[PR #185] [MERGED] feat(healthcheck): add TLS SNI header to request when needed #365

Closed
opened 2026-04-12 06:40:25 -05:00 by GiteaMirror · 0 comments
Owner

📋 Pull Request Information

Original PR: https://github.com/fosrl/newt/pull/185
Author: @water-sucks
Created: 12/4/2025
Status: Merged
Merged: 12/4/2025
Merged by: @oschwartz10612

Base: mainHead: add-tls-server-name-to-healthchecks


📝 Commits (1)

  • 8a45f6f feat(healthcheck): add TLS SNI header to request when needed

📊 Changes

1 file changed (+13 additions, -13 deletions)

View changed files

📝 healthcheck/healthcheck.go (+13 -13)

📄 Description

Community Contribution License Agreement

By creating this pull request, I grant the project maintainers an unlimited,
perpetual license to use, modify, and redistribute these contributions under any terms they
choose, including both the AGPLv3 and the Fossorial Commercial license terms. I
represent that I have the right to grant this license for all contributed content.

Description

Add the Server Name Indication (SNI) field to healthcheck requests, if present in the target config.

SNI handling is already present for proxying resources, but this has not been implemented for healthcheck requests yet until this commit.

In order to facilitate this, this commit moves the client instantiation to when the healthcheck is performed, rather than as a part of the monitor init code. This may have minor performance implications, but this can be monitored later, since users are probably not running that many healthchecks as to where this would become a problem. Maybe I'll be proven wrong? I sure hope not.

This is the corresponding Newt component to https://github.com/fosrl/pangolin/pull/1971, and probably should be merged in tandem with it.

How to test?

Run the Newt binary with a corresponding version of Pangolin that adds the target healthcheck SNI field from the linked PR, and make sure that Newt proxies the SNI headers correctly down and receives the correct certificate to work with when it is specified from the target healthcheck config.


🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/fosrl/newt/pull/185 **Author:** [@water-sucks](https://github.com/water-sucks) **Created:** 12/4/2025 **Status:** ✅ Merged **Merged:** 12/4/2025 **Merged by:** [@oschwartz10612](https://github.com/oschwartz10612) **Base:** `main` ← **Head:** `add-tls-server-name-to-healthchecks` --- ### 📝 Commits (1) - [`8a45f6f`](https://github.com/fosrl/newt/commit/8a45f6fd63cefa69747a2bb9eecb450ce2b634cc) feat(healthcheck): add TLS SNI header to request when needed ### 📊 Changes **1 file changed** (+13 additions, -13 deletions) <details> <summary>View changed files</summary> 📝 `healthcheck/healthcheck.go` (+13 -13) </details> ### 📄 Description ## Community Contribution License Agreement By creating this pull request, I grant the project maintainers an unlimited, perpetual license to use, modify, and redistribute these contributions under any terms they choose, including both the AGPLv3 and the Fossorial Commercial license terms. I represent that I have the right to grant this license for all contributed content. ## Description Add the Server Name Indication (SNI) field to healthcheck requests, if present in the target config. SNI handling is already present for proxying resources, but this has not been implemented for healthcheck requests yet until this commit. In order to facilitate this, this commit moves the client instantiation to when the healthcheck is performed, rather than as a part of the monitor init code. This may have minor performance implications, but this can be monitored later, since users are probably not running that many healthchecks as to where this would become a problem. Maybe I'll be proven wrong? I sure hope not. This is the corresponding Newt component to https://github.com/fosrl/pangolin/pull/1971, and probably should be merged in tandem with it. ## How to test? Run the Newt binary with a corresponding version of Pangolin that adds the target healthcheck SNI field from the linked PR, and make sure that Newt proxies the SNI headers correctly down and receives the correct certificate to work with when it is specified from the target healthcheck config. --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
GiteaMirror added the pull-request label 2026-04-12 06:40:25 -05:00
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/newt#365