Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Refactor NGINX configuration #56

Merged
merged 1 commit into from
Jan 24, 2021
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 0 additions & 1 deletion traccar/config.json
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,6 @@
"startup": "services",
"arch": ["aarch64", "amd64", "armhf", "armv7", "i386"],
"init": false,
"hassio_api": true,
"host_network": true,
"ports": {
"80/tcp": null
Expand Down
48 changes: 18 additions & 30 deletions traccar/rootfs/etc/cont-init.d/nginx.sh
Original file line number Diff line number Diff line change
Expand Up @@ -3,36 +3,24 @@
# Home Assistant Community Add-on: Traccar
# Configures NGINX for use with the Traccar server
# ==============================================================================
declare port
declare certfile
declare dns_host
declare ingress_interface
declare ingress_port
declare keyfile

port=$(bashio::addon.port 80)
if bashio::var.has_value "${port}"; then
bashio::config.require.ssl

if bashio::config.true 'ssl'; then
certfile=$(bashio::config 'certfile')
keyfile=$(bashio::config 'keyfile')

mv /etc/nginx/servers/direct-ssl.disabled /etc/nginx/servers/direct.conf
sed -i "s#%%certfile%%#${certfile}#g" /etc/nginx/servers/direct.conf
sed -i "s#%%keyfile%%#${keyfile}#g" /etc/nginx/servers/direct.conf

else
mv /etc/nginx/servers/direct.disabled /etc/nginx/servers/direct.conf
fi
# Generate Ingress configuration
bashio::var.json \
interface "$(bashio::addon.ip_address)" \
port "$(bashio::addon.ingress_port)" \
| tempio \
-template /etc/nginx/templates/ingress.gtpl \
-out /etc/nginx/servers/ingress.conf

sed -i "s/%%port%%/${port}/g" /etc/nginx/servers/direct.conf
# Generate direct access configuration, if enabled.
if bashio::var.has_value "$(bashio::addon.port 80)"; then
bashio::config.require.ssl
bashio::var.json \
certfile "$(bashio::config 'certfile')" \
keyfile "$(bashio::config 'keyfile')" \
port "^$(bashio::addon.port 80)" \
ssl "^$(bashio::config 'ssl')" \
| tempio \
-template /etc/nginx/templates/direct.gtpl \
-out /etc/nginx/servers/direct.conf
fi

ingress_port=$(bashio::addon.ingress_port)
ingress_interface=$(bashio::addon.ip_address)
sed -i "s/%%port%%/${ingress_port}/g" /etc/nginx/servers/ingress.conf
sed -i "s/%%interface%%/${ingress_interface}/g" /etc/nginx/servers/ingress.conf

dns_host=$(bashio::dns.host)
sed -i "s/%%dns_host%%/${dns_host}/g" /etc/nginx/includes/resolver.conf
1 change: 0 additions & 1 deletion traccar/rootfs/etc/nginx/includes/resolver.conf

This file was deleted.

9 changes: 0 additions & 9 deletions traccar/rootfs/etc/nginx/nginx.conf
Original file line number Diff line number Diff line change
Expand Up @@ -16,13 +16,6 @@ pcre_jit on;
# Write error log to the add-on log.
error_log /proc/1/fd/1 error;

# Load allowed environment vars
env SUPERVISOR_TOKEN;
env DISABLE_HA_AUTHENTICATION;

# Load dynamic modules.
include /etc/nginx/modules/*.conf;

# Max num of simultaneous connections by a worker process.
events {
worker_connections 512;
Expand Down Expand Up @@ -50,8 +43,6 @@ http {
'' close;
}

include /etc/nginx/includes/resolver.conf;
include /etc/nginx/includes/upstream.conf;

include /etc/nginx/servers/*.conf;
}
1 change: 1 addition & 0 deletions traccar/rootfs/etc/nginx/servers/.gitkeep
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Without requirements or design, programming is the art of adding bugs to an empty text file. (Louis Srygley)
14 changes: 0 additions & 14 deletions traccar/rootfs/etc/nginx/servers/direct-ssl.disabled

This file was deleted.

10 changes: 0 additions & 10 deletions traccar/rootfs/etc/nginx/servers/direct.disabled

This file was deleted.

21 changes: 21 additions & 0 deletions traccar/rootfs/etc/nginx/templates/direct.gtpl
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
server {
{{ if not .ssl }}
listen {{ .port }} default_server;
{{ else }}
listen {{ .port }} default_server ssl http2;
{{ end }}

include /etc/nginx/includes/server_params.conf;
include /etc/nginx/includes/proxy_params.conf;

{{ if .ssl }}
include /etc/nginx/includes/ssl_params.conf;

ssl_certificate /ssl/{{ .certfile }};
ssl_certificate_key /ssl/{{ .keyfile }};
{{ end }}

location / {
proxy_pass http://backend;
}
}
Original file line number Diff line number Diff line change
@@ -1,9 +1,12 @@
server {
listen %%interface%%:%%port%% default_server;
listen {{ .interface }}:{{ . port }} default_server;

include /etc/nginx/includes/server_params.conf;
include /etc/nginx/includes/proxy_params.conf;

allow 172.30.32.2;
deny all;

location / {
allow 172.30.32.2;
deny all;
Expand Down