From daecf0c81108c604371f30fdc56866f025074caf Mon Sep 17 00:00:00 2001 From: ebrahimmfadae Date: Tue, 17 May 2022 20:26:36 +0430 Subject: [PATCH 01/24] Add admin panel --- nginx.conf | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/nginx.conf b/nginx.conf index 0614c61..5777c80 100644 --- a/nginx.conf +++ b/nginx.conf @@ -50,6 +50,10 @@ http { server web-app:80; } + upstream docker-admin-panel { + server admin-panel:80; + } + upstream docker-ipg { server payment:8080; } @@ -73,6 +77,23 @@ http { proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Host $server_name; + server { + listen 443 ssl; + listen [::]:443 ssl; + + server_name admin.demo.opex.dev; + server_name admin.demo.opex.dev:8443; + + location ~* \.(.*)$ { + proxy_pass http://docker-admin-panel; + } + + location / { + proxy_pass http://docker-admin-panel; + rewrite .* / break; + } + } + server { listen 443 ssl; listen [::]:443 ssl; From 54600d269321250f13e2088ba08b9d81b39d9428 Mon Sep 17 00:00:00 2001 From: ebrahimmfadae Date: Tue, 17 May 2022 21:44:32 +0430 Subject: [PATCH 02/24] Update admin panel host --- nginx.conf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/nginx.conf b/nginx.conf index 5777c80..7ae6bcb 100644 --- a/nginx.conf +++ b/nginx.conf @@ -81,8 +81,8 @@ http { listen 443 ssl; listen [::]:443 ssl; - server_name admin.demo.opex.dev; - server_name admin.demo.opex.dev:8443; + server_name adm-demo.opex.dev; + server_name adm-demo.opex.dev:8443; location ~* \.(.*)$ { proxy_pass http://docker-admin-panel; From fff8088fbe7e273670643dae8ecba9522478c1c2 Mon Sep 17 00:00:00 2001 From: ebrahimmfadae Date: Tue, 17 May 2022 23:43:25 +0430 Subject: [PATCH 03/24] Update nginx.conf --- nginx.conf | 3 --- 1 file changed, 3 deletions(-) diff --git a/nginx.conf b/nginx.conf index 7ae6bcb..171f178 100644 --- a/nginx.conf +++ b/nginx.conf @@ -82,7 +82,6 @@ http { listen [::]:443 ssl; server_name adm-demo.opex.dev; - server_name adm-demo.opex.dev:8443; location ~* \.(.*)$ { proxy_pass http://docker-admin-panel; @@ -99,7 +98,6 @@ http { listen [::]:443 ssl; server_name demo.opex.dev; - server_name demo.opex.dev:8443; location ^~ /auth { proxy_pass http://docker-auth; @@ -120,7 +118,6 @@ http { listen [::]:443 ssl; server_name api.opex.dev; - server_name api.opex.dev:8443; limit_req zone=default burst=5 nodelay; From c7c6d410045dbbcabf400a3a6a91d32f164687b1 Mon Sep 17 00:00:00 2001 From: ebrahimmfadae Date: Thu, 19 May 2022 14:24:46 +0430 Subject: [PATCH 04/24] Add superset server configuration --- nginx.conf | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/nginx.conf b/nginx.conf index 171f178..b6b55dd 100644 --- a/nginx.conf +++ b/nginx.conf @@ -77,6 +77,19 @@ http { proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Host $server_name; + server { + listen 443 ssl; + listen [::]:443 ssl; + + server_name dashbrd-demo.opex.dev; + + location / { + resolver 127.0.0.11; + set $backend https://superset; + proxy_pass $backend; + } + } + server { listen 443 ssl; listen [::]:443 ssl; From f72432fbc455f1a1a1ba32a3f5f83447033f26d7 Mon Sep 17 00:00:00 2001 From: ebrahimmfadae Date: Thu, 19 May 2022 14:30:41 +0430 Subject: [PATCH 05/24] Fix superset url --- nginx.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nginx.conf b/nginx.conf index b6b55dd..037f50a 100644 --- a/nginx.conf +++ b/nginx.conf @@ -85,7 +85,7 @@ http { location / { resolver 127.0.0.11; - set $backend https://superset; + set $backend http://superset:8088; proxy_pass $backend; } } From 9a10230792b2bdc1baa45a04e5610f1e7ebd7543 Mon Sep 17 00:00:00 2001 From: ebrahimmfadae Date: Fri, 20 May 2022 20:45:05 +0430 Subject: [PATCH 06/24] Add port to superset server_name --- nginx.conf | 1 + 1 file changed, 1 insertion(+) diff --git a/nginx.conf b/nginx.conf index 037f50a..5e986a4 100644 --- a/nginx.conf +++ b/nginx.conf @@ -82,6 +82,7 @@ http { listen [::]:443 ssl; server_name dashbrd-demo.opex.dev; + server_name dashbrd-demo.opex.dev:8443; location / { resolver 127.0.0.11; From f8448a9e889508e0e1741d9d63befb5f8720f4cb Mon Sep 17 00:00:00 2001 From: ebrahimmfadae Date: Fri, 20 May 2022 21:18:13 +0430 Subject: [PATCH 07/24] Disable proxy redirect --- nginx.conf | 1 + 1 file changed, 1 insertion(+) diff --git a/nginx.conf b/nginx.conf index 5e986a4..8bbe1e7 100644 --- a/nginx.conf +++ b/nginx.conf @@ -88,6 +88,7 @@ http { resolver 127.0.0.11; set $backend http://superset:8088; proxy_pass $backend; + proxy_redirect off; } } From 06ada97edb0075a4cd54ed8fd4958a6a7ae2e833 Mon Sep 17 00:00:00 2001 From: ebrahimmfadae Date: Fri, 20 May 2022 21:20:29 +0430 Subject: [PATCH 08/24] Update superset proxy redirect --- nginx.conf | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/nginx.conf b/nginx.conf index 8bbe1e7..7ce6169 100644 --- a/nginx.conf +++ b/nginx.conf @@ -82,13 +82,12 @@ http { listen [::]:443 ssl; server_name dashbrd-demo.opex.dev; - server_name dashbrd-demo.opex.dev:8443; location / { resolver 127.0.0.11; set $backend http://superset:8088; proxy_pass $backend; - proxy_redirect off; + proxy_redirect http://dashbrd-demo.opex.dev $host; } } From 29fbf1ffb69b4b07a49faa8c15d70a51e6237889 Mon Sep 17 00:00:00 2001 From: ebrahimmfadae Date: Fri, 20 May 2022 21:33:54 +0430 Subject: [PATCH 09/24] Update superset proxy redirect --- nginx.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nginx.conf b/nginx.conf index 7ce6169..de5253f 100644 --- a/nginx.conf +++ b/nginx.conf @@ -87,7 +87,7 @@ http { resolver 127.0.0.11; set $backend http://superset:8088; proxy_pass $backend; - proxy_redirect http://dashbrd-demo.opex.dev $host; + proxy_redirect http://dashbrd-demo.opex.dev /; } } From 9312aa29b2928d6c67978d6ec4e9fd2b8d6854e6 Mon Sep 17 00:00:00 2001 From: ebrahimmfadae Date: Fri, 20 May 2022 21:37:08 +0430 Subject: [PATCH 10/24] Update superset proxy redirect --- nginx.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nginx.conf b/nginx.conf index de5253f..088e1ff 100644 --- a/nginx.conf +++ b/nginx.conf @@ -87,7 +87,7 @@ http { resolver 127.0.0.11; set $backend http://superset:8088; proxy_pass $backend; - proxy_redirect http://dashbrd-demo.opex.dev /; + proxy_redirect http://dashbrd-demo.opex.dev https://$host; } } From b58286e1bdaa97c82c4d421934deebb6e3b08745 Mon Sep 17 00:00:00 2001 From: ebrahimmfadae Date: Fri, 20 May 2022 21:39:41 +0430 Subject: [PATCH 11/24] Update superset proxy redirect --- nginx.conf | 1 + 1 file changed, 1 insertion(+) diff --git a/nginx.conf b/nginx.conf index 088e1ff..4c65da3 100644 --- a/nginx.conf +++ b/nginx.conf @@ -82,6 +82,7 @@ http { listen [::]:443 ssl; server_name dashbrd-demo.opex.dev; + server_name dashbrd-demo.opex.dev:8443; location / { resolver 127.0.0.11; From 4e53343ef4fbba63d7ff69550b77b1086190dbd7 Mon Sep 17 00:00:00 2001 From: ebrahimmfadae Date: Fri, 20 May 2022 21:46:50 +0430 Subject: [PATCH 12/24] Update superset proxy redirect --- nginx.conf | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/nginx.conf b/nginx.conf index 4c65da3..3e817a0 100644 --- a/nginx.conf +++ b/nginx.conf @@ -82,13 +82,12 @@ http { listen [::]:443 ssl; server_name dashbrd-demo.opex.dev; - server_name dashbrd-demo.opex.dev:8443; location / { resolver 127.0.0.11; set $backend http://superset:8088; proxy_pass $backend; - proxy_redirect http://dashbrd-demo.opex.dev https://$host; + proxy_redirect http://dashbrd-demo.opex.dev https://$host:$port; } } From 47a45901e3283c03bd5d34f5911b2f43f838cd37 Mon Sep 17 00:00:00 2001 From: ebrahimmfadae Date: Fri, 20 May 2022 21:51:06 +0430 Subject: [PATCH 13/24] Update superset proxy redirect --- nginx.