mrok 0.4.4__py3-none-any.whl → 0.4.5__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- mrok/proxy/app.py +14 -6
- {mrok-0.4.4.dist-info → mrok-0.4.5.dist-info}/METADATA +1 -1
- {mrok-0.4.4.dist-info → mrok-0.4.5.dist-info}/RECORD +6 -7
- mrok/proxy/ziti.py +0 -102
- {mrok-0.4.4.dist-info → mrok-0.4.5.dist-info}/WHEEL +0 -0
- {mrok-0.4.4.dist-info → mrok-0.4.5.dist-info}/entry_points.txt +0 -0
- {mrok-0.4.4.dist-info → mrok-0.4.5.dist-info}/licenses/LICENSE.txt +0 -0
mrok/proxy/app.py
CHANGED
|
@@ -2,11 +2,13 @@ import asyncio
|
|
|
2
2
|
import logging
|
|
3
3
|
from pathlib import Path
|
|
4
4
|
|
|
5
|
+
import openziti
|
|
6
|
+
from openziti.context import ZitiContext
|
|
7
|
+
|
|
5
8
|
from mrok.conf import get_settings
|
|
6
9
|
from mrok.http.forwarder import ForwardAppBase
|
|
7
10
|
from mrok.http.types import Scope, StreamReader, StreamWriter
|
|
8
11
|
from mrok.logging import setup_logging
|
|
9
|
-
from mrok.proxy.ziti import ZitiSocketCache
|
|
10
12
|
|
|
11
13
|
logger = logging.getLogger("mrok.proxy")
|
|
12
14
|
|
|
@@ -30,7 +32,7 @@ class ProxyApp(ForwardAppBase):
|
|
|
30
32
|
if settings.proxy.domain[0] == "."
|
|
31
33
|
else f".{settings.proxy.domain}"
|
|
32
34
|
)
|
|
33
|
-
self.
|
|
35
|
+
self._ziti_ctx: ZitiContext | None = None
|
|
34
36
|
|
|
35
37
|
def get_target_from_header(self, headers: dict[str, str], name: str) -> str | None:
|
|
36
38
|
header_value = headers.get(name, "")
|
|
@@ -47,11 +49,17 @@ class ProxyApp(ForwardAppBase):
|
|
|
47
49
|
raise ProxyError("Neither Host nor X-Forwarded-Host contain a valid target name")
|
|
48
50
|
return target
|
|
49
51
|
|
|
52
|
+
def _get_ziti_ctx(self) -> ZitiContext:
|
|
53
|
+
if self._ziti_ctx is None:
|
|
54
|
+
ctx, err = openziti.load(str(self._identity_file), timeout=10_000)
|
|
55
|
+
if err != 0:
|
|
56
|
+
raise Exception(f"Cannot create a Ziti context from the identity file: {err}")
|
|
57
|
+
self._ziti_ctx = ctx
|
|
58
|
+
return self._ziti_ctx
|
|
59
|
+
|
|
50
60
|
async def startup(self):
|
|
51
61
|
setup_logging(get_settings())
|
|
52
|
-
|
|
53
|
-
async def shutdown(self):
|
|
54
|
-
await self._ziti_socket_cache.stop()
|
|
62
|
+
self._get_ziti_ctx()
|
|
55
63
|
|
|
56
64
|
async def select_backend(
|
|
57
65
|
self,
|
|
@@ -59,6 +67,6 @@ class ProxyApp(ForwardAppBase):
|
|
|
59
67
|
headers: dict[str, str],
|
|
60
68
|
) -> tuple[StreamReader, StreamWriter] | tuple[None, None]:
|
|
61
69
|
target_name = self.get_target_name(headers)
|
|
62
|
-
sock =
|
|
70
|
+
sock = self._get_ziti_ctx().connect(target_name)
|
|
63
71
|
reader, writer = await asyncio.open_connection(sock=sock)
|
|
64
72
|
return reader, writer
|
|
@@ -71,9 +71,8 @@ mrok/http/server.py,sha256=Mj7C85fc-DXp-WTBWaOd7ag808oliLmFBH5bf-G2FHg,370
|
|
|
71
71
|
