diff --git a/build/common/nginx-default.conf.template b/build/common/nginx-default.conf.template index 82398514..c3d90614 100644 --- a/build/common/nginx-default.conf.template +++ b/build/common/nginx-default.conf.template @@ -43,9 +43,9 @@ server { proxy_set_header X-Forwarded-Proto $proxy_x_forwarded_proto; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; - proxy_set_header X-Frappe-Site-Name $host; proxy_set_header Origin $proxy_x_forwarded_proto://$http_host; - proxy_set_header Host $http_host; + proxy_set_header X-Frappe-Site-Name ${FRAPPE_SITE_NAME_HEADER}; + proxy_set_header Host ${HTTP_HOST}; proxy_pass http://socketio-server; } @@ -66,8 +66,8 @@ server { location @webserver { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $proxy_x_forwarded_proto; - proxy_set_header X-Frappe-Site-Name $host; - proxy_set_header Host $http_host; + proxy_set_header X-Frappe-Site-Name ${FRAPPE_SITE_NAME_HEADER}; + proxy_set_header Host ${HTTP_HOST}; proxy_set_header X-Use-X-Accel-Redirect True; proxy_read_timeout ${HTTP_TIMEOUT}; proxy_redirect off; diff --git a/build/frappe-nginx/docker-entrypoint.sh b/build/frappe-nginx/docker-entrypoint.sh index ff1eef8e..b478e738 100755 --- a/build/frappe-nginx/docker-entrypoint.sh +++ b/build/frappe-nginx/docker-entrypoint.sh @@ -45,15 +45,35 @@ if [[ -z "$UPSTREAM_REAL_IP_HEADER" ]]; then export UPSTREAM_REAL_IP_HEADER="X-Forwarded-For" fi -envsubst '${FRAPPE_PY} - ${FRAPPE_PY_PORT} - ${FRAPPE_SOCKETIO} - ${SOCKETIO_PORT} - ${HTTP_TIMEOUT} - ${UPSTREAM_REAL_IP_ADDRESS} - ${UPSTREAM_REAL_IP_RECURSIVE} - ${UPSTREAM_REAL_IP_HEADER}' \ - < /etc/nginx/conf.d/default.conf.template > /etc/nginx/conf.d/default.conf +if [[ -z "$FRAPPE_SITE_NAME_HEADER" ]]; then + export FRAPPE_SITE_NAME_HEADER="\$host" +fi + +if [[ -z "$HTTP_HOST" ]]; then + export HTTP_HOST="\$http_host" +fi + +if [[ -z "$SKIP_NGINX_TEMPLATE_GENERATION" ]]; then + export SKIP_NGINX_TEMPLATE_GENERATION=0 +fi + +if [[ $SKIP_NGINX_TEMPLATE_GENERATION -eq 1 ]] +then + echo "Skipping default NGINX template generation. Please mount your own NGINX config file inside /etc/nginx/conf.d" +else + echo "Generating default template" + envsubst '${FRAPPE_PY} + ${FRAPPE_PY_PORT} + ${FRAPPE_SOCKETIO} + ${SOCKETIO_PORT} + ${HTTP_TIMEOUT} + ${UPSTREAM_REAL_IP_ADDRESS} + ${UPSTREAM_REAL_IP_RECURSIVE} + ${FRAPPE_SITE_NAME_HEADER} + ${HTTP_HOST} + ${UPSTREAM_REAL_IP_HEADER}' \ + < /etc/nginx/conf.d/default.conf.template > /etc/nginx/conf.d/default.conf +fi echo "Waiting for frappe-python to be available on $FRAPPE_PY port $FRAPPE_PY_PORT" timeout 10 bash -c 'until printf "" 2>>/dev/null >>/dev/tcp/$0/$1; do sleep 1; done' $FRAPPE_PY $FRAPPE_PY_PORT diff --git a/docs/environment-variables.md b/docs/environment-variables.md index 09d5654b..b5ebb89d 100644 --- a/docs/environment-variables.md +++ b/docs/environment-variables.md @@ -24,6 +24,9 @@ These variables are set on every container start. Change in these variables will - `UPSTREAM_REAL_IP_ADDRESS `: The trusted address (or ip range) of upstream proxy servers. If set, this will tell nginx to trust the X-Forwarded-For header from these proxy servers in determining the real IP address of connecting clients. Default: 127.0.0.1 - `UPSTREAM_REAL_IP_RECURSIVE`: When set to `on`, this will tell nginx to not just look to the last upstream proxy server in determining the real IP address. Default: off - `UPSTREAM_REAL_IP_HEADER`: Set this to the header name sent by your upstream proxy server to indicate the real IP of connecting clients. Default: X-Forwarded-For +- `FRAPPE_SITE_NAME_HEADER`: NGINX `X-Frappe-Site-Name` header in the HTTP request which matches a site name. Default: `$host` +- `HTTP_HOST`: NGINX `Host` header in the HTTP request which matches a site name. Default: `$http_host` +- `SKIP_NGINX_TEMPLATE_GENERATION`: When set to `1`, this will not generate a default NGINX configuration. The config file must be mounted inside the container (`/etc/nginx/conf.d`) by the user in this case. Default: `0` ### frappe-socketio