From a87d911494f8a5d98d6f3e70271e482f5b9e37d5 Mon Sep 17 00:00:00 2001 From: Elmar Kresse Date: Tue, 18 Jun 2024 16:19:25 +0200 Subject: [PATCH] feat:#36 added real ip for proxy, extended error logging --- docker-compose.yml | 3 ++- reverseproxy.conf | 7 +++++ reverseproxy.dev.conf | 7 +++++ reverseproxy.local.conf | 7 +++++ services/data-manager/service/grpc/server.go | 13 +++++++--- services/go.mod | 6 +++++ services/go.sum | 8 ++++++ services/ical/main.go | 26 +++++++++++++------ .../ical/service/connector/feedConnector.go | 1 + services/ical/service/routes.go | 17 ++++++------ 10 files changed, 74 insertions(+), 21 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index eef364e..922610f 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -32,7 +32,8 @@ services: dockerfile: ./ical/Dockerfile context: ./services target: dev # prod - + environment: + - DATA_MANAGER_URL=htwkalender-data-manager htwkalender-frontend: build: diff --git a/reverseproxy.conf b/reverseproxy.conf index c01c32c..86eb2dd 100644 --- a/reverseproxy.conf +++ b/reverseproxy.conf @@ -93,6 +93,13 @@ http { proxy_temp_file_write_size 64k; proxy_max_temp_file_size 1024m; + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-Server $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Host $host; + geo $admin { default 1; 10.0.0.0/8 0; # Private Network diff --git a/reverseproxy.dev.conf b/reverseproxy.dev.conf index 7a6bf6b..ed8a7de 100644 --- a/reverseproxy.dev.conf +++ b/reverseproxy.dev.conf @@ -94,6 +94,13 @@ http { proxy_temp_file_write_size 64k; proxy_max_temp_file_size 1024m; + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-Server $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Host $host; + geo $admin { default 1; 10.0.0.0/8 0; # Private Network diff --git a/reverseproxy.local.conf b/reverseproxy.local.conf index 16c5eba..8846d6d 100644 --- a/reverseproxy.local.conf +++ b/reverseproxy.local.conf @@ -50,6 +50,13 @@ http { proxy_temp_file_write_size 64k; proxy_max_temp_file_size 1024m; + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-Server $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Host $host; + server { listen 80; diff --git a/services/data-manager/service/grpc/server.go b/services/data-manager/service/grpc/server.go index 7841b5e..edf3191 100644 --- a/services/data-manager/service/grpc/server.go +++ b/services/data-manager/service/grpc/server.go @@ -18,8 +18,12 @@ type ModulesGrpcHandler struct { func (s *ModulesGrpcHandler) GetModule(ctx context.Context, in *pb.GetModuleRequest) (*pb.GetModuleResponse, error) { - // get module from database by UUID + s.app.Logger().Info( + "Protobuf - GetModule", + "uuid", in.Uuid, + ) + // get module from database by UUID module, err := db.FindModuleByUUID(s.app, in.Uuid) if err != nil { return nil, err @@ -35,7 +39,6 @@ func (s *ModulesGrpcHandler) GetModule(ctx context.Context, in *pb.GetModuleRequ for _, event := range events { protoEvents = append(protoEvents, eventToProto(&event)) } - //map module to proto struct protoModule := &pb.Module{ Uuid: module.UUID, @@ -45,7 +48,6 @@ func (s *ModulesGrpcHandler) GetModule(ctx context.Context, in *pb.GetModuleRequ Semester: module.Semester, Events: protoEvents, } - // Implement your logic here to fetch module data based on the UUID // Example response return &pb.GetModuleResponse{ @@ -70,6 +72,11 @@ func StartGRPCServer(app *pocketbase.PocketBase) { func (s *ModulesGrpcHandler) GetEventsForModules(ctx context.Context, in *pb.GetModulesRequest) (*pb.GetEventsResponse, error) { + s.app.Logger().Info( + "Protobuf - GetEventsForModules", + "uuids", in.Uuids, + ) + events, err := db.GetPlanForModules(s.app, in.Uuids) if err != nil { return nil, err diff --git a/services/go.mod b/services/go.mod index 036f954..015e6a1 100644 --- a/services/go.mod +++ b/services/go.mod @@ -10,6 +10,7 @@ require ( github.com/labstack/echo/v5 v5.0.0-20230722203903-ec5b858dab61 github.com/pocketbase/dbx v1.10.1 github.com/pocketbase/pocketbase v0.22.12 + github.com/samber/slog-fiber v1.15.3 golang.org/x/net v0.26.0 google.golang.org/grpc v1.63.2 google.golang.org/protobuf v1.34.1 @@ -47,6 +48,7 @@ require ( github.com/ganigeorgiev/fexpr v0.4.0 // indirect