fix1
All checks were successful
Create and publish a Docker image 🚀 / build-and-push-image (push) Successful in 1m50s
All checks were successful
Create and publish a Docker image 🚀 / build-and-push-image (push) Successful in 1m50s
This commit is contained in:
Smile Rex
72
main.go
72
main.go
@@ -2,7 +2,6 @@ package main
|
|||||||
|
|
||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
"crypto/tls"
|
|
||||||
"log"
|
"log"
|
||||||
"net/http"
|
"net/http"
|
||||||
"strings"
|
"strings"
|
||||||
@@ -24,40 +23,33 @@ type Server struct {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func NewServer() *Server {
|
func NewServer() *Server {
|
||||||
return &Server{
|
return &Server{rooms: make(map[string]*Room)}
|
||||||
rooms: make(map[string]*Room),
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *Server) getRoom(name string) *Room {
|
func (s *Server) getRoom(name string) *Room {
|
||||||
s.mu.Lock()
|
s.mu.Lock()
|
||||||
defer s.mu.Unlock()
|
defer s.mu.Unlock()
|
||||||
|
|
||||||
if room, ok := s.rooms[name]; ok {
|
if room, ok := s.rooms[name]; ok {
|
||||||
return room
|
return room
|
||||||
}
|
}
|
||||||
|
room := &Room{conns: make(map[*webtransport.Session]bool)}
|
||||||
room := &Room{
|
|
||||||
conns: make(map[*webtransport.Session]bool),
|
|
||||||
}
|
|
||||||
s.rooms[name] = room
|
s.rooms[name] = room
|
||||||
return room
|
return room
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *Server) handleSession(roomName string, sess *webtransport.Session) {
|
func (s *Server) handleSession(roomName string, sess *webtransport.Session) {
|
||||||
room := s.getRoom(roomName)
|
room := s.getRoom(roomName)
|
||||||
|
|
||||||
room.mu.Lock()
|
room.mu.Lock()
|
||||||
room.conns[sess] = true
|
room.conns[sess] = true
|
||||||
room.mu.Unlock()
|
room.mu.Unlock()
|
||||||
|
|
||||||
log.Println("joined room:", roomName)
|
log.Printf("User joined room: %s", roomName)
|
||||||
|
|
||||||
defer func() {
|
defer func() {
|
||||||
room.mu.Lock()
|
room.mu.Lock()
|
||||||
delete(room.conns, sess)
|
delete(room.conns, sess)
|
||||||
room.mu.Unlock()
|
room.mu.Unlock()
|
||||||
log.Println("left room:", roomName)
|
log.Printf("User left room: %s", roomName)
|
||||||
}()
|
}()
|
||||||
|
|
||||||
for {
|
for {
|
||||||
@@ -71,26 +63,26 @@ func (s *Server) handleSession(roomName string, sess *webtransport.Session) {
|
|||||||
|
|
||||||
func (s *Server) handleStream(room *Room, sender *webtransport.Session, stream *webtransport.Stream) {
|
func (s *Server) handleStream(room *Room, sender *webtransport.Session, stream *webtransport.Stream) {
|
||||||
buf := make([]byte, 4096)
|
buf := make([]byte, 4096)
|
||||||
|
|
||||||
for {
|
for {
|
||||||
n, err := stream.Read(buf)
|
n, err := stream.Read(buf)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
data := append([]byte(nil), buf[:n]...)
|
||||||
|
|
||||||
room.mu.Lock()
|
room.mu.Lock()
|
||||||
for conn := range room.conns {
|
for conn := range room.conns {
|
||||||
if conn == sender {
|
if conn == sender {
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
go func(c *webtransport.Session, data []byte) {
|
go func(c *webtransport.Session, d []byte) {
|
||||||
out, err := c.OpenStream()
|
out, err := c.OpenStream()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
defer out.Close()
|
defer out.Close()
|
||||||
out.Write(data)
|
out.Write(d)
|
||||||
}(conn, append([]byte(nil), buf[:n]...))
|
}(conn, data)
|
||||||
}
|
}
|
||||||
room.mu.Unlock()
|
room.mu.Unlock()
|
||||||
}
|
}
|
||||||
@@ -100,61 +92,69 @@ func main() {
|
|||||||
domain := "qgo-server.quizer.space"
|
domain := "qgo-server.quizer.space"
|
||||||
email := "serverussnap@outlook.com"
|
email := "serverussnap@outlook.com"
|
||||||
|
|
||||||
|
// 1. Настройка CertMagic
|
||||||
certmagic.DefaultACME.Email = email
|
certmagic.DefaultACME.Email = email
|
||||||
certmagic.DefaultACME.Agreed = true
|
certmagic.DefaultACME.Agreed = true
|
||||||
certmagic.Default.Storage = &certmagic.FileStorage{
|
cfg := certmagic.NewDefault()
|
||||||
Path: "/root/.local/share/certmagic",
|
|
||||||
}
|
|
||||||
|
|
||||||
tlsConf, err := certmagic.TLS([]string{domain})
|
// Важно: ManageSync получит сертификат ДО запуска серверов
|
||||||
|
err := cfg.ManageSync(context.Background(), []string{domain})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Fatal(err)
|
log.Fatal("CertMagic error:", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
// Обязательно и h3, и http/1.1
|
tlsConf := cfg.TLSConfig()
|
||||||
|
// NextProtos критически важен для WebTransport
|
||||||
tlsConf.NextProtos = []string{"h3", "http/1.1"}
|
tlsConf.NextProtos = []string{"h3", "http/1.1"}
|
||||||
tlsConf.MinVersion = tls.VersionTLS13
|
|
||||||
|
|
||||||
server := NewServer()
|
server := NewServer()
|
||||||
|
|
||||||
mux := http.NewServeMux()
|
mux := http.NewServeMux()
|
||||||
|
|
||||||
// WebTransport server поверх HTTP/3
|
// 2. WebTransport сервер
|
||||||
wtServer := &webtransport.Server{
|
wt := &webtransport.Server{
|
||||||
H3: &http3.Server{
|
H3: &http3.Server{
|
||||||
Addr: ":443",
|
Addr: ":443",
|
||||||
TLSConfig: tlsConf,
|
TLSConfig: tlsConf,
|
||||||
Handler: mux,
|
Handler: mux,
|
||||||
},
|
},
|
||||||
|
CheckOrigin: func(r *http.Request) bool { return true }, // Разрешаем подключения отовсюду
|
||||||
}
|
}
|
||||||
|
|
||||||
mux.HandleFunc("/room/", func(w http.ResponseWriter, r *http.Request) {
|
mux.HandleFunc("/room/", func(w http.ResponseWriter, r *http.Request) {
|
||||||
roomName := strings.TrimPrefix(r.URL.Path, "/room/")
|
// Сообщаем браузеру, что сервер поддерживает HTTP/3 на порту 443
|
||||||
|
w.Header().Set("Alt-Svc", `h3=":443"; ma=86400`)
|
||||||
|
|
||||||
sess, err := wtServer.Upgrade(w, r)
|
roomName := strings.TrimPrefix(r.URL.Path, "/room/")
|
||||||
if err != nil {
|
if roomName == "" {
|
||||||
log.Println("upgrade error:", err)
|
http.Error(w, "Room name required", 400)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
sess, err := wt.Upgrade(w, r)
|
||||||
|
if err != nil {
|
||||||
|
log.Printf("Upgrade error (check if you use https): %v", err)
|
||||||
|
return
|
||||||
|
}
|
||||||
go server.handleSession(roomName, sess)
|
go server.handleSession(roomName, sess)
|
||||||
})
|
})
|
||||||
|
|
||||||
log.Println("Relay running on https://" + domain + "/room/{room}")
|
// 3. Запуск UDP (HTTP/3 + WebTransport)
|
||||||
|
|
||||||
// Запуск HTTP/3 + WebTransport (UDP 443)
|
|
||||||
go func() {
|
go func() {
|
||||||
if err := wtServer.ListenAndServe(); err != nil {
|
log.Printf("Starting UDP (WebTransport) on https://%s/room/", domain)
|
||||||
log.Fatal(err)
|
if err := wt.ListenAndServe(); err != nil {
|
||||||
|
log.Fatalf("UDP Server Error: %v", err)
|
||||||
}
|
}
|
||||||
}()
|
}()
|
||||||
|
|
||||||
// Отдельный HTTPS сервер (TCP 443) для ACME challenge
|
// 4. Запуск TCP (HTTPS + ACME Challenge)
|
||||||
|
// Это нужно, чтобы браузер сначала зашел по TCP и узнал про Alt-Svc
|
||||||
|
log.Printf("Starting TCP (HTTPS) on https://%s", domain)
|
||||||
httpServer := &http.Server{
|
httpServer := &http.Server{
|
||||||
Addr: ":443",
|
Addr: ":443",
|
||||||
TLSConfig: tlsConf,
|
TLSConfig: tlsConf,
|
||||||
Handler: mux,
|
Handler: mux,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Используем ListenAndServeTLS с пустыми путями, так как сертификаты в tlsConf
|
||||||
log.Fatal(httpServer.ListenAndServeTLS("", ""))
|
log.Fatal(httpServer.ListenAndServeTLS("", ""))
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user