Switch from GitHub Pages to Cloudflare Pages

.github/workflows/CD-production-task.yml

@@ -65,6 +65,13 @@ jobs:
         run: |
           echo "$SUPABASE" > config/supabase.yml
 
+      - name: Render FRONTMAN secret into config/frontman.yml
+        env:
+          SUPABASE: ${{ secrets.FRONTMAN }}
+        shell: bash
+        run: |
+          echo "$FRONTMAN" > config/frontman.yml
+
       - name: Run playbook
         shell: bash
         run: make ${{ inputs.tasks }}

.github/workflows/CD-production.yml

@@ -10,11 +10,6 @@ on:
       - master
   workflow_dispatch:
 
-permissions:
-  contents: read
-  pages: write
-  id-token: write
-
 jobs:
   deploy-proxies:
     name: Deploy on production
@@ -24,6 +19,7 @@ jobs:
         task:
           - deploy_metrics
           - deploy_proxies
+          - deploy_frontman
     with:
       tasks: ${{ matrix.task }}
     secrets: inherit

.gitignore

@@ -2,7 +2,8 @@ vault.txt
 users.csv
 id_rsa
 id_rsa.pub
-config/users-configs.yml
+known_hosts
+config/frontman.yml
 config/metrics.yml
 config/servers.yml
 config/supabase.yml

Dockerfile

@@ -1,2 +1,2 @@
 FROM alpine/ansible
-RUN apk add --no-cache curl make rsync
+RUN apk add --no-cache curl make rsync nodejs npm

Makefile

@@ -2,7 +2,7 @@ USERS_CSV_FILE = users.csv
 PLAYBOOK_FILE_METRIX = metrics.yml
 PLAYBOOK_FILE_PROXIES = proxies.yml
 PLAYBOOK_FILE_USERS_CSV = users-csv.yml
-PLAYBOOK_FILE_USERS_CONFIGS = users-configs.yml
+PLAYBOOK_FILE_FRONTMAN = frontman.yml
 HOSTS_FILE = inventory/hosts
 
 hosts_encrypt:
@@ -11,9 +11,6 @@ hosts_encrypt:
 hosts_decrypt:
 	ansible-vault decrypt $(HOSTS_FILE)
 
-render_users_configs:
-	ansible-playbook $(PLAYBOOK_FILE_USERS_CONFIGS)
-
 deploy_frontman:
 	ansible-playbook $(PLAYBOOK_FILE_FRONTMAN)
 

README.md

@@ -16,7 +16,7 @@ Stores list of user configs. Users may generate new user configs (my means of HT
 to render configs for xrays and other components. _The repository with Supabas is not open-source at the moment. It will becore
 open-source later_.
 
-## GH Pages
+## Cloudflare Pages
 Serves static content:
 * static html pages with installation instructions which is being developed in a separate repository:
 [xray-server-frontend](https://github.com/ed-asriyan/xray-server-frontend). The user is provided with a private instruction link
@@ -26,7 +26,7 @@ ShadowSocks client each time before connecting to a ShadowSocks server
 * personal vless [subscription files](https://hiddify.com/app/URL-Scheme) for each client, which is used by Hiddify to refresh
 list of available servers
 
-Playbook: [users-configs.yml](./users-configs.yml). It just renders files locally, the should be uploaded got GitHub Pages using
+Playbook: [frontman.yml](./frontman.yml). It just renders files locally, the should be uploaded got Cloudflare Pages using
 Actions.
 
