feat: initial commit

2023-04-24 20:52:12 +02:00
commit ac21629d28
90 changed files with 5730 additions and 0 deletions
--- a/internal/command/admin/auth/create_token.go
+++ b/internal/command/admin/auth/create_token.go
@ -0,0 +1,54 @@
+package auth
+
+import (
+	"fmt"
+
+	"forge.cadoles.com/cadoles/bouncer/internal/auth/thirdparty"
+	"forge.cadoles.com/cadoles/bouncer/internal/command/common"
+	"forge.cadoles.com/cadoles/bouncer/internal/jwk"
+	"github.com/lithammer/shortuuid/v4"
+	"github.com/pkg/errors"
+	"github.com/urfave/cli/v2"
+)
+
+func CreateTokenCommand() *cli.Command {
+	return &cli.Command{
+		Name:  "create-token",
+		Usage: "Create a new authentication token",
+		Flags: []cli.Flag{
+			&cli.StringFlag{
+				Name:  "role",
+				Usage: fmt.Sprintf("associate `ROLE` to the token (available: %v)", []thirdparty.Role{thirdparty.RoleReader, thirdparty.RoleWriter}),
+				Value: string(thirdparty.RoleReader),
+			},
+			&cli.StringFlag{
+				Name:  "subject",
+				Usage: "associate `SUBJECT` to the token",
+				Value: fmt.Sprintf("user-%s", shortuuid.New()),
+			},
+		},
+		Action: func(ctx *cli.Context) error {
+			conf, err := common.LoadConfig(ctx)
+			if err != nil {
+				return errors.Wrap(err, "Could not load configuration")
+			}
+
+			subject := ctx.String("subject")
+			role := ctx.String("role")
+
+			key, err := jwk.LoadOrGenerate(string(conf.Admin.Auth.PrivateKey), jwk.DefaultKeySize)
+			if err != nil {
+				return errors.WithStack(err)
+			}
+
+			token, err := thirdparty.GenerateToken(ctx.Context, key, string(conf.Admin.Auth.Issuer), subject, thirdparty.Role(role))
+			if err != nil {
+				return errors.WithStack(err)
+			}
+
+			fmt.Println(token)
+
+			return nil
+		},
+	}
+}
--- a/internal/command/admin/auth/root.go
+++ b/internal/command/admin/auth/root.go
@ -0,0 +1,15 @@
+package auth
+
+import (
+	"github.com/urfave/cli/v2"
+)
+
+func Root() *cli.Command {
+	return &cli.Command{
+		Name:  "auth",
+		Usage: "Authentication related commands",
+		Subcommands: []*cli.Command{
+			CreateTokenCommand(),
+		},
+	}
+}
--- a/internal/command/admin/root.go
+++ b/internal/command/admin/root.go
@ -0,0 +1,17 @@
+package admin
+
+import (
+	"forge.cadoles.com/cadoles/bouncer/internal/command/admin/auth"
+	"github.com/urfave/cli/v2"
+)
+
+func Root() *cli.Command {
+	return &cli.Command{
+		Name:  "admin",
+		Usage: "Admin server related commands",
+		Subcommands: []*cli.Command{
+			RunCommand(),
+			auth.Root(),
+		},
+	}
+}
--- a/internal/command/admin/run.go
+++ b/internal/command/admin/run.go
@ -0,0 +1,54 @@
+package admin
+
+import (
+	"fmt"
+	"strings"
+
+	"forge.cadoles.com/cadoles/bouncer/internal/admin"
+	"forge.cadoles.com/cadoles/bouncer/internal/command/common"
+	"github.com/pkg/errors"
+	"github.com/urfave/cli/v2"
+	"gitlab.com/wpetit/goweb/logger"
+)
+
+func RunCommand() *cli.Command {
+	flags := common.Flags()
+
+	return &cli.Command{
+		Name:  "run",
+		Usage: "Run the admin server",
+		Flags: flags,
+		Action: func(ctx *cli.Context) error {
+			conf, err := common.LoadConfig(ctx)
+			if err != nil {
+				return errors.Wrap(err, "could not load configuration")
+			}
+
+			logger.SetFormat(logger.Format(conf.Logger.Format))
+			logger.SetLevel(logger.Level(conf.Logger.Level))
+
+			srv := admin.NewServer(
+				admin.WithServerConfig(conf.Admin),
+				admin.WithDatabaseConfig(conf.Database),
+			)
+
