Multiple Domain Support

.github/workflows/docker-image.yml

@@ -17,19 +17,19 @@ jobs:
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
-
+        
       - name: Login to Docker Registry
         uses: docker/login-action@v3
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
 
       - name: Build and push Docker image
-        uses: docker/build-push-action@v5
+        uses: docker/build-push-action@v6
         with:
           context: .
           file: Dockerfile
           push: true
           tags: |
-            nocodb/nginx-secure:${{ github.sha }}
-            nocodb/nginx-secure:latest
+            ${{ secrets.DOCKERHUB_USERNAME }}/nginx-secure:${{ github.sha }}
+            ${{ secrets.DOCKERHUB_USERNAME }}/nginx-secure:latest

default.conf.template

@@ -1,4 +1,4 @@
-upstream target {
+upstream $PROXY_HOST-target {
     least_conn;
     server $PROXY_HOST:$PROXY_PORT;
 }
@@ -7,11 +7,13 @@ server {
     listen 80;
     server_name $PROXY_DOMAIN;
 
+    client_max_body_size 50M;
+
     location / {
-        proxy_pass http://target;
+        proxy_pass http://$PROXY_HOST-target;
         proxy_set_header Host $host;
         proxy_set_header X-Real-IP $remote_addr;
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
         proxy_set_header X-Forwarded-Proto $scheme;
     }
-}
+}

entrypoint.sh

@@ -1,50 +1,108 @@
 #!/bin/bash
 
-# Hydrate default.conf.template PROXY_HOST and PROXY_PORT PROXY_DOMAIN with environment variables
-envsubst '$PROXY_HOST,$PROXY_PORT,$PROXY_DOMAIN' < /app/default.conf.template > /etc/nginx/conf.d/default.conf
+# Stop on error
+set -e
 
+# -------------------
+# DEBUG information
+# -------------------
 if [ "$DEBUG" = "true" ]; then
   echo "DEBUG MODE ENABLED"
-
-  echo "Nginx configuration:"
-  cat /etc/nginx/conf.d/default.conf
-  echo -e "\n==========================="
-
-  echo "Existing certificates:"
-  certbot certificates
-  echo -e "\n==========================="
-
-  echo "Environment variables:"
-  echo " PROXY_HOST: $PROXY_HOST"
-  echo " PROXY_PORT: $PROXY_PORT"
-  echo " PROXY_DOMAIN: $PROXY_DOMAIN"
-  echo " SSL_ENABLED: $SSL_ENABLED"
+  echo "MAPPINGS: $MAPPINGS"
+  echo "SSL_ENABLED: $SSL_ENABLED"
+  echo "Let's encrypt email: ${LETSENCRYPT_EMAIL:-contact@domain.com}"
   echo "==========================="
 fi
 
-if [ "$SSL_ENABLED" = "true" ]; then
-  # check if certbot certificates already exist for $PROXY_DOMAIN
-  if certbot certificates | grep -q $PROXY_DOMAIN; then
-    echo "Certificate already exists for $PROXY_DOMAIN"
-    certbot --cert-name $PROXY_DOMAIN install
+# -------------------
+# Split the MAPPINGS
+# -------------------
+IFS=',' read -ra MAPPING_LIST <<< "$MAPPINGS"
+
+# Clear out any old default config(s) (optional)
+rm -f /etc/nginx/conf.d/*.conf
+
+# For each mapping: domain=host:port
+for MAPPING in "${MAPPING_LIST[@]}"; do
+
+  # Extract the domain, host, port
+  DOMAIN="$(echo "$MAPPING" | cut -d= -f1)"
+  HOSTPORT="$(echo "$MAPPING" | cut -d= -f2)"
+
+  PROXY_HOST="$(echo "$HOSTPORT" | cut -d: -f1)"
+  PROXY_PORT="$(echo "$HOSTPORT" | cut -d: -f2)"
+
+  # Export these so envsubst can substitute them
+  export PROXY_DOMAIN="$DOMAIN"
+  export PROXY_HOST="$PROXY_HOST"
+  export PROXY_PORT="$PROXY_PORT"
+
+  # -------------------------
+  # Render Nginx config
+  # -------------------------
+  if [ "$DEBUG" = "true" ]; then
+    echo "Generating config for:"
+    echo "  Domain: $PROXY_DOMAIN"
+    echo "  Host:   $PROXY_HOST"
+    echo "  Port:   $PROXY_PORT"
+  fi
+
+  # Determine which template to use
+  CUSTOM_TEMPLATE="/app/${PROXY_HOST}.${PROXY_PORT}.conf"
+  DEFAULT_TEMPLATE="/app/default.conf.template"
+
+  if [ -f "$CUSTOM_TEMPLATE" ]; then
+    TEMPLATE="$CUSTOM_TEMPLATE"
+    echo "Using custom template: $TEMPLATE"
   else
-    echo "Certificate does not exist for $PROXY_DOMAIN, creating..."
-    certbot --nginx --email "contact@domain.com" --agree-tos --no-eff-email -d $PROXY_DOMAIN
+    TEMPLATE="$DEFAULT_TEMPLATE"
+    echo "Using default template: $TEMPLATE"
   fi
-fi
 
+  # Use envsubst to produce a .conf per domain
+  envsubst '$PROXY_DOMAIN,$PROXY_HOST,$PROXY_PORT' \
+  < "$TEMPLATE" \
+  > "/etc/nginx/conf.d/${PROXY_DOMAIN}.conf"
+
+  # -------------------------
+  # Issue or Install SSL Cert
+  # -------------------------
+  if [ "$SSL_ENABLED" = "true" ]; then
+
+    # Check whether a cert exists for this domain
+    if certbot certificates | grep -q "$PROXY_DOMAIN"; then
+      echo "Certificate already exists for $PROXY_DOMAIN"
+      certbot --cert-name "$PROXY_DOMAIN" install
+    else
+      echo "Creating certificate for $PROXY_DOMAIN..."
+      certbot --nginx \
+              --email "${LETSENCRYPT_EMAIL:-contact@domain.com}" \
+              --agree-tos \
+              --no-eff-email \
+              -d "$PROXY_DOMAIN"
+    fi
+  fi
+
+  if [ "$DEBUG" = "true" ]; then
+    echo "-------------------------------------------"
+  fi
+done
+
+# -------------------------
+# Debug / Verification
+# -------------------------
 if [ "$DEBUG" = "true" ]; then
-  echo "Updated Nginx configuration:"
-  cat /etc/nginx/conf.d/default.conf
-  echo -e "\n==========================="
+  echo "Final Nginx Config(s):"
+  cat /etc/nginx/conf.d/*.conf
+  echo "-------------------------------------------"
 
-  echo "Certbot log:"
-  cat /var/log/letsencrypt/letsencrypt.log
-  echo -e "\n==========================="
+  echo "Existing certificates:"
+  certbot certificates || true
+  echo "-------------------------------------------"
 fi
 
-# Stop nginx if it's already running
-nginx -s stop
+# Stop nginx if it's already running (ignore error if not running)
+nginx -s stop || true
 
-# Start nginx
-nginx -g "daemon off;"
+# Start nginx in foreground
+exec nginx -g "daemon off;"