CD
Cloudflare Developers9mo ago
Rootster

Adding OpenSsl to pingora reverse proxy (beginner)

Hi, Im trying to replace nginx reverse proxy/caddyV2 reverse proxy with simple implementation of pingora reverse proxy. So far I've managed to serve my Nuxt3 app with pingora but now I'm stuck with pingora-openssl integration and I couldn't find any examples for it. This is my code so far: 
use async_trait::async_trait;

use pingora_core::server::Server;
use pingora_core::upstreams::peer::HttpPeer;
use pingora_core::Result;
use pingora_openssl::ssl::{SslAcceptor, SslFiletype, SslMethod};
use pingora_proxy::{ProxyHttp, Session};

pub struct MyProxy {}

#[async_trait]
impl ProxyHttp for MyProxy {
    type CTX = ();
    fn new_ctx(&self) -> Self::CTX {
        ()
    }

    async fn request_filter(&self, session: &mut Session, _ctx: &mut Self::CTX) -> Result<bool> {
        session
            .req_header_mut()
            .insert_header("Host", "127.0.0.1")
            .unwrap();
        Ok(false)
    }

    async fn upstream_peer(
        &self,
        _session: &mut Session,
        _ctx: &mut Self::CTX,
    ) -> Result<Box<HttpPeer>> {
        let addr = ("127.0.0.1", 3000);

        let peer = Box::new(HttpPeer::new(addr, false, "127.0.0.1".to_string()));
        Ok(peer)
    }
}
fn main() {
    env_logger::init();
    let mut my_server = Server::new(None).unwrap();
    my_server.bootstrap();
    let mut acceptor = SslAcceptor::mozilla_intermediate(SslMethod::tls()).unwrap();
    acceptor
        .set_private_key_file("key.pem", SslFiletype::PEM)
        .unwrap();
    acceptor.set_certificate_chain_file("cert.pem").unwrap();
    let acceptor = acceptor.build();
    let mut my_proxy = pingora_proxy::http_proxy_service(&my_server.configuration, MyProxy {});
    my_proxy.add_tcp("0.0.0.0:8888");
    my_server.add_service(my_proxy);
    my_server.run_forever();
}
use async_trait::async_trait;

use pingora_core::server::Server;
use pingora_core::upstreams::peer::HttpPeer;
use pingora_core::Result;
use pingora_openssl::ssl::{SslAcceptor, SslFiletype, SslMethod};
use pingora_proxy::{ProxyHttp, Session};

pub struct MyProxy {}

#[async_trait]
impl ProxyHttp for MyProxy {
    type CTX = ();
    fn new_ctx(&self) -> Self::CTX {
        ()
    }

    async fn request_filter(&self, session: &mut Session, _ctx: &mut Self::CTX) -> Result<bool> {
        session
            .req_header_mut()
            .insert_header("Host", "127.0.0.1")
            .unwrap();
        Ok(false)
    }

    async fn upstream_peer(
        &self,
        _session: &mut Session,
        _ctx: &mut Self::CTX,
    ) -> Result<Box<HttpPeer>> {
        let addr = ("127.0.0.1", 3000);

        let peer = Box::new(HttpPeer::new(addr, false, "127.0.0.1".to_string()));
        Ok(peer)
    }
}
fn main() {
    env_logger::init();
    let mut my_server = Server::new(None).unwrap();
    my_server.bootstrap();
    let mut acceptor = SslAcceptor::mozilla_intermediate(SslMethod::tls()).unwrap();
    acceptor
        .set_private_key_file("key.pem", SslFiletype::PEM)
        .unwrap();
    acceptor.set_certificate_chain_file("cert.pem").unwrap();
    let acceptor = acceptor.build();
    let mut my_proxy = pingora_proxy::http_proxy_service(&my_server.configuration, MyProxy {});
    my_proxy.add_tcp("0.0.0.0:8888");
    my_server.add_service(my_proxy);
    my_server.run_forever();
}
Can anybody help me to finish Pingora-OpenSsl integration so I can learn how to do it? Thank you!
3 Replies
Chaika
Chaika9mo ago
Looks like in response to your github Issue they linked an example here: https://github.com/cloudflare/pingora/blob/main/pingora-proxy/examples/load_balancer.rs#L85-L93 You'd probably have better luck using those Github Issues in the future, no CF people working on Pingora would be in these channels
GitHub
pingora/pingora-proxy/examples/load_balancer.rs at main · cloudflar...
A library for building fast, reliable and evolvable network services. - cloudflare/pingora
Rootster
RootsterOP9mo ago
I hope with time there will be more examples Will see next year if there will be some movement
Chaika
Chaika9mo ago
yea hopefully with time, as most people use it, they'll be more public docs and such
Want results from more Discord servers?
Add your server