diff options
| author | Igor Wiedler <iwiedler@gitlab.com> | 2020-05-04 15:30:39 +0300 |
|---|---|---|
| committer | Igor Wiedler <iwiedler@gitlab.com> | 2020-11-18 12:48:36 +0300 |
| commit | 481a5bf0c8fbac9c18889341757ee9806d4ebd63 (patch) | |
| tree | 12e653b8d164ea1a126eaaf189c9609e667b846a /app.go | |
| parent | 12fa24ee96cb9d971a75df2cacfcbb1e014125e9 (diff) | |
Support for HTTPS over PROXYv2 protocol
Diffstat (limited to 'app.go')
| -rw-r--r-- | app.go | 28 |
1 files changed, 25 insertions, 3 deletions
@@ -369,6 +369,11 @@ func (a *theApp) Run() { a.listenProxyFD(&wg, fd, proxyHandler, limiter) } + // Listen for HTTPS PROXYv2 requests + for _, fd := range a.ListenHTTPSProxyv2 { + a.ListenHTTPSProxyv2FD(&wg, fd, proxyHandler, limiter) + } + // Serve metrics for Prometheus if a.ListenMetrics != 0 { a.listenMetricsFD(&wg, a.ListenMetrics) @@ -383,7 +388,7 @@ func (a *theApp) listenHTTPFD(wg *sync.WaitGroup, fd uintptr, httpHandler http.H wg.Add(1) go func() { defer wg.Done() - err := listenAndServe(fd, httpHandler, a.HTTP2, nil, limiter) + err := listenAndServe(fd, httpHandler, a.HTTP2, nil, limiter, false) if err != nil { capturingFatal(err, errortracking.WithField("listener", request.SchemeHTTP)) } @@ -399,7 +404,7 @@ func (a *theApp) listenHTTPSFD(wg *sync.WaitGroup, fd uintptr, httpHandler http. capturingFatal(err, errortracking.WithField("listener", request.SchemeHTTPS)) } - err = listenAndServe(fd, httpHandler, a.HTTP2, tlsConfig, limiter) + err = listenAndServe(fd, httpHandler, a.HTTP2, tlsConfig, limiter, false) if err != nil { capturingFatal(err, errortracking.WithField("listener", request.SchemeHTTPS)) } @@ -412,7 +417,7 @@ func (a *theApp) listenProxyFD(wg *sync.WaitGroup, fd uintptr, proxyHandler http wg.Add(1) go func(fd uintptr) { defer wg.Done() - err := listenAndServe(fd, proxyHandler, a.HTTP2, nil, limiter) + err := listenAndServe(fd, proxyHandler, a.HTTP2, nil, limiter, false) if err != nil { capturingFatal(err, errortracking.WithField("listener", "http proxy")) } @@ -420,6 +425,23 @@ func (a *theApp) listenProxyFD(wg *sync.WaitGroup, fd uintptr, proxyHandler http }() } +// https://www.haproxy.org/download/1.8/doc/proxy-protocol.txt +func (a *theApp) ListenHTTPSProxyv2FD(wg *sync.WaitGroup, fd uintptr, httpHandler http.Handler, limiter *netutil.Limiter) { + wg.Add(1) + go func() { + defer wg.Done() + tlsConfig, err := a.TLSConfig() + if err != nil { + capturingFatal(err, errortracking.WithField("listener", request.SchemeHTTPS)) + } + + err = listenAndServe(fd, httpHandler, a.HTTP2, tlsConfig, limiter, true) + if err != nil { + capturingFatal(err, errortracking.WithField("listener", request.SchemeHTTPS)) + } + }() +} + func (a *theApp) listenMetricsFD(wg *sync.WaitGroup, fd uintptr) { wg.Add(1) go func() { |