mirror of
https://github.com/openziti/zrok.git
synced 2025-06-27 05:01:26 +02:00
DRY by using the Linux package's enable and share scripts in the Docker share project
This commit is contained in:
parent
3ebf0316bc
commit
ce249862e8
@ -53,117 +53,34 @@ services:
|
|||||||
depends_on:
|
depends_on:
|
||||||
zrok-init:
|
zrok-init:
|
||||||
condition: service_completed_successfully
|
condition: service_completed_successfully
|
||||||
entrypoint:
|
entrypoint: zrok-enable.bash
|
||||||
- bash
|
|
||||||
- -euc
|
|
||||||
- |
|
|
||||||
if [[ -s ~/.zrok/environment.json ]]; then
|
|
||||||
ZITI_ID="$(jq '.ziti_identity' ~/.zrok/environment.json 2>/dev/null)"
|
|
||||||
if [[ -z "$${ZITI_ID}" || "$${ZITI_ID}" == null ]]; then
|
|
||||||
echo "ERROR: invalid environment; consider a reset with 'docker compose down --volumes'" >&2
|
|
||||||
exit 1
|
|
||||||
else
|
|
||||||
echo "INFO: zrok environment is already enabled"
|
|
||||||
exit 0
|
|
||||||
fi
|
|
||||||
else
|
|
||||||
if [[ -z "${ZROK_ENABLE_TOKEN}" ]]; then
|
|
||||||
echo "ERROR: ZROK_ENABLE_TOKEN is not defined" >&2
|
|
||||||
exit 1
|
|
||||||
else
|
|
||||||
zrok config set apiEndpoint ${ZROK_API_ENDPOINT:-https://api.zrok.io}
|
|
||||||
echo "INFO: running: zrok $(sed -E "s/${ZROK_ENABLE_TOKEN}/************/" <<< $${@})"
|
|
||||||
exec zrok "$${@}"
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
command: -- enable --headless --description "${ZROK_ENVIRONMENT_NAME:-docker reserved public share}" ${ZROK_ENABLE_TOKEN}
|
|
||||||
volumes:
|
volumes:
|
||||||
- zrok_env:/mnt
|
- zrok_env:/mnt
|
||||||
environment:
|
environment:
|
||||||
HOME: /mnt
|
STATE_DIRECTORY: /mnt
|
||||||
|
ZROK_ENABLE_TOKEN:
|
||||||
|
ZROK_API_ENDPOINT:
|
||||||
|
ZROK_ENVIRONMENT_NAME:
|
||||||
|
|
||||||
# reserve zrok frontend url for the zrok backend config
|
# reserve zrok frontend subdomain and start sharing the target
|
||||||
zrok-reserve:
|
zrok-share:
|
||||||
image: ${ZROK_CONTAINER_IMAGE:-docker.io/openziti/zrok}
|
image: ${ZROK_CONTAINER_IMAGE:-docker.io/openziti/zrok}
|
||||||
entrypoint:
|
entrypoint: zrok-share.bash
|
||||||
- bash
|
|
||||||
- -euc
|
|
||||||
- |
|
|
||||||
if [[ -s ~/.zrok/reserved.json ]]; then
|
|
||||||
ZROK_RESERVED_TOKEN="$(jq '.token' ~/.zrok/reserved.json 2>/dev/null)"
|
|
||||||
if [[ -z "$${ZROK_RESERVED_TOKEN}" || "$${ZROK_RESERVED_TOKEN}" == null ]]; then
|
|
||||||
echo "ERROR: invalid reserved.json: $(jq -c . ~/.zrok/reserved.json)" >&2
|
|
||||||
exit 1
|
|
||||||
else
|
|
||||||
echo "INFO: zrok backend is already reserved: $${ZROK_RESERVED_TOKEN}"
|
|
||||||
exit 0
|
|
||||||
fi
|
|
||||||
else
|
|
||||||
set -o pipefail
|
|
||||||
ZROK_CMD="reserve public --json-output"
|
|
||||||
if [[ -n "${ZROK_SHARE_OPTS:-}" ]]; then
|
|
||||||
ZROK_CMD+=" ${ZROK_SHARE_OPTS}"
|
|
||||||
fi
|
|
||||||
if [[ -n "${ZROK_OAUTH_PROVIDER:-}" ]]; then
|
|
||||||
ZROK_CMD+=" --oauth-provider ${ZROK_OAUTH_PROVIDER}"
|
|
||||||
fi
|
|
||||||
if [[ -n "${ZROK_BACKEND_MODE:-}" && "${ZROK_BACKEND_MODE}" != caddy ]]; then
|
|
||||||
ZROK_CMD+=" --backend-mode ${ZROK_BACKEND_MODE} ${ZROK_TARGET:-http://zrok-test:9090}"
|
|
||||||
else
|
|
||||||
ZROK_CMD+=" --backend-mode caddy /mnt/.zrok/Caddyfile"
|
|
||||||
fi
|
|
||||||
echo "INFO: running: zrok $${ZROK_CMD}"
