feat: implement multi-listener TLS setup with ConnectInfo propagation
- Add server module that orchestrates the full startup sequence: parse config, init dynamic config, init shared state, bind health check, bind admin socket, bind all listener ports, load TLS config, start TCP listeners, start background tasks, signal readiness - For each ListenerConfig: bind TCP listener, construct appropriate ServerConfig (manual or ACME via TlsMode), create TlsAcceptor - ConnectInfo<SocketAddr> populated from TcpStream::peer_addr() BEFORE TLS wrapping via ConnectInfoService wrapper that inserts ConnectInfo into request extensions for each connection - Per-listener axum::Router instances sharing Arc<ProxyState> via State - Fail-fast: if any bind or TLS load fails, exit with non-zero code - All ports bound before any connections accepted - /health endpoint available on HTTPS listener(s) as fallback (proxy_router already includes /health route) - sd_notify(READY=1) sent after all listeners started - Use hyper_util for TLS connection serving with TowerToHyperService and ConnectInfoService to bridge ConnectInfo from pre-TLS peer_addr - Add sd-notify dependency for systemd readiness notification
This commit is contained in:
@@ -38,6 +38,7 @@ thiserror = "=2.0.18"
|
||||
futures = "=0.3.31"
|
||||
dashmap = "=6.1"
|
||||
serde_json = "=1.0.140"
|
||||
sd-notify = "=0.4"
|
||||
|
||||
[dev-dependencies]
|
||||
rcgen = "=0.13"
|
||||
|
||||
Reference in New Issue
Block a user