wip: non-root

This commit is contained in:
Andras Bacsai 2024-04-16 20:57:54 +02:00
parent a04c7831b1
commit 41f4b36593
9 changed files with 56 additions and 72 deletions

View File

@ -16,18 +16,10 @@ public function handle(Server $server, bool $reset = false)
return 'OK';
}
$proxy_path = $server->proxyPath();
if ($server->isNonRoot()) {
$payload = [
"mkdir -p $proxy_path",
"chown -R $server->user:$server->user $proxy_path",
"cat $proxy_path/docker-compose.yml",
];
} else {
$payload = [
"mkdir -p $proxy_path",
"cat $proxy_path/docker-compose.yml",
];
}
$payload = [
"mkdir -p $proxy_path",
"cat $proxy_path/docker-compose.yml",
];
$proxy_configuration = instant_remote_process($payload, $server, false);
if ($reset || !$proxy_configuration || is_null($proxy_configuration)) {

View File

@ -30,16 +30,18 @@ public function handle(Server $server, bool $async = true): string|Activity
$server->save();
if ($server->isSwarm()) {
$commands = $commands->merge([
"mkdir -p $proxy_path/dynamic && cd $proxy_path",
"mkdir -p $proxy_path/dynamic",
"cd $proxy_path",
"echo 'Creating required Docker Compose file.'",
"echo 'Starting coolify-proxy.'",
"cd $proxy_path && docker stack deploy -c docker-compose.yml coolify-proxy",
"docker stack deploy -c docker-compose.yml coolify-proxy",
"echo 'Proxy started successfully.'"
]);
} else {
$caddfile = "import /dynamic/*.caddy";
$commands = $commands->merge([
"mkdir -p $proxy_path/dynamic && cd $proxy_path",
"mkdir -p $proxy_path/dynamic",
"cd $proxy_path",
"echo '$caddfile' > $proxy_path/dynamic/Caddyfile",
"echo 'Creating required Docker Compose file.'",
"echo 'Pulling docker image.'",

View File

@ -29,7 +29,8 @@ public function handle(Server $server, string $cloudflare_token)
$config = Yaml::dump($config, 12, 2);
$docker_compose_yml_base64 = base64_encode($config);
$commands = collect([
"mkdir -p /tmp/cloudflared && cd /tmp/cloudflared",
"mkdir -p /tmp/cloudflared",
"cd /tmp/cloudflared",
"echo '$docker_compose_yml_base64' | base64 -d > docker-compose.yml",
"docker compose pull",
"docker compose down -v --remove-orphans > /dev/null 2>&1",

View File

@ -23,7 +23,8 @@ public function getListeners()
'proxyStatusUpdated',
'traefikDashboardAvailable',
'serverRefresh' => 'proxyStatusUpdated',
"checkProxy", "startProxy"
"checkProxy",
"startProxy"
];
}

View File

@ -33,32 +33,8 @@ function remote_process(
$command = $command->toArray();
}
if ($server->isNonRoot()) {
$command = collect($command)->map(function ($line) {
if (!str($line)->startSwith('cd')) {
return "sudo $line";
}
return $line;
})->toArray();
$command = collect($command)->map(function ($line) use ($server) {
if (Str::startsWith($line, 'sudo mkdir -p')) {
return "$line && sudo chown -R $server->user:$server->user " . Str::after($line, 'sudo mkdir -p') . ' && sudo chmod -R o-rwx ' . Str::after($line, 'sudo mkdir -p');
}
return $line;
})->toArray();
$command = collect($command)->map(function ($line) {
if (str($line)->contains('$(') || str($line)->contains('`')) {
return str($line)->replace('$(', '$(sudo ')->replace('`', '`sudo ')->value();
}
if (str($line)->contains('||')) {
return str($line)->replace('||', '|| sudo ')->value();
}
if (str($line)->contains('&&')) {
return str($line)->replace('&&', '&& sudo ')->value();
}
return $line;
})->toArray();
$command = parseCommandsByLineForSudo(collect($command), $server);
}
ray($command);
$command_string = implode("\n", $command);
if (auth()->user()) {
$teams = auth()->user()->teams->pluck('id');
@ -195,30 +171,7 @@ function instant_remote_process(Collection|array $command, Server $server, bool
$command = $command->toArray();
}
if ($server->isNonRoot() && !$no_sudo) {
$command = collect($command)->map(function ($line) {
if (!str($line)->startSwith('cd')) {
return "sudo $line";
}
return $line;
})->toArray();
$command = collect($command)->map(function ($line) use ($server) {
if (Str::startsWith($line, 'sudo mkdir -p')) {
return "$line && sudo chown -R $server->user:$server->user " . Str::after($line, 'sudo mkdir -p') . ' && sudo chmod -R o-rwx ' . Str::after($line, 'sudo mkdir -p');
}
return $line;
})->toArray();
$command = collect($command)->map(function ($line) {
if (str($line)->contains('$(') || str($line)->contains('`')) {
return str($line)->replace('$(', '$(sudo ')->replace('`', '`sudo ')->value();
}
if (str($line)->contains('||')) {
return str($line)->replace('||', '|| sudo ')->value();
}
if (str($line)->contains('&&')) {
return str($line)->replace('&&', '&& sudo ')->value();
}
return $line;
})->toArray();
$command = parseCommandsByLineForSudo(collect($command), $server);
}
$command_string = implode("\n", $command);
$ssh_command = generateSshCommand($server, $command_string, $no_sudo);

