diff options
| author | Aurelia <git@acuteaura.net> | 2025-04-25 13:59:55 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-04-25 11:59:55 +0000 |
| commit | a420db8b8a3597b56bcc6dc7d1fc5f5d7d932448 (patch) | |
| tree | a8962aafc94ffd192a23a912c01b73f574dcce6b /test/unix-socket-xff | |
| parent | 5a4f68d384895b09c45d0c6ebb09b069603c363b (diff) | |
| download | anubis-a420db8b8a3597b56bcc6dc7d1fc5f5d7d932448.tar.xz anubis-a420db8b8a3597b56bcc6dc7d1fc5f5d7d932448.zip | |
feat: more elaborate XFF compute (#350)
* feat: more elaborate XFF compute
#328 followup
now featuring configuration and
defaults that shouldn't break most
setups.
fixes #344
* refactor: obvious condition eval order optimization
* feat: add StripLLU implementation
* chore: I'm sorry it's 7 AM
* test: add test environment for unix socket serving
Signed-off-by: Xe Iaso <me@xeiaso.net>
* test(unix-socket-xff): comment out the shell script more
Signed-off-by: Xe Iaso <me@xeiaso.net>
* fix(internal): fix logic bug in XFF computation, add tests
Signed-off-by: Xe Iaso <me@xeiaso.net>
* fix(internal): prevent panic in local testing
Signed-off-by: Xe Iaso <me@xeiaso.net>
* fix(internal): shuffle around return values to flow better
Signed-off-by: Xe Iaso <me@xeiaso.net>
---------
Signed-off-by: Xe Iaso <me@xeiaso.net>
Co-authored-by: Xe Iaso <me@xeiaso.net>
Diffstat (limited to 'test/unix-socket-xff')
| -rwxr-xr-x | test/unix-socket-xff/start.sh | 54 |
1 files changed, 54 insertions, 0 deletions
diff --git a/test/unix-socket-xff/start.sh b/test/unix-socket-xff/start.sh new file mode 100755 index 0000000..2d13fba --- /dev/null +++ b/test/unix-socket-xff/start.sh @@ -0,0 +1,54 @@ +#!/usr/bin/env bash + +set -euo pipefail + +# Remove lingering .sock files, relayd and unixhttpd will do that too but +# measure twice, cut once. +rm *.sock ||: + +# If the transient local TLS certificate doesn't exist, mint a new one +if [ ! -f ../pki/relayd.local.cetacean.club/cert.pem ]; then + # Subshell to contain the directory change + ( + cd ../pki \ + && mkdir -p relayd.local.cetacean.club \ + && \ + # Try using https://github.com/FiloSottile/mkcert for better DevEx, + # but fall back to using https://github.com/jsha/minica in case + # you don't have that installed. + ( + mkcert \ + --cert-file ./relayd.local.cetacean.club/cert.pem \ + --key-file ./relayd.local.cetacean.club/key.pem relayd.local.cetacean.club \ + || go tool minica -domains relayd.local.cetacean.club + ) + ) +fi + +# Build static assets +(cd ../.. && npm ci && npm run assets) + +# Spawn three jobs: + +# HTTP daemon that listens over a unix socket (implicitly ./unixhttpd.sock) +go run ../cmd/unixhttpd & + +# A copy of Anubis, specifically for the current Git checkout +go tool anubis \ + --bind=./anubis.sock \ + --bind-network=unix \ + --target=unix://$(pwd)/unixhttpd.sock & + +# A simple TLS terminator that forwards to Anubis, which will forward to +# unixhttpd +go run ../cmd/relayd \ + --proxy-to=unix://./anubis.sock \ + --cert-dir=../pki/relayd.local.cetacean.club & + +# When you press control c, kill all the child processes to clean things up +trap 'echo signal received!; kill $(jobs -p); wait' SIGINT SIGTERM + +echo "open https://relayd.local.cetacean.club:3004/reqmeta" + +# Wait for all child processes to exit +wait |