Mirrors/dokku
1
0
Fork 0
mirror of https://github.com/dokku/dokku.git synced 2025-12-16 12:07:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
f8ccf5207930cda3368471f589d94795f6e38929
dokku/plugins/nginx-vhosts/functions
Jose Diaz-Gonzalez f8ccf52079 refactor: only use detected port mapping if override is not specified 
Previously, we would always set the port mapping during a dockerfile build, making it difficult for users to override mappings. We also only _sometimes_ updated the detected port mapping, further confusing issues when users were migrating from Dockerfile to Buildpacks for builds.

Now, we always detect the port mapping during the build process, and only use that detected port mapping if an override is not specified. This greatly simplifies the experience around port mapping, as now a user can create an app, set a port mapping, and that first deploy will respect the port mapping without an additional deploy.

The builder always has the best context for what the app should be listening on, and thus we can always specify a "default" port mapping at this stage. Users can override this map as desired later.

This change also results in the removal of a ton of internal code that is now centralized in the ports plugin.

Closes #4067
2023-08-05 10:58:57 -04:00

548 lines
20 KiB
Bash
Executable File
Raw Blame History

#!/usr/bin/env bash
set -eo pipefail
[[ $DOKKU_TRACE ]] && set -x
source "$PLUGIN_CORE_AVAILABLE_PATH/common/functions"
source "$PLUGIN_AVAILABLE_PATH/certs/functions"
source "$PLUGIN_AVAILABLE_PATH/config/functions"
source "$PLUGIN_AVAILABLE_PATH/nginx-vhosts/internal-functions"
fn-nginx-log-root() {
declare desc="get the nginx log root"
local NGINX_LOG_ROOT="/var/log/nginx"
fn-nginx-vhosts-uses-openresty && NGINX_LOG_ROOT="/var/log/openresty"
echo "$NGINX_LOG_ROOT"
}
fn-nginx-access-log-format() {
declare desc="get the configured access log format"
declare APP="$1"
fn-plugin-property-get-default "nginx" "$APP" "access-log-format" ""
}
fn-nginx-access-log-path() {
declare desc="get the configured access log path"
declare APP="$1"
local NGINX_LOG_ROOT="$(fn-nginx-log-root)"
fn-plugin-property-get-default "nginx" "$APP" "access-log-path" "${NGINX_LOG_ROOT}/${APP}-access.log"
}
fn-nginx-bind-address-ipv4() {
declare desc="get the configured ipv4 bind address"
declare APP="$1"
fn-plugin-property-get-default "nginx" "$APP" "bind-address-ipv4" ""
}
fn-nginx-bind-address-ipv6() {
declare desc="get the configured ipv6 bind address"
declare APP="$1"
fn-plugin-property-get-default "nginx" "$APP" "bind-address-ipv6" "::"
}
fn-nginx-proxy-buffer-size() {
declare desc="get the configured proxy buffer size"
declare APP="$1"
fn-plugin-property-get-default "nginx" "$APP" "proxy-buffer-size" "$(fn-get-pagesize)"
}
fn-nginx-proxy-buffering() {
declare desc="get the configured proxy buffering"
declare APP="$1"
