Compare commits
18 commits
Author | SHA1 | Date | |
---|---|---|---|
d6ac9af1c3 | |||
|
1b0cb6d5c1 | ||
|
665318f08b | ||
|
d41cf0b79f | ||
|
8fc87780f1 | ||
|
01ed34dc5e | ||
|
ce61af629c | ||
|
1edf5ea4a9 | ||
|
45f7f5eff6 | ||
|
ad06c390bb | ||
|
e5dec23cd6 | ||
|
eb3d963a87 | ||
|
743a38c344 | ||
|
3ddeb5ae39 | ||
|
2f208b01d6 | ||
|
fbd6f6f16a | ||
|
fce8ddfeb2 | ||
|
b137c369b0 |
7 changed files with 73 additions and 32 deletions
2
.mise.toml
Normal file
2
.mise.toml
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
[tools]
|
||||||
|
golang = "1.24.0"
|
30
Makefile
30
Makefile
|
@ -1,25 +1,37 @@
|
||||||
BINARY=dist/rmfake-proxy
|
ARMV7_BINARY=dist/rmfakecloud-proxy-arm7
|
||||||
WINBINARY=dist/rmfake-proxy.exe
|
AARCH64_BINARY=dist/rmfakecloud-proxy-aarch64
|
||||||
LINUXBINARY=dist/rmfake-proxy64
|
WIN_BINARY=dist/rmfakecloud-proxy.exe
|
||||||
|
LINUX_BINARY=dist/rmfakecloud-proxy64
|
||||||
INSTALLER=dist/installer.sh
|
INSTALLER=dist/installer.sh
|
||||||
|
RM12_INSTALLER=dist/installer-rm12.sh
|
||||||
|
RMPRO_INSTALLER=dist/installer-rmpro.sh
|
||||||
.PHONY: clean
|
.PHONY: clean
|
||||||
all: $(INSTALLER) $(WINBINARY) $(LINUXBINARY)
|
all: $(RMPRO_INSTALLER) $(RM12_INSTALLER) $(INSTALLER) $(WIN_BINARY) $(LINUX_BINARY)
|
||||||
|
|
||||||
$(LINUXBINARY): version.go main.go
|
$(LINUX_BINARY): version.go main.go
|
||||||
go build -ldflags="-w -s" -o $@
|
go build -ldflags="-w -s" -o $@
|
||||||
|
|
||||||
$(BINARY): version.go main.go
|
$(ARMV7_BINARY): version.go main.go
|
||||||
GOARCH=arm GOARM=7 go build -ldflags="-w -s" -o $@
|
GOARCH=arm GOARM=7 go build -ldflags="-w -s" -o $@
|
||||||
|
|
||||||
$(WINBINARY): version.go main.go
|
$(AARCH64_BINARY): version.go main.go
|
||||||
|
GOARCH=arm64 go build -ldflags="-w -s" -o $@
|
||||||
|
|
||||||
|
$(WIN_BINARY): version.go main.go
|
||||||
GOOS=windows go build -ldflags="-w -s" -o $@
|
GOOS=windows go build -ldflags="-w -s" -o $@
|
||||||
|
|
||||||
version.go:
|
version.go:
|
||||||
go generate
|
go generate
|
||||||
|
|
||||||
$(INSTALLER): $(BINARY) scripts/installer.sh
|
$(RMPRO_INSTALLER): $(AARCH64_BINARY) scripts/installer.sh
|
||||||
cp scripts/installer.sh $@
|
cp scripts/installer.sh $@
|
||||||
gzip -c $(BINARY) >> $@
|
gzip -c $(AARCH64_BINARY) >> $@
|
||||||
chmod +x $@
|
chmod +x $@
|
||||||
|
|
||||||
|
$(INSTALLER) $(RM12_INSTALLER): $(ARMV7_BINARY) scripts/installer.sh
|
||||||
|
cp scripts/installer.sh $@
|
||||||
|
gzip -c $(ARMV7_BINARY) >> $@
|
||||||
|
chmod +x $@
|
||||||
|
|
||||||
clean:
|
clean:
|
||||||
rm -fr dist
|
rm -fr dist
|
||||||
|
|
30
README.md
30
README.md
|
@ -3,10 +3,33 @@ Single-minded HTTPS reverse proxy
|
||||||
|
|
||||||
(forked from https://github.com/yi-jiayu/secure)
|
(forked from https://github.com/yi-jiayu/secure)
|
||||||
|
|
||||||
|
## Installation
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
### Manual
|
||||||
|
Download `installer-rm12.sh` for rm1/2 or `installer-rmpro.sh` on a pc.
