telebit/cmd/telebitd/telebitd.go

package main

import (
	"context"
	"crypto/tls"
	"flag"
	"fmt"
	"io"
	"io/ioutil"
	"log"
	"net/http"
	"os"

	telebit "git.coolaj86.com/coolaj86/go-telebitd"
	"git.coolaj86.com/coolaj86/go-telebitd/relay"
	"git.coolaj86.com/coolaj86/go-telebitd/server"

	jwt "github.com/dgrijalva/jwt-go"
	"github.com/spf13/viper"
	lumberjack "gopkg.in/natefinch/lumberjack.v2"

	_ "github.com/joho/godotenv/autoload"
)

var (
	logfile    = "stdout"
	configPath = "./"
	configFile = "telebit-relay"

	loginfo                  *log.Logger
	logdebug                 *log.Logger
	logFlags                 = log.Ldate | log.Lmicroseconds | log.Lshortfile
	argWssClientListener     string
	tcpPort                  int
	argServerBinding         string
	argServerAdminBinding    string
	argServerExternalBinding string
	argDeadTime              int
	connectionTable          *server.Table
	secretKey                string
	wssHostName              = "localhost.rootprojects.org"
	adminHostName            = telebit.InvalidAdminDomain
	idle                     int
	dwell                    int
	cancelcheck              int
	lbDefaultMethod          string
	nickname                 string
)

func init() {
	flag.StringVar(&logfile, "log", logfile, "Log file (or stdout/stderr; empty for none)")
	flag.StringVar(&configPath, "config-path", configPath, "Configuration File Path")
	flag.StringVar(&secretKey, "secret", "", "a >= 16-character random string for JWT key signing")
}

var logoutput io.Writer

//Main -- main entry point
func main() {
	flag.Parse()

	if "" == secretKey {
		secretKey = os.Getenv("TELEBIT_SECRET")
	}
	if len(secretKey) < 16 {
		fmt.Fprintf(os.Stderr, "Invalid secret: %q. See --help for details.\n", secretKey)
		os.Exit(1)
	}

	switch logfile {
	case "stdout":
		logoutput = os.Stdout
	case "stderr":
		logoutput = os.Stderr
	case "":
		logoutput = ioutil.Discard
	default:
		logoutput = &lumberjack.Logger{
			Filename:   logfile,
			MaxSize:    100,
			MaxAge:     120,
			MaxBackups: 10,
		}
	}

	// send the output io.Writing to the other packages
	server.InitLogging(logoutput)

	loginfo = log.New(logoutput, "INFO: main: ", logFlags)
	logdebug = log.New(logoutput, "DEBUG: main:", logFlags)

	viper.SetConfigName(configFile)
	viper.AddConfigPath(configPath)
	viper.AddConfigPath("./")
	err := viper.ReadInConfig()
	if err != nil {
		panic(fmt.Errorf("fatal error config file: %s", err))
	}

	flag.IntVar(&argDeadTime, "dead-time-counter", 5, "deadtime counter in seconds")

	wssHostName = viper.Get("rvpn.wssdomain").(string)
	adminHostName = viper.Get("rvpn.admindomain").(string)
	tcpPort = viper.GetInt("rvpn.port")
	deadtime := viper.Get("rvpn.deadtime").(map[string]interface{})
	idle = deadtime["idle"].(int)
	dwell = deadtime["dwell"].(int)
	cancelcheck = deadtime["cancelcheck"].(int)
	lbDefaultMethod = viper.Get("rvpn.loadbalancing.defaultmethod").(string)
	nickname = viper.Get("rvpn.serverName").(string)

	loginfo.Println("startup")

	ctx, cancelContext := context.WithCancel(context.Background())
	defer cancelContext()

	serverStatus := server.NewStatus(ctx)
	serverStatus.AdminDomain = adminHostName
	serverStatus.WssDomain = wssHostName
	serverStatus.Name = nickname
	serverStatus.DeadTime = server.NewStatusDeadTime(dwell, idle, cancelcheck)
	serverStatus.LoadbalanceDefaultMethod = lbDefaultMethod

	connectionTable := server.NewTable(dwell, idle, lbDefaultMethod)

	tlsConfig := &tls.Config{
		GetCertificate: func(*tls.ClientHelloInfo) (*tls.Certificate, error) {
			// TODO
			// 1. call out to greenlock for validation
			// 2. push challenges through http channel
			// 3. receive certificates (or don't)
			certbundle, err := tls.LoadX509KeyPair("certs/fullchain.pem", "certs/privkey.pem")
			if err != nil {
				return nil, err
			}
			return &certbundle, nil
		},
	}

	authorizer := func(r *http.Request) (*server.Authz, error) {
		// do we have a valid wss_client?
		tokenString := r.URL.Query().Get("access_token")
		_, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
			return []byte(secretKey), nil
		})
		return nil, err