github.com/go-ozzo/ozzo-validation/v4 v4.3.0 // indirect github.com/goccy/go-json v0.10.2 // indirect + github.com/gofiber/fiber/v2 v2.52.1 // indirect github.com/gofiber/utils/v2 v2.0.0-beta.4 // indirect github.com/golang-jwt/jwt/v4 v4.5.0 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect @@ -58,10 +60,12 @@ require ( github.com/klauspost/compress v1.17.6 // indirect github.com/mattn/go-colorable v0.1.13 // indirect github.com/mattn/go-isatty v0.0.20 // indirect + github.com/mattn/go-runewidth v0.0.15 // indirect github.com/mattn/go-sqlite3 v1.14.22 // indirect github.com/mgutz/ansi v0.0.0-20200706080929-d51e80ef957d // indirect github.com/ncruces/go-strftime v0.1.9 // indirect github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec // indirect + github.com/rivo/uniseg v0.2.0 // indirect github.com/spf13/cast v1.6.0 // indirect github.com/spf13/cobra v1.8.0 // indirect github.com/spf13/pflag v1.0.5 // indirect @@ -70,6 +74,8 @@ require ( github.com/valyala/fasttemplate v1.2.2 // indirect github.com/valyala/tcplisten v1.0.0 // indirect go.opencensus.io v0.24.0 // indirect + go.opentelemetry.io/otel v1.24.0 // indirect + go.opentelemetry.io/otel/trace v1.24.0 // indirect gocloud.dev v0.37.0 // indirect golang.org/x/crypto v0.24.0 // indirect golang.org/x/image v0.16.0 // indirect diff --git a/services/go.sum b/services/go.sum index 407fba5..2d8a28a 100644 --- a/services/go.sum +++ b/services/go.sum @@ -109,6 +109,8 @@ github.com/go-sql-driver/mysql v1.8.0 h1:UtktXaU2Nb64z/pLiGIxY4431SJ4/dR5cjMmlVH github.com/go-sql-driver/mysql v1.8.0/go.mod h1:wEBSXgmK//2ZFJyE+qWnIsVGmvmEKlqwuVSjsCm7DZg= github.com/goccy/go-json v0.10.2 h1:CrxCmQqYDkv1z7lO7Wbh2HN93uovUHgrECaO5ZrCXAU= github.com/goccy/go-json v0.10.2/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I= +github.com/gofiber/fiber/v2 v2.52.1 h1:1RoU2NS+b98o1L77sdl5mboGPiW+0Ypsi5oLmcYlgHI= +github.com/gofiber/fiber/v2 v2.52.1/go.mod h1:KEOE+cXMhXG0zHc9d8+E38hoX+ZN7bhOtgeF2oT6jrQ= github.com/gofiber/fiber/v3 v3.0.0-beta.2 h1:mVVgt8PTaHGup3NGl/+7U7nEoZaXJ5OComV4E+HpAao= github.com/gofiber/fiber/v3 v3.0.0-beta.2/go.mod h1:w7sdfTY0okjZ1oVH6rSOGvuACUIt0By1iK0HKUb3uqM= github.com/gofiber/utils/v2 v2.0.0-beta.4 h1:1gjbVFFwVwUb9arPcqiB6iEjHBwo7cHsyS41NeIW3co= @@ -185,6 +187,8 @@ github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hd github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= +github.com/mattn/go-runewidth v0.0.15 h1:UNAjwbU9l54TA3KzvqLGxwWjHmMgBUVhBiTjelZgg3U= +github.com/mattn/go-runewidth v0.0.15/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= github.com/mattn/go-sqlite3 v1.14.6/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU= github.com/mattn/go-sqlite3 v1.14.22 h1:2gZY6PC6kBnID23Tichd1K+Z0oS6nE/XwU+Vz/5o4kU= github.com/mattn/go-sqlite3 v1.14.22/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y= @@ -202,9 +206,13 @@ github.com/pocketbase/pocketbase v0.22.12/go.mod h1:yY/3IGi1tUbcI6yGVFspAyKi/IDH github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec h1:W09IVJc94icq4NjY3clb7Lk8O1qJ8BdBEF8z0ibU0rE= github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo= +github.com/rivo/uniseg v0.2.0 h1:S1pD9weZBuJdFmowNwbpi7BJ8TNftyUImj/0WQi72jY= +github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= github.com/rogpeppe/go-internal v1.9.0 h1:73kH8U+JUqXU8lRuOHeVHaa/SZPifC7BkcraZVejAe8= github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= +github.com/samber/slog-fiber v1.15.3 h1:RbfC0v2QPIEXoRdort2QxAsRG42LVaFTEgTNS/0GwRQ= +github.com/samber/slog-fiber v1.15.3/go.mod h1:I0b8eJ060SlpA65LXiqH7lZixUCkAPKiEGZqkT9QJOM= github.com/spf13/cast v1.6.0 h1:GEiTHELF+vaR5dhz3VqZfFSzZjYbgeKDpBxQVS4GYJ0= github.com/spf13/cast v1.6.0/go.mod h1:ancEpBxwJDODSW/UG4rDrAqiKolqNNh2DX3mk86cAdo= github.com/spf13/cobra v1.8.0 h1:7aJaZx1B85qltLMc546zn58BxxfZdR/W22ej9CFoEf0= diff --git a/services/ical/main.go b/services/ical/main.go index b1a3138..353af6d 100644 --- a/services/ical/main.go +++ b/services/ical/main.go @@ -18,18 +18,25 @@ package main import ( "github.com/gofiber/fiber/v3" - "github.com/gofiber/fiber/v3/log" "github.com/gofiber/fiber/v3/middleware/logger" "htwkalender/ical/model" "htwkalender/ical/service" "htwkalender/ical/service/connector/grpc" + "log/slog" + "os" ) // main