dokku · josegonzalez · Dec 27, 2022 · Dec 27, 2022 · Dec 27, 2022 · Dec 28, 2022
diff --git a/docs/appendices/0.30.0-migration-guide.md b/docs/appendices/0.30.0-migration-guide.md
@@ -1,5 +1,10 @@
 # 0.30.0 Migration Guide
 
+## Changes
+
+- The `port` management commands from the `proxy` plugin have been moved to a new `ports` plugin.
+- The `proxy-configure-ports` plugin trigger was renamed to `ports-configure`.
+
 ## Removals
 
 - Support for [SPDY](https://en.wikipedia.org/wiki/SPDY) has been removed. No major browser supports it as of 2021. Custom `nginx.conf.sigil` templates referencing spdy-related variables will continue to build until the 1.0.0 release.
@@ -10,3 +15,7 @@
     - `post-release-dockerfile`
     - `post-release-pack`
 - The ability to call `logs:failed` without specifying an app or `--all` flag has been removed. This was deprecated in 0.22.0. Please see the [logs:failed](/docs/deployment/logs.md#failed-deploy-logs).
+- `proxy#is_app_proxy_enabled()` is removed in favor of `plugn trigger proxy-is-enabled`.
+- `proxy#get_app_proxy_type()` is removed in favor of `plugn trigger proxy-type`.
+- The `DOKKU_NGINX_PORT` env var is no longer migrated to `DOKKU_PROXY_PORT` on upgrade.
+- The `DOKKU_NGINX_SSL_PORT` env var is no longer migrated to `DOKKU_PROXY_SSL_PORT` on upgrade.
diff --git a/docs/configuration/environment-variables.md b/docs/configuration/environment-variables.md
@@ -116,7 +116,7 @@ The following config variables have special meanings and can be set in a variety
 | `DOKKU_PARALLEL_ARGUMENTS`.    | none                            | `dokku config:set`                                                                                                                               | Allows passing custom arguments to parallel for `ps:*all` commands |
 | `DOKKU_PROXY_PORT`             | automatically assigned          | `/etc/environment` <br /> `~dokku/.dokkurc` <br /> `~dokku/.dokkurc/*` <br /> `dokku config:set`                                                 | |
 | `DOKKU_PROXY_SSL_PORT`         | automatically assigned          | `/etc/environment` <br /> `~dokku/.dokkurc` <br /> `~dokku/.dokkurc/*` <br /> `dokku config:set`                                                 | |
-| `DOKKU_PROXY_PORT_MAP`         | automatically assigned          | `dokku proxy:ports-add` <br /> `dokku proxy:ports-remove`, `dokku proxy:ports-clear`                                                             | |
+| `DOKKU_PROXY_PORT_MAP`         | automatically assigned          | `dokku ports:add` <br /> `dokku ports:remove`, `dokku ports:clear`                                                             | |
 | `DOKKU_SKIP_ALL_CHECKS`        | none                            | `dokku config:set`                                                                                                                               | |
 | `DOKKU_SKIP_CLEANUP`           |                                 | `/etc/environment` <br /> `~dokku/.dokkurc` <br /> `~dokku/.dokkurc/*`                                                                           | When a deploy is triggered, if this is set to a non-empty value, then old docker containers and images will not be removed. |
 | `DOKKU_SKIP_DEFAULT_CHECKS`    |                                 | `dokku config:set`                                                                                                                               | |

diff --git a/docs/configuration/ssl.md b/docs/configuration/ssl.md
@@ -165,4 +165,4 @@ dokku nginx:set node-js-app x-forwarded-ssl
 
