mirror of
https://github.com/openziti/zrok.git
synced 2024-11-25 09:33:43 +01:00
getting a basic tunnel backend plumbed up (#170)
This commit is contained in:
parent
3ec7e4253c
commit
fd741353d7
@ -7,6 +7,7 @@ import (
|
||||
httptransport "github.com/go-openapi/runtime/client"
|
||||
"github.com/openziti/zrok/endpoints"
|
||||
"github.com/openziti/zrok/endpoints/proxyBackend"
|
||||
"github.com/openziti/zrok/endpoints/tunnelBackend"
|
||||
"github.com/openziti/zrok/endpoints/webBackend"
|
||||
"github.com/openziti/zrok/model"
|
||||
"github.com/openziti/zrok/rest_client_zrok"
|
||||
@ -43,7 +44,7 @@ func newSharePrivateCommand() *sharePrivateCommand {
|
||||
}
|
||||
command := &sharePrivateCommand{cmd: cmd}
|
||||
cmd.Flags().StringArrayVar(&command.basicAuth, "basic-auth", []string{}, "Basic authentication users (<username:password>,...")
|
||||
cmd.Flags().StringVar(&command.backendMode, "backend-mode", "proxy", "The backend mode {proxy, web}")
|
||||
cmd.Flags().StringVar(&command.backendMode, "backend-mode", "proxy", "The backend mode {proxy, web, tunnel}")
|
||||
cmd.Flags().BoolVar(&command.headless, "headless", false, "Disable TUI and run headless")
|
||||
cmd.Flags().BoolVar(&command.insecure, "insecure", false, "Enable insecure TLS certificate validation for <target>")
|
||||
cmd.Run = command.run
|
||||
@ -67,8 +68,11 @@ func (cmd *sharePrivateCommand) run(_ *cobra.Command, args []string) {
|
||||
case "web":
|
||||
target = args[0]
|
||||
|
||||
case "tunnel":
|
||||
target = args[0]
|
||||
|
||||
default:
|
||||
tui.Error(fmt.Sprintf("invalid backend mode '%v'; expected {proxy, web}", cmd.backendMode), nil)
|
||||
tui.Error(fmt.Sprintf("invalid backend mode '%v'; expected {proxy, web, tunnel}", cmd.backendMode), nil)
|
||||
}
|
||||
|
||||
zrd, err := zrokdir.Load()
|
||||
@ -99,6 +103,8 @@ func (cmd *sharePrivateCommand) run(_ *cobra.Command, args []string) {
|
||||
panic(err)
|
||||
}
|
||||
|
||||
logrus.Infof("here")
|
||||
|
||||
auth := httptransport.APIKeyAuth("X-TOKEN", "header", zrd.Env.Token)
|
||||
req := share.NewShareParams()
|
||||
req.Body = &rest_model_zrok.ShareRequest{
|
||||
@ -169,6 +175,19 @@ func (cmd *sharePrivateCommand) run(_ *cobra.Command, args []string) {
|
||||
panic(err)
|
||||
}
|
||||
|
||||
case "tunnel":
|
||||
cfg := &tunnelBackend.Config{
|
||||
IdentityPath: zif,
|
||||
EndpointAddress: target,
|
||||
ShrToken: resp.Payload.ShrToken,
|
||||
}
|
||||
if err := cmd.tunnelBackendMode(cfg); err != nil {
|
||||
if !panicInstead {
|
||||
tui.Error("unable to create tunnel backend", err)
|
||||
}
|
||||
panic(err)
|
||||
}
|
||||
|
||||
default:
|
||||
tui.Error("invalid backend mode", nil)
|
||||
}
|
||||
@ -237,6 +256,21 @@ func (cmd *sharePrivateCommand) webBackendMode(cfg *webBackend.Config) (endpoint
|
||||
return be, nil
|
||||
}
|
||||
|
||||
func (cmd *sharePrivateCommand) tunnelBackendMode(cfg *tunnelBackend.Config) error {
|
||||
be, err := tunnelBackend.New(cfg)
|
||||
if err != nil {
|
||||
return errors.Wrap(err, "error creating tunnel backend")
|
||||
}
|
||||
|
||||
go func() {
|
||||
if err := be.Run(); err != nil {
|
||||
logrus.Errorf("error running tunnel backend: %v", err)
|
||||
}
|
||||
}()
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func (cmd *sharePrivateCommand) destroy(id string, shrToken string, zrok *rest_client_zrok.Zrok, auth runtime.ClientAuthInfoWriter) {
|
||||
logrus.Debugf("shutting down '%v'", shrToken)
|
||||
req := share.NewUnshareParams()
|
||||
|
@ -18,6 +18,8 @@ func newShareHandler() *shareHandler {
|
||||
}
|
||||
|
||||
func (h *shareHandler) Handle(params share.ShareParams, principal *rest_model_zrok.Principal) middleware.Responder {
|
||||
logrus.Info("handling")
|
||||
|
||||
trx, err := str.Begin()
|
||||
if err != nil {
|
