add virtual host support

master
dingjun 8 years ago
parent 22ae45beb5
commit 8512438638

@ -5,19 +5,23 @@ import (
"io/ioutil" "io/ioutil"
) )
type conf struct { type conf []server
Listen []listen
Docroot string
URLRules []rule
LocalDomains []string
}
type listen struct { type server struct {
Host string Host string
Port int Port int
Cert string Docroot string
Key string UrlRules []rule
EnableProxy bool EnableProxy bool
Vhost []vhost
}
type vhost struct {
Docroot string
Hostname string
Cert string
Key string
UrlRules []rule
} }
type rule struct { type rule struct {
@ -34,7 +38,7 @@ type target struct {
Path string Path string
} }
func loadConfig(fn string) (*conf, error) { func loadConfig(fn string) (conf, error) {
data, err := ioutil.ReadFile(fn) data, err := ioutil.ReadFile(fn)
if err != nil { if err != nil {
return nil, err return nil, err
@ -45,5 +49,5 @@ func loadConfig(fn string) (*conf, error) {
return nil, err return nil, err
} }
return &c, nil return c, nil
} }

@ -1,84 +1,129 @@
# vim: set ft=yaml: # vim: set ft=yaml:
#
# server config file # when provide certficate file, server will listen https and enable http2
# document root
docroot: /var/www/html # http config
-
# used for http2 to determine local path request # listen address
# or proxy request host: 0.0.0.0
localdomains:
- www.simicloud.com # listen port
- localhost port: 9001
- 127.0.0.1
# default document root
# listener docroot: /srv/www
listen:
- enableproxy: false
# listen address
host: 0.0.0.0 # default host's url rule
#urlrules:
# listen port # -
port: 80 # urlprefix: /a
# type: alias
# enable proxy or not # target:
enableproxy: false # type: dir
- # path: /home/user1/a
host: 0.0.0.0 # -
port: 443 # urlprefix: /b/a.txt
# server certificate # type: alias
cert: server.crt # target:
# server private key # type: file
key: server.key # path: /home/user1/a/b/a.txt
enableproxy: false
# virtual host config
# url rules vhost:
urlrules: - &example1_www
- hostname: www.example1.com
# alias map url to path docroot: /var/www/html/
urlprefix: /robots.txt # cert:
# key:
# available type: alias, fastcgi, uwsgi, http
type: alias # url rule for www.example.com
urlrules:
# target -
target: # url start with /APIv1/ forward to uwsg socket
# availabe target type for alias: file, dir urlprefix: /APIv1/
type: file type: uwsgi
path: /home/aaa/robots.txt target:
- type: unix
# alias map url to path path: /run/uwsgi/APIv1.sock
urlprefix: /cc -
type: alias # route php script to fastCGI socket
target: urlprefix: /phpmyadmin/.*\.php$
type: dir
path: /home/cc # set to true means urlprefix is regex expression
- isregex: true
# pass to uwsgi server
urlprefix: /media type: fastcgi
type: uwsgi target:
target: type: unix
# available target type for uwsgi: unix, tcp path: /var/run/php-fpm/www.sock
type: unix -
path: /path/to/media.sock # url start with /proxy/ forward to http://10.10.1.1
- # this act as reverse proxy
# pass all php script to fastcgi server urlprefix: /proxy/
urlprefix: \.php$|\.php/ type: http
target:
# use regex to match the url type: http
isregex: true host: 10.10.1.1
port: 8080
type: fastcgi - &example1
target: <<: *example1_www
# available target type for fastcgi: unix, tcp hostname: example1.com
type: unix
path: /path/to/php.sock - &example_www
- hostname: www.example.com
urlprefix: /auth docroot: /var/www/example
# http resverse proxy urlrules:
type: http -
target: urlprefix: /APIv2
# available http type for http: http, unix type: uwsgi
type: http target:
host: 127.0.0.1 type: unix
port: 8080 path: /run/uwsgi/APIv2.sock
- &example
<<: *example_www
hostname: example.com
- &example_bbs
hostname: bbs.example.com
docroot: /var/www/example_bbs/
urlrules:
-
#urlprefix: \.php$|\.php\/.*
#isregex: true
urlprefix: /
type: fastcgi
target:
type: unix
path: /var/run/php-fpm/www.sock
# https config
-
host: 0.0.0.0
port: 9002
docroot: /srv/www
enableproxy: false
vhost:
-
<<: *example1
cert: /home/user1/cert/example1.com.crt
key: /home/user1/cert/example1.com.key
-
<<: *example1_www
cert: /home/user1/cert/example1.com.crt
key: /home/user1/cert/example1.com.key
-
<<: *example_www
cert: /etc/letsencrypt/live/example.com/fullchain.pem
key: /etc/letsencrypt/live/example.com/privkey.pem
-
<<: *example
cert: /etc/letsencrypt/live/example.com/fullchain.pem
key: /etc/letsencrypt/live/example.com/privkey.pem
-
<<: *example_bbs
cert: /etc/letsencrypt/live/bbs.example.com/fullchain.pem
key: /etc/letsencrypt/live/bbs.example.com/privkey.pem

@ -1,6 +1,7 @@
package main package main
import ( import (
"fmt"
"github.com/yookoala/gofast" "github.com/yookoala/gofast"
"log" "log"
"net" "net"
@ -35,6 +36,15 @@ func (f *FastCGI) ServeHTTP(w http.ResponseWriter, r *http.Request) {
// FastCGIPass pass the request to fastcgi socket // FastCGIPass pass the request to fastcgi socket
func (f *FastCGI) FastCGIPass(w http.ResponseWriter, r *http.Request) { func (f *FastCGI) FastCGIPass(w http.ResponseWriter, r *http.Request) {
// make sure server not access the file out of document root
p1 := filepath.Clean(filepath.Join(f.DocRoot, r.URL.Path))
p2 := filepath.Clean(f.DocRoot)
if !strings.HasPrefix(p1, p2) {
w.WriteHeader(http.StatusBadRequest)
fmt.Fprintf(w, "invalid url")
return
}
var scriptName, pathInfo, scriptFileName string var scriptName, pathInfo, scriptFileName string
conn, err := net.Dial(f.Network, f.Addr) conn, err := net.Dial(f.Network, f.Addr)
@ -58,7 +68,7 @@ func (f *FastCGI) FastCGIPass(w http.ResponseWriter, r *http.Request) {
if len(p) < 2 { if len(p) < 2 {
if strings.HasSuffix(r.URL.Path, "/") { if strings.HasSuffix(r.URL.Path, "/") {
// redirect to index.php // redirect to index.php
scriptName = "" scriptName = filepath.Join(r.URL.Path, "index.php")
pathInfo = "" pathInfo = ""
scriptFileName = filepath.Join(f.DocRoot, urlPath, "index.php") scriptFileName = filepath.Join(f.DocRoot, urlPath, "index.php")
} else { } else {
@ -75,6 +85,10 @@ func (f *FastCGI) FastCGIPass(w http.ResponseWriter, r *http.Request) {
req := client.NewRequest(r) req := client.NewRequest(r)
req.Params["DOCUMENT_URI"] = scriptName
req.Params["SCRIPT_NAME"] = scriptName
req.Params["PHP_SELF"] = scriptName
req.Params["DOCUMENT_ROOT"] = f.DocRoot
req.Params["PATH_INFO"] = pathInfo req.Params["PATH_INFO"] = pathInfo
req.Params["SCRIPT_FILENAME"] = scriptFileName req.Params["SCRIPT_FILENAME"] = scriptFileName

@ -11,6 +11,7 @@ import (
) )
type handler struct { type handler struct {
handler http.Handler
enableProxy bool enableProxy bool
localDomains []string localDomains []string
} }
@ -25,12 +26,20 @@ var defaultTransport http.RoundTripper = &http.Transport{
func (h *handler) ServeHTTP(w http.ResponseWriter, r *http.Request) { func (h *handler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
if r.ProtoMajor == 1 && r.RequestURI[0] == '/' { if r.ProtoMajor == 1 && r.RequestURI[0] == '/' {
http.DefaultServeMux.ServeHTTP(w, r) if h.handler != nil {
h.handler.ServeHTTP(w, r)
} else {
http.DefaultServeMux.ServeHTTP(w, r)
}
return return
} }
if r.ProtoMajor == 2 && h.isLocalRequest(r) { if r.ProtoMajor == 2 && h.isLocalRequest(r) {
http.DefaultServeMux.ServeHTTP(w, r) if h.handler != nil {
h.handler.ServeHTTP(w, r)
} else {
http.DefaultServeMux.ServeHTTP(w, r)
}
return return
} }

@ -1,37 +1,108 @@
package main package main
import ( import (
"crypto/tls"
"fmt" "fmt"
"github.com/gorilla/mux" "github.com/gorilla/mux"
"net"
"net/http" "net/http"
//"net/url" //"net/url"
"log"
"os" "os"
"regexp" "regexp"
//"path/filepath" //"path/filepath"
"strings" "strings"
) )
func initRouters(cfg *conf) { func initRouters(cfg conf) {
router := mux.NewRouter()
for _, l := range cfg {
for _, r := range cfg.URLRules { router := mux.NewRouter()
switch r.Type { domains := []string{}
case "alias": certs := []tls.Certificate{}
registerAliasHandler(r, router)
case "uwsgi": // initial virtual host
registerUwsgiHandler(r, router) for _, h := range l.Vhost {
case "fastcgi": h2 := h.Hostname
registerFastCGIHandler(r, cfg.Docroot, router) if h1, _, err := net.SplitHostPort(h.Hostname); err == nil {
case "http": h2 = h1
registerHTTPHandler(r, router) }
default: domains = append(domains, h2)
fmt.Printf("invalid type: %s\n", r.Type) if h.Cert != "" && h.Key != "" {
if cert, err := tls.LoadX509KeyPair(h.Cert, h.Key); err == nil {
certs = append(certs, cert)
} else {
log.Fatal(err)
}
}
r := router.Host(h2).Subrouter()
for _, rule := range h.UrlRules {
switch rule.Type {
case "alias":
registerAliasHandler(rule, r)
case "uwsgi":
registerUwsgiHandler(rule, r)
case "fastcgi":
registerFastCGIHandler(rule, h.Docroot, r)
case "http":
registerHTTPHandler(rule, r)
default:
fmt.Printf("invalid type: %s\n", rule.Type)
}
}
r.PathPrefix("/").Handler(http.FileServer(http.Dir(h.Docroot)))
}
// default host config
for _, rule := range l.UrlRules {
switch rule.Type {
case "alias":
registerAliasHandler(rule, router)
case "uwsgi":
registerUwsgiHandler(rule, router)
case "fastcgi":
registerFastCGIHandler(rule, l.Docroot, router)
case "http":
registerHTTPHandler(rule, router)
default:
fmt.Printf("invalid type: %s\n", rule.Type)
}
} }
}
router.PathPrefix("/").Handler(http.FileServer(http.Dir(cfg.Docroot))) router.PathPrefix("/").Handler(http.FileServer(http.Dir(l.Docroot)))
http.Handle("/", router) go func(l server) {
addr := fmt.Sprintf("%s:%d", l.Host, l.Port)
hdlr := &handler{
handler: router,
enableProxy: l.EnableProxy,
localDomains: domains,
}
if len(certs) > 0 {
tlsconfig := &tls.Config{
Certificates: certs,
}
tlsconfig.BuildNameToCertificate()
srv := http.Server{
Addr: addr,
TLSConfig: tlsconfig,
Handler: hdlr,
}
log.Printf("listen https on %s", addr)
if err := srv.ListenAndServeTLS("", ""); err != nil {
log.Fatal(err)
}
} else {
log.Printf("listen http on %s", addr)
if err := http.ListenAndServe(addr, hdlr); err != nil {
log.Fatal(err)
}
}
}(l)
}
} }
func registerAliasHandler(r rule, router *mux.Router) { func registerAliasHandler(r rule, router *mux.Router) {
@ -45,6 +116,7 @@ func registerAliasHandler(r rule, router *mux.Router) {
os.Exit(-1) os.Exit(-1)
} }
} }
func registerFileHandler(r rule, router *mux.Router) { func registerFileHandler(r rule, router *mux.Router) {
router.HandleFunc(r.URLPrefix, router.HandleFunc(r.URLPrefix,
func(w http.ResponseWriter, req *http.Request) { func(w http.ResponseWriter, req *http.Request) {

@ -2,29 +2,11 @@ package main
import ( import (
"flag" "flag"
"fmt" //"fmt"
"log" "log"
"net/http" //"net/http"
) )
func initListeners(c *conf) {
for _, l := range c.Listen {
go func(l listen) {
addr := fmt.Sprintf("%s:%d", l.Host, l.Port)
h := &handler{enableProxy: l.EnableProxy, localDomains: c.LocalDomains}
if l.Cert != "" && l.Key != "" {
if err := http.ListenAndServeTLS(addr, l.Cert, l.Key, h); err != nil {
log.Fatal(err)
}
} else {
if err := http.ListenAndServe(addr, h); err != nil {
log.Fatal(err)
}
}
}(l)
}
}
func main() { func main() {
var configfile string var configfile string
flag.StringVar(&configfile, "c", "config.yaml", "config file") flag.StringVar(&configfile, "c", "config.yaml", "config file")
@ -34,6 +16,5 @@ func main() {
log.Fatal(err) log.Fatal(err)
} }
initRouters(c) initRouters(c)
initListeners(c)
select {} select {}
} }

Loading…
Cancel
Save