fn-plugin-property-get-default "nginx" "$APP" "proxy-buffering" "on"
}
fn-nginx-proxy-buffers() {
declare desc="get the configured proxy buffers"
declare APP="$1"
fn-plugin-property-get-default "nginx" "$APP" "proxy-buffers" "8 $(fn-get-pagesize)"
}
fn-nginx-proxy-busy-buffers-size() {
declare desc="get the configured proxy busy buffers size"
declare APP="$1"
fn-plugin-property-get-default "nginx" "$APP" "proxy-busy-buffers-size" "$(($(fn-get-pagesize) * 2))"
}
fn-nginx-proxy-read-timeout() {
declare desc="get the configured proxy read timeout"
declare APP="$1"
fn-plugin-property-get-default "nginx" "$APP" "proxy-read-timeout" "60s"
}
fn-nginx-client-max-body-size() {
declare desc="get the configured client max body size"
declare APP="$1"
fn-plugin-property-get-default "nginx" "$APP" "client-max-body-size" ""
}
fn-nginx-error-log-path() {
declare desc="get the configured access log path"
declare APP="$1"
local NGINX_LOG_ROOT="$(fn-nginx-log-root)"
fn-plugin-property-get-default "nginx" "$APP" "error-log-path" "${NGINX_LOG_ROOT}/${APP}-error.log"
}
fn-nginx-x-forwarded-for-value() {
declare desc="get the configured x-forwarded-for value"
declare APP="$1"
fn-plugin-property-get-default "nginx" "$APP" "x-forwarded-for-value" "\$remote_addr"
}
fn-nginx-x-forwarded-port-value() {
declare desc="get the configured x-forwarded-port value"
declare APP="$1"
fn-plugin-property-get-default "nginx" "$APP" "x-forwarded-port-value" "\$server_port"
}
fn-nginx-x-forwarded-proto-value() {
declare desc="get the configured x-forwarded-proto value"
declare APP="$1"
fn-plugin-property-get-default "nginx" "$APP" "x-forwarded-proto-value" "\$scheme"
}
fn-nginx-x-forwarded-ssl() {
declare desc="get the configured x-forwarded-ssl value"
declare APP="$1"
fn-plugin-property-get-default "nginx" "$APP" "x-forwarded-ssl" ""
}
get_nginx_location() {
declare desc="check that nginx is at the expected location and return it"
fn-nginx-vhosts-nginx-location
}
validate_nginx() {
declare desc="validate entire nginx config"
declare APP="${1:-}" FLAG="${2:-}"
local NGINX_LOCATION EXIT_CODE
NGINX_LOCATION=$(get_nginx_location)
if [[ -z "$NGINX_LOCATION" ]]; then
exit 1
fi
if [[ "$APP" == "--clean" ]]; then
APP=""
FLAG="--clean"
fi
set +e
sudo "$NGINX_LOCATION" -t &>/dev/null
EXIT_CODE=$?
set -e
if [[ "$EXIT_CODE" -eq "0" ]]; then
return
fi
if [[ -n "$APP" ]]; then
verify_app_name "$APP"
nginx_vhosts_validate_single_func "$APP" "$FLAG"
else
for app in $(dokku_apps "false"); do
nginx_vhosts_validate_single_func "$app" "$FLAG"
done
fi
set +e
sudo "$NGINX_LOCATION" -t &>/dev/null
EXIT_CODE=$?
set -e
if [[ "$EXIT_CODE" -eq "0" ]]; then
return
fi
sudo "$NGINX_LOCATION" -t
exit $?
}
restart_nginx() {
declare desc="restart nginx for given distros"
local PROXY_ENABLED="$(plugn trigger proxy-is-enabled "$APP")"
local PROXY_TYPE="$(plugn trigger proxy-type "$APP")"
if [[ "$PROXY_ENABLED" == "true" ]] && [[ "$PROXY_TYPE" == "nginx" ]]; then
