[management,proxy,client] Add L4 capabilities (TLS/TCP/UDP) (#5530)

2026-04-18 16:26:38 +00:00 · 2026-03-14 01:36:44 +08:00
parent fe9b844511
commit 3e6baea405
90 changed files with 9611 additions and 1397 deletions
--- a/management/internals/modules/reverseproxy/domain/manager/api.go
+++ b/management/internals/modules/reverseproxy/domain/manager/api.go
@@ -42,10 +42,11 @@ func domainTypeToApi(t domain.Type) api.ReverseProxyDomainType {

 func domainToApi(d *domain.Domain) api.ReverseProxyDomain {
 	resp := api.ReverseProxyDomain{
-		Domain:    d.Domain,
-		Id:        d.ID,
-		Type:      domainTypeToApi(d.Type),
-		Validated: d.Validated,
+		Domain:              d.Domain,
+		Id:                  d.ID,
+		Type:                domainTypeToApi(d.Type),
+		Validated:           d.Validated,
+		SupportsCustomPorts: d.SupportsCustomPorts,
 	}
 	if d.TargetCluster != "" {
 		resp.TargetCluster = &d.TargetCluster
--- a/management/internals/modules/reverseproxy/domain/manager/manager.go
+++ b/management/internals/modules/reverseproxy/domain/manager/manager.go
@@ -33,11 +33,16 @@ type proxyManager interface {
 	GetActiveClusterAddresses(ctx context.Context) ([]string, error)
 }

+type clusterCapabilities interface {
+	ClusterSupportsCustomPorts(clusterAddr string) *bool
+}
+
 type Manager struct {
-	store              store
-	validator          domain.Validator
-	proxyManager       proxyManager
-	permissionsManager permissions.Manager
+	store               store
+	validator           domain.Validator
+	proxyManager        proxyManager
+	clusterCapabilities clusterCapabilities
+	permissionsManager  permissions.Manager
 	accountManager     account.Manager
 }

@@ -51,6 +56,11 @@ func NewManager(store store, proxyMgr proxyManager, permissionsManager permissio
 	}
 }

+// SetClusterCapabilities sets the cluster capabilities provider for domain queries.
+func (m *Manager) SetClusterCapabilities(caps clusterCapabilities) {
+	m.clusterCapabilities = caps
+}
+
 func (m Manager) GetDomains(ctx context.Context, accountID, userID string) ([]*domain.Domain, error) {
 	ok, err := m.permissionsManager.ValidateUserPermissions(ctx, accountID, userID, modules.Services, operations.Read)
 	if err != nil {
@@ -80,24 +90,32 @@ func (m Manager) GetDomains(ctx context.Context, accountID, userID string) ([]*d
 	}).Debug("getting domains with proxy allow list")

 	for _, cluster := range allowList {
-		ret = append(ret, &domain.Domain{
+		d := &domain.Domain{
 			Domain:    cluster,
 			AccountID: accountID,
 			Type:      domain.TypeFree,
 			Validated: true,
-		})
+		}
+		if m.clusterCapabilities != nil {
+			d.SupportsCustomPorts = m.clusterCapabilities.ClusterSupportsCustomPorts(cluster)
+		}
+		ret = append(ret, d)
 	}

 	// Add custom domains.
 	for _, d := range domains {
-		ret = append(ret, &domain.Domain{
+		cd := &domain.Domain{
 			ID:            d.ID,
 			Domain:        d.Domain,
 			AccountID:     accountID,
 			TargetCluster: d.TargetCluster,
 			Type:          domain.TypeCustom,
 			Validated:     d.Validated,
-		})
+		}
+		if m.clusterCapabilities != nil && d.TargetCluster != "" {
+			cd.SupportsCustomPorts = m.clusterCapabilities.ClusterSupportsCustomPorts(d.TargetCluster)
+		}
+		ret = append(ret, cd)
 	}

 	return ret, nil
@@ -298,7 +316,7 @@ func extractClusterFromCustomDomains(domain string, customDomains []*domain.Doma
 // It matches the domain suffix against available clusters and returns the matching cluster.
 func ExtractClusterFromFreeDomain(domain string, availableClusters []string) (string, bool) {
 	for _, cluster := range availableClusters {
-		if strings.HasSuffix(domain, "."+cluster) {
+		if domain == cluster || strings.HasSuffix(domain, "."+cluster) {
 			return cluster, true
 		}
 	}