direktil/dkl
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: direktil/dkl:c75d4febb326252ef3565fd0b4f20285ea6c1919
Branches Tags
direktil/dkl:main direktil/dkl:prod direktil/dkl:wip
direktil/dkl:v1.2.2 direktil/dkl:v1.2.1 direktil/dkl:v1.2.0 direktil/dkl:v1.1.0
..
compare: direktil/dkl:wip
Branches Tags
direktil/dkl:main direktil/dkl:prod direktil/dkl:wip
direktil/dkl:v1.2.2 direktil/dkl:v1.2.1 direktil/dkl:v1.2.0 direktil/dkl:v1.1.0

1 Commits
c75d4febb3 .. wip

Author SHA1 Message Date
Mikaël Cluseau 93f3af0ba8 dls::File + variants for TLS 2025-11-20 11:56:23 +01:00
17 changed files with 484 additions and 1223 deletions
Expand all files Collapse all files
Cargo.lock
Generated
+394 -602
View File
File diff suppressed because it is too large Load Diff
Cargo.toml
+2 -8
View File
@@ -13,31 +13,25 @@ codegen-units = 1
[dependencies]
async-compression = { version = "0.4.27", features = ["tokio", "zstd"] }
base32 = "0.5.1"
base64 = "0.22.1"
bytes = "1.10.1"
chrono = { version = "0.4.41", default-features = false, features = ["clock", "now"] }
clap = { version = "4.5.40", features = ["derive", "env"] }
clap_complete = { version = "4.5.54", features = ["unstable-dynamic"] }
env_logger = "0.11.8"
eyre = "0.6.12"
fastrand = "2.3.0"
futures = "0.3.31"
futures-util = "0.3.31"
glob = "0.3.2"
hex = "0.4.3"
human-units = "0.5.3"
log = "0.4.27"
lz4 = "1.28.1"
nix = { version = "0.31.2", features = ["user"] }
nix = { version = "0.30.1", features = ["user"] }
openssl = "0.10.73"
page_size = "0.6.0"
reqwest = { version = "0.13.1", features = ["json", "stream", "native-tls", "socks"], default-features = false }
rpassword = "7.4.0"
rust-argon2 = "3.0.0"
reqwest = { version = "0.12.20", features = ["json", "stream", "native-tls"] }
serde = { version = "1.0.219", features = ["derive"] }
serde_json = "1.0.140"
serde_yaml = "0.9.34"
tabled = "0.20.0"
thiserror = "2.0.12"
tokio = { version = "1.45.1", features = ["fs", "io-std", "macros", "process", "rt"] }
Dockerfile
+2 -2
View File
@@ -1,4 +1,4 @@
from mcluseau/rust:1.94.0 as build
from mcluseau/rust:1.88.0 as build
workdir /app
copy . .
@@ -10,6 +10,6 @@ run \
&& find target/release -maxdepth 1 -type f -executable -exec cp -v {} /dist/ +
# ------------------------------------------------------------------------
from alpine:3.23
from alpine:3.22
copy --from=build /dist/ /bin/
release.sh
-17
View File
@@ -1,17 +0,0 @@
set -ex
tag=$(git describe --always)
repo=novit.tech/direktil/dkl:$tag
docker build --push --platform=linux/amd64,linux/arm64 . -t $repo
publish() {
arch=$1
pf=$2
curl --user $(jq '.auths["novit.tech"].auth' ~/.docker/config.json -r |base64 -d) \
--upload-file <(docker run --rm --platform $pf $repo cat /bin/dkl) \
https://novit.tech/api/packages/direktil/generic/dkl/$tag/dkl.$arch
}
publish x86_64 linux/amd64
publish arm64 linux/arm64
src/apply.rs
+5 -45
View File
@@ -3,61 +3,21 @@ use log::info;
use std::path::Path;
use tokio::fs;
use crate::base64_decode;
pub async fn files(files: &[crate::File], root: &str, dry_run: bool) -> Result<()> {
pub async fn files(files: &[crate::File], root: &str) -> Result<()> {
for file in files {
let path = chroot(root, &file.path);
let path = Path::new(&path);
if !dry_run && let Some(parent) = path.parent() {
if let Some(parent) = path.parent() {
fs::create_dir_all(parent).await?;
}
use crate::FileKind as K;
match &file.kind {
K::Content(content) => {
if dry_run {
info!(
"would create {} ({} bytes from content)",
file.path,
content.len()
);
} else {
fs::write(path, content.as_bytes()).await?;
}
}
K::Content64(content) => {
let content = base64_decode(content)?;
if dry_run {
info!(
"would create {} ({} bytes from content64)",
file.path,
content.len()
);
} else {
fs::write(path, content).await?
