Support serving the output of local commands
This commit is contained in:
parent
29c059c43f
commit
ae6e0b6b7b
7 changed files with 164 additions and 57 deletions
|
@ -11,10 +11,15 @@ When accessing a directory `index.gemini` or `index.gmi` is served.
|
|||
# config.yaml
|
||||
|
||||
```yaml
|
||||
# Hostname and port to listen for connections on
|
||||
hostname: gemini.rocks
|
||||
port: 1965
|
||||
|
||||
# Path to certificate and private key
|
||||
cert: /home/twins/data/certfile.crt
|
||||
key: /home/twins/data/keyfile.key
|
||||
|
||||
|
||||
# Server paths
|
||||
serve:
|
||||
-
|
||||
|
@ -25,7 +30,10 @@ serve:
|
|||
root: /home/twins/data/help
|
||||
-
|
||||
path: ^/proxy-example$
|
||||
proxy: gemini://gemini.rocks
|
||||
proxy: gemini://localhost:1966
|
||||
-
|
||||
path: ^/cmd-example$
|
||||
command: uname -a
|
||||
-
|
||||
path: /
|
||||
root: /home/twins/data/home
|
||||
|
|
|
@ -7,7 +7,8 @@
|
|||
## Features
|
||||
|
||||
- Serve static files
|
||||
- Reverse proxy support
|
||||
- Serve output of system commands
|
||||
- Reverse proxy requests
|
||||
|
||||
## Download
|
||||
|
||||
|
|
38
config.go
38
config.go
|
@ -7,26 +7,35 @@ import (
|
|||
"os"
|
||||
"regexp"
|
||||
|
||||
"github.com/kballard/go-shellquote"
|
||||
"gopkg.in/yaml.v3"
|
||||
)
|
||||
|
||||
type serveConfig struct {
|
||||
// Path to match
|
||||
Path string
|
||||
|
||||
Root string
|
||||
Proxy string
|
||||
// Resource to serve
|
||||
Root string
|
||||
Proxy string
|
||||
Command string
|
||||
|
||||
r *regexp.Regexp
|
||||
r *regexp.Regexp
|
||||
cmd []string
|
||||
}
|
||||
|
||||
type serverConfig struct {
|
||||
Cert string
|
||||
Key string
|
||||
Address string
|
||||
Serve []*serveConfig
|
||||
Cert string
|
||||
Key string
|
||||
Hostname string
|
||||
Port int
|
||||
Serve []*serveConfig
|
||||
}
|
||||
|
||||
var config = &serverConfig{}
|
||||
var config = &serverConfig{
|
||||
Hostname: "localhost",
|
||||
Port: 1965,
|
||||
}
|
||||
|
||||
func readconfig(configPath string) error {
|
||||
if configPath == "" {
|
||||
|
@ -50,8 +59,10 @@ func readconfig(configPath string) error {
|
|||
for _, serve := range config.Serve {
|
||||
if serve.Path == "" {
|
||||
log.Fatal("path must be specified in serve entry")
|
||||
} else if serve.Root != "" && serve.Proxy != "" {
|
||||
log.Fatal("only one root or reverse proxy may defined for a serve entry")
|
||||
} else if (serve.Root != "" && (serve.Proxy != "" || serve.Command != "")) ||
|
||||
(serve.Proxy != "" && (serve.Root != "" || serve.Command != "")) ||
|
||||
(serve.Command != "" && (serve.Root != "" || serve.Proxy != "")) {
|
||||
log.Fatal("only one root, reverse proxy or command may specified in a serve entry")
|
||||
}
|
||||
|
||||
if serve.Path[0] == '^' {
|
||||
|
@ -59,6 +70,13 @@ func readconfig(configPath string) error {
|
|||
} else if serve.Path[len(serve.Path)-1] == '/' {
|
||||
serve.Path = serve.Path[:len(serve.Path)-1]
|
||||
}
|
||||
|
||||
if serve.Command != "" {
|
||||
serve.cmd, err = shellquote.Split(serve.Command)
|
||||
