Add htpasswd and custom vhost.d configs via env vars

nginx-proxy · Jul 29, 2019 · 1f9c34c · 1f9c34c
1 parent 8c590fc
commit 1f9c34c
Show file tree

Hide file tree

Showing 6 changed files with 51 additions and 0 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -28,6 +28,7 @@ COPY network_internal.conf /etc/nginx/
 
 COPY . /app/
 WORKDIR /app/
+RUN touch /app/htpasswd_generator.sh && chmod +x /app/htpasswd_generator.sh
 
 ENV DOCKER_HOST unix:///tmp/docker.sock
 

diff --git a/Dockerfile.alpine b/Dockerfile.alpine
@@ -25,6 +25,7 @@ COPY network_internal.conf /etc/nginx/
 
 COPY . /app/
 WORKDIR /app/
+RUN touch /app/htpasswd_generator.sh && chmod +x /app/htpasswd_generator.sh
 
 ENV DOCKER_HOST unix:///tmp/docker.sock
 

diff --git a/Procfile b/Procfile
@@ -1,2 +1,3 @@
+htpasswdgen: docker-gen -watch -notify "/app/htpasswd_generator.sh" /app/htpasswd_generator.tmpl /app/htpasswd_generator.sh
 dockergen: docker-gen -watch -notify "nginx -s reload" /app/nginx.tmpl /etc/nginx/conf.d/default.conf
 nginx: nginx
diff --git a/README.md b/README.md
@@ -313,7 +313,17 @@ $ docker run -d -p 80:80 -p 443:443 \
     -v /var/run/docker.sock:/tmp/docker.sock:ro \
     jwilder/nginx-proxy
 ```
+Or have your container with `VHOST_HTPASSWD`
 
+```
+$ docker run -d -p 80:80 -p 443:443 \
+    -v /var/run/docker.sock:/tmp/docker.sock:ro \
+    jwilder/nginx-proxy
+$ docker run -d \
+    -e VIRTUAL_HOST=whoami.local \
+    -e VHOST_HTPASSWD='abc:900150983CD24FB0D6963F7D28E17F72' `# this is abc:abc using md5` \
+    jwilder/whoami
+```
 You'll need apache2-utils on the machine where you plan to create the htpasswd file. Follow these [instructions](http://httpd.apache.org/docs/2.2/programs/htpasswd.html)
 
 ### Custom Nginx Configuration
@@ -385,6 +395,8 @@ If you are using multiple hostnames for a single container (e.g. `VIRTUAL_HOST=e
 If you want most of your virtual hosts to use a default single configuration and then override on a few specific ones, add those settings to the `/etc/nginx/vhost.d/default` file. This file
 will be used on any virtual host which does not have a `/etc/nginx/vhost.d/{VIRTUAL_HOST}` file associated with it.
 
+You can also have `VHOST_CONF` environment variable in your container.
+
 #### Per-VIRTUAL_HOST location configuration
 
 To add settings to the "location" block on a per-`VIRTUAL_HOST` basis, add your configuration file under `/etc/nginx/vhost.d`
@@ -405,6 +417,8 @@ If you are using multiple hostnames for a single container (e.g. `VIRTUAL_HOST=e
 If you want most of your virtual hosts to use a default single `location` block configuration and then override on a few specific ones, add those settings to the `/etc/nginx/vhost.d/default_location` file. This file
 will be used on any virtual host which does not have a `/etc/nginx/vhost.d/{VIRTUAL_HOST}_location` file associated with it.
 
+You can also have `VHOST_LOCATION_CONF` environment variable in your container.
+
 ### Contributing
 
 Before submitting pull requests or issues, please check github to make sure an existing issue or pull request is not already open.

diff --git a/htpasswd_generator.tmpl b/htpasswd_generator.tmpl
@@ -0,0 +1,16 @@
+#!/bin/sh
+
+mkdir -p /etc/nginx/htpasswd
+{{ range $host, $containers := groupByMulti $ "Env.VIRTUAL_HOST" "," }}
+
+{{ $host := trim $host }}
+
+{{ $htpasswd := or (first (groupByKeys $containers "Env.VHOST_HTPASSWD")) "" }}
+
+if [ ! -z '{{$htpasswd}}' ]
+then
+    echo '{{ $htpasswd }}' > /etc/nginx/htpasswd/{{ $host }}
+fi
+
+{{ end }}
+nginx -s reload
diff --git a/nginx.tmpl b/nginx.tmpl
@@ -157,6 +157,10 @@ upstream {{ $upstream_name }} {
 {{/* Get the VIRTUAL_PROTO defined by containers w/ the same vhost, falling back to "http" */}}
 {{ $proto := trim (or (first (groupByKeys $containers "Env.VIRTUAL_PROTO")) "http") }}
 
+{{ $vhost_conf := trim (or (first (groupByKeys $containers "Env.VHOST_CONF")) "") }}
+
+{{ $vhost_location_conf := trim (or (first (groupByKeys $containers "Env.VHOST_LOCATION_CONF")) "") }}
+
 {{/* Get the NETWORK_ACCESS defined by containers w/ the same vhost, falling back to "external" */}}
 {{ $network_tag := or (first (groupByKeys $containers "Env.NETWORK_ACCESS")) "external" }}
 
@@ -272,6 +276,10 @@ server {
 	include /etc/nginx/vhost.d/default;
 	{{ end }}
 
+	{{ if not (eq $vhost_conf "") }}
+	{{ $vhost_conf }}
+	{{ end }}
+
 	location / {
 		{{ if eq $proto "uwsgi" }}
 		include uwsgi_params;
@@ -293,6 +301,9 @@ server {
 		{{ else if (exists "/etc/nginx/vhost.d/default_location") }}
 		include /etc/nginx/vhost.d/default_location;
 		{{ end }}
+		{{ if not (eq $vhost_location_conf "") }}
+		{{ $vhost_location_conf }}
+		{{ end }}
 	}
 }
 
@@ -319,6 +330,10 @@ server {
 	include /etc/nginx/vhost.d/default;
 	{{ end }}
 
+	{{ if not (eq $vhost_conf "") }}
+	{{ $vhost_conf }}
+	{{ end }}
+
 	location / {
 		{{ if eq $proto "uwsgi" }}
 		include uwsgi_params;
@@ -339,6 +354,9 @@ server {
 		{{ else if (exists "/etc/nginx/vhost.d/default_location") }}
 		include /etc/nginx/vhost.d/default_location;
 		{{ end }}
+		{{ if not (eq $vhost_location_conf "") }}
+		{{ $vhost_location_conf }}
+		{{ end }}
 	}
 }