Skip to content

Commit 1ba79a3

Browse files
tremor021tremor021
authored
Pangolin: Add Traefik proxy (#8952)
* Add Traefik * Update * Update
1 parent baa4344 commit 1ba79a3

File tree

3 files changed

+175
-56
lines changed

3 files changed

+175
-56
lines changed

ct/pangolin.sh

Lines changed: 41 additions & 41 deletions
Original file line numberDiff line numberDiff line change
@@ -21,52 +21,52 @@ color
2121
catch_errors
2222

2323
function update_script() {
24-
header_info
25-
check_container_storage
26-
check_container_resources
27-
if [[ ! -d /opt/pangolin ]]; then
28-
msg_error "No ${APP} Installation Found!"
29-
exit
30-
fi
24+
header_info
25+
check_container_storage
26+
check_container_resources
27+
if [[ ! -d /opt/pangolin ]]; then
28+
msg_error "No ${APP} Installation Found!"
29+
exit
30+
fi
3131

32-
if check_for_gh_release "pangolin" "fosrl/pangolin"; then
33-
msg_info "Stopping Service"
34-
systemctl stop pangolin
35-
systemctl stop gerbil
36-
msg_info "Service stopped"
32+
if check_for_gh_release "pangolin" "fosrl/pangolin"; then
33+
msg_info "Stopping Service"
34+
systemctl stop pangolin
35+
systemctl stop gerbil
36+
msg_info "Service stopped"
3737

38-
msg_info "Creating backup"
39-
tar -czf /opt/pangolin_config_backup.tar.gz -C /opt/pangolin config
40-
msg_ok "Created backup"
38+
msg_info "Creating backup"
39+
tar -czf /opt/pangolin_config_backup.tar.gz -C /opt/pangolin config
40+
msg_ok "Created backup"
4141

42-
CLEAN_INSTALL=1 fetch_and_deploy_gh_release "pangolin" "fosrl/pangolin" "tarball"
43-
CLEAN_INSTALL=1 fetch_and_deploy_gh_release "gerbil" "fosrl/gerbil" "singlefile" "latest" "/usr/bin" "gerbil_linux_amd64"
42+
CLEAN_INSTALL=1 fetch_and_deploy_gh_release "pangolin" "fosrl/pangolin" "tarball"
43+
CLEAN_INSTALL=1 fetch_and_deploy_gh_release "gerbil" "fosrl/gerbil" "singlefile" "latest" "/usr/bin" "gerbil_linux_amd64"
4444

45-
msg_info "Updating Pangolin"
46-
cd /opt/pangolin
47-
$STD npm ci
48-
$STD npm run set:sqlite
49-
$STD npm run set:oss
50-
rm -rf server/private
51-
$STD npm run build:sqlite
52-
$STD npm run build:cli
53-
cp -R .next/standalone ./
54-
chmod +x ./dist/cli.mjs
55-
cp server/db/names.json ./dist/names.json
56-
msg_ok "Updated Pangolin"
45+
msg_info "Updating Pangolin"
46+
cd /opt/pangolin
47+
$STD npm ci
48+
$STD npm run set:sqlite
49+
$STD npm run set:oss
50+
rm -rf server/private
51+
$STD npm run build:sqlite
52+
$STD npm run build:cli
53+
cp -R .next/standalone ./
54+
chmod +x ./dist/cli.mjs
55+
cp server/db/names.json ./dist/names.json
56+
msg_ok "Updated Pangolin"
5757

58-
msg_info "Restoring config"
59-
tar -xzf /opt/pangolin_config_backup.tar.gz -C /opt/pangolin --overwrite
60-
rm -f /opt/pangolin_config_backup.tar.gz
61-
msg_ok "Restored config"
58+
msg_info "Restoring config"
59+
tar -xzf /opt/pangolin_config_backup.tar.gz -C /opt/pangolin --overwrite
60+
rm -f /opt/pangolin_config_backup.tar.gz
61+
msg_ok "Restored config"
6262