fn-nginx-vhosts-nginx-init-cmd "reload"
fi
}
nginx_logs() {
declare desc="display app nginx logs"
declare NGINX_LOGS_TYPE="${1#nginx:}" APP="$2"
local NGINX_LOGS_TYPE=${NGINX_LOGS_TYPE%-logs}
local NGINX_LOGS_PATH="$("fn-nginx-${NGINX_LOGS_TYPE}-log-path" "$APP")"
if [[ "$NGINX_LOGS_PATH" == "off" ]] || [[ "$NGINX_LOGS_PATH" == "/dev/null" ]]; then
dokku_log_fail "$NGINX_LOGS_TYPE logs are disabled for this app"
fi
if [[ $3 == "-t" ]]; then
local NGINX_LOGS_ARGS="-F"
else
local NGINX_LOGS_ARGS="-n 20"
fi
tail "$NGINX_LOGS_ARGS" "$NGINX_LOGS_PATH"
}
validate_ssl_domains() {
declare desc="check configured domains against SSL cert contents and show warning if mismatched"
local APP=$1
local VHOST_PATH="$DOKKU_ROOT/$APP/VHOST"
local SSL_HOSTNAME=$(get_ssl_hostnames "$APP")
local SSL_HOSTNAME_REGEX=$(echo "$SSL_HOSTNAME" | xargs | sed 's|\.|\\.|g' | sed 's/\*/\[^\.\]\*/g' | sed 's/ /|/g')
if ! (grep -q -E "^${SSL_HOSTNAME_REGEX}$" "$VHOST_PATH" &>/dev/null); then
dokku_log_info1 "No matching configured domains for $APP found in SSL certificate. Your app will show as insecure in a browser if accessed via SSL"
dokku_log_info1 "Please add appropriate domains via the dokku domains command"
[[ -n "$NONSSL_VHOSTS" ]] && dokku_log_info1 "Configured domains for app:"
local domain
for domain in $(echo "$NONSSL_VHOSTS" | xargs); do
dokku_log_info2 "$domain"
done
[[ -n "$SSL_HOSTNAME" ]] && dokku_log_info1 "Domains found in SSL certificate:"
for domain in $(echo "$SSL_HOSTNAME" | xargs); do
dokku_log_info2 "$domain"
done
fi
}
get_custom_nginx_template() {
declare desc="attempts to copy custom nginx template from app image"
local APP="$1"
local DESTINATION_FILE="$2"
local IMAGE_TAG="$(get_running_image_tag "$APP")"
local IMAGE=$(get_deploying_app_image_name "$APP" "$IMAGE_TAG")
local NGINX_TEMPLATE_NAME="nginx.conf.sigil"
local DISABLE_CUSTOM_CONFIG="$(fn-plugin-property-get-default "nginx" "$APP" "disable-custom-config" "false")"
if [[ "$DISABLE_CUSTOM_CONFIG" == "true" ]]; then
return
fi
if [[ -f "${DOKKU_LIB_ROOT}/data/nginx-vhosts/app-$APP/nginx.conf.sigil.$DOKKU_PID.missing" ]]; then
return
fi
if [[ -f "${DOKKU_LIB_ROOT}/data/nginx-vhosts/app-$APP/nginx.conf.sigil.$DOKKU_PID" ]]; then
cp "${DOKKU_LIB_ROOT}/data/nginx-vhosts/app-$APP/nginx.conf.sigil.$DOKKU_PID" "$DESTINATION_FILE"
elif [[ -f "${DOKKU_LIB_ROOT}/data/nginx-vhosts/app-$APP/nginx.conf.sigil" ]]; then
cp "${DOKKU_LIB_ROOT}/data/nginx-vhosts/app-$APP/nginx.conf.sigil" "$DESTINATION_FILE"
fi
}
is_tls13_available() {
declare desc="detects whether the installed nginx version has TLSv1.3 support"
local NGINX_VERSION="$1"
local MAJOR_VERSION MINOR_VERSION PATCH_VERSION
local HAS_SUPPORT=false
MAJOR_VERSION=$(echo "$NGINX_VERSION" | awk '{split($0,a,"."); print a[1]}')
MINOR_VERSION=$(echo "$NGINX_VERSION" | awk '{split($0,a,"."); print a[2]}')
PATCH_VERSION=$(echo "$NGINX_VERSION" | awk '{split($0,a,"."); print a[3]}')
