feat: hot-reloading of config file
This commit is contained in:
		
					parent
					
						
							
								5e76c2b055
							
						
					
				
			
			
				commit
				
					
						58e22d33af
					
				
			
		
					 16 changed files with 213 additions and 58 deletions
				
			
		|  | @ -10,6 +10,9 @@ | ||||||
| listen_port = 8080 | listen_port = 8080 | ||||||
| listen_port_tls = 8443 | listen_port_tls = 8443 | ||||||
| 
 | 
 | ||||||
|  | # Optional for h2 and http1.1 | ||||||
|  | tcp_listen_backlog = 1024 | ||||||
|  | 
 | ||||||
| # Optional for h2 and http1.1 | # Optional for h2 and http1.1 | ||||||
| max_concurrent_streams = 100 | max_concurrent_streams = 100 | ||||||
| 
 | 
 | ||||||
|  |  | ||||||
|  | @ -35,7 +35,7 @@ rustls-pemfile = "1.0.3" | ||||||
| # config | # config | ||||||
| clap = { version = "4.3.17", features = ["std", "cargo", "wrap_help"] } | clap = { version = "4.3.17", features = ["std", "cargo", "wrap_help"] } | ||||||
| toml = { version = "0.7.6", default-features = false, features = ["parse"] } | toml = { version = "0.7.6", default-features = false, features = ["parse"] } | ||||||
| # hot_reload = "0.1.2" | hot_reload = "0.1.4" | ||||||
| 
 | 
 | ||||||
| # logging | # logging | ||||||
| tracing = { version = "0.1.37" } | tracing = { version = "0.1.37" } | ||||||
|  |  | ||||||
|  | @ -1,4 +1,9 @@ | ||||||
| mod parse; | mod parse; | ||||||
|  | mod service; | ||||||
| mod toml; | mod toml; | ||||||
| 
 | 
 | ||||||
| pub use parse::build_settings; | pub use { | ||||||
|  |   self::toml::ConfigToml, | ||||||
|  |   parse::{build_settings, parse_opts}, | ||||||
|  |   service::ConfigTomlReloader, | ||||||
|  | }; | ||||||
|  |  | ||||||
|  | @ -7,28 +7,30 @@ use crate::{ | ||||||
| use clap::Arg; | use clap::Arg; | ||||||
| use rpxy_lib::{AppConfig, AppConfigList, ProxyConfig}; | use rpxy_lib::{AppConfig, AppConfigList, ProxyConfig}; | ||||||
| 
 | 
 | ||||||
| pub fn build_settings() -> std::result::Result<(ProxyConfig, AppConfigList<CryptoFileSource>), anyhow::Error> { | pub fn parse_opts() -> Result<String, anyhow::Error> { | ||||||
|   let _ = include_str!("../../Cargo.toml"); |   let _ = include_str!("../../Cargo.toml"); | ||||||
|   let options = clap::command!().arg( |   let options = clap::command!().arg( | ||||||
|     Arg::new("config_file") |     Arg::new("config_file") | ||||||
|       .long("config") |       .long("config") | ||||||
|       .short('c') |       .short('c') | ||||||
|       .value_name("FILE") |       .value_name("FILE") | ||||||
|       .help("Configuration file path like \"./config.toml\""), |       .required(true) | ||||||
|  |       .help("Configuration file path like ./config.toml"), | ||||||
|   ); |   ); | ||||||
|   let matches = options.get_matches(); |   let matches = options.get_matches(); | ||||||
| 
 | 
 | ||||||
|   ///////////////////////////////////
 |   ///////////////////////////////////
 | ||||||
|   let config = if let Some(config_file_path) = matches.get_one::<String>("config_file") { |   let config_file_path = matches.get_one::<String>("config_file").unwrap(); | ||||||
|     ConfigToml::new(config_file_path)? |  | ||||||
|   } else { |  | ||||||
|     // Default config Toml
 |  | ||||||
|     ConfigToml::default() |  | ||||||
|   }; |  | ||||||
| 
 | 
 | ||||||
|  |   Ok(config_file_path.to_string()) | ||||||
|  | } | ||||||
|  | 
 | ||||||
|  | pub fn build_settings( | ||||||
|  |   config: &ConfigToml, | ||||||
|  | ) -> std::result::Result<(ProxyConfig, AppConfigList<CryptoFileSource>), anyhow::Error> { | ||||||
|   ///////////////////////////////////
 |   ///////////////////////////////////
 | ||||||
|   // build proxy config
 |   // build proxy config
 | ||||||
|   let proxy_config: ProxyConfig = (&config).try_into()?; |   let proxy_config: ProxyConfig = config.try_into()?; | ||||||
|   // For loggings
 |   // For loggings
 | ||||||
|   if proxy_config.listen_sockets.iter().any(|addr| addr.is_ipv6()) { |   if proxy_config.listen_sockets.iter().any(|addr| addr.is_ipv6()) { | ||||||
|     info!("Listen both IPv4 and IPv6") |     info!("Listen both IPv4 and IPv6") | ||||||
|  | @ -50,7 +52,7 @@ pub fn build_settings() -> std::result::Result<(ProxyConfig, AppConfigList<Crypt | ||||||
| 
 | 
 | ||||||
|   ///////////////////////////////////
 |   ///////////////////////////////////
 | ||||||
|   // backend_apps
 |   // backend_apps
 | ||||||
|   let apps = config.apps.ok_or(anyhow!("Missing application spec"))?; |   let apps = config.apps.clone().ok_or(anyhow!("Missing application spec"))?; | ||||||
| 
 | 
 | ||||||
|   // assertions for all backend apps
 |   // assertions for all backend apps
 | ||||||
|   ensure!(!apps.0.is_empty(), "Wrong application spec."); |   ensure!(!apps.0.is_empty(), "Wrong application spec."); | ||||||
|  | @ -88,9 +90,8 @@ pub fn build_settings() -> std::result::Result<(ProxyConfig, AppConfigList<Crypt | ||||||
| 
 | 
 | ||||||
|   let app_config_list = AppConfigList { |   let app_config_list = AppConfigList { | ||||||
|     inner: app_config_list_inner, |     inner: app_config_list_inner, | ||||||
|     default_app: config.default_app.map(|v| v.to_ascii_lowercase()), // default backend application for plaintext http requests
 |     default_app: config.default_app.clone().map(|v| v.to_ascii_lowercase()), // default backend application for plaintext http requests
 | ||||||
|   }; |   }; | ||||||
| 
 | 
 | ||||||
|   Ok((proxy_config, app_config_list)) |   Ok((proxy_config, app_config_list)) | ||||||
|   // todo!()
 |  | ||||||
| } | } | ||||||
|  |  | ||||||
							
