tree: 8fc8909ae147725b82d70f39f2c6d72bf6633e99 [path history] [tgz]
  1. tpl/
  2. BUILD.bazel
  3. default.nix
  4. locker.go
  5. main.go
  6. nix-disable-uwsgi.patch
  7. nix-disable-workspace-status.patch
  8. nix-use-system-go.patch
  9. proxy.go
  10. README.md
hswaw/laserproxy/README.md

hswaw ruida laser proxy

This is a layer 7 proxy to access the Warsaw Hackerspace laser from the main LAN/wifi.

For more information about actually accessing the lasercutter in the space, see the wiki entry. The rest of this file will describe the software itself.

Architecture

The laserproxy software is a single Go binary that runs on Customs, which has access to both the Hackerspace LAN and the laser network. It proxies UDP traffic from lasercutter users to the lasercutter itself.

Only one user is allowed at a time - to implement this mutual exclusion, a Locker worker manages a single (address, note) tuple that is currently allowed to proxy traffic, and to which return traffic is forwarded back. The Locker also maintians a deadline. After the deadline expires, the lock is automatically released. A user can also release their lock ahead of time.

A lock is taken through a web interface by the user that wants to access the laser.

When a lock is taken, the Locker will notify a Proxy worker about this address. The Proxy will then perform the UDP proxying. As traffic is proxied, the Proxy will send bump updates to the Locker to extend the lock deadline.

Development setup


Something similar to this should work for you locally enough to open the web app:

bazel run //hswaw/laserproxy -- -hspki_disable -laser_network 127.0.0.1 -client_network 127.0.0.1

This will show you available flags you can pass:

bazel run //hswaw/laserproxy -- -h

If you've never used bazel, this should work for y'all macOS newbs:

brew install bazel
brew install postgresql

TODO(q3k): move this to the bazel codelab once it's finished

Deployment

This runs on customs.hackerspace.pl, which is a NixOS box with its own independant configuration. It imports hscloud and builds the hswaw.laserproxy attribute. You can replicate this by running:

nix-build -A hswaw.laserproxy

From the root of hscloud. To actually deploy it on customs, well, ssh there and upate /etc/nixos/configuration.nix. Some day its configuration might also get ported to hscloud.