 ## Metrics

config/README.md

@@ -4,7 +4,7 @@ This directory contains configuration files.
 ## How to edit
 ### If you use GitHub Actions
 Create the following secrets:
-* `USERS_CONFIGS`: copy content of [users-configs.example.yml](./users-configs.example.yml) to the secret and fill out each variable
+* `FRONTMAN`: copy content of [frontman.example.yml](./frontman.example.yml) to the secret and fill out each variable
 * `SERVERS`: copy content of [servers.example.yml](./servers.example.yml) to the secret and fill out each variable
 * `HOSTS`: copy content of [hosts.example.yml](./hosts.example.yml) to the secret and fill out each variable
 * `METRICS`: copy content of [metrics.example.yml](./metrics.example.yml) to the secret and fill out each variable

config/frontman.example.yml

@@ -0,0 +1,17 @@
+# where redirect to if user opened index page without valid parameters
+config_frontman_default_redirect:
+
+# title users should we when open hiddify
+config_users_title:
+
+# url where frontman is hosted
+config_users_base_url:
+
+# clouflare pages project name
+config_frontman_cloudflare_project_name:
+
+# cloudflare account id
+config_frontman_cloudflare_account_id:
+
+# cloudflare api token with Account -> Cloudflare Pages -> Write permissions. create at https://dash.cloudflare.com/profile/api-tokens
+config_frontman_cloudflare_api_token:

users-configs.yml → frontman.yml

@@ -2,7 +2,7 @@
     - localhost
   no_log: true
   vars_files:
-    - ./config/users-configs.yml
+    - ./config/frontman.yml
     - ./config/servers.yml
     - ./config/supabase.yml
   pre_tasks:
@@ -36,13 +36,15 @@
       set_fact:
         config_local_users: "{{ supabase_users_response.json | map(attribute='child_uuid') | list }}"
   roles:
-    - role: users-configs
+    - role: frontman
       vars:
-        users_configs_default_redirect: "{{ config_users_configs_default_redirect }}"
-        users_configs_servers: "{{ config_servers }}"
-        users_configs_configs: "{{ config_local_configs }}"
-        users_configs_users: "{{ config_local_users }}"
-        users_configs_static_directory_filename: static
-        users_configs_title: "{{ config_users_title }}"
-        users_configs_support_url: "{{ config_users_support_url }}"
-        users_configs_base_url: "{{ config_users_base_url }}"
+        frontman_default_redirect: "{{ config_frontman_default_redirect }}"
+        frontman_servers: "{{ config_servers }}"
+        frontman_configs: "{{ config_local_configs }}"
+        frontman_users: "{{ config_local_users }}"
+        frontman_static_directory_filename: static
+        frontman_title: "{{ config_users_title }}"
+        frontman_base_url: "{{ config_users_base_url }}"
+        frontman_cloudflare_project_name: "{{ config_frontman_cloudflare_project_name }}"
+        frontman_cloudflare_account_id: "{{ config_frontman_cloudflare_account_id }}"
+        frontman_cloudflare_api_token: "{{ config_frontman_cloudflare_api_token }}"

roles/frontman/defaults/main.yml

@@ -0,0 +1,29 @@
+# where redirect to if user opened index page without paramneters
+frontman_default_redirect:
+
+# users as described in /users-example.yml
+frontman_users:
+
+# files with redirect url
+frontman_configs:
+
+# servers object as described in /servers-example.yml
+frontman_servers:
+
+# relative path of directory where static content should be stored
+frontman_static_directory_filename:
+
+# title users should we when open hiddify
+frontman_title:
+
+# url where frontman is hosted
+frontman_base_url:
+
+# clouflare pages project name
+frontman_cloudflare_project_name:
+
+# cloudflare account id
+frontman_cloudflare_account_id:
+
+# cloudflare api token with Account -> Cloudflare Pages -> Write permissions. create at https://dash.cloudflare.com/profile/api-tokens
+frontman_cloudflare_api_token:

