From d43c6ee266e3e1d0ae3306216f3e825c140172a0 Mon Sep 17 00:00:00 2001 From: Matthew Wild Date: Fri, 29 Jan 2021 16:20:55 +0000 Subject: [PATCH] Add startup and error pages --- Dockerfile | 4 +++ cert-monitor.sh | 10 ++------ entrypoint.sh | 10 ++------ error-pages/502.html | 30 ++++++++++++++++++++++ error-pages/503.html | 30 ++++++++++++++++++++++ nginx/http.template | 44 +------------------------------- nginx/https.template | 44 +------------------------------- nginx/snikket-common.template | 47 +++++++++++++++++++++++++++++++++++ render-template.sh | 10 ++++++++ startup.html | 35 ++++++++++++++++++++++++++ static/css/snikket.css | 2 +- 11 files changed, 163 insertions(+), 103 deletions(-) create mode 100644 error-pages/502.html create mode 100644 error-pages/503.html create mode 100644 nginx/snikket-common.template create mode 100644 render-template.sh create mode 100644 startup.html diff --git a/Dockerfile b/Dockerfile index 4a96fc4..94caa75 100644 --- a/Dockerfile +++ b/Dockerfile @@ -16,9 +16,13 @@ RUN apt-get update \ && rm -rf /var/cache/* ADD entrypoint.sh /entrypoint.sh +ADD render-template.sh /usr/local/bin/render-template.sh ADD nginx/nginx.conf /etc/nginx/nginx.conf +ADD nginx/snikket-common.template /etc/nginx/templates/snikket-common ADD nginx/http.template /etc/nginx/templates/http ADD nginx/https.template /etc/nginx/templates/https ADD supervisord.conf /etc/supervisord/supervisord.conf ADD cert-monitor.sh /usr/local/bin/cert-monitor.sh ADD static /var/www/html/static +ADD startup.html /var/www/html/index.html +ADD error-pages /var/www/html/_errors diff --git a/cert-monitor.sh b/cert-monitor.sh index 3712dc4..6d6797e 100755 --- a/cert-monitor.sh +++ b/cert-monitor.sh @@ -2,17 +2,11 @@ CERT_PATH="/snikket/letsencrypt/live/$SNIKKET_DOMAIN/cert.pem" -export SNIKKET_TWEAK_HTTP_PORT=${SNIKKET_TWEAK_HTTP_PORT-80} -export SNIKKET_TWEAK_HTTPS_PORT=${SNIKKET_TWEAK_HTTPS_PORT-443} -export SNIKKET_TWEAK_INTERNAL_HTTP_PORT=${SNIKKET_TWEAK_INTERNAL_HTTP_PORT-5280} -export SNIKKET_TWEAK_PORTAL_INTERNAL_HTTP_PORT=${SNIKKET_TWEAK_PORTAL_INTERNAL_HTTP_PORT-5765} - while sleep 10; do if test -f "$CERT_PATH"; then + /usr/local/bin/render-template.sh "/etc/nginx/templates/snikket-common" "/etc/nginx/snippets/snikket-common.conf" for proto in http https; do - envsubst '$SNIKKET_DOMAIN $SNIKKET_TWEAK_HTTP_PORT $SNIKKET_TWEAK_HTTPS_PORT $SNIKKET_TWEAK_INTERNAL_HTTP_PORT $SNIKKET_TWEAK_PORTAL_INTERNAL_HTTP_PORT' \ - < /etc/nginx/templates/$proto \ - > /etc/nginx/sites-enabled/$proto; + /usr/local/bin/render-template.sh "/etc/nginx/templates/$proto" "/etc/nginx/sites-enabled/$proto"; done /usr/sbin/nginx -s reload exit 0; diff --git a/entrypoint.sh b/entrypoint.sh index 9cad362..fba80da 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -2,17 +2,11 @@ CERT_PATH="/snikket/letsencrypt/live/$SNIKKET_DOMAIN/cert.pem" -export SNIKKET_TWEAK_HTTP_PORT=${SNIKKET_TWEAK_HTTP_PORT-80} -export SNIKKET_TWEAK_HTTPS_PORT=${SNIKKET_TWEAK_HTTPS_PORT-443} -export SNIKKET_TWEAK_INTERNAL_HTTP_PORT=${SNIKKET_TWEAK_INTERNAL_HTTP_PORT-5280} -export SNIKKET_TWEAK_PORTAL_INTERNAL_HTTP_PORT=${SNIKKET_TWEAK_PORTAL_INTERNAL_HTTP_PORT-5765} - if test -f "$CERT_PATH"; then ## Certs already exist - render and deploy configs + /usr/local/bin/render-template.sh "/etc/nginx/templates/snikket-common" "/etc/nginx/snippets/snikket-common.conf" for proto in http https; do - envsubst '$SNIKKET_DOMAIN $SNIKKET_TWEAK_HTTP_PORT $SNIKKET_TWEAK_HTTPS_PORT $SNIKKET_TWEAK_INTERNAL_HTTP_PORT $SNIKKET_TWEAK_PORTAL_INTERNAL_HTTP_PORT' \ - < /etc/nginx/templates/$proto \ - > /etc/nginx/sites-enabled/$proto; + /usr/local/bin/render-template.sh "/etc/nginx/templates/$proto" "/etc/nginx/sites-enabled/$proto"; done fi diff --git a/error-pages/502.html b/error-pages/502.html new file mode 100644 index 0000000..947b22f --- /dev/null +++ b/error-pages/502.html @@ -0,0 +1,30 @@ + + + + + + Snikket | Temporarily unavailable + + + + + + + + + + + + + + +
+ Snikket +

Oops! A technical glitch.

+

There was a problem connecting to the Snikket service of this site.

+

If you just started this service, please wait a moment and reload the page.

+

If the problem continues, please check your Snikket configuration for problems.

+ 502 Bad Gateway +
+ + diff --git a/error-pages/503.html b/error-pages/503.html new file mode 100644 index 0000000..7751958 --- /dev/null +++ b/error-pages/503.html @@ -0,0 +1,30 @@ + + + + + + Snikket | Temporarily unavailable + + + + + + + + + + + + + + +
+ Snikket +

Oops! A technical glitch.

+

There was a problem connecting to the Snikket service of this site.

+

If you just started this service, please wait a moment and reload the page.

+

If the problem continues, please check your Snikket configuration for problems.

+ 503 Service Unavailable +
+ + diff --git a/nginx/http.template b/nginx/http.template index f32b22b..6c562c7 100644 --- a/nginx/http.template +++ b/nginx/http.template @@ -5,49 +5,7 @@ server { server_name ${SNIKKET_DOMAIN}; server_name groups.${SNIKKET_DOMAIN}; - root /var/www/html; - - location / { - try_files $uri /static/$uri @portal; - } - - location /admin_api { - try_files none @prosody; - } - - location /invites_api { - try_files none @prosody; - } - - location /oauth2 { - try_files none @prosody; - } - - location /rest { - try_files none @prosody; - } - - location /share { - alias /usr/share/javascript; - } - - location /upload { - try_files none @prosody; - } - - location @portal { - proxy_pass http://localhost:${SNIKKET_TWEAK_PORTAL_INTERNAL_HTTP_PORT}; - proxy_set_header Host $host; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto https; - } - - location @prosody { - proxy_pass http://localhost:${SNIKKET_TWEAK_INTERNAL_HTTP_PORT}; - proxy_set_header Host $host; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto https; - } + include "/etc/nginx/snippets/snikket-common.conf"; } server { diff --git a/nginx/https.template b/nginx/https.template index fa73671..6e71e47 100644 --- a/nginx/https.template +++ b/nginx/https.template @@ -14,49 +14,7 @@ server { server_name ${SNIKKET_DOMAIN}; server_name groups.${SNIKKET_DOMAIN}; - root /var/www/html; - - location / { - try_files $uri /static/$uri @portal; - } - - location /admin_api { - try_files none @prosody; - } - - location /invites_api { - try_files none @prosody; - } - - location /oauth2 { - try_files none @prosody; - } - - location /rest { - try_files none @prosody; - } - - location /share { - alias /usr/share/javascript; - } - - location /upload { - try_files none @prosody; - } - - location @portal { - proxy_pass http://localhost:${SNIKKET_TWEAK_PORTAL_INTERNAL_HTTP_PORT}; - proxy_set_header Host $host; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto https; - } - - location @prosody { - proxy_pass http://localhost:${SNIKKET_TWEAK_INTERNAL_HTTP_PORT}; - proxy_set_header