Fabio/nginx-proxy-auto-docker
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Creating index.html with a list of URLs to published containers

Browse source
This commit is contained in:
Anielkis Herrera 2018-12-27 16:38:03 -05:00
parent c33dedf10b
commit ff3916ab41
4 changed files with 96 additions and 21 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
Procfile
View file

@ -1,2 +1,3 @@
dockergen: docker-gen -watch -notify "nginx -s reload" /app/nginx.tmpl /etc/nginx/conf.d/default.conf dockergen: docker-gen -watch -notify "nginx -s reload" /app/nginx.tmpl /etc/nginx/conf.d/default.conf
dockergen2: docker-gen -watch /app/index.tmpl /usr/share/nginx/html/index.html
nginx: nginx nginx: nginx

78
README.md
View file

@ -48,15 +48,53 @@ services:
- "80:80" - "80:80"
volumes: volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro - /var/run/docker.sock:/tmp/docker.sock:ro
networks:
- webproxy
whoami: networks:
image: jwilder/whoami webproxy:
environment:
- VIRTUAL_HOST=whoami.local
``` ```
```shell ```shell
$ docker-compose up $ docker-compose up
```
Deploy a service
```yaml
version: '2'
services:
whoami:
image: jwilder/whoami
environment:
- VIRTUAL_HOST=whoami.local
networks:
- nginx-proxy_webproxy
networks:
nginx-proxy_webproxy:
external: true
```
```shell
$ docker-compose up
$ curl localhost
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<title>List</title>
</head>
<body>
<ul>
<li>
<a target="_blank" href="http://whoami.local">whoami.local</a>
</li>
</ul>
</body>
</html>
$ curl -H "Host: whoami.local" localhost $ curl -H "Host: whoami.local" localhost
I'm 5b129ab83266 I'm 5b129ab83266
``` ```
@ -128,11 +166,11 @@ backend container. Your backend container should then listen on a port rather
than a socket and expose that port. than a socket and expose that port.
### FastCGI Backends ### FastCGI Backends
If you would like to connect to FastCGI backend, set `VIRTUAL_PROTO=fastcgi` on the If you would like to connect to FastCGI backend, set `VIRTUAL_PROTO=fastcgi` on the
backend container. Your backend container should then listen on a port rather backend container. Your backend container should then listen on a port rather
than a socket and expose that port. than a socket and expose that port.
### FastCGI Filr Root Directory ### FastCGI Filr Root Directory
If you use fastcgi,you can set `VIRTUAL_ROOT=xxx` for your root directory If you use fastcgi,you can set `VIRTUAL_ROOT=xxx` for your root directory
@ -181,7 +219,7 @@ Finally, start your containers with `VIRTUAL_HOST` environment variables.
$ docker run -e VIRTUAL_HOST=foo.bar.com ... $ docker run -e VIRTUAL_HOST=foo.bar.com ...
### SSL Support using letsencrypt ### SSL Support using letsencrypt
[letsencrypt-nginx-proxy-companion](https://github.com/JrCs/docker-letsencrypt-nginx-proxy-companion) is a lightweight companion container for the nginx-proxy. It allow the creation/renewal of Let's Encrypt certificates automatically. [letsencrypt-nginx-proxy-companion](https://github.com/JrCs/docker-letsencrypt-nginx-proxy-companion) is a lightweight companion container for the nginx-proxy. It allow the creation/renewal of Let's Encrypt certificates automatically.
### SSL Support ### SSL Support
@ -214,7 +252,7 @@ at startup. Since it can take minutes to generate a new `dhparam.pem`, it is do
background. Once generation is complete, the `dhparam.pem` is saved on a persistent volume and nginx background. Once generation is complete, the `dhparam.pem` is saved on a persistent volume and nginx
is reloaded. This generation process only occurs the first time you start `nginx-proxy`. is reloaded. This generation process only occurs the first time you start `nginx-proxy`.
> COMPATIBILITY WARNING: The default generated `dhparam.pem` key is 2048 bits for A+ security. Some > COMPATIBILITY WARNING: The default generated `dhparam.pem` key is 2048 bits for A+ security. Some
> older clients (like Java 6 and 7) do not support DH keys with over 1024 bits. In order to support these > older clients (like Java 6 and 7) do not support DH keys with over 1024 bits. In order to support these
> clients, you must either provide your own `dhparam.pem`, or tell `nginx-proxy` to generate a 1024-bit > clients, you must either provide your own `dhparam.pem`, or tell `nginx-proxy` to generate a 1024-bit
> key on startup by passing `-e DHPARAM_BITS=1024`. > key on startup by passing `-e DHPARAM_BITS=1024`.
@ -282,19 +320,19 @@ a 500.
To serve traffic in both SSL and non-SSL modes without redirecting to SSL, you can include the To serve traffic in both SSL and non-SSL modes without redirecting to SSL, you can include the
environment variable `HTTPS_METHOD=noredirect` (the default is `HTTPS_METHOD=redirect`). You can also environment variable `HTTPS_METHOD=noredirect` (the default is `HTTPS_METHOD=redirect`). You can also
