Dokploy/dokploy
1
0
Fork 0
mirror of https://github.com/Dokploy/dokploy synced 2025-06-26 18:27:59 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

xMerge branch 'canary' into feature/delete-docker-volumes

Browse Source
This commit is contained in:
djknaeckebrot
2024-12-18 12:10:04 +01:00
parent 7725b3ca36 829aa2a63c
commit 63c0912849
73 changed files with 7747 additions and 1071 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
packages/server/src/db/schema/auth.ts
View File

@@ -92,6 +92,7 @@ export const apiUpdateAuth = createSchema.partial().extend({
email: z.string().nullable(),
password: z.string().nullable(),
image: z.string().optional(),
currentPassword: z.string().nullable(),
});
export const apiUpdateAuthByAdmin = createSchema.partial().extend({

7
packages/server/src/db/schema/server.ts
View File

@@ -40,7 +40,7 @@ export const server = pgTable("server", {
.notNull()
.references(() => admins.adminId, { onDelete: "cascade" }),
serverStatus: serverStatus("serverStatus").notNull().default("active"),
command: text("command").notNull().default(""),
sshKeyId: text("sshKeyId").references(() => sshKeys.sshKeyId, {
onDelete: "set null",
}),
@@ -105,4 +105,7 @@ export const apiUpdateServer = createSchema
username: true,
sshKeyId: true,
})
.required();
.required()
.extend({
command: z.string().optional(),
});

6
packages/server/src/index.ts
View File

@@ -42,6 +42,7 @@ export * from "./setup/server-setup";
export * from "./setup/setup";
export * from "./setup/traefik-setup";
export * from "./setup/server-validate";
export * from "./setup/server-audit";
export * from "./utils/backups/index";
export * from "./utils/backups/mariadb";
@@ -102,11 +103,6 @@ export * from "./utils/traefik/security";
export * from "./utils/traefik/types";
export * from "./utils/traefik/web-server";
export * from "./wss/docker-container-logs";
export * from "./wss/docker-container-terminal";
export * from "./wss/docker-stats";
export * from "./wss/listen-deployment";
export * from "./wss/terminal";
export * from "./wss/utils";
export * from "./utils/access-log/handler";

21
packages/server/src/services/admin.ts
View File

@@ -88,6 +88,9 @@ export const isAdminPresent = async () => {
export const findAdminByAuthId = async (authId: string) => {
const admin = await db.query.admins.findFirst({
where: eq(admins.authId, authId),
with: {
users: true,
},
});
if (!admin) {
throw new TRPCError({
@@ -141,6 +144,24 @@ export const removeUserByAuthId = async (authId: string) => {
.then((res) => res[0]);
};
export const removeAdminByAuthId = async (authId: string) => {
const admin = await findAdminByAuthId(authId);
if (!admin) return null;
// First delete all associated users
const users = admin.users;
for (const user of users) {
await removeUserByAuthId(user.authId);
}
// Then delete the auth record which will cascade delete the admin
return await db
.delete(auth)
.where(eq(auth.id, authId))
.returning()
.then((res) => res[0]);
};
export const getDokployUrl = async () => {
if (IS_CLOUD) {
return "https://app.dokploy.com";

2
packages/server/src/services/auth.ts
View File

@@ -7,7 +7,7 @@ import {
auth,
users,
} from "@dokploy/server/db/schema";
import { getPublicIpWithFallback } from "@dokploy/server/wss/terminal";
import { getPublicIpWithFallback } from "@dokploy/server/wss/utils";
import { TRPCError } from "@trpc/server";
import * as bcrypt from "bcrypt";
import { eq } from "drizzle-orm";

