mirror of
https://github.com/fosrl/pangolin.git
synced 2025-08-19 08:48:34 +02:00
http only works, and added redirect middleware
This commit is contained in:
Milo Schwartz
parent
4a5bd7e18a
commit
5c80f026bc
4 changed files with 29 additions and 20 deletions
7
Makefile
7
Makefile
|
|
@ -1,8 +1,11 @@
|
||||||
|
|
||||||
all: build push
|
all: build push
|
||||||
|
|
||||||
build:
|
build-arm:
|
||||||
docker build -t fossorial/pangolin:latest .
|
docker buildx build --platform linux/arm64 -t fossorial/pangolin:latest .
|
||||||
|
|
||||||
|
build-x86:
|
||||||
|
docker buildx build --platform linux/amd64 -t fossorial/pangolin:latest .
|
||||||
|
|
||||||
push:
|
push:
|
||||||
docker push fossorial/pangolin:latest
|
docker push fossorial/pangolin:latest
|
||||||
|
|
|
||||||
|
|
@ -29,7 +29,6 @@ const environmentSchema = z.object({
|
||||||
http_entrypoint: z.string(),
|
http_entrypoint: z.string(),
|
||||||
https_entrypoint: z.string().optional(),
|
https_entrypoint: z.string().optional(),
|
||||||
cert_resolver: z.string().optional(),
|
cert_resolver: z.string().optional(),
|
||||||
prefer_wildcard_cert: z.boolean().optional(),
|
|
||||||
}),
|
}),
|
||||||
gerbil: z.object({
|
gerbil: z.object({
|
||||||
start_port: portSchema,
|
start_port: portSchema,
|
||||||
|
|
|
||||||
|
|
@ -1,7 +1,6 @@
|
||||||
import { Request, Response } from "express";
|
import { Request, Response } from "express";
|
||||||
import db from "@server/db";
|
import db from "@server/db";
|
||||||
import * as schema from "@server/db/schema";
|
import * as schema from "@server/db/schema";
|
||||||
import { DynamicTraefikConfig } from "./configSchema";
|
|
||||||
import { and, eq, isNotNull } from "drizzle-orm";
|
import { and, eq, isNotNull } from "drizzle-orm";
|
||||||
import logger from "@server/logger";
|
import logger from "@server/logger";
|
||||||
import HttpCode from "@server/types/HttpCode";
|
import HttpCode from "@server/types/HttpCode";
|
||||||
|
|
@ -27,32 +26,25 @@ export async function traefikConfigProvider(
|
||||||
);
|
);
|
||||||
|
|
||||||
if (!all.length) {
|
if (!all.length) {
|
||||||
return { http: {} } as DynamicTraefikConfig;
|
return res.status(HttpCode.OK).json({});
|
||||||
}
|
}
|
||||||
|
|
||||||
const middlewareName = "badger";
|
const badgerMiddlewareName = "badger";
|
||||||
|
const redirectMiddlewareName = "redirect-to-https";
|
||||||
|
|
||||||
const baseDomain = new URL(config.app.base_url).hostname;
|
// const baseDomain = new URL(config.app.base_url).hostname;
|
||||||
|
|
||||||
const tls = {
|
const tls = {
|
||||||
certResolver: config.traefik.cert_resolver,
|
certResolver: config.traefik.cert_resolver,
|
||||||
...(config.traefik.prefer_wildcard_cert
|
|
||||||
? {
|
|
||||||
domains: {
|
|
||||||
main: baseDomain,
|
|
||||||
sans: [`*.${baseDomain}`],
|
|
||||||
},
|
|
||||||
}
|
|
||||||
: {}),
|
|
||||||
};
|
};
|
||||||
|
|
||||||
const http: any = {
|
const http: any = {
|
||||||
routers: {},
|
routers: {},
|
||||||
services: {},
|
services: {},
|
||||||
middlewares: {
|
middlewares: {
|
||||||
[middlewareName]: {
|
[badgerMiddlewareName]: {
|
||||||
plugin: {
|
plugin: {
|
||||||
[middlewareName]: {
|
[badgerMiddlewareName]: {
|
||||||
apiBaseUrl: new URL(
|
apiBaseUrl: new URL(
|
||||||
"/api/v1",
|
"/api/v1",
|
||||||
`http://${config.server.internal_hostname}:${config.server.internal_port}`
|
`http://${config.server.internal_hostname}:${config.server.internal_port}`
|
||||||
|
|
@ -61,6 +53,12 @@ export async function traefikConfigProvider(
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
[redirectMiddlewareName]: {
|
||||||
|
redirectScheme: {
|
||||||
|
scheme: "https",
|
||||||
|
permanent: true,
|
||||||
|
},
|
||||||
|
},
|
||||||
},
|
},
|
||||||
};
|
};
|
||||||
for (const item of all) {
|
for (const item of all) {
|
||||||
|
|
@ -76,12 +74,22 @@ export async function traefikConfigProvider(
|
||||||
? config.traefik.https_entrypoint
|
? config.traefik.https_entrypoint
|
||||||
: config.traefik.http_entrypoint,
|
: config.traefik.http_entrypoint,
|
||||||
],
|
],
|
||||||
middlewares: [middlewareName],
|
middlewares: target.ssl ? [badgerMiddlewareName] : [],
|
||||||
service: serviceName,
|
service: serviceName,
|
||||||
rule: `Host(\`${resource.fullDomain}\`)`,
|
rule: `Host(\`${resource.fullDomain}\`)`,
|
||||||
...(target.ssl ? { tls } : {}),
|
...(target.ssl ? { tls } : {}),
|
||||||
};
|
};
|
||||||
|
|
||||||
|
if (target.ssl) {
|
||||||
|
// this is a redirect router; all it does is redirect to the https version if tls is enabled
|
||||||
|
http.routers![routerName + "-redirect"] = {
|
||||||
|
entryPoints: [config.traefik.http_entrypoint],
|
||||||
|
middlewares: [redirectMiddlewareName],
|
||||||
|
service: serviceName,
|
||||||
|
rule: `Host(\`${resource.fullDomain}\`)`,
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
||||||
http.services![serviceName] = {
|
http.services![serviceName] = {
|
||||||
loadBalancer: {
|
loadBalancer: {
|
||||||
servers: [
|
servers: [
|
||||||
|
|
|
||||||
|
|
@ -28,7 +28,6 @@ export default async function Page(props: {
|
||||||
if (res && res.data.data.orgs) {
|
if (res && res.data.data.orgs) {
|
||||||
orgs = res.data.data.orgs;
|
orgs = res.data.data.orgs;
|
||||||
}
|
}
|
||||||
|
|
||||||
} catch (e) {
|
} catch (e) {
|
||||||
console.error(e);
|
console.error(e);
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue