From fecd2713fec6e93fd8253bb930b98253c8f7888f Mon Sep 17 00:00:00 2001 From: Chris Thomas Date: Thu, 28 Mar 2019 14:13:38 +0100 Subject: [PATCH 1/5] Update the nginx template to support virtual path by creating named upstreams and targetting them appropriately --- nginx.tmpl | 33 +++++++++++++++++++++------------ 1 file changed, 21 insertions(+), 12 deletions(-) diff --git a/nginx.tmpl b/nginx.tmpl index c1383c6..6a707e7 100644 --- a/nginx.tmpl +++ b/nginx.tmpl @@ -169,10 +169,9 @@ server { {{ $is_regexp := hasPrefix "~" $host }} {{ $upstream_name := when $is_regexp (sha1 $host) $host }} -# {{ $host }} -upstream {{ $upstream_name }} { - {{ range $container := $containers }} +# {{ $container.Name }} +upstream {{ $container.Name }} { {{ $addrLen := len $container.Addresses }} {{ range $knownNetwork := $CurrentContainer.Networks }} @@ -196,8 +195,8 @@ upstream {{ $upstream_name }} { {{ end }} {{ end }} {{ end }} -{{ end }} } +{{ end }} {{ $default_host := or ($.Env.DEFAULT_HOST) "" }} {{ $default_server := index (dict $host "" $default_host "default_server") $host }} @@ -292,16 +291,19 @@ server { include /etc/nginx/vhost.d/default; {{ end }} - location / { + {{ range $container := $containers }} + {{/* Determine whether this container has specified a virtual path, or default to the / pattern */}} + {{ $location := coalesce $container.Env.VIRTUAL_PATH "/" }} + location {{ $location }} { {{ if eq $proto "uwsgi" }} include uwsgi_params; - uwsgi_pass {{ trim $proto }}://{{ trim $upstream_name }}; + uwsgi_pass {{ trim $proto }}://{{ trim $container.Name }}; {{ else if eq $proto "fastcgi" }} root {{ trim $vhost_root }}; include fastcgi_params; - fastcgi_pass {{ trim $upstream_name }}; + fastcgi_pass {{ trim $container.Name }}; {{ else }} - proxy_pass {{ trim $proto }}://{{ trim $upstream_name }}; + proxy_pass {{ trim $proto }}://{{ trim $container.Name }}; {{ end }} {{ if (exists (printf "/etc/nginx/htpasswd/%s" $host)) }} @@ -314,6 +316,7 @@ server { include /etc/nginx/vhost.d/default_location; {{ end }} } + {{ end }} } {{ end }} @@ -339,16 +342,20 @@ server { include /etc/nginx/vhost.d/default; {{ end }} - location / { + {{ range $container := $containers }} + {{/* Determine whether this container has specified a virtual path, or default to the / pattern */}} + {{ $location := coalesce $container.Env.VIRTUAL_PATH "/" }} + + location {{ $location }} { {{ if eq $proto "uwsgi" }} include uwsgi_params; - uwsgi_pass {{ trim $proto }}://{{ trim $upstream_name }}; + uwsgi_pass {{ trim $proto }}://{{ trim $container.Name }}; {{ else if eq $proto "fastcgi" }} root {{ trim $vhost_root }}; include fastcgi_params; - fastcgi_pass {{ trim $upstream_name }}; + fastcgi_pass {{ trim $container.Name }}; {{ else }} - proxy_pass {{ trim $proto }}://{{ trim $upstream_name }}; + proxy_pass {{ trim $proto }}://{{ trim $container.Name }}; {{ end }} {{ if (exists (printf "/etc/nginx/htpasswd/%s" $host)) }} auth_basic "Restricted {{ $host }}"; @@ -360,6 +367,8 @@ server { include /etc/nginx/vhost.d/default_location; {{ end }} } + + {{ end }} } {{ if (and (not $is_https) (exists "/etc/nginx/certs/default.crt") (exists "/etc/nginx/certs/default.key")) }} From e684ad9a99cd9cccb6366b462f12087725a2fd61 Mon