}
}
K::Dir(true) => {
if dry_run {
info!("would create {} (directory)", file.path);
} else {
fs::create_dir(path).await?;
}
}
K::Content(content) => fs::write(path, content.as_bytes()).await?,
K::Dir(true) => fs::create_dir(path).await?,
K::Dir(false) => {} // shouldn't happen, but semantic is to ignore
K::Symlink(tgt) => {
if dry_run {
info!("would create {} (symlink to {})", file.path, tgt);
} else {
fs::symlink(tgt, path).await?;
}
}
}
if dry_run {
continue;
K::Symlink(tgt) => fs::symlink(tgt, path).await?,
}
match file.kind {
src/bin/dkl.rs
+3 -53
View File
@@ -1,8 +1,6 @@
use clap::{CommandFactory, Parser, Subcommand};
use eyre::{format_err, Result};
use human_units::Duration;
use log::{debug, error};
use std::net::SocketAddr;
use tokio::fs;
#[derive(Parser)]
@@ -24,9 +22,6 @@ enum Command {
/// path prefix (aka chroot)
#[arg(short = 'P', long, default_value = "/")]
prefix: String,
/// don't really write files
#[arg(long)]
dry_run: bool,
},
Logger {
/// Path where the logs are stored
@@ -70,27 +65,6 @@ enum Command {
#[arg(long, default_value = "/")]
chroot: std::path::PathBuf,
},
Proxy {
#[arg(long, short = 'l')]
listen: Vec<SocketAddr>,
targets: Vec<SocketAddr>,
/// target polling interval
#[arg(long, default_value = "30s")]
poll: Duration,
/// connect or check timeout
#[arg(long, default_value = "5s")]
timeout: Duration,
},
Cg {
#[command(subcommand)]
cmd: CgCmd,
},
}
#[derive(Subcommand)]
enum CgCmd {
Ls,
}
#[tokio::main(flavor = "current_thread")]
@@ -110,10 +84,9 @@ async fn main() -> Result<()> {
config,
filters,
prefix,
dry_run,
} => {
let filters = parse_globs(&filters)?;
apply_config(&config, &filters, &prefix, dry_run).await
apply_config(&config, &filters, &prefix).await
}
C::Logger {
ref log_path,
@@ -153,33 +126,10 @@ async fn main() -> Result<()> {
.install(layer, version)
.await
}
C::Proxy {
listen,
targets,
poll,
timeout,
} => Ok(dkl::proxy::Proxy {
listen_addrs: listen,
targets,
poll: poll.into(),
timeout: timeout.into(),
}
.run()
.await
.map(|_| ())?),
C::Cg { cmd } => match cmd {
CgCmd::Ls => Ok(dkl::cgroup::ls().await?),
},
}
}
async fn apply_config(
config_file: &str,
filters: &[glob::Pattern],
chroot: &str,
dry_run: bool,
) -> Result<()> {
async fn apply_config(config_file: &str, filters: &[glob::Pattern], chroot: &str) -> Result<()> {
let config = fs::read_to_string(config_file).await?;
let config: dkl::Config = serde_yaml::from_str(&config)?;
@@ -191,7 +141,7 @@ async fn apply_config(
.collect()
};
dkl::apply::files(&files, chroot, dry_run).await
dkl::apply::files(&files, chroot).await
}
#[derive(Subcommand)]
src/bin/dls.rs
+6 -21
View File
@@ -36,10 +36,6 @@ enum Command {
},
#[command(subcommand)]
DlSet(DlSet),
/// hash a password
Hash {
salt: String,
},
}
#[derive(Subcommand)]
@@ -107,16 +103,14 @@ async fn main() -> eyre::Result<()> {
.parse_default_env()
.init();
let dls = || {
let token = std::env::var("DLS_TOKEN").expect("DLS_TOKEN should be set");
dls::Client::new(cli.dls, token)
};
let token = std::env::var("DLS_TOKEN").map_err(|_| format_err!("DLS_TOKEN should be set"))?;
let dls = dls::Client::new(cli.dls, token);
use Command as C;
match cli.command {
C::Clusters => write_json(&dls().clusters().await?),
