From 6b10106a0fe300af7523ff80bd4f3abb95bc4bc5 Mon Sep 17 00:00:00 2001 From: Eric Schubert <38206611+Kharonus@users.noreply.github.com> Date: Tue, 16 Jul 2024 11:46:15 +0200 Subject: [PATCH] [#55776] create proxy without static assets (#83) * [#55776] added custom image for proxy - based on caddy:2 - copy assets from openproject image into proxy image * [#55776] removed static asset serving from proxy - https://community.openproject.org/wp/55776 - apparently caddy correctly redirects asset requests to the web service --- compose/.gitignore | 2 ++ compose/docker-compose.yml | 26 +++++++------------------- compose/proxy-entrypoint.sh | 7 ------- compose/{ => proxy}/Caddyfile.template | 2 -- compose/proxy/Dockerfile | 8 ++++++++ 5 files changed, 17 insertions(+), 28 deletions(-) delete mode 100755 compose/proxy-entrypoint.sh rename compose/{ => proxy}/Caddyfile.template (97%) create mode 100644 compose/proxy/Dockerfile diff --git a/compose/.gitignore b/compose/.gitignore index 4c49bd7..08eb01f 100644 --- a/compose/.gitignore +++ b/compose/.gitignore @@ -1 +1,3 @@ .env + +docker-compose.override.yml diff --git a/compose/docker-compose.yml b/compose/docker-compose.yml index 089e958..98c98a4 100644 --- a/compose/docker-compose.yml +++ b/compose/docker-compose.yml @@ -5,7 +5,6 @@ networks: volumes: pgdata: opdata: - assets: x-op-restart-policy: &restart_policy restart: unless-stopped @@ -25,6 +24,8 @@ x-op-app: &app RAILS_MAX_THREADS: ${RAILS_MAX_THREADS:-16} # set to true to enable the email receiving feature. See ./docker/cron for more options IMAP_ENABLED: "${IMAP_ENABLED:-false}" + volumes: + - "${OPDATA:-opdata}:/var/openproject/assets" services: db: @@ -46,21 +47,18 @@ services: - backend proxy: - image: caddy:2 + build: + context: ./proxy + args: + APP_HOST: web + image: openproject/proxy:${TAG:-14-slim} <<: *restart_policy - command: "/usr/local/bin/proxy-entrypoint.sh" ports: - "${PORT:-8080}:80" - environment: - APP_HOST: web depends_on: - web networks: - frontend - volumes: - - ./Caddyfile.template:/etc/caddy/Caddyfile.template:ro - - ./proxy-entrypoint.sh:/usr/local/bin/proxy-entrypoint.sh:ro - - assets:/public:ro web: <<: *app @@ -80,9 +78,6 @@ services: timeout: 3s retries: 3 start_period: 30s - volumes: - - "${OPDATA:-opdata}:/var/openproject/assets" - - assets:/app/public autoheal: image: willfarrell/autoheal:1.2.0 @@ -102,8 +97,6 @@ services: - db - cache - seeder - volumes: - - "${OPDATA:-opdata}:/var/openproject/assets" cron: <<: *app @@ -114,8 +107,6 @@ services: - db - cache - seeder - volumes: - - "${OPDATA:-opdata}:/var/openproject/assets" seeder: <<: *app @@ -123,6 +114,3 @@ services: restart: on-failure networks: - backend - volumes: - - "${OPDATA:-opdata}:/var/openproject/assets" - diff --git a/compose/proxy-entrypoint.sh b/compose/proxy-entrypoint.sh deleted file mode 100755 index 8cc5ee8..0000000 --- a/compose/proxy-entrypoint.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/sh - -set -e - -sed 's|${APP_HOST}|'"$APP_HOST"'|g' /etc/caddy/Caddyfile.template > /etc/caddy/Caddyfile - -caddy run --config /etc/caddy/Caddyfile diff --git a/compose/Caddyfile.template b/compose/proxy/Caddyfile.template similarity index 97% rename from compose/Caddyfile.template rename to compose/proxy/Caddyfile.template index d213a75..7de7b97 100644 --- a/compose/Caddyfile.template +++ b/compose/proxy/Caddyfile.template @@ -1,6 +1,4 @@ :80 { - root * /public - reverse_proxy * http://${APP_HOST}:8080 { # The following directives are needed to make the proxy forward explicitly the X-Forwarded-* headers. If unset, # Caddy will reset them. See: https://caddyserver.com/docs/caddyfile/directives/reverse_proxy#defaults diff --git a/compose/proxy/Dockerfile b/compose/proxy/Dockerfile new file mode 100644 index 0000000..5a6591b --- /dev/null +++ b/compose/proxy/Dockerfile @@ -0,0 +1,8 @@ +FROM caddy:2 + +COPY ./Caddyfile.template /etc/caddy/Caddyfile.template + +ARG APP_HOST +RUN sed 's|${APP_HOST}|'"$APP_HOST"'|g' /etc/caddy/Caddyfile.template > /etc/caddy/Caddyfile + +ENTRYPOINT ["caddy", "run", "--config", "/etc/caddy/Caddyfile"]