+			addrs, srvErrs := srv.Start(ctx.Context)
+
+			select {
+			case addr := <-addrs:
+				url := fmt.Sprintf("http://%s", addr.String())
+				url = strings.Replace(url, "0.0.0.0", "127.0.0.1", 1)
+
+				logger.Info(ctx.Context, "listening", logger.F("url", url))
+			case err = <-srvErrs:
+				return errors.WithStack(err)
+			}
+
+			if err = <-srvErrs; err != nil {
+				return errors.WithStack(err)
+			}
+
+			return nil
+		},
+	}
+}
--- a/internal/command/api/apierr/wrap.go
+++ b/internal/command/api/apierr/wrap.go
@ -0,0 +1,91 @@
+package apierr
+
+import (
+	"github.com/pkg/errors"
+	"gitlab.com/wpetit/goweb/api"
+)
+
+func Wrap(err error) error {
+	apiErr := &api.Error{}
+	if !errors.As(err, &apiErr) {
+		return err
+	}
+
+	switch apiErr.Code {
+	case api.ErrCodeInvalidFieldValue:
+		return wrapInvalidFieldValueErr(apiErr)
+
+	default:
+		return wrapApiErrorWithMessage(apiErr)
+	}
+}
+
+func wrapApiErrorWithMessage(err *api.Error) error {
+	data, ok := err.Data.(map[string]any)
+	if !ok {
+		return err
+	}
+
+	rawMessage, exists := data["message"]
+	if !exists {
+		return err
+	}
+
+	message, ok := rawMessage.(string)
+	if !ok {
+		return err
+	}
+
+	return errors.Wrapf(err, message)
+}
+
+func wrapInvalidFieldValueErr(err *api.Error) error {
+	data, ok := err.Data.(map[string]any)
+	if !ok {
+		return err
+	}
+
+	rawFields, exists := data["Fields"]
+	if !exists {
+		return err
+	}
+
+	fields, ok := rawFields.([]any)
+	if !ok {
+		return err
+	}
+
+	var (
+		field string
+		rule  string
+	)
+
+	if len(fields) == 0 {
+		return err
+	}
+
+	firstField, ok := fields[0].(map[string]any)
+	if !ok {
+		return err
+	}
+
+	param, ok := firstField["Param"].(string)
+	if !ok {
+		return err
+	}
+
+	tag, ok := firstField["Tag"].(string)
+	if !ok {
+		return err
+	}
+
+	fieldName, ok := firstField["Field"].(string)
+	if !ok {
+		return err
+	}
+
+	field = fieldName
+	rule = tag + "=" + param
+
+	return errors.Wrapf(err, "server expected field '%s' to match rule '%s'", field, rule)
+}
--- a/internal/command/api/flag/flag.go
+++ b/internal/command/api/flag/flag.go
@ -0,0 +1,96 @@
+package flag
+
+import (
+	"fmt"
+	"io/ioutil"
+	"os"
+	"strings"
+
+	"forge.cadoles.com/cadoles/bouncer/internal/format"
+	"forge.cadoles.com/cadoles/bouncer/internal/format/table"
+	"github.com/pkg/errors"
+	"github.com/urfave/cli/v2"
+)
+
+func ComposeFlags(flags ...cli.Flag) []cli.Flag {
+	baseFlags := []cli.Flag{
+		&cli.StringFlag{
+			Name:    "server",
+			Aliases: []string{"s"},
+			Usage:   "use `SERVER` as server url",
+			Value:   "http://127.0.0.1:3000",
+		},
+		&cli.StringFlag{
+			Name:    "format",
+			Aliases: []string{"f"},
+			Usage:   fmt.Sprintf("use `FORMAT` as output format (available: %s)", format.Available()),
+			Value:   string(table.Format),
+		},
+		&cli.StringFlag{
+			Name:    "output-mode",
+			Aliases: []string{"m"},
+			Usage:   fmt.Sprintf("use `MODE` as output mode (available: %s)", []format.OutputMode{format.OutputModeCompact, format.OutputModeWide}),
+			Value:   string(format.OutputModeCompact),
+		},
+		&cli.StringFlag{
+			Name:    "token",
+			Aliases: []string{"t"},
+			Usage:   "use `TOKEN` as authentication token",
+		},
+		&cli.StringFlag{
+			Name:      "token-file",
+			Usage:     "use `TOKEN_FILE` as file containing the authentication token",
+			Value:     ".emissary-token",
+			TakesFile: true,
+		},
+	}
+
+	flags = append(flags, baseFlags...)
