Now checks to make sure a domain isn't already used by a previous
tunnel. This prevents accidental silent modifications to tunnels
and also fixes a bug where multiple entries were being made in
the authorized_keys file.
Was writing both the old content of authorized_keys and the new
tunnel every time a tunnel was created. This essentially made the
file double in size for every new tunnel added.
This is useful for when you want to use boringproxy more like a
normal reverse proxy, ie if boringproxy and your service are on
the same machine, you can just use the port of the service as the
tunnel port and boringproxy will forward directly to it without
using SSH.
This would normally be used with no client set.
Choosing client "Any" is confusing, as it suggests any client
can connect to the tunnel. In reality this options means no client
can connect to the tunnel. Changed it to "No client" in the UI and
"none" in the database.
This is a bit of a hack. Problem is if the server is restarted
with a different SSH port, all the tunnels in the db have the
incorrect port setting, so we're overriding at runtime.
Really should update all the db entries but that's messy too.
Probably the real solution is to decouple runtime tunnel settings
from permanent tunnel settings, and only store the permanent ones
in the db.
When using "boringproxy server" it asks for the admin domain. All grand,
but it looks rather strange:
2021/01/05 22:11:05 Starting up
2021/01/05 22:11:05 Enter Admin Domain:
[cursor is here]
It wasn't really clear to me this was asking a question, as it includes
the date like a log message and the cursor is on the next line.
So, change it to just fmt.Print()
Maybe the "starting up" should also be moved a bit further down, but
that would conflict with my other PR 🙃
Before not giving any command didn't really give much feedback beyond
"invalid arguments". This adds a basic usage message, and tells people
that you can use "boringproxy server -h".
I moved the "Starting up" log message because otherwise that would get
printed when asking for "server -h".
I also added error checks for the flag parsing; I think this isn't
*strictly* needed, but I remember running in to problems once by
omitting it (although I've forgotten what that problem was, exactly).
Previously we were reading the entire downstream request into
memory before making the new request to the upstream. Now we're
just passing it through. Might be some dragons here (already ran
into issues with Content-Length) but seems to be working so far.
