rosslh/coolify
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix(database): prevent malformed URLs when server IP is empty

Browse source 
Add defensive null/empty checks in externalDbUrl() for all standalone database models to prevent "invalid proto:" errors when server IP is not available.

**Problem:**
When `$this->destination->server->getIp` returns null or empty string, database URLs become malformed (e.g., `mongodb://user:pass@:27017` with empty host), causing "invalid proto:" validation errors.

**Solution:**
Added early return with null check in externalDbUrl() method for all 8 database types:
- Check if server IP is empty before building URL
- Return null instead of generating malformed URL
- Maintains graceful degradation - UI handles null URLs appropriately

**Defense in Depth:**
While mount() guard (from commit 74c70b431) prevents most cases, this adds an additional safety layer for edge cases:
- Race conditions during server updates
- State changes between mount and URL access
- Direct model access bypassing Livewire lifecycle

**Affected Models:**
- StandaloneMongodb
- StandalonePostgresql
- StandaloneMysql
- StandaloneMariadb
- StandaloneClickhouse
- StandaloneRedis
- StandaloneKeydb
- StandaloneDragonfly

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
Andras Bacsai 2025-10-27 11:46:24 +01:00
parent 8458ad0283
commit 4cc668253e
10 changed files with 42 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
app/Models/StandaloneClickhouse.php
View file

@ -243,10 +243,14 @@ protected function externalDbUrl(): Attribute
return new Attribute(
get: function () {
if ($this->is_public && $this->public_port) {
$serverIp = $this->destination->server->getIp;
if (empty($serverIp)) {
return null;
}
$encodedUser = rawurlencode($this->clickhouse_admin_user);
$encodedPass = rawurlencode($this->clickhouse_admin_password);
return "clickhouse://{$encodedUser}:{$encodedPass}@{$this->destination->server->getIp}:{$this->public_port}/{$this->clickhouse_db}";
return "clickhouse://{$encodedUser}:{$encodedPass}@{$serverIp}:{$this->public_port}/{$this->clickhouse_db}";
}
return null;

6
app/Models/StandaloneDragonfly.php
View file

@ -249,9 +249,13 @@ protected function externalDbUrl(): Attribute
return new Attribute(
get: function () {
if ($this->is_public && $this->public_port) {
$serverIp = $this->destination->server->getIp;
if (empty($serverIp)) {
return null;
}
$scheme = $this->enable_ssl ? 'rediss' : 'redis';
$encodedPass = rawurlencode($this->dragonfly_password);
$url = "{$scheme}://:{$encodedPass}@{$this->destination->server->getIp}:{$this->public_port}/0";
$url = "{$scheme}://:{$encodedPass}@{$serverIp}:{$this->public_port}/0";
if ($this->enable_ssl && $this->ssl_mode === 'verify-ca') {
$url .= '?cacert=/etc/ssl/certs/coolify-ca.crt';

6
app/Models/StandaloneKeydb.php
View file

@ -249,9 +249,13 @@ protected function externalDbUrl(): Attribute
return new Attribute(
get: function () {
if ($this->is_public && $this->public_port) {
$serverIp = $this->destination->server->getIp;
if (empty($serverIp)) {
return null;
}
$scheme = $this->enable_ssl ? 'rediss' : 'redis';
$encodedPass = rawurlencode($this->keydb_password);
$url = "{$scheme}://:{$encodedPass}@{$this->destination->server->getIp}:{$this->public_port}/0";
$url = "{$scheme}://:{$encodedPass}@{$serverIp}:{$this->public_port}/0";
if ($this->enable_ssl && $this->ssl_mode === 'verify-ca') {
$url .= '?cacert=/etc/ssl/certs/coolify-ca.crt';

6
app/Models/StandaloneMariadb.php
View file

@ -239,10 +239,14 @@ protected function externalDbUrl(): Attribute
return new Attribute(
get: function () {
if ($this->is_public && $this->public_port) {
$serverIp = $this->destination->server->getIp;
if (empty($serverIp)) {
return null;
}
$encodedUser = rawurlencode($this->mariadb_user);
$encodedPass = rawurlencode($this->mariadb_password);
return "mysql://{$encodedUser}:{$encodedPass}@{$this->destination->server->getIp}:{$this->public_port}/{$this->mariadb_database}";
return "mysql://{$encodedUser}:{$encodedPass}@{$serverIp}:{$this->public_port}/{$this->mariadb_database}";
}
return null;

