From 23b40ffe0ced9466ef1b20b58462fab766465bab Mon Sep 17 00:00:00 2001 From: Mike Dillon Date: Sun, 26 Oct 2014 09:19:58 -0700 Subject: [PATCH 1/4] Support paths with VIRTUAL_PATH * Require `dict` and `sha1` function support in docker-gen --- nginx.tmpl | 41 +++++++++++++++++++++++++++++++++++++---- 1 file changed, 37 insertions(+), 4 deletions(-) diff --git a/nginx.tmpl b/nginx.tmpl index fdb319c4d..e20e1c9a0 100644 --- a/nginx.tmpl +++ b/nginx.tmpl @@ -37,10 +37,9 @@ server { return 503; } -{{ range $host, $containers := groupByMulti $ "Env.VIRTUAL_HOST" "," }} - -upstream {{ $host }} { -{{ range $container := $containers }} +{{ define "upstream" }} +upstream {{ .Host }}{{ .Suffix }} { +{{ range $index, $container := .Containers }} {{ $addrLen := len $container.Addresses }} {{/* If only 1 port exposed, use that */}} {{ if eq $addrLen 1 }} @@ -67,6 +66,20 @@ upstream {{ $host }} { {{ end }} {{ end }} } +{{ end }} + +{{ range $host, $containers := groupByMulti $ "Env.VIRTUAL_HOST" "," }} +{{ $paths := groupBy $containers "Env.VIRTUAL_PATH" }} +{{ $pathCount := len $paths }} +{{ if eq $pathCount 0 }} + {{ template "upstream" dict "Host" $host "Suffix" "" "Containers" $containers }} +{{ else }} + {{ range $path, $containers := $paths }} + {{ $sum := sha1 $path }} + {{ $suffix := printf "-%s" $sum }} + {{ template "upstream" dict "Host" $host "Suffix" $suffix "Containers" $containers }} + {{ end }} +{{ end }} {{/* Get the VIRTUAL_PROTO defined by containers w/ the same vhost, falling back to "http" */}} {{ $proto := or (first (groupByKeys $containers "Env.VIRTUAL_PROTO")) "http" }} @@ -111,6 +124,7 @@ server { include {{ printf "/etc/nginx/vhost.d/%s" $host }}; {{ end }} + {{ if eq $pathCount 0 }} location / { proxy_pass {{ $proto }}://{{ $host }}; {{ if (exists (printf "/etc/nginx/htpasswd/%s" $host)) }} @@ -118,6 +132,15 @@ server { auth_basic_user_file {{ (printf "/etc/nginx/htpasswd/%s" $host) }}; {{ end }} } + {{ else }} + {{ range $path, $containers := $paths }} + {{ $sum := sha1 $path }} + {{ $suffix := printf "-%s" $sum }} + location {{ $path }} { + proxy_pass http://{{ $host }}{{ $suffix }}; + } + {{ end }} + {{ end }} } {{ else }} @@ -128,6 +151,7 @@ server { include {{ printf "/etc/nginx/vhost.d/%s" $host }}; {{ end }} + {{ if eq $pathCount 0 }} location / { proxy_pass {{ $proto }}://{{ $host }}; {{ if (exists (printf "/etc/nginx/htpasswd/%s" $host)) }} @@ -135,6 +159,15 @@ server { auth_basic_user_file {{ (printf "/etc/nginx/htpasswd/%s" $host) }}; {{ end }} } + {{ else }} + {{ range $path, $containers := $paths }} + {{ $sum := sha1 $path }} + {{ $suffix := printf "-%s" $sum }} + location {{ $path }} { + proxy_pass http://{{ $host }}{{ $suffix }}; + } + {{ end }} + {{ end }} } {{ if (and (exists "/etc/nginx/certs/default.crt") (exists "/etc/nginx/certs/default.key")) }} From 0c94dc4254b466eddd49d3b7889e4d3070698f8f Mon Sep 17 00:00:00 2001 From: Mike Dillon Date: Tue, 25 Nov 2014 21:59:09 -0800 Subject: [PATCH 2/4] Remove unused $index variable --- nginx.tmpl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nginx.tmpl b/nginx.tmpl index e20e1c9a0..76f9d7a51 100644 --- a/nginx.tmpl +++ b/nginx.tmpl @@ -39,7 +39,7 @@ server { {{ define "upstream" }} upstream {{ .Host }}{{ .Suffix }} { -{{ range $index, $container := .Containers }} +{{ range $container := .Containers }} {{ $addrLen := len $container.Addresses }} {{/* If only 1 port exposed, use that */}} {{ if eq $addrLen 1 }} From 6f66d0b499f97fcba39c0123608760deceb7cdea Mon Sep 17 00:00:00 2001 From: Mike Dillon Date: Wed, 25 Feb 2015 22:58:15 -0800 Subject: [PATCH 3/4] Add htpasswd support to pathCount>1 case Currently uses the same htpasswd for all services behind a hostname, but it could be desirable to allow different htpasswd for different paths --- nginx.tmpl | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/nginx.tmpl b/nginx.tmpl index 76f9d7a51..406d1f88e 100644 --- a/nginx.tmpl +++ b/nginx.tmpl @@ -138,6 +138,10 @@ server { {{ $suffix := printf "-%s" $sum }} location {{ $path }} { proxy_pass http://{{ $host }}{{ $suffix }}; + {{ if (exists (printf "/etc/nginx/htpasswd/%s" $host)) }} + auth_basic "Restricted {{ $host }}"; + auth_basic_user_file {{ (printf "/etc/nginx/htpasswd/%s" $host) }}; + {{ end }} } {{ end }} {{ end }} @@ -165,6 +169,10 @@ server { {{ $suffix := printf "-%s" $sum }} location {{ $path }} { proxy_pass http://{{ $host }}{{ $suffix }}; + {{ if (exists (printf "/etc/nginx/htpasswd/%s" $host)) }} + auth_basic "Restricted {{ $host }}"; + auth_basic_user_file {{ (printf "/etc/nginx/htpasswd/%s" $host) }}; + {{ end }} } {{ end }} {{ end }} From 0c0780e652e0de5943d479c64685c9e99f4b9a0d Mon Sep 17 00:00:00 2001 From: Josh Swann Date: Thu, 26 Mar 2015 13:45:44 -0400 Subject: [PATCH 4/4] Added trailing / for Virtual_path's proxy_pass, otherwise a rewrite rule was required to redirect to root / --- nginx.tmpl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nginx.tmpl b/nginx.tmpl index 500e5bd9a..127f19e32 100644 --- a/nginx.tmpl +++ b/nginx.tmpl @@ -168,7 +168,7 @@ server { {{ $sum := sha1 $path }} {{ $suffix := printf "-%s" $sum }} location {{ $path }} { - proxy_pass http://{{ $host }}{{ $suffix }}; + proxy_pass http://{{ $host }}{{ $suffix }}/; {{ if (exists (printf "/etc/nginx/htpasswd/%s" $host)) }} auth_basic "Restricted {{ $host }}"; auth_basic_user_file {{ (printf "/etc/nginx/htpasswd/%s" $host) }};