From 0db9406a093ae1fe249ae118c02ba2e84271f0ee Mon Sep 17 00:00:00 2001 From: Erik Groh Date: Sun, 1 Dec 2024 16:06:31 +0100 Subject: [PATCH 1/4] Added the posibility to use patterns for the enviroment variable ZITI_IDENTITIES --- entrypoint.sh | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/entrypoint.sh b/entrypoint.sh index af5f6ec..e295299 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -14,6 +14,33 @@ if [[ -n "$ZITI_IDENTITY" ]]; then echo "Error: Failed to decode and create identity file." exit 1 fi +else + echo "ZITI_IDENTITY not detected. Checking ZITI_IDENTITIES for configuration..." + + if [[ -z "$ZITI_IDENTITIES" ]]; then + echo "Error: ZITI_IDENTITIES is not set. Please configure it as a file pattern." + exit 1 + fi + + dir=$(dirname "$ZITI_IDENTITIES") + pattern=$(basename "$ZITI_IDENTITIES") + + if [[ ! -d "$dir" ]]; then + echo "Error: Directory $dir does not exist." + exit 1 + fi + + echo "Scanning for files matching: $ZITI_IDENTITIES" + + files=$(find "$dir" -maxdepth 1 -name "$pattern" -type f 2>/dev/null | tr '\n' ',' | sed 's/,$//') + + if [[ -n "$files" ]]; then + export ZITI_IDENTITIES="$files" + echo "ZITI_IDENTITIES updated to: $ZITI_IDENTITIES" + else + echo "Error: No files found matching the pattern: $ZITI_IDENTITIES" + exit 1 + fi fi exec "$@" From 773a29b4682c4645e729c07091292596af7acf22 Mon Sep 17 00:00:00 2001 From: Erik Groh Date: Thu, 5 Dec 2024 19:46:16 +0100 Subject: [PATCH 2/4] Add support for symlinks, useful for kribbelnetes secrets --- entrypoint.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/entrypoint.sh b/entrypoint.sh index e295299..5d843e8 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -32,7 +32,7 @@ else echo "Scanning for files matching: $ZITI_IDENTITIES" - files=$(find "$dir" -maxdepth 1 -name "$pattern" -type f 2>/dev/null | tr '\n' ',' | sed 's/,$//') + files=$(find "$dir" -maxdepth 1 -name "$pattern" -type f,l 2>/dev/null | tr '\n' ',' | sed 's/,$//') if [[ -n "$files" ]]; then export ZITI_IDENTITIES="$files" From 251b7d37b3fc3375617f16a0fe950798ebedf3ee Mon Sep 17 00:00:00 2001 From: Erik Groh Date: Thu, 5 Dec 2024 20:28:14 +0100 Subject: [PATCH 3/4] Updated version and documentation --- README.md | 22 +++++++++++----------- VERSION.txt | 2 +- 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/README.md b/README.md index add4196..9271ec1 100644 --- a/README.md +++ b/README.md @@ -22,17 +22,17 @@ docker pull docker.io/erikmagkekse/ziti-edge-proxy:main [DockerHub](https://hub.docker.com/r/erikmagkekse/ziti-edge-proxy) ### Environment variables -| Variable | Default Value | Usage | -| ---------------- | ----------------- | ----------------------------------------------------------- | -| PROXY_HOST | 127.0.0.1 | Where the SOCKS5 server should be attached | -| SOCKS_ENABLED | true | Enables SOCKS5 Server | -| HTTP_ENABLED | true | Enables HTTP Server | -| SOCKS_PORT | 1080 | Default port of the SOCKS5 server | -| HTTP_PORT | 8080 | Default port of the HTTP proxy server | -| PROXY_USERNAME | user | Username for the SOCKS5 server | -| PROXY_PASSWORD | password | Password for the SOCKS5 Server | -| *ZITI_IDENTITIES | *empty* | List of used Ziti identities, separated by semicolon | -| *ZITI_IDENTITY | *empty* | A Base64 encoded string of a single identity JSON | +| Variable | Default Value | Usage | +| ---------------- | ----------------- | ------------------------------------------------------------------------------------ | +| PROXY_HOST | 127.0.0.1 | Where the SOCKS5 server should be attached | +| SOCKS_ENABLED | true | Enables SOCKS5 Server | +| HTTP_ENABLED | true | Enables HTTP Server | +| SOCKS_PORT | 1080 | Default port of the SOCKS5 server | +| HTTP_PORT | 8080 | Default port of the HTTP proxy server | +| PROXY_USERNAME | user | Username for the SOCKS5 server | +| PROXY_PASSWORD | password | Password for the SOCKS5 Server | +| *ZITI_IDENTITIES | *empty* | List of used Ziti identities, separated by semicolon, can be also a wildcard. | +| *ZITI_IDENTITY | *empty* | A Base64 encoded string of a single identity JSON | \*Only one of these can be used at a time and is not optional. If you use ZITI_IDENTITY, it will decode the identity JSON to "/app/identity.json" and update the var ZITI_IDENTITIES to point to the file. diff --git a/VERSION.txt b/VERSION.txt index 39e0f45..afabe80 100644 --- a/VERSION.txt +++ b/VERSION.txt @@ -1 +1 @@ -v0.2-alpha \ No newline at end of file +v0.3-alpha \ No newline at end of file From 95003b7ed6970c9e239f42f729c12d9fbb98a26c Mon Sep 17 00:00:00 2001 From: Erik Groh Date: Thu, 5 Dec 2024 20:38:11 +0100 Subject: [PATCH 4/4] Updated python image --- Dockerfile | 2 +- docker-compose.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 37d9cb9..0c6d91b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM python:3.10.15-slim +FROM python:3-slim-bookworm # Arguments ENV USER=appuser diff --git a/docker-compose.yml b/docker-compose.yml index 750dce3..34e952c 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -14,4 +14,4 @@ services: PROXY_PASSWORD: 1234 ZITI_IDENTITIES: /app/identity.json volumes: - - "../identity.json:/app/identity.json" \ No newline at end of file + - "../identity.json:/app/identity.json"