akanealw/caddy-proxy-manager
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity
Files
447dbcedde984e334abcfcd8ba54f627548f3a70
caddy-proxy-manager/docker/l4-port-manager/entrypoint.sh
fuomag9 3a4a4d51cf feat: add L4 (TCP/UDP) proxy host support via caddy-l4 
- New l4_proxy_hosts table and Drizzle migration (0015)
- Full CRUD model layer with validation, audit logging, and Caddy config
  generation (buildL4Servers integrating into buildCaddyDocument)
- Server actions, paginated list page, create/edit/delete dialogs
- L4 port manager sidecar (docker/l4-port-manager) that auto-recreates
  the caddy container when port mappings change via a trigger file
- Auto-detects Docker Compose project name from caddy container labels
- Supports both named-volume and bind-mount (COMPOSE_HOST_DIR) deployments
- getL4PortsStatus simplified: status file is sole source of truth,
  trigger files deleted after processing to prevent stuck 'Waiting' banner
- Navigation entry added (CableIcon)
- Tests: unit (entrypoint.sh invariants + validation), integration (ports
  lifecycle + caddy config), E2E (CRUD + functional routing)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-22 00:11:16 +01:00

168 lines
6.0 KiB
Bash
Executable File
Raw Blame History

#!/bin/sh
#
# L4 Port Manager Sidecar
#
# On startup: always applies the current L4 ports override so the caddy
# container has the correct ports bound (the main compose stack starts caddy
# without the L4 ports override file).
#
# During runtime: watches the trigger file for changes and re-applies when
# the web app signals that port configuration has changed.
#
# Only ever recreates the caddy container — never touches any other service.
#
# Environment variables:
# DATA_DIR - Path to shared data volume (default: /data)
# COMPOSE_DIR - Path to compose files (default: /compose)
# CADDY_CONTAINER_NAME - Caddy container name for project auto-detection (default: caddy-proxy-manager-caddy)
# COMPOSE_PROJECT_NAME - Override compose project name (auto-detected from caddy container labels if unset)
# POLL_INTERVAL - Seconds between trigger file checks (default: 2)
set -e
DATA_DIR="${DATA_DIR:-/data}"
COMPOSE_DIR="${COMPOSE_DIR:-/compose}"
POLL_INTERVAL="${POLL_INTERVAL:-2}"
CADDY_CONTAINER_NAME="${CADDY_CONTAINER_NAME:-caddy-proxy-manager-caddy}"
TRIGGER_FILE="$DATA_DIR/l4-ports.trigger"
STATUS_FILE="$DATA_DIR/l4-ports.status"
OVERRIDE_FILE="$DATA_DIR/docker-compose.l4-ports.yml"
log() {
echo "[l4-port-manager] $(date -u '+%Y-%m-%dT%H:%M:%SZ') $*"
}
write_status() {
state="$1"
message="$2"
applied_at="$(date -u '+%Y-%m-%dT%H:%M:%SZ')"
error="${3:-}"
cat > "$STATUS_FILE" <<STATUSEOF
{
"state": "$state",
"message": "$message",
"appliedAt": "$applied_at"$([ -n "$error" ] && echo ",
\"error\": \"$error\"" || echo "")
}
STATUSEOF
}
# Auto-detect the Docker Compose project name from the running caddy container's labels.
# This ensures we operate on the correct project regardless of where compose files are mounted.
detect_project_name() {
if [ -n "$COMPOSE_PROJECT_NAME" ]; then
echo "$COMPOSE_PROJECT_NAME"
return
fi
detected=$(docker inspect --format '{{index .Config.Labels "com.docker.compose.project"}}' "$CADDY_CONTAINER_NAME" 2>/dev/null || echo "")
if [ -n "$detected" ]; then
echo "$detected"
else
echo "caddy-proxy-manager"
fi
}
# Apply the current port override — recreates only the caddy container.
do_apply() {
COMPOSE_PROJECT="$(detect_project_name)"
log "Using compose project: $COMPOSE_PROJECT"
