From 585c2af6f8c4a09502c4c4dcd3e0a49fa29a6584 Mon Sep 17 00:00:00 2001 From: YuryHrytsuk Date: Tue, 7 Jan 2025 14:39:50 +0100 Subject: [PATCH 1/5] Traefik: introduce domain redirect --- services/traefik/docker-compose.yml.j2 | 22 ++++++++++++++++++++++ services/traefik/j2cli_customization.py | 23 +++++++++++++++++++++++ services/traefik/template.env | 3 +++ 3 files changed, 48 insertions(+) create mode 100644 services/traefik/j2cli_customization.py diff --git a/services/traefik/docker-compose.yml.j2 b/services/traefik/docker-compose.yml.j2 index 7424204a..f67a4bf0 100644 --- a/services/traefik/docker-compose.yml.j2 +++ b/services/traefik/docker-compose.yml.j2 @@ -146,6 +146,28 @@ services: - traefik.http.middlewares.strip-www.redirectregex.replacement=$${1}://$${2} - traefik.http.middlewares.strip-www.redirectregex.permanent=true + + ### + # Domain redirects + ### +{% set redirect_from_domains_list = TRAEFIK_DOMAINS_REDIRECT_FROM.split(',') %} +{% set redirect_to_domains_list = TRAEFIK_DOMAINS_REDIRECT_TO.split(',') %} + +{% for from_domain, to_domain in zip(redirect_from_domains_list, redirect_to_domains_list) %} +{% set from_domain_no_dots = from_domain.replace(".", "-") %} + # Regex below is redirecting any subdomains and path to new domain. + # Use https://regex101.com/r/58sIgx/2 for regex explanation and experimentation. + # Below we include dollar escaping and j2 expressions. It is not clean / pure regex + # You can fetch baked and clean regex from traefik dashboards. + - traefik.http.middlewares.redirect-{{ from_domain_no_dots }}.redirectregex.regex=^https?://((?:[a-zA-Z0-9-]+\.)*)*{{ from_domain }}(.*)$$ + - traefik.http.middlewares.redirect-{{ from_domain_no_dots }}.redirectregex.replacement=https://$${1}{{ to_domain }}$${2} + - traefik.http.middlewares.redirect-{{ from_domain_no_dots }}.redirectregex.permanent=false + - traefik.http.routers.{{ from_domain_no_dots }}.rule={{ generate_domain_capture_all_rule(from_domain) }} + - traefik.http.routers.{{ from_domain_no_dots }}.middlewares=redirect-{{ from_domain_no_dots }} + - traefik.http.routers.{{ from_domain_no_dots }}.entrypoints=https + - traefik.http.routers.{{ from_domain_no_dots }}.tls=true +{% endfor %} + networks: public: null monitored: null diff --git a/services/traefik/j2cli_customization.py b/services/traefik/j2cli_customization.py new file mode 100644 index 00000000..ae761418 --- /dev/null +++ b/services/traefik/j2cli_customization.py @@ -0,0 +1,23 @@ +def _generate_domain_capture_all_rule(domain: str) -> str: + rules = [ + f"Host(`{domain}`)", + f"Host(`www.{domain}`)", + f"Host(`invitations.{domain}`)", + f"Host(`services.{domain}`)", + f"HostRegexp(`{{subhost:[a-zA-Z0-9-]+}}.services.{domain}`)", + f"Host(`services.testing.{domain}`)", + f"HostRegexp(`{{subhost:[a-zA-Z0-9-]+}}.services.testing.{domain}`)", + f"Host(`pay.{domain}`)", + f"Host(`api.{domain}`)", + f"Host(`api.testing.{domain}`)", + f"Host(`testing.{domain}`)", + ] + return " || ".join(rules) + + +def j2_environment(env): + env.globals.update( + generate_domain_capture_all_rule=_generate_domain_capture_all_rule, + zip=zip, + ) + return env diff --git a/services/traefik/template.env b/services/traefik/template.env index bb36e5bf..c4546a83 100644 --- a/services/traefik/template.env +++ b/services/traefik/template.env @@ -37,3 +37,6 @@ MONITORED_NETWORK=${MONITORED_NETWORK} WEBSERVER_HOST=${WEBSERVER_HOST} WEBSERVER_PORT=${WEBSERVER_PORT} + +TRAEFIK_DOMAINS_REDIRECT_FROM= +TRAEFIK_DOMAINS_REDIRECT_TO= From 3db680bf9119bf27f286d739f9342cc6c0cb6eeb Mon Sep 17 00:00:00 2001 From: YuryHrytsuk Date: Tue, 7 Jan 2025 14:57:23 +0100 Subject: [PATCH 2/5] Fix env vars --- services/traefik/template.env | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/services/traefik/template.env b/services/traefik/template.env index c4546a83..22ab9658 100644 --- a/services/traefik/template.env +++ b/services/traefik/template.env @@ -38,5 +38,5 @@ MONITORED_NETWORK=${MONITORED_NETWORK} WEBSERVER_HOST=${WEBSERVER_HOST} WEBSERVER_PORT=${WEBSERVER_PORT} -TRAEFIK_DOMAINS_REDIRECT_FROM= -TRAEFIK_DOMAINS_REDIRECT_TO= +TRAEFIK_DOMAINS_REDIRECT_FROM=${TRAEFIK_DOMAINS_REDIRECT_FROM} +TRAEFIK_DOMAINS_REDIRECT_TO=${TRAEFIK_DOMAINS_REDIRECT_TO} From ef6097fa45c48b4ac45219d8339d3c600585908c Mon Sep 17 00:00:00 2001 From: YuryHrytsuk Date: Tue, 7 Jan 2025 15:00:55 +0100 Subject: [PATCH 3/5] Update CI deps --- .github/workflows/ci.