MCLOUD-6806: Add possibility to access Magento on port 443 inside of network (#280)

shiftedreality · web-flow · commit a91f90de4627 · 2020-08-27T14:56:44.000-05:00
diff --git a/images/varnish/4.0/etc/varnish.vcl b/images/varnish/4.0/etc/varnish.vcl
@@ -7,7 +7,7 @@ import std;
 
 backend default {
     .host = "web";
-    .port = "80";
+    .port = "8080";
     .first_byte_timeout = 300s;
     .between_bytes_timeout = 300s;
 }
diff --git a/images/varnish/6.2/etc/default.vcl b/images/varnish/6.2/etc/default.vcl
@@ -7,7 +7,7 @@ import std;
 
 backend default {
     .host = "web";
-    .port = "80";
+    .port = "8080";
     .first_byte_timeout = 300s;
     .between_bytes_timeout = 300s;
 }
diff --git a/images/web/Dockerfile b/images/web/Dockerfile
@@ -1,11 +1,11 @@
 FROM nginx
 
 ENV UPLOAD_MAX_FILESIZE 64M
-ENV FPM_HOST fpm
 ENV XDEBUG_HOST fpm_xdebug
+ENV FPM_HOST fpm
 ENV FPM_PORT 9000
-ENV VARNISH_HOST web
-ENV VARNISH_PORT 80
+ENV UPSTREAM_HOST web
+ENV UPSTREAM_PORT 80
 ENV MAGENTO_ROOT /app
 ENV MAGENTO_RUN_MODE production
 ENV MFTF_UTILS 0
@@ -18,16 +18,12 @@ COPY etc/xdebug-upstream.conf /etc/nginx/conf.d/xdebug/upstream.conf
 RUN mkdir /etc/nginx/ssl
 COPY certs/* /etc/nginx/ssl/
 
-RUN groupadd -g 1000 www && useradd -g 1000 -u 1000 -d ${MAGENTO_ROOT} -s /bin/bash www
-
 VOLUME ${MAGENTO_ROOT}
 
 COPY docker-entrypoint.sh /docker-entrypoint.sh
 RUN ["chmod", "+x", "/docker-entrypoint.sh"]
 ENTRYPOINT ["/docker-entrypoint.sh"]
 
-USER root
-
 EXPOSE 443
 
 WORKDIR ${MAGENTO_ROOT}
diff --git a/images/web/docker-entrypoint.sh b/images/web/docker-entrypoint.sh
@@ -10,8 +10,8 @@ XDEBUG_UPSTREAM_FILE="/etc/nginx/conf.d/xdebug/upstream.conf"
 [ ! -z "${XDEBUG_HOST}" ] && sed -i "s/!XDEBUG_HOST!/${XDEBUG_HOST}/" $XDEBUG_UPSTREAM_FILE
 [ ! -z "${FPM_PORT}" ] && sed -i "s/!FPM_PORT!/${FPM_PORT}/" $VHOST_FILE
 [ ! -z "${FPM_PORT}" ] && sed -i "s/!FPM_PORT!/${FPM_PORT}/" $XDEBUG_UPSTREAM_FILE
-[ ! -z "${VARNISH_HOST}" ] && sed -i "s/!VARNISH_HOST!/${VARNISH_HOST}/" $VHOST_FILE
-[ ! -z "${VARNISH_PORT}" ] && sed -i "s/!VARNISH_PORT!/${VARNISH_PORT}/" $VHOST_FILE
+[ ! -z "${UPSTREAM_HOST}" ] && sed -i "s/!UPSTREAM_HOST!/${UPSTREAM_HOST}/" $VHOST_FILE
+[ ! -z "${UPSTREAM_PORT}" ] && sed -i "s/!UPSTREAM_PORT!/${UPSTREAM_PORT}/" $VHOST_FILE
 [ ! -z "${MAGENTO_ROOT}" ] && sed -i "s#!MAGENTO_ROOT!#${MAGENTO_ROOT}#" $VHOST_FILE
 [ ! -z "${MAGENTO_RUN_MODE}" ] && sed -i "s/!MAGENTO_RUN_MODE!/${MAGENTO_RUN_MODE}/" $VHOST_FILE
 [ ! -z "${MFTF_UTILS}" ] && sed -i "s/!MFTF_UTILS!/${MFTF_UTILS}/" $VHOST_FILE
diff --git a/images/web/etc/vhost.conf b/images/web/etc/vhost.conf
@@ -3,6 +3,7 @@ upstream fastcgi_backend {
 }
 