								
								
									
										24
									
								
								rpxy-bin/src/config/service.rs
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										24
									
								
								rpxy-bin/src/config/service.rs
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,24 @@ | ||||||
|  | use super::toml::ConfigToml; | ||||||
|  | use async_trait::async_trait; | ||||||
|  | use hot_reload::{Reload, ReloaderError}; | ||||||
|  | 
 | ||||||
|  | #[derive(Clone)] | ||||||
|  | pub struct ConfigTomlReloader { | ||||||
|  |   pub config_path: String, | ||||||
|  | } | ||||||
|  | 
 | ||||||
|  | #[async_trait] | ||||||
|  | impl Reload<ConfigToml> for ConfigTomlReloader { | ||||||
|  |   type Source = String; | ||||||
|  |   async fn new(source: &Self::Source) -> Result<Self, ReloaderError<ConfigToml>> { | ||||||
|  |     Ok(Self { | ||||||
|  |       config_path: source.clone(), | ||||||
|  |     }) | ||||||
|  |   } | ||||||
|  | 
 | ||||||
|  |   async fn reload(&self) -> Result<Option<ConfigToml>, ReloaderError<ConfigToml>> { | ||||||
|  |     let conf = ConfigToml::new(&self.config_path) | ||||||
|  |       .map_err(|_e| ReloaderError::<ConfigToml>::Reload("Failed to reload config toml"))?; | ||||||
|  |     Ok(Some(conf)) | ||||||
|  |   } | ||||||
|  | } | ||||||
|  | @ -8,11 +8,12 @@ use rustc_hash::FxHashMap as HashMap; | ||||||
| use serde::Deserialize; | use serde::Deserialize; | ||||||
| use std::{fs, net::SocketAddr}; | use std::{fs, net::SocketAddr}; | ||||||
| 
 | 
 | ||||||
| #[derive(Deserialize, Debug, Default)] | #[derive(Deserialize, Debug, Default, PartialEq, Eq, Clone)] | ||||||
| pub struct ConfigToml { | pub struct ConfigToml { | ||||||
|   pub listen_port: Option<u16>, |   pub listen_port: Option<u16>, | ||||||
|   pub listen_port_tls: Option<u16>, |   pub listen_port_tls: Option<u16>, | ||||||
|   pub listen_ipv6: Option<bool>, |   pub listen_ipv6: Option<bool>, | ||||||
|  |   pub tcp_listen_backlog: Option<u32>, | ||||||
|   pub max_concurrent_streams: Option<u32>, |   pub max_concurrent_streams: Option<u32>, | ||||||
|   pub max_clients: Option<u32>, |   pub max_clients: Option<u32>, | ||||||
|   pub apps: Option<Apps>, |   pub apps: Option<Apps>, | ||||||
|  | @ -21,7 +22,7 @@ pub struct ConfigToml { | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
| #[cfg(feature = "http3")] | #[cfg(feature = "http3")] | ||||||
| #[derive(Deserialize, Debug, Default)] | #[derive(Deserialize, Debug, Default, PartialEq, Eq, Clone)] | ||||||
| pub struct Http3Option { | pub struct Http3Option { | ||||||
|   pub alt_svc_max_age: Option<u32>, |   pub alt_svc_max_age: Option<u32>, | ||||||
|   pub request_max_body_size: Option<usize>, |   pub request_max_body_size: Option<usize>, | ||||||
|  | @ -31,24 +32,24 @@ pub struct Http3Option { | ||||||
|   pub max_idle_timeout: Option<u64>, |   pub max_idle_timeout: Option<u64>, | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
| #[derive(Deserialize, Debug, Default)] | #[derive(Deserialize, Debug, Default, PartialEq, Eq, Clone)] | ||||||
| pub struct Experimental { | pub struct Experimental { | ||||||
|   #[cfg(feature = "http3")] |   #[cfg(feature = "http3")] | ||||||
|   pub h3: Option<Http3Option>, |   pub h3: Option<Http3Option>, | ||||||
|   pub ignore_sni_consistency: Option<bool>, |   pub ignore_sni_consistency: Option<bool>, | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
| #[derive(Deserialize, Debug, Default)] | #[derive(Deserialize, Debug, Default, PartialEq, Eq, Clone)] | ||||||
| pub struct Apps(pub HashMap<String, Application>); | pub struct Apps(pub HashMap<String, Application>); | ||||||
| 
 | 
 | ||||||
| #[derive(Deserialize, Debug, Default)] | #[derive(Deserialize, Debug, Default, PartialEq, Eq, Clone)] | ||||||
| pub struct Application { | pub struct Application { | ||||||
|   pub server_name: Option<String>, |   pub server_name: Option<String>, | ||||||
|   pub reverse_proxy: Option<Vec<ReverseProxyOption>>, |   pub reverse_proxy: Option<Vec<ReverseProxyOption>>, | ||||||
|   pub tls: Option<TlsOption>, |   pub tls: Option<TlsOption>, | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
| #[derive(Deserialize, Debug, Default)] | #[derive(Deserialize, Debug, Default, PartialEq, Eq, Clone)] | ||||||
