From dc58752575189ad9ff5d0a9318de8ead13d194fd Mon Sep 17 00:00:00 2001 From: Oskar Hahn Date: Thu, 4 Feb 2021 20:54:57 +0100 Subject: [PATCH 1/5] Use caddy --- caddy/Caddyfile | 26 ++++++++++++++++++++++++++ docker/docker-compose.dev.yml | 8 ++++---- 2 files changed, 30 insertions(+), 4 deletions(-) create mode 100644 caddy/Caddyfile diff --git a/caddy/Caddyfile b/caddy/Caddyfile new file mode 100644 index 000000000..9da4e546d --- /dev/null +++ b/caddy/Caddyfile @@ -0,0 +1,26 @@ +{ + # General Options + debug +} + +:8000 + +reverse_proxy /system/* https://autoupdate:8002 { + flush_interval -1 + + transport http { + tls_insecure_skip_verify + versions 2 + } +} + +@server { + path /apps/* + path /rest/* + path /server-version.txt +} +reverse_proxy @server server:8000 + +reverse_proxy /media/* media:8000 + +reverse_proxy client:4200 diff --git a/docker/docker-compose.dev.yml b/docker/docker-compose.dev.yml index 9ef7a3d12..aa03e96ed 100644 --- a/docker/docker-compose.dev.yml +++ b/docker/docker-compose.dev.yml @@ -45,13 +45,13 @@ services: redis: image: redis:latest - haproxy: - image: os3-haproxy-dev + caddy: + image: caddy:2.3.0-alpine volumes: - - ../haproxy/src:/usr/local/etc/haproxy + - ../caddy/Caddyfile:/etc/caddy/Caddyfile depends_on: - client - server - autoupdate ports: - - "8000:8000" \ No newline at end of file + - "8000:8000" From 799dd08e0ddec2b1c6fc34a8abc5def0127a8dba Mon Sep 17 00:00:00 2001 From: Oskar Hahn Date: Fri, 5 Feb 2021 09:47:04 +0100 Subject: [PATCH 2/5] client listens 4200 in prod --- client/docker/nginx.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/client/docker/nginx.conf b/client/docker/nginx.conf index f96659452..b95f2cd21 100644 --- a/client/docker/nginx.conf +++ b/client/docker/nginx.conf @@ -6,7 +6,7 @@ events { http { server { - listen 80; + listen 4200; server_name localhost; root /usr/share/nginx/html; From 470168c58c4f3a11620811bbaaab7c96582c343f Mon Sep 17 00:00:00 2001 From: Gernot Schulz Date: Fri, 5 Feb 2021 17:25:46 +0100 Subject: [PATCH 3/5] Caddy: Do not use TLS for autoupdate connection --- autoupdate | 2 +- caddy/Caddyfile | 11 +++-------- 2 files changed, 4 insertions(+), 9 deletions(-) diff --git a/autoupdate b/autoupdate index 03d86865c..020bb29d9 160000 --- a/autoupdate +++ b/autoupdate @@ -1 +1 @@ -Subproject commit 03d86865c063059878f4c3d616b6a6a9099b90d3 +Subproject commit 020bb29d9924ffb32c60e081e019acc2984ac42e diff --git a/caddy/Caddyfile b/caddy/Caddyfile index 9da4e546d..aeb601dac 100644 --- a/caddy/Caddyfile +++ b/caddy/Caddyfile @@ -1,17 +1,12 @@ { - # General Options - debug + # Enable debug output + #debug } :8000 -reverse_proxy /system/* https://autoupdate:8002 { +reverse_proxy /system/* http://autoupdate:8002 { flush_interval -1 - - transport http { - tls_insecure_skip_verify - versions 2 - } } @server { From 40dc0e08fa3b08c1a8dcf17a9195fcb6a0420132 Mon Sep 17 00:00:00 2001 From: Gernot Schulz Date: Fri, 5 Feb 2021 17:26:36 +0100 Subject: [PATCH 4/5] Caddy: Add config to image instead of using a volume --- caddy/Dockerfile | 3 +++ docker/docker-compose.dev.yml | 2 -- 2 files changed, 3 insertions(+), 2 deletions(-) create mode 100644 caddy/Dockerfile diff --git a/caddy/Dockerfile b/caddy/Dockerfile new file mode 100644 index 000000000..618b1aabb --- /dev/null +++ b/caddy/Dockerfile @@ -0,0 +1,3 @@ +FROM caddy:2.3.0-alpine + +COPY Caddyfile /etc/caddy/ diff --git a/docker/docker-compose.dev.yml b/docker/docker-compose.dev.yml index aa03e96ed..fa25a44dc 100644 --- a/docker/docker-compose.dev.yml +++ b/docker/docker-compose.dev.yml @@ -47,8 +47,6 @@ services: caddy: image: caddy:2.3.0-alpine - volumes: - - ../caddy/Caddyfile:/etc/caddy/Caddyfile depends_on: - client - server From f7d228a600a49d5d5c4ea633d3b4bf54bc157861 Mon Sep 17 00:00:00 2001 From: Gernot Schulz Date: Fri, 5 Feb 2021 17:27:54 +0100 Subject: [PATCH 5/5] Docker: Update build scripts for Caddy For now, keep using HAProxy's name in most places, e.g., DOCKER_OPENSLIDES_HAPROXY_NAME. To avoid confusion, the specific mentions of HAProxy should be made more generic, e.g., DOCKER_OPENSLIDES_PROXY_NAME. --- docker/build.sh | 2 +- docker/docker-compose.yml.m4 | 2 +- docker/docker-stack.yml.m4 | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/docker/build.sh b/docker/build.sh index 7e7771b23..16cdff8d6 100755 --- a/docker/build.sh +++ b/docker/build.sh @@ -6,7 +6,7 @@ declare -A TARGETS TARGETS=( [client]="$(dirname "${BASH_SOURCE[0]}")/../client/docker/" [server]="$(dirname "${BASH_SOURCE[0]}")/../server/docker/" - [haproxy]="$(dirname "${BASH_SOURCE[0]}")/../haproxy/" + [caddy]="$(dirname "${BASH_SOURCE[0]}")/../caddy/" [autoupdate]="$(dirname "${BASH_SOURCE[0]}")/../autoupdate/" [media]="https://github.com/OpenSlides/openslides-media-service.git" [pgbouncer]="https://github.com/OpenSlides/openslides-docker-compose.git#:pgbouncer" diff --git a/docker/docker-compose.yml.m4 b/docker/docker-compose.yml.m4 index 1a9d1cd1c..847b161f7 100644 --- a/docker/docker-compose.yml.m4 +++ b/docker/docker-compose.yml.m4 @@ -15,7 +15,7 @@ define(`ifenvelse', `ifelse(read_env(`$1'),, `$2', read_env(`$1'))') define(`HAPROXY_IMAGE', ifenvelse(`DEFAULT_DOCKER_REGISTRY', openslides)/dnl -ifenvelse(`DOCKER_OPENSLIDES_HAPROXY_NAME', openslides-haproxy):dnl +ifenvelse(`DOCKER_OPENSLIDES_HAPROXY_NAME', openslides-caddy):dnl ifenvelse(`DOCKER_OPENSLIDES_HAPROXY_TAG', latest)) define(`BACKEND_IMAGE', ifenvelse(`DEFAULT_DOCKER_REGISTRY', openslides)/dnl diff --git a/docker/docker-stack.yml.m4 b/docker/docker-stack.yml.m4 index 0d83990cb..af8eb6beb 100644 --- a/docker/docker-stack.yml.m4 +++ b/docker/docker-stack.yml.m4 @@ -15,7 +15,7 @@ define(`ifenvelse', `ifelse(read_env(`$1'),, `$2', read_env(`$1'))') define(`HAPROXY_IMAGE', ifenvelse(`DEFAULT_DOCKER_REGISTRY', openslides)/dnl -ifenvelse(`DOCKER_OPENSLIDES_HAPROXY_NAME', openslides-haproxy):dnl +ifenvelse(`DOCKER_OPENSLIDES_HAPROXY_NAME', openslides-caddy):dnl ifenvelse(`DOCKER_OPENSLIDES_HAPROXY_TAG', latest)) define(`BACKEND_IMAGE', ifenvelse(`DEFAULT_DOCKER_REGISTRY', openslides)/dnl