From 41f4b36593b6b75180bd7162202e2e2d39949b3d Mon Sep 17 00:00:00 2001 From: Andras Bacsai Date: Tue, 16 Apr 2024 20:57:54 +0200 Subject: [PATCH] wip: non-root --- app/Actions/Proxy/CheckConfiguration.php | 16 ++---- app/Actions/Proxy/StartProxy.php | 8 +-- app/Actions/Server/ConfigureCloudflared.php | 3 +- app/Livewire/Server/Proxy/Deploy.php | 3 +- bootstrap/helpers/remoteProcess.php | 51 +------------------ bootstrap/helpers/services.php | 2 +- bootstrap/helpers/shared.php | 30 +++++++++++ .../views/livewire/server/new/by-ip.blade.php | 9 ++-- .../livewire/server/proxy/deploy.blade.php | 6 ++- 9 files changed, 56 insertions(+), 72 deletions(-) diff --git a/app/Actions/Proxy/CheckConfiguration.php b/app/Actions/Proxy/CheckConfiguration.php index 5ce7e1e87..1058e8b5f 100644 --- a/app/Actions/Proxy/CheckConfiguration.php +++ b/app/Actions/Proxy/CheckConfiguration.php @@ -16,18 +16,10 @@ public function handle(Server $server, bool $reset = false) return 'OK'; } $proxy_path = $server->proxyPath(); - if ($server->isNonRoot()) { - $payload = [ - "mkdir -p $proxy_path", - "chown -R $server->user:$server->user $proxy_path", - "cat $proxy_path/docker-compose.yml", - ]; - } else { - $payload = [ - "mkdir -p $proxy_path", - "cat $proxy_path/docker-compose.yml", - ]; - } + $payload = [ + "mkdir -p $proxy_path", + "cat $proxy_path/docker-compose.yml", + ]; $proxy_configuration = instant_remote_process($payload, $server, false); if ($reset || !$proxy_configuration || is_null($proxy_configuration)) { diff --git a/app/Actions/Proxy/StartProxy.php b/app/Actions/Proxy/StartProxy.php index ab635fc65..5b1ffa409 100644 --- a/app/Actions/Proxy/StartProxy.php +++ b/app/Actions/Proxy/StartProxy.php @@ -30,16 +30,18 @@ public function handle(Server $server, bool $async = true): string|Activity $server->save(); if ($server->isSwarm()) { $commands = $commands->merge([ - "mkdir -p $proxy_path/dynamic && cd $proxy_path", + "mkdir -p $proxy_path/dynamic", + "cd $proxy_path", "echo 'Creating required Docker Compose file.'", "echo 'Starting coolify-proxy.'", - "cd $proxy_path && docker stack deploy -c docker-compose.yml coolify-proxy", + "docker stack deploy -c docker-compose.yml coolify-proxy", "echo 'Proxy started successfully.'" ]); } else { $caddfile = "import /dynamic/*.caddy"; $commands = $commands->merge([ - "mkdir -p $proxy_path/dynamic && cd $proxy_path", + "mkdir -p $proxy_path/dynamic", + "cd $proxy_path", "echo '$caddfile' > $proxy_path/dynamic/Caddyfile", "echo 'Creating required Docker Compose file.'", "echo 'Pulling docker image.'", diff --git a/app/Actions/Server/ConfigureCloudflared.php b/app/Actions/Server/ConfigureCloudflared.php index 6b08b3de6..b67572b22 100644 --- a/app/Actions/Server/ConfigureCloudflared.php +++ b/app/Actions/Server/ConfigureCloudflared.php @@ -29,7 +29,8 @@ public function handle(Server $server, string $cloudflare_token) $config = Yaml::dump($config, 12, 2); $docker_compose_yml_base64 = base64_encode($config); $commands = collect([ - "mkdir -p /tmp/cloudflared && cd /tmp/cloudflared", + "mkdir -p /tmp/cloudflared", + "cd /tmp/cloudflared", "echo '$docker_compose_yml_base64' | base64 -d > docker-compose.yml", "docker compose pull", "docker compose down -v --remove-orphans > /dev/null 2>&1", diff --git a/app/Livewire/Server/Proxy/Deploy.php b/app/Livewire/Server/Proxy/Deploy.php index 8a029e6a1..82925c396 100644 --- a/app/Livewire/Server/Proxy/Deploy.php +++ b/app/Livewire/Server/Proxy/Deploy.php @@ -23,7 +23,8 @@ public function getListeners() 'proxyStatusUpdated', 'traefikDashboardAvailable', 'serverRefresh' => 'proxyStatusUpdated', - "checkProxy", "startProxy" + "checkProxy", + "startProxy" ]; } diff --git a/bootstrap/helpers/remoteProcess.php b/bootstrap/helpers/remoteProcess.php index fac4b84f0..85533550b 100644 --- a/bootstrap/helpers/remoteProcess.php +++ b/bootstrap/helpers/remoteProcess.php @@ -33,32 +33,8 @@ function remote_process( $command = $command->toArray(); } if ($server->isNonRoot()) { - $command = collect($command)->map(function ($line) { - if (!str($line)->startSwith('cd')) { - return "sudo $line"; - } - return $line; - })->toArray(); - $command = collect($command)->map(function ($line) use ($server) { - if (Str::startsWith($line, 'sudo mkdir -p')) { - return "$line && sudo chown -R $server->user:$server->user " . Str::after($line, 'sudo mkdir -p') . ' && sudo chmod -R o-rwx ' . Str::after($line, 'sudo mkdir -p'); - } - return $line; - })->toArray(); - $command = collect($command)->map(function ($line) { - if (str($line)->contains('$(') || str($line)->contains('`')) { - return str($line)->replace('$(', '$(sudo ')->replace('`', '`sudo ')->value(); - } - if (str($line)->contains('||')) { - return str($line)->replace('||', '|| sudo ')->value(); - } - if (str($line)->contains('&&')) { - return str($line)->replace('&&', '&& sudo ')->value(); - } - return $line; - })->toArray(); + $command = parseCommandsByLineForSudo(collect($command), $server); } - ray($command); $command_string = implode("\n", $command); if (auth()->user()) { $teams = auth()->user()->teams->pluck('id'); @@ -195,30 +171,7 @@ function instant_remote_process(Collection|array $command, Server $server, bool $command = $command->toArray(); } if ($server->isNonRoot() && !