-
Notifications
You must be signed in to change notification settings - Fork 16
/
main.go
111 lines (96 loc) · 2.62 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
package main
import (
"net/http"
"net/http/httputil"
"net/url"
"os"
"strings"
"github.com/jessevdk/go-flags"
log "github.com/sirupsen/logrus"
"golang.org/x/crypto/acme/autocert"
)
var opts struct {
Domains string `short:"d" long:"domain" description:"Comma-separated domains for which to request certs from Let's Encrypt" required:"true"`
To string `short:"t" long:"to" description:"http[s]://IP:port to which traffic will be redirected" required:"true"`
Verbose bool `short:"v" long:"verbose" description:"Log request data"`
Trace bool `long:"trace" description:"Log request data"`
}
func init() {
_, err := flags.Parse(&opts)
if err != nil {
if err.(*flags.Error).Type == flags.ErrHelp {
os.Exit(0)
}
os.Exit(1)
}
if opts.Verbose {
log.SetLevel(log.DebugLevel)
} else if opts.Trace {
log.SetLevel(log.TraceLevel)
}
}
func main() {
url, err := url.Parse(opts.To)
if err != nil {
log.Fatal(err)
}
domains := strings.Split(opts.Domains, ",")
if err != nil {
log.Fatal(err)
}
manager := &autocert.Manager{
Cache: autocert.DirCache("certs"),
HostPolicy: autocert.HostWhitelist(domains...),
Prompt: autocert.AcceptTOS,
}
s := &http.Server{
Addr: "0.0.0.0:443",
TLSConfig: manager.TLSConfig(),
Handler: NewSingleHostReverseProxy(url),
}
log.WithFields(log.Fields{
"to": opts.To,
"domain": opts.Domains,
}).Info("Forwarding")
log.Fatal(s.ListenAndServeTLS("", ""))
}
// NewSingleHostReverseProxy is yanked from httputils so additional logging
// could be added
func NewSingleHostReverseProxy(target *url.URL) *httputil.ReverseProxy {
targetQuery := target.RawQuery
director := func(req *http.Request) {
log.WithFields(log.Fields{
"src": req.RemoteAddr,
"dst": req.RequestURI,
}).Debug()
req.URL.Scheme = target.Scheme
req.URL.Host = target.Host
req.URL.Path = singleJoiningSlash(target.Path, req.URL.Path)
if targetQuery == "" || req.URL.RawQuery == "" {
req.URL.RawQuery = targetQuery + req.URL.RawQuery
} else {
req.URL.RawQuery = targetQuery + "&" + req.URL.RawQuery
}
if _, ok := req.Header["User-Agent"]; !ok {
// explicitly disable User-Agent so it's not set to default value
req.Header.Set("User-Agent", "")
}
log.WithFields(log.Fields{
"headers": req.Header,
"method": req.Method,
"length": req.ContentLength,
}).Trace()
}
return &httputil.ReverseProxy{Director: director}
}
func singleJoiningSlash(a, b string) string {
aslash := strings.HasSuffix(a, "/")
bslash := strings.HasPrefix(b, "/")
switch {
case aslash && bslash:
return a + b[1:]
case !aslash && !bslash:
return a + "/" + b
}
return a + b
}