@blakearoberts/visage 0.0.3 → 0.0.4-rc.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/compose.d.ts.map +1 -1
- package/dist/config.d.ts +10 -4
- package/dist/config.d.ts.map +1 -1
- package/dist/index.js +79 -73
- package/dist/network.d.ts.map +1 -1
- package/dist/render/nginx.d.ts.map +1 -1
- package/dist/server.d.ts.map +1 -1
- package/package.json +1 -1
package/dist/compose.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"compose.d.ts","sourceRoot":"","sources":["../src/compose.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AAE7C,KAAK,WAAW,GAAG,MAAM,IAAI,CAAC;AAK9B,wBAAgB,YAAY,CAAC,MAAM,EAAE,YAAY,GAAG,WAAW,
|
|
1
|
+
{"version":3,"file":"compose.d.ts","sourceRoot":"","sources":["../src/compose.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AAE7C,KAAK,WAAW,GAAG,MAAM,IAAI,CAAC;AAK9B,wBAAgB,YAAY,CAAC,MAAM,EAAE,YAAY,GAAG,WAAW,CAiD9D"}
|
package/dist/config.d.ts
CHANGED
|
@@ -81,7 +81,7 @@ export type VisageConfig = {
|
|
|
81
81
|
readonly host: string;
|
|
82
82
|
readonly port: number;
|
|
83
83
|
readonly cookie: ResolvedCookiePolicy;
|
|
84
|
-
readonly edgeKey
|
|
84
|
+
readonly edgeKey: string;
|
|
85
85
|
readonly idp: ResolvedIdpConfig;
|
|
86
86
|
readonly oauth2: ResolvedOAuth2Client;
|
|
87
87
|
readonly cache: string;
|
|
@@ -98,15 +98,21 @@ export type VisageConfig = {
|
|
|
98
98
|
readonly clientSecret: string;
|
|
99
99
|
readonly edgeKey: string;
|
|
100
100
|
};
|
|
101
|
-
readonly
|
|
101
|
+
readonly compose: {
|
|
102
102
|
readonly name: string;
|
|
103
|
-
readonly
|
|
103
|
+
readonly network: {
|
|
104
|
+
readonly trustedProxyIps: readonly string[];
|
|
105
|
+
};
|
|
104
106
|
};
|
|
105
107
|
readonly services: Readonly<Record<string, ResolvedService>>;
|
|
106
108
|
readonly upstreams: Readonly<Record<string, ResolvedConfigUpstream>>;
|
|
107
109
|
};
|
|
108
110
|
export declare const VisageEdgeKeyHeader = "X-Visage-Edge-Key";
|
|
109
111
|
export declare function resolveOptions(options: VisageOptions): ResolvedVisageOptions;
|
|
110
|
-
export declare function resolveConfig(options: ResolvedVisageOptions
|
|
112
|
+
export declare function resolveConfig(options: ResolvedVisageOptions & {
|
|
113
|
+
readonly root: string;
|
|
114
|
+
readonly cache: string;
|
|
115
|
+
readonly edgeKey: string;
|
|
116
|
+
}): VisageConfig;
|
|
111
117
|
export {};
|
|
112
118
|
//# sourceMappingURL=config.d.ts.map
|
package/dist/config.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EACV,eAAe,EACf,gBAAgB,EAChB,aAAa,EACb,wBAAwB,EACxB,aAAa,EAEb,aAAa,EAEd,MAAM,SAAS,CAAC;AAEjB,KAAK,MAAM,GAAG,SAAS,CAAC,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,CAAC,CAAC;AAElD,KAAK,oBAAoB,GAAG;IAC1B,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,aAAa,EAAE,MAAM,CAAC;IAC/B,QAAQ,CAAC,cAAc,EAAE,MAAM,CAAC;IAChC,QAAQ,CAAC,cAAc,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IAC5C,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;CAC9B,CAAC;AAEF,KAAK,iBAAiB,GAClB;IAAE,QAAQ,CAAC,GAAG,EAAE,gBAAgB,CAAA;CAAE,GAClC,wBAAwB,CAAC;AAE7B,KAAK,oBAAoB,GAAG;IAC1B,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,MAAM,EAAE,SAAS,MAAM,EAAE,CAAC;IACnC,QAAQ,CAAC,YAAY,EAAE,SAAS,MAAM,EAAE,CAAC;IACzC,QAAQ,CAAC,MAAM,EAAE,OAAO,CAAC;CAC1B,CAAC;AAEF,KAAK,mBAAmB,GAAG;IACzB,QAAQ,CAAC,IAAI,EAAE;QACb,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC;QAC1B,QAAQ,CAAC,OAAO,EAAE,KAAK,GAAG,IAAI,GAAG,QAAQ,CAAC;QAC1C,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC;KAC5B,CAAC;IACF,QAAQ,CAAC,IAAI,EAAE,KAAK,GAAG,KAAK,GAAG,KAAK,CAAC;IACrC,QAAQ,CAAC,OAAO,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;IACnD,QAAQ,CAAC,UAAU,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,SAAS,MAAM,EAAE,CAAC,CAAC,CAAC;CAClE,CAAC;AAEF,KAAK,gBAAgB,GAAG;IACtB,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC;IAClC,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,SAAS,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,mBAAmB,CAAC,CAAC,CAAC;CACnE,CAAC;AAEF,KAAK,qBAAqB,GAAG;IAC3B,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,MAAM,EAAE,oBAAoB,CAAC;IACtC,QAAQ,CAAC,GAAG,EAAE,iBAAiB,CAAC;IAChC,QAAQ,CAAC,MAAM,EAAE,oBAAoB,CAAC;IACtC,QAAQ,CAAC,QAAQ,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,aAAa,CAAC,CAAC,CAAC;IAC3D,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,gBAAgB,CAAC,CAAC;CACtD,CAAC;AAEF,KAAK,kBAAkB,GAAG;IACxB,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,aAAa,CAAC,EAAE,MAAM,CAAC;IAChC,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,IAAI,CAAC,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,oBAAoB,CAAC,EAAE,MAAM,CAAC;CACxC,CAAC;AAEF,KAAK,wBAAwB,GAAG,kBAAkB,GAAG;IACnD,QAAQ,CAAC,aAAa,EAAE,MAAM,CAAC;IAC/B,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;CACvB,CAAC;AAEF,KAAK,oBAAoB,GAAG;IAC1B,QAAQ,CAAC,GAAG,EAAE;QACZ,QAAQ,CAAC,MAAM,CAAC,EAAE,eAAe,CAAC;QAClC,QAAQ,CAAC,KAAK,EAAE,SAAS,aAAa,EAAE,CAAC;KAC1C,CAAC;IACF,QAAQ,CAAC,IAAI,EAAE,wBAAwB,CAAC;IACxC,QAAQ,CAAC,QAAQ,EAAE;QAAE,QAAQ,CAAC,GAAG,EAAE,gBAAgB,CAAA;KAAE,CAAC;CACvD,CAAC;AACF,KAAK,yBAAyB,GAAG;IAC/B,QAAQ,CAAC,IAAI,EAAE,kBAAkB,CAAC;IAClC,QAAQ,CAAC,QAAQ,EAAE;QAAE,QAAQ,CAAC,GAAG,EAAE,gBAAgB,CAAA;KAAE,CAAC;CACvD,CAAC;AACF,KAAK,iBAAiB,GAAG,oBAAoB,GAAG,yBAAyB,CAAC;AAE1E,KAAK,eAAe,GAAG,IAAI,CAAC,aAAa,EAAE,UAAU,CAAC,GAAG;IACvD,QAAQ,CAAC,OAAO,EAAE,WAAW,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC,CAAC;CACzD,CAAC;AAEF,KAAK,sBAAsB,