public
/
docker-service-nginx
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

Add support for specifying the default vhost. 

Nginx lacks a strict-sni option like haproxy, so allow specifying
the default container to receive random traffic not matched by
other hosts.
pull/4/head
Chris Smith 6 years ago
parent
97afd26f74
commit
855f8dfe98
Signed by: Chris Smith <chris@chameth.com> GPG Key ID: 3A2D4BBDC4A3C9A9
4 changed files with 8 additions and 4 deletions
Split View Show Diff Stats
  1. 1
    1
      Dockerfile
  2. 2
    0
      README.md
  3. 3
    1
      generate.py
  4. 2
    2
      nginx.tpl

+ 1
- 1
Dockerfile View File 

@@ -1,5 +1,5 @@
1 1 
 FROM csmith/service-reporter-lib:latest
2 
-MAINTAINER Chris Smith <chris87@gmail.com>
2 
+MAINTAINER Chris Smith <dke@chameth.com>
3 3
4 4 
 RUN \
5 5 
   pip install \

+ 2
- 0
README.md View File 

@@ -19,6 +19,8 @@ are understood:
19 19
20 20 
 * `com.chameth.proxy=<port>` -- specifies the port on the container that the
21 21 
   proxy should connect to
22 
+* `com.chameth.proxy.default` -- identifies the container that will receive
23 
+  traffic if no others match
22 24 
 * `com.chameth.proxy.protocol=<protocol>` -- the protocol to use when
23 25 
   connecting to the container. Optional, defaults to HTTP.
24 26 
 * `com.chameth.vhost=<host>` -- the virtual host that the proxy will accept

+ 3
- 1
generate.py View File 

@@ -23,6 +23,7 @@ while True:
23 23 
   services = []
24 24 
   domains = {k: v.split(',') for k, v in fetcher.get_label('com.chameth.vhost').items()}
25 25 
   protocols = fetcher.get_label('com.chameth.proxy.protocol')
26 
+  defaults = fetcher.get_label('com.chameth.proxy.default')
26 27 
   for container, values in fetcher.get_label('com.chameth.proxy').items():
27 28 
     networks = fetcher.get_networks(container)
28 29 
     services.append({
 
@@ -32,7 +33,8 @@ while True:
32 33 
       'port': values,
33 34 
       'certificate': args.cert_path % domains[container][0],
34 35 
       'trusted_certificate': args.trusted_cert_path % domains[container][0],
35 
-      'certificate_key': args.cert_key_path % domains[container][0]
36 
+      'certificate_key': args.cert_key_path % domains[container][0],
37 
+      'default': container in defaults,
36 38 
     })
37 39
38 40 
   with open('/nginx-config/vhosts.conf', 'w') as f:

+ 2
- 2
nginx.tpl View File 

@@ -1,8 +1,8 @@
1 1 
 {% for service in services %}
2 2 
 server {
3 3 
     server_name {{ ' '.join(service.vhosts) }};
4 
-    listen [::]:443 ssl http2;
5 
-    listen 443 ssl http2;
4 
+    listen [::]:443{{ ' default_server' if default }} ssl http2;
5 
+    listen 443{{ ' default_server' if default }} ssl http2;
6 6
7 7 
     ssl_certificate {{ service.certificate }};
8 8 
     ssl_trusted_certificate {{ service.trusted_certificate }};

Write Preview
Loading…
Cancel
Save