ric/uptime-kuma
1
0
Fork 0
mirror of https://github.com/louislam/uptime-kuma.git synced 2025-02-17 09:05:56 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 6

Merge branch 'master' into feature/locale_on_status_page

Browse source
This commit is contained in:
Wampie Driessen 2023-08-05 17:56:11 +02:00 committed by GitHub
commit 4cb9406a2e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 66 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
server/database.js
View file

@ -26,6 +26,8 @@ class Database {
static path; static path;
static dockerTLSDir;
/** /**
* @type {boolean} * @type {boolean}
*/ */
@ -113,6 +115,11 @@ class Database {
fs.mkdirSync(Database.screenshotDir, { recursive: true }); fs.mkdirSync(Database.screenshotDir, { recursive: true });
} }
Database.dockerTLSDir = path.join(Database.dataDir, "docker-tls/");
if (! fs.existsSync(Database.dockerTLSDir)) {
fs.mkdirSync(Database.dockerTLSDir, { recursive: true });
}
log.info("db", `Data Dir: ${Database.dataDir}`); log.info("db", `Data Dir: ${Database.dataDir}`);
} }

60
server/docker.js
View file

@ -2,8 +2,16 @@ const axios = require("axios");
const { R } = require("redbean-node"); const { R } = require("redbean-node");
const version = require("../package.json").version; const version = require("../package.json").version;
const https = require("https"); const https = require("https");
const fs = require("fs");
const path = require("path");
const Database = require("./database");
class DockerHost { class DockerHost {
static CertificateFileNameCA = "ca.pem";
static CertificateFileNameCert = "cert.pem";
static CertificateFileNameKey = "key.pem";
/** /**
* Save a docker host * Save a docker host
* @param {Object} dockerHost Docker host to save * @param {Object} dockerHost Docker host to save
@ -66,10 +74,6 @@ class DockerHost {
"Accept": "*/*", "Accept": "*/*",
"User-Agent": "Uptime-Kuma/" + version "User-Agent": "Uptime-Kuma/" + version
}, },
httpsAgent: new https.Agent({
maxCachedSessions: 0, // Use Custom agent to disable session reuse (https://github.com/nodejs/node/issues/3940)
rejectUnauthorized: false,
}),
}; };
if (dockerHost.dockerType === "socket") { if (dockerHost.dockerType === "socket") {
@ -77,6 +81,7 @@ class DockerHost {
} else if (dockerHost.dockerType === "tcp") { } else if (dockerHost.dockerType === "tcp") {
options.baseURL = DockerHost.patchDockerURL(dockerHost.dockerDaemon); options.baseURL = DockerHost.patchDockerURL(dockerHost.dockerDaemon);
} }
options.httpsAgent = new https.Agent(DockerHost.getHttpsAgentOptions(dockerHost.dockerType, options.baseURL));
let res = await axios.request(options); let res = await axios.request(options);
@ -111,6 +116,53 @@ class DockerHost {
} }
return url; return url;
} }
/**
* Returns HTTPS agent options with client side TLS parameters if certificate files
* for the given host are available under a predefined directory path.
*
* The base path where certificates are looked for can be set with the
* 'DOCKER_TLS_DIR_PATH' environmental variable or defaults to 'data/docker-tls/'.
*
* If a directory in this path exists with a name matching the FQDN of the docker host
* (e.g. the FQDN of 'https://example.com:2376' is 'example.com' so the directory
* 'data/docker-tls/example.com/' would be searched for certificate files),
* then 'ca.pem', 'key.pem' and 'cert.pem' files are included in the agent options.
* File names can also be overridden via 'DOCKER_TLS_FILE_NAME_(CA|KEY|CERT)'.
*
* @param {String} dockerType i.e. "tcp" or "socket"
* @param {String} url The docker host URL rewritten to https://
* @return {Object}
* */
static getHttpsAgentOptions(dockerType, url) {
let baseOptions = {
maxCachedSessions: 0,
rejectUnauthorized: true
};
let certOptions = {};
let dirName = (new URL(url)).hostname;
let caPath = path.join(Database.dockerTLSDir, dirName, DockerHost.CertificateFileNameCA);
let certPath = path.join(Database.dockerTLSDir, dirName, DockerHost.CertificateFileNameCert);
let keyPath = path.join(Database.dockerTLSDir, dirName, DockerHost.CertificateFileNameKey);
if (dockerType === "tcp" && fs.existsSync(caPath) && fs.existsSync(certPath) && fs.existsSync(keyPath)) {
let ca = fs.readFileSync(caPath);
let key = fs.readFileSync(keyPath);
let cert = fs.readFileSync(certPath);
certOptions = {
ca,
key,
cert
};
}
return {
...baseOptions,
...certOptions
};
}
} }
module.exports = { module.exports = {

3
server/model/monitor.js
View file

@ -720,6 +720,9 @@ class Monitor extends BeanModel {
options.socketPath = dockerHost._dockerDaemon; options.socketPath = dockerHost._dockerDaemon;
} else if (dockerHost._dockerType === "tcp") { } else if (dockerHost._dockerType === "tcp") {
options.baseURL = DockerHost.patchDockerURL(dockerHost._dockerDaemon); options.baseURL = DockerHost.patchDockerURL(dockerHost._dockerDaemon);
options.httpsAgent = CacheableDnsHttpAgent.getHttpsAgent(
DockerHost.getHttpsAgentOptions(dockerHost._dockerType, options.baseURL)
);
} }
log.debug("monitor", `[${this.name}] Axios Request`); log.debug("monitor", `[${this.name}] Axios Request`);