Added docker conditional compilation

- Moved docker UX optimization into module - Added conditional compilation for Windows build - Added Permission Policy header editor - Fixed docker container list ui error message bug
2025-06-03 06:07:20 +02:00 · 2024-06-17 00:24:24 +08:00 · 2024-06-17 00:24:24 +08:00 · 03974163d4
commit 03974163d4
parent dfb81513b1
13 changed files with 334 additions and 120 deletions
--- a/src/api.go
+++ b/src/api.go
@ -215,8 +215,8 @@ func initAPIs() {
 	}
 	//Docker UX Optimizations
-	authRouter.HandleFunc("/api/docker/available", HandleDockerAvailable)
+	authRouter.HandleFunc("/api/docker/available", DockerUXOptimizer.HandleDockerAvailable)
-	authRouter.HandleFunc("/api/docker/containers", HandleDockerContainersList)
+	authRouter.HandleFunc("/api/docker/containers", DockerUXOptimizer.HandleDockerContainersList)
 	//Others
 	http.HandleFunc("/api/info/x", HandleZoraxyInfo)
--- a/src/docker.go
+++ b/src/docker.go
@ -1,84 +0,0 @@
 package main
 import (
 	"bufio"
 	"context"
 	"encoding/json"
 	"net/http"
 	"os"
 	"os/exec"
 	"strings"
 	"github.com/docker/docker/api/types"
 	"github.com/docker/docker/api/types/container"
 	"github.com/docker/docker/client"
 	"imuslab.com/zoraxy/mod/utils"
 )
 // IsDockerized checks if the program is running in a Docker container.
 func IsDockerized() bool {
 	// Check for the /proc/1/cgroup file
 	file, err := os.Open("/proc/1/cgroup")
 	if err != nil {
 		return false
 	}
 	defer file.Close()
 	scanner := bufio.NewScanner(file)
 	for scanner.Scan() {
 		if strings.Contains(scanner.Text(), "docker") {
 			return true
 		}
 	}
 	return false
 }
 // IsDockerInstalled checks if Docker is installed on the host.
 func IsDockerInstalled() bool {
 	_, err := exec.LookPath("docker")
 	return err == nil
 }
 // HandleDockerAvaible check if teh docker related functions should be avaible in front-end
 func HandleDockerAvailable(w http.ResponseWriter, r *http.Request) {
 	dockerAvailable := IsDockerized()
 	js, _ := json.Marshal(dockerAvailable)
 	utils.SendJSONResponse(w, string(js))
 }
 // handleDockerContainersList return the current list of docker containers
 // currently listening to the same bridge network interface. See PR #202 for details.
 func HandleDockerContainersList(w http.ResponseWriter, r *http.Request) {
 	apiClient, err := client.NewClientWithOpts(client.WithVersion("1.43"))
 	if err != nil {
 		utils.SendErrorResponse(w, err.Error())
 		return
 	}
 	defer apiClient.Close()
 	containers, err := apiClient.ContainerList(context.Background(), container.ListOptions{All: true})
 	if err != nil {
 		utils.SendErrorResponse(w, err.Error())
 		return
 	}
 	networks, err := apiClient.NetworkList(context.Background(), types.NetworkListOptions{})
 	if err != nil {
 		utils.SendErrorResponse(w, err.Error())
 		return
 	}
 	result := map[string]interface{}{
 		"network":    networks,
 		"containers": containers,
 	}
 	js, err := json.Marshal(result)
 	if err != nil {
 		utils.SendErrorResponse(w, err.Error())
 		return
 	}
 	utils.SendJSONResponse(w, string(js))
 }
--- a/src/main.go
+++ b/src/main.go
@ -16,6 +16,7 @@ import (
 	"imuslab.com/zoraxy/mod/acme"
 	"imuslab.com/zoraxy/mod/auth"
 	"imuslab.com/zoraxy/mod/database"
 	"imuslab.com/zoraxy/mod/dockerux"
 	"imuslab.com/zoraxy/mod/dynamicproxy/redirection"
 	"imuslab.com/zoraxy/mod/email"
 	"imuslab.com/zoraxy/mod/forwardproxy"
@ -44,6 +45,7 @@ var allowMdnsScanning = flag.Bool("mdns", true, "Enable mDNS scanner and transpo
 var mdnsName = flag.String("mdnsname", "", "mDNS name, leave empty to use default (zoraxy_{node-uuid}.local)")
 var ztAuthToken = flag.String("ztauth", "", "ZeroTier authtoken for the local node")
 var ztAPIPort = flag.Int("ztport", 9993, "ZeroTier controller API port")
 var runningInDocker = flag.Bool("docker", false, "Run Zoraxy in docker compatibility mode")
 var acmeAutoRenewInterval = flag.Int("autorenew", 86400, "ACME auto TLS/SSL certificate renew check interval (seconds)")
 var enableHighSpeedGeoIPLookup = flag.Bool("fastgeoip", false, "Enable high speed geoip lookup, require 1GB extra memory (Not recommend for low end devices)")
