feat: add receive proxy protocol (#206)

* refactor: infrared tests

* feat: add receive proxy protocol support

* fix: docs

* fix: send proxy protocol and tests

* test: receive proxy protocol

* docs: add community projects page

* docs: fix typo

.golangci.yml

@@ -252,6 +252,9 @@ linters:
  - wastedassign # finds wasted assignment statements
  - whitespace # detects leading and trailing whitespace
  - prealloc # [premature optimization, but can be used in some cases] finds slice declarations that could potentially be preallocated
+ - zerologlint # detects the wrong usage of zerolog that a user forgets to dispatch zerolog.Event
+ - testpackage # makes you use a separate _test package
+ - tagalign # checks that struct tags are well aligned
 
  ## you may want to enable
  #- decorder # checks declaration order and count of types, constants, variables and functions
@@ -263,13 +266,10 @@ linters:
  #- inamedparam # [great idea, but too strict, need to ignore a lot of cases by default] reports interfaces with unnamed method parameters
  #- interfacebloat # checks the number of methods inside an interface
  #- ireturn # accept interfaces, return concrete types
- #- tagalign # checks that struct tags are well aligned
  #- varnamelen # [great idea, but too many false positives] checks that the length of a variable's name matches its scope
  #- wrapcheck # checks that errors returned from external packages are wrapped
- #- zerologlint # detects the wrong usage of zerolog that a user forgets to dispatch zerolog.Event
  #- gochecknoglobals # checks that no global variables exist
  #- gomnd # detects magic numbers
- #- testpackage # makes you use a separate _test package
 
  ## disabled
  #- containedctx # detects struct contained context.Context field

README.md

@@ -16,7 +16,7 @@
 </p>
 
 > [!WARNING] 
-> Infrared is currently under active development: breaking changes can happen.
+> Infrared is currently under active development: bugs and breaking changes can happen.
 > Feedback and contributions are welcome.
 
 An ultra lightweight Minecraft reverse proxy and status placeholder:

cmd/infrared/main.go

@@ -1,6 +1,7 @@
 package main
 
 import (
+ "errors"
  "os"
  "os/signal"
  "syscall"
@@ -117,12 +118,25 @@ func run() error {
 
  select {
  case sig := <-sigChan:
- log.Printf("Received %s", sig.String())
+ log.Info().Msg("Received " + sig.String())
  case err := <-errChan:
- if err != nil {
- return err
+ switch {
+ case errors.Is(err, ir.ErrNoServers):
+ log.Fatal().
+ Str("docs", "https://infrared.dev/config/proxies").
+ Msg("No proxy configs found; Check the docs")
+ case errors.Is(err, ir.ErrNoTrustedCIDRs):
+ log.Fatal().
+ Str("docs", "https://infrared.dev/features/proxy-protocol#receive-proxy-protocol").
+ Msg("Receive PROXY Protocol enabled, but no CIDRs specified; Check the docs")
+ default:
+ if err != nil {
+ return err
+ }
  }
  }
 
+ log.Info().Msg("Bye")
+
  return nil
 }

configs/config.yml

@@ -4,6 +4,23 @@
 #
 bind: 0.0.0.0:25565
 
+# This is for receiving PROXY Protocol Headers
+#
+proxyProtocol:
+ # Set this to true to enable it.
+ # You also need to set trusted CIDRs to use this feature.
+ # You can only receive PROXY Protocol Headers from trusted CIDRs.
+ #
+ receive: false
+
+ # List all your trusted CIDRs here.
+ # A CIDR is basically a way to talk about a whole range of IPs
+ # instead of just one. See here for more info: 
+ # https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing#IPv4_CIDR_blocks
+ #
+ trustedCIDRs:
+ - 127.0.0.1/32
+
 # Maximum duration between packets before the client gets timed out.
 #
 keepAliveTimeout: 30s

configs/haproxy.cfg

@@ -8,10 +8,6 @@
 global
  maxconn 20000
  log stdout local0 debug
- user haproxy
- chroot /usr/share/haproxy
- pidfile /run/haproxy.pid
- daemon
 
 defaults
  log global
@@ -20,11 +16,6 @@ resolvers nameserver
  nameserver ns1 1.1.1.1:53
  nameserver ns2 8.8.8.8:53
 
