pangolin_mirror/pangolin
1
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2026-03-02 00:36:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

Include traefik config when sending to remote nodes

Browse Source
This commit is contained in:
Owen
2025-10-14 10:38:41 -07:00
parent c57db1479e
commit 57bcbf6c48
2 changed files with 38 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
install/config/docker-compose.yml
View File

@@ -6,8 +6,8 @@ services:
restart: unless-stopped restart: unless-stopped
volumes: volumes:
- ./config:/app/config - ./config:/app/config
- pangolin-data:/var/certificates - pangolin-data-certificates:/var/certificates
- pangolin-data:/var/dynamic - pangolin-data-dynamic:/var/dynamic
healthcheck: healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:3001/api/v1/"] test: ["CMD", "curl", "-f", "http://localhost:3001/api/v1/"]
interval: "10s" interval: "10s"
@@ -57,8 +57,8 @@ services:
- ./config/letsencrypt:/letsencrypt # Volume to store the Let's Encrypt certificates - ./config/letsencrypt:/letsencrypt # Volume to store the Let's Encrypt certificates
- ./config/traefik/logs:/var/log/traefik # Volume to store Traefik logs - ./config/traefik/logs:/var/log/traefik # Volume to store Traefik logs
# Shared volume for certificates and dynamic config in file mode # Shared volume for certificates and dynamic config in file mode
- pangolin-data:/var/certificates:ro - pangolin-data-certificates:/var/certificates:ro
- pangolin-data:/var/dynamic:ro - pangolin-data-dynamic:/var/dynamic:ro
networks: networks:
default: default:
@@ -67,4 +67,5 @@ networks:
{{if .EnableIPv6}} enable_ipv6: true{{end}} {{if .EnableIPv6}} enable_ipv6: true{{end}}
volumes: volumes:
pangolin-data: pangolin-data-dynamic:
pangolin-data-certificates:

33
server/private/routers/hybrid.ts
View File

@@ -269,8 +269,39 @@ hybridRouter.get(
const traefikConfig = await getTraefikConfig( const traefikConfig = await getTraefikConfig(
remoteExitNode.exitNodeId, remoteExitNode.exitNodeId,
["newt", "local", "wireguard"], // Allow them to use all the site types ["newt", "local", "wireguard"], // Allow them to use all the site types
true // But don't allow domain namespace resources true, // But don't allow domain namespace resources
false // Dont include login pages
); );
const badgerMiddlewareName = "badger";
if (traefikConfig?.http?.middlewares) {
traefikConfig.http.middlewares[badgerMiddlewareName] = {
plugin: {
[badgerMiddlewareName]: {
apiBaseUrl: new URL(
"/api/v1",
`http://${
config.getRawConfig().server
.internal_hostname
}:${config.getRawConfig().server.internal_port}`
).href,
userSessionCookieName:
config.getRawConfig().server
.session_cookie_name,
// deprecated
accessTokenQueryParam:
config.getRawConfig().server
.resource_access_token_param,
resourceSessionRequestParam:
config.getRawConfig().server
.resource_session_request_param
}
}
};
}
return response(res, { return response(res, {
data: traefikConfig, data: traefikConfig,
success: true, success: true,