mrok/http/types.py,sha256=XpNrvbfpANKvmjOBYtLF1FmDHoJF3z_MIMQHXoJlvmE,1302
|
|
72
72
|
mrok/http/utils.py,sha256=sOixYu3R9-nNoMFYdifrreYvcFRIHYVtb6AAmtVzaLE,2125
|
|
73
73
|
mrok/proxy/__init__.py,sha256=vWXyImroqM1Eq8e_oFPBup8VJ3reyp8SVjFTbLzRkI8,51
|
|
74
|
-
mrok/proxy/app.py,sha256=
|
|
74
|
+
mrok/proxy/app.py,sha256=kWMg4oi0WtwHS0CD4iOK2-dghBzu8ya7aRIH-jn-61g,2436
|
|
75
75
|
mrok/proxy/main.py,sha256=ZXpticE6J4FABaslDB_8J5qklPsf3e7xIFSZmcPAAjQ,1588
|
|
76
|
-
mrok/proxy/ziti.py,sha256=rKgIXpOvtBeVopZkQlNUZa3Fdci9jgiog_i6egb17ps,3318
|
|
77
76
|
mrok/ziti/__init__.py,sha256=20OWMiexRhOovZOX19zlX87-V78QyWnEnSZfyAftUdE,263
|
|
78
77
|
mrok/ziti/api.py,sha256=KvGiT9d4oSgC3JbFWLDQyuHcLX2HuZJoJ8nHmWtCDkY,16154
|
|
79
78
|
mrok/ziti/bootstrap.py,sha256=QIDhlkIxPW2QRuumFq2D1WDbD003P5f3z24pAUsyeBI,2696
|
|
@@ -82,8 +81,8 @@ mrok/ziti/errors.py,sha256=yYCbVDwktnR0AYduqtynIjo73K3HOhIrwA_vQimvEd4,368
|
|
|
82
81
|
mrok/ziti/identities.py,sha256=1BcwfqAJHMBhc3vRaf0aLaIkoHskj5Xe2Lsq2lO9Vs8,6735
|
|
83
82
|
mrok/ziti/pki.py,sha256=o2tySqHC8-7bvFuI2Tqxg9vX6H6ZSxWxfP_9x29e19M,1954
|
|
84
83
|
mrok/ziti/services.py,sha256=zR1PEBYwXVou20iJK4euh0ZZFAo9UB8PZk8f6SDmiUE,3194
|
|
85
|
-
mrok-0.4.
|
|
86
|
-
mrok-0.4.
|
|
87
|
-
mrok-0.4.
|
|
88
|
-
mrok-0.4.
|
|
89
|
-
mrok-0.4.
|
|
84
|
+
mrok-0.4.5.dist-info/METADATA,sha256=jomSUZzuiMTTuC3T3zzisYfaFnevrSbQJ7y1-sM6lgU,15836
|
|
85
|
+
mrok-0.4.5.dist-info/WHEEL,sha256=WLgqFyCfm_KASv4WHyYy0P3pM_m7J5L9k2skdKLirC8,87
|
|
86
|
+
mrok-0.4.5.dist-info/entry_points.txt,sha256=tloXwvU1uJicBJR2h-8HoVclPgwJWDwuREMHN8Zq-nU,38
|
|
87
|
+
mrok-0.4.5.dist-info/licenses/LICENSE.txt,sha256=6PaICaoA3yNsZKLv5G6OKqSfLSoX7MakYqTDgJoTCBs,11346
|
|
88
|
+
mrok-0.4.5.dist-info/RECORD,,
|
mrok/proxy/ziti.py
DELETED
|
@@ -1,102 +0,0 @@
|
|
|
1
|
-
import asyncio
|
|
2
|
-
import contextlib
|
|
3
|
-
import logging
|
|
4
|
-
from asyncio import Task
|
|
5
|
-
from pathlib import Path
|
|
6
|
-
|
|
7
|
-
import openziti
|
|
8
|
-
from aiocache import Cache
|
|
9
|
-
from openziti.context import ZitiContext
|
|
10
|
-
from openziti.zitisock import ZitiSocket
|
|
11
|
-
|
|
12
|
-
logger = logging.getLogger("mrok.proxy")
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
class ZitiSocketCache:
|
|
16
|
-
def __init__(
|
|
17
|
-
self,
|
|
18
|
-
identity_file: str | Path,
|
|
19
|
-
ziti_ctx_timeout_ms: int = 10_000,
|
|
20
|
-
ttl_seconds: float = 60.0,
|
|
21
|
-
cleanup_interval: float = 10.0,
|
|
22
|
-
) -> None:
|
|
23
|
-
self._identity_file = identity_file
|
|
24
|
-
self._ziti_ctx_timeout_ms = ziti_ctx_timeout_ms
|
|
25
|
-
self._ttl_seconds = ttl_seconds
|
|
26
|
-
self._cleanup_interval = cleanup_interval
|
|
27
|
-
|
|
28
|
-
self._ziti_ctx: ZitiContext | None = None
|
|
29
|
-
self._cache = Cache(Cache.MEMORY)
|
|
30
|
-
self._active_sockets: dict[str, ZitiSocket] = {}
|
|
31
|
