mirror of
https://github.com/amir20/dozzle.git
synced 2025-12-24 14:31:44 +01:00
352 lines
12 KiB
Go
352 lines
12 KiB
Go
package main
|
|
|
|
import (
|
|
"context"
|
|
"embed"
|
|
"io"
|
|
"io/fs"
|
|
|
|
"net"
|
|
"net/http"
|
|
"os"
|
|
"os/signal"
|
|
"path/filepath"
|
|
"strings"
|
|
"syscall"
|
|
"time"
|
|
|
|
"github.com/alexflint/go-arg"
|
|
"github.com/amir20/dozzle/internal/agent"
|
|
"github.com/amir20/dozzle/internal/auth"
|
|
"github.com/amir20/dozzle/internal/docker"
|
|
"github.com/amir20/dozzle/internal/healthcheck"
|
|
"github.com/amir20/dozzle/internal/support/cli"
|
|
docker_support "github.com/amir20/dozzle/internal/support/docker"
|
|
"github.com/amir20/dozzle/internal/web"
|
|
|
|
log "github.com/sirupsen/logrus"
|
|
)
|
|
|
|
var (
|
|
version = "head"
|
|
)
|
|
|
|
type args struct {
|
|
Addr string `arg:"env:DOZZLE_ADDR" default:":8080" help:"sets host:port to bind for server. This is rarely needed inside a docker container."`
|
|
Base string `arg:"env:DOZZLE_BASE" default:"/" help:"sets the base for http router."`
|
|
Hostname string `arg:"env:DOZZLE_HOSTNAME" help:"sets the hostname for display. This is useful with multiple Dozzle instances."`
|
|
Level string `arg:"env:DOZZLE_LEVEL" default:"info" help:"set Dozzle log level. Use debug for more logging."`
|
|
AuthProvider string `arg:"--auth-provider,env:DOZZLE_AUTH_PROVIDER" default:"none" help:"sets the auth provider to use. Currently only forward-proxy is supported."`
|
|
AuthHeaderUser string `arg:"--auth-header-user,env:DOZZLE_AUTH_HEADER_USER" default:"Remote-User" help:"sets the HTTP Header to use for username in Forward Proxy configuration."`
|
|
AuthHeaderEmail string `arg:"--auth-header-email,env:DOZZLE_AUTH_HEADER_EMAIL" default:"Remote-Email" help:"sets the HTTP Header to use for email in Forward Proxy configuration."`
|
|
AuthHeaderName string `arg:"--auth-header-name,env:DOZZLE_AUTH_HEADER_NAME" default:"Remote-Name" help:"sets the HTTP Header to use for name in Forward Proxy configuration."`
|
|
EnableActions bool `arg:"--enable-actions,env:DOZZLE_ENABLE_ACTIONS" default:"false" help:"enables essential actions on containers from the web interface."`
|
|
FilterStrings []string `arg:"env:DOZZLE_FILTER,--filter,separate" help:"filters docker containers using Docker syntax."`
|
|
Filter map[string][]string `arg:"-"`
|
|
RemoteHost []string `arg:"env:DOZZLE_REMOTE_HOST,--remote-host,separate" help:"list of hosts to connect remotely"`
|
|
RemoteAgent []string `arg:"env:DOZZLE_REMOTE_AGENT,--remote-agent,separate" help:"list of agents to connect remotely"`
|
|
NoAnalytics bool `arg:"--no-analytics,env:DOZZLE_NO_ANALYTICS" help:"disables anonymous analytics"`
|
|
Mode string `arg:"env:DOZZLE_MODE" default:"server" help:"sets the mode to run in (server, swarm)"`
|
|
Healthcheck *HealthcheckCmd `arg:"subcommand:healthcheck" help:"checks if the server is running"`
|
|
Generate *GenerateCmd `arg:"subcommand:generate" help:"generates a configuration file for simple auth"`
|
|
Agent *AgentCmd `arg:"subcommand:agent" help:"starts the agent"`
|
|
}
|
|
|
|
type HealthcheckCmd struct {
|
|
}
|
|
|
|
