fix: remote traefik webhook

2022-07-22 20:23:16 +00:00
parent c0e513127d
commit bb2864a83f
8 changed files with 339 additions and 20 deletions
--- a/apps/api/src/jobs/checkProxies.ts
+++ b/apps/api/src/jobs/checkProxies.ts
@@ -1,6 +1,6 @@
 import { parentPort } from 'node:worker_threads';
-import { prisma, startTraefikTCPProxy, generateDatabaseConfiguration, startTraefikProxy, asyncExecShell, executeDockerCmd } from '../lib/common';
-import { checkContainer, getEngine } from '../lib/docker';
+import { prisma, startTraefikTCPProxy, generateDatabaseConfiguration, startTraefikProxy, executeDockerCmd } from '../lib/common';
+import { checkContainer } from '../lib/docker';

 (async () => {
    if (parentPort) {
--- a/apps/api/src/lib/buildPacks/common.ts
+++ b/apps/api/src/lib/buildPacks/common.ts
@@ -1,8 +1,7 @@
-import { asyncExecShell, base64Encode, executeDockerCmd, generateTimestamp, getDomain, isDev, prisma, version } from "../common";
-import { scheduler } from "../scheduler";
+import {  base64Encode, executeDockerCmd, generateTimestamp, getDomain, isDev, prisma, version } from "../common";
 import { promises as fs } from 'fs';
 import { day } from "../dayjs";
-import { spawn } from 'node:child_process'
+
 const staticApps = ['static', 'react', 'vuejs', 'svelte', 'gatsby', 'astro', 'eleventy'];
 const nodeBased = [
 	'react',
--- a/apps/api/src/lib/common.ts
+++ b/apps/api/src/lib/common.ts
@@ -505,7 +505,7 @@ export async function executeDockerCmd({ dockerId, command }: { dockerId: string
 	);
 }
 export async function startTraefikProxy(id: string): Promise<void> {
-	const { engine, network, remoteEngine } = await prisma.destinationDocker.findUnique({ where: { id } })
+	const { engine, network, remoteEngine, remoteIpAddress } = await prisma.destinationDocker.findUnique({ where: { id } })

 	const found = await checkContainer({ dockerId: id, container: 'coolify-proxy', remove: true });
 	const { id: settingsId } = await listSettings();
@@ -513,6 +513,17 @@ export async function startTraefikProxy(id: string): Promise<void> {
 	if (!found) {
 		const { stdout: Config } = await executeDockerCmd({ dockerId: id, command: `docker network inspect ${network} --format '{{json .IPAM.Config }}'` })
 		const ip = JSON.parse(Config)[0].Gateway;
+		const { publicIp } = await import('public-ip')
+		let traefikUrl = mainTraefikEndpoint
+		if (remoteEngine) {
+			let ip = null
+			if (isDev) {
+				ip = getAPIUrl()
+			} else {
+				ip = `http://${await publicIp({ timeout: 2000 })}`
+			}
+			traefikUrl = `${ip}/webhooks/traefik/remote/${id}`
+		}
 		await executeDockerCmd({
 			dockerId: id,
 			command: `docker run --restart always \
@@ -531,7 +542,7 @@ export async function startTraefikProxy(id: string): Promise<void> {
 			--entrypoints.websecure.forwardedHeaders.insecure=true \
 			--providers.docker=true \
 			--providers.docker.exposedbydefault=false \
-			--providers.http.endpoint=${mainTraefikEndpoint} \
+			--providers.http.endpoint=${traefikUrl} \
 			--providers.http.pollTimeout=5s \
 			--certificatesresolvers.letsencrypt.acme.httpchallenge=true \
 			--certificatesresolvers.letsencrypt.acme.storage=/etc/traefik/acme/acme.json \
@@ -544,21 +555,32 @@ export async function startTraefikProxy(id: string): Promise<void> {
 			data: { isCoolifyProxyUsed: true }
 		});
 	}
-	if (!remoteEngine) await configureNetworkTraefikProxy(engine, id);
+	// Configure networks for local docker engine
+	if (engine) {
+		const destinations = await prisma.destinationDocker.findMany({ where: { engine } });
+		for (const destination of destinations) {
+			await configureNetworkTraefikProxy(destination);
+		}
+	}
+	// Configure networks for remote docker engine
+	if (remoteEngine) {
+		const destinations = await prisma.destinationDocker.findMany({ where: { remoteIpAddress } });
+		for (const destination of destinations) {
+			await configureNetworkTraefikProxy(destination);
+		}
+	}
 }

