From 4969ca73faa40d481fb4c258800ee53e35860720 Mon Sep 17 00:00:00 2001 From: Peter Sanchez Date: Fri, 9 Feb 2024 07:02:30 -0600 Subject: [PATCH] Moving external reverse proxy checking route to it's own service. References: https://todo.code.netlandish.com/~netlandish/links/46 --- .gitignore | 1 + Makefile | 6 +++- cmd/domains/main.go | 85 +++++++++++++++++++++++++++++++++++++++++++++ cmd/links/main.go | 37 +++----------------- cmd/list/main.go | 2 +- cmd/short/main.go | 2 +- config.example.ini | 11 +++--- 7 files changed, 103 insertions(+), 41 deletions(-) create mode 100644 cmd/domains/main.go diff --git a/.gitignore b/.gitignore index 805a33b..0b2871a 100644 --- a/.gitignore +++ b/.gitignore @@ -15,6 +15,7 @@ links links-api links-short links-list +links-domains main tmp media diff --git a/Makefile b/Makefile index cded259..c9239a5 100644 --- a/Makefile +++ b/Makefile @@ -7,6 +7,7 @@ LINKSRC:=$(shell find ./cmd/links/ -name '*.go') APISRC:=$(shell find ./cmd/api/ -name '*.go') SHORTSRC:=$(shell find ./cmd/short/ -name '*.go') LISTSRC:=$(shell find ./cmd/list/ -name '*.go') +DOMSRC:=$(shell find ./cmd/domains/ -name '*.go') all: links links-api links-short links-list @@ -14,7 +15,7 @@ links: $(LINKSRC) $(GO) build $(GOFLAGS) -ldflags "$(LDFLAGS)" -o $@ $(LINKSRC) clean: - rm -f ./links ./links-api ./links-short ./links-list + rm -f ./links ./links-api ./links-short ./links-list ./links-domains trans: $(GO) generate ./internal/translations/translations.go @@ -31,6 +32,9 @@ links-short: links-list: $(GO) build $(GOFLAGS) -ldflags "$(LDFLAGS)" -o $@ $(LISTSRC) +links-domains: + $(GO) build $(GOFLAGS) -ldflags "$(LDFLAGS)" -o $@ $(DOMSRC) + schema: cd api && $(GO) generate ./graph diff --git a/cmd/domains/main.go b/cmd/domains/main.go new file mode 100644 index 0000000..5770c9c --- /dev/null +++ b/cmd/domains/main.go @@ -0,0 +1,85 @@ +package main + +import ( + "fmt" + "links/cmd" + "links/core" + "net/http" + "os" + "strconv" + + "github.com/labstack/echo/v4" + "netlandish.com/x/gobwebs/config" + "netlandish.com/x/gobwebs/database" + "netlandish.com/x/gobwebs/server" +) + +// Version set at build time +var Version string + +func main() { + if err := run(); err != nil { + fmt.Fprintf(os.Stderr, "Error starting application: %s\n", err) + os.Exit(1) + } +} + +func run() error { + config, err := config.LoadConfig("./config.ini") + if err != nil { + return err + } + + if val, ok := config.File.Get("links", "domains-listen-address"); ok { + if val != "" { + config.ListenAddr = val + } + } + + if val, ok := config.File.Get("links", "domains-listen-port"); ok { + config.ListenPort, err = strconv.Atoi(val) + if err != nil { + return fmt.Errorf("links:domains-listen-port must be an integer value") + } + } + + db, err := cmd.OpenDB(config) + if err != nil { + return fmt.Errorf("Unable to open connection to PostgreSQL: %v", err) + } + defer db.Close() + + e := echo.New() + e.GET("/_check/domain", func(c echo.Context) error { + domain := c.QueryParam("domain") + if domain == "" { + return c.NoContent(http.StatusBadRequest) + } + domains, err := core.ValidDomain(c.Request().Context(), domain, -1, true) + if err != nil { + return err + } + if len(domains) != 1 { + return c.NoContent(http.StatusBadRequest) + } + return c.NoContent(http.StatusOK) + }).Name = "domain_check" + + mwConf := &server.MiddlewareConfig{ + Sessions: false, + ServerContext: false, + } + srv := server.New(e, db, config). + Initialize(). + WithAppInfo("links-domains", Version). + DefaultMiddlewareWithConfig(mwConf). + WithMiddleware( + database.Middleware(db), + core.TimezoneContext(), + core.CORSReadOnlyMiddleware, + ) + + srv.Run() + + return nil +} diff --git a/cmd/links/main.go b/cmd/links/main.go index 3b60e48..104166c 100644 --- a/cmd/links/main.go +++ b/cmd/links/main.go @@ -131,12 +131,6 @@ func run() error { return fmt.Errorf("Unknown storage service configured") } - var domCheck bool - if domCheckVal, ok := config.File.Get("links", "enable-domain-check"); ok { - if domCheckVal == "true" { - domCheck = true - } - } tlsman := cmd.LoadAutoTLS(config, db, models.DomainServiceLinks) e := echo.New() @@ -183,35 +177,12 @@ func run() error { WithMiddleware( database.Middleware(db), core.TimezoneContext(), + crypto.Middleware(entropy), + core.DomainContext(models.DomainServiceLinks), + core.DomainRedirect, + auth.AuthMiddleware(accounts.NewUserFetch()), ) - // Split here to do as little middleware processing as needed - // to serve the domain check. - if tlsman == nil && domCheck { - e.GET("/_check/domain", func(c echo.Context) error { - domain := c.QueryParam("domain") - if domain == "" { - return c.NoContent(http.StatusBadRequest) - } - domains, err := core.ValidDomain(c.Request().Context(), domain, -1, true) - if err != nil { - return err - } - if len(domains) != 1 { - return c.NoContent(http.StatusBadRequest) - } - return c.NoContent(http.StatusOK) - }).Name = "domain_check" - } - - // Continue with middlewares... - srv.WithMiddleware( - crypto.Middleware(entropy), - core.DomainContext(models.DomainServiceLinks), - core.DomainRedirect, - auth.AuthMiddleware(accounts.NewUserFetch()), - ) - if tlsman != nil { srv = srv.WithCertManager(tlsman) } diff --git a/cmd/list/main.go b/cmd/list/main.go index 1228af8..e031e94 100644 --- a/cmd/list/main.go +++ b/cmd/list/main.go @@ -54,7 +54,7 @@ func run() error { if val, ok := config.File.Get("links", "list-listen-port"); ok { config.ListenPort, err = strconv.Atoi(val) if err != nil { - return fmt.Errorf("links:api-listen-port must be an integer value") + return fmt.Errorf("links:list-listen-port must be an integer value") } } diff --git a/cmd/short/main.go b/cmd/short/main.go index b5ffa71..7a20d9e 100644 --- a/cmd/short/main.go +++ b/cmd/short/main.go @@ -52,7 +52,7 @@ func run() error { if val, ok := config.File.Get("links", "short-listen-port"); ok { config.ListenPort, err = strconv.Atoi(val) if err != nil { - return fmt.Errorf("links:api-listen-port must be an integer value") + return fmt.Errorf("links:short-listen-port must be an integer value") } } diff --git a/config.example.ini b/config.example.ini index 739f990..8e2271f 100644 --- a/config.example.ini +++ b/config.example.ini @@ -117,10 +117,6 @@ api-origin=http://127.0.0.1:8080/query auto-tls=true # Where will SSL certs be stored. If empty, the value of `./cache` is used. ssl-cert-cachedir=/var/www/.cache -# Enable domain TLS support check. If set to true then the -# /_check/domain route will be added. -# Default false -enable-domain-check=false ## DNS CHECKS @@ -151,7 +147,12 @@ list-listen-port=8002 api-service-domain=domain.com api-listen-address=localhost -api-listen-port=8080 +api-listen-port=8003 + +# Optional domains service. Set this if you plan to use +# domain checking via Caddy, tlstunnel, etc. +domains-listen-address=localhost +domains-listen-port=8004 [stripe] secret-key= -- 2.45.2