Merge pull request #512 from cytopia/varnish-ssl-offloading

Varnish SSL offloading with HAProxy
cytopia · Feb 28, 2019 · b92d990 · b92d990
2 parents b76a568 + d7a0cdb
commit b92d990
Show file tree

Hide file tree

Showing 9 changed files with 195 additions and 41 deletions.
diff --git a/.devilbox/www/config.php b/.devilbox/www/config.php
@@ -14,7 +14,7 @@
 
 
 $DEVILBOX_VERSION = 'v0.15';
-$DEVILBOX_DATE = '2019-02-23';
+$DEVILBOX_DATE = '2019-02-27';
 $DEVILBOX_API_PAGE = 'devilbox-api/status.json';
 
 //

diff --git a/.devilbox/www/htdocs/vhosts.php b/.devilbox/www/htdocs/vhosts.php
@@ -110,6 +110,14 @@ function updateStatus(vhost) {
 			 */
 			function checkDns(vhost) {
 				var xhttp = new XMLHttpRequest();
+				var proto;
+				var port;
+				var name = vhost + '.<?php echo loadClass('Httpd')->getTldSuffix();?>'
+
+				var url = window.location.href.split("/");
+				var tmp = url[2].split(":");
+				proto = url[0];
+				port = tmp.length == 2 ? ':' + tmp[1] : '';
 
 				// Timeout after XXX seconds and mark it invalid DNS
 				xhttp.timeout = <?php echo loadClass('Helper')->getEnv('DNS_CHECK_TIMEOUT');?>000;
@@ -125,12 +133,12 @@ function checkDns(vhost) {
 						if (el_valid.innerHTML != 'WARN') {
 							el_valid.innerHTML = 'OK';
 						}
-						el_href.innerHTML = '<a target="_blank" href="//'+vhost+'.<?php echo loadClass('Httpd')->getTldSuffix().loadClass('Httpd')->getPort();?>">'+vhost+'.<?php echo loadClass('Httpd')->getTldSuffix().loadClass('Httpd')->getPort();?></a>' + el_href.innerHTML;
+						el_href.innerHTML = '<a target="_blank" href="'+proto+'//'+name+port+'">'+name+port+'</a>' + el_href.innerHTML;
 					} else {
 						//console.log(vhost);
 					}
 				}
-				xhttp.open('POST', '//'+vhost+'.<?php echo loadClass('Httpd')->getTldSuffix().loadClass('Httpd')->getPort();?>/devilbox-api/status.json', true);
+				xhttp.open('POST', proto+'//'+name+port+'/devilbox-api/status.json', true);
 				xhttp.send();
 
 				// Timeout to abort in 1 second

diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -42,6 +42,7 @@ major versions.
     - RabbitMQ
     - Solr
     - Varnish
+    - HAProxy
 - New binaries
     - `blackfire`
     - `dep` (Deployer)

diff --git a/README.md b/README.md
@@ -5,7 +5,7 @@
 ![Devilbox](docs/img/banner.png)
 
 **[Usage](#usage)** |
-**[Available Container](#available-container)** |
+**[Architecture](#architecture)** |
 **[Community](#community)** |
 **[Features](#feature-overview)** |
 **[Intranet](#intranet-overview)** |
@@ -56,16 +56,39 @@ Before updating the Devilbox ensure to always check for breaking changes until t
 2. [Changelog](CHANGELOG.md)
 3. [Updating](UPDATING.md)
 
-## Available Container
+## Architecture
 
-The Devilbox ships the following pre-configured Docker container in any available version.
+The Devilbox aims to be a swiss army knife for local development by providing you all the services
+you would ever need. To get an idea about the architecture behind it and to also see what's available
+have a look at the following diagrams and tables.
 
-| Accel   | Frontend   | SQL        | NoSQL     | Queue & Search | ELK           | Misc      |
-|---------|------------|------------|-----------|----------------|---------------|-----------|
-| Varnish | Apache     | MariaDB    | Memcached | RabbitMQ       | ElasticSearch | Bind      |
-|         | Nginx      | MySQL      | MongoDB   | Solr           | Logstash      | Blackfire |
-|         | PHP        | PerconaDB  | Redis     |                | Kibana        | MailHog   |
-|         |            | PostgreSQL |           |                |               |           |
+#### Smallest Stack
+This is the smallest possible and fully functional stack you can run:
+
+<img width="300" style="width:300px" title="Devilbox stack" src="https://raw.githubusercontent.com/devilbox/artwork/master/submissions_diagrams/cytopia/02/png/architecture-small.png" />
+
+> [Devilbox artwork](https://github.com/devilbox/artwork)
+
+#### Full Stack
+To better understand what is actually possible have a look at the full example:
+
+<img title="Devilbox stack" src="https://raw.githubusercontent.com/devilbox/artwork/master/submissions_diagrams/cytopia/01/png/architecture-full.png" />
+
+> [Devilbox artwork](https://github.com/devilbox/artwork)
+
+#### Available Container
+
+The following table lists all integrated and pre-configured Docker container shipped by the Devilbox.
+Only the webserver and PHP container are mandatory, all others are optional and don't need to be started.
+
+Each of them is also available in multiple different versions in order to reflect your exact desired environment.
+
+| Accel   | Frontend   | SQL        | NoSQL     | Queue    | Search | ELK           | Utils     |
+|---------|------------|------------|-----------|----------|--------|---------------|-----------|
+| HAProxy | Apache     | MariaDB    | Memcached | RabbitMQ | Solr   | ElasticSearch | Bind      |
+| Varnish | Nginx      | MySQL      | MongoDB   |          |        | Logstash      | Blackfire |
+|         | PHP        | PerconaDB  | Redis     |          |        | Kibana        | MailHog   |
+|         |            | PostgreSQL |           |          |        |               |           |
 