| pub struct TlsOption { | pub struct TlsOption { | ||||||
|   pub tls_cert_path: Option<String>, |   pub tls_cert_path: Option<String>, | ||||||
|   pub tls_cert_key_path: Option<String>, |   pub tls_cert_key_path: Option<String>, | ||||||
|  | @ -56,7 +57,7 @@ pub struct TlsOption { | ||||||
|   pub client_ca_cert_path: Option<String>, |   pub client_ca_cert_path: Option<String>, | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
| #[derive(Deserialize, Debug, Default)] | #[derive(Deserialize, Debug, Default, PartialEq, Eq, Clone)] | ||||||
| pub struct ReverseProxyOption { | pub struct ReverseProxyOption { | ||||||
|   pub path: Option<String>, |   pub path: Option<String>, | ||||||
|   pub replace_path: Option<String>, |   pub replace_path: Option<String>, | ||||||
|  | @ -65,7 +66,7 @@ pub struct ReverseProxyOption { | ||||||
|   pub load_balance: Option<String>, |   pub load_balance: Option<String>, | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
| #[derive(Deserialize, Debug, Default)] | #[derive(Deserialize, Debug, Default, PartialEq, Eq, Clone)] | ||||||
| pub struct UpstreamParams { | pub struct UpstreamParams { | ||||||
|   pub location: String, |   pub location: String, | ||||||
|   pub tls: Option<bool>, |   pub tls: Option<bool>, | ||||||
|  | @ -112,6 +113,11 @@ impl TryInto<ProxyConfig> for &ConfigToml { | ||||||
|       }) |       }) | ||||||
|       .collect(); |       .collect(); | ||||||
| 
 | 
 | ||||||
|  |     // tcp backlog
 | ||||||
|  |     if let Some(backlog) = self.tcp_listen_backlog { | ||||||
|  |       proxy_config.tcp_listen_backlog = backlog; | ||||||
|  |     } | ||||||
|  | 
 | ||||||
|     // max values
 |     // max values
 | ||||||
|     if let Some(c) = self.max_clients { |     if let Some(c) = self.max_clients { | ||||||
|       proxy_config.max_clients = c as usize; |       proxy_config.max_clients = c as usize; | ||||||
|  |  | ||||||
|  | @ -1,2 +1,3 @@ | ||||||
| pub const LISTEN_ADDRESSES_V4: &[&str] = &["0.0.0.0"]; | pub const LISTEN_ADDRESSES_V4: &[&str] = &["0.0.0.0"]; | ||||||
| pub const LISTEN_ADDRESSES_V6: &[&str] = &["[::]"]; | pub const LISTEN_ADDRESSES_V6: &[&str] = &["[::]"]; | ||||||
|  | pub const CONFIG_WATCH_DELAY_SECS: u32 = 20; | ||||||
|  |  | ||||||
|  | @ -11,7 +11,12 @@ mod constants; | ||||||
| mod error; | mod error; | ||||||
| mod log; | mod log; | ||||||
| 
 | 
 | ||||||
| use crate::{config::build_settings, log::*}; | use crate::{ | ||||||
|  |   config::{build_settings, parse_opts, ConfigToml, ConfigTomlReloader}, | ||||||
|  |   constants::CONFIG_WATCH_DELAY_SECS, | ||||||
|  |   log::*, | ||||||
|  | }; | ||||||
|  | use hot_reload::{ReloaderReceiver, ReloaderService}; | ||||||
| use rpxy_lib::entrypoint; | use rpxy_lib::entrypoint; | ||||||
| 
 | 
 | ||||||
| fn main() { | fn main() { | ||||||
|  | @ -23,17 +28,68 @@ fn main() { | ||||||
|   let runtime = runtime_builder.build().unwrap(); |   let runtime = runtime_builder.build().unwrap(); | ||||||
| 
 | 
 | ||||||
|   runtime.block_on(async { |   runtime.block_on(async { | ||||||
|     let (proxy_conf, app_conf) = match build_settings() { |     // Initially load config
 | ||||||
|       Ok(g) => g, |     let Ok(config_path) = parse_opts() else { | ||||||
|       Err(e) => { |         error!("Invalid toml file"); | ||||||
|         error!("Invalid configuration: {}", e); |  | ||||||
|         std::process::exit(1); |         std::process::exit(1); | ||||||
|  |     }; | ||||||
|  |     let (config_service, config_rx) = | ||||||
|  |       ReloaderService::<ConfigTomlReloader, ConfigToml>::new(&config_path, CONFIG_WATCH_DELAY_SECS, false) | ||||||
|  |         .await | ||||||
|  |         .unwrap(); | ||||||
|  | 
 | ||||||
|  |     tokio::select! { | ||||||
|  |       _ = config_service.start() => { | ||||||
|  |         error!("config reloader service exited"); | ||||||
|  |       } | ||||||
|  |       _ = rpxy_service(config_rx, runtime.handle().clone()) => { | ||||||
|  |         error!("rpxy service existed"); | ||||||
|  |       } | ||||||
|  |     } | ||||||
|  |   }); | ||||||
|  | } | ||||||
|  | 
 | ||||||
|  | async fn rpxy_service( | ||||||
|  |   mut config_rx: ReloaderReceiver<ConfigToml>, | ||||||
|  |   runtime_handle: tokio::runtime::Handle, | ||||||
