Fabio/nginx-proxy-auto-docker
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

Merge 5fdf72412d into b886c0bd14

Browse source
This commit is contained in:
Hasnat 2019-08-19 11:06:35 +00:00 committed by GitHub
commit 85c54d9165
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
10 changed files with 82 additions and 82 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
.gitignore vendored
View file

@ -1,3 +1,4 @@
**/__pycache__/
**/.cache/
.idea/
conf.d

2
Dockerfile
View file

@ -28,8 +28,10 @@ COPY network_internal.conf /etc/nginx/
COPY . /app/
WORKDIR /app/
RUN touch /app/htpasswd_generator.sh && chmod +x /app/htpasswd_generator.sh
ENV DOCKER_HOST unix:///tmp/docker.sock
ENV RESOLVERS="127.0.0.11 valid=5s"
VOLUME ["/etc/nginx/certs", "/etc/nginx/dhparam"]

1
Dockerfile.alpine
View file

@ -25,6 +25,7 @@ COPY network_internal.conf /etc/nginx/
COPY . /app/
WORKDIR /app/
RUN touch /app/htpasswd_generator.sh && chmod +x /app/htpasswd_generator.sh
ENV DOCKER_HOST unix:///tmp/docker.sock

1
Procfile
View file

@ -1,2 +1,3 @@
htpasswdgen: docker-gen -watch -notify "/app/htpasswd_generator.sh" /app/htpasswd_generator.tmpl /app/htpasswd_generator.sh
dockergen: docker-gen -watch -notify "nginx -s reload" /app/nginx.tmpl /etc/nginx/conf.d/default.conf
nginx: nginx