|
||||||
|
Transfer to the tablet with `scp` / `WinSCP`
|
||||||
|
run installer on the tablet over ssh
|
||||||
|
```
|
||||||
|
chmod +x installer-xxx.sh
|
||||||
|
./installer-xxx.sh
|
||||||
|
```
|
||||||
|
|
||||||
|
### Use toltec if supported
|
||||||
|
`opkg install rmfakecloud-proxy`
|
||||||
|
|
||||||
|
### rmpro
|
||||||
|
To make it permanent, make root writable and unmount /etc first e.g.
|
||||||
|
```
|
||||||
|
mount -o remount,rw /
|
||||||
|
umount -R /etc
|
||||||
|
./installer-rmpro.sh
|
||||||
|
```
|
||||||
|
|
||||||
## Usage
|
## Usage
|
||||||
```
|
```
|
||||||
usage: secure [-addr host:port] -cert certfile -key keyfile upstream
|
usage: rmfakecloud-proxy [-addr host:port] -cert certfile -key keyfile upstream
|
||||||
-addr string
|
-addr string
|
||||||
listen address (default ":443")
|
listen address (default ":443")
|
||||||
-cert string
|
-cert string
|
||||||
|
@ -20,7 +43,7 @@ usage: secure [-addr host:port] -cert certfile -key keyfile upstream
|
||||||
|
|
||||||
### Example
|
### Example
|
||||||
```
|
```
|
||||||
secure -cert cert.pem -key key.pem http://localhost:6060
|
rmfakecloud-proxy -cert cert.pem -key key.pem http://localhost:6060
|
||||||
```
|
```
|
||||||
|
|
||||||
## Configfile
|
## Configfile
|
||||||
|
@ -28,5 +51,6 @@ secure -cert cert.pem -key key.pem http://localhost:6060
|
||||||
cert: proxy.crt
|
cert: proxy.crt
|
||||||
key: proxy.key
|
key: proxy.key
|
||||||
upstream: https://somehost:123
|
upstream: https://somehost:123
|
||||||
addr: 8080
|
#addr: :443
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
4
go.mod
4
go.mod
|
@ -1,5 +1,5 @@
|
||||||
module github.com/yi-jiayu/secure
|
module github.com/yi-jiayu/secure
|
||||||
|
|
||||||
go 1.15
|
go 1.24
|
||||||
|
|
||||||
require gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b
|
require gopkg.in/yaml.v3 v3.0.1
|
||||||
|
|
5
go.sum
5
go.sum
|
@ -1,3 +1,4 @@
|
||||||
|
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
|
||||||
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
||||||
gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b h1:h8qDotaEPuJATrMmW04NCwg7v22aHH28wwpauUhK9Oo=
|
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
|
||||||
gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||||
|
|
3
main.go
3
main.go
|
@ -7,7 +7,6 @@ import (
|
||||||
"context"
|
"context"
|
||||||
"flag"
|
"flag"
|
||||||
"fmt"
|
"fmt"
|
||||||
"io/ioutil"
|
|
||||||
"log"
|
"log"
|
||||||
"net/http"
|
"net/http"
|
||||||
"net/http/httputil"
|
"net/http/httputil"
|
||||||
|
@ -58,7 +57,7 @@ func getConfig() (config *Config, err error) {
|
||||||
|
|
||||||
if configFile != "" {
|
if configFile != "" {
|
||||||
var data []byte
|
var data []byte
|
||||||
data, err = ioutil.ReadFile(configFile)
|
data, err = os.ReadFile(configFile)
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return
|
return
|
||||||
|
|
|
@ -1,8 +1,8 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
set -e
|
set -e
|
||||||
|
|
||||||
UNIT_NAME=proxy
|
UNIT_NAME=rmfakecloud-proxy
|
||||||
BINARY=rmfake-proxy
|
BINARY=rmfakecloud-proxy
|
||||||
DESTINATION="/home/root/rmfakecloud"
|
DESTINATION="/home/root/rmfakecloud"