GAAG,gBAAgB,GAAG;IAC/C,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC;CAC5B,CAAC;AAEF,MAAM,MAAM,YAAY,GAAG;IACzB,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,MAAM,EAAE,oBAAoB,CAAC;IACtC,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,GAAG,EAAE,iBAAiB,CAAC;IAChC,QAAQ,CAAC,MAAM,EAAE,oBAAoB,CAAC;IAEtC,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,KAAK,EAAE;QACd,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;QACvB,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;QACzB,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC;QACrB,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;QACvB,QAAQ,CAAC,cAAc,EAAE,MAAM,CAAC;QAChC,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;KAC9B,CAAC;IACF,QAAQ,CAAC,OAAO,EAAE;QAChB,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;QAC9B,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;QAC9B,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;KAC1B,CAAC;IACF,QAAQ,CAAC,OAAO,EAAE;QAChB,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;QACtB,QAAQ,CAAC,OAAO,EAAE;YAChB,QAAQ,CAAC,eAAe,EAAE,SAAS,MAAM,EAAE,CAAC;SAC7C,CAAC;KACH,CAAC;IAEF,QAAQ,CAAC,QAAQ,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,eAAe,CAAC,CAAC,CAAC;IAC7D,QAAQ,CAAC,SAAS,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,sBAAsB,CAAC,CAAC,CAAC;CACtE,CAAC;AAEF,eAAO,MAAM,mBAAmB,sBAAsB,CAAC;AAiHvD,wBAAgB,cAAc,CAAC,OAAO,EAAE,aAAa,GAAG,qBAAqB,CAyD5E;AAsLD,wBAAgB,aAAa,CAC3B,OAAO,EAAE,qBAAqB,GAAG;IAC/B,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;CAC1B,GACA,YAAY,CAsFd"}
|
package/dist/index.js
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import { spawnSync, spawn } from 'node:child_process';
|
|
2
2
|
import { randomBytes } from 'node:crypto';
|
|
3
3
|
import { isIP } from 'node:net';
|
|
4
|
-
import { join } from 'node:path';
|
|
4
|
+
import { basename, resolve, join } from 'node:path';
|
|
5
5
|
import { readFileSync, mkdirSync, chmodSync, openSync, rmSync, appendFileSync, writeFileSync } from 'node:fs';
|
|
6
6
|
import { parse, stringify } from 'yaml';
|
|
7
7
|
import { homedir } from 'node:os';
|
|
@@ -294,7 +294,7 @@ function resolveAuthPolicy(auth = {}, external) {
|
|
|
294
294
|
redirect: auth.redirect ?? false,
|
|
295
295
|
};
|
|
296
296
|
}
|
|
297
|
-
function resolveConfig(options
|
|
297
|
+
function resolveConfig(options) {
|
|
298
298
|
const idp = resolveIdpConfig(options);
|
|
299
299
|
const end_session_endpoint = idp.oidc.end_session_endpoint;
|
|
300
300
|
const upstreams = {
|
|
@@ -326,10 +326,10 @@ function resolveConfig(options, cache, edgeKey) {
|
|
|
326
326
|
host: options.host,
|
|
327
327
|
port: options.port,
|
|
328
328
|
