github
/
frp
mirror of https://github.com/fatedier/frp
1
0
Fork 0
Code Issues Releases Wiki Activity

Resolved maintainer comments: removed examples, reduce log verbosity, and unnecessary recover/defer blocks

pull/4939/head
SS 2025-08-16 11:57:53 +04:00
parent 5b4aea6454
commit 4835801e74
5 changed files with 16 additions and 67 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
README.md
View File

@ -954,28 +954,6 @@ loadBalancer.group = "web"
loadBalancer.groupKey = "123" loadBalancer.groupKey = "123"
``` ```
For HTTPS load balancing:
```toml
# frpc.toml
[[proxies]]
name = "web1"
type = "https"
localPort = 443
customDomains = ["example.com"]
loadBalancer.group = "web"
loadBalancer.groupKey = "123"
[[proxies]]
name = "web2"
type = "https"
localPort = 443
customDomains = ["example.com"]
loadBalancer.group = "web"
loadBalancer.groupKey = "123"
```
`loadBalancer.groupKey` is used for authentication. `loadBalancer.groupKey` is used for authentication.
Connections to port 80 will be dispatched to proxies in the same group randomly. Connections to port 80 will be dispatched to proxies in the same group randomly.

29
conf/frpc_full_example.toml
View File

@ -247,35 +247,6 @@ customDomains = ["web02.yourdomain.com"]
# v1 or v2 or empty # v1 or v2 or empty
transport.proxyProtocolVersion = "v2" transport.proxyProtocolVersion = "v2"
# HTTPS load balancing example
[[proxies]]
name = "web_lb_1"
type = "https"
localIP = "127.0.0.1"
localPort = 443
customDomains = ["app.yourdomain.com"]
loadBalancer.group = "web"
loadBalancer.groupKey = "123"
# Enable health check for load balancing
healthCheck.type = "tcp"
healthCheck.timeoutSeconds = 3
healthCheck.maxFailed = 3
healthCheck.intervalSeconds = 10
[[proxies]]
name = "web_lb_2"
type = "https"
localIP = "127.0.0.1"
localPort = 8443
customDomains = ["app.yourdomain.com"]
loadBalancer.group = "web"
loadBalancer.groupKey = "123"
# Enable health check for load balancing
healthCheck.type = "tcp"
healthCheck.timeoutSeconds = 3
healthCheck.maxFailed = 3
healthCheck.intervalSeconds = 10
[[proxies]] [[proxies]]
name = "tcpmuxhttpconnect" name = "tcpmuxhttpconnect"
type = "tcpmux" type = "tcpmux"

16
pkg/util/vhost/https.go
View File

@ -92,14 +92,11 @@ func (h *HTTPSMuxer) handleHTTPS(c net.Conn) {
// First check if there's a group route for this domain // First check if there's a group route for this domain
if h.httpsReverseProxy != nil { if h.httpsReverseProxy != nil {
if routeConfig := h.httpsReverseProxy.GetRouteConfig(canonicalHostname); routeConfig != nil { if routeConfig := h.httpsReverseProxy.GetRouteConfig(canonicalHostname); routeConfig != nil {
log.Debugf("routing https request for host [%s] to group", hostname)
// SECURITY: Apply authentication check before group routing // SECURITY: Apply authentication check before group routing
if routeConfig.Username != "" && routeConfig.Password != "" { if routeConfig.Username != "" && routeConfig.Password != "" {
if h.checkAuth != nil { if h.checkAuth != nil {
ok, err := h.checkAuth(c, routeConfig.Username, routeConfig.Password, reqInfoMap) ok, err := h.checkAuth(c, routeConfig.Username, routeConfig.Password, reqInfoMap)
if !ok || err != nil { if !ok || err != nil {
log.Debugf("auth failed for group route user: %s", routeConfig.Username)
h.failHook(sConn) h.failHook(sConn)
return return
} }
@ -123,22 +120,12 @@ func (h *HTTPSMuxer) handleHTTPS(c net.Conn) {
// Create connection to backend through group routing // Create connection to backend through group routing
remoteConn, err := h.httpsReverseProxy.CreateConnection(canonicalHostname) remoteConn, err := h.httpsReverseProxy.CreateConnection(canonicalHostname)
if err != nil { if err != nil {
log.Debugf("failed to create connection through group: %v", err)
h.failHook(sConn) h.failHook(sConn)
return return
} }
// Start proxying data between client and remote // Start proxying data between client and remote
go func() { go libio.Join(sConn, remoteConn)
defer func() {
if err := recover(); err != nil {
log.Warnf("panic in HTTPS proxy goroutine: %v", err)
}
}()
defer sConn.Close()
defer remoteConn.Close()
libio.Join(sConn, remoteConn)
}()
return return
} }
} }
@ -148,7 +135,6 @@ func (h *HTTPSMuxer) handleHTTPS(c net.Conn) {
httpUser := reqInfoMap["HTTPUser"] httpUser := reqInfoMap["HTTPUser"]
l, ok := h.getListener(canonicalHostname, path, httpUser) l, ok := h.getListener(canonicalHostname, path, httpUser)
if !ok { if !ok {
log.Debugf("https request for host [%s] path [%s] httpUser [%s] not found", hostname, path, httpUser)
h.failHook(sConn) h.failHook(sConn)
return return
} }

2
pkg/util/vhost/https_proxy.go
View File

@ -1,4 +1,4 @@
// Copyright 2024 fatedier, fatedier@gmail.com // Copyright 2024 Satyajeet Singh, jeet.0733@gmail.com
// //
// Licensed under the Apache License, Version 2.0 (the "License"); // Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License. // you may not use this file except in compliance with the License.

14
server/group/https.go
View File

@ -1,3 +1,17 @@
// Copyright 2024 Satyajeet Singh, jeet.0733@gmail.com
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package group package group
import ( import (