114
packages/server/src/setup/server-audit.ts Normal file
View File

@@ -0,0 +1,114 @@
import { Client } from "ssh2";
import { findServerById } from "../services/server";
// Thanks for the idea to https://github.com/healthyhost/audit-vps-script/tree/main
const validateUfw = () => `
if command -v ufw >/dev/null 2>&1; then
isInstalled=true
isActive=$(sudo ufw status | grep -q "Status: active" && echo true || echo false)
defaultIncoming=$(sudo ufw status verbose | grep "Default:" | grep "incoming" | awk '{print $2}')
echo "{\\"installed\\": $isInstalled, \\"active\\": $isActive, \\"defaultIncoming\\": \\"$defaultIncoming\\"}"
else
echo "{\\"installed\\": false, \\"active\\": false, \\"defaultIncoming\\": \\"unknown\\"}"
fi
`;
const validateSsh = () => `
if systemctl is-active --quiet sshd; then
isEnabled=true
hasKeyAuth=$(find "$HOME/.ssh" -type f -name "authorized_keys" 2>/dev/null | grep -q . && echo true || echo false)
permitRootLogin=$(sudo sshd -T | grep -i "^PermitRootLogin" | awk '{print $2}')
passwordAuth=$(sudo sshd -T | grep -i "^PasswordAuthentication" | awk '{print $2}')
usePam=$(sudo sshd -T | grep -i "^UsePAM" | awk '{print $2}')
echo "{\\"enabled\\": $isEnabled, \\"keyAuth\\": $hasKeyAuth, \\"permitRootLogin\\": \\"$permitRootLogin\\", \\"passwordAuth\\": \\"$passwordAuth\\", \\"usePam\\": \\"$usePam\\"}"
else
echo "{\\"enabled\\": false, \\"keyAuth\\": false, \\"permitRootLogin\\": \\"unknown\\", \\"passwordAuth\\": \\"unknown\\", \\"usePam\\": \\"unknown\\"}"
fi
`;
const validateFail2ban = () => `
if dpkg -l | grep -q "fail2ban"; then
isInstalled=true
isEnabled=$(systemctl is-enabled --quiet fail2ban.service && echo true || echo false)
isActive=$(systemctl is-active --quiet fail2ban.service && echo true || echo false)
if [ -f "/etc/fail2ban/jail.local" ]; then
sshEnabled=$(grep -A10 "^\\[sshd\\]" /etc/fail2ban/jail.local | grep "enabled" | awk '{print $NF}' | tr -d '[:space:]')
sshMode=$(grep -A10 "^\\[sshd\\]" /etc/fail2ban/jail.local | grep "^mode[[:space:]]*=[[:space:]]*aggressive" >/dev/null && echo "aggressive" || echo "normal")
echo "{\\"installed\\": $isInstalled, \\"enabled\\": $isEnabled, \\"active\\": $isActive, \\"sshEnabled\\": \\"$sshEnabled\\", \\"sshMode\\": \\"$sshMode\\"}"
else
echo "{\\"installed\\": $isInstalled, \\"enabled\\": $isEnabled, \\"active\\": $isActive, \\"sshEnabled\\": \\"false\\", \\"sshMode\\": \\"normal\\"}"
fi
else
echo "{\\"installed\\": false, \\"enabled\\": false, \\"active\\": false, \\"sshEnabled\\": \\"false\\", \\"sshMode\\": \\"normal\\"}"
fi
`;
export const serverAudit = async (serverId: string) => {
const client = new Client();
const server = await findServerById(serverId);
if (!server.sshKeyId) {
throw new Error("No SSH Key found");
}
return new Promise<any>((resolve, reject) => {
client
.once("ready", () => {
const bashCommand = `
command_exists() {
command -v "$@" > /dev/null 2>&1
}
ufwStatus=$(${validateUfw()})
sshStatus=$(${validateSsh()})
fail2banStatus=$(${validateFail2ban()})
echo "{\\"ufw\\": $ufwStatus, \\"ssh\\": $sshStatus, \\"fail2ban\\": $fail2banStatus}"
`;
client.exec(bashCommand, (err, stream) => {
if (err) {
reject(err);
return;
}
let output = "";
stream
.on("close", () => {
client.end();
try {
const result = JSON.parse(output.trim());
resolve(result);
} catch (parseError) {
reject(
new Error(
`Failed to parse output: ${parseError instanceof Error ? parseError.message : parseError}`,
),
);
}
})
.on("data", (data: string) => {
output += data;
})
.stderr.on("data", (data) => {});
});
})
.on("error", (err) => {
client.end();
if (err.level === "client-authentication") {
reject(
new Error(
`Authentication failed: Invalid SSH private key. ❌ Error: ${err.message} ${err.level}`,
),
);
} else {
reject(new Error(`SSH connection error: ${err.message}`));
}
})
.connect({
host: server.ipAddress,
port: server.port,
username: server.username,
privateKey: server.sshKey?.privateKey,
});
});
};

