feat: error pages

See coop-cloud/organising#115 (comment).
2021-11-14 00:34:57 +01:00
11 changed files with 36 additions and 69 deletions
--- a/.env.sample
+++ b/.env.sample
@ -52,8 +52,6 @@ COMPOSE_FILE="compose.yml"
 #COMPOSE_FILE="$COMPOSE_FILE:compose.keycloak.yml"
 #KEYCLOAK_MIDDLEWARE_ENABLED=1
 #KEYCLOAK_TFA_SERVICE=traefik-forward-auth_app
-#KEYCLOAK_MIDDLEWARE_2_ENABLED=1
-#KEYCLOAK_TFA_SERVICE_2=traefik-forward-auth_app

 #####################################################################
 # Prometheus metrics                                                #
@ -71,10 +69,6 @@ COMPOSE_FILE="compose.yml"
 #COMPOSE_FILE="$COMPOSE_FILE:compose.smtp.yml"
 #SMTP_ENABLED=1

-## Compy
-#COMPOSE_FILE="$COMPOSE_FILE:compose.compy.yml"
-#COMPY_ENABLED=1
-
 ## Gitea SSH
 # COMPOSE_FILE="$COMPOSE_FILE:compose.gitea.yml"
 # GITEA_SSH_ENABLED=1
@ -98,7 +92,3 @@ COMPOSE_FILE="compose.yml"
 ## Mumble
 #COMPOSE_FILE="$COMPOSE_FILE:compose.mumble.yml"
 #MUMBLE_ENABLED=1
-
-## Matrix
-#COMPOSE_FILE="$COMPOSE_FILE:compose.matrix.yml"
-#MATRIX_FEDERATION_ENABLED=1
--- a/README.md
+++ b/README.md
@ -7,11 +7,11 @@
 <!-- metadata -->
 * **Category**: Utilities
 * **Status**: ?
-* **Image**: [`traefik`](https://hub.docker.com/_/traefik), 4, upstream
+* **Image**: [`traefik`](https://hub.docker.com/_/traefik), ❶💚, upstream
 * **Healthcheck**: Yes
 * **Backups**: No
 * **Email**: N/A
-* **Tests**: 2
+* **Tests**: ❷💛
 * **SSO**: ? (Keycloak)
 <!-- endmetadata -->

@ -21,6 +21,6 @@
 2. `abra app new traefik`
 3. `abra app YOURAPPDOMAIN config` - be sure to change `DOMAIN` to something that resolves to
   your Docker swarm box
-4. `abra app deploy YOURAPPDOMAIN`
+4. `abra app YOURAPPDOMAIN deploy`

 [`abra`]: https://git.autonomic.zone/autonomic-cooperative/abra
--- a/abra.sh
+++ b/abra.sh
@ -1,3 +1,3 @@
-export TRAEFIK_YML_VERSION=v15
-export FILE_PROVIDER_YML_VERSION=v6
+export TRAEFIK_YML_VERSION=v12
+export FILE_PROVIDER_YML_VERSION=v3
 export ENTRYPOINT_VERSION=v2
--- a/compose.compy.yml
+++ b/compose.compy.yml
@ -1,7 +0,0 @@
-version: "3.8"
-services:
-  app:
-    environment:
-      - COMPY_ENABLED
-    ports:
-      - "9999:9999"
--- a/compose.headless.yml
+++ b/compose.headless.yml
@ -10,5 +10,6 @@ services:
      labels:
        - "traefik.enable=true"
        - "traefik.http.services.traefik.loadbalancer.server.port=web"
-        - "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
-        - "traefik.http.routers.${STACK_NAME}.service=api@internal"
+        - "traefik.http.routers.traefik.entrypoints=web-secure"
+        - "traefik.http.routers.traefik.service=api@internal"
+        - "coop-cloud.${STACK_NAME}.app.version=v2.4.9-be23e1f6"
--- a/compose.keycloak.yml
+++ b/compose.keycloak.yml
@ -5,9 +5,7 @@ services:
  app:
    deploy:
      labels:
-        - "traefik.http.routers.${STACK_NAME}.middlewares=keycloak@file"
+        - "traefik.http.routers.traefik.middlewares=keycloak@file"
    environment:
      - KEYCLOAK_MIDDLEWARE_ENABLED
      - KEYCLOAK_TFA_SERVICE
-      - KEYCLOAK_MIDDLEWARE_2_ENABLED
-      - KEYCLOAK_TFA_SERVICE_2
--- a/compose.matrix.yml
+++ b/compose.matrix.yml
@ -1,7 +0,0 @@
-version: "3.8"
-services:
-  app:
-    environment:
-      - MATRIX_FEDERATION_ENABLED
-    ports:
-      - "8448:8448"
--- a/compose.minio.yml
+++ b/compose.minio.yml
@ -1,9 +0,0 @@
---
-version: "3.8"
-
-services:
-  app:
-    environment:
-      - MINIO_CONSOLE_ENABLED
-    ports:
-      - "9001:9001"
--- a/compose.yml
+++ b/compose.yml
@ -3,7 +3,7 @@ version: "3.8"

