Skip to content

Commit

Permalink
Move remote termination behind flag
Browse files Browse the repository at this point in the history
Probably don't want to add the ability to remotely shutdown the proxy to
be accessible unless desired and in a safe environment, so moving behind
a flag.

Also updated the README with latest usage.

See Issue #77
  • Loading branch information
amcintosh committed Aug 4, 2020
1 parent 64771e7 commit 0735035
Show file tree
Hide file tree
Showing 3 changed files with 66 additions and 44 deletions.
1 change: 1 addition & 0 deletions CONTRIBUTORS.md
Original file line number Diff line number Diff line change
Expand Up @@ -24,4 +24,5 @@ https://github.com/diranged
https://github.com/em0ney
https://github.com/zqben402
https://github.com/dlackty
https://github.com/amcintosh

16 changes: 16 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -124,6 +124,10 @@ For a full list of available options, use `-h`:
```sh
./aws-es-proxy -h
Usage of ./aws-es-proxy:
-auth
Require HTTP Basic Auth
-debug
Print debug messages
-endpoint string
Amazon ElasticSearch Endpoint (e.g: https://dummy-host.eu-west-1.es.amazonaws.com)
-listen string
Expand All @@ -132,10 +136,22 @@ Usage of ./aws-es-proxy:
Log user requests and ElasticSearch responses to files
-no-sign-reqs
Disable AWS Signature v4
-password string
HTTP Basic Auth Password
-pretty
Prettify verbose and file output
-realm string
Authentication Required
-remote-terminate
Allow HTTP remote termination
-timeout int
Set a request timeout to ES. Specify in seconds, defaults to 15 (default 15)
-username string
HTTP Basic Auth Username
-verbose
Print user requests
-version
Print aws-es-proxy version
```


Expand Down
93 changes: 49 additions & 44 deletions aws-es-proxy.go
Original file line number Diff line number Diff line change
Expand Up @@ -69,23 +69,24 @@ type responseStruct struct {
}

type proxy struct {
scheme string
host string
region string
service string
endpoint string
verbose bool
prettify bool
logtofile bool
nosignreq bool
fileRequest *os.File
fileResponse *os.File
credentials *credentials.Credentials
httpClient *http.Client
auth bool
username string
password string
realm string
scheme string
host string
region string
service string
endpoint string
verbose bool
prettify bool
logtofile bool
nosignreq bool
fileRequest *os.File
fileResponse *os.File
credentials *credentials.Credentials
httpClient *http.Client
auth bool
username string
password string
realm string
remoteTerminate bool
}

func newProxy(args ...interface{}) *proxy {
Expand All @@ -100,16 +101,17 @@ func newProxy(args ...interface{}) *proxy {
}

return &proxy{
endpoint: args[0].(string),
verbose: args[1].(bool),
prettify: args[2].(bool),
logtofile: args[3].(bool),
nosignreq: args[4].(bool),
httpClient: &client,
auth: args[6].(bool),
username: args[7].(string),
password: args[8].(string),
realm: args[9].(string),
endpoint: args[0].(string),
verbose: args[1].(bool),
prettify: args[2].(bool),
logtofile: args[3].(bool),
nosignreq: args[4].(bool),
httpClient: &client,
auth: args[6].(bool),
username: args[7].(string),
password: args[8].(string),
realm: args[9].(string),
remoteTerminate: args[10].(bool),
}
}

Expand Down Expand Up @@ -210,7 +212,7 @@ func (p *proxy) getSigner() *v4.Signer {
}

func (p *proxy) ServeHTTP(w http.ResponseWriter, r *http.Request) {
if r.URL.Path == "/terminate-proxy" && r.Method == http.MethodPost {
if p.remoteTerminate && r.URL.Path == "/terminate-proxy" && r.Method == http.MethodPost {
logrus.Infoln("Terminate Signal")
os.Exit(0)
}
Expand Down Expand Up @@ -424,22 +426,23 @@ func copyHeaders(dst, src http.Header) {
func main() {

var (
debug bool
auth bool
username string
password string
realm string
verbose bool
prettify bool
logtofile bool
nosignreq bool
ver bool
endpoint string
listenAddress string
fileRequest *os.File
fileResponse *os.File
err error
timeout int
debug bool
auth bool
username string
password string
realm string
verbose bool
prettify bool
logtofile bool
nosignreq bool
ver bool
endpoint string
listenAddress string
fileRequest *os.File
fileResponse *os.File
err error
timeout int
remoteTerminate bool
)

flag.StringVar(&endpoint, "endpoint", "", "Amazon ElasticSearch Endpoint (e.g: https://dummy-host.eu-west-1.es.amazonaws.com)")
Expand All @@ -455,6 +458,7 @@ func main() {
flag.StringVar(&username, "username", "", "HTTP Basic Auth Username")
flag.StringVar(&password, "password", "", "HTTP Basic Auth Password")
flag.StringVar(&realm, "realm", "", "Authentication Required")
flag.BoolVar(&remoteTerminate, "remote-terminate", false, "Allow HTTP remote termination")
flag.Parse()

if endpoint == "" {
Expand Down Expand Up @@ -500,6 +504,7 @@ func main() {
username,
password,
realm,
remoteTerminate,
)

if err = p.parseEndpoint(); err != nil {
Expand Down

0 comments on commit 0735035

Please sign in to comment.