cookie: options.cookie,
|
|
329
|
-
edgeKey,
|
|
329
|
+
edgeKey: options.edgeKey,
|
|
330
330
|
idp,
|
|
331
331
|
oauth2: options.oauth2,
|
|
332
|
-
cache,
|
|
332
|
+
cache: options.cache,
|
|
333
333
|
files: {
|
|
334
334
|
certs: ['./certs', '/etc/nginx/certs'],
|
|
335
335
|
compose: './compose.yaml',
|
|
@@ -343,9 +343,9 @@ function resolveConfig(options, cache, edgeKey) {
|
|
|
343
343
|
clientSecret: 'OAUTH2_CLIENT_SECRET',
|
|
344
344
|
edgeKey: 'VISAGE_EDGE_KEY',
|
|
345
345
|
},
|
|
346
|
-
|
|
347
|
-
name:
|
|
348
|
-
trustedProxyIps: [],
|
|
346
|
+
compose: {
|
|
347
|
+
name: resolveComposeName(options.root),
|
|
348
|
+
network: { trustedProxyIps: [] },
|
|
349
349
|
},
|
|
350
350
|
services: {
|
|
351
351
|
...('dex' in idp
|
|
@@ -370,6 +370,21 @@ function resolveConfig(options, cache, edgeKey) {
|
|
|
370
370
|
})),
|
|
371
371
|
};
|
|
372
372
|
}
|
|
373
|
+
function resolveComposeName(root) {
|
|
374
|
+
const name = (packageName(root) ?? basename(resolve(root)))
|
|
375
|
+
.toLowerCase()
|
|
376
|
+
.replace(/[^a-z0-9_-]+/g, '-')
|
|
377
|
+
.replace(/^[^a-z0-9]+|[^a-z0-9]+$/g, '');
|
|
378
|
+
return `${name}-visage`;
|
|
379
|
+
}
|
|
380
|
+
function packageName(root) {
|
|
381
|
+
try {
|
|
382
|
+
return JSON.parse(readFileSync(join(root, 'package.json'), 'utf8')).name.trim();
|
|
383
|
+
}
|
|
384
|
+
catch {
|
|
385
|
+
return undefined;
|
|
386
|
+
}
|
|
387
|
+
}
|
|
373
388
|
function resolveIdpConfig({ host, port, idp, }) {
|
|
374
389
|
if ('dex' in idp) {
|
|
375
390
|
return {
|
|
@@ -573,7 +588,7 @@ function startCompose(config) {
|
|
|
573
588
|
'compose',
|
|
574
589
|
'--ansi=never',
|
|
575
590
|
`--file=${file}`,
|
|
576
|
-
`--project-name=${
|
|
591
|
+
`--project-name=${config.compose.name}`,
|
|
577
592
|
];
|
|
578
593
|
const env = {
|
|
579
594
|
COMPOSE_MENU: 'false',
|
|
@@ -581,9 +596,7 @@ function startCompose(config) {
|
|
|
581
596
|
? {}
|
|
582
597
|
: { [config.secrets.clientSecret]: config.oauth2.secret }),
|
|
583
598
|
...process.env,
|
|
584
|
-
|
|
585
|
-
? {}
|
|
586
|
-
: { [config.secrets.edgeKey]: config.edgeKey }),
|
|
599
|
+
[config.secrets.edgeKey]: config.edgeKey,
|
|
587
600
|
[config.secrets.cookieSecret]: (cookieSecret ??=
|
|
588
601
|
randomBytes(32).toString('base64url')),
|
|
589
602
|
};
|
|
@@ -657,14 +670,8 @@ function ensureHostEntry({ host }) {
|
|
|
657
670
|
}
|
|
658
671
|
|
|
659
672
|
function ensureNginxNetwork(config) {
|
|
660
|
-
const
|
|
661
|
-
|
|
662
|
-
'ls',
|
|
663
|
-
'--filter',
|
|
664
|
-
`name=${config.network.name}`,
|
|
665
|
-
'--format',
|
|
666
|
-
'{{ .Name }}',
|
|
667
|
-
], { encoding: 'utf-8' });
|
|
673
|
