Skip to content

Commit

Permalink
fixed #748 - per-protocol external ports
Browse files Browse the repository at this point in the history
  • Loading branch information
Eugeny committed Mar 26, 2024
1 parent 8896bb3 commit ec24769
Show file tree
Hide file tree
Showing 4 changed files with 68 additions and 21 deletions.
64 changes: 52 additions & 12 deletions warpgate-common/src/config/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ use poem::http::{self, uri};
use poem_openapi::{Object, Union};
use serde::{Deserialize, Serialize};
pub use target::*;
use tracing::warn;
use uri::Scheme;
use url::Url;
use uuid::Uuid;
Expand Down Expand Up @@ -102,39 +103,52 @@ pub enum SshHostKeyVerificationMode {
}

#[derive(Debug, Deserialize, Serialize, Clone)]
pub struct SSHConfig {
pub struct SshConfig {
#[serde(default = "_default_false")]
pub enable: bool,

#[serde(default = "_default_ssh_listen")]
pub listen: ListenEndpoint,

#[serde(default)]
pub external_port: Option<u16>,

#[serde(default = "_default_ssh_keys_path")]
pub keys: String,

#[serde(default)]
pub host_key_verification: SshHostKeyVerificationMode,
}

impl Default for SSHConfig {
impl Default for SshConfig {
fn default() -> Self {
SSHConfig {
SshConfig {
enable: false,
listen: _default_ssh_listen(),
keys: _default_ssh_keys_path(),
host_key_verification: Default::default(),
external_port: None,
}
}
}

impl SshConfig {
pub fn external_port(&self) -> u16 {
self.external_port.unwrap_or(self.listen.port())
}
}

#[derive(Debug, Deserialize, Serialize, Clone)]
pub struct HTTPConfig {
pub struct HttpConfig {
#[serde(default = "_default_false")]
pub enable: bool,

#[serde(default = "_default_http_listen")]
pub listen: ListenEndpoint,

#[serde(default)]
pub external_port: Option<u16>,

#[serde(default)]
pub certificate: String,

Expand All @@ -151,11 +165,12 @@ pub struct HTTPConfig {
pub cookie_max_age: Duration,
}

impl Default for HTTPConfig {
impl Default for HttpConfig {
fn default() -> Self {
HTTPConfig {
HttpConfig {
enable: false,
listen: _default_http_listen(),
external_port: None,
certificate: "".to_owned(),
key: "".to_owned(),
trust_x_forwarded_headers: false,
Expand All @@ -165,32 +180,48 @@ impl Default for HTTPConfig {
}
}

impl HttpConfig {
pub fn external_port(&self) -> u16 {
self.external_port.unwrap_or(self.listen.port())
}
}

#[derive(Debug, Deserialize, Serialize, Clone)]
pub struct MySQLConfig {
pub struct MySqlConfig {
#[serde(default = "_default_false")]
pub enable: bool,

#[serde(default = "_default_mysql_listen")]
pub listen: ListenEndpoint,

#[serde(default)]
pub external_port: Option<u16>,

#[serde(default)]
pub certificate: String,

#[serde(default)]
pub key: String,
}

impl Default for MySQLConfig {
impl Default for MySqlConfig {
fn default() -> Self {
MySQLConfig {
MySqlConfig {
enable: false,
listen: _default_mysql_listen(),
external_port: None,
certificate: "".to_owned(),
key: "".to_owned(),
}
}
}

impl MySqlConfig {
pub fn external_port(&self) -> u16 {
self.external_port.unwrap_or(self.listen.port())
}
}

#[derive(Debug, Deserialize, Serialize, Clone)]
pub struct RecordingsConfig {
#[serde(default = "_default_false")]
Expand Down Expand Up @@ -263,13 +294,13 @@ pub struct WarpgateConfigStore {
pub database_url: Secret<String>,