Host $host; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto https; - } + include "/etc/nginx/snippets/snikket-common.conf"; } server { diff --git a/nginx/snikket-common.template b/nginx/snikket-common.template new file mode 100644 index 0000000..9b22e2f --- /dev/null +++ b/nginx/snikket-common.template @@ -0,0 +1,47 @@ +root /var/www/html; + +location / { + try_files $uri /static/$uri @portal; +} + +location /admin_api { + try_files none @prosody; +} + +location /invites_api { + try_files none @prosody; +} + +location /oauth2 { + try_files none @prosody; +} + +location /rest { + try_files none @prosody; +} + +location /share { + alias /usr/share/javascript; +} + +location /upload { + try_files none @prosody; +} + +location @portal { + proxy_pass http://localhost:${SNIKKET_TWEAK_PORTAL_INTERNAL_HTTP_PORT}; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto https; +} + +location @prosody { + proxy_pass http://localhost:${SNIKKET_TWEAK_INTERNAL_HTTP_PORT}; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto https; +} + +error_page 502 /_errors/502.html; +error_page 503 /_errors/503.html; +error_page 504 /_errors/504.html; diff --git a/render-template.sh b/render-template.sh new file mode 100644 index 0000000..1c1a72b --- /dev/null +++ b/render-template.sh @@ -0,0 +1,10 @@ +#!/bin/bash + +export SNIKKET_TWEAK_HTTP_PORT=${SNIKKET_TWEAK_HTTP_PORT-80} +export SNIKKET_TWEAK_HTTPS_PORT=${SNIKKET_TWEAK_HTTPS_PORT-443} +export SNIKKET_TWEAK_INTERNAL_HTTP_PORT=${SNIKKET_TWEAK_INTERNAL_HTTP_PORT-5280} +export SNIKKET_TWEAK_PORTAL_INTERNAL_HTTP_PORT=${SNIKKET_TWEAK_PORTAL_INTERNAL_HTTP_PORT-5765} + +exec envsubst '$SNIKKET_DOMAIN $SNIKKET_TWEAK_HTTP_PORT $SNIKKET_TWEAK_HTTPS_PORT $SNIKKET_TWEAK_INTERNAL_HTTP_PORT $SNIKKET_TWEAK_PORTAL_INTERNAL_HTTP_PORT' \ + < "$1" \ + > "$2"; diff --git a/startup.html b/startup.html new file mode 100644 index 0000000..c6a32c4 --- /dev/null +++ b/startup.html @@ -0,0 +1,35 @@ + + + + + + + + Snikket is starting + + + + + + + + + + + + + + +
+ Snikket +

Snikket is starting

+

We are currently obtaining SSL/TLS certificates to secure your Snikket service.

+

The login page should appear in a moment. If not, please reload the page.

+
+

If this page appears for more than a few minutes, there may be a problem. Check that + all components of Snikket are started properly, that your DNS is correct, and that port + 80 is open. +

+
+ + diff --git a/static/css/snikket.css b/static/css/snikket.css index e10e108..8712aeb 100644 --- a/static/css/snikket.css +++ b/static/css/snikket.css @@ -3,7 +3,7 @@ display: block; width: 100%; height: 100%; - background: url(/background.jpg) no-repeat center center fixed; + background: url(/static/img/background.jpg) no-repeat center center fixed; background-size: cover; filter: blur(10px); opacity: 0.5;