server: use struct

gartnera · Nov 26, 2024 · b44556f · b44556f
1 parent 53e94cc
commit b44556f
Show file tree

Hide file tree

Showing 6 changed files with 369 additions and 335 deletions.
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1,2 @@
+server.crt
+server.key
diff --git a/client/tunnel.go b/client/tunnel.go
@@ -101,7 +101,12 @@ func (t *Tunnel) stage1(print bool) (net.Conn, error) {
 	}
 	res := string(buf[:n])
 	if print {
-		fmt.Printf("URL: https://%s\n", res)
+		_, port, _ := net.SplitHostPort(t.server)
+		portPart := ""
+		if port != "443" {
+			portPart = fmt.Sprintf(":%s", port)
+		}
+		fmt.Printf("URL: https://%s%s\n", res, portPart)
 	}
 	return conn, nil
 }

diff --git a/cmd/tunnel-client/main.go b/cmd/tunnel-client/main.go
@@ -3,6 +3,7 @@ package main
 import (
 	"fmt"
 	"log"
+	"net"
 	"os"
 	"os/signal"
 	"strings"
@@ -85,9 +86,13 @@ var rootCmd = &cobra.Command{
 			if !strings.Contains(server, ":") {
 				controlName += ":443"
 			}
+			serverHostOnly := server
+			if strings.Contains(server, ":") {
+				serverHostOnly, _, _ = net.SplitHostPort(server)
+			}
 			hostnameFqdn := hostname
 			if hostnameFqdn != "" && !strings.Contains(hostnameFqdn, ".") {
-				hostnameFqdn = strings.Join([]string{hostname, server}, ".")
+				hostnameFqdn = strings.Join([]string{hostname, serverHostOnly}, ".")
 			}
 
 			tunnel := client.NewTunnel(controlName, hostnameFqdn, token, useTLS, tlsSkipVerify, httpTargetHostHeader, target)

diff --git a/cmd/tunnel-server/main.go b/cmd/tunnel-server/main.go
@@ -0,0 +1,70 @@
+package main
+
+import (
+	"crypto/tls"
+	"fmt"
+	"os"
+
+	"github.com/foomo/simplecert"
+	"gitlab.com/gartnera/tunnel/server"
+	"go.uber.org/zap"
+)
+
+func main() {
+
+	var ok bool
+	var err error
+	basename, ok := os.LookupEnv("TUNNEL_BASENAME")
+	if !ok {
+		panic("TUNNEL_BASENAME not defined")
+	}
+	port, ok := os.LookupEnv("TUNNEL_PORT")
+	if !ok {
+		panic("TUNNEL_PORT not defined")
+	}
+
+	_, ok = os.LookupEnv("DEBUG")
+	var logger *zap.Logger
+	if ok {
+		logger, err = zap.NewDevelopment()
+	} else {
+		logger, err = zap.NewProduction()
+	}
+	if err != nil {
+		panic(err)
+	}
+
+	sCfg := simplecert.Default
+	sCfg.Domains = []string{fmt.Sprintf("*.%s", basename)}
+	sCfg.CacheDir = os.Getenv("SIMPLECERT_CACHE_DIR")
+	sCfg.SSLEmail = os.Getenv("SIMPLECERT_SSL_EMAIL")
+	sCfg.DNSProvider = os.Getenv("SIMPLECERT_DNS_PROVIDER")
+	// simply restart server when certificate is renewed. rely on systemd to restart
+	sCfg.DidRenewCertificate = func() {
+		os.Exit(2)
+	}
+	if os.Getenv("SIMPLECERT_USE_PUBLIC_DNS") != "" {
+		sCfg.DNSServers = []string{"1.1.1.1"}
+	}
+
+	config := &tls.Config{}
+	cer, err := tls.LoadX509KeyPair("server.crt", "server.key")
+	if err == nil {
+		config.Certificates = []tls.Certificate{cer}
+	} else if sCfg.DNSProvider != "" {
+		certReloader, err := simplecert.Init(sCfg, nil)
+		if err != nil {
+			panic(err)
+		}
+		config.GetCertificate = certReloader.GetCertificateFunc()
+	} else {
+		logger.Fatal("could not parse cert or initiate simplecert", zap.Error(err))
+	}
+
+	server := server.New(basename, logger)
+	laddr := ":" + port
+	err = server.Start(laddr, config)
+	if err != nil {
+		logger.Fatal("server start", zap.Error(err))
+	}
+}