219
packages/server/src/setup/server-setup.ts
View File

@@ -55,11 +55,121 @@ export const serverSetup = async (serverId: string) => {
} catch (err) {
console.log(err);
await updateDeploymentStatus(deployment.deploymentId, "error");
writeStream.write(err);
writeStream.write(`${err}\n`);
writeStream.close();
}
};
export const defaultCommand = () => {
const bashCommand = `
set -e;
DOCKER_VERSION=27.0.3
OS_TYPE=$(grep -w "ID" /etc/os-release | cut -d "=" -f 2 | tr -d '"')
SYS_ARCH=$(uname -m)
CURRENT_USER=$USER
echo "Installing requirements for: OS: $OS_TYPE"
if [ $EUID != 0 ]; then
echo "Please run this script as root or with sudo ❌"
exit
fi
# Check if the OS is manjaro, if so, change it to arch
if [ "$OS_TYPE" = "manjaro" ] || [ "$OS_TYPE" = "manjaro-arm" ]; then
OS_TYPE="arch"
fi
# Check if the OS is Asahi Linux, if so, change it to fedora
if [ "$OS_TYPE" = "fedora-asahi-remix" ]; then
OS_TYPE="fedora"
fi
# Check if the OS is popOS, if so, change it to ubuntu
if [ "$OS_TYPE" = "pop" ]; then
OS_TYPE="ubuntu"
fi
# Check if the OS is linuxmint, if so, change it to ubuntu
if [ "$OS_TYPE" = "linuxmint" ]; then
OS_TYPE="ubuntu"
fi
#Check if the OS is zorin, if so, change it to ubuntu
if [ "$OS_TYPE" = "zorin" ]; then
OS_TYPE="ubuntu"
fi
if [ "$OS_TYPE" = "arch" ] || [ "$OS_TYPE" = "archarm" ]; then
OS_VERSION="rolling"
else
OS_VERSION=$(grep -w "VERSION_ID" /etc/os-release | cut -d "=" -f 2 | tr -d '"')
fi
if [ "$OS_TYPE" = 'amzn' ]; then
dnf install -y findutils >/dev/null
fi
case "$OS_TYPE" in
arch | ubuntu | debian | raspbian | centos | fedora | rhel | ol | rocky | sles | opensuse-leap | opensuse-tumbleweed | almalinux | amzn | alpine) ;;
*)
echo "This script only supports Debian, Redhat, Arch Linux, Alpine Linux, or SLES based operating systems for now."
exit
;;
esac
echo -e "---------------------------------------------"
echo "| CPU Architecture | $SYS_ARCH"
echo "| Operating System | $OS_TYPE $OS_VERSION"
echo "| Docker | $DOCKER_VERSION"
echo -e "---------------------------------------------\n"
echo -e "1. Installing required packages (curl, wget, git, jq, openssl). "
command_exists() {
command -v "$@" > /dev/null 2>&1
}
${installUtilities()}
echo -e "2. Validating ports. "
${validatePorts()}
echo -e "3. Installing RClone. "
${installRClone()}
echo -e "4. Installing Docker. "
${installDocker()}
echo -e "5. Setting up Docker Swarm"
${setupSwarm()}
echo -e "6. Setting up Network"
${setupNetwork()}
echo -e "7. Setting up Directories"
${setupMainDirectory()}
${setupDirectories()}
echo -e "8. Setting up Traefik"
${createTraefikConfig()}
echo -e "9. Setting up Middlewares"
${createDefaultMiddlewares()}
echo -e "10. Setting up Traefik Instance"
${createTraefikInstance()}
echo -e "11. Installing Nixpacks"
${installNixpacks()}
echo -e "12. Installing Buildpacks"
${installBuildpacks()}
`;
return bashCommand;
};
const installRequirements = async (serverId: string, logPath: string) => {
const writeStream = createWriteStream(logPath, { flags: "a" });
const client = new Client();
