Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[ADD] Feature to expose database #479

Merged
merged 3 commits into from
Oct 17, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
30 changes: 16 additions & 14 deletions _traefik3_paths_labels.yml.jinja
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,16 @@
{%- endif %}
{%- endmacro %}

{%- macro domains_rule_sni(domain_group) -%}
{%- for host in domain_group.hosts -%}
HostSNI(`{{ host }}`)
{%- if not loop.last -%}
||
{%- endif -%}
josep-tecnativa marked this conversation as resolved.
Show resolved Hide resolved
{%- endfor -%}
{%- endmacro %}


{%- macro key(project_name, odoo_version, suffix) %}
{{- '%s-%.1f-%s'|format(project_name, odoo_version, suffix)|replace('.', '-') }}
{%- endmacro %}
Expand Down Expand Up @@ -210,7 +220,10 @@

{%- macro database(domain_groups_list, cidr_whitelist, key, port, project_name) %}
{#- Service #}
traefik.tcp.routers.{{ key }}-database.entrypoints: postgres-entrypoint
traefik.tcp.services.{{ key }}-database.loadbalancer.server.port: 5432
traefik.tcp.routers.{{ key }}-database.tls: "true"
traefik.tcp.routers.{{ key }}-database.tls.certResolver: letsencrypt

{%- if cidr_whitelist %}
{#- Declare whitelist middleware #}
Expand All @@ -220,23 +233,12 @@
{%- endfor %}
{%- endif %}

{%- call(domain_group) macros.domains_loop_grouped(domain_groups_list) %}
{#- Apply rule to the first element in domain_groups_list #}
{%- set first_domain_group = domain_groups_list[0] %}
traefik.tcp.routers.{{ key }}-database.rule: {{ domains_rule_sni(first_domain_group) }}
{#- Remember basic middlewares for this domain group #}
{%- set _ns = namespace(basic_middlewares=[]) -%}
{%- if cidr_whitelist %}
{%- set _ns.basic_middlewares = _ns.basic_middlewares + ["whitelist"] %}
{%- endif %}

{#- database router #}
{{-
router_tcp(
domain_group=domain_group,
key=key,
suffix="database",
service="database",
middlewares=_ns.basic_middlewares,
port=port,
)
}}
{%- endcall %}
{%- endmacro %}
2 changes: 1 addition & 1 deletion copier.yml
Original file line number Diff line number Diff line change
Expand Up @@ -414,7 +414,7 @@ postgres_exposed:
postgres_exposed_port:
default: 5432
type: int
when: &db_exposed "{{ postgres_exposed and true }}"
when: &db_exposed "{{ postgres_exposed and traefik_version != 3 }}"
help: >-
Indicate the port to connect to the database.

Expand Down
7 changes: 6 additions & 1 deletion prod.yaml.jinja
Original file line number Diff line number Diff line change
Expand Up @@ -88,19 +88,24 @@ services:
- .docker/db-creation.env
restart: unless-stopped
{%- if postgres_exposed %}
{%- if traefik_version == 3 %}
josep-tecnativa marked this conversation as resolved.
Show resolved Hide resolved
networks:
default:
inverseproxy_shared:
labels:
traefik.enable: "true"
traefik.docker.network: "inverseproxy_shared"
{{- traefik2_labels.database(
{{- traefik3_labels_2.database(
domains_prod,
postgres_cidr_whitelist,
_key,
postgres_exposed_port,
project_name,
) }}
{%- else %}
ports:
- "{{ postgres_exposed_port }}:5432"
josep-tecnativa marked this conversation as resolved.
Show resolved Hide resolved
{%- endif %}
{%- endif %}
{%- endif %}

Expand Down
2 changes: 1 addition & 1 deletion tests/conftest.py
Original file line number Diff line number Diff line change
Expand Up @@ -155,7 +155,7 @@ def traefik_host(request):
docker = DockerClient()
if request.param == "3":
traefik_container = docker.run(
"traefik:v3.0",
"traefik:v3.1.2",
detach=True,
privileged=True,
networks=["inverseproxy_shared"],
Expand Down
Loading