fixed stats websocket endpoint when no match_domains configured

README.md

@@ -24,6 +24,8 @@ _Join our [Discord](https://discord.gg/umReR62nRd) for help and discussions_
   - [Key Features](#key-features)
   - [Getting Started](#getting-started)
     - [Setup](#setup)
+    - [Manual Setup](#manual-setup)
+    - [Folder structrue](#folder-structrue)
     - [Use JSON Schema in VSCode](#use-json-schema-in-vscode)
   - [Screenshots](#screenshots)
     - [idlesleeper](#idlesleeper)
@@ -59,10 +61,12 @@ _Join our [Discord](https://discord.gg/umReR62nRd) for help and discussions_
     docker pull ghcr.io/yusing/go-proxy:latest
     ```
 
-2.  Create new directory, `cd` into it, then run setup
+2.  Create new directory, `cd` into it, then run setup, or [set up manually](#manual-setup) 
 
     ```shell
     docker run --rm -v .:/setup ghcr.io/yusing/go-proxy /app/go-proxy setup
+    # Then set the JWT secret
+    sed -i "s|GOPROXY_API_JWT_SECRET=.*|GOPROXY_API_JWT_SECRET=$(openssl rand -base64 32)|g" .env
     ```
 
 3.  Setup DNS Records point to machine which runs `go-proxy`, e.g.
@@ -83,6 +87,43 @@ _Join our [Discord](https://discord.gg/umReR62nRd) for help and discussions_
 
 [🔼Back to top](#table-of-content)
 
+### Manual Setup
+
+1. Make `config` directory then grab `config.example.yml` into `config/config.yml`
+
+    `mkdir -p config && wget https://raw.githubusercontent.com/yusing/go-proxy/v0.7/config.example.yml -O config/config.yml`
+
+2. Grab `.env.example` into `.env`
+   
+    `wget https://raw.githubusercontent.com/yusing/go-proxy/v0.7/.env.example -O .env`
+
+3. Grab `compose.example.yml` into `compose.yml`
+   
+   `wget https://raw.githubusercontent.com/yusing/go-proxy/v0.7/compose.example.yml -O compose.yml`
+
+4. Set the JWT secret
+   
+   `sed -i "s|GOPROXY_API_JWT_SECRET=.*|GOPROXY_API_JWT_SECRET=$(openssl rand -base64 32)|g" .env`
+
+5. Start the container `docker compose up -d`
+
+### Folder structrue
+
+```shell
+├── certs
+│   ├── cert.crt
+│   └── priv.key
+├── compose.yml
+├── config
+│   ├── config.yml
+│   ├── middlewares
+│   │   ├── middleware1.yml
+│   │   ├── middleware2.yml
+│   ├── provider1.yml
+│   └── provider2.yml
+└── .env
+```
+
 ### Use JSON Schema in VSCode
 
 Copy [`.vscode/settings.example.json`](.vscode/settings.example.json) to `.vscode/settings.json` and modify it to fit your needs

compose.example.yml

@@ -7,10 +7,17 @@ services:
         env_file: .env
         depends_on:
             - app
-        # if you also want to proxy the WebUI and access it via gp.y.z
-        # labels:
-        #   - proxy.aliases=gp
-        #   - proxy.gp.port=3000
+        # modify below to fit your needs
+        labels:
+            proxy.aliases: gp
+            proxy.#1.port: 3000
+            proxy.#1.middlewares.cidr_whitelist.status_code: 403
+            proxy.#1.middlewares.cidr_whitelist.message: IP not allowed
+            proxy.#1.middlewares.cidr_whitelist.allow: |
+                - 127.0.0.1
+                - 10.0.0.0/8
+                - 192.168.0.0/16
+                - 172.16.0.0/12
     app:
         image: ghcr.io/yusing/go-proxy:latest
         container_name: go-proxy

internal/api/v1/stats.go

@@ -19,18 +19,21 @@ func Stats(w http.ResponseWriter, r *http.Request) {
 }
 
 func StatsWS(w http.ResponseWriter, r *http.Request) {
-	localAddresses := []string{"127.0.0.1", "10.0.*.*", "172.16.*.*", "192.168.*.*"}
-	originPats := make([]string, len(config.Value().MatchDomains)+len(localAddresses))
+	var originPats []string
 