@@ -73,110 +183,8 @@ const installRequirements = async (serverId: string, logPath: string) => {
return new Promise<void>((resolve, reject) => {
client
.once("ready", () => {
const bashCommand = `
set -e;
# Thanks to coolify <3
DOCKER_VERSION=27.0.3
OS_TYPE=$(grep -w "ID" /etc/os-release | cut -d "=" -f 2 | tr -d '"')
SYS_ARCH=$(uname -m)
CURRENT_USER=$USER
echo "Installing requirements for: OS: $OS_TYPE"
if [ $EUID != 0 ]; then
echo "Please run this script as root or with sudo ❌"
exit
fi
# Check if the OS is manjaro, if so, change it to arch
if [ "$OS_TYPE" = "manjaro" ] || [ "$OS_TYPE" = "manjaro-arm" ]; then
OS_TYPE="arch"
fi
# Check if the OS is Asahi Linux, if so, change it to fedora
if [ "$OS_TYPE" = "fedora-asahi-remix" ]; then
OS_TYPE="fedora"
fi
# Check if the OS is popOS, if so, change it to ubuntu
if [ "$OS_TYPE" = "pop" ]; then
OS_TYPE="ubuntu"
fi
# Check if the OS is linuxmint, if so, change it to ubuntu
if [ "$OS_TYPE" = "linuxmint" ]; then
OS_TYPE="ubuntu"
fi
#Check if the OS is zorin, if so, change it to ubuntu
if [ "$OS_TYPE" = "zorin" ]; then
OS_TYPE="ubuntu"
fi
if [ "$OS_TYPE" = "arch" ] || [ "$OS_TYPE" = "archarm" ]; then
OS_VERSION="rolling"
else
OS_VERSION=$(grep -w "VERSION_ID" /etc/os-release | cut -d "=" -f 2 | tr -d '"')
fi
case "$OS_TYPE" in
arch | ubuntu | debian | raspbian | centos | fedora | rhel | ol | rocky | sles | opensuse-leap | opensuse-tumbleweed | almalinux | amzn | alpine) ;;
*)
echo "This script only supports Debian, Redhat, Arch Linux, Alpine Linux, or SLES based operating systems for now."
exit
;;
esac
echo -e "---------------------------------------------"
echo "| CPU Architecture | $SYS_ARCH"
echo "| Operating System | $OS_TYPE $OS_VERSION"
echo "| Docker | $DOCKER_VERSION"
echo -e "---------------------------------------------\n"
echo -e "1. Installing required packages (curl, wget, git, jq, openssl). "
command_exists() {
command -v "$@" > /dev/null 2>&1
}
${installUtilities()}
echo -e "2. Validating ports. "
${validatePorts()}
echo -e "3. Installing RClone. "
${installRClone()}
echo -e "4. Installing Docker. "
${installDocker()}
echo -e "5. Setting up Docker Swarm"
${setupSwarm()}
echo -e "6. Setting up Network"
${setupNetwork()}
echo -e "7. Setting up Directories"
${setupMainDirectory()}
${setupDirectories()}
echo -e "8. Setting up Traefik"
${createTraefikConfig()}
echo -e "9. Setting up Middlewares"
${createDefaultMiddlewares()}
echo -e "10. Setting up Traefik Instance"
${createTraefikInstance()}
echo -e "11. Installing Nixpacks"
${installNixpacks()}
echo -e "12. Installing Buildpacks"
${installBuildpacks()}
`;
client.exec(bashCommand, (err, stream) => {
const command = server.command || defaultCommand();
client.exec(command, (err, stream) => {
if (err) {
writeStream.write(err);
reject(err);
@@ -218,7 +226,6 @@ const installRequirements = async (serverId: string, logPath: string) => {
port: server.port,
username: server.username,
privateKey: server.sshKey?.privateKey,
timeout: 99999,
});
});
};