C::Clusters => write_json(&dls.clusters().await?),
C::Cluster { cluster, command } => {
let dls = dls();
let cluster = dls.cluster(cluster);
use ClusterCommand as CC;
@@ -161,9 +155,8 @@ async fn main() -> eyre::Result<()> {
}
}
}
C::Hosts => write_json(&dls().hosts().await?),
C::Hosts => write_json(&dls.hosts().await?),
C::Host { out, host, asset } => {
let dls = dls();
let host_name = host.clone();
let host = dls.host(host);
match asset {
@@ -178,7 +171,7 @@ async fn main() -> eyre::Result<()> {
C::DlSet(set) => match set {
DlSet::Sign { expiry, items } => {
let req = dls::DownloadSetReq { expiry, items };
let signed = dls().sign_dl_set(&req).await?;
let signed = dls.sign_dl_set(&req).await?;
println!("{signed}");
}
DlSet::Show { signed_set } => {
@@ -218,19 +211,11 @@ async fn main() -> eyre::Result<()> {
name,
asset,
} => {
let dls = dls();
let stream = dls.fetch_dl_set(&signed_set, &kind, &name, &asset).await?;
let mut out = create_asset_file(out, &kind, &name, &asset).await?;
copy_stream(stream, &mut out).await?;
}
},
C::Hash { salt } => {
let salt = dkl::base64_decode(&salt)?;
let passphrase = rpassword::prompt_password("password to hash: ")?;
let hash = dls::store::hash_password(&salt, &passphrase)?;
println!("hash (hex): {}", hex::encode(&hash));
println!("hash (base64): {}", dkl::base64_encode(&hash));
}
};
Ok(())
src/bootstrap.rs
+15 -16
View File
@@ -2,7 +2,7 @@ use std::collections::BTreeMap as Map;
pub const TAKE_ALL: i16 = -1;
#[derive(Clone, Debug, Default, serde::Deserialize, serde::Serialize)]
#[derive(Clone, Debug, serde::Deserialize, serde::Serialize)]
pub struct Config {
pub anti_phishing_code: String,
@@ -42,11 +42,21 @@ impl Config {
pub fn new(bootstrap_dev: String) -> Self {
Self {
anti_phishing_code: "Direktil<3".into(),
keymap: None,
modules: None,
resolv_conf: None,
vpns: Map::new(),
networks: vec![],
auths: vec![],
ssh: Default::default(),
pre_lvm_crypt: vec![],
lvm: vec![],
crypt: vec![],
signer_public_key: None,
bootstrap: Bootstrap {
dev: bootstrap_dev,
..Default::default()
seed: None,
},
..Default::default()
}
}
}
@@ -78,17 +88,6 @@ pub struct NetworkInterface {
pub udev: Option<UdevFilter>,
}
impl Default for NetworkInterface {
fn default() -> Self {
Self {
var: "iface".into(),
n: 1,
regexps: Vec::new(),
udev: Some(UdevFilter::Eq("INTERFACE".into(), "eth0".into())),
}
}
}
#[derive(Clone, Debug, serde::Deserialize, serde::Serialize)]
pub struct SSHServer {
pub listen: String,
@@ -105,7 +104,7 @@ impl Default for SSHServer {
#[derive(Clone, Debug, serde::Deserialize, serde::Serialize)]
pub struct LvmVG {
#[serde(rename = "vg", alias = "name")]
#[serde(alias = "vg")]
pub name: String,
pub pvs: LvmPV,
@@ -245,7 +244,7 @@ pub struct Raid {
pub stripes: Option<u8>,
}
#[derive(Clone, Debug, Default, serde::Deserialize, serde::Serialize)]
#[derive(Clone, Debug, serde::Deserialize, serde::Serialize)]
pub struct Bootstrap {
pub dev: String,
#[serde(skip_serializing_if = "Option::is_none")]
src/cgroup.rs
-205
View File
@@ -1,205 +0,0 @@
use log::warn;
use std::fmt::Display;
use std::io::Result;
use std::str::FromStr;
use tokio::fs;
use crate::human::Human;
const CGROUP_ROOT: &str = "/sys/fs/cgroup/";
pub async fn ls() -> Result<()> {
let mut cgs = walk(CGROUP_ROOT.to_string()).await;
