dave/coolify
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

Merge pull request #3543 from peaklabs-dev/cf-production-ready

Browse Source 
Feat: Make cloudflare production ready
This commit is contained in:
Andras Bacsai
2024-09-23 21:53:23 +02:00
committed by GitHub
parent 6dd3adba4d 5ed7ae3d3e
commit 12a0d71e47
3 changed files with 19 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files

65
app/Helpers/SshMultiplexingHelper.php
View File

@@ -24,13 +24,9 @@ class SshMultiplexingHelper
public static function ensureMultiplexedConnection(Server $server)
{
if (! self::isMultiplexingEnabled()) {
// ray('SSH Multiplexing: DISABLED')->red();
return;
}
// ray('SSH Multiplexing: ENABLED')->green();
// ray('Ensuring multiplexed connection for server:', $server);
$sshConfig = self::serverSshConfiguration($server);
$muxSocket = $sshConfig['muxFilename'];
$sshKeyLocation = $sshConfig['sshKeyLocation'];
@@ -38,14 +34,13 @@ class SshMultiplexingHelper
self::validateSshKey($sshKeyLocation);
$checkCommand = "ssh -O check -o ControlPath=$muxSocket {$server->user}@{$server->ip}";
if (data_get($server, 'settings.is_cloudflare_tunnel')) {
$checkCommand = 'cloudflared access ssh --hostname %h -O check -o ControlPath=' . $muxSocket . ' ' . $server->user . '@' . $server->ip;
}
$process = Process::run($checkCommand);
if ($process->exitCode() !== 0) {
// ray('SSH Multiplexing: Existing connection check failed or not found')->orange();
// ray('Establishing new connection');
self::establishNewMultiplexedConnection($server);
} else {
// ray('SSH Multiplexing: Existing connection is valid')->green();
}
}
@@ -55,10 +50,6 @@ class SshMultiplexingHelper
$sshKeyLocation = $sshConfig['sshKeyLocation'];
$muxSocket = $sshConfig['muxFilename'];
// ray('Establishing new multiplexed connection')->blue();
// ray('SSH Key Location:', $sshKeyLocation);
// ray('Mux Socket:', $muxSocket);
$connectionTimeout = config('constants.ssh.connection_timeout');
$serverInterval = config('constants.ssh.server_interval');
$muxPersistTime = config('constants.ssh.mux_persist_time');
@@ -67,25 +58,15 @@ class SshMultiplexingHelper
.self::getCommonSshOptions($server, $sshKeyLocation, $connectionTimeout, $serverInterval)
."{$server->user}@{$server->ip}";
// ray('Establish Command:', $establishCommand);
if (data_get($server, 'settings.is_cloudflare_tunnel')) {
$establishCommand = 'cloudflared access ssh --hostname %h -fNM -o ControlMaster=auto -o ControlPath=' . $muxSocket . ' -o ControlPersist=' . $muxPersistTime . ' ' . self::getCommonSshOptions($server, $sshKeyLocation, $connectionTimeout, $serverInterval) . $server->user . '@' . $server->ip;
}
$establishProcess = Process::run($establishCommand);
// ray('Establish Process Exit Code:', $establishProcess->exitCode());
// ray('Establish Process Output:', $establishProcess->output());
// ray('Establish Process Error Output:', $establishProcess->errorOutput());
if ($establishProcess->exitCode() !== 0) {
// ray('Failed to establish multiplexed connection')->red();
throw new \RuntimeException('Failed to establish multiplexed connection: '.$establishProcess->errorOutput());
}
// ray('Successfully established multiplexed connection')->green();
// Check if the mux socket file was created
if (! file_exists($muxSocket)) {
// ray('Mux socket file not found after connection establishment')->orange();
}
}
public static function removeMuxFile(Server $server)
@@ -94,19 +75,10 @@ class SshMultiplexingHelper
$muxSocket = $sshConfig['muxFilename'];
$closeCommand = "ssh -O exit -o ControlPath=$muxSocket {$server->user}@{$server->ip}";
$process = Process::run($closeCommand);
// ray('Closing multiplexed connection')->blue();
// ray('Close command:', $closeCommand);
// ray('Close process exit code:', $process->exitCode());
// ray('Close process output:', $process->output());
// ray('Close process error output:', $process->errorOutput());
if ($process->exitCode() !== 0) {
// ray('Failed to close multiplexed connection')->orange();
} else {
// ray('Successfully closed multiplexed connection')->green();
if (data_get($server, 'settings.is_cloudflare_tunnel')) {
$closeCommand = 'cloudflared access ssh --hostname %h -O exit -o ControlPath=' . $muxSocket . ' ' . $server->user . '@' . $server->ip;
}
Process::run($closeCommand);
}
public static function generateScpCommand(Server $server, string $source, string $dest)
@@ -116,16 +88,18 @@ class SshMultiplexingHelper
$muxSocket = $sshConfig['muxFilename'];
$timeout = config('constants.ssh.command_timeout');
$muxPersistTime = config('constants.ssh.mux_persist_time');
$scp_command = "timeout $timeout scp ";
if (self::isMultiplexingEnabled()) {
$muxPersistTime = config('constants.ssh.mux_persist_time');
$scp_command .= "-o ControlMaster=auto -o ControlPath=$muxSocket -o ControlPersist={$muxPersistTime} ";
self::ensureMultiplexedConnection($server);
}
self::addCloudflareProxyCommand($scp_command, $server);
if (data_get($server, 'settings.is_cloudflare_tunnel')) {
$scp_command = 'timeout ' . $timeout . ' cloudflared access ssh --hostname %h -o ControlMaster=auto -o ControlPath=' . $muxSocket . ' -o ControlPersist=' . $muxPersistTime . ' ';
}
$scp_command .= self::getCommonSshOptions($server, $sshKeyLocation, config('constants.ssh.connection_timeout'), config('constants.ssh.server_interval'), isScp: true);
$scp_command .= "{$source} {$server->user}@{$server->ip}:{$dest}";
@@ -144,16 +118,18 @@ class SshMultiplexingHelper
$muxSocket = $sshConfig['muxFilename'];
$timeout = config('constants.ssh.command_timeout');
$muxPersistTime = config('constants.ssh.mux_persist_time');
$ssh_command = "timeout $timeout ssh ";
if (self::isMultiplexingEnabled()) {
$muxPersistTime = config('constants.ssh.mux_persist_time');
$ssh_command .= "-o ControlMaster=auto -o ControlPath=$muxSocket -o ControlPersist={$muxPersistTime} ";
self::ensureMultiplexedConnection($server);
}
self::addCloudflareProxyCommand($ssh_command, $server);
if (data_get($server, 'settings.is_cloudflare_tunnel')) {
$ssh_command = 'timeout ' . $timeout . ' cloudflared access ssh --hostname %h -o ControlMaster=auto -o ControlPath=' . $muxSocket . ' -o ControlPersist=' . $muxPersistTime . ' ';
}
$ssh_command .= self::getCommonSshOptions($server, $sshKeyLocation, config('constants.ssh.connection_timeout'), config('constants.ssh.server_interval'));
@@ -183,13 +159,6 @@ class SshMultiplexingHelper
}
}
private static function addCloudflareProxyCommand(string &$command, Server $server): void
{
if (data_get($server, 'settings.is_cloudflare_tunnel')) {
$command .= '-o ProxyCommand="/usr/local/bin/cloudflared access ssh --hostname %h" ';
}
}
private static function getCommonSshOptions(Server $server, string $sshKeyLocation, int $connectionTimeout, int $serverInterval, bool $isScp = false): string
{
$options = "-i {$sshKeyLocation} "