-export async function configureNetworkTraefikProxy(engine: string, id: string): Promise<void> {
-	const destinations = await prisma.destinationDocker.findMany({ where: { engine } });
+export async function configureNetworkTraefikProxy(destination: any): Promise<void> {
+	const { id } = destination
 	const { stdout: networks } = await executeDockerCmd({
 		dockerId: id,
 		command:
 			`docker ps -a --filter name=coolify-proxy --format '{{json .Networks}}'`
 	});
 	const configuredNetworks = networks.replace(/"/g, '').replace('\n', '').split(',');
-	for (const destination of destinations) {
-		if (!configuredNetworks.includes(destination.network)) {
-			await executeDockerCmd({ dockerId: destination.id, command: `docker network connect ${destination.network} coolify-proxy` })
-		}
+	if (!configuredNetworks.includes(destination.network)) {
+		await executeDockerCmd({ dockerId: destination.id, command: `docker network connect ${destination.network} coolify-proxy` })
 	}
 }

@@ -1529,7 +1551,7 @@ export function convertTolOldVolumeNames(type) {
 // export async function getAvailableServices(): Promise<any> {
 // 	const { data } = await axios.get(`https://gist.githubusercontent.com/andrasbacsai/4aac36d8d6214dbfc34fa78110554a50/raw/5b27e6c37d78aaeedc1148d797112c827a2f43cf/availableServices.json`)
 // 	return data
-// }
+// 
 export async function cleanupDockerStorage(dockerId, lowDiskSpace, force) {
 	// Cleanup old coolify images
 	try {
--- a/apps/api/src/lib/docker.ts
+++ b/apps/api/src/lib/docker.ts
@@ -1,4 +1,4 @@
-import { asyncExecShell, executeDockerCmd } from './common';
+import { executeDockerCmd } from './common';
 import Dockerode from 'dockerode';
 export function getEngine(engine: string): string {
 	return engine === '/var/run/docker.sock' ? 'unix:///var/run/docker.sock' : engine;
--- a/apps/api/src/routes/webhooks/traefik/handlers.ts
+++ b/apps/api/src/routes/webhooks/traefik/handlers.ts
@@ -1,5 +1,5 @@
 import { FastifyRequest } from "fastify";
-import { asyncExecShell, errorHandler, getDomain, isDev, listServicesWithIncludes, prisma, supportedServiceTypesAndVersions } from "../../../lib/common";
+import { asyncExecShell, errorHandler, getDomain, isDev, listServicesWithIncludes, prisma, supportedServiceTypesAndVersions, include } from "../../../lib/common";
 import { getEngine } from "../../../lib/docker";
 import { TraefikOtherConfiguration } from "./types";

@@ -167,6 +167,7 @@ export async function traefikConfiguration(request, reply) {
 			}
 		};
 		const applications = await prisma.application.findMany({
+			where: { destinationDocker: { remoteEngine: false } },
 			include: { destinationDocker: true, settings: true }
 		});
 		const data = {
@@ -235,7 +236,11 @@ export async function traefikConfiguration(request, reply) {
 				}
 			}
 		}
-		const services = await listServicesWithIncludes();
+		const services: any = await prisma.service.findMany({
+			where: { destinationDocker: { remoteEngine: false } },
+			include,
+			orderBy: { createdAt: 'desc' },
+		});

