set nginx DNS configuration from container resolv.conf to allow proxy to operate behind firewall
parent
97e77ccc56
commit
a89cf362ad
|
@ -3,6 +3,15 @@
|
||||||
set -Eeuo pipefail
|
set -Eeuo pipefail
|
||||||
trap "echo TRAPed signal" HUP INT QUIT TERM
|
trap "echo TRAPed signal" HUP INT QUIT TERM
|
||||||
|
|
||||||
|
#configure nginx DNS settings to match host, why must we do that nginx?
|
||||||
|
conf="resolver $(/usr/bin/awk 'BEGIN{ORS=" "} $1=="nameserver" {print $2}' /etc/resolv.conf) ipv6=off; # Avoid ipv6 addresses for now"
|
||||||
|
[ "$conf" = "resolver ;" ] && echo "no nameservers found" && exit 0
|
||||||
|
confpath=/etc/nginx/resolvers.conf
|
||||||
|
if [ ! -e $confpath ] || [ "$conf" != "$(cat $confpath)" ]
|
||||||
|
then
|
||||||
|
echo "$conf" > $confpath
|
||||||
|
fi
|
||||||
|
|
||||||
# The list of SAN (Subject Alternative Names) for which we will create a TLS certificate.
|
# The list of SAN (Subject Alternative Names) for which we will create a TLS certificate.
|
||||||
ALLDOMAINS=""
|
ALLDOMAINS=""
|
||||||
|
|
||||||
|
|
|
@ -108,7 +108,8 @@ http {
|
||||||
proxy_max_temp_file_size 0;
|
proxy_max_temp_file_size 0;
|
||||||
|
|
||||||
# We need to resolve the real names of our proxied servers.
|
# We need to resolve the real names of our proxied servers.
|
||||||
resolver 8.8.8.8 4.2.2.2 ipv6=off; # Avoid ipv6 addresses for now
|
#resolver 8.8.8.8 4.2.2.2 ipv6=off; # Avoid ipv6 addresses for now
|
||||||
|
include /etc/nginx/resolvers.conf;
|
||||||
|
|
||||||
# forward proxy for non-CONNECT request
|
# forward proxy for non-CONNECT request
|
||||||
location / {
|
location / {
|
||||||
|
@ -140,7 +141,8 @@ http {
|
||||||
ssl_certificate_key /certs/web.key;
|
ssl_certificate_key /certs/web.key;
|
||||||
|
|
||||||
# We need to resolve the real names of our proxied servers.
|
# We need to resolve the real names of our proxied servers.
|
||||||
resolver 8.8.8.8 4.2.2.2 ipv6=off; # Avoid ipv6 addresses for now
|
#resolver 8.8.8.8 4.2.2.2 ipv6=off; # Avoid ipv6 addresses for now
|
||||||
|
include /etc/nginx/resolvers.conf;
|
||||||
|
|
||||||
# Docker needs this. Don't ask.
|
# Docker needs this. Don't ask.
|
||||||
chunked_transfer_encoding on;
|
chunked_transfer_encoding on;
|
||||||
|
@ -238,4 +240,4 @@ http {
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue