Hybrid install mode done?

2026-02-10 20:02:26 +00:00 · 2025-08-20 12:40:21 -07:00
parent ad8ab63fd5
commit 8273554a1c
4 changed files with 140 additions and 100 deletions
--- a/install/config/config.yml
+++ b/install/config/config.yml
@@ -1,6 +1,15 @@
 # To see all available options, please visit the docs:
 # https://docs.digpangolin.com/self-host/advanced/config-file 

+gerbil:
+    start_port: 51820
+    base_endpoint: "{{.DashboardDomain}}"
+{{if .HybridMode}}
+hybrid:
+    id: "{{.HybridId}}"
+    secret: "{{.HybridSecret}}"
+  
+{{else}}
 app:
    dashboard_url: "https://{{.DashboardDomain}}"
    log_level: "info"
@@ -17,11 +26,6 @@ server:
        methods: ["GET", "POST", "PUT", "DELETE", "PATCH"]
        allowed_headers: ["X-CSRF-Token", "Content-Type"]
        credentials: false
-
-gerbil:
-    start_port: 51820
-    base_endpoint: "{{.DashboardDomain}}"
-
 {{if .EnableEmail}}
 email:
    smtp_host: "{{.EmailSMTPHost}}"
@@ -30,15 +34,9 @@ email:
    smtp_pass: "{{.EmailSMTPPass}}"
    no_reply: "{{.EmailNoReply}}"
 {{end}}
-
 flags:
    require_email_verification: {{.EnableEmail}}
    disable_signup_without_invite: true
    disable_user_create_org: false
    allow_raw_resources: true
-
-{{if and .HybridMode .HybridId .HybridSecret}}
-hybrid:
-    id: "{{.HybridId}}"
-    secret: "{{.HybridSecret}}"
 {{end}}
--- a/install/config/docker-compose.yml
+++ b/install/config/docker-compose.yml
@@ -6,6 +6,8 @@ services:
    restart: unless-stopped
    volumes:
      - ./config:/app/config
+      - pangolin-data:/var/certificates
+      - pangolin-data:/var/dynamic
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:3001/api/v1/"]
      interval: "10s"
@@ -31,8 +33,8 @@ services:
    ports:
      - 51820:51820/udp
      - 21820:21820/udp
-      - 443:443 # Port for traefik because of the network_mode
-      - 80:80 # Port for traefik because of the network_mode
+      - 443:{{if .HybridMode}}8443{{else}}443{{end}}
+      - 80:80
 {{end}}
  traefik:
    image: docker.io/traefik:v3.5
@@ -54,9 +56,15 @@ services:
      - ./config/traefik:/etc/traefik:ro # Volume to store the Traefik configuration
      - ./config/letsencrypt:/letsencrypt # Volume to store the Let's Encrypt certificates
      - ./config/traefik/logs:/var/log/traefik # Volume to store Traefik logs
+      # Shared volume for certificates and dynamic config in file mode 
+      - pangolin-data:/var/certificates:ro
+      - pangolin-data:/var/dynamic:ro

 networks:
  default:
    driver: bridge
    name: pangolin
 {{if .EnableIPv6}}    enable_ipv6: true{{end}}
+
+volumes:
+  pangolin-data:
--- a/install/config/traefik/traefik_config.yml
+++ b/install/config/traefik/traefik_config.yml
@@ -3,12 +3,17 @@ api:
  dashboard: true

 providers:
+{{if not .HybridMode}}
  http:
    endpoint: "http://pangolin:3001/api/v1/traefik-config"
    pollInterval: "5s"
  file:
    filename: "/etc/traefik/dynamic_config.yml"
-
+{{else}}
+  file:
+    directory: "/var/dynamic"
+    watch: true
+{{end}}
 experimental:
  plugins:
    badger:
@@ -22,7 +27,7 @@ log:
  maxBackups: 3
  maxAge: 3
  compress: true
-
+{{if not .HybridMode}}
 certificatesResolvers:
  letsencrypt:
    acme:
@@ -31,7 +36,7 @@ certificatesResolvers:
      email: "{{.LetsEncryptEmail}}"
      storage: "/letsencrypt/acme.json"
      caServer: "https://acme-v02.api.letsencrypt.org/directory"
-
+{{end}}
 entryPoints:
  web:
    address: ":80"
@@ -40,9 +45,12 @@ entryPoints:
    transport:
      respondingTimeouts:
        readTimeout: "30m"
-    http:
+{{if not .HybridMode}}    http:
      tls:
-        certResolver: "letsencrypt"
+        certResolver: "letsencrypt"{{end}}

 serversTransport:
  insecureSkipVerify: true
+
+ping:
+  entryPoint: "web"