cgs.sort_by(|a, b| a.path.cmp(&b.path));
let mut table = tabled::builder::Builder::new();
table.push_record(["cgroup", "workg set", "anon", "max"]);
for cg in cgs {
let name = cg.path.strip_prefix(CGROUP_ROOT).unwrap();
table.push_record([
name,
&cg.memory.working_set().human(),
&cg.memory.stat.anon.human(),
&cg.memory.max.human(),
]);
}
use tabled::settings::{
object::{Column, Row},
Alignment, Modify,
};
let mut table = table.build();
table.with(tabled::settings::Style::psql());
table.with(Alignment::right());
table.with(Modify::list(Column::from(0), Alignment::left()));
table.with(Modify::list(Row::from(0), Alignment::left()));
println!("{}", table);
Ok(())
}
async fn walk(root: String) -> Vec<Cgroup> {
let mut todo = vec![root];
let mut results = Vec::new();
while let Some(path) = todo.pop() {
match read(&path, |d| todo.push(d)).await {
Ok(cg) => results.push(cg),
Err(e) => {
warn!("reading dir {path} failed: {e}");
continue;
}
};
}
results
}
struct Cgroup {
path: String,
memory: Memory,
}
#[derive(Default)]
struct Memory {
current: Option<u64>,
low: Option<u64>,
high: Option<Max>,
min: Option<u64>,
max: Option<Max>,
stat: MemoryStat,
}
impl Memory {
/// working set as defined by cAdvisor
/// (https://github.com/google/cadvisor/blob/master/container/libcontainer/handler.go#L853-L862)
fn working_set(&self) -> Option<u64> {
let cur = self.current?;
let inactive = self.stat.inactive_file?;
(inactive <= cur).then(|| cur - inactive)
}
}
#[derive(Default)]
struct MemoryStat {
anon: Option<u64>,
file: Option<u64>,
kernel: Option<u64>,
kernel_stack: Option<u64>,
pagetables: Option<u64>,
shmem: Option<u64>,
inactive_file: Option<u64>,
}
enum Max {
Num(u64),
Max,
}
impl Display for Max {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
match self {
Self::Num(n) => write!(f, "{n}"),
Self::Max => f.write_str("max"),
}
}
}
impl Human for Max {
fn human(&self) -> String {
match self {
Self::Num(n) => n.human(),
Self::Max => "+∞".into(),
}
}
}
impl FromStr for Max {
type Err = std::num::ParseIntError;
fn from_str(s: &str) -> std::result::Result<Self, <Self as FromStr>::Err> {
Ok(match s {
"max" => Self::Max,
s => Self::Num(s.parse()?),
})
}
}
async fn read(dir: &str, mut f: impl FnMut(String)) -> Result<Cgroup> {
let mut rd = fs::read_dir(dir).await?;
let mut cg = Cgroup {
path: dir.to_string(),
memory: Memory::default(),
};
while let Some(entry) = rd.next_entry().await? {
let path = entry.path();
let Some(path) = path.to_str() else {
continue;
};
if entry.file_type().await?.is_dir() {
f(path.to_string());
continue;
}
let Some((_, name)) = path.rsplit_once('/') else {
continue;
};
let Some((controller, param)) = name.split_once('.') else {
continue;
};
match controller {
"memory" => match param {
"current" => cg.memory.current = read_parse(path).await?,
"low" => cg.memory.low = read_parse(path).await?,
"high" => cg.memory.high = read_parse(path).await?,
"min" => cg.memory.min = read_parse(path).await?,
"max" => cg.memory.max = read_parse(path).await?,
"stat" => cg.memory.stat.read_from(path).await?,
_ => {}
},
_ => {}
}
}
Ok(cg)
}
async fn read_parse<T: FromStr>(path: &str) -> Result<Option<T>>
where
T::Err: Display,
{
(fs::read_to_string(path).await?)
