chore: caddy config file(json)

nginx: proxy version api
2025-12-05 18:39:30 +08:00
parent f4f3590aec
commit c53c15fa8c
15 changed files with 1153 additions and 60 deletions
--- a/internal/controller/maker/configmap.go
+++ b/internal/controller/maker/configmap.go
@@ -100,6 +100,16 @@ kubectl create configmap ssl-client-key --namespace hsv2 --from-file=client.key=
 kubectl create configmap ssl-client-ca-crt --namespace hsv2 --from-file=client.ca.crt=./ssl_client_ca.crt --dry-run=client -o yaml | kubectl apply -f -
 kubectl create configmap ssl-client-ca-key --namespace hsv2 --from-file=client.ca.key=./ssl_client_ca.key --dry-run=client -o yaml | kubectl apply -f -
 kubectl create configmap ssl-web-crt --namespace hsv2 --from-file=web.server.crt=./ssl_web.crt --dry-run=client -o yaml | kubectl apply -f -
+`
+		_version_yaml = `
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: config-version
+  namespace: hsv2
+data:
+  version.txt: |
+    __version__
 `
 	)

@@ -208,6 +218,12 @@ kubectl create configmap ssl-web-crt --namespace hsv2 --from-file=web.server.crt
 	}
 	logger.Debug("✅ maker.ConfigMap: 写入 ssl_client_ca.key 文件: %s 成功", filepath.Join(dir, "ssl_client_ca.key"))

+	if err = os.WriteFile(filepath.Join(dir, "version.yaml"), []byte(_version_yaml), 0644); err != nil {
+		logger.Debug("❌ maker.ConfigMap: 写入 version.yaml 文件: %s 失败, 错误: %v", filepath.Join(dir, "version.yaml"), err)
+		return err
+	}
+	logger.Debug("✅ maker.ConfigMap: 写入 version.yaml 文件: %s 成功", filepath.Join(dir, "version.yaml"))
+
 	// upsert configmap
 	logger.Debug("☑️ maker.ConfigMap: 执行 upsert 脚本: %s", filepath.Join(dir, "upsert.sh"))
 	if err = os.WriteFile(filepath.Join(dir, "upsert.sh"), []byte(upsert), 0755); err != nil {
--- a/internal/controller/maker/proxy.go
+++ b/internal/controller/maker/proxy.go
@@ -2,31 +2,18 @@ package maker

 import (
 	"context"
+	"encoding/json"
 	"os"
 	"path/filepath"

 	"gitea.loveuer.com/yizhisec/pkg3/logger"
 	"yizhisec.com/hsv2/forge/pkg/downloader"
+	"yizhisec.com/hsv2/forge/pkg/model"
 )

 func (m *maker) Proxy(ctx context.Context) error {
 	const (
-		binURL       = "https://artifactory.yizhisec.com:443/artifactory/filestore/hsv2/bin/caddy"
-		caddyfileTpl = `{
-    layer4 {
-        :8443 {
-            route {
-                proxy __UPSTREAMS_8443__
-            }
-        }
-
-        :443 {
-            route {
-                proxy __UPSTREAMS_443__
-            }
-        }
-    }
-}`
+		binURL     = "https://artifactory.yizhisec.com:443/artifactory/filestore/hsv2/bin/caddy"
 		systemdSvc = `[Unit]
 Description=YiZhiSec Caddy Reverse Proxy
 After=network.target
@@ -34,7 +21,7 @@ After=network.target
 [Service]
 Type=simple
 User=root
-ExecStart=/usr/local/bin/caddy run --config /etc/caddy/Caddyfile
+ExecStart=/usr/local/bin/caddy run --config /etc/caddy/caddy.json
 StandardOutput=journal
 StandardError=journal
 Nice=-20
@@ -68,12 +55,85 @@ WantedBy=multi-user.target`
 	}
 	logger.Debug("✅ maker.Proxy: 下载 caddy 成功, url = %s", binURL)

-	logger.Debug("☑️ maker.Proxy: 写入 Caddyfile 文件..., dest = %s", filepath.Join(location, "Caddyfile"))
-	if err := os.WriteFile(filepath.Join(location, "Caddyfile"), []byte(caddyfileTpl), 0644); err != nil {
-		logger.Debug("❌ maker.Proxy: 写入 Caddyfile 失败, dest = %s, err = %v", filepath.Join(location, "Caddyfile"), err)
+	logger.Debug("☑️ maker.Proxy: 写入 caddy.json 文件..., dest = %s", filepath.Join(location, "caddy.json"))
+	caddyConfig := model.CaddyConfig{
+		"apps": &model.CaddyApp{
+			Layer4: &model.CaddyLayer4{
+				Servers: map[string]*model.CaddyServer{
+					"proxy_8443": {
+						Listen: []string{":8443"},
+						Routes: []*model.CaddyRoute{
+							{
+								Handle: []*model.CaddyHandle{
+									{
+										Handler: "proxy",
+										Upstreams: []*model.CaddyUpstream{
+											{Dial: []string{"__ip_1__:32443"}},
+											{Dial: []string{"__ip_2__:32443"}},
+										},
+										HealthChecks: &model.CaddyHealthCheck{
+											Active: &model.CaddyActive{
+												Interval: "10s",
+												Timeout:  "2s",
+												Port:     32443,
+											},
+											Passive: &model.CaddyPassive{
+												FailDuration: "30s",
+												MaxFails:     2,
+											},
+										},
+										LoadBalancing: &model.CaddyLoadBalancing{
+											Selection: &model.CaddySelection{
+												Policy: "round_robin",
+											},
+										},
+									},
+								},
+							},
+						},
+					},
+					"proxy_443": {
+						Listen: []string{":443"},
+						Routes: []*model.CaddyRoute{
+							{
+								Handle: []*model.CaddyHandle{
+									{
+										Handler: "proxy",
+										Upstreams: []*model.CaddyUpstream{
+											{Dial: []string{"__ip_1__:31443"}},
+											{Dial: []string{"__ip_2__:31443"}},
+										},
+										HealthChecks: &model.CaddyHealthCheck{
+											Active: &model.CaddyActive{
+												Interval: "10s",
+												Timeout:  "2s",
+												Port:     31443,
+											},
+											Passive: &model.CaddyPassive{
+												FailDuration: "30s",
+												MaxFails:     2,
+											},
+										},
+										LoadBalancing: &model.CaddyLoadBalancing{
+											Selection: &model.CaddySelection{
+												Policy: "round_robin",
+											},
+										},
+									},
+								},
+							},
+						},
+					},
+				},
+			},
+		},
+	}
+	bs, _ := json.MarshalIndent(caddyConfig, "", "  ")
+	if err := os.WriteFile(filepath.Join(location, "caddy.json"), []byte(bs), 0644); err != nil {
+		logger.Debug("❌ maker.Proxy: 写入 Caddyfile 失败, dest = %s, err = %v", filepath.Join(location, "caddy.json"), err)
 		return err
 	}
-	logger.Debug("✅ maker.Proxy: 写入 Caddyfile 文件成功, dest = %s", filepath.Join(location, "Caddyfile"))
+	logger.Debug("✅ maker.Proxy: 写入 Caddyfile 文件成功, dest = %s", filepath.Join(location, "caddy.json"))

 	logger.Debug("☑️ maker.Proxy: 写入 caddy.service 文件..., dest = %s", filepath.Join(location, "caddy.service"))
 	if err := os.WriteFile(filepath.Join(location, "caddy.service"), []byte(systemdSvc), 0644); err != nil {