 server {
+    listen 80;
     listen 443 ssl;
 
     server_name _;
@@ -11,7 +12,7 @@ server {
     ssl_certificate_key /etc/nginx/ssl/magento.key;
 
     location / {
-        proxy_pass http://!VARNISH_HOST!:!VARNISH_PORT!;
+        proxy_pass http://!UPSTREAM_HOST!:!UPSTREAM_PORT!;
         proxy_set_header Host $host;
         proxy_set_header X-Real-IP $remote_addr;
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
@@ -23,7 +24,7 @@ server {
 }
 
 server {
-    listen 80;
+    listen 8080;
     
     fastcgi_buffers 16 16k;
     fastcgi_buffer_size 32k;
diff --git a/src/Command/BuildCompose.php b/src/Command/BuildCompose.php
@@ -234,13 +234,18 @@ protected function configure(): void
         )->addOption(
             Source\CliSource::OPTION_HOST,
             null,
-            InputOption::VALUE_OPTIONAL,
+            InputOption::VALUE_REQUIRED,
             'Host name'
         )->addOption(
             Source\CliSource::OPTION_PORT,
             null,
-            InputOption::VALUE_OPTIONAL,
+            InputOption::VALUE_REQUIRED,
             'Port'
+        )->addOption(
+            Source\CliSource::OPTION_TLS_PORT,
+            null,
+            InputOption::VALUE_REQUIRED,
+            'TLS port'
         )->addOption(
             Source\CliSource::OPTION_ES_ENVIRONMENT_VARIABLE,
             null,
diff --git a/src/Compose/Manager.php b/src/Compose/Manager.php
@@ -64,6 +64,10 @@ public function addService(string $name, array $extConfig, array $networks, arra
         $config = array_replace($config, $extConfig);
 
         foreach ($networks as $network) {
+            if (!empty($config['networks'][$network]['aliases'])) {
+                continue;
+            }
+
             $config['networks'][$network] = [
                 'aliases' => [$hostname]
             ];
diff --git a/src/Compose/ProductionBuilder.php b/src/Compose/ProductionBuilder.php
@@ -234,13 +234,6 @@ public function build(Config $config): Manager
             ]
         ];
 
-        if (!$config->hasServiceEnabled(self::SERVICE_VARNISH)) {
-            $webConfig['ports'] = [$config->getPort() . ':80'];
-            $webConfig['environment'][] = 'VIRTUAL_HOST=' . $config->getHost();
-            $webConfig['environment'][] = 'VIRTUAL_PORT=' . $config->getPort();
-            $webConfig['environment'][] = 'HTTPS_METHOD=noredirect';
-        }
-
         $manager->addService(
             self::SERVICE_WEB,
             $this->serviceFactory->create(
@@ -257,23 +250,10 @@ public function build(Config $config): Manager
                 self::SERVICE_VARNISH,
                 $this->serviceFactory->create(
                     ServiceInterface::SERVICE_VARNISH,
-                    $config->getServiceVersion(ServiceInterface::SERVICE_VARNISH),
-                    [
-                        'networks' => [
-                            self::NETWORK_MAGENTO => [
-                                'aliases' => [$config->getHost()]
-                            ]
-                        ],
-                        'ports' => [$config->getPort() . ':80'],
-                        'environment' => [
-                            'VIRTUAL_HOST=' . $config->getHost(),
-                            'VIRTUAL_PORT=' . $config->getPort(),
-                            'HTTPS_METHOD=noredirect'
-                        ]
-                    ]
+                    $config->getServiceVersion(ServiceInterface::SERVICE_VARNISH)
                 ),
-                [],
-                [self::SERVICE_WEB => ['condition' => 'service_started']]
+                [self::NETWORK_MAGENTO],
+                [self::SERVICE_WEB => []]
             );
         }
 
@@ -286,7 +266,16 @@ public function build(Config $config): Manager
                 ServiceInterface::SERVICE_TLS,
                 $config->getServiceVersion(ServiceInterface::SERVICE_TLS),
                 [
-                    'environment' => ['VARNISH_HOST' => $tlsBackendService],
+                    'networks' => [
+                        self::NETWORK_MAGENTO => [
+                            'aliases' => [$config->getHost()]
+                        ]
+                    ],
+                    'environment' => ['UPSTREAM_HOST' => $tlsBackendService],
+                    'ports' => [
+                        $config->getPort() . ':80',
+                        $config->getTlsPort() . ':443'
+                    ]
                 ]
             ),
             [self::NETWORK_MAGENTO],
diff --git a/src/Config/Config.php b/src/Config/Config.php
@@ -376,6 +376,21 @@ public function getPort(): string
         return (string)$this->all()->get(SourceInterface::SYSTEM_PORT);
     }
 
