From feacedbb0427ace0154fca5d58e009931aeb2779 Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Tue, 9 Sep 2025 11:10:38 +0200 Subject: [PATCH] refactor(file-transfer): replace base64 encoding with direct file transfer method in various components for improved clarity and efficiency --- app/Jobs/ApplicationDeploymentJob.php | 4 +- app/Livewire/Project/Database/Import.php | 8 +++- .../Server/Proxy/NewDynamicConfiguration.php | 5 +-- app/Models/Application.php | 43 ++++++++----------- app/Models/LocalFileVolume.php | 7 +-- app/Models/Server.php | 13 ++---- bootstrap/helpers/docker.php | 4 +- bootstrap/helpers/services.php | 3 +- 8 files changed, 36 insertions(+), 51 deletions(-) diff --git a/app/Jobs/ApplicationDeploymentJob.php b/app/Jobs/ApplicationDeploymentJob.php index d77adebb9..6059cb99a 100644 --- a/app/Jobs/ApplicationDeploymentJob.php +++ b/app/Jobs/ApplicationDeploymentJob.php @@ -1424,12 +1424,10 @@ class ApplicationDeploymentJob implements ShouldBeEncrypted, ShouldQueue } $private_key = data_get($this->application, 'private_key.private_key'); if ($private_key) { - $private_key = base64_encode($private_key); $this->execute_remote_command([ executeInDocker($this->deployment_uuid, 'mkdir -p /root/.ssh'), ]); - $key_content = base64_decode($private_key); - transfer_file_to_container($key_content, '/root/.ssh/id_rsa', $this->deployment_uuid, $this->server); + transfer_file_to_container($private_key, '/root/.ssh/id_rsa', $this->deployment_uuid, $this->server); $this->execute_remote_command( [ executeInDocker($this->deployment_uuid, 'chmod 600 /root/.ssh/id_rsa'), diff --git a/app/Livewire/Project/Database/Import.php b/app/Livewire/Project/Database/Import.php index 3f974f63d..706c6c0cd 100644 --- a/app/Livewire/Project/Database/Import.php +++ b/app/Livewire/Project/Database/Import.php @@ -232,8 +232,12 @@ EOD; break; } - $restoreCommandBase64 = base64_encode($restoreCommand); - $this->importCommands[] = "echo \"{$restoreCommandBase64}\" | base64 -d > {$scriptPath}"; + $this->importCommands[] = [ + 'transfer_file' => [ + 'content' => $restoreCommand, + 'destination' => $scriptPath, + ], + ]; $this->importCommands[] = "chmod +x {$scriptPath}"; $this->importCommands[] = "docker cp {$scriptPath} {$this->container}:{$scriptPath}"; diff --git a/app/Livewire/Server/Proxy/NewDynamicConfiguration.php b/app/Livewire/Server/Proxy/NewDynamicConfiguration.php index eb2db1cbb..b564e208b 100644 --- a/app/Livewire/Server/Proxy/NewDynamicConfiguration.php +++ b/app/Livewire/Server/Proxy/NewDynamicConfiguration.php @@ -78,10 +78,7 @@ class NewDynamicConfiguration extends Component $yaml = Yaml::dump($yaml, 10, 2); $this->value = $yaml; } - $base64_value = base64_encode($this->value); - instant_remote_process([ - "echo '{$base64_value}' | base64 -d | tee {$file} > /dev/null", - ], $this->server); + transfer_file_to_server($this->value, $file, $this->server); if ($proxy_type === 'CADDY') { $this->server->reloadCaddy(); } diff --git a/app/Models/Application.php b/app/Models/Application.php index 378161602..1fd8c5175 100644 --- a/app/Models/Application.php +++ b/app/Models/Application.php @@ -1075,26 +1075,20 @@ class Application extends BaseModel if (is_null($private_key)) { throw new RuntimeException('Private key not found. Please add a private key to the application and try again.'); } - $private_key = base64_encode($private_key); $base_comamnd = "GIT_SSH_COMMAND=\"ssh -o ConnectTimeout=30 -p {$customPort} -o Port={$customPort} -o LogLevel=ERROR -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i /root/.ssh/id_rsa\" {$base_command} {$customRepository}"; - if ($exec_in_docker) { - $commands = collect([ - executeInDocker($deployment_uuid, 'mkdir -p /root/.ssh'), - executeInDocker($deployment_uuid, "echo '{$private_key}' | base64 -d | tee /root/.ssh/id_rsa > /dev/null"), - executeInDocker($deployment_uuid, 'chmod 600 /root/.ssh/id_rsa'), - ]); - } else { - $commands = collect([ - 'mkdir -p /root/.ssh', - "echo '{$private_key}' | base64 -d | tee /root/.ssh/id_rsa > /dev/null", - 'chmod 600 /root/.ssh/id_rsa', - ]); - } + $commands = collect([]); if ($exec_in_docker) { + $commands->push(executeInDocker($deployment_uuid, 'mkdir -p /root/.ssh')); + // SSH key transfer handled by ApplicationDeploymentJob, assume key is already in container + $commands->push(executeInDocker($deployment_uuid, 'chmod 600 /root/.ssh/id_rsa')); $commands->push(executeInDocker($deployment_uuid, $base_comamnd)); } else { + $server = $this->destination->server; + $commands->push('mkdir -p /root/.ssh'); + transfer_file_to_server($private_key, '/root/.ssh/id_rsa', $server); + $commands->push('chmod 600 /root/.ssh/id_rsa'); $commands->push($base_comamnd); } @@ -1220,7 +1214,6 @@ class Application extends BaseModel if (is_null($private_key)) { throw new RuntimeException('Private key not found. Please add a private key to the application and try again.'); } - $private_key = base64_encode($private_key); $escapedCustomRepository = escapeshellarg($customRepository); $git_clone_command_base = "GIT_SSH_COMMAND=\"ssh -o ConnectTimeout=30 -p {$customPort} -o Port={$customPort} -o LogLevel=ERROR -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i /root/.ssh/id_rsa\" {$git_clone_command} {$escapedCustomRepository} {$escapedBaseDir}"; if ($only_checkout) { @@ -1228,18 +1221,18 @@ class Application extends BaseModel } else { $git_clone_command = $this->setGitImportSettings($deployment_uuid, $git_clone_command_base); } + + $commands = collect([]); + if ($exec_in_docker) { - $commands = collect([ - executeInDocker($deployment_uuid, 'mkdir -p /root/.ssh'), - executeInDocker($deployment_uuid, "echo '{$private_key}' | base64 -d | tee /root/.ssh/id_rsa > /dev/null"), - executeInDocker($deployment_uuid, 'chmod 600 /root/.ssh/id_rsa'), - ]); + $commands->push(executeInDocker($deployment_uuid, 'mkdir -p /root/.ssh')); + // SSH key transfer handled by ApplicationDeploymentJob, assume key is already in container + $commands->push(executeInDocker($deployment_uuid, 'chmod 600 /root/.ssh/id_rsa')); } else { - $commands = collect([ - 'mkdir -p /root/.ssh', - "echo '{$private_key}' | base64 -d | tee /root/.ssh/id_rsa > /dev/null", - 'chmod 600 /root/.ssh/id_rsa', - ]); + $server = $this->destination->server; + $commands->push('mkdir -p /root/.ssh'); + transfer_file_to_server($private_key, '/root/.ssh/id_rsa', $server); + $commands->push('chmod 600 /root/.ssh/id_rsa'); } if ($pull_request_id !