 		for (const service of services) {
 			const {
@@ -487,4 +492,239 @@ export async function traefikOtherConfiguration(request: FastifyRequest<TraefikO
 		console.log(status, message);
 		return errorHandler({ status, message })
 	}
+}
+
+export async function remoteTraefikConfiguration(request: FastifyRequest) {
+	const { id } = request.params
+	try {
+		const traefik = {
+			http: {
+				routers: {},
+				services: {},
+				middlewares: {
+					'redirect-to-https': {
+						redirectscheme: {
+							scheme: 'https'
+						}
+					},
+					'redirect-to-http': {
+						redirectscheme: {
+							scheme: 'http'
+						}
+					},
+					'redirect-to-non-www': {
+						redirectregex: {
+							regex: '^https?://www\\.(.+)',
+							replacement: 'http://${1}'
+						}
+					},
+					'redirect-to-www': {
+						redirectregex: {
+							regex: '^https?://(?:www\\.)?(.+)',
+							replacement: 'http://www.${1}'
+						}
+					}
+				}
+			}
+		};
+		const applications = await prisma.application.findMany({
+			where: { destinationDocker: { id } },
+			include: { destinationDocker: true, settings: true }
+		});
+		const data = {
+			applications: [],
+			services: [],
+			coolify: []
+		};
+		for (const application of applications) {
+			const {
+				fqdn,
+				id,
+				port,
+				destinationDocker,
+				destinationDockerId,
+				settings: { previews, dualCerts }
+			} = application;
+			if (destinationDockerId) {
+				const { engine, network } = destinationDocker;
+				const isRunning = true;
+				if (fqdn) {
+					const domain = getDomain(fqdn);
+					const nakedDomain = domain.replace(/^www\./, '');
+					const isHttps = fqdn.startsWith('https://');
+					const isWWW = fqdn.includes('www.');
+					if (isRunning) {
+						data.applications.push({
+							id,
+							container: id,
+							port: port || 3000,
+							domain,
+							nakedDomain,
+							isRunning,
+							isHttps,
+							isWWW,
+							isDualCerts: dualCerts
+						});
+					}
+					if (previews) {
+						const host = getEngine(engine);
+						const { stdout } = await asyncExecShell(
+							`DOCKER_HOST=${host} docker container ls --filter="status=running" --filter="network=${network}" --filter="name=${id}-" --format="{{json .Names}}"`
+						);
+						const containers = stdout
+							.trim()
+							.split('\n')
+							.filter((a) => a)
+							.map((c) => c.replace(/"/g, ''));
+						if (containers.length > 0) {
+							for (const container of containers) {
+								const previewDomain = `${container.split('-')[1]}.${domain}`;
+								const nakedDomain = previewDomain.replace(/^www\./, '');
+								data.applications.push({
+									id: container,
+									container,
+									port: port || 3000,
+									domain: previewDomain,
+									isRunning,
+									nakedDomain,
+									isHttps,
+									isWWW,
+									isDualCerts: dualCerts
+								});
+							}
+						}
+					}
+				}
+			}
+		}
+		const services: any = await prisma.service.findMany({
+			where: { destinationDocker: { id } },
+			include,
+			orderBy: { createdAt: 'desc' }
+		});
+
+		for (const service of services) {
+			const {
+				fqdn,
+				id,
+				type,
+				destinationDocker,
+				destinationDockerId,
+				dualCerts,
+				plausibleAnalytics
+			} = service;
+			if (destinationDockerId) {
+				const { engine } = destinationDocker;
+				const found = supportedServiceTypesAndVersions.find((a) => a.name === type);
+				if (found) {
+					const port = found.ports.main;
+					const publicPort = service[type]?.publicPort;
+					const isRunning = true;
+					if (fqdn) {
+						const domain = getDomain(fqdn);
+						const nakedDomain = domain.replace(/^www\./, '');
+						const isHttps = fqdn.startsWith('https://');
