From 65fcaa17d9a981606464247e89076368db6b483f Mon Sep 17 00:00:00 2001 From: Andras Bacsai Date: Mon, 4 Mar 2024 11:41:02 +0100 Subject: [PATCH 1/8] Update exception in PreventRequestsDuringMaintenance middleware and version numbers --- app/Http/Middleware/PreventRequestsDuringMaintenance.php | 1 + config/sentry.php | 2 +- config/version.php | 2 +- versions.json | 2 +- 4 files changed, 4 insertions(+), 3 deletions(-) diff --git a/app/Http/Middleware/PreventRequestsDuringMaintenance.php b/app/Http/Middleware/PreventRequestsDuringMaintenance.php index eec6b5358..e7d2b99fe 100644 --- a/app/Http/Middleware/PreventRequestsDuringMaintenance.php +++ b/app/Http/Middleware/PreventRequestsDuringMaintenance.php @@ -13,5 +13,6 @@ class PreventRequestsDuringMaintenance extends Middleware */ protected $except = [ 'webhooks/*', + '/api/health' ]; } diff --git a/config/sentry.php b/config/sentry.php index 13331bc77..a0645087e 100644 --- a/config/sentry.php +++ b/config/sentry.php @@ -7,7 +7,7 @@ return [ // The release version of your application // Example with dynamic git hash: trim(exec('git --git-dir ' . base_path('.git') . ' log --pretty="%h" -n1 HEAD')) - 'release' => '4.0.0-beta.233', + 'release' => '4.0.0-beta.234', // When left empty or `null` the Laravel environment will be used 'environment' => config('app.env'), diff --git a/config/version.php b/config/version.php index 7aab683f5..10cf972a7 100644 --- a/config/version.php +++ b/config/version.php @@ -1,3 +1,3 @@ Date: Mon, 4 Mar 2024 12:17:33 +0100 Subject: [PATCH 2/8] Add scheduled task for database cleanup if not in cloud environment --- app/Console/Kernel.php | 54 +++++++++++++++++++++++------------------- 1 file changed, 29 insertions(+), 25 deletions(-) diff --git a/app/Console/Kernel.php b/app/Console/Kernel.php index e92c602cf..4ff1d8020 100644 --- a/app/Console/Kernel.php +++ b/app/Console/Kernel.php @@ -47,6 +47,10 @@ class Kernel extends ConsoleKernel $this->check_resources($schedule); $this->pull_helper_image($schedule); $this->check_scheduled_tasks($schedule); + + if (!isCloud()) { + $schedule->command('cleanup:database --yes')->daily(); + } } } private function pull_helper_image($schedule) @@ -68,35 +72,35 @@ class Kernel extends ConsoleKernel $containerServers = $servers->where('settings.is_swarm_worker', false)->where('settings.is_build_server', false); } foreach ($containerServers as $server) { - $schedule->job(new ContainerStatusJob($server))->everyMinute()->onOneServer(); - // $schedule - // ->call(function () use ($server) { - // $randomSeconds = rand(1, 40); - // $job = new ContainerStatusJob($server); - // $job->delay($randomSeconds); - // ray('dispatching container status job in ' . $randomSeconds . ' seconds'); - // dispatch($job); - // })->name('container-status-' . $server->id)->everyMinute()->onOneServer(); + // $schedule->job(new ContainerStatusJob($server))->everyMinute()->onOneServer(); + $schedule + ->call(function () use ($server) { + $randomSeconds = rand(1, 40); + $job = new ContainerStatusJob($server); + $job->delay($randomSeconds); + ray('dispatching container status job in ' . $randomSeconds . ' seconds'); + dispatch($job); + })->name('container-status-' . $server->id)->everyMinute()->onOneServer(); if ($server->isLogDrainEnabled()) { - $schedule->job(new CheckLogDrainContainerJob($server))->everyMinute()->onOneServer(); - // $schedule - // ->call(function () use ($server) { - // $randomSeconds = rand(1, 40); - // $job = new CheckLogDrainContainerJob($server); - // $job->delay($randomSeconds); - // dispatch($job); - // })->name('log-drain-container-check-' . $server->id)->everyMinute()->onOneServer(); + // $schedule->job(new CheckLogDrainContainerJob($server))->everyMinute()->onOneServer(); + $schedule + ->call(function () use ($server) { + $randomSeconds = rand(1, 40); + $job = new CheckLogDrainContainerJob($server); + $job->delay($randomSeconds); + dispatch($job); + })->name('log-drain-container-check-' . $server->id)->everyMinute()->onOneServer(); } } foreach ($servers as $server) { - $schedule->job(new ServerStatusJob($server))->everyMinute()->onOneServer(); - // $schedule - // ->call(function () use ($server) { - // $randomSeconds = rand(1, 40); - // $job = new ServerStatusJob($server); - // $job->delay($randomSeconds); - // dispatch($job); - // })->name('server-status-job-' . $server->id)->everyMinute()->onOneServer(); + // $schedule->job(new ServerStatusJob($server))->everyMinute()->onOneServer(); + $schedule + ->call(function () use ($server) { + $randomSeconds = rand(1, 40); + $job = new ServerStatusJob($server); + $job->delay($randomSeconds); + dispatch($job); + })->name('server-status-job-' . $server->id)->everyMinute()->onOneServer(); } } private function instance_auto_update($schedule) From f1e7b870aac09276b10f9c6544653c85e7dac9ff Mon Sep 17 00:00:00 2001 From: Andras Bacsai Date: Mon, 4 Mar 2024 12:30:32 +0100 Subject: [PATCH 3/8] Add TOTP_VAULT_KEY environment variable to Plausible service --- templates/compose/plausible.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/templates/compose/plausible.yaml b/templates/compose/plausible.yaml index a08324b0b..40fd78e52 100644 --- a/templates/compose/plausible.yaml +++ b/templates/compose/plausible.yaml @@ -12,6 +12,7 @@ services: - DATABASE_URL=postgres://postgres:$SERVICE_PASSWORD_POSTGRES@plausible_db/plausible - BASE_URL=$SERVICE_FQDN_PLAUSIBLE - SECRET_KEY_BASE=$SERVICE_BASE64_64_PLAUSIBLE + - TOTP_VAULT_KEY=$SERVICE_BASE64_TOTP depends_on: - plausible_db - plausible_events_db From 53cd3091f7e5a173dbceda727b32aa375edad01a Mon Sep 17 00:00:00 2001 From: Andras Bacsai Date: Mon, 4 Mar 2024 12:46:33 +0100 Subject: [PATCH 4/8] Add Directus service fields to extraFields method --- app/Models/Service.php | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/app/Models/Service.php b/app/Models/Service.php index e8b0c97f0..3e6d2b9db 100644 --- a/app/Models/Service.php +++ b/app/Models/Service.php @@ -102,6 +102,32 @@ class Service extends BaseModel foreach ($applications as $application) { $image = str($application->image)->before(':')->value(); switch ($image) { + case str($image)?->contains('directus'): + $data = collect([]); + $admin_email = $this->environment_variables()->where('key', 'ADMIN_EMAIL')->first(); + $admin_password = $this->environment_variables()->where('key', 'SERVICE_PASSWORD_ADMIN')->first(); + + if ($admin_email) { + $data = $data->merge([ + 'Admin Email' => [ + 'key' => data_get($admin_email, 'key'), + 'value' => data_get($admin_email, 'value'), + 'rules' => 'required|email', + ], + ]); + } + if ($admin_password) { + $data = $data->merge([ + 'Admin Password' => [ + 'key' => data_get($admin_password, 'key'), + 'value' => data_get($admin_password, 'value'), + 'rules' => 'required', + 'isPassword' => true, + ], + ]); + } + $fields->put('Directus', $data); + break; case str($image)?->contains('kong'): $data = collect([]); $dashboard_user = $this->environment_variables()->where('key', 'SERVICE_USER_ADMIN')->first(); From d106d4bd4e6f6dd1e223409be5a0069c28889465 Mon Sep 17 00:00:00 2001 From: Andras Bacsai Date: Mon, 4 Mar 2024 12:46:37 +0100 Subject: [PATCH 5/8] Refactor generateEnvValue function to use base64 encoding for certain cases --- bootstrap/helpers/shared.php | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/bootstrap/helpers/shared.php b/bootstrap/helpers/shared.php index 9bb2c164a..6e050a9b4 100644 --- a/bootstrap/helpers/shared.php +++ b/bootstrap/helpers/shared.php @@ -1598,13 +1598,14 @@ function generateEnvValue(string $command, ?Service $service = null) $generatedValue = Str::password(length: 64, symbols: false); break; case 'BASE64_64': - $generatedValue = Str::random(64); + $generatedValue = base64_encode(Str::random(64)); break; case 'BASE64_128': - $generatedValue = Str::random(128); + $generatedValue = base64_encode(Str::random(128)); break; case 'BASE64': - $generatedValue = Str::random(32); + case 'BASE64_32': + $generatedValue = base64_encode(Str::random(32)); break; case 'USER': $generatedValue = Str::random(16); From 96c6a198d75dffe6710e9910ac0f0afe695db0ef Mon Sep 17 00:00:00 2001 From: Andras Bacsai Date: Mon, 4 Mar 2024 12:50:56 +0100 Subject: [PATCH 6/8] Fix base64 encoding for TOTP_VAULT_KEY --- bootstrap/helpers/shared.php | 20 ++++++++++++++++---- templates/compose/plausible.yaml | 2 +- 2 files changed, 17 insertions(+), 5 deletions(-) diff --git a/bootstrap/helpers/shared.php b/bootstrap/helpers/shared.php index 6e050a9b4..621251d36 100644 --- a/bootstrap/helpers/shared.php +++ b/bootstrap/helpers/shared.php @@ -1054,8 +1054,8 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal serviceLabels: $serviceLabels, is_gzip_enabled: $savedService->isGzipEnabled(), is_stripprefix_enabled: $savedService->isStripprefixEnabled(), - service_name: $serviceName)); - + service_name: $serviceName + )); } } if ($resource->server->isLogDrainEnabled() && $savedService->isLogDrainEnabled()) { @@ -1597,14 +1597,26 @@ function generateEnvValue(string $command, ?Service $service = null) case 'PASSWORD_64': $generatedValue = Str::password(length: 64, symbols: false); break; + // This is not base64, it's just a random string case 'BASE64_64': - $generatedValue = base64_encode(Str::random(64)); + $generatedValue = Str::random(64); break; case 'BASE64_128': - $generatedValue = base64_encode(Str::random(128)); + $generatedValue = Str::random(128); break; case 'BASE64': case 'BASE64_32': + $generatedValue = Str::random(32); + break; + // This is base64, + case 'REALBASE64_64': + $generatedValue = base64_encode(Str::random(64)); + break; + case 'REALBASE64_128': + $generatedValue = base64_encode(Str::random(128)); + break; + case 'REALBASE64': + case 'REALBASE64_32': $generatedValue = base64_encode(Str::random(32)); break; case 'USER': diff --git a/templates/compose/plausible.yaml b/templates/compose/plausible.yaml index 40fd78e52..7c4b449ba 100644 --- a/templates/compose/plausible.yaml +++ b/templates/compose/plausible.yaml @@ -12,7 +12,7 @@ services: - DATABASE_URL=postgres://postgres:$SERVICE_PASSWORD_POSTGRES@plausible_db/plausible - BASE_URL=$SERVICE_FQDN_PLAUSIBLE - SECRET_KEY_BASE=$SERVICE_BASE64_64_PLAUSIBLE - - TOTP_VAULT_KEY=$SERVICE_BASE64_TOTP + - TOTP_VAULT_KEY=$SERVICE_REALBASE64_TOTP depends_on: - plausible_db - plausible_events_db From 57fa2709da78ffaff12152f950aa16ec46512ae3 Mon Sep 17 00:00:00 2001 From: Andras Bacsai Date: Mon, 4 Mar 2024 13:34:20 +0100 Subject: [PATCH 7/8] Add font preloading and DNS prefetching --- resources/views/layouts/base.blade.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/resources/views/layouts/base.blade.php b/resources/views/layouts/base.blade.php index 675c0d0af..93573fe72 100644 --- a/resources/views/layouts/base.blade.php +++ b/resources/views/layouts/base.blade.php @@ -5,6 +5,9 @@ + + + Coolify From b5ab9a8da6dd03957a3c1057bd73ecb762aebdef Mon Sep 17 00:00:00 2001 From: Andras Bacsai Date: Mon, 4 Mar 2024 13:39:34 +0100 Subject: [PATCH 8/8] Add custom docker run options for application --- .../views/livewire/project/application/general.blade.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/resources/views/livewire/project/application/general.blade.php b/resources/views/livewire/project/application/general.blade.php index 26fdd935b..5410156ee 100644 --- a/resources/views/livewire/project/application/general.blade.php +++ b/resources/views/livewire/project/application/general.blade.php @@ -209,7 +209,11 @@ placeholder="--cap-add SYS_ADMIN --device=/dev/fuse --security-opt apparmor:unconfined --ulimit nofile=1024:1024 --tmpfs /run:rw,noexec,nosuid,size=65536k" id="application.custom_docker_run_options" label="Custom Docker Options" /> @endif - + @else + @endif @if ($application->build_pack === 'dockercompose') Reload Compose File