6
app/Models/StandaloneMongodb.php
View file

@ -269,9 +269,13 @@ protected function externalDbUrl(): Attribute
return new Attribute(
get: function () {
if ($this->is_public && $this->public_port) {
$serverIp = $this->destination->server->getIp;
if (empty($serverIp)) {
return null;
}
$encodedUser = rawurlencode($this->mongo_initdb_root_username);
$encodedPass = rawurlencode($this->mongo_initdb_root_password);
$url = "mongodb://{$encodedUser}:{$encodedPass}@{$this->destination->server->getIp}:{$this->public_port}/?directConnection=true";
$url = "mongodb://{$encodedUser}:{$encodedPass}@{$serverIp}:{$this->public_port}/?directConnection=true";
if ($this->enable_ssl) {
$url .= '&tls=true&tlsCAFile=/etc/mongo/certs/ca.pem';
if (in_array($this->ssl_mode, ['verify-full'])) {

6
app/Models/StandaloneMysql.php
View file

@ -251,9 +251,13 @@ protected function externalDbUrl(): Attribute
return new Attribute(
get: function () {
if ($this->is_public && $this->public_port) {
$serverIp = $this->destination->server->getIp;
if (empty($serverIp)) {
return null;
}
$encodedUser = rawurlencode($this->mysql_user);
$encodedPass = rawurlencode($this->mysql_password);
$url = "mysql://{$encodedUser}:{$encodedPass}@{$this->destination->server->getIp}:{$this->public_port}/{$this->mysql_database}";
$url = "mysql://{$encodedUser}:{$encodedPass}@{$serverIp}:{$this->public_port}/{$this->mysql_database}";
if ($this->enable_ssl) {
$url .= "?ssl-mode={$this->ssl_mode}";
if (in_array($this->ssl_mode, ['VERIFY_CA', 'VERIFY_IDENTITY'])) {

6
app/Models/StandalonePostgresql.php
View file

@ -246,9 +246,13 @@ protected function externalDbUrl(): Attribute
return new Attribute(
get: function () {
if ($this->is_public && $this->public_port) {
$serverIp = $this->destination->server->getIp;
if (empty($serverIp)) {
return null;
}
$encodedUser = rawurlencode($this->postgres_user);
$encodedPass = rawurlencode($this->postgres_password);
$url = "postgres://{$encodedUser}:{$encodedPass}@{$this->destination->server->getIp}:{$this->public_port}/{$this->postgres_db}";
$url = "postgres://{$encodedUser}:{$encodedPass}@{$serverIp}:{$this->public_port}/{$this->postgres_db}";
if ($this->enable_ssl) {
$url .= "?sslmode={$this->ssl_mode}";
if (in_array($this->ssl_mode, ['verify-ca', 'verify-full'])) {

6
app/Models/StandaloneRedis.php
View file

@ -253,11 +253,15 @@ protected function externalDbUrl(): Attribute
return new Attribute(
get: function () {
if ($this->is_public && $this->public_port) {
$serverIp = $this->destination->server->getIp;
if (empty($serverIp)) {
return null;
}
$redis_version = $this->getRedisVersion();
$username_part = version_compare($redis_version, '6.0', '>=') ? rawurlencode($this->redis_username).':' : '';
$encodedPass = rawurlencode($this->redis_password);
$scheme = $this->enable_ssl ? 'rediss' : 'redis';
$url = "{$scheme}://{$username_part}{$encodedPass}@{$this->destination->server->getIp}:{$this->public_port}/0";
$url = "{$scheme}://{$username_part}{$encodedPass}@{$serverIp}:{$this->public_port}/0";
if ($this->enable_ssl && $this->ssl_mode === 'verify-ca') {
$url .= '?cacert=/etc/ssl/certs/coolify-ca.crt';

2
templates/service-templates-latest.json
View file

@ -4527,7 +4527,7 @@
"web",
"admin"
],
"category": "vps",
"category": "vpn",
"logo": "svgs/wireguard.svg",
"minversion": "0.0.0",
"port": "8000"

2
templates/service-templates.json
View file

@ -4527,7 +4527,7 @@
"web",
"admin"
],
"category": "vps",
"category": "vpn",
"logo": "svgs/wireguard.svg",
"minversion": "0.0.0",
"port": "8000"