== 0) { if ($git_type === 'gitlab') { diff --git a/app/Models/LocalFileVolume.php b/app/Models/LocalFileVolume.php index b3e71d75d..b19b6aa42 100644 --- a/app/Models/LocalFileVolume.php +++ b/app/Models/LocalFileVolume.php @@ -159,8 +159,7 @@ class LocalFileVolume extends BaseModel $chmod = data_get($this, 'chmod'); $chown = data_get($this, 'chown'); if ($content) { - $content = base64_encode($content); - $commands->push("echo '$content' | base64 -d | tee $path > /dev/null"); + transfer_file_to_server($content, $path, $server); } else { $commands->push("touch $path"); } @@ -175,7 +174,9 @@ class LocalFileVolume extends BaseModel $commands->push("mkdir -p $path > /dev/null 2>&1 || true"); } - return instant_remote_process($commands, $server); + if ($commands->count() > 0) { + return instant_remote_process($commands, $server); + } } // Accessor for convenient access diff --git a/app/Models/Server.php b/app/Models/Server.php index 0fba5da4b..b417cea49 100644 --- a/app/Models/Server.php +++ b/app/Models/Server.php @@ -309,10 +309,7 @@ class Server extends BaseModel $conf = Yaml::dump($dynamic_conf, 12, 2); } $conf = $banner.$conf; - $base64 = base64_encode($conf); - instant_remote_process([ - "echo '$base64' | base64 -d | tee $default_redirect_file > /dev/null", - ], $this); + transfer_file_to_server($conf, $default_redirect_file, $this); } if ($proxy_type === 'CADDY') { @@ -446,11 +443,10 @@ class Server extends BaseModel "# Do not edit it manually (only if you know what are you doing).\n\n". $yaml; - $base64 = base64_encode($yaml); instant_remote_process([ "mkdir -p $dynamic_config_path", - "echo '$base64' | base64 -d | tee $file > /dev/null", ], $this); + transfer_file_to_server($yaml, $file, $this); } } elseif ($this->proxyType() === 'CADDY') { $file = "$dynamic_config_path/coolify.caddy"; @@ -473,10 +469,7 @@ $schema://$host { } reverse_proxy coolify:8080 }"; - $base64 = base64_encode($caddy_file); - instant_remote_process([ - "echo '$base64' | base64 -d | tee $file > /dev/null", - ], $this); + transfer_file_to_server($caddy_file, $file, $this); $this->reloadCaddy(); } } diff --git a/bootstrap/helpers/docker.php b/bootstrap/helpers/docker.php index f61abc806..5cfddc599 100644 --- a/bootstrap/helpers/docker.php +++ b/bootstrap/helpers/docker.php @@ -1069,9 +1069,9 @@ function validateComposeFile(string $compose, int $server_id): string|Throwable } } } - $base64_compose = base64_encode(Yaml::dump($yaml_compose)); + $compose_content = Yaml::dump($yaml_compose); + transfer_file_to_server($compose_content, "/tmp/{$uuid}.yml", $server); instant_remote_process([ - "echo {$base64_compose} | base64 -d | tee /tmp/{$uuid}.yml > /dev/null", "chmod 600 /tmp/{$uuid}.yml", "docker compose -f /tmp/{$uuid}.yml config --no-interpolate --no-path-resolution -q", "rm /tmp/{$uuid}.yml", diff --git a/bootstrap/helpers/services.php b/bootstrap/helpers/services.php index cf12a28a5..7b53c538e 100644 --- a/bootstrap/helpers/services.php +++ b/bootstrap/helpers/services.php @@ -69,12 +69,11 @@ function getFilesystemVolumesFromServer(ServiceApplication|ServiceDatabase|Appli $fileVolume->content = $content; $fileVolume->is_directory = false; $fileVolume->save(); - $content = base64_encode($content); $dir = str($fileLocation)->dirname(); instant_remote_process([ "mkdir -p $dir", - "echo '$content' | base64 -d | tee $fileLocation", ], $server); + transfer_file_to_server($content, $fileLocation, $server); } elseif ($isFile === 'NOK' && $isDir === 'NOK' && $fileVolume->is_directory && $isInit) { // Does not exists (no dir or file), flagged as directory, is init $fileVolume->content = null;