 var staticWebServerRoot = flag.String("webroot", "./www", "Static web server root folder. Only allow chnage in start paramters")
@ -86,9 +88,10 @@ var (
 	forwardProxy       *forwardproxy.Handler   //HTTP Forward proxy, basically VPN for web browser
 	//Helper modules
-	EmailSender      *email.Sender        //Email sender that handle email sending
+	EmailSender       *email.Sender         //Email sender that handle email sending
-	AnalyticLoader   *analytic.DataLoader //Data loader for Zoraxy Analytic
+	AnalyticLoader    *analytic.DataLoader  //Data loader for Zoraxy Analytic
-	SystemWideLogger *logger.Logger       //Logger for Zoraxy
+	DockerUXOptimizer *dockerux.UXOptimizer //Docker user experience optimizer, community contribution only
 	SystemWideLogger  *logger.Logger        //Logger for Zoraxy
 )
 // Kill signal handler. Do something before the system the core terminate.
--- a/src/mod/dockerux/docker.go
+++ b/src/mod/dockerux/docker.go
@ -0,0 +1,60 @@
 //go:build !windows
 // +build !windows
 package dockerux
 /* Windows docker optimizer*/
 import (
 	"context"
 	"encoding/json"
 	"net/http"
 	"github.com/docker/docker/api/types"
 	"github.com/docker/docker/api/types/container"
 	"github.com/docker/docker/client"
 	"imuslab.com/zoraxy/mod/utils"
 )
 // Windows build not support docker
 func (d *UXOptimizer) HandleDockerAvailable(w http.ResponseWriter, r *http.Request) {
 	js, _ := json.Marshal(d.RunninInDocker)
 	utils.SendJSONResponse(w, string(js))
 }
 func (d *UXOptimizer) HandleDockerContainersList(w http.ResponseWriter, r *http.Request) {
 	apiClient, err := client.NewClientWithOpts(client.WithVersion("1.43"))
 	if err != nil {
 		d.SystemWideLogger.PrintAndLog("Docker", "Unable to create new docker client", err)
 		utils.SendErrorResponse(w, "Docker client initiation failed")
 		return
 	}
 	defer apiClient.Close()
 	containers, err := apiClient.ContainerList(context.Background(), container.ListOptions{All: true})
 	if err != nil {
 		d.SystemWideLogger.PrintAndLog("Docker", "List docker container failed", err)
 		utils.SendErrorResponse(w, "List docker container failed")
 		return
 	}
 	networks, err := apiClient.NetworkList(context.Background(), types.NetworkListOptions{})
 	if err != nil {
 		d.SystemWideLogger.PrintAndLog("Docker", "List docker network failed", err)
 		utils.SendErrorResponse(w, "List docker network failed")
 		return
 	}
 	result := map[string]interface{}{
 		"network":    networks,
 		"containers": containers,
 	}
 	js, err := json.Marshal(result)
 	if err != nil {
 		utils.SendErrorResponse(w, err.Error())
 		return
 	}
 	utils.SendJSONResponse(w, string(js))
 }
--- a/src/mod/dockerux/docker_windows.go
+++ b/src/mod/dockerux/docker_windows.go
@ -0,0 +1,32 @@
 //go:build windows
 // +build windows
 package dockerux
 /*
 	Windows docker UX optimizer dummy
 	This is a dummy module for Windows as docker features
 	is useless on Windows and create a larger binary size
 	docker on Windows build are trimmed to reduce binary size
 	and make it compatibile with Windows 7
 */
 import (
 	"encoding/json"
 	"net/http"
 	"imuslab.com/zoraxy/mod/utils"
 )
 // Windows build not support docker
 func (d *UXOptimizer) HandleDockerAvailable(w http.ResponseWriter, r *http.Request) {
 	js, _ := json.Marshal(d.RunninInDocker)
 	utils.SendJSONResponse(w, string(js))
 }
 func (d *UXOptimizer) HandleDockerContainersList(w http.ResponseWriter, r *http.Request) {
 	utils.SendErrorResponse(w, "Platform not supported")
 }
--- a/src/mod/dockerux/dockerux.go
+++ b/src/mod/dockerux/dockerux.go
@ -0,0 +1,24 @@
 package dockerux
 import "imuslab.com/zoraxy/mod/info/logger"
 /*
 	Docker Optimizer
 	This script add support for optimizing docker user experience
 	Note that this module are community contribute only. For bug
 	report, please directly tag the Pull Request author.
 */
 type UXOptimizer struct {
 	RunninInDocker   bool
 	SystemWideLogger *logger.Logger
 }
 //Create a new docker optimizer
 func NewDockerOptimizer(IsRunningInDocker bool, logger *logger.Logger) *UXOptimizer {
 	return &UXOptimizer{