1
packages/server/src/setup/server-validate.ts
View File

@@ -148,7 +148,6 @@ export const serverValidate = async (serverId: string) => {
port: server.port,
username: server.username,
privateKey: server.sshKey?.privateKey,
timeout: 99999,
});
});
};

133
packages/server/src/wss/docker-container-logs.ts
View File

@@ -1,133 +0,0 @@
import type http from "node:http";
import { findServerById } from "@dokploy/server/services/server";
import { spawn } from "node-pty";
import { Client } from "ssh2";
import { WebSocketServer } from "ws";
import { validateWebSocketRequest } from "../auth/auth";
import { getShell } from "./utils";
export const setupDockerContainerLogsWebSocketServer = (
server: http.Server<typeof http.IncomingMessage, typeof http.ServerResponse>,
) => {
const wssTerm = new WebSocketServer({
noServer: true,
path: "/docker-container-logs",
});
server.on("upgrade", (req, socket, head) => {
const { pathname } = new URL(req.url || "", `http://${req.headers.host}`);
if (pathname === "/_next/webpack-hmr") {
return;
}
if (pathname === "/docker-container-logs") {
wssTerm.handleUpgrade(req, socket, head, function done(ws) {
wssTerm.emit("connection", ws, req);
});
}
});
// eslint-disable-next-line @typescript-eslint/no-misused-promises
wssTerm.on("connection", async (ws, req) => {
const url = new URL(req.url || "", `http://${req.headers.host}`);
const containerId = url.searchParams.get("containerId");
const tail = url.searchParams.get("tail");
const serverId = url.searchParams.get("serverId");
const { user, session } = await validateWebSocketRequest(req);
if (!containerId) {
ws.close(4000, "containerId no provided");
return;
}
if (!user || !session) {
ws.close();
return;
}
try {
if (serverId) {
const server = await findServerById(serverId);
if (!server.sshKeyId) return;
const client = new Client();
new Promise<void>((resolve, reject) => {
client
.once("ready", () => {
const command = `
bash -c "docker container logs --tail ${tail} --follow ${containerId}"
`;
client.exec(command, (err, stream) => {
if (err) {
console.error("Execution error:", err);
reject(err);
return;
}
stream
.on("close", () => {
client.end();
resolve();
})
.on("data", (data: string) => {
ws.send(data.toString());
})
.stderr.on("data", (data) => {
ws.send(data.toString());
});
});
})
.connect({
host: server.ipAddress,
port: server.port,
username: server.username,
privateKey: server.sshKey?.privateKey,
timeout: 99999,
});
});
} else {
const shell = getShell();
const ptyProcess = spawn(
shell,
[
"-c",
`docker container logs --tail ${tail} --follow ${containerId}`,
],
{
name: "xterm-256color",
cwd: process.env.HOME,
env: process.env,
encoding: "utf8",
cols: 80,
rows: 30,
},
);
ptyProcess.onData((data) => {
ws.send(data);
});
ws.on("close", () => {
ptyProcess.kill();
});
ws.on("message", (message) => {
try {
let command: string | Buffer[] | Buffer | ArrayBuffer;
if (Buffer.isBuffer(message)) {
command = message.toString("utf8");
} else {
command = message;
}
ptyProcess.write(command.toString());
} catch (error) {
// @ts-ignore
const errorMessage = error?.message as unknown as string;
ws.send(errorMessage);
}
});
}
} catch (error) {
// @ts-ignore
const errorMessage = error?.message as unknown as string;
ws.send(errorMessage);
}
});
};