+
+	return flags
+}
+
+type BaseFlags struct {
+	ServerURL  string
+	Format     format.Format
+	OutputMode format.OutputMode
+	Token      string
+	TokenFile  string
+}
+
+func GetBaseFlags(ctx *cli.Context) *BaseFlags {
+	serverURL := ctx.String("server")
+	rawFormat := ctx.String("format")
+	rawOutputMode := ctx.String("output-mode")
+	tokenFile := ctx.String("token-file")
+	token := ctx.String("token")
+
+	return &BaseFlags{
+		ServerURL:  serverURL,
+		Format:     format.Format(rawFormat),
+		OutputMode: format.OutputMode(rawOutputMode),
+		Token:      token,
+		TokenFile:  tokenFile,
+	}
+}
+
+func GetToken(flags *BaseFlags) (string, error) {
+	if flags.Token != "" {
+		return flags.Token, nil
+	}
+
+	if flags.TokenFile == "" {
+		return "", nil
+	}
+
+	rawToken, err := ioutil.ReadFile(flags.TokenFile)
+	if err != nil && !errors.Is(err, os.ErrNotExist) {
+		return "", errors.WithStack(err)
+	}
+
+	if rawToken == nil {
+		return "", nil
+	}
+
+	return strings.TrimSpace(string(rawToken)), nil
+}
--- a/internal/command/api/flag/util.go
+++ b/internal/command/api/flag/util.go
@ -0,0 +1,11 @@
+package flag
+
+func AsAnySlice[T any](src []T) []any {
+	dst := make([]any, len(src))
+
+	for i, s := range src {
+		dst[i] = s
+	}
+
+	return dst
+}
--- a/internal/command/api/inbound/flag/flag.go
+++ b/internal/command/api/inbound/flag/flag.go
@ -0,0 +1,34 @@
+package flag
+
+import (
+	"errors"
+
+	clientFlag "forge.cadoles.com/cadoles/bouncer/internal/command/api/flag"
+	"forge.cadoles.com/cadoles/bouncer/internal/datastore"
+	"github.com/urfave/cli/v2"
+)
+
+func WithInboundFlags(flags ...cli.Flag) []cli.Flag {
+	baseFlags := clientFlag.ComposeFlags(
+		&cli.StringFlag{
+			Name:    "inbound-id",
+			Aliases: []string{"in"},
+			Usage:   "use `INBOUND_ID` as selected inbound",
+			Value:   "",
+		},
+	)
+
+	flags = append(flags, baseFlags...)
