commit acad8dc5bade4660b079f52cf2a327b7ab185121 Author: yusing Date: Thu Feb 29 11:51:06 2024 +0800 Initial commit diff --git a/.gitignore b/.gitignore new file mode 100755 index 00000000..8495d270 --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +bin/ +compose.yml \ No newline at end of file diff --git a/.vscode/settings.json b/.vscode/settings.json new file mode 100644 index 00000000..a4606455 --- /dev/null +++ b/.vscode/settings.json @@ -0,0 +1,3 @@ +{ + "go.inferGopath": false +} \ No newline at end of file diff --git a/Dockerfile b/Dockerfile new file mode 100755 index 00000000..31a2e14e --- /dev/null +++ b/Dockerfile @@ -0,0 +1,13 @@ +FROM alpine:latest + +MAINTAINER yusing@6uo.me + +COPY bin/go-proxy /usr/bin + +RUN chmod +rx /usr/bin/go-proxy +ENV DOCKER_HOST unix:///var/run/docker.sock + +EXPOSE 80 +EXPOSE 443 + +CMD ["go-proxy"] diff --git a/README.md b/README.md new file mode 100644 index 00000000..09219a0a --- /dev/null +++ b/README.md @@ -0,0 +1,157 @@ +# go-proxy + +A simple auto docker reverse proxy for home use. + +Written in **Go** with *~180 loc*. + +## Features + +- subdomain matching **(domain name doesn't matter)** +- path matching +- Auto hot-reload when container start / die / stop. + +## Why am I making this + +I have tried different reverse proxy services, i.e. [nginx proxy manager](https://nginxproxymanager.com/), [traefik](https://github.com/traefik/traefik), [nginx-proxy](https://github.com/nginx-proxy/nginx-proxy). I have found that `traefik` is not easy to use, and I don't want to click buttons every time I spin up a new container (`nginx proxy manager`). For `nginx-proxy` I found it buggy and quite unusable. + +## How to use + +1. Clone the repo `git clone https://github.com/yusing/go-proxy` + +2. Copy [compose.example.yml](compose.example.yml) to `compose.yml` + +3. add networks to make sure it is in the same network with other containers, or make sure `proxy..host` is reachable + +4. modify the path to your SSL certs. See [Getting SSL Certs](#getting-ssl-certs) + +5. start `go-proxy` with `docker compose up -d`. + +## Configuration + +With a proper container name, no label needs to be added. + +However, there are some labels you can manipulate with: + +- `proxy.aliases`: comma separated aliases for subdomain matching + - defaults to `container_name` +- `proxy..scheme`: container port protocol (`http` or `https`) + - defaults to `http` +- `proxy..host`: proxy host + - defaults to `container_name` +- `proxy..port`: proxy port + - defaults to first expose port (declared in `Dockerfile` or `docker-compose.yml`) +- `proxy..path`: path matching + - defaults to empty + +```yaml +version: '3' +services: + whoami: + image: traefik/whoami + container_name: whoami +# visit https://whoami.yourdomain.com to access + +# enable both subdomain and path matching: +whoami: + image: traefik/whoami + container_name: whoami + labels: + - proxy.aliases=whoami,apps + - proxy.apps.path=/whoami +# 1. visit https://whoami.yourdomain.com to access +# 2. visit https://apps.yourdomain.com/whoami to access +``` + +For multiple port container (i.e. minio) + +```yaml +version: '3' +services: + minio: + image: quay.io/minio/minio + container_name: minio + command: + - server + - /data + - --console-address + - "9001" + env_file: minio.env + expose: + - 9000 + - 9001 + volumes: + - ./data/minio/data:/data + labels: + proxy.aliases: minio,minio-console + proxy.minio.port: 9000 + proxy.minio-console.port: 9001 + +# visit https://minio.yourdomain.com to access minio +# visit https://minio-console.yourdomain.com/whoami to access minio console +``` + +## Troubleshooting + +Q: How to fix when it shows "no matching route for subdomain \"? + +A: Make sure the container is running, and \ matches any container name / alias + +## Benchmarks + +Benchmarked with `wrk` connecting `traefik/whoami`'s `/bench` endpoint + +Direct connection + +```shell +% wrk -t20 -c100 -d10s --latency http://homelab:4999/bench +Running 10s test @ http://homelab:4999/bench + 20 threads and 100 connections + Thread Stats Avg Stdev Max +/- Stdev + Latency 3.71ms 2.26ms 48.10ms 94.95% + Req/Sec 1.41k 179.01 2.11k 69.97% + Latency Distribution + 50% 3.32ms + 75% 3.98ms + 90% 4.97ms + 99% 11.36ms + 282804 requests in 10.10s, 33.98MB read +Requests/sec: 27998.62 +Transfer/sec: 3.36MB +``` + +With **go-proxy** reverse proxy + +```shell +% wrk -t20 -c100 -d10s --latency https://whoami.mydomain.com/bench +Running 10s test @ https://whoami.mydomain.com/bench + 20 threads and 100 connections + Thread Stats Avg Stdev Max +/- Stdev + Latency 4.41ms 2.56ms 77.80ms 95.38% + Req/Sec 1.18k 156.44 1.63k 86.51% + Latency Distribution + 50% 3.93ms + 75% 4.76ms + 90% 5.92ms + 99% 10.46ms + 235374 requests in 10.10s, 22.90MB read +Requests/sec: 23302.42 +Transfer/sec: 2.27MB +``` + +## Build it yourself + +1. [Install go](https://go.dev/doc/install) if not already + +2. Get dependencies with `go get` + +3. build image with following commands + + ```shell + mkdir -p bin + CGO_ENABLED=0 GOOS= go build -o bin/go-proxy + docker build -t . + ``` + +## Getting SSL certs + +I personally use `nginx-proxy-manager` to get SSL certs with auto renewal by Cloudflare DNS challenge. You may symlink the certs from `nginx-proxy-manager` to somewhere else, and mount them to `go-proxy`'s `/certs` diff --git a/build.sh b/build.sh new file mode 100755 index 00000000..3d637fc7 --- /dev/null +++ b/build.sh @@ -0,0 +1,8 @@ +#!/bin/sh +mkdir -p bin +CGO_ENABLED=0 GOOS=linux go build -o bin/go-proxy || exit 1 + +if [ "$1" = "up" ]; then + docker compose up -d --build app && \ + docker compose logs -f +fi diff --git a/compose.example.yml b/compose.example.yml new file mode 100755 index 00000000..73efb666 --- /dev/null +++ b/compose.example.yml @@ -0,0 +1,14 @@ +version: '3' +services: + app: + build: . + container_name: go-proxy + ports: + - 80:80 + - 443:443 + volumes: + - /path/to/cert.pem:/certs/cert.crt:ro + - /path/to/privkey.pem:/certs/priv.key:ro + - /var/run/docker.sock:/var/run/docker.sock:ro + extra_hosts: + - host.docker.internal:host-gateway diff --git a/go.mod b/go.mod new file mode 100755 index 00000000..6c251f58 --- /dev/null +++ b/go.mod @@ -0,0 +1,40 @@ +module go-proxy + +go 1.21.7 + +require ( + github.com/docker/docker v25.0.3+incompatible + github.com/jellydator/ttlcache/v3 v3.2.0 + golang.org/x/text v0.14.0 +) + +require ( + github.com/containerd/log v0.1.0 // indirect + github.com/moby/term v0.5.0 // indirect + github.com/morikuni/aec v1.0.0 // indirect + go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.24.0 // indirect + go.opentelemetry.io/otel/sdk v1.24.0 // indirect + golang.org/x/sync v0.1.0 // indirect + golang.org/x/time v0.5.0 // indirect + gotest.tools/v3 v3.5.1 // indirect +) + +require ( + github.com/Microsoft/go-winio v0.4.14 // indirect + github.com/distribution/reference v0.5.0 // indirect + github.com/docker/go-connections v0.5.0 // indirect + github.com/docker/go-units v0.5.0 // indirect + github.com/felixge/httpsnoop v1.0.4 // indirect + github.com/go-logr/logr v1.4.1 // indirect + github.com/go-logr/stdr v1.2.2 // indirect + github.com/gogo/protobuf v1.3.2 // indirect + github.com/opencontainers/go-digest v1.0.0 // indirect + github.com/opencontainers/image-spec v1.1.0 // indirect + github.com/pkg/errors v0.9.1 // indirect + go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.49.0 // indirect + go.opentelemetry.io/otel v1.24.0 // indirect + go.opentelemetry.io/otel/metric v1.24.0 // indirect + go.opentelemetry.io/otel/trace v1.24.0 // indirect + golang.org/x/net v0.21.0 + golang.org/x/sys v0.17.0 // indirect +) diff --git a/go.sum b/go.sum new file mode 100755 index 00000000..a0f2bf68 --- /dev/null +++ b/go.sum @@ -0,0 +1,125 @@ +github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 h1:UQHMgLO+TxOElx5B5HZ4hJQsoJ/PvUvKRhJHDQXO8P8= +github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1/go.mod h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E= +github.com/Microsoft/go-winio v0.4.14 h1:+hMXMk01us9KgxGb7ftKQt2Xpf5hH/yky+TDA+qxleU= +github.com/Microsoft/go-winio v0.4.14/go.mod h1:qXqCSQ3Xa7+6tgxaGTIe4Kpcdsi+P8jBhyzoq1bpyYA= +github.com/cenkalti/backoff/v4 v4.2.1 h1:y4OZtCnogmCPw98Zjyt5a6+QwPLGkiQsYW5oUqylYbM= +github.com/cenkalti/backoff/v4 v4.2.1/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE= +github.com/containerd/log v0.1.0 h1:TCJt7ioM2cr/tfR8GPbGf9/VRAX8D2B4PjzCpfX540I= +github.com/containerd/log v0.1.0/go.mod h1:VRRf09a7mHDIRezVKTRCrOq78v577GXq3bSa3EhrzVo= +github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/distribution/reference v0.5.0 h1:/FUIFXtfc/x2gpa5/VGfiGLuOIdYa1t65IKK2OFGvA0= +github.com/distribution/reference v0.5.0/go.mod h1:BbU0aIcezP1/5jX/8MP0YiH4SdvB5Y4f/wlDRiLyi3E= +github.com/docker/docker v25.0.3+incompatible h1:D5fy/lYmY7bvZa0XTZ5/UJPljor41F+vdyJG5luQLfQ= +github.com/docker/docker v25.0.3+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= +github.com/docker/go-connections v0.5.0 h1:USnMq7hx7gwdVZq1L49hLXaFtUdTADjXGp+uj1Br63c= +github.com/docker/go-connections v0.5.0/go.mod h1:ov60Kzw0kKElRwhNs9UlUHAE/F9Fe6GLaXnqyDdmEXc= +github.com/docker/go-units v0.5.0 h1:69rxXcBk27SvSaaxTtLh/8llcHD8vYHT7WSdRZ/jvr4= +github.com/docker/go-units v0.5.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk= +github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg= +github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= +github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= +github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ= +github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= +github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= +github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= +github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= +github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= +github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg= +github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= +github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= +github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/grpc-ecosystem/grpc-gateway/v2 