152
packages/server/src/wss/docker-container-terminal.ts
View File

@@ -1,152 +0,0 @@
import type http from "node:http";
import { findServerById } from "@dokploy/server/services/server";
import { spawn } from "node-pty";
import { Client } from "ssh2";
import { WebSocketServer } from "ws";
import { validateWebSocketRequest } from "../auth/auth";
import { getShell } from "./utils";
export const setupDockerContainerTerminalWebSocketServer = (
server: http.Server<typeof http.IncomingMessage, typeof http.ServerResponse>,
) => {
const wssTerm = new WebSocketServer({
noServer: true,
path: "/docker-container-terminal",
});
server.on("upgrade", (req, socket, head) => {
const { pathname } = new URL(req.url || "", `http://${req.headers.host}`);
if (pathname === "/_next/webpack-hmr") {
return;
}
if (pathname === "/docker-container-terminal") {
wssTerm.handleUpgrade(req, socket, head, function done(ws) {
wssTerm.emit("connection", ws, req);
});
}
});
// eslint-disable-next-line @typescript-eslint/no-misused-promises
wssTerm.on("connection", async (ws, req) => {
const url = new URL(req.url || "", `http://${req.headers.host}`);
const containerId = url.searchParams.get("containerId");
const activeWay = url.searchParams.get("activeWay");
const serverId = url.searchParams.get("serverId");
const { user, session } = await validateWebSocketRequest(req);
if (!containerId) {
ws.close(4000, "containerId no provided");
return;
}
if (!user || !session) {
ws.close();
return;
}
try {
if (serverId) {
const server = await findServerById(serverId);
if (!server.sshKeyId)
throw new Error("No SSH key available for this server");
const conn = new Client();
let stdout = "";
let stderr = "";
conn
.once("ready", () => {
conn.exec(
`docker exec -it ${containerId} ${activeWay}`,
{ pty: true },
(err, stream) => {
if (err) throw err;
stream
.on("close", (code: number, signal: string) => {
ws.send(`\nContainer closed with code: ${code}\n`);
conn.end();
})
.on("data", (data: string) => {
stdout += data.toString();
ws.send(data.toString());
})
.stderr.on("data", (data) => {
stderr += data.toString();
ws.send(data.toString());
console.error("Error: ", data.toString());
});
ws.on("message", (message) => {
try {
let command: string | Buffer[] | Buffer | ArrayBuffer;
if (Buffer.isBuffer(message)) {
command = message.toString("utf8");
} else {
command = message;
}
stream.write(command.toString());
} catch (error) {
// @ts-ignore
const errorMessage = error?.message as unknown as string;
ws.send(errorMessage);
}
});
ws.on("close", () => {
stream.end();
});
},
);
})
.connect({
host: server.ipAddress,
port: server.port,
username: server.username,
privateKey: server.sshKey?.privateKey,
timeout: 99999,
});
} else {
const shell = getShell();
const ptyProcess = spawn(
shell,
["-c", `docker exec -it ${containerId} ${activeWay}`],
{
name: "xterm-256color",
cwd: process.env.HOME,
env: process.env,
encoding: "utf8",
cols: 80,
rows: 30,
},
);
ptyProcess.onData((data) => {
ws.send(data);
});
ws.on("close", () => {
ptyProcess.kill();
});
ws.on("message", (message) => {
try {
let command: string | Buffer[] | Buffer | ArrayBuffer;
if (Buffer.isBuffer(message)) {
command = message.toString("utf8");
} else {
command = message;
}
ptyProcess.write(command.toString());
} catch (error) {
// @ts-ignore
const errorMessage = error?.message as unknown as string;
ws.send(errorMessage);
}
});
}
} catch (error) {
// @ts-ignore
const errorMessage = error?.message as unknown as string;
ws.send(errorMessage);
}
});
};