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nginx.conf b/nginx.conf index 3e817a0..ebd1c9f 100644 --- a/nginx.conf +++ b/nginx.conf @@ -87,7 +87,7 @@ http { resolver 127.0.0.11; set $backend http://superset:8088; proxy_pass $backend; - proxy_redirect http://dashbrd-demo.opex.dev https://$host:$port; + proxy_redirect http://dashbrd-demo.opex.dev https://$host:$server_port; } } From 8b0da8ec8af136ba2ebfbce432d54b44723df05a Mon Sep 17 00:00:00 2001 From: ebrahimmfadae Date: Fri, 20 May 2022 22:09:28 +0430 Subject: [PATCH 14/24] Remove superset proxy redirect --- nginx.conf | 1 - 1 file changed, 1 deletion(-) diff --git a/nginx.conf b/nginx.conf index ebd1c9f..037f50a 100644 --- a/nginx.conf +++ b/nginx.conf @@ -87,7 +87,6 @@ http { resolver 127.0.0.11; set $backend http://superset:8088; proxy_pass $backend; - proxy_redirect http://dashbrd-demo.opex.dev https://$host:$server_port; } } From 2c34afd0dac118afc1d41ef6f2b1d13f188b031d Mon Sep 17 00:00:00 2001 From: ebrahimmfadae Date: Fri, 20 May 2022 22:34:10 +0430 Subject: [PATCH 15/24] Change $host to $http_host --- nginx.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nginx.conf b/nginx.conf index 037f50a..018dc82 100644 --- a/nginx.conf +++ b/nginx.conf @@ -71,7 +71,7 @@ http { proxy_hide_header Access-Control-Allow-Headers; proxy_hide_header Access-Control-Allow-Methods; - proxy_set_header Host $host; + proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; From ee200eebdd487c3dfb3f933029f012631eb087dd Mon Sep 17 00:00:00 2001 From: ebrahimmfadae Date: Fri, 20 May 2022 22:42:53 +0430 Subject: [PATCH 16/24] Update superset proxy redirect --- nginx.conf | 1 + 1 file changed, 1 insertion(+) diff --git a/nginx.conf b/nginx.conf index 018dc82..5ccb6c4 100644 --- a/nginx.conf +++ b/nginx.conf @@ -87,6 +87,7 @@ http { resolver 127.0.0.11; set $backend http://superset:8088; proxy_pass $backend; + proxy_redirect https://dashbrd-demo.opex.dev $http_referer; } } From 81e76bed5dc7495aba6cc7d14f0616921ab3bab5 Mon Sep 17 00:00:00 2001 From: ebrahimmfadae Date: Fri, 20 May 2022 22:43:33 +0430 Subject: [PATCH 17/24] Change $http_host to $host --- nginx.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nginx.conf b/nginx.conf index 5ccb6c4..2f4fc00 100644 --- a/nginx.conf +++ b/nginx.conf @@ -71,7 +71,7 @@ http { proxy_hide_header Access-Control-Allow-Headers; proxy_hide_header Access-Control-Allow-Methods; - proxy_set_header Host $http_host; + proxy_set_header Host $http; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; From 168c7a5d54f8975c4b14b01b8581b6e37b6ef39f Mon Sep 17 00:00:00 2001 From: ebrahimmfadae Date: Fri, 20 May 2022 22:46:59 +0430 Subject: [PATCH 18/24] Fix $host --- nginx.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nginx.conf b/nginx.conf index 2f4fc00..d3b9212 100644 --- a/nginx.conf +++ b/nginx.conf @@ -71,7 +71,7 @@ http { proxy_hide_header Access-Control-Allow-Headers; proxy_hide_header Access-Control-Allow-Methods; - proxy_set_header Host $http; + proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; From 3c48f8af8b929fc6d716e5055973edbb4d499db1 Mon Sep 17 00:00:00 2001 From: ebrahimmfadae Date: Fri, 20 May 2022 22:52:19 +0430 Subject: [PATCH 19/24] Update superset proxy redirect --- nginx.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nginx.conf b/nginx.conf index d3b9212..2ad264c 100644 --- a/nginx.conf +++ b/nginx.conf @@ -87,7 +87,7 @@ http { resolver 127.0.0.11; set $backend http://superset:8088; proxy_pass $backend; - proxy_redirect https://dashbrd-demo.opex.dev $http_referer; + proxy_redirect https://dashbrd-demo.opex.dev $http_origin; } } From aaab29ea45f58ba21b0b284b4dfcfbe969a95b32 Mon Sep 17 00:00:00 2001 From: ebrahimmfadae Date: Fri, 20 May 2022 22:55:42 +0430 Subject: [PATCH 20/24] Update superset proxy redirect --- nginx.