|  | ) -> Result<(), anyhow::Error> { | ||||||
|  |   // Initial loading
 | ||||||
|  |   config_rx.changed().await?; | ||||||
|  |   let config_toml = config_rx.borrow().clone().unwrap(); | ||||||
|  |   let (mut proxy_conf, mut app_conf) = match build_settings(&config_toml) { | ||||||
|  |     Ok(v) => v, | ||||||
|  |     Err(e) => { | ||||||
|  |       error!("Invalid configuration: {e}"); | ||||||
|  |       return Err(anyhow::anyhow!(e)); | ||||||
|     } |     } | ||||||
|   }; |   }; | ||||||
| 
 | 
 | ||||||
|     entrypoint(proxy_conf, app_conf, runtime.handle().clone()) |   // Continuous monitoring
 | ||||||
|       .await |   loop { | ||||||
|       .unwrap() |     tokio::select! { | ||||||
|   }); |       _ = entrypoint(&proxy_conf, &app_conf, &runtime_handle) => { | ||||||
|   warn!("rpxy exited!"); |         error!("rpxy entrypoint exited"); | ||||||
|  |         break; | ||||||
|  |       } | ||||||
|  |       _ = config_rx.changed() => { | ||||||
|  |         if config_rx.borrow().is_none() { | ||||||
|  |           error!("Something wrong in config reloader receiver"); | ||||||
|  |           break; | ||||||
|  |         } | ||||||
|  |         let config_toml = config_rx.borrow().clone().unwrap(); | ||||||
|  |         match build_settings(&config_toml) { | ||||||
|  |           Ok((p, a)) => { | ||||||
|  |             (proxy_conf, app_conf) = (p, a) | ||||||
|  |           }, | ||||||
|  |           Err(e) => { | ||||||
|  |             error!("Invalid configuration. Configuration does not updated: {e}"); | ||||||
|  |             continue; | ||||||
|  |           } | ||||||
|  |         }; | ||||||
|  |         info!("Configuration updated. Force to re-bind TCP/UDP sockets"); | ||||||
|  |       } | ||||||
|  |       else => break
 | ||||||
|  |     } | ||||||
|  |   } | ||||||
|  |   Ok(()) | ||||||
| } | } | ||||||
|  |  | ||||||
|  | @ -30,7 +30,7 @@ tokio = { version = "1.29.1", default-features = false, features = [ | ||||||
|   "macros", |   "macros", | ||||||
| ] } | ] } | ||||||
| async-trait = "0.1.72" | async-trait = "0.1.72" | ||||||
| hot_reload = "0.1.2" # reloading certs | hot_reload = "0.1.4" # reloading certs | ||||||
| 
 | 
 | ||||||
| # Error handling | # Error handling | ||||||
| anyhow = "1.0.72" | anyhow = "1.0.72" | ||||||
|  | @ -63,6 +63,8 @@ quinn = { path = "../quinn/quinn", optional = true } # Tentative to support rust | ||||||
| h3 = { path = "../h3/h3/", optional = true } | h3 = { path = "../h3/h3/", optional = true } | ||||||
| # h3-quinn = { path = "./h3/h3-quinn/", optional = true } | # h3-quinn = { path = "./h3/h3-quinn/", optional = true } | ||||||
| h3-quinn = { path = "../h3-quinn/", optional = true } # Tentative to support rustls-0.21 | h3-quinn = { path = "../h3-quinn/", optional = true } # Tentative to support rustls-0.21 | ||||||
|  | # for UDP socket wit SO_REUSEADDR | ||||||
|  | socket2 = { version = "0.5.3", features = ["all"] } | ||||||
| 
 | 
 | ||||||
| # cookie handling for sticky cookie | # cookie handling for sticky cookie | ||||||
| chrono = { version = "0.4.26", default-features = false, features = [ | chrono = { version = "0.4.26", default-features = false, features = [ | ||||||
|  |  | ||||||
|  | @ -1,5 +1,6 @@ | ||||||
| // pub const LISTEN_ADDRESSES_V4: &[&str] = &["0.0.0.0"];
 | // pub const LISTEN_ADDRESSES_V4: &[&str] = &["0.0.0.0"];
 | ||||||
| // pub const LISTEN_ADDRESSES_V6: &[&str] = &["[::]"];
 | // pub const LISTEN_ADDRESSES_V6: &[&str] = &["[::]"];
 | ||||||
|  | pub const TCP_LISTEN_BACKLOG: u32 = 1024; | ||||||
| // pub const HTTP_LISTEN_PORT: u16 = 8080;
 | // pub const HTTP_LISTEN_PORT: u16 = 8080;
 | ||||||
| // pub const HTTPS_LISTEN_PORT: u16 = 8443;
 | // pub const HTTPS_LISTEN_PORT: u16 = 8443;
 | ||||||
| pub const PROXY_TIMEOUT_SEC: u64 = 60; | pub const PROXY_TIMEOUT_SEC: u64 = 60; | ||||||
|  |  | ||||||
|  | @ -36,11 +36,12 @@ where | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
| /// Configuration parameters for proxy transport and request handlers
 | /// Configuration parameters for proxy transport and request handlers
 | ||||||
| #[derive(PartialEq, Eq)] | #[derive(PartialEq, Eq, Clone)] | ||||||
| pub struct ProxyConfig { | pub struct ProxyConfig { | ||||||