disable the non-SSL site entirely with `HTTPS_METHOD=nohttp`, or disable the HTTPS site with disable the non-SSL site entirely with `HTTPS_METHOD=nohttp`, or disable the HTTPS site with
`HTTPS_METHOD=nohttps`. `HTTPS_METHOD` must be specified on each container for which you want to `HTTPS_METHOD=nohttps`. `HTTPS_METHOD` must be specified on each container for which you want to
override the default behavior. If `HTTPS_METHOD=noredirect` is used, Strict Transport Security (HSTS) override the default behavior. If `HTTPS_METHOD=noredirect` is used, Strict Transport Security (HSTS)
is disabled to prevent HTTPS users from being redirected by the client. If you cannot get to the HTTP is disabled to prevent HTTPS users from being redirected by the client. If you cannot get to the HTTP
site after changing this setting, your browser has probably cached the HSTS policy and is automatically site after changing this setting, your browser has probably cached the HSTS policy and is automatically
redirecting you back to HTTPS. You will need to clear your browser's HSTS cache or use an incognito redirecting you back to HTTPS. You will need to clear your browser's HSTS cache or use an incognito
window / different browser. window / different browser.
By default, [HTTP Strict Transport Security (HSTS)](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security) By default, [HTTP Strict Transport Security (HSTS)](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security)
is enabled with `max-age=31536000` for HTTPS sites. You can disable HSTS with the environment variable is enabled with `max-age=31536000` for HTTPS sites. You can disable HSTS with the environment variable
`HSTS=off` or use a custom HSTS configuration like `HSTS=max-age=31536000; includeSubDomains; preload`. `HSTS=off` or use a custom HSTS configuration like `HSTS=max-age=31536000; includeSubDomains; preload`.
*WARNING*: HSTS will force your users to visit the HTTPS version of your site for the `max-age` time - *WARNING*: HSTS will force your users to visit the HTTPS version of your site for the `max-age` time -
even if they type in `http://` manually. The only way to get to an HTTP site after receiving an HSTS even if they type in `http://` manually. The only way to get to an HTTP site after receiving an HSTS
response is to clear your browser's HSTS cache. response is to clear your browser's HSTS cache.
### Basic Authentication Support ### Basic Authentication Support
@ -410,7 +448,7 @@ Before submitting pull requests or issues, please check github to make sure an e
To run tests, you need to prepare the docker image to test which must be tagged `jwilder/nginx-proxy:test`: To run tests, you need to prepare the docker image to test which must be tagged `jwilder/nginx-proxy:test`:
docker build -t jwilder/nginx-proxy:test . # build the Debian variant image docker build -t jwilder/nginx-proxy:test . # build the Debian variant image
and call the [test/pytest.sh](test/pytest.sh) script. and call the [test/pytest.sh](test/pytest.sh) script.
Then build the Alpine variant of the image: Then build the Alpine variant of the image:
@ -423,7 +461,7 @@ and call the [test/pytest.sh](test/pytest.sh) script again.
If your system has the `make` command, you can automate those tasks by calling: If your system has the `make` command, you can automate those tasks by calling:
make test make test
You can learn more about how the test suite works and how to write new tests in the [test/README.md](test/README.md) file. You can learn more about how the test suite works and how to write new tests in the [test/README.md](test/README.md) file.

24
index.tmpl Normal file
View file

@ -0,0 +1,24 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<title>List</title>
</head>
<body>
<ul>
{{ range $host, $containers := groupByMulti $ "Env.VIRTUAL_HOST" "," }}
{{ $host := trim $host }}
{{ $is_regexp := hasPrefix "~" $host }}
{{ $upstream_name := when $is_regexp (sha1 $host) $host }}
<li>
<a target="_blank" href="http://{{ $host }}">{{ $host }}</a>
</li>{{ end }}
</ul>
</body>
</html>

14
nginx.tmpl
View file

@ -19,7 +19,7 @@
server 127.0.0.1 down; server 127.0.0.1 down;
{{ end }} {{ end }}
{{ end }} {{ end }}
{{ end }} {{ end }}
# If we receive X-Forwarded-Proto, pass it through; otherwise, pass along the # If we receive X-Forwarded-Proto, pass it through; otherwise, pass along the
@ -115,6 +115,18 @@ server {
} }
{{ end }} {{ end }}
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
root /usr/share/nginx/html;
index index.html;
location / {
try_files $uri $uri/ =404;
}
}
{{ range $host, $containers := groupByMulti $ "Env.VIRTUAL_HOST" "," }} {{ range $host, $containers := groupByMulti $ "Env.VIRTUAL_HOST" "," }}
{{ $host := trim $host }} {{ $host := trim $host }}