qnib
diff --git a/‎.bumpversion.cfg
Lines changed: 5 additions & 0 deletions b/‎.bumpversion.cfg
Lines changed: 5 additions & 0 deletions
diff --git a/‎.drone.yml
Lines changed: 13 additions & 0 deletions b/‎.drone.yml
Lines changed: 13 additions & 0 deletions
diff --git a/‎.gitignore
Lines changed: 3 additions & 0 deletions b/‎.gitignore
Lines changed: 3 additions & 0 deletions
diff --git a/‎doxy.pattern
Lines changed: 14 additions & 0 deletions b/‎doxy.pattern
Lines changed: 14 additions & 0 deletions
diff --git a/‎main.go
Lines changed: 90 additions & 0 deletions b/‎main.go
Lines changed: 90 additions & 0 deletions
diff --git a/‎proxy/main.go
Lines changed: 52 additions & 0 deletions b/‎proxy/main.go
Lines changed: 52 additions & 0 deletions
diff --git a/‎proxy/newsock.go
Lines changed: 30 additions & 0 deletions b/‎proxy/newsock.go
Lines changed: 30 additions & 0 deletions
diff --git a/‎proxy/proxy.go
Lines changed: 78 additions & 0 deletions b/‎proxy/proxy.go
Lines changed: 78 additions & 0 deletions
diff --git a/‎vendor/github.com/BurntSushi/toml/COMPATIBLE
Lines changed: 3 additions & 0 deletions b/‎vendor/github.com/BurntSushi/toml/COMPATIBLE
Lines changed: 3 additions & 0 deletions
diff --git a/‎vendor/github.com/BurntSushi/toml/COPYING
Lines changed: 21 additions & 0 deletions b/‎vendor/github.com/BurntSushi/toml/COPYING
Lines changed: 21 additions & 0 deletions
@@ -0,0 +1,5 @@
+[bumpversion]
+current_version = 0.0.0
+files = main.go
+commit = True
+tag = True
@@ -0,0 +1,13 @@
+workspace:
+  base: /drone/src
+  path: /usr/local/src/github.com/qnib/doxy
+
+pipeline:
+  alpine:
+    image: qnib/alplain-golang
+    commands:
+      - govendor build -o doxy_alpine
+  x86:
+      image: qnib/uplain-golang
+      commands:
+        - govendor build -o doxy_x86
@@ -12,3 +12,6 @@
 
 # Project-local glide cache, RE: https://github.com/Masterminds/glide/issues/736
 .glide/
+
+# binaries
+doxy_*
@@ -0,0 +1,14 @@
+# List and inspect containers
+^/(v\d\.\d+/)?containers(/\w+)?/json$
+# List and inspect services
+^/(v\d\.\d+/)?services(/[0-9a-f]+)?$
+# List and inspect tasks
+^/(v\d\.\d+/)?tasks(/\w+)?$
+# List and inspect networks
+^/(v\d\.\d+/)?networks(/\w+)?$
+# List and inspect nodes
+^/(v\d\.\d+/)?nodes(/\w+)?$
+# Show engine info
+^/(v\d\.\d+/)?info$
+# Healthcheck
+^/_ping$
@@ -0,0 +1,90 @@
+package main
+
+import (
+	"os"
+	"log"
+	"github.com/zpatrick/go-config"
+	"github.com/codegangsta/cli"
+	"github.com/qnib/doxy/proxy"
+	"bufio"
+	"strings"
+)
+
+func ReadPatterns(path string) (patterns []string, err error) {
+	file, err := os.Open(path)
+	if err != nil {
+		return
+	}
+	defer file.Close()
+
+	scanner := bufio.NewScanner(file)
+	for scanner.Scan() {
+		line := scanner.Text()
+		if ! strings.HasPrefix(line, "#") {
+			patterns = append(patterns, line)
+		}
+	}
+	return
+}
+
+func RunApp(ctx *cli.Context) {
+	log.Printf("[II] Start Version: %s", ctx.App.Version)
+	cfg := config.NewConfig([]config.Provider{config.NewCLI(ctx, true)})
+	newSock, _ := cfg.String("proxy-socket")
+	dockerSock, _ := cfg.String("docker-socket")
+	debug, _ := cfg.Bool("debug")
+	patternsFile, _ := cfg.String("pattern-file")
+	patterns, err  := ReadPatterns(patternsFile)
+	if err != nil {
+		log.Printf("Error reading patterns file (%s), using default patterns\n", err.Error())
+		patterns = []string{
+			`^/(v\d\.\d+/)?containers(/\w+)?/json$`,
+			`^/(v\d\.\d+/)?services(/[0-9a-f]+)?$`,
+			`^/(v\d\.\d+/)?tasks(/\w+)?$`,
+			`^/(v\d\.\d+/)?networks(/\w+)?$`,
+			`^/(v\d\.\d+/)?nodes(/\w+)?$`,
+			`^/(v\d\.\d+/)?info$`,
+			"^/_ping$",
+		}
+		if debug {
+			for i, p := range patterns {
+				log.Printf("%-3d: %s\n", i,p)
+			}
+
+		}
+	}
+	p := proxy.NewProxy(newSock, dockerSock, debug)
+	p.AddPatterns(patterns)
+	p.Run()
+}
+
+func main() {
+	app := cli.NewApp()
+	app.Name = "Start container to terminate SSL for others."
