Merge pull request #444 from coollabsio/next

v2.9.4

package.json

@@ -1,7 +1,7 @@
 {
 	"name": "coolify",
 	"description": "An open-source & self-hostable Heroku / Netlify alternative.",
-	"version": "2.9.1",
+	"version": "2.9.4",
 	"license": "AGPL-3.0",
 	"scripts": {
 		"dev": "docker-compose -f docker-compose-dev.yaml up -d && cross-env NODE_ENV=development & svelte-kit dev --host 0.0.0.0",

prisma/seed.cjs

@@ -5,6 +5,12 @@ const prisma = new PrismaClient();
 const crypto = require('crypto');
 const generator = require('generate-password');
 const cuid = require('cuid');
+const compare = require('compare-versions');
+const { version } = require('../package.json');
+const child = require('child_process');
+const util = require('util');
+
+const algorithm = 'aes-256-ctr';
 
 function generatePassword(length = 24) {
 	return generator.generate({
@@ -13,7 +19,7 @@ function generatePassword(length = 24) {
 		strict: true
 	});
 }
-const algorithm = 'aes-256-ctr';
+const asyncExecShell = util.promisify(child.exec);
 
 async function main() {
 	// Enable registration for the first user
@@ -64,6 +70,56 @@ async function main() {
 			}
 		});
 	}
+	if (settings.isTraefikUsed) {
+		// Force stop Coolify Proxy, as it had a bug in < 2.9.2. TrustProxy + api.insecure
+		try {
+			const { stdout } = await asyncExecShell(
+				`docker inspect coolify-proxy --format '{{json .Config.Cmd}}'`
+			);
+			if (
+				!stdout
+					.replaceAll('[', '')
+					.replaceAll(']', '')
+					.replaceAll('"', '')
+					.replace('\n', '')
+					.split(',')
+					.includes('--entrypoints.web.forwardedHeaders.insecure=true')
+			) {
+				console.log('Reconfiguring Coolify Proxy (Traefik)...');
+				await asyncExecShell(`docker stop -t 0 coolify-proxy && docker rm coolify-proxy`);
+				const { stdout: Config } = await asyncExecShell(
+					`docker network inspect bridge --format '{{json .IPAM.Config }}'`
+				);
+				const ip = JSON.parse(Config)[0].Gateway;
+				await asyncExecShell(
+					`docker run --restart always \
+				--add-host 'host.docker.internal:host-gateway' \
+				--add-host 'host.docker.internal:${ip}' \
+				-v coolify-traefik-letsencrypt:/etc/traefik/acme \
+				-v /var/run/docker.sock:/var/run/docker.sock \
+				--network coolify-infra \
+				-p "80:80" \
+				-p "443:443" \
+				--name coolify-proxy \
+				-d traefik:v2.6 \
+				--entrypoints.web.address=:80 \
+				--entrypoints.web.forwardedHeaders.insecure=true \
+				--entrypoints.websecure.address=:443 \
+				--entrypoints.websecure.forwardedHeaders.insecure=true \
+				--providers.docker=true \
+				--providers.docker.exposedbydefault=false \
+				--providers.http.endpoint=http://coolify:3000/webhooks/traefik/main.json \
+				--providers.http.pollTimeout=5s \
+				--certificatesresolvers.letsencrypt.acme.httpchallenge=true \
+				--certificatesresolvers.letsencrypt.acme.storage=/etc/traefik/acme/acme.json \
+				--certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web \
+				--log.level=error`
+				);
+			}
+		} catch (error) {
+			console.log(error);
+		}
+	}
 }
 main()
 	.catch((e) => {

src/lib/haproxy/index.ts

@@ -161,6 +161,7 @@ export async function startTraefikTCPProxy(
 						image: 'traefik:v2.6',
 						command: [
 							`--entrypoints.tcp.address=:${publicPort}`,
+							`--entryPoints.tcp.forwardedHeaders.insecure=true`,
 							`--providers.http.endpoint=${otherTraefikEndpoint}?id=${id}&privatePort=${privatePort}&publicPort=${publicPort}&type=tcp&address=${dependentId}`,
 							'--providers.http.pollTimeout=2s',
 							'--log.level=error'
@@ -257,6 +258,7 @@ export async function startTraefikHTTPProxy(
 						image: 'traefik:v2.6',
 						command: [
 							`--entrypoints.http.address=:${publicPort}`,
+							`--entryPoints.http.forwardedHeaders.insecure=true`,
 							`--providers.http.endpoint=${otherTraefikEndpoint}?id=${id}&privatePort=${privatePort}&publicPort=${publicPort}&type=http`,
 							'--providers.http.pollTimeout=2s',
 							'--certificatesresolvers.letsencrypt.acme.httpchallenge=true',
@@ -368,12 +370,12 @@ export async function startTraefikProxy(engine: string): Promise<void> {
 			--network coolify-infra \
 			-p "80:80" \
 			-p "443:443" \
-			-p "8080:8080" \
 			--name coolify-proxy \
 			-d ${defaultTraefikImage} \
-			--api.insecure=true \
 			--entrypoints.web.address=:80 \
+			--entrypoints.web.forwardedHeaders.insecure=true \
 			--entrypoints.websecure.address=:443 \
+			--entrypoints.websecure.forwardedHeaders.insecure=true \
 			--providers.docker=true \
 			--providers.docker.exposedbydefault=false \
 			--providers.http.endpoint=${mainTraefikEndpoint} \