# Build compose args. Files are read from COMPOSE_DIR (container path).
# COMPOSE_HOST_DIR (when set) is passed as --project-directory so the Docker
# daemon resolves relative bind-mount paths (e.g. ./geoip-data) against the
# actual host project directory rather than the sidecar's /compose mount.
COMPOSE_ARGS="-p $COMPOSE_PROJECT"
if [ -n "$COMPOSE_HOST_DIR" ]; then
COMPOSE_ARGS="$COMPOSE_ARGS --project-directory $COMPOSE_HOST_DIR"
fi
# Explicitly supply the .env file so required variables are available even
# when --project-directory points to a host path not mounted in the sidecar.
if [ -f "$COMPOSE_DIR/.env" ]; then
COMPOSE_ARGS="$COMPOSE_ARGS --env-file $COMPOSE_DIR/.env"
fi
COMPOSE_ARGS="$COMPOSE_ARGS -f $COMPOSE_DIR/docker-compose.yml"
if [ -f "$COMPOSE_DIR/docker-compose.override.yml" ]; then
COMPOSE_ARGS="$COMPOSE_ARGS -f $COMPOSE_DIR/docker-compose.override.yml"
fi
if [ -f "$OVERRIDE_FILE" ]; then
COMPOSE_ARGS="$COMPOSE_ARGS -f $OVERRIDE_FILE"
fi
write_status "applying" "Recreating caddy container with updated ports..."
# shellcheck disable=SC2086
if docker compose $COMPOSE_ARGS up -d --no-deps --force-recreate caddy 2>&1; then
log "Caddy container recreated successfully."
# Wait for caddy healthcheck to pass
HEALTH_TIMEOUT=30
HEALTH_WAITED=0
HEALTH="unknown"
while [ "$HEALTH_WAITED" -lt "$HEALTH_TIMEOUT" ]; do
HEALTH=$(docker inspect --format='{{.State.Health.Status}}' "$CADDY_CONTAINER_NAME" 2>/dev/null || echo "unknown")
if [ "$HEALTH" = "healthy" ]; then
break
fi
sleep 1
HEALTH_WAITED=$((HEALTH_WAITED + 1))
done
if [ "$HEALTH" = "healthy" ]; then
write_status "applied" "Caddy container recreated and healthy with updated ports."
log "Caddy is healthy."
else
write_status "applied" "Caddy container recreated but health check status: $HEALTH (may still be starting)."
log "Warning: Caddy health status is '$HEALTH' after ${HEALTH_TIMEOUT}s."
fi
else
ERROR_MSG="Failed to recreate caddy container. Check Docker logs."
write_status "failed" "$ERROR_MSG" "$ERROR_MSG"
log "ERROR: $ERROR_MSG"
fi
# Delete the trigger file after processing so stale triggers don't cause
# "Waiting for port manager sidecar..." on the next boot.
rm -f "$TRIGGER_FILE"
}
# ---------------------------------------------------------------------------
# Startup: always apply the override so caddy has the correct ports bound.
# (The main compose stack starts caddy without the L4 ports override file.)
# Only apply if the override file exists — it is created on first "Apply Ports".
# ---------------------------------------------------------------------------
if [ -f "$OVERRIDE_FILE" ]; then
log "Startup: applying existing L4 port override..."
do_apply
else
write_status "idle" "Port manager sidecar is running and ready."
log "Started. No L4 port override file yet."
fi
# Capture the current trigger content so the poll loop doesn't re-apply
# a trigger that was already handled (either above or before this boot).
# Use explicit assignment — do NOT use ${VAR:-fallback} which treats empty as unset.
LAST_TRIGGER=$(cat "$TRIGGER_FILE" 2>/dev/null || echo "")
log "Watching $TRIGGER_FILE for changes (poll every ${POLL_INTERVAL}s)"
while true; do
sleep "$POLL_INTERVAL"
CURRENT_TRIGGER=$(cat "$TRIGGER_FILE" 2>/dev/null || echo "")
if [ "$CURRENT_TRIGGER" = "$LAST_TRIGGER" ]; then
continue
fi
# Empty trigger means the file was just deleted — nothing to do.
if [ -z "$CURRENT_TRIGGER" ]; then
LAST_TRIGGER=""
continue
fi
LAST_TRIGGER="$CURRENT_TRIGGER"
log "Trigger changed. Applying port changes..."
do_apply
done
Reference in New Issue View Git Blame Copy Permalink