robin/haze
1
0
Fork 0
mirror of https://codeberg.org/icewind/haze.git synced 2026-06-03 09:04:12 +02:00
Code Issues Projects Releases Wiki Activity

push: add all local ips as trusted proxies

Browse source
This commit is contained in:
Robin Appelman 2025-08-07 18:07:25 +02:00
commit 6a043913fa
6 changed files with 116 additions and 45 deletions
Download patch file Download diff file Expand all files Collapse all files

6
src/proxy.rs
View file

@ -57,7 +57,11 @@ impl ActiveInstances {
let service = cloud
.services()
.find(|service| service.name() == service_name)?;
let ip = service.get_ip(&self.docker, &cloud.id).await.ok()??;
let ip = service
.get_ips(&self.docker, &cloud.id)
.await
.ok()?
.next()?;
SocketAddr::new(ip, service.proxy_port())
} else {
SocketAddr::new(

26
src/service.rs
View file

@ -36,7 +36,9 @@ use enum_dispatch::enum_dispatch;
use miette::{IntoDiagnostic, Report, Result, WrapErr};
use serde_json::Value;
use std::collections::HashMap;
use std::iter::empty;
use std::net::IpAddr;
use std::str::FromStr;
use std::time::Duration;
use tokio::time::{sleep, timeout};
@ -128,9 +130,13 @@ pub trait ServiceTrait {
.wrap_err("Timeout after 30 seconds")?
}
async fn get_ip(&self, docker: &Docker, cloud_id: &str) -> Result<Option<IpAddr>> {
async fn get_ips(
&self,
docker: &Docker,
cloud_id: &str,
) -> Result<Box<dyn Iterator<Item = IpAddr>>> {
let Some(container) = self.container_name(cloud_id) else {
return Ok(None);
return Ok(Box::new(empty()));
};
docker
.start_container::<String>(&container, None)
@ -151,20 +157,16 @@ pub trait ServiceTrait {
..
})
) {
info.network_settings
let ips: Vec<_> = info
.network_settings
.unwrap()
.networks
.unwrap()
.values()
.next()
.unwrap()
.ip_address
.clone()
.unwrap()
.parse()
.into_diagnostic()
.map(Some)
.wrap_err("Invalid ip address")
.filter_map(|network| network.ip_address.clone())
.filter_map(|address| IpAddr::from_str(&address).ok())
.collect();
Ok(Box::new(ips.into_iter()))
} else {
Err(Report::msg("service not started"))
}

2
src/service/oc.rs
View file

@ -86,7 +86,7 @@ impl ServiceTrait for Oc {
cloud_id: &str,
config: &HazeConfig,
) -> Result<Vec<String>> {
if let Some(ip) = self.get_ip(docker, cloud_id).await? {
if let Some(ip) = self.get_ips(docker, cloud_id).await?.next() {
let container = self.container_name(cloud_id).unwrap();
let addr = config.proxy.addr(&container, ip);
println!("OC running on {addr}");

31
src/service/push.rs
View file

@ -5,6 +5,7 @@ use crate::service::ServiceTrait;
use bollard::container::{Config, CreateContainerOptions, NetworkingConfig};
use bollard::models::{EndpointSettings, HostConfig};
use bollard::Docker;
use local_ip_address::list_afinet_netifas;
use maplit::hashmap;
use miette::{IntoDiagnostic, Result};
@ -87,14 +88,28 @@ impl ServiceTrait for NotifyPush {
cloud_id: &str,
config: &HazeConfig,
) -> Result<Vec<String>> {
let ip = self.get_ip(docker, cloud_id).await?.unwrap();
let addr = config
.proxy
.addr_with_port(&self.container_name(cloud_id).unwrap(), ip, 7867);
Ok(vec![
format!("occ config:system:set trusted_proxies 1 --value {}", ip),
format!("occ notify_push:setup {}", addr),
])
let mut ips: Vec<_> = self.get_ips(docker, cloud_id).await?.collect();
if let Ok(local_interfaces) = list_afinet_netifas() {
ips.extend(local_interfaces.into_iter().map(|(_, ip)| ip));
}
let mut commands: Vec<_> = ips
.iter()
.enumerate()
.map(|(i, ip)| {
format!(
"occ config:system:set trusted_proxies {} --value {ip}",
i + 1
)
})
.collect();
let addr =
config
.proxy
.addr_with_port(&self.container_name(cloud_id).unwrap(), ips[0], 7867);
commands.push(format!("occ notify_push:setup {}", addr));
Ok(commands)
}
fn proxy_port(&self) -> u16 {