|   pub listen_sockets: Vec<SocketAddr>, // when instantiate server
 |   pub listen_sockets: Vec<SocketAddr>, // when instantiate server
 | ||||||
|   pub http_port: Option<u16>,          // when instantiate server
 |   pub http_port: Option<u16>,          // when instantiate server
 | ||||||
|   pub https_port: Option<u16>,         // when instantiate server
 |   pub https_port: Option<u16>,         // when instantiate server
 | ||||||
|  |   pub tcp_listen_backlog: u32,         // when instantiate server
 | ||||||
| 
 | 
 | ||||||
|   pub proxy_timeout: Duration,    // when serving requests at Proxy
 |   pub proxy_timeout: Duration,    // when serving requests at Proxy
 | ||||||
|   pub upstream_timeout: Duration, // when serving requests at Handler
 |   pub upstream_timeout: Duration, // when serving requests at Handler
 | ||||||
|  | @ -74,6 +75,7 @@ impl Default for ProxyConfig { | ||||||
|       listen_sockets: Vec::new(), |       listen_sockets: Vec::new(), | ||||||
|       http_port: None, |       http_port: None, | ||||||
|       https_port: None, |       https_port: None, | ||||||
|  |       tcp_listen_backlog: TCP_LISTEN_BACKLOG, | ||||||
| 
 | 
 | ||||||
|       // TODO: Reconsider each timeout values
 |       // TODO: Reconsider each timeout values
 | ||||||
|       proxy_timeout: Duration::from_secs(PROXY_TIMEOUT_SEC), |       proxy_timeout: Duration::from_secs(PROXY_TIMEOUT_SEC), | ||||||
|  | @ -104,7 +106,7 @@ impl Default for ProxyConfig { | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
| /// Configuration parameters for backend applications
 | /// Configuration parameters for backend applications
 | ||||||
| #[derive(PartialEq, Eq)] | #[derive(PartialEq, Eq, Clone)] | ||||||
| pub struct AppConfigList<T> | pub struct AppConfigList<T> | ||||||
| where | where | ||||||
|   T: CryptoSource, |   T: CryptoSource, | ||||||
|  | @ -152,7 +154,7 @@ where | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
| /// Configuration parameters for single backend application
 | /// Configuration parameters for single backend application
 | ||||||
| #[derive(PartialEq, Eq)] | #[derive(PartialEq, Eq, Clone)] | ||||||
| pub struct AppConfig<T> | pub struct AppConfig<T> | ||||||
| where | where | ||||||
|   T: CryptoSource, |   T: CryptoSource, | ||||||
|  | @ -234,7 +236,7 @@ where | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
| /// Configuration parameters for single reverse proxy corresponding to the path
 | /// Configuration parameters for single reverse proxy corresponding to the path
 | ||||||
| #[derive(PartialEq, Eq)] | #[derive(PartialEq, Eq, Clone)] | ||||||
| pub struct ReverseProxyConfig { | pub struct ReverseProxyConfig { | ||||||
|   pub path: Option<String>, |   pub path: Option<String>, | ||||||
|   pub replace_path: Option<String>, |   pub replace_path: Option<String>, | ||||||
|  | @ -244,7 +246,7 @@ pub struct ReverseProxyConfig { | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
| /// Configuration parameters for single upstream destination from a reverse proxy
 | /// Configuration parameters for single upstream destination from a reverse proxy
 | ||||||
| #[derive(PartialEq, Eq)] | #[derive(PartialEq, Eq, Clone)] | ||||||
| pub struct UpstreamUri { | pub struct UpstreamUri { | ||||||
|   pub inner: hyper::Uri, |   pub inner: hyper::Uri, | ||||||
| } | } | ||||||
|  | @ -259,7 +261,7 @@ impl TryInto<Upstream> for &UpstreamUri { | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
| /// Configuration parameters on TLS for a single backend application
 | /// Configuration parameters on TLS for a single backend application
 | ||||||
| #[derive(PartialEq, Eq)] | #[derive(PartialEq, Eq, Clone)] | ||||||
| pub struct TlsConfig<T> | pub struct TlsConfig<T> | ||||||
| where | where | ||||||
|   T: CryptoSource, |   T: CryptoSource, | ||||||
|  |  | ||||||
|  | @ -25,19 +25,19 @@ pub mod reexports { | ||||||
| 
 | 
 | ||||||
| /// Entrypoint that creates and spawns tasks of reverse proxy services
 | /// Entrypoint that creates and spawns tasks of reverse proxy services
 | ||||||
| pub async fn entrypoint<T>( | pub async fn entrypoint<T>( | ||||||
|   proxy_config: ProxyConfig, |   proxy_config: &ProxyConfig, | ||||||
