internal/component => internal/dis/component

2022-10-18 09:40:37 +02:00 · 2022-10-18 09:40:37 +02:00 · b5b1ce2340
commit b5b1ce2340
parent 9443217441
123 changed files with 76 additions and 76 deletions
--- a/internal/dis/component/web/web-http/docker-compose.yml
+++ b/internal/dis/component/web/web-http/docker-compose.yml
@ -0,0 +1,27 @@
+version: "3.7"
+
+services:
+  reverse-proxy:
+    image: docker.io/library/traefik:v2.9
+    command:
+      - "--providers.docker"
+      - "--providers.docker.exposedByDefault=false"
+      - "--providers.docker.network=${DOCKER_NETWORK_NAME}"
+      - "--providers.docker.constraints=Label(`eu.wiss-ki.barrel.distillery`,`${DOCKER_NETWORK_NAME}`)"
+      - "--entrypoints.web.address=:80"
+
+      ## for debugging purposes, the following can be enabled.
+      # - "--api.insecure=true"
+    ports:
+      - "80:80"
+      # - "127.0.0.1:8888:8080"
+    volumes:
+      - "/var/run/docker.sock:/var/run/docker.sock"
+    restart: always
+    networks:
+      - default
+
+networks:
+  default:
+    name: ${DOCKER_NETWORK_NAME}
+    external: true
--- a/internal/dis/component/web/web-https/docker-compose.yml
+++ b/internal/dis/component/web/web-https/docker-compose.yml
@ -0,0 +1,41 @@
+version: "3.7"
+
+services:
+  reverse-proxy:
+    image: docker.io/library/traefik:v2.9
+    command:
+      - "--providers.docker"
+
+      - "--providers.docker.exposedByDefault=false"
+      - "--providers.docker.network=${DOCKER_NETWORK_NAME}"
+      - "--providers.docker.constraints=Label(`eu.wiss-ki.barrel.distillery`,`${DOCKER_NETWORK_NAME}`)"
+  
+      - "--entrypoints.web.address=:80"
+      - "--entrypoints.web.http.redirections.entryPoint.to=websecure"
+      - "--entrypoints.web.http.redirections.entryPoint.scheme=https"
+      - "--entrypoints.websecure.address=:443"
+      
+      - "--certificatesresolvers.distillery.acme.httpchallenge=true"
+      - "--certificatesresolvers.distillery.acme.email=${CERT_EMAIL}"
+      - "--certificatesresolvers.distillery.acme.storage=/acme.json"
+      - "--certificatesresolvers.distillery.acme.httpchallenge.entrypoint=web"
+
+      ## for debugging purposes, the following can be enabled.
+      # - "--api.insecure=true"
+      # - "--certificatesresolvers.distillery.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
+
+    ports:
+      - "80:80"
+      - "443:443"
+      # - "127.0.0.1:8888:8080"
+    volumes:
+      - "/var/run/docker.sock:/var/run/docker.sock"
+      - "./acme.json:/acme.json"
+    restart: always
+    networks:
+      - default
+
+networks:
+  default:
+    name: ${DOCKER_NETWORK_NAME}
+    external: true
--- a/internal/dis/component/web/web.env
+++ b/internal/dis/component/web/web.env
@ -0,0 +1,2 @@
+DOCKER_NETWORK_NAME=${DOCKER_NETWORK_NAME}
+CERT_EMAIL=${CERT_EMAIL}
--- a/internal/dis/component/web/web.go
+++ b/internal/dis/component/web/web.go
@ -0,0 +1,68 @@
+package web
+
+import (
+	"embed"
+	"path/filepath"
+
+	"github.com/FAU-CDI/wisski-distillery/internal/dis/component"
+	"github.com/FAU-CDI/wisski-distillery/pkg/environment"
+)
+
+// Web implements the ingress gateway for the distillery.
+//
+// It consists of an nginx docker container and an optional letsencrypt container.
+type Web struct {
+	component.Base
+}
+
+func (web *Web) Path() string {
+	return filepath.Join(web.Still.Config.DeployRoot, "core", "web")
+}
+
+func (*Web) Context(parent component.InstallationContext) component.InstallationContext {
+	return parent
+}
+
+func (web Web) Stack(env environment.Environment) component.StackWithResources {
+	if web.Config.HTTPSEnabled() {
+		return web.stackHTTPS(env)
+	} else {
+		return web.stackHTTP(env)
+	}
+}
+
+//go:embed all:web-https
+//go:embed web.env
+var httpsResources embed.FS
+
+func (web *Web) stackHTTPS(env environment.Environment) component.StackWithResources {
+	return component.MakeStack(web, env, component.StackWithResources{
+		Resources:   httpsResources,
+		ContextPath: "web-https",
+		EnvPath:     "web.env",
+
+		EnvContext: map[string]string{
+			"DOCKER_NETWORK_NAME": web.Config.DockerNetworkName,
+			"CERT_EMAIL":          web.Config.CertbotEmail,
+		},
+		TouchFilesPerm: 0600,
+		TouchFiles:     []string{"acme.json"},
+	})
+}
+
+//go:embed all:web-http
+//go:embed web.env
+var httpResources embed.FS
+
+func (web *Web) stackHTTP(env environment.Environment) component.StackWithResources {
+	return component.MakeStack(web, env, component.StackWithResources{
+		Resources:   httpResources,
+		ContextPath: "web-http",
+		EnvPath:     "web.env",
+
+		EnvContext: map[string]string{
+			"DOCKER_NETWORK_NAME": web.Config.DockerNetworkName,
+			"CERT_EMAIL":          web.Config.CertbotEmail,
+		},
+	})
+}