New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow complete override of location blocks #1179
Conversation
This is a must-have, please merge @jwilder |
1 similar comment
This is a must-have, please merge @jwilder |
merge jwilder#1179
I like this feature. 😃 |
It would be awesome if we could have this feature in master 🙏 @jwilder |
+1 |
any idea why this is not merged yet?? :( |
any update? |
Please merge this |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This would solve the issue I raise in #1385. Testing on my own docker build here works fine (the resulting conf has some indentation issues though).
Whats the hold up here? |
Why hasn't this been merged? |
Thanks for this PR. I suspect the hold up is that this just takes time to deal with. :) That said, I could also use this PR. Django complains bitterly about The current build of this repo sends requests for the server IP to the first server block which results in 503's bubbling up to admin emails / sentry etc. This is a real problem on a VPS host where IP ranges are constantly probed. This is a great container. @jwilder, when time allows please consider merging this. |
Indeed why has this not been merged? |
@rhansen I'm considering merging this if we can test it. I'm just not entirely sold on the |
Thinking about this more, users of this feature are unlikely to use Users can already inject If the user does use diff --git a/nginx.tmpl b/nginx.tmpl
index e7d77c9..e994712 100644
--- a/nginx.tmpl
+++ b/nginx.tmpl
@@ -52,6 +52,10 @@
{{ end }}
{{ define "location" }}
+ {{- $override := printf "/etc/nginx/vhost.d/%s_%s_location_override" .Host (sha1 .Path) }}
+ {{- if (exists $override) }}
+ include {{ $override }}
+ {{- else }}
location {{ .Path }} {
{{ if eq .NetworkTag "internal" }}
# Only allow traffic from internal clients
@@ -84,6 +88,7 @@
include /etc/nginx/vhost.d/default_location;
{{ end }}
}
+ {{- end }}
{{ end }}
{{ define "upstream" }} |
I rebased onto latest |
I pushed a couple of fixes (typo fix, move documentation) as well as a commit that changes the approach to be per-location instead of per-host. Please let me know what you think; I'll add tests once we reach consensus. |
@rhansen I've given that a bit more thought, do you think an environment variable like |
Is it? The problem we are trying to solve here is not clear to me. The If we only want to disable the default root location, then I propose extending the existing diff --git a/README.md b/README.md
index 0ca08d7..a656637 100644
--- a/README.md
+++ b/README.md
@@ -152,10 +152,17 @@ The filename of the previous example would be `example.tld_8610f6c344b4096614eab
This environment variable of the nginx proxy container can be used to customize the return error page if no matching path is found. Furthermore it is possible to use anything which is compatible with the `return` statement of nginx.
-For example `DEFAULT_ROOT=418` will return a 418 error page instead of the normal 404 one.
-Another example is `DEFAULT_ROOT="301 https://github.com/nginx-proxy/nginx-proxy/blob/main/README.md"` which would redirect an invalid request to this documentation.
-Nginx variables such as $scheme, $host, and $request_uri can be used. However, care must be taken to make sure the $ signs are escaped properly.
-If you want to use `301 $scheme://$host/myapp1$request_uri` you should use:
+Exception: If this is set to the string `none`, no default `location /` directive will be generated. This makes it possible for you to provide your own `location /` directive in your [`/etc/nginx/vhost.d/VIRTUAL_HOST`](#per-virtual_host) or [`/etc/nginx/vhost.d/default`](#per-virtual_host-default-configuration) files.
+
+If unspecified, `DEFAULT_ROOT` defaults to `404`.
+
+Examples (YAML syntax):
+
+ * `DEFAULT_ROOT: "none"` prevents `nginx-proxy` from generating a default `location /` directive.
+ * `DEFAULT_ROOT: "418"` returns a 418 error page instead of the normal 404 one.
+ * `DEFAULT_ROOT: "301 https://github.com/nginx-proxy/nginx-proxy/blob/main/README.md"` redirects the client to this documentation.
+
+Nginx variables such as `$scheme`, `$host`, and `$request_uri` can be used. However, care must be taken to make sure the `$` signs are escaped properly. For example, if you want to use `301 $scheme://$host/myapp1$request_uri` you should use:
* Bash: `DEFAULT_ROOT='301 $scheme://$host/myapp1$request_uri'`
* Docker Compose yaml: `- DEFAULT_ROOT: 301 $$scheme://$$host/myapp1$$request_uri`
diff --git a/nginx.tmpl b/nginx.tmpl
index fb4f76f..64a3edb 100644
--- a/nginx.tmpl
+++ b/nginx.tmpl
@@ -453,7 +453,7 @@ server {
{{- end }}
{{- template "location" (dict "Path" $path "Proto" $proto "Upstream" $upstream "Host" $host "VhostRoot" $vhost_root "Dest" $dest "NetworkTag" $network_tag) }}
{{- end }}
- {{- if (not (contains $paths "/")) }}
+ {{- if and (not (contains $paths "/")) (ne $globals.default_root_response "none")}}
location / {
return {{ $globals.default_root_response }};
} |
From what I understood of the various issues mentioned, the problem is that nginx-proxy generate a
I really like this idea, using |
I see a mix. Some users seem to want to be able to disable the default root and some want to tweak the I believe this can be fixed by setting For this case, the I guess this user could do the following:
However, that's a very kludgy solution. The OP doesn't say whether the Not enough information to make a determination. The user wants to override a
I don't think there's any reason we couldn't do both options (both per-path |
Done: #2146 |
Suits me, I approved #2146 Regarding the per-path |
@rhansen looks good to me so far, with added tests this can be merged. |
Done. |
Do you think you could add a test container that does not use Even if this is functionally the same as Other than that, LGTM. |
Co-authored-by: Trent Harvey <trent@harvdog.net>
Done. Turns out we have a bug unrelated to this PR: If one container has |
That might be convenient or okay but I'm pretty sure we never explicitly made it work that way 🤔 |
Under the existing implementation, it would be impossible to change the actual behavior of the default location block, which attempts to proxy_pass onto the container. This is probably acceptable for many use cases but not all.
This change adds some additional template logic that considers the existence of a
VIRTUAL_HOST_locations
(plural "locations" as opposed to the otherwise considered "location") configuration file. When present, it will bypass generating any nginxlocation
blocks and instead use those provided by the configuration file.This allows for some really advanced use cases with nginx's location filtering. You can then forward the root location of a monitored domain onto a completely different container or even an entirely external host while still introducing logic that allows certain locations to forward to the container like normal.
The README has been updated to reflect this.
Fixes #1385
Fixes #1286
Fixes #1086
Fixes #1003
Fixes #567