|   app_config_list: AppConfigList<T>, |   app_config_list: &AppConfigList<T>, | ||||||
|   runtime_handle: tokio::runtime::Handle, |   runtime_handle: &tokio::runtime::Handle, | ||||||
| ) -> Result<()> | ) -> Result<()> | ||||||
| where | where | ||||||
|   T: CryptoSource + Clone + Send + Sync + 'static, |   T: CryptoSource + Clone + Send + Sync + 'static, | ||||||
| { | { | ||||||
|   // build global
 |   // build global
 | ||||||
|   let globals = Arc::new(Globals { |   let globals = Arc::new(Globals { | ||||||
|     proxy_config, |     proxy_config: proxy_config.clone(), | ||||||
|     backends: app_config_list.try_into()?, |     backends: app_config_list.clone().try_into()?, | ||||||
|     request_count: Default::default(), |     request_count: Default::default(), | ||||||
|     runtime_handle, |     runtime_handle: runtime_handle.clone(), | ||||||
|   }); |   }); | ||||||
|   // let connector = TrustDnsResolver::default().into_rustls_webpki_https_connector();
 |   // let connector = TrustDnsResolver::default().into_rustls_webpki_https_connector();
 | ||||||
|   let connector = hyper_rustls::HttpsConnectorBuilder::new() |   let connector = hyper_rustls::HttpsConnectorBuilder::new() | ||||||
|  | @ -71,8 +71,8 @@ where | ||||||
|   })); |   })); | ||||||
| 
 | 
 | ||||||
|   // wait for all future
 |   // wait for all future
 | ||||||
|   if let (Ok(_), _, _) = futures.await { |   if let (Ok(Err(e)), _, _) = futures.await { | ||||||
|     error!("Some proxy services are down"); |     error!("Some proxy services are down: {:?}", e); | ||||||
|   }; |   }; | ||||||
| 
 | 
 | ||||||
|   Ok(()) |   Ok(()) | ||||||
|  |  | ||||||
|  | @ -4,5 +4,6 @@ mod proxy_client_cert; | ||||||
| mod proxy_h3; | mod proxy_h3; | ||||||
| mod proxy_main; | mod proxy_main; | ||||||
| mod proxy_tls; | mod proxy_tls; | ||||||
|  | mod socket; | ||||||
| 
 | 
 | ||||||
| pub use proxy_main::{Proxy, ProxyBuilder, ProxyBuilderError}; | pub use proxy_main::{Proxy, ProxyBuilder, ProxyBuilderError}; | ||||||
|  |  | ||||||
|  | @ -1,4 +1,4 @@ | ||||||
| // use super::proxy_handler::handle_request;
 | use super::socket::bind_tcp_socket; | ||||||
| use crate::{ | use crate::{ | ||||||
|   certs::CryptoSource, error::*, globals::Globals, handler::HttpMessageHandler, log::*, utils::ServerNameBytesExp, |   certs::CryptoSource, error::*, globals::Globals, handler::HttpMessageHandler, log::*, utils::ServerNameBytesExp, | ||||||
| }; | }; | ||||||
|  | @ -7,7 +7,6 @@ use hyper::{client::connect::Connect, server::conn::Http, service::service_fn, B | ||||||
| use std::{net::SocketAddr, sync::Arc}; | use std::{net::SocketAddr, sync::Arc}; | ||||||
| use tokio::{ | use tokio::{ | ||||||
|   io::{AsyncRead, AsyncWrite}, |   io::{AsyncRead, AsyncWrite}, | ||||||
|   net::TcpListener, |  | ||||||
|   runtime::Handle, |   runtime::Handle, | ||||||
|   time::{timeout, Duration}, |   time::{timeout, Duration}, | ||||||
| }; | }; | ||||||
|  | @ -94,7 +93,9 @@ where | ||||||
| 
 | 
 | ||||||
|   async fn start_without_tls(self, server: Http<LocalExecutor>) -> Result<()> { |   async fn start_without_tls(self, server: Http<LocalExecutor>) -> Result<()> { | ||||||
|     let listener_service = async { |     let listener_service = async { | ||||||
|       let tcp_listener = TcpListener::bind(&self.listening_on).await?; |       let tcp_socket = bind_tcp_socket(&self.listening_on)?; | ||||||
|  |       let tcp_listener = tcp_socket.listen(self.globals.proxy_config.tcp_listen_backlog)?; | ||||||
|  |       // let tcp_listener = TcpListener::bind(&self.listening_on).await?;
 | ||||||
|       info!("Start TCP proxy serving with HTTP request for configured host names"); |       info!("Start TCP proxy serving with HTTP request for configured host names"); | ||||||
|       while let Ok((stream, _client_addr)) = tcp_listener.accept().await { |       while let Ok((stream, _client_addr)) = tcp_listener.accept().await { | ||||||
|         self.clone().client_serve(stream, server.clone(), _client_addr, None); |         self.clone().client_serve(stream, server.clone(), _client_addr, None); | ||||||
|  |  | ||||||
|  | @ -1,6 +1,9 @@ | ||||||
|  | #[cfg(feature = "http3")] | ||||||
|  | use super::socket::bind_udp_socket; | ||||||
| use super::{ | use super::{ | ||||||