.trim_ascii()
.parse()
.map_err(|e| std::io::Error::other(format!("{path}: parse failed: {e}")))
.map(|v| Some(v))
}
impl MemoryStat {
async fn read_from(&mut self, path: &str) -> Result<()> {
for line in (fs::read_to_string(path).await?).lines() {
let Some((key, value)) = line.split_once(' ') else {
continue;
};
let value = value.parse::<u64>().ok();
match key {
"anon" => self.anon = value,
"file" => self.file = value,
"kernel" => self.kernel = value,
"kernel_stack" => self.kernel_stack = value,
"pagetables" => self.pagetables = value,
"shmem" => self.shmem = value,
"inactive_file" => self.inactive_file = value,
_ => {}
}
}
Ok(())
}
}
src/dls.rs
+51 -34
View File
@@ -5,8 +5,7 @@ use reqwest::Method;
use std::collections::BTreeMap as Map;
use std::fmt::Display;
use std::net::IpAddr;
pub mod store;
use std::time::Duration;
pub struct Client {
base_url: String,
@@ -161,32 +160,6 @@ impl<'t> Host<'t> {
}
}
#[derive(Default, serde::Deserialize, serde::Serialize)]
#[serde(rename_all = "PascalCase")]
pub struct Config {
#[serde(default, deserialize_with = "deserialize_null_as_default")]
pub clusters: Vec<ClusterConfig>,
#[serde(default, deserialize_with = "deserialize_null_as_default")]
pub hosts: Vec<HostConfig>,
#[serde(default, deserialize_with = "deserialize_null_as_default")]
pub host_templates: Vec<HostConfig>,
#[serde(default, rename = "SSLConfig")]
pub ssl_config: String,
#[serde(default, deserialize_with = "deserialize_null_as_default")]
pub extra_ca_certs: Map<String, String>,
}
// compensate for go's encoder pitfalls
use serde::{Deserialize, Deserializer};
fn deserialize_null_as_default<'de, D, T>(deserializer: D) -> std::result::Result<T, D::Error>
where
T: Default + Deserialize<'de>,
D: Deserializer<'de>,
{
let opt = Option::deserialize(deserializer)?;
Ok(opt.unwrap_or_default())
}
#[derive(serde::Deserialize, serde::Serialize)]
#[serde(rename_all = "PascalCase")]
pub struct ClusterConfig {
@@ -199,15 +172,15 @@ pub struct ClusterConfig {
#[serde(rename_all = "PascalCase")]
pub struct HostConfig {
pub name: String,
#[serde(default, skip_serializing_if = "Option::is_none")]
#[serde(skip_serializing_if = "Option::is_none")]
pub cluster_name: Option<String>,
#[serde(rename = "IPs")]
pub ips: Vec<IpAddr>,
#[serde(default, skip_serializing_if = "Map::is_empty")]
#[serde(skip_serializing_if = "Map::is_empty")]
pub labels: Map<String, String>,
#[serde(default, skip_serializing_if = "Map::is_empty")]
#[serde(skip_serializing_if = "Map::is_empty")]
pub annotations: Map<String, String>,
#[serde(rename = "IPXE", skip_serializing_if = "Option::is_none")]
@@ -217,13 +190,10 @@ pub struct HostConfig {
pub kernel: String,
pub versions: Map<String, String>,
/// initrd config template
pub bootstrap_config: String,
/// files to add to the final initrd config, with rendering
#[serde(default, skip_serializing_if = "Vec::is_empty")]
pub initrd_files: Vec<crate::File>,
/// system config template
pub config: String,
}
@@ -336,3 +306,50 @@ pub enum Error {
#[error("response parsing failed: {0}")]
Parse(serde_json::Error),
}
#[derive(serde::Serialize, serde::Deserialize)]
#[serde(rename_all = "snake_case")]
pub enum File {
Static(crate::File),
Gen { path: String, from: ContentGen },
}
#[derive(serde::Serialize, serde::Deserialize)]
#[serde(rename_all = "snake_case")]
pub enum ContentGen {
CaCrt(CaRef),
TlsKey(TlsRef),
TlsCrt {
key: TlsRef,
ca: CaRef,
profile: CertProfile,
