Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: add receive proxy protocol #206

Merged
merged 7 commits into from
Feb 7, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 3 additions & 3 deletions .golangci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -252,6 +252,9 @@ linters:
- wastedassign # finds wasted assignment statements
- whitespace # detects leading and trailing whitespace
- prealloc # [premature optimization, but can be used in some cases] finds slice declarations that could potentially be preallocated
- zerologlint # detects the wrong usage of zerolog that a user forgets to dispatch zerolog.Event
- testpackage # makes you use a separate _test package
- tagalign # checks that struct tags are well aligned

## you may want to enable
#- decorder # checks declaration order and count of types, constants, variables and functions
Expand All @@ -263,13 +266,10 @@ linters:
#- inamedparam # [great idea, but too strict, need to ignore a lot of cases by default] reports interfaces with unnamed method parameters
#- interfacebloat # checks the number of methods inside an interface
#- ireturn # accept interfaces, return concrete types
#- tagalign # checks that struct tags are well aligned
#- varnamelen # [great idea, but too many false positives] checks that the length of a variable's name matches its scope
#- wrapcheck # checks that errors returned from external packages are wrapped
#- zerologlint # detects the wrong usage of zerolog that a user forgets to dispatch zerolog.Event
#- gochecknoglobals # checks that no global variables exist
#- gomnd # detects magic numbers
#- testpackage # makes you use a separate _test package

## disabled
#- containedctx # detects struct contained context.Context field
Expand Down
2 changes: 1 addition & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@
</p>

> [!WARNING]
> Infrared is currently under active development: breaking changes can happen.
> Infrared is currently under active development: bugs and breaking changes can happen.
> Feedback and contributions are welcome.

An ultra lightweight Minecraft reverse proxy and status placeholder:
Expand Down
20 changes: 17 additions & 3 deletions cmd/infrared/main.go
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
package main

import (
"errors"
"os"
"os/signal"
"syscall"
Expand Down Expand Up @@ -117,12 +118,25 @@ func run() error {

select {
case sig := <-sigChan:
log.Printf("Received %s", sig.String())
log.Info().Msg("Received " + sig.String())
case err := <-errChan:
if err != nil {
return err
switch {
case errors.Is(err, ir.ErrNoServers):
log.Fatal().
Str("docs", "https://infrared.dev/config/proxies").
Msg("No proxy configs found; Check the docs")
case errors.Is(err, ir.ErrNoTrustedCIDRs):
log.Fatal().
Str("docs", "https://infrared.dev/features/proxy-protocol#receive-proxy-protocol").
Msg("Receive PROXY Protocol enabled, but no CIDRs specified; Check the docs")
default:
if err != nil {
return err
}
}
}

log.Info().Msg("Bye")

return nil
}
17 changes: 17 additions & 0 deletions configs/config.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,23 @@
#
bind: 0.0.0.0:25565

# This is for receiving PROXY Protocol Headers
#
proxyProtocol:
# Set this to true to enable it.
# You also need to set trusted CIDRs to use this feature.
# You can only receive PROXY Protocol Headers from trusted CIDRs.
#
receive: false

# List all your trusted CIDRs here.
# A CIDR is basically a way to talk about a whole range of IPs
# instead of just one. See here for more info:
# https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing#IPv4_CIDR_blocks
#
trustedCIDRs:
- 127.0.0.1/32

# Maximum duration between packets before the client gets timed out.
#
keepAliveTimeout: 30s
Expand Down
12 changes: 1 addition & 11 deletions configs/haproxy.cfg
Original file line number Diff line number Diff line change
Expand Up @@ -8,10 +8,6 @@
global
maxconn 20000
log stdout local0 debug
user haproxy
chroot /usr/share/haproxy
pidfile /run/haproxy.pid
daemon

defaults
log global
Expand All @@ -20,11 +16,6 @@ resolvers nameserver
nameserver ns1 1.1.1.1:53
nameserver ns2 8.8.8.8:53

#listen minecraft
# bind :25500
# mode tcp
# server s1 127.0.0.1:25565 send-proxy-v2 resolvers nameserver

frontend minecraft_fe
maxconn 2000
mode tcp
Expand All @@ -33,5 +24,4 @@ frontend minecraft_fe

backend minecraft_be
mode tcp
# server s1 185.232.71.248:25565 send-proxy-v2 resolvers nameserver
server s1 127.0.0.1:25565 send-proxy-v2 resolvers nameserver
server s1 127.0.0.1:25565 send-proxy-v2 resolvers nameserver
2 changes: 1 addition & 1 deletion configs/proxy.yml
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ domains:
addresses:
- 127.0.0.1:25565

