Commit ecd79e89 authored by jackie / Andrea Ida Malkah Klaura's avatar jackie / Andrea Ida Malkah Klaura
Browse files

~ adapt webserver init for dev mode

parent c7696cd8
server {
listen 80;
server_name sample.example.com;
location / {
root /usr/share/nginx/html;
index index.html;
}
location /openid/ {
proxy_pass http://steering:8000/openid/;
proxy_redirect $scheme://$host/oidc_callback.html /oidc_callback.html;
proxy_redirect ~^/?(.*)$ $scheme://$host:$server_port/steering/$1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Port $server_port;
}
location /steering/ {
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Port $server_port;
proxy_pass http://steering:8000/;
proxy_redirect $scheme://$host/ /;
proxy_redirect ~^/?(.*)$ $scheme://$host:$server_port/steering/$1;
sub_filter 'href="/' 'href="/steering/';
sub_filter 'src="/' 'src="/steering/';
sub_filter 'action="/' 'action="/steering/';
sub_filter_once off;
}
location /tank/ {
proxy_buffering off;
proxy_ignore_headers "X-Accel-Buffering";
proxy_request_buffering off;
proxy_http_version 1.1;
proxy_pass http://tank:8040/;
}
}
init_webserver () {
echo "Starting initial web container to obtain Let's Encrypt cert"
cp container-config/nginx.initial-sample.conf container-config/nginx.conf
sed -i "s/sample\\.example\\.com/$AURA_DOMAIN/" container-config/nginx.conf
docker-compose up -d aura-web
# TODO: check whether we already have a valid cert
docker exec aura-web certbot certonly --webroot -w /usr/share/nginx/html -d "$AURA_DOMAIN" -m "$USERMAIL" --agree-tos --non-interactive
docker-compose stop aura-web
echo "Creating final TLS enabled nginx conf"
cp container-config/nginx.full-sample.conf container-config/nginx.conf
# only in defined modes like "dev" we don't use TLS
if [ "$MODE" = "dev" ]; then
cp container-config/nginx.dev-sample.conf container-config/nginx.conf
# in all other cases we want to be on the safe side and enable TLS
else
echo "Starting initial web container to obtain Let's Encrypt cert"
cp container-config/nginx.initial-sample.conf container-config/nginx.conf
sed -i "s/sample\\.example\\.com/$AURA_DOMAIN/" container-config/nginx.conf
docker-compose up -d aura-web
# TODO: check whether we already have a valid cert
docker exec aura-web certbot certonly --webroot -w /usr/share/nginx/html -d "$AURA_DOMAIN" -m "$USERMAIL" --agree-tos --non-interactive
docker-compose stop aura-web
echo "Creating final TLS enabled nginx conf"
cp container-config/nginx.full-sample.conf container-config/nginx.conf
fi
sed -i "s/sample\\.example\\.com/$AURA_DOMAIN/" container-config/nginx.conf
}
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment