nxshock/gonx
1
0
Fork 0
mirror of https://github.com/nxshock/gonx.git synced 2025-07-05 00:23:10 +05:00
Code Issues Projects Releases Packages Wiki Activity Actions

Compare commits

base: nxshock:main
Branches Tags
nxshock:main
nxshock:v0.0.5
nxshock:v0.0.4
nxshock:v0.0.3
nxshock:v0.0.2
nxshock:v0.0.1
..
compare: nxshock:v0.0.3
Branches Tags
nxshock:main
nxshock:v0.0.5
nxshock:v0.0.4
nxshock:v0.0.3
nxshock:v0.0.2
nxshock:v0.0.1

No commits in common. "main" and "v0.0.3" have entirely different histories.
main ... v0.0.3

6 changed files with 22 additions and 30 deletions
Download patch file Download diff file Expand all files Collapse all files

12
PKGBUILD
View file

@ -1,5 +1,5 @@
pkgname=gonx pkgname=gonx
pkgver=0.0.5 pkgver=0.0.3
pkgrel=1 pkgrel=1
pkgdesc='Simple reverse proxy server' pkgdesc='Simple reverse proxy server'
arch=('x86_64' 'aarch64') arch=('x86_64' 'aarch64')
@ -11,13 +11,13 @@ sha256sums=('SKIP')
backup=("etc/$pkgname.conf") backup=("etc/$pkgname.conf")
build() { build() {
cd $pkgname cd "$pkgname"
go build -o $pkgname -ldflags "-linkmode=external -s -w" -buildmode=pie -trimpath -mod=readonly -modcacherw go build -o "$pkgname" -ldflags "-linkmode=external -s -w" -buildmode=pie -trimpath -mod=readonly -modcacherw
} }
package() { package() {
cd "$pkgname" cd "$pkgname"
install -Dm755 $pkgname $pkgdir/usr/bin/$pkgname install -Dm755 "$pkgname" "$pkgdir"/usr/bin/$pkgname
install -Dm644 $pkgname.conf $pkgdir/etc/$pkgname.conf install -Dm644 "$pkgname.conf" "$pkgdir/etc/$pkgname.conf"
install -Dm755 $pkgname.service $pkgdir/usr/lib/systemd/system/$pkgname.service install -Dm755 $pkgname.service "$pkgdir"/usr/lib/systemd/system/$pkgname.service
} }

1
README.md
View file

@ -27,6 +27,5 @@ AcmeChallengePath = "/var/lib/letsencrypt" # Path for ACME challenge files
# Map of hostname -> redirect URL # Map of hostname -> redirect URL
[TLS] [TLS]
"git.host.com" = "tcp://127.0.0.1:8001" # TCP redirect "git.host.com" = "tcp://127.0.0.1:8001" # TCP redirect
"unix.host.com" = "unix:///var/lib/app/app.socket" # serve unix socket
"www.host.com" = "file:///srv/http" # simple static file server from `/srv/http` "www.host.com" = "file:///srv/http" # simple static file server from `/srv/http`
``` ```

1
gonx.conf
View file

@ -7,4 +7,3 @@ AcmeChallengePath = "/var/lib/letsencrypt" # Path for ACME challenge files
[TLS] [TLS]
# "www.example.com" = "file:/srv/http" # "www.example.com" = "file:/srv/http"
# "git.example.com" = "tcp://127.0.0.1:8001" # "git.example.com" = "tcp://127.0.0.1:8001"
# "unix.example.com" = "unix:///var/lib/app/app.socket"

2
gonx.service
View file

@ -40,7 +40,7 @@ UMask=0027
ProtectProc=noaccess ProtectProc=noaccess
ProcSubset=pid ProcSubset=pid
SystemCallFilter=~@clock @swap @reboot @raw-io @privileged @obsolete @mount @module @debug @cpu-emulation SystemCallFilter=~@clock @swap @reboot @raw-io @privileged @obsolete @mount @module @debug @cpu-emulation
RestrictAddressFamilies=~AF_PACKET AF_NETLINK RestrictAddressFamilies=~AF_UNIX AF_PACKET AF_NETLINK
UMask=0066 UMask=0066
[Install] [Install]

6
main.go
View file

@ -38,21 +38,17 @@ func main() {
os.Exit(1) os.Exit(1)
} }
if len(config.TLS) > 0 {
err = app.restartTlsListener() err = app.restartTlsListener()
if err != nil { if err != nil {
slog.Error("Failed to start TLS listener", slog.String("err", err.Error())) slog.Error("Failed to start TLS listener", slog.String("err", err.Error()))
os.Exit(1) os.Exit(1)
} }
} else {
slog.Warn("TLS listener does not started because TLS redirection rules is empty")
}
go func() { go func() {
slog.Debug("Starting HTTP listener", slog.String("addr", config.HttpListenAddr)) slog.Debug("Starting HTTP listener", slog.String("addr", config.HttpListenAddr))
smux := http.NewServeMux() smux := http.NewServeMux()
smux.Handle(defaultAcmeChallengePath, http.FileServer(http.Dir(config.AcmeChallengePath))) smux.Handle(defaultAcmeChallengePath, http.StripPrefix(defaultAcmeChallengePath, http.FileServer(http.Dir(config.AcmeChallengePath))))
smux.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) { smux.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
http.Redirect(w, r, "https://"+r.Host+r.RequestURI, http.StatusMovedPermanently) http.Redirect(w, r, "https://"+r.Host+r.RequestURI, http.StatusMovedPermanently)
}) })

18
mapping.go
View file

@ -30,8 +30,8 @@ func (h HostMapping) Add(host, outputUrlStr string) error {
switch outputUrl.Scheme { switch outputUrl.Scheme {
case "file": case "file":
server := http.Server{Handler: http.FileServer(http.Dir(outputUrl.Path))} server := http.Server{Handler: http.FileServer(http.Dir(outputUrl.Path))}
go server.Serve(pd.listener) go func() { _ = server.Serve(pd.listener) }()
case "tcp", "unix": case "tcp":
go func(pd ProxyDirection) { go func(pd ProxyDirection) {
for { for {
conn, err := pd.listener.Accept() conn, err := pd.listener.Accept()
@ -39,7 +39,7 @@ func (h HostMapping) Add(host, outputUrlStr string) error {
slog.Debug(err.Error()) slog.Debug(err.Error())
continue continue
} }
go handleListener(conn.(*tls.Conn), pd.Output) go func() { _ = handleProxy(conn.(*tls.Conn), pd.Output) }()
} }
}(pd) }(pd)
default: default:
@ -68,14 +68,10 @@ func handleTlsConn(conn *tls.Conn, hosts HostMapping) error {
return nil return nil
} }
func handleListener(conn *tls.Conn, outputUrl *url.URL) { func handleProxy(conn *tls.Conn, outputUrl *url.URL) error {
slog.Debug(fmt.Sprintf("%s -> %s", conn.RemoteAddr(), outputUrl.Host+outputUrl.Path)) c, err := net.Dial(outputUrl.Scheme, outputUrl.Host)
c, err := net.Dial(outputUrl.Scheme, outputUrl.Host+outputUrl.Path)
if err != nil { if err != nil {
fmt.Fprintf(conn, "HTTP/1.1 500 Internal Server Error\r\nConnection: Close\r\nContent-Type: text/plain\r\n\r\n%s", err) return fmt.Errorf("dial: %v", err)
conn.Close()
return
} }
defer c.Close() defer c.Close()
@ -95,4 +91,6 @@ func handleListener(conn *tls.Conn, outputUrl *url.URL) {
}() }()
wg.Wait() wg.Wait()
return nil
} }