|
||||||
|
|
||||||
|
|
||||||
|
@ -19,26 +19,22 @@ function unpack(){
|
||||||
|
|
||||||
# marks all as unsynced so that they are not deleted
|
# marks all as unsynced so that they are not deleted
|
||||||
function fixsync(){
|
function fixsync(){
|
||||||
grep sync ~/.local/share/remarkable/xochitl/*.metadata -l | xargs sed -i 's/synced\": true/synced\": false/'
|
grep sync ~/.local/share/remarkable/xochitl/*.metadata -l | xargs -r sed -i 's/synced\": true/synced\": false/'
|
||||||
}
|
}
|
||||||
|
|
||||||
function install_proxyservice(){
|
function install_proxyservice(){
|
||||||
cloudurl=$1
|
cloudurl=$1
|
||||||
echo "Setting cloud sync to: ${cloudurl}"
|
echo "Setting cloud sync to: ${cloudurl}"
|
||||||
workdir=$DESTINATION
|
workdir=$DESTINATION
|
||||||
cat > $workdir/proxy.cfg <<EOF
|
|
||||||
URL=
|
|
||||||
EOF
|
|
||||||
cat > /etc/systemd/system/${UNIT_NAME}.service <<EOF
|
cat > /etc/systemd/system/${UNIT_NAME}.service <<EOF
|
||||||
[Unit]
|
[Unit]
|
||||||
Description=reverse proxy
|
Description=rmfakecloud reverse proxy
|
||||||
#StartLimitIntervalSec=600
|
#StartLimitIntervalSec=600
|
||||||
#StartLimitBurst=4
|
#StartLimitBurst=4
|
||||||
After=home.mount
|
After=home.mount
|
||||||
|
|
||||||
[Service]
|
[Service]
|
||||||
Environment=HOME=/home/root
|
Environment=HOME=/home/root
|
||||||
#EnvironmentFile=$workdir/proxy.cfg
|
|
||||||
WorkingDirectory=$workdir
|
WorkingDirectory=$workdir
|
||||||
ExecStart=$workdir/${BINARY} -cert $workdir/proxy.bundle.crt -key $workdir/proxy.key ${cloudurl}
|
ExecStart=$workdir/${BINARY} -cert $workdir/proxy.bundle.crt -key $workdir/proxy.key ${cloudurl}
|
||||||
|
|
||||||
|
@ -99,10 +95,13 @@ subjectAltName=@san
|
||||||
|
|
||||||
[ san ]
|
[ san ]
|
||||||
DNS.1 = *.appspot.com
|
DNS.1 = *.appspot.com
|
||||||
DNS.2 = my.remarkable.com
|
DNS.2 = *.remarkable.com
|
||||||
DNS.3 = internal.cloud.remarkable.com
|
DNS.3 = *.cloud.remarkable.com
|
||||||
DNS.4 = ping.remarkable.com
|
DNS.4 = *.cloud.remarkable.engineering
|
||||||
DNS.5 = *.remarkable.com
|
DNS.5 = *.rmfakecloud.localhost
|
||||||
|
DNS.6 = *.internal.cloud.remarkable.com
|
||||||
|
DNS.7 = *.tectonic.remarkable.com
|
||||||
|
DNS.8 = *.ping.remarkable.com
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
# ca
|
# ca
|
||||||
|
@ -170,8 +169,12 @@ function patch_hosts(){
|
||||||
127.0.0.1 service-manager-production-dot-remarkable-production.appspot.com
|
127.0.0.1 service-manager-production-dot-remarkable-production.appspot.com
|
||||||
127.0.0.1 local.appspot.com
|
127.0.0.1 local.appspot.com
|
||||||
127.0.0.1 my.remarkable.com
|
127.0.0.1 my.remarkable.com
|
||||||
127.0.0.1 internal.cloud.remarkable.com
|
|
||||||
127.0.0.1 ping.remarkable.com
|
127.0.0.1 ping.remarkable.com
|
||||||
|
127.0.0.1 internal.cloud.remarkable.com
|
||||||
|
127.0.0.1 backtrace-proxy.cloud.remarkable.engineering
|
||||||
|
127.0.0.1 dev.ping.remarkable.com
|
||||||
|
127.0.0.1 dev.tectonic.remarkable.com
|
||||||
|
127.0.0.1 dev.internal.cloud.remarkable.com
|
||||||
# rmfake_end
|
# rmfake_end
|
||||||
EOF
|
EOF
|
||||||
fi
|
fi
|
||||||
|
|
Loading…
Add table
Reference in a new issue