},
}
#[derive(serde::Serialize, serde::Deserialize)]
#[serde(rename_all = "snake_case")]
pub enum CaRef {
Global(String),
Cluster(String, String),
}
#[derive(serde::Serialize, serde::Deserialize)]
#[serde(rename_all = "snake_case")]
pub enum TlsRef {
Cluster(String, String),
Host(String, String),
}
#[derive(serde::Serialize, serde::Deserialize)]
#[serde(rename_all = "snake_case")]
pub enum CertProfile {
Client,
Server,
/// basicaly Client+Server
Peer,
Kube {
user: String,
group: String,
duration: Duration,
},
}
src/dls/store.rs
-17
View File
@@ -1,17 +0,0 @@
pub fn hash_password(salt: &[u8], passphrase: &str) -> argon2::Result<[u8; 32]> {
let hash = argon2::hash_raw(
passphrase.as_bytes(),
salt,
&argon2::Config {
variant: argon2::Variant::Argon2id,
hash_length: 32,
time_cost: 1,
mem_cost: 65536,
thread_mode: argon2::ThreadMode::Parallel,
lanes: 4,
..Default::default()
},
)?;
unsafe { Ok(hash.try_into().unwrap_unchecked()) }
}
src/dynlay.rs
+1 -1
View File
@@ -1,4 +1,4 @@
use eyre::{Result, format_err};
use eyre::{format_err, Result};
use log::{debug, error, info, warn};
use std::path::PathBuf;
use tokio::{fs, io::AsyncWriteExt, process::Command};
src/human.rs
-35
View File
@@ -1,35 +0,0 @@
use human_units::FormatSize;
use std::fmt::{Display, Formatter, Result};
pub trait Human {
fn human(&self) -> String;
}
pub struct Quantity(u64);
impl Display for Quantity {
fn fmt(&self, f: &mut Formatter<'_>) -> Result {
self.0.format_size().fmt(f)
}
}
impl Human for Quantity {
fn human(&self) -> String {
self.to_string()
}
}
impl Human for u64 {
fn human(&self) -> String {
self.format_size().to_string()
}
}
impl<T: Human> Human for Option<T> {
fn human(&self) -> String {
match self {
Some(h) => h.human(),
None => "".to_string(),
}
}
}
src/lib.rs
+3 -29
View File
@@ -1,13 +1,9 @@
pub mod apply;
pub mod rc;
pub mod cgroup;
pub mod human;
pub mod bootstrap;
pub mod dls;
pub mod dynlay;
pub mod fs;
pub mod logger;
pub mod proxy;
#[derive(Debug, Default, serde::Deserialize, serde::Serialize)]
pub struct Config {
@@ -56,7 +52,7 @@ pub struct User {
pub gid: Option<u32>,
}
#[derive(Debug, PartialEq, Eq, serde::Deserialize, serde::Serialize)]
#[derive(Debug, serde::Deserialize, serde::Serialize)]
pub struct File {
pub path: String,
#[serde(skip_serializing_if = "Option::is_none")]
@@ -65,32 +61,10 @@ pub struct File {
pub kind: FileKind,
}
#[derive(Debug, PartialEq, Eq, serde::Deserialize, serde::Serialize)]
#[serde(rename_all = "lowercase")]
#[derive(Debug, serde::Deserialize, serde::Serialize)]
#[serde(rename_all = "snake_case")]
pub enum FileKind {
Content(String),
Content64(String),
Symlink(String),
Dir(bool),
}
// ------------------------------------------------------------------------
impl Config {
pub fn has_file(&self, path: &str) -> bool {
self.files.iter().any(|f| f.path == path)
}
pub fn file(&self, path: &str) -> Option<&File> {
self.files.iter().find(|f| f.path == path)
}
}
pub fn base64_decode(s: &str) -> Result<Vec<u8>, base64::DecodeError> {
use base64::{prelude::BASE64_STANDARD_NO_PAD as B64, Engine as _};
B64.decode(s.trim_end_matches('='))
}
pub fn base64_encode(b: &[u8]) -> String {
use base64::{prelude::BASE64_STANDARD as B64, Engine as _};
B64.encode(b)
}
src/logger.rs
+2 -2
View File
@@ -1,6 +1,6 @@
use async_compression::tokio::write::{ZstdDecoder, ZstdEncoder};
use chrono::{DurationRound, TimeDelta, Utc};
use eyre::{Result, format_err};