+
const network = config.compose.name;
|
|
674
|
+
const exists = spawnSync('docker', ['network', 'ls', '--filter', `name=${network}`, '--format', '{{ .Name }}'], { encoding: 'utf-8' });
|
|
668
675
|
if (exists.error)
|
|
669
676
|
throw exists.error;
|
|
670
677
|
if (exists.status !== 0) {
|
|
@@ -672,26 +679,29 @@ function ensureNginxNetwork(config) {
|
|
|
672
679
|
throw new Error('Failed to list Docker network');
|
|
673
680
|
}
|
|
674
681
|
if (exists.stdout) {
|
|
675
|
-
return
|
|
676
|
-
...config,
|
|
677
|
-
network: {
|
|
678
|
-
...config.network,
|
|
679
|
-
trustedProxyIps: inspectNetwork(config.network.name),
|
|
680
|
-
},
|
|
681
|
-
};
|
|
682
|
+
return withTrustedProxyIps(config, inspectNetwork(network));
|
|
682
683
|
}
|
|
683
|
-
const create = spawnSync('docker', ['network', 'create', '--driver', 'bridge',
|
|
684
|
+
const create = spawnSync('docker', ['network', 'create', '--driver', 'bridge', network], { encoding: 'utf-8' });
|
|
684
685
|
if (create.error)
|
|
685
686
|
throw create.error;
|
|
686
687
|
if (create.status !== 0) {
|
|
687
688
|
console.error(create.stderr);
|
|
688
689
|
throw new Error('Failed to create Docker network');
|
|
689
690
|
}
|
|
691
|
+
return withTrustedProxyIps(config, inspectNetwork(network));
|
|
692
|
+
}
|
|
693
|
+
function withTrustedProxyIps(config, trustedProxyIps) {
|
|
690
694
|
return {
|
|
691
695
|
...config,
|
|
692
|
-
|
|
693
|
-
...config.
|
|
694
|
-
|
|
696
|
+
compose: {
|
|
697
|
+
...config.compose,
|
|
698
|
+
network: {
|
|
699
|
+
...config.compose.network,
|
|
700
|
+
trustedProxyIps: [
|
|
701
|
+
...config.compose.network.trustedProxyIps,
|
|
702
|
+
...trustedProxyIps,
|
|
703
|
+
],
|
|
704
|
+
},
|
|
695
705
|
},
|
|
696
706
|
};
|
|
697
707
|
}
|
|
@@ -723,18 +733,14 @@ function writeComposeConfig(config) {
|
|
|
723
733
|
function renderComposeConfig(config) {
|
|
724
734
|
const { dex, nginx, oauth2_proxy, ...services } = config.services;
|
|
725
735
|
return stringify({
|
|
726
|
-
networks: { default: { external: true, name: config.
|
|
736
|
+
networks: { default: { external: true, name: config.compose.name } },
|
|
727
737
|
secrets: {
|
|
728
738
|
[config.secrets.cookieSecret]: {
|
|
729
739
|
environment: config.secrets.cookieSecret,
|
|
730
740
|
},
|
|
731
|
-
|
|
732
|
-
|
|
733
|
-
|
|
734
|
-
[config.secrets.edgeKey]: {
|
|
735
|
-
environment: config.secrets.edgeKey,
|
|
736
|
-
},
|
|
737
|
-
}),
|
|
741
|
+
[config.secrets.edgeKey]: {
|
|
742
|
+
environment: config.secrets.edgeKey,
|
|
743
|
+
},
|
|
738
744
|
...(config.oauth2.public
|
|
739
745
|
? {}
|
|
740
746
|
: {
|
|
@@ -757,16 +763,12 @@ function renderComposeConfig(config) {
