diff --git a/Dockerfile b/Dockerfile index 1e2a326..91185fc 100644 --- a/Dockerfile +++ b/Dockerfile @@ -23,6 +23,7 @@ ADD nginx/snikket-common.template /etc/nginx/templates/snikket-common ADD nginx/startup.template /etc/nginx/templates/startup ADD nginx/http.template /etc/nginx/templates/http ADD supervisord.conf /etc/supervisord/supervisord.conf +ADD cert-monitor.sh /usr/local/bin/cert-monitor.sh ADD static /var/www/html/static ADD startup.html /var/www/html/index.html ADD error-pages /var/www/html/_errors diff --git a/cert-monitor.sh b/cert-monitor.sh index 6910602..413f204 100755 --- a/cert-monitor.sh +++ b/cert-monitor.sh @@ -4,7 +4,8 @@ if test -f /etc/nginx/sites-enabled/startup; then rm /etc/nginx/sites-enabled/startup; fi /usr/local/bin/render-template.sh "/etc/nginx/templates/snikket-common" "/etc/nginx/snippets/snikket-common.conf" -for proto in http https; do - /usr/local/bin/render-template.sh "/etc/nginx/templates/$proto" "/etc/nginx/sites-enabled/$proto"; -done +proto=http +/usr/local/bin/render-template.sh "/etc/nginx/templates/$proto" "/etc/nginx/sites-enabled/$proto"; /usr/sbin/nginx -s reload + +sleep inf diff --git a/nginx/http.template b/nginx/http.template index a463778..883be60 100644 --- a/nginx/http.template +++ b/nginx/http.template @@ -4,14 +4,24 @@ server { server_name ${SNIKKET_DOMAIN}; server_name groups.${SNIKKET_DOMAIN}; + + include "/etc/nginx/snippets/snikket-common.conf"; +} + +server { + listen ${SNIKKET_TWEAK_HTTP_PORT}; + listen [::]:${SNIKKET_TWEAK_HTTP_PORT}; + server_name share.${SNIKKET_DOMAIN}; - location /.well-known/acme-challenge { - alias /var/www/html/.well-known/acme-challenge; - } + root /var/www/html; - location / { - return 301 https://$host$request_uri; + location /upload/ { + client_max_body_size 16M; + proxy_pass http://${SNIKKET_TWEAK_INTERNAL_HTTP_HOST}:${SNIKKET_TWEAK_INTERNAL_HTTP_PORT}; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto https; } }