 		RunninInDocker:   IsRunningInDocker,
 		SystemWideLogger: logger,
 	}
 }
--- a/src/mod/dynamicproxy/customHeader.go
+++ b/src/mod/dynamicproxy/customHeader.go
@ -1,6 +1,10 @@
 package dynamicproxy
-import "strconv"
+import (
 	"strconv"
 	"imuslab.com/zoraxy/mod/dynamicproxy/permissionpolicy"
 )
 /*
 	CustomHeader.go
@ -9,9 +13,9 @@ import "strconv"
 	into the dpcore routing logic
 */
-//SplitInboundOutboundHeaders split user defined headers into upstream and downstream headers
+// SplitInboundOutboundHeaders split user defined headers into upstream and downstream headers
-//return upstream header and downstream header key-value pairs
+// return upstream header and downstream header key-value pairs
-//if the header is expected to be deleted, the value will be set to empty string
+// if the header is expected to be deleted, the value will be set to empty string
 func (ept *ProxyEndpoint) SplitInboundOutboundHeaders() ([][]string, [][]string) {
 	if len(ept.UserDefinedHeaders) == 0 {
 		//Early return if there are no defined headers
@ -52,8 +56,17 @@ func (ept *ProxyEndpoint) SplitInboundOutboundHeaders() ([][]string, [][]string)
 	}
 	//Check if the endpoint require Permission Policy
-	if ept.EnablePermissionPolicyHeader && ept.PermissionPolicy != nil {
+	if ept.EnablePermissionPolicyHeader {
-		downstreamHeaders[downstreamHeaderCounter] = ept.PermissionPolicy.ToKeyValueHeader()
+		var usingPermissionPolicy *permissionpolicy.PermissionsPolicy
 		if ept.PermissionPolicy != nil {
 			//Custom permission policy
 			usingPermissionPolicy = ept.PermissionPolicy
 		} else {
 			//Permission policy is enabled but not customized. Use default
 			usingPermissionPolicy = permissionpolicy.GetDefaultPermissionPolicy()
 		}
 		downstreamHeaders[downstreamHeaderCounter] = usingPermissionPolicy.ToKeyValueHeader()
 		downstreamHeaderCounter++
 	}
--- a/src/reverseproxy.go
+++ b/src/reverseproxy.go
@ -1314,7 +1314,40 @@ func HandlePermissionPolicy(w http.ResponseWriter, r *http.Request) {
 		utils.SendJSONResponse(w, string(js))
 		return
 	} else if r.Method == http.MethodPost {
 		//Update the enable state of permission policy
 		enableState, err := utils.PostBool(r, "enable")
 		if err != nil {
 			utils.SendErrorResponse(w, "invalid enable state given")
 			return
 		}
 		targetProxyEndpoint.EnablePermissionPolicyHeader = enableState
 		SaveReverseProxyConfig(targetProxyEndpoint)
 		targetProxyEndpoint.UpdateToRuntime()
 		utils.SendOK(w)
 		return
 	} else if r.Method == http.MethodPut {
 		//Store the new permission policy
 		newPermissionPolicyJSONString, err := utils.PostPara(r, "pp")
 		if err != nil {
 			utils.SendErrorResponse(w, "missing pp (permission policy) paramter")
 			return
 		}
 		//Parse the permission policy from JSON string
 		newPermissionPolicy := permissionpolicy.GetDefaultPermissionPolicy()
 		err = json.Unmarshal([]byte(newPermissionPolicyJSONString), &newPermissionPolicy)
 		if err != nil {
 			utils.SendErrorResponse(w, "permission policy parse error: "+err.Error())
 			return
 		}
 		//Save it to file
 		targetProxyEndpoint.PermissionPolicy = newPermissionPolicy
 		SaveReverseProxyConfig(targetProxyEndpoint)
 		targetProxyEndpoint.UpdateToRuntime()
 		utils.SendOK(w)
 		return
 	}
 	http.Error(w, "405 - Method not allowed", http.StatusMethodNotAllowed)
--- a/src/start.go
+++ b/src/start.go
@ -4,6 +4,7 @@ import (
 	"log"
 	"net/http"
 	"os"
 	"runtime"
 	"strconv"
 	"strings"
 	"time"
@ -12,6 +13,7 @@ import (
 	"imuslab.com/zoraxy/mod/acme"
 	"imuslab.com/zoraxy/mod/auth"
 	"imuslab.com/zoraxy/mod/database"
 	"imuslab.com/zoraxy/mod/dockerux"
 	"imuslab.com/zoraxy/mod/dynamicproxy/redirection"
 	"imuslab.com/zoraxy/mod/forwardproxy"
 	"imuslab.com/zoraxy/mod/ganserv"
@ -269,6 +271,12 @@ func startupSequence() {
 		log.Fatal(err)
 	}
 	/* Docker UX Optimizer */
 	if runtime.GOOS == "windows" && *runningInDocker {
 		SystemWideLogger.PrintAndLog("WARNING", "Invalid start flag combination: docker=true && runtime.GOOS == windows. Running in docker UX development mode.", nil)
 	}
 	DockerUXOptimizer = dockerux.NewDockerOptimizer(*runningInDocker, SystemWideLogger)
