fix: traefik issues

2026-02-06 23:15:22 +01:00
parent a31202f63b
commit 29d474a102
2 changed files with 27 additions and 4 deletions
--- a/.gitea/workflows/deploy.yml
+++ b/.gitea/workflows/deploy.yml
@@ -26,6 +26,9 @@ jobs:
      next_public_base_url: ${{ steps.determine.outputs.next_public_base_url }}
      directus_url:     ${{ steps.determine.outputs.directus_url }}
      directus_host:    ${{ steps.determine.outputs.directus_host }}
+      gatekeeper_host:  ${{ steps.determine.outputs.gatekeeper_host }}
+      traefik_rule:     ${{ steps.determine.outputs.traefik_rule }}
+      gatekeeper_rule:  ${{ steps.determine.outputs.gatekeeper_rule }}
      project_name:     ${{ steps.determine.outputs.project_name }}
    steps:
      - name: 🔍 Debug Info
@@ -74,6 +77,7 @@ jobs:
            IMAGE_TAG="testing-${SHORT_SHA}"
            ENV_FILE=".env.testing"
            TRAEFIK_HOST="testing.${DOMAIN_BASE}"
+            GATEKEEPER_HOST="gatekeeper.testing.${DOMAIN_BASE}"
            NEXT_PUBLIC_BASE_URL="https://testing.${DOMAIN_BASE}"
            DIRECTUS_URL="https://cms.testing.${DOMAIN_BASE}"
            DIRECTUS_HOST="cms.testing.${DOMAIN_BASE}"
@@ -82,7 +86,8 @@ jobs:
              TARGET="production"
              IMAGE_TAG="$REF_NAME"
              ENV_FILE=".env.prod"
-              TRAEFIK_HOST="${DOMAIN_BASE}, www.${DOMAIN_BASE}"
+              TRAEFIK_HOST="${DOMAIN_BASE}" # Primary domain
+              GATEKEEPER_HOST="gatekeeper.${DOMAIN_BASE}"
              NEXT_PUBLIC_BASE_URL="https://${DOMAIN_BASE}"
              DIRECTUS_URL="https://cms.${DOMAIN_BASE}"
              DIRECTUS_HOST="cms.${DOMAIN_BASE}"
@@ -91,6 +96,7 @@ jobs:
              IMAGE_TAG="$REF_NAME"
              ENV_FILE=".env.staging"
              TRAEFIK_HOST="staging.${DOMAIN_BASE}"
+              GATEKEEPER_HOST="gatekeeper.staging.${DOMAIN_BASE}"
              NEXT_PUBLIC_BASE_URL="https://staging.${DOMAIN_BASE}"
              DIRECTUS_URL="https://cms.staging.${DOMAIN_BASE}"
              DIRECTUS_HOST="cms.staging.${DOMAIN_BASE}"
@@ -103,6 +109,17 @@ jobs:
            echo "Ref type $REF_TYPE is not handled for deployment."
          fi

+          # Determine Rules based on target (if not skipped)
+          if [[ "$TARGET" != "skip" ]]; then
+            if [[ "$TARGET" == "production" ]]; then
+              TRAEFIK_RULE="Host(\`${DOMAIN_BASE}\`) || Host(\`www.${DOMAIN_BASE}\`)"
+              GATEKEEPER_RULE="(Host(\`${DOMAIN_BASE}\`) || Host(\`www.${DOMAIN_BASE}\`)) && PathPrefix(\`/gatekeeper\`) || Host(\`gatekeeper.${DOMAIN_BASE}\`)"
+            else
+              TRAEFIK_RULE="Host(\`${TRAEFIK_HOST}\`)"
+              GATEKEEPER_RULE="(Host(\`${TRAEFIK_HOST}\`) && PathPrefix(\`/gatekeeper\`)) || Host(\`gatekeeper.${TRAEFIK_HOST}\`)"
+            fi
+          fi
+
          echo "Target determined: $TARGET"
          echo "Image tag: $IMAGE_TAG"
          
