mirror of
https://github.com/yusing/godoxy.git
synced 2026-05-13 17:10:00 -05:00
yusing
aa42cb9b0a
The proxy now serves certificates from a file-backed cache and keeps renewal coordination in-process, while a short-lived helper binary owns obtain/renew ACME work. This preserves the existing provider interface for entrypoint and API callers, keeps GetCert free of IPC, and packages the helper alongside the main binary for Docker/runtime parity. Constraint: TLS handshakes must stay fully in-process with no helper hop Constraint: Do not run build or Docker verification commands in this repo Rejected: Long-lived autocert daemon | unnecessary IPC/runtime complexity Rejected: Rewriting ACME logic in helper | existing Provider already owns cooldown/save logic Confidence: medium Scope-risk: moderate Reversibility: clean Directive: Keep cert files as cross-process source of truth; do not add helper calls to GetCert path Tested: go test -ldflags="-checklinkname=0" ./cmd/autocert ./internal/autocert ./internal/autocert/provider_test -count=1 Tested: go test -ldflags="-checklinkname=0" ./internal/config ./internal/api ./internal/api/v1/cert ./internal/entrypoint -count=1 Not-tested: Real helper binary execution in packaged Docker image
cmd
Main entry point package for GoDoxy, a lightweight reverse proxy with WebUI for Docker containers.
Overview
This package contains the main.go entry point that initializes and starts the GoDoxy server. It coordinates the initialization of all core components including configuration loading, API server, authentication, and monitoring services.
It also contains cmd/autocert, an internal oneshot helper binary spawned by the main process for ACME obtain/renew work.
Architecture
graph TD
A[main] --> B[Init Profiling]
A --> C[Init Logger]
A --> D[Parallel Init]
D --> D1[DNS Providers]
D --> D2[Icon Cache]
D --> D3[System Info Poller]
D --> D4[Middleware Compose Files]
A --> E[JWT Secret Setup]
A --> F[Create Directories]
A --> G[Load Config]
A --> H[Start Proxy Servers]
A --> I[Init Auth]
A --> J[Start API Server]
A --> K[Debug Server]
A --> L[Uptime Poller]
A --> M[Watch Changes]
A --> N[Wait Exit]
Main Function Flow
The main() function performs the following initialization steps:
- Profiling Setup: Initializes pprof endpoints for performance monitoring
- Logger Initialization: Configures zerolog with memory logging
- Parallel Initialization: Starts DNS providers, icon cache, system info poller, and middleware
- JWT Secret: Ensures API JWT secret is set (generates random if not provided)
- Directory Preparation: Creates required directories for logs, certificates, etc.
- Configuration Loading: Loads YAML configuration and reports any errors
- Proxy Servers: Starts HTTP/HTTPS proxy servers based on configuration
- Authentication: Initializes authentication system with access control
- API Server: Starts the REST API server with all configured routes
- Debug Server: Starts the debug page server (development mode)
- Monitoring: Starts uptime and system info polling
- Change Watcher: Starts watching for Docker container and configuration changes
- Graceful Shutdown: Waits for exit signal with configured timeout
Configuration
The main configuration is loaded from config/config.yml. Required directories include:
logs/- Log filesconfig/- Configuration directorycerts/- SSL certificatesproxy/- Proxy-related files
Environment Variables
API_JWT_SECRET- Secret key for JWT authentication (optional, auto-generated if not set)
Dependencies
internal/api- REST API handlersinternal/auth- Authentication and ACLinternal/config- Configuration managementinternal/dnsproviders- DNS provider integrationinternal/homepage- WebUI dashboardinternal/logging- Logging infrastructureinternal/metrics- System metrics collectioninternal/route- HTTP routing and middlewaregithub.com/yusing/goutils/task- Task lifecycle management