tg-redbird 0.12.0 → 1.2.0

package/README.md

@@ -83,6 +83,9 @@ proxy.register("balance.me", "http://172.17.41.6:8080");
 proxy.register("balance.me", "http://172.17.42.6:8080");
 proxy.register("balance.me", "http://172.17.43.6:8080");
 
+// You can unregister routes as well
+proxy.register("temporary.com", "http://172.17.45.1:8004");
+proxy.unregister("temporary.com", "http://172.17.45.1:8004");
 
 // LetsEncrypt support
 // With Redbird you can get zero conf and automatic SSL certificates for your domains
@@ -105,7 +108,7 @@ redbird.register('example.com', 'http://172.60.80.2:8082', {
 // HTTP2 Support using LetsEncrypt for the certificates
 //
 var proxy = require('redbird')({
-  port: 80, // http port is needed for LetsEncrypt challenge during request / renewal. Also enables automatic http->https redirection for registered https routes. 
+  port: 80, // http port is needed for LetsEncrypt challenge during request / renewal. Also enables automatic http->https redirection for registered https routes.
   letsencrypt: {
     path: __dirname + '/certs',
     port: 9999 // LetsEncrypt minimal web server port for handling challenges. Routed 80->9999, no need to open 9999 in firewall. Default 3000 if not defined.
@@ -235,7 +238,7 @@ var redbird = new require('redbird')({
 			ip: '123.45.67.11', // assigned to my-other-domain.com
 			key: 'certs/my-other-domain.key',
 			cert: 'certs/my-other-domain.crt',
-		}				
+		}
 	]
 });
 
@@ -402,33 +405,33 @@ setTimeout(function() {
 
 ## Replacing the default HTTP/HTTPS server modules
 
-By passing `serverModule: module` or `ssl: {serverModule : module}` you can override the default http/https 
+By passing `serverModule: module` or `ssl: {serverModule : module}` you can override the default http/https
 servers used to listen for connections with another module.
 
-One application for this is to enable support for PROXY protocol: This is useful if you want to use a module like 
-[findhit-proxywrap](https://github.com/findhit/proxywrap) to enable support for the 
+One application for this is to enable support for PROXY protocol: This is useful if you want to use a module like
+[findhit-proxywrap](https://github.com/findhit/proxywrap) to enable support for the
 [PROXY protocol](http://www.haproxy.org/download/1.8/doc/proxy-protocol.txt).
- 
-                                                                  
-PROXY protocol is used in tools like HA-Proxy, and can be optionally enabled in Amazon ELB load balancers to pass the 
-original client IP when proxying TCP connections (similar to an X-Forwarded-For header, but for raw TCP). This is useful 
-if you want to run redbird on AWS behind an ELB load balancer, but have redbird terminate any HTTPS connections so you 
-can have SNI/Let's Encrypt/HTTP2support. With this in place Redbird will see the client's IP address rather 
+
+
+PROXY protocol is used in tools like HA-Proxy, and can be optionally enabled in Amazon ELB load balancers to pass the
+original client IP when proxying TCP connections (similar to an X-Forwarded-For header, but for raw TCP). This is useful
+if you want to run redbird on AWS behind an ELB load balancer, but have redbird terminate any HTTPS connections so you
+can have SNI/Let's Encrypt/HTTP2support. With this in place Redbird will see the client's IP address rather
 than the load-balancer's, and pass this through in an X-Forwarded-For header.
 
 ````javascript
 //Options for proxywrap. This means the proxy will also respond to regular HTTP requests without PROXY information as well.
-proxy_opts = {strict: false}; 
+proxy_opts = {strict: false};
 proxyWrap = require('findhit-proxywrap');
 var opts = {
     port: process.env.HTTP_PORT,
     serverModule: proxyWrap.proxy( require('http'), proxy_opts),
     ssl: {
         //Do this if you want http2:
-        http2: true,        
+        http2: true,
         serverModule: proxyWrap.proxy(require('spdy').server, proxy_opts),
         //Do this if you only want regular https
-        // serverModule: proxyWrap.proxy( require('http'), proxy_opts), 
+        // serverModule: proxyWrap.proxy( require('http'), proxy_opts),
         port: process.env.HTTPS_PORT,
     }
 }
@@ -481,7 +484,7 @@ __Arguments__
         If you want to disable bunyan, just set this option to false. Keep in mind that
         having logs enabled incours in a performance penalty of about one order of magnitude per request.
         resolvers: {Function | Array}  a list of custom resolvers. Can be a single function or an array of functions. See more details about resolvers above.
-        serverModule : {Module} Optional - Override the http server module used to listen for http connections.  Default is require('http') 
+        serverModule : {Module} Optional - Override the http server module used to listen for http connections.  Default is require('http')
 	}
 ```
 