v2.19.0 h1:Wqo399gCIufwto+VfwCSvsnfGpF/w5E9CNxSwbpD6No= +github.com/grpc-ecosystem/grpc-gateway/v2 v2.19.0/go.mod h1:qmOFXW2epJhM0qSnUUYpldc7gVz2KMQwJ/QYCDIa7XU= +github.com/jellydator/ttlcache/v3 v3.2.0 h1:6lqVJ8X3ZaUwvzENqPAobDsXNExfUJd61u++uW8a3LE= +github.com/jellydator/ttlcache/v3 v3.2.0/go.mod h1:hi7MGFdMAwZna5n2tuvh63DvFLzVKySzCVW6+0gA2n4= +github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= +github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= +github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= +github.com/moby/term v0.5.0 h1:xt8Q1nalod/v7BqbG21f8mQPqH+xAaC9C3N3wfWbVP0= +github.com/moby/term v0.5.0/go.mod h1:8FzsFHVUBGZdbDsJw/ot+X+d5HLUbvklYLJ9uGfcI3Y= +github.com/morikuni/aec v1.0.0 h1:nP9CBfwrvYnBRgY6qfDQkygYDmYwOilePFkwzv4dU8A= +github.com/morikuni/aec v1.0.0/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc= +github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= +github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= +github.com/opencontainers/image-spec v1.1.0 h1:8SG7/vwALn54lVB/0yZ/MMwhFrPYtpEHQb2IpWsCzug= +github.com/opencontainers/image-spec v1.1.0/go.mod h1:W4s4sFTMaBeK1BQLXbG4AdM2szdn85PY75RI83NrTrM= +github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= +github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q= +github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ= +github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= +github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= +github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= +github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= +github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.49.0 h1:jq9TW8u3so/bN+JPT166wjOI6/vQPF6Xe7nMNIltagk= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.49.0/go.mod h1:p8pYQP+m5XfbZm9fxtSKAbM6oIllS7s2AfxrChvc7iw= +go.opentelemetry.io/otel v1.24.0 h1:0LAOdjNmQeSTzGBzduGe/rU4tZhMwL5rWgtp9Ku5Jfo= +go.opentelemetry.io/otel v1.24.0/go.mod h1:W7b9Ozg4nkF5tWI5zsXkaKKDjdVjpD4oAt9Qi/MArHo= +go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.24.0 h1:t6wl9SPayj+c7lEIFgm4ooDBZVb01IhLB4InpomhRw8= +go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.24.0/go.mod h1:iSDOcsnSA5INXzZtwaBPrKp/lWu/V14Dd+llD0oI2EA= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.24.0 h1:Xw8U6u2f8DK2XAkGRFV7BBLENgnTGX9i4rQRxJf+/vs= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.24.0/go.mod h1:6KW1Fm6R/s6Z3PGXwSJN2K4eT6wQB3vXX6CVnYX9NmM= +go.opentelemetry.io/otel/metric v1.24.0 h1:6EhoGWWK28x1fbpA4tYTOWBkPefTDQnb8WSGXlc88kI= +go.opentelemetry.io/otel/metric v1.24.0/go.mod h1:VYhLe1rFfxuTXLgj4CBiyz+9WYBA8pNGJgDcSFRKBco= +go.opentelemetry.io/otel/sdk v1.24.0 h1:YMPPDNymmQN3ZgczicBY3B6sf9n62Dlj9pWD3ucgoDw= +go.opentelemetry.io/otel/sdk v1.24.0/go.mod h1:KVrIYw6tEubO9E96HQpcmpTKDVn9gdv35HoYiQWGDFg= +go.opentelemetry.io/otel/trace v1.24.0 h1:CsKnnL4dUAr/0llH9FKuc698G04IrpWV0MQA/Y1YELI= +go.opentelemetry.io/otel/trace v1.24.0/go.mod h1:HPc3Xr/cOApsBI154IU0OI0HJexz+aw5uPdbs3UCjNU= +go.opentelemetry.io/proto/otlp v1.1.0 h1:2Di21piLrCqJ3U3eXGCTPHE9R8Nh+0uglSnOyxikMeI= +go.opentelemetry.io/proto/otlp v1.1.0/go.mod h1:GpBHCBWiqvVLDqmHZsoMM3C5ySeKTC7ej/RNTae6MdY= +golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= +golang.org/x/net v0.21.0 