+    /**
+     * Returns the TLS port
+     *
+     * @return string
+     * @throws ConfigurationMismatchException
+     */
+    public function getTlsPort(): string
+    {
+        if (!$this->all()->has(SourceInterface::SYSTEM_TLS_PORT)) {
+            throw new ConfigurationMismatchException('Required config "tls port" is not provided');
+        }
+
+        return (string)$this->all()->get(SourceInterface::SYSTEM_TLS_PORT);
+    }
+
     /**
      * @return string
      * @throws ConfigurationMismatchException
diff --git a/src/Config/Source/BaseSource.php b/src/Config/Source/BaseSource.php
@@ -26,6 +26,7 @@ class BaseSource implements SourceInterface
 
     public const DEFAULT_HOST = 'magento2.docker';
     public const DEFAULT_PORT = '80';
+    public const DEFAULT_TLS_PORT = '443';
 
     /**
      * @var EnvReader
@@ -70,6 +71,7 @@ public function read(): Repository
             self::CRON_ENABLED => false,
             self::SYSTEM_PORT => self::DEFAULT_PORT,
             self::SYSTEM_HOST => self::DEFAULT_HOST,
+            self::SYSTEM_TLS_PORT => self::DEFAULT_TLS_PORT,
             self::INSTALLATION_TYPE => self::INSTALLATION_TYPE_COMPOSER,
             self::MAGENTO_VERSION => $this->getMagentoVersion()
         ]);
diff --git a/src/Config/Source/CliSource.php b/src/Config/Source/CliSource.php
@@ -58,6 +58,7 @@ class CliSource implements SourceInterface
      */
     public const OPTION_HOST = 'host';
     public const OPTION_PORT = 'port';
+    public const OPTION_TLS_PORT = 'tls-port';
 
     public const OPTION_DB_INCREMENT_INCREMENT = 'db-increment-increment';
     public const OPTION_DB_INCREMENT_OFFSET = 'db-increment-offset';
@@ -235,6 +236,10 @@ public function read(): Repository
             $repository->set(self::SYSTEM_PORT, $port);
         }
 
+        if ($port = $this->input->getOption(self::OPTION_TLS_PORT)) {
+            $repository->set(self::SYSTEM_TLS_PORT, $port);
+        }
+
         if ($installationType = $this->input->getOption(self::OPTION_INSTALLATION_TYPE)) {
             $repository->set(self::INSTALLATION_TYPE, $installationType);
         }
diff --git a/src/Config/Source/SourceInterface.php b/src/Config/Source/SourceInterface.php
@@ -136,6 +136,7 @@ interface SourceInterface
     public const SYSTEM_MODE = 'system.mode';
     public const SYSTEM_HOST = 'system.host';
     public const SYSTEM_PORT = 'system.port';
+    public const SYSTEM_TLS_PORT = 'system.tls_port';
     public const SYSTEM_EXPOSE_DB_PORTS = 'system.expose_db_ports';
     public const SYSTEM_EXPOSE_DB_QUOTE_PORTS = 'system.expose_db_quote_ports';
     public const SYSTEM_EXPOSE_DB_SALES_PORTS = 'system.expose_db_sales_ports';
diff --git a/src/Service/ServiceFactory.php b/src/Service/ServiceFactory.php
@@ -87,9 +87,6 @@ class ServiceFactory
             'pattern' => self::PATTERN_VERSIONED,
             'config' => [
                 'extends' => ServiceInterface::SERVICE_GENERIC,
-                'ports' => [
-                    '443:443'
-                ],
             ]
         ],
         ServiceInterface::SERVICE_REDIS => [
diff --git a/src/Test/Integration/BuildComposeTest.php b/src/Test/Integration/BuildComposeTest.php
@@ -91,7 +91,9 @@ public function buildDataProvider(): array
                     [CliSource::OPTION_DB_INCREMENT_INCREMENT, 3],
                     [CliSource::OPTION_DB_INCREMENT_OFFSET, 2],
                     [CliSource::OPTION_WITH_ENTRYPOINT, true],
-                    [CliSource::OPTION_WITH_MARIADB_CONF, true]
+                    [CliSource::OPTION_WITH_MARIADB_CONF, true],
+                    [CliSource::OPTION_TLS_PORT, '4443'],
+                    [CliSource::OPTION_NO_MAILHOG, true]
                 ]
             ]
         ];
diff --git a/src/Test/Integration/_files/cloud_base/docker-compose.exp.yml b/src/Test/Integration/_files/cloud_base/docker-compose.exp.yml
@@ -97,28 +97,23 @@ services:
     networks:
       magento:
         aliases:
-          - magento2.docker
-    ports:
-      - '80:80'
-    environment:
-      - VIRTUAL_HOST=magento2.docker
-      - VIRTUAL_PORT=80
-      - HTTPS_METHOD=noredirect
+          - varnish.magento2.docker
     depends_on:
       web:
         condition: service_started
   tls:
     hostname: tls.magento2.docker
     image: 'magento/magento-cloud-docker-nginx:latest-1.1'
     extends: generic
-    ports:
-      - '443:443'
-    environment:
-      VARNISH_HOST: varnish
     networks:
       magento:
         aliases:
-          - tls.magento2.docker
+          - magento2.docker
+    environment:
+      UPSTREAM_HOST: varnish
+    ports:
+      - '80:80'
+      - '443:443'
     depends_on:
       varnish:
         condition: service_started
diff --git a/src/Test/Integration/_files/cloud_base_mftf/docker-compose.exp.yml b/src/Test/Integration/_files/cloud_base_mftf/docker-compose.exp.yml
@@ -91,28 +91,23 @@ services:
     networks:
       magento:
         aliases:
-          - magento2.docker
-    ports:
-      - '80:80'
-    environment:
-      - VIRTUAL_HOST=magento2.docker
-      - VIRTUAL_PORT=80
-      - HTTPS_METHOD=noredirect
+          - varnish.magento2.docker
     depends_on:
       web:
         condition: service_started
   tls:
     hostname: tls.magento2.docker
     image: 'magento/magento-cloud-docker-nginx:latest-1.1'
     extends: generic
-    ports:
-      - '443:443'
-    environment:
-      VARNISH_HOST: varnish
     networks:
       magento:
         aliases:
-          - tls.magento2.docker
+          - magento2.docker
+    environment:
+      UPSTREAM_HOST: varnish
+    ports:
+      - '80:80'
+      - '4443:443'
     depends_on:
       varnish:
         condition: service_started
@@ -251,17 +246,6 @@ services:
         condition: service_healthy
       redis:
         condition: service_healthy
-  mailhog:
-    hostname: mailhog.magento2.docker
-    image: 'mailhog/mailhog:latest'
-    restart: always
-    ports:
-      - '1025:1025'
-      - '8025:8025'
-    networks:
-      magento:
-        aliases:
-          - mailhog.magento2.docker
 volumes:
   magento-vendor: {  }
   magento-generated: {  }
diff --git a/src/Test/Integration/_files/custom_cloud_base/docker-compose.exp.yml b/src/Test/Integration/_files/custom_cloud_base/docker-compose.exp.yml
@@ -71,28 +71,23 @@ services:
     networks:
       magento:
         aliases:
-          - magento2.test
-    ports:
-      - '8080:80'
-    environment:
-      - VIRTUAL_HOST=magento2.test
-      - VIRTUAL_PORT=8080
-      - HTTPS_METHOD=noredirect
+          - varnish.magento2.test
     depends_on:
       web:
         condition: service_started
   tls:
     hostname: tls.magento2.test
     image: 'magento/magento-cloud-docker-nginx:latest-1.1'
     extends: generic
-    ports:
-      - '443:443'
-    environment:
-      VARNISH_HOST: varnish
     networks:
       magento:
         aliases:
-          - tls.magento2.test
+          - magento2.test
+    environment:
+      UPSTREAM_HOST: varnish
+    ports:
+      - '8080:80'
+      - '443:443'
     depends_on:
       varnish:
         condition: service_started

Original file line number	Diff line number	Diff line change
`@@ -7,7 +7,7 @@ import std;`
`7`	`7`
`8`	`8`	`backend default {`
`9`	`9`	`.host = "web";`
`10`		`- .port = "80";`
	`10`	`+ .port = "8080";`
`11`	`11`	`.first_byte_timeout = 300s;`
`12`	`12`	`.between_bytes_timeout = 300s;`
`13`	`13`	`}`