+
+	return flags
+}
+
+func AssertInboundID(ctx *cli.Context) (datastore.InboundID, error) {
+	rawInboundID := ctx.String("inbound-id")
+
+	if rawInboundID == "" {
+		return "", errors.New("flag 'inbound-id' is required")
+	}
+
+	return datastore.InboundID(rawInboundID), nil
+}
--- a/internal/command/api/inbound/root.go
+++ b/internal/command/api/inbound/root.go
@ -0,0 +1,13 @@
+package inbound
+
+import (
+	"github.com/urfave/cli/v2"
+)
+
+func Root() *cli.Command {
+	return &cli.Command{
+		Name:        "agent",
+		Usage:       "Inbounds related commands",
+		Subcommands: []*cli.Command{},
+	}
+}
--- a/internal/command/api/inbound/util.go
+++ b/internal/command/api/inbound/util.go
@ -0,0 +1,17 @@
+package inbound
+
+import "forge.cadoles.com/cadoles/bouncer/internal/format"
+
+func agentHints(outputMode format.OutputMode) format.Hints {
+	return format.Hints{
+		OutputMode: outputMode,
+		Props: []format.Prop{
+			format.NewProp("ID", "ID"),
+			format.NewProp("Label", "Label"),
+			format.NewProp("Thumbprint", "Thumbprint"),
+			format.NewProp("Status", "Status"),
+			format.NewProp("ContactedAt", "ContactedAt"),
+			format.NewProp("UpdatedAt", "UpdatedAt"),
+		},
+	}
+}
--- a/internal/command/api/root.go
+++ b/internal/command/api/root.go
@ -0,0 +1,16 @@
+package api
+
+import (
+	"forge.cadoles.com/cadoles/bouncer/internal/command/api/inbound"
+	"github.com/urfave/cli/v2"
+)
+
+func Root() *cli.Command {
+	return &cli.Command{
+		Name:  "api",
+		Usage: "API related commands",
+		Subcommands: []*cli.Command{
+			inbound.Root(),
+		},
+	}
+}
--- a/internal/command/common/flags.go
+++ b/internal/command/common/flags.go
@ -0,0 +1,7 @@
+package common
+
+import "github.com/urfave/cli/v2"
+
+func Flags() []cli.Flag {
+	return []cli.Flag{}
+}
--- a/internal/command/common/load_config.go
+++ b/internal/command/common/load_config.go
@ -0,0 +1,27 @@
+package common
+
+import (
+	"forge.cadoles.com/cadoles/bouncer/internal/config"
+	"github.com/pkg/errors"
+	"github.com/urfave/cli/v2"
+)
+
+func LoadConfig(ctx *cli.Context) (*config.Config, error) {
+	configFile := ctx.String("config")
+
+	var (
+		conf *config.Config
+		err  error
+	)
+
+	if configFile != "" {
+		conf, err = config.NewFromFile(configFile)
+		if err != nil {
+			return nil, errors.Wrapf(err, "Could not load config file '%s'", configFile)
+		}
+	} else {
+		conf = config.NewDefault()
+	}
+
+	return conf, nil
+}
--- a/internal/command/config/dump.go
+++ b/internal/command/config/dump.go
@ -0,0 +1,36 @@
+package config
+
+import (
+	"os"
+
+	"forge.cadoles.com/cadoles/bouncer/internal/command/common"
+	"forge.cadoles.com/cadoles/bouncer/internal/config"
+	"github.com/pkg/errors"
+	"github.com/urfave/cli/v2"
+	"gitlab.com/wpetit/goweb/logger"
+)
+
+func Dump() *cli.Command {
+	flags := common.Flags()
+
+	return &cli.Command{
+		Name:  "dump",
+		Usage: "Dump the current configuration",
+		Flags: flags,
+		Action: func(ctx *cli.Context) error {
+			conf, err := common.LoadConfig(ctx)
+			if err != nil {
+				return errors.Wrap(err, "Could not load configuration")
+			}
+
+			logger.SetFormat(logger.Format(conf.Logger.Format))
+			logger.SetLevel(logger.Level(conf.Logger.Level))
+
+			if err := config.Dump(conf, os.Stdout); err != nil {
+				return errors.Wrap(err, "Could not dump configuration")
+			}
+
+			return nil
+		},
+	}
+}
--- a/internal/command/config/root.go
+++ b/internal/command/config/root.go
@ -0,0 +1,13 @@
+package config
+
+import "github.com/urfave/cli/v2"
+
+func Root() *cli.Command {
+	return &cli.Command{
+		Name:  "config",
+		Usage: "Config related commands",
+		Subcommands: []*cli.Command{
+			Dump(),
+		},
+	}
+}
--- a/internal/command/database/migrate.go
+++ b/internal/command/database/migrate.go
@ -0,0 +1,105 @@
+package database
+
+import (
+	"forge.cadoles.com/cadoles/bouncer/internal/command/common"
+	"forge.cadoles.com/cadoles/bouncer/internal/migrate"
+	"github.com/pkg/errors"
+	"github.com/urfave/cli/v2"
+	"gitlab.com/wpetit/goweb/logger"
+)
+
+const (
+	MigrateVersionUp     = "up"
+	MigrateVersionLatest = "latest"
+	MigrateVersionDown   = "down"
+)
+
+func MigrateCommand() *cli.Command {
+	return &cli.Command{
+		Name:  "migrate",
+		Usage: "Migrate database schema to latest version",
+		Flags: []cli.Flag{
+			&cli.StringFlag{
+				Name:  "target",
+				Usage: "Migration target, default to latest",
+				Value: "latest",
+			},
+			&cli.IntFlag{
+				Name:  "force",
+				Usage: "Force migration to version",
+				Value: -1,
+			},
+		},
+		Action: func(ctx *cli.Context) error {
+			conf, err := common.LoadConfig(ctx)
+			if err != nil {
+				return errors.Wrap(err, "Could not load configuration")
+			}
+
+			driver := string(conf.Database.Driver)
+			dsn := string(conf.Database.DSN)
+
+			migr, err := migrate.New("migrations", driver, dsn)
+			if err != nil {
+				return errors.WithStack(err)
+			}
+
+			version, dirty, err := migr.Version()
+			if err != nil && !errors.Is(err, migrate.ErrNilVersion) {
+				return errors.WithStack(err)
+			}
+
+			logger.Info(
+				ctx.Context, "current database shema",
+				logger.F("version", version),
+				logger.F("dirty", dirty),
+			)
+
+			target := ctx.String("target")
+			force := ctx.Int("force")
+
+			if force != -1 {
+				logger.Info(ctx.Context, "forcing database schema version", logger.F("version", force))
+
+				if err := migr.Force(force); err != nil {
+					return errors.WithStack(err)
+				}
+
+				return nil
+			}
+
+			switch target {
+			case "":
+				fallthrough
+			case MigrateVersionLatest:
+				err = migr.Up()
+			case MigrateVersionDown:
+				err = migr.Steps(-1)
+			case MigrateVersionUp:
+				err = migr.Steps(1)
+			default:
+				return errors.Errorf(
+					"unknown migration target: '%s', available: '%s' (default), '%s' or '%s'",
+					target, MigrateVersionLatest, MigrateVersionUp, MigrateVersionDown,
+				)
+			}
+
+			if err != nil && !errors.Is(err, migrate.ErrNoChange) {
+				return errors.Wrap(err, "could not apply migration")
+			}
+
+			version, dirty, err = migr.Version()
+			if err != nil && !errors.Is(err, migrate.ErrNilVersion) {
+				return errors.WithStack(err)
+			}
+
+			logger.Info(
+				ctx.Context, "database shema after migration",
+				logger.F("version", version),
+				logger.F("dirty", dirty),
+			)
+
+			return nil
+		},
+	}
+}
--- a/internal/command/database/ping.go
+++ b/internal/command/database/ping.go
@ -0,0 +1,48 @@
+package database
+
+import (
+	"database/sql"
+
+	"forge.cadoles.com/cadoles/bouncer/internal/command/common"
+
+	"github.com/pkg/errors"
