starred/certimate
1
0
Fork 0
mirror of https://github.com/certimate-go/certimate.git synced 2026-04-26 05:05:56 +03:00
Code Issues 52 Projects Releases 5 Packages Wiki Activity

[PR #1010] [CLOSED] feat: Add Support of Docker Host as the Provider #1103

New issue
Closed
opened 2026-03-03 01:07:42 +03:00 by kerem · 0 comments
kerem commented 2026-03-03 01:07:42 +03:00
Owner
Copy link

📋 Pull Request Information

Original PR: https://github.com/certimate-go/certimate/pull/1010
Author: @Masterain98
Created: 10/27/2025
Status: Closed

Base: mainHead: docker-host-support

📝 Commits (2)

  • bf88c28 Add Docker Host Provider Support
  • 3c4c002 Update Compatibility on Docker Host Provider

📊 Changes

25 files changed (+564 additions, -99 deletions)

View changed files

📝 docker/docker-compose.yml (+2 -0)
📝 internal/certapply/applicators/sp_ssh.go (+38 -33)
📝 internal/certdeploy/deployers/sp_ssh.go (+48 -43)
📝 internal/domain/provider.go (+5 -2)
internal/rest/handlers/system.go (+35 -0)
📝 internal/rest/routes/routes.go (+4 -0)
internal/system/environment.go (+35 -0)
internal/system/environment_test.go (+50 -0)
pkg/utils/netutil/dockerhost.go (+54 -0)
pkg/utils/netutil/dockerhost_test.go (+65 -0)
ui/public/imgs/providers/docker.svg (+16 -0)
ui/src/api/system.ts (+19 -0)
📝 ui/src/components/access/AccessForm.tsx (+13 -2)
ui/src/components/access/forms/AccessConfigFieldsProviderDockerHost.tsx (+48 -0)
📝 ui/src/components/access/forms/AccessConfigFieldsProviderSSH.tsx (+20 -8)
📝 ui/src/components/provider/AccessProviderPicker.tsx (+23 -6)
📝 ui/src/components/provider/AccessProviderSelect.tsx (+11 -3)
📝 ui/src/components/provider/_shared.ts (+2 -0)
📝 ui/src/components/workflow/designer/forms/BizApplyNodeConfigForm.tsx (+3 -0)
📝 ui/src/domain/provider.ts (+6 -0)

...and 5 more files

📄 Description

📚 新增和改变

在授权凭据的提供商中增加了一个 Docker 宿主机,允许那些通过 Docker 运行 Certimate 的用户以 SSH 的方式更加方便地连接到 Docker 宿主机。本质仍然是 SSH 连接,但允许那些不熟悉 Docker 的用户更容易使用。

在使用 Dokcer 运行的时候需要增加 add-host 参数:

docker build -t certimate:dev .
docker run -p 8090:8090 --add-host=host.docker.internal:host-gateway certimate:dev

同样,在 docker-compose.yml 配置文件中增加 extra_hosts 也可以使该改变生效:

version: "3.0"
services:
  certimate:
    image: certimate/certimate:latest
    container_name: certimate
    ports:
      - 8090:8090
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /etc/timezone:/etc/timezone:ro
      - ./data:/app/pb_data
    restart: unless-stopped
    extra_hosts:
      - "host.docker.internal:host-gateway"

动机

  1. 虽然可以通过目录挂载的方式将宿主机上的目录挂载到 certimate 容器上,但如果宿主机上还运行着 nginx 服务器,则还是得连接上去执行 service nginx reload 之类的命令。所以目录挂载有用,但相比 SSH 作用有限。
  2. 使用 docker compose 运行包括 certimate 在内的程序是我的习惯,除非特别指定,否则 Docker 会为这个 stack 创建一个单独的网络,当需要从容器内连接到宿主机时,得先查一下容器的 IP 段才行。
  3. 对于不熟悉 Docker 的用户(比如 #923 的作者),这是或许是一个更容易的部署方式。

👩‍💻 截图

对于 Docker 容器环境

image image image

对于非 Docker 环境

image image
Copilot Summary This pull request introduces support for Docker host access as a provider, enabling the system to detect and utilize the Docker host address for certificate deployment and management. It also adds backend and frontend mechanisms for environment detection and improves the user experience by auto-filling Docker host information in relevant forms. The changes span backend service registration, environment detection utilities, API endpoints, and UI integration.