src/lib/importers/github.ts

@@ -49,7 +49,7 @@ export default async function ({
 		applicationId
 	});
 	await asyncExecShell(
-		`GIT_SSH_COMMAND='ssh -o StrictHostKeyChecking=no' git clone -q -b ${branch} https://x-access-token:${token}@${url}/${repository}.git ${workdir}/ && cd ${workdir} && git submodule update --init --recursive && git lfs pull && cd .. `
+		`git clone -q -b ${branch} https://x-access-token:${token}@${url}/${repository}.git ${workdir}/ && cd ${workdir} && git submodule update --init --recursive && git lfs pull && cd .. `
 	);
 	const { stdout: commit } = await asyncExecShell(`cd ${workdir}/ && git rev-parse HEAD`);
 	return commit.replace('\n', '');

src/lib/importers/gitlab.ts

@@ -31,7 +31,7 @@ export default async function ({
 	});
 
 	await asyncExecShell(
-		`GIT_SSH_COMMAND='ssh -o StrictHostKeyChecking=no' git clone -q -b ${branch} git@${url}:${repository}.git --config core.sshCommand="ssh -q -i ${repodir}id.rsa -o StrictHostKeyChecking=no" ${workdir}/ && cd ${workdir}/ && git submodule update --init --recursive && git lfs pull && cd .. `
+		`git clone -q -b ${branch} git@${url}:${repository}.git --config core.sshCommand="ssh -q -i ${repodir}id.rsa -o StrictHostKeyChecking=no" ${workdir}/ && cd ${workdir}/ && git submodule update --init --recursive && git lfs pull && cd .. `
 	);
 	const { stdout: commit } = await asyncExecShell(`cd ${workdir}/ && git rev-parse HEAD`);
 	return commit.replace('\n', '');

src/routes/applications/[id]/index.svelte

@@ -102,7 +102,7 @@
 	onMount(async () => {
 		if (browser && window.location.hostname === 'demo.coolify.io' && !application.fqdn) {
 			application.fqdn = `http://${cuid()}.demo.coolify.io`;
-			await post(`/applications/${id}.json`, { ...application });
+			await handleSubmit();
 		}
 		domainEl.focus();
 		await getUsage();

src/routes/services/[id]/_Services/_Services.svelte

@@ -74,7 +74,23 @@
 	onMount(async () => {
 		if (browser && window.location.hostname === 'demo.coolify.io' && !service.fqdn) {
 			service.fqdn = `http://${cuid()}.demo.coolify.io`;
-			await post(`/services/${id}/${service.type}.json`, { ...service });
+			if (service.type === 'wordpress') {
+				service.wordpress.mysqlDatabase = 'db';
+			}
+			if (service.type === 'plausibleanalytics') {
+				service.plausibleAnalytics.email = 'noreply@demo.com';
+				service.plausibleAnalytics.username = 'admin';
+			}
+			if (service.type === 'minio') {
+				service.minio.apiFqdn = `http://${cuid()}.demo.coolify.io`;
+			}
+			if (service.type === 'ghost') {
+				service.ghost.mariadbDatabase = 'db';
+			}
+			if (service.type === 'fider') {
+				service.fider.emailNoreply = 'noreply@demo.com';
+			}
+			await handleSubmit();
 		}
 	});
 </script>

src/routes/update.json.ts

@@ -6,7 +6,6 @@ import * as db from '$lib/database';
 import type { RequestHandler } from '@sveltejs/kit';
 import compare from 'compare-versions';
 import got from 'got';
-import { checkContainer, startCoolifyProxy, startTraefikProxy } from '$lib/haproxy';
 
 export const get: RequestHandler = async (request) => {
 	try {