96
packages/server/src/wss/docker-stats.ts
View File

@@ -1,96 +0,0 @@
import type http from "node:http";
import { WebSocketServer } from "ws";
import { validateWebSocketRequest } from "../auth/auth";
import { docker } from "../constants";
import {
getLastAdvancedStatsFile,
recordAdvancedStats,
} from "../monitoring/utilts";
export const setupDockerStatsMonitoringSocketServer = (
server: http.Server<typeof http.IncomingMessage, typeof http.ServerResponse>,
) => {
const wssTerm = new WebSocketServer({
noServer: true,
path: "/listen-docker-stats-monitoring",
});
server.on("upgrade", (req, socket, head) => {
const { pathname } = new URL(req.url || "", `http://${req.headers.host}`);
if (pathname === "/_next/webpack-hmr") {
return;
}
if (pathname === "/listen-docker-stats-monitoring") {
wssTerm.handleUpgrade(req, socket, head, function done(ws) {
wssTerm.emit("connection", ws, req);
});
}
});
wssTerm.on("connection", async (ws, req) => {
const url = new URL(req.url || "", `http://${req.headers.host}`);
const appName = url.searchParams.get("appName");
const appType = (url.searchParams.get("appType") || "application") as
| "application"
| "stack"
| "docker-compose";
const { user, session } = await validateWebSocketRequest(req);
if (!appName) {
ws.close(4000, "appName no provided");
return;
}
if (!user || !session) {
ws.close();
return;
}
const intervalId = setInterval(async () => {
try {
const filter = {
status: ["running"],
...(appType === "application" && {
label: [`com.docker.swarm.service.name=${appName}`],
}),
...(appType === "stack" && {
label: [`com.docker.swarm.task.name=${appName}`],
}),
...(appType === "docker-compose" && {
name: [appName],
}),
};
const containers = await docker.listContainers({
filters: JSON.stringify(filter),
});
const container = containers[0];
if (!container || container?.State !== "running") {
ws.close(4000, "Container not running");
return;
}
const stats = await docker.getContainer(container.Id).stats({
stream: false,
});
await recordAdvancedStats(stats, appName);
const data = await getLastAdvancedStatsFile(appName);
ws.send(
JSON.stringify({
data,
}),
);
} catch (error) {
// @ts-ignore
ws.close(4000, `Error: ${error.message}`);
}
}, 1300);
ws.on("close", () => {
clearInterval(intervalId);
});
});
};

101
packages/server/src/wss/listen-deployment.ts
View File

@@ -1,101 +0,0 @@
import { spawn } from "node:child_process";
import type http from "node:http";
import { findServerById } from "@dokploy/server/services/server";
import { Client } from "ssh2";
import { WebSocketServer } from "ws";
import { validateWebSocketRequest } from "../auth/auth";
export const setupDeploymentLogsWebSocketServer = (
server: http.Server<typeof http.IncomingMessage, typeof http.ServerResponse>,
) => {
const wssTerm = new WebSocketServer({
noServer: true,
path: "/listen-deployment",
});
server.on("upgrade", (req, socket, head) => {
const { pathname } = new URL(req.url || "", `http://${req.headers.host}`);
if (pathname === "/_next/webpack-hmr") {
return;
}
if (pathname === "/listen-deployment") {
wssTerm.handleUpgrade(req, socket, head, function done(ws) {
wssTerm.emit("connection", ws, req);
});
}
});
wssTerm.on("connection", async (ws, req) => {
const url = new URL(req.url || "", `http://${req.headers.host}`);
const logPath = url.searchParams.get("logPath");
const serverId = url.searchParams.get("serverId");
const { user, session } = await validateWebSocketRequest(req);
if (!logPath) {
ws.close(4000, "logPath no provided");
return;
}
if (!user || !session) {
ws.close();
return;
}
try {
if (serverId) {
const server = await findServerById(serverId);
if (!server.sshKeyId) return;
const client = new Client();
new Promise<void>((resolve, reject) => {
client
.on("ready", () => {
const command = `
tail -n +1 -f ${logPath};
`;
client.exec(command, (err, stream) => {
if (err) {
console.error("Execution error:", err);
reject(err);
return;
}
stream
.on("close", () => {
client.end();
resolve();
})
.on("data", (data: string) => {
ws.send(data.toString());
})
.stderr.on("data", (data) => {
ws.send(data.toString());
});
});
})
.connect({
host: server.ipAddress,
port: server.port,
username: server.username,
privateKey: server.sshKey?.privateKey,
timeout: 99999,
});
});
} else {
const tail = spawn("tail", ["-n", "+1", "-f", logPath]);
tail.stdout.on("data", (data) => {
ws.send(data.toString());
});
tail.stderr.on("data", (data) => {
ws.send(new Error(`tail error: ${data.toString()}`).message);
});
}
} catch (error) {
// @ts-ignore
// const errorMessage = error?.message as unknown as string;
ws.send(errorMessage);
}
});
};

