Skip to content

Commit

Permalink
Merge pull request #1064 from DSD-DBS/support-reverse-proxies
Browse files Browse the repository at this point in the history
feat: Replace `$http_host` in nginx.conf, add support for proxies
  • Loading branch information
MoritzWeber0 authored Oct 13, 2023
2 parents a55629e + 16e582a commit c484956
Show file tree
Hide file tree
Showing 9 changed files with 63 additions and 10 deletions.
2 changes: 2 additions & 0 deletions backend/capellacollab/config/config_schema.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -114,6 +114,8 @@ properties:
type: ["number", "string"]
scheme:
type: string
wildcardHost:
type: boolean
metadata:
type: object
properties:
Expand Down
11 changes: 10 additions & 1 deletion backend/capellacollab/sessions/hooks/jupyter.py
Original file line number Diff line number Diff line change
Expand Up @@ -34,12 +34,19 @@ class JupyterConfigEnvironment(t.TypedDict):
CSP_ORIGIN_HOST: str


class GeneralConfigEnvironment(t.TypedDict):
scheme: str
host: str
port: str
wildcardHost: t.NotRequired[bool | None]


class JupyterIntegration(interface.HookRegistration):
def __init__(self):
self._jupyter_public_uri: urllib_parse.ParseResult = (
urllib_parse.urlparse(config["extensions"]["jupyter"]["publicURI"])
)
self._general_conf = config["general"]
self._general_conf: GeneralConfigEnvironment = config["general"]

def configuration_hook( # type: ignore[override]
self,
Expand Down Expand Up @@ -73,11 +80,13 @@ def post_session_creation_hook(
user: users_models.DatabaseUser,
**kwargs,
):
assert self._jupyter_public_uri.hostname
operator.create_public_route(
session_id=session_id,
host=self._jupyter_public_uri.hostname or "",
path=self._determine_base_url(user.name),
port=8888,
wildcard_host=self._general_conf.get("wildcardHost", False),
)

def pre_session_termination_hook( # type: ignore
Expand Down
36 changes: 32 additions & 4 deletions backend/capellacollab/sessions/operators/k8s.py
Original file line number Diff line number Diff line change
Expand Up @@ -120,12 +120,33 @@ def validate(self) -> bool:
return False

def create_public_route(
self, session_id: str, host: str, path: str, port: int
self,
session_id: str,
host: str,
path: str,
port: int,
wildcard_host: bool | None = False,
):
"""Create a public route for the session
Parameters
==========
session_id: str
The database ID of the session
host: str
The host to use for the route
path: str
The path to use for the route
port: int
The port to use for the route
wildcard_host: bool
Whether to use a wildcard host or not (serve on all hosts),
not supported for OpenShift
"""
if self.openshift:
self._create_openshift_route(session_id, host, path, port)
else:
self._create_ingress(session_id, host, path, port)
self._create_ingress(session_id, host, path, port, wildcard_host)

def delete_public_route(self, session_id: str):
if self.openshift:
Expand Down Expand Up @@ -678,7 +699,14 @@ def _create_service(
)
return self.v1_core.create_namespaced_service(namespace, service)

def _create_ingress(self, id, host: str, path: str, port_number: int):
def _create_ingress(
self,
id,
host: str,
path: str,
port_number: int,
wildcard_host: bool | None = False,
):
ingress = client.V1Ingress(
api_version="networking.k8s.io/v1",
kind="Ingress",
Expand All @@ -689,7 +717,7 @@ def _create_ingress(self, id, host: str, path: str, port_number: int):
ingress_class_name=cfg.get("ingressClassName"),
rules=[
client.V1IngressRule(
host=host,
host=None if wildcard_host else host,
http=client.V1HTTPIngressRuleValue(
paths=[
client.V1HTTPIngressPath(
Expand Down
1 change: 1 addition & 0 deletions backend/config/config_template.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,7 @@ general:
host: localhost
port: 4200
scheme: http
wildcardHost: False

metadata:
privacyPolicyURL: https://example.com/privacy
Expand Down
7 changes: 6 additions & 1 deletion backend/tests/sessions/test_sessions_routes.py
Original file line number Diff line number Diff line change
Expand Up @@ -122,7 +122,12 @@ def start_session(
}

def create_public_route(
self, session_id: str, host: str, path: str, port: int
self,
session_id: str,
host: str,
path: str,
port: int,
wildcard_host: bool | None = False,
):
pass

Expand Down
1 change: 1 addition & 0 deletions helm/config/backend.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@ general:
host: "{{ .Values.general.host }}"
port: "{{ .Values.general.port }}"
scheme: "{{ .Values.general.scheme }}"
wildcardHost: {{ .Values.general.wildcardHost }}

metadata:
{{- toYaml .Values.general.metadata | nindent 4 }}
Expand Down
4 changes: 2 additions & 2 deletions helm/config/nginx.conf
Original file line number Diff line number Diff line change
Expand Up @@ -25,8 +25,8 @@ http {
location /api/v1/ {
client_max_body_size 30m;
proxy_pass http://{{ .Release.Name }}-backend:80;
proxy_redirect http://{{ .Release.Name }}-backend {{ .Values.general.scheme }}://$http_host;
proxy_redirect http://{{ .Release.Name }}-backend:80 {{ .Values.general.scheme }}://$http_host;
proxy_redirect http://{{ .Release.Name }}-backend {{ .Values.general.scheme }}://{{ .Values.general.host }}:{{ .Values.general.port }};
proxy_redirect http://{{ .Release.Name }}-backend:80 {{ .Values.general.scheme }}://{{ .Values.general.host }}:{{ .Values.general.port }};
}
}
}
6 changes: 4 additions & 2 deletions helm/templates/routing/nginx.ingress.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -15,8 +15,7 @@ metadata:
spec:
ingressClassName: {{ .Values.cluster.ingressClassName }}
rules:
- host: {{ .Values.general.host }}
http:
- http:
paths:
- path: /
pathType: Prefix
Expand Down Expand Up @@ -69,4 +68,7 @@ spec:
port:
number: 8080
{{ end }}
{{ if not .Values.general.wildcardHost }}
host: {{ .Values.general.host }}
{{ end }}
{{ end }}
5 changes: 5 additions & 0 deletions helm/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,11 @@ general:
port: 80
scheme: http

# The application will serve on all hostnames (wildcardHost set to True).
# The default behavior is to only serve on the configured host (wildcardHost set to False).
# This option has no effect when using OpenShift.
wildcardHost: False

metadata:
privacyPolicyURL: https://example.com/privacy
imprintURL: https://example.com/imprint
Expand Down

0 comments on commit c484956

Please sign in to comment.