#[serde(default)]
pub ssh: SSHConfig,
pub ssh: SshConfig,

#[serde(default)]
pub http: HTTPConfig,
pub http: HttpConfig,

#[serde(default)]
pub mysql: MySQLConfig,
pub mysql: MySqlConfig,

#[serde(default)]
pub log: LogConfig,
Expand Down Expand Up @@ -370,4 +401,13 @@ impl WarpgateConfig {
};
Url::parse(&url).map_err(WarpgateError::UrlParse)
}

pub fn validate(&self) {
if let Some(ref ext) = self.store.external_host {
if ext.contains(':') {
warn!("Looks like your `external_host` config option contains a port - it will be ignored.");
warn!("Set the external port via the `http.external_port`, `ssh.external_port` or `mysql.external_port` options.");
}
}
}
}
14 changes: 10 additions & 4 deletions warpgate-protocol-http/src/api/info.rs
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,10 @@ enum InstanceInfoResponse {
Ok(Json<Info>),
}

fn strip_port(host: &str) -> Option<&str> {
host.split(':').next()
}

#[OpenApi]
impl Api {
#[oai(path = "/info", method = "get", operation_id = "get_info")]
Expand All @@ -47,8 +51,10 @@ impl Api {
.store
.external_host
.as_deref()
.or_else(|| req.header(http::header::HOST))
.and_then(strip_port)
.or_else(|| req.header(http::header::HOST).and_then(strip_port))
.or_else(|| req.original_uri().host());

Ok(InstanceInfoResponse::Ok(Json(Info {
version: env!("CARGO_PKG_VERSION").to_string(),
username: session.get_username(),
Expand All @@ -61,17 +67,17 @@ impl Api {
ports: if session.is_authenticated() {
PortsInfo {
ssh: if config.store.ssh.enable {
Some(config.store.ssh.listen.port())
Some(config.store.ssh.external_port())
} else {
None
},
http: if config.store.http.enable {
Some(config.store.http.listen.port())
Some(config.store.http.external_port())
} else {
None
},
mysql: if config.store.mysql.enable {
Some(config.store.mysql.listen.port())
Some(config.store.mysql.external_port())
} else {
None
},
Expand Down
10 changes: 5 additions & 5 deletions warpgate/src/commands/setup.rs
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ use uuid::Uuid;
use warpgate_common::helpers::fs::{secure_directory, secure_file};
use warpgate_common::helpers::hash::hash_password;
use warpgate_common::{
HTTPConfig, ListenEndpoint, MySQLConfig, SSHConfig, Secret, UserAuthCredential,
HttpConfig, ListenEndpoint, MySqlConfig, SshConfig, Secret, UserAuthCredential,
UserPasswordCredential, UserRequireCredentialsPolicy, WarpgateConfigStore, WarpgateError,
};
use warpgate_core::consts::{BUILTIN_ADMIN_ROLE_NAME, BUILTIN_ADMIN_USERNAME};
Expand Down Expand Up @@ -74,7 +74,7 @@ pub(crate) async fn command(cli: &crate::Cli) -> Result<()> {

let theme = ColorfulTheme::default();
let mut store = WarpgateConfigStore {
http: HTTPConfig {
http: HttpConfig {
enable: true,
..Default::default()
},
Expand Down Expand Up @@ -141,7 +141,7 @@ pub(crate) async fn command(cli: &crate::Cli) -> Result<()> {
if !is_docker() {
store.http.listen = prompt_endpoint(
"Endpoint to listen for HTTP connections on",
HTTPConfig::default().listen,
HttpConfig::default().listen,
);
}
}
Expand All @@ -168,7 +168,7 @@ pub(crate) async fn command(cli: &crate::Cli) -> Result<()> {
if store.ssh.enable {
store.ssh.listen = prompt_endpoint(
"Endpoint to listen for SSH connections on",
SSHConfig::default().listen,
SshConfig::default().listen,
);
}
}
Expand All @@ -191,7 +191,7 @@ pub(crate) async fn command(cli: &crate::Cli) -> Result<()> {
if store.mysql.enable {
store.mysql.listen = prompt_endpoint(
"Endpoint to listen for MySQL connections on",
MySQLConfig::default().listen,
MySqlConfig::default().listen,
);
}
}
Expand Down
1 change: 1 addition & 0 deletions warpgate/src/config.rs
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@ pub fn load_config(path: &Path, secure: bool) -> Result<WarpgateConfig> {
};

info!("Using config: {path:?}");
config.validate();
Ok(config)
}

Expand Down

0 comments on commit ec24769

Please sign in to comment.