Fork 0
q3k 97b5cd7b58 go: re-do the entire thing
This is a mega-change, but attempting to split this up further is
probably not worth the effort.


1. Bump up bazel, rules_go, and others.
2. Switch to new go target naming (bye bye go_default_library)
3. Move go deps to go.mod/go.sum, use make gazelle generate from that
4. Bump up Python deps a bit

And also whatever was required to actually get things to work - loads of
small useless changes.

Tested to work on NixOS and Ubuntu 20.04:

   $ bazel build //...
   $ bazel test //...

Change-Id: I8364bdaa1406b9ae4d0385a6b607f3e7989f98a9
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1583
Reviewed-by: q3k <q3k@hackerspace.pl>
2023-09-22 21:50:19 +00:00
tpl go: re-do the entire thing 2023-09-22 21:50:19 +00:00
BUILD.bazel go: re-do the entire thing 2023-09-22 21:50:19 +00:00
README.md doc/codelabs: stub of bazel-go.md 2023-09-02 16:32:48 +00:00
default.nix h/m/customs/beyondspace: oauth2-based members-only proxy 2022-07-07 20:24:01 +00:00
locker.go laserproxy: extend deadline to 60min & random changes 2020-08-28 19:52:38 +02:00
main.go hswaw/laserproxy: improve username suggestions 2023-01-29 16:21:36 +00:00
nix-disable-workspace-status.patch laserproxy: add nix build 2020-10-29 00:43:43 +01:00
nix-use-system-go.patch hswaw/laserproxy: fix nix build 2021-10-16 18:46:25 +00:00
proxy.go laserproxy: init 2020-07-30 20:49:04 +02:00


hswaw ruida laser proxy

This is a layer 7 proxy to access the Warsaw Hackerspace laser from the main LAN/wifi.

For more information about actually accessing the lasercutter in the space, see the wiki entry. The rest of this file will describe the software itself.


The laserproxy software is a single Go binary that runs on Customs, which has access to both the Hackerspace LAN and the laser network. It proxies UDP traffic from lasercutter users to the lasercutter itself.

Only one user is allowed at a time - to implement this mutual exclusion, a Locker worker manages a single (address, note) tuple that is currently allowed to proxy traffic, and to which return traffic is forwarded back. The Locker also maintians a deadline. After the deadline expires, the lock is automatically released. A user can also release their lock ahead of time.

A lock is taken through a web interface by the user that wants to access the laser.

When a lock is taken, the Locker will notify a Proxy worker about this address. The Proxy will then perform the UDP proxying. As traffic is proxied, the Proxy will send bump updates to the Locker to extend the lock deadline.

Development setup

Something similar to this should work for you locally enough to open the web app:

bazel run //hswaw/laserproxy -- -hspki_disable -laser_network -client_network


This runs on customs.hackerspace.pl, which is a NixOS box with its own independant configuration. It imports hscloud and builds the hswaw.laserproxy attribute. You can replicate this by running:

nix-build -A hswaw.laserproxy

From the root of hscloud. To actually deploy it on customs, well, ssh there and upate /etc/nixos/configuration.nix. Some day its configuration might also get ported to hscloud.