type AgentCmd struct {
|
|
Addr string `arg:"env:DOZZLE_AGENT_ADDR" default:":7007" help:"sets the host:port to bind for the agent"`
|
|
}
|
|
|
|
type GenerateCmd struct {
|
|
Username string `arg:"positional"`
|
|
Password string `arg:"--password, -p" help:"sets the password for the user"`
|
|
Name string `arg:"--name, -n" help:"sets the display name for the user"`
|
|
Email string `arg:"--email, -e" help:"sets the email for the user"`
|
|
}
|
|
|
|
func (args) Version() string {
|
|
return version
|
|
}
|
|
|
|
//go:embed all:dist
|
|
var content embed.FS
|
|
|
|
//go:embed shared_cert.pem shared_key.pem
|
|
var certs embed.FS
|
|
|
|
//go:generate protoc --go_out=. --go-grpc_out=. --proto_path=./protos ./protos/rpc.proto ./protos/types.proto
|
|
func main() {
|
|
cli.ValidateEnvVars(args{}, AgentCmd{})
|
|
args, subcommand := parseArgs()
|
|
if subcommand != nil {
|
|
switch subcommand.(type) {
|
|
case *AgentCmd:
|
|
client, err := docker.NewLocalClient(args.Filter, args.Hostname)
|
|
if err != nil {
|
|
log.Fatalf("Could not create docker client: %v", err)
|
|
}
|
|
certs, err := cli.ReadCertificates(certs)
|
|
if err != nil {
|
|
log.Fatalf("Could not read certificates: %v", err)
|
|
}
|
|
|
|
listener, err := net.Listen("tcp", args.Agent.Addr)
|
|
if err != nil {
|
|
log.Fatalf("failed to listen: %v", err)
|
|
}
|
|
tempFile, err := os.CreateTemp("/", "agent-*.addr")
|
|
if err != nil {
|
|
log.Fatalf("failed to create temp file: %v", err)
|
|
}
|
|
defer os.Remove(tempFile.Name())
|
|
io.WriteString(tempFile, listener.Addr().String())
|
|
agent.RunServer(client, certs, listener)
|
|
case *HealthcheckCmd:
|
|
files, err := os.ReadDir(".")
|
|
if err != nil {
|
|
log.Fatalf("Failed to read directory: %v", err)
|
|
}
|
|
|
|
agentAddress := ""
|
|
for _, file := range files {
|
|
if match, _ := filepath.Match("agent-*.addr", file.Name()); match {
|
|
data, err := os.ReadFile(file.Name())
|
|
if err != nil {
|
|
log.Fatalf("Failed to read file: %v", err)
|
|
}
|
|
agentAddress = string(data)
|
|
break
|
|
}
|
|
}
|
|
if agentAddress == "" {
|
|
if err := healthcheck.HttpRequest(args.Addr, args.Base); err != nil {
|
|
log.Fatalf("Failed to make request: %v", err)
|
|
}
|
|
} else {
|
|
certs, err := cli.ReadCertificates(certs)
|
|
if err != nil {
|
|
log.Fatalf("Could not read certificates: %v", err)
|
|
}
|
|
if err := healthcheck.RPCRequest(agentAddress, certs); err != nil {
|
|
log.Fatalf("Failed to make request: %v", err)
|
|
}
|
|
}
|
|
|
|
case *GenerateCmd:
|
|
if args.Generate.Username == "" || args.Generate.Password == "" {
|
|
log.Fatal("Username and password are required")
|
|
}
|
|
|
|
buffer := auth.GenerateUsers(auth.User{
|
|
Username: args.Generate.Username,
|
|
Password: args.Generate.Password,
|
|
Name: args.Generate.Name,
|
|
Email: args.Generate.Email,
|
|
}, true)
|
|
|
|
if _, err := os.Stdout.Write(buffer.Bytes()); err != nil {
|
|
log.Fatalf("Failed to write to stdout: %v", err)
|
|
}
|
|
}
|
|
|
|
os.Exit(0)
|
|
}
|
|
|
|
if args.AuthProvider != "none" && args.AuthProvider != "forward-proxy" && args.AuthProvider != "simple" {
|
|
