eightball/all-in-one
1
0
Fork 0
mirror of https://github.com/nextcloud/all-in-one.git synced 2025-12-20 06:26:57 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 10

Merge pull request #70 from nextcloud/enh/noid/allow-reverse-proxies

Browse source 
allow to run this behind a reverse proxy
This commit is contained in:
Simon L 2022-02-28 18:55:03 +01:00 committed by GitHub
commit d1656a0fcb
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
10 changed files with 84 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

2
Containers/apache/Caddyfile
View file

@ -6,7 +6,7 @@
} }
} }
https://{$NC_DOMAIN}:443 { {$PROTOCOL}://{$NC_DOMAIN}:{$APACHE_PORT} {
# Notify Push # Notify Push
route /push/* { route /push/* {

2
Containers/apache/Dockerfile
View file

@ -59,7 +59,7 @@ COPY start.sh /usr/bin/
COPY supervisord.conf / COPY supervisord.conf /
RUN chmod +x /usr/bin/start.sh; \ RUN chmod +x /usr/bin/start.sh; \
chmod +r /supervisord.conf; \ chmod +r /supervisord.conf; \
chmod +r /Caddyfile; chmod +w /Caddyfile;
# Give root a random password # Give root a random password
RUN echo "root:$(openssl rand -base64 12)" | chpasswd RUN echo "root:$(openssl rand -base64 12)" | chpasswd

13
Containers/apache/start.sh
View file

@ -23,6 +23,19 @@ while ! nc -z "$COLLABORA_HOST" 9980; do
sleep 5 sleep 5
done done
if [ -z "$APACHE_PORT" ]; then
export APACHE_PORT="443"
fi
if [ "$APACHE_PORT" != '443' ]; then
export PROTOCOL="http"
export NC_DOMAIN=""
sed -i 's|auto_https.*|auto_https off|' /Caddyfile
else
export PROTOCOL="https"
sed -i 's|auto_https.*|auto_https disable_redirects|' /Caddyfile
fi
# Add caddy path # Add caddy path
mkdir -p /mnt/data/caddy/ mkdir -p /mnt/data/caddy/

2
Containers/domaincheck/lighttpd.conf
View file

@ -1,6 +1,6 @@
server.document-root = "/var/www/domaincheck/" server.document-root = "/var/www/domaincheck/"
server.port = 443 server.port = env.APACHE_PORT
server.username = "www-data" server.username = "www-data"
server.groupname = "www-data" server.groupname = "www-data"

4
Containers/domaincheck/start.sh
View file

@ -7,6 +7,10 @@ fi
echo "$INSTANCE_ID" > /var/www/domaincheck/index.html echo "$INSTANCE_ID" > /var/www/domaincheck/index.html
if [ -z "$APACHE_PORT" ]; then
export APACHE_PORT="443"
fi
# Check config file # Check config file
lighttpd -tt -f /etc/lighttpd/lighttpd.conf lighttpd -tt -f /etc/lighttpd/lighttpd.conf

17
Containers/mastercontainer/start.sh
View file

@ -6,6 +6,14 @@ print_green() {
printf "%b%s%b\n" "\e[0;92m" "$TEXT" "\e[0m" printf "%b%s%b\n" "\e[0;92m" "$TEXT" "\e[0m"
} }
# Function to check if number was provided
check_if_number() {
case "${1}" in
''|*[!0-9]*) return 1 ;;
*) return 0 ;;
esac
}
# Check if socket is available and readable # Check if socket is available and readable
if ! [ -a "/var/run/docker.sock" ]; then if ! [ -a "/var/run/docker.sock" ]; then
echo "Docker socket is not available. Cannot continue." echo "Docker socket is not available. Cannot continue."
@ -68,6 +76,15 @@ The string must be equal to/start with '/mnt/' or '/media/' or be equal to '/var
exit 1 exit 1
fi fi
fi fi
if [ -n "$APACHE_PORT" ]; then
if ! check_if_number "$APACHE_PORT"; then
echo "You provided an Apache port but did not only use numbers"
exit 1
elif ! [ "$APACHE_PORT" -le 65535 ] || ! [ "$APACHE_PORT" -ge 1 ]; then
echo "The provided Apache port is invalid. It must be between 1 and 65535"
exit 1
fi
fi
# Add important folders # Add important folders
mkdir -p /mnt/docker-aio-config/data/ mkdir -p /mnt/docker-aio-config/data/