|
|
||||||
zrok $${ZROK_CMD} | jq -rc | tee ~/.zrok/reserved.json
|
|
||||||
fi
|
|
||||||
depends_on:
|
depends_on:
|
||||||
zrok-enable:
|
zrok-enable:
|
||||||
condition: service_completed_successfully
|
condition: service_completed_successfully
|
||||||
volumes:
|
volumes:
|
||||||
- zrok_env:/mnt
|
- zrok_env:/mnt
|
||||||
|
ports: []
|
||||||
|
# - 127.0.0.1:2019:2019 # Caddy admin API
|
||||||
environment:
|
environment:
|
||||||
HOME: /mnt
|
STATE_DIRECTORY: /mnt
|
||||||
|
|
||||||
# start share on reserved public frontend url
|
|
||||||
zrok-share:
|
|
||||||
image: ${ZROK_CONTAINER_IMAGE:-docker.io/openziti/zrok}
|
|
||||||
restart: unless-stopped
|
|
||||||
entrypoint:
|
|
||||||
- bash
|
|
||||||
- -euc
|
|
||||||
- |
|
|
||||||
if ! [[ -s ~/.zrok/reserved.json ]]; then
|
|
||||||
echo "ERROR: empty or missing reserved.json" >&2
|
|
||||||
exit 1
|
|
||||||
else
|
|
||||||
ZROK_PUBLIC_URLS=$(jq -cr '.frontend_endpoints' ~/.zrok/reserved.json 2>/dev/null)
|
|
||||||
if [[ -z "$${ZROK_PUBLIC_URLS}" || "$${ZROK_PUBLIC_URLS}" == null ]]; then
|
|
||||||
echo "ERROR: frontend endpoints not defined" >&2
|
|
||||||
exit 1
|
|
||||||
else
|
|
||||||
echo "INFO: zrok public URLs: $${ZROK_PUBLIC_URLS}"
|
|
||||||
fi
|
|
||||||
ZROK_RESERVED_TOKEN=$(jq -r '.token' ~/.zrok/reserved.json 2>/dev/null)
|
|
||||||
if [[ -z "$${ZROK_RESERVED_TOKEN}" && "$${ZROK_RESERVED_TOKEN}" == null ]]; then
|
|
||||||
echo "ERROR: zrok reservation token not defined" >&2
|
|
||||||
exit 1
|
|
||||||
else
|
|
||||||
echo "INFO: zrok reservation token: $${ZROK_RESERVED_TOKEN}"
|
|
||||||
fi
|
|
||||||
|
|
||||||
echo "INFO: running: zrok $${@} $${ZROK_RESERVED_TOKEN}"
|
|
||||||
exec zrok "$${@}" $${ZROK_RESERVED_TOKEN}
|
|
||||||
fi
|
|
||||||
command: -- share reserved --headless
|
|
||||||
depends_on:
|
|
||||||
zrok-reserve:
|
|
||||||
condition: service_completed_successfully
|
|
||||||
volumes:
|
|
||||||
- zrok_env:/mnt
|
|
||||||
ports:
|
|
||||||
- 127.0.0.1:2019:2019
|
|
||||||
environment:
|
|
||||||
HOME: /mnt
|
|
||||||
PFXLOG_NO_JSON: "true"
|
PFXLOG_NO_JSON: "true"
|
||||||
|
ZROK_BACKEND_MODE:
|
||||||
|
ZROK_TARGET:
|
||||||
|
ZROK_OAUTH_PROVIDER:
|
||||||
|
ZROK_OATH_EMAILS:
|
||||||
|
ZROK_BASIC_AUTH:
|
||||||
|
|
||||||
# demo server
|
# demo server
|
||||||
zrok-test:
|
zrok-test:
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
# this builds docker.io/openziti/zrok
|
# this builds docker.io/openziti/zrok
|
||||||
ARG ZITI_CLI_TAG="0.30.5"
|
ARG ZITI_CLI_TAG="0.31.0"
|
||||||
ARG ZITI_CLI_IMAGE="docker.io/openziti/ziti-cli"
|
ARG ZITI_CLI_IMAGE="docker.io/openziti/ziti-cli"
|
||||||
# this builds docker.io/openziti/ziti-controller
|
# this builds docker.io/openziti/ziti-controller
|
||||||
FROM ${ZITI_CLI_IMAGE}:${ZITI_CLI_TAG}
|
FROM ${ZITI_CLI_IMAGE}:${ZITI_CLI_TAG}
|
||||||
@ -30,8 +30,14 @@ RUN mkdir -p -m0755 /licenses
|
|||||||
COPY ./LICENSE /licenses/apache.txt
|
COPY ./LICENSE /licenses/apache.txt
|
||||||
|
|
||||||
RUN mkdir -p /usr/local/bin
|
RUN mkdir -p /usr/local/bin
|
||||||
COPY ${ARTIFACTS_DIR}/${TARGETARCH}/${TARGETOS}/zrok /usr/local/bin/
|
COPY ${ARTIFACTS_DIR}/${TARGETARCH}/${TARGETOS}/zrok \
|
||||||
RUN chmod 0755 /usr/local/bin/zrok
|
./nfpm/zrok-enable.bash \
|
||||||
|
./nfpm/zrok-share.bash \
|
||||||
|
/usr/local/bin/
|
||||||
|
RUN chmod 0755 \
|
||||||
|
/usr/local/bin/zrok \
|
||||||
|
/usr/local/bin/zrok-enable.bash \
|
||||||
|
/usr/local/bin/zrok-share.bash
|
||||||
|
|
||||||
USER nobody
|
USER nobody
|
||||||
ENTRYPOINT [ "zrok" ]
|
ENTRYPOINT [ "zrok" ]
|
||||||
|
@ -34,7 +34,7 @@ If you'd prefer to run zrok in Docker, you can follow the same Docker instructio
|
|||||||
|
|
||||||
<TabItem value="Mac OS">
|
<TabItem value="Mac OS">
|
||||||
|
|
||||||
On macOS, zrok frontdoor is implemented as a Docker share project which reserves a public subdomain for your website or service.
|
On macOS, zrok frontdoor is implemented as a Docker Compose project which reserves a public subdomain for your website or service.
|
||||||
|
|
||||||
<ReservedDocker/>
|
<ReservedDocker/>
|
||||||
|
|
||||||
@ -42,7 +42,7 @@ On macOS, zrok frontdoor is implemented as a Docker share project which reserves
|
|||||||
|
|
||||||
<TabItem value="Windows">
|
<TabItem value="Windows">
|
||||||
|
|
||||||
On Windows, zrok frontdoor is implemented as a Docker share project which reserves a public subdomain for your website or service.
|
On Windows, zrok frontdoor is implemented as a Docker Compose project which reserves a public subdomain for your website or service.
|
||||||
|
|
||||||
<ReservedDocker/>
|
<ReservedDocker/>
|
||||||
|
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
|
|
||||||
# nfpm supporting files
|
# nfpm supporting files
|
||||||
|
|
||||||
These files are sourced by nfpm when invoked by goreleaser to build Linux packages.
|
These files are sourced by nfpm when invoked by goreleaser to build Linux packages, and by the Docker BuildKit build to build Docker release images.
|
||||||
|
@ -8,7 +8,7 @@ set -o nounset
|
|||||||
set -o pipefail
|
set -o pipefail
|
||||||
|
|
||||||
BASENAME=$(basename "$0")
|
BASENAME=$(basename "$0")
|
||||||
DEFAULT_ZROK_ENVIRONMENT_NAME="zrok-share.service on $(hostname -s)"
|
DEFAULT_ZROK_ENVIRONMENT_NAME="zrok-share service on $(hostname -s 2>/dev/null || echo localhost)"
|
||||||
|
|
||||||
if (( $# )); then
|
if (( $# )); then
|
||||||
case $1 in
|
case $1 in
|
||||||
@ -44,8 +44,7 @@ if (( $# )); then
|
|||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
else
|
else
|
||||||
echo "ERROR: need filename argument to read environment configuration" >&2
|
echo "WARNING: no env filename argument, trying to read configuration from environment variables" >&2
|
||||||
exit 1
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [[ -z "${ZROK_ENABLE_TOKEN}" ]]; then
|
if [[ -z "${ZROK_ENABLE_TOKEN}" ]]; then
|
||||||
|
@ -30,8 +30,7 @@ else
|
|||||||
# echo "ERROR: need /opt/openziti/etc/zrok.env or filename argument to read share configuration" >&2
|
# echo "ERROR: need /opt/openziti/etc/zrok.env or filename argument to read share configuration" >&2
|
||||||
# exit 1
|
# exit 1
|
||||||
# fi
|
# fi
|
||||||
echo "ERROR: need filename argument to read share configuration" >&2
|
echo "WARNING: no environment filename argument, trying to read share configuration from env vars" >&2
|
||||||
exit 1
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [[ -s ~/.zrok/reserved.json ]]; then
|
if [[ -s ~/.zrok/reserved.json ]]; then
|
||||||
|
Loading…
x
Reference in New Issue
Block a user