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 1a9e6ef9..1a205d68 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -8,16 +8,15 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Define python run: echo "PYTHON_VERSION=$(cat .python-version)" >> $GITHUB_ENV - name: Install python version - uses: gabrielfalcao/pyenv-action@v11 + uses: gabrielfalcao/pyenv-action@v18 with: default: "${{ env.PYTHON_VERSION }}" - command: pip install -U pip - name: Show python version run: python --version From 1e51e7151d67614bb90e253c1d6ce26bd64365ea Mon Sep 17 00:00:00 2001 From: YuryHrytsuk Date: Tue, 7 Jan 2025 16:02:45 +0100 Subject: [PATCH 4/5] Updates --- services/traefik/docker-compose.yml.j2 | 11 +++++++++-- services/traefik/j2cli_customization.py | 3 +-- services/traefik/template.env | 1 + 3 files changed, 11 insertions(+), 4 deletions(-) diff --git a/services/traefik/docker-compose.yml.j2 b/services/traefik/docker-compose.yml.j2 index f67a4bf0..a19a23a3 100644 --- a/services/traefik/docker-compose.yml.j2 +++ b/services/traefik/docker-compose.yml.j2 @@ -152,20 +152,27 @@ services: ### {% set redirect_from_domains_list = TRAEFIK_DOMAINS_REDIRECT_FROM.split(',') %} {% set redirect_to_domains_list = TRAEFIK_DOMAINS_REDIRECT_TO.split(',') %} +{% set redirect_is_permanent_list = TRAEFIK_DOMAINS_REDIRECT_IS_PERMANENT.split(',') %} -{% for from_domain, to_domain in zip(redirect_from_domains_list, redirect_to_domains_list) %} +{% for ix in range(redirect_from_domains_list | length) %} + +{% set from_domain = redirect_from_domains_list[ix] %} {% set from_domain_no_dots = from_domain.replace(".", "-") %} +{% set to_domain = redirect_to_domains_list[ix] %} +{% set redirect_is_permanent = redirect_is_permanent_list[ix] %} + # Regex below is redirecting any subdomains and path to new domain. # Use https://regex101.com/r/58sIgx/2 for regex explanation and experimentation. # Below we include dollar escaping and j2 expressions. It is not clean / pure regex # You can fetch baked and clean regex from traefik dashboards. - traefik.http.middlewares.redirect-{{ from_domain_no_dots }}.redirectregex.regex=^https?://((?:[a-zA-Z0-9-]+\.)*)*{{ from_domain }}(.*)$$ - traefik.http.middlewares.redirect-{{ from_domain_no_dots }}.redirectregex.replacement=https://$${1}{{ to_domain }}$${2} - - traefik.http.middlewares.redirect-{{ from_domain_no_dots }}.redirectregex.permanent=false + - traefik.http.middlewares.redirect-{{ from_domain_no_dots }}.redirectregex.permanent={{ redirect_is_permanent }} - traefik.http.routers.{{ from_domain_no_dots }}.rule={{ generate_domain_capture_all_rule(from_domain) }} - traefik.http.routers.{{ from_domain_no_dots }}.middlewares=redirect-{{ from_domain_no_dots }} - traefik.http.routers.{{ from_domain_no_dots }}.entrypoints=https - traefik.http.routers.{{ from_domain_no_dots }}.tls=true + {% endfor %} networks: diff --git a/services/traefik/j2cli_customization.py b/services/traefik/j2cli_customization.py index ae761418..aafdad4c 100644 --- a/services/traefik/j2cli_customization.py +++ b/services/traefik/j2cli_customization.py @@ -17,7 +17,6 @@ def _generate_domain_capture_all_rule(domain: str) -> str: def j2_environment(env): env.globals.update( - generate_domain_capture_all_rule=_generate_domain_capture_all_rule, - zip=zip, + generate_domain_capture_all_rule=_generate_domain_capture_all_rule ) return env diff --git a/services/traefik/template.env b/services/traefik/template.env index 22ab9658..c707b1b7 100644 --- a/services/traefik/template.env +++ b/services/traefik/template.env @@ -40,3 +40,4 @@ WEBSERVER_PORT=${WEBSERVER_PORT} TRAEFIK_DOMAINS_REDIRECT_FROM=${TRAEFIK_DOMAINS_REDIRECT_FROM} TRAEFIK_DOMAINS_REDIRECT_TO=${TRAEFIK_DOMAINS_REDIRECT_TO} +TRAEFIK_DOMAINS_REDIRECT_IS_PERMANENT=${TRAEFIK_DOMAINS_REDIRECT_IS_PERMANENT} From 7c2b9069bc8415fd5fc16c305f49f4ce4b6c1953 Mon Sep 17 00:00:00 2001 From: YuryHrytsuk Date: Tue, 7 Jan 2025 16:04:45 +0100 Subject: [PATCH 5/5] Revert CI changes --- .github/workflows/ci.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 1a205d68..1a9e6ef9 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -8,15 +8,16 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v3 - name: Define python run: echo "PYTHON_VERSION=$(cat .python-version)" >> $GITHUB_ENV - name: Install python version - uses: gabrielfalcao/pyenv-action@v18 + uses: gabrielfalcao/pyenv-action@v11 with: default: "${{ env.PYTHON_VERSION }}" + command: pip install -U pip - name: Show python version run: python --version