Fabio/nginx-proxy-auto-docker
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge 8adc2eb146 into 1da623019f

Browse source
This commit is contained in:
Jernej Jakob 2025-01-25 11:48:18 +00:00 committed by GitHub
commit f31a0201f7
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 45 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

51
nginx.tmpl
View file

@ -281,6 +281,7 @@
{{- define "location" }} {{- define "location" }}
{{- $vpath := .VPath }} {{- $vpath := .VPath }}
{{- /* TODO: largest suffix match location_override (same as for include_file and htpasswd_file) */}}
{{- $override := printf "/etc/nginx/vhost.d/%s_%s_location_override" .Host (sha1 .Path) }} {{- $override := printf "/etc/nginx/vhost.d/%s_%s_location_override" .Host (sha1 .Path) }}
{{- if and (eq .Path "/") (not (exists $override)) }} {{- if and (eq .Path "/") (not (exists $override)) }}
{{- $override = printf "/etc/nginx/vhost.d/%s_location_override" .Host }} {{- $override = printf "/etc/nginx/vhost.d/%s_location_override" .Host }}
@ -323,14 +324,16 @@
set $upstream_keepalive {{ if ne $keepalive "disabled" }}true{{ else }}false{{ end }}; set $upstream_keepalive {{ if ne $keepalive "disabled" }}true{{ else }}false{{ end }};
{{- end }} {{- end }}
{{- /* TODO: largest suffix match for host_sha1path too? */}}
{{- if (exists (printf "/etc/nginx/htpasswd/%s_%s" .Host (sha1 .Path) )) }} {{- if (exists (printf "/etc/nginx/htpasswd/%s_%s" .Host (sha1 .Path) )) }}
auth_basic "Restricted {{ .Host }}{{ .Path }}"; auth_basic "Restricted {{ .Host }}{{ .Path }}";
auth_basic_user_file {{ (printf "/etc/nginx/htpasswd/%s_%s" .Host (sha1 .Path)) }}; auth_basic_user_file {{ (printf "/etc/nginx/htpasswd/%s_%s" .Host (sha1 .Path)) }};
{{- else if (exists (printf "/etc/nginx/htpasswd/%s" .Host)) }} {{- else if (ne .HtpasswdFile "") }}
auth_basic "Restricted {{ .HostIsRegexp | ternary "access" .Host }}"; auth_basic "Restricted {{ .HostIsRegexp | ternary "access" .Host }}";
auth_basic_user_file {{ (printf "/etc/nginx/htpasswd/%s" .Host) }}; auth_basic_user_file {{ .HtpasswdFile }};
{{- end }} {{- end }}
{{- /* TODO: largest suffix match location_override (same as for include_file and htpasswd_file) */}}
{{- if (exists (printf "/etc/nginx/vhost.d/%s_%s_location" .Host (sha1 .Path) )) }} {{- if (exists (printf "/etc/nginx/vhost.d/%s_%s_location" .Host (sha1 .Path) )) }}
include {{ printf "/etc/nginx/vhost.d/%s_%s_location" .Host (sha1 .Path) }}; include {{ printf "/etc/nginx/vhost.d/%s_%s_location" .Host (sha1 .Path) }};
{{- else if (exists (printf "/etc/nginx/vhost.d/%s_location" .Host)) }} {{- else if (exists (printf "/etc/nginx/vhost.d/%s_location" .Host)) }}
@ -761,6 +764,36 @@ proxy_set_header Proxy "";
{{- /* Get the VIRTUAL_ROOT By containers w/ use fastcgi root */}} {{- /* Get the VIRTUAL_ROOT By containers w/ use fastcgi root */}}
{{- $vhost_root := groupByKeys $vhost_containers "Env.VIRTUAL_ROOT" | first | default "/var/www/public" }} {{- $vhost_root := groupByKeys $vhost_containers "Env.VIRTUAL_ROOT" | first | default "/var/www/public" }}
{{- /* Get the best matching vhost.d include file */}}
{{- $include_file := "" }}
{{- range (dir "/etc/nginx/vhost.d") }}
{{- if (and (hasSuffix . $hostname) (gt (len .) (len $include_file))) }}
{{- $include_file = . }}
{{- end }}
