update
All checks were successful
Build Multi-Platform Binaries / build-frontend (push) Successful in 30s
Build Multi-Platform Binaries / build-binaries (amd64, darwin, server, false) (push) Successful in 58s
Build Multi-Platform Binaries / build-binaries (amd64, linux, client, true) (push) Successful in 48s
Build Multi-Platform Binaries / build-binaries (amd64, linux, server, true) (push) Successful in 1m23s
Build Multi-Platform Binaries / build-binaries (amd64, windows, client, true) (push) Successful in 56s
Build Multi-Platform Binaries / build-binaries (amd64, windows, server, true) (push) Successful in 58s
Build Multi-Platform Binaries / build-binaries (arm, 7, linux, client, true) (push) Successful in 52s
Build Multi-Platform Binaries / build-binaries (arm, 7, linux, server, true) (push) Successful in 1m42s
Build Multi-Platform Binaries / build-binaries (arm64, darwin, server, false) (push) Successful in 1m19s
Build Multi-Platform Binaries / build-binaries (arm64, linux, client, true) (push) Successful in 54s
Build Multi-Platform Binaries / build-binaries (arm64, linux, server, true) (push) Successful in 2m3s
Build Multi-Platform Binaries / build-binaries (arm64, windows, server, false) (push) Successful in 1m1s
All checks were successful
Build Multi-Platform Binaries / build-frontend (push) Successful in 30s
Build Multi-Platform Binaries / build-binaries (amd64, darwin, server, false) (push) Successful in 58s
Build Multi-Platform Binaries / build-binaries (amd64, linux, client, true) (push) Successful in 48s
Build Multi-Platform Binaries / build-binaries (amd64, linux, server, true) (push) Successful in 1m23s
Build Multi-Platform Binaries / build-binaries (amd64, windows, client, true) (push) Successful in 56s
Build Multi-Platform Binaries / build-binaries (amd64, windows, server, true) (push) Successful in 58s
Build Multi-Platform Binaries / build-binaries (arm, 7, linux, client, true) (push) Successful in 52s
Build Multi-Platform Binaries / build-binaries (arm, 7, linux, server, true) (push) Successful in 1m42s
Build Multi-Platform Binaries / build-binaries (arm64, darwin, server, false) (push) Successful in 1m19s
Build Multi-Platform Binaries / build-binaries (arm64, linux, client, true) (push) Successful in 54s
Build Multi-Platform Binaries / build-binaries (arm64, linux, server, true) (push) Successful in 2m3s
Build Multi-Platform Binaries / build-binaries (arm64, windows, server, false) (push) Successful in 1m1s
This commit is contained in:
Flik
@@ -3,6 +3,8 @@ package main
|
||||
import (
|
||||
"flag"
|
||||
"log"
|
||||
"os"
|
||||
"path/filepath"
|
||||
|
||||
"github.com/gotunnel/internal/client/tunnel"
|
||||
"github.com/gotunnel/pkg/crypto"
|
||||
@@ -15,19 +17,27 @@ func main() {
|
||||
token := flag.String("t", "", "auth token")
|
||||
id := flag.String("id", "", "client id (optional, auto-assigned if empty)")
|
||||
noTLS := flag.Bool("no-tls", false, "disable TLS")
|
||||
skipVerify := flag.Bool("skip-verify", false, "skip TLS certificate verification (insecure)")
|
||||
flag.Parse()
|
||||
|
||||
if *server == "" || *token == "" {
|
||||
log.Fatal("Usage: client -s <server:port> -t <token> [-id <client_id>] [-no-tls]")
|
||||
log.Fatal("Usage: client -s <server:port> -t <token> [-id <client_id>] [-no-tls] [-skip-verify]")
|
||||
}
|
||||
|
||||
client := tunnel.NewClient(*server, *token, *id)
|
||||
|
||||
// TLS 默认启用
|
||||
// TLS 默认启用,使用 TOFU 验证
|
||||
if !*noTLS {
|
||||
client.TLSEnabled = true
|
||||
client.TLSConfig = crypto.ClientTLSConfig()
|
||||
log.Printf("[Client] TLS enabled")
|
||||
// 获取数据目录
|
||||
home, _ := os.UserHomeDir()
|
||||
dataDir := filepath.Join(home, ".gotunnel")
|
||||
client.TLSConfig = crypto.ClientTLSConfigWithTOFU(*server, dataDir, *skipVerify)
|
||||
if *skipVerify {
|
||||
log.Printf("[Client] TLS enabled (certificate verification DISABLED - insecure)")
|
||||
} else {
|
||||
log.Printf("[Client] TLS enabled with TOFU certificate verification")
|
||||
}
|
||||
}
|
||||
|
||||
// 初始化插件系统
|
||||
|
||||
@@ -5,6 +5,9 @@ import (
|
||||
"fmt"
|
||||
"log"
|
||||
"os"
|
||||
"os/signal"
|
||||
"syscall"
|
||||
"time"
|
||||
|
||||
"github.com/gotunnel/internal/server/app"
|
||||
"github.com/gotunnel/internal/server/config"
|
||||
@@ -72,22 +75,41 @@ func main() {
|
||||
|
||||
// 启动 Web 控制台
|
||||
if cfg.Web.Enabled {
|
||||
// 强制生成 Web 凭据(如果未配置)
|
||||
if config.GenerateWebCredentials(cfg) {
|
||||
log.Printf("[Web] Auto-generated credentials - Username: %s, Password: %s",
|
||||
cfg.Web.Username, cfg.Web.Password)
|
||||
log.Printf("[Web] Please save these credentials and update your config file")
|
||||
// 保存配置以持久化凭据
|
||||
if err := config.SaveServerConfig(*configPath, cfg); err != nil {
|
||||
log.Printf("[Web] Warning: failed to save config: %v", err)
|
||||
}
|
||||
}
|
||||
|
||||
ws := app.NewWebServer(clientStore, server, cfg, *configPath, clientStore)
|
||||
addr := fmt.Sprintf("%s:%d", cfg.Web.BindAddr, cfg.Web.BindPort)
|
||||
|
||||
go func() {
|
||||
var err error
|
||||
if cfg.Web.Username != "" && cfg.Web.Password != "" {
|
||||
err = ws.RunWithJWT(addr, cfg.Web.Username, cfg.Web.Password, cfg.Server.Token)
|
||||
} else {
|
||||
err = ws.Run(addr)
|
||||
}
|
||||
// 始终使用 JWT 认证
|
||||
err := ws.RunWithJWT(addr, cfg.Web.Username, cfg.Web.Password, cfg.Server.Token)
|
||||
if err != nil {
|
||||
log.Printf("[Web] Server error: %v", err)
|
||||
}
|
||||
}()
|
||||
log.Printf("[Web] Console running at http://%s (authentication required)", addr)
|
||||
}
|
||||
|
||||
// 优雅关闭信号处理
|
||||
quit := make(chan os.Signal, 1)
|
||||
signal.Notify(quit, syscall.SIGINT, syscall.SIGTERM)
|
||||
|
||||
go func() {
|
||||
<-quit
|
||||
log.Printf("[Server] Received shutdown signal")
|
||||
server.Shutdown(30 * time.Second)
|
||||
os.Exit(0)
|
||||
}()
|
||||
|
||||
log.Fatal(server.Run())
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user