Skip to content

Commit

Permalink
Merge pull request #479 from Tecnativa/add-external-db-access-feature
Browse files Browse the repository at this point in the history
[ADD] Feature to expose database
  • Loading branch information
pedrobaeza authored Oct 17, 2024
2 parents 0649302 + ca7c4cf commit f3df4ad
Show file tree
Hide file tree
Showing 4 changed files with 24 additions and 17 deletions.
30 changes: 16 additions & 14 deletions _traefik3_paths_labels.yml.jinja
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,16 @@
{%- endif %}
{%- endmacro %}

{%- macro domains_rule_sni(domain_group) -%}
{%- for host in domain_group.hosts -%}
HostSNI(`{{ host }}`)
{%- if not loop.last -%}
||
{%- endif -%}
{%- endfor -%}
{%- endmacro %}


{%- macro key(project_name, odoo_version, suffix) %}
{{- '%s-%.1f-%s'|format(project_name, odoo_version, suffix)|replace('.', '-') }}
{%- endmacro %}
Expand Down Expand Up @@ -210,7 +220,10 @@

{%- macro database(domain_groups_list, cidr_whitelist, key, port, project_name) %}
{#- Service #}
traefik.tcp.routers.{{ key }}-database.entrypoints: postgres-entrypoint
traefik.tcp.services.{{ key }}-database.loadbalancer.server.port: 5432
traefik.tcp.routers.{{ key }}-database.tls: "true"
traefik.tcp.routers.{{ key }}-database.tls.certResolver: letsencrypt

{%- if cidr_whitelist %}
{#- Declare whitelist middleware #}
Expand All @@ -220,23 +233,12 @@
{%- endfor %}
{%- endif %}

{%- call(domain_group) macros.domains_loop_grouped(domain_groups_list) %}
{#- Apply rule to the first element in domain_groups_list #}
{%- set first_domain_group = domain_groups_list[0] %}
traefik.tcp.routers.{{ key }}-database.rule: {{ domains_rule_sni(first_domain_group) }}
{#- Remember basic middlewares for this domain group #}
{%- set _ns = namespace(basic_middlewares=[]) -%}
{%- if cidr_whitelist %}
{%- set _ns.basic_middlewares = _ns.basic_middlewares + ["whitelist"] %}
{%- endif %}

{#- database router #}
{{-
router_tcp(
domain_group=domain_group,
key=key,
suffix="database",
service="database",
middlewares=_ns.basic_middlewares,
port=port,
)
}}
{%- endcall %}
{%- endmacro %}
2 changes: 1 addition & 1 deletion copier.yml
Original file line number Diff line number Diff line change
Expand Up @@ -414,7 +414,7 @@ postgres_exposed:
postgres_exposed_port:
default: 5432
type: int
when: &db_exposed "{{ postgres_exposed and true }}"
when: &db_exposed "{{ postgres_exposed and traefik_version != 3 }}"
help: >-
Indicate the port to connect to the database.
Expand Down
7 changes: 6 additions & 1 deletion prod.yaml.jinja
Original file line number Diff line number Diff line change
Expand Up @@ -88,19 +88,24 @@ services:
- .docker/db-creation.env
restart: unless-stopped
{%- if postgres_exposed %}
{%- if traefik_version == 3 %}
networks:
default:
inverseproxy_shared:
labels:
traefik.enable: "true"
traefik.docker.network: "inverseproxy_shared"
{{- traefik2_labels.database(
{{- traefik3_labels_2.database(
domains_prod,
postgres_cidr_whitelist,
_key,
postgres_exposed_port,
project_name,
) }}
{%- else %}
ports:
- "{{ postgres_exposed_port }}:5432"
{%- endif %}
{%- endif %}
{%- endif %}

Expand Down
2 changes: 1 addition & 1 deletion tests/conftest.py
Original file line number Diff line number Diff line change
Expand Up @@ -155,7 +155,7 @@ def traefik_host(request):
docker = DockerClient()
if request.param == "3":
traefik_container = docker.run(
"traefik:v3.0",
"traefik:v3.1.2",
detach=True,
privileged=True,
networks=["inverseproxy_shared"],
Expand Down

0 comments on commit f3df4ad

Please sign in to comment.