Skip to content

Commit

Permalink
(feat): Allow any docker network for HTTPS(remote) install type
Browse files Browse the repository at this point in the history
Signed-off-by: Oleksander Piskun <[email protected]>
  • Loading branch information
oleksandr-nc committed Jan 3, 2025
1 parent 349d9df commit 2dbd6f3
Show file tree
Hide file tree
Showing 2 changed files with 135 additions and 5 deletions.
119 changes: 116 additions & 3 deletions .github/workflows/tests-deploy.yml
Original file line number Diff line number Diff line change
Expand Up @@ -159,7 +159,7 @@ jobs:
- name: Install AppAPI
run: |
docker exec -w /var/www/html/apps nextcloud git clone https://github.com/cloud-py-api/${{ env.APP_NAME }}.git
docker exec -w /var/www/html/apps nextcloud git clone https://github.com/nextcloud${{ env.APP_NAME }}.git
docker exec -w /var/www/html/apps/${{ env.APP_NAME }} nextcloud git fetch origin $GITHUB_REF
docker exec -w /var/www/html/apps/${{ env.APP_NAME }} nextcloud git checkout FETCH_HEAD
docker exec nextcloud sudo -u www-data php occ app:enable app_api
Expand Down Expand Up @@ -238,7 +238,7 @@ jobs:
- name: Install AppAPI
run: |
docker exec -w /var/www/html/apps nextcloud git clone https://github.com/cloud-py-api/${{ env.APP_NAME }}.git
docker exec -w /var/www/html/apps nextcloud git clone https://github.com/nextcloud/${{ env.APP_NAME }}.git
docker exec -w /var/www/html/apps/${{ env.APP_NAME }} nextcloud git fetch origin $GITHUB_REF
docker exec -w /var/www/html/apps/${{ env.APP_NAME }} nextcloud git checkout FETCH_HEAD
docker exec nextcloud sudo -u www-data php occ app:enable app_api
Expand Down Expand Up @@ -295,6 +295,119 @@ jobs:
path: nextcloud.log
if-no-files-found: warn

nc-docker-dsp-https-bridge:
runs-on: ubuntu-22.04
name: NC In Julius Docker(DSP-HTTPS-BRIDGE) • 🐘8.3
env:
docker-image: ghcr.io/juliusknorr/nextcloud-dev-php83:master

steps:
- name: Set app env
run: echo "APP_NAME=${GITHUB_REPOSITORY##*/}" >> $GITHUB_ENV

- name: Create certificates
run: |
mkdir certs
openssl req -nodes -new -x509 -subj '/CN=host.docker.internal' -sha256 -keyout certs/privkey.pem -out certs/fullchain.pem -days 365000 > /dev/null 2>&1
cat certs/fullchain.pem certs/privkey.pem | tee certs/cert.pem > /dev/null 2>&1
- name: Create containers
run: |
docker network create master_bridge
docker run -v /var/run/docker.sock:/var/run/docker.sock \
-v `pwd`/certs/cert.pem:/certs/cert.pem \
-e NC_HAPROXY_PASSWORD="some_secure_password" \
-e EX_APPS_NET="ipv4@localhost" \
--net host --name nextcloud-appapi-dsp -h nextcloud-appapi-dsp \
--privileged -d ghcr.io/nextcloud/nextcloud-appapi-dsp:latest
docker run --net master_bridge --name nextcloud --rm -d ${{ env.docker-image }}
sleep 60s
hostname -I
docker exec nextcloud-appapi-dsp ip addr show | grep inet | awk '{print $2}' | cut -d/ -f1
netstat -lntu
- name: Install AppAPI
run: |
docker exec -w /var/www/html/apps nextcloud git clone https://github.com/nextcloud/${{ env.APP_NAME }}.git
docker exec -w /var/www/html/apps/${{ env.APP_NAME }} nextcloud git fetch origin $GITHUB_REF
docker exec -w /var/www/html/apps/${{ env.APP_NAME }} nextcloud git checkout FETCH_HEAD
docker exec nextcloud sudo -u www-data php occ app:enable app_api
docker cp ./certs/cert.pem nextcloud:/
docker exec nextcloud sudo -u www-data php occ security:certificates:import /cert.pem
docker exec nextcloud sudo -u www-data php occ app_api:daemon:register \
docker_by_port Docker docker-install https host.docker.internal:2375 http://nextcloud/index.php \
--net=master_bridge --haproxy_password=some_secure_password
docker exec nextcloud sudo -u www-data php occ app_api:daemon:list
docker exec nextcloud sudo -u www-data php occ app_api:app:register app-skeleton-python docker_by_port \
--info-xml https://raw.githubusercontent.com/nextcloud/app-skeleton-python/main/appinfo/info.xml
docker exec nextcloud sudo -u www-data php occ app_api:app:enable app-skeleton-python
- name: Checking if ExApp container can access HTTPS DSP
run: |
docker exec nc_app_app-skeleton-python apt update
docker exec nc_app_app-skeleton-python apt install curl -y
docker exec nc_app_app-skeleton-python curl https://host.docker.internal:2375
- name: Disable ExApp
run: |
docker exec nextcloud sudo -u www-data php occ app_api:app:disable app-skeleton-python
- name: Copy NC log to host
if: always()
run: docker cp nextcloud:/var/www/html/data/nextcloud.log nextcloud.log

