bak

ForNetCode · Jun 27, 2024 · 907d6c3 · 907d6c3
1 parent 759d8bf
commit 907d6c3
Show file tree

Hide file tree

Showing 4 changed files with 69 additions and 21 deletions.
diff --git a/config.release.toml b/config.release.toml
@@ -10,14 +10,20 @@ cors = false
 [http]
 port = 80
 addr = "0.0.0.0"
+## port when serving public PI,default is http port. external_port should not be 0.
+# external_port = 80
+
+## optional, when https enabled, redirect_https default value is true
+# redirect_https = false
 
 # [https]
 # port = 443 # https bind address
 # addr = "0.0.0.0"
+## port when serving public PI,default is https port. external_port should not be 0.
+# external_port = 443
+
 ## if set true, http server(80) will send client
 ## status code:301(Moved Permanently) to tell client redirect to https
-## optional, default is false
-# http_redirect_to_https = false
 
 ## default value for https ssl
 # [https.ssl]
@@ -83,7 +89,9 @@ addr = "0.0.0.0"
 # alias = ["example.com"]
 # cors = false
 # [domains.https]
-# http_redirect_to_https = 443
+## optional, default is `http.redirect_https` value.
+# redirect_https = false
+
 ## this would be usefully when set https.acme
 # disable_acme = false
 # [domains.https.ssl]

diff --git a/server/src/config.rs b/server/src/config.rs
@@ -160,14 +160,16 @@ pub struct ACMEConfig {
 #[derive(Deserialize, Debug, Clone, PartialEq)]
 pub struct HttpConfig {
     pub addr: String,
-    pub port: u32,
+    pub port: u16,
+    pub external_port: Option<u16>,
 }
 
 #[derive(Deserialize, Debug, Clone, PartialEq)]
 pub struct HttpsConfig {
     pub ssl: Option<SSL>,
     pub acme: Option<ACMEConfig>,
-    pub port: u32,
+    pub port: u16,
+    pub external_port: Option<u16>,
     pub addr: String,
     #[serde(default)]
     pub http_redirect_to_https: u32,

diff --git a/server/src/service.rs b/server/src/service.rs
@@ -34,13 +34,25 @@ impl ServiceConfig {
     }
 }
 
+pub struct ServiceContext {
+    pub is_https: bool,
+    pub external_port: u16,
+    pub redirect_url: Arc<Option<String>>, //
+    pub challenge_path: ChallengePath,
+}
+
 pub async fn create_service(
     req: Request<Body>,
     service_config: Arc<ServiceConfig>,
     domain_storage: Arc<DomainStorage>,
-    challenge_path: ChallengePath,
-    is_https: bool,
+    context: ServiceContext,
 ) -> Result<warp::reply::Response, Infallible> {
+    let ServiceContext {
+        is_https,
+        external_port,
+        redirect_url,
+        challenge_path,
+    } = context;
     let uri = req.uri();
     let from_uri = uri.authority().cloned();
     // trick, need more check

diff --git a/server/src/web_server.rs b/server/src/web_server.rs
@@ -1,21 +1,21 @@
+use crate::acme::ChallengePath;
 use chrono::{DateTime, Local};
 use hyper::server::conn::AddrIncoming;
 use hyper::server::Server as HServer;
 use hyper::service::service_fn;
+use rustls::ServerConfig;
 use socket2::{Domain, Socket, Type};
 use std::collections::HashMap;
 use std::convert::Infallible;
 use std::net::{SocketAddr, TcpListener};
 use std::str::FromStr;
 use std::sync::Arc;
-use rustls::ServerConfig;
 use tokio::net::TcpListener as TKTcpListener;
 use tokio::sync::oneshot::Receiver;
-use crate::acme::ChallengePath;
 
 use crate::config::Config;
 use crate::domain_storage::DomainStorage;
-use crate::service::{create_service, DomainServiceConfig, ServiceConfig};
+use crate::service::{create_service, DomainServiceConfig, ServiceConfig, ServiceContext};
 use crate::tls::TlsAcceptor;
 
