From bc66b7a825bd508f33b9d7dde7cb59ad9fd8c52a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?M=C3=A1rcio=20Santos?= Date: Sun, 5 Oct 2025 00:13:59 +0100 Subject: [PATCH 1/4] Implement dynamic dns servers configuration based on default nginx container image mechanism --- .docker/nginx.conf | 2 +- .docker/nginx.conf.template | 93 +++++++++++++++++++ .docker/scripts/100-envsubst-on-nginx-conf.sh | 13 +++ Dockerfile | 3 +- 4 files changed, 109 insertions(+), 2 deletions(-) create mode 100644 .docker/nginx.conf.template create mode 100644 .docker/scripts/100-envsubst-on-nginx-conf.sh diff --git a/.docker/nginx.conf b/.docker/nginx.conf index b1cd645b..f4ef5084 100644 --- a/.docker/nginx.conf +++ b/.docker/nginx.conf @@ -90,4 +90,4 @@ http { proxy_set_header X-Real-IP $remote_addr; } } -} \ No newline at end of file +} diff --git a/.docker/nginx.conf.template b/.docker/nginx.conf.template new file mode 100644 index 00000000..9fd9acd7 --- /dev/null +++ b/.docker/nginx.conf.template @@ -0,0 +1,93 @@ +# Run nginx in foreground. +# daemon off; + +# This is run inside Docker. +user nginx; + +# Pid storage location. +pid /run/nginx.pid; + +# Set number of worker processes. +worker_processes 1; + +# Enables the use of JIT for regular expressions to speed-up their processing. +pcre_jit on; + +# Write error log to the add-on log. +error_log /var/log/nginx/error.log notice; + +# Max num of simultaneous connections by a worker process. +events { + worker_connections 1024; +} + +http { + include /etc/nginx/mime.types; + access_log off; + client_max_body_size 4G; + default_type application/octet-stream; + gzip on; + keepalive_timeout 65; + sendfile on; + server_tokens off; + tcp_nodelay on; + tcp_nopush on; + + map $http_upgrade $connection_upgrade { + default upgrade; + '' close; + } + + resolver $NGINX_LOCAL_RESOLVERS ipv6=off; + + server { + listen 80; + listen [::]:80; + server_name localhost; + + location / { + root /usr/share/nginx/html; + index index.html index.htm; + try_files $uri $uri/ /index.html; + + add_header Last-Modified $date_gmt; + add_header Cache-Control 'private no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0'; + + if_modified_since off; + expires off; + etag off; + } + + # proxy WebSocket connections + location ~ ^/ws-proxy/([^/]+)(/.*)? { + set $backend_host $1; + set $backend_path $2; + + # if path is not provided, default to / + if ($backend_path = "") { + set $backend_path /; + } + + proxy_pass $scheme://$backend_host$backend_path; + proxy_http_version 1.1; + proxy_ignore_client_abort off; + proxy_read_timeout 86400s; + proxy_redirect off; + proxy_send_timeout 86400s; + proxy_max_temp_file_size 0; + # disable for WebSockets + proxy_buffering off; + proxy_no_cache 1; + proxy_cache_bypass 1; + + proxy_set_header Accept-Encoding ""; + proxy_set_header Connection $connection_upgrade; + proxy_set_header Host $backend_host; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-NginX-Proxy true; + proxy_set_header X-Real-IP $remote_addr; + } + } +} diff --git a/.docker/scripts/100-envsubst-on-nginx-conf.sh b/.docker/scripts/100-envsubst-on-nginx-conf.sh new file mode 100644 index 00000000..8c92f805 --- /dev/null +++ b/.docker/scripts/100-envsubst-on-nginx-conf.sh @@ -0,0 +1,13 @@ +#!