function for the ical service // uses rest api to get the data from the data-manager // exposes rest api endpoints with fiber to serve the data for clients func main() { - const host = "htwkalender-data-manager" + + // get host from env if this is not set use default value 127.0.0.1 + + host := os.Getenv("DATA_MANAGER_URL") + if host == "" { + host = "127.0.0.1" + } grpcClient := grpc.ConnectGRPCServer(host) defer grpc.CloseGRPCServer(grpcClient) @@ -38,11 +45,14 @@ func main() { webdavRequestMethods := []string{"PROPFIND", "MKCOL", "COPY", "MOVE"} fiberApp := fiber.New(fiber.Config{ - CaseSensitive: true, - StrictRouting: true, - ServerHeader: "Fiber", - AppName: "App Name", - RequestMethods: append(fiber.DefaultMethods[:], webdavRequestMethods...), + CaseSensitive: true, + StrictRouting: true, + ServerHeader: "HTWKalender iCal Service", + AppName: "HTWKalender iCal Service", + RequestMethods: append(fiber.DefaultMethods[:], webdavRequestMethods...), + EnableTrustedProxyCheck: true, + TrustedProxies: []string{"172.16.0.0/12", "172.18.0.5", "172.18.0.1"}, + ProxyHeader: "X-Forwarded-For", }) var app = model.AppType{ @@ -57,5 +67,5 @@ func main() { // Add routes to the app instance for the data-manager ical service service.AddFeedRoutes(app) - log.Fatal(fiberApp.Listen(":8091")) + slog.Info("Starting ical service", fiberApp.Listen(":8091")) } diff --git a/services/ical/service/connector/feedConnector.go b/services/ical/service/connector/feedConnector.go index 35b7f1a..e545791 100644 --- a/services/ical/service/connector/feedConnector.go +++ b/services/ical/service/connector/feedConnector.go @@ -14,6 +14,7 @@ func GetFeedByToken(host string, token string) (model.FeedRecord, error) { response, err := RequestApi(host, "/api/collections/feeds/records/"+token) if err != nil { + slog.Error("Failed to get feed record", "error", err) return model.FeedRecord{}, err } diff --git a/services/ical/service/routes.go b/services/ical/service/routes.go index 7e2088f..3aa0381 100644 --- a/services/ical/service/routes.go +++ b/services/ical/service/routes.go @@ -3,7 +3,6 @@ package service import ( "encoding/json" "github.com/gofiber/fiber/v3" - "github.com/gofiber/fiber/v3/log" "htwkalender/ical/model" "htwkalender/ical/service/ical" "log/slog" @@ -21,8 +20,8 @@ func AddFeedRoutes(app model.AppType) { results, err := ical.Feed(app, token) if err != nil { - slog.Error("Failed to get feed", "error", err) - return c.SendStatus(fiber.StatusInternalServerError) + slog.Error("Failed to get feed", "error", err, "token", token) + return c.SendStatus(fiber.StatusBadRequest) } c.Response().Header.Set("Content-type", "text/calendar") c.Response().Header.Set("charset", "utf-8") @@ -38,7 +37,7 @@ func AddFeedRoutes(app model.AppType) { //obtain the body of the request err := json.Unmarshal(c.Body(), &modules) if err != nil { - log.Error("Failed to unmarshal request body", "error", err) + slog.Error("Failed to parse request body", "error", err, "body", string(c.Body())) return c.SendStatus(fiber.StatusBadRequest) } @@ -46,8 +45,8 @@ func AddFeedRoutes(app model.AppType) { token, err := ical.CreateFeed(app, modules) if err != nil { println(err) - log.Error("Failed to create feed", "error", err) - return c.SendStatus(fiber.StatusInternalServerError) + slog.Error("Failed to create feed", "error", err) + return c.SendStatus(fiber.StatusBadRequest) } return c.JSON(token) @@ -60,8 +59,8 @@ func AddFeedRoutes(app model.AppType) { results, err := ical.FeedRecord(app, token) if err != nil { - slog.Error("Failed to get feed", "error", err) - return c.SendStatus(fiber.StatusInternalServerError) + slog.Error("Failed to get feed", "error", err, "token", token) + return c.SendStatus(fiber.StatusBadRequest) } c.Response().Header.Set("Content-type", "application/json; charset=UTF-8") @@ -73,7 +72,7 @@ func AddFeedRoutes(app model.AppType) { token := c.Query("token") err := ical.DeleteFeedRecord(app, token) if err != nil { - slog.Error("Feed could not be deleted", "error", err) + slog.Error("Feed could not be deleted", "error", err, "token", token) return c.JSON(http.StatusNotFound, "Feed could not be deleted") } else { return c.JSON(http.StatusOK, "Feed deleted")