if [[ "$MAJOR_VERSION" -ge "2" ]]; then
HAS_SUPPORT=true
elif [[ "$MAJOR_VERSION" -eq "1" ]] && [[ "$MINOR_VERSION" -ge "13" ]]; then
HAS_SUPPORT=true
fi
echo $HAS_SUPPORT
}
is_http2_push_enabled() {
declare desc="detects whether the installed nginx version has http2 push support"
local NGINX_VERSION="$1"
local MAJOR_VERSION MINOR_VERSION PATCH_VERSION
local HAS_SUPPORT=false
MAJOR_VERSION=$(echo "$NGINX_VERSION" | awk '{split($0,a,"."); print a[1]}')
MINOR_VERSION=$(echo "$NGINX_VERSION" | awk '{split($0,a,"."); print a[2]}')
PATCH_VERSION=$(echo "$NGINX_VERSION" | awk '{split($0,a,"."); print a[3]}')
if [[ "$MAJOR_VERSION" -ge "2" ]]; then
HAS_SUPPORT=true
elif [[ "$MAJOR_VERSION" -eq "1" ]]; then
if [[ "$MINOR_VERSION" -eq "13" ]] && [[ "$PATCH_VERSION" -ge "9" ]]; then
HAS_SUPPORT=true
elif [[ "$MINOR_VERSION" -ge "14" ]]; then
HAS_SUPPORT=true
fi
fi
echo $HAS_SUPPORT
}
is_http2_enabled() {
declare desc="detects whether the installed nginx version has http2 support"
local NGINX_VERSION="$1"
local MAJOR_VERSION MINOR_VERSION PATCH_VERSION
local HAS_SUPPORT=false
MAJOR_VERSION=$(echo "$NGINX_VERSION" | awk '{split($0,a,"."); print a[1]}')
MINOR_VERSION=$(echo "$NGINX_VERSION" | awk '{split($0,a,"."); print a[2]}')
PATCH_VERSION=$(echo "$NGINX_VERSION" | awk '{split($0,a,"."); print a[3]}')
if [[ "$MAJOR_VERSION" -ge "2" ]]; then
HAS_SUPPORT=true
elif [[ "$MAJOR_VERSION" -eq "1" ]]; then
if [[ "$MINOR_VERSION" -eq "11" ]] && [[ "$PATCH_VERSION" -ge "5" ]]; then
HAS_SUPPORT=true
elif [[ "$MINOR_VERSION" -ge "12" ]]; then
HAS_SUPPORT=true
fi
fi
echo $HAS_SUPPORT
}
is_grpc_enabled() {
declare desc="detects whether the installed nginx version has grpc support"
local NGINX_VERSION="$1"
local MAJOR_VERSION MINOR_VERSION PATCH_VERSION
local HAS_SUPPORT=false
MAJOR_VERSION=$(echo "$NGINX_VERSION" | awk '{split($0,a,"."); print a[1]}')
MINOR_VERSION=$(echo "$NGINX_VERSION" | awk '{split($0,a,"."); print a[2]}')
PATCH_VERSION=$(echo "$NGINX_VERSION" | awk '{split($0,a,"."); print a[3]}')
if [[ "$MAJOR_VERSION" -ge "2" ]]; then
HAS_SUPPORT=true
elif [[ "$MAJOR_VERSION" -eq "1" ]]; then
if [[ "$MINOR_VERSION" -eq "13" ]] && [[ "$PATCH_VERSION" -ge "10" ]]; then
HAS_SUPPORT=true
elif [[ "$MINOR_VERSION" -ge "14" ]]; then
HAS_SUPPORT=true
fi
fi
echo $HAS_SUPPORT
}
nginx_build_config() {
declare desc="build nginx config to proxy app containers using sigil"
declare APP="$1" DOKKU_APP_LISTEN_PORT="$2" DOKKU_APP_LISTEN_IP="$3"
local VHOST_PATH="$DOKKU_ROOT/$APP/VHOST"
local NGINX_TEMPLATE_NAME="nginx.conf.sigil"
local NGINX_TEMPLATE="$PLUGIN_AVAILABLE_PATH/nginx-vhosts/templates/$NGINX_TEMPLATE_NAME"
local SCHEME=http
local NGINX_TEMPLATE_SOURCE="built-in"
local APP_SSL_PATH="$DOKKU_ROOT/$APP/tls"
local DOKKU_APP_LISTENERS
CUSTOM_NGINX_TEMPLATE="$(plugn trigger nginx-app-template-source "$APP" "app-config")"
if [[ -n "$CUSTOM_NGINX_TEMPLATE" ]]; then
