name based virtual host support

fujiwara · fujiwara · commit 4d0dd19c9e0f · 2014-08-25T18:09:24.000+09:00
diff --git a/README.md b/README.md
@@ -109,6 +109,29 @@ auth:
     api_endpoint: https://github.yourcompany.com/api
 ```
 
+## Name Based Virtual Host
+
+An example of "Name Based Viatual Host" setting.
+
+```yaml
+auth:
+  session:
+    # authentication key for cookie store
+    key: secret123
+    # domain of virtual hosts base host
+    cookie_domain: gate.example.com
+
+# proxy definitions
+proxy:
+  - path: /
+    host: elasticsearch.gate.example.com
+    dest: http://127.0.0.1:9200
+
+  - path: /
+    host: influxdb.gate.example.com
+    dest: http://127.0.0.1:8086
+```
+
 ## License
 
 MIT
diff --git a/conf.go b/conf.go
@@ -26,7 +26,8 @@ type AuthConf struct {
 }
 
 type AuthSessionConf struct {
-	Key string `yaml:"key"`
+	Key          string `yaml:"key"`
+	CookieDomain string `yaml:"cookie_domain"`
 }
 
 type AuthInfoConf struct {
@@ -42,6 +43,7 @@ type ProxyConf struct {
 	Path  string `yaml:"path"`
 	Dest  string `yaml:"dest"`
 	Strip bool   `yaml:"strip_path"`
+	Host  string `yaml:"host"`
 }
 
 func ParseConf(path string) (*Conf, error) {
diff --git a/httpd.go b/httpd.go
@@ -25,6 +25,17 @@ type User struct {
 	Email string
 }
 
+type Backend struct {
+	Host      string
+	URL       *url.URL
+	Strip     bool
+	StripPath string
+}
+
+const (
+	BackendHostHeader = "X-Gate-Backend-Host"
+)
+
 func NewServer(conf *Conf) *Server {
 	return &Server{conf}
 }
@@ -33,12 +44,19 @@ func (s *Server) Run() error {
 	m := martini.Classic()
 	a := NewAuthenticator(s.Conf)
 
-	m.Use(sessions.Sessions("session", sessions.NewCookieStore([]byte(s.Conf.Auth.Session.Key))))
+	cookieStore := sessions.NewCookieStore([]byte(s.Conf.Auth.Session.Key))
+	if domain := s.Conf.Auth.Session.CookieDomain; domain != "" {
+		cookieStore.Options(sessions.Options{Domain: domain})
+	}
+	m.Use(sessions.Sessions("session", cookieStore))
 	m.Use(a.Handler())
 
 	m.Use(loginRequired())
 	m.Use(restrictRequest(s.Conf.Restrictions, a))
 
+	backendsFor := make(map[string][]Backend)
+	backendIndex := make([]string, len(s.Conf.Proxies))
+
 	for i := range s.Conf.Proxies {
 		p := s.Conf.Proxies[i]
 
@@ -55,15 +73,24 @@ func (s *Server) Run() error {
 		if err != nil {
 			return err
 		}
+		backendsFor[p.Path] = append(backendsFor[p.Path], Backend{
+			Host:      p.Host,
+			URL:       u,
+			Strip:     p.Strip,
+			StripPath: strip_path,
+		})
+		backendIndex[i] = p.Path
+		log.Printf("register proxy host:%s path:%s dest:%s strip_path:%v", p.Host, strip_path, u.String(), p.Strip)
+	}
 
-		proxy := httputil.NewSingleHostReverseProxy(u)
-		if p.Strip {
-			m.Any(p.Path, http.StripPrefix(strip_path, proxyHandleWrapper(u, proxy)))
-		} else {
-			m.Any(p.Path, proxyHandleWrapper(u, proxy))
+	registered := make(map[string]bool)
+	for _, path := range backendIndex {
+		if registered[path] {
+			continue
 		}
-
-		log.Printf("register proxy path:%s dest:%s", strip_path, u.String())
+		proxy := newVirtualHostReverseProxy(backendsFor[path])
+		m.Any(path, proxyHandleWrapper(proxy))
+		registered[path] = true
 	}
 
 	path, err := filepath.Abs(s.Conf.Htdocs)
@@ -84,6 +111,34 @@ func (s *Server) Run() error {
 	}
 }
 
+func newVirtualHostReverseProxy(backends []Backend) http.Handler {
+	bmap := make(map[string]Backend)
+	for _, b := range backends {
+		bmap[b.Host] = b
+	}
+	defaultBackend, ok := bmap[""]
+	if !ok {
+		defaultBackend = backends[0]
+	}
+
+	director := func(req *http.Request) {
+		b, ok := bmap[req.Host]
+		if !ok {
+			b = defaultBackend
+		}
+		req.URL.Scheme = b.URL.Scheme
+		req.URL.Host = b.URL.Host
+		if b.Strip {
+			if p := strings.TrimPrefix(req.URL.Path, b.StripPath); len(p) < len(req.URL.Path) {
+				req.URL.Path = "/" + p
+			}
+		}
+		req.Header.Set(BackendHostHeader, req.URL.Host)
+		log.Println("backend url", req.URL.String())
+	}
+	return &httputil.ReverseProxy{Director: director}
+}
+
 func isWebsocket(r *http.Request) bool {
 	if strings.ToLower(r.Header.Get("Connection")) == "upgrade" &&
 		strings.ToLower(r.Header.Get("Upgrade")) == "websocket" {
@@ -93,11 +148,16 @@ func isWebsocket(r *http.Request) bool {
 	}
 }
 
-func proxyHandleWrapper(u *url.URL, handler http.Handler) http.Handler {
+func proxyHandleWrapper(handler http.Handler) http.Handler {
+	proxy, _ := handler.(*httputil.ReverseProxy)
+	director := proxy.Director
+
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		// websocket?
 		if isWebsocket(r) {
-			target := u.Host
+			director(r) // rewrite request headers for backend
+			target := r.Header.Get(BackendHostHeader)
+
 			if strings.HasPrefix(r.URL.Path, "/") == false {
 				r.URL.Path = "/" + r.URL.Path
 			}

Original file line number	Diff line number	Diff line change
`@@ -26,7 +26,8 @@ type AuthConf struct {`
`26`	`26`	`}`
`27`	`27`
`28`	`28`	`type AuthSessionConf struct {`
`29`		- Key string `yaml:"key"`
	`29`	+ Key string `yaml:"key"`
	`30`	+ CookieDomain string `yaml:"cookie_domain"`
`30`	`31`	`}`
`31`	`32`
`32`	`33`	`type AuthInfoConf struct {`
`@@ -42,6 +43,7 @@ type ProxyConf struct {`
`42`	`43`	Path string `yaml:"path"`
`43`	`44`	Dest string `yaml:"dest"`
`44`	`45`	Strip bool `yaml:"strip_path"`
	`46`	+ Host string `yaml:"host"`
`45`	`47`	`}`
`46`	`48`
`47`	`49`	`func ParseConf(path string) (*Conf, error) {`