		/*
			tokenString := r.URL.Query().Get("access_token")
			result, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
				return []byte(secretKey), nil
			})

			if err != nil || !result.Valid {
				w.WriteHeader(http.StatusForbidden)
				w.Write([]byte("Not Authorized"))
				loginfo.Println("access_token invalid...closing connection")
				return
			}

			// TODO
			claims := result.Claims.(jwt.MapClaims)
			domains, ok := claims["domains"].([]interface{})
		*/
	}

	r := relay.New(ctx, tlsConfig, authorizer, serverStatus, connectionTable)
	r.ListenAndServe(tcpPort)
}
Restructured project abstracting modules, using Caddy as a guide. 2017-02-12 04:13:29 +00:00			`package main`

Implemented Docker Container Testing. - a few other minor fixes. - removed RVPNMAIN - there is a bunch of other clean up I want to do… 2017-03-04 18:18:08 +00:00			`import (`
cleaned up a few import statements 2017-03-22 21:43:36 +00:00			`"context"`
Implemented Docker Container Testing. - a few other minor fixes. - removed RVPNMAIN - there is a bunch of other clean up I want to do… 2017-03-04 18:18:08 +00:00			`"crypto/tls"`
			`"flag"`
			`"fmt"`
changed configuration read to work by default 2017-03-30 00:28:28 +00:00			`"io"`
Added support for LumberJack logging and —log argument like caddy - I don’t think the way I am doing logging is correct, however it was the only way I could figure to get the package level customizations and flags I wanted while leveraging lumberjack. - altered tunnel end point interface to AJ’s specification in issue #18 - added an InitLogging function package level, that is called by main to init. 2017-03-26 22:33:40 +00:00			`"io/ioutil"`
Implemented Docker Container Testing. - a few other minor fixes. - removed RVPNMAIN - there is a bunch of other clean up I want to do… 2017-03-04 18:18:08 +00:00			`"log"`
heavier refactoring 2020-04-30 10:43:36 +00:00			`"net/http"`
Implemented Docker Container Testing. - a few other minor fixes. - removed RVPNMAIN - there is a bunch of other clean up I want to do… 2017-03-04 18:18:08 +00:00			`"os"`
Restructured project abstracting modules, using Caddy as a guide. 2017-02-12 04:13:29 +00:00
heavier refactoring 2020-04-30 10:43:36 +00:00			`telebit "git.coolaj86.com/coolaj86/go-telebitd"`
			`"git.coolaj86.com/coolaj86/go-telebitd/relay"`
			`"git.coolaj86.com/coolaj86/go-telebitd/server"`

			`jwt "github.com/dgrijalva/jwt-go"`
Added support for YAML configuration file - implemented viper module in code. - removed all the older configuration, not sure if we want to use flags or just the configuration files. - added support for dwell, idle and cancelceck timers - generic binding is now an int passing to the generic manager. - passing dwell, and idle directly to connection table. - adjusted all dead time structures, the system supports a map(string)interface{} of various dead time counters - this version also supports variable sized buffers for each request by using the bufio.reader - we peek all, and then pass everything down the channel we have. - I am wondering if this will be a problem is someone just starts pouring data down never ending. - direct support now for terminating domains - there is a domain for admin, and wss. Each shared the external address listener (testing 9999) Additions - added support for Discard for wedge connections - added support for ReadByte to wedge conn 2017-03-11 20:28:49 +00:00			`"github.com/spf13/viper"`
changed configuration read to work by default 2017-03-30 00:28:28 +00:00			`lumberjack "gopkg.in/natefinch/lumberjack.v2"`
Added support for LumberJack logging and —log argument like caddy - I don’t think the way I am doing logging is correct, however it was the only way I could figure to get the package level customizations and flags I wanted while leveraging lumberjack. - altered tunnel end point interface to AJ’s specification in issue #18 - added an InitLogging function package level, that is called by main to init. 2017-03-26 22:33:40 +00:00
heavier refactoring 2020-04-30 10:43:36 +00:00			`_ "github.com/joho/godotenv/autoload"`
Implemented Docker Container Testing. - a few other minor fixes. - removed RVPNMAIN - there is a bunch of other clean up I want to do… 2017-03-04 18:18:08 +00:00			`)`