log.Fatalf("Invalid auth provider %s", args.AuthProvider)
|
|
}
|
|
|
|
log.Infof("Dozzle version %s", version)
|
|
|
|
var multiHostService *docker_support.MultiHostService
|
|
if args.Mode == "server" {
|
|
multiHostService = createMultiHostService(args)
|
|
if multiHostService.TotalClients() == 0 {
|
|
log.Fatal("Could not connect to any Docker Engines")
|
|
} else {
|
|
log.Infof("Connected to %d Docker Engine(s)", multiHostService.TotalClients())
|
|
}
|
|
} else if args.Mode == "swarm" {
|
|
localClient, err := docker.NewLocalClient(args.Filter, args.Hostname)
|
|
if err != nil {
|
|
log.Fatalf("Could not connect to local Docker Engine: %s", err)
|
|
}
|
|
certs, err := cli.ReadCertificates(certs)
|
|
if err != nil {
|
|
log.Fatalf("Could not read certificates: %v", err)
|
|
}
|
|
multiHostService = docker_support.NewSwarmService(localClient, certs)
|
|
log.Infof("Starting in Swarm mode")
|
|
listener, err := net.Listen("tcp", ":7007")
|
|
if err != nil {
|
|
log.Fatalf("failed to listen: %v", err)
|
|
}
|
|
go agent.RunServer(localClient, certs, listener)
|
|
} else {
|
|
log.Fatalf("Invalid mode %s", args.Mode)
|
|
}
|
|
|
|
srv := createServer(args, multiHostService)
|
|
go func() {
|
|
log.Infof("Accepting connections on %s", srv.Addr)
|
|
if err := srv.ListenAndServe(); err != http.ErrServerClosed {
|
|
log.Fatal(err)
|
|
}
|
|
}()
|
|
ctx, stop := signal.NotifyContext(context.Background(), os.Interrupt, syscall.SIGTERM)
|
|
defer stop()
|
|
|
|
<-ctx.Done()
|
|
stop()
|
|
log.Info("shutting down gracefully, press Ctrl+C again to force")
|
|
ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
|
|
defer cancel()
|
|
if err := srv.Shutdown(ctx); err != nil {
|
|
log.Fatal(err)
|
|
}
|
|
log.Debug("shutdown complete")
|
|
}
|
|
|
|
func createMultiHostService(args args) *docker_support.MultiHostService {
|
|
var clients []docker_support.ClientService
|
|
for _, remoteHost := range args.RemoteHost {
|
|
host, err := docker.ParseConnection(remoteHost)
|
|
if err != nil {
|
|
log.Fatalf("Could not parse remote host %s: %s", remoteHost, err)
|
|
}
|
|
log.Debugf("creating remote client for %s with %+v", host.Name, host)
|
|
log.Infof("Creating client for %s with %s", host.Name, host.URL.String())
|
|
if client, err := docker.NewRemoteClient(args.Filter, host); err == nil {
|
|
if _, err := client.ListContainers(); err == nil {
|
|
log.Debugf("connected to local Docker Engine")
|
|
clients = append(clients, docker_support.NewDockerClientService(client))
|
|
} else {
|
|
log.Warnf("Could not connect to remote host %s: %s", host.ID, err)
|
|
}
|
|
} else {
|
|
log.Warnf("Could not create client for %s: %s", host.ID, err)
|
|
}
|
|
}
|
|
certs, err := cli.ReadCertificates(certs)
|
|
if err != nil {
|
|
log.Fatalf("Could not read certificates: %v", err)
|
|
}
|
|
for _, remoteAgent := range args.RemoteAgent {
|
|
client, err := agent.NewClient(remoteAgent, certs)
|
|
if err != nil {
|
|
log.Warnf("Could not connect to remote agent %s: %s", remoteAgent, err)
|
|
continue
|
|
}
|
|
clients = append(clients, docker_support.NewAgentService(client))
|
|
}
|
|
|
|
localClient, err := docker.NewLocalClient(args.Filter, args.Hostname)