Backend: Docker Host Provider Support

  • Added new provider types for Docker Host in internal/domain/provider.go and registered them in both certificate application and deployment workflows, allowing Docker Host to be used similarly to SSH for ACME challenges and deployments. [1] [2] [3] [4] [5] [6] [7]

Backend: Environment Detection and API

  • Implemented a utility (pkg/utils/netutil/dockerhost.go) to resolve the Docker host address, with tests for various scenarios. [1] [2]
  • Added a new EnvironmentService and REST handler to expose environment information (specifically Docker host reachability and address) via /api/system/environment. [1] [2] [3] [4] [5] [6]

Frontend: Environment Awareness and Docker Host Integration

  • Created a frontend API call to fetch environment information and a Zustand store to manage it.
  • Updated the access form to fetch environment info on mount, and integrated a new AccessConfigFieldsProviderDockerHost component that auto-fills the Docker host address if available. [1] [2] [3] [4] [5] [6]
  • Enhanced the SSH access config form to allow disabling the host field and hiding jump servers, supporting `the Docker Host use case. [1] [2] [3]

Infrastructure: Docker Compose

  • Updated the Docker Compose configuration to ensure the container can resolve host.docker.internal, improving Docker host detection reliability.

🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/certimate-go/certimate/pull/1010 **Author:** [@Masterain98](https://github.com/Masterain98) **Created:** 10/27/2025 **Status:** ❌ Closed **Base:** `main` ← **Head:** `docker-host-support` --- ### 📝 Commits (2) - [`bf88c28`](https://github.com/certimate-go/certimate/commit/bf88c28a319a419879f013182e7c639315e21a86) Add Docker Host Provider Support - [`3c4c002`](https://github.com/certimate-go/certimate/commit/3c4c002505cd8d6b47ea6843360948c9e424596f) Update Compatibility on Docker Host Provider ### 📊 Changes **25 files changed** (+564 additions, -99 deletions) <details> <summary>View changed files</summary> 📝 `docker/docker-compose.yml` (+2 -0) 📝 `internal/certapply/applicators/sp_ssh.go` (+38 -33) 📝 `internal/certdeploy/deployers/sp_ssh.go` (+48 -43) 📝 `internal/domain/provider.go` (+5 -2) ➕ `internal/rest/handlers/system.go` (+35 -0) 📝 `internal/rest/routes/routes.go` (+4 -0) ➕ `internal/system/environment.go` (+35 -0) ➕ `internal/system/environment_test.go` (+50 -0) ➕ `pkg/utils/netutil/dockerhost.go` (+54 -0) ➕ `pkg/utils/netutil/dockerhost_test.go` (+65 -0) ➕ `ui/public/imgs/providers/docker.svg` (+16 -0) ➕ `ui/src/api/system.ts` (+19 -0) 📝 `ui/src/components/access/AccessForm.tsx` (+13 -2) ➕ `ui/src/components/access/forms/AccessConfigFieldsProviderDockerHost.tsx` (+48 -0) 📝 `ui/src/components/access/forms/AccessConfigFieldsProviderSSH.tsx` (+20 -8) 📝 `ui/src/components/provider/AccessProviderPicker.tsx` (+23 -6) 📝 `ui/src/components/provider/AccessProviderSelect.tsx` (+11 -3) 📝 `ui/src/components/provider/_shared.ts` (+2 -0) 📝 `ui/src/components/workflow/designer/forms/BizApplyNodeConfigForm.tsx` (+3 -0) 📝 `ui/src/domain/provider.ts` (+6 -0) _...and 5 more files_ </details> ### 📄 Description ## 📚 新增和改变 在授权凭据的提供商中增加了一个 `Docker 宿主机`,允许那些通过 Docker 运行 Certimate 的用户以 SSH 的方式更加方便地连接到 Docker 宿主机。本质仍然是 SSH 连接,但允许那些不熟悉 Docker 的用户更容易使用。 