@@ -509,9 +512,13 @@ __Arguments__
     	key: keyPath,
     	cert: certPath,
     	ca: caPath, // optional
-    	secureOptions: constants.SSL_OP_NO_TLSv1 //optional, see below 
+    	secureOptions: constants.SSL_OP_NO_TLSv1 //optional, see below
     	}
     }
+    {onRequest: (req, res, target) => {
+      // called before forwarding is occurred, you can modify req.headers for example
+      // return undefined to forward to default target
+    }}
 ```
 > _Note: if you need to use **ssl.secureOptions**, to disable older, insecure TLS versions, import crypto/constants first:_
 

package/lib/docker.js

@@ -20,27 +20,27 @@ function DockerModule(redbird, url) {
   this.redbird = redbird;
   var log = redbird.log;
 
-  var targets = this.targets = {};
+  var targets = (this.targets = {});
   this.ports = {};
 
   // We keep an up-to-date table with all the images having
   // containers running on the system.
-  var images = this.images = {};
-  var dolphin = this.dolphin = new Dolphin(url);
+  var images = (this.images = {});
+  var dolphin = (this.dolphin = new Dolphin(url));
 
   var _this = this;
 
   function registerIfNeeded(imageName, containerId, containerName) {
-    var image = images[imageName] = images[imageName] || {};
+    var image = (images[imageName] = images[imageName] || {});
 
     for (var targetName in targets) {
-        var match = isMatchingImageName(targetName, imageName);
+      var match = isMatchingImageName(targetName, imageName);
 
-        if (match && image[containerId] !== 'running') {
-          var target = targets[targetName];
-          log && log.info('Registering container %s for target %s', containerName, target.src);
-          _this.registerContainer(target.src, containerId, target.opts);
-        }
+      if (match && image[containerId] !== 'running') {
+        var target = targets[targetName];
+        log && log.info('Registering container %s for target %s', containerName, target.src);
+        _this.registerContainer(target.src, containerId, target.opts);
+      }
     }
 
     image[containerId] = 'running';
@@ -50,13 +50,12 @@ function DockerModule(redbird, url) {
   this.events = dolphin.events();
 
   this.events.on('connected', function () {
-
     //  Fetch all running containers and register them if
     //  necessary.
-    dolphin.containers({ filters: {status:["running"]}}).then(function (containers) {
+    dolphin.containers({ filters: { status: ['running'] } }).then(function (containers) {
       for (var i = 0; i < containers.length; i++) {
         var container = containers[i];
-        registerIfNeeded(container.Image, container.Id, container.Names[0].replace("/", ""));
+        registerIfNeeded(container.Image, container.Id, container.Names[0].replace('/', ''));
       }
     });
   });
@@ -81,7 +80,12 @@ function DockerModule(redbird, url) {
             var match = isMatchingImageName(targetName, evt.from);
             if (image[evt.id] === 'running' && match && _this.ports[evt.id]) {
               target = targets[targetName];
-              log && log.info('Un-registering container %s for target %s', evt.Actor.Attributes.name, target.src);
+              log &&
+                log.info(
+                  'Un-registering container %s for target %s',
+                  evt.Actor.Attributes.name,
+                  target.src
+                );
               _this.redbird.unregister(target.src, _this.ports[evt.id]);
             }
             image[evt.id] = 'stopped';
@@ -112,12 +116,12 @@ DockerModule.prototype.register = function (src, target, opts) {
   var storedTarget = this.targets[target];
 
   if (storedTarget && storedTarget.src == src) {
-      throw Error('Cannot register the same src and target twice');
+    throw Error('Cannot register the same src and target twice');
   }
 
   this.targets[target] = {
     src: src,
-    opts: opts
+    opts: opts,
   };
 
   for (var imageName in this.images) {
@@ -138,8 +142,8 @@ DockerModule.prototype.registerContainer = function (src, containerId, opts) {
 };
 
 function isMatchingImageName(targetName, imageName) {
-    var regex = new RegExp("^" + targetName + "$");
-    return regex.test(imageName);
+  var regex = new RegExp('^' + targetName + '$');
+  return regex.test(imageName);
 }
 
 function containerPort(dolphin, containerId) {

package/lib/etcd-backend.js

