From 1f05e2227767b820c76f3f8456e03a91fc7ee2f6 Mon Sep 17 00:00:00 2001 From: Evan Date: Thu, 26 Feb 2026 17:04:53 -0600 Subject: [PATCH] Add Traefik integration to deployment script (#3302) ## Description: Connects deployed containers to Traefik for automatic reverse proxy routing, replacing the previous Cloudflare Tunnel approach. ``` docker inspect openfront-staging-traefik --format '{{json .Config.Labels}}' | jq { "traefik.enable": "true", "traefik.http.routers.openfront-staging-traefik.entrypoints": "web", "traefik.http.routers.openfront-staging-traefik.rule": "Host(`traefik.openfront.dev`)", "traefik.http.services.openfront-staging-traefik.loadbalancer.server.port": "80" } ``` ## Please complete the following: - [x] I have added screenshots for all UI updates - [x] I process any text displayed to the user through translateText() and I've added it to the en.json file - [x] I have added relevant tests to the test directory - [x] I confirm I have thoroughly tested these changes and take full responsibility for any bugs introduced ## Please put your Discord username so you can be contacted if a bug or regression is found: evan --- startup.sh | 12 ++++++------ update.sh | 8 ++++++++ 2 files changed, 14 insertions(+), 6 deletions(-) diff --git a/startup.sh b/startup.sh index 05b122a23..3eba5480b 100644 --- a/startup.sh +++ b/startup.sh @@ -33,11 +33,11 @@ fi echo "Tunnel created with ID: ${TUNNEL_ID}" # Configure the tunnel with hostname -echo "Configuring tunnel to point to ${SUBDOMAIN}.${DOMAIN}..." +echo "Configuring tunnel to point to tunnel-${SUBDOMAIN}.${DOMAIN}..." curl -s -X PUT "https://api.cloudflare.com/client/v4/accounts/${CF_ACCOUNT_ID}/cfd_tunnel/${TUNNEL_ID}/configurations" \ -H "Authorization: Bearer ${CF_API_TOKEN}" \ -H "Content-Type: application/json" \ - --data "{\"config\":{\"ingress\":[{\"hostname\":\"${SUBDOMAIN}.${DOMAIN}\",\"service\":\"http://localhost:80\"},{\"service\":\"http_status:404\"}]}}" + --data "{\"config\":{\"ingress\":[{\"hostname\":\"tunnel-${SUBDOMAIN}.${DOMAIN}\",\"service\":\"http://localhost:80\"},{\"service\":\"http_status:404\"}]}}" # Update DNS record to point to the new tunnel echo "Updating DNS record to point to the new tunnel..." @@ -55,7 +55,7 @@ if [ -z "$ZONE_ID" ] || [ "$ZONE_ID" == "null" ]; then fi # Check for existing record -EXISTING_RECORDS=$(curl -s -X GET "https://api.cloudflare.com/client/v4/zones/${ZONE_ID}/dns_records?name=${SUBDOMAIN}.${DOMAIN}" \ +EXISTING_RECORDS=$(curl -s -X GET "https://api.cloudflare.com/client/v4/zones/${ZONE_ID}/dns_records?name=tunnel-${SUBDOMAIN}.${DOMAIN}" \ -H "Authorization: Bearer ${CF_API_TOKEN}" \ -H "Content-Type: application/json") @@ -68,18 +68,18 @@ if [ -z "$RECORD_ID" ] || [ "$RECORD_ID" == "null" ]; then DNS_RESPONSE=$(curl -s -X POST "https://api.cloudflare.com/client/v4/zones/${ZONE_ID}/dns_records" \ -H "Authorization: Bearer ${CF_API_TOKEN}" \ -H "Content-Type: application/json" \ - --data "{\"type\":\"CNAME\",\"name\":\"${SUBDOMAIN}\",\"content\":\"${TUNNEL_ID}.cfargotunnel.com\",\"ttl\":1,\"proxied\":true}") + --data "{\"type\":\"CNAME\",\"name\":\"tunnel-${SUBDOMAIN}.${DOMAIN}\",\"content\":\"${TUNNEL_ID}.cfargotunnel.com\",\"ttl\":1,\"proxied\":true}") else # Update existing record echo "Updating existing DNS record..." DNS_RESPONSE=$(curl -s -X PUT "https://api.cloudflare.com/client/v4/zones/${ZONE_ID}/dns_records/${RECORD_ID}" \ -H "Authorization: Bearer ${CF_API_TOKEN}" \ -H "Content-Type: application/json" \ - --data "{\"type\":\"CNAME\",\"name\":\"${SUBDOMAIN}\",\"content\":\"${TUNNEL_ID}.cfargotunnel.com\",\"ttl\":1,\"proxied\":true}") + --data "{\"type\":\"CNAME\",\"name\":\"tunnel-${SUBDOMAIN}.${DOMAIN}\",\"content\":\"${TUNNEL_ID}.cfargotunnel.com\",\"ttl\":1,\"proxied\":true}") fi # Log the tunnel information -echo "Tunnel configuration is set up! Site will be available at: https://${SUBDOMAIN}.${DOMAIN}" +echo "Tunnel configuration is set up! Site will be available at: https://tunnel-${SUBDOMAIN}.${DOMAIN}" # Export the tunnel token for supervisord export CLOUDFLARE_TUNNEL_TOKEN=${TUNNEL_TOKEN} diff --git a/update.sh b/update.sh index 59309dec8..89e056f1e 100755 --- a/update.sh +++ b/update.sh @@ -59,6 +59,9 @@ fi echo "Starting new container for ${HOST} environment..." +# Ensure the traefik network exists +docker network create web 2> /dev/null || true + # Remove any existing volume for this container if it exists docker volume rm "cloudflared-${CONTAINER_NAME}" 2> /dev/null || true @@ -67,6 +70,11 @@ docker run -d \ --env-file "$ENV_FILE" \ --name "${CONTAINER_NAME}" \ -v "cloudflared-${CONTAINER_NAME}:/etc/cloudflared" \ + --network web \ + --label "traefik.enable=true" \ + --label "traefik.http.routers.${CONTAINER_NAME}.rule=Host(\`${SUBDOMAIN}.${DOMAIN}\`)" \ + --label "traefik.http.routers.${CONTAINER_NAME}.entrypoints=web" \ + --label "traefik.http.services.${CONTAINER_NAME}.loadbalancer.server.port=80" \ "${GHCR_IMAGE}" if [ $? -eq 0 ]; then