/bin/sh +# vim:sw=2:ts=2:sts=2:et + +set -eu + +LC_ALL=C +PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin + +[ "${NGINX_LOCAL_RESOLVERS:-}" ] || return 0 + +# Substitute the variable in the template file and generate the final config. +# `envsubst` is a standard utility that substitutes environment variables in shell format strings. +envsubst '$NGINX_LOCAL_RESOLVERS' < /etc/nginx/nginx.conf.template > /etc/nginx/nginx.conf diff --git a/Dockerfile b/Dockerfile index cd116599..f85c8a92 100644 --- a/Dockerfile +++ b/Dockerfile @@ -4,7 +4,8 @@ EXPOSE 80 COPY .docker/scripts/ /docker-entrypoint.d/ COPY .docker/nginx.conf /etc/nginx/ +COPY .docker/nginx.conf.template /etc/nginx/ -RUN chmod +x /docker-entrypoint.d/100-envsubst-on-app-envs.sh +RUN chmod +x /docker-entrypoint.d/100-envsubst-on-app-envs.sh /docker-entrypoint.d/100-envsubst-on-nginx-conf.sh COPY dist/ /usr/share/nginx/html/ From b1dcd385c48b0a46e24e045d4338b0acd390f9a7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?M=C3=A1rcio=20Santos?= Date: Sun, 5 Oct 2025 00:33:33 +0100 Subject: [PATCH 2/4] Implement dynamic dns servers configuration based on default nginx container image mechanism --- .docker/nginx.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.docker/nginx.conf b/.docker/nginx.conf index f4ef5084..b1cd645b 100644 --- a/.docker/nginx.conf +++ b/.docker/nginx.conf @@ -90,4 +90,4 @@ http { proxy_set_header X-Real-IP $remote_addr; } } -} +} \ No newline at end of file From cedf4e4e1029a0a4791fef631f6ce0dc12c9fe15 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?M=C3=A1rcio=20Santos?= Date: Sun, 5 Oct 2025 01:03:47 +0100 Subject: [PATCH 3/4] If environment variable "NGINX_ENTRYPOINT_LOCAL_RESOLVERS" is not set, hardcoded dns server "127.0.0.11" will be used, if it is set, local dns servers will be grabbed and configured --- .docker/nginx.conf | 93 ------------------- .docker/scripts/100-envsubst-on-nginx-conf.sh | 4 +- Dockerfile | 1 - 3 files changed, 3 insertions(+), 95 deletions(-) delete mode 100644 .docker/nginx.conf diff --git a/.docker/nginx.conf b/.docker/nginx.conf deleted file mode 100644 index b1cd645b..00000000 --- a/.docker/nginx.conf +++ /dev/null @@ -1,93 +0,0 @@ -# Run nginx in foreground. -# daemon off; - -# This is run inside Docker. -user nginx; - -# Pid storage location. -pid /run/nginx.pid; - -# Set number of worker processes. -worker_processes 1; - -# Enables the use of JIT for regular expressions to speed-up their processing. -pcre_jit on; - -# Write error log to the add-on log. -error_log /var/log/nginx/error.log notice; - -# Max num of simultaneous connections by a worker process. -events { - worker_connections 1024; -} - -http { - include /etc/nginx/mime.types; - access_log off; - client_max_body_size 4G; - default_type application/octet-stream; - gzip on; - keepalive_timeout 65; - sendfile on; - server_tokens off; - tcp_nodelay on; - tcp_nopush on; - - map $http_upgrade $connection_upgrade { - default upgrade; - '' close; - } - - resolver 127.0.0.11 ipv6=off; - - server { - listen 80; - listen [::]:80; - server_name localhost; - - location / { - root /usr/share/nginx/html; - index index.html index.htm; - try_files $uri $uri/ /index.html; - - add_header Last-Modified $date_gmt; - add_header Cache-Control 'private no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0'; - - if_modified_since off; - expires off; - etag off; - } - - # proxy WebSocket connections - location ~ ^/ws-proxy/([^/]+)(/.*)? { - set $backend_host $1; - set $backend_path $2; - - # if path is not provided, default to / - if ($backend_path = "") { - set $backend_path /; - } - - proxy_pass $scheme://$backend_host$backend_path; - proxy_http_version 1.1; - proxy_ignore_client_abort off; - proxy_read_timeout 86400s; - proxy_redirect off; - proxy_send_timeout 86400s; - proxy_max_temp_file_size 0; - # disable for WebSockets - proxy_buffering off; - proxy_no_cache 1; - proxy_cache_bypass 1; - - proxy_set_header Accept-Encoding ""; - proxy_set_header Connection $connection_upgrade; - proxy_set_header Host $backend_host; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_set_header X-NginX-Proxy true; - proxy_set_header X-Real-IP $remote_addr; - } - } -} \ No newline at end of file diff --git