206 lines
6.6 KiB
Go
206 lines
6.6 KiB
Go
package main
|
|
|
|
import (
|
|
"crypto/tls"
|
|
"io"
|
|
"log"
|
|
"net/http"
|
|
"os"
|
|
"path/filepath"
|
|
"runtime"
|
|
"strings"
|
|
"sync"
|
|
"time"
|
|
)
|
|
|
|
// Shared global variables used across all files
|
|
var (
|
|
config Config // Holds the proxy configuration loaded from config.yaml
|
|
configMux sync.RWMutex // Mutex for thread-safe access to config
|
|
cert *tls.Certificate // TLS certificate for HTTPS server
|
|
baseDir string // Base directory (working dir for go run, executable dir for binary)
|
|
certDir string // Directory for certificates
|
|
certPath string // Path to certificate file
|
|
keyPath string // Path to private key file
|
|
configPath string // Path to config.yaml
|
|
|
|
// Loggers for different types of events
|
|
errorLogger *log.Logger // Logs errors to errors.log and console
|
|
refreshLogger *log.Logger // Logs config/certificate refreshes to refresh.log and console
|
|
trafficLogger *log.Logger // Logs traffic to traffic-YYYY-MM-DD.log and console
|
|
)
|
|
|
|
// init sets up the base directory and initializes logging
|
|
func init() {
|
|
// Determine base directory based on execution context
|
|
if runtime.GOOS == "windows" && len(os.Args) > 0 && filepath.Ext(os.Args[0]) == ".go" {
|
|
// For "go run", use current working directory
|
|
var err error
|
|
baseDir, err = os.Getwd()
|
|
if err != nil {
|
|
log.Fatalf("Failed to get working directory: %v", err)
|
|
}
|
|
} else {
|
|
// For compiled binary, use executable's directory
|
|
exePath, err := os.Executable()
|
|
if err != nil {
|
|
log.Fatalf("Failed to get executable path: %v", err)
|
|
}
|
|
baseDir = filepath.Dir(exePath)
|
|
}
|
|
|
|
// Initialize logging to files and console
|
|
setupLogging()
|
|
}
|
|
|
|
// setupLogging configures loggers for errors, refreshes, and traffic
|
|
func setupLogging() {
|
|
logsDir := filepath.Join(baseDir, "logs")
|
|
if err := os.MkdirAll(logsDir, 0755); err != nil {
|
|
log.Fatalf("Failed to create logs directory: %v", err)
|
|
}
|
|
|
|
// Error log: writes to errors.log and stdout
|
|
errorFile, err := os.OpenFile(filepath.Join(logsDir, "errors.log"), os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644)
|
|
if err != nil {
|
|
log.Fatalf("Failed to open errors.log: %v", err)
|
|
}
|
|
errorLogger = log.New(io.MultiWriter(os.Stdout, errorFile), "ERROR: ", log.Ldate|log.Ltime|log.Lshortfile)
|
|
|
|
// Refresh log: writes to refresh.log and stdout
|
|
refreshFile, err := os.OpenFile(filepath.Join(logsDir, "refresh.log"), os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644)
|
|
if err != nil {
|
|
log.Fatalf("Failed to open refresh.log: %v", err)
|
|
}
|
|
refreshLogger = log.New(io.MultiWriter(os.Stdout, refreshFile), "REFRESH: ", log.Ldate|log.Ltime|log.Lshortfile)
|
|
|
|
// Traffic log: managed in a goroutine for daily rotation
|
|
go manageTrafficLogs(logsDir)
|
|
}
|
|
|
|
// manageTrafficLogs handles daily rotation of traffic logs with 7-day retention
|
|
func manageTrafficLogs(logsDir string) {
|
|
for {
|
|
dateStr := time.Now().Format("2006-01-02")
|
|
trafficFile, err := os.OpenFile(filepath.Join(logsDir, "traffic-"+dateStr+".log"), os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644)
|
|
if err != nil {
|
|
errorLogger.Printf("Failed to open traffic log: %v", err)
|
|
time.Sleep(1 * time.Minute)
|
|
continue
|
|
}
|
|
trafficLogger = log.New(io.MultiWriter(os.Stdout, trafficFile), "TRAFFIC: ", log.Ldate|log.Ltime)
|
|
|
|
// Cleanup logs older than 7 days
|
|
cleanupOldLogs(logsDir)
|
|
|
|
// Wait until next day
|
|
