extern/zrok
1
1
Fork 0
mirror of https://github.com/openziti/zrok.git synced 2025-06-01 15:48:21 +02:00
Code Issues Packages Projects Releases Wiki Activity

getting a basic tunnel backend plumbed up (#170)

Browse Source
This commit is contained in:
Michael Quigley 2023-04-14 14:55:49 -04:00
parent 3ec7e4253c
commit fd741353d7
No known key found for this signature in database
GPG Key ID: 9B60314A9DD20A62
6 changed files with 94 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
cmd/zrok/sharePrivate.go
View File

@ -7,6 +7,7 @@ import (
httptransport "github.com/go-openapi/runtime/client" httptransport "github.com/go-openapi/runtime/client"
"github.com/openziti/zrok/endpoints" "github.com/openziti/zrok/endpoints"
"github.com/openziti/zrok/endpoints/proxyBackend" "github.com/openziti/zrok/endpoints/proxyBackend"
"github.com/openziti/zrok/endpoints/tunnelBackend"
"github.com/openziti/zrok/endpoints/webBackend" "github.com/openziti/zrok/endpoints/webBackend"
"github.com/openziti/zrok/model" "github.com/openziti/zrok/model"
"github.com/openziti/zrok/rest_client_zrok" "github.com/openziti/zrok/rest_client_zrok"
@ -43,7 +44,7 @@ func newSharePrivateCommand() *sharePrivateCommand {
} }
command := &sharePrivateCommand{cmd: cmd} command := &sharePrivateCommand{cmd: cmd}
cmd.Flags().StringArrayVar(&command.basicAuth, "basic-auth", []string{}, "Basic authentication users (<username:password>,...") cmd.Flags().StringArrayVar(&command.basicAuth, "basic-auth", []string{}, "Basic authentication users (<username:password>,...")
cmd.Flags().StringVar(&command.backendMode, "backend-mode", "proxy", "The backend mode {proxy, web}") cmd.Flags().StringVar(&command.backendMode, "backend-mode", "proxy", "The backend mode {proxy, web, tunnel}")
cmd.Flags().BoolVar(&command.headless, "headless", false, "Disable TUI and run headless") cmd.Flags().BoolVar(&command.headless, "headless", false, "Disable TUI and run headless")
cmd.Flags().BoolVar(&command.insecure, "insecure", false, "Enable insecure TLS certificate validation for <target>") cmd.Flags().BoolVar(&command.insecure, "insecure", false, "Enable insecure TLS certificate validation for <target>")
cmd.Run = command.run cmd.Run = command.run
@ -67,8 +68,11 @@ func (cmd *sharePrivateCommand) run(_ *cobra.Command, args []string) {
case "web": case "web":
target = args[0] target = args[0]
case "tunnel":
target = args[0]
default: default:
tui.Error(fmt.Sprintf("invalid backend mode '%v'; expected {proxy, web}", cmd.backendMode), nil) tui.Error(fmt.Sprintf("invalid backend mode '%v'; expected {proxy, web, tunnel}", cmd.backendMode), nil)
} }
zrd, err := zrokdir.Load() zrd, err := zrokdir.Load()
@ -99,6 +103,8 @@ func (cmd *sharePrivateCommand) run(_ *cobra.Command, args []string) {
panic(err) panic(err)
} }
logrus.Infof("here")
auth := httptransport.APIKeyAuth("X-TOKEN", "header", zrd.Env.Token) auth := httptransport.APIKeyAuth("X-TOKEN", "header", zrd.Env.Token)
req := share.NewShareParams() req := share.NewShareParams()
req.Body = &rest_model_zrok.ShareRequest{ req.Body = &rest_model_zrok.ShareRequest{
@ -169,6 +175,19 @@ func (cmd *sharePrivateCommand) run(_ *cobra.Command, args []string) {
panic(err) panic(err)
} }
case "tunnel":
cfg := &tunnelBackend.Config{
IdentityPath: zif,
EndpointAddress: target,
ShrToken: resp.Payload.ShrToken,
}
if err := cmd.tunnelBackendMode(cfg); err != nil {
if !panicInstead {
tui.Error("unable to create tunnel backend", err)
}
panic(err)
}
default: default:
tui.Error("invalid backend mode", nil) tui.Error("invalid backend mode", nil)
} }
@ -237,6 +256,21 @@ func (cmd *sharePrivateCommand) webBackendMode(cfg *webBackend.Config) (endpoint
return be, nil return be, nil
} }
func (cmd *sharePrivateCommand) tunnelBackendMode(cfg *tunnelBackend.Config) error {
be, err := tunnelBackend.New(cfg)
if err != nil {
return errors.Wrap(err, "error creating tunnel backend")
}
go func() {
if err := be.Run(); err != nil {
logrus.Errorf("error running tunnel backend: %v", err)
}
}()
return nil
}
func (cmd *sharePrivateCommand) destroy(id string, shrToken string, zrok *rest_client_zrok.Zrok, auth runtime.ClientAuthInfoWriter) { func (cmd *sharePrivateCommand) destroy(id string, shrToken string, zrok *rest_client_zrok.Zrok, auth runtime.ClientAuthInfoWriter) {
logrus.Debugf("shutting down '%v'", shrToken) logrus.Debugf("shutting down '%v'", shrToken)
req := share.NewUnshareParams() req := share.NewUnshareParams()