14
README.md
View file

@ -313,7 +313,17 @@ $ docker run -d -p 80:80 -p 443:443 \
-v /var/run/docker.sock:/tmp/docker.sock:ro \
jwilder/nginx-proxy
```
Or have your container with `VHOST_HTPASSWD`
```
$ docker run -d -p 80:80 -p 443:443 \
-v /var/run/docker.sock:/tmp/docker.sock:ro \
jwilder/nginx-proxy
$ docker run -d \
-e VIRTUAL_HOST=whoami.local \
-e VHOST_HTPASSWD='abc:900150983CD24FB0D6963F7D28E17F72' `# this is abc:abc using md5` \
jwilder/whoami
```
You'll need apache2-utils on the machine where you plan to create the htpasswd file. Follow these [instructions](http://httpd.apache.org/docs/2.2/programs/htpasswd.html)
### Custom Nginx Configuration
@ -385,6 +395,8 @@ If you are using multiple hostnames for a single container (e.g. `VIRTUAL_HOST=e
If you want most of your virtual hosts to use a default single configuration and then override on a few specific ones, add those settings to the `/etc/nginx/vhost.d/default` file. This file
will be used on any virtual host which does not have a `/etc/nginx/vhost.d/{VIRTUAL_HOST}` file associated with it.
You can also have `VHOST_CONF` environment variable in your container.
#### Per-VIRTUAL_HOST location configuration
To add settings to the "location" block on a per-`VIRTUAL_HOST` basis, add your configuration file under `/etc/nginx/vhost.d`
@ -405,6 +417,8 @@ If you are using multiple hostnames for a single container (e.g. `VIRTUAL_HOST=e
If you want most of your virtual hosts to use a default single `location` block configuration and then override on a few specific ones, add those settings to the `/etc/nginx/vhost.d/default_location` file. This file
will be used on any virtual host which does not have a `/etc/nginx/vhost.d/{VIRTUAL_HOST}_location` file associated with it.
You can also have `VHOST_LOCATION_CONF` environment variable in your container.
### Contributing
Before submitting pull requests or issues, please check github to make sure an existing issue or pull request is not already open.

23
docker-compose-separate-containers.yml
View file

@ -1,23 +0,0 @@
version: '2'
services:
nginx:
image: nginx
container_name: nginx
ports:
- "80:80"
volumes:
- /etc/nginx/conf.d
dockergen:
image: jwilder/docker-gen
command: -notify-sighup nginx -watch /etc/docker-gen/templates/nginx.tmpl /etc/nginx/conf.d/default.conf
volumes_from:
- nginx
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
- ./nginx.tmpl:/etc/docker-gen/templates/nginx.tmpl
whoami:
image: jwilder/whoami
environment:
- VIRTUAL_HOST=whoami.local

6
docker-compose.override.yml Normal file
View file

@ -0,0 +1,6 @@
version: '2'
services:
nginx:
build: .
volumes:
- ./conf.d:/etc/nginx/conf.d

3
docker-compose.yml
View file

@ -2,13 +2,16 @@ version: '2'
services:
nginx-proxy:
image: jwilder/nginx-proxy
build: .
container_name: nginx-proxy
ports:
- "80:80"
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
- ./conf.d:/etc/nginx/conf.d
whoami:
image: jwilder/whoami
environment:
- VIRTUAL_HOST=whoami.local
- VIRTUAL_PORT=8000

16
htpasswd_generator.tmpl Normal file
View file

@ -0,0 +1,16 @@
#!/bin/sh
mkdir -p /etc/nginx/htpasswd
{{ range $host, $containers := groupByMulti $ "Env.VIRTUAL_HOST" "," }}
{{ $host := trim $host }}
{{ $htpasswd := or (first (groupByKeys $containers "Env.VHOST_HTPASSWD")) "" }}
if [ ! -z '{{$htpasswd}}' ]
then
echo '{{ $htpasswd }}' > /etc/nginx/htpasswd/{{ $host }}
fi
{{ end }}
nginx -s reload

97
nginx.tmpl
View file

@ -1,27 +1,5 @@
{{ $CurrentContainer := where $ "ID" .Docker.CurrentContainerID | first }}
{{ define "upstream" }}
{{ if .Address }}
{{/* If we got the containers from swarm and this container's port is published to host, use host IP:PORT */}}
{{ if and .Container.Node.ID .Address.HostPort }}
# {{ .Container.Node.Name }}/{{ .Container.Name }}
server {{ .Container.Node.Address.IP }}:{{ .Address.HostPort }};
{{/* If there is no swarm node or the port is not published on host, use container's IP:PORT */}}
{{ else if .Network }}
# {{ .Container.Name }}
server {{ .Network.IP }}:{{ .Address.Port }};
{{ end }}
{{ else if .Network }}
# {{ .Container.Name }}
{{ if .Network.IP }}
server {{ .Network.IP }} down;
{{ else }}
server 127.0.0.1 down;
{{ end }}
{{ end }}
{{ end }}
# If we receive X-Forwarded-Proto, pass it through; otherwise, pass along the
# scheme used to connect to this server
map $http_x_forwarded_proto $proxy_x_forwarded_proto {
@ -119,37 +97,7 @@ server {
{{ $host := trim $host }}
{{ $is_regexp := hasPrefix "~" $host }}
{{ $upstream_name := when $is_regexp (sha1 $host) $host }}
# {{ $host }}
upstream {{ $upstream_name }} {
{{ range $container := $containers }}
{{ $addrLen := len $container.Addresses }}
{{ range $knownNetwork := $CurrentContainer.Networks }}
{{ range $containerNetwork := $container.Networks }}
{{ if (and (ne $containerNetwork.Name "ingress") (or (eq $knownNetwork.Name $containerNetwork.Name) (eq $knownNetwork.Name "host"))) }}
## Can be connected with "{{ $containerNetwork.Name }}" network
{{/* If only 1 port exposed, use that */}}
{{ if eq $addrLen 1 }}
{{ $address := index $container.Addresses 0 }}
{{ template "upstream" (dict "Container" $container "Address" $address "Network" $containerNetwork) }}
{{/* If more than one port exposed, use the one matching VIRTUAL_PORT env var, falling back to standard web port 80 */}}
{{ else }}
{{ $port := coalesce $container.Env.VIRTUAL_PORT "80" }}
{{ $address := where $container.Addresses "Port" $port | first }}
{{ template "upstream" (dict "Container" $container "Address" $address "Network" $containerNetwork) }}
{{ end }}
{{ else }}
# Cannot connect to network of this container
server 127.0.0.1 down;
{{ end }}
{{ end }}
{{ end }}
{{ end }}
}
{{ $default_host := or ($.Env.DEFAULT_HOST) "" }}
{{ $default_server := index (dict $host "" $default_host "default_server") $host }}
@ -157,6 +105,12 @@ upstream {{ $upstream_name }} {
{{/* Get the VIRTUAL_PROTO defined by containers w/ the same vhost, falling back to "http" */}}
{{ $proto := trim (or (first (groupByKeys $containers "Env.VIRTUAL_PROTO")) "http") }}
{{ $vhost_conf := trim (or (first (groupByKeys $containers "Env.VHOST_CONF")) "") }}
{{ $vhost_location_conf := trim (or (first (groupByKeys $containers "Env.VHOST_LOCATION_CONF")) "") }}
{{ $container_pass := (printf "%v:%v" (first (groupByKeys $containers "Name")) (trim (or (first (groupByKeys $containers "Env.VIRTUAL_PORT")) "80"))) }}
{{/* Get the NETWORK_ACCESS defined by containers w/ the same vhost, falling back to "external" */}}
{{ $network_tag := or (first (groupByKeys $containers "Env.NETWORK_ACCESS")) "external" }}
@ -172,6 +126,9 @@ upstream {{ $upstream_name }} {
{{/* Get the VIRTUAL_ROOT By containers w/ use fastcgi root */}}
{{ $vhost_root := or (first (groupByKeys $containers "Env.VIRTUAL_ROOT")) "/var/www/public" }}
{{/* Get the SERVER_PASS By containers e.g. proxy_pass..., grpc_pass..., fastcgi_pass... */}}
{{ $server_pass := or ($container.Env.SERVER_PASS) "" }}
{{/* Get the first cert name defined by containers w/ the same vhost */}}
{{ $certName := (first (groupByKeys $containers "Env.CERT_NAME")) }}
@ -272,16 +229,23 @@ server {
include /etc/nginx/vhost.d/default;
{{ end }}
{{ if not (eq $vhost_conf "") }}
{{ $vhost_conf }}
{{ end }}
location / {
{{ if eq $proto "uwsgi" }}
set $target {{ trim $container_pass }};
{{ if ne $server_pass "" }}
{{ $server_pass }};
{{ else if eq $proto "uwsgi" }}
include uwsgi_params;
uwsgi_pass {{ trim $proto }}://{{ trim $upstream_name }};
uwsgi_pass {{ trim $proto }}://$target;
{{ else if eq $proto "fastcgi" }}
root {{ trim $vhost_root }};
include fastcgi.conf;
fastcgi_pass {{ trim $upstream_name }};
fastcgi_pass $target;
{{ else }}
proxy_pass {{ trim $proto }}://{{ trim $upstream_name }};
proxy_pass {{ trim $proto }}://$target;
{{ end }}
{{ if (exists (printf "/etc/nginx/htpasswd/%s" $host)) }}
@ -293,6 +257,9 @@ server {
{{ else if (exists "/etc/nginx/vhost.d/default_location") }}
include /etc/nginx/vhost.d/default_location;
{{ end }}
{{ if not (eq $vhost_location_conf "") }}
{{ $vhost_location_conf }}
{{ end }}
}
}
@ -319,16 +286,24 @@ server {
include /etc/nginx/vhost.d/default;
{{ end }}
{{ if not (eq $vhost_conf "") }}
{{ $vhost_conf }}
{{ end }}
location / {
set $target {{ trim $container_pass }};
{{ if eq $proto "uwsgi" }}
{{ if ne $server_pass "" }}
{{ $server_pass }};
{{ else if eq $proto "uwsgi" }}
include uwsgi_params;
uwsgi_pass {{ trim $proto }}://{{ trim $upstream_name }};
uwsgi_pass {{ trim $proto }}://$target;
{{ else if eq $proto "fastcgi" }}
root {{ trim $vhost_root }};
include fastcgi.conf;
fastcgi_pass {{ trim $upstream_name }};
fastcgi_pass $target;
{{ else }}
proxy_pass {{ trim $proto }}://{{ trim $upstream_name }};
proxy_pass {{ trim $proto }}://$target;
{{ end }}
{{ if (exists (printf "/etc/nginx/htpasswd/%s" $host)) }}
auth_basic "Restricted {{ $host }}";
@ -339,6 +314,9 @@ server {
{{ else if (exists "/etc/nginx/vhost.d/default_location") }}
include /etc/nginx/vhost.d/default_location;
{{ end }}
{{ if not (eq $vhost_location_conf "") }}
{{ $vhost_location_conf }}
{{ end }}
}
}
@ -359,3 +337,4 @@ server {
{{ end }}
{{ end }}