diff --git a/docker/docker-compose.middleware.yaml b/docker/docker-compose.middleware.yaml index ab81fe779e..cc628ccdf5 100644 --- a/docker/docker-compose.middleware.yaml +++ b/docker/docker-compose.middleware.yaml @@ -140,11 +140,8 @@ services: restart: always volumes: - ./ssrf_proxy/squid.conf.template:/etc/squid/squid.conf.template + - ./ssrf_proxy/squid.conf.dev.template:/etc/squid/squid.conf.dev.template - ./ssrf_proxy/docker-entrypoint.sh:/docker-entrypoint-mount.sh - # DEVELOPMENT MODE: Mount dev configs that disable all SSRF protections - # WARNING: This configuration allows access to private networks! - # Only use this in development environments, never in production! - - ./ssrf_proxy/conf.d.dev:/etc/squid/conf.d:ro entrypoint: [ "sh", "-c", "cp /docker-entrypoint-mount.sh /docker-entrypoint.sh && sed -i 's/\r$$//' /docker-entrypoint.sh && chmod +x /docker-entrypoint.sh && /docker-entrypoint.sh" ] env_file: - ./middleware.env diff --git a/docker/middleware.env.example b/docker/middleware.env.example index 2eba62f594..36debb626c 100644 --- a/docker/middleware.env.example +++ b/docker/middleware.env.example @@ -64,6 +64,10 @@ SSRF_HTTP_PORT=3128 SSRF_COREDUMP_DIR=/var/spool/squid SSRF_REVERSE_PROXY_PORT=8194 SSRF_SANDBOX_HOST=sandbox +# Development mode switch - set to true to disable all SSRF protections +# WARNING: This allows access to localhost, private networks, and all ports! +# Only use this in development environments, NEVER in production! +SSRF_PROXY_DEV_MODE=false # ------------------------------ # Environment Variables for weaviate Service diff --git a/docker/ssrf_proxy/README.md b/docker/ssrf_proxy/README.md index d1f3bb3894..2ab71bbc08 100644 --- a/docker/ssrf_proxy/README.md +++ b/docker/ssrf_proxy/README.md @@ -105,30 +105,46 @@ Development mode provides a zero-configuration environment that: ### Using Development Mode -#### Option 1: Docker Compose Override (Recommended) +#### Option 1: Environment Variable (Recommended) -From the main Dify repository root: +Simply set the `SSRF_PROXY_DEV_MODE` environment variable to `true`: ```bash -# Use the development overlay with your existing docker-compose -docker-compose -f docker-compose.middleware.yaml -f docker/ssrf_proxy/docker-compose.dev.yaml up ssrf_proxy +# In your .env or middleware.env file +SSRF_PROXY_DEV_MODE=true + +# Then start normally +docker-compose -f docker-compose.middleware.yaml up ssrf_proxy ``` -#### Option 2: Manual Configuration +Or set it directly in docker-compose: -Mount the development configuration manually: +```yaml +services: + ssrf_proxy: + environment: + SSRF_PROXY_DEV_MODE: true +``` +**Important Note about Docker Networking:** + +When accessing services on your host machine from within Docker containers: +- Do NOT use `127.0.0.1` or `localhost` (these refer to the container itself) +- Instead use: + - `host.docker.internal:port` (recommended, works on Mac/Windows/Linux with Docker 20.10+) + - Your host machine's actual IP address + - On Linux: the Docker bridge gateway (usually `172.17.0.1`) + +Example: ```bash -docker run -d \ - --name ssrf-proxy-dev \ - -p 3128:3128 \ - -v ./docker/ssrf_proxy/squid.conf.template:/etc/squid/squid.conf.template:ro \ - -v ./docker/ssrf_proxy/docker-entrypoint.sh:/docker-entrypoint.sh:ro \ - -v ./docker/ssrf_proxy/conf.d.dev:/etc/squid/conf.d:ro \ - ubuntu/squid:latest +# Wrong (won't work from inside container): +http://127.0.0.1:1234 + +# Correct (will work): +http://host.docker.internal:1234 ``` -The development mode configuration is in `conf.d.dev/00-development-mode.conf`. +The development mode uses `squid.conf.dev.template` which allows all connections. ## Testing diff --git a/docker/ssrf_proxy/conf.d.dev/00-development-mode.conf b/docker/ssrf_proxy/conf.d.dev/00-development-mode.conf deleted