From cd0438b8cefb308ae32cd340ca04a66a4b42287e Mon Sep 17 00:00:00 2001 From: florian Date: Mon, 13 Jun 2022 21:40:38 +0200 Subject: [PATCH] support REVERSE_PROXY_*_TIMEOUT settings, remove useless push in CI/CD and try to build arm on GH runners --- .github/workflows/dev.yml | 145 ++++++------------ .github/workflows/prod.yml | 9 +- .../confs/server-http/reverse-proxy.conf | 6 + core/reverseproxy/plugin.json | 30 ++++ 4 files changed, 90 insertions(+), 100 deletions(-) diff --git a/.github/workflows/dev.yml b/.github/workflows/dev.yml index f3c5862e..6c767543 100644 --- a/.github/workflows/dev.yml +++ b/.github/workflows/dev.yml @@ -73,12 +73,6 @@ jobs: with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_TOKEN }} - - name: Login to private repository - uses: docker/login-action@v2 - with: - registry: ${{ secrets.PRIVATE_REGISTRY }} - username: registry - password: ${{ secrets.PRIVATE_REGISTRY_TOKEN }} # Build images - name: Build BW for 386 @@ -86,8 +80,7 @@ jobs: with: context: . platforms: linux/386 - push: true - tags: ${{ secrets.PRIVATE_REGISTRY }}/infra/bunkerweb-tests-386:latest + tags: bunkerweb-tests-386:latest cache-from: type=registry,ref=bunkerity/cache:bw-386-cache cache-to: type=registry,ref=bunkerity/cache:bw-386-cache,mode=min - name: Build BW autoconf for 386 @@ -96,8 +89,7 @@ jobs: context: . file: autoconf/Dockerfile platforms: linux/386 - push: true - tags: ${{ secrets.PRIVATE_REGISTRY }}/infra/bunkerweb-autoconf-tests-386:latest + tags: bunkerweb-autoconf-tests-386:latest cache-from: type=registry,ref=bunkerity/cache:bw-autoconf-386-cache cache-to: type=registry,ref=bunkerity/cache:bw-autoconf-386-cache,mode=min - name: Build BW UI for 386 @@ -106,92 +98,54 @@ jobs: context: . file: ui/Dockerfile platforms: linux/386 - push: true - tags: ${{ secrets.PRIVATE_REGISTRY }}/infra/bunkerweb-autoconf-tests-386:latest + tags: bunkerweb-autoconf-tests-386:latest cache-from: type=registry,ref=bunkerity/cache:bw-ui-386-cache cache-to: type=registry,ref=bunkerity/cache:bw-ui-386-cache,mode=min - # Build bunkerweb/arm - # build-bw-arm: - # runs-on: [self-hosted, ARM64] - # steps: + # Build bunkerweb/armv8 + build-bw-armv8: + runs-on: ubuntu-latest + steps: # Prepare - # - name: Checkout source code - # uses: actions/checkout@v3 - # - name: Setup Buildx - # uses: docker/setup-buildx-action@v2 - # - name: Login to Docker Hub - # uses: docker/login-action@v2 - # with: - # username: ${{ secrets.DOCKER_USERNAME }} - # password: ${{ secrets.DOCKER_TOKEN }} - # - name: Login to private repository - # uses: docker/login-action@v2 - # with: - # registry: ${{ secrets.PRIVATE_REGISTRY }} - # username: registry - # password: ${{ secrets.PRIVATE_REGISTRY_TOKEN }} + - name: Checkout source code + uses: actions/checkout@v3 + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + - name: Setup Buildx + uses: docker/setup-buildx-action@v2 + - name: Login to Docker Hub + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_TOKEN }} # Build images - # - name: Build BW for armv7 - # uses: docker/build-push-action@v3 - # with: - # context: . - # platforms: linux/arm/v7 - # push: true - # tags: ${{ secrets.PRIVATE_REGISTRY }}/infra/bunkerweb-tests-armv7:latest - # cache-from: type=registry,ref=bunkerity/cache:bw-armv7-cache - # cache-to: type=registry,ref=bunkerity/cache:bw-armv7-cache,mode=min - # - name: Build BW for armv8 - # uses: docker/build-push-action@v3 - # with: - # context: . - # platforms: linux/arm64/v8 - # push: true - # tags: ${{ secrets.PRIVATE_REGISTRY }}/infra/bunkerweb-tests-armv8:latest - # cache-from: type=registry,ref=bunkerity/cache:bw-armv8-cache - # cache-to: type=registry,ref=bunkerity/cache:bw-armv8-cache,mode=min - # - name: Build BW autoconf for armv7 - # uses: docker/build-push-action@v3 - # with: - # context: . - # file: autoconf/Dockerfile - # platforms: linux/arm/v7 - # push: true - # tags: ${{ secrets.PRIVATE_REGISTRY }}/infra/bunkerweb-autoconf-tests-armv7:latest - # cache-from: type=registry,ref=bunkerity/cache:bw-autoconf-armv7-cache - # cache-to: type=registry,ref=bunkerity/cache:bw-autoconf-armv7-cache,mode=min - # - name: Build BW autoconf for armv8 - # uses: docker/build-push-action@v3 - # with: - # context: . - # file: autoconf/Dockerfile - # platforms: linux/arm64/v8 - # push: true - # tags: ${{ secrets.PRIVATE_REGISTRY }}/infra/bunkerweb-autoconf-tests-armv8:latest - # cache-from: type=registry,ref=bunkerity/cache:bw-autoconf-armv8-cache - # cache-to: type=registry,ref=bunkerity/cache:bw-autoconf-armv8-cache,mode=min - # - name: Build BW UI for armv7 - # uses: docker/build-push-action@v3 - # with: - # context: . - # file: ui/Dockerfile - # platforms: linux/arm/v7 - # push: true - # tags: ${{ secrets.PRIVATE_REGISTRY }}/infra/bunkerweb-ui-tests-armv7:latest - # cache-from: type=registry,ref=bunkerity/cache:bw-ui-armv7-cache - # cache-to: type=registry,ref=bunkerity/cache:bw-ui-armv7-cache,mode=min - # - name: Build BW UI for armv8 - # uses: docker/build-push-action@v3 - # with: - # context: . - # file: ui/Dockerfile - # platforms: linux/arm64/v8 - # push: true - # tags: ${{ secrets.PRIVATE_REGISTRY }}/infra/bunkerweb-ui-tests-armv8:latest - # cache-from: type=registry,ref=bunkerity/cache:bw-ui-armv8-cache - # cache-to: type=registry,ref=bunkerity/cache:bw-ui-armv8-cache,mode=min - + - name: Build BW for armv8 + uses: docker/build-push-action@v3 + with: + context: . + platforms: linux/arm64/v8 + tags: bunkerweb-tests-armv8:latest + cache-from: type=registry,ref=bunkerity/cache:bw-armv8-cache + cache-to: type=registry,ref=bunkerity/cache:bw-armv8-cache,mode=min + - name: Build BW autoconf for armv8 + uses: docker/build-push-action@v3 + with: + context: . + file: autoconf/Dockerfile + platforms: linux/arm64/v8 + tags: bunkerweb-autoconf-tests-armv8:latest + cache-from: type=registry,ref=bunkerity/cache:bw-autoconf-armv8-cache + cache-to: type=registry,ref=bunkerity/cache:bw-autoconf-armv8-cache,mode=min + - name: Build BW UI for armv8 + uses: docker/build-push-action@v3 + with: + context: . + file: ui/Dockerfile + platforms: linux/arm64/v8 + tags: bunkerweb-ui-tests-armv8:latest + cache-from: type=registry,ref=bunkerity/cache:bw-ui-armv8-cache + cache-to: type=registry,ref=bunkerity/cache:bw-ui-armv8-cache,mode=min # Run tests tests: @@ -274,7 +228,7 @@ jobs: # Push to dev registries push-docker: # needs: [tests, build-bw-386, build-bw-arm] - needs: [tests, build-bw-386] + needs: [tests, build-bw-386, build-bw-armv8] runs-on: ubuntu-latest steps: @@ -302,34 +256,37 @@ jobs: uses: docker/build-push-action@v3 with: context: . - platforms: linux/amd64,linux/386 + platforms: linux/amd64,linux/386,linux/arm64/v8 push: true tags: ${{ secrets.PRIVATE_REGISTRY }}/infra/bunkerweb:staging,bunkerity/bunkerweb:dev cache-from: | type=registry,ref=bunkerity/cache:bw-amd64-cache type=registry,ref=bunkerity/cache:bw-386-cache + type=registry,ref=bunkerity/cache:bw-armv8-cache - name: Build and push BW autoconf uses: docker/build-push-action@v3 with: context: . file: autoconf/Dockerfile - platforms: linux/amd64,linux/386 + platforms: linux/amd64,linux/386,linux/arm64/v8 push: true tags: ${{ secrets.PRIVATE_REGISTRY }}/infra/bunkerweb-autoconf:staging,bunkerity/bunkerweb-autoconf:dev cache-from: | type=registry,ref=bunkerity/cache:bw-autoconf-amd64-cache type=registry,ref=bunkerity/cache:bw-autoconf-386-cache + type=registry,ref=bunkerity/cache:bw-autoconf-armv8-cache - name: Build and push BW UI uses: docker/build-push-action@v3 with: context: . file: ui/Dockerfile - platforms: linux/amd64,linux/386 + platforms: linux/amd64,linux/386,linux/arm64/v8 push: true tags: ${{ secrets.PRIVATE_REGISTRY }}/infra/bunkerweb-ui:staging,bunkerity/bunkerweb-ui:dev cache-from: | type=registry,ref=bunkerity/cache:bw-ui-amd64-cache type=registry,ref=bunkerity/cache:bw-ui-386-cache + type=registry,ref=bunkerity/cache:bw-ui-armv8-cache # Push to PackageCloud push-linux: diff --git a/.github/workflows/prod.yml b/.github/workflows/prod.yml index 55b73e9e..fb41b1e0 100644 --- a/.github/workflows/prod.yml +++ b/.github/workflows/prod.yml @@ -83,8 +83,7 @@ jobs: with: context: . platforms: linux/386 - push: true - tags: ${{ secrets.PRIVATE_REGISTRY }}/infra/bunkerweb-tests-386:latest + tags: bunkerweb-tests-386:latest cache-to: type=registry,ref=bunkerity/cache:bw-386-cache,mode=min - name: Build BW autoconf for 386 uses: docker/build-push-action@v3 @@ -92,8 +91,7 @@ jobs: context: . file: autoconf/Dockerfile platforms: linux/386 - push: true - tags: ${{ secrets.PRIVATE_REGISTRY }}/infra/bunkerweb-autoconf-tests-386:latest + tags: /bunkerweb-autoconf-tests-386:latest cache-to: type=registry,ref=bunkerity/cache:bw-autoconf-386-cache,mode=min - name: Build BW UI for 386 uses: docker/build-push-action@v3 @@ -101,8 +99,7 @@ jobs: context: . file: ui/Dockerfile platforms: linux/386 - push: true - tags: ${{ secrets.PRIVATE_REGISTRY }}/infra/bunkerweb-autoconf-tests-386:latest + tags: bunkerweb-autoconf-tests-386:latest cache-to: type=registry,ref=bunkerity/cache:bw-ui-386-cache,mode=min # Build bunkerweb/arm diff --git a/core/reverseproxy/confs/server-http/reverse-proxy.conf b/core/reverseproxy/confs/server-http/reverse-proxy.conf index 7bbcc157..7712a6c5 100644 --- a/core/reverseproxy/confs/server-http/reverse-proxy.conf +++ b/core/reverseproxy/confs/server-http/reverse-proxy.conf @@ -35,6 +35,9 @@ add_header X-Proxy-Cache $upstream_cache_status; {% set auth_request = all[k.replace("URL", "AUTH_REQUEST")] if k.replace("URL", "AUTH_REQUEST") in all else "" %} {% set auth_request_signin_url = all[k.replace("URL", "AUTH_REQUEST_SIGNIN_URL")] if k.replace("URL", "AUTH_REQUEST_SIGNIN_URL") in all else "" %} {% set auth_request_sets = all[k.replace("URL", "AUTH_REQUEST_SET")] if k.replace("URL", "AUTH_REQUEST_SET") in all else "" %} + {% set connect_timeout = all[k.replace("URL", "CONNECT_TIMEOUT")] if k.replace("URL", "CONNECT_TIMEOUT") in all else "" %} + {% set read_timeout = all[k.replace("URL", "READ_TIMEOUT")] if k.replace("URL", "READ_TIMEOUT") in all else "" %} + {% set send_timeout = all[k.replace("URL", "SEND_TIMEOUT")] if k.replace("URL", "SEND_TIMEOUT") in all else "" %} location {{ url }} {% raw %}{{% endraw +%} etag off; set $backend{{ counter.value }} "{{ host }}"; @@ -81,6 +84,9 @@ location {{ url }} {% raw %}{{% endraw +%} {% endif +%} {% raw %}}{% endraw %} {% endif %} + proxy_connect_timeout {{ connect_timeout }}; + proxy_read_timeout {{ read_timeout }}; + proxy_send_timeout {{ send_timeout }}; {% set counter.value = counter.value + 1 %} {% endfor %} {% endif %} \ No newline at end of file diff --git a/core/reverseproxy/plugin.json b/core/reverseproxy/plugin.json index 3042a568..6239a01f 100644 --- a/core/reverseproxy/plugin.json +++ b/core/reverseproxy/plugin.json @@ -212,6 +212,36 @@ "label": "Reverse proxy bypass", "regex": "^.*$", "type": "text" + }, + "REVERSE_PROXY_CONNECT_TIMEOUT": { + "context": "multisite", + "default": "60s", + "help": "Timeout when connecting to the proxied resource.", + "id": "reverse-proxy-connect-timeout", + "label": "Reverse proxy connect timeout", + "regex": "^.*$", + "type": "text", + "multiple": "reverse-proxy" + }, + "REVERSE_PROXY_READ_TIMEOUT": { + "context": "multisite", + "default": "60s", + "help": "Timeout when reading from the proxied resource.", + "id": "reverse-proxy-read-timeout", + "label": "Reverse proxy read timeout", + "regex": "^.*$", + "type": "text", + "multiple": "reverse-proxy" + }, + "REVERSE_PROXY_SEND_TIMEOUT": { + "context": "multisite", + "default": "60s", + "help": "Timeout when sending to the proxied resource.", + "id": "reverse-proxy-send-timeout", + "label": "Reverse proxy send timeout", + "regex": "^.*$", + "type": "text", + "multiple": "reverse-proxy" } } }