			`var (`
Adding support for config path and config file 2017-03-27 21:09:25 +00:00			`logfile = "stdout"`
			`configPath = "./"`
heavier refactoring 2020-04-30 10:43:36 +00:00			`configFile = "telebit-relay"`
Adding support for config path and config file 2017-03-27 21:09:25 +00:00
Implemented Docker Container Testing. - a few other minor fixes. - removed RVPNMAIN - there is a bunch of other clean up I want to do… 2017-03-04 18:18:08 +00:00			`loginfo *log.Logger`
			`logdebug *log.Logger`
			`logFlags = log.Ldate \| log.Lmicroseconds \| log.Lshortfile`
			`argWssClientListener string`
heavier refactoring 2020-04-30 10:43:36 +00:00			`tcpPort int`
Implemented Docker Container Testing. - a few other minor fixes. - removed RVPNMAIN - there is a bunch of other clean up I want to do… 2017-03-04 18:18:08 +00:00			`argServerBinding string`
			`argServerAdminBinding string`
			`argServerExternalBinding string`
			`argDeadTime int`
Completed rename to server. 2017-04-01 04:31:16 +00:00			`connectionTable *server.Table`
heavier refactoring 2020-04-30 10:43:36 +00:00			`secretKey string`
minor refactor 2020-04-28 06:26:00 +00:00			`wssHostName = "localhost.rootprojects.org"`
make admin domain more configurable 2020-04-28 07:16:16 +00:00			`adminHostName = telebit.InvalidAdminDomain`
Added support for YAML configuration file - implemented viper module in code. - removed all the older configuration, not sure if we want to use flags or just the configuration files. - added support for dwell, idle and cancelceck timers - generic binding is now an int passing to the generic manager. - passing dwell, and idle directly to connection table. - adjusted all dead time structures, the system supports a map(string)interface{} of various dead time counters - this version also supports variable sized buffers for each request by using the bufio.reader - we peek all, and then pass everything down the channel we have. - I am wondering if this will be a problem is someone just starts pouring data down never ending. - direct support now for terminating domains - there is a domain for admin, and wss. Each shared the external address listener (testing 9999) Additions - added support for Discard for wedge connections - added support for ReadByte to wedge conn 2017-03-11 20:28:49 +00:00			`idle int`
			`dwell int`
			`cancelcheck int`
Added support for default load balancer method. 2017-03-19 14:56:33 +00:00			`lbDefaultMethod string`
heavier refactoring 2020-04-30 10:43:36 +00:00			`nickname string`
Implemented Docker Container Testing. - a few other minor fixes. - removed RVPNMAIN - there is a bunch of other clean up I want to do… 2017-03-04 18:18:08 +00:00			`)`

Added support for LumberJack logging and —log argument like caddy - I don’t think the way I am doing logging is correct, however it was the only way I could figure to get the package level customizations and flags I wanted while leveraging lumberjack. - altered tunnel end point interface to AJ’s specification in issue #18 - added an InitLogging function package level, that is called by main to init. 2017-03-26 22:33:40 +00:00			`func init() {`
			`flag.StringVar(&logfile, "log", logfile, "Log file (or stdout/stderr; empty for none)")`
Adding support for config path and config file 2017-03-27 21:09:25 +00:00			`flag.StringVar(&configPath, "config-path", configPath, "Configuration File Path")`
heavier refactoring 2020-04-30 10:43:36 +00:00			`flag.StringVar(&secretKey, "secret", "", "a >= 16-character random string for JWT key signing")`
Added support for LumberJack logging and —log argument like caddy - I don’t think the way I am doing logging is correct, however it was the only way I could figure to get the package level customizations and flags I wanted while leveraging lumberjack. - altered tunnel end point interface to AJ’s specification in issue #18 - added an InitLogging function package level, that is called by main to init. 2017-03-26 22:33:40 +00:00			`}`

			`var logoutput io.Writer`

Implemented Docker Container Testing. - a few other minor fixes. - removed RVPNMAIN - there is a bunch of other clean up I want to do… 2017-03-04 18:18:08 +00:00			`//Main -- main entry point`
Restructured project abstracting modules, using Caddy as a guide. 2017-02-12 04:13:29 +00:00			`func main() {`
Implemented Docker Container Testing. - a few other minor fixes. - removed RVPNMAIN - there is a bunch of other clean up I want to do… 2017-03-04 18:18:08 +00:00			`flag.Parse()`
heavier refactoring 2020-04-30 10:43:36 +00:00
			`if "" == secretKey {`
			`secretKey = os.Getenv("TELEBIT_SECRET")`
			`}`
			`if len(secretKey) < 16 {`
			`fmt.Fprintf(os.Stderr, "Invalid secret: %q. See --help for details.\n", secretKey)`
			`os.Exit(1)`
			`}`