 ### SSL Port Exposure
 
-When your app is served from port `80` then the `/home/dokku/APP/nginx.conf` file will automatically be updated to instruct nginx to respond to ssl on port 443 as a new cert is added.  If your app uses a non-standard port (perhaps you have a dockerfile deploy exposing port `99999`) you may need to manually expose an ssl port via `dokku proxy:ports-add <APP> https:443:99999`.
+When your app is served from port `80` then the `/home/dokku/APP/nginx.conf` file will automatically be updated to instruct nginx to respond to ssl on port 443 as a new cert is added.  If your app uses a non-standard port (perhaps you have a dockerfile deploy exposing port `99999`) you may need to manually expose an ssl port via `dokku ports:add <APP> https:443:99999`.
diff --git a/docs/deployment/builders/dockerfiles.md b/docs/deployment/builders/dockerfiles.md
@@ -29,7 +29,7 @@ Dokku will only select the `dockerfile` builder if both the `herokuish` and `pac
 If an application was previously deployed via buildpacks, the following commands should be run before a Dockerfile deploy will succeed:
 
 ```shell
-dokku config:unset --no-restart node-js-app DOKKU_PROXY_PORT_MAP 
+dokku ports:clear node-js-app
 ```
 
 ### Changing the `Dockerfile` location

diff --git a/docs/deployment/builders/herokuish-buildpacks.md b/docs/deployment/builders/herokuish-buildpacks.md
@@ -301,7 +301,7 @@ false
 If an application was previously deployed via Dockerfile, the following commands should be run before a buildpack deploy will succeed:
 
 ```shell
-dokku config:unset --no-restart node-js-app DOKKU_PROXY_PORT_MAP
+dokku ports:clear node-js-app
 ```
 
 ### Using a specific buildpack version

diff --git a/docs/development/plugin-triggers.md b/docs/development/plugin-triggers.md
@@ -1210,6 +1210,36 @@ set -eo pipefail; [[ $DOKKU_TRACE ]] && set -x
 nginx -t
 ```
 
+### `ports-clear`
+
+- Description: Clears the ports for a given app without triggering further restarts or rebuilds
+- Invoked by: internally
+- Arguments: `$APP`
+- Example:
+
+```shell
+#!/usr/bin/env bash
+
+set -eo pipefail; [[ $DOKKU_TRACE ]] && set -x
+
+# TODO
+```
+
+### `ports-get`
+
+- Description: Returns the port map for a given application in newline-delimited format
+- Invoked by: internally
+- Arguments: `$APP`
+- Example:
+
+```shell
+#!/usr/bin/env bash
+
+set -eo pipefail; [[ $DOKKU_TRACE ]] && set -x
+
+# TODO
+```
+
 ### `post-app-clone`
 
 - Description: Allows you to run commands after an app was cloned.
@@ -1480,10 +1510,10 @@ echo "clock: some-command" >> Procfile
 popd &>/dev/null
 ```
 
-### `post-proxy-ports-update`
+### `post-ports-update`
 
 - Description: Allows you to run commands once the proxy port mappings for an app have been updated. It also sends the invoking command. This can be "add", "clear" or "remove".
-- Invoked by: `dokku proxy:ports-add`, `dokku proxy:ports-clear`, `dokku proxy:ports-remove`
+- Invoked by: `dokku ports:add`, `dokku ports:clear`, `dokku ports:remove`
 - Arguments: `$APP` `action name`
 - Example:
 
@@ -1824,7 +1854,7 @@ set -eo pipefail; [[ $DOKKU_TRACE ]] && set -x
 # TODO
 ```
 
-### `proxy-configure-ports`
+### `ports-configure`
 
 - Description: Configures the proxy port mapping
 - Invoked by: `internally triggered by proxy plugins`

diff --git a/docs/getting-started/troubleshooting.md b/docs/getting-started/troubleshooting.md
@@ -78,8 +78,8 @@ The proxy port mapping will be `http:8000:8000`.
 
 To avoid this issue, either of the following can be done:
 
-- Remove `EXPOSE` directive: This will require respecting the `$PORT` environment variable (automatically set by Dokku). Once that change is deployed, the port mapping should be cleared via the `dokku proxy:ports-clear $APP` command (where `$APP` is your app name).
-- Update the port mapping: Updating the port mapping to redirect port `80` to your app's exposed port via `dokku proxy:ports-set $APP http:80:$EXPOSED_PORT` can also fix the issue. This will also allow certificate management and the letsencrypt plugin to work correctly.
+- Remove `EXPOSE` directive: This will require respecting the `$PORT` environment variable (automatically set by Dokku). Once that change is deployed, the port mapping should be cleared via the `dokku ports:clear $APP` command (where `$APP` is your app name).
+- Update the port mapping: Updating the port mapping to redirect port `80` to your app's exposed port via `dokku ports:set $APP http:80:$EXPOSED_PORT` can also fix the issue. This will also allow certificate management and the letsencrypt plugin to work correctly.
 
 See the [port management documentation](/docs/networking/port-management.md) for more information on how Dokku exposes ports for applications and how you can configure these for your app.
 
@@ -240,4 +240,4 @@ This could be a result of a bad proxy configuration (`http:5000:5000` may be inc
        Proxy type:                    nginx
 ```
 
