spacebar/kamal
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

All role specific proxy configuration

Browse Source 
By default only the primary role runs the proxy. To disable the proxy
for that role, you can set `proxy: false` under it.

For other roles they default to not running the proxy, but you can
enable it by setting `proxy: true` for the role, or alternatively
setting a proxy configuration.

The proxy configuration will be merged into the root proxy configuration.
This commit is contained in:
Donal McBreen
2024-09-18 17:25:35 +01:00
parent d218264b69
commit fd0cdc1ca1
21 changed files with 210 additions and 98 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
lib/kamal/configuration/docs/proxy.yml
View File

@@ -9,6 +9,12 @@
#
# They are application specific, so are not shared when multiple applications
# run on the same proxy.
#
# The proxy is enabled by default on the primary role, but can be disabled by
# setting `proxy: false`.
#
# It is disabled by default on all other roles, but can be enabled by setting
# `proxy: true`, or providing a proxy configuration.
proxy:
# Host

3
lib/kamal/configuration/docs/role.yml
View File

@@ -35,13 +35,14 @@ servers:
hosts:
- 172.1.0.3
- 172.1.0.4: experiment1
proxy: true
cmd: "bin/jobs"
options:
memory: 2g
cpus: 4
logging:
...
proxy:
...
labels:
my-label: workers
env:

41
lib/kamal/configuration/proxy.rb
View File

@@ -1,36 +1,23 @@
class Kamal::Configuration::Proxy
include Kamal::Configuration::Validation
MINIMUM_VERSION = "v0.3.0"
DEFAULT_HTTP_PORT = 80
DEFAULT_HTTPS_PORT = 443
DEFAULT_IMAGE = "basecamp/kamal-proxy:#{MINIMUM_VERSION}"
DEFAULT_LOG_REQUEST_HEADERS = [ "Cache-Control", "Last-Modified", "User-Agent" ]
CONTAINER_NAME = "kamal-proxy"
delegate :argumentize, :optionize, to: Kamal::Utils
def initialize(config:)
attr_reader :config, :proxy_config
def initialize(config:, proxy_config:, context: "proxy")
@config = config
@proxy_config = config.raw_config.proxy || {}
validate! proxy_config, with: Kamal::Configuration::Validator::Proxy
@proxy_config = proxy_config
validate! @proxy_config, with: Kamal::Configuration::Validator::Proxy, context: context
end
def app_port
proxy_config.fetch("app_port", 80)
end
def image
proxy_config.fetch("image", DEFAULT_IMAGE)
end
def container_name
"kamal-proxy"
end
def publish_args
argumentize "--publish", [ "#{DEFAULT_HTTP_PORT}:#{DEFAULT_HTTP_PORT}", "#{DEFAULT_HTTPS_PORT}:#{DEFAULT_HTTPS_PORT}" ]
end
def ssl?
proxy_config.fetch("ssl", false)
end
@@ -56,19 +43,19 @@ class Kamal::Configuration::Proxy
}.compact
end
def deploy_command_args
optionize deploy_options
def deploy_command_args(target:)
optionize ({ target: "#{target}:#{app_port}" }).merge(deploy_options)
end
def config_volume
Kamal::Configuration::Volume.new \
host_path: File.join(config.proxy_directory, "config"),
container_path: "/home/kamal-proxy/.config/kamal-proxy"
def remove_command_args(target:)
optionize({ target: "#{target}:#{app_port}" })
end
def merge(other)
self.class.new config: config, proxy_config: proxy_config.deep_merge(other.proxy_config)
end
private
attr_reader :config, :proxy_config
def seconds_duration(value)
value ? "#{value}s" : nil
end

43
lib/kamal/configuration/role.rb
View File

@@ -3,7 +3,7 @@ class Kamal::Configuration::Role
delegate :argumentize, :optionize, to: Kamal::Utils
attr_reader :name, :config, :specialized_env, :specialized_logging
attr_reader :name, :config, :specialized_env, :specialized_logging, :specialized_proxy
alias to_s name
@@ -23,6 +23,8 @@ class Kamal::Configuration::Role
@specialized_logging = Kamal::Configuration::Logging.new \
logging_config: specializations.fetch("logging", {}),
context: "servers/#{name}/logging"
initialize_specialized_proxy
end
def primary_host
@@ -65,6 +67,14 @@ class Kamal::Configuration::Role
@logging ||= config.logging.merge(specialized_logging)
end
def proxy
@proxy ||= config.proxy.merge(specialized_proxy) if running_proxy?
end
def running_proxy?
@running_proxy
end
def stop_args
# When deploying with the proxy, kamal-proxy will drain request before returning so we don't need to wait.
timeout = running_proxy? ? nil : config.drain_timeout
@@ -98,16 +108,8 @@ class Kamal::Configuration::Role
end
def running_proxy?
if specializations["proxy"].nil?
primary?
else
specializations["proxy"]
end
end
def primary?
self == @config.primary_role
name == @config.primary_role_name
end
@@ -144,6 +146,27 @@ class Kamal::Configuration::Role
end
private
def initialize_specialized_proxy
proxy_specializations = specializations["proxy"]
if primary?
# only false means no proxy for non-primary roles
@running_proxy = proxy_specializations != false
else
# false and nil both mean no proxy for non-primary roles
@running_proxy = !!proxy_specializations
end
if running_proxy?
proxy_config = proxy_specializations == true || proxy_specializations.nil? ? {} : proxy_specializations
@specialized_proxy = Kamal::Configuration::Proxy.new \
config: config,
proxy_config: proxy_config,
context: "servers/#{name}/proxy"
end
end
def tagged_hosts
{}.tap do |tagged_hosts|
extract_hosts_from_config.map do |host_config|

4
lib/kamal/configuration/validator.rb
View File

@@ -24,7 +24,9 @@ class Kamal::Configuration::Validator
example_value = example[key]
if example_value == "..."
validate_type! value, *(Array if key == :servers), Hash
unless key.to_s == "proxy" && boolean?(value.class)
validate_type! value, *(Array if key == :servers), Hash
end
elsif key == "hosts"
validate_servers! value
elsif example_value.is_a?(Array)

8
lib/kamal/configuration/validator/proxy.rb
View File

@@ -1,9 +1,11 @@
class Kamal::Configuration::Validator::Proxy < Kamal::Configuration::Validator
def validate!
super
unless config.nil?
super
if config["host"].blank? && config["ssl"]
error "Must set a host to enable automatic SSL"
if config["host"].blank? && config["ssl"]
error "Must set a host to enable automatic SSL"
end
end
end
end