{{- end }}
{{- $include_file = when (ne $include_file "") (print "/etc/nginx/vhost.d/" $include_file) "" }}
{{- $include_file = when (exists $include_file) $include_file "" }}
{{- /* Get the best matching vhost.d location include file */}}
{{- $location_file := "" }}
{{- range (dir "/etc/nginx/vhost.d") }}
{{- if (and (hasSuffix . (print $hostname "_location")) (gt (len .) (len $location_file))) }}
{{- $location_file = . }}
{{- end }}
{{- end }}
{{- $location_file = when (ne $location_file "") (print "/etc/nginx/vhost.d/" $location_file) "" }}
{{- $location_file = when (exists $location_file) $location_file "" }}
{{- /* Get the best matching htpasswd file */}}
{{- $htpasswd_file := "" }}
{{- range (dir "/etc/nginx/htpasswd") }}
{{- if (and (hasSuffix . $hostname) (gt (len .) (len $htpasswd_file))) }}
{{- $htpasswd_file = . }}
{{- end }}
{{- end }}
{{- $htpasswd_file = when (ne $htpasswd_file "") (print "/etc/nginx/htpasswd/" $htpasswd_file) "" }}
{{- $htpasswd_file = when (exists $htpasswd_file) $htpasswd_file "" }}
{{- $vhost_data = merge $vhost_data (dict {{- $vhost_data = merge $vhost_data (dict
"cert" $cert "cert" $cert
"cert_ok" $cert_ok "cert_ok" $cert_ok
@ -779,6 +812,9 @@ proxy_set_header Proxy "";
"trust_default_cert" $trust_default_cert "trust_default_cert" $trust_default_cert
"upstream_name" $upstream_name "upstream_name" $upstream_name
"vhost_root" $vhost_root "vhost_root" $vhost_root
"include_file" $include_file
"location_file" $location_file
"htpasswd_file" $htpasswd_file
) }} ) }}
{{- $_ := set $globals.vhosts $hostname $vhost_data }} {{- $_ := set $globals.vhosts $hostname $vhost_data }}
{{- end }} {{- end }}
@ -923,6 +959,7 @@ server {
server { server {
{{- if $vhost.is_regexp }} {{- if $vhost.is_regexp }}
{{- /* TODO: largest suffix match? what does this if-block even do? */}}
{{- if or {{- if or
(printf "/etc/nginx/vhost.d/%s" $hostname | exists) (printf "/etc/nginx/vhost.d/%s" $hostname | exists)
(printf "/etc/nginx/vhost.d/%s_location" $hostname | exists) (printf "/etc/nginx/vhost.d/%s_location" $hostname | exists)
@ -1014,10 +1051,10 @@ server {
{{- end }} {{- end }}
{{- end }} {{- end }}
{{- $vhostFileName := $vhost.is_regexp | ternary (sha1 $hostname) $hostname }} {{- $vhostFileName := $vhost.is_regexp | ternary (print "/etc/nginx/vhost.d/" (sha1 $hostname)) $vhost.include_file }}
{{- if (exists (printf "/etc/nginx/vhost.d/%s" $vhostFileName)) }} {{- if (ne $vhostFileName "") }}
include {{ printf "/etc/nginx/vhost.d/%s" $vhostFileName }}; include {{ $vhostFileName }};
{{- else if (exists "/etc/nginx/vhost.d/default") }} {{- else if (exists "/etc/nginx/vhost.d/default") }}
include /etc/nginx/vhost.d/default; include /etc/nginx/vhost.d/default;
{{- end }} {{- end }}
@ -1029,10 +1066,12 @@ server {
{{- range $path, $vpath := $vhost.paths }} {{- range $path, $vpath := $vhost.paths }}
{{- template "location" (dict {{- template "location" (dict
"Path" $path "Path" $path
"Host" $vhostFileName "Host" ($vhost.is_regexp | ternary (sha1 $hostname) $hostname)
"HostIsRegexp" $vhost.is_regexp "HostIsRegexp" $vhost.is_regexp
"VhostRoot" $vhost.vhost_root "VhostRoot" $vhost.vhost_root
"VPath" $vpath "VPath" $vpath
"LocationFile" $vhost.location_file
"HtpasswdFile" $vhost.htpasswd_file
) }} ) }}
{{- end }} {{- end }}