references/dokploy
1
0
Fork 0
mirror of https://github.com/dokploy/dokploy.git synced 2026-06-14 03:19:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: add tls=true label for domains when certificateType is none (#4018) (#4474)

Browse Source 
* fix: add tls=true label for compose domains when certificateType is none (#4018)

* test: cover tls=true label for certificateType none, require https

* fix: scope tls fix to compose labels, leave traefik file config unchanged (#4018)
This commit is contained in:
Mauricio Siu
2026-05-22 17:11:05 -06:00
committed by GitHub
parent 34d38cf90e
commit 103e2f70a8
2 changed files with 49 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
apps/dokploy/__test__/compose/domain/labels.test.ts
+45
View File
@@ -103,6 +103,51 @@ describe("createDomainLabels", () => {
); );
}); });
it("should add tls=true for certificateType none on websecure entrypoint", async () => {
const noneDomain = {
...baseDomain,
https: true,
certificateType: "none" as const,
};
const labels = await createDomainLabels(appName, noneDomain, "websecure");
expect(labels).toContain(
"traefik.http.routers.test-app-1-websecure.tls=true",
);
// no cert resolver should be set when relying on a default/custom cert
expect(labels).not.toContain(
"traefik.http.routers.test-app-1-websecure.tls.certresolver=letsencrypt",
);
});
it("should not add tls=true for certificateType none on web entrypoint", async () => {
const noneDomain = {
...baseDomain,
https: true,
certificateType: "none" as const,
};
const labels = await createDomainLabels(appName, noneDomain, "web");
expect(labels).not.toContain(
"traefik.http.routers.test-app-1-web.tls=true",
);
});
it("should add tls=true for certificateType none on a custom https entrypoint", async () => {
const noneDomain = {
...baseDomain,
https: true,
customEntrypoint: "websecure-custom",
certificateType: "none" as const,
};
const labels = await createDomainLabels(
appName,
noneDomain,
"websecure-custom",
);
expect(labels).toContain(
"traefik.http.routers.test-app-1-websecure-custom.tls=true",
);
});
it("should handle different ports correctly", async () => { it("should handle different ports correctly", async () => {
const customPortDomain = { ...baseDomain, port: 3000 }; const customPortDomain = { ...baseDomain, port: 3000 };
const labels = await createDomainLabels(appName, customPortDomain, "web"); const labels = await createDomainLabels(appName, customPortDomain, "web");
packages/server/src/utils/docker/domain.ts
+4
View File
@@ -337,6 +337,10 @@ export const createDomainLabels = (
labels.push( labels.push(
`traefik.http.routers.${routerName}.tls.certresolver=${customCertResolver}`, `traefik.http.routers.${routerName}.tls.certresolver=${customCertResolver}`,
); );
} else if (certificateType === "none" && https) {
// No cert resolver, but HTTPS is enabled (default/custom certificate):
// explicitly enable TLS so Traefik serves the router over HTTPS.
labels.push(`traefik.http.routers.${routerName}.tls=true`);
} }
} }