nextDay := time.Now().Truncate(24 * time.Hour).Add(24 * time.Hour)
|
|
time.Sleep(time.Until(nextDay))
|
|
trafficFile.Close()
|
|
}
|
|
}
|
|
|
|
// cleanupOldLogs removes traffic logs older than 7 days
|
|
func cleanupOldLogs(logsDir string) {
|
|
files, err := os.ReadDir(logsDir)
|
|
if err != nil {
|
|
errorLogger.Printf("Failed to read logs directory: %v", err)
|
|
return
|
|
}
|
|
|
|
cutoff := time.Now().AddDate(0, 0, -7)
|
|
for _, file := range files {
|
|
if strings.HasPrefix(file.Name(), "traffic-") && file.Name() != "traffic-"+time.Now().Format("2006-01-02")+".log" {
|
|
info, err := file.Info()
|
|
if err != nil {
|
|
continue
|
|
}
|
|
if info.ModTime().Before(cutoff) {
|
|
if err := os.Remove(filepath.Join(logsDir, file.Name())); err != nil {
|
|
errorLogger.Printf("Failed to remove old log %s: %v", file.Name(), err)
|
|
} else {
|
|
refreshLogger.Printf("Removed old traffic log: %s", file.Name())
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
// main is the entry point, setting up and running the HTTP/HTTPS servers
|
|
func main() {
|
|
// Set config file path and load or generate initial config
|
|
configPath = filepath.Join(baseDir, "config.yaml")
|
|
if _, err := os.Stat(configPath); os.IsNotExist(err) {
|
|
config = generateDefaultConfig()
|
|
if err := saveConfig(config); err != nil {
|
|
errorLogger.Fatalf("Failed to save default config: %v", err)
|
|
}
|
|
refreshLogger.Println("Generated default config file")
|
|
} else {
|
|
cfg, err := loadConfig()
|
|
if err != nil {
|
|
errorLogger.Fatalf("Failed to load config: %v", err)
|
|
}
|
|
config = cfg
|
|
}
|
|
|
|
// Update certificate and config paths based on loaded config
|
|
updatePaths()
|
|
|
|
// Generate or load TLS certificate
|
|
_, certErr := os.Stat(certPath)
|
|
_, keyErr := os.Stat(keyPath)
|
|
if os.IsNotExist(certErr) || os.IsNotExist(keyErr) {
|
|
if err := generateSelfSignedCert(); err != nil {
|
|
errorLogger.Fatalf("Failed to generate self-signed certificate: %v", err)
|
|
}
|
|
}
|
|
if err := loadCertificate(); err != nil {
|
|
errorLogger.Fatalf("Failed to load certificate: %v", err)
|
|
}
|
|
|
|
// Start background monitoring for config and certificate changes
|
|
go monitorCertificates()
|
|
go monitorConfig()
|
|
|
|
// Configure HTTP server with timeouts for robustness
|
|
httpServer := &http.Server{
|
|
Addr: config.ListenHTTP,
|
|
Handler: http.HandlerFunc(handler),
|
|
MaxHeaderBytes: 1 << 20, // 1 MB max header size
|
|
ReadTimeout: 10 * time.Second,
|
|
WriteTimeout: 10 * time.Second,
|
|
}
|
|
|
|
// Configure HTTPS server with TLS and certificate fetching
|
|
tlsConfig := &tls.Config{
|
|
GetCertificate: func(*tls.ClientHelloInfo) (*tls.Certificate, error) {
|
|
configMux.RLock()
|
|
defer configMux.RUnlock()
|
|
return cert, nil
|
|
},
|
|
}
|
|
httpsServer := &http.Server{
|
|
Addr: config.ListenHTTPS,
|
|
Handler: http.HandlerFunc(handler),
|
|
TLSConfig: tlsConfig,
|
|
MaxHeaderBytes: 1 << 20,
|
|
ReadTimeout: 10 * time.Second,
|
|
WriteTimeout: 10 * time.Second,
|
|
}
|
|
|
|
// Start HTTP server in a goroutine
|
|
go func() {
|
|
refreshLogger.Printf("Starting HTTP server on %s", config.ListenHTTP)
|
|
if err := httpServer.ListenAndServe(); err != nil && err != http.ErrServerClosed {
|
|
errorLogger.Fatalf("HTTP server error: %v", err)
|
|
}
|
|
}()
|
|
|
|
// Start HTTPS server in the main goroutine
|
|
refreshLogger.Printf("Starting HTTPS server on %s", config.ListenHTTPS)
|
|
if err := httpsServer.ListenAndServeTLS("", ""); err != nil && err != http.ErrServerClosed {
|
|
errorLogger.Fatalf("HTTPS server error: %v", err)
|
|
}
|
|
}
|