@@ -7,8 +7,8 @@
 */
 var Etcd = require('node-etcd');
 
-function ETCDModule(redbird, options){
-  if (!(this instanceof ETCDModule)){
+function ETCDModule(redbird, options) {
+  if (!(this instanceof ETCDModule)) {
     return new ETCDModule(redbird, options);
   }
 
@@ -18,37 +18,34 @@ function ETCDModule(redbird, options){
   var _this = this;
 
   // Create node-etcd Instance
-  this.etcd = new Etcd(options.hosts,options.ssloptions);
-  this.etcd_dir = (typeof options.path !== 'undefined') ? options.path : "redbird";
+  this.etcd = new Etcd(options.hosts, options.ssloptions);
+  this.etcd_dir = typeof options.path !== 'undefined' ? options.path : 'redbird';
 
   // Create directory if not created
-  this.etcd.get(this.etcd_dir,function(err, body, header){
-    if (err && err.errorCode == 100){
-      _this.etcd.mkdir(_this.etcd_dir, function(err){
-        if (err){
+  this.etcd.get(this.etcd_dir, function (err, body, header) {
+    if (err && err.errorCode == 100) {
+      _this.etcd.mkdir(_this.etcd_dir, function (err) {
+        if (err) {
           log.error(err, 'etcd backend error');
-        }
-        else{
+        } else {
           createWatcher();
         }
       });
-    }
-    else if(!err && body.node.dir){
+    } else if (!err && body.node.dir) {
       createWatcher();
-    }
-    else{
+    } else {
       log.error(err, 'etcd backend error');
     }
   });
 
   // Helper function to check if values contain settings
   function IsJsonString(str) {
-      try {
-          JSON.parse(str);
-      } catch (e) {
-          return false;
-      }
-      return true;
+    try {
+      JSON.parse(str);
+    } catch (e) {
+      return false;
+    }
+    return true;
   }
 
   // Helper function to pretify etcd directory strings
@@ -56,35 +53,35 @@ function ETCDModule(redbird, options){
     return str.replace(_this.etcd_dir, '').replace(/^\/+|\/+$/g, '');
   }
 
-  function createWatcher(){
+  function createWatcher() {
     // Watch etcd directory
-    _this.watcher = _this.etcd.watcher(_this.etcd_dir, null, {recursive:true});
+    _this.watcher = _this.etcd.watcher(_this.etcd_dir, null, { recursive: true });
 
     // On Add/Update
-    _this.watcher.on("change", function(body,headers){
-      if(body.node.key && body.node.value && !IsJsonString(body.node.value)){
-        _this.redbird.register(removeEtcDir(body.node.key),body.node.value);
-      }
-      else if(body.node.key && body.node.value && IsJsonString(body.node.value)){
+    _this.watcher.on('change', function (body, headers) {
+      if (body.node.key && body.node.value && !IsJsonString(body.node.value)) {
+        _this.redbird.register(removeEtcDir(body.node.key), body.node.value);
+      } else if (body.node.key && body.node.value && IsJsonString(body.node.value)) {
         var config = JSON.parse(body.node.value);
-        if (typeof config.docker !== 'undefined'){
-          require('../').docker(_this.redbird).register(body.node.key,body.node.value.docker,body.node.value);
-        }
-        else {
-          _this.redbird.register(removeEtcDir(body.node.key),config.hosts,config);
+        if (typeof config.docker !== 'undefined') {
+          require('../')
+            .docker(_this.redbird)
+            .register(body.node.key, body.node.value.docker, body.node.value);
+        } else {
+          _this.redbird.register(removeEtcDir(body.node.key), config.hosts, config);
         }
       }
     });
 
     // On Delete
-    _this.watcher.on("delete", function(body,headers){
-      if(body.node.key){
+    _this.watcher.on('delete', function (body, headers) {
+      if (body.node.key) {
         _this.redbird.unregister(removeEtcDir(body.node.key));
       }
     });
 
     // Handle Errors
-    _this.watcher.on("error", function(err){
+    _this.watcher.on('error', function (err) {
       log.error(err, 'etcd backend error');
     });
   }

package/lib/letsencrypt.js

@@ -17,7 +17,7 @@
 var leStoreConfig = {};
 var webrootPath = ':configDir/:hostname/.well-known/acme-challenge';
 
-function init(certPath, port, logger){
+function init(certPath, port, logger) {
   var http = require('http');
   var path = require('path');
   var url = require('url');
@@ -36,37 +36,38 @@ function init(certPath, port, logger){
     logsDir: ':configDir/letsencrypt/var/log',
 
     webrootPath: webrootPath,
