Merge pull request #154 from rekby/devel

Initial docker router support

.travis.yml

@@ -1,3 +1,4 @@
+dist: focal
 addons:
   apt:
     packages:

cmd/config.go

@@ -10,6 +10,8 @@ import (
 	"runtime"
 	"strings"
 
+	"github.com/rekby/lets-proxy2/internal/docker"
+
 	"github.com/rekby/lets-proxy2/internal/config"
 
 	"github.com/gobuffalo/packr"
@@ -28,7 +30,26 @@ import (
 	"go.uber.org/zap"
 )
 
-type ConfigGeneral struct {
+//go:generate packr
+type configType struct {
+	General      configGeneral
+	Log          logConfig
+	Proxy        proxy.Config
+	CheckDomains domain_checker.Config
+	Listen       tlslistener.Config
+
+	DockerRouter configDocker
+
+	Profiler profiler.Config
+	Metrics  config.Config
+}
+
+type configDocker struct {
+	Enable bool
+	docker.Config
+}
+
+type configGeneral struct {
 	IssueTimeout       int
 	StorageDir         string
 	Subdomains         []string
@@ -40,17 +61,6 @@ type ConfigGeneral struct {
 	AllowECDSACert     bool
 }
 
-//go:generate packr
-type configType struct {
-	General      ConfigGeneral
-	Log          logConfig
-	Proxy        proxy.Config
-	CheckDomains domain_checker.Config
-	Listen       tlslistener.Config
-	Profiler     profiler.Config
-	Metrics      config.Config
-}
-
 //nolint:maligned
 type logConfig struct {
 	EnableLogToFile   bool
@@ -81,6 +91,13 @@ func getConfig(ctx context.Context) *configType {
 		applyFlags(ctx, _config)
 		logger.Info("Parse configs finished", zap.Int("readed_files", parsedConfigFiles),
 			zap.Int("max_read_files", _config.General.MaxConfigFilesRead))
+
+		if *debugLog {
+			_config.Log.LogLevel = "debug"
+		}
+		if *enableDockerRouter {
+			_config.DockerRouter.Enable = true
+		}
 	}
 	return _config
 }

cmd/flags.go

@@ -3,8 +3,10 @@ package main
 import "flag"
 
 var (
-	configFileP     = flag.String("config", "config.tom[l]", "Path to config file. Internally expand glob syntax.")
-	defaultConfigP  = flag.Bool("print-default-config", false, "Write default config to stdout and exit.")
-	versionP        = flag.Bool("version", false, "print version and exit")
-	testAcmeServerP = flag.Bool("test-acme-server", false, "Use test acme server, instead address from config")
+	configFileP        = flag.String("config", "config.tom[l]", "Path to config file. Internally expand glob syntax.")
+	debugLog           = flag.Bool("debug", false, "Enable debug logging")
+	enableDockerRouter = flag.Bool("enable-docker-router", false, "")
+	defaultConfigP     = flag.Bool("print-default-config", false, "Write default config to stdout and exit.")
+	versionP           = flag.Bool("version", false, "print version and exit")
+	testAcmeServerP    = flag.Bool("test-acme-server", false, "Use test acme server, instead address from config")
 )

cmd/main.go

@@ -12,6 +12,8 @@ import (
 	"strings"
 	"time"
 
+	"github.com/rekby/lets-proxy2/internal/docker"
+
 	"golang.org/x/xerrors"
 
 	"github.com/rekby/lets-proxy2/internal/config"
@@ -137,7 +139,13 @@ func startProgram(config *configType) {
 		certManager.AutoSubdomains = append(certManager.AutoSubdomains, subdomain)
 	}
 
-	certManager.DomainChecker, err = config.CheckDomains.CreateDomainChecker(ctx)
+	var dockerClient docker.Interface
+	if config.DockerRouter.Enable {
+		dockerClient, err = docker.New(config.DockerRouter.Config)
+		log.InfoFatal(logger, err, "Enable docker router")
+	}
+
+	certManager.DomainChecker, err = config.CheckDomains.CreateDomainChecker(ctx, dockerClient)
 	log.DebugFatal(logger, err, "Config domain checkers.")
 
 	err = startMetrics(ctx, registry, config.Metrics, certManager.GetCertificate)
@@ -159,7 +167,8 @@ func startProgram(config *configType) {
 		localAddr := req.Context().Value(http.LocalAddrContextKey).(net.Addr)
 		return tlsListener.GetConnectionContext(req.RemoteAddr, localAddr.String())
 	}
-	err = config.Proxy.Apply(ctx, p)
+
+	err = config.Proxy.Apply(ctx, p, dockerClient)
 	log.InfoFatal(logger, err, "Apply proxy config")
 
 	go func() {

cmd/static/default-config.toml

@@ -128,11 +128,11 @@ IPSelfExternalDetectorURL="http://ifconfig.io/ip"
 IPWhiteList = ""
 
 # Regexp in golang syntax of blacklisted domain for issue certificate.
-#This list overrided by whitelist.
+# This list overrided by whitelist.
 BlackList = ""
 