file mode 100644 index 4d03e34e3d..0000000000 --- a/docker/ssrf_proxy/conf.d.dev/00-development-mode.conf +++ /dev/null @@ -1,22 +0,0 @@ -################################## DEVELOPMENT MODE CONFIGURATION ################################## -# WARNING: This configuration DISABLES all SSRF protections! -# Only use this in development environments. NEVER use in production! - -# Override all previous access rules and allow everything -# This must be placed early in the configuration to take precedence - -# Allow all ports (not just 80/443) -acl Dev_All_Ports port 1-65535 - -# Allow all connections including private networks -# This effectively bypasses all SSRF protections -http_access allow all - -# Additional development conveniences -# Allow cache manager access from any source (useful for debugging) -http_access allow manager - -# Log everything for debugging -debug_options ALL,1 - -# Note: Since we're allowing all, the deny rules in the main config won't be reached diff --git a/docker/ssrf_proxy/docker-compose.dev.yaml b/docker/ssrf_proxy/docker-compose.dev.yaml deleted file mode 100644 index a6371a0e71..0000000000 --- a/docker/ssrf_proxy/docker-compose.dev.yaml +++ /dev/null @@ -1,21 +0,0 @@ -# Development Mode Docker Compose Override -# WARNING: This configuration DISABLES all SSRF protections! -# Only use this in development environments, never in production! -# -# Usage (from main Dify repository): -# docker-compose -f docker-compose.middleware.yaml -f docker/ssrf_proxy/docker-compose.dev.yaml up -# -# This overlay modifies the ssrf_proxy service to mount development configurations -# that allow ALL requests including private networks and cloud metadata. - -version: '3.8' - -services: - ssrf_proxy: - volumes: - # Override the conf.d mount to use development configuration - - ./docker/ssrf_proxy/conf.d.dev:/etc/squid/conf.d:ro - environment: - # Optional: Add any development-specific environment variables - SQUID_DEV_MODE: "true" - container_name: dify-ssrf-proxy-dev diff --git a/docker/ssrf_proxy/docker-entrypoint.sh b/docker/ssrf_proxy/docker-entrypoint.sh index 613897bb7d..8be4eecb57 100755 --- a/docker/ssrf_proxy/docker-entrypoint.sh +++ b/docker/ssrf_proxy/docker-entrypoint.sh @@ -26,8 +26,26 @@ tail -F /var/log/squid/error.log 2>/dev/null & tail -F /var/log/squid/store.log 2>/dev/null & tail -F /var/log/squid/cache.log 2>/dev/null & +# Select the appropriate template based on DEV_MODE +echo "[ENTRYPOINT] SSRF_PROXY_DEV_MODE is set to: '${SSRF_PROXY_DEV_MODE}'" +if [ "${SSRF_PROXY_DEV_MODE}" = "true" ] || [ "${SSRF_PROXY_DEV_MODE}" = "True" ] || [ "${SSRF_PROXY_DEV_MODE}" = "TRUE" ] || [ "${SSRF_PROXY_DEV_MODE}" = "1" ]; then + echo "[ENTRYPOINT] WARNING: Development mode is ENABLED! All SSRF protections are DISABLED!" + echo "[ENTRYPOINT] This allows access to localhost, private networks, and all ports." + echo "[ENTRYPOINT] DO NOT USE IN PRODUCTION!" + TEMPLATE_FILE="/etc/squid/squid.conf.dev.template" +else + echo "[ENTRYPOINT] Using production configuration with SSRF protections enabled" + TEMPLATE_FILE="/etc/squid/squid.conf.template" +fi + +# Check if the selected template exists +if [ ! -f "$TEMPLATE_FILE" ]; then + echo "[ENTRYPOINT] ERROR: Template file $TEMPLATE_FILE not found" + exit 1 +fi + # Replace environment variables in the template and output to the squid.conf -echo "[ENTRYPOINT] replacing environment variables in the template" +echo "[ENTRYPOINT] replacing environment variables in the template: $TEMPLATE_FILE" awk '{ while(match($0, /\${[A-Za-z_][A-Za-z_0-9]*}/)) { var = substr($0, RSTART+2, RLENGTH-3) @@ -35,7 +53,24 @@ awk '{ $0 = substr($0, 1, RSTART-1) val substr($0, RSTART+RLENGTH) } print -}' /etc/squid/squid.conf.template > /etc/squid/squid.conf +}' "$TEMPLATE_FILE" > /etc/squid/squid.conf + +# Log first few lines of generated config for debugging +echo "[ENTRYPOINT] First 30 lines of generated squid.conf:" +head -n 30 /etc/squid/squid.conf + +# Create an empty conf.d directory if it doesn't exist +if [ ! -d /etc/squid/conf.d ]; then + echo "[ENTRYPOINT] creating /etc/squid/conf.d directory" + mkdir -p /etc/squid/conf.d +fi + +# If conf.d directory is empty, create a placeholder file to prevent include errors +# Only needed for production template which has the include directive +if [ "${SSRF_PROXY_DEV_MODE}" != "true" ] && [ -z "$(ls -A /etc/squid/conf.d/*.conf 2>/dev/null)" ]; then + echo "[ENTRYPOINT] conf.d directory is empty, creating placeholder" + echo "# Placeholder file to prevent include errors" > /etc/squid/conf.d/placeholder.conf +fi /usr/sbin/squid -Nz echo "[ENTRYPOINT] starting squid" diff --git a/docker/ssrf_proxy/squid.conf.dev.template b/docker/ssrf_proxy/squid.conf.dev.template index 5369fc8124..6ba2f4b3c2 100644 --- a/docker/ssrf_proxy/squid.conf.dev.template +++ b/docker/ssrf_proxy/squid.conf.dev.template @@ -1,47 +1,10 @@ ################################## DEVELOPMENT MODE CONFIGURATION ################################## # WARNING: This configuration DISABLES all SSRF protections! # Only use this in development environments. NEVER use in production! -# -# This is a special configuration for development that allows ALL requests -# including private networks, cloud metadata endpoints, and any ports. -################################## Allow Everything ################################## -# In development mode, we allow all connections without restrictions - -# Define ACLs but don't use them for blocking -acl private_networks dst 0.0.0.0/8 -acl private_networks dst 10.0.0.0/8 -acl private_networks dst 127.0.0.0/8 -acl private_networks dst 169.254.0.0/16 -acl private_networks dst 172.16.0.0/12 -acl private_networks dst 192.168.0.0/16 -acl localhost src 127.0.0.1/32 ::1 -acl SSL_ports port 443 -acl Safe_ports port 1-65535 # Allow ALL ports in dev mode -acl CONNECT method CONNECT - -################################## Access Control Rules ################################## -# DEVELOPMENT MODE: Allow everything! - -# Special rule for reverse proxy port (sandbox access) -acl reverse_proxy_port myport ${REVERSE_PROXY_PORT} -http_access allow reverse_proxy_port - -# Explicitly allow link-local addresses (169.254.0.0/16) -acl link_local dst 169.254.0.0/16 -http_access allow link_local - -# Explicitly allow localhost and loopback -http_access allow localhost - -# Explicitly allow all private networks -http_access allow private_networks - -# ALLOW ALL REQUESTS - Development mode bypasses all security +# Allow all requests - put this FIRST before any other rules http_access allow all -# Note: No deny rules in development mode - ################################## Proxy Server Configuration ################################## http_port ${HTTP_PORT} coredump_dir ${COREDUMP_DIR} @@ -64,4 +27,4 @@ cache_peer ${SANDBOX_HOST} parent ${SANDBOX_PORT} 0 no-query originserver client_request_buffer_max_size 100 MB # Debug logging for development -debug_options ALL,1 +debug_options ALL,1 \ No newline at end of file diff --git a/docker/ssrf_proxy/squid.conf.template b/docker/ssrf_proxy/squid.conf.template index 8847657e3a..ec5edb5859 100644 --- a/docker/ssrf_proxy/squid.conf.template +++ b/docker/ssrf_proxy/squid.conf.template @@ -61,6 +61,7 @@ http_access deny manager # User overrides in /etc/squid/conf.d/*.conf should be placed here # These can be used to add additional restrictions or allowances # Note: debian.conf may be present by default in the ubuntu/squid image +# The include directive uses a script to handle optional includes include /etc/squid/conf.d/*.conf # Allow all other requests (public internet resources)