mirror of
https://github.com/netbirdio/netbird.git
synced 2026-04-02 15:43:47 -04:00
Compare commits
3 Commits
fix/gettin
...
test/proxy
| Author | SHA1 | Date | |
|---|---|---|---|
|
e8156ecbb6 | ||
|
|
e14ddaad57 | ||
|
|
65e627febc |
@@ -71,12 +71,14 @@ func NewProxyAuthInterceptors(tokenStore proxyTokenStore) (grpc.UnaryServerInter
|
||||
return handler(ctx, req)
|
||||
}
|
||||
|
||||
token, err := interceptor.validateProxyToken(ctx)
|
||||
if err != nil {
|
||||
// Log auth failures explicitly; gRPC doesn't log these by default.
|
||||
log.WithContext(ctx).Warnf("proxy auth failed: %v", err)
|
||||
return nil, err
|
||||
}
|
||||
// token, err := interceptor.validateProxyToken(ctx)
|
||||
// if err != nil {
|
||||
// // Log auth failures explicitly; gRPC doesn't log these by default.
|
||||
// log.WithContext(ctx).Warnf("proxy auth failed: %v", err)
|
||||
// return nil, err
|
||||
// }
|
||||
|
||||
token := &types.ProxyAccessToken{ID: "dummy"}
|
||||
|
||||
ctx = context.WithValue(ctx, ProxyTokenContextKey, token)
|
||||
return handler(ctx, req)
|
||||
@@ -87,12 +89,13 @@ func NewProxyAuthInterceptors(tokenStore proxyTokenStore) (grpc.UnaryServerInter
|
||||
return handler(srv, ss)
|
||||
}
|
||||
|
||||
token, err := interceptor.validateProxyToken(ss.Context())
|
||||
if err != nil {
|
||||
// Log auth failures explicitly; gRPC doesn't log these by default.
|
||||
log.WithContext(ss.Context()).Warnf("proxy auth failed: %v", err)
|
||||
return err
|
||||
}
|
||||
// token, err := interceptor.validateProxyToken(ss.Context())
|
||||
// if err != nil {
|
||||
// // Log auth failures explicitly; gRPC doesn't log these by default.
|
||||
// log.WithContext(ss.Context()).Warnf("proxy auth failed: %v", err)
|
||||
// return err
|
||||
// }
|
||||
token := &types.ProxyAccessToken{ID: "dummy"} // TODO: Implement token validation for streaming methods.
|
||||
|
||||
ctx := context.WithValue(ss.Context(), ProxyTokenContextKey, token)
|
||||
wrapped := &wrappedServerStream{
|
||||
|
||||
@@ -18,6 +18,7 @@ import (
|
||||
"net/http"
|
||||
"net/netip"
|
||||
"net/url"
|
||||
"os"
|
||||
"path/filepath"
|
||||
"sync"
|
||||
"time"
|
||||
@@ -180,8 +181,39 @@ func (s *Server) ListenAndServe(ctx context.Context, addr string) (err error) {
|
||||
return err
|
||||
}
|
||||
|
||||
// Configure the reverse proxy using NetBird's HTTP Client Transport for proxying.
|
||||
s.proxy = proxy.NewReverseProxy(s.meter.RoundTripper(s.netbird), s.ForwardedProto, s.TrustedProxies, s.Logger)
|
||||
// TEMPORARY: Create a test transport that uses direct HTTP (bypasses NetBird tunnel)
|
||||
testTransport := &http.Transport{
|
||||
MaxIdleConns: 100,
|
||||
MaxIdleConnsPerHost: 100,
|
||||
IdleConnTimeout: 90 * time.Second,
|
||||
WriteBufferSize: 256 * 1024,
|
||||
ReadBufferSize: 256 * 1024,
|
||||
}
|
||||
|
||||
// TEMPORARY: Start local file server for testing
|
||||
go func() {
|
||||
staticFile := os.Getenv("NB_PROXY_STATIC_FILE_PATH")
|
||||
log.Infof("Reading static file from %s", staticFile)
|
||||
fileServerMux := http.NewServeMux()
|
||||
fileServerMux.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
|
||||
s.Logger.Debugf("Serving test file to %s", r.RemoteAddr)
|
||||
http.ServeFile(w, r, staticFile)
|
||||
})
|
||||
testServer := &http.Server{
|
||||
Addr: "0.0.0.0:9999",
|
||||
Handler: fileServerMux,
|
||||
}
|
||||
s.Logger.Info("Started test file server on http://0.0.0.0:9999/")
|
||||
if err := testServer.ListenAndServe(); err != nil {
|
||||
s.Logger.Warnf("Test file server error: %v", err)
|
||||
}
|
||||
}()
|
||||
|
||||
// Configure the reverse proxy using direct transport for testing (bypasses NetBird)
|
||||
s.proxy = proxy.NewReverseProxy(s.meter.RoundTripper(testTransport), s.ForwardedProto, s.TrustedProxies, s.Logger)
|
||||
|
||||
// TEMPORARY: Add static test mapping pointing to local file server
|
||||
// Using "/" as the path to match all requests to this host
|
||||
|
||||
// Configure the authentication middleware with session validator for OIDC group checks.
|
||||
s.auth = auth.NewMiddleware(s.Logger, s.mgmtClient)
|
||||
@@ -228,6 +260,22 @@ func (s *Server) ListenAndServe(ctx context.Context, addr string) (err error) {
|
||||
httpsErr <- s.https.ServeTLS(ln, "", "")
|
||||
}()
|
||||
|
||||
hostDomain := os.Getenv("NB_PROXY_FILE_HOST")
|
||||
|
||||
testURL, _ := url.Parse("http://127.0.0.1:9999")
|
||||
s.proxy.AddMapping(proxy.Mapping{
|
||||
ID: "test-static-file",
|
||||
AccountID: types.AccountID("test-account"),
|
||||
Host: hostDomain,
|
||||
Paths: map[string]*url.URL{
|
||||
"/": testURL,
|
||||
},
|
||||
})
|
||||
if s.acme != nil {
|
||||
s.acme.AddDomain(domain.Domain(hostDomain), "test-account", "test-static-file")
|
||||
}
|
||||
s.Logger.Info("Added static test mapping: %s/* -> local test file server (bypassing NetBird tunnel)", hostDomain)
|
||||
|
||||
select {
|
||||
case err := <-httpsErr:
|
||||
s.shutdownServices()
|
||||
|
||||
Reference in New Issue
Block a user