107
packages/server/src/wss/terminal.ts
View File

@@ -1,107 +0,0 @@
import type http from "node:http";
import path from "node:path";
import { findServerById } from "@dokploy/server/services/server";
import { spawn } from "node-pty";
import { publicIpv4, publicIpv6 } from "public-ip";
import { WebSocketServer } from "ws";
import { validateWebSocketRequest } from "../auth/auth";
import { paths } from "../constants";
export const getPublicIpWithFallback = async () => {
// @ts-ignore
let ip = null;
try {
ip = await publicIpv4();
} catch (error) {
console.log(
"Error to obtain public IPv4 address, falling back to IPv6",
// @ts-ignore
error.message,
);
try {
ip = await publicIpv6();
} catch (error) {
// @ts-ignore
console.error("Error to obtain public IPv6 address", error.message);
ip = null;
}
}
return ip;
};
export const setupTerminalWebSocketServer = (
server: http.Server<typeof http.IncomingMessage, typeof http.ServerResponse>,
) => {
const wssTerm = new WebSocketServer({
noServer: true,
path: "/terminal",
});
server.on("upgrade", (req, socket, head) => {
const { pathname } = new URL(req.url || "", `http://${req.headers.host}`);
if (pathname === "/_next/webpack-hmr") {
return;
}
if (pathname === "/terminal") {
wssTerm.handleUpgrade(req, socket, head, function done(ws) {
wssTerm.emit("connection", ws, req);
});
}
});
wssTerm.on("connection", async (ws, req) => {
const url = new URL(req.url || "", `http://${req.headers.host}`);
const serverId = url.searchParams.get("serverId");
const { user, session } = await validateWebSocketRequest(req);
if (!user || !session || !serverId) {
ws.close();
return;
}
const server = await findServerById(serverId);
if (!server) {
ws.close();
return;
}
const { SSH_PATH } = paths();
const privateKey = path.join(SSH_PATH, `${server.sshKeyId}_rsa`);
const sshCommand = [
"ssh",
"-o",
"StrictHostKeyChecking=no",
"-i",
privateKey,
`${server.username}@${server.ipAddress}`,
];
const ptyProcess = spawn("ssh", sshCommand.slice(1), {
name: "xterm-256color",
cwd: process.env.HOME,
env: process.env,
encoding: "utf8",
cols: 80,
rows: 30,
});
ptyProcess.onData((data) => {
ws.send(data);
});
ws.on("message", (message) => {
try {
let command: string | Buffer[] | Buffer | ArrayBuffer;
if (Buffer.isBuffer(message)) {
command = message.toString("utf8");
} else {
command = message;
}
ptyProcess.write(command.toString());
} catch (error) {
console.log(error);
}
});
ws.on("close", () => {
ptyProcess.kill();
});
});
};

23
packages/server/src/wss/utils.ts
View File

@@ -1,4 +1,5 @@
import os from "node:os";
import { publicIpv4, publicIpv6 } from "public-ip";
export const getShell = () => {
switch (os.platform()) {
@@ -10,3 +11,25 @@ export const getShell = () => {
return "bash";
}
};
export const getPublicIpWithFallback = async () => {
// @ts-ignore
let ip = null;
try {
ip = await publicIpv4();
} catch (error) {
console.log(
"Error to obtain public IPv4 address, falling back to IPv6",
// @ts-ignore
error.message,
);
try {
ip = await publicIpv6();
} catch (error) {
// @ts-ignore
console.error("Error to obtain public IPv6 address", error.message);
ip = null;
}
}
return ip;
};