Skip to content

Commit

Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Created RemoteAddr plugin
Browse files Browse the repository at this point in the history
applejag committed Jun 6, 2024

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
1 parent d65432e commit fbebeab
Showing 10 changed files with 319 additions and 405 deletions.
19 changes: 6 additions & 13 deletions .golangci.yml
Original file line number Diff line number Diff line change
@@ -25,21 +25,16 @@ linters-settings:
- FIXME
gofumpt:
extra-rules: true
depguard:
rules:
main:
allow:
- $gostd
- "github.com/RiskIdent/traefik-remoteaddr-plugin"

linters:
enable-all: true
disable:
- deadcode # deprecated
- exhaustivestruct # deprecated
- golint # deprecated
- ifshort # deprecated
- interfacer # deprecated
- maligned # deprecated
- nosnakecase # deprecated
- scopelint # deprecated
- scopelint # deprecated
- structcheck # deprecated
- varcheck # deprecated
- sqlclosecheck # not relevant (SQL)
- rowserrcheck # not relevant (SQL)
- execinquery # not relevant (SQL)
@@ -53,9 +48,7 @@ linters:
- wsl
- exhaustive
- exhaustruct
- goerr113
- wrapcheck
- ifshort
- noctx
- lll
- gomnd
11 changes: 5 additions & 6 deletions .traefik.yml
Original file line number Diff line number Diff line change
@@ -1,12 +1,11 @@
displayName: Demo Plugin
displayName: RemoteAddr (fix X-Forwarded-Port)
type: middleware
iconPath: .assets/icon.png

import: github.com/traefik/plugindemo
import: github.com/RiskIdent/traefik-remoteaddr-plugin

summary: '[Demo] Add Request Header'
summary: "Add request header for the client port, to make X-Forwarded-Port act like in nginx"

testData:
Headers:
X-Demo: test
X-URL: '{{URL}}'
headers:
port: X-Forwarded-Port
6 changes: 6 additions & 0 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
ARG TRAEFIK_VERSION=v3.0.0
ARG BASE_IMAGE=docker.io/traefik:${TRAEFIK_VERSION}
FROM ${BASE_IMAGE}

COPY . plugins-local/src/github.com/RiskIdent/traefik-remoteaddr-plugin/
ENV TRAEFIK_EXPERIMENTAL_LOCALPLUGINS_remoteaddr_MODULENAME="github.com/RiskIdent/traefik-remoteaddr-plugin""
157 changes: 157 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,157 @@
# Traefik RemoteAddr plugin

[![Build Status](https://github.com/RiskIdent/traefik-remoteaddr-plugin/workflows/Main/badge.svg?branch=master)](https://github.com/RiskIdent/traefik-remoteaddr-plugin/actions)

## Usage

This plugin is very simple: take the **client** IP and port and write them to some headers.
This is done by using the Go field [`net/http.Request.RemoteAddr`](https://pkg.go.dev/net/http#Request)
which is composed of `IP:port` of the client connection.

To mimic nginx's behaviour of `X-Forwarded-Port`, where it sets that header to the client's port, then use the dynamic middleware config:

```yaml
middlewares:
my-middleware:
plugin:
remoteaddr:
headers:
port: X-Forwarded-Port
```
Alternatively, you could use the non-standard `X-Real-Port` to not override Traefik's behavior:

```yaml
middlewares:
my-middleware:
plugin:
remoteaddr:
headers:
port: X-Real-Port
```

### Configuration

Traefik static configuration must define the module name (as is usual for Go packages).

The following declaration (given here in YAML) defines a plugin:

<details open><summary>File (YAML)</summary>

```yaml
# Static configuration
experimental:
plugins:
remoteaddr:
moduleName: github.com/RiskIdent/traefik-remoteaddr-plugin
version: v0.1.0
```

</details>

<details><summary>CLI</summary>

```bash
# Static configuration
--experimental.plugins.remoteaddr.moduleName=github.com/RiskIdent/traefik-remoteaddr-plugin
--experimental.plugins.remoteaddr.version=v0.1.0
```

</details>

Here is an example of a file provider dynamic configuration (given here in YAML), where the interesting part is the `http.middlewares` section:

<details open><summary>File (YAML)</summary>

```yaml
# Dynamic configuration
http:
middlewares:
my-middleware:
plugin:
remoteaddr:
headers:
# if set, then set header "X-Real-Address" to the RemoteAddr (e.g "192.168.1.2:1234")
address: X-Real-Address
# if set, then set header "X-Real-Ip" to the IP of RemoteAddr (e.g "192.168.1.2")
ip: X-Real-Ip
# if set, then set header "X-Real-Port" to the port of RemoteAddr (e.g "1234")
port: X-Real-Port
```

</details>

<details><summary>Kubernetes</summary>

```yaml
# Dynamic configuration
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: my-middleware
spec:
plugin:
remoteaddr:
headers:
# if set, then set header "X-Real-Address" to the RemoteAddr (e.g "192.168.1.2:1234")
address: X-Real-Address
# if set, then set header "X-Real-Ip" to the IP of RemoteAddr (e.g "192.168.1.2")
ip: X-Real-Ip
# if set, then set header "X-Real-Port" to the port of RemoteAddr (e.g "1234")
port: X-Real-Port
```

</details>

### Local Mode

Traefik also offers a developer mode that can be used for temporary testing of plugins not hosted on GitHub.
To use a plugin in local mode, the Traefik static configuration must define the module name (as is usual for Go packages) and a path to a [Go workspace](https://golang.org/doc/gopath_code.html#Workspaces), which can be the local GOPATH or any directory.

The plugins must be placed in `./plugins-local` directory,
which should be in the working directory of the process running the Traefik binary.
The source code of the plugin should be organized as follows:

```console
$ tree ./plugins-local/
./plugins-local/
└── src
└── github.com
└── RiskIdent
└── traefik-remoteaddr-plugin
├── plugin.go
├── plugin_test.go
├── go.mod
├── LICENSE
├── Makefile
└── README.md
```

<details open><summary>File (YAML)</summary>

```yaml
# Static configuration
experimental:
localPlugins:
remoteaddr:
moduleName: github.com/RiskIdent/traefik-remoteaddr-plugin
```

</details>

<details><summary>CLI</summary>

```bash
# Static configuration
--experimental.localPlugins.remoteaddr.moduleName=github.com/RiskIdent/traefik-remoteaddr-plugin
```

</details>

(In the above example, the `traefik-remoteaddr-plugin` plugin will be loaded from the path `./plugins-local/src/github.com/RiskIdent/traefik-remoteaddr-plugin`.)
66 changes: 0 additions & 66 deletions demo.go

This file was deleted.

49 changes: 0 additions & 49 deletions demo_test.go

This file was deleted.

2 changes: 1 addition & 1 deletion go.mod
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
module github.com/traefik/plugindemo
module github.com/RiskIdent/traefik-remoteaddr-plugin

go 1.19
Loading

0 comments on commit fbebeab

Please sign in to comment.