- name: Check logs
run: |
grep -q 'Hello from app-skeleton-python :)' nextcloud.log || error
grep -q 'Bye bye from app-skeleton-python :(' nextcloud.log || error
- name: Save HaProxy logs
if: always()
run: docker logs nextcloud-appapi-dsp > haproxy.log 2>&1

- name: Save container info & logs
if: always()
run: |
docker inspect nc_app_app-skeleton-python | json_pp > container.json
docker logs nc_app_app-skeleton-python > container.log 2>&1
- name: Unregister Skeleton & Daemon
run: |
docker exec nextcloud sudo -u www-data php occ app_api:app:unregister app-skeleton-python
docker exec nextcloud sudo -u www-data php occ app_api:daemon:unregister docker_by_port
- name: Upload HaProxy logs
if: always()
uses: actions/upload-artifact@v4
with:
name: dsp_https_bridge_haproxy.log
path: haproxy.log
if-no-files-found: warn

- name: Upload Container info
if: always()
uses: actions/upload-artifact@v4
with:
name: dsp_https_bridge_container.json
path: container.json
if-no-files-found: warn

- name: Upload Container logs
if: always()
uses: actions/upload-artifact@v4
with:
name: dsp_https_bridge_container.log
path: container.log
if-no-files-found: warn

- name: Upload NC logs
if: always()
uses: actions/upload-artifact@v4
with:
name: dsp_https_bridge_nextcloud.log
path: nextcloud.log
if-no-files-found: warn

nc-docker-dsp-https:
runs-on: ubuntu-22.04
name: NC In Julius Docker(DSP-HTTPS) • 🐘8.3
Expand Down Expand Up @@ -327,7 +440,7 @@ jobs:
- name: Install AppAPI
run: |
docker exec -w /var/www/html/apps nextcloud git clone https://github.com/cloud-py-api/${{ env.APP_NAME }}.git
docker exec -w /var/www/html/apps nextcloud git clone https://github.com/nextcloud/${{ env.APP_NAME }}.git
docker exec -w /var/www/html/apps/${{ env.APP_NAME }} nextcloud git fetch origin $GITHUB_REF
docker exec -w /var/www/html/apps/${{ env.APP_NAME }} nextcloud git checkout FETCH_HEAD
docker exec nextcloud sudo -u www-data php occ app:enable app_api
Expand Down
21 changes: 19 additions & 2 deletions lib/DeployActions/DockerActions.php
Original file line number Diff line number Diff line change
Expand Up @@ -82,7 +82,7 @@ public function deployExApp(ExApp $exApp, DaemonConfig $daemonConfig, array $par
}
}
$this->exAppService->setAppDeployProgress($exApp, 96);
$result = $this->createContainer($dockerUrl, $imageId, $params['container_params']);
$result = $this->createContainer($dockerUrl, $imageId, $daemonConfig, $params['container_params']);
if (isset($result['error'])) {
return $result['error'];
}
Expand Down Expand Up @@ -282,7 +282,7 @@ private function buildExtendedImageName2(array $imageParams, DaemonConfig $daemo
$imageParams['image_name'] . ':' . $imageParams['image_tag'] . '-' . $daemonConfig->getDeployConfig()['computeDevice']['id'];
}

public function createContainer(string $dockerUrl, string $imageId, array $params = []): array {
public function createContainer(string $dockerUrl, string $imageId, DaemonConfig $daemonConfig, array $params = []): array {
$createVolumeResult = $this->createVolume($dockerUrl, $this->buildExAppVolumeName($params['name']));
if (isset($createVolumeResult['error'])) {
return $createVolumeResult;
Expand All @@ -301,6 +301,23 @@ public function createContainer(string $dockerUrl, string $imageId, array $param
'Env' => $params['env'],
];

// Exposing the ExApp's primary port when the installation type is remote and the network is not a "host"
if (($params['net'] !== 'host') && ($daemonConfig->getProtocol() === 'https')) {
$exAppMainPort = $params['port'];
$containerParams['ExposedPorts'] = [
sprintf('%d/tcp', $exAppMainPort) => (object) [],
sprintf('%d/udp', $exAppMainPort) => (object) [],
];
$containerParams['HostConfig']['PortBindings'] = [
sprintf('%d/tcp', $exAppMainPort) => [
['HostPort' => (string)$exAppMainPort, 'HostIp' => '127.0.0.1']
],
sprintf('%d/udp', $exAppMainPort) => [
['HostPort' => (string)$exAppMainPort, 'HostIp' => '127.0.0.1']
],
];
}

if (!in_array($params['net'], ['host', 'bridge'])) {
$networkingConfig = [
'EndpointsConfig' => [
Expand Down

0 comments on commit 2dbd6f3

Please sign in to comment.