if err != nil {
|
||||
log.Fatalf("failed to parse command %s: %s", serve.cmd, err)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return nil
|
||||
|
|
1
go.mod
1
go.mod
|
@ -4,6 +4,7 @@ go 1.15
|
|||
|
||||
require (
|
||||
github.com/h2non/filetype v1.1.0
|
||||
github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51
|
||||
github.com/makeworld-the-better-one/go-gemini v0.9.0
|
||||
gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776
|
||||
)
|
||||
|
|
2
go.sum
2
go.sum
|
@ -2,6 +2,8 @@ github.com/google/go-cmp v0.3.1 h1:Xye71clBPdm5HgqGwUkwhbynsUJZhDbS20FvLhQ2izg=
|
|||
github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
|
||||
github.com/h2non/filetype v1.1.0 h1:Or/gjocJrJRNK/Cri/TDEKFjAR+cfG6eK65NGYB6gBA=
|
||||
github.com/h2non/filetype v1.1.0/go.mod h1:319b3zT68BvV+WRj7cwy856M2ehB3HqNOt6sy1HndBY=
|
||||
github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 h1:Z9n2FFNUXsshfwJMBgNA0RU6/i7WVaAegv3PtuIHPMs=
|
||||
github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51/go.mod h1:CzGEWj7cYgsdH8dAjBGEr58BoE7ScuLd+fwFZ44+/x8=
|
||||
github.com/makeworld-the-better-one/go-gemini v0.9.0 h1:Iz4ywRDrfsyoR8xZOkSKGXXftMR2spIV6ibVuhrKvSw=
|
||||
github.com/makeworld-the-better-one/go-gemini v0.9.0/go.mod h1:P7/FbZ+IEIbA/d+A0Y3w2GNgD8SA2AcNv7aDGJbaWG4=
|
||||
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
|
||||
|
|
8
main.go
8
main.go
|
@ -30,13 +30,15 @@ func main() {
|
|||
log.Fatalf("failed to read configuration file at %s: %v\nSee CONFIGURATION.md for information on configuring twins", *configFile, err)
|
||||
}
|
||||
|
||||
if config.Address == "" {
|
||||
log.Fatal("listen address must be specified")
|
||||
if config.Hostname == "" || config.Port <= 0 {
|
||||
log.Fatal("hostname and port must be specified")
|
||||
}
|
||||
|
||||
if config.Cert == "" || config.Key == "" {
|
||||
log.Fatal("certificate file and private key must be specified (gemini requires TLS for all connections)")
|
||||
}
|
||||
|
||||
listen(config.Address, config.Cert, config.Key)
|
||||
log.Printf("twins running on port %d", config.Port)
|
||||
|
||||
listen(config.Hostname, config.Port, config.Cert, config.Key)
|
||||
}
|
||||
|
|
159
server.go
159
server.go
|
@ -10,9 +10,12 @@ import (
|
|||
"net"
|
||||
"net/url"
|
||||
"os"
|
||||
"os/exec"
|
||||
"path"
|
||||
"strconv"
|
||||
"strings"
|
||||
"time"
|
||||
"unicode/utf8"
|
||||
|
||||
"github.com/h2non/filetype"
|
||||
"github.com/makeworld-the-better-one/go-gemini"
|
||||
|
@ -39,39 +42,12 @@ func writeStatus(c net.Conn, code int) {
|
|||
meta = "Bad request"
|
||||
case gemini.StatusNotFound:
|
||||
meta = "Not found"
|
||||
case gemini.StatusProxyRequestRefused:
|
||||
meta = "Proxy request refused"
|
||||
}
|
||||
writeHeader(c, code, meta)
|
||||
}
|
||||
|
||||
func serveProxy(c net.Conn, proxyURL, requestData string) {
|
||||
original := proxyURL
|
||||
|
||||
tlsConfig := &tls.Config{}
|
||||
if strings.HasPrefix(proxyURL, "gemini://") {
|
||||
proxyURL = proxyURL[9:]
|
||||
} else if strings.HasPrefix(proxyURL, "gemini-insecure://") {
|
||||
proxyURL = proxyURL[18:]
|
||||
tlsConfig.InsecureSkipVerify = true
|
||||
}
|
||||
proxy, err := tls.Dial("tcp", proxyURL, tlsConfig)
|
||||
if err != nil {
|
||||
writeStatus(c, gemini.StatusProxyError)
|
||||
return
|
||||
}
|
||||
defer proxy.Close()
|
||||
|
||||
// Forward request
|
||||
proxy.Write([]byte(requestData))
|
||||
proxy.Write([]byte("\r\n"))
|
||||
|
||||
// Forward response
|
||||
io.Copy(c, proxy)
|
||||
|
||||
if verbose {
|
||||
log.Printf("< %s\n", original)
|
||||
}
|
||||
}
|
||||
|
||||
func serveFile(c net.Conn, filePath string) {
|
||||
fi, err := os.Stat(filePath)
|
||||
if os.IsNotExist(err) {
|
||||
|
@ -130,6 +106,60 @@ func serveFile(c net.Conn, filePath string) {
|
|||
io.Copy(c, file)
|
||||
}
|
||||
|
||||
func serveProxy(c net.Conn, requestData, proxyURL string) {
|
||||
original := proxyURL
|
||||
|
||||
tlsConfig := &tls.Config{}
|
||||
if strings.HasPrefix(proxyURL, "gemini://") {
|
||||
proxyURL = proxyURL[9:]
|
||||
} else if strings.HasPrefix(proxyURL, "gemini-insecure://") {
|
||||
proxyURL = proxyURL[18:]
|
||||
tlsConfig.InsecureSkipVerify = true
|
||||
}
|
||||
proxy, err := tls.Dial("tcp", proxyURL, tlsConfig)
|
||||
if err != nil {
|
||||
writeStatus(c, gemini.StatusProxyError)
|
||||
return
|
||||
}
|
||||
defer proxy.Close()
|
||||
|
||||
// Forward request
|
||||
proxy.Write([]byte(requestData))
|
||||
proxy.Write([]byte("\r\n"))
|
||||
|
||||
// Forward response
|
||||
io.Copy(c, proxy)
|
||||
|
||||
if verbose {
|
||||
log.Printf("< %s\n", original)
|
||||
}
|
||||
}
|
||||
|
||||
func serveCommand(c net.Conn, command []string) {
|
||||
var args []string
|
||||
if len(command) > 0 {
|
||||
args = command[1:]
|
||||
}
|
||||
cmd := exec.Command(command[0], args...)
|
||||
|
||||
var buf bytes.Buffer
|
||||
cmd.Stdout = &buf
|
||||
cmd.Stderr = &buf
|
||||
|
||||
err := cmd.Run()
|
||||
if err != nil {
|
||||
writeStatus(c, gemini.StatusProxyError)
|
||||
return
|
||||
}
|
||||
|
||||
writeHeader(c, gemini.StatusSuccess, "text/gemini; charset=utf-8")
|
||||
c.Write(buf.Bytes())
|
||||
|
||||
if verbose {
|
||||
log.Printf("< %s\n", command)
|
||||
}
|
||||
}
|
||||
|
||||
func scanCRLF(data []byte, atEOF bool) (advance int, token []byte, err error) {
|
||||
if atEOF && len(data) == 0 {
|
||||
return 0, nil, nil
|
||||
|
@ -147,8 +177,20 @@ func scanCRLF(data []byte, atEOF bool) (advance int, token []byte, err error) {
|
|||
}
|
||||
|
||||
func handleConn(c net.Conn) {
|
||||
defer c.Close()
|
||||
if verbose {
|
||||
t := time.Now()
|
||||
defer func() {
|
||||
d := time.Since(t)
|
||||
if d > time.Second {
|
||||
d = d.Round(time.Second)
|
||||
} else {
|
||||
d = d.Round(time.Millisecond)
|
||||
}
|
||||
log.Printf("took %s", d)
|
||||
}()
|
||||
}
|
||||
|
||||
defer c.Close()
|
||||
c.SetReadDeadline(time.Now().Add(readTimeout))
|
||||
|
||||
var requestData string
|
||||
|
@ -162,30 +204,63 @@ func handleConn(c net.Conn) {
|
|||
return
|
||||
}
|
||||
|
||||
request, err := url.Parse(requestData)
|
||||