NGINX_TEMPLATE="$CUSTOM_NGINX_TEMPLATE"
fi
local IS_APP_VHOST_ENABLED=true
plugn trigger domains-vhost-enabled "$APP" 2>/dev/null || IS_APP_VHOST_ENABLED=false
local IS_SSL_ENABLED=false
if [[ "$(plugn trigger certs-exists "$APP")" == "true" ]]; then
IS_SSL_ENABLED=true
fi
if [[ "$(plugn trigger proxy-is-enabled "$APP")" == "true" ]]; then
if [[ -z "$DOKKU_APP_LISTEN_PORT" ]] && [[ -z "$DOKKU_APP_LISTEN_IP" ]]; then
DOKKU_APP_LISTENERS="$(plugn trigger network-get-listeners "$APP" "web" | xargs)"
elif [[ -n "$DOKKU_APP_LISTEN_PORT" ]] && [[ -n "$DOKKU_APP_LISTEN_IP" ]]; then
local PASSED_LISTEN_IP_PORT=true
fi
# setup nginx listen ports
plugn trigger ports-configure "$APP"
local PROXY_PORT=$(config_get "$APP" DOKKU_PROXY_PORT)
local PROXY_SSL_PORT=$(config_get "$APP" DOKKU_PROXY_SSL_PORT)
local PORT_MAP PROXY_PORT_MAP proxy_port_map
while read -r PORT_MAP; do
local PROXY_UPSTREAM_SCHEME="$(awk -F ':' '{ print $1 }' <<<"$PORT_MAP")"
if [[ "$PROXY_UPSTREAM_SCHEME" == "https" ]] && [[ "$IS_SSL_ENABLED" == "false" ]]; then
dokku_log_warn "Ignoring detected https port mapping without an accompanying ssl certificate (${PORT_MAP})"
continue
fi
proxy_port_map="$proxy_port_map $PORT_MAP"
local PROXY_UPSTREAM_PORT="$(awk -F ':' '{ print $3 }' <<<"$PORT_MAP")"
if [[ "$(is_val_in_list "$PROXY_UPSTREAM_PORT" "$PROXY_UPSTREAM_PORTS" " ")" == "false" ]]; then
local PROXY_UPSTREAM_PORTS+="$PROXY_UPSTREAM_PORT "
fi
done < <(plugn trigger ports-get "$APP")
PROXY_PORT_MAP="$(echo "$proxy_port_map" | xargs)" # trailing spaces mess up default template
local PROXY_UPSTREAM_PORTS="$(echo "$PROXY_UPSTREAM_PORTS" | xargs)"
local SSL_INUSE=
local NONSSL_VHOSTS=$(plugn trigger domains-list "$APP")
local NOSSL_SERVER_NAME=$(echo "$NONSSL_VHOSTS" | xargs)
if [[ "$IS_SSL_ENABLED" == "true" ]]; then
local SSL_INUSE=true
local SCHEME=https
validate_ssl_domains "$APP"
local SSL_HOSTNAME=$(get_ssl_hostnames "$APP")
local SSL_HOSTNAME_REGEX=$(echo "$SSL_HOSTNAME" | xargs | sed 's|\.|\\.|g' | sed 's/\*/\[^\.\]\*/g' | sed 's/ /|/g')
if [[ "$IS_APP_VHOST_ENABLED" == "true" ]]; then
local SSL_VHOSTS=$(grep -E "^${SSL_HOSTNAME_REGEX}$" "$VHOST_PATH" || true)
else
local SSL_VHOSTS=$(<"$DOKKU_ROOT/VHOST")
fi
local SSL_SERVER_NAME
local host
for host in $SSL_VHOSTS; do
# SSL_SERVER_NAME should only contain items not in NOSSL_SERVER_NAME
if [[ ! $NOSSL_SERVER_NAME =~ (^|[[:space:]])$host($|[[:space:]]) ]]; then
SSL_SERVER_NAME="${host}${SSL_SERVER_NAME:+ $SSL_SERVER_NAME}"
fi
done
fi
local NGINX_LOCATION NGINX_VERSION SPDY_SUPPORTED TLS13_SUPPORTED HTTP2_SUPPORTED HTTP2_PUSH_SUPPORTED GRPC_SUPPORTED
NGINX_LOCATION=$(get_nginx_location)
if [[ -z "$NGINX_LOCATION" ]]; then
exit 1
fi
NGINX_VERSION="$("$NGINX_LOCATION" -v 2>&1 | cut -d'/' -f 2)"
# DEPRECATED: Remove me at 1.0.0
SPDY_SUPPORTED="false"
TLS13_SUPPORTED="$(is_tls13_available "$NGINX_VERSION")"
HTTP2_SUPPORTED="$(is_http2_enabled "$NGINX_VERSION")"