-Set `dokku proxy:ports-set front http:80:5000` to get proxy correctly configured for http endpoint.
+Set `dokku ports:set front http:80:5000` to get proxy correctly configured for http endpoint.
diff --git a/docs/networking/port-management.md b/docs/networking/port-management.md
@@ -1,37 +1,35 @@
 # Port Management
 
-> New as of 0.5.0, Enhanced in 0.6.0
+> New as of 0.30.0
 
 ```
-proxy:ports <app>                        # List proxy port mappings for an app
-proxy:ports-add <app> <scheme>:<host-port>:<container-port> [<scheme>:<host-port>:<container-port>...]           # Add proxy port mappings to an app
-proxy:ports-clear <app>                  # Clear all proxy port mappings for an app
-proxy:ports-remove <app> <host-port> [<host-port>|<scheme>:<host-port>:<container-port>...]                      # Remove specific proxy port mappings from an app
-proxy:ports-set <app> <scheme>:<host-port>:<container-port> [<scheme>:<host-port>:<container-port>...]           # Set proxy port mappings for an app
+ports:list <app>                                                                                  # List port mappings for an app
+ports:add <app> <scheme>:<host-port>:<container-port> [<scheme>:<host-port>:<container-port>...]  # Add port mappings to an app
+ports:clear <app>                                                                                 # Clear all port mappings for an app
+ports:remove <app> <host-port> [<host-port>|<scheme>:<host-port>:<container-port>...]             # Remove specific port mappings from an app
+ports:set <app> <scheme>:<host-port>:<container-port> [<scheme>:<host-port>:<container-port>...]  # Set port mappings for an app
 ```
 
-In Dokku 0.5.0, port proxying was decoupled from the `nginx-vhosts` plugin into the proxy plugin. Dokku 0.6.0 introduced the ability to map host ports to specific container ports. In the future this will allow other proxy software - such as HAProxy or Caddy - to be used in place of nginx.
+The `ports` plugin can be used to map host ports to specific container ports. Proxy implementations can then consume those port mappings as necessary
 
 ## Usage
 
 > Warning: Mapping alternative ports may conflict with the active firewall installed on your server or hosting provider. Such software includes - but is not limited to - AWS Security Groups, iptables, and UFW. Please consult the documentation for those softwares as applicable.
 >
 > Users should also avoid setting the `PORT` environment variable. Dokku will use port mappings to set this value. Overriding this manually may cause issues in application routing.
 
-> New as of 0.6.0
-
-You can now configure `host -> container` port mappings with the `proxy:ports-*` commands. This mapping is currently supported by the built-in nginx-vhosts plugin.
+You can now configure `host -> container` port mappings with the `ports:*` commands. This mapping is currently supported by the built-in nginx-vhosts plugin.
 
 By default, buildpack apps and dockerfile apps **without** explicitly exposed ports (i.e. using the `EXPOSE` directive) will be configured with a listener on port `80` (and additionally a listener on 443 if ssl is enabled) that will proxy to the application container on port `5000`. Dockerfile apps **with** explicitly exposed ports will be configured with a listener on each exposed port and will proxy to that same port of the deployed application container.
 