 > **Documentation:**
 > [Available Container](https://devilbox.readthedocs.io/en/latest/readings/available-container.html)
@@ -342,6 +365,7 @@ Additionally to the default stack, there are a variety of other services that ca
    <th>MailHog</th>
    <th>RabbitMQ</th>
    <th>Solr</th>
+   <th>HAProxy</th>
    <th>Varnish</th>
   </tr>
  </thead>
@@ -352,6 +376,7 @@ Additionally to the default stack, there are a variety of other services that ca
    <td><a target="_blank" title="MailHog v1.0.0"   href="https://github.com/mailhog/MailHog">v1.0.0</a></td>
    <td><a target="_blank" title="RabbitMQ 3.6"     href="https://github.com/rabbitmq/rabbitmq-server">3.6</a></td>
    <td><a target="_blank" title="Solr 5"           href="https://github.com/apache/lucene-solr">5</a></td>
+   <td><a target="_blank" title="HAProxy 1.X"      href="https://github.com/devilbox/docker-haproxy">1.X</a></td>
    <td><a target="_blank" title="Varnish 4"        href="https://github.com/devilbox/docker-varnish">4</a></td>
   </tr>
   <tr>
@@ -360,6 +385,7 @@ Additionally to the default stack, there are a variety of other services that ca
    <td><a target="_blank" title="MailHog latest"   href="https://github.com/mailhog/MailHog">latest</a></td>
    <td><a target="_blank" title="RabbitMQ 3.7"     href="https://github.com/rabbitmq/rabbitmq-server">3.7</a></td>
    <td><a target="_blank" title="Solr 6"           href="https://github.com/apache/lucene-solr">6</a></td>
+   <td></td>
    <td><a target="_blank" title="Varnish 5"        href="https://github.com/devilbox/docker-varnish">5</a></td>
   </tr>
   <tr>
@@ -368,6 +394,7 @@ Additionally to the default stack, there are a variety of other services that ca
    <td></td>
    <td><a target="_blank" title="RabbitMQ latest"  href="https://github.com/rabbitmq/rabbitmq-server">latest</a></td>
    <td><a target="_blank" title="Solr 7"           href="https://github.com/apache/lucene-solr">7</a></td>
+   <td></td>
    <td><a target="_blank" title="Varnish 6"        href="https://github.com/devilbox/docker-varnish">6</a></td>
   </tr>
   <tr>
@@ -376,6 +403,7 @@ Additionally to the default stack, there are a variety of other services that ca
    <td></td>
    <td></td>
    <td><a target="_blank" title="Solr latest"      href="https://github.com/apache/lucene-solr">latest</a></td>
+   <td></td>
    <td><a target="_blank" title="Varnish latest"   href="https://github.com/devilbox/docker-varnish">latest</a></td>
   </tr>
  </tbody>

diff --git a/compose/docker-compose.override.yml-all b/compose/docker-compose.override.yml-all
@@ -90,7 +90,7 @@ services:
   # Varnish
   # -----------------------------------------------------------------------------------------------
   varnish:
-    image: devilbox/varnish:${VARNISH_SERVER:-6}
+    image: devilbox/varnish:${VARNISH_SERVER:-6}-0.3
     hostname: varnish
     ports:
       - "${LOCAL_LISTEN_ADDR}${HOST_PORT_VARNISH:-6081}:6081"
@@ -110,6 +110,31 @@ services:
       - php
       - httpd
 