|
|
|
757
763
|
: {}),
|
|
758
764
|
nginx: {
|
|
759
765
|
...config.services.nginx,
|
|
760
|
-
|
|
761
|
-
? {}
|
|
762
|
-
: { secrets: [config.secrets.edgeKey] }),
|
|
766
|
+
secrets: [config.secrets.edgeKey],
|
|
763
767
|
ports: [`127.0.0.1:${config.port}:${config.port}`],
|
|
764
768
|
volumes: [
|
|
765
769
|
config.files.certs,
|
|
766
770
|
config.files.nginx,
|
|
767
|
-
|
|
768
|
-
? []
|
|
769
|
-
: [config.files.nginxEdgeKeyJS]),
|
|
771
|
+
config.files.nginxEdgeKeyJS,
|
|
770
772
|
].map(([from, to]) => `${from}:${to}:ro`),
|
|
771
773
|
},
|
|
772
774
|
oauth2_proxy: {
|
|
@@ -820,19 +822,15 @@ function renderDexConfig(config) {
|
|
|
820
822
|
}
|
|
821
823
|
|
|
822
824
|
const template = `
|
|
823
|
-
<%_ if (it.edgeKey) { %>
|
|
824
825
|
load_module modules/ngx_http_js_module.so;
|
|
825
826
|
|
|
826
|
-
<%_ } %>
|
|
827
827
|
events {}
|
|
828
828
|
|
|
829
829
|
http {
|
|
830
|
-
<%_ if (it.edgeKey) { %>
|
|
831
830
|
js_import edge_key from <%~ it.edgeKey.script %>;
|
|
832
831
|
js_shared_dict_zone zone=edge_key:32k;
|
|
833
832
|
js_set $edge_key edge_key;
|
|
834
833
|
|
|
835
|
-
<%_ } %>
|
|
836
834
|
# Disable IPv6 DNS lookups that may fail to resolve upstream hostnames.
|
|
837
835
|
resolver 127.0.0.11 ipv6=off;
|
|
838
836
|
|
|
@@ -919,7 +917,7 @@ http {
|
|
|
919
917
|
error_page 401 =302 /oauth2/start?rd=$scheme://$http_host$request_uri;
|
|
920
918
|
<%_ } %>
|
|
921
919
|
<%_ } %>
|
|
922
|
-
<%_ if (
|
|
920
|
+
<%_ if (name === 'vite') { %>
|
|
923
921
|
proxy_set_header <%~ it.edgeKey.header %> $edge_key;
|
|
924
922
|
<%_ } %>
|
|
925
923
|
<%_ for (const [header, value] of Object.entries(location.headers ?? {})) { %>
|
|
@@ -933,6 +931,11 @@ http {
|
|
|
933
931
|
<%_ if (upstream.scheme === 'https') { %>
|
|
934
932
|
proxy_ssl_server_name on;
|
|
935
933
|
proxy_ssl_name <%~ upstream.host %>;
|
|
934
|
+
<%_ if (upstream.external) { %>
|
|
935
|
+
proxy_ssl_trusted_certificate /etc/ssl/certs/ca-certificates.crt;
|
|
936
|
+
proxy_ssl_verify on;
|
|
937
|
+
proxy_ssl_verify_depth 3;
|
|
938
|
+
<%_ } %>
|
|
936
939
|
<%_ } %>
|
|
937
940
|
proxy_pass <%~ upstream.scheme %>://<%~ name %>;
|
|
938
941
|
}
|
|
@@ -956,11 +959,9 @@ function writeNginxConfig(config) {
|
|
|
956
959
|
const file = join(config.cache, config.files.nginx[0]);
|
|
957
960
|
const render = renderNginxConfig(config);
|
|
958
961
|
writeFileSync(file, render, 'utf-8');
|
|
959
|
-
|
|
960
|
-
|
|
961
|
-
|
|
962
|
-
writeFileSync(file, render, 'utf-8');
|
|
963
|
-
}
|
|
962
|
+
const edgeKeyFile = join(config.cache, config.files.nginxEdgeKeyJS[0]);
|
|
963
|
+
