-
-
Notifications
You must be signed in to change notification settings - Fork 76
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OpenVPN matcher #251
OpenVPN matcher #251
Conversation
Wow, this is impressive! Looks like this may require Go 1.22. That's OK if so, I just want to verify that is intentional. I have not the ability to test this myself, but I am happy to merge this in for others to test, when you are ready. 💯 Thank you! |
It is slices.Concat that prevents compiling with Go 1.21. It is used in one place though, so I can rewrite it. I wouldn't call it intentional, but forward-looking - I don't know a reason for sticking to old versions here given the mainline code already requires Go 1.22. By the way, what do you think of switching to Go 1.22/1.23 in caddy-l4 go.mod? I suppose we would also have to update checks then. |
Ah, right, I forgot that 1.21 is 2 versions old now. Yeah, we can upgrade the Go versions in the tests and Go.mod to accommodate the slices package. 👍 Want to do that in a new PR? Or I can do it. |
I've prepared #253. I will rebase this PR once you approve and merge that dependencies upgrade. I suggest we merge this PR only after #247 is resolved (whether with #249 that works fine for me or anything else). Otherwise the first users of this matcher won't be happy with their broken UDP-based OpenVPN tunnels. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Amazing. Thanks so much -- I've merged the PR with the patch, so I will merge this now! 🚀
@vnxme trying to figure out the different modes you made available, when i want all my openvpn traffic to be routed to 10.10.10.10 could i just use this config: |
@Juoper Does it work if you don’t set |
i serve https on the same port, could you assist me to tell me how i can implement a listener_wrapper |
@Juoper The following config will likely satisfy your needs.
|
Thanks a lot, this is working now, maybe someone could add some example like this to the docs? |
@Juoper The caddy-l4 module is very flexible, and it's barely possible to describe all the combinations of the matchers and handlers it includes. But feel free to submit a PR and/or add examples to the wiki. |
Summary
This PR introduces an advanced OpenVPN matcher capable of:
These features allow Caddy to multiplex a plethora of diversely configured OpenVPN server instances on a single port. It is a unique OpenVPN routing solution that goes beyond what is offered by SSLH, Haproxy, Nginx, Traefik and OpenVPN internal port-sharing.
Sample config
Disclaimer