https proxy + redirects

This commit is contained in:
Andras Bacsai 2023-05-23 12:52:14 +02:00
parent c89ea2a1f0
commit c526e383b4
8 changed files with 60 additions and 32 deletions

View File

@ -28,10 +28,8 @@ class General extends Component
public bool $is_git_lfs_allowed; public bool $is_git_lfs_allowed;
public bool $is_debug; public bool $is_debug;
public bool $is_previews; public bool $is_previews;
public bool $is_custom_ssl;
public bool $is_http2;
public bool $is_auto_deploy; public bool $is_auto_deploy;
public bool $is_dual_cert; public bool $is_force_https;
protected $rules = [ protected $rules = [
'application.name' => 'required|min:6', 'application.name' => 'required|min:6',
@ -57,10 +55,8 @@ public function instantSave()
$this->application->settings->is_git_lfs_allowed = $this->is_git_lfs_allowed; $this->application->settings->is_git_lfs_allowed = $this->is_git_lfs_allowed;
$this->application->settings->is_debug = $this->is_debug; $this->application->settings->is_debug = $this->is_debug;
$this->application->settings->is_previews = $this->is_previews; $this->application->settings->is_previews = $this->is_previews;
$this->application->settings->is_custom_ssl = $this->is_custom_ssl;
$this->application->settings->is_http2 = $this->is_http2;
$this->application->settings->is_auto_deploy = $this->is_auto_deploy; $this->application->settings->is_auto_deploy = $this->is_auto_deploy;
$this->application->settings->is_dual_cert = $this->is_dual_cert; $this->application->settings->is_force_https = $this->is_force_https;
$this->application->settings->save(); $this->application->settings->save();
$this->application->refresh(); $this->application->refresh();
$this->emit('saved', 'Application settings updated!'); $this->emit('saved', 'Application settings updated!');
@ -80,10 +76,8 @@ public function mount()
$this->is_git_lfs_allowed = $this->application->settings->is_git_lfs_allowed; $this->is_git_lfs_allowed = $this->application->settings->is_git_lfs_allowed;
$this->is_debug = $this->application->settings->is_debug; $this->is_debug = $this->application->settings->is_debug;
$this->is_previews = $this->application->settings->is_previews; $this->is_previews = $this->application->settings->is_previews;
$this->is_custom_ssl = $this->application->settings->is_custom_ssl;
$this->is_http2 = $this->application->settings->is_http2;
$this->is_auto_deploy = $this->application->settings->is_auto_deploy; $this->is_auto_deploy = $this->application->settings->is_auto_deploy;
$this->is_dual_cert = $this->application->settings->is_dual_cert; $this->is_force_https = $this->application->settings->is_force_https;
$this->checkWildCardDomain(); $this->checkWildCardDomain();
} }
public function generateGlobalRandomDomain() public function generateGlobalRandomDomain()

View File

@ -48,7 +48,6 @@ public function __construct(
public string $application_uuid, public string $application_uuid,
public bool $force_rebuild = false, public bool $force_rebuild = false,
) { ) {
$this->application = Application::query() $this->application = Application::query()
->where('uuid', $this->application_uuid) ->where('uuid', $this->application_uuid)
->firstOrFail(); ->firstOrFail();
@ -388,14 +387,34 @@ private function set_labels_for_applications()
$url = Url::fromString($domain); $url = Url::fromString($domain);
$host = $url->getHost(); $host = $url->getHost();
$path = $url->getPath(); $path = $url->getPath();
$slug = Str::slug($url); $schema = $url->getScheme();
$label_id = "{$this->application->uuid}-{$slug}"; $slug = Str::slug($host . $path);
if ($path === '/') {
$labels[] = "traefik.http.routers.{$label_id}.rule=Host(`{$host}`) && PathPrefix(`{$path}`)"; $http_label = "{$this->application->uuid}-{$slug}-http";
} else { $https_label = "{$this->application->uuid}-{$slug}-https";
$labels[] = "traefik.http.routers.{$label_id}.rule=Host(`{$host}`) && PathPrefix(`{$path}`)";
$labels[] = "traefik.http.routers.{$label_id}.middlewares={$label_id}-stripprefix"; // Set labels for http
$labels[] = "traefik.http.middlewares.{$label_id}-stripprefix.stripprefix.prefixes={$path}"; $labels[] = "traefik.http.routers.{$http_label}.rule=Host(`{$host}`) && PathPrefix(`{$path}`)";
$labels[] = "traefik.http.routers.{$http_label}.middlewares=gzip";
if ($path !== '/') {
$labels[] = "traefik.http.routers.{$http_label}.middlewares={$http_label}-stripprefix";
$labels[] = "traefik.http.middlewares.{$http_label}-stripprefix.stripprefix.prefixes={$path}";
}
// Set labels for https
if ($schema === 'https') {
$labels[] = "traefik.http.routers.{$https_label}.rule=Host(`{$host}`) && PathPrefix(`{$path}`)";
$labels[] = "traefik.http.routers.{$https_label}.middlewares=gzip";
if ($path !== '/') {
$labels[] = "traefik.http.routers.{$https_label}.middlewares={$https_label}-stripprefix";
$labels[] = "traefik.http.middlewares.{$https_label}-stripprefix.stripprefix.prefixes={$path}";
}
$labels[] = "traefik.http.routers.{$https_label}.tls=true";
$labels[] = "traefik.http.routers.{$https_label}.tls.certresolver=letsencrypt";
if ($this->application->settings->is_force_https) {
$labels[] = "traefik.http.routers.{$http_label}.middlewares=redirect-to-https";
}
} }
} }
} }