const edgeKeyRender = renderEdgeKeyJS(config.secrets.edgeKey);
|
|
964
|
+
writeFileSync(edgeKeyFile, edgeKeyRender, 'utf-8');
|
|
964
965
|
}
|
|
965
966
|
function renderNginxConfig(config) {
|
|
966
967
|
const data = {
|
|
@@ -970,14 +971,10 @@ function renderNginxConfig(config) {
|
|
|
970
971
|
cert: join(config.files.certs[1], 'tls.crt'),
|
|
971
972
|
key: join(config.files.certs[1], 'tls.key'),
|
|
972
973
|
},
|
|
973
|
-
|
|
974
|
-
|
|
975
|
-
:
|
|
976
|
-
|
|
977
|
-
header: VisageEdgeKeyHeader$1,
|
|
978
|
-
script: config.files.nginxEdgeKeyJS[1],
|
|
979
|
-
},
|
|
980
|
-
}),
|
|
974
|
+
edgeKey: {
|
|
975
|
+
header: VisageEdgeKeyHeader$1,
|
|
976
|
+
script: config.files.nginxEdgeKeyJS[1],
|
|
977
|
+
},
|
|
981
978
|
upstreams: Object.fromEntries(Object.entries(config.upstreams).map(([name, upstream]) => [
|
|
982
979
|
name,
|
|
983
980
|
{
|
|
@@ -1041,7 +1038,7 @@ function renderOauth2ProxyConfig(config) {
|
|
|
1041
1038
|
],
|
|
1042
1039
|
scope: config.oauth2.scopes.join(' '),
|
|
1043
1040
|
reverse_proxy: true,
|
|
1044
|
-
trusted_proxy_ips: config.network.trustedProxyIps,
|
|
1041
|
+
trusted_proxy_ips: config.compose.network.trustedProxyIps,
|
|
1045
1042
|
set_xauthrequest: true,
|
|
1046
1043
|
set_authorization_header: true,
|
|
1047
1044
|
pass_access_token: true,
|
|
@@ -1063,9 +1060,14 @@ function renderOauth2ProxyConfig(config) {
|
|
|
1063
1060
|
}
|
|
1064
1061
|
|
|
1065
1062
|
function createVisageServer(options) {
|
|
1066
|
-
const
|
|
1063
|
+
const root = process.cwd();
|
|
1067
1064
|
const edgeKey = randomBytes(32).toString('base64url');
|
|
1068
|
-
const config = resolveConfig(
|
|
1065
|
+
const config = resolveConfig({
|
|
1066
|
+
...resolveOptions(options),
|
|
1067
|
+
root,
|
|
1068
|
+
cache: join(root, '.visage'),
|
|
1069
|
+
edgeKey,
|
|
1070
|
+
});
|
|
1069
1071
|
let stop;
|
|
1070
1072
|
return {
|
|
1071
1073
|
middleware: createVisageMiddleware(edgeKey),
|
|
@@ -1154,14 +1156,18 @@ function visage(options = {}) {
|
|
|
1154
1156
|
if (!address || typeof address === 'string') {
|
|
1155
1157
|
throw new Error('Failed to resolve port for Visage');
|
|
1156
1158
|
}
|
|
1157
|
-
const
|
|
1158
|
-
|
|
1159
|
-
|
|
1160
|
-
|
|
1161
|
-
|
|
1162
|
-
|
|
1163
|
-
|
|
1164
|
-
|
|
1159
|
+
const config = resolveConfig({
|
|
1160
|
+
...resolveOptions({
|
|
1161
|
+
...options,
|
|
1162
|
+
upstreams: {
|
|
1163
|
+
...options.upstreams,
|
|
1164
|
+
vite: { port: address.port, ...options.upstreams?.vite },
|
|
1165
|
+
},
|
|
1166
|
+
}),
|
|
1167
|
+
root: vite.config.root,
|
|
1168
|
+
cache: join(vite.config.cacheDir, 'visage'),
|
|
1169
|
+
edgeKey,
|
|
1170
|
+
});
|
|
1165
1171
|
