Fabio/nginx-proxy-auto-docker
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Update nginx.tmpl to make use of additional environment variables for

Browse source 
specifying client CA name and additional location options.
This commit is contained in:
William Dix 2014-12-16 10:09:37 -05:00
parent 5fd333c11e
commit f27be7b348
1 changed files with 10 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
nginx.tmpl
View file

@ -70,6 +70,9 @@ upstream {{ $host }} {
{{/* Get the first cert name defined by containers w/ the same vhost */}}
{{ $certName := (first (groupByKeys $containers "Env.CERT_NAME")) }}
{{ $clientCAName := (first (groupByKeys $containers "Env.CLIENT_CA_NAME")) }}
{{ $locationOptions := (split (trimSuffix "]" (trimPrefix "[" (first (groupByKeys $containers "Env.SSL_LOCATION_OPTIONS")))) ",") }}
{{/* Get the first SSL_VERIFY_CLIENT defined by containers w/ the same vhost */}}
{{ $sslVerifyClient := (first (groupByKeys $containers "Env.SSL_VERIFY_CLIENT")) }}
@ -107,14 +110,14 @@ server {
{{ if $sslVerifyClient }}
ssl_verify_client {{ (printf "%s" $sslVerifyClient) }};
ssl_client_certificate /etc/nginx/certs/{{ (printf "%s.cacert.pem" $cert) }};
ssl_client_certificate /etc/nginx/certs/{{ (printf "%s" $clientCAName) }};
{{ end }}
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
location / {
{{ if $sslVerifyClient }}
proxy_set_header Subject-Name $ssl_client_s_dn;
{{ range $option := $locationOptions }}
{{ (trimSuffix "'" (trimPrefix "'" (printf "%s" $option))) }};
{{ end }}
proxy_pass http://{{ $host }};
}
@ -125,7 +128,10 @@ server {
server_name {{ $host }};
location / {
proxy_pass http://{{ $host }};
{{ range $option := $locationOptions }}
{{ (trimSuffix "'" (trimPrefix "'" (printf "%s" $option))) }};
{{ end }}
proxy_pass http://{{ $host }};
}
}