@@ -110,6 +127,9 @@ jobs:
          echo "image_tag=$IMAGE_TAG" >> "$GITHUB_OUTPUT"
          echo "env_file=$ENV_FILE" >> "$GITHUB_OUTPUT"
          echo "traefik_host=$TRAEFIK_HOST" >> "$GITHUB_OUTPUT"
+          echo "traefik_rule=$TRAEFIK_RULE" >> "$GITHUB_OUTPUT"
+          echo "gatekeeper_rule=$GATEKEEPER_RULE" >> "$GITHUB_OUTPUT"
+          echo "gatekeeper_host=$GATEKEEPER_HOST" >> "$GITHUB_OUTPUT"
          echo "next_public_base_url=$NEXT_PUBLIC_BASE_URL" >> "$GITHUB_OUTPUT"
          echo "directus_url=$DIRECTUS_URL" >> "$GITHUB_OUTPUT"
          echo "directus_host=$DIRECTUS_HOST" >> "$GITHUB_OUTPUT"
@@ -206,6 +226,9 @@ jobs:
          ENV_FILE=${{ needs.prepare.outputs.env_file }}
          IMAGE_TAG=${{ needs.prepare.outputs.image_tag }}
          TRAEFIK_HOST=${{ needs.prepare.outputs.traefik_host }}
+          TRAEFIK_RULE=${{ needs.prepare.outputs.traefik_rule }}
+          GATEKEEPER_RULE=${{ needs.prepare.outputs.gatekeeper_rule }}
+          GATEKEEPER_HOST=${{ needs.prepare.outputs.gatekeeper_host }}
          PROJECT_NAME=${{ needs.prepare.outputs.project_name }}
          NEXT_PUBLIC_BASE_URL=${{ needs.prepare.outputs.next_public_base_url }}
          
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -8,7 +8,7 @@ services:
      - ${ENV_FILE:-.env}
    labels:
      - "traefik.enable=true"
-      - "traefik.http.routers.${PROJECT_NAME}.rule=Host(`${TRAEFIK_HOST:-mb-grid-solutions.localhost}`)"
+      - "traefik.http.routers.${PROJECT_NAME}.rule=${TRAEFIK_RULE:-Host(`${TRAEFIK_HOST:-mb-grid-solutions.localhost}`)}"
      - "traefik.http.routers.${PROJECT_NAME}.entrypoints=websecure"
      - "traefik.http.routers.${PROJECT_NAME}.tls.certresolver=le"
      - "traefik.http.routers.${PROJECT_NAME}.tls=true"
@@ -17,7 +17,7 @@ services:
      - "traefik.docker.network=infra"

      # Gatekeeper Router (Shared Host + dedicated Subdomain)
-      - "traefik.http.routers.${PROJECT_NAME}-gatekeeper.rule=(Host(`${TRAEFIK_HOST:-mb-grid-solutions.localhost}`) && PathPrefix(`/gatekeeper`)) || Host(`gatekeeper.${TRAEFIK_HOST:-mb-grid-solutions.localhost}`)"
+      - "traefik.http.routers.${PROJECT_NAME}-gatekeeper.rule=${GATEKEEPER_RULE:-(Host(`${TRAEFIK_HOST:-mb-grid-solutions.localhost}`) && PathPrefix(`/gatekeeper`)) || Host(`gatekeeper.${TRAEFIK_HOST:-mb-grid-solutions.localhost}`)}"
      - "traefik.http.routers.${PROJECT_NAME}-gatekeeper.entrypoints=websecure"
      - "traefik.http.routers.${PROJECT_NAME}-gatekeeper.tls.certresolver=le"
      - "traefik.http.routers.${PROJECT_NAME}-gatekeeper.tls=true"
@@ -46,7 +46,7 @@ services:
      AUTH_COOKIE_NAME: ${AUTH_COOKIE_NAME:-mintel_gatekeeper_session}
      GATEKEEPER_PASSWORD: ${GATEKEEPER_PASSWORD:-mintel}
      # Dedicated Base URL for Gatekeeper subdomain to prevent redirect loops
-      NEXT_PUBLIC_BASE_URL: https://gatekeeper.${TRAEFIK_HOST:-mb-grid-solutions.localhost}
+      NEXT_PUBLIC_BASE_URL: https://${GATEKEEPER_HOST:-gatekeeper.mb-grid-solutions.localhost}
    labels:
      - "traefik.enable=true"
      - "traefik.http.services.${PROJECT_NAME}-gatekeeper.loadbalancer.server.port=3000"