search

cloudflare / pingora

A library for building fast, reliable and evolvable network services.
Apache License 2.0
20.3k stars 1.1k forks source link

Adding openssl to simple reverse proxy #129

Closed ASoldo closed 3 months ago

ASoldo commented 3 months ago

What is the problem your feature solves, or the need it fulfills?

I'm new to pingora and I'm trying to do simple nginx replacement for my nuxt3 project. I don't know how to do Rust part of openssl. Can you tell me what I need to do in order to have https for my web app that is running on localhost:3000?

A clear and concise description of why this feature should be added. What is the problem? Who is this for? This is my code so far:

use async_trait::async_trait;

use pingora_core::server::Server;
use pingora_core::upstreams::peer::HttpPeer;
use pingora_core::Result;
use pingora_openssl::ssl::{SslAcceptor, SslFiletype, SslMethod};
use pingora_proxy::{ProxyHttp, Session};

pub struct MyProxy {}

#[async_trait]
impl ProxyHttp for MyProxy {
    type CTX = ();
    fn new_ctx(&self) -> Self::CTX {
        ()
    }

    async fn request_filter(&self, session: &mut Session, _ctx: &mut Self::CTX) -> Result<bool> {
        session
            .req_header_mut()
            .insert_header("Host", "127.0.0.1")
            .unwrap();
        Ok(false)
    }

    async fn upstream_peer(
        &self,
        _session: &mut Session,
        _ctx: &mut Self::CTX,
    ) -> Result<Box<HttpPeer>> {
        let addr = ("127.0.0.1", 3000);

        let peer = Box::new(HttpPeer::new(addr, false, "127.0.0.1".to_string()));
        Ok(peer)
    }
}

fn main() {
    env_logger::init();

    let mut my_server = Server::new(None).unwrap();
    my_server.bootstrap();

    let mut acceptor = SslAcceptor::mozilla_intermediate(SslMethod::tls()).unwrap();
    acceptor
        .set_private_key_file("key.pem", SslFiletype::PEM)
        .unwrap();
    acceptor.set_certificate_chain_file("cert.pem").unwrap();
    let acceptor = acceptor.build();

    let mut my_proxy = pingora_proxy::http_proxy_service(&my_server.configuration, MyProxy {});
    my_proxy.add_tcp("0.0.0.0:8888");

    my_server.add_service(my_proxy);
    my_server.run_forever();
}

and my Cargo.toml:

[package]
name = "pingora-proj"
version = "0.1.0"
edition = "2021"

[dependencies]
async-trait = "0.1.77"
env_logger = "0.11.3"
log = "0.4.21"
pingora = { version = "0.1.0", features = ["lb"]}
pingora-core = "0.1.0"
pingora-http = "0.1.0"
pingora-openssl = "0.1.0"
pingora-proxy = "0.1.0"
structopt = "0.3.26"

Describe the solution you'd like

I wanna be able to serve my apps with https and to learn how to do it.

Additional context

I am new to pingora and creating reverse proxies by myself but I've used Nginx and CaddyV2 in the past and I'm just trying to create simple demo that I can work with and learn from it by deploying on my EC2 instances with DNS that own.

Thank you!

eaufavor commented 3 months ago

See the example https://github.com/cloudflare/pingora/blob/main/pingora-proxy/examples/load_balancer.rs#L85-L93

github-actions[bot] commented 3 months ago

This question has been stale for a week. It will be closed in an additional day if not updated.

github-actions[bot] commented 3 months ago

This issue has been closed because it has been stalled with no activity.