roles/frontman/tasks/main.yml

@@ -0,0 +1,81 @@
+- name: Ensure required variables are defined
+  assert:
+    that:
+      - frontman_default_redirect is string
+      - frontman_title is string
+      - frontman_cloudflare_project_name is string
+      - frontman_cloudflare_account_id is string
+      - frontman_cloudflare_api_token is string
+
+- name: Ensure frontman_users is defined correctly
+  include_tasks: tasks/assert-users.yml
+  vars:
+    users: "{{ frontman_users }}"
+
+- name: Ensure frontman_configs is defined correctly
+  include_tasks: tasks/assert-configs.yml
+  vars:
+    configs: "{{ frontman_configs }}"
+
+- name: Ensure frontman_servers is defined correctly
+  include_tasks: tasks/assert-servers.yml
+  vars:
+    servers: "{{ frontman_servers }}"
+
+- set_fact:
+    frontman_static_root_local: "./{{ frontman_static_directory_filename }}"
+    frontman_frontend_name: "{{ lookup('community.general.random_string', length=32, special=False) }}"
+
+- name: Create static directory locally
+  file:
+    path: "{{ frontman_static_root_local }}"
+    state: directory
+
+- name: Render index.html
+  template:
+    src: index.html.j2
+    dest: "{{ frontman_static_root_local }}/index.html"
+
+- name: Create frontend directory locally
+  file:
+    path: "{{ frontman_static_root_local }}/{{ frontman_frontend_name }}"
+    state: directory
+
+- name: Render frontend.html
+  get_url:
+    url: "{{ frontman_frontend_html_url }}"
+    dest: "{{ frontman_static_root_local }}/{{ frontman_frontend_name }}/index.html"
+
+- name: Render frontend config
+  template:
+    src: frontend-config.json.j2
+    dest: "{{ frontman_static_root_local }}/{{ frontman_frontend_name }}/config.json"
+
+- name: Copy robots.txt
+  copy:
+    src: robots.txt
+    dest: "{{ frontman_static_root_local }}/robots.txt"
+
+- name: Render configs
+  with_items: "{{ frontman_configs }}"
+  loop_control:
+    index_var: loop_index
+  vars:
+    frontman_config_uuid: "{{ item }}"
+  include_tasks: render_configs.yml
+
+- name: Render redirect configs
+  with_items: "{{ frontman_users }}"
+  loop_control:
+    index_var: loop_index
+  vars:
+    frontman_user_uuid: "{{ item }}"
+  template:
+    src: frontend-link.json.j2
+    dest: "{{ frontman_static_root_local }}/{{ frontman_user_uuid }}.json"
+
+- name: Upload static files to Cloudflare Pages
+  command: "npx wrangler pages deploy {{ frontman_static_root_local }} --project-name={{ frontman_cloudflare_project_name }}"
+  environment:
+    CLOUDFLARE_ACCOUNT_ID: "{{ frontman_cloudflare_account_id }}"
+    CLOUDFLARE_API_TOKEN: "{{ frontman_cloudflare_api_token }}"

roles/frontman/tasks/render_configs.yml

@@ -0,0 +1,30 @@
+
+- name: Create user's directory
+  file:
+    path: "{{ frontman_static_root_local }}/{{ frontman_config_uuid }}"
+    state: directory
+
+- name: Render hiddify config
+  template:
+    src: hiddify.j2
+    dest: "{{ frontman_static_root_local }}/{{ frontman_config_uuid }}/{{ frontman_hiddify_filename }}"
+
+- name: Render hiddify config (index.html for backward compatibility)
+  template:
+    src: hiddify.j2
+    dest: "{{ frontman_static_root_local }}/{{ frontman_config_uuid }}/index.html"
+
+- name: Render xray-client config
+  template:
+    src: client-xray-config.json.j2
+    dest: "{{ frontman_static_root_local }}/{{ frontman_config_uuid }}/{{ frontman_client_xray_config_filename }}"
+
+- name: Render sock5.Dockerfile
+  template:
+    src: socks5.Dockerfile.j2
+    dest: "{{ frontman_static_root_local }}/{{ frontman_config_uuid }}/{{ frontman_socks5_docker_filename }}"
+
+- name: Render urls map
+  template:
+    src: urls-map.json.j2
+    dest: "{{ frontman_static_root_local }}/{{ frontman_config_uuid }}/{{ frontman_urls_map_filename }}"