Actualizar config.json para TCP passthrough de agentes

- Agregar ambos dominios al certificado SSL (APP_DOMAIN y MESH_AGENTS_DOMAIN) - Configurar tlsPort: 443 para que MeshCentral escuche HTTPS - Cambiar TLSOffload a false para que MeshCentral maneje su propio SSL - Actualizar certUrl para apuntar al dominio de agentes - Agregar configuraciones adicionales: minify, localSessionRecording, allowedOrigin - Eliminar variable MESH_PORT no utilizada - Mejorar mensajes de deployment
2025-11-01 01:41:40 -06:00
parent 850830a766
commit 3a95ddb264
1 changed files with 16 additions and 7 deletions
--- a/.gitea/workflows/build-and-deploy.yml
+++ b/.gitea/workflows/build-and-deploy.yml
@@ -11,7 +11,6 @@ jobs:
      APP_NAME: ${{ vars.APP_NAME }}
      APP_DOMAIN: ${{ vars.APP_DOMAIN }}
      MESH_AGENTS_DOMAIN: ${{ vars.MESH_AGENTS_DOMAIN }}
-      MESH_PORT: ${{ vars.MESH_PORT }}
      # Authentik OIDC configuration
      AUTHENTIK_ISSUER: ${{ vars.AUTHENTIK_ISSUER }}
      AUTHENTIK_ISSUER_INTERNAL: ${{ vars.AUTHENTIK_ISSUER_INTERNAL }}
@@ -24,6 +23,7 @@ jobs:
        run: |
          echo "ℹ️  Deploying MeshCentral"
          echo "   Domain: ${{ vars.APP_DOMAIN }}"
+          echo "   Agents Domain: ${{ vars.MESH_AGENTS_DOMAIN }}"
          echo "   Container: ${{ vars.APP_NAME }}"
          echo "   Network: principal"

@@ -42,13 +42,18 @@ jobs:
        run: |
          tee /srv/meshcentral/data/config.json > /dev/null <<'EOF'
          {
+            "$schema": "https://raw.githubusercontent.com/Ylianst/MeshCentral/master/meshcentral-config-schema.json",
            "settings": {
-              "cert": "${{ vars.APP_DOMAIN }}",
-              "port": 80,
+              "plugins": {
+                "enabled": false
+              },
+              "cert": "${{ vars.APP_DOMAIN }},${{ vars.MESH_AGENTS_DOMAIN }}",
+              "port": 81,
              "aliasPort": 443,
-              "redirPort": 80,
+              "redirPort": 81,
+              "tlsPort": 443,
              "AgentPong": 300,
-              "TlsOffload": true,
+              "TLSOffload": false,
              "SelfUpdate": false,
              "AllowFraming": false,
              "WebRTC": true,
@@ -61,7 +66,10 @@ jobs:
                "title": "MeshCentral - Nucleo Rio Frio",
                "title2": "Remote Management Platform",
                "newAccounts": false,
-                "certUrl": "${{ vars.APP_DOMAIN }}",
+                "minify": false,
+                "localSessionRecording": true,
+                "allowedOrigin": false,
+                "certUrl": "https://${{ vars.MESH_AGENTS_DOMAIN }}:443",
                "geoLocation": true,
                "cookieIpCheck": false,
                "allowLoginToken": true,
@@ -108,4 +116,5 @@ jobs:
      - name: Deployment complete
        run: |
          echo "✅ MeshCentral deployed successfully"
-          echo "   Access at: https://${{ vars.APP_DOMAIN }}"
+          echo "   Web UI: https://${{ vars.APP_DOMAIN }}"
+          echo "   Agents: https://${{ vars.MESH_AGENTS_DOMAIN }}:443"