-	if len(originPats) == 0 {
+	localAddresses := []string{"127.0.0.1", "10.0.*.*", "172.16.*.*", "192.168.*.*"}
+
+	if len(config.Value().MatchDomains) == 0 {
 		U.LogWarn(r).Msg("no match domains configured, accepting websocket API request from all origins")
 		originPats = []string{"*"}
 	} else {
+		originPats = make([]string, len(config.Value().MatchDomains))
 		for i, domain := range config.Value().MatchDomains {
-			originPats[i] = "*." + domain
+			originPats[i] = "*" + domain
 		}
 		originPats = append(originPats, localAddresses...)
 	}
+	U.LogInfo(r).Msgf("websocket API request from origins: %s", originPats)
 	if common.IsDebug {
 		originPats = []string{"*"}
 	}

internal/api/v1/utils/utils.go

@@ -2,6 +2,7 @@ package utils
 
 import (
 	"encoding/json"
+	"fmt"
 	"net/http"
 
 	"github.com/yusing/go-proxy/internal/logging"
@@ -23,7 +24,7 @@ func RespondJSON(w http.ResponseWriter, r *http.Request, data any, code ...int)
 
 	switch data := data.(type) {
 	case string:
-		j = []byte(`"` + data + `"`)
+		j = []byte(fmt.Sprintf("%q", data))
 	case []byte:
 		j = data
 	default:

internal/config/config.go

@@ -3,6 +3,7 @@ package config
 import (
 	"os"
 	"strconv"
+	"strings"
 	"sync"
 	"time"
 
@@ -177,6 +178,11 @@ func (cfg *Config) load() E.Error {
 	errs.Add(cfg.loadRouteProviders(&model.Providers))
 
 	cfg.value = model
+	for i, domain := range model.MatchDomains {
+		if !strings.HasPrefix(domain, ".") {
+			model.MatchDomains[i] = "." + domain
+		}
+	}
 	route.SetFindMuxDomains(model.MatchDomains)
 	return errs.Error()
 }

internal/net/http/common.go

@@ -16,13 +16,12 @@ var (
 		Proxy:                 http.ProxyFromEnvironment,
 		DialContext:           defaultDialer.DialContext,
 		ForceAttemptHTTP2:     true,
-		MaxIdleConns:          100,
-		MaxIdleConnsPerHost:   10,
+		MaxIdleConnsPerHost:   100,
 		TLSHandshakeTimeout:   10 * time.Second,
 		ExpectContinueTimeout: 1 * time.Second,
 	}
 	DefaultTransportNoTLS = func() *http.Transport {
-		var clone = DefaultTransport.Clone()
+		clone := DefaultTransport.Clone()
 		clone.TLSClientConfig = &tls.Config{InsecureSkipVerify: true}
 		return clone
 	}()

internal/net/http/reverse_proxy_mod.go

@@ -404,7 +404,7 @@ func (p *ReverseProxy) serveHTTP(rw http.ResponseWriter, req *http.Request) {
 
 	rw.WriteHeader(res.StatusCode)
 