visageUrl = formatVisageUrlLog(config.host, config.port);
|
|
1166
1172
|
stop = await startVisageServer(config);
|
|
1167
1173
|
vite.httpServer?.once('close', closeBundle);
|
package/dist/network.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"network.d.ts","sourceRoot":"","sources":["../src/network.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AAE7C,wBAAgB,kBAAkB,CAAC,MAAM,EAAE,YAAY,GAAG,YAAY,
|
|
1
|
+
{"version":3,"file":"network.d.ts","sourceRoot":"","sources":["../src/network.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AAE7C,wBAAgB,kBAAkB,CAAC,MAAM,EAAE,YAAY,GAAG,YAAY,CA2BrE"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"nginx.d.ts","sourceRoot":"","sources":["../../src/render/nginx.ts"],"names":[],"mappings":"AAIA,OAAO,EAAuB,KAAK,YAAY,EAAE,MAAM,WAAW,CAAC;
|
|
1
|
+
{"version":3,"file":"nginx.d.ts","sourceRoot":"","sources":["../../src/render/nginx.ts"],"names":[],"mappings":"AAIA,OAAO,EAAuB,KAAK,YAAY,EAAE,MAAM,WAAW,CAAC;AA0InE,wBAAgB,gBAAgB,CAAC,MAAM,EAAE,YAAY,GAAG,IAAI,CAQ3D"}
|
package/dist/server.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,eAAe,EAAE,cAAc,EAAE,MAAM,WAAW,CAAC;AACjE,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,UAAU,CAAC;AAKvC,OAAO,EAAiC,KAAK,YAAY,EAAE,MAAM,UAAU,CAAC;AAa5E,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AAE7C,MAAM,MAAM,gBAAgB,GAAG,CAC7B,OAAO,EAAE,eAAe,EACxB,QAAQ,EAAE,cAAc,EACxB,IAAI,EAAE,MAAM,IAAI,KACb,IAAI,CAAC;AAEV,MAAM,MAAM,oBAAoB,GAAG,CACjC,OAAO,EAAE,eAAe,EACxB,MAAM,EAAE,MAAM,KACX,IAAI,CAAC;AAEV;;GAEG;AACH,MAAM,MAAM,YAAY,GAAG;IACzB;;OAEG;IACH,UAAU,EAAE,gBAAgB,CAAC;IAC7B;;;OAGG;IACH,OAAO,EAAE,oBAAoB,CAAC;IAC9B;;OAEG;IACH,MAAM,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;IACxB;;OAEG;IACH,KAAK,IAAI,IAAI,CAAC;CACf,CAAC;AAEF,wBAAgB,kBAAkB,CAAC,OAAO,EAAE,aAAa,GAAG,YAAY,
|
|
1
|
+
{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,eAAe,EAAE,cAAc,EAAE,MAAM,WAAW,CAAC;AACjE,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,UAAU,CAAC;AAKvC,OAAO,EAAiC,KAAK,YAAY,EAAE,MAAM,UAAU,CAAC;AAa5E,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AAE7C,MAAM,MAAM,gBAAgB,GAAG,CAC7B,OAAO,EAAE,eAAe,EACxB,QAAQ,EAAE,cAAc,EACxB,IAAI,EAAE,MAAM,IAAI,KACb,IAAI,CAAC;AAEV,MAAM,MAAM,oBAAoB,GAAG,CACjC,OAAO,EAAE,eAAe,EACxB,MAAM,EAAE,MAAM,KACX,IAAI,CAAC;AAEV;;GAEG;AACH,MAAM,MAAM,YAAY,GAAG;IACzB;;OAEG;IACH,UAAU,EAAE,gBAAgB,CAAC;IAC7B;;;OAGG;IACH,OAAO,EAAE,oBAAoB,CAAC;IAC9B;;OAEG;IACH,MAAM,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;IACxB;;OAEG;IACH,KAAK,IAAI,IAAI,CAAC;CACf,CAAC;AAEF,wBAAgB,kBAAkB,CAAC,OAAO,EAAE,aAAa,GAAG,YAAY,CAqBvE;AAED,wBAAsB,iBAAiB,CACrC,MAAM,EAAE,YAAY,GACnB,OAAO,CAAC,MAAM,IAAI,CAAC,CAmBrB"}
|
package/package.json
CHANGED