Skip to content

use a shared config dir for proxy, to reduce the need to download certs over and over #52

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
orangewolf wants to merge 1 commit into
base: main
Choose a base branch
from
Open

use a shared config dir for proxy, to reduce the need to download certs over and over #52

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
30 changes: 20 additions & 10 deletions lib/stack_car/proxy.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,25 +24,27 @@ def down
def cert
say("Downloading certificate package...")

unless File.exist?("#{config_dir}/localhost.direct.SS.crt") && File.exist?("#{config_dir}/localhost.direct.SS.key")
IO.copy_stream(URI.open(download_url), output_file)
say("Download complete.")
unzip_file
say("Download complete.")
unzip_file
end

if Os.macos?
run("sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain #{proxy_dir}/localhost.direct.SS.crt")
run("sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain #{config_dir}/localhost.direct.SS.crt")
elsif Os.ubuntu?
run("sudo cp #{proxy_dir}/localhost.direct.SS.crt /usr/local/share/ca-certificates/localhost.direct.SS.crt")
run("sudo cp #{config_dir}/localhost.direct.SS.crt /usr/local/share/ca-certificates/localhost.direct.SS.crt")
run("sudo update-ca-certificates")
elsif Os.wsl?
say("\n\n\nFor WSL, you need to add the certificate to Windows certificate store:\n")
say("1. Copy the certificate to a Windows-accessible location:\n")
run("cp #{proxy_dir}/localhost.direct.SS.crt /mnt/c/temp/localhost.direct.SS.crt")
run("cp #{config_dir}/localhost.direct.SS.crt /mnt/c/temp/localhost.direct.SS.crt")
say("\n2. Now run this Windows command to import the certificate (requires admin rights):\n")
run("powershell.exe -Command \"Start-Process powershell -Verb RunAs -ArgumentList '-Command Import-Certificate -FilePath C:\\temp\\localhost.direct.SS.crt -CertStoreLocation Cert:\\LocalMachine\\Root'\"")
say("\n3. Then restart your browser to apply the changes\n\n")
else
say("\n\n\nPlease figure out how to add a certificate to your system, then open a PR for your OS/Distro")
say("Files are located #{ENV['PWD']}/proxy/localhost.direct.SS.crt and #{ENV['PWD']}/proxy/localhost.direct.SS.key\n\n\n")
say("Files are located #{config_dir}/localhost.direct.SS.crt and #{config_dir}/localhost.direct.SS.key\n\n\n")
exit(1)
end
end
Expand All @@ -52,8 +54,8 @@ def cert
def unzip_file
say("\n\n\nEnter the password found https://github.com/Upinel/localhost.direct?tab=readme-ov-file#a-non-public-ca-certificate-if-you-have-admin-right-on-your-development-environment-you-can-use-the-following-10-years-long-pre-generated-self-signed-certificate\n\n\n")
password = ask('[Required] Enter the unzip password::')
zip_file = "#{proxy_dir}/localhost-ss"
Archive::Zip.extract(zip_file, proxy_dir, :password => password)
zip_file = "#{config_dir}/localhost-ss"
Archive::Zip.extract(zip_file, config_dir, :password => password)
say("Successfully unzipped certificate files.")
rescue Zlib::DataError
say("Incorrect password. Please try again.")
Expand All @@ -62,12 +64,20 @@ def unzip_file

def set_proxy_env
ENV['DOCKER_SOCKET'] ||= "/var/run/docker.sock"
unless File.exist?("#{HammerOfTheGods.gem_root}/proxy/localhost.direct.SS.crt")
unless File.exist?("#{config_dir}/localhost.direct.SS.crt")
say("you must run proxy cert once after installing this gem before using the proxy")
exit(1)
end
end

def config_dir
@config_dir ||= begin
dir = File.expand_path("~/.config/stack_car")
FileUtils.mkdir_p(dir) unless Dir.exist?(dir)
dir
end
end

def proxy_dir
@proxy_dir ||= "#{HammerOfTheGods.gem_root}/proxy"
end
Expand All @@ -77,7 +87,7 @@ def download_url
end

def output_file
@output_file ||= File.join(proxy_dir, "localhost-ss")
@output_file ||= File.join(config_dir, "localhost-ss")
end
end
end
2 changes: 1 addition & 1 deletion lib/stack_car/version.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# frozen_string_literal: true

module StackCar
VERSION = '0.23.0'
VERSION = '0.24.0'
end
4 changes: 2 additions & 2 deletions proxy/compose.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,8 +8,8 @@ services:
volumes:
- "${DOCKER_SOCKET}:/var/run/docker.sock:ro"
- ./traefik.yml:/etc/traefik/traefik.yml
- ./localhost.direct.SS.crt:/etc/traefik/cert.pem
- ./localhost.direct.SS.key:/etc/traefik/key.pem
- ${HOME}/.config/stack_car/localhost.direct.SS.crt:/etc/traefik/cert.pem
- ${HOME}/.config/stack_car/localhost.direct.SS.key:/etc/traefik/key.pem
labels:
- traefik.enable=true
- traefik.http.routers.router.rule=Host(`traefik.localhost.direct`)
Expand Down