HTTP2_PUSH_SUPPORTED="$(is_http2_push_enabled "$NGINX_VERSION")"
GRPC_SUPPORTED="$(is_grpc_enabled "$NGINX_VERSION")"
local NGINX_LOG_ROOT="$(fn-nginx-log-root)"
local NGINX_ACCESS_LOG_FORMAT="$(fn-nginx-access-log-format "$APP")"
local NGINX_ACCESS_LOG_PATH="$(fn-nginx-access-log-path "$APP")"
local NGINX_ERROR_LOG_PATH="$(fn-nginx-error-log-path "$APP")"
local CLIENT_MAX_BODY_SIZE="$(fn-nginx-client-max-body-size "$APP")"
local PROXY_READ_TIMEOUT="$(fn-nginx-proxy-read-timeout "$APP")"
local PROXY_BUFFER_SIZE="$(fn-nginx-proxy-buffer-size "$APP")"
local PROXY_BUFFERING="$(fn-nginx-proxy-buffering "$APP")"
local PROXY_BUFFERS="$(fn-nginx-proxy-buffers "$APP")"
local PROXY_BUSY_BUFFERS_SIZE="$(fn-nginx-proxy-busy-buffers-size "$APP")"
if [[ -z "$DOKKU_APP_LISTENERS" ]]; then
dokku_log_warn_quiet "No web listeners specified for $APP"
elif (is_deployed "$APP"); then
if [[ "$(plugn trigger network-get-static-listeners "$APP" "web")" == "" ]]; then
local IMAGE_TAG=$(get_running_image_tag "$APP")
local IMAGE=$(get_deploying_app_image_name "$APP" "$IMAGE_TAG" 2>/dev/null)
if ! verify_image "$IMAGE" 2>/dev/null; then
dokku_log_fail "Missing image for app"
fi
fi
local NGINX_BUILD_CONFIG_TMP_WORK_DIR=$(mktemp -d "/tmp/dokku-${DOKKU_PID}-${FUNCNAME[0]}.XXXXXX")
local NGINX_CONF=$(mktemp --tmpdir="${NGINX_BUILD_CONFIG_TMP_WORK_DIR}" "nginx.conf.XXXXXX")
local CUSTOM_NGINX_TEMPLATE="$NGINX_BUILD_CONFIG_TMP_WORK_DIR/$NGINX_TEMPLATE_NAME"
trap "rm -rf '$NGINX_CONF' '$NGINX_BUILD_CONFIG_TMP_WORK_DIR' >/dev/null" RETURN INT TERM EXIT
get_custom_nginx_template "$APP" "$CUSTOM_NGINX_TEMPLATE" 2>/dev/null
if [[ -f "$CUSTOM_NGINX_TEMPLATE" ]]; then
dokku_log_info1 'Overriding default nginx.conf with detected nginx.conf.sigil'
local NGINX_TEMPLATE="$CUSTOM_NGINX_TEMPLATE"
local NGINX_TEMPLATE_SOURCE="app-supplied"
fi
local NGINX_BIND_ADDRESS_IP4="$(fn-nginx-bind-address-ipv4 "$APP")"
local NGINX_BIND_ADDRESS_IP6="$(fn-nginx-bind-address-ipv6 "$APP")"
[[ -z "$NGINX_BIND_ADDRESS_IP6" ]] && NGINX_BIND_ADDRESS_IP6="::"
local PROXY_X_FORWARDED_FOR="$(fn-nginx-x-forwarded-for-value "$APP")"
local PROXY_X_FORWARDED_PORT="$(fn-nginx-x-forwarded-port-value "$APP")"
local PROXY_X_FORWARDED_PROTO="$(fn-nginx-x-forwarded-proto-value "$APP")"
local PROXY_X_FORWARDED_SSL="$(fn-nginx-x-forwarded-ssl "$APP")"
eval "$(config_export app "$APP")"
local SIGIL_PARAMS=(-f "$NGINX_TEMPLATE" APP="$APP" DOKKU_ROOT="$DOKKU_ROOT"
NOSSL_SERVER_NAME="$NOSSL_SERVER_NAME"
# Deprecated: Remove this after a few versions
DOKKU_APP_LISTENERS="$DOKKU_APP_LISTENERS"
DOKKU_LIB_ROOT="$DOKKU_LIB_ROOT"
PASSED_LISTEN_IP_PORT="$PASSED_LISTEN_IP_PORT"
SPDY_SUPPORTED="$SPDY_SUPPORTED"
TLS13_SUPPORTED="$TLS13_SUPPORTED"
HTTP2_SUPPORTED="$HTTP2_SUPPORTED"
NGINX_LOG_ROOT="$NGINX_LOG_ROOT"
NGINX_ACCESS_LOG_FORMAT="$NGINX_ACCESS_LOG_FORMAT"
NGINX_ACCESS_LOG_PATH="$NGINX_ACCESS_LOG_PATH"
NGINX_ERROR_LOG_PATH="$NGINX_ERROR_LOG_PATH"