Sep 17 00:00:00 2001 From: Chris Thomas Date: Thu, 28 Mar 2019 17:52:17 +0100 Subject: [PATCH 2/5] add support for regex locations --- nginx.tmpl | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/nginx.tmpl b/nginx.tmpl index 6a707e7..59bd62a 100644 --- a/nginx.tmpl +++ b/nginx.tmpl @@ -294,7 +294,10 @@ server { {{ range $container := $containers }} {{/* Determine whether this container has specified a virtual path, or default to the / pattern */}} {{ $location := coalesce $container.Env.VIRTUAL_PATH "/" }} - location {{ $location }} { + {{ $is_regexp := hasPrefix "^" $location }} + {{ $modifier := when $is_regexp "~" "" }} + + location {{ $modifier }} '{{ $location }}' { {{ if eq $proto "uwsgi" }} include uwsgi_params; uwsgi_pass {{ trim $proto }}://{{ trim $container.Name }}; @@ -346,7 +349,10 @@ server { {{/* Determine whether this container has specified a virtual path, or default to the / pattern */}} {{ $location := coalesce $container.Env.VIRTUAL_PATH "/" }} - location {{ $location }} { + {{ $is_regexp := hasPrefix "^" $location }} + {{ $modifier := when $is_regexp "~" "" }} + + location {{ $modifier }} '{{ $location }}' { {{ if eq $proto "uwsgi" }} include uwsgi_params; uwsgi_pass {{ trim $proto }}://{{ trim $container.Name }}; From d31a35a2b777b4d1712e3e8f917cbbdc516c7963 Mon Sep 17 00:00:00 2001 From: Peter Badida Date: Thu, 9 Jan 2020 00:52:28 +0100 Subject: [PATCH 3/5] Add support for VIRTUAL_PATH stripping + 302 redirect Now the VIRTUAL_PATH=/service allows two locations /service -> 302 /service/ and /service/ -> container/ (with stripped VIRTUAL_PATH) --- nginx.tmpl | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) diff --git a/nginx.tmpl b/nginx.tmpl index 59bd62a..31b204a 100644 --- a/nginx.tmpl +++ b/nginx.tmpl @@ -297,17 +297,35 @@ server { {{ $is_regexp := hasPrefix "^" $location }} {{ $modifier := when $is_regexp "~" "" }} + {{ if (eq $container.Env.VIRTUAL_PATH_STRIP "TRUE") }} location {{ $modifier }} '{{ $location }}' { + return 302 '{{ $location }}/'; + } + {{ end }} + + {{ if (eq $container.Env.VIRTUAL_PATH_STRIP "TRUE") }} + location {{ $modifier }} '{{ $location }}/' { + {{ else }} + location {{ $modifier }} '{{ $location }}' { + {{ end }} {{ if eq $proto "uwsgi" }} include uwsgi_params; + {{ if (eq $container.Env.VIRTUAL_PATH_STRIP "TRUE") }} + uwsgi_pass {{ trim $proto }}://{{ trim $container.Name }}/; + {{ else }} uwsgi_pass {{ trim $proto }}://{{ trim $container.Name }}; + {{ end }} {{ else if eq $proto "fastcgi" }} root {{ trim $vhost_root }}; include fastcgi_params; fastcgi_pass {{ trim $container.Name }}; {{ else }} + {{ if (eq $container.Env.VIRTUAL_PATH_STRIP "TRUE") }} + proxy_pass {{ trim $proto }}://{{ trim $container.Name }}/; + {{ else }} proxy_pass {{ trim $proto }}://{{ trim $container.Name }}; {{ end }} + {{ end }} {{ if (exists (printf "/etc/nginx/htpasswd/%s" $host)) }} auth_basic "Restricted {{ $host }}"; @@ -352,17 +370,35 @@ server { {{ $is_regexp := hasPrefix "^" $location }} {{ $modifier := when $is_regexp "~" "" }} + {{ if (eq $container.Env.VIRTUAL_PATH_STRIP "TRUE") }} location {{ $modifier }} '{{ $location }}' { + return 302 '{{ $location }}/'; + } + {{ end }} + + {{ if (eq $container.Env.VIRTUAL_PATH_STRIP "TRUE") }} + location {{ $modifier }} '{{ $location }}/' { + {{ else }} + location {{ $modifier }} '{{ $location }}' { + {{ end }} {{ if eq $proto "uwsgi" }} include uwsgi_params; + {{ if (eq $container.Env.VIRTUAL_PATH_STRIP "TRUE") }} + uwsgi_pass {{ trim $proto }}://{{ trim $container.Name }}/; + {{ else }} uwsgi_pass {{ trim $proto }}://{{ trim $container.Name }}; + {{ end }} {{ else if eq $proto "fastcgi" }} root {{ trim $vhost_root }}; include fastcgi_params; fastcgi_pass {{ trim $container.Name }}; {{ else }} + {{ if (eq $container.Env.VIRTUAL_PATH_STRIP "TRUE") }} + proxy_pass {{ trim $proto }}://{{ trim $container.Name }}/; + {{ else }} proxy_pass {{ trim $proto }}://{{ trim $container.Name }}; {{ end }} + {{ end }} {{ if (exists (printf "/etc/nginx/htpasswd/%s" $host)) }} auth_basic "Restricted {{ $host }}"; auth_basic_user_file {{ (printf "/etc/nginx/htpasswd/%s" $host) }}; From 416050f1c60a2fbd40750b49eb9a6563deffc2dc Mon Sep 17 00:00:00 2001 From: Peter Badida Date: Sun, 19 Jan 2020 21:04:53 +0100 Subject: [PATCH 4/5] Switch from TRUE to true for VIRTUAL_PATH_STRIP --- nginx.tmpl | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/nginx.tmpl b/nginx.tmpl index 31b204a..d625b02 100644 --- a/nginx.tmpl +++ b/nginx.tmpl @@ -297,20 +297,20 @@ server { {{ $is_regexp := hasPrefix "^" $location }} {{ $modifier := when $is_regexp "~" "" }} - {{ if (eq $container.Env.VIRTUAL_PATH_STRIP "TRUE") }} + {{ if (eq $container.Env.VIRTUAL_PATH_STRIP "true") }} location {{ $modifier }} '{{ $location }}' { return 302 '{{ $location }}/'; } {{ end }} - {{ if (eq $container.Env.VIRTUAL_PATH_STRIP "TRUE") }} + {{ if (eq $container.Env.VIRTUAL_PATH_STRIP "true") }} location {{ $modifier }} '{{ $location }}/' { {{ else }} location {{ $modifier }} '{{ $location }}' { {{ end }} {{ if eq $proto "uwsgi" }} include uwsgi_params; - {{ if (eq $container.Env.VIRTUAL_PATH_STRIP "TRUE") }} + {{ if (eq $container.Env.VIRTUAL_PATH_STRIP "true") }} uwsgi_pass {{ trim $proto }}://{{ trim $container.Name }}/; {{ else }} uwsgi_pass {{ trim $proto }}://{{ trim $container.Name }}; @@ -320,7 +320,7 @@ server { include fastcgi_params; fastcgi_pass {{ trim $container.Name }}; {{ else }} - {{ if (eq $container.Env.VIRTUAL_PATH_STRIP "TRUE") }} + {{ if (eq $container.Env.VIRTUAL_PATH_STRIP "true") }} proxy_pass {{ trim $proto }}://{{ trim $container.Name }}/; {{ else }} proxy_pass {{ trim $proto }}://{{ trim $container.Name }}; @@ -370,20 +370,20 @@ server { {{ $is_regexp := hasPrefix "^" $location }} {{ $modifier := when $is_regexp "~" "" }} - {{ if (eq $container.Env.VIRTUAL_PATH_STRIP "TRUE") }} + {{ if (eq $container.Env.VIRTUAL_PATH_STRIP "true") }} location {{ $modifier }} '{{ $location }}' { return 302 '{{ $location }}/'; } {{ end }} - {{ if (eq $container.Env.VIRTUAL_PATH_STRIP "TRUE") }} + {{ if (eq $container.Env.VIRTUAL_PATH_STRIP "true") }} location {{ $modifier }} '{{ $location }}/' { {{ else }} location {{ $modifier }} '{{ $location }}' { {{ end }} {{ if eq $proto "uwsgi" }} include uwsgi_params; - {{ if (eq $container.Env.VIRTUAL_PATH_STRIP "TRUE") }} + {{ if (eq $container.Env.VIRTUAL_PATH_STRIP "true") }} uwsgi_pass {{ trim $proto }}://{{ trim $container.Name }}/; {{ else }} uwsgi_pass {{ trim $proto }}://{{ trim $container.Name }}; @@ -393,7 +393,7 @@ server { include fastcgi_params; fastcgi_pass {{ trim $container.Name }}; {{ else }} - {{ if (eq $container.Env.VIRTUAL_PATH_STRIP "TRUE") }} + {{ if (eq $container.Env.VIRTUAL_PATH_STRIP "true") }} proxy_pass {{ trim $proto }}://{{ trim $container.Name }}/; {{ else }} proxy_pass {{ trim $proto }}://{{ trim $container.Name }}; From 9b38175c06eb9be14abc39352b6067a38f5f02ce Mon Sep 17 00:00:00 2001 From: Peter Badida Date: Sun, 19 Jan 2020 21:08:04 +0100 Subject: [PATCH 5/5] Fallback to empty string when VIRTUAL_PATH_STRIP not specified --- nginx.tmpl | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/nginx.tmpl b/nginx.tmpl index d625b02..d64de0c 100644 --- a/nginx.tmpl +++ b/nginx.tmpl @@ -297,20 +297,20 @@ server { {{ $is_regexp := hasPrefix "^" $location }} {{ $modifier := when $is_regexp "~" "" }} - {{ if (eq $container.Env.VIRTUAL_PATH_STRIP "true") }} + {{ if (eq (or ($container.Env.VIRTUAL_PATH_STRIP) "") "true") }} location {{ $modifier }} '{{ $location }}' { return 302 '{{ $location }}/'; } {{ end }} - {{ if (eq $container.Env.VIRTUAL_PATH_STRIP "true") }} + {{ if (eq (or ($container.Env.VIRTUAL_PATH_STRIP) "") "true") }} location {{ $modifier }} '{{ $location }}/' { {{ else }} location {{ $modifier }} '{{ $location }}' { {{ end }} {{ if eq $proto "uwsgi" }} include uwsgi_params; - {{ if (eq $container.Env.VIRTUAL_PATH_STRIP "true") }} + {{ if (eq (or ($container.Env.VIRTUAL_PATH_STRIP) "") "true") }} uwsgi_pass {{ trim $proto }}://{{ trim $container.Name }}/; {{ else }} uwsgi_pass {{ trim $proto }}://{{ trim $container.Name }}; @@ -320,7 +320,7 @@ server { include fastcgi_params; fastcgi_pass {{ trim $container.Name }}; {{ else }} - {{ if (eq $container.Env.VIRTUAL_PATH_STRIP "true") }} + {{ if (eq (or ($container.Env.VIRTUAL_PATH_STRIP) "") "true") }} proxy_pass {{ trim $proto }}://{{ trim $container.Name }}/; {{ else }} proxy_pass {{ trim $proto }}://{{ trim $container.Name }}; @@ -370,20 +370,20 @@ server { {{ $is_regexp := hasPrefix "^" $location }} {{ $modifier := when $is_regexp "~" "" }} - {{ if (eq $container.Env.VIRTUAL_PATH_STRIP "true") }} + {{ if (eq (or ($container.Env.VIRTUAL_PATH_STRIP) "") "true") }} location {{ $modifier }} '{{ $location }}' { return 302 '{{ $location }}/'; } {{ end }} - {{ if (eq $container.Env.VIRTUAL_PATH_STRIP "true") }} + {{ if (eq (or ($container.Env.VIRTUAL_PATH_STRIP) "") "true") }} location {{ $modifier }} '{{ $location }}/' { {{ else }} location {{ $modifier }} '{{ $location }}' { {{ end }} {{ if eq $proto "uwsgi" }} include uwsgi_params; - {{ if (eq $container.Env.VIRTUAL_PATH_STRIP "true") }} + {{ if (eq (or ($container.Env.VIRTUAL_PATH_STRIP) "") "true") }} uwsgi_pass {{ trim $proto }}://{{ trim $container.Name }}/; {{ else }} uwsgi_pass {{ trim $proto }}://{{ trim $container.Name }}; @@ -393,7 +393,7 @@ server { include fastcgi_params; fastcgi_pass {{ trim $container.Name }}; {{ else }} - {{ if (eq $container.Env.VIRTUAL_PATH_STRIP "true") }} + {{ if (eq (or ($container.Env.VIRTUAL_PATH_STRIP) "") "true") }} proxy_pass {{ trim $proto }}://{{ trim $container.Name }}/; {{ else }} proxy_pass {{ trim $proto }}://{{ trim $container.Name }};