h1:AQyQV4dYCvJ7vGmJyKki9+PBdyvhkSd8EIx/qb0AYv4= +golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44= +golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.1.0 h1:wsuoTGHzEhffawBOhz5CYhcrV4IdKZbEyZjBMuTp12o= +golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.17.0 h1:25cE3gD+tdBA7lp7QfhuV+rJiE9YXTcS3VG1SqssI/Y= +golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= +golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= +golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk= +golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= +golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +google.golang.org/genproto/googleapis/api v0.0.0-20240102182953-50ed04b92917 h1:rcS6EyEaoCO52hQDupoSfrxI3R6C2Tq741is7X8OvnM= +google.golang.org/genproto/googleapis/api v0.0.0-20240102182953-50ed04b92917/go.mod h1:CmlNWB9lSezaYELKS5Ym1r44VrrbPUa7JTvw+6MbpJ0= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240102182953-50ed04b92917 h1:6G8oQ016D88m1xAKljMlBOOGWDZkes4kMhgGFlf8WcQ= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240102182953-50ed04b92917/go.mod h1:xtjpI3tXFPP051KaWnhvxkiubL/6dJ18vLVf7q2pTOU= +google.golang.org/grpc v1.61.1 h1:kLAiWrZs7YeDM6MumDe7m3y4aM6wacLzM1Y/wiLP9XY= +google.golang.org/grpc v1.61.1/go.mod h1:VUbo7IFqmF1QtCAstipjG0GIoq49KvMe9+h1jFLBNJs= +google.golang.org/protobuf v1.32.0 h1:pPC6BG5ex8PDFnkbrGU3EixyhKcQ2aDuBS36lqK/C7I= +google.golang.org/protobuf v1.32.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= +gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= +gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gotest.tools/v3 v3.5.1 h1:EENdUnS3pdur5nybKYIh2Vfgc8IUNBjxDPSjtiJcOzU= +gotest.tools/v3 v3.5.1/go.mod h1:isy3WKz7GK6uNw/sbHzfKBLvlvXwUyV06n6brMxxopU= diff --git a/main.go b/main.go new file mode 100755 index 00000000..f2d814ec --- /dev/null +++ b/main.go @@ -0,0 +1,178 @@ +package main + +import ( + "fmt" + "log" + "net/http" + "net/http/httputil" + "net/url" + "reflect" + "runtime" + "strings" + + "github.com/docker/docker/api/types" + "github.com/docker/docker/api/types/container" + "github.com/docker/docker/api/types/filters" + "github.com/docker/docker/client" + "golang.org/x/net/context" + "golang.org/x/text/cases" + "golang.org/x/text/language" +) + +type Config struct { + Scheme string + Host string + Port string + Path string +} + +type Route struct { + Url url.URL + Path string +} + +var dockerClient *client.Client +var subdomainRouteMap map[string][]Route // subdomain -> path + +func NewConfig() Config { + return Config{Scheme: "http", Host: "", Port: "", Path: ""} +} + +func main() { + var err error + runtime.GOMAXPROCS(runtime.NumCPU()) + + dockerClient, err = client.NewClientWithOpts(client.FromEnv, client.WithAPIVersionNegotiation()) + if err != nil { + log.Fatal(err) + } + go func() { + filter := filters.NewArgs( + filters.Arg("type", "container"), + filters.Arg("event", "start"), + filters.Arg("event", "die"), // stop seems like triggering die + // filters.Arg("event", "stop"), + ) + msgs, _ := dockerClient.Events(context.Background(), types.EventsOptions{Filters: filter}) + + for msg := range msgs { + // TODO: handle actor only + log.Printf("[Event] %s %s caused rebuild", msg.Action, msg.Actor.Attributes["name"]) + buildRoutes() + log.Printf("[Build] rebuilt %v reverse proxies", len(subdomainRouteMap)) + } + }() + + buildRoutes() + log.Printf("[Build] built %v reverse proxies", len(subdomainRouteMap)) + + http.DefaultTransport.