-	err = U.Copy2(req.Context(), rw, res.Body)
+	_, err = io.Copy(rw, res.Body)
 	if err != nil {
 		if !errors.Is(err, context.Canceled) {
 			p.errorHandler(rw, req, err, true)

internal/route/http.go

@@ -210,40 +210,51 @@ func (r *HTTPRoute) addToLoadBalancer() {
 
 func ProxyHandler(w http.ResponseWriter, r *http.Request) {
 	mux, err := findMuxFunc(r.Host)
+	if err == nil {
+		mux.ServeHTTP(w, r)
+		return
+	}
 	// Why use StatusNotFound instead of StatusBadRequest or StatusBadGateway?
 	// On nginx, when route for domain does not exist, it returns StatusBadGateway.
 	// Then scraper / scanners will know the subdomain is invalid.
 	// With StatusNotFound, they won't know whether it's the path, or the subdomain that is invalid.
-	if err != nil {
-		if !middleware.ServeStaticErrorPageFile(w, r) {
-			logger.Err(err).Str("method", r.Method).Str("url", r.URL.String()).Msg("request")
-			errorPage, ok := errorpage.GetErrorPageByStatus(http.StatusNotFound)
-			if ok {
-				w.WriteHeader(http.StatusNotFound)
-				w.Header().Set("Content-Type", "text/html; charset=utf-8")
-				if _, err := w.Write(errorPage); err != nil {
-					logger.Err(err).Msg("failed to write error page")
-				}
-			} else {
-				http.Error(w, err.Error(), http.StatusNotFound)
+	if !middleware.ServeStaticErrorPageFile(w, r) {
+		logger.Err(err).Str("method", r.Method).Str("url", r.URL.String()).Msg("request")
+		errorPage, ok := errorpage.GetErrorPageByStatus(http.StatusNotFound)
+		if ok {
+			w.WriteHeader(http.StatusNotFound)
+			w.Header().Set("Content-Type", "text/html; charset=utf-8")
+			if _, err := w.Write(errorPage); err != nil {
+				logger.Err(err).Msg("failed to write error page")
 			}
+		} else {
+			http.Error(w, err.Error(), http.StatusNotFound)
 		}
-		return
 	}
-	mux.ServeHTTP(w, r)
 }
 
 func findMuxAnyDomain(host string) (http.Handler, error) {
 	hostSplit := strings.Split(host, ".")
 	n := len(hostSplit)
-	if n <= 2 {
+	switch {
+	case n == 3:
+		host = hostSplit[0]
+	case n > 3:
+		var builder strings.Builder
+		builder.Grow(2*n - 3)
+		builder.WriteString(hostSplit[0])
+		for _, part := range hostSplit[:n-2] {
+			builder.WriteRune('.')
+			builder.WriteString(part)
+		}
+		host = builder.String()
+	default:
 		return nil, errors.New("missing subdomain in url")
 	}
-	sd := strings.Join(hostSplit[:n-2], ".")
-	if r, ok := httpRoutes.Load(sd); ok {
+	if r, ok := httpRoutes.Load(host); ok {
 		return r.handler, nil
 	}
-	return nil, fmt.Errorf("no such route: %s", sd)
+	return nil, fmt.Errorf("no such route: %s", host)
 }
 
 func findMuxByDomains(domains []string) func(host string) (http.Handler, error) {
@@ -251,20 +262,18 @@ func findMuxByDomains(domains []string) func(host string) (http.Handler, error)
 		var subdomain string
 
 		for _, domain := range domains {
-			if !strings.HasPrefix(domain, ".") {
-				domain = "." + domain
-			}
-			subdomain = strings.TrimSuffix(host, domain)
-			if len(subdomain) < len(host) {
+			if strings.HasSuffix(host, domain) {
+				subdomain = strings.TrimSuffix(host, domain)
 				break
 			}
 		}
-		if len(subdomain) == len(host) { // not matched
-			return nil, fmt.Errorf("%s does not match any base domain", host)
+
+		if subdomain != "" { // matched
+			if r, ok := httpRoutes.Load(subdomain); ok {
+				return r.handler, nil
+			}
+			return nil, fmt.Errorf("no such route: %s", subdomain)
 		}
-		if r, ok := httpRoutes.Load(subdomain); ok {
-			return r.handler, nil
-		}
-		return nil, fmt.Errorf("no such route: %s", subdomain)
+		return nil, fmt.Errorf("%s does not match any base domain", host)
 	}
 }