-> Note: This default behavior **will not** be automatically changed on subsequent pushes and must be manipulated with the `proxy:ports-*` commands detailed below.
+> Note: This default behavior **will not** be automatically changed on subsequent pushes and must be manipulated with the `ports:*` commands detailed below.
 
 ### Listing port mappings
 
-To inspect the port mapping for a given application, use the `proxy:ports` command:
+To inspect the port mapping for a given application, use the `ports:list` command:
 
 ```shell
-dokku proxy:ports node-js-app
+dokku ports:list node-js-app
 ```
 
 ```
@@ -62,10 +60,10 @@ curl http://node-js-app.dokku.me:8080
 curl: (7) Failed to connect to node-js-app.dokku.me port 8080: Connection refused
 ```
 
-However, we can use the `proxy:ports-add` command to add a second external port mapping - `8080` - to our application's port `5000`.
+However, we can use the `ports:add` command to add a second external port mapping - `8080` - to our application's port `5000`.
 
 ```shell
-dokku proxy:ports-add node-js-app http:8080:5000
+dokku ports:add node-js-app http:8080:5000
 ```
 
 ```
@@ -98,10 +96,10 @@ Hello World!
 
 ### Setting all port mappings at once
 
-Port mappings can also be force set using the `proxy:ports-set` command.
+Port mappings can also be force set using the `ports:set` command.
 
 ```shell
-dokku proxy:ports-set node-js-app http:8080:5000
+dokku ports:set node-js-app http:8080:5000
 ```
 
 ```
@@ -114,30 +112,28 @@ dokku proxy:ports-set node-js-app http:8080:5000
 
 ### Removing a port mapping
 
-A port mapping can be removed using the `proxy:ports-remove` command if it no longer necessary:
+A port mapping can be removed using the `ports:remove` command if it no longer necessary:
 
 ```shell
-dokku proxy:ports-remove node-js-app http:80:5000
+dokku ports:remove node-js-app http:80:5000
 ```
 
 Ports may also be removed by specifying only the `host-port` value. This effectively acts as a wildcard and removes all mappings for that particular host port.
 
 ```shell
-dokku proxy:ports-remove node-js-app http:80
+dokku ports:remove node-js-app http:80
 ```
 
 ## Port management by Deployment Method
 
-> Warning: If you set a proxy port map but _do not have a global domain set_, Dokku will reset that map upon first deployment.
+> Warning: If you set a port map but _do not have a global domain set_, Dokku will reset that map upon first deployment.
 
 ### Buildpacks
 
 For buildpack deployments, your application _must_ respect the `PORT` environment variable. We will typically set this to port `5000`, but this is not guaranteed. If you do not respect the `PORT` environment variable, your containers may start but your services will not be accessible outside of that container.
 
 ### Dockerfile
 
-> Changed as of 0.5.0
-
 Dokku's default proxy implementation - nginx - supports HTTP and GRPC request proxying. At this time, we do not support proxying plain TCP or UDP ports. UDP ports can be exposed by disabling the nginx proxy with `dokku proxy:disable myapp`. If you would like to investigate alternative proxy methods, please refer to our [proxy management documentation](/docs/networking/proxy-management.md).
 
 #### Applications using EXPOSE
@@ -156,10 +152,10 @@ The application would be exposed to the user at `node-js-app.dokku.me:1234`. If
 
 ```shell
 # add a port mapping to port 80
-dokku proxy:ports-add node-js-app http:80:1234
+dokku ports:add node-js-app http:80:1234
 
 # remove the incorrect port mapping
-dokku proxy:ports-remove node-js-app http:1234:1234
+dokku ports:remove node-js-app http:1234:1234
 ```
 
 #### Applications not using EXPOSE
@@ -176,7 +172,7 @@ When switching between `EXPOSE` usage modes, it is important to reset your port
 ```shell
 # assuming your application is called `node-js-app`
 dokku config:unset --no-restart node-js-app DOKKU_DOCKERFILE_PORTS PORT
-dokku proxy:ports-clear node-js-app
+dokku ports:clear node-js-app
 ```
 
 ### Docker Image
@@ -186,7 +182,7 @@ When deploying an image, we will use `docker inspect` to extract the `ExposedPor
 ```shell
 # assuming your application is called `node-js-app`
 dokku config:set node-js-app DOKKU_DOCKERFILE_PORTS="1234/tcp 80/tcp"
-dokku proxy:ports-clear node-js-app
+dokku ports:clear node-js-app
 ```
 
 All other port-related behavior is the same as when deploying via Dockerfile.
diff --git a/docs/networking/proxies/nginx.md b/docs/networking/proxies/nginx.md
@@ -337,8 +337,8 @@ Unsetting this value is the same as enabling custom nginx config usage.
 {{ .PROXY_PORT }}                   Non-SSL nginx listener port (same as `DOKKU_PROXY_PORT` config var)
 {{ .PROXY_SSL_PORT }}               SSL nginx listener port (same as `DOKKU_PROXY_SSL_PORT` config var)
 {{ .NOSSL_SERVER_NAME }}            List of non-SSL VHOSTS
-{{ .PROXY_PORT_MAP }}               List of port mappings (same as `DOKKU_PROXY_PORT_MAP` config var)
-{{ .PROXY_UPSTREAM_PORTS }}         List of configured upstream ports (derived from `DOKKU_PROXY_PORT_MAP` config var)
+{{ .PROXY_PORT_MAP }}               List of port mappings
+{{ .PROXY_UPSTREAM_PORTS }}         List of configured upstream ports (derived from port mappings)
 {{ .RAW_TCP_PORTS }}                List of exposed tcp ports as defined by Dockerfile `EXPOSE` directive (**Dockerfile apps only**)
 {{ .SSL_INUSE }}                    Boolean set when an app is SSL-enabled
 {{ .SSL_SERVER_NAME }}              List of SSL VHOSTS

diff --git a/docs/networking/proxy-management.md b/docs/networking/proxy-management.md
@@ -11,7 +11,7 @@ proxy:report [<app>] [<flag>]                       # Displays a proxy report fo
 proxy:set <app> <proxy-type>                        # Set proxy type for app
 ```
 
-In Dokku 0.5.0, port proxying was decoupled from the `nginx-vhosts` plugin into the proxy plugin. Dokku 0.6.0 introduced the ability to map host ports to specific container ports. In the future this will allow other proxy software - such as HAProxy or Caddy - to be used in place of nginx.
+In Dokku 0.5.0, port proxying was decoupled from the `nginx-vhosts` plugin into the proxy plugin. In the future this will allow other proxy software - such as HAProxy or Caddy - to be used in place of nginx.
 
 ## Usage
 
@@ -158,14 +158,14 @@ At this time, the following dokku commands are used to implement a complete prox
   - triggers: `proxy-disable`
 - `proxy:enable`: Enables the proxy configuration for an app.
   - triggers: `proxy-enable`
-- `proxy:ports-add`: Adds one or more port mappings to an app
-  - triggers: `post-proxy-ports-update`
-- `proxy:ports-clear`: Clears out all port mappings for an app.
-  - triggers: `post-proxy-ports-update`
-- `proxy:ports-remove`: Removes one or more port mappings from an app.
-  - triggers: `post-proxy-ports-update`
-- `proxy:ports-set`: Sets all port mappings for an app.
-  - triggers: `post-proxy-ports-update`
+- `ports:add`: Adds one or more port mappings to an app
+  - triggers: `post-ports-update`
+- `ports:clear`: Clears out all port mappings for an app.
+  - triggers: `post-ports-update`
+- `ports:remove`: Removes one or more port mappings from an app.
+  - triggers: `post-ports-update`
+- `ports:set`: Sets all port mappings for an app.
+  - triggers: `post-ports-update`
 
 Proxy implementations may decide to omit some functionality here, or use plugin triggers to supplement config with information from other plugins.
 

diff --git a/plugins/20_events/post-proxy-ports-update → plugins/20_events/ports-clear b/plugins/20_events/post-proxy-ports-update → plugins/20_events/ports-clear
diff --git a/plugins/20_events/proxy-configure-ports → plugins/20_events/ports-configure b/plugins/20_events/proxy-configure-ports → plugins/20_events/ports-configure
diff --git a/plugins/20_events/ports-get b/plugins/20_events/ports-get
@@ -0,0 +1 @@
+hook
diff --git a/plugins/20_events/post-ports-update b/plugins/20_events/post-ports-update
@@ -0,0 +1 @@
+hook
diff --git a/plugins/caddy-vhosts/docker-args-process-deploy b/plugins/caddy-vhosts/docker-args-process-deploy
@@ -8,7 +8,7 @@ trigger-caddy-vhosts-docker-args-process-deploy() {
   declare desc="nginx-vhosts core-post-deploy plugin trigger"
   declare trigger="docker-args-process-deploy"
   declare APP="$1" IMAGE_SOURCE_TYPE="$2" IMAGE_TAG="$3" PROC_TYPE="$4" CONTAINER_INDEX="$5"
-  local app_domains caddy_domains is_app_listening letsencrypt_email output proxy_container_port proxy_host_port port_map proxy_port_map proxy_scheme proxy_schemes scheme tls_internal
+  local app_domains caddy_domains is_app_listening letsencrypt_email output proxy_container_port proxy_host_port port_map proxy_scheme proxy_schemes scheme tls_internal
   local proxy_container_http_port proxy_container_http_port_candidate proxy_host_http_port_candidate
   local proxy_container_https_port proxy_container_https_port_candidate proxy_host_https_port_candidate
   local STDIN=$(cat)
@@ -30,15 +30,14 @@ trigger-caddy-vhosts-docker-args-process-deploy() {
   fi
 
   # ensure we have a port mapping
-  plugn trigger proxy-configure-ports "$APP"
+  plugn trigger ports-configure "$APP"
 
   # gather port mapping information
   # we only support proxying a single port for http and https listeners
   # so this block parses the port mappings and tries to find the correct
   # mapping to expose
   is_app_listening="false"
-  proxy_port_map="$(plugn trigger config-get "$APP" DOKKU_PROXY_PORT_MAP)"
-  for port_map in $proxy_port_map; do
+  while read -r port_map; do
     proxy_scheme="$(awk -F ':' '{ print $1 }' <<<"$port_map")"
     proxy_host_port="$(awk -F ':' '{ print $2 }' <<<"$port_map")"
     proxy_container_port="$(awk -F ':' '{ print $3 }' <<<"$port_map")"
@@ -66,7 +65,7 @@ trigger-caddy-vhosts-docker-args-process-deploy() {
         proxy_container_https_port="$proxy_container_port"
       fi
     fi
-  done
+  done < <(plugn trigger ports-get "$APP")
 
   letsencrypt_email="$(fn-caddy-letsencrypt-email)"
   if [[ -n "$letsencrypt_email" ]] && [[ -z "$proxy_container_https_port" ]]; then
Original file line number	Diff line number	Diff line change
Expand Up		@@ -165,4 +165,4 @@ dokku nginx:set node-js-app x-forwarded-ssl

		### SSL Port Exposure

		When your app is served from port `80` then the `/home/dokku/APP/nginx.conf` file will automatically be updated to instruct nginx to respond to ssl on port 443 as a new cert is added. If your app uses a non-standard port (perhaps you have a dockerfile deploy exposing port `99999`) you may need to manually expose an ssl port via `dokku proxy:ports-add <APP> https:443:99999`.
		When your app is served from port `80` then the `/home/dokku/APP/nginx.conf` file will automatically be updated to instruct nginx to respond to ssl on port 443 as a new cert is added. If your app uses a non-standard port (perhaps you have a dockerfile deploy exposing port `99999`) you may need to manually expose an ssl port via `dokku ports:add <APP> https:443:99999`.