diff --git a/example.crt b/example.crt new file mode 100644 index 0000000..20b2c21 --- /dev/null +++ b/example.crt @@ -0,0 +1,24 @@ +-----BEGIN CERTIFICATE----- +MIID+zCCAuOgAwIBAgIJAIXNkz2Vj5lGMA0GCSqGSIb3DQEBCwUAMIGTMQswCQYD +VQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEUMBIGA1UEBwwLTG9zIEFuZ2Vs +ZXMxDTALBgNVBAoMBFRYTjIxEDAOBgNVBAsMB24ycHJveHkxGTAXBgNVBAMMEG4y +cHJveHkudHhuMi5jb20xHTAbBgkqhkiG9w0BCQEWDmh1bWFuQHR4bjIuY29tMB4X +DTE4MDYxNTIzMjI1NFoXDTE5MDYxNTIzMjI1NFowgZMxCzAJBgNVBAYTAlVTMRMw +EQYDVQQIDApDYWxpZm9ybmlhMRQwEgYDVQQHDAtMb3MgQW5nZWxlczENMAsGA1UE +CgwEVFhOMjEQMA4GA1UECwwHbjJwcm94eTEZMBcGA1UEAwwQbjJwcm94eS50eG4y +LmNvbTEdMBsGCSqGSIb3DQEJARYOaHVtYW5AdHhuMi5jb20wggEiMA0GCSqGSIb3 +DQEBAQUAA4IBDwAwggEKAoIBAQC9nw/2ASG2gL9GdEPN9ONH7ReU80NmL+QR2lxj +fY8/QUSdEvdr8hO+VUkbd1bKlUR4kzDEbmUDFLVswSV/WAx8782ahGycNLRPyEqx +vdxUYm7oy/tz8QBEApsLaFCjhtOmzqzFfmOKws60tlueS+xfO7WWd9Anx8NRXeWR +IkuSAB287aREAHLcxudQp8VFQEeYG0ORGwRJi+FIBg/ddkNcgxruTHsUyHWQXBfP +kTtGGp9LdS+BFWWxJenJzsAppJcmGZ8SjpgH7bjHUshi9LlhKj9U3Q7BpCSiPNpt +ASlGhcRlOlsNic1aZlPfjZSkyVfoChOulFiOT9ReJzs5yOtTAgMBAAGjUDBOMB0G +A1UdDgQWBBTdoIIuwrMh38fEZh15B7ySLgZSbTAfBgNVHSMEGDAWgBTdoIIuwrMh +38fEZh15B7ySLgZSbTAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAO +Zlx5AXGQrZMWUU+frNATll3O5Ri9ydNjIx3LBr3TFC9KXnK3lH2IrIFiza5JFt8a +WkVVPAgRqVJKQuoV3mkxrv2fac+SVQDVlEI0BwH0sMAxQpCHsWN/d2sPgMxstTWm +KxaYRs3AQyuOtAEJlbk1xiqQbPjt/QtxOljbrf6JF28EyIhfftlnSLJUO3eds5hT +EOEY5MJxCaMDi8EPyEUpEEaFDsJre1ie7CNv1fkU94FlS4CZuWHGVS0TzJ4ESh6j +4Eu2cNux3uK5UOZFc/r73m8poXterRgci9B2842mC99Ht55htz4lzvTQPPVV/ulB +IxYDtJdWBcrVg+4Reg6T +-----END CERTIFICATE----- diff --git a/example.key b/example.key new file mode 100644 index 0000000..079b108 --- /dev/null +++ b/example.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC9nw/2ASG2gL9G +dEPN9ONH7ReU80NmL+QR2lxjfY8/QUSdEvdr8hO+VUkbd1bKlUR4kzDEbmUDFLVs +wSV/WAx8782ahGycNLRPyEqxvdxUYm7oy/tz8QBEApsLaFCjhtOmzqzFfmOKws60 +tlueS+xfO7WWd9Anx8NRXeWRIkuSAB287aREAHLcxudQp8VFQEeYG0ORGwRJi+FI +Bg/ddkNcgxruTHsUyHWQXBfPkTtGGp9LdS+BFWWxJenJzsAppJcmGZ8SjpgH7bjH +Ushi9LlhKj9U3Q7BpCSiPNptASlGhcRlOlsNic1aZlPfjZSkyVfoChOulFiOT9Re +Jzs5yOtTAgMBAAECggEAHz4L9S5ujZFc8pDJcy+8Gue3kPUbz8RoQYDG5CWV6ogo +c/DiD0kNc7i9mObqx+ocI/mseVDvF7jbw5V3RioNtLAWIjVbZ8lPRC3uEKcFnGmz +eGvTfGDi+FGtlg2T672VNdCrqsaORBig0imRot1DjtVZr/cBtuw1BD0CTA1ogh91 +2f3vd0XJZ1zyoxLLlUW0NRQw4vsM49CZXKNVCWdg3AUSJgd2psJaCkxrSrzE+4xs +I3JLHGGg6UTl+uR9hoV4txphM002qKDphuPgEYUIs3e/Tk+0++VyENYF4sdjM/1F +HMdZoAOmCKAp1xDbg7TTuuK1cOu99je0/4OYYPHV8QKBgQDyEsdLNLB3u4iX2VW2 +PgcP3niVFzf59nBUMUSpoMvuVPT50/KiXOVlJIGSw5uWCoa4Fo0bJ0hKBXVIqtrR +IyEH5XuvRl4/7ptPlbTuvgjm6EIWb5mW/GbdxCsM7UwAfIZqUdnftSFkClvTupIf +bMuL9TYiiNgc+gy9dgx+SmzIjwKBgQDIh8cySspAVIoU2/N+yVy+py5e1ikHmfWj +QBX/X7IybhIVpkkLiw4NOp/sSrCREsQ6SG6J4Sgp+BT61lj3ud2e+yBS89GnqsHu +GyfO/WvLED+r89f997o4KWlpJa55XSqFmkPVNs6XlZiMZWeBcFBQb6oQ1IfdRPFQ +rZQsZczq/QKBgQCYMd5DFllsredvMSGGdvERtRmzAuoaqipthJxa2dHdgmSTPgJq +umUvdghRMdJ8Pxn8W5FT5Rq6Dzxx95mjq6Z0xH9C78cKAwZ6vvEGuUv3gUcru/ag +ywgRnehDNF54X9JSvitxTvwzXZ/mOoLsZwaCdCUZCVh2v2+LHtE0Ba7nWQKBgCZH +/Vf1fRzAxsdqodY/XIws4CZMnfKMip8KmehxfVQxPRSS9PjWJ+2Qln0GWSSov3sc +3rVFnWQ9rsuf5cYM3mj+KdKMJybp6zGoT3YtXMmcJXuPBlm+U/dquGvRPLiAd6Cf +rXljiBbaARA0P4kvRrXES2QBHpq4EZVEPbgoCvGFAoGBAMgB5qePkLRCUtZYKu+m +BmXRusbWzzAxlfrnwiQyemXjg+w7AxOOVv0j0XLd2GnjOgGzlMMB11wbqqntSYyK +DonY4Ma72DIypeuL466Qu/hU5ajPzYGsObxar5uJLhEYzK0C7GoxcGqTvZzP5dCA +CuFmf4W5409qzRLmHI9BomBW +-----END PRIVATE KEY----- diff --git a/goreleaser.yml b/goreleaser.yml index b97661f..6516705 100644 --- a/goreleaser.yml +++ b/goreleaser.yml @@ -14,6 +14,8 @@ build: goos: - linux - darwin + - arm + - arm64 # GOARCH to build in. # For more info refer to https://golang.org/doc/install/source#environment @@ -85,4 +87,13 @@ brew: description: "Contraband filtering reverse proxy." test: |- - n2proxy --version \ No newline at end of file + n2proxy --version + +snapcraft: + name_template: '{{ .ProjectName }}_{{ .Arch }}{{ if .Arm }}v{{ .Arm }}{{ end }}' + summary: Contraband filtering reverse proxy. + description: | + Contraband filtering reverse proxy. Provide a list of Regular Expression used to + detect and block hacking attempts. + grade: stable + confinement: classic \ No newline at end of file diff --git a/server.go b/server.go index 7d60945..d3fa3b0 100644 --- a/server.go +++ b/server.go @@ -83,12 +83,22 @@ func main() { cfgEnv := getEnv("CFG", "./cfg.yml") backendEnv := getEnv("BACKEND", "http://example.com:80") logoutEnv := getEnv("LOGOUT", "stdout") + tlsEnvBool := false + tlsEnv := getEnv("TLS", "false") + if tlsEnv == "true" { + tlsEnvBool = true + } + crtEnv := getEnv("CRT", "./example.crt") + keyEnv := getEnv("KEY", "./example.key") // command line falls back to env port := flag.String("port", portEnv, "port to listen on.") cfg := flag.String("cfg", cfgEnv, "config file path.") backend := flag.String("backend", backendEnv, "backend server.") logout := flag.String("logout", logoutEnv, "log output stdout | ") + tls := flag.Bool("tls", tlsEnvBool, "TLS Support (requires crt and key)") + crt := flag.String("crt", crtEnv, "Path to cert. (enable --tls)") + key := flag.String("key", keyEnv, "Path to private key. (enable --tls") version := flag.Bool("version", false, "Display version.") flag.Parse() @@ -118,7 +128,20 @@ func main() { // server http.HandleFunc("/", proxy.handle) - http.ListenAndServe(":"+*port, nil) + + if *tls != true { + err = http.ListenAndServe(":"+*port, nil) + if err != nil { + fmt.Printf("Error starting proxy: %s\n", err.Error()) + } + os.Exit(0) + } + + logger.Info("Starting proxy in TLS mode.") + err = http.ListenAndServeTLS(":"+*port, *crt, *key, nil) + if err != nil { + fmt.Printf("Error starting proxyin TLS mode: %s\n", err.Error()) + } } // getEnv gets an environment variable or sets a default if