Added HTTPS+HTTP2 support

2026-04-29 22:38:36 +08:00 · 2025-04-09 17:55:49 +02:00
parent e6bc1b8042
commit 8933e51d13
4 changed files with 71 additions and 17 deletions
--- a/src/web/proxyhttp.rs
+++ b/src/web/proxyhttp.rs
@@ -6,11 +6,13 @@ use dashmap::DashMap;
 use futures::channel::mpsc;
 use futures::StreamExt;
 use log::{debug, error, info, warn};
+use pingora::http::RequestHeader;
 use pingora::prelude::*;
 use pingora_core::prelude::HttpPeer;
 use pingora_core::server::ShutdownWatch;
 use pingora_core::services::background::BackgroundService;
-use pingora_http::{RequestHeader, ResponseHeader};
+use pingora_http::ResponseHeader;
+
 use pingora_proxy::{ProxyHttp, Session};
 use std::ops::Deref;
 use std::sync::atomic::Ordering;
@@ -138,7 +140,6 @@ impl GetHost for LB {
        let host_entry = self.ump_upst.get(peer)?;
        let mut current_path = path.to_string();
        let mut best_match: Option<(String, u16, bool)> = None;
-
        loop {
            if let Some(entry) = host_entry.get(&current_path) {
                let (servers, index) = entry.value();
@@ -199,11 +200,13 @@ impl ProxyHttp for LB {
    type CTX = ();
    fn new_ctx(&self) -> Self::CTX {}
    async fn upstream_peer(&self, session: &mut Session, _ctx: &mut Self::CTX) -> Result<Box<HttpPeer>> {
-        let host_name = session.req_header().headers.get("host");
+        let host_name = return_header_host(&session);
+
        match host_name {
            Some(host) => {
-                let header_host = host.to_str().unwrap().split(':').collect::<Vec<&str>>();
-                let ddr = self.get_host(header_host[0], session.req_header().uri.path(), session.is_upgrade_req());
+                // session.req_header_mut().headers.insert("X-Host-Name", host.to_string().parse().unwrap());
+
+                let ddr = self.get_host(host, host, session.is_upgrade_req());
                match ddr.await {
                    Some((host, port, ssl)) => {
                        let peer = Box::new(HttpPeer::new((host, port), ssl, String::new()));
@@ -265,15 +268,28 @@ impl ProxyHttp for LB {
    {
        // _upstream_response.insert_header("X-Proxied-From", "Fooooooooooooooo").unwrap();

-        let host = _session.req_header().headers.get("Host");
-        match host {
+        let host_name = return_header_host(&_session);
+        match host_name {
            Some(host) => {
                let path = _session.req_header().uri.path();
-                let yoyo = self.get_header(host.to_str().unwrap(), path).await;
-
-                for k in yoyo.iter() {
-                    for t in k.iter() {
-                        _upstream_response.insert_header(t.0.clone(), t.1.clone()).unwrap();
+                let host_header = host;
+                let split_header = host_header.split_once(':');
+                match split_header {
+                    Some(sh) => {
+                        let yoyo = self.get_header(sh.0, path).await;
+                        for k in yoyo.iter() {
+                            for t in k.iter() {
+                                _upstream_response.insert_header(t.0.clone(), t.1.clone()).unwrap();
+                            }
+                        }
+                    }
+                    None => {
+                        let yoyo = self.get_header(host_header, path).await;
+                        for k in yoyo.iter() {
+                            for t in k.iter() {
+                                _upstream_response.insert_header(t.0.clone(), t.1.clone()).unwrap();
+                            }
+                        }
                    }
                }
            }
@@ -288,3 +304,20 @@ impl ProxyHttp for LB {
        // info!("{}, response code: {response_code}", self.request_summary(session, ctx));
    }
 }
+
+fn return_header_host(session: &Session) -> Option<&str> {
+    if session.is_http2() {
+        match session.req_header().uri.host() {
+            Some(host) => Option::from(host),
+            None => None,
+        }
+    } else {
+        match session.req_header().headers.get("host") {
+            Some(host) => {
+                let header_host = host.to_str().unwrap().splitn(2, ':').collect::<Vec<&str>>();
+                Option::from(header_host[0])
+            }
+            None => None,
+        }
+    }
+}
--- a/src/web/start.rs
+++ b/src/web/start.rs
@@ -1,6 +1,7 @@
 use crate::utils::tools::*;
 use crate::web::proxyhttp::LB;
 use dashmap::DashMap;
+use log::info;
 use pingora_core::prelude::{background_service, Opt};
 use pingora_core::server::Server;
 use std::env;
@@ -72,9 +73,22 @@ pub fn run() {

    let bg_srvc = background_service("bgsrvc", bg);
    let mut proxy = pingora_proxy::http_proxy_service(&server.configuration, lb);
-    let bindaddress = cfg.get("proxy_address_http").unwrap();
+    let bind_address_http = cfg.get("proxy_address_http").unwrap();

-    proxy.add_tcp(bindaddress.as_str());
+    let bind_address_tls = cfg.get("proxy_address_tls");
+    match bind_address_tls {
+        Some(bind_address_tls) => {
+            info!("Running TLS listener on :{}", bind_address_tls.value());
+            let cert_path = cfg.get("tls_certificate").unwrap();
+            let key_path = cfg.get("tls_key_file").unwrap();
+            let mut tls_settings = pingora_core::listeners::tls::TlsSettings::intermediate(&cert_path, &key_path).unwrap();
+            tls_settings.enable_h2();
+            proxy.add_tls_with_settings(bind_address_tls.value(), None, tls_settings);
+        }
+        None => {}
+    }
+    info!("Running HTTP listener on :{}", bind_address_http.as_str());
+    proxy.add_tcp(bind_address_http.as_str());
    server.add_service(proxy);
    server.add_service(bg_srvc);