12
php/containers.json
View file

@ -10,17 +10,18 @@
"displayName": "Apache", "displayName": "Apache",
"containerName": "nextcloud/aio-apache", "containerName": "nextcloud/aio-apache",
"ports": [ "ports": [
"443/tcp" "%APACHE_PORT%/tcp"
], ],
"internalPorts": [ "internalPorts": [
"443" "%APACHE_PORT%"
], ],
"secrets": [], "secrets": [],
"environmentVariables": [ "environmentVariables": [
"NC_DOMAIN=%NC_DOMAIN%", "NC_DOMAIN=%NC_DOMAIN%",
"NEXTCLOUD_HOST=nextcloud-aio-nextcloud", "NEXTCLOUD_HOST=nextcloud-aio-nextcloud",
"COLLABORA_HOST=nextcloud-aio-collabora", "COLLABORA_HOST=nextcloud-aio-collabora",
"TALK_HOST=nextcloud-aio-talk" "TALK_HOST=nextcloud-aio-talk",
"APACHE_PORT=%APACHE_PORT%"
], ],
"volumes": [ "volumes": [
{ {
@ -276,11 +277,12 @@
"displayName": "Domaincheck", "displayName": "Domaincheck",
"containerName": "nextcloud/aio-domaincheck", "containerName": "nextcloud/aio-domaincheck",
"ports": [ "ports": [
"443/tcp" "%APACHE_PORT%/tcp"
], ],
"internalPorts": [], "internalPorts": [],
"environmentVariables": [ "environmentVariables": [
"INSTANCE_ID=%INSTANCE_ID%" "INSTANCE_ID=%INSTANCE_ID%",
"APACHE_PORT=%APACHE_PORT%"
], ],
"volumes": [], "volumes": [],
"secrets": [ "secrets": [

6
php/src/ContainerDefinitionFetcher.php
View file

@ -51,11 +51,17 @@ class ContainerDefinitionFetcher
foreach ($data['production'] as $entry) { foreach ($data['production'] as $entry) {
$ports = new ContainerPorts(); $ports = new ContainerPorts();
foreach ($entry['ports'] as $port) { foreach ($entry['ports'] as $port) {
if($port === '%APACHE_PORT%/tcp') {
$port = $this->configurationManager->GetApachePort() . '/tcp';
}
$ports->AddPort($port); $ports->AddPort($port);
} }
$internalPorts = new ContainerInternalPorts(); $internalPorts = new ContainerInternalPorts();
foreach ($entry['internalPorts'] as $internalPort) { foreach ($entry['internalPorts'] as $internalPort) {
if($internalPort === '%APACHE_PORT%') {
$internalPort = $this->configurationManager->GetApachePort();
}
$internalPorts->AddInternalPort($internalPort); $internalPorts->AddInternalPort($internalPort);
} }

33
php/src/Data/ConfigurationManager.php
View file

@ -148,8 +148,16 @@ class ConfigurationManager
// Get Instance ID // Get Instance ID
$instanceID = $this->GetSecret('INSTANCE_ID'); $instanceID = $this->GetSecret('INSTANCE_ID');
// set protocol
$port = $this->GetApachePort();
if ($port !== '443') {
$protocol = 'https://';
} else {
$protocol = 'http://';
}
$ch = curl_init(); $ch = curl_init();
curl_setopt($ch, CURLOPT_URL,'http://' . $domain . ':443'); curl_setopt($ch, CURLOPT_URL, $protocol . $domain . ':443');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response = (string)curl_exec($ch); $response = (string)curl_exec($ch);
# Get rid of trailing \n # Get rid of trailing \n
@ -232,6 +240,29 @@ class ConfigurationManager
$this->WriteConfig($config); $this->WriteConfig($config);
} }
public function GetApachePort() : string {
$port = getenv('APACHE_PORT');
if ($port === false) {
$config = $this->GetConfig();
if (!isset($config['apache_port']) || $config['apache_port'] === '') {
$config['apache_port'] = '443';
}
return $config['apache_port'];
} else {
if(file_exists(DataConst::GetConfigFile())) {
$config = $this->GetConfig();
if (!isset($config['apache_port'])) {
$config['apache_port'] = '';
}
if ($port !== $config['apache_port']) {
$config['apache_port'] = $port;
$this->WriteConfig($config);
}
}
return $port;
}
}
/** /**
* @throws InvalidSettingConfigurationException * @throws InvalidSettingConfigurationException
*/ */

2
php/src/Docker/DockerActionManager.php
View file

@ -214,6 +214,8 @@ class DockerActionManager
$replacements[1] = $this->configurationManager->GetAIOURL(); $replacements[1] = $this->configurationManager->GetAIOURL();
} elseif ($out[1] === 'SELECTED_RESTORE_TIME') { } elseif ($out[1] === 'SELECTED_RESTORE_TIME') {
$replacements[1] = $this->configurationManager->GetSelectedRestoreTime(); $replacements[1] = $this->configurationManager->GetSelectedRestoreTime();
} elseif ($out[1] === 'APACHE_PORT') {
$replacements[1] = $this->configurationManager->GetApachePort();
} else { } else {
$replacements[1] = $this->configurationManager->GetSecret($out[1]); $replacements[1] = $this->configurationManager->GetSecret($out[1]);
} }