101 lines
2.8 KiB
Go
101 lines
2.8 KiB
Go
package main
|
|
|
|
import (
|
|
"context"
|
|
"crypto/tls"
|
|
"fmt"
|
|
"io"
|
|
"log"
|
|
"net/http"
|
|
"os"
|
|
|
|
"github.com/pion/webtransport"
|
|
"github.com/quic-go/quic-go/http3"
|
|
)
|
|
|
|
func main() {
|
|
// Генерируем сертификат для внутреннего TLS (Caddy -> Go)
|
|
cert, err := generateSelfSignedCert()
|
|
if err != nil {
|
|
log.Fatal(err)
|
|
}
|
|
|
|
tlsConfig := &tls.Config{
|
|
Certificates: []tls.Certificate{cert},
|
|
NextProtos: []string{"h3"},
|
|
}
|
|
|
|
server := webtransport.Server{
|
|
H3: http3.Server{
|
|
Addr: ":9001", // МЕНЯЕМ ПОРТ ЗДЕСЬ
|
|
TLSConfig: tlsConfig,
|
|
},
|
|
CheckOrigin: func(r *http.Request) bool { return true },
|
|
}
|
|
|
|
// Раздаем статику и вешаем обработчик WT
|
|
http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
|
|
http.ServeFile(w, r, "index.html")
|
|
})
|
|
|
|
http.HandleFunc("/wt", func(w http.ResponseWriter, r *http.Request) {
|
|
sess, err := server.Upgrade(w, r)
|
|
if err != nil {
|
|
return
|
|
}
|
|
go handleSession(sess)
|
|
})
|
|
|
|
log.Println("WebTransport server started on :9001")
|
|
if err := server.ListenAndServe(); err != nil {
|
|
log.Fatal(err)
|
|
}
|
|
}
|
|
|
|
// Обработка одной WebTransport сессии
|
|
func handleSession(sess *webtransport.Session) {
|
|
defer sess.CloseWithError(0, "session closed")
|
|
|
|
for {
|
|
// Читаем датаграммы (самый быстрый и ненадежный способ, как UDP)
|
|
msg, err := sess.ReadDatagram(context.Background())
|
|
if err != nil {
|
|
if err != io.EOF {
|
|
log.Printf("ReadDatagram error: %v", err)
|
|
}
|
|
return
|
|
}
|
|
fmt.Printf("Received Datagram from %v: %s\n", sess.RemoteAddr(), string(msg))
|
|
}
|
|
}
|
|
|
|
// Вспомогательная функция для генерации внутреннего SSL
|
|
// (Для связи Caddy -> Dokploy по Wireguard)
|
|
import (
|
|
"crypto/rand"
|
|
"crypto/rsa"
|
|
"crypto/x509"
|
|
"crypto/x509/pkix"
|
|
"encoding/pem"
|
|
"math/big"
|
|
"time"
|
|
)
|
|
|
|
func generateSelfSignedCert() (tls.Certificate, error) {
|
|
priv, _ := rsa.GenerateKey(rand.Reader, 2048)
|
|
template := x509.Certificate{
|
|
SerialNumber: big.NewInt(1),
|
|
Subject: pkix.Name{Organization: []string{"Pion WebTransport Test"}},
|
|
NotBefore: time.Now(),
|
|
NotAfter: time.Now().Add(time.Hour * 24 * 365),
|
|
KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature,
|
|
ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
|
|
BasicConstraintsValid: true,
|
|
}
|
|
derBytes, _ := x509.CreateCertificate(rand.Reader, &template, &template, &priv.PublicKey, priv)
|
|
|
|
certPEM := pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: derBytes})
|
|
keyPEM := pem.EncodeToMemory(&pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(priv)})
|
|
|
|
return tls.X509KeyPair(certPEM, keyPEM)
|
|
} |