Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: TLS support for web #301

Merged
merged 6 commits into from
Sep 22, 2024
Merged

feat: TLS support for web #301

merged 6 commits into from
Sep 22, 2024

Conversation

bonddim
Copy link
Contributor

@bonddim bonddim commented Sep 18, 2024
edited
Loading

  • Added TLS support for web
    • Added optional configurations cert_file and key_file to run web server with https
  • Helm chart update
    • Refactored Ingress to use one host only (config.web.external_url is required)
    • Added Certificate resource template (secret is mounted to container into /app/certs/)
    • Added support for service with mixed protocols (exposes UI and Wireguard ports on same IP)
    • Added helm-docs target to makefile
    • Changed pod labels to use selectorLabels
    • Removed default probes (app runs without healthy web)
    • Removed sections from chart README
  • Chart workflow update
    • Fix paths filters
    • Replaced helm/kind-action by nolar/setup-k3d-k3s

Resolves #240

@bonddim
Added TLS support for web
b30fb72 
- Added optional configurations `cert_file` and `key_file` to run web server with https

Signed-off-by: Dmytro Bondar <[email protected]>
@bonddim
Helm chart update
3124922 
- Refactored Ingress to use one host only (`config.web.external_url` is required)
- Added Certificate resource template (secret is mounted to container into `/app/certs/`)
- Added support for service with mixed protocols (exposes UI and Wireguard ports on same IP)
- Added helm-docs target to makefile
- Changed pod labels to use selectorLabels
- Removed default probes (app runs without healthy web)
- Removed sections from README

Signed-off-by: Dmytro Bondar <[email protected]>
@bonddim bonddim marked this pull request as ready for review September 18, 2024 09:18
@bonddim bonddim changed the title web tls support TLS support for web Sep 18, 2024
@bonddim
Copy link
Contributor Author

bonddim commented Sep 18, 2024

@h44z,
I've noticed that the app continues to run even when there is an error in the webSrv.Run goroutine. Is this the expected behavior, or could it be a bug?

Example on current master:

INFO[0000] Starting WireGuard Portal V2...              
INFO[0000] WireGuard Portal version: unknown (local build) 
DEBU[0000] WireGuard Portal Features:                   
DEBU[0000]   - EditableKeys: false                      
DEBU[0000]   - CreateDefaultPeerOnCreation: false       
DEBU[0000]   - SelfProvisioningAllowed: false           
DEBU[0000]   - ImportExisting: true                     
DEBU[0000]   - RestoreState: true                       
DEBU[0000]   - UseIpV6: true                            
DEBU[0000]   - CollectInterfaceData: true               
DEBU[0000]   - CollectPeerData: true                    
DEBU[0000]   - CollectAuditData: true                   
DEBU[0000] WireGuard Portal Settings:                   
DEBU[0000]   - ConfigStoragePath:                       
DEBU[0000]   - ExternalUrl: http://localhost:8888       
DEBU[0000] WireGuard Portal Authentication:             
DEBU[0000]   - OIDC Providers: 0                        
DEBU[0000]   - OAuth Providers: 0                       
DEBU[0000]   - Ldap Providers: 0                        
TRAC[0000] sysstat migration: <nil>                     
TRAC[0000] user migration: <nil>                        
TRAC[0000] interface migration: <nil>                   
TRAC[0000] peer migration: <nil>                        
TRAC[0000] peer status migration: <nil>                 
TRAC[0000] interface status migration: <nil>            
TRAC[0000] audit data migration: <nil>                  
TRAC[0000] skipping default user creation - admin user already exists 
INFO[0000] interface state restored                     
TRAC[0000] started ping checks                          
TRAC[0000] started interface data fetcher               
TRAC[0000] started peer data fetcher                    
INFO[0000] starting web service on :8888                
INFO[0000] web service on :8888 exited: listen tcp :8888: bind: address already in use 
DEBU[0000] web service shutting down, grace period: 5 seconds... 
DEBU[0000] web service shut down

@bonddim bonddim changed the title TLS support for web feat: TLS support for web Sep 22, 2024
h44z
h44z approved these changes Sep 22, 2024
View reviewed changes
Copy link
Owner

@h44z h44z left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@h44z h44z merged commit 6ffe1a9 into h44z:master Sep 22, 2024
3 checks passed
@bonddim bonddim deleted the web-tls-support branch September 23, 2024 20:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@h44z h44z h44z approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Expose the app in port 443 (HTTPs)
2 participants
@bonddim @h44z