diff --git a/server/lib/traefik/TraefikConfigManager.ts b/server/lib/traefik/TraefikConfigManager.ts index 42baf41b5..5f5a539ca 100644 --- a/server/lib/traefik/TraefikConfigManager.ts +++ b/server/lib/traefik/TraefikConfigManager.ts @@ -511,6 +511,12 @@ export class TraefikConfigManager { let traefikConfig; try { const currentExitNode = await getCurrentExitNodeId(); + + const maintenancePort = config.getRawConfig().server.next_port; + const maintenanceHost = + config.getRawConfig().server.internal_hostname; + const browserGatewayUiUrl = `http://${maintenanceHost}:${maintenancePort}`; + // logger.debug(`Fetching traefik config for exit node: ${currentExitNode}`); traefikConfig = await getTraefikConfig( // this is called by the local exit node to get its own config @@ -521,7 +527,8 @@ export class TraefikConfigManager { build == "saas" ? false : config.getRawConfig().traefik.allow_raw_resources, // dont allow raw resources on saas otherwise use config - build != "oss" // generate browser gateway targets on cloud and enterprise + build != "oss", // generate maintenance pages on cloud and hybrid + browserGatewayUiUrl // generate browser gateway targets on cloud and hybrid ); const domains = new Set(); diff --git a/server/lib/traefik/getTraefikConfig.ts b/server/lib/traefik/getTraefikConfig.ts index 48eb03638..c11a0c1e0 100644 --- a/server/lib/traefik/getTraefikConfig.ts +++ b/server/lib/traefik/getTraefikConfig.ts @@ -45,7 +45,7 @@ export async function getTraefikConfig( generateLoginPageRouters = false, // UNUSED BUT USED IN PRIVATE allowRawResources = true, allowMaintenancePage = true, // UNUSED BUT USED IN PRIVATE - allowBrowserGatewayResources = true + browserGatewayUiUrl: string | null = null // UNUSED BUT USED IN PRIVATE ): Promise { // Get resources with their targets and sites in a single optimized query // Start from sites on this exit node, then join to targets and resources diff --git a/server/private/lib/traefik/getTraefikConfig.ts b/server/private/lib/traefik/getTraefikConfig.ts index e81715d3b..4395bc259 100644 --- a/server/private/lib/traefik/getTraefikConfig.ts +++ b/server/private/lib/traefik/getTraefikConfig.ts @@ -85,7 +85,7 @@ export async function getTraefikConfig( generateLoginPageRouters = false, allowRawResources = true, allowMaintenancePage = true, - allowBrowserGatewayResources = true + browserGatewayUiUrl: string | null = null ): Promise { // Get resources with their targets and sites in a single optimized query // Start from sites on this exit node, then join to targets and resources @@ -317,7 +317,7 @@ export async function getTraefikConfig( BrowserGatewayResourceEntry >(); - if (allowBrowserGatewayResources) { + if (browserGatewayUiUrl) { for (const row of resourcesWithTargetsAndSites) { if (!["ssh", "vnc", "rdp"].includes(row.mode)) { continue; @@ -1027,7 +1027,7 @@ export async function getTraefikConfig( } } - if (allowBrowserGatewayResources) { + if (browserGatewayUiUrl) { // Generate Traefik config for browser gateway resources const browserGatewayPort = 39999; for (const [, bgResource] of browserGatewayResourcesMap.entries()) { @@ -1129,10 +1129,6 @@ export async function getTraefikConfig( const entrypointHttps = config.getRawConfig().traefik.https_entrypoint; - const maintenancePort = config.getRawConfig().server.next_port; - const maintenanceHost = - config.getRawConfig().server.internal_hostname; - if (!config_output.http.services) config_output.http.services = {}; if (!config_output.http.middlewares) @@ -1144,7 +1140,7 @@ export async function getTraefikConfig( loadBalancer: { servers: [ { - url: `http://${maintenanceHost}:${maintenancePort}` + url: browserGatewayUiUrl } ], passHostHeader: true diff --git a/server/private/routers/hybrid.ts b/server/private/routers/hybrid.ts index c6be3e7d1..c6245fc08 100644 --- a/server/private/routers/hybrid.ts +++ b/server/private/routers/hybrid.ts @@ -277,6 +277,8 @@ hybridRouter.get( ); } + const browserGatewayUiUrl = config.getRawConfig().app.dashboard_url; // points to the dashboard to serve from there + try { const traefikConfig = await getTraefikConfig( remoteExitNode.exitNodeId, @@ -285,7 +287,7 @@ hybridRouter.get( false, // Dont include login pages, true, // allow raw resources false, // dont generate maintenance page - false // dont generate browser gateway targets + browserGatewayUiUrl // generate browser gateway targets ); return response(res, { diff --git a/server/routers/traefik/traefikConfigProvider.ts b/server/routers/traefik/traefikConfigProvider.ts index 5da8eba4b..adc60ff12 100644 --- a/server/routers/traefik/traefikConfigProvider.ts +++ b/server/routers/traefik/traefikConfigProvider.ts @@ -17,13 +17,18 @@ export async function traefikConfigProvider( // Get the current exit node name from config const currentExitNodeId = await getCurrentExitNodeId(); + const maintenancePort = config.getRawConfig().server.next_port; + const maintenanceHost = config.getRawConfig().server.internal_hostname; + const browserGatewayUiUrl = `http://${maintenanceHost}:${maintenancePort}`; + const traefikConfig = await getTraefikConfig( currentExitNodeId, config.getRawConfig().traefik.site_types, build == "oss", // filter out the namespace domains in open source build != "oss", // generate the login pages on the cloud and and enterprise, config.getRawConfig().traefik.allow_raw_resources, - build != "oss" // generate browser gateway resources on cloud and enterprise + build != "oss", // generate maintenance page on cloud and enterprise + browserGatewayUiUrl ); if (traefikConfig?.http?.middlewares) {