if err != nil || request.Scheme != "gemini" || request.Host == "" {
|
||||
if verbose {
|
||||
log.Printf("> %s\n", requestData)
|
||||
}
|
||||
|
||||
if len(requestData) > 1024 || !utf8.ValidString(requestData) {
|
||||
writeStatus(c, gemini.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
if request.Path == "" {
|
||||
request.Path = "/"
|
||||
|
||||
request, err := url.Parse(requestData)
|
||||
if err != nil || request.Hostname() == "" || strings.ContainsRune(request.Hostname(), ' ') {
|
||||
writeStatus(c, gemini.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
var requestPort int
|
||||
if request.Port() != "" {
|
||||
requestPort, err = strconv.Atoi(request.Port())
|
||||
if err != nil {
|
||||
requestPort = 0
|
||||
}
|
||||
}
|
||||
|
||||
if request.Scheme == "" {
|
||||
request.Scheme = "gemini"
|
||||
}
|
||||
if request.Scheme != "gemini" || request.Hostname() != config.Hostname || (requestPort > 0 && requestPort != config.Port) {
|
||||
writeStatus(c, gemini.StatusProxyRequestRefused)
|
||||
}
|
||||
|
||||
if request.Path == "" {
|
||||
// Redirect to /
|
||||
writeHeader(c, gemini.StatusRedirectPermanent, requestData+"/")
|
||||
return
|
||||
}
|
||||
|
||||
pathBytes := []byte(request.Path)
|
||||
strippedPath := request.Path
|
||||
if strippedPath[0] == '/' {
|
||||
strippedPath = strippedPath[1:]
|
||||
}
|
||||
if verbose {
|
||||
log.Printf("> %s\n", request)
|
||||
}
|
||||
|
||||
for _, serve := range config.Serve {
|
||||
if serve.Proxy != "" {
|
||||
if serve.r != nil && serve.r.Match(pathBytes) {
|
||||
serveProxy(c, serve.Proxy, requestData)
|
||||
serveProxy(c, requestData, serve.Proxy)
|
||||
return
|
||||
} else if serve.r == nil && strings.HasPrefix(request.Path, serve.Path) {
|
||||
serveProxy(c, serve.Proxy, requestData)
|
||||
serveProxy(c, requestData, serve.Proxy)
|
||||
return
|
||||
}
|
||||
} else if serve.cmd != nil {
|
||||
if serve.r != nil && serve.r.Match(pathBytes) {
|
||||
serveCommand(c, serve.cmd)
|
||||
return
|
||||
} else if serve.r == nil && strings.HasPrefix(request.Path, serve.Path) {
|
||||
serveCommand(c, serve.cmd)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
@ -213,7 +288,7 @@ func handleListener(l net.Listener) {
|
|||
}
|
||||
}
|
||||
|
||||
func listen(address, certFile, keyFile string) {
|
||||
func listen(hostname string, port int, certFile, keyFile string) {
|
||||
cert, err := tls.LoadX509KeyPair(certFile, keyFile)
|
||||
if err != nil {
|
||||
log.Fatalf("failed to load certificate: %s", err)
|
||||
|
@ -223,9 +298,9 @@ func listen(address, certFile, keyFile string) {
|
|||
Certificates: []tls.Certificate{cert},
|
||||
}
|
||||
|
||||
listener, err := tls.Listen("tcp", address, tlsConfig)
|
||||
listener, err := tls.Listen("tcp", fmt.Sprintf("%s:%d", hostname, port), tlsConfig)
|
||||
if err != nil {
|
||||
log.Fatalf("failed to listen on %s: %s", address, err)
|
||||
log.Fatalf("failed to listen on %s:%d: %s", hostname, port, err)
|
||||
}
|
||||
|
||||
handleListener(listener)
|
||||
|
|
Loading…
Reference in a new issue