From 9740ed4818f0ba095f5d357228e1b3356cf3523a Mon Sep 17 00:00:00 2001 From: Sylvia van Os Date: Tue, 8 Oct 2019 13:43:08 +0200 Subject: [PATCH] Make it possible to serve static files locally with fastcgi upstream --- README.md | 19 +++++++++++-- nginx.tmpl | 82 +++++++++++++++++++++++++++++++++++++++++++++++++++--- 2 files changed, 95 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 92aee31..16ea017 100644 --- a/README.md +++ b/README.md @@ -133,10 +133,25 @@ If you would like to connect to FastCGI backend, set `VIRTUAL_PROTO=fastcgi` on backend container. Your backend container should then listen on a port rather than a socket and expose that port. -### FastCGI Filr Root Directory +### FastCGI File Root Directory -If you use fastcgi,you can set `VIRTUAL_ROOT=xxx` for your root directory +If you use fastcgi, you can set `VIRTUAL_ROOT=xxx` for your root directory +### Sending only certain file extensions upstream + +You can set `UPSTREAM_EXTENSIONS=xxx` to only send certain extensions upstream. +The rest of the files will be served locally. If you want to send multiple +extensions upstream, separate them like this: `UPSTREAM_EXTENSIONS=php|php5` + +When doing this, make sure the VIRTUAL_ROOT is also available to this container. +The easiest way to do this is defining the VOLUME in your upstream container and +using +[volumes_from](https://docs.docker.com/compose/compose-file/compose-file-v2/#volumes_from) +or equivalent. + +You likely also want to set `INDEX=xxx` to send non-matching URLs upstream. For +example, think of an url like /user/login, which won't resolve to a local file, +but which the upstream fastcgi will understand: `INDEX=index.php`. ### Default Host diff --git a/nginx.tmpl b/nginx.tmpl index c1383c6..b0b38d7 100644 --- a/nginx.tmpl +++ b/nginx.tmpl @@ -220,6 +220,11 @@ upstream {{ $upstream_name }} { {{/* Get the VIRTUAL_ROOT By containers w/ use fastcgi root */}} {{ $vhost_root := or (first (groupByKeys $containers "Env.VIRTUAL_ROOT")) "/var/www/public" }} +{{/* Which extensions to send upstream when using fastcgi, if not default, send everything upstream. Make sure the VIRTUAL_ROOT is available to this container when using this */}} +{{ $vhost_upstream_extensions := trim (or (first (groupByKeys $containers "Env.UPSTREAM_EXTENSIONS")) "") }} + +{{/* Which filename to use as index file */}} +{{ $vhost_index := or (first (groupByKeys $containers "Env.INDEX")) "" }} {{/* Get the first cert name defined by containers w/ the same vhost */}} {{ $certName := (first (groupByKeys $containers "Env.CERT_NAME")) }} @@ -292,18 +297,52 @@ server { include /etc/nginx/vhost.d/default; {{ end }} - location / { + {{ if $vhost_upstream_extensions }} + root {{ trim $vhost_root }}; + location ~* \.({{ $vhost_upstream_extensions }})$ { {{ if eq $proto "uwsgi" }} include uwsgi_params; uwsgi_pass {{ trim $proto }}://{{ trim $upstream_name }}; {{ else if eq $proto "fastcgi" }} - root {{ trim $vhost_root }}; include fastcgi_params; + {{ if $vhost_index }} + fastcgi_param SCRIPT_FILENAME $document_root/{{ $vhost_index }}; + {{ end }} fastcgi_pass {{ trim $upstream_name }}; {{ else }} proxy_pass {{ trim $proto }}://{{ trim $upstream_name }}; {{ end }} + {{ if (exists (printf "/etc/nginx/htpasswd/%s" $host)) }} + auth_basic "Restricted {{ $host }}"; + auth_basic_user_file {{ (printf "/etc/nginx/htpasswd/%s" $host) }}; + {{ end }} + {{ if (exists (printf "/etc/nginx/vhost.d/%s_location" $host)) }} + include {{ printf "/etc/nginx/vhost.d/%s_location" $host}}; + {{ else if (exists "/etc/nginx/vhost.d/default_location") }} + include /etc/nginx/vhost.d/default_location; + {{ end }} + } + {{ end }} + location / { + {{ if not $vhost_upstream_extensions }} + {{ if eq $proto "uwsgi" }} + include uwsgi_params; + uwsgi_pass {{ trim $proto }}://{{ trim $upstream_name }}; + {{ else if eq $proto "fastcgi" }} + include fastcgi_params; + {{ if $vhost_index }} + fastcgi_param SCRIPT_FILENAME $document_root/{{ $vhost_index }}; + {{ end }} + fastcgi_pass {{ trim $upstream_name }}; + {{ else }} + proxy_pass {{ trim $proto }}://{{ trim $upstream_name }}; + {{ end }} + {{ else if $vhost_index }} + index {{ $vhost_index }}; + try_files $uri $uri/ /{{ $vhost_index }}; + {{ end }} + {{ if (exists (printf "/etc/nginx/htpasswd/%s" $host)) }} auth_basic "Restricted {{ $host }}"; auth_basic_user_file {{ (printf "/etc/nginx/htpasswd/%s" $host) }}; @@ -339,17 +378,52 @@ server { include /etc/nginx/vhost.d/default; {{ end }} - location / { + {{ if $vhost_upstream_extensions }} + root {{ trim $vhost_root }}; + location ~* \.({{ $vhost_upstream_extensions }})$ { {{ if eq $proto "uwsgi" }} include uwsgi_params; uwsgi_pass {{ trim $proto }}://{{ trim $upstream_name }}; {{ else if eq $proto "fastcgi" }} - root {{ trim $vhost_root }}; include fastcgi_params; + {{ if $vhost_index }} + fastcgi_param SCRIPT_FILENAME $document_root/{{ $vhost_index }}; + {{ end }} fastcgi_pass {{ trim $upstream_name }}; {{ else }} proxy_pass {{ trim $proto }}://{{ trim $upstream_name }}; {{ end }} + + {{ if (exists (printf "/etc/nginx/htpasswd/%s" $host)) }} + auth_basic "Restricted {{ $host }}"; + auth_basic_user_file {{ (printf "/etc/nginx/htpasswd/%s" $host) }}; + {{ end }} + {{ if (exists (printf "/etc/nginx/vhost.d/%s_location" $host)) }} + include {{ printf "/etc/nginx/vhost.d/%s_location" $host}}; + {{ else if (exists "/etc/nginx/vhost.d/default_location") }} + include /etc/nginx/vhost.d/default_location; + {{ end }} + } + {{ end }} + location / { + {{ if not $vhost_upstream_extensions }} + {{ if eq $proto "uwsgi" }} + include uwsgi_params; + uwsgi_pass {{ trim $proto }}://{{ trim $upstream_name }}; + {{ else if eq $proto "fastcgi" }} + include fastcgi_params; + {{ if $vhost_index }} + fastcgi_param SCRIPT_FILENAME $document_root/{{ $vhost_index }}; + {{ end }} + fastcgi_pass {{ trim $upstream_name }}; + {{ else }} + proxy_pass {{ trim $proto }}://{{ trim $upstream_name }}; + {{ end }} + {{ else if $vhost_index }} + index {{ $vhost_index }}; + try_files $uri $uri/ /{{ $vhost_index }}; + {{ end }} + {{ if (exists (printf "/etc/nginx/htpasswd/%s" $host)) }} auth_basic "Restricted {{ $host }}"; auth_basic_user_file {{ (printf "/etc/nginx/htpasswd/%s" $host) }};