|   crypto_service::{CryptoReloader, ServerCrypto, ServerCryptoBase, SniServerCryptoMap}, |   crypto_service::{CryptoReloader, ServerCrypto, ServerCryptoBase, SniServerCryptoMap}, | ||||||
|   proxy_main::{LocalExecutor, Proxy}, |   proxy_main::{LocalExecutor, Proxy}, | ||||||
|  |   socket::bind_tcp_socket, | ||||||
| }; | }; | ||||||
| use crate::{certs::CryptoSource, constants::*, error::*, log::*, utils::BytesName}; | use crate::{certs::CryptoSource, constants::*, error::*, log::*, utils::BytesName}; | ||||||
| use hot_reload::{ReloaderReceiver, ReloaderService}; | use hot_reload::{ReloaderReceiver, ReloaderService}; | ||||||
|  | @ -10,10 +13,7 @@ use quinn::{crypto::rustls::HandshakeData, Endpoint, ServerConfig as QuicServerC | ||||||
| #[cfg(feature = "http3")] | #[cfg(feature = "http3")] | ||||||
| use rustls::ServerConfig; | use rustls::ServerConfig; | ||||||
| use std::sync::Arc; | use std::sync::Arc; | ||||||
| use tokio::{ | use tokio::time::{timeout, Duration}; | ||||||
|   net::TcpListener, |  | ||||||
|   time::{timeout, Duration}, |  | ||||||
| }; |  | ||||||
| 
 | 
 | ||||||
| impl<T, U> Proxy<T, U> | impl<T, U> Proxy<T, U> | ||||||
| where | where | ||||||
|  | @ -26,7 +26,8 @@ where | ||||||
|     server: Http<LocalExecutor>, |     server: Http<LocalExecutor>, | ||||||
|     mut server_crypto_rx: ReloaderReceiver<ServerCryptoBase>, |     mut server_crypto_rx: ReloaderReceiver<ServerCryptoBase>, | ||||||
|   ) -> Result<()> { |   ) -> Result<()> { | ||||||
|     let tcp_listener = TcpListener::bind(&self.listening_on).await?; |     let tcp_socket = bind_tcp_socket(&self.listening_on)?; | ||||||
|  |     let tcp_listener = tcp_socket.listen(self.globals.proxy_config.tcp_listen_backlog)?; | ||||||
|     info!("Start TCP proxy serving with HTTPS request for configured host names"); |     info!("Start TCP proxy serving with HTTPS request for configured host names"); | ||||||
| 
 | 
 | ||||||
|     let mut server_crypto_map: Option<Arc<SniServerCryptoMap>> = None; |     let mut server_crypto_map: Option<Arc<SniServerCryptoMap>> = None; | ||||||
|  | @ -130,7 +131,17 @@ where | ||||||
|     let mut server_config_h3 = QuicServerConfig::with_crypto(Arc::new(rustls_server_config)); |     let mut server_config_h3 = QuicServerConfig::with_crypto(Arc::new(rustls_server_config)); | ||||||
|     server_config_h3.transport = Arc::new(transport_config_quic); |     server_config_h3.transport = Arc::new(transport_config_quic); | ||||||
|     server_config_h3.concurrent_connections(self.globals.proxy_config.h3_max_concurrent_connections); |     server_config_h3.concurrent_connections(self.globals.proxy_config.h3_max_concurrent_connections); | ||||||
|     let endpoint = Endpoint::server(server_config_h3, self.listening_on)?; | 
 | ||||||
|  |     // To reuse address
 | ||||||
|  |     let udp_socket = bind_udp_socket(&self.listening_on)?; | ||||||
|  |     let runtime = quinn::default_runtime() | ||||||
|  |       .ok_or_else(|| std::io::Error::new(std::io::ErrorKind::Other, "No async runtime found"))?; | ||||||
|  |     let endpoint = Endpoint::new( | ||||||
|  |       quinn::EndpointConfig::default(), | ||||||
|  |       Some(server_config_h3), | ||||||
|  |       udp_socket, | ||||||
|  |       runtime, | ||||||
|  |     )?; | ||||||
| 
 | 
 | ||||||
|     let mut server_crypto: Option<Arc<ServerCrypto>> = None; |     let mut server_crypto: Option<Arc<ServerCrypto>> = None; | ||||||
|     loop { |     loop { | ||||||
|  | @ -199,10 +210,10 @@ where | ||||||
|     #[cfg(not(feature = "http3"))] |     #[cfg(not(feature = "http3"))] | ||||||
|     { |     { | ||||||
|       tokio::select! { |       tokio::select! { | ||||||
|         _= self.cert_service(tx) => { |         _= cert_reloader_service.start() => { | ||||||
|           error!("Cert service for TLS exited"); |           error!("Cert service for TLS exited"); | ||||||
|         }, |         }, | ||||||
|         _ = self.listener_service(server, rx) => { |         _ = self.listener_service(server, cert_reloader_rx) => { | ||||||
|           error!("TCP proxy service for TLS exited"); |           error!("TCP proxy service for TLS exited"); | ||||||
|         }, |         }, | ||||||
|         else => { |         else => { | ||||||
|  |  | ||||||
							
								
								
									
										41
									
								
								rpxy-lib/src/proxy/socket.rs
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										41
									
								
								rpxy-lib/src/proxy/socket.rs
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,41 @@ | ||||||
|  | use crate::{error::*, log::*}; | ||||||
|  | #[cfg(feature = "http3")] | ||||||
|  | use socket2::{Domain, Protocol, Socket, Type}; | ||||||
|  | use std::net::SocketAddr; | ||||||
|  | #[cfg(feature = "http3")] | ||||||
|  | use std::net::UdpSocket; | ||||||
|  | use tokio::net::TcpSocket; | ||||||
|  | 
 | ||||||
|  | pub(super) fn bind_tcp_socket(listening_on: &SocketAddr) -> Result<TcpSocket> { | ||||||
|  |   let tcp_socket = if listening_on.is_ipv6() { | ||||||
|  |     TcpSocket::new_v6() | ||||||
|  |   } else { | ||||||
|  |     TcpSocket::new_v4() | ||||||
|  |   }?; | ||||||
|  |   tcp_socket.set_reuseaddr(true)?; | ||||||
|  |   tcp_socket.set_reuseport(true)?; | ||||||
|  |   if let Err(e) = tcp_socket.bind(*listening_on) { | ||||||
|  |     error!("Failed to bind TCP socket: {}", e); | ||||||
|  |     return Err(RpxyError::Io(e)); | ||||||
|  |   }; | ||||||
|  |   Ok(tcp_socket) | ||||||
|  | } | ||||||
|  | 
 | ||||||
|  | #[cfg(feature = "http3")] | ||||||
|  | pub(super) fn bind_udp_socket(listening_on: &SocketAddr) -> Result<UdpSocket> { | ||||||
|  |   let socket = if listening_on.is_ipv6() { | ||||||
|  |     Socket::new(Domain::IPV6, Type::DGRAM, Some(Protocol::UDP)) | ||||||
|  |   } else { | ||||||
|  |     Socket::new(Domain::IPV4, Type::DGRAM, Some(Protocol::UDP)) | ||||||
|  |   }?; | ||||||
|  |   socket.set_reuse_address(true)?; | ||||||
|  |   socket.set_reuse_port(true)?; | ||||||
|  | 
 | ||||||
|  |   if let Err(e) = socket.bind(&(*listening_on).into()) { | ||||||
|  |     error!("Failed to bind UDP socket: {}", e); | ||||||
|  |     return Err(RpxyError::Io(e)); | ||||||
|  |   }; | ||||||
|  |   let udp_socket: UdpSocket = socket.into(); | ||||||
|  | 
 | ||||||
|  |   Ok(udp_socket) | ||||||
|  | } | ||||||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue
	
	 Jun Kurihara
				Jun Kurihara