Merge pull request #106 from md5/per-vhost-includes
Per VIRTUAL_HOST configuration files
This commit is contained in:
commit
d831c058f3
2 changed files with 46 additions and 0 deletions
38
README.md
38
README.md
|
@ -114,3 +114,41 @@ In order to be able to securize your virtual host, you have to create a file nam
|
||||||
$ docker run -d -p 80:80 -p 443:443 -v /path/to/htpasswd:/etc/nginx/htpasswd -v /path/to/certs:/etc/nginx/certs -v /var/run/docker.sock:/tmp/docker.sock jwilder/nginx-proxy
|
$ docker run -d -p 80:80 -p 443:443 -v /path/to/htpasswd:/etc/nginx/htpasswd -v /path/to/certs:/etc/nginx/certs -v /var/run/docker.sock:/tmp/docker.sock jwilder/nginx-proxy
|
||||||
|
|
||||||
You'll need apache2-utils on the machine you plan to create de htpasswd file. Follow these [instructions](http://httpd.apache.org/docs/2.2/programs/htpasswd.html)
|
You'll need apache2-utils on the machine you plan to create de htpasswd file. Follow these [instructions](http://httpd.apache.org/docs/2.2/programs/htpasswd.html)
|
||||||
|
|
||||||
|
### Custom Nginx Configuration
|
||||||
|
|
||||||
|
If you need to configure Nginx beyond what is possible using environment variables, you can provide custom configuration files on either a proxy-wide or per-`VIRTUAL_HOST` basis.
|
||||||
|
|
||||||
|
#### Proxy-wide
|
||||||
|
|
||||||
|
To add settings on a proxy-wide basis, add your configuration file under `/etc/nginx/conf.d` using a name ending in `.conf`.
|
||||||
|
|
||||||
|
This can be done in a derived image by creating the file in a `RUN` command or by `COPY`ing the file into `conf.d`:
|
||||||
|
|
||||||
|
```Dockerfile
|
||||||
|
FROM jwilder/nginx-proxy
|
||||||
|
RUN { \
|
||||||
|
echo 'server_tokens off;'; \
|
||||||
|
echo 'client_max_body_size 100m;'; \
|
||||||
|
} > /etc/nginx/conf.d/my_proxy.conf
|
||||||
|
```
|
||||||
|
|
||||||
|
Or it can be done by mounting in your custom configuration in your `docker run` command:
|
||||||
|
|
||||||
|
$ docker run -d -p 80:80 -p 443:443 -v /path/to/my_proxy.conf:/etc/nginx/conf.d/my_proxy.conf:ro -v /var/run/docker.sock:/tmp/docker.sock jwilder/nginx-proxy
|
||||||
|
|
||||||
|
#### Per-VIRTUAL_HOST
|
||||||
|
|
||||||
|
To add settings on a per-`VIRTUAL_HOST` basis, add your configuration file under `/etc/nginx/vhost.d`. Unlike in the proxy-wide case, which allows mutliple config files with any name ending in `.conf`, the per-`VIRTUAL_HOST` file must be named exactly after the `VIRTUAL_HOST`.
|
||||||
|
|
||||||
|
In order to allow virtual hosts to be dynamically configured as backends are added and removed, it makes the most sense to mount an external directory as `/etc/nginx/vhost.d` as opposed to using derived images or mounting individual configuration files.
|
||||||
|
|
||||||
|
For example, if you have a virtual host named `app.example.com`, you could provide a custom configuration for that host as follows:
|
||||||
|
|
||||||
|
$ docker run -d -p 80:80 -p 443:443 -v /path/to/vhost.d:/etc/nginx/vhost.d:ro -v /var/run/docker.sock:/tmp/docker.sock jwilder/nginx-proxy
|
||||||
|
$ { echo 'server_tokens off;'; echo 'client_max_body_size 100m;'; } > /path/to/vhost.d/app.example.com
|
||||||
|
|
||||||
|
If you are using multiple hostnames for a single container (e.g. `VIRTUAL_HOST=example.com,www.example.com`), the virtual host configuration file must exist for each hostname. If you would like to use the same configuration for multiple virtual host names, you can use a symlink:
|
||||||
|
|
||||||
|
$ { echo 'server_tokens off;'; echo 'client_max_body_size 100m;'; } > /path/to/vhost.d/www.example.com
|
||||||
|
$ ln -s www.example.com /path/to/vhost.d/example.com
|
||||||
|
|
|
@ -107,6 +107,10 @@ server {
|
||||||
|
|
||||||
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
|
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
|
||||||
|
|
||||||
|
{{ if (exists (printf "/etc/nginx/vhost.d/%s" $host)) }}
|
||||||
|
include {{ printf "/etc/nginx/vhost.d/%s" $host }};
|
||||||
|
{{ end }}
|
||||||
|
|
||||||
location / {
|
location / {
|
||||||
proxy_pass {{ $proto }}://{{ $host }};
|
proxy_pass {{ $proto }}://{{ $host }};
|
||||||
{{ if (exists (printf "/etc/nginx/htpasswd/%s" $host)) }}
|
{{ if (exists (printf "/etc/nginx/htpasswd/%s" $host)) }}
|
||||||
|
@ -120,6 +124,10 @@ server {
|
||||||
server {
|
server {
|
||||||
server_name {{ $host }};
|
server_name {{ $host }};
|
||||||
|
|
||||||
|
{{ if (exists (printf "/etc/nginx/vhost.d/%s" $host)) }}
|
||||||
|
include {{ printf "/etc/nginx/vhost.d/%s" $host }};
|
||||||
|
{{ end }}
|
||||||
|
|
||||||
location / {
|
location / {
|
||||||
proxy_pass {{ $proto }}://{{ $host }};
|
proxy_pass {{ $proto }}://{{ $host }};
|
||||||
{{ if (exists (printf "/etc/nginx/htpasswd/%s" $host)) }}
|
{{ if (exists (printf "/etc/nginx/htpasswd/%s" $host)) }}
|
||||||
|
|
Reference in a new issue