-#listen minecraft
-# bind :25500
-# mode tcp
-# server s1 127.0.0.1:25565 send-proxy-v2 resolvers nameserver
-
 frontend minecraft_fe
  maxconn 2000
  mode tcp
@@ -33,5 +24,4 @@ frontend minecraft_fe
 
 backend minecraft_be
  mode tcp
-# server s1 185.232.71.248:25565 send-proxy-v2 resolvers nameserver
- server s1 127.0.0.1:25565 send-proxy-v2 resolvers nameserver
+ server s1 127.0.0.1:25565 send-proxy-v2 resolvers nameserver

configs/proxy.yml

@@ -10,7 +10,7 @@ domains:
 addresses:
  - 127.0.0.1:25565
 
-# Send a Proxy Protocol v2 Header to the server to
+# Send a PROXY Protocol Header to the server to
 # forward the players IP address
 #
 #sendProxyProtocol: true

deployments/docker-compose.dev.yml

@@ -21,19 +21,14 @@ services:
  - infrared.java.servers.devserver.address=:25566
 
  haproxy:
- image: haproxy
+ image: haproxy:alpine
  container_name: infrared-dev-haproxy
- sysctls:
- - net.ipv4.ip_unprivileged_port_start=0
  volumes:
  - ../.dev/haproxy:/usr/local/etc/haproxy:ro
- ports:
- - 25567:25565/tcp
- networks:
- - infrared
+ network_mode: host
 
  redis:
- image: redis
+ image: redis:alpine
  container_name: infrared-dev-redis
  ports:
  - 6379:6379/tcp

docs/.vitepress/config.mts

@@ -23,8 +23,8 @@ export default defineConfig({
  {
  text: 'Features',
  items: [
- { text: 'PROXY Protocol', link: '/features/forward-player-ips' },
- { text: 'Rate Limiter', link: '/features/rate-limit-ips' },
+ { text: 'PROXY Protocol', link: '/features/proxy-protocol' },
+ { text: 'Rate Limiter', link: '/features/rate-limiter' },
  ]
  },
  {
@@ -47,6 +47,7 @@ export default defineConfig({
 
  sidebar: [
  { text: 'Getting Started', link: '/getting-started' },
+ { text: 'Community Projects', link: '/community-projects' },
  {
  text: 'Config',
  items: [
@@ -58,12 +59,12 @@ export default defineConfig({
  {
  text: 'Features',
  items: [
- { text: 'Forward Player IPs', link: '/features/forward-player-ips' },
+ { text: 'PROXY Protocol', link: '/features/proxy-protocol' },
  {
  text: 'Filters',
  link: '/features/filters',
  items: [
- { text: 'Rate Limit IPs', link: '/features/rate-limit-ips' },
+ { text: 'Rate Limiter', link: '/features/rate-limiter' },
  ]
  }
  ]

docs/community-projects.md

@@ -0,0 +1,13 @@
+# Community Projects
+
+> [!NOTE]
+> These projects are managed by the Infrared Community.
+> We do **not** provide official support for these projects.
+> Please use their dedicated issue trackers or support channels provided by the respective project.
+> Thanks for understanding.
+
+## Infrared for Pterodactyl
+
+An egg to run Infrared in Pterodactyl. \
+Repo: [Shadowner/Infrared-Pterodactyl-egg](https://github.com/Shadowner/Infrared-Pterodactyl-egg) \
+Owner: [Shadowner](https://github.com/Shadowner)

docs/features/filters.md

@@ -17,4 +17,4 @@ filters:
 Now you actually need to add filters to your config.
 This is a list of all the filters that currently exist:
 
-- [Rate Limiter](rate-limit-ips)
+- [Rate Limiter](rate-limiter)

docs/features/proxy-protocol.md

@@ -0,0 +1,43 @@
+# PROXY Protocol
+
+Infrared supportes [PROXY Protocol v2](https://www.haproxy.org/download/1.8/doc/proxy-protocol.txt).
+
+## Receive PROXY Protocol
+
+You can receive PROXY Protocol Headers, but you **need** to specify your trusted [CIDRs](https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing#IPv4_CIDR_blocks).
+To enable it in Infrared you just have to change this in you [global config](../config/index):
+
+```yml
+# This is for receiving PROXY Protocol Headers
+#
+proxyProtocol:
+ # Set this to true to enable it.
+ # You also need to set trusted CIDRs to use this feature.
+ # You can only receive PROXY Protocol Headers from trusted CIDRs.
+ #
+ receive: false
+
+ # List all your trusted CIDRs here.
+ # A CIDR is basically a way to talk about a whole range of IPs
+ # instead of just one.
+ #
+ trustedCIDRs:
+ - 127.0.0.1/32
+```
+
+## Forward Player IPs
+
+You can forward the player IPs via PROXY Protocol.
+To enable it in Infrared you just have to change this in you [**proxy config**](../config/proxies):
+```yml
+# Send a PROXY Protocol Header to the server to
+# forward the players IP address.
+#
+#sendProxyProtocol: true // [!code --]
+sendProxyProtocol: true // [!code ++]
+```
+
+## Paper
+
+In Paper you have to enable it also to work.
+See [the Paper documentation on PROXY Protocol](https://docs.papermc.io/paper/reference/global-configuration#proxies_proxy_protocol) for more.

docs/features/rate-limit-ips.md → docs/features/rate-limiter.md

@@ -1,7 +1,7 @@
 # Rate Limit IPs
 
 You can rate limit by IP address using the `rateLimit` filter.
-This can be easily activated in your [**global config**](../config/index.md) by adding this:
+This can be easily activated in your [**global config**](../config/index) by adding this:
 
 ```yml{2-16}
 filters: