v0.41.1: wire the controller dashboard into traefik (felhom.<domain> routing)
EnsureBaseStack now writes a traefik file-provider route (Host(felhom.<domain>) -> http://felhom-controller:8080) and joins the controller to traefik-public. Done post-pull (domain known) and idempotently (write-if-changed + skip-if-connected), so felhom.<domain> reaches the controller. Completes the v0.41.0 base-infra bring-up. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -161,6 +161,31 @@ networks:
|
||||
`, domain, FileBrowserImage, storageSection, domain)
|
||||
}
|
||||
|
||||
// RenderControllerRoute returns a traefik file-provider dynamic config routing the controller's own
|
||||
// dashboard — Host(felhom.<domain>) → http://felhom-controller:8080 on websecure. This can only be
|
||||
// produced POST config-pull (the v2 bootstrap.json carries no domain), which is why the controller
|
||||
// wires its OWN route at bring-up instead of via a static Docker label at bootstrap time. `tls: {}`
|
||||
// inherits the websecure entrypoint's default certResolver (letsencrypt) when ACME is configured, and
|
||||
// otherwise falls back to traefik's default self-signed cert.
|
||||
func RenderControllerRoute(domain string) string {
|
||||
return fmt.Sprintf(`# Traefik dynamic route for the felhom-controller dashboard — managed by felhom-controller.
|
||||
# WARNING: auto-generated at base-infra bring-up. Manual edits are overwritten.
|
||||
http:
|
||||
routers:
|
||||
felhom-controller:
|
||||
rule: "Host(`+"`"+`felhom.%s`+"`"+`)"
|
||||
entryPoints:
|
||||
- websecure
|
||||
service: felhom-controller
|
||||
tls: {}
|
||||
services:
|
||||
felhom-controller:
|
||||
loadBalancer:
|
||||
servers:
|
||||
- url: "http://felhom-controller:8080"
|
||||
`, domain)
|
||||
}
|
||||
|
||||
// RenderFileBrowserConfig returns a FileBrowser Quantum config.yaml with one source per registered
|
||||
// storage path (each a named sidebar entry). Empty paths → a single default /srv source. Ported
|
||||
// verbatim from internal/web/handlers.go.
|
||||
|
||||
@@ -162,6 +162,23 @@ func TestCloudflaredRender(t *testing.T) {
|
||||
}
|
||||
}
|
||||
|
||||
func TestControllerRoute(t *testing.T) {
|
||||
r := RenderControllerRoute("demo-felhom.eu")
|
||||
if !strings.Contains(r, "Host(`felhom.demo-felhom.eu`)") {
|
||||
t.Errorf("domain not wired into controller route rule: %q", r)
|
||||
}
|
||||
if !strings.Contains(r, "http://felhom-controller:8080") {
|
||||
t.Errorf("controller service URL missing: %q", r)
|
||||
}
|
||||
if !strings.Contains(r, "websecure") {
|
||||
t.Error("controller route must be on the websecure entrypoint")
|
||||
}
|
||||
var v any
|
||||
if err := yaml.Unmarshal([]byte(r), &v); err != nil {
|
||||
t.Fatalf("controller route is not valid YAML: %v\n%s", err, r)
|
||||
}
|
||||
}
|
||||
|
||||
func TestFileBrowserRender(t *testing.T) {
|
||||
compose := RenderFileBrowserCompose("demo-felhom.eu", nil)
|
||||
if !strings.Contains(compose, "Host(`files.demo-felhom.eu`)") {
|
||||
|
||||
Reference in New Issue
Block a user