63-
msg_info "Starting Services"
64-
systemctl start pangolin
65-
systemctl start gerbil
66-
msg_ok "Started Services"
67-
msg_ok "Updated successfully!"
68-
fi
69-
exit
63+
msg_info "Starting Services"
64+
systemctl start pangolin
65+
systemctl start gerbil
66+
msg_ok "Started Services"
67+
msg_ok "Updated successfully!"
68+
fi
69+
exit
7070
}
7171

7272
start
@@ -76,4 +76,4 @@ description
7676
msg_ok "Completed Successfully!\n"
7777
echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
7878
echo -e "${INFO}${YW} Access it using the following URL:${CL}"
79-
echo -e "${TAB}${GATEWAY}${BGN}http://${IP}:3002${CL}"
79+
echo -e "${TAB}${GATEWAY}${BGN}https://<YOUR_PANGOLIN_URL>${CL}"

frontend/public/json/pangolin.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
"type": "ct",
99
"updateable": true,
1010
"privileged": false,
11-
"interface_port": 3002,
11+
"interface_port": 443,
1212
"documentation": "https://docs.pangolin.net/",
1313
"config_path": "/opt/pangolin/config/config.yml",
1414
"website": "https://pangolin.net/",

install/pangolin-install.sh

Lines changed: 133 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -22,11 +22,16 @@ msg_ok "Installed Dependencies"
2222
NODE_VERSION="22" setup_nodejs
2323
fetch_and_deploy_gh_release "pangolin" "fosrl/pangolin" "tarball"
2424
fetch_and_deploy_gh_release "gerbil" "fosrl/gerbil" "singlefile" "latest" "/usr/bin" "gerbil_linux_amd64"
25+
fetch_and_deploy_gh_release "traefik" "traefik/traefik" "prebuild" "latest" "/usr/bin" "traefik_v*_linux_amd64.tar.gz"
26+
27+
read -rp "${TAB3}Enter your Pangolin URL (ex: https://pangolin.example.com): " pango_url
28+
read -rp "${TAB3}Enter your email address: " pango_email
2529

2630
msg_info "Setup Pangolin"
2731
IP_ADDR=$(hostname -I | awk '{print $1}')
2832
SECRET_KEY=$(openssl rand -base64 48 | tr -dc 'A-Za-z0-9' | head -c 32)
2933
cd /opt/pangolin
34+
mkdir -p /opt/pangolin/config/{traefik,db,letsencrypt,logs}
3035
$STD npm ci
3136
$STD npm run set:sqlite
3237
$STD npm run set:oss
@@ -46,30 +51,129 @@ mkdir -p /var/config
4651