在使用 Dokcer 运行的时候需要增加 `add-host` 参数: ```bash docker build -t certimate:dev . docker run -p 8090:8090 --add-host=host.docker.internal:host-gateway certimate:dev ``` 同样,在 `docker-compose.yml` 配置文件中增加 `extra_hosts` 也可以使该改变生效: ```yaml version: "3.0" services: certimate: image: certimate/certimate:latest container_name: certimate ports: - 8090:8090 volumes: - /etc/localtime:/etc/localtime:ro - /etc/timezone:/etc/timezone:ro - ./data:/app/pb_data restart: unless-stopped extra_hosts: - "host.docker.internal:host-gateway" ``` ## ✨动机 1. 虽然可以通过目录挂载的方式将宿主机上的目录挂载到 certimate 容器上,但如果宿主机上还运行着 nginx 服务器,则还是得连接上去执行 `service nginx reload` 之类的命令。所以目录挂载有用,但相比 SSH 作用有限。 2. 使用 docker compose 运行包括 certimate 在内的程序是我的习惯,除非特别指定,否则 Docker 会为这个 stack 创建一个单独的网络,当需要从容器内连接到宿主机时,得先查一下容器的 IP 段才行。 3. 对于不熟悉 Docker 的用户(比如 #923 的作者),这是或许是一个更容易的部署方式。 ## 👩‍💻 截图 ### 对于 Docker 容器环境 <img width="1860" height="666" alt="image" src="https://github.com/user-attachments/assets/ff0c0ee1-612c-4d23-8c32-466a61981574" /> <img width="1543" height="1285" alt="image" src="https://github.com/user-attachments/assets/7087d4c8-b553-4662-87c9-3d756c6ca852" /> <img width="1044" height="559" alt="image" src="https://github.com/user-attachments/assets/65bb9670-839c-4d6a-80ea-242bde011cfd" /> ### 对于非 Docker 环境 <img width="1858" height="883" alt="image" src="https://github.com/user-attachments/assets/b8205789-6fd2-4b47-939e-bf9b70c46821" /> <img width="1039" height="671" alt="image" src="https://github.com/user-attachments/assets/c871be58-314e-4522-862e-76ff8cd46be8" /> --- <details> <summary><b>Copilot Summary</b></summary> This pull request introduces support for Docker host access as a provider, enabling the system to detect and utilize the Docker host address for certificate deployment and management. It also adds backend and frontend mechanisms for environment detection and improves the user experience by auto-filling Docker host information in relevant forms. The changes span backend service registration, environment detection utilities, API endpoints, and UI integration. **Backend: Docker Host Provider Support** - Added new provider types for Docker Host in `internal/domain/provider.go` and registered them in both certificate application and deployment workflows, allowing Docker Host to be used similarly to SSH for ACME challenges and deployments. [[1]](diffhunk://#diff-700d758db0455e00e33467ac86514d26f227a9a367274ab499cf0020d348cfedR42) [[2]](diffhunk://#diff-700d758db0455e00e33467ac86514d26f227a9a367274ab499cf0020d348cfedR211) [[3]](diffhunk://#diff-700d758db0455e00e33467ac86514d26f227a9a367274ab499cf0020d348cfedR295) [[4]](diffhunk://#diff-d7853d8730a2bf8cb1a26530ae37921aa0044581fc132e91449ca53dd284c580L14-R15) [[5]](diffhunk://#diff-d7853d8730a2bf8cb1a26530ae37921aa0044581fc132e91449ca53dd284c580R53-R56) [[6]](diffhunk://#diff-6bbe078c4d8aea686d327c2165c17433430aa73512d70f98e8394f6dc532adcbL13-R14) [[7]](diffhunk://#diff-6bbe078c4d8aea686d327c2165c17433430aa73512d70f98e8394f6dc532adcbR62-R65) **Backend: Environment Detection and API** - Implemented a utility (`pkg/utils/netutil/dockerhost.go`) to resolve the Docker host address, with tests for various scenarios. [[1]](diffhunk://#diff-e430c8297c6cb643edd653d875dc2f72458e3c243087440023ef846dbbf15f4bR1-R54) [[2]](diffhunk://#diff-0e1eeae99092dfa9a35326dd78ebb14ef065abdf291cb4f2de1bc3de0e967a05R1-R65) - Added a new `EnvironmentService` and REST handler to expose environment information (specifically Docker host reachability and address) via `/api/system/environment`. [[1]](diffhunk://#diff-ba1b6bf1b35f131fba942a36fdafabf3fcfc43d45bcd5389fd866666398ecebeR1-R35) [[2]](diffhunk://#diff-14e59fa129696a0ccb8bb440b07940e98f08db39b82a17a6178e5df9792113c0R1-R35) [[3]](diffhunk://#diff-af17e316b40263fc7b3f77205fb9c0b7c92896522999dd804e8fea9200ef918aR1-R50) [[4]](diffhunk://#diff-75c8caa00d8fd1b02f42f2f49b0369db785e42d79ee45adfd1e19c88a2639270R15) [[5]](diffhunk://#diff-75c8caa00d8fd1b02f42f2f49b0369db785e42d79ee45adfd1e19c88a2639270R24) [[6]](diffhunk://#diff-75c8caa00d8fd1b02f42f2f49b0369db785e42d79ee45adfd1e19c88a2639270R39-R46) **Frontend: Environment Awareness and Docker Host Integration** - Created a frontend API call to fetch environment information and a Zustand store to manage it. - Updated the access form to fetch environment info on mount, and integrated a new `AccessConfigFieldsProviderDockerHost` component that auto-fills the Docker host address if available. [[1]](diffhunk://#diff-13f3c8d95d4ade97664fb8c81d18892d55281602a85ae6afbb6dc2cefeda77a6L1-R1) [[2]](diffhunk://#diff-13f3c8d95d4ade97664fb8c81d18892d55281602a85ae6afbb6dc2cefeda77a6L10-R11) [[3]](diffhunk://#diff-13f3c8d95d4ade97664fb8c81d18892d55281602a85ae6afbb6dc2cefeda77a6R47) [[4]](diffhunk://#diff-13f3c8d95d4ade97664fb8c81d18892d55281602a85ae6afbb6dc2cefeda77a6R135-R140) [[5]](diffhunk://#diff-13f3c8d95d4ade97664fb8c81d18892d55281602a85ae6afbb6dc2cefeda77a6R364-R366) [[6]](diffhunk://#diff-305905fb7883cc27eb401badf9eb8dac8e49c0f90c60985e67636c056e24fc38R1-R48) - Enhanced the SSH access config form to allow disabling the host field and hiding jump servers, supporting `the Docker Host use case. [[1]](diffhunk://#diff-405ada8b1aafce296ae405286572e9a5f680983c86a44197cfd0221954c1053fL18-R26) [[2]](diffhunk://#diff-405ada8b1aafce296ae405286572e9a5f680983c86a44197cfd0221954c1053fL27-R35) [[3]](diffhunk://#diff-405ada8b1aafce296ae405286572e9a5f680983c86a44197cfd0221954c1053fL37-R45) **Infrastructure: Docker Compose** - Updated the Docker Compose configuration to ensure the container can resolve `host.docker.internal`, improving Docker host detection reliability. <details> --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
kerem 2026-03-03 01:07:42 +03:00
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
next
archive/v0.3
archive/v0.2
v0.4.21
v0.4.20
v0.4.19
v0.4.18
v0.4.17
v0.4.16
v0.4.15
v0.4.14
v0.4.13
v0.4.12
v0.4.11
v0.4.10
v0.4.9
v0.4.8
v0.4.7
v0.4.6
v0.4.5
v0.4.4
v0.4.3
v0.4.2
v0.4.1
v0.4.0
v0.3.27
v0.3.26
v0.3.25
v0.3.24
v0.3.23
v0.3.22
v0.3.21
v0.3.20
v0.3.19
v0.3.18
v0.3.17
v0.3.16
v0.3.15
v0.3.14
v0.3.13
v0.3.12
v0.3.11
v0.3.10
v0.3.9
v0.3.8
v0.3.7
v0.3.6
v0.3.5
v0.3.4
v0.3.3
v0.3.2
v0.3.1
v0.3.0
v0.2.24-beta
v0.2.23-beta
v0.2.21
v0.2.20
v0.2.19
v0.2.18
v0.2.17
v0.2.16
v0.2.15
v0.2.14
v0.2.13
v0.2.12
v0.2.11
v0.2.10
v0.2.9
v0.2.8
v0.2.7
v0.2.6
v0.2.5
v0.2.4
v0.2.3
v0.2.2
v0.2.1
v0.2.0
v0.1.19
v0.1.18
v0.1.17
v0.1.16
v0.1.15
v0.1.14
v0.1.13
v0.1.12
v0.1.11
v0.1.10
v0.1.9
v0.1.8
v0.1.7
v0.1.6
v0.1.5
v0.1.4
v0.1.3
v0.1.2
v0.1.1
v0.1.0
v0.0.1
Labels
Clear labels   
announcement

   
backlog

   
bug

   
declined

   
documentation

   
duplicate

   
enhancement

   
good first issue

   
good first issue

   
help wanted

   
invalid

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
stale
No labels
announcement
backlog
bug
declined
documentation
duplicate
enhancement
good first issue
good first issue
help wanted
invalid
pull-request
question
stale
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/certimate#1103
No description provided.