3
controller/share.go
View File

@ -18,6 +18,8 @@ func newShareHandler() *shareHandler {
} }
func (h *shareHandler) Handle(params share.ShareParams, principal *rest_model_zrok.Principal) middleware.Responder { func (h *shareHandler) Handle(params share.ShareParams, principal *rest_model_zrok.Principal) middleware.Responder {
logrus.Info("handling")
trx, err := str.Begin() trx, err := str.Begin()
if err != nil { if err != nil {
logrus.Errorf("error starting transaction: %v", err) logrus.Errorf("error starting transaction: %v", err)
@ -93,6 +95,7 @@ func (h *shareHandler) Handle(params share.ShareParams, principal *rest_model_zr
} }
case "private": case "private":
logrus.Info("doing private")
shrZId, frontendEndpoints, err = newPrivateResourceAllocator().allocate(envZId, shrToken, params, edge) shrZId, frontendEndpoints, err = newPrivateResourceAllocator().allocate(envZId, shrToken, params, edge)
if err != nil { if err != nil {
logrus.Error(err) logrus.Error(err)

50
endpoints/tunnelBackend/tunnel.go
View File

@ -1,6 +1,14 @@
package tunnelBackend package tunnelBackend
import "github.com/openziti/sdk-golang/ziti/edge" import (
"github.com/openziti/sdk-golang/ziti"
"github.com/openziti/sdk-golang/ziti/config"
"github.com/openziti/sdk-golang/ziti/edge"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
"net"
"time"
)
type Config struct { type Config struct {
IdentityPath string IdentityPath string
@ -13,4 +21,42 @@ type Backend struct {
listener edge.Listener listener edge.Listener
} }
func New func New(cfg *Config) (*Backend, error) {
options := ziti.ListenOptions{
ConnectTimeout: 5 * time.Minute,
MaxConnections: 64,
}
zcfg, err := config.NewFromFile(cfg.IdentityPath)
if err != nil {
return nil, errors.Wrap(err, "error loading config")
}
listener, err := ziti.NewContextWithConfig(zcfg).ListenWithOptions(cfg.ShrToken, &options)
if err == nil {
return nil, errors.Wrap(err, "error listening")
}
b := &Backend{
cfg: cfg,
listener: listener,
}
return b, nil
}
func (b *Backend) Run() error {
logrus.Info("started")
defer logrus.Info("exited")
for {
if conn, err := b.listener.Accept(); err == nil {
go b.handle(conn)
} else {
return err
}
}
}
func (b *Backend) handle(conn net.Conn) {
logrus.Infof("handling '%v'", conn.RemoteAddr())
if err := conn.Close(); err != nil {
logrus.Errorf("error closing: %v", err)
}
}

8
rest_model_zrok/share_request.go
View File

@ -28,7 +28,7 @@ type ShareRequest struct {
AuthUsers []*AuthUser `json:"authUsers"` AuthUsers []*AuthUser `json:"authUsers"`
// backend mode // backend mode
// Enum: [proxy web dav] // Enum: [proxy web tunnel]
BackendMode string `json:"backendMode,omitempty"` BackendMode string `json:"backendMode,omitempty"`
// backend proxy endpoint // backend proxy endpoint
@ -100,7 +100,7 @@ var shareRequestTypeBackendModePropEnum []interface{}
func init() { func init() {
var res []string var res []string
if err := json.Unmarshal([]byte(`["proxy","web","dav"]`), &res); err != nil { if err := json.Unmarshal([]byte(`["proxy","web","tunnel"]`), &res); err != nil {
panic(err) panic(err)
} }
for _, v := range res { for _, v := range res {
@ -116,8 +116,8 @@ const (
// ShareRequestBackendModeWeb captures enum value "web" // ShareRequestBackendModeWeb captures enum value "web"
ShareRequestBackendModeWeb string = "web" ShareRequestBackendModeWeb string = "web"
// ShareRequestBackendModeDav captures enum value "dav" // ShareRequestBackendModeTunnel captures enum value "tunnel"
ShareRequestBackendModeDav string = "dav" ShareRequestBackendModeTunnel string = "tunnel"
) )
// prop value enum // prop value enum

4
rest_server_zrok/embedded_spec.go
View File

@ -1167,7 +1167,7 @@ func init() {
"enum": [ "enum": [
"proxy", "proxy",
"web", "web",
"dav" "tunnel"
] ]
}, },
"backendProxyEndpoint": { "backendProxyEndpoint": {
@ -2445,7 +2445,7 @@ func init() {
"enum": [ "enum": [
"proxy", "proxy",
"web", "web",
"dav" "tunnel"
] ]
}, },
"backendProxyEndpoint": { "backendProxyEndpoint": {

2
specs/zrok.yml
View File

@ -771,7 +771,7 @@ definitions:
type: string type: string
backendMode: backendMode:
type: string type: string
enum: ["proxy", "web", "dav"] enum: ["proxy", "web", "tunnel"]
backendProxyEndpoint: backendProxyEndpoint:
type: string type: string
authScheme: authScheme: