nginx road

Dockerfile

@@ -0,0 +1,3 @@
+FROM nginx:1.27.4-alpine
+RUN apk add apache2-utils
+COPY entrypoint.sh /docker-entrypoint.d/entrypoint.sh

docker-compose.yaml

@@ -10,12 +10,18 @@ services:
           cpus: "0.1"
           memory: 128M
   pushgateway_nginx:
-    image: docker.pblr-nyk.pro/nginx:1.27.4-alpine
+    build: ./
     container_name: p_gw_nginx
     restart: unless-stopped
-    volumes:
-      - $PWD/srv.conf:/etc/nginx/conf.d/srv.conf:ro
-      - $PWD/.htpasswd:/etc/nginx/.htpasswd:ro
+    #COMBO | base auth for this instance
+    #GATEWAY | first gateway without pass words
+    environment:
+      - COMBO=test:test;test1:test1
+      - GATEWAY=p_gw:9091;p_gw:9091|user:pass;p_gw:9091|user:pass
+      - PORT=9091
+    #volumes:
+    #  - $PWD/srv.conf:/etc/nginx/conf.d/srv.conf:ro
+    #  - $PWD/.htpasswd:/etc/nginx/.htpasswd:ro
     ports:
       - 9091:9091
     deploy:

entrypoint.sh

@@ -0,0 +1,97 @@
+#!/bin/sh
+
+#htpasswd part
+rm /etc/nginx/.htpasswd || echo "cleared"
+touch /etc/nginx/.htpasswd
+USERS_SPLIT=$(echo $COMBO | tr ";" "\n")
+for USER in $USERS_SPLIT
+do
+    USERNAME=$(echo $USER | cut -d ":" -f 1)
+    PASSWORD=$(echo $USER | cut -d ":" -f 2)
+    htpasswd -b /etc/nginx/.htpasswd $USERNAME $PASSWORD
+done
+
+#gateways setup
+#gateway_0 is main
+rm /etc/nginx/conf.d/srv.conf || echo "cleared"
+touch /etc/nginx/conf.d/srv.conf
+GATEWAYS_SPLIT=$(echo $GATEWAY | tr ";" "\n")
+
+COUNTER=0
+for GATEWAY in $GATEWAYS_SPLIT
+do
+cat <<EOT >> /etc/nginx/conf.d/srv.conf
+upstream gateway_$COUNTER {
+    server $(echo $GATEWAY | cut -d "|" -f 1);
+}
+
+EOT
+COUNTER=$((COUNTER + 1))
+done
+
+#main
+cat <<EOT >> /etc/nginx/conf.d/srv.conf
+server {
+    listen 0.0.0.0:$PORT;
+    server_name __;
+
+    location / {
+        auth_basic "Pushgateway server authentication";
+        auth_basic_user_file /etc/nginx/.htpasswd;
+        proxy_pass http://gateway_0;
+        
+EOT
+
+#mirror redirect
+COUNTER=0
+for GATEWAY in $GATEWAYS_SPLIT
+do
+if [ $COUNTER -gt 0 ]; then
+    cat <<EOT >> /etc/nginx/conf.d/srv.conf
+        mirror /mirror_$COUNTER;
+EOT
+fi
+COUNTER=$((COUNTER + 1))
+done
+echo "    }" >> /etc/nginx/conf.d/srv.conf
+
+#mirror catcher
+cat <<EOT >> /etc/nginx/conf.d/srv.conf
+    if (\$http_x_is_mirror) {
+        rewrite ^/(.*)\$ /mirror/\$1 last;
+    }
+
+    location ~ ^/mirror/(.*)$ {
+        rewrite /mirror/(.*) /\$1 break;
+        auth_basic "Pushgateway server authentication";
+        auth_basic_user_file /etc/nginx/.htpasswd;
+        proxy_pass http://gateway_0;
+    }
+EOT
+
+#mirror location
+COUNTER=0
+for GATEWAY in $GATEWAYS_SPLIT
+do
+if [ $COUNTER -gt 0 ]; then
+    cat <<EOT >> /etc/nginx/conf.d/srv.conf
+    
+    location = /mirror_$COUNTER {
+        internal;
+        proxy_pass http://gateway_$COUNTER;
+        proxy_set_header X-Is-Mirror 'yes';
+        proxy_pass_header X-Is-Mirror;
+        proxy_set_header Authorization "Basic $(echo $GATEWAY | cut -d "|" -f 2 | base64)";
+        proxy_pass_header Authorization;
+    }
+
+EOT
+fi
+COUNTER=$((COUNTER + 1))
+done
+
+echo "}" >> /etc/nginx/conf.d/srv.conf
+
+cat /etc/nginx/conf.d/srv.conf
+cat /etc/nginx/.htpasswd
+nginx -t