4752
cat <<EOF >/opt/pangolin/config/config.yml
4853
app:
49-
dashboard_url: http://$IP_ADDR:3002
50-
log_level: debug
54+
dashboard_url: "$pango_url"
5155
5256
domains:
5357
domain1:
54-
base_domain: example.com
58+
base_domain: "$pango_url"
59+
cert_resolver: "letsencrypt"
5560
5661
server:
57-
secret: $SECRET_KEY
62+
secret: "$SECRET_KEY"
5863
5964
gerbil:
60-
base_endpoint: example.com
61-
62-
orgs:
63-
block_size: 24
64-
subnet_group: 100.90.137.0/20
65+
base_endpoint: "$pango_url"
6566
6667
flags:
6768
require_email_verification: false
68-
disable_signup_without_invite: true
69-
disable_user_create_org: true
70-
allow_raw_resources: true
71-
enable_integration_api: true
72-
enable_clients: true
69+
disable_signup_without_invite: false
70+
disable_user_create_org: false
71+
EOF
72+
73+
cat <<EOF >/opt/pangolin/config/traefik/traefik_config.yml
74+
api:
75+
insecure: true
76+
dashboard: true
77+
78+
providers:
79+
http:
80+
endpoint: "http://$IP_ADDR:3001/api/v1/traefik-config"
81+
pollInterval: "5s"
82+
file:
83+
filename: "/opt/pangolin/config/traefik/dynamic_config.yml"
84+
85+
experimental:
86+
plugins:
87+
badger:
88+
moduleName: "github.com/fosrl/badger"
89+
version: "v1.2.0"
90+
91+
log:
92+
level: "INFO"
93+
format: "common"
94+
95+
certificatesResolvers:
96+
letsencrypt:
97+
acme:
98+
httpChallenge:
99+
entryPoint: web
100+
email: $pango_email
101+
storage: "/opt/pangolin/config/letsencrypt/acme.json"
102+
caServer: "https://acme-v02.api.letsencrypt.org/directory"
103+
104+
entryPoints:
105+
web:
106+
address: ":80"
107+
websecure:
108+
address: ":443"
109+
transport:
110+
respondingTimeouts:
111+
readTimeout: "30m"
112+
http:
113+
tls:
114+
certResolver: "letsencrypt"
115+
116+
serversTransport:
117+
insecureSkipVerify: true
118+
119+
ping:
120+
entryPoint: "web"
121+
EOF
122+
123+
cat <<EOF >/opt/pangolin/config/traefik/dynamic_config.yml
124+
http:
125+
middlewares:
126+
redirect-to-https:
127+
redirectScheme:
128+
scheme: https
129+
130+
routers:
131+
# HTTP to HTTPS redirect router
132+
main-app-router-redirect:
133+
rule: "Host(\`$pango_url\`)"
134+
service: next-service
135+
entryPoints:
136+
- web
137+
middlewares:
138+
- redirect-to-https
139+
140+
# Next.js router (handles everything except API and WebSocket paths)
141+
next-router:
142+
rule: "Host(\`$pango_url\`) && !PathPrefix(\`/api/v1\`)"
143+
service: next-service
144+
entryPoints:
145+
- websecure
146+
tls:
147+
certResolver: letsencrypt
148+
149+
# API router (handles /api/v1 paths)
150+
api-router:
151+
rule: "Host(\`$pango_url\`) && PathPrefix(\`/api/v1\`)"
152+
service: api-service
153+
entryPoints:
154+
- websecure
155+
tls:
156+
certResolver: letsencrypt
157+
158+
# WebSocket router
159+
ws-router:
160+
rule: "Host(\`$pango_url\`)"
161+
service: api-service
162+
entryPoints:
163+
- websecure
164+
tls:
165+
certResolver: letsencrypt
166+
167+
services:
168+
next-service:
169+
loadBalancer:
170+
servers:
171+
- url: "http://$IP_ADDR:3002"
172+
173+
api-service:
174+
loadBalancer:
175+
servers:
176+
- url: "http://$IP_ADDR:3000"
73177
EOF
74178
$STD npm run db:sqlite:generate
75179
$STD npm run db:sqlite:push
@@ -122,6 +226,21 @@ RestartSec=10
122226
WantedBy=multi-user.target
123227
EOF
124228
systemctl enable -q --now gerbil
229+
230+
cat <<'EOF' >/etc/systemd/system/traefik.service
231+
[Unit]
232+
Description=Traefik is an open-source Edge Router that makes publishing your services a fun and easy experience
233+
234+
[Service]
235+
Type=notify
236+
ExecStart=/usr/bin/traefik --configFile=/opt/pangolin/config/traefik/traefik_config.yml
237+
Restart=on-failure
238+
ExecReload=/bin/kill -USR1 \$MAINPID
239+
240+
[Install]
241+
WantedBy=multi-user.target
242+
EOF
243+
systemctl enable -q --now traefik
125244
msg_ok "Created Services"
126245

127246
motd_ssh

0 commit comments

Comments
 (0)