 # Regexp in golang syntax of whitelist domains for issue certificate.
-#Whitelist need for allow part of domains, which excluded by blacklist.
+# Whitelist need for allow part of domains, which excluded by blacklist.
 #
 WhiteList = ""
 
@@ -155,6 +155,14 @@ TLSAddresses = [":443"]
 # Bind addresses without TLS secure (for HTTP reverse proxy and http-01 validation without redirect to https)
 TCPAddresses = []
 
+[DockerRouter]
+# Default docker
+Enable = false
+
+# Port of target docker container
+DefaultHttpPort = 80
+
+LabelDomain = "lets-proxy.domain"
 
 [Metrics]
 # Enable metrics in prometheous formath by http.

docker-compose.yml

@@ -8,21 +8,31 @@ services:
     volumes:
       - ./:/go/src/github.com/rekby/lets-proxy2
     networks:
-      - acmenet
+      acmenet:
+        ipv4_address: 10.40.50.10
   fake-dns:
     image: letsencrypt/pebble-challtestsrv:${PEBBLE_VERSION:-v2.3.1}
     command: pebble-challtestsrv --dns01=:4003 --defaultIPv4=10.40.50.4 --defaultIPv6=""
     networks:
-      - acmenet
-  lets-proxy:
+      acmenet:
+        ipv4_address: 10.40.50.11
+  nginx:
+    image: nginx:1.19.8-alpine
+    labels:
+      lets-proxy.domain: "docker-test.internal"
+    networks:
+      acmenet:
+        ipv4_address: 10.40.50.12
+  test:
     image: golang:${GO_VERSION:-1.16}
     working_dir: /go/src/github.com/rekby/lets-proxy2
-    command: go test -covermode=count -coverprofile=coverage.out ./...
+    command: go test -covermode=count -coverprofile=coverage.out ${LETS_PROXY_TEST_OPTIONS:-} ./internal/cert_manager/...
     environment:
       GOCACHE: "/go/src/github.com/rekby/lets-proxy2/.cache"
       GOFLAGS: "-mod=vendor"
       GO111MODULE: "on"
     volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
       - ./:/go/src/github.com/rekby/lets-proxy2
     networks:
       acmenet:

go.mod

@@ -3,30 +3,43 @@ module github.com/rekby/lets-proxy2
 go 1.13
 
 require (
+	github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78 // indirect
 	github.com/BurntSushi/toml v0.3.1
+	github.com/Microsoft/go-winio v0.4.16 // indirect
+	github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5 // indirect
 	github.com/aws/aws-sdk-go v1.29.19
+	github.com/docker/distribution v2.7.1+incompatible // indirect
+	github.com/docker/docker v17.12.0-ce-rc1.0.20190206233949-eb137ff1765f+incompatible // need old version for compatible with go1.10
+	github.com/docker/go-connections v0.4.0 // indirect
+	github.com/docker/go-units v0.4.0 // indirect
 	github.com/gobuffalo/envy v1.9.0 // indirect
+	github.com/gobuffalo/packd v1.0.0 // indirect
 	github.com/gobuffalo/packr v1.30.1
-	github.com/gobuffalo/packr/v2 v2.8.0 // indirect
+	github.com/gogo/protobuf v1.2.1 // indirect
 	github.com/gojuno/minimock/v3 v3.0.5
+	github.com/gorilla/mux v1.8.0 // indirect
 	github.com/kardianos/minwinsvc v0.0.0-20151122163309-cad6b2b879b0
-	github.com/karrick/godirwalk v1.15.6 // indirect
 	github.com/maxatome/go-testdeep v1.1.0
 	github.com/miekg/dns v1.1.22
+	github.com/opencontainers/go-digest v1.0.0 // indirect
+	github.com/opencontainers/image-spec v1.0.1 // indirect
 	github.com/pkg/errors v0.9.1
 	github.com/prometheus/client_golang v1.4.1
 	github.com/prometheus/client_model v0.2.0
 	github.com/rekby/zapcontext v0.0.4
 	github.com/rogpeppe/go-internal v1.6.0 // indirect
 	github.com/satori/go.uuid v1.2.0
 	github.com/sirupsen/logrus v1.6.0
-	github.com/spf13/cobra v1.0.0 // indirect
-	github.com/spf13/pflag v1.0.5 // indirect
+	github.com/stretchr/testify v1.5.1 // indirect
+	go.uber.org/atomic v1.4.0 // indirect
 	go.uber.org/zap v1.11.0
 	golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9
 	golang.org/x/net v0.0.0-20200226121028-0de0cce0169b
 	golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208 // indirect
-	golang.org/x/sys v0.0.0-20200625212154-ddb9806d33ae // indirect
+	golang.org/x/sys v0.0.0-20200831180312-196b9ba8737a // indirect
+	golang.org/x/time v0.0.0-20190308202827-9d24e82272b4 // indirect
 	golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543
+	google.golang.org/grpc v1.21.0 // indirect
 	gopkg.in/natefinch/lumberjack.v2 v2.0.0
+	gotest.tools v2.2.0+incompatible // indirect
 )