NGINX_BIND_ADDRESS_IP4="$NGINX_BIND_ADDRESS_IP4"
NGINX_BIND_ADDRESS_IP6="$NGINX_BIND_ADDRESS_IP6"
HTTP2_PUSH_SUPPORTED="$HTTP2_PUSH_SUPPORTED"
GRPC_SUPPORTED="$GRPC_SUPPORTED"
DOKKU_APP_LISTEN_PORT="$DOKKU_APP_LISTEN_PORT" DOKKU_APP_LISTEN_IP="$DOKKU_APP_LISTEN_IP"
APP_SSL_PATH="$APP_SSL_PATH" SSL_INUSE="$SSL_INUSE" SSL_SERVER_NAME="$SSL_SERVER_NAME"
CLIENT_MAX_BODY_SIZE="$CLIENT_MAX_BODY_SIZE"
PROXY_READ_TIMEOUT="$PROXY_READ_TIMEOUT"
PROXY_BUFFER_SIZE="$PROXY_BUFFER_SIZE"
PROXY_BUFFERING="$PROXY_BUFFERING"
PROXY_BUFFERS="$PROXY_BUFFERS"
PROXY_BUSY_BUFFERS_SIZE="$PROXY_BUSY_BUFFERS_SIZE"
# Deprecated: Remove this after a few versions
NGINX_PORT="$PROXY_PORT" NGINX_SSL_PORT="$PROXY_SSL_PORT"
PROXY_PORT="$PROXY_PORT" PROXY_SSL_PORT="$PROXY_SSL_PORT"
PROXY_PORT_MAP="$PROXY_PORT_MAP" PROXY_UPSTREAM_PORTS="$PROXY_UPSTREAM_PORTS"
PROXY_X_FORWARDED_FOR="$PROXY_X_FORWARDED_FOR"
PROXY_X_FORWARDED_PORT="$PROXY_X_FORWARDED_PORT"
PROXY_X_FORWARDED_PROTO="$PROXY_X_FORWARDED_PROTO"
PROXY_X_FORWARDED_SSL="$PROXY_X_FORWARDED_SSL")
while read -r line || [[ -n "$line" ]]; do
PROC_TYPE=${line%%=*}
LISTENERS="$(plugn trigger network-get-listeners "$APP" "$PROC_TYPE" | xargs)"
UPP_PROC_TYPE="${PROC_TYPE^^}"
UPP_PROC_TYPE="${UPP_PROC_TYPE//-/_}"
SIGIL_PARAMS+=("DOKKU_APP_${UPP_PROC_TYPE}_LISTENERS=$LISTENERS")
done < <(plugn trigger ps-current-scale "$APP")
if grep DOKKU_APP_LISTENERS "$NGINX_TEMPLATE"; then
dokku_log_warn "Deprecated: Usage of DOKKU_APP_LISTENERS within nginx.conf.sigil templates is deprecated in favor of DOKKU_APP_WEB_LISTENERS"
fi
if grep NGINX_SSL_PORT "$NGINX_TEMPLATE"; then
dokku_log_warn "Deprecated: Usage of NGINX_SSL_PORT within nginx.conf.sigil templates is deprecated in favor of PROXY_SSL_PORT"
fi
if grep NGINX_PORT "$NGINX_TEMPLATE"; then
dokku_log_warn "Deprecated: Usage of NGINX_PORT within nginx.conf.sigil templates is deprecated in favor of PROXY_PORT"
fi
# execute sigil template processing
xargs -i echo "-----> Configuring {}...(using $NGINX_TEMPLATE_SOURCE template)" <<<"$(echo "${SSL_VHOSTS}" "${NONSSL_VHOSTS}" | tr ' ' '\n' | sort -u)"
sigil "${SIGIL_PARAMS[@]}" | cat -s >"$NGINX_CONF"
dokku_log_info1 "Creating $SCHEME nginx.conf"
mv "$NGINX_CONF" "$DOKKU_ROOT/$APP/nginx.conf"
fn-nginx-vhosts-manage-hsts "$APP" "$SSL_INUSE"
plugn trigger nginx-pre-reload "$APP" "$DOKKU_APP_LISTEN_PORT" "$DOKKU_APP_LISTEN_IP"
dokku_log_verbose "Reloading nginx"
validate_nginx && restart_nginx >/dev/null
fi
else
# note because this clause is long. if the proxy is disabled:
dokku_log_info1 "Nginx support is disabled for app ($APP)"
if [[ -f "$DOKKU_ROOT/$APP/nginx.conf" ]]; then
dokku_log_info1 "Deleting nginx.conf"
rm "$DOKKU_ROOT/$APP/nginx.conf"
if (is_deployed "$APP"); then
dokku_log_info1 "Reloading nginx after nginx.conf deletion"
validate_nginx && restart_nginx >/dev/null
fi
fi
fi
}
Reference in New Issue View Git Blame Copy Permalink