From a2cd9927788e7c1bb6e42f5507e4ca2fbef88781 Mon Sep 17 00:00:00 2001 From: routerino <45954722+routerino@users.noreply.github.com> Date: Tue, 1 Oct 2024 22:02:33 +1000 Subject: [PATCH] 145-crashes-upon-boot-and-for-some-reason-tries-loading-caddy-stuff-im-not-using-caddy * removed unused test docker profiles, changed default docker port * updated readme --- README.md | 17 ++++---- docker/production/dockerfile | 4 +- docker/test/test-server/Caddyfile | 25 ----------- docker/test/test-server/docker-compose.yaml | 42 ------------------- docker/test/test-server/dockerfile | 27 ------------ .../test/test-server/scripts/1-image-build.sh | 25 ----------- .../test/test-server/scripts/2-initialise.sh | 23 ---------- docker/test/test-workers/docker-compose.yaml | 38 ----------------- 8 files changed, 9 insertions(+), 192 deletions(-) delete mode 100644 docker/test/test-server/Caddyfile delete mode 100644 docker/test/test-server/docker-compose.yaml delete mode 100644 docker/test/test-server/dockerfile delete mode 100644 docker/test/test-server/scripts/1-image-build.sh delete mode 100644 docker/test/test-server/scripts/2-initialise.sh delete mode 100644 docker/test/test-workers/docker-compose.yaml diff --git a/README.md b/README.md index 94b5f6e..a5d76a4 100644 --- a/README.md +++ b/README.md @@ -13,7 +13,7 @@ If you are using docker, you can install `headscale` alongside `headscale-ui`, l version: '3.5' services: headscale: - image: headscale/headscale:latest + image: headscale/headscale:stable container_name: headscale volumes: - ./container-config:/etc/headscale @@ -27,7 +27,8 @@ services: restart: unless-stopped container_name: headscale-ui # ports: - # - 9443:443 + # - 8443:8443 + # - 8080:8080 ``` Headscale UI serves on port 443 and uses a self signed cert by default. You will need to add a `config.yaml` file under your `container-config` folder so that `headscale` has all of the required settings declared. An example from the official `headscale` repo is [here](https://github.com/juanfont/headscale/blob/main/config-example.yaml). @@ -36,19 +37,14 @@ Headscale UI serves on port 443 and uses a self signed cert by default. You will The docker container lets you set the following settings: | Variable | Description | Example | |----|----|----| -| HTTP_PORT | Sets the HTTP port to an alternate value | `80` | -| HTTPS_PORT | Sets the HTTPS port to an alternate value | `443` | +| HTTP_PORT | Sets the HTTP port to an alternate value | `8080` | +| HTTPS_PORT | Sets the HTTPS port to an alternate value | `8443` | ### Proxy Settings You will need a reverse proxy to install `headscale-ui` on your domain. Here is an example [Caddy Config](https://caddyserver.com/) to achieve this: ``` https://hs.yourdomain.com.au { - reverse_proxy /web* https://headscale-ui { - transport http { - tls_insecure_skip_verify - } - } - + reverse_proxy /web* http://headscale-ui:8080 reverse_proxy * http://headscale:8080 } @@ -92,6 +88,7 @@ See [Other Configurations](/documentation/configuration.md) for further proxy ex The following versions correspond to the appropriate headscale version | Headscale Version | HS-UI Version | |-------------------|---------------| +| 23+ | 2024-10-01+ | | 19+ | 2023-01-30+ | | <19 | <2023-01-30 | diff --git a/docker/production/dockerfile b/docker/production/dockerfile index 2757cd8..b4b6b16 100644 --- a/docker/production/dockerfile +++ b/docker/production/dockerfile @@ -37,8 +37,8 @@ ENV PROJECT_NAME="headscale-ui" # URL for the github/git location ENV PROJECT_URL="https://github.com/gurucomputing/headscale-ui" # Ports that caddy will run on -ENV HTTP_PORT="80" -ENV HTTPS_PORT="443" +ENV HTTP_PORT="8080" +ENV HTTPS_PORT="8443" # Production Web Server port. Runs a self signed SSL certificate EXPOSE 443 diff --git a/docker/test/test-server/Caddyfile b/docker/test/test-server/Caddyfile deleted file mode 100644 index 7d7247e..0000000 --- a/docker/test/test-server/Caddyfile +++ /dev/null @@ -1,25 +0,0 @@ -{ - http_port 80 - https_port 443 -} - -https://headscale-test.local { - tls internal - reverse_proxy /web* https://headscale-test-frontend { - transport http { - tls_insecure_skip_verify - } - } - - reverse_proxy * http://headscale-test-backend:8080 -} - -:80 { - reverse_proxy /web* https://headscale-test-frontend { - transport http { - tls_insecure_skip_verify - } - } - - reverse_proxy * http://headscale-test-backend:8080 -} \ No newline at end of file diff --git a/docker/test/test-server/docker-compose.yaml b/docker/test/test-server/docker-compose.yaml deleted file mode 100644 index 536c17c..0000000 --- a/docker/test/test-server/docker-compose.yaml +++ /dev/null @@ -1,42 +0,0 @@ -services: - headscale-test-backend: - image: headscale/headscale:latest-alpine - container_name: headscale-test-backend - security_opt: - - label:disable - # volumes: - # - ./container-config:/etc/headscale - # - ./container-data/data:/var/lib/headscale - entrypoint: | - sh -c "mkdir -p /var/lib/headscale; - mkdir -p /etc/headscale; - touch /var/lib/headscale/db.sqlite; - wget --output-document /etc/headscale/config.yaml https://raw.githubusercontent.com/juanfont/headscale/main/config-example.yaml - sed -i 's|http://127.0.0.1:8080|https://headscale-test.local|g' /etc/headscale/config.yaml; - headscale serve" - restart: unless-stopped - networks: - headscale-ui-test-network: - - headscale-test-frontend: - image: ghcr.io/gurucomputing/headscale-ui:latest - container_name: headscale-test-frontend - restart: unless-stopped - networks: - headscale-ui-test-network: - - headscale-test-proxy: - image: headscale-test-proxy:latest - build: . - container_name: headscale-test-proxy - ports: - - 8080:80 - restart: unless-stopped - networks: - headscale-ui-test-network: - aliases: - - headscale-test.local - -networks: - headscale-ui-test-network: - external: true \ No newline at end of file diff --git a/docker/test/test-server/dockerfile b/docker/test/test-server/dockerfile deleted file mode 100644 index b327a6e..0000000 --- a/docker/test/test-server/dockerfile +++ /dev/null @@ -1,27 +0,0 @@ -FROM alpine:latest - -# environment variables -ENV XDG_DATA_HOME=/data/ - -# Set the staging environment -WORKDIR /staging/scripts -WORKDIR /staging - -# Copy across the scripts folder -COPY scripts/* ./scripts/ -# Copy default caddy config from project root -COPY ./Caddyfile /staging/Caddyfile -# Set permissions for all scripts. We do not want normal users to have write -# access to the scripts -RUN chown -R 0:0 scripts -RUN chmod -R 755 scripts - -# Build the image. This build runs as root -RUN /staging/scripts/1-image-build.sh - -# Tell docker that all future commands should run as the appuser user -# USER appuser - -WORKDIR /data - -ENTRYPOINT /bin/sh /staging/scripts/2-initialise.sh \ No newline at end of file diff --git a/docker/test/test-server/scripts/1-image-build.sh b/docker/test/test-server/scripts/1-image-build.sh deleted file mode 100644 index 3151a25..0000000 --- a/docker/test/test-server/scripts/1-image-build.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/sh -set -x - -# temporarily set the caddy home to staging -export XDG_DATA_HOME=/staging - -# create the group and user -addgroup -S appgroup && adduser -D appuser -G appgroup - -# install caddy plus dependencies -apk add --no-cache caddy nss-tools - -# install tailscale -echo http://dl-2.alpinelinux.org/alpine/edge/community/ >> /etc/apk/repositories -apk add -U --no-cache tailscale -rc-update add tailscale - -# do a dry run of caddy to install the certificates -caddy start -caddy trust -adapter caddyfile -config /staging/Caddyfile -caddy stop - -# set the caddy directory to the non-root user -# commented out for now as we need root anyway for tailscale -# chown -R 1000:1000 /staging/caddy \ No newline at end of file diff --git a/docker/test/test-server/scripts/2-initialise.sh b/docker/test/test-server/scripts/2-initialise.sh deleted file mode 100644 index a20dfb0..0000000 --- a/docker/test/test-server/scripts/2-initialise.sh +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/sh - -#----# -# placeholder for testing -# while true; do sleep 1; done -#----# - -# copy everything from staging -if [ ! -f /data/Caddyfile ]; -then - echo "no Caddyfile detected, copying across default config" - cp /staging/Caddyfile /data/Caddyfile -fi - -if [ ! -f /data/caddy ]; -then - echo "no caddy directory detected, copying across default config" - cp -r /staging/caddy /data/caddy -fi - -# start caddy -echo "Starting Caddy" -/usr/sbin/caddy run --adapter caddyfile --config /data/Caddyfile diff --git a/docker/test/test-workers/docker-compose.yaml b/docker/test/test-workers/docker-compose.yaml deleted file mode 100644 index 3e10ae2..0000000 --- a/docker/test/test-workers/docker-compose.yaml +++ /dev/null @@ -1,38 +0,0 @@ -services: - headscale-worker-1: - image: headscale-test-proxy:latest - container_name: headscale-worker-1 - restart: unless-stopped - networks: - headscale-ui-test-network: - entrypoint: | - sh -c "tailscaled --tun=userspace-networking --socks5-server=localhost:1055 --outbound-http-proxy-listen=localhost:1055 & - tailscale up --authkey=$PREAUTH_KEY --login-server=https://headscale-test.local; - /etc/init.d/tailscale start - while true; do sleep 1; done" - headscale-worker-2: - image: headscale-test-proxy:latest - container_name: headscale-worker-2 - restart: unless-stopped - networks: - headscale-ui-test-network: - entrypoint: | - sh -c "tailscaled --tun=userspace-networking --socks5-server=localhost:1055 --outbound-http-proxy-listen=localhost:1055 & - tailscale up --authkey=$PREAUTH_KEY --login-server=https://headscale-test.local; - /etc/init.d/tailscale start - while true; do sleep 1; done" - headscale-worker-3: - image: headscale-test-proxy:latest - container_name: headscale-worker-3 - restart: unless-stopped - networks: - headscale-ui-test-network: - entrypoint: | - sh -c "tailscaled --tun=userspace-networking --socks5-server=localhost:1055 --outbound-http-proxy-listen=localhost:1055 & - tailscale up --authkey=$PREAUTH_KEY --login-server=https://headscale-test.local --advertise-routes=10.30.10.1/32,10.30.10.2/32,10.30.10.3/32; - /etc/init.d/tailscale start - while true; do sleep 1; done" - -networks: - headscale-ui-test-network: - external: true \ No newline at end of file