From 56e59ae4a0461f47f18565eb009a6aebed519a3c Mon Sep 17 00:00:00 2001 From: Roberto Alsina Date: Thu, 4 Jul 2024 13:10:32 -0300 Subject: [PATCH] Switched to caddy because tinyproxy is too limited --- Caddyfile | 18 ++++++++++++++++++ Dockerfile | 6 +++--- src/daemon/proxyconf.cr | 35 +++++++++++++++++++++-------------- src/daemon/terminal.cr | 4 +--- 4 files changed, 43 insertions(+), 20 deletions(-) create mode 100644 Caddyfile diff --git a/Caddyfile b/Caddyfile new file mode 100644 index 0000000..3e6da54 --- /dev/null +++ b/Caddyfile @@ -0,0 +1,18 @@ + +{ + https_port 8888 + http_port 8887 + local_certs +} + +localhost:8888 { + handle_path /admin/terminal/* { + reverse_proxy /* http://127.0.0.1:7681 + } + handle_path /admin/* { + reverse_proxy /* http://127.0.0.1:3000 + } +} + handle_path /faaso/hello/* { + reverse_proxy /* http://hello-d89veq:3000 + } diff --git a/Dockerfile b/Dockerfile index 374e8f8..6d09e11 100644 --- a/Dockerfile +++ b/Dockerfile @@ -10,7 +10,7 @@ RUN shards build -d --error-trace RUN strip bin/* FROM --platform=${TARGETPLATFORM:-linux/amd64} alpine as ship -RUN apk update && apk add tinyproxy multirun openssl zlib yaml pcre2 gc libevent libgcc libxml2 ttyd && apk cache clean +RUN apk update && apk add caddy multirun openssl zlib yaml pcre2 gc libevent libgcc libxml2 ttyd && apk cache clean # Unprivileged user RUN addgroup -S app && adduser app -S -G app @@ -19,10 +19,10 @@ WORKDIR /home/app RUN mkdir runtimes public COPY runtimes/ runtimes/ COPY public/ public/ -COPY tinyproxy.conf ./ +COPY Caddyfile ./ COPY --from=build /home/app/bin/faaso-daemon /home/app/bin/faaso /usr/bin/ RUN mkdir /secrets RUN echo "sarasa" > /secrets/sarlanga -CMD ["/usr/bin/multirun", "-v", "faaso-daemon", "tinyproxy -d -c tinyproxy.conf"] +CMD ["/usr/bin/multirun", "-v", "faaso-daemon", "caddy run --config Caddyfile"] diff --git a/src/daemon/proxyconf.cr b/src/daemon/proxyconf.cr index 3a4d152..26392e1 100644 --- a/src/daemon/proxyconf.cr +++ b/src/daemon/proxyconf.cr @@ -2,7 +2,7 @@ require "docr" require "kemal" module Proxy - @@current_config = File.read("tinyproxy.conf") + @@current_config = File.read("Caddyfile") # Get current proxy config get "/proxy/" do @@ -30,24 +30,31 @@ module Proxy funkos.sort! config = %( -User nobody -Group nogroup -Port 8888 -Listen 0.0.0.0 -Timeout 600 -Allow 0.0.0.0/0 -ReverseOnly Yes -ReverseMagic Yes -ReversePath "/admin/" "http://127.0.0.1:3000/" -ReversePath "/admin/terminal/" "http://127.0.0.1:7681" - ) + funkos.map { |funko| %(ReversePath "/faaso/#{funko.split("-")[0]}/" "http://#{funko}:3000/") }.join("\n") +{ + https_port 8888 + http_port 8887 + local_certs +} + +localhost:8888 { + handle_path /admin/terminal/* { + reverse_proxy /* http://127.0.0.1:7681 + } + handle_path /admin/* { + reverse_proxy /* http://127.0.0.1:3000 + } +) + funkos.map { |funko| %( + handle_path /faaso/#{funko.split("-")[0]}/* { + reverse_proxy /* http://#{funko}:3000 + } +)}.join("\n") +"}" if @@current_config != config - File.open("tinyproxy.conf", "w") do |file| + File.open("Caddyfile", "w") do |file| file << config end # Reload config - Process.run(command: "/usr/bin/killall", args: ["-USR1", "tinyproxy"]) + Process.run(command: "/usr/bin/killall", args: ["-USR1", "caddy"]) @@current_config = config end config diff --git a/src/daemon/terminal.cr b/src/daemon/terminal.cr index aee1504..3a71f04 100644 --- a/src/daemon/terminal.cr +++ b/src/daemon/terminal.cr @@ -3,7 +3,7 @@ module Terminal @@terminal_process : Process | Nil = nil - def start_terminal(_args = ["bash"], readonly = false) + def start_terminal(_args = ["sh"], readonly = false) args = ["-p", "7681", "-c", "admin:admin", "-o"] args += ["-W"] unless readonly args += _args @@ -16,5 +16,3 @@ module Terminal end end - -Terminal.start_terminal \ No newline at end of file