fossilfranv/nginx-proxy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

nginx.tmpl: use closest vhost.d and htpasswd files (#1309)

Browse Source 
This changes the logic for finding a matching file to the same one used
by certificates. This allows wildcard host names to find a matching
config file.

The container prints "Template error: open /etc/nginx/htpasswd: no such
file or directory" if /etc/nginx/htpasswd doesn't exist, but this
doesn't impact functionality. A fix would be to make sure that directory
is always created.
This commit is contained in:
Jernej Jakob 2021-02-09 23:09:32 +01:00
parent c8a6785898
commit 01dfb5bd32
1 changed files with 25 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
nginx.tmpl
View File

@ -241,6 +241,18 @@ upstream {{ $upstream_name }} {
{{ $is_https := (and (ne $https_method "nohttps") (ne $cert "") (exists (printf "/etc/nginx/certs/%s.crt" $cert)) (exists (printf "/etc/nginx/certs/%s.key" $cert))) }}
{{/* Get the best matching vhost.d include file */}}
{{ $vhostFile := closest (dir "/etc/nginx/vhost.d") ($host) }}
{{ $vhostFile := when (ne $vhostFile "") (print "/etc/nginx/vhost.d/" $vhostFile) "" }}
{{/* Get the best matching vhost.d location include file */}}
{{ $vhostLocationFile := closest (dir "/etc/nginx/vhost.d") (print $host "_location") }}
{{ $vhostLocationFile := when (ne $vhostLocationFile "") (print "/etc/nginx/vhost.d/" $vhostLocationFile) "" }}
{{/* Get the best matching htpasswd file */}}
{{ $htpasswdFile := closest (dir "/etc/nginx/htpasswd") $host }}
{{ $htpasswdFile := when (ne $htpasswdFile "") (print "/etc/nginx/htpasswd/" $htpasswdFile) "" }}
{{ if $is_https }}
{{ if eq $https_method "redirect" }}
@ -303,8 +315,8 @@ server {
add_header Strict-Transport-Security "{{ trim $hsts }}" always;
{{ end }}
{{ if (exists (printf "/etc/nginx/vhost.d/%s" $host)) }}
include {{ printf "/etc/nginx/vhost.d/%s" $host }};
{{ if (and (not (hasSuffix "_location" $vhostFile)) (exists $vhostFile)) }}
include {{ $vhostFile }};
{{ else if (exists "/etc/nginx/vhost.d/default") }}
include /etc/nginx/vhost.d/default;
{{ end }}
@ -323,12 +335,12 @@ server {
proxy_pass {{ trim $proto }}://{{ trim $upstream_name }};
{{ end }}
{{ if (exists (printf "/etc/nginx/htpasswd/%s" $host)) }}
{{ if exists $htpasswdFile }}
auth_basic "Restricted {{ $host }}";
auth_basic_user_file {{ (printf "/etc/nginx/htpasswd/%s" $host) }};
auth_basic_user_file {{ $htpasswdFile }};
{{ end }}
{{ if (exists (printf "/etc/nginx/vhost.d/%s_location" $host)) }}
include {{ printf "/etc/nginx/vhost.d/%s_location" $host}};
{{ if (and (hasSuffix "_location" $vhostLocationFile) (exists $vhostLocationFile)) }}
include {{ $vhostLocationFile }};
{{ else if (exists "/etc/nginx/vhost.d/default_location") }}
include /etc/nginx/vhost.d/default_location;
{{ end }}
@ -352,8 +364,8 @@ server {
include /etc/nginx/network_internal.conf;
{{ end }}
{{ if (exists (printf "/etc/nginx/vhost.d/%s" $host)) }}
include {{ printf "/etc/nginx/vhost.d/%s" $host }};
{{ if (and (not (hasSuffix "_location" $vhostFile)) (exists $vhostFile)) }}
include {{ $vhostFile }};
{{ else if (exists "/etc/nginx/vhost.d/default") }}
include /etc/nginx/vhost.d/default;
{{ end }}
@ -371,12 +383,13 @@ server {
{{ else }}
proxy_pass {{ trim $proto }}://{{ trim $upstream_name }};
{{ end }}
{{ if (exists (printf "/etc/nginx/htpasswd/%s" $host)) }}
{{ if exists $htpasswdFile }}
auth_basic "Restricted {{ $host }}";
auth_basic_user_file {{ (printf "/etc/nginx/htpasswd/%s" $host) }};
auth_basic_user_file {{ $htpasswdFile }};
{{ end }}
{{ if (exists (printf "/etc/nginx/vhost.d/%s_location" $host)) }}
include {{ printf "/etc/nginx/vhost.d/%s_location" $host}};
{{ if (and (hasSuffix "_location" $vhostLocationFile) (exists $vhostLocationFile)) }}
include {{ $vhostLocationFile }};
{{ else if (exists "/etc/nginx/vhost.d/default_location") }}
include /etc/nginx/vhost.d/default_location;
{{ end }}