|
|
if err == nil {
|
|
_, err := localClient.ListContainers()
|
|
if err != nil {
|
|
log.Debugf("could not connect to local Docker Engine: %s", err)
|
|
if !args.NoAnalytics {
|
|
go cli.StartEvent(version, args.Mode, args.RemoteAgent, args.RemoteHost, nil)
|
|
}
|
|
} else {
|
|
log.Debugf("connected to local Docker Engine")
|
|
if !args.NoAnalytics {
|
|
go cli.StartEvent(version, args.Mode, args.RemoteAgent, args.RemoteHost, localClient)
|
|
}
|
|
clients = append(clients, docker_support.NewDockerClientService(localClient))
|
|
}
|
|
}
|
|
|
|
return docker_support.NewMultiHostService(clients)
|
|
}
|
|
|
|
func createServer(args args, multiHostService *docker_support.MultiHostService) *http.Server {
|
|
_, dev := os.LookupEnv("DEV")
|
|
|
|
var provider web.AuthProvider = web.NONE
|
|
var authorizer web.Authorizer
|
|
if args.AuthProvider == "forward-proxy" {
|
|
provider = web.FORWARD_PROXY
|
|
authorizer = auth.NewForwardProxyAuth(args.AuthHeaderUser, args.AuthHeaderEmail, args.AuthHeaderName)
|
|
} else if args.AuthProvider == "simple" {
|
|
provider = web.SIMPLE
|
|
|
|
path, err := filepath.Abs("./data/users.yml")
|
|
if err != nil {
|
|
log.Fatalf("Could not find absolute path to users.yml file: %s", err)
|
|
}
|
|
if _, err := os.Stat(path); os.IsNotExist(err) {
|
|
log.Fatalf("Could not find users.yml file at %s", path)
|
|
}
|
|
|
|
users, err := auth.ReadUsersFromFile(path)
|
|
if err != nil {
|
|
log.Fatalf("Could not read users.yml file at %s: %s", path, err)
|
|
}
|
|
authorizer = auth.NewSimpleAuth(users)
|
|
}
|
|
|
|
config := web.Config{
|
|
Addr: args.Addr,
|
|
Base: args.Base,
|
|
Version: version,
|
|
Hostname: args.Hostname,
|
|
NoAnalytics: args.NoAnalytics,
|
|
Dev: dev,
|
|
Authorization: web.Authorization{
|
|
Provider: provider,
|
|
Authorizer: authorizer,
|
|
},
|
|
EnableActions: args.EnableActions,
|
|
}
|
|
|
|
assets, err := fs.Sub(content, "dist")
|
|
if err != nil {
|
|
log.Fatalf("Could not open embedded dist folder: %v", err)
|
|
}
|
|
|
|
if _, ok := os.LookupEnv("LIVE_FS"); ok {
|
|
if dev {
|
|
log.Info("Using live filesystem at ./public")
|
|
assets = os.DirFS("./public")
|
|
} else {
|
|
log.Info("Using live filesystem at ./dist")
|
|
assets = os.DirFS("./dist")
|
|
}
|
|
}
|
|
|
|
if !dev {
|
|
if _, err := assets.Open(".vite/manifest.json"); err != nil {
|
|
log.Fatal(".vite/manifest.json not found")
|
|
}
|
|
if _, err := assets.Open("index.html"); err != nil {
|
|
log.Fatal("index.html not found")
|
|
}
|
|
}
|
|
|
|
return web.CreateServer(multiHostService, assets, config)
|
|
}
|
|
|
|
func parseArgs() (args, interface{}) {
|
|
var args args
|
|
parser := arg.MustParse(&args)
|
|
|
|
cli.ConfigureLogger(args.Level)
|
|
|
|
args.Filter = make(map[string][]string)
|
|
|
|
for _, filter := range args.FilterStrings {
|
|
pos := strings.Index(filter, "=")
|
|
if pos == -1 {
|
|
parser.Fail("each filter should be of the form key=value")
|
|
}
|
|
key := filter[:pos]
|
|
val := filter[pos+1:]
|
|
args.Filter[key] = append(args.Filter[key], val)
|
|
}
|
|
|
|
return args, parser.Subcommand()
|
|
}
|