+	app.Usage = "go-byfahrer [options]"
+	app.Version = "0.0.0"
+	app.Flags = []cli.Flag{
+		cli.StringFlag{
+			Name:  "docker-socket",
+			Value: "/var/run/docker.sock",
+			Usage: "Docker host to connect to.",
+			EnvVar: "DOXY_DOCKER_SOCKET",
+		}, cli.StringFlag{
+			Name:  "proxy-socket",
+			Value: "/tmp/doxy.sock",
+			Usage: "Proxy socket to be created",
+			EnvVar: "DOXY_PROXY_SOCKET",
+		}, cli.BoolFlag{
+			Name: "debug",
+			Usage: "Print proxy requests",
+			EnvVar: "DOXY_DEBUG",
+		}, cli.StringFlag{
+			Name:  "pattern-file",
+			Value: "/etc/doxy.pattern",
+			Usage: "File holding line-separated regex-patterns to be allowed (comments allowed, use #)",
+			EnvVar: "DOXY_PATTERN_FILE",
+	},
+	}
+	app.Action = RunApp
+	app.Run(os.Args)
+}
@@ -0,0 +1,52 @@
+package proxy
+
+import (
+	"net/http"
+	"os"
+	"syscall"
+	"os/signal"
+	"github.com/urfave/negroni"
+
+)
+
+type Proxy struct {
+	dockerSocket, newSocket string
+	debug 					bool
+	patterns 				[]string
+}
+
+func NewProxy(newsock, oldsock string, debug bool) Proxy {
+	return Proxy{
+		dockerSocket: oldsock,
+		newSocket: newsock,
+		debug: debug,
+		patterns: []string{},
+	}
+}
+
+func (p *Proxy) AddPatterns(patterns []string) {
+	p.patterns = append(p.patterns,patterns...)
+}
+
+func (p *Proxy) AddPattern(pattern string) {
+	p.patterns = append(p.patterns,pattern)
+}
+
+func (p *Proxy) Run() {
+	upstream := NewUpstream(p.dockerSocket, p.patterns)
+	sigc := make(chan os.Signal, 1)
+	signal.Notify(sigc, os.Interrupt, os.Kill, syscall.SIGTERM)
+	l, err := ListenToNewSock(p.newSocket, sigc)
+	if err != nil {
+		panic(err)
+	}
+	n := negroni.New() // Includes some default middlewares
+	if p.debug {
+		n.Use(negroni.NewLogger())
+	}
+	n.UseHandler(upstream)
+	if err = http.Serve(l, n); err != nil {
+		panic(err)
+	}
+}
+
@@ -0,0 +1,30 @@
+package proxy
+
+import (
+	"path/filepath"
+	"log"
+	"os"
+	"net"
+)
+
+func ListenToNewSock(newsock string, sigc chan os.Signal) (l net.Listener, err error) {
+	// extract directory for newsock
+	dir, _ := filepath.Split(newsock)
+	// attempt to create dir and ignore if it's already existing
+	_ = os.Mkdir(dir, 0777)
+	l, err = net.Listen("unix", newsock)
+	if err != nil {
+		panic(err)
+	}
+	os.Chmod(newsock, 0666)
+	log.Println("[gk-soxy] Listening on " + newsock)
+	go func(c chan os.Signal) {
+		sig := <-c
+		log.Printf("[gk-soxy] Caught signal %s: shutting down.\n", sig)
+		if err := l.Close(); err != nil {
+			panic(err)
+		}
+		os.Exit(0)
+	}(sigc)
+	return
+}
@@ -0,0 +1,78 @@
+package proxy
+
+import (
+	"net"
+	"fmt"
+	"net/url"
+	"net/http"
+	"net/http/httputil"
+	"regexp"
+)
+
+type UpStream struct {
+	Name  string
+	proxy http.Handler
+	allowed []*regexp.Regexp
+}
+
+// UnixSocket just provides the path, so that I can test it
+type UnixSocket struct {
+	path string
+}
+
+// NewUnixSocket return a socket using the path
+func NewUnixSocket(path string) UnixSocket {
+	return UnixSocket{
+		path: path,
+	}
+}
+
+func (us *UnixSocket) connectSocket(proto, addr string) (net.Conn, error) {
+	conn, err := net.Dial("unix", us.path)
+	return conn, err
+}
+
+func newReverseProxy(dial func(network, addr string) (net.Conn, error)) *httputil.ReverseProxy {
+	return &httputil.ReverseProxy{
+		Director: func(req *http.Request) {
+			param := ""
+			if len(req.URL.RawQuery) > 0 {
+				param = "?" + req.URL.RawQuery
+			}
+			u, _ := url.Parse("http://docker" + req.URL.Path + param)
+			*req.URL = *u
+		},
+		Transport: &http.Transport{
+			Dial: dial,
+		},
+	}
+}
+
+// NewUpstream returns a new socket (magic)
+func NewUpstream(socket string, regs []string) *UpStream {
+	us := NewUnixSocket(socket)
+	a := []*regexp.Regexp{}
+	for _, r := range regs {
+		p, _ := regexp.Compile(r)
+		a = append(a, p)
+	}
+	return &UpStream{
+		Name:  socket,
+		proxy: newReverseProxy(us.connectSocket),
+		allowed: a,
+	}
+}
+
+func (u *UpStream) ServeHTTP(w http.ResponseWriter, req *http.Request) {
+	if req.Method != "GET" {
+		http.Error(w, fmt.Sprintf("Only GET requests are allowed, req.Method: %s", req.Method), 400)
+		return
+	}
+	for _, a := range u.allowed {
+		if a.MatchString(req.URL.Path) {
+			u.proxy.ServeHTTP(w, req)
+			return
+		}
+	}
+	http.Error(w, fmt.Sprintf("'%s' is not allowed.", req.URL.Path), 403)
+}