View File

@ -34,7 +34,7 @@ function getFilesystemVolumesFromServer(ServiceApplication|ServiceDatabase|Appli
$fileVolumes = $oneService->fileStorages()->get();
$commands = collect([
"mkdir -p $workdir > /dev/null 2>&1 || true",
"cd "
"cd $workdir"
]);
instant_remote_process($commands, $server);
foreach ($fileVolumes as $fileVolume) {

View File

@ -29,6 +29,7 @@
use Illuminate\Database\UniqueConstraintViolationException;
use Illuminate\Mail\Message;
use Illuminate\Notifications\Messages\MailMessage;
use Illuminate\Support\Collection;
use Illuminate\Support\Facades\Cache;
use Illuminate\Support\Facades\File;
use Illuminate\Support\Facades\Http;
@ -1949,3 +1950,32 @@ function check_domain_usage(ServiceApplication|Application|null $resource = null
}
}
}
function parseCommandsByLineForSudo(Collection $commands, Server $server): array {
$commands = $commands->map(function ($line) {
if (!str($line)->startSwith('cd') && !str($line)->startSwith('command')) {
return "sudo $line";
}
return $line;
});
$commands = $commands->map(function ($line) use ($server) {
if (Str::startsWith($line, 'sudo mkdir -p')) {
return "$line && sudo chown -R $server->user:$server->user " . Str::after($line, 'sudo mkdir -p') . ' && sudo chmod -R o-rwx ' . Str::after($line, 'sudo mkdir -p');
}
return $line;
});
$commands = $commands->map(function ($line) {
if (str($line)->contains('$(') || str($line)->contains('`')) {
return str($line)->replace('$(', '$(sudo ')->replace('`', '`sudo ')->value();
}
if (str($line)->contains('||')) {
return str($line)->replace('||', '|| sudo ')->value();
}
if (str($line)->contains('&&')) {
return str($line)->replace('&&', '&& sudo ')->value();
}
return $line;
});
return $commands->toArray();
}

View File

@ -10,7 +10,9 @@
<div class="flex gap-2">
<x-forms.input id="ip" label="IP Address/Domain" required
helper="An IP Address (127.0.0.1) or domain (example.com)." />
{{-- <x-forms.input id="user" label="User" required /> --}}
@if (isDev())
<x-forms.input id="user" label="User" required />
@endif
<x-forms.input type="number" id="port" label="Port" required />
</div>
<x-forms.select label="Private Key" id="private_key_id">
@ -29,8 +31,7 @@
<div class="">
<h3 class="pt-6">Swarm <span class="text-xs text-neutral-500">(experimental)</span></h3>
<div class="pb-4">Read the docs <a class='dark:text-white'
href='https://coolify.io/docs/knowledge-base/docker/swarm'
target='_blank'>here</a>.</div>
href='https://coolify.io/docs/knowledge-base/docker/swarm' target='_blank'>here</a>.</div>
@if ($is_swarm_worker || $is_build_server)
<x-forms.checkbox disabled instantSave type="checkbox" id="is_swarm_manager"
helper="For more information, please read the documentation <a class='dark:text-white' href='https://coolify.io/docs/knowledge-base/docker/swarm' target='_blank'>here</a>."
@ -40,7 +41,7 @@
helper="For more information, please read the documentation <a class='dark:text-white' href='https://coolify.io/docs/knowledge-base/docker/swarm' target='_blank'>here</a>."
label="Is it a Swarm Manager?" />
@endif
@if ($is_swarm_manager|| $is_build_server)
@if ($is_swarm_manager || $is_build_server)
<x-forms.checkbox disabled instantSave type="checkbox" id="is_swarm_worker"
helper="For more information, please read the documentation <a class='dark:text-white' href='https://coolify.io/docs/knowledge-base/docker/swarm' target='_blank'>here</a>."
label="Is it a Swarm Worker?" />

View File

@ -48,7 +48,7 @@
</x-modal-confirmation>
</div>
@else
<button @click="$wire.dispatch('checkProxy')" class="gap-2 button">
<button @click="$wire.dispatch('checkProxyEvent')" class="gap-2 button">
<svg xmlns="http://www.w3.org/2000/svg" class="w-5 h-5 dark:text-warning" viewBox="0 0 24 24"
stroke-width="1.5" stroke="currentColor" fill="none" stroke-linecap="round"
stroke-linejoin="round">
@ -61,6 +61,10 @@
@endif
@script
<script>
$wire.$on('checkProxyEvent', () => {
$wire.$dispatch('info', 'Starting proxy.');
$wire.$call('checkProxy');
});
$wire.$on('restartEvent', () => {
$wire.$dispatch('info', 'Restarting proxy.');
$wire.$call('restart');