View File

@ -260,7 +260,7 @@ function checkContainerStatus(Server $server, string $container_id, bool $throwE
if (!function_exists('getProxyConfiguration')) { if (!function_exists('getProxyConfiguration')) {
function getProxyConfiguration(Server $server) function getProxyConfiguration(Server $server)
{ {
$proxy_config_path = config('coolify.proxy_config_path'); $proxy_path = config('coolify.proxy_config_path');
$networks = collect($server->standaloneDockers)->map(function ($docker) { $networks = collect($server->standaloneDockers)->map(function ($docker) {
return $docker['network']; return $docker['network'];
})->unique(); })->unique();
@ -273,18 +273,18 @@ function getProxyConfiguration(Server $server)
"external" => true, "external" => true,
]; ];
}); });
return Yaml::dump([ $config = [
"version" => "3.8", "version" => "3.8",
"networks" => $array_of_networks->toArray(), "networks" => $array_of_networks->toArray(),
"services" => [ "services" => [
"traefik" => [ "traefik" => [
"container_name" => "coolify-proxy", # Do not modify this! You will break everything! "container_name" => "coolify-proxy",
"image" => "traefik:v2.10", "image" => "traefik:v2.10",
"restart" => "always", "restart" => "always",
"extra_hosts" => [ "extra_hosts" => [
"host.docker.internal:host-gateway", "host.docker.internal:host-gateway",
], ],
"networks" => $networks->toArray(), # Do not modify this! You will break everything! "networks" => $networks->toArray(),
"ports" => [ "ports" => [
"80:80", "80:80",
"443:443", "443:443",
@ -292,8 +292,7 @@ function getProxyConfiguration(Server $server)
], ],
"volumes" => [ "volumes" => [
"/var/run/docker.sock:/var/run/docker.sock:ro", "/var/run/docker.sock:/var/run/docker.sock:ro",
"{$proxy_config_path}/letsencrypt:/letsencrypt", # Do not modify this! You will break everything! "{$proxy_path}:/traefik",
"{$proxy_config_path}/traefik.auth:/auth/traefik.auth", # Do not modify this! You will break everything!
], ],
"command" => [ "command" => [
"--api.dashboard=true", "--api.dashboard=true",
@ -302,17 +301,28 @@ function getProxyConfiguration(Server $server)
"--entrypoints.https.address=:443", "--entrypoints.https.address=:443",
"--providers.docker=true", "--providers.docker=true",
"--providers.docker.exposedbydefault=false", "--providers.docker.exposedbydefault=false",
"--providers.file.directory=/traefik/dynamic-conf/",
"--providers.file.watch=true",
"--certificatesresolvers.letsencrypt.acme.httpchallenge=true",
"--certificatesresolvers.letsencrypt.acme.storage=/traefik/acme.json",
"--certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=http",
], ],
"labels" => [ "labels" => [
"traefik.enable=true", # Do not modify this! You will break everything! "traefik.enable=true",
"traefik.http.routers.traefik.entrypoints=http", "traefik.http.routers.traefik.entrypoints=http",
'traefik.http.routers.traefik.rule=Host(`${TRAEFIK_DASHBOARD_HOST}`)', 'traefik.http.routers.traefik.rule=Host(`${TRAEFIK_DASHBOARD_HOST}`)',
"traefik.http.routers.traefik.middlewares=traefik-basic-auth@file",
"traefik.http.routers.traefik.service=api@internal", "traefik.http.routers.traefik.service=api@internal",
"traefik.http.services.traefik.loadbalancer.server.port=8080", "traefik.http.services.traefik.loadbalancer.server.port=8080",
"traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https", "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https",
"traefik.http.middlewares.gzip.compress=true",
], ],
], ],
], ],
], 4, 2); ];
if (config('app.env') === 'local') {
$config['services']['traefik']['command'][] = "--log.level=debug";
}
return Yaml::dump($config, 4, 2);
} }
} }

