fix: cloudflare tunnel with new multiplexing feature

duaneadam · Sep 12, 2024 · 75f266f · 75f266f
1 parent 90fd0eb
commit 75f266f
Show file tree

Hide file tree

Showing 9 changed files with 21 additions and 11 deletions.
diff --git a/.env.development.example b/.env.development.example
@@ -6,7 +6,7 @@ APP_KEY=
 APP_URL=http://localhost
 APP_PORT=8000
 APP_DEBUG=true
-MUX_ENABLED=false
+SSH_MUX_ENABLED=false
 
 # PostgreSQL Database Configuration
 DB_DATABASE=coolify

diff --git a/app/Livewire/Boarding/Index.php b/app/Livewire/Boarding/Index.php
@@ -282,7 +282,7 @@ public function installServer()
     public function validateServer()
     {
         try {
-            config()->set('coolify.mux_enabled', false);
+            config()->set('constants.ssh.mux_enabled', false);
 
             // EC2 does not have `uptime` command, lol
             instant_remote_process(['ls /'], $this->createdServer, true);

diff --git a/app/Models/Server.php b/app/Models/Server.php
@@ -967,7 +967,7 @@ public function isSwarmWorker()
 
     public function validateConnection()
     {
-        config()->set('coolify.mux_enabled', false);
+        config()->set('constants.ssh.mux_enabled', false);
 
         $server = Server::find($this->id);
         if (! $server) {

diff --git a/bootstrap/helpers/proxy.php b/bootstrap/helpers/proxy.php
@@ -137,6 +137,8 @@ function generate_default_proxy_configuration(Server $server)
             'external' => true,
         ];
     });
+    // TODO: This should not be null on new servers, but it is.
+    ray($proxy_type);
     if ($proxy_type === ProxyTypes::TRAEFIK->value) {
         $labels = [
             'traefik.enable=true',

diff --git a/bootstrap/helpers/remoteProcess.php b/bootstrap/helpers/remoteProcess.php
@@ -166,7 +166,6 @@ function generateSshCommand(Server $server, string $command)
     // Check if multiplexing is enabled
     $muxEnabled = config('constants.ssh.mux_enabled', true);
     // ray('SSH Multiplexing Enabled:', $muxEnabled)->blue();
-
     if ($muxEnabled) {
         // Always use multiplexing when enabled
         $muxSocket = "/var/www/html/storage/app/ssh/mux/{$server->muxFilename()}";
@@ -212,7 +211,11 @@ function ensureMultiplexedConnection(Server $server)
     }
 
     $muxSocket = "/var/www/html/storage/app/ssh/mux/{$server->muxFilename()}";
-    $checkCommand = "ssh -O check -o ControlPath=$muxSocket {$server->user}@{$server->ip} 2>/dev/null";
+    $checkCommand = "ssh -O check -o ControlPath=$muxSocket ";
+    if (data_get($server, 'settings.is_cloudflare_tunnel')) {
+        $checkCommand .= '-o ProxyCommand="/usr/local/bin/cloudflared access ssh --hostname %h" ';
+    }
+    $checkCommand .= " {$server->user}@{$server->ip}";
 
     $process = Process::run($checkCommand);
 
@@ -233,8 +236,12 @@ function ensureMultiplexedConnection(Server $server)
     $serverInterval = config('constants.ssh.server_interval');
     $muxPersistTime = config('constants.ssh.mux_persist_time');
 
-    $establishCommand = "ssh -fNM -o ControlMaster=auto -o ControlPath=$muxSocket -o ControlPersist={$muxPersistTime} "
-        ."-i {$privateKeyLocation} "
+    $establishCommand = "ssh -fNM -o ControlMaster=auto -o ControlPath=$muxSocket -o ControlPersist={$muxPersistTime} ";
+
+    if (data_get($server, 'settings.is_cloudflare_tunnel')) {
+        $establishCommand .= '-o ProxyCommand="/usr/local/bin/cloudflared access ssh --hostname %h" ';
+    }
+    $establishCommand .= "-i {$privateKeyLocation} "
         .'-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null '
         .'-o PasswordAuthentication=no '
         ."-o ConnectTimeout=$connectionTimeout "
@@ -305,7 +312,7 @@ function instant_remote_process(Collection|array $command, Server $server, bool
     $end_time = microtime(true);
 
     $execution_time = ($end_time - $start_time) * 1000; // Convert to milliseconds
-    // ray('SSH command execution time:', $execution_time.' ms')->orange();
+    ray('SSH command execution time:', $execution_time.' ms')->orange();
 
     $output = trim($process->output());
     $exitCode = $process->exitCode();

diff --git a/config/constants.php b/config/constants.php
@@ -6,7 +6,8 @@
         'contact' => 'https://coolify.io/docs/contact',
     ],
     'ssh' => [
-        'mux_enabled' => env('SSH_MUX_ENABLED', true),
+        // Using MUX
+        'mux_enabled' => env('MUX_ENABLED', env('SSH_MUX_ENABLED', true), true),
         'mux_persist_time' => env('SSH_MUX_PERSIST_TIME', '1h'),
         'connection_timeout' => 10,
         'server_interval' => 20,

diff --git a/config/coolify.php b/config/coolify.php
@@ -7,7 +7,6 @@
     'self_hosted' => env('SELF_HOSTED', true),
     'waitlist' => env('WAITLIST', false),
     'license_url' => 'https://licenses.coollabs.io',
-    'mux_enabled' => env('MUX_ENABLED', true),
     'dev_webhook' => env('SERVEO_URL'),
     'is_windows_docker_desktop' => env('IS_WINDOWS_DOCKER_DESKTOP', false),
     'base_config_path' => env('BASE_CONFIG_PATH', '/data/coolify'),

diff --git a/docker-compose.prod.yml b/docker-compose.prod.yml
@@ -48,6 +48,7 @@ services:
       - PUSHER_APP_SECRET
       - AUTOUPDATE
       - SELF_HOSTED
+      - SSH_MUX_ENABLED
       - SSH_MUX_PERSIST_TIME
       - FEEDBACK_DISCORD_WEBHOOK
       - WAITLIST

diff --git a/docker-compose.windows.yml b/docker-compose.windows.yml
@@ -45,7 +45,7 @@ services:
       - PUSHER_APP_SECRET
       - AUTOUPDATE=true
       - SELF_HOSTED=true
-      - MUX_ENABLED=false
+      - SSH_MUX_ENABLED=false
       - IS_WINDOWS_DOCKER_DESKTOP=true
     ports:
       - "${APP_PORT:-8000}:80"