 }
 // This sequence start after everything is initialized
--- a/src/web/components/rules.html
+++ b/src/web/components/rules.html
@ -26,13 +26,11 @@
                    </div>
                    <div class="field">
                        <label>Target IP Address or Domain Name with port</label>
                            <input type="text" id="proxyDomain" onchange="autoCheckTls(this.value);">
                        <small>E.g. 192.168.0.101:8000 or example.com</small>
                    </div>
-                    <div class="field" class="dockerOptimizations" style="display:none;">
+                    <div class="field dockerOptimizations" style="display:none;">
-                        <button class="ui basic button" onclick="openDockerContainersList();"><i class="blue docker icon"></i> Pick from Docker Containers</button>
+                        <button style="margin-top: -2em;" class="ui basic small button" onclick="openDockerContainersList();"><i class="blue docker icon"></i> Pick from Docker Containers</button>
                    </div>
                    <div class="field">
                        <div class="ui checkbox">
@ -433,13 +431,16 @@
    }
    /* Docker Optimizations */
-    $("/api/docker/available", function(dockerAvailable){
+    function initDockerUXOptimizations(){
-        if (dockerAvailable){
+        $.get("/api/docker/available", function(dockerAvailable){
-            $(".dockerOptimizations").show();
+            if (dockerAvailable){
-        }else{
+                $(".dockerOptimizations").show();
-            $(".dockerOptimizations").hide();
+            }else{
-        }
+                $(".dockerOptimizations").hide();
-    })
+            }
        });
    }
    initDockerUXOptimizations();
    function openDockerContainersList(){
        showSideWrapper('snippet/dockerContainersList.html');
--- a/src/web/login.html
+++ b/src/web/login.html
@ -114,7 +114,7 @@
                min-height:40px;
            }
        }
-
+        
    </style>
    </head>
    <body>
--- a/src/web/snippet/customHeaders.html
+++ b/src/web/snippet/customHeaders.html
@ -16,6 +16,10 @@
                pointer-events: none;
                user-select: none;
            }
            #permissionPolicyEditor .experimental{
                background-color: rgb(241, 241, 241);
            }
        </style>
    </head>
    <body>
@ -105,16 +109,14 @@
                        </tr></thead>
                        <tbody id="permissionPolicyEditTable">
                          <tr>
-                            <td>James</td>
+                            <td colspan="4"><i class="ui loading spinner icon"></i> Generating</td>
                            <td>24</td>
                            <td>Engineer</td>
                            <td>Engineer</td>
                          </tr>
                        </tbody>
                      </table>
                </div>
-                <br>
+                <small><i class="ui yellow exclamation triangle icon"></i> Grey out fields are non-standard permission policies</small>
-                <button class="ui basic button"><i class="green save icon"></i> Save</button>
+                <br><br>
                <button class="ui basic button" onclick="savePermissionPolicy();"><i class="green save icon"></i> Save</button>
            </div>
            <div class="field" >
@ -126,6 +128,7 @@
        <script>
            $('.menu .item').tab();
            let permissionPolicyKeys = [];
            let editingEndpoint = {};
            if (window.location.hash.length > 1){
@ -331,6 +334,33 @@
            }
            initHSTSState();
            //Return true if this is an proposed permission policy feature
            function isExperimentalFeature(header) {
                // List of experimental features
                const experimentalFeatures = [
                    "clipboard-read",
                    "clipboard-write",
                    "gamepad",
                    "speaker-selection",
                    "conversion-measurement",
                    "focus-without-user-activation",
                    "hid",
                    "idle-detection",
                    "interest-cohort",
                    "serial",
                    "sync-script",
                    "trust-token-redemption",
                    "unload",
                    "window-placement",
                    "vertical-scroll"
                ];
                header = header.replaceAll("_","-");
                // Check if the header is in the list of experimental features
                return experimentalFeatures.includes(header);
            }
            /* List permission policy header from server */
            function initPermissionPolicy(){
                $.get("/api/proxy/header/handlePermissionPolicy?domain=" + editingEndpoint.ep, function(data){
@ -340,7 +370,7 @@
                        return;
                    }
-                    //Set checkbox state
+                    //Set checkbox initial state
                    if (data.PPEnabled){
                        $("#enablePP").parent().checkbox("set checked");
                        $("#permissionPolicyEditor").removeClass("disabled");
@ -349,6 +379,33 @@
                        $("#permissionPolicyEditor").addClass("disabled");
                    }
                    //Bind toggle change events
                    $("#enablePP").on("change", function(evt){
                        //Set checkbox state
                        let ppEnabled = $("#enablePP")[0].checked;
                        if (ppEnabled){
                            $("#permissionPolicyEditor").removeClass("disabled");
                        }else{
                            $("#permissionPolicyEditor").addClass("disabled");
                        }
                        $.ajax({
                            url: "/api/proxy/header/handlePermissionPolicy",
                            method: "POST",
                            data: {
                                enable: ppEnabled,
                                domain: editingEndpoint.ep
                            },
                            success: function(data){
                                if (data.error != undefined){
                                    parent.msgbox(data.error, false);
                                }else{
                                    parent.msgbox(`Permission Policy ${ppEnabled?"Enabled":"Disabled"}`)
                                }
                            }
                        })
                    });
                    //Render the table to list
                    $("#permissionPolicyEditTable").html("");
                    for (const [key, value] of Object.entries(data.CurrentPolicy)) {
@ -363,9 +420,12 @@
                        if (value.length == 0){
                            enabled = ""
                            allowall = "checked"; //default state
                        }
-                        $("#permissionPolicyEditTable").append(`<tr>
+
-                            <td>${key}</td>
+                        let isExperimental = isExperimentalFeature(key);
                        $("#permissionPolicyEditTable").append(`<tr class="${isExperimental?"experimental":""}">
                            <td>${key.replaceAll("_","-")}</td>
                            <td>
                                <div class="ui checkbox">
                                    <input class="enabled" type="checkbox" name="${key}" ${enabled}>
@ -373,22 +433,84 @@
                                </div>
                            </td>
                            <td>
-                                <div class="ui radio checkbox">
+                                <div class="ui radio checkbox targetinput ${!enabled?"disabled":""}">
-                                    <input type="radio" value="all" name="${key}-target" ${allowall}>
+                                    <input type="radio" value="all" name="${key}-target" ${allowall} ${!enabled?"disabled=\"\"":""}>
                                    <label></label>