+						const isWWW = fqdn.includes('www.');
+						if (isRunning) {
+							// Plausible Analytics custom script
+							let scriptName = false;
+							if (type === 'plausibleanalytics' && plausibleAnalytics.scriptName !== 'plausible.js') {
+								scriptName = plausibleAnalytics.scriptName;
+							}
+
+							let container = id;
+							let otherDomain = null;
+							let otherNakedDomain = null;
+							let otherIsHttps = null;
+							let otherIsWWW = null;
+
+							if (type === 'minio' && service.minio.apiFqdn) {
+								otherDomain = getDomain(service.minio.apiFqdn);
+								otherNakedDomain = otherDomain.replace(/^www\./, '');
+								otherIsHttps = service.minio.apiFqdn.startsWith('https://');
+								otherIsWWW = service.minio.apiFqdn.includes('www.');
+							}
+							data.services.push({
+								id,
+								container,
+								type,
+								otherDomain,
+								otherNakedDomain,
+								otherIsHttps,
+								otherIsWWW,
+								port,
+								publicPort,
+								domain,
+								nakedDomain,
+								isRunning,
+								isHttps,
+								isWWW,
+								isDualCerts: dualCerts,
+								scriptName
+							});
+						}
+					}
+				}
+			}
+		}
+
+		const { fqdn, dualCerts } = await prisma.setting.findFirst();
+		if (fqdn) {
+			const domain = getDomain(fqdn);
+			const nakedDomain = domain.replace(/^www\./, '');
+			const isHttps = fqdn.startsWith('https://');
+			const isWWW = fqdn.includes('www.');
+			data.coolify.push({
+				id: isDev ? 'host.docker.internal' : 'coolify',
+				container: isDev ? 'host.docker.internal' : 'coolify',
+				port: 3000,
+				domain,
+				nakedDomain,
+				isHttps,
+				isWWW,
+				isDualCerts: dualCerts
+			});
+		}
+		for (const application of data.applications) {
+			configureMiddleware(application, traefik);
+		}
+		for (const service of data.services) {
+			const { id, scriptName } = service;
+
+			configureMiddleware(service, traefik);
+			if (service.type === 'minio') {
+				service.id = id + '-minio';
+				service.container = id;
+				service.domain = service.otherDomain;
+				service.nakedDomain = service.otherNakedDomain;
+				service.isHttps = service.otherIsHttps;
+				service.isWWW = service.otherIsWWW;
+				service.port = 9000;
+				configureMiddleware(service, traefik);
+			}
+
+			if (scriptName) {
+				traefik.http.middlewares[`${id}-redir`] = {
+					replacepathregex: {
+						regex: `/js/${scriptName}`,
+						replacement: '/js/plausible.js'
+					}
+				};
+			}
+		}
+		for (const coolify of data.coolify) {
+			configureMiddleware(coolify, traefik);
+		}
+		if (Object.keys(traefik.http.routers).length === 0) {
+			traefik.http.routers = null;
+		}
+		if (Object.keys(traefik.http.services).length === 0) {
+			traefik.http.services = null;
+		}
+		return {
+			...traefik
+		}
+	} catch ({ status, message }) {
+		return errorHandler({ status, message })
+	}
 }
--- a/apps/api/src/routes/webhooks/traefik/index.ts
+++ b/apps/api/src/routes/webhooks/traefik/index.ts
@@ -1,10 +1,12 @@
 import { FastifyPluginAsync } from 'fastify';
-import { traefikConfiguration, traefikOtherConfiguration } from './handlers';
+import { remoteTraefikConfiguration, traefikConfiguration, traefikOtherConfiguration } from './handlers';
 import { TraefikOtherConfiguration } from './types';

 const root: FastifyPluginAsync = async (fastify): Promise<void> => {
    fastify.get('/main.json', async (request, reply) => traefikConfiguration(request, reply));
    fastify.get<TraefikOtherConfiguration>('/other.json', async (request, reply) => traefikOtherConfiguration(request));
+
+    fastify.get('/remote/:id', async (request) => remoteTraefikConfiguration(request));
 };

 export default root;