||||
logrus.Errorf("error starting transaction: %v", err)
|
||||
@ -93,6 +95,7 @@ func (h *shareHandler) Handle(params share.ShareParams, principal *rest_model_zr
|
||||
}
|
||||
|
||||
case "private":
|
||||
logrus.Info("doing private")
|
||||
shrZId, frontendEndpoints, err = newPrivateResourceAllocator().allocate(envZId, shrToken, params, edge)
|
||||
if err != nil {
|
||||
logrus.Error(err)
|
||||
|
@ -1,6 +1,14 @@
|
||||
package tunnelBackend
|
||||
|
||||
import "github.com/openziti/sdk-golang/ziti/edge"
|
||||
import (
|
||||
"github.com/openziti/sdk-golang/ziti"
|
||||
"github.com/openziti/sdk-golang/ziti/config"
|
||||
"github.com/openziti/sdk-golang/ziti/edge"
|
||||
"github.com/pkg/errors"
|
||||
"github.com/sirupsen/logrus"
|
||||
"net"
|
||||
"time"
|
||||
)
|
||||
|
||||
type Config struct {
|
||||
IdentityPath string
|
||||
@ -13,4 +21,42 @@ type Backend struct {
|
||||
listener edge.Listener
|
||||
}
|
||||
|
||||
func New
|
||||
func New(cfg *Config) (*Backend, error) {
|
||||
options := ziti.ListenOptions{
|
||||
ConnectTimeout: 5 * time.Minute,
|
||||
MaxConnections: 64,
|
||||
}
|
||||
zcfg, err := config.NewFromFile(cfg.IdentityPath)
|
||||
if err != nil {
|
||||
return nil, errors.Wrap(err, "error loading config")
|
||||
}
|
||||
listener, err := ziti.NewContextWithConfig(zcfg).ListenWithOptions(cfg.ShrToken, &options)
|
||||
if err == nil {
|
||||
return nil, errors.Wrap(err, "error listening")
|
||||
}
|
||||
b := &Backend{
|
||||
cfg: cfg,
|
||||
listener: listener,
|
||||
}
|
||||
return b, nil
|
||||
}
|
||||
|
||||
func (b *Backend) Run() error {
|
||||
logrus.Info("started")
|
||||
defer logrus.Info("exited")
|
||||
|
||||
for {
|
||||
if conn, err := b.listener.Accept(); err == nil {
|
||||
go b.handle(conn)
|
||||
} else {
|
||||
return err
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
func (b *Backend) handle(conn net.Conn) {
|
||||
logrus.Infof("handling '%v'", conn.RemoteAddr())
|
||||
if err := conn.Close(); err != nil {
|
||||
logrus.Errorf("error closing: %v", err)
|
||||
}
|
||||
}
|
||||
|
@ -28,7 +28,7 @@ type ShareRequest struct {
|
||||
AuthUsers []*AuthUser `json:"authUsers"`
|
||||
|
||||
// backend mode
|
||||
// Enum: [proxy web dav]
|
||||
// Enum: [proxy web tunnel]
|
||||
BackendMode string `json:"backendMode,omitempty"`
|
||||
|
||||
// backend proxy endpoint
|
||||
@ -100,7 +100,7 @@ var shareRequestTypeBackendModePropEnum []interface{}
|
||||
|
||||
func init() {
|
||||
var res []string
|
||||
if err := json.Unmarshal([]byte(`["proxy","web","dav"]`), &res); err != nil {
|
||||
if err := json.Unmarshal([]byte(`["proxy","web","tunnel"]`), &res); err != nil {
|
||||
panic(err)
|
||||
}
|
||||
for _, v := range res {
|
||||
@ -116,8 +116,8 @@ const (
|
||||
// ShareRequestBackendModeWeb captures enum value "web"
|
||||
ShareRequestBackendModeWeb string = "web"
|
||||
|
||||
// ShareRequestBackendModeDav captures enum value "dav"
|
||||
ShareRequestBackendModeDav string = "dav"
|
||||
// ShareRequestBackendModeTunnel captures enum value "tunnel"
|
||||
ShareRequestBackendModeTunnel string = "tunnel"
|
||||
)
|
||||
|
||||
// prop value enum
|
||||
|
@ -1167,7 +1167,7 @@ func init() {
|
||||
"enum": [
|
||||
"proxy",
|
||||
"web",
|
||||
"dav"
|
||||
"tunnel"
|
||||
]
|
||||
},
|
||||
"backendProxyEndpoint": {
|
||||
@ -2445,7 +2445,7 @@ func init() {
|
||||
"enum": [
|
||||
"proxy",
|
||||
"web",
|
||||
"dav"
|
||||
"tunnel"
|
||||
]
|
||||
},
|
||||
"backendProxyEndpoint": {
|
||||
|
@ -771,7 +771,7 @@ definitions:
|
||||
type: string
|
||||
backendMode:
|
||||
type: string
|
||||
enum: ["proxy", "web", "dav"]
|
||||
enum: ["proxy", "web", "tunnel"]
|
||||
backendProxyEndpoint:
|
||||
type: string
|
||||
authScheme:
|
||||
|
Loading…
Reference in New Issue
Block a user