(*http.Transport).MaxIdleConnsPerHost = 100 + + http.HandleFunc("/", handler) + go func() { + log.Println("Starting HTTP server on port 80") + err := http.ListenAndServe(":80", nil) + if err != nil { + log.Fatal("HTTP server error", err) + } + }() + log.Println("Starting HTTPS server on port 443") + err = http.ListenAndServeTLS(":443", "/certs/cert.crt", "/certs/priv.key", nil) + if err != nil { + log.Fatal("HTTPS Server error: ", err) + } +} + +func redirectTLS(w http.ResponseWriter, r *http.Request) { + // Redirect to the same host but with HTTPS + http.Redirect(w, r, "https://"+r.Host+r.URL.Path, http.StatusMovedPermanently) +} + +func handler(w http.ResponseWriter, r *http.Request) { + if r.TLS == nil { + redirectTLS(w, r) + return + } + subdomain := strings.Split(r.Host, ".")[0] + // log.Printf("[Request] %s%s\n", r.Host, r.URL) + + routeMap, ok := subdomainRouteMap[subdomain] + if !ok { + http.Error(w, fmt.Sprintf("no matching route for subdomain %s", subdomain), http.StatusNotFound) + return + } + for _, route := range routeMap { + if strings.HasPrefix(r.URL.Path, route.Path) { + r.URL.Path = strings.TrimPrefix(r.URL.Path, route.Path) + // log.Printf("[Route] %s", route.Url.String()) + + proxy := httputil.NewSingleHostReverseProxy(&route.Url) + proxy.ServeHTTP(w, r) + return + } + } + http.Error(w, fmt.Sprintf("no matching route for path %s for subdomain %s", r.URL.Path, subdomain), http.StatusNotFound) +} + +func buildContainerCfg(container types.Container) { + var aliases []string + + container_name := strings.TrimPrefix(container.Names[0], "/") + aliases_label, ok := container.Labels["proxy.aliases"] + if !ok { + aliases = []string{container_name} + } else { + aliases = strings.Split(aliases_label, ",") + } + + for _, alias := range aliases { + config := NewConfig() + prefix := fmt.Sprintf("proxy.%s.", alias) + for label, value := range container.Labels { + if strings.HasPrefix(label, prefix) { + field := strings.TrimPrefix(label, prefix) + field = cases.Title(language.Und, cases.NoLower).String(field) + prop := reflect.ValueOf(&config).Elem().FieldByName(field) + prop.Set(reflect.ValueOf(value)) + } + } + if config.Scheme != "http" && config.Scheme != "https" { + log.Printf("%s: unsupported scheme: %s, using http", container_name, config.Scheme) + config.Scheme = "http" + } + if config.Port == "" { + for _, port := range container.Ports { + config.Port = fmt.Sprintf("%d", port.PrivatePort) + break + } + } + if config.Port == "" { + // no ports exposed or specified + return + } + if config.Host == "" { + if container.HostConfig.NetworkMode != "host" { + config.Host = container_name + } else { + config.Host = "host.docker.internal" + } + } + _, inMap := subdomainRouteMap[alias] + if !inMap { + subdomainRouteMap[alias] = make([]Route, 0) + } + route := Route{Url: url.URL{Scheme: config.Scheme, Host: fmt.Sprintf("%s:%s", config.Host, config.Port)}, Path: config.Path} + subdomainRouteMap[alias] = append(subdomainRouteMap[alias], route) + } +} +func buildRoutes() { + subdomainRouteMap = make(map[string][]Route) + containerSlice, err := dockerClient.ContainerList(context.Background(), container.ListOptions{}) + if err != nil { + log.Fatal(err) + } + for _, container := range containerSlice { + buildContainerCfg(container) + } + // log.Println(subdomainRouteMap) +}