diff --git a/.github/workflows/dev.yml b/.github/workflows/dev.yml index 0f3db11..11ded4e 100644 --- a/.github/workflows/dev.yml +++ b/.github/workflows/dev.yml @@ -13,7 +13,10 @@ jobs: - name: Checkout Source Code uses: actions/checkout@v2 - name: Build Docker images - run: TAG=dev docker-compose build + env: + TAG: dev + EXPOSED_PORT: 8443 + run: docker-compose build - name: Login to GitHub Container Registry uses: docker/login-action@v1 with: @@ -21,4 +24,6 @@ jobs: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Push images to GitHub Container Registry - run: TAG=dev docker-compose push + env: + TAG: dev + run: docker-compose push diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index db1da6d..24599ff 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -13,7 +13,10 @@ jobs: - name: Checkout Source Code uses: actions/checkout@v2 - name: Build Docker images - run: TAG=latest docker-compose build + env: + TAG: latest + EXPOSED_PORT: 443 + run: docker-compose build - name: Login to GitHub Container Registry uses: docker/login-action@v1 with: @@ -21,4 +24,6 @@ jobs: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Push images to GitHub Container Registry - run: TAG=latest docker-compose push + env: + TAG: latest + run: docker-compose push diff --git a/.gitignore b/.gitignore index 35542da..0d96905 100644 --- a/.gitignore +++ b/.gitignore @@ -4,4 +4,7 @@ # Certificate *.pem *.crt -*.der \ No newline at end of file +*.der + +# Misc +.env diff --git a/Dockerfile b/Dockerfile index c81a62b..9cd27a2 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,3 +1,6 @@ FROM nginx:1.20.2 -ADD nginx.conf /etc/nginx/ -EXPOSE 443 \ No newline at end of file +COPY nginx.conf /etc/nginx/ +ARG EXPOSED_PORT=443 +ENV EXPOSED_PORT $EXPOSED_PORT +RUN envsubst '\$EXPOSED_PORT' < /etc/nginx/nginx.conf | tee /etc/nginx/nginx.conf +EXPOSE 443 diff --git a/docker-compose.yml b/docker-compose.yml index dbc8956..f5f1b5a 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -2,4 +2,7 @@ version: '3.8' services: nginx: image: ghcr.io/opexdev/nginx:$TAG - build: . + build: + context: . + args: + - EXPOSED_PORT=$EXPOSED_PORT diff --git a/nginx.conf b/nginx.conf index 0614c61..5cd9b44 100644 --- a/nginx.conf +++ b/nginx.conf @@ -50,6 +50,10 @@ http { server web-app:80; } + upstream docker-admin-panel { + server admin-panel:80; + } + upstream docker-ipg { server payment:8080; } @@ -72,13 +76,42 @@ http { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Host $server_name; + proxy_set_header X-Forwarded-Port $EXPOSED_PORT; + + server { + listen 443 ssl; + listen [::]:443 ssl; + + server_name dashbrd-demo.opex.dev; + + location / { + resolver 127.0.0.11; + set $backend http://superset:8088; + proxy_pass $backend; + } + } + + server { + listen 443 ssl; + listen [::]:443 ssl; + + server_name adm-demo.opex.dev; + + location ~* \.(.*)$ { + proxy_pass http://docker-admin-panel; + } + + location / { + proxy_pass http://docker-admin-panel; + rewrite .* / break; + } + } server { listen 443 ssl; listen [::]:443 ssl; server_name demo.opex.dev; - server_name demo.opex.dev:8443; location ^~ /auth { proxy_pass http://docker-auth; @@ -99,7 +132,6 @@ http { listen [::]:443 ssl; server_name api.opex.dev; - server_name api.opex.dev:8443; limit_req zone=default burst=5 nodelay;