+	"github.com/urfave/cli/v2"
+	"gitlab.com/wpetit/goweb/logger"
+)
+
+func PingCommand() *cli.Command {
+	return &cli.Command{
+		Name:  "ping",
+		Usage: "Test database connectivity",
+		Action: func(ctx *cli.Context) error {
+			conf, err := common.LoadConfig(ctx)
+			if err != nil {
+				return errors.Wrap(err, "Could not load configuration")
+			}
+
+			logger.Info(ctx.Context, "connecting to database", logger.F("dsn", conf.Database.DSN))
+
+			driver := string(conf.Database.Driver)
+			dsn := string(conf.Database.DSN)
+
+			db, err := sql.Open(driver, dsn)
+			if err != nil {
+				return errors.WithStack(err)
+			}
+
+			defer func() {
+				if err := db.Close(); err != nil {
+					logger.Error(ctx.Context, "error while closing database connection", logger.E(errors.WithStack(err)))
+				}
+			}()
+
+			if err := db.PingContext(ctx.Context); err != nil {
+				return errors.WithStack(err)
+			}
+
+			logger.Info(ctx.Context, "connection succeeded", logger.F("dsn", conf.Database.DSN))
+
+			return nil
+		},
+	}
+}
--- a/internal/command/database/reset.go
+++ b/internal/command/database/reset.go
@ -0,0 +1,38 @@
+package database
+
+import (
+	"forge.cadoles.com/cadoles/bouncer/internal/command/common"
+	"forge.cadoles.com/cadoles/bouncer/internal/migrate"
+	"github.com/pkg/errors"
+	"github.com/urfave/cli/v2"
+	"gitlab.com/wpetit/goweb/logger"
+)
+
+func ResetCommand() *cli.Command {
+	return &cli.Command{
+		Name:  "reset",
+		Usage: "Reset database",
+		Action: func(ctx *cli.Context) error {
+			conf, err := common.LoadConfig(ctx)
+			if err != nil {
+				return errors.Wrap(err, "Could not load configuration")
+			}
+
+			driver := string(conf.Database.Driver)
+			dsn := string(conf.Database.DSN)
+
+			migr, err := migrate.New("migrations", driver, dsn)
+			if err != nil {
+				return errors.WithStack(err)
+			}
+
+			if err := migr.Drop(); err != nil {
+				return errors.Wrap(err, "could not drop tables")
+			}
+
+			logger.Info(ctx.Context, "database schema reinitialized")
+
+			return nil
+		},
+	}
+}
--- a/internal/command/database/root.go
+++ b/internal/command/database/root.go
@ -0,0 +1,15 @@
+package database
+
+import "github.com/urfave/cli/v2"
+
+func Root() *cli.Command {
+	return &cli.Command{
+		Name:  "database",
+		Usage: "Database related commands",
+		Subcommands: []*cli.Command{
+			MigrateCommand(),
+			PingCommand(),
+			ResetCommand(),
+		},
+	}
+}
--- a/internal/command/main.go
+++ b/internal/command/main.go
@ -0,0 +1,107 @@
+package command
+
+import (
+	"context"
+	"fmt"
+	"os"
+	"sort"
+	"time"
+
+	"github.com/pkg/errors"
+	"github.com/urfave/cli/v2"
+)
+
+func Main(buildDate, projectVersion, gitRef, defaultConfigPath string, commands ...*cli.Command) {
+	ctx := context.Background()
+
+	compiled, err := time.Parse(time.RFC3339, buildDate)
+	if err != nil {
+		panic(errors.Wrapf(err, "could not parse build date '%s'", buildDate))
+	}
+
+	app := &cli.App{
+		Version:  fmt.Sprintf("%s (%s, %s)", projectVersion, gitRef, buildDate),
+		Compiled: compiled,
+		Name:     "bouncer",
+		Usage:    "reverse proxy server with dynamic queuing management",
+		Commands: commands,
+		Before: func(ctx *cli.Context) error {
+			workdir := ctx.String("workdir")
+			// Switch to new working directory if defined
