plane 0.5.5

Session backend orchestrator for ambitious browser-based apps.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125

use anyhow::{anyhow, Result};
use clap::Parser;
use plane_common::{
    names::{OrRandom, ProxyName},
    types::ClusterName,
};
use std::path::PathBuf;
use url::Url;

use super::{AcmeConfig, AcmeEabConfiguration, ProxyConfig, ServerPortConfig};

const LOCAL_HTTP_PORT: u16 = 9090;
const PROD_HTTP_PORT: u16 = 80;
const PROD_HTTPS_PORT: u16 = 443;

#[derive(Parser)]
pub struct ProxyOpts {
    #[clap(long)]
    name: Option<ProxyName>,

    #[clap(long)]
    controller_url: Url,

    #[clap(long)]
    cluster: ClusterName,

    #[clap(long)]
    https: bool,

    #[clap(long)]
    http_port: Option<u16>,

    #[clap(long)]
    https_port: Option<u16>,

    #[clap(long)]
    cert_path: Option<PathBuf>,

    #[clap(long)]
    acme_endpoint: Option<Url>,

    #[clap(long)]
    acme_email: Option<String>,

    /// Key identifier when using ACME External Account Binding.
    #[clap(long)]
    acme_eab_kid: Option<String>,

    /// HMAC key when using ACME External Account Binding.
    #[clap(long)]
    acme_eab_hmac_key: Option<String>,

    /// URL to redirect the root path to.
    #[clap(long)]
    root_redirect_url: Option<Url>,
}

impl ProxyOpts {
    pub fn into_config(self) -> Result<ProxyConfig> {
        let name = self.name.or_random();

        let port_config = match (self.https, self.http_port, self.https_port) {
            (false, None, None) => ServerPortConfig {
                http_port: LOCAL_HTTP_PORT,
                https_port: None,
            },
            (true, None, None) => ServerPortConfig {
                http_port: PROD_HTTP_PORT,
                https_port: Some(PROD_HTTPS_PORT),
            },
            (true, Some(http_port), None) => ServerPortConfig {
                http_port,
                https_port: Some(PROD_HTTPS_PORT),
            },
            (_, None, Some(https_port)) => ServerPortConfig {
                http_port: PROD_HTTP_PORT,
                https_port: Some(https_port),
            },
            (_, Some(http_port), https_port) => ServerPortConfig {
                http_port,
                https_port,
            },
        };

        let acme_eab_keypair = match (self.acme_eab_hmac_key, self.acme_eab_kid) {
            (Some(hmac_key), Some(kid)) => Some(AcmeEabConfiguration::new(kid, hmac_key)?),
            (None, Some(_)) | (Some(_), None) => {
                return Err(anyhow!(
                    "Must specify both --acme-eab-hmac-key and --acme-eab-kid or neither."
                ))
            }
            _ => None,
        };

        let acme_config = match (self.acme_endpoint, self.acme_email) {
            (Some(_), None) => {
                return Err(anyhow!(
                    "Must specify --acme-email when using --acme-endpoint."
                ));
            }
            (None, Some(_)) => {
                return Err(anyhow!(
                    "Must specify --acme-endpoint when using --acme-email."
                ));
            }
            (Some(endpoint), Some(email)) => Some(AcmeConfig {
                endpoint,
                mailto_email: email,
                acme_eab_keypair,
                accept_insecure_certs_for_testing: false,
            }),
            (None, None) => None,
        };

        Ok(ProxyConfig {
            name,
            controller_url: self.controller_url,
            cluster: self.cluster,
            cert_path: self.cert_path,
            port_config,
            acme_config,
            root_redirect_url: self.root_redirect_url,
        })
    }
}