-
self._cleanup_task: Task | None = None
|
|
32
|
-
|
|
33
|
-
def _get_ziti_ctx(self) -> ZitiContext:
|
|
34
|
-
if self._ziti_ctx is None:
|
|
35
|
-
ctx, err = openziti.load(str(self._identity_file), timeout=self._ziti_ctx_timeout_ms)
|
|
36
|
-
if err != 0:
|
|
37
|
-
raise Exception(f"Cannot create a Ziti context from the identity file: {err}")
|
|
38
|
-
self._ziti_ctx = ctx
|
|
39
|
-
return self._ziti_ctx
|
|
40
|
-
|
|
41
|
-
async def _create_socket(self, key: str):
|
|
42
|
-
return self._get_ziti_ctx().connect(key)
|
|
43
|
-
|
|
44
|
-
async def get_or_create(self, key: str):
|
|
45
|
-
sock = await self._cache.get(key)
|
|
46
|
-
|
|
47
|
-
if sock:
|
|
48
|
-
await self._cache.expire(key, self._ttl_seconds)
|
|
49
|
-
self._active_sockets[key] = sock
|
|
50
|
-
logger.debug(f"Ziti socket found for service {key}")
|
|
51
|
-
return sock
|
|
52
|
-
|
|
53
|
-
sock = await self._create_socket(key)
|
|
54
|
-
await self._cache.set(key, sock, self._ttl_seconds)
|
|
55
|
-
self._active_sockets[key] = sock
|
|
56
|
-
logger.info(f"New Ziti socket created for service {key}")
|
|
57
|
-
return sock
|
|
58
|
-
|
|
59
|
-
# async def invalidate(self, key: str):
|
|
60
|
-
# sock = await self._cache.get(key)
|
|
61
|
-
# if sock:
|
|
62
|
-
# await self._close_socket(sock)
|
|
63
|
-
|
|
64
|
-
# await self._cache.delete(key)
|
|
65
|
-
# self._active_sockets.pop(key, None)
|
|
66
|
-
|
|
67
|
-
async def start(self):
|
|
68
|
-
self._cleanup_task = asyncio.create_task(self._periodic_cleanup())
|
|
69
|
-
# Warmup ziti context
|
|
70
|
-
self._get_ziti_ctx()
|
|
71
|
-
|
|
72
|
-
async def stop(self):
|
|
73
|
-
self._cleanup_task.cancel()
|
|
74
|
-
with contextlib.suppress(Exception):
|
|
75
|
-
await self._cleanup_task
|
|
76
|
-
|
|
77
|
-
for sock in list(self._active_sockets.values()):
|
|
78
|
-
await self._close_socket(sock)
|
|
79
|
-
|
|
80
|
-
self._active_sockets.clear()
|
|
81
|
-
await self._cache.clear()
|
|
82
|
-
|
|
83
|
-
@staticmethod
|
|
84
|
-
async def _close_socket(sock: ZitiSocket):
|
|
85
|
-
with contextlib.suppress(Exception):
|
|
86
|
-
sock.close()
|
|
87
|
-
|
|
88
|
-
async def _periodic_cleanup(self):
|
|
89
|
-
try:
|
|
90
|
-
while True:
|
|
91
|
-
await asyncio.sleep(self._cleanup_interval)
|
|
92
|
-
await self._cleanup_once()
|
|
93
|
-
except asyncio.CancelledError:
|
|
94
|
-
return
|
|
95
|
-
|
|
96
|
-
async def _cleanup_once(self):
|
|
97
|
-
expired = {key for key in self._active_sockets.keys() if not self._cache.exists(key)}
|
|
98
|
-
for key in expired:
|
|
99
|
-
logger.debug(f"Cleaning up expired socket connection {key}")
|
|
100
|
-
sock = self._active_sockets.pop(key, None)
|
|
101
|
-
if sock:
|
|
102
|
-
await self._close_socket(sock)
|
|
File without changes
|
|
File without changes
|
|
File without changes
|