a/.docker/scripts/100-envsubst-on-nginx-conf.sh b/.docker/scripts/100-envsubst-on-nginx-conf.sh index 8c92f805..3b753a31 100644 --- a/.docker/scripts/100-envsubst-on-nginx-conf.sh +++ b/.docker/scripts/100-envsubst-on-nginx-conf.sh @@ -6,7 +6,9 @@ set -eu LC_ALL=C PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin -[ "${NGINX_LOCAL_RESOLVERS:-}" ] || return 0 +# If NGINX_LOCAL_RESOLVERS is not set or is empty, assign it the default value of "127.0.0.11". +: "${NGINX_LOCAL_RESOLVERS:=127.0.0.11}" +export NGINX_LOCAL_RESOLVERS # Substitute the variable in the template file and generate the final config. # `envsubst` is a standard utility that substitutes environment variables in shell format strings. diff --git a/Dockerfile b/Dockerfile index f85c8a92..f8d2240d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,7 +3,6 @@ FROM nginx:alpine-slim AS prod EXPOSE 80 COPY .docker/scripts/ /docker-entrypoint.d/ -COPY .docker/nginx.conf /etc/nginx/ COPY .docker/nginx.conf.template /etc/nginx/ RUN chmod +x /docker-entrypoint.d/100-envsubst-on-app-envs.sh /docker-entrypoint.d/100-envsubst-on-nginx-conf.sh From 8de20b3421025dc642c580b7330ab08fa535a921 Mon Sep 17 00:00:00 2001 From: Nerivec <62446222+Nerivec@users.noreply.github.com> Date: Sun, 5 Oct 2025 14:56:43 +0200 Subject: [PATCH 4/4] fix: extend from base container logic --- .docker/{nginx.conf.template => nginx.conf} | 2 +- .docker/resolver.conf.template | 1 + .docker/scripts/100-envsubst-on-nginx-conf.sh | 15 --------------- Dockerfile | 5 +++-- 4 files changed, 5 insertions(+), 18 deletions(-) rename .docker/{nginx.conf.template => nginx.conf} (98%) create mode 100644 .docker/resolver.conf.template delete mode 100644 .docker/scripts/100-envsubst-on-nginx-conf.sh diff --git a/.docker/nginx.conf.template b/.docker/nginx.conf similarity index 98% rename from .docker/nginx.conf.template rename to .docker/nginx.conf index 9fd9acd7..caee38da 100644 --- a/.docker/nginx.conf.template +++ b/.docker/nginx.conf @@ -38,7 +38,7 @@ http { '' close; } - resolver $NGINX_LOCAL_RESOLVERS ipv6=off; + include /etc/nginx/conf.d/resolver.conf; server { listen 80; diff --git a/.docker/resolver.conf.template b/.docker/resolver.conf.template new file mode 100644 index 00000000..8f87366d --- /dev/null +++ b/.docker/resolver.conf.template @@ -0,0 +1 @@ +resolver $NGINX_LOCAL_RESOLVERS ipv6=off; \ No newline at end of file diff --git a/.docker/scripts/100-envsubst-on-nginx-conf.sh b/.docker/scripts/100-envsubst-on-nginx-conf.sh deleted file mode 100644 index 3b753a31..00000000 --- a/.docker/scripts/100-envsubst-on-nginx-conf.sh +++ /dev/null @@ -1,15 +0,0 @@ -#!/bin/sh -# vim:sw=2:ts=2:sts=2:et - -set -eu - -LC_ALL=C -PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin - -# If NGINX_LOCAL_RESOLVERS is not set or is empty, assign it the default value of "127.0.0.11". -: "${NGINX_LOCAL_RESOLVERS:=127.0.0.11}" -export NGINX_LOCAL_RESOLVERS - -# Substitute the variable in the template file and generate the final config. -# `envsubst` is a standard utility that substitutes environment variables in shell format strings. -envsubst '$NGINX_LOCAL_RESOLVERS' < /etc/nginx/nginx.conf.template > /etc/nginx/nginx.conf diff --git a/Dockerfile b/Dockerfile index f8d2240d..81a2ae66 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,8 +3,9 @@ FROM nginx:alpine-slim AS prod EXPOSE 80 COPY .docker/scripts/ /docker-entrypoint.d/ -COPY .docker/nginx.conf.template /etc/nginx/ +COPY .docker/nginx.conf /etc/nginx/ +COPY .docker/resolver.conf.template /etc/nginx/templates/ -RUN chmod +x /docker-entrypoint.d/100-envsubst-on-app-envs.sh /docker-entrypoint.d/100-envsubst-on-nginx-conf.sh +RUN chmod +x /docker-entrypoint.d/100-envsubst-on-app-envs.sh COPY dist/ /usr/share/nginx/html/