public
/
dotege
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

Add auth label

master
Chris Smith 5 years ago
parent
f523b6a4ef
commit
13fa96a57c
4 changed files with 19 additions and 5 deletions
Unified View Show Diff Stats
  1. 1
    1
      certs/deployer.go
  2. 7
    1
      dotege.go
  3. 4
    1
      model/model.go
  4. 7
    2
      templates/haproxy.cfg.tpl

+ 1
- 1
certs/deployer.go View File

90 
 	if err != nil {
 90 
 	if err != nil {
91 
 		c.logger.Warnf("Unable to write certificate %s - %s", target, err.Error())
 91 
 		c.logger.Warnf("Unable to write certificate %s - %s", target, err.Error())
92 
 	} else {
 92 
 	} else {
93 
-		c.logger.Info("Updated certificate file %s", target)
93 
+		c.logger.Infof("Updated certificate file %s", target)
94 
 	}
 94 
 	}
95 
 }
 95 
 }
96
96

+ 7
- 1
dotege.go View File

48
48
49 
 	config := model.Config{
 49 
 	config := model.Config{
50 
 		Labels: model.LabelConfig{
 50 
 		Labels: model.LabelConfig{
51 
-			Hostnames: "com.chameth.vhost",
51 
+			Hostnames:   "com.chameth.vhost",
52 
+			RequireAuth: "com.chameth.auth",
52 
 		},
 53 
 		},
53 
 		DefaultCertActions:     model.COMBINE | model.FLATTEN,
 54 
 		DefaultCertActions:     model.COMBINE | model.FLATTEN,
54 
 		DefaultCertDestination: "/data/certs/",
 55 
 		DefaultCertDestination: "/data/certs/",
125 
 				}
 126 
 				}
126 
 			}
 127 
 			}
127 
 			addAlternatives(hostnames[names[0]], names[1:])
 128 
 			addAlternatives(hostnames[names[0]], names[1:])
129 
+
130 
+			if label, ok = container.Labels[config.Labels.RequireAuth]; ok {
131 
+				hostnames[names[0]].RequiresAuth = true
132 
+				hostnames[names[0]].AuthGroup = label
133 
+			}
128 
 		}
 134 
 		}
129 
 	}
 135 
 	}
130 
 	return
 136 
 	return

+ 4
- 1
model/model.go View File

24
24
25 
 // LabelConfig describes the labels used for various properties.
 25 
 // LabelConfig describes the labels used for various properties.
26 
 type LabelConfig struct {
 26 
 type LabelConfig struct {
27 
-	Hostnames string
27 
+	Hostnames   string
28 
+	RequireAuth string
28 
 }
 29 
 }
29
30
30 
 // Hostname describes a DNS name used for proxying, retrieving certificates, etc.
 31 
 // Hostname describes a DNS name used for proxying, retrieving certificates, etc.
34 
 	Containers      []Container
 35 
 	Containers      []Container
35 
 	CertActions     CertActions
 36 
 	CertActions     CertActions
36 
 	CertDestination string
 37 
 	CertDestination string
38 
+	RequiresAuth    bool
39 
+	AuthGroup       string
37 
 }
 40 
 }
38
41
39 
 // Config is the user-definable configuration for Dotege.
 42 
 // Config is the user-definable configuration for Dotege.

+ 7
- 2
templates/haproxy.cfg.tpl View File

26 
     use_backend {{ .Name | replace "." "_" }} if {hdr(host) -i {{ .Name }}
 26 
     use_backend {{ .Name | replace "." "_" }} if {hdr(host) -i {{ .Name }}
27 
         {{- range $san, $_ := .Alternatives }} || hdr(host) -i {{ $san }} {{- end -}}
 27 
         {{- range $san, $_ := .Alternatives }} || hdr(host) -i {{ $san }} {{- end -}}
28 
     }
 28 
     }
29 
-{{- end }}
30 
-{{- range .Hostnames }}
29 
+{{- end -}}
30 
+
31 
+{{ range .Hostnames }}
31
32
32 
 backend {{ .Name | replace "." "_" }}
 33 
 backend {{ .Name | replace "." "_" }}
33 
     mode http
 34 
     mode http
36 
     server server1 {{ .Name }}:{{ index .Labels "com.chameth.proxy" }} check resolvers docker_resolver
 37 
     server server1 {{ .Name }}:{{ index .Labels "com.chameth.proxy" }} check resolvers docker_resolver
37 
         {{- end -}}
 38 
         {{- end -}}
38 
     {{- end -}}
 39 
     {{- end -}}
40 
+    {{- if .RequiresAuth }}
41 
+    acl authed_{{ .Name | replace "." "_" }} http_auth({{ .AuthGroup }})
42 
+    http-request auth if !authed_{{ .Name | replace "." "_" }}
43 
+    {{- end -}}
39 
 {{ end }}
 44 
 {{ end }}

Write Preview
Loading…
Cancel
Save