Proxy Protocol V1

2016-11-27 18:10:22 +08:00 · 2016-11-27 18:10:22 +08:00 · b2cb5f98b6
parent 4af9a47f84
commit b2cb5f98b6
3 changed files with 70 additions and 5 deletions
--- a/2
+++ b/2
@ -9,7 +9,7 @@ dep_gproc       = git https://github.com/uwiger/gproc
 dep_getopt      = git https://github.com/jcomellas/getopt v0.8.2
 dep_lager       = git https://github.com/basho/lager master
 dep_gen_logger  = git https://github.com/emqtt/gen_logger
-dep_esockd      = git https://github.com/emqtt/esockd emq20
+dep_esockd      = git https://github.com/emqtt/esockd proxy-protocol
 dep_mochiweb    = git https://github.com/emqtt/mochiweb
 #dep_clique     = git https://github.com/basho/clique
 #dep_pbkdf2      = git https://github.com/basho/erlang-pbkdf2 2.0.0
--- a/etc/emq.conf
+++ b/etc/emq.conf
@ -193,6 +193,10 @@ mqtt.listener.tcp.max_clients = 1024
 ## Rate Limit. Format is 'burst,rate', Unit is KB/Sec
 ## mqtt.listener.tcp.rate_limit = 100,10

+## Proxy Protocol V1
+mqtt.listener.tcp.proxy_protocol = 1
+mqtt.listener.tcp.proxy_protocol_timeout = 10
+
 ## TCP Socket Options
 mqtt.listener.tcp.backlog = 1024
 ## mqtt.listener.tcp.recbuf = 4096
@ -211,6 +215,8 @@ mqtt.listener.ssl.max_clients = 512

 ## Rate Limit. Format is 'burst,rate', Unit is KB/Sec
 ## mqtt.listener.ssl.rate_limit = 100,10
+mqtt.listener.ssl.proxy_protocol = 1
+mqtt.listener.ssl.proxy_protocol_timeout = 10

 ## Configuring SSL Options
 ## See http://erlang.org/doc/man/ssl.html
@ -226,6 +232,10 @@ mqtt.listener.http = 8083
 mqtt.listener.http.acceptors = 4
 mqtt.listener.http.max_clients = 64

+## Proxy Protocol V1
+mqtt.listener.http.proxy_protocol = 1
+mqtt.listener.http.proxy_protocol_timeout = 10
+
 ## HTTP(SSL) Listener
 mqtt.listener.https = 8084
 mqtt.listener.https.acceptors = 4
--- a/priv/emq.schema
+++ b/priv/emq.schema
@ -491,6 +491,19 @@ end}.
  hidden
 ]}.

+{mapping, "mqtt.listener.tcp.proxy_protocol", "emqttd.listeners", [
+  {default, 1},
+  {datatype, integer},
+  {validators, ["range:1-2"]},
+  hidden
+]}.
+
+{mapping, "mqtt.listener.tcp.proxy_protocol_timeout", "emqttd.listeners", [
+  {default, 10},
+  {datatype, integer},
+  hidden
+]}.
+
 {mapping, "mqtt.listener.tcp.backlog", "emqttd.listeners", [
  {default, 1024},
  {datatype, integer}
@ -535,6 +548,19 @@ end}.
  {datatype, string}
 ]}.

+{mapping, "mqtt.listener.ssl.proxy_protocol", "emqttd.listeners", [
+  {default, 1},
+  {datatype, integer},
+  {validators, ["range:1-2"]},
+  hidden
+]}.
+
+{mapping, "mqtt.listener.ssl.proxy_protocol_timeout", "emqttd.listeners", [
+  {default, 10},
+  {datatype, integer},
+  hidden
+]}.
+
 {mapping, "mqtt.listener.ssl.handshake_timeout", "emqttd.listeners", [
  {default, 15},
  {datatype, integer}
@ -575,6 +601,19 @@ end}.
  {datatype, integer}
 ]}.

+{mapping, "mqtt.listener.http.proxy_protocol", "emqttd.listeners", [
+  {default, 1},
+  {datatype, integer},
+  {validators, ["range:1-2"]},
+  hidden
+]}.
+
+{mapping, "mqtt.listener.http.proxy_protocol_timeout", "emqttd.listeners", [
+  {default, 10},
+  {datatype, integer},
+  hidden
+]}.
+
 {mapping, "mqtt.listener.https", "emqttd.listeners", [
  {default, undefined},
  {datatype, [integer, ip]},
@ -591,6 +630,18 @@ end}.
  {datatype, integer}
 ]}.

+{mapping, "mqtt.listener.https.proxy_protocol", "emqttd.listeners", [
+  {default, 1},
+  {datatype, integer},
+  {validators, ["range:1-2"]},
+  hidden
+]}.
+
+{mapping, "mqtt.listener.https.proxy_protocol_timeout", "emqttd.listeners", [
+  {datatype, integer},
+  hidden
+]}.
+
 {mapping, "mqtt.listener.https.handshake_timeout", "emqttd.listeners", [
  {default, 15},
  {datatype, integer}
@ -620,8 +671,7 @@ end}.
    Filter  = fun(Opts) -> [{K, V} || {K, V} <- Opts, V =/= undefined] end,
    LisOpts = fun(Prefix) ->
                  Filter([{acceptors,   cuttlefish:conf_get(Prefix ++ ".acceptors", Conf)},
-                          {max_clients, cuttlefish:conf_get(Prefix ++ ".max_clients", Conf)},
-                          {rate_limt,   cuttlefish:conf_get(Prefix ++ ".rate_limit", Conf, undefined)}])
+                          {max_clients, cuttlefish:conf_get(Prefix ++ ".max_clients", Conf)}])
              end,
    TcpOpts = fun(Prefix) ->
                   Filter([{backlog, cuttlefish:conf_get(Prefix ++ ".backlog", Conf, undefined)},
@ -645,7 +695,12 @@ end}.
                        undefined ->
                            [];
                        Port ->
-                            ConnOpts = Filter([{rate_limit, cuttlefish:conf_get(Key ++ ".rate_limit", Conf, undefined)}]),
+                            ConnOpts = Filter([{rate_limit, cuttlefish:conf_get(Key ++ ".rate_limit", Conf, undefined)},
+                                               {proxy_protocol, cuttlefish:conf_get(Key ++ ".proxy_protocol", Conf, undefined)},
+                                               {proxy_protocol_timeout, case cuttlefish:conf_get(Key ++ ".proxy_protocol_timeout", Conf, undefined) of
+                                                                            undefined -> undefined;
+                                                                            I -> I * 1000
+                                                                        end}]),
                            Opts = [{connopts, ConnOpts}, {sockopts, TcpOpts(Key)} | LisOpts(Key)],
                            [{Name, Port, case Name =:= ssl orelse Name =:= https of
                                              true  -> [{ssl, SslOpts(Key)} | Opts];