2
resources/views/livewire/server/configure-cloudflare-tunnels.blade.php
View File

@@ -1,6 +1,6 @@
<form wire:submit.prevent='submit' class="flex flex-col w-full gap-2">
<x-forms.input id="cloudflare_token" required label="Cloudflare Token" />
<x-forms.input id="ssh_domain" label="Configured SSH Domain" required
helper="The SSH Domain you configured in Cloudflare" />
helper="The SSH Domain you configured in Cloudflare. Make sure there is no protocol like http(s):// so you provide a FQDN not a URL." />
<x-forms.button type="submit" isHighlighted @click="modalOpen=false">Automated Configuration</x-forms.button>
</form>

2
resources/views/livewire/server/form.blade.php
View File

@@ -68,7 +68,7 @@
</div>
<div class="flex flex-col gap-2 w-full lg:flex-row">
<x-forms.input type="password" id="server.ip" label="IP Address/Domain"
helper="An IP Address (127.0.0.1) or domain (example.com)." required />
helper="An IP Address (127.0.0.1) or domain (example.com). Make sure there is no protocol like http(s):// so you provide a FQDN not a URL." required />
<div class="flex gap-2">
<x-forms.input id="server.user" label="User" required />
<x-forms.input type="number" id="server.port" label="Port" required />