Add http-ingress config directive

Co-authored-by: delthas <delthas@dille.cc>
2024-01-24 21:31:02 +01:00 · 2024-01-24 21:31:02 +01:00 · fd4aa892b2
parent b76cb6d5e6
commit fd4aa892b2
5 changed files with 16 additions and 1 deletions
--- a/cmd/soju/main.go
+++ b/cmd/soju/main.go
@ -104,6 +104,7 @@ func loadConfig() (*config.Server, *soju.Config, error) {
 		MsgStoreDriver:            raw.MsgStore.Driver,
 		MsgStorePath:              raw.MsgStore.Source,
 		HTTPOrigins:               raw.HTTPOrigins,
+		HTTPIngress:               raw.HTTPIngress,
 		AcceptProxyIPs:            raw.AcceptProxyIPs,
 		MaxUserNetworks:           raw.MaxUserNetworks,
 		UpstreamUserIPs:           raw.UpstreamUserIPs,
--- a/config/config.go
+++ b/config/config.go
@ -84,6 +84,7 @@ type Server struct {
 	FileUpload *FileUpload

 	HTTPOrigins    []string
+	HTTPIngress    string
 	AcceptProxyIPs IPSet

 	MaxUserNetworks           int
@ -109,6 +110,7 @@ func Defaults() *Server {
 		Auth: Auth{
 			Driver: "internal",
 		},
+		HTTPIngress:     "https://" + hostname,
 		MaxUserNetworks: -1,
 	}
 }
@ -128,6 +130,7 @@ func Load(path string) (*Server, error) {
 		Auth                []string   `scfg:"auth"`
 		FileUpload          []string   `scfg:"file-upload"`
 		HTTPOrigin          []string   `scfg:"http-origin"`
+		HTTPIngress         string     `scfg:"http-ingress"`
 		AcceptProxyIP       []string   `scfg:"accept-proxy-ip"`
 		MaxUserNetworks     int        `scfg:"max-user-networks"`
 		UpstreamUserIP      []string   `scfg:"upstream-user-ip"`
@ -216,6 +219,11 @@ func Load(path string) (*Server, error) {
 		srv.FileUpload = &FileUpload{driver, source}
 	}
 	srv.HTTPOrigins = raw.HTTPOrigin
+	if raw.HTTPIngress != "" {
+		srv.HTTPIngress = raw.HTTPIngress
+	} else {
+		srv.HTTPIngress = "https://" + srv.Hostname
+	}
 	for _, s := range raw.AcceptProxyIP {
 		if s == "localhost" {
 			srv.AcceptProxyIPs = append(srv.AcceptProxyIPs, loopbackIPs...)
--- a/doc/soju.1.scd
+++ b/doc/soju.1.scd
@ -160,6 +160,11 @@ The following directives are supported:
 	By default, only the request host is authorized. Use this directive to
 	enable cross-origin WebSockets.

+*http-ingress* <url>
+	External URL on which HTTPS listeners are exposed.
+
+	By default, this is _https://<hostname>_.
+
 *accept-proxy-ip* <cidr...>
 	Allow the specified IPs to act as a proxy. Proxys have the ability to
 	overwrite the remote and local connection addresses (via the PROXY protocol,
--- a/downstream.go
+++ b/downstream.go
@ -1474,7 +1474,7 @@ func (dc *downstreamConn) welcome(ctx context.Context, user *user) error {
 		isupport = append(isupport, "VAPID="+dc.srv.webPush.VAPIDKeys.Public)
 	}
 	if dc.srv.Config().FileUploader != nil {
-		isupport = append(isupport, "soju.im/FILEHOST=https://"+dc.srv.Config().Hostname+"/upload")
+		isupport = append(isupport, "soju.im/FILEHOST="+dc.srv.Config().HTTPIngress+"/upload")
 	}

 	if uc := dc.upstream(); uc != nil {
--- a/server.go
+++ b/server.go
@ -143,6 +143,7 @@ type Config struct {
 	MsgStoreDriver            string
 	MsgStorePath              string
 	HTTPOrigins               []string
+	HTTPIngress               string
 	AcceptProxyIPs            config.IPSet
 	MaxUserNetworks           int
 	MOTD                      string