use eyre::{format_err, Result};
use log::{debug, error, warn};
use std::path::{Path, PathBuf};
use std::process::Stdio;
@@ -9,7 +9,7 @@ use tokio::{
io::{self, AsyncBufReadExt, AsyncRead, AsyncWrite, AsyncWriteExt, BufReader, BufWriter},
process,
sync::mpsc,
time::{Duration, sleep},
time::{sleep, Duration},
};
pub type Timestamp = chrono::DateTime<Utc>;
src/proxy.rs
-136
View File
@@ -1,136 +0,0 @@
use log::{info, log_enabled, warn};
use std::convert::Infallible;
use std::io;
use std::net::SocketAddr;
use std::sync::atomic::{AtomicBool, Ordering::Relaxed};
use std::time::Duration;
use thiserror::Error;
use tokio::net::{TcpListener, TcpStream};
use tokio::time;
pub struct Proxy {
pub listen_addrs: Vec<SocketAddr>,
pub targets: Vec<SocketAddr>,
pub poll: Duration,
pub timeout: Duration,
}
#[derive(Debug, Error)]
pub enum Error {
#[error("failed to listen on {0}: {1}")]
ListenFailed(SocketAddr, std::io::Error),
}
pub type Result<T> = std::result::Result<T, Error>;
impl Proxy {
pub async fn run(self) -> Result<Infallible> {
let mut listeners = Vec::with_capacity(self.listen_addrs.len());
for addr in self.listen_addrs {
listeners.push(
TcpListener::bind(&addr)
.await
.map_err(|e| Error::ListenFailed(addr, e))?,
);
info!("listening on {addr}");
}
// all targets are initially ok (better land on a down one than just fail)
let targets: Vec<_> = (self.targets.into_iter())
.map(|addr| TargetStatus {
addr,
up: AtomicBool::new(true),
timeout: self.timeout,
})
.collect();
// the proxy runs forever -> using 'static is not a leak
let targets = targets.leak();
for listener in listeners {
tokio::spawn(proxy_listener(listener, targets));
}
check_targets(targets, self.poll).await
}
}
struct TargetStatus {
addr: SocketAddr,
up: AtomicBool,
timeout: Duration,
}
impl TargetStatus {
fn is_up(&self) -> bool {
self.up.load(Relaxed)
}
fn set_up(&self, is_up: bool) {
let prev = self.up.swap(is_up, Relaxed);
if prev != is_up {
if is_up {
info!("{} is up", self.addr);
} else {
warn!("{} is down", self.addr);
}
}
}
async fn connect(&self) -> io::Result<TcpStream> {
let r = match time::timeout(self.timeout, TcpStream::connect(self.addr)).await {
Ok(r) => r,
Err(e) => Err(io::Error::new(io::ErrorKind::TimedOut, e)),
};
self.set_up(r.is_ok());
r
}
}
async fn check_targets(targets: &'static [TargetStatus], poll: Duration) -> ! {
use tokio::time;
let mut poll_ticker = time::interval(poll);
poll_ticker.set_missed_tick_behavior(time::MissedTickBehavior::Skip);
loop {
poll_ticker.tick().await;
let mut tasks = tokio::task::JoinSet::new();
for target in targets {
tasks.spawn(target.connect());
}
tasks.join_all().await;
if log_enabled!(log::Level::Info) {
let mut infos = String::new();
for ts in targets.iter() {
infos.push_str(&format!("{} ", ts.addr));
infos.push_str(if ts.is_up() { "up " } else { "down " });
}
info!("{infos}");
}
}
}
async fn proxy_listener(listener: TcpListener, targets: &'static [TargetStatus]) {
let mut rng = fastrand::Rng::new();
loop {
let mut active = Vec::with_capacity(targets.len());
let (mut src, _) = listener.accept().await.expect("listener.accept() failed");
active.extend((targets.iter().enumerate()).filter_map(|(i, ts)| ts.is_up().then_some(i)));
rng.shuffle(&mut active);
tokio::spawn(async move {
for i in active {
if let Ok(mut dst) = targets[i].connect().await {
let _ = tokio::io::copy_bidirectional(&mut src, &mut dst).await;
break;
}
}
});
}
}
src/rc.rs
View File