus.Errorf("error stopping access '%v': %v", outAccess.frontendToken, err)
}
if err := proctree.WaitChild(outAccess.process); err != nil {
logrus.Errorf("error joining access '%v': %v", outAccess.frontendToken, err)
}
delete(a.accesses, outAccess.frontendToken)
} else {
logrus.Debug("skipping unidentified (orphaned) access removal")
}
} }
} }
} }

65
cmd/zrok/agentAccessPrivate.go Normal file
View File

@ -0,0 +1,65 @@
package main
import (
"context"
"fmt"
"github.com/openziti/zrok/agent/agentClient"
"github.com/openziti/zrok/agent/agentGrpc"
"github.com/openziti/zrok/environment"
"github.com/openziti/zrok/tui"
"github.com/spf13/cobra"
)
func init() {
agentAccessCmd.AddCommand(newAgentAccessPrivateCommand().cmd)
}
type agentAccessPrivateCommand struct {
bindAddress string
responseHeaders []string
cmd *cobra.Command
}
func newAgentAccessPrivateCommand() *agentAccessPrivateCommand {
cmd := &cobra.Command{
Use: "private <token>",
Short: "Bind a private access in the zrok Agent",
Args: cobra.ExactArgs(1),
}
command := &agentAccessPrivateCommand{cmd: cmd}
cmd.Flags().StringVarP(&command.bindAddress, "bind", "b", "127.0.0.1:9191", "The address to bind the private frontend")
cmd.Flags().StringArrayVar(&command.responseHeaders, "response-header", []string{}, "Add a response header ('key:value')")
cmd.Run = command.run
return command
}
func (cmd *agentAccessPrivateCommand) run(_ *cobra.Command, args []string) {
root, err := environment.LoadRoot()
if err != nil {
if !panicInstead {
tui.Error("unable to load environment", err)
}
panic(err)
}
if !root.IsEnabled() {
tui.Error("unable to load environment; did you 'zrok enable'?", nil)
}
client, conn, err := agentClient.NewClient(root)
if err != nil {
tui.Error("error connecting to agent", err)
}
defer conn.Close()
acc, err := client.PrivateAccess(context.Background(), &agentGrpc.PrivateAccessRequest{
Token: args[0],
BindAddress: cmd.bindAddress,
ResponseHeaders: cmd.responseHeaders,
})
if err != nil {
tui.Error("error creating access", err)
}
fmt.Println(acc)
}

2
cmd/zrok/agentSharePrivate.go
View File

@ -19,7 +19,6 @@ func init() {
type agentSharePrivateCommand struct { type agentSharePrivateCommand struct {
backendMode string backendMode string
headless bool
insecure bool insecure bool
closed bool closed bool
accessGrants []string accessGrants []string
@ -34,7 +33,6 @@ func newAgentSharePrivateCommand() *agentSharePrivateCommand {
} }
command := &agentSharePrivateCommand{cmd: cmd} command := &agentSharePrivateCommand{cmd: cmd}
cmd.Flags().StringVarP(&command.backendMode, "backend-mode", "b", "proxy", "The backend mode {proxy, web, tcpTunnel, udpTunnel, caddy, drive, socks, vpn}") cmd.Flags().StringVarP(&command.backendMode, "backend-mode", "b", "proxy", "The backend mode {proxy, web, tcpTunnel, udpTunnel, caddy, drive, socks, vpn}")
cmd.Flags().BoolVar(&command.headless, "headless", false, "Disable TUI and run headless")
cmd.Flags().BoolVar(&command.insecure, "insecure", false, "Enable insecure TLS certificate validation for <target>") cmd.Flags().BoolVar(&command.insecure, "insecure", false, "Enable insecure TLS certificate validation for <target>")
cmd.Flags().BoolVar(&command.closed, "closed", false, "Enable closed permission mode (see --access-grant)") cmd.Flags().BoolVar(&command.closed, "closed", false, "Enable closed permission mode (see --access-grant)")
cmd.Flags().StringArrayVar(&command.accessGrants, "access-grant", []string{}, "zrok accounts that are allowed to access this share (see --closed)") cmd.Flags().StringArrayVar(&command.accessGrants, "access-grant", []string{}, "zrok accounts that are allowed to access this share (see --closed)")

6
cmd/zrok/main.go
View File

@ -25,6 +25,7 @@ func init() {
adminCmd.AddCommand(adminListCmd) adminCmd.AddCommand(adminListCmd)
adminCmd.AddCommand(adminUpdateCmd) adminCmd.AddCommand(adminUpdateCmd)
rootCmd.AddCommand(agentCmd) rootCmd.AddCommand(agentCmd)
agentCmd.AddCommand(agentAccessCmd)
agentCmd.AddCommand(agentShareCmd) agentCmd.AddCommand(agentShareCmd)
agentCmd.AddCommand(agentReleaseCmd) agentCmd.AddCommand(agentReleaseCmd)
testCmd.AddCommand(loopCmd) testCmd.AddCommand(loopCmd)
@ -80,6 +81,11 @@ var adminUpdateCmd = &cobra.Command{
Short: "Update global resources", Short: "Update global resources",
} }
var agentAccessCmd = &cobra.Command{
Use: "access",
Short: "zrok Agent access commands",
}
var agentCmd = &cobra.Command{ var agentCmd = &cobra.Command{
Use: "agent", Use: "agent",
Short: "zrok Agent commands", Short: "zrok Agent commands",