$no_sudo) { - $command = collect($command)->map(function ($line) { - if (!str($line)->startSwith('cd')) { - return "sudo $line"; - } - return $line; - })->toArray(); - $command = collect($command)->map(function ($line) use ($server) { - if (Str::startsWith($line, 'sudo mkdir -p')) { - return "$line && sudo chown -R $server->user:$server->user " . Str::after($line, 'sudo mkdir -p') . ' && sudo chmod -R o-rwx ' . Str::after($line, 'sudo mkdir -p'); - } - return $line; - })->toArray(); - $command = collect($command)->map(function ($line) { - if (str($line)->contains('$(') || str($line)->contains('`')) { - return str($line)->replace('$(', '$(sudo ')->replace('`', '`sudo ')->value(); - } - if (str($line)->contains('||')) { - return str($line)->replace('||', '|| sudo ')->value(); - } - if (str($line)->contains('&&')) { - return str($line)->replace('&&', '&& sudo ')->value(); - } - return $line; - })->toArray(); + $command = parseCommandsByLineForSudo(collect($command), $server); } $command_string = implode("\n", $command); $ssh_command = generateSshCommand($server, $command_string, $no_sudo); diff --git a/bootstrap/helpers/services.php b/bootstrap/helpers/services.php index e6f108223..649e9c320 100644 --- a/bootstrap/helpers/services.php +++ b/bootstrap/helpers/services.php @@ -34,7 +34,7 @@ function getFilesystemVolumesFromServer(ServiceApplication|ServiceDatabase|Appli $fileVolumes = $oneService->fileStorages()->get(); $commands = collect([ "mkdir -p $workdir > /dev/null 2>&1 || true", - "cd " + "cd $workdir" ]); instant_remote_process($commands, $server); foreach ($fileVolumes as $fileVolume) { diff --git a/bootstrap/helpers/shared.php b/bootstrap/helpers/shared.php index 989abd2e7..582674685 100644 --- a/bootstrap/helpers/shared.php +++ b/bootstrap/helpers/shared.php @@ -29,6 +29,7 @@ use Illuminate\Database\UniqueConstraintViolationException; use Illuminate\Mail\Message; use Illuminate\Notifications\Messages\MailMessage; +use Illuminate\Support\Collection; use Illuminate\Support\Facades\Cache; use Illuminate\Support\Facades\File; use Illuminate\Support\Facades\Http; @@ -1949,3 +1950,32 @@ function check_domain_usage(ServiceApplication|Application|null $resource = null } } } + +function parseCommandsByLineForSudo(Collection $commands, Server $server): array { + $commands = $commands->map(function ($line) { + if (!str($line)->startSwith('cd') && !str($line)->startSwith('command')) { + return "sudo $line"; + } + return $line; + }); + $commands = $commands->map(function ($line) use ($server) { + if (Str::startsWith($line, 'sudo mkdir -p')) { + return "$line && sudo chown -R $server->user:$server->user " . Str::after($line, 'sudo mkdir -p') . ' && sudo chmod -R o-rwx ' . Str::after($line, 'sudo mkdir -p'); + } + return $line; + }); + $commands = $commands->map(function ($line) { + if (str($line)->contains('$(') || str($line)->contains('`')) { + return str($line)->replace('$(', '$(sudo ')->replace('`', '`sudo ')->value(); + } + if (str($line)->contains('||')) { + return str($line)->replace('||', '|| sudo ')->value(); + } + if (str($line)->contains('&&')) { + return str($line)->replace('&&', '&& sudo ')->value(); + } + return $line; + }); + + return $commands->toArray(); +} diff --git a/resources/views/livewire/server/new/by-ip.blade.php b/resources/views/livewire/server/new/by-ip.blade.php index 989283a3e..0639c929d 100644 --- a/resources/views/livewire/server/new/by-ip.blade.php +++ b/resources/views/livewire/server/new/by-ip.blade.php @@ -10,7 +10,9 @@
- {{-- --}} + @if (isDev()) + + @endif
@@ -29,8 +31,7 @@

Swarm (experimental)

Read the docs here.
+ href='https://coolify.io/docs/knowledge-base/docker/swarm' target='_blank'>here.
@if ($is_swarm_worker || $is_build_server) @endif - @if ($is_swarm_manager|| $is_build_server) + @if ($is_swarm_manager || $is_build_server) diff --git a/resources/views/livewire/server/proxy/deploy.blade.php b/resources/views/livewire/server/proxy/deploy.blade.php index 6fcdfd9ad..1f00a7b48 100644 --- a/resources/views/livewire/server/proxy/deploy.blade.php +++ b/resources/views/livewire/server/proxy/deploy.blade.php @@ -48,7 +48,7 @@ @else -