+			if workdir != "" {
+				if err := os.Chdir(workdir); err != nil {
+					return errors.Wrap(err, "could not change working directory")
+				}
+			}
+
+			if err := ctx.Set("projectVersion", projectVersion); err != nil {
+				return errors.WithStack(err)
+			}
+
+			if err := ctx.Set("gitRef", gitRef); err != nil {
+				return errors.WithStack(err)
+			}
+
+			if err := ctx.Set("buildDate", buildDate); err != nil {
+				return errors.WithStack(err)
+			}
+
+			return nil
+		},
+		Flags: []cli.Flag{
+			&cli.StringFlag{
+				Name:  "workdir",
+				Value: "",
+				Usage: "The working directory",
+			},
+			&cli.StringFlag{
+				Name:   "projectVersion",
+				Value:  "",
+				Hidden: true,
+			},
+			&cli.StringFlag{
+				Name:   "gitRef",
+				Value:  "",
+				Hidden: true,
+			},
+			&cli.StringFlag{
+				Name:   "buildDate",
+				Value:  "",
+				Hidden: true,
+			},
+			&cli.BoolFlag{
+				Name:    "debug",
+				EnvVars: []string{"EMISSARY_DEBUG"},
+				Value:   false,
+			},
+			&cli.StringFlag{
+				Name:      "config",
+				Aliases:   []string{"c"},
+				EnvVars:   []string{"EMISSARY_CONFIG"},
+				Value:     defaultConfigPath,
+				TakesFile: true,
+			},
+		},
+	}
+
+	app.ExitErrHandler = func(ctx *cli.Context, err error) {
+		if err == nil {
+			return
+		}
+
+		debug := ctx.Bool("debug")
+
+		if !debug {
+			fmt.Printf("[ERROR] %v\n", err)
+		} else {
+			fmt.Printf("%+v", err)
+		}
+	}
+
+	sort.Sort(cli.FlagsByName(app.Flags))
+	sort.Sort(cli.CommandsByName(app.Commands))
+
+	if err := app.RunContext(ctx, os.Args); err != nil {
+		os.Exit(1)
+	}
+}
--- a/internal/command/proxy/root.go
+++ b/internal/command/proxy/root.go
@ -0,0 +1,15 @@
+package proxy
+
+import (
+	"github.com/urfave/cli/v2"
+)
+
+func Root() *cli.Command {
+	return &cli.Command{
+		Name:  "proxy",
+		Usage: "Proxy server related commands",
+		Subcommands: []*cli.Command{
+			RunCommand(),
+		},
+	}
+}
--- a/internal/command/proxy/run.go
+++ b/internal/command/proxy/run.go
@ -0,0 +1,54 @@
+package proxy
+
+import (
+	"fmt"
+	"strings"
+
+	"forge.cadoles.com/cadoles/bouncer/internal/command/common"
+	"forge.cadoles.com/cadoles/bouncer/internal/proxy"
+	"github.com/pkg/errors"
+	"github.com/urfave/cli/v2"
+	"gitlab.com/wpetit/goweb/logger"
+)
+
+func RunCommand() *cli.Command {
+	flags := common.Flags()
+
+	return &cli.Command{
+		Name:  "run",
+		Usage: "Run the proxy server",
+		Flags: flags,
+		Action: func(ctx *cli.Context) error {
+			conf, err := common.LoadConfig(ctx)
+			if err != nil {
+				return errors.Wrap(err, "could not load configuration")
+			}
+
+			logger.SetFormat(logger.Format(conf.Logger.Format))
+			logger.SetLevel(logger.Level(conf.Logger.Level))
+
+			srv := proxy.NewServer(
+				proxy.WithServerConfig(conf.Proxy),
+				proxy.WithDatabaseConfig(conf.Database),
+			)
+
+			addrs, srvErrs := srv.Start(ctx.Context)
+
+			select {
+			case addr := <-addrs:
+				url := fmt.Sprintf("http://%s", addr.String())
+				url = strings.Replace(url, "0.0.0.0", "127.0.0.1", 1)
+
+				logger.Info(ctx.Context, "listening", logger.F("url", url))
+			case err = <-srvErrs:
+				return errors.WithStack(err)
+			}
+
+			if err = <-srvErrs; err != nil {
+				return errors.WithStack(err)
+			}
+
+			return nil
+		},
+	}
+}