 services:
  app:
-    image: "traefik:v2.9.5"
+    image: "traefik:v2.5.2"
    # Note(decentral1se): *please do not* add any additional ports here.
    # Doing so could break new installs with port conflicts. Please use
    # the usual `compose.$app.yml` approach for any additional ports
@ -40,14 +40,31 @@ services:
        order: start-first
      labels:
        - "traefik.enable=true"
-        - "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=web"
-        - "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`)"
-        - "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
-        - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
-        - "traefik.http.routers.${STACK_NAME}.tls.options=default@file"
-        - "traefik.http.routers.${STACK_NAME}.service=api@internal"
-        - "traefik.http.routers.${STACK_NAME}.middlewares=security@file"
-        - "coop-cloud.${STACK_NAME}.version=2.0.2+v2.9.5"
+        - "traefik.http.services.traefik.loadbalancer.server.port=web"
+        - "traefik.http.routers.traefik.rule=Host(`${DOMAIN}`)"
+        - "traefik.http.routers.traefik.entrypoints=web-secure"
+        - "traefik.http.routers.traefik.tls.certresolver=${LETS_ENCRYPT_ENV}"
+        - "traefik.http.routers.traefik.tls.options=default@file"
+        - "traefik.http.routers.traefik.service=api@internal"
+        - "traefik.http.routers.traefik.middlewares=security@file"
+        - "coop-cloud.${STACK_NAME}.version=1.0.0+v2.5.2"
+
+  web:
+    image: tarampampam/error-pages:2.2.0
+    environment:
+      - TEMPLATE_NAME=shuffle
+    networks:
+      - proxy
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.services.error-pages-service.loadbalancer.server.port=8080"
+      - "traefik.http.routers.error-router.entrypoints=web-secure"
+      - "traefik.http.routers.error-router.rule=HostRegexp(`{host:.+}`)"
+      - "traefik.http.routers.error-router.priority=10"
+      - "traefik.http.routers.error-router.middlewares=error-pages-middleware@docker"
+      - "traefik.http.middlewares.error-pages-middleware.errors.status=400-599"
+      - "traefik.http.middlewares.error-pages-middleware.errors.service=error-pages-service@docker"
+      - "traefik.http.middlewares.error-pages-middleware.errors.query=/{status}.html"

 networks:
  proxy:
--- a/file-provider.yml.tmpl
+++ b/file-provider.yml.tmpl
@ -9,14 +9,6 @@ http:
        authResponseHeaders:
          - X-Forwarded-User
    {{ end }}
-    {{ if eq (env "KEYCLOAK_MIDDLEWARE_2_ENABLED") "1" }}
-    keycloak2:
-      forwardAuth:
-        address: "http://{{ env "KEYCLOAK_TFA_SERVICE_2" }}:4181"
-        trustForwardHeader: true
-        authResponseHeaders:
-          - X-Forwarded-User
-    {{ end }}
    security:
      headers:
        frameDeny: true
--- a/traefik.yml.tmpl
+++ b/traefik.yml.tmpl
@ -54,18 +54,10 @@ entrypoints:
  mumble-udp:
    address: ":64738/udp"
  {{ end }}
-  {{ if eq (env "COMPY_ENABLED") "1" }}
-  compy:
-    address: ":9999"
-  {{ end }}
  {{ if eq (env "METRICS_ENABLED") "1" }}
  metrics:
    address: ":8082"
  {{ end }}
-  {{ if eq (env "MATRIX_FEDERATION_ENABLED") "1" }}
-  matrix-federation:
-    address: ":9001"
-  {{ end }}

 ping:
  entryPoint: web
@ -102,5 +94,5 @@ certificatesResolvers:
        provider: {{ (env "LETS_ENCRYPT_DNS_CHALLENGE_PROVIDER") }}
        resolvers:
          - "1.1.1.1:53"
-          - "9.9.9.9:53"
+          - "8.8.8.8:53"
      {{ end }}