From 3060188f44155638b9450187bf1fb19187ccf43c Mon Sep 17 00:00:00 2001 From: WeebDataHoarder <57538841+WeebDataHoarder@users.noreply.github.com> Date: Fri, 11 Apr 2025 05:46:05 +0200 Subject: [PATCH] Add PROXY support --- cmd/go-away/main.go | 16 +++++++++++++--- go.mod | 3 ++- go.sum | 2 ++ 3 files changed, 17 insertions(+), 4 deletions(-) diff --git a/cmd/go-away/main.go b/cmd/go-away/main.go index ada566e..fa84770 100644 --- a/cmd/go-away/main.go +++ b/cmd/go-away/main.go @@ -11,6 +11,7 @@ import ( "git.gammaspectra.live/git/go-away/lib" "git.gammaspectra.live/git/go-away/lib/policy" "git.gammaspectra.live/git/go-away/utils" + "github.com/pires/go-proxyproto" "golang.org/x/crypto/acme" "golang.org/x/crypto/acme/autocert" "golang.org/x/net/http2" @@ -30,7 +31,7 @@ import ( "time" ) -func setupListener(network, address, socketMode string) (net.Listener, string) { +func setupListener(network, address, socketMode string, proxy bool) (net.Listener, string) { formattedAddress := "" switch network { case "unix": @@ -61,6 +62,14 @@ func setupListener(network, address, socketMode string) (net.Listener, string) { } } + if proxy { + slog.Warn("listener PROXY enabled") + formattedAddress += " +PROXY" + listener = &proxyproto.Listener{ + Listener: listener, + } + } + return listener, formattedAddress } @@ -130,6 +139,7 @@ func newACMEManager(clientDirectory string, backends map[string]http.Handler) *a func main() { bind := flag.String("bind", ":8080", "network address to bind HTTP/HTTP(s) to") bindNetwork := flag.String("bind-network", "tcp", "network family to bind HTTP to, e.g. unix, tcp") + bindProxy := flag.Bool("bind-proxy", false, "use PROXY protocol in front of the listener") socketMode := flag.String("socket-mode", "0770", "socket mode (permissions) for unix domain sockets.") slogLevel := flag.String("slog-level", "WARN", "logging level (see https://pkg.go.dev/log/slog#hdr-Levels)") @@ -288,7 +298,7 @@ func main() { backend.ServeHTTP(w, r) }), acmeManager) - listener, listenUrl := setupListener(*bindNetwork, *bind, *socketMode) + listener, listenUrl := setupListener(*bindNetwork, *bind, *socketMode, *bindProxy) slog.Warn( "listening passthrough", "url", listenUrl, @@ -346,7 +356,7 @@ func main() { cancelFunc() wg.Wait() - listener, listenUrl := setupListener(*bindNetwork, *bind, *socketMode) + listener, listenUrl := setupListener(*bindNetwork, *bind, *socketMode, *bindProxy) slog.Warn( "listening", "url", listenUrl, diff --git a/go.mod b/go.mod index 700a8e8..32d8b60 100644 --- a/go.mod +++ b/go.mod @@ -11,8 +11,10 @@ require ( github.com/google/cel-go v0.24.1 github.com/itchyny/gojq v0.12.17 github.com/klauspost/compress v1.18.0 + github.com/pires/go-proxyproto v0.8.0 github.com/tetratelabs/wazero v1.9.0 github.com/yl2chen/cidranger v1.0.2 + golang.org/x/crypto v0.33.0 golang.org/x/net v0.35.0 gopkg.in/yaml.v3 v3.0.1 ) @@ -23,7 +25,6 @@ require ( github.com/itchyny/timefmt-go v0.1.6 // indirect github.com/kevinpollet/nego v0.0.0-20211010160919-a65cd48cee43 // indirect github.com/stoewer/go-strcase v1.3.0 // indirect - golang.org/x/crypto v0.33.0 // indirect golang.org/x/exp v0.0.0-20250210185358-939b2ce775ac // indirect golang.org/x/text v0.22.0 // indirect google.golang.org/genproto/googleapis/api v0.0.0-20240826202546-f6391c0de4c7 // indirect diff --git a/go.sum b/go.sum index 3604999..ea135e9 100644 --- a/go.sum +++ b/go.sum @@ -23,6 +23,8 @@ github.com/kevinpollet/nego v0.0.0-20211010160919-a65cd48cee43 h1:Pdirg1gwhEcGjM github.com/kevinpollet/nego v0.0.0-20211010160919-a65cd48cee43/go.mod h1:ahLMuLCUyDdXqtqGyuwGev7/PGtO7r7ocvdwDuEN/3E= github.com/klauspost/compress v1.18.0 h1:c/Cqfb0r+Yi+JtIEq73FWXVkRonBlf0CRNYc8Zttxdo= github.com/klauspost/compress v1.18.0/go.mod h1:2Pp+KzxcywXVXMr50+X0Q/Lsb43OQHYWRCY2AiWywWQ= +github.com/pires/go-proxyproto v0.8.0 h1:5unRmEAPbHXHuLjDg01CxJWf91cw3lKHc/0xzKpXEe0= +github.com/pires/go-proxyproto v0.8.0/go.mod h1:iknsfgnH8EkjrMeMyvfKByp9TiBZCKZM0jx2xmKqnVY= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/stoewer/go-strcase v1.3.0 h1:g0eASXYtp+yvN9fK8sH94oCIk0fau9uV1/ZdJ0AVEzs=