Github/aralez
1
0
Fork 0
mirror of https://github.com/sadoyan/aralez.git synced 2026-04-29 22:38:36 +08:00
Code Issues Packages Projects Releases Wiki Activity

Added HTTPS+HTTP2 support

Browse Source
This commit is contained in:
Ara Sadoyan
2025-04-09 17:55:49 +02:00
parent e6bc1b8042
commit 8933e51d13
4 changed files with 71 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
etc/main.yaml
View File

@@ -5,7 +5,9 @@ pid_file: /tmp/load_balancer.pid
error_log: /tmp/load_balancer_err.log
upgrade_sock: /tmp/load_balancer.sock
proxy_address_http: 0.0.0.0:6193
proxy_address_tls: 0.0.0.0:6194
proxy_address_tls: 0.0.0.0:6194 # Optionnal
tls_certificate: etc/server.crt # Mandatory if proxy_address_tls if exists
tls_key_file: etc/key.pem # Mandatory if proxy_address_tls if exists
config_address: 0.0.0.0:3000
upstreams_conf: etc/upstreams.yaml
#idle_timeout: 1000

9
etc/upstreams.yaml
View File

@@ -4,7 +4,6 @@ globals:
- "Access-Control-Allow-Origin:*"
- "Access-Control-Allow-Methods:POST, GET, OPTIONS"
- "Access-Control-Max-Age:86400"
- "Hujukulu-Header-HoHoHo:Me No Ho Ho Ho"
consul:
servers:
- "http://master1:8500"
@@ -74,9 +73,15 @@ upstreams:
ssl: true
servers:
- "apt.netangels.net:443"
test.netangels.net:
paths:
"/":
ssl: false
servers:
- "myip.netangels.net:80"
127.0.0.1:
paths:
"/camerastatus":
"/":
ssl: false
servers:
- "192.168.1.5:8080"

57
src/web/proxyhttp.rs
View File

@@ -6,11 +6,13 @@ use dashmap::DashMap;
use futures::channel::mpsc;
use futures::StreamExt;
use log::{debug, error, info, warn};
use pingora::http::RequestHeader;
use pingora::prelude::*;
use pingora_core::prelude::HttpPeer;
use pingora_core::server::ShutdownWatch;
use pingora_core::services::background::BackgroundService;
use pingora_http::{RequestHeader, ResponseHeader};
use pingora_http::ResponseHeader;
use pingora_proxy::{ProxyHttp, Session};
use std::ops::Deref;
use std::sync::atomic::Ordering;
@@ -138,7 +140,6 @@ impl GetHost for LB {
let host_entry = self.ump_upst.get(peer)?;
let mut current_path = path.to_string();
let mut best_match: Option<(String, u16, bool)> = None;
loop {
if let Some(entry) = host_entry.get(&current_path) {
let (servers, index) = entry.value();
@@ -199,11 +200,13 @@ impl ProxyHttp for LB {
type CTX = ();
fn new_ctx(&self) -> Self::CTX {}
async fn upstream_peer(&self, session: &mut Session, _ctx: &mut Self::CTX) -> Result<Box<HttpPeer>> {
let host_name = session.req_header().headers.get("host");
let host_name = return_header_host(&session);
match host_name {
Some(host) => {
let header_host = host.to_str().unwrap().split(':').collect::<Vec<&str>>();
let ddr = self.get_host(header_host[0], session.req_header().uri.path(), session.is_upgrade_req());
// session.req_header_mut().headers.insert("X-Host-Name", host.to_string().parse().unwrap());
let ddr = self.get_host(host, host, session.is_upgrade_req());
match ddr.await {
Some((host, port, ssl)) => {
let peer = Box::new(HttpPeer::new((host, port), ssl, String::new()));
@@ -265,15 +268,28 @@ impl ProxyHttp for LB {
{
// _upstream_response.insert_header("X-Proxied-From", "Fooooooooooooooo").unwrap();
let host = _session.req_header().headers.get("Host");
match host {
let host_name = return_header_host(&_session);
match host_name {
Some(host) => {
let path = _session.req_header().uri.path();
let yoyo = self.get_header(host.to_str().unwrap(), path).await;
for k in yoyo.iter() {
for t in k.iter() {
_upstream_response.insert_header(t.0.clone(), t.1.clone()).unwrap();
let host_header = host;
let split_header = host_header.split_once(':');
match split_header {
Some(sh) => {
let yoyo = self.get_header(sh.0, path).await;
for k in yoyo.iter() {
for t in k.iter() {
_upstream_response.insert_header(t.0.clone(), t.1.clone()).unwrap();
}
}
}
None => {
let yoyo = self.get_header(host_header, path).await;
for k in yoyo.iter() {
for t in k.iter() {
_upstream_response.insert_header(t.0.clone(), t.1.clone()).unwrap();
}
}
}
}
}
@@ -288,3 +304,20 @@ impl ProxyHttp for LB {
// info!("{}, response code: {response_code}", self.request_summary(session, ctx));
}
}
fn return_header_host(session: &Session) -> Option<&str> {
if session.is_http2() {
match session.req_header().uri.host() {
Some(host) => Option::from(host),
None => None,
}
} else {
match session.req_header().headers.get("host") {
Some(host) => {
let header_host = host.to_str().unwrap().splitn(2, ':').collect::<Vec<&str>>();
Option::from(header_host[0])
}
None => None,
}
}
}

18
src/web/start.rs
View File

@@ -1,6 +1,7 @@
use crate::utils::tools::*;
use crate::web::proxyhttp::LB;
use dashmap::DashMap;
use log::info;
use pingora_core::prelude::{background_service, Opt};
use pingora_core::server::Server;
use std::env;
@@ -72,9 +73,22 @@ pub fn run() {
let bg_srvc = background_service("bgsrvc", bg);
let mut proxy = pingora_proxy::http_proxy_service(&server.configuration, lb);
let bindaddress = cfg.get("proxy_address_http").unwrap();
let bind_address_http = cfg.get("proxy_address_http").unwrap();
proxy.add_tcp(bindaddress.as_str());
let bind_address_tls = cfg.get("proxy_address_tls");
match bind_address_tls {
Some(bind_address_tls) => {
info!("Running TLS listener on :{}", bind_address_tls.value());
let cert_path = cfg.get("tls_certificate").unwrap();
let key_path = cfg.get("tls_key_file").unwrap();
let mut tls_settings = pingora_core::listeners::tls::TlsSettings::intermediate(&cert_path, &key_path).unwrap();
tls_settings.enable_h2();
proxy.add_tls_with_settings(bind_address_tls.value(), None, tls_settings);
}
None => {}
}
info!("Running HTTP listener on :{}", bind_address_http.as_str());
proxy.add_tcp(bind_address_http.as_str());
server.add_service(proxy);
server.add_service(bg_srvc);