From 40da3ff9fe036b2ce589856b4ca134138ab9f413 Mon Sep 17 00:00:00 2001 From: Andras Bacsai Date: Mon, 2 May 2022 15:50:40 +0200 Subject: [PATCH 1/3] fix: Update autoupdate env variable --- package.json | 2 +- src/routes/update.json.ts | 5 +++++ 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/package.json b/package.json index 1cffb1afb..7c28949bd 100644 --- a/package.json +++ b/package.json @@ -1,7 +1,7 @@ { "name": "coolify", "description": "An open-source & self-hostable Heroku / Netlify alternative.", - "version": "2.6.0", + "version": "2.6.1", "license": "AGPL-3.0", "scripts": { "dev": "docker-compose -f docker-compose-dev.yaml up -d && cross-env NODE_ENV=development & svelte-kit dev --host 0.0.0.0", diff --git a/src/routes/update.json.ts b/src/routes/update.json.ts index 42f4dd6ee..19845b90e 100644 --- a/src/routes/update.json.ts +++ b/src/routes/update.json.ts @@ -2,6 +2,7 @@ import { dev } from '$app/env'; import { asyncExecShell, version } from '$lib/common'; import { asyncSleep } from '$lib/components/common'; import { ErrorHandler } from '$lib/database'; +import * as db from '$lib/database'; import type { RequestHandler } from '@sveltejs/kit'; import compare from 'compare-versions'; import got from 'got'; @@ -36,8 +37,12 @@ export const post: RequestHandler = async (event) => { if (type === 'update') { try { if (!dev) { + const { isAutoUpdateEnabled } = await db.prisma.setting.findFirst(); await asyncExecShell(`docker pull coollabsio/coolify:${latestVersion}`); await asyncExecShell(`env | grep COOLIFY > .env`); + await asyncExecShell( + `sed -i '/COOLIFY_AUTO_UPDATE=/c\COOLIFY_AUTO_UPDATE=${isAutoUpdateEnabled}' .env` + ); await asyncExecShell( `docker run --rm -tid --env-file .env -v /var/run/docker.sock:/var/run/docker.sock -v coolify-db coollabsio/coolify:${latestVersion} /bin/sh -c "env | grep COOLIFY > .env && echo 'TAG=${latestVersion}' >> .env && docker stop -t 0 coolify coolify-redis && docker rm coolify coolify-redis && docker compose up -d --force-recreate"` ); From 8b813fb07a96ef1dc2964b8b87382db3b750885a Mon Sep 17 00:00:00 2001 From: Andras Bacsai Date: Tue, 3 May 2022 11:40:02 +0200 Subject: [PATCH 2/3] fix: Renew certificates --- src/lib/letsencrypt/index.ts | 25 +++++++++++++++++++++++++ src/lib/queues/index.ts | 2 +- src/lib/queues/sslrenewal.ts | 13 +++++++------ src/routes/settings/index.svelte | 21 +++++++++++++++++++++ src/routes/settings/renew.json.ts | 26 ++++++++++++++++++++++++++ 5 files changed, 80 insertions(+), 7 deletions(-) create mode 100644 src/routes/settings/renew.json.ts diff --git a/src/lib/letsencrypt/index.ts b/src/lib/letsencrypt/index.ts index f443625ae..7b64b8a9e 100644 --- a/src/lib/letsencrypt/index.ts +++ b/src/lib/letsencrypt/index.ts @@ -290,3 +290,28 @@ export async function generateSSLCerts(): Promise { } } } + +export async function renewSSLCerts(): Promise { + const host = 'unix:///var/run/docker.sock'; + await asyncExecShell(`docker pull alpine:latest`); + const certbotImage = + process.arch === 'x64' ? 'certbot/certbot' : 'certbot/certbot:arm64v8-latest'; + + const { stdout: certificates } = await asyncExecShell( + `DOCKER_HOST=${host} docker run --rm -v "coolify-letsencrypt:/etc/letsencrypt" -v "coolify-ssl-certs:/app/ssl" alpine:latest sh -c "ls -1 /etc/letsencrypt/live/ | grep -v README"` + ); + + for (const certificate of certificates.trim().split('\n')) { + try { + await asyncExecShell( + `DOCKER_HOST=${host} docker run --rm --name certbot-renewal -p 9080:9080 -v "coolify-letsencrypt:/etc/letsencrypt" ${certbotImage} --cert-name ${certificate} --logs-dir /etc/letsencrypt/logs renew --standalone --preferred-challenges http --http-01-address 0.0.0.0 --http-01-port 9080` + ); + await asyncExecShell( + `DOCKER_HOST=${host} docker run --rm -v "coolify-letsencrypt:/etc/letsencrypt" -v "coolify-ssl-certs:/app/ssl" alpine:latest sh -c "test -d /etc/letsencrypt/live/${certificate}/ && cat /etc/letsencrypt/live/${certificate}/fullchain.pem /etc/letsencrypt/live/${certificate}/privkey.pem > /app/ssl/${certificate}.pem"` + ); + } catch (error) { + console.log(error); + } + } + await reloadHaproxy('unix:///var/run/docker.sock'); +} diff --git a/src/lib/queues/index.ts b/src/lib/queues/index.ts index 60097680d..cc340b883 100644 --- a/src/lib/queues/index.ts +++ b/src/lib/queues/index.ts @@ -116,7 +116,7 @@ const cron = async (): Promise => { await queue.proxyTcpHttp.add('proxyTcpHttp', {}, { repeat: { every: 10000 } }); await queue.ssl.add('ssl', {}, { repeat: { every: dev ? 10000 : 60000 } }); if (!dev) await queue.cleanup.add('cleanup', {}, { repeat: { every: 300000 } }); - await queue.sslRenew.add('sslRenew', {}, { repeat: { every: 1800000 } }); + if (!dev) await queue.sslRenew.add('sslRenew', {}, { repeat: { every: 1800000 } }); await queue.autoUpdater.add('autoUpdater', {}, { repeat: { every: 60000 } }); }; cron().catch((error) => { diff --git a/src/lib/queues/sslrenewal.ts b/src/lib/queues/sslrenewal.ts index 4af5bae64..766b9c502 100644 --- a/src/lib/queues/sslrenewal.ts +++ b/src/lib/queues/sslrenewal.ts @@ -1,9 +1,10 @@ -import { asyncExecShell } from '$lib/common'; -import { reloadHaproxy } from '$lib/haproxy'; +import { renewSSLCerts } from '$lib/letsencrypt'; export default async function (): Promise { - await asyncExecShell( - `docker run --rm --name certbot-renewal -v "coolify-letsencrypt:/etc/letsencrypt" certbot/certbot --logs-dir /etc/letsencrypt/logs renew` - ); - await reloadHaproxy('unix:///var/run/docker.sock'); + try { + return await renewSSLCerts(); + } catch (error) { + console.log(error); + throw error; + } } diff --git a/src/routes/settings/index.svelte b/src/routes/settings/index.svelte index 6a9b6ba5a..20e1c788d 100644 --- a/src/routes/settings/index.svelte +++ b/src/routes/settings/index.svelte @@ -111,6 +111,14 @@ loading.save = false; } } + async function renewCerts() { + try { + toast.push('Renewing certificates...'); + return await post(`/settings/renew.json`, {}); + } catch ({ error }) { + return errorNotification(error); + } + }
@@ -219,6 +227,19 @@ on:click={() => changeSettings('isAutoUpdateEnabled')} />
+
+
+
+ Renew SSL Certificates manually +
+ +
+
+ +
+
{/if} diff --git a/src/routes/settings/renew.json.ts b/src/routes/settings/renew.json.ts new file mode 100644 index 000000000..3cbb8f4ad --- /dev/null +++ b/src/routes/settings/renew.json.ts @@ -0,0 +1,26 @@ +import { getUserDetails } from '$lib/common'; +import { ErrorHandler } from '$lib/database'; +import { renewSSLCerts } from '$lib/letsencrypt'; +import { t } from '$lib/translations'; +import type { RequestHandler } from '@sveltejs/kit'; + +export const post: RequestHandler = async (event) => { + const { teamId, status, body } = await getUserDetails(event); + if (teamId !== '0') + return { + status: 401, + body: { + message: t.get('setting.permission_denied') + } + }; + if (status === 401) return { status, body }; + + try { + renewSSLCerts(); + return { + status: 201 + }; + } catch (error) { + return ErrorHandler(error); + } +}; From fd363ec01777b2a7fc0f089eaedbeb8c42158c91 Mon Sep 17 00:00:00 2001 From: Andras Bacsai Date: Tue, 3 May 2022 11:40:09 +0200 Subject: [PATCH 3/3] update readme.md --- README.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/README.md b/README.md index f342fd74a..d73fc94df 100644 --- a/README.md +++ b/README.md @@ -56,6 +56,7 @@ These are the predefined build packs, but with the Docker build pack, you can ho - Gatsby - Svelte - PHP +- Laravel - Rust - Docker @@ -85,6 +86,8 @@ You can host cool open-source services as well: - [Uptime Kuma](https://github.com/louislam/uptime-kuma) - [MeiliSearch](https://github.com/meilisearch/meilisearch) - [Umami](https://github.com/mikecao/umami) +- [Fider](https://fider.io) +- [Hasura](https://hasura.io) ## Migration from v1