feat: rest of caddy path and domains

2026-02-25 14:30:47 +01:00 · 2026-02-25 14:30:47 +01:00 · d4bad260d1
parent 11ca8f626e
commit d4bad260d1
6 changed files with 106 additions and 5 deletions
--- a/core/caddy/Dockerfile
+++ b/core/caddy/Dockerfile
@ -1,5 +1,9 @@
 FROM alpine:3.21

-COPY config/ /caddyfiles/
+RUN apk add --no-cache wget unzip

-CMD ["sh", "-c", "cp -r /caddyfiles/. /etc/caddy/ && echo 'Caddyfiles copied.'"]
+COPY config/ /caddyfiles/
+COPY init.sh /init.sh
+RUN chmod +x /init.sh
+
+CMD ["/init.sh"]
--- a/core/caddy/compose.yml
+++ b/core/caddy/compose.yml
@ -3,8 +3,11 @@ services:
    container_name: caddy-init
    build:
      context: .
+    environment:
+      - DRAWIO_VERSION=29.5.2
    volumes:
      - caddy-caddyfiles:/etc/caddy
+      - caddy-diagrams:/srv/diagrams
    restart: "no"

  caddy:
@ -20,6 +23,7 @@ services:
      - caddy-caddyfiles:/etc/caddy
      - caddy-data:/data
      - caddy-config:/config
+      - caddy-diagrams:/srv/diagrams
    networks:
      - proxy

@ -28,6 +32,7 @@ volumes:
    name: caddy-caddyfiles
  caddy-data:
  caddy-config:
+  caddy-diagrams:

 networks:
  proxy:
--- a/core/caddy/config/sites/outils.caddy
+++ b/core/caddy/config/sites/outils.caddy
@ -27,4 +27,21 @@ http://outils.ft-chatons.local {
 	    templates
 	    respond `{{ .Req.URL.Path | trimPrefix "/" | b64dec }}`
 	}
+
+	basic_auth /secretpage {
+		# username "towel" password "poisson"
+		towel $2a$14$/cfdN3/kWYwiw/OeAtLcjOxj/NFZa3gUxqePMSoNh1VmoDzS1BP5S
+	} 
+	handle_path /secretpage {
+		respond "Welcome, {http.auth.user.id}" 200
+	}
+
+	handle_path /teapot {
+		respond "HTML Tea! Tea! Teapot!" 418
+	}
+}
+
+http://diagrams.ft-chatons.local {
+	root * /srv/diagrams
+	file_server
 }
--- a/core/caddy/init.sh
+++ b/core/caddy/init.sh
@ -0,0 +1,22 @@
+#!/bin/sh
+set -e
+
+cp -r /caddyfiles/. /etc/caddy/
+echo "Caddyfiles copied."
+
+if [ -z "$DRAWIO_VERSION" ]; then
+  echo "ERROR: DRAWIO_VERSION is not set"
+  exit 1
+fi
+
+echo "Downloading diagrams.net v${DRAWIO_VERSION}..."
+mkdir -p /srv/diagrams
+
+wget -v \
+  "https://github.com/jgraph/drawio/releases/download/v${DRAWIO_VERSION}/draw.war" \
+  -O /tmp/drawio.war
+
+echo "Extracting..."
+unzip -q /tmp/drawio.war -d /srv/diagrams/
+rm /tmp/drawio.war
+echo "Done."
--- a/core/tools/test-caddy
+++ b/core/tools/test-caddy
@ -60,10 +60,63 @@ test_endpoint() {
    return 0
 }

+test_endpoint_auth() {
+    local name="$1"
+    local url="$2"
+    local username="$3"
+    local password="$4"
+    local expected_code="$5"
+    local expected_body="$6"
+    local match_mode="${7:-exact}"
+
+    echo -n "Testing $name... "
+
+    local tmp
+    tmp=$(mktemp)
+
+    local curl_args=(-s -o "$tmp" -w "%{http_code}" -u "$username:$password" "$url")
+
+    local code
+    code=$(curl "${curl_args[@]}" 2>/dev/null || echo "000")
+
+    local body
+    body=$(cat "$tmp")
+    rm -f "$tmp"
+
+    if [ "$code" != "$expected_code" ]; then
+        echo -e "${RED}✗ FAIL${NC} (HTTP $code, expected $expected_code)"
+        echo "Response: $body"
+        return 1
+    fi
+
+    if [ -n "$expected_body" ]; then
+        if [ "$match_mode" = "regex" ]; then
+            if [[ ! "$body" =~ $expected_body ]]; then
+                echo -e "${RED}✗ FAIL${NC} (body mismatch)"
+                echo "Response: $body"
+                return 1
+            fi
+        else
+            if [ "$body" != "$expected_body" ]; then
+                echo -e "${RED}✗ FAIL${NC} (body mismatch)"
+                echo "Response: $body"
+                return 1
+            fi
+        fi
+    fi
+
+    echo -e "${GREEN}✓ OK${NC} (HTTP $code)"
+    return 0
+}
+
 test_endpoint "Health Check" "$DOMAIN_NAME/healthcheck" "200" "OK"
 test_endpoint "Date Check" "$DOMAIN_NAME/date" "200" "^[0-9]{4}-[0-9]{2}-[0-9]{2} [0-9]{2}:[0-9]{2}:[0-9]{2}$" "regex"
 test_endpoint "IP check" "$DOMAIN_NAME/ip" "200" "^[0-9]{1,3}(\.[0-9]{1,3}){3}$" "regex"
 test_endpoint "Encode base64" "$DOMAIN_NAME/b64/encode/test" "200" "dGVzdA=="
 test_endpoint "Decode base64" "$DOMAIN_NAME/b64/decode/dGVzdA==" "200" "test"
 test_endpoint "Hello Check" "$DOMAIN_NAME/hello/Chatons" "200" "Hello Chatons!"
+test_endpoint "Teapot Check" "$DOMAIN_NAME/teapot" "418" "HTML Tea! Tea! Teapot!"
+test_endpoint "Auth Check Unauthorized" "$DOMAIN_NAME/secretpage" "401" ""
+test_endpoint_auth "Auth Check Authorized" "$DOMAIN_NAME/secretpage" "towel" "poisson" "200" "Welcome, towel" "exact"
+test_endpoint_auth "Auth Check wrong password" "$DOMAIN_NAME/secretpage" "towel" "fakepassword" "401"
 test_endpoint "Root redirect" "$DOMAIN_NAME/" "200" "Hello world!" "exact" "true"
--- a/6
+++ b/6
@ -6,15 +6,15 @@ start container="":
 	docker compose -f core/{{container}}/compose.yml up -d

 ## Stop the compose of the param
-stop container="caddy":
+down container="caddy":
 	docker compose -f core/{{container}}/compose.yml down

 ## Restart all the compose
-re: stop
+re: down
  docker volume rm $(docker volume ls -q) || true
  docker system prune -af
  docker volume prune -f
  just start caddy

 tests:
-  bash core/tools/test-caddy
+  bash core/tools/test-caddy