mirror of
https://github.com/coder/coder.git
synced 2025-07-09 11:45:56 +00:00
1724cbf872
* feat: automatically use websockets if DERP upgrade is unavailable This might be our biggest hangup for deployments at the moment... Load balancers by default do not support the DERP protocol, so many of our prospects and customers run into failing workspace connections. This automatically swaps to use WebSockets, and reports the reason to coderd. In a future contribution, a warning will appear by the agent if it was forced to use WebSockets instead of DERP. * Fix nil pointer type in Tailscale dep * Fix requested changes
123 lines
3.1 KiB
Go
123 lines
3.1 KiB
Go
package tailnettest
|
|
|
|
import (
|
|
"crypto/tls"
|
|
"fmt"
|
|
"html"
|
|
"net"
|
|
"net/http"
|
|
"net/http/httptest"
|
|
"testing"
|
|
|
|
"tailscale.com/derp"
|
|
"tailscale.com/derp/derphttp"
|
|
"tailscale.com/net/stun/stuntest"
|
|
"tailscale.com/tailcfg"
|
|
"tailscale.com/types/key"
|
|
tslogger "tailscale.com/types/logger"
|
|
"tailscale.com/types/nettype"
|
|
|
|
"cdr.dev/slog/sloggers/slogtest"
|
|
"github.com/coder/coder/tailnet"
|
|
)
|
|
|
|
// RunDERPAndSTUN creates a DERP mapping for tests.
|
|
func RunDERPAndSTUN(t *testing.T) *tailcfg.DERPMap {
|
|
logf := tailnet.Logger(slogtest.Make(t, nil))
|
|
d := derp.NewServer(key.NewNode(), logf)
|
|
server := httptest.NewUnstartedServer(derphttp.Handler(d))
|
|
server.Config.ErrorLog = tslogger.StdLogger(logf)
|
|
server.Config.TLSNextProto = make(map[string]func(*http.Server, *tls.Conn, http.Handler))
|
|
server.StartTLS()
|
|
|
|
stunAddr, stunCleanup := stuntest.ServeWithPacketListener(t, nettype.Std{})
|
|
t.Cleanup(func() {
|
|
server.CloseClientConnections()
|
|
server.Close()
|
|
d.Close()
|
|
stunCleanup()
|
|
})
|
|
tcpAddr, ok := server.Listener.Addr().(*net.TCPAddr)
|
|
if !ok {
|
|
t.FailNow()
|
|
}
|
|
|
|
return &tailcfg.DERPMap{
|
|
Regions: map[int]*tailcfg.DERPRegion{
|
|
1: {
|
|
RegionID: 1,
|
|
RegionCode: "test",
|
|
RegionName: "Test",
|
|
Nodes: []*tailcfg.DERPNode{
|
|
{
|
|
Name: "t2",
|
|
RegionID: 1,
|
|
IPv4: "127.0.0.1",
|
|
IPv6: "none",
|
|
STUNPort: stunAddr.Port,
|
|
DERPPort: tcpAddr.Port,
|
|
InsecureForTests: true,
|
|
},
|
|
},
|
|
},
|
|
},
|
|
}
|
|
}
|
|
|
|
// RunDERPOnlyWebSockets creates a DERP mapping for tests that
|
|
// only allows WebSockets through it. Many proxies do not support
|
|
// upgrading DERP, so this is a good fallback.
|
|
func RunDERPOnlyWebSockets(t *testing.T) *tailcfg.DERPMap {
|
|
logf := tailnet.Logger(slogtest.Make(t, nil))
|
|
d := derp.NewServer(key.NewNode(), logf)
|
|
handler := derphttp.Handler(d)
|
|
var closeFunc func()
|
|
handler, closeFunc = tailnet.WithWebsocketSupport(d, handler)
|
|
server := httptest.NewUnstartedServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
if r.URL.Path != "/derp" {
|
|
handler.ServeHTTP(w, r)
|
|
return
|
|
}
|
|
if r.Header.Get("Upgrade") != "websocket" {
|
|
w.WriteHeader(http.StatusBadRequest)
|
|
_, _ = w.Write([]byte(fmt.Sprintf(`Invalid "Upgrade" header: %s`, html.EscapeString(r.Header.Get("Upgrade")))))
|
|
return
|
|
}
|
|
handler.ServeHTTP(w, r)
|
|
}))
|
|
server.Config.ErrorLog = tslogger.StdLogger(logf)
|
|
server.Config.TLSNextProto = make(map[string]func(*http.Server, *tls.Conn, http.Handler))
|
|
server.StartTLS()
|
|
t.Cleanup(func() {
|
|
server.CloseClientConnections()
|
|
server.Close()
|
|
closeFunc()
|
|
d.Close()
|
|
})
|
|
|
|
tcpAddr, ok := server.Listener.Addr().(*net.TCPAddr)
|
|
if !ok {
|
|
t.FailNow()
|
|
}
|
|
|
|
return &tailcfg.DERPMap{
|
|
Regions: map[int]*tailcfg.DERPRegion{
|
|
1: {
|
|
RegionID: 1,
|
|
RegionCode: "test",
|
|
RegionName: "Test",
|
|
Nodes: []*tailcfg.DERPNode{
|
|
{
|
|
Name: "t1",
|
|
RegionID: 1,
|
|
IPv4: "127.0.0.1",
|
|
IPv6: "none",
|
|
DERPPort: tcpAddr.Port,
|
|
InsecureForTests: true,
|
|
},
|
|
},
|
|
},
|
|
},
|
|
}
|
|
}
|