 async fn handler(rx: Receiver<()>, time: DateTime<Local>, http_or_https: &'static str) {
@@ -56,15 +56,12 @@ pub struct Server {
 
 impl Server {
     pub fn new(conf: Config, storage: Arc<DomainStorage>) -> Self {
-        let default_http_redirect_to_https = conf
-            .https
-            .as_ref()
-            .map(|x| x.http_redirect_to_https);
-
+        let default_http_redirect_to_https = conf.https.as_ref().map(|x| x.http_redirect_to_https);
+
         let default = DomainServiceConfig {
             cors: conf.cors,
             http_redirect_to_https: default_http_redirect_to_https,
-            enable_acme: conf.https.as_ref().and_then(|x|x.acme.as_ref()).is_some(),
+            enable_acme: conf.https.as_ref().and_then(|x| x.acme.as_ref()).is_some(),
         };
         let service_config: HashMap<String, DomainServiceConfig> = conf
             .domains
@@ -77,7 +74,11 @@ impl Server {
                         .as_ref()
                         .and_then(|x| x.http_redirect_to_https)
                         .or(default_http_redirect_to_https),
-                    enable_acme: domain.https.as_ref().map(|x|x.disable_acme).unwrap_or(default.enable_acme),
+                    enable_acme: domain
+                        .https
+                        .as_ref()
+                        .map(|x| x.disable_acme)
+                        .unwrap_or(default.enable_acme),
                 };
 
                 (domain.domain.clone(), domain_service_config)
@@ -116,14 +117,24 @@ impl Server {
             let tls_server_config = tls_server_config.unwrap();
             let bind_address =
                 SocketAddr::from_str(&format!("{}:{}", &config.addr, &config.port)).unwrap();
+            let external_port = config.external_port.unwrap_or(bind_address.port());
 
             let make_svc = hyper::service::make_service_fn(|_| {
                 let service_config = self.service_config.clone();
                 let storage = self.storage.clone();
                 let challenge_path = challenge_path.clone();
                 async move {
                     Ok::<_, Infallible>(service_fn(move |req| {
-                        create_service(req, service_config.clone(), storage.clone(), challenge_path.clone(),true)
+                        create_service(
+                            req,
+                            service_config.clone(),
+                            storage.clone(),
+                            ServiceContext {
+                                challenge_path: challenge_path.clone(),
+                                is_https: true,
+                                external_port,
+                            },
+                        )
                     }))
                 }
             });
@@ -138,17 +149,32 @@ impl Server {
         Ok(())
     }
 
-    pub async fn init_http_server(&self, rx: Option<Receiver<()>>, challenge_path: ChallengePath) -> anyhow::Result<()> {
+    pub async fn init_http_server(
+        &self,
+        rx: Option<Receiver<()>>,
+        challenge_path: ChallengePath,
+    ) -> anyhow::Result<()> {
         if let Some(http_config) = &self.conf.http {
             let bind_address =
-                SocketAddr::from_str(&format!("{}:{}", &http_config.addr, &http_config.port)).unwrap();
+                SocketAddr::from_str(&format!("{}:{}", &http_config.addr, &http_config.port))
+                    .unwrap();
+            let external_port = http_config.external_port.unwrap_or(bind_address.port());
             let make_svc = hyper::service::make_service_fn(|_| {
                 let service_config = self.service_config.clone();
                 let storage = self.storage.clone();
                 let challenge_path = challenge_path.clone();
                 async move {
                     Ok::<_, Infallible>(service_fn(move |req| {
-                        create_service(req, service_config.clone(), storage.clone(),challenge_path.clone(),false)
+                        create_service(
+                            req,
+                            service_config.clone(),
+                            storage.clone(),
+                            ServiceContext {
+                                challenge_path: challenge_path.clone(),
+                                is_https: true,
+                                external_port,
+                            },
+                        )
                     }))
                 }
             });