View File

@ -26,7 +26,6 @@ public function up(): void
$table->boolean('is_auto_update_enabled')->default(true); $table->boolean('is_auto_update_enabled')->default(true);
// $table->boolean('is_dns_check_enabled')->default(true); // $table->boolean('is_dns_check_enabled')->default(true);
$table->boolean('is_registration_enabled')->default(true); $table->boolean('is_registration_enabled')->default(true);
$table->boolean('is_https_forced')->default(true);
$table->timestamps(); $table->timestamps();
}); });
} }

View File

@ -17,11 +17,12 @@ public function up(): void
$table->boolean('is_git_submodules_allowed')->default(true); $table->boolean('is_git_submodules_allowed')->default(true);
$table->boolean('is_git_lfs_allowed')->default(true); $table->boolean('is_git_lfs_allowed')->default(true);
$table->boolean('is_auto_deploy')->default(true); $table->boolean('is_auto_deploy')->default(true);
$table->boolean('is_dual_cert')->default(false); $table->boolean('is_force_https')->default(true);
// $table->boolean('is_dual_cert')->default(false);
$table->boolean('is_debug')->default(false); $table->boolean('is_debug')->default(false);
$table->boolean('is_previews')->default(false); $table->boolean('is_previews')->default(false);
$table->boolean('is_custom_ssl')->default(false); // $table->boolean('is_custom_ssl')->default(false);
$table->boolean('is_http2')->default(false); // $table->boolean('is_http2')->default(false);
$table->foreignId('application_id'); $table->foreignId('application_id');
$table->timestamps(); $table->timestamps();
}); });

View File

@ -14,7 +14,6 @@ public function run(): void
{ {
InstanceSettings::create([ InstanceSettings::create([
'id' => 0, 'id' => 0,
'is_https_forced' => false,
'is_registration_enabled' => true, 'is_registration_enabled' => true,
]); ]);
} }

View File

@ -9,11 +9,14 @@ class="flex items-center justify-center h-full text-white normal-case rounded-no
<ul tabindex="0" <ul tabindex="0"
class="text-xs text-white normal-case rounded min-w-max dropdown-content menu bg-coolgray-200"> class="text-xs text-white normal-case rounded min-w-max dropdown-content menu bg-coolgray-200">
<li> <li>
<div wire:click='stop'>Stop</div> <div wire:click='start'>Restart</div>
</li> </li>
<li> <li>
<div wire:click='forceRebuild'>Force deploy without cache</div> <div wire:click='forceRebuild'>Force deploy without cache</div>
</li> </li>
<li>
<div class="hover:bg-red-500" wire:click='stop'>Stop</div>
</li>
</ul> </ul>
</div> </div>
@else @else

View File

@ -68,6 +68,9 @@
<div class="flex flex-col"> <div class="flex flex-col">
<x-inputs.checkbox helper="More logs will be visible during a deployment." instantSave id="is_debug" <x-inputs.checkbox helper="More logs will be visible during a deployment." instantSave id="is_debug"
label="Debug" /> label="Debug" />
<x-inputs.checkbox
helper="Your application will be available only on https if your domain starts with https://..."
instantSave id="is_force_https" label="Force Https" />
<x-inputs.checkbox helper="Automatically deploy new commits based on Git webhooks." instantSave <x-inputs.checkbox helper="Automatically deploy new commits based on Git webhooks." instantSave
id="is_auto_deploy" label="Auto Deploy?" /> id="is_auto_deploy" label="Auto Deploy?" />
{{-- <x-inputs.checkbox helper="Preview deployments" instantSave id="is_previews" label="Previews?" /> --}} {{-- <x-inputs.checkbox helper="Preview deployments" instantSave id="is_previews" label="Previews?" /> --}}