-    debug: false
+    debug: false,
   };
 
   // we need to proxy for example: 'example.com/.well-known/acme-challenge' -> 'localhost:port/example.com/'
-  http.createServer(function (req, res){
-    var uri = url.parse(req.url).pathname;
-    var filename = path.join(certPath, uri);
-    var isForbiddenPath = uri.length < 3 || filename.indexOf(certPath) !== 0;
-
-    if (isForbiddenPath) {
-      logger && logger.info('Forbidden request on LetsEncrypt port %s: %s', port, filename);
-      res.writeHead(403);
-      res.end();
-      return;
-    }
-
-    logger && logger.info('LetsEncrypt CA trying to validate challenge %s', filename);
-
-    fs.stat(filename, function(err, stats) {
-      if (err || !stats.isFile()) {
-        res.writeHead(404, {"Content-Type": "text/plain"});
-        res.write("404 Not Found\n");
+  http
+    .createServer(function (req, res) {
+      var uri = url.parse(req.url).pathname;
+      var filename = path.join(certPath, uri);
+      var isForbiddenPath = uri.length < 3 || filename.indexOf(certPath) !== 0;
+
+      if (isForbiddenPath) {
+        logger && logger.info('Forbidden request on LetsEncrypt port %s: %s', port, filename);
+        res.writeHead(403);
         res.end();
         return;
       }
 
-      res.writeHead(200);
-      fs.createReadStream(filename, "binary").pipe(res);
-    });
+      logger && logger.info('LetsEncrypt CA trying to validate challenge %s', filename);
+
+      fs.stat(filename, function (err, stats) {
+        if (err || !stats.isFile()) {
+          res.writeHead(404, { 'Content-Type': 'text/plain' });
+          res.write('404 Not Found\n');
+          res.end();
+          return;
+        }
 
-  }).listen(port);
+        res.writeHead(200);
+        fs.createReadStream(filename, 'binary').pipe(res);
+      });
+    })
+    .listen(port);
 }
 
 /**
@@ -77,7 +78,7 @@ function init(certPath, port, logger){
  *  TODO: We should use something like https://github.com/PaquitoSoft/memored/blob/master/index.js
  *  to avoid
  */
-function getCertificates(domain, email, production, renew, logger){
+function getCertificates(domain, email, production, renew, logger) {
   var LE = require('greenlock');
   var le;
 
@@ -87,35 +88,37 @@ function getCertificates(domain, email, production, renew, logger){
   // ACME Challenge Handlers
   var leChallenge = require('le-challenge-fs').create({
     webrootPath: webrootPath,
-    debug: false
+    debug: false,
   });
 
   le = LE.create({
-    server: production ? 'https://acme-v02.api.letsencrypt.org/directory' : 'https://acme-staging-v02.api.letsencrypt.org/directory',
-    store: leStore,                                          // handles saving of config, accounts, and certificates
-    challenges: { 'http-01': leChallenge },                  // handles /.well-known/acme-challege keys and tokens
-    challengeType: 'http-01',                                // default to this challenge type
+    server: production
+      ? 'https://acme-v02.api.letsencrypt.org/directory'
+      : 'https://acme-staging-v02.api.letsencrypt.org/directory',
+    store: leStore, // handles saving of config, accounts, and certificates
+    challenges: { 'http-01': leChallenge }, // handles /.well-known/acme-challege keys and tokens
+    challengeType: 'http-01', // default to this challenge type
     debug: false,
     log: function (debug) {
       logger && logger.info(arguments, 'Lets encrypt debugger');
-    }
+    },
   });
 
   // Check in-memory cache of certificates for the named domain
-  return le.check({ domains: [domain] }).then(function (cert){
+  return le.check({ domains: [domain] }).then(function (cert) {
     var opts = {
       domains: [domain],
       email: email,
       agreeTos: true,
-      rsaKeySize: 2048,                                       // 2048 or higher
-      challengeType: 'http-01'
-    }
+      rsaKeySize: 2048, // 2048 or higher
+      challengeType: 'http-01',
+    };
 
-    if (cert){
-      if (renew){
+    if (cert) {
+      if (renew) {
         logger && logger.info('renewing cert for ' + domain);
         opts.duplicate = true;
-        return le.renew(opts, cert).catch(function(err){
+        return le.renew(opts, cert).catch(function (err) {
           logger && logger.error(err, 'Error renewing certificates for ', domain);
         });
       } else {