Kyle Isom
498f040cbe
Proto: Route message gains mode, tls_cert, tls_key, backend_tls,
send_proxy_protocol fields. ListenerStatus gains proxy_protocol.
Generated code regenerated with protoc v29.5.
gRPC server: AddRoute validates mode ("l4"/"l7", defaults to "l4"),
requires tls_cert/tls_key for L7 routes, persists all fields via
write-through. ListRoutes returns full route info. GetStatus
includes proxy_protocol on listener status.
Client package: Route struct expanded with Mode, TLSCert, TLSKey,
BackendTLS, SendProxyProtocol. AddRoute signature changed to accept
a Route struct instead of individual hostname/backend strings.
ListenerStatus gains ProxyProtocol. ListRoutes maps all proto fields.
mcproxyctl: routes add gains --mode, --tls-cert, --tls-key,
--backend-tls, --send-proxy-protocol flags. routes list displays
mode and option tags for each route.
New tests: add L7 route via gRPC with field round-trip verification,
L7 route missing cert/key (InvalidArgument), invalid mode rejection,
default-to-L4 backward compatibility, proxy_protocol in status.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
108 lines
2.4 KiB
Protocol Buffer
108 lines
2.4 KiB
Protocol Buffer
syntax = "proto3";
|
|
|
|
package mc_proxy.v1;
|
|
|
|
option go_package = "git.wntrmute.dev/kyle/mc-proxy/gen/mc_proxy/v1;mcproxyv1";
|
|
|
|
import "google/protobuf/timestamp.proto";
|
|
|
|
service ProxyAdminService {
|
|
// Routes
|
|
rpc ListRoutes(ListRoutesRequest) returns (ListRoutesResponse);
|
|
rpc AddRoute(AddRouteRequest) returns (AddRouteResponse);
|
|
rpc RemoveRoute(RemoveRouteRequest) returns (RemoveRouteResponse);
|
|
|
|
// Firewall
|
|
rpc GetFirewallRules(GetFirewallRulesRequest) returns (GetFirewallRulesResponse);
|
|
rpc AddFirewallRule(AddFirewallRuleRequest) returns (AddFirewallRuleResponse);
|
|
rpc RemoveFirewallRule(RemoveFirewallRuleRequest) returns (RemoveFirewallRuleResponse);
|
|
|
|
// Status
|
|
rpc GetStatus(GetStatusRequest) returns (GetStatusResponse);
|
|
}
|
|
|
|
// Routes
|
|
|
|
message Route {
|
|
string hostname = 1;
|
|
string backend = 2;
|
|
string mode = 3; // "l4" (default) or "l7"
|
|
string tls_cert = 4; // PEM certificate path (L7 only)
|
|
string tls_key = 5; // PEM private key path (L7 only)
|
|
bool backend_tls = 6; // re-encrypt to backend (L7 only)
|
|
bool send_proxy_protocol = 7; // send PROXY v2 header to backend
|
|
}
|
|
|
|
message ListRoutesRequest {
|
|
string listener_addr = 1;
|
|
}
|
|
|
|
message ListRoutesResponse {
|
|
string listener_addr = 1;
|
|
repeated Route routes = 2;
|
|
}
|
|
|
|
message AddRouteRequest {
|
|
string listener_addr = 1;
|
|
Route route = 2;
|
|
}
|
|
|
|
message AddRouteResponse {}
|
|
|
|
message RemoveRouteRequest {
|
|
string listener_addr = 1;
|
|
string hostname = 2;
|
|
}
|
|
|
|
message RemoveRouteResponse {}
|
|
|
|
// Firewall
|
|
|
|
enum FirewallRuleType {
|
|
FIREWALL_RULE_TYPE_UNSPECIFIED = 0;
|
|
FIREWALL_RULE_TYPE_IP = 1;
|
|
FIREWALL_RULE_TYPE_CIDR = 2;
|
|
FIREWALL_RULE_TYPE_COUNTRY = 3;
|
|
}
|
|
|
|
message FirewallRule {
|
|
FirewallRuleType type = 1;
|
|
string value = 2;
|
|
}
|
|
|
|
message GetFirewallRulesRequest {}
|
|
|
|
message GetFirewallRulesResponse {
|
|
repeated FirewallRule rules = 1;
|
|
}
|
|
|
|
message AddFirewallRuleRequest {
|
|
FirewallRule rule = 1;
|
|
}
|
|
|
|
message AddFirewallRuleResponse {}
|
|
|
|
message RemoveFirewallRuleRequest {
|
|
FirewallRule rule = 1;
|
|
}
|
|
|
|
message RemoveFirewallRuleResponse {}
|
|
|
|
// Status
|
|
|
|
message ListenerStatus {
|
|
string addr = 1;
|
|
int32 route_count = 2;
|
|
int64 active_connections = 3;
|
|
bool proxy_protocol = 4;
|
|
}
|
|
|
|
message GetStatusRequest {}
|
|
|
|
message GetStatusResponse {
|
|
string version = 1;
|
|
google.protobuf.Timestamp started_at = 2;
|
|
repeated ListenerStatus listeners = 3;
|
|
int64 total_connections = 4;
|
|
}
|