dalbodeule/hop-gate
1
0
Fork 0
mirror of https://github.com/dalbodeule/hop-gate.git synced 2026-02-04 15:52:24 +09:00
Code Issues Packages Projects Releases Wiki Activity

feat(dtls): add dtls client-server handshake flow

Browse Source 
Implement initial DTLS handshake flow for server and client using
pion/dtls. Load server and client configuration from .env/environment,
including new debug flags and logging config.

On the server:
- load ServerConfig from env, including DTLS listen addr and debug flag
- create DTLS listener with optional self-signed localhost cert in debug
- accept DTLS sessions and run PerformServerHandshake with a dummy
  domain validator

On the client:
- load ClientConfig from env, then override with CLI flags where given
- validate required fields: server_addr, domain, api_key, local_target
- create DTLS client and run PerformClientHandshake
- support debug mode to skip server certificate verification

Also:
- update go.mod/go.sum with pion/dtls and related dependencies
- extend .env.example with new ports, client config, and debug flags
- ignore built binaries via bin/ in .gitignore

BREAKING CHANGE: client environment variables have changed. The former
HOP_CLIENT_ID, HOP_CLIENT_AUTH_TOKEN and HOP_CLIENT_SERVICE_PORTS are
replaced by HOP_CLIENT_DOMAIN, HOP_CLIENT_API_KEY,
HOP_CLIENT_LOCAL_TARGET and HOP_CLIENT_DEBUG. Client startup now
requires server_addr, domain, api_key and local_target to be provided
(via env or CLI).
This commit is contained in:
dalbodeule
2025-11-26 17:04:45 +09:00
parent 4d5b7f15f3
commit 2121b56511
11 changed files with 778 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
.env.example
View File

@@ -30,13 +30,13 @@ HOP_LOKI_ENABLE=false
# ---- Server ports & domains ----
# HTTP 리스닝 포트 (보통 :80, ACME HTTP-01 및 HTTPS 리다이렉트용)
HOP_SERVER_HTTP_LISTEN=:80
HOP_SERVER_HTTP_LISTEN=:8080
# HTTPS 리스닝 포트 (보통 :443)
HOP_SERVER_HTTPS_LISTEN=:443
HOP_SERVER_HTTPS_LISTEN=:8443
# DTLS 리스닝 포트 (보통 :443, 필요시 별도 포트 사용)
HOP_SERVER_DTLS_LISTEN=:443
HOP_SERVER_DTLS_LISTEN=:8443
# 메인 도메인 (예: example.com)
HOP_SERVER_DOMAIN=example.com
@@ -45,19 +45,25 @@ HOP_SERVER_DOMAIN=example.com
# 예: api.example.com,edge.example.com
HOP_SERVER_PROXY_DOMAINS=api.example.com,edge.example.com
# 디버깅용 플래그
# 1. self signed localhost cert 사용여부 (debug: true -> 사용)
HOP_SERVER_DEBUG=true
# ---- Client settings ----
# DTLS 서버 주소 (host:port)
# 예: example.com:443
HOP_CLIENT_SERVER_ADDR=example.com:443
HOP_CLIENT_SERVER_ADDR=localhost:8443
# 클라이언트 식별자
HOP_CLIENT_ID=client-1
# 클라이언트 도메인
HOP_CLIENT_DOMAIN=test.example.com
# 선택적 인증 토큰 (서버에서 검증용으로 사용 가능)
HOP_CLIENT_AUTH_TOKEN=
# 인증 토큰 (서버에서 검증용으로 사용 가능)
HOP_CLIENT_API_KEY=TEST_API_KEY_0123456789_ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789
# 서비스 매핑: name=host:port 형태, 콤마 구분
# 예: web=127.0.0.1:8080,admin=127.0.0.1:9000
HOP_CLIENT_SERVICE_PORTS=web=127.0.0.1:8080,admin=127.0.0.1:9000
# 서비스 매핑: name=host:port 형태
HOP_CLIENT_LOCAL_TARGET=127.0.0.1:8080
# 디버깅용 플래그
# 1. self signed 인증서를 신뢰(인증서 체인 검증 스킵)
HOP_CLIENT_DEBUG=true