Added support for LumberJack logging and —log argument like caddy - I don’t think the way I am doing logging is correct, however it was the only way I could figure to get the package level customizations and flags I wanted while leveraging lumberjack. - altered tunnel end point interface to AJ’s specification in issue #18 - added an InitLogging function package level, that is called by main to init. 2017-03-26 22:33:40 +00:00			`switch logfile {`
			`case "stdout":`
			`logoutput = os.Stdout`
			`case "stderr":`
			`logoutput = os.Stderr`
			`case "":`
			`logoutput = ioutil.Discard`
			`default:`
			`logoutput = &lumberjack.Logger{`
			`Filename: logfile,`
			`MaxSize: 100,`
			`MaxAge: 120,`
			`MaxBackups: 10,`
			`}`
			`}`

			`// send the output io.Writing to the other packages`
Completed rename to server. 2017-04-01 04:31:16 +00:00			`server.InitLogging(logoutput)`
Added support for LumberJack logging and —log argument like caddy - I don’t think the way I am doing logging is correct, however it was the only way I could figure to get the package level customizations and flags I wanted while leveraging lumberjack. - altered tunnel end point interface to AJ’s specification in issue #18 - added an InitLogging function package level, that is called by main to init. 2017-03-26 22:33:40 +00:00
			`loginfo = log.New(logoutput, "INFO: main: ", logFlags)`
			`logdebug = log.New(logoutput, "DEBUG: main:", logFlags)`

changed configuration read to work by default 2017-03-30 00:28:28 +00:00			`viper.SetConfigName(configFile)`
			`viper.AddConfigPath(configPath)`
Added support for YAML configuration file - implemented viper module in code. - removed all the older configuration, not sure if we want to use flags or just the configuration files. - added support for dwell, idle and cancelceck timers - generic binding is now an int passing to the generic manager. - passing dwell, and idle directly to connection table. - adjusted all dead time structures, the system supports a map(string)interface{} of various dead time counters - this version also supports variable sized buffers for each request by using the bufio.reader - we peek all, and then pass everything down the channel we have. - I am wondering if this will be a problem is someone just starts pouring data down never ending. - direct support now for terminating domains - there is a domain for admin, and wss. Each shared the external address listener (testing 9999) Additions - added support for Discard for wedge connections - added support for ReadByte to wedge conn 2017-03-11 20:28:49 +00:00			`viper.AddConfigPath("./")`
			`err := viper.ReadInConfig()`
			`if err != nil {`
Several Considerations for Load Balancing, Collection of Bulk ServerStatus - added a number of global status collections - this requires wedging into things.. - removing direct address to come functions putting them though serverStatus 2017-03-20 00:04:47 +00:00			`panic(fmt.Errorf("fatal error config file: %s", err))`
Added support for YAML configuration file - implemented viper module in code. - removed all the older configuration, not sure if we want to use flags or just the configuration files. - added support for dwell, idle and cancelceck timers - generic binding is now an int passing to the generic manager. - passing dwell, and idle directly to connection table. - adjusted all dead time structures, the system supports a map(string)interface{} of various dead time counters - this version also supports variable sized buffers for each request by using the bufio.reader - we peek all, and then pass everything down the channel we have. - I am wondering if this will be a problem is someone just starts pouring data down never ending. - direct support now for terminating domains - there is a domain for admin, and wss. Each shared the external address listener (testing 9999) Additions - added support for Discard for wedge connections - added support for ReadByte to wedge conn 2017-03-11 20:28:49 +00:00			`}`

			`flag.IntVar(&argDeadTime, "dead-time-counter", 5, "deadtime counter in seconds")`
Implemented Docker Container Testing. - a few other minor fixes. - removed RVPNMAIN - there is a bunch of other clean up I want to do… 2017-03-04 18:18:08 +00:00
Added support for YAML configuration file - implemented viper module in code. - removed all the older configuration, not sure if we want to use flags or just the configuration files. - added support for dwell, idle and cancelceck timers - generic binding is now an int passing to the generic manager. - passing dwell, and idle directly to connection table. - adjusted all dead time structures, the system supports a map(string)interface{} of various dead time counters - this version also supports variable sized buffers for each request by using the bufio.reader - we peek all, and then pass everything down the channel we have. - I am wondering if this will be a problem is someone just starts pouring data down never ending. - direct support now for terminating domains - there is a domain for admin, and wss. Each shared the external address listener (testing 9999) Additions - added support for Discard for wedge connections - added support for ReadByte to wedge conn 2017-03-11 20:28:49 +00:00			`wssHostName = viper.Get("rvpn.wssdomain").(string)`
			`adminHostName = viper.Get("rvpn.admindomain").(string)`
heavier refactoring 2020-04-30 10:43:36 +00:00			`tcpPort = viper.GetInt("rvpn.port")`
fixed bug with peeking I introduced during the cleanup 2017-03-23 23:57:43 +00:00			`deadtime := viper.Get("rvpn.deadtime").(map[string]interface{})`
			`idle = deadtime["idle"].(int)`
			`dwell = deadtime["dwell"].(int)`
			`cancelcheck = deadtime["cancelcheck"].(int)`
Added support for default load balancer method. 2017-03-19 14:56:33 +00:00			`lbDefaultMethod = viper.Get("rvpn.loadbalancing.defaultmethod").(string)`
heavier refactoring 2020-04-30 10:43:36 +00:00			`nickname = viper.Get("rvpn.serverName").(string)`
Implemented Docker Container Testing. - a few other minor fixes. - removed RVPNMAIN - there is a bunch of other clean up I want to do… 2017-03-04 18:18:08 +00:00
			`loginfo.Println("startup")`

			`ctx, cancelContext := context.WithCancel(context.Background())`
			`defer cancelContext()`

Completed rename to server. 2017-04-01 04:31:16 +00:00			`serverStatus := server.NewStatus(ctx)`
Several Considerations for Load Balancing, Collection of Bulk ServerStatus - added a number of global status collections - this requires wedging into things.. - removing direct address to come functions putting them though serverStatus 2017-03-20 00:04:47 +00:00			`serverStatus.AdminDomain = adminHostName`
			`serverStatus.WssDomain = wssHostName`
heavier refactoring 2020-04-30 10:43:36 +00:00			`serverStatus.Name = nickname`
Completed rename to server. 2017-04-01 04:31:16 +00:00			`serverStatus.DeadTime = server.NewStatusDeadTime(dwell, idle, cancelcheck)`
Several Considerations for Load Balancing, Collection of Bulk ServerStatus - added a number of global status collections - this requires wedging into things.. - removing direct address to come functions putting them though serverStatus 2017-03-20 00:04:47 +00:00			`serverStatus.LoadbalanceDefaultMethod = lbDefaultMethod`

heavier refactoring 2020-04-30 10:43:36 +00:00			`connectionTable := server.NewTable(dwell, idle, lbDefaultMethod)`

			`tlsConfig := &tls.Config{`
			`GetCertificate: func(tls.ClientHelloInfo) (tls.Certificate, error) {`
			`// TODO`
			`// 1. call out to greenlock for validation`
			`// 2. push challenges through http channel`
			`// 3. receive certificates (or don't)`
			`certbundle, err := tls.LoadX509KeyPair("certs/fullchain.pem", "certs/privkey.pem")`
			`if err != nil {`
			`return nil, err`
			`}`
			`return &certbundle, nil`
			`},`
			`}`
Added support for default load balancer method. 2017-03-19 14:56:33 +00:00
heavier refactoring 2020-04-30 10:43:36 +00:00			`authorizer := func(r http.Request) (server.Authz, error) {`
			`// do we have a valid wss_client?`
			`tokenString := r.URL.Query().Get("access_token")`
			`_, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {`
			`return []byte(secretKey), nil`
			`})`
			`return nil, err`
support .env, improve authorization hooks, other updates 2020-04-30 11:11:03 +00:00
			`/*`
			`tokenString := r.URL.Query().Get("access_token")`
			`result, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {`
			`return []byte(secretKey), nil`
			`})`

			`if err != nil \|\| !result.Valid {`
			`w.WriteHeader(http.StatusForbidden)`
			`w.Write([]byte("Not Authorized"))`
			`loginfo.Println("access_token invalid...closing connection")`
			`return`
			`}`

			`// TODO`
			`claims := result.Claims.(jwt.MapClaims)`
			`domains, ok := claims["domains"].([]interface{})`
			`*/`
heavier refactoring 2020-04-30 10:43:36 +00:00			`}`
Implemented Docker Container Testing. - a few other minor fixes. - removed RVPNMAIN - there is a bunch of other clean up I want to do… 2017-03-04 18:18:08 +00:00
heavier refactoring 2020-04-30 10:43:36 +00:00			`r := relay.New(ctx, tlsConfig, authorizer, serverStatus, connectionTable)`
			`r.ListenAndServe(tcpPort)`
Restructured project abstracting modules, using Caddy as a guide. 2017-02-12 04:13:29 +00:00			`}`