Comments (4)
# /etc/systemd/system/reverse-proxy.service
[Unit]
Description=Reverse proxy for openshift-network-playground
Wants=network-online.target
After=network-online.target
RequiresMountsFor=%t/containers
[Service]
Environment=PODMAN_SYSTEMD_UNIT=%n
Restart=always
TimeoutStartSec=180
TimeoutStopSec=70
ExecStartPre=-/usr/bin/rm -f %t/%n.ctr-id
ExecStartPre=/usr/bin/podman build --net host --tag localhost/reverse-proxy /opt/openshift-network-playground/reverse-proxy
ExecStart=/usr/bin/podman run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm --sdnotify=conmon --name reverse-proxy -d --net host --cap-add NET_ADMIN,NET_RAW localhost/reverse-proxy
ExecStop=/usr/bin/podman stop --ignore --cidfile=%t/%n.ctr-id
ExecStopPost=/usr/bin/podman rm -f --ignore --cidfile=%t/%n.ctr-id
Type=notify
NotifyAccess=all
[Install]
WantedBy=default.target
# /usr/lib/systemd/system/service.d/10-timeout-abort.conf
# This file is part of the systemd package.
# See https://fedoraproject.org/wiki/Changes/Shorter_Shutdown_Timer.
#
# To facilitate debugging when a service fails to stop cleanly,
# TimeoutStopFailureMode=abort is set to "crash" services that fail to stop in
# the time allotted. This will cause the service to be terminated with SIGABRT
# and a coredump to be generated.
#
# To undo this configuration change, create a mask file:
# sudo mkdir -p /etc/systemd/system/service.d
# sudo ln -sv /dev/null /etc/systemd/system/service.d/10-timeout-abort.conf
[Service]
TimeoutStopFailureMode=abort
from openshift-network-playground.
FROM registry.fedoraproject.org/f32/golang
USER root
WORKDIR /
RUN openssl req -x509 \
-newkey rsa:4096 \
-nodes \
-keyout reverse-proxy.key \
-out reverse-proxy.crt \
-days 365 \
-subj "/C=IN/ST=Maharashtra/L=Mumbai/O=ONP/CN=onp.ocp.example.local"
COPY main.go go.mod .
ENTRYPOINT ["go", "run", "main.go"]
CMD ["-key", "/reverse-proxy.key", "-cert", "/reverse-proxy.crt"]
from openshift-network-playground.
package main
import (
"crypto/tls"
"log"
"net/http"
"net/http/httputil"
"flag"
"os"
)
func main() {
// Define flag variables
var certFile string
var keyFile string
var showHelp bool
// Define flags and usage
flag.StringVar(&certFile, "cert", "", "Path to the TLS certificate file")
flag.StringVar(&keyFile, "key", "", "Path to the TLS private key file")
flag.BoolVar(&showHelp, "help", false, "Show help message")
// Set custom usage function
flag.Usage = func() {
flag.PrintDefaults()
}
// Parse command-line arguments
flag.Parse()
// Check if help flag is provided
if showHelp {
flag.Usage()
os.Exit(0)
}
// Check if no flags were provided
if flag.NFlag() == 0 {
flag.Usage()
os.Exit(1)
}
// Create HTTP reverse proxy
httpProxy := &httputil.ReverseProxy{
Director: func(req *http.Request) {
// Set the target URL to the original request URL
req.URL.Scheme = "http"
req.URL.Host = req.Host
},
ErrorHandler: func(rw http.ResponseWriter, req *http.Request, err error) {
log.Println("Reverse proxy error:", err)
http.Error(rw, "Oops! Something went wrong. Inspect server logs.", http.StatusInternalServerError)
},
}
// Create HTTPS reverse proxy
httpsProxy := &httputil.ReverseProxy{
Transport: &http.Transport{
TLSClientConfig: &tls.Config{
InsecureSkipVerify: true,
},
},
Director: func(req *http.Request) {
// Set the target URL to the original request URL
req.URL.Scheme = "https"
req.URL.Host = req.Host
},
ErrorHandler: func(rw http.ResponseWriter, req *http.Request, err error) {
log.Println("Reverse proxy error:", err)
http.Error(rw, "Oops! Something went wrong. Inspect server logs.", http.StatusInternalServerError)
},
}
ingressHttpServer := &http.Server{
Addr: ":80",
Handler: httpProxy,
}
apiServer := &http.Server{
Addr: ":6443",
TLSConfig: &tls.Config{
Certificates: []tls.Certificate{
loadTLSCertificate(certFile, keyFile),
},
},
Handler: httpsProxy,
}
// Configure the HTTPS server
ingressHttpsServer := &http.Server{
Addr: ":443",
TLSConfig: &tls.Config{
Certificates: []tls.Certificate{
loadTLSCertificate(certFile, keyFile),
},
},
Handler: httpsProxy,
}
// Start the HTTPS server on port 6443
go func () {
log.Println("Starting reverse proxy server on port 6443 ...")
err := apiServer.ListenAndServeTLS("", "")
if err != nil {
log.Fatal("Error starting reverse proxy server:", err)
}
}()
// Start the HTTPS server on port 80
go func () {
log.Println("Starting reverse proxy server on port 80 ...")
err := ingressHttpServer.ListenAndServe()
if err != nil {
log.Fatal("Error starting reverse proxy server:", err)
}
}()
// Start the HTTPS server on port 443
go func() {
log.Println("Starting reverse proxy server on port 443...")
err := ingressHttpsServer.ListenAndServeTLS("", "")
if err != nil {
log.Fatal("Error starting reverse proxy server:", err)
}
}()
// Wait indefinitely to keep the program running
select {}
}
// LoadTLSKeyPair loads a TLS certificate and private key from files and returns a tls.Certificate.
func loadTLSCertificate(certFile, keyFile string) tls.Certificate {
cert, err := tls.LoadX509KeyPair(certFile, keyFile)
if err != nil {
log.Fatal("Error loading TLS certificate:", err)
}
return cert
}
from openshift-network-playground.
module github.com/kevydotvinu/reverse-proxy
go 1.20
from openshift-network-playground.
Related Issues (20)
- /bin/bash: -c: line 1: unexpected EOF while looking for matching `''
- No VMs on startup HOT 2
- Cannot run `onp fedora` HOT 4
- Validate pullsecret
- Trouble accessing SNO console HOT 1
- Quick DNS server that listens on `5353` using `dnsmasq`
- Add force tag and push in Makefile
- Changelog error in `create-release` body
- SRIOV on ONP
- `onp fcos` issue - No bootable disk HOT 3
- Remote host HOT 3
- Verbose output for cluster installation
- reverse-proxy error improvement
- Add `--pull always` in `butane` command
- Change in VyOS image URL
- Add ExecPre for container systemd
- Additional variable for `vm.sh`
- Enhancement for creating multiple VM with same OS
- Correct fedora package HOT 1
- Improve `onp help`
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from openshift-network-playground.