diff --git a/cmd/main.go b/cmd/main.go index eb46cc1..ade6512 100755 --- a/cmd/main.go +++ b/cmd/main.go @@ -128,8 +128,7 @@ func main() { } cfg.Start(&config.StartServersOptions{ - Proxy: true, - Metrics: true, + Proxy: true, }) if err := auth.Initialize(); err != nil { logging.Fatal().Err(err).Msg("failed to initialize authentication") diff --git a/next-release.md b/next-release.md index 025163f..436e943 100644 --- a/next-release.md +++ b/next-release.md @@ -1,176 +1,6 @@ -GoDoxy v0.9.0 expected changes +GoDoxy v0.9.1 expected changes -- **new** Brand new rewritten WebUI - - View logs directly from WebUI - - Edit dashboard app config (e.g. icon, name, category, etc.) - - Toggle show / hide apps - - Health bubbles, latency, etc. rich info on dashboard items - - UI config editor - ![{7829FA41-5733-4BAD-8183-CDF093CEC6F2}](https://github.com/user-attachments/assets/4bb371f4-6e4c-425c-89b2-b9e962bdd46f) - ![{29A4608C-607F-43C9-A542-15EC6B9D024E}](https://github.com/user-attachments/assets/8469cfaf-dc37-4b6e-9f29-c44eea91bb82) - ![{83118DF5-9D46-4D00-9CEF-C0F6C8D18C4B}](https://github.com/user-attachments/assets/856140f0-78bb-4a76-98f2-ad47544a3515) -- **new** Support selfh.st icons: `@selfhst/.` _(e.g. `@selfhst/adguard-home.webp`)_ - - also uses the display name on https://selfh.st/icons/ as default for our dashboard! -- **new** GoDoxy server side favicon retreiving and caching - - deliver smooth dashboard experience by caching favicons - - correct icon can show without setting `homepage.icon` by parsing it from app's root path "/", selecting `link[rel=icon]` from HTML as default icon - -- **Thanks [polds](https://github.com/polds)** - Optionally allow a user to specify a “warm-up” endpoint to start the container, returning a 403 if the endpoint isn’t hit and the container has been stopped. - - This can help prevent bots from starting random containers, or allow health check systems to run some probes. Or potentially lock the start endpoints behind a different authentication mechanism, etc. - - Sample service showing this: - - ```yaml - hello-world: - image: nginxdemos/hello - container_name: hello-world - restart: "no" - ports: - - "9100:80" - labels: - proxy.aliases: hello-world - proxy.#1.port: 9100 - proxy.idle_timeout: 45s - proxy.wake_timeout: 30s - proxy.stop_method: stop - proxy.stop_timeout: 10s - proxy.stop_signal: SIGTERM - proxy.start_endpoint: "/start" - ``` - - Hitting `/` on this service when the container is down: - - ```curl - $ curl -sv -X GET -H "Host: hello-world.godoxy.local" http://localhost/ - * Host localhost:80 was resolved. - * IPv6: ::1 - * IPv4: 127.0.0.1 - * Trying [::1]:80... - * Connected to localhost (::1) port 80 - > GET / HTTP/1.1 - > Host: hello-world.godoxy.local - > User-Agent: curl/8.7.1 - > Accept: */* - > - * Request completely sent off - < HTTP/1.1 403 Forbidden - < Content-Type: text/plain; charset=utf-8 - < X-Content-Type-Options: nosniff - < Date: Wed, 08 Jan 2025 02:04:51 GMT - < Content-Length: 71 - < - Forbidden: Container can only be started via configured start endpoint - * Connection #0 to host localhost left intact - ``` - - Hitting `/start` when the container is down: - - ```curl - curl -sv -X GET -H "Host: hello-world.godoxy.local" -H "X-Goproxy-Check-Redirect: skip" http://localhost/start - * Host localhost:80 was resolved. - * IPv6: ::1 - * IPv4: 127.0.0.1 - * Trying [::1]:80... - * Connected to localhost (::1) port 80 - > GET /start HTTP/1.1 - > Host: hello-world.godoxy.local - > User-Agent: curl/8.7.1 - > Accept: */* - > X-Goproxy-Check-Redirect: skip - > - * Request completely sent off - < HTTP/1.1 200 OK - < Date: Wed, 08 Jan 2025 02:13:39 GMT - < Content-Length: 0 - < - * Connection #0 to host localhost left intact - ``` - -- **Thanks [polds](https://github.com/polds)** - Support WebUI authentication via OIDC by setting these environment variables: - - `GODOXY_OIDC_ISSUER_URL` e.g.: - - Pocket ID: `https://pocker-id.yourdomain.com` - - Authentik: `https://authentik.yourdomain.com/application/o//` **The ending slash is required** - - `GODOXY_OIDC_LOGOUT_URL` _(if your issuer supports it, e.g.)_ - - Authentik: `https://authentik.yourdomain.com/application/o//end-session` - - `GODOXY_OIDC_CLIENT_ID` - - `GODOXY_OIDC_CLIENT_SECRET` - - `GODOXY_OIDC_REDIRECT_URL` - - `GODOXY_OIDC_SCOPES` _(optional)_ - - `GODOXY_OIDC_ALLOWED_USERS` - - `GODOXY_OIDC_ALLOWED_GROUPS` _(optional)_ - -- Use OpenID Connect to authenticate GoDoxy's WebUI and all your services (SSO) - - ```yaml - # default - labels: - proxy.app.middlewares.oidc: - - # with overridden allowed users - labels: - proxy.app.middlewares.oidc.allowed_users: user1, user2 - - # with overridden allowed groups - labels: - proxy.app.middlewares.oidc.allowed_groups: group1, group2 - - # with both overridden (can use inline YAML string for less typing) - labels: - proxy.app.middlewares.oidc: | - allowed_users: [user1, user2] - allowed_groups: [group1, group2] - ``` - -- Caddyfile like rules (experimental) - - ```yaml - proxy.goaccess.rules: | - - name: default - do: | - rewrite / /index.html - serve /var/www/goaccess - - name: ws - on: | - header Connection Upgrade - header Upgrade websocket - do: bypass # do nothing, pass to reverse proxy - - proxy.app.rules: | - - name: default - do: bypass # do nothing, pass to reverse proxy - - name: block POST and PUT - on: method POST | method PUT - do: error 403 Forbidden - ``` -- config reload will now cause a server full restart (i.e. proxy, api, prometheus, etc), eliminating some incorrect behaviors -- drop support of inline yaml string list without hyphen `-` prefix, e.g. - ```yaml - # old - proxy.app.middlewares.request.hide_headers: | - X-Header1 - X-Header2 - - # new - proxy.app.middlewares.request.hide_headers: | - - X-Header1 - - X-Header2 - ``` -- autocert now supports hot-reload -- middleware compose now supports cross-referencing, e.g. - ```yaml - foo: - - use: RedirectHTTP - bar: # in the same file or different file - - use: foo@file - ``` -- changed default `ResponseHeaderTimeout` to `60s` -- allow customizing `ResponseHeaderTimeout` for each app, e.g. - ```yaml - proxy..response_header_timeout: 3m - ``` -- Fixes - - bug: cert renewal failure no longer causes renew schdueler to stuck forever - - bug: access log writes to closed file after config reload +- Support Ntfy notifications +- Prometheus metrics server now inside API server under `/v1/metrics` + - `GODOXY_PROMETHEUS_ADDR` removed + - `GODOXY_PROMETHEUS_ENABLED` added, default `false`