From: Max Carrara <m.carrara@proxmox.com>
To: pbs-devel@lists.proxmox.com
Subject: [pbs-devel] [PATCH proxmox-backup 3/3] proxy: redirect HTTP requests to HTTPS
Date: Thu, 22 Jun 2023 11:15:26 +0200 [thread overview]
Message-ID: <20230622091526.812422-4-m.carrara@proxmox.com> (raw)
In-Reply-To: <20230622091526.812422-1-m.carrara@proxmox.com>
Signed-off-by: Max Carrara <m.carrara@proxmox.com>
---
src/bin/proxmox-backup-proxy.rs | 45 ++++++++++++++++++++++++++++-----
1 file changed, 38 insertions(+), 7 deletions(-)
diff --git a/src/bin/proxmox-backup-proxy.rs b/src/bin/proxmox-backup-proxy.rs
index f38a02bd..a5187bcb 100644
--- a/src/bin/proxmox-backup-proxy.rs
+++ b/src/bin/proxmox-backup-proxy.rs
@@ -23,8 +23,8 @@ use proxmox_sys::{task_log, task_warn};
use pbs_datastore::DataStore;
use proxmox_rest_server::{
- cleanup_old_tasks, cookie_from_header, rotate_task_log_archive, ApiConfig, RestEnvironment,
- RestServer, WorkerTask,
+ cleanup_old_tasks, cookie_from_header, rotate_task_log_archive, ApiConfig, Redirector,
+ RestEnvironment, RestServer, WorkerTask,
};
use proxmox_backup::rrd_cache::{
@@ -253,6 +253,7 @@ async fn run() -> Result<(), Error> {
)?;
let rest_server = RestServer::new(config);
+ let redirector = Redirector::new();
proxmox_rest_server::init_worker_tasks(
pbs_buildcfg::PROXMOX_BACKUP_LOG_DIR_M!().into(),
file_opts.clone(),
@@ -288,23 +289,53 @@ async fn run() -> Result<(), Error> {
Ok(Value::Null)
})?;
- let connections = proxmox_rest_server::connection::AcceptBuilder::with_acceptor(acceptor)
+ let connections = proxmox_rest_server::connection::BiAcceptBuilder::with_acceptor(acceptor)
.debug(debug)
.rate_limiter_lookup(Arc::new(lookup_rate_limiter))
.tcp_keepalive_time(PROXMOX_BACKUP_TCP_KEEPALIVE_TIME);
+
let server = daemon::create_daemon(
([0, 0, 0, 0, 0, 0, 0, 0], 8007).into(),
move |listener| {
- let connections = connections.accept(listener);
+ let (secure_connections, insecure_connections) = connections.accept(listener);
Ok(async {
daemon::systemd_notify(daemon::SystemdNotify::Ready)?;
- hyper::Server::builder(connections)
+ let secure_server = hyper::Server::builder(secure_connections)
.serve(rest_server)
.with_graceful_shutdown(proxmox_rest_server::shutdown_future())
- .map_err(Error::from)
- .await
+ .map_err(Error::from);
+
+ let insecure_server = hyper::Server::builder(insecure_connections)
+ .serve(redirector)
+ .with_graceful_shutdown(proxmox_rest_server::shutdown_future())
+ .map_err(Error::from);
+
+ let handles = vec![tokio::spawn(secure_server), tokio::spawn(insecure_server)];
+
+ let mut results: Vec<Result<(), Error>> = vec![];
+
+ for res_handle in futures::future::join_all(handles).await.into_iter() {
+ let flattened_res = match res_handle {
+ Ok(inner) => inner,
+ Err(err) => Err(format_err!(err)),
+ };
+
+ results.push(flattened_res);
+ }
+
+ if results.iter().any(Result::is_err) {
+ let cat_errors = results
+ .into_iter()
+ .filter_map(|res| res.err().map(|err| err.to_string()))
+ .collect::<Vec<_>>()
+ .join("\n");
+
+ return Err(format_err!(cat_errors));
+ }
+
+ Ok(())
})
},
Some(pbs_buildcfg::PROXMOX_BACKUP_PROXY_PID_FN),
--
2.30.2
next prev parent reply other threads:[~2023-06-22 9:15 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-06-22 9:15 [pbs-devel] [PATCH proxmox, proxmox-backup 0/3] Add support for HTTP to HTTPS redirection Max Carrara
2023-06-22 9:15 ` [pbs-devel] [PATCH proxmox 1/3] rest-server: Add `BiAcceptBuilder` Max Carrara
2023-07-14 9:20 ` Wolfgang Bumiller
2023-07-18 5:46 ` Max Carrara
2023-06-22 9:15 ` [pbs-devel] [PATCH proxmox 2/3] rest-server: Add `Redirector` Max Carrara
2023-07-14 9:24 ` Wolfgang Bumiller
2023-07-18 5:59 ` Max Carrara
2023-06-22 9:15 ` Max Carrara [this message]
2023-06-23 10:15 ` [pbs-devel] [PATCH proxmox, proxmox-backup 0/3] Add support for HTTP to HTTPS redirection Max Carrara
2023-06-23 10:55 ` Thomas Lamprecht
2023-06-27 9:39 ` Max Carrara
2023-06-23 11:40 ` Lukas Wagner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230622091526.812422-4-m.carrara@proxmox.com \
--to=m.carrara@proxmox.com \
--cc=pbs-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox