From 89bff71c0e166a3f9956e63b2c88252428b30dec Mon Sep 17 00:00:00 2001 From: Mike Dillon Date: Fri, 13 Mar 2015 22:22:54 -0700 Subject: [PATCH] Support regex VIRTUAL_HOST values This will be a breaking change for anyone who was using the SSL, Basic Auth, or custom template functionality with a hostname of "*.domain.tld". Their extension files will now need to be called "%2A.domain.tld" instead of using a literal asterisk. Fixes #117 --- nginx.tmpl | 37 +++++++++++++++++++------------------ 1 file changed, 19 insertions(+), 18 deletions(-) diff --git a/nginx.tmpl b/nginx.tmpl index 08f6c01..3a0f7ed 100644 --- a/nginx.tmpl +++ b/nginx.tmpl @@ -70,8 +70,9 @@ server { {{ end }} {{ range $host, $containers := groupByMulti $ "Env.VIRTUAL_HOST" "," }} +{{ $upstream := queryEscape $host }} -upstream {{ $host }} { +upstream {{ $upstream }} { {{ range $container := $containers }} {{ $addrLen := len $container.Addresses }} {{/* If only 1 port exposed, use that */}} @@ -97,7 +98,7 @@ upstream {{ $host }} { {{ $certName := (first (groupByKeys $containers "Env.CERT_NAME")) }} {{/* Get the best matching cert by name for the vhost. */}} -{{ $vhostCert := (closest (dir "/etc/nginx/certs") (printf "%s.crt" $host))}} +{{ $vhostCert := (closest (dir "/etc/nginx/certs") (printf "%s.crt" $upstream))}} {{/* vhostCert is actually a filename so remove any suffixes since they are added later */}} {{ $vhostCert := replace $vhostCert ".crt" "" -1 }} @@ -136,20 +137,20 @@ server { add_header Strict-Transport-Security "max-age=31536000"; - {{ if (exists (printf "/etc/nginx/vhost.d/%s" $host)) }} - include {{ printf "/etc/nginx/vhost.d/%s" $host }}; + {{ if (exists (printf "/etc/nginx/vhost.d/%s" $upstream)) }} + include {{ printf "/etc/nginx/vhost.d/%s" $upstream }}; {{ else if (exists "/etc/vhost.d/default") }} include /etc/nginx/vhost.d/default; {{ end }} location / { - proxy_pass {{ $proto }}://{{ $host }}; - {{ if (exists (printf "/etc/nginx/htpasswd/%s" $host)) }} - auth_basic "Restricted {{ $host }}"; - auth_basic_user_file {{ (printf "/etc/nginx/htpasswd/%s" $host) }}; + proxy_pass {{ $proto }}://{{ $upstream }}; + {{ if (exists (printf "/etc/nginx/htpasswd/%s" $upstream)) }} + auth_basic "Restricted {{ $upstream }}"; + auth_basic_user_file {{ (printf "/etc/nginx/htpasswd/%s" $upstream) }}; {{ end }} - {{ if (exists (printf "/etc/nginx/vhost.d/%s_location" $host)) }} - include {{ printf "/etc/nginx/vhost.d/%s_location" $host}}; + {{ if (exists (printf "/etc/nginx/vhost.d/%s_location" $upstream)) }} + include {{ printf "/etc/nginx/vhost.d/%s_location" $upstream}}; {{ else if (exists "/etc/vhost.d/default_location") }} include /etc/nginx/vhost.d/default_location; {{ end }} @@ -162,20 +163,20 @@ server { listen 80 {{ $default_server }}; access_log /var/log/nginx/access.log vhost; - {{ if (exists (printf "/etc/nginx/vhost.d/%s" $host)) }} - include {{ printf "/etc/nginx/vhost.d/%s" $host }}; + {{ if (exists (printf "/etc/nginx/vhost.d/%s" $upstream)) }} + include {{ printf "/etc/nginx/vhost.d/%s" $upstream }}; {{ else if (exists "/etc/vhost.d/default") }} include /etc/nginx/vhost.d/default; {{ end }} location / { - proxy_pass {{ $proto }}://{{ $host }}; - {{ if (exists (printf "/etc/nginx/htpasswd/%s" $host)) }} - auth_basic "Restricted {{ $host }}"; - auth_basic_user_file {{ (printf "/etc/nginx/htpasswd/%s" $host) }}; + proxy_pass {{ $proto }}://{{ $upstream }}; + {{ if (exists (printf "/etc/nginx/htpasswd/%s" $upstream)) }} + auth_basic "Restricted {{ $upstream }}"; + auth_basic_user_file {{ (printf "/etc/nginx/htpasswd/%s" $upstream) }}; {{ end }} - {{ if (exists (printf "/etc/nginx/vhost.d/%s_location" $host)) }} - include {{ printf "/etc/nginx/vhost.d/%s_location" $host}}; + {{ if (exists (printf "/etc/nginx/vhost.d/%s_location" $upstream)) }} + include {{ printf "/etc/nginx/vhost.d/%s_location" $upstream}}; {{ else if (exists "/etc/vhost.d/default_location") }} include /etc/nginx/vhost.d/default_location; {{ end }}