From c2ea3feae4a1039e65d4c841c1431d2387759e44 Mon Sep 17 00:00:00 2001 From: Karan Sharma Date: Fri, 26 Mar 2021 13:26:55 +0530 Subject: [PATCH 1/2] feat: Add Site name and Host as env variables for NGINX config template --- build/common/nginx-default.conf.template | 8 ++++---- build/frappe-nginx/docker-entrypoint.sh | 11 +++++++++++ docs/environment-variables.md | 2 ++ 3 files changed, 17 insertions(+), 4 deletions(-) diff --git a/build/common/nginx-default.conf.template b/build/common/nginx-default.conf.template index 82398514..c3d90614 100644 --- a/build/common/nginx-default.conf.template +++ b/build/common/nginx-default.conf.template @@ -43,9 +43,9 @@ server { proxy_set_header X-Forwarded-Proto $proxy_x_forwarded_proto; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; - proxy_set_header X-Frappe-Site-Name $host; proxy_set_header Origin $proxy_x_forwarded_proto://$http_host; - proxy_set_header Host $http_host; + proxy_set_header X-Frappe-Site-Name ${FRAPPE_SITE_NAME_HEADER}; + proxy_set_header Host ${HTTP_HOST}; proxy_pass http://socketio-server; } @@ -66,8 +66,8 @@ server { location @webserver { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $proxy_x_forwarded_proto; - proxy_set_header X-Frappe-Site-Name $host; - proxy_set_header Host $http_host; + proxy_set_header X-Frappe-Site-Name ${FRAPPE_SITE_NAME_HEADER}; + proxy_set_header Host ${HTTP_HOST}; proxy_set_header X-Use-X-Accel-Redirect True; proxy_read_timeout ${HTTP_TIMEOUT}; proxy_redirect off; diff --git a/build/frappe-nginx/docker-entrypoint.sh b/build/frappe-nginx/docker-entrypoint.sh index ff1eef8e..eb0e337f 100755 --- a/build/frappe-nginx/docker-entrypoint.sh +++ b/build/frappe-nginx/docker-entrypoint.sh @@ -45,6 +45,15 @@ if [[ -z "$UPSTREAM_REAL_IP_HEADER" ]]; then export UPSTREAM_REAL_IP_HEADER="X-Forwarded-For" fi +if [[ -z "$FRAPPE_SITE_NAME_HEADER" ]]; then + export FRAPPE_SITE_NAME_HEADER="\$host" +fi + +if [[ -z "$HTTP_HOST" ]]; then + export HTTP_HOST="\$http_host" +fi + + envsubst '${FRAPPE_PY} ${FRAPPE_PY_PORT} ${FRAPPE_SOCKETIO} @@ -52,6 +61,8 @@ envsubst '${FRAPPE_PY} ${HTTP_TIMEOUT} ${UPSTREAM_REAL_IP_ADDRESS} ${UPSTREAM_REAL_IP_RECURSIVE} + ${FRAPPE_SITE_NAME_HEADER} + ${HTTP_HOST} ${UPSTREAM_REAL_IP_HEADER}' \ < /etc/nginx/conf.d/default.conf.template > /etc/nginx/conf.d/default.conf diff --git a/docs/environment-variables.md b/docs/environment-variables.md index 09d5654b..01f24a5e 100644 --- a/docs/environment-variables.md +++ b/docs/environment-variables.md @@ -24,6 +24,8 @@ These variables are set on every container start. Change in these variables will - `UPSTREAM_REAL_IP_ADDRESS `: The trusted address (or ip range) of upstream proxy servers. If set, this will tell nginx to trust the X-Forwarded-For header from these proxy servers in determining the real IP address of connecting clients. Default: 127.0.0.1 - `UPSTREAM_REAL_IP_RECURSIVE`: When set to `on`, this will tell nginx to not just look to the last upstream proxy server in determining the real IP address. Default: off - `UPSTREAM_REAL_IP_HEADER`: Set this to the header name sent by your upstream proxy server to indicate the real IP of connecting clients. Default: X-Forwarded-For +- `FRAPPE_SITE_NAME_HEADER`: NGINX `X-Frappe-Site-Name` header in the HTTP request which matches a site name. Default: `$host` +- `HTTP_HOST`: NGINX `Host` header in the HTTP request which matches a site name. Default: `$http_host` ### frappe-socketio From 147c6b3a97add7d499f2fd11736775b636e595b8 Mon Sep 17 00:00:00 2001 From: Karan Sharma Date: Fri, 26 Mar 2021 19:18:46 +0530 Subject: [PATCH 2/2] feat: Add a flag to skip generating default NGINX config --- build/frappe-nginx/docker-entrypoint.sh | 31 ++++++++++++++++--------- docs/environment-variables.md | 1 + 2 files changed, 21 insertions(+), 11 deletions(-) diff --git a/build/frappe-nginx/docker-entrypoint.sh b/build/frappe-nginx/docker-entrypoint.sh index eb0e337f..b478e738 100755 --- a/build/frappe-nginx/docker-entrypoint.sh +++ b/build/frappe-nginx/docker-entrypoint.sh @@ -53,18 +53,27 @@ if [[ -z "$HTTP_HOST" ]]; then export HTTP_HOST="\$http_host" fi +if [[ -z "$SKIP_NGINX_TEMPLATE_GENERATION" ]]; then + export SKIP_NGINX_TEMPLATE_GENERATION=0 +fi -envsubst '${FRAPPE_PY} - ${FRAPPE_PY_PORT} - ${FRAPPE_SOCKETIO} - ${SOCKETIO_PORT} - ${HTTP_TIMEOUT} - ${UPSTREAM_REAL_IP_ADDRESS} - ${UPSTREAM_REAL_IP_RECURSIVE} - ${FRAPPE_SITE_NAME_HEADER} - ${HTTP_HOST} - ${UPSTREAM_REAL_IP_HEADER}' \ - < /etc/nginx/conf.d/default.conf.template > /etc/nginx/conf.d/default.conf +if [[ $SKIP_NGINX_TEMPLATE_GENERATION -eq 1 ]] +then + echo "Skipping default NGINX template generation. Please mount your own NGINX config file inside /etc/nginx/conf.d" +else + echo "Generating default template" + envsubst '${FRAPPE_PY} + ${FRAPPE_PY_PORT} + ${FRAPPE_SOCKETIO} + ${SOCKETIO_PORT} + ${HTTP_TIMEOUT} + ${UPSTREAM_REAL_IP_ADDRESS} + ${UPSTREAM_REAL_IP_RECURSIVE} + ${FRAPPE_SITE_NAME_HEADER} + ${HTTP_HOST} + ${UPSTREAM_REAL_IP_HEADER}' \ + < /etc/nginx/conf.d/default.conf.template > /etc/nginx/conf.d/default.conf +fi echo "Waiting for frappe-python to be available on $FRAPPE_PY port $FRAPPE_PY_PORT" timeout 10 bash -c 'until printf "" 2>>/dev/null >>/dev/tcp/$0/$1; do sleep 1; done' $FRAPPE_PY $FRAPPE_PY_PORT diff --git a/docs/environment-variables.md b/docs/environment-variables.md index 01f24a5e..b5ebb89d 100644 --- a/docs/environment-variables.md +++ b/docs/environment-variables.md @@ -26,6 +26,7 @@ These variables are set on every container start. Change in these variables will - `UPSTREAM_REAL_IP_HEADER`: Set this to the header name sent by your upstream proxy server to indicate the real IP of connecting clients. Default: X-Forwarded-For - `FRAPPE_SITE_NAME_HEADER`: NGINX `X-Frappe-Site-Name` header in the HTTP request which matches a site name. Default: `$host` - `HTTP_HOST`: NGINX `Host` header in the HTTP request which matches a site name. Default: `$http_host` +- `SKIP_NGINX_TEMPLATE_GENERATION`: When set to `1`, this will not generate a default NGINX configuration. The config file must be mounted inside the container (`/etc/nginx/conf.d`) by the user in this case. Default: `0` ### frappe-socketio