# Send a Proxy Protocol v2 Header to the server to
# Send a PROXY Protocol Header to the server to
# forward the players IP address
#
#sendProxyProtocol: true
11 changes: 3 additions & 8 deletions deployments/docker-compose.dev.yml
Original file line number Diff line number Diff line change
Expand Up @@ -21,19 +21,14 @@ services:
- infrared.java.servers.devserver.address=:25566

haproxy:
image: haproxy
image: haproxy:alpine
container_name: infrared-dev-haproxy
sysctls:
- net.ipv4.ip_unprivileged_port_start=0
volumes:
- ../.dev/haproxy:/usr/local/etc/haproxy:ro
ports:
- 25567:25565/tcp
networks:
- infrared
network_mode: host

redis:
image: redis
image: redis:alpine
container_name: infrared-dev-redis
ports:
- 6379:6379/tcp
Expand Down
9 changes: 5 additions & 4 deletions docs/.vitepress/config.mts
Original file line number Diff line number Diff line change
Expand Up @@ -23,8 +23,8 @@ export default defineConfig({
{
text: 'Features',
items: [
{ text: 'PROXY Protocol', link: '/features/forward-player-ips' },
{ text: 'Rate Limiter', link: '/features/rate-limit-ips' },
{ text: 'PROXY Protocol', link: '/features/proxy-protocol' },
{ text: 'Rate Limiter', link: '/features/rate-limiter' },
]
},
{
Expand All @@ -47,6 +47,7 @@ export default defineConfig({

sidebar: [
{ text: 'Getting Started', link: '/getting-started' },
{ text: 'Community Projects', link: '/community-projects' },
{
text: 'Config',
items: [
Expand All @@ -58,12 +59,12 @@ export default defineConfig({
{
text: 'Features',
items: [
{ text: 'Forward Player IPs', link: '/features/forward-player-ips' },
{ text: 'PROXY Protocol', link: '/features/proxy-protocol' },
{
text: 'Filters',
link: '/features/filters',
items: [
{ text: 'Rate Limit IPs', link: '/features/rate-limit-ips' },
{ text: 'Rate Limiter', link: '/features/rate-limiter' },
]
}
]
Expand Down
13 changes: 13 additions & 0 deletions docs/community-projects.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
# Community Projects

> [!NOTE]
> These projects are managed by the Infrared Community.
> We do **not** provide official support for these projects.
> Please use their dedicated issue trackers or support channels provided by the respective project.
> Thanks for understanding.

## Infrared for Pterodactyl

An egg to run Infrared in Pterodactyl. \
Repo: [Shadowner/Infrared-Pterodactyl-egg](https://github.com/Shadowner/Infrared-Pterodactyl-egg) \
Owner: [Shadowner](https://github.com/Shadowner)
2 changes: 1 addition & 1 deletion docs/features/filters.md
Original file line number Diff line number Diff line change
Expand Up @@ -17,4 +17,4 @@ filters:
Now you actually need to add filters to your config.
This is a list of all the filters that currently exist:

- [Rate Limiter](rate-limit-ips)
- [Rate Limiter](rate-limiter)
16 changes: 0 additions & 16 deletions docs/features/forward-player-ips.md

This file was deleted.

43 changes: 43 additions & 0 deletions docs/features/proxy-protocol.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
# PROXY Protocol

Infrared supportes [PROXY Protocol v2](https://www.haproxy.org/download/1.8/doc/proxy-protocol.txt).

## Receive PROXY Protocol

You can receive PROXY Protocol Headers, but you **need** to specify your trusted [CIDRs](https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing#IPv4_CIDR_blocks).
To enable it in Infrared you just have to change this in you [global config](../config/index):

```yml
# This is for receiving PROXY Protocol Headers
#
proxyProtocol:
# Set this to true to enable it.
# You also need to set trusted CIDRs to use this feature.
# You can only receive PROXY Protocol Headers from trusted CIDRs.
#
receive: false

# List all your trusted CIDRs here.
# A CIDR is basically a way to talk about a whole range of IPs
# instead of just one.
#
trustedCIDRs:
- 127.0.0.1/32
```

## Forward Player IPs

You can forward the player IPs via PROXY Protocol.
To enable it in Infrared you just have to change this in you [**proxy config**](../config/proxies):
```yml
# Send a PROXY Protocol Header to the server to
# forward the players IP address.
#
#sendProxyProtocol: true // [!code --]
sendProxyProtocol: true // [!code ++]
```

## Paper

In Paper you have to enable it also to work.
See [the Paper documentation on PROXY Protocol](https://docs.papermc.io/paper/reference/global-configuration#proxies_proxy_protocol) for more.
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
# Rate Limit IPs

You can rate limit by IP address using the `rateLimit` filter.
This can be easily activated in your [**global config**](../config/index.md) by adding this:
This can be easily activated in your [**global config**](../config/index) by adding this:

```yml{2-16}
filters:
Expand Down
Loading
Loading