                                </div>
                            </td>
                            <td>
-                                <div class="ui radio checkbox">
+                                <div class="ui radio checkbox targetinput ${!enabled?"disabled":""}">
-                                    <input type="radio" value="self" name="${key}-target" ${allowself}>
+                                    <input type="radio" value="self" name="${key}-target" ${allowself} ${!enabled?"disabled=\"\"":""}>
                                    <label></label>
                                </div>
                            </td>
                        </tr>`);
                        permissionPolicyKeys.push(key);
                    }
                    $("#permissionPolicyEditTable .enabled").on("change", function(){
                        console.log($(this)[0].checked);
                        let fieldGroup = $(this).parent().parent().parent();
                        if ($(this)[0].checked){
                            fieldGroup.find(".targetinput").removeClass("disabled");
                            fieldGroup.find("input[type=radio]").prop('disabled', false);
                        }else{
                            fieldGroup.find(".targetinput").addClass("disabled");
                            fieldGroup.find("input[type=radio]").prop('disabled', true);
                        }
                    })
                });
            }
            initPermissionPolicy();
            //Generate the permission policy object for sending to backend
            function generatePermissionPolicyObject(){
                function getStructuredFieldValueFromDOM(fieldKey){
                    var policyTarget = $(`#permissionPolicyEditTable input[name="${fieldKey}-target"]:checked`).val();
                    var isPolicyEnabled = $(`#permissionPolicyEditTable input[name="${fieldKey}"]`).is(':checked');
                    if (!isPolicyEnabled){
                        return [];
                    }
                    if (policyTarget == "all"){
                        //Rewrite all to correct syntax
                        policyTarget = "*";
                    }
                    return [policyTarget];
                }
                let newPermissionPolicyKeyValuePair = {};
                permissionPolicyKeys.forEach(policyKey => {
                    newPermissionPolicyKeyValuePair[policyKey] = getStructuredFieldValueFromDOM(policyKey);
                });
                console.log(newPermissionPolicyKeyValuePair);
                return newPermissionPolicyKeyValuePair;
            }
            //Handle saving of permission policy
            function savePermissionPolicy(){
                let permissionPolicy = generatePermissionPolicyObject();
                let domain = editingEndpoint.ep;
                $.ajax({
                    url: "/api/proxy/header/handlePermissionPolicy",
                    method: "PUT",
                    data: {
                        "domain": domain,
                        "pp": JSON.stringify(permissionPolicy),
                    },
                    success: function(data){
                        if (data.error != undefined){
                            parent.msgbox(data.error, false);
                        }else{
                            parent.msgbox("Permission Policy Updated");
                        }
                    }
                })
            }
        </script>
    </body>
 </html>
--- a/src/web/snippet/dockerContainersList.html
+++ b/src/web/snippet/dockerContainersList.html
@ -118,9 +118,11 @@
                `Error loading data: ${dockerData.error || hostData.error}`,
                false
              );
              $("#containersList").html(`<div class="ui basic segment"><i class="ui red times icon"></i> ${dockerData.error || hostData.error}</div>`);
            }
          })
          .catch((error) => {
            console.log(error.responseText);
            parent.msgbox("Error loading data: " + error.message, false);
          });
      }