From f59387dbaeea95bd3ff1477664d477997474fc76 Mon Sep 17 00:00:00 2001 From: Arnie Date: Wed, 18 Apr 2018 07:01:49 +0200 Subject: [PATCH] Add caddy proxy --- dev-proxy/Dockerfile | 27 ++++++++++ dev-proxy/Makefile | 18 +++++++ dev-proxy/run.sh | 45 ++++++++++++++++ dev-proxy/src/Dockerfile | 54 +++++++++++++++++++ dev-proxy/src/Procfile | 2 + dev-proxy/src/docker-entrypoint.sh | 10 ++++ .../src/docker-gen/config/docker-gen.cfg | 6 +++ .../src/docker-gen/templates/Caddyfile.tmpl | 47 ++++++++++++++++ 8 files changed, 209 insertions(+) create mode 100644 dev-proxy/Dockerfile create mode 100644 dev-proxy/Makefile create mode 100755 dev-proxy/run.sh create mode 100644 dev-proxy/src/Dockerfile create mode 100644 dev-proxy/src/Procfile create mode 100644 dev-proxy/src/docker-entrypoint.sh create mode 100644 dev-proxy/src/docker-gen/config/docker-gen.cfg create mode 100644 dev-proxy/src/docker-gen/templates/Caddyfile.tmpl diff --git a/dev-proxy/Dockerfile b/dev-proxy/Dockerfile new file mode 100644 index 0000000..9000eaa --- /dev/null +++ b/dev-proxy/Dockerfile @@ -0,0 +1,27 @@ +ARG IMAGE_NAME +ARG IMAGE_VERSION +FROM ${IMAGE_NAME}:${IMAGE_VERSION} + +RUN apk update && apk upgrade && \ + apk add curl vim && \ + rm -rf /var/cache/apk/* + +RUN mkdir -p /tmp/caddy \ + && curl -sL -o /tmp/caddy/caddy_linux_amd64.tar.gz "https://caddyserver.com/download/linux/amd64?license=personal" \ + && tar -zxf /tmp/caddy/caddy_linux_amd64.tar.gz -C /tmp/caddy \ + && mv /tmp/caddy/caddy /usr/bin/ \ + && chmod +x /usr/bin/caddy \ + && rm -rf /tmp/caddy + +ENV DOCKER_GEN_VERSION 0.7.4 +ENV CADDY_OPTIONS "" + +RUN curl -sL -o docker-gen-linux-amd64-$DOCKER_GEN_VERSION.tar.gz https://github.com/jwilder/docker-gen/releases/download/$DOCKER_GEN_VERSION/docker-gen-linux-amd64-$DOCKER_GEN_VERSION.tar.gz \ + && tar -C /usr/local/bin -xvzf docker-gen-linux-amd64-$DOCKER_GEN_VERSION.tar.gz \ + && rm /docker-gen-linux-amd64-$DOCKER_GEN_VERSION.tar.gz + +RUN printf ":80\nproxy / caddyserver.com" > /etc/Caddyfile + +ADD etc /etc + +ENV DOCKER_HOST unix:///tmp/docker.sock diff --git a/dev-proxy/Makefile b/dev-proxy/Makefile new file mode 100644 index 0000000..3fe1afa --- /dev/null +++ b/dev-proxy/Makefile @@ -0,0 +1,18 @@ +DOCKER_REGISTRY = dr.ys-dev.cz +DOCKER_PUBLIC_REGISTRY = yoursystemcz +APP_NAME = dev-proxy + + + +all: build release + + +build: + docker build -t $(DOCKER_REGISTRY)/$(APP_NAME):latest --build-arg "IMAGE_NAME=nimmis/alpine" --build-arg "IMAGE_VERSION=3.6" ./src + +tag: + docker tag $(DOCKER_REGISTRY)/$(APP_NAME):latest $(DOCKER_PUBLIC_REGISTRY)/$(APP_NAME):latest + +release: tag + docker push $(DOCKER_REGISTRY)/$(APP_NAME):latest + docker push $(DOCKER_PUBLIC_REGISTRY)/$(APP_NAME):latest diff --git a/dev-proxy/run.sh b/dev-proxy/run.sh new file mode 100755 index 0000000..80f3569 --- /dev/null +++ b/dev-proxy/run.sh @@ -0,0 +1,45 @@ +#!/usr/bin/env bash + +SCRIPT_PATH=$( cd "$(dirname "$0")" ; pwd -P ) + +IMAGE_NAME="yoursystemcz/dev-proxy" +IMAGE_VERSION="latest" + +SERVICE_NAME=dev-proxy + + +source ${SCRIPT_PATH}/../common.shinc + + +# +# Project specific variables +# + +source ${SCRIPT_PATH}/env.shinc 2> /dev/null + +init() { +# docker pull ${IMAGE_NAME}:${IMAGE_VERSION} || return $? + + NETWORKS=(${PROXY_NETWORK}) + __createNetworks + + docker create \ + --name ${SERVICE_NAME} \ + -v /var/run/docker.sock:/tmp/docker.sock:ro \ + -v dev-proxy:/root/.caddy \ + --restart=unless-stopped \ + -p 80:80 \ + -p 443:443 \ + -p 2015:2015 \ + --net ${PROXY_NETWORK} \ + ${IMAGE_NAME}:${IMAGE_VERSION} + + [[ $? -ne 0 ]] && return 1 + + __ask_to_start +} + + +"$@" + +exit $? diff --git a/dev-proxy/src/Dockerfile b/dev-proxy/src/Dockerfile new file mode 100644 index 0000000..45998ef --- /dev/null +++ b/dev-proxy/src/Dockerfile @@ -0,0 +1,54 @@ +FROM alpine:3.6 + +LABEL maintainer="Nikita Sobolev " + +ARG CADDY_VERSION="0.10.10" +ARG FOREGO_VERSION="0.16.1" +ARG DOCKER_GEN_VERSION="0.7.3" + +ENV CADDYPATH="/etc/caddy" +ENV DOCKER_HOST unix:///tmp/docker.sock + + +# Install wget and install/updates certificates + +RUN apk update && apk upgrade \ + && apk add --no-cache bash openssh-client git \ + && apk add --no-cache --virtual .build-dependencies curl wget tar + + +# Install Forego + +RUN wget --quiet "https://github.com/jwilder/forego/releases/download/v${FOREGO_VERSION}/forego" \ + && mv ./forego /usr/bin/forego \ + && chmod u+x /usr/bin/forego + + +# Install docker-gen + +RUN wget --quiet "https://github.com/jwilder/docker-gen/releases/download/$DOCKER_GEN_VERSION/docker-gen-alpine-linux-amd64-$DOCKER_GEN_VERSION.tar.gz" \ + && tar -C /usr/bin -xvzf "docker-gen-alpine-linux-amd64-$DOCKER_GEN_VERSION.tar.gz" \ + && rm "/docker-gen-alpine-linux-amd64-$DOCKER_GEN_VERSION.tar.gz" + + + # Install Caddy + +RUN curl --silent --show-error --fail --location \ + --header "Accept: application/tar+gzip, application/x-gzip, application/octet-stream" -o - \ + "https://github.com/mholt/caddy/releases/download/v${CADDY_VERSION}/caddy_v${CADDY_VERSION}_linux_amd64.tar.gz" \ + | tar --no-same-owner -C /usr/bin -xz \ + && chmod 0755 /usr/bin/caddy \ + && /usr/bin/caddy -version \ + && apk del .build-dependencies + +EXPOSE 80 443 2015 +VOLUME /etc/caddy + + +# Starting app: + +ADD . /code +WORKDIR /code + +ENTRYPOINT ["sh", "/code/docker-entrypoint.sh"] +CMD ["/usr/bin/forego", "start", "-r"] diff --git a/dev-proxy/src/Procfile b/dev-proxy/src/Procfile new file mode 100644 index 0000000..20e2131 --- /dev/null +++ b/dev-proxy/src/Procfile @@ -0,0 +1,2 @@ +dockergen: docker-gen -watch -notify "pkill -USR1 caddy" -config /code/docker-gen/config/docker-gen.cfg +caddy: caddy --conf /etc/caddy/Caddyfile --log stdout \ No newline at end of file diff --git a/dev-proxy/src/docker-entrypoint.sh b/dev-proxy/src/docker-entrypoint.sh new file mode 100644 index 0000000..565dff0 --- /dev/null +++ b/dev-proxy/src/docker-entrypoint.sh @@ -0,0 +1,10 @@ +#!/bin/sh + +set -o errexit +set -o nounset + +# Create initial configuration: +docker-gen /code/docker-gen/templates/Caddyfile.tmpl /etc/caddy/Caddyfile + +# Execute passed command: +exec "$@" diff --git a/dev-proxy/src/docker-gen/config/docker-gen.cfg b/dev-proxy/src/docker-gen/config/docker-gen.cfg new file mode 100644 index 0000000..5b6d4ee --- /dev/null +++ b/dev-proxy/src/docker-gen/config/docker-gen.cfg @@ -0,0 +1,6 @@ +[[config]] +template = "/code/docker-gen/templates/Caddyfile.tmpl" +dest = "/etc/caddy/Caddyfile" +onlyexposed = false +watch = true +wait = "500ms:2s" diff --git a/dev-proxy/src/docker-gen/templates/Caddyfile.tmpl b/dev-proxy/src/docker-gen/templates/Caddyfile.tmpl new file mode 100644 index 0000000..739b391 --- /dev/null +++ b/dev-proxy/src/docker-gen/templates/Caddyfile.tmpl @@ -0,0 +1,47 @@ +{{ $CurrentContainer := where $ "ID" .Docker.CurrentContainerID | first }} + +{{ $hosts := groupByMulti $ "Env.VIRTUAL_HOST" "," }} + +{{ if not $hosts }} + +127.0.0.1:2015 +log stdout +errors stderr + +{{ else }} + + {{ range $host, $containers := $hosts }} + {{ $c := first $containers }} + {{ $tlsOff := trim (index $c.Env "VIRTUAL_DISABLE_TLS") }} + {{ $port := coalesce $c.Env.VIRTUAL_PORT "80" }} + +http://{{ $host }}, https://{{ $host }} { + tls self_signed + + proxy / { + policy round_robin + transparent + header_upstream Host {host} + header_upstream X-Real-IP {remote} + header_upstream X-Forwarded-For {remote} + header_upstream X-Forwarded-Proto {scheme} + {{ range $i, $container := $containers }} + {{ $addrLen := len $container.Addresses }} + {{ range $knownNetwork := $CurrentContainer.Networks }} + {{ range $containerNetwork := $container.Networks }} + {{ if (and (and (ne $containerNetwork.Name "ingress") (ne $containerNetwork.Name "bridge")) (or (eq $knownNetwork.Name $containerNetwork.Name) (eq $knownNetwork.Name "host"))) }} + ## Can be connected with "{{ $containerNetwork.Name }}" network + upstream {{ $containerNetwork.IP }}:{{ $port }} + {{ end }} + {{ end }} + {{ end }} + {{ end }} + } + + gzip + log stdout + errors stderr +} + {{ end }} + +{{ end }}