+  haproxy:
+    image: devilbox/haproxy:0.2
+    hostname: haproxy
+    ports:
+      - "${LOCAL_LISTEN_ADDR}${HOST_PORT_HAPROXY:-8080}:80"
+      - "${LOCAL_LISTEN_ADDR}${HOST_PORT_HAPROXY_SSL:-8443}:443"
+    networks:
+      app_net:
+        ipv4_address: 172.16.238.231
+    environment:
+      - BACKEND_ADDR=varnish
+      - BACKEND_PORT=6081
+      - DEVILBOX_UI_SSL_CN
+      - TLD_SUFFIX
+    volumes:
+      # Certificate Authority public key
+      - ${DEVILBOX_PATH}/ca:/ca:rw${MOUNT_OPTIONS}
+      # Mount custom mass virtual hosting
+      - ${HOST_PATH_HTTPD_DATADIR}:/shared/httpd:rw${MOUNT_OPTIONS}
+    depends_on:
+      - bind
+      - php
+      - httpd
+      - varnish
+
   # -----------------------------------------------------------------------------------------------
   # ELK Stack
   # -----------------------------------------------------------------------------------------------

diff --git a/compose/docker-compose.override.yml-varnish b/compose/docker-compose.override.yml-varnish
@@ -7,7 +7,7 @@ services:
   # Varnish
   # -----------------------------------------------------------------------------------------------
   varnish:
-    image: devilbox/varnish:${VARNISH_SERVER:-6}
+    image: devilbox/varnish:${VARNISH_SERVER:-6}-0.3
     hostname: varnish
     ports:
       - "${LOCAL_LISTEN_ADDR}${HOST_PORT_VARNISH:-6081}:6081"
@@ -26,3 +26,28 @@ services:
       - bind
       - php
       - httpd
+
+  haproxy:
+    image: devilbox/haproxy:0.2
+    hostname: haproxy
+    ports:
+      - "${LOCAL_LISTEN_ADDR}${HOST_PORT_HAPROXY:-8080}:80"
+      - "${LOCAL_LISTEN_ADDR}${HOST_PORT_HAPROXY_SSL:-8443}:443"
+    networks:
+      app_net:
+        ipv4_address: 172.16.238.231
+    environment:
+      - BACKEND_ADDR=varnish
+      - BACKEND_PORT=6081
+      - DEVILBOX_UI_SSL_CN
+      - TLD_SUFFIX
+    volumes:
+      # Certificate Authority public key
+      - ${DEVILBOX_PATH}/ca:/ca:rw${MOUNT_OPTIONS}
+      # Mount custom mass virtual hosting
+      - ${HOST_PATH_HTTPD_DATADIR}:/shared/httpd:rw${MOUNT_OPTIONS}
+    depends_on:
+      - bind
+      - php
+      - httpd
+      - varnish
diff --git a/docs/_includes/snippets/additional-container.rst b/docs/_includes/snippets/additional-container.rst
@@ -1,19 +1,21 @@
-+---------------------------+-----------+-----------+----------------+
-| Container                 | Name      | Hostname  | IP Address     |
-+===========================+===========+===========+================+
-| Blackfire                 | blackfire | blackfire | 172.16.238.200 |
-+---------------------------+-----------+-----------+----------------+
-| MailHog                   | mailhog   | mailhog   | 172.16.238.201 |
-+---------------------------+-----------+-----------+----------------+
-| RabbitMQ                  | rabbit    | rabbit    | 172.16.238.210 |
-+---------------------------+-----------+-----------+----------------+
-| Solr                      | solr      | solr      | 172.16.238.220 |
-+---------------------------+-----------+-----------+----------------+
-| Varnish                   | varnish   | varnish   | 172.16.238.230 |
-+---------------------------+-----------+-----------+----------------+
-| ELK: Elastic Search       | elastic   | elastic   | 172.16.238.240 |
-+---------------------------+-----------+-----------+----------------+
-| ELK: Logstash             | logstash  | logstash  | 172.16.238.241 |
-+---------------------------+-----------+-----------+----------------+
-| ELK: Kibana               | kibana    | kibana    | 172.16.238.242 |
-+---------------------------+-----------+-----------+----------------+
++-------------------------------------+-----------+-----------+----------------+
+| Container                           | Name      | Hostname  | IP Address     |
++=====================================+===========+===========+================+
+| Blackfire                           | blackfire | blackfire | 172.16.238.200 |
++-------------------------------------+-----------+-----------+----------------+
+| MailHog                             | mailhog   | mailhog   | 172.16.238.201 |
++-------------------------------------+-----------+-----------+----------------+
+| RabbitMQ                            | rabbit    | rabbit    | 172.16.238.210 |
++-------------------------------------+-----------+-----------+----------------+
+| Solr                                | solr      | solr      | 172.16.238.220 |
++-------------------------------------+-----------+-----------+----------------+
+| Varnish                             | varnish   | varnish   | 172.16.238.230 |
++-------------------------------------+-----------+-----------+----------------+
+| HAProxy (SSL offloader for Varnish) | haproxy   | haproxy   | 172.16.238.231 |
++-------------------------------------+-----------+-----------+----------------+
+| ELK: Elastic Search                 | elastic   | elastic   | 172.16.238.240 |
++-------------------------------------+-----------+-----------+----------------+
+| ELK: Logstash                       | logstash  | logstash  | 172.16.238.241 |
++-------------------------------------+-----------+-----------+----------------+
+| ELK: Kibana                         | kibana    | kibana    | 172.16.238.242 |
++-------------------------------------+-----------+-----------+----------------+