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nginx.conf b/nginx.conf index 2ad264c..9644bdd 100644 --- a/nginx.conf +++ b/nginx.conf @@ -87,7 +87,7 @@ http { resolver 127.0.0.11; set $backend http://superset:8088; proxy_pass $backend; - proxy_redirect https://dashbrd-demo.opex.dev $http_origin; + proxy_redirect https://dashbrd-demo.opex.dev https://dashbrd-demo.opex.dev:8443/$http_origin; } } From be9f715aacf35f7f11091dc09b837f3dfe657b1a Mon Sep 17 00:00:00 2001 From: ebrahimmfadae Date: Fri, 20 May 2022 23:11:54 +0430 Subject: [PATCH 21/24] Update log_format --- nginx.conf | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/nginx.conf b/nginx.conf index 9644bdd..260dac0 100644 --- a/nginx.conf +++ b/nginx.conf @@ -5,6 +5,10 @@ events { } http { + log_format compression '$http_x_real_ip - $remote_user [$time_local] ' + '"$request" $status $bytes_sent ' + '"$http_referer" "$http_user_agent" "$gzip_ratio"'; + include /etc/nginx/mime.types; sendfile on; limit_req_zone $binary_remote_addr zone=default:80m rate=20r/s; From 78677a64ff9693500cd4f47471d355e8a7dce994 Mon Sep 17 00:00:00 2001 From: ebrahimmfadae Date: Fri, 20 May 2022 23:15:39 +0430 Subject: [PATCH 22/24] Update superset proxy redirect --- nginx.conf | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/nginx.conf b/nginx.conf index 260dac0..b2310d4 100644 --- a/nginx.conf +++ b/nginx.conf @@ -5,10 +5,6 @@ events { } http { - log_format compression '$http_x_real_ip - $remote_user [$time_local] ' - '"$request" $status $bytes_sent ' - '"$http_referer" "$http_user_agent" "$gzip_ratio"'; - include /etc/nginx/mime.types; sendfile on; limit_req_zone $binary_remote_addr zone=default:80m rate=20r/s; @@ -91,7 +87,7 @@ http { resolver 127.0.0.11; set $backend http://superset:8088; proxy_pass $backend; - proxy_redirect https://dashbrd-demo.opex.dev https://dashbrd-demo.opex.dev:8443/$http_origin; + proxy_redirect https://dashbrd-demo.opex.dev https://dashbrd-demo.opex.dev:8443/$http_referer; } } From 83858b87c5ef77f55620b379670852e1d0dc0c7c Mon Sep 17 00:00:00 2001 From: ebrahimmfadae Date: Fri, 20 May 2022 23:28:09 +0430 Subject: [PATCH 23/24] Add X-Forwarded-Port --- nginx.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nginx.conf b/nginx.conf index b2310d4..620f831 100644 --- a/nginx.conf +++ b/nginx.conf @@ -76,6 +76,7 @@ http { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Host $server_name; + proxy_set_header X-Forwarded-Port 8443; server { listen 443 ssl; @@ -87,7 +88,6 @@ http { resolver 127.0.0.11; set $backend http://superset:8088; proxy_pass $backend; - proxy_redirect https://dashbrd-demo.opex.dev https://dashbrd-demo.opex.dev:8443/$http_referer; } } From 26f039a33cebc967bd12d91b672e92845194834c Mon Sep 17 00:00:00 2001 From: ebrahimmfadae Date: Sat, 21 May 2022 00:03:16 +0430 Subject: [PATCH 24/24] Add exposed port env --- .github/workflows/dev.yml | 9 +++++++-- .github/workflows/main.yml | 9 +++++++-- .gitignore | 5 ++++- Dockerfile | 7 +++++-- docker-compose.yml | 5 ++++- nginx.conf | 2 +- 6 files changed, 28 insertions(+), 9 deletions(-) diff --git a/.github/workflows/dev.yml b/.github/workflows/dev.yml index 0f3db11..11ded4e 100644 --- a/.github/workflows/dev.yml +++ b/.github/workflows/dev.yml @@ -13,7 +13,10 @@ jobs: - name: Checkout Source Code uses: actions/checkout@v2 - name: Build Docker images - run: TAG=dev docker-compose build + env: + TAG: dev + EXPOSED_PORT: 8443 + run: docker-compose build - name: Login to GitHub Container Registry uses: docker/login-action@v1 with: @@ -21,4 +24,6 @@ jobs: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Push images to GitHub Container Registry - run: TAG=dev docker-compose push + env: + TAG: dev + run: docker-compose push diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index db1da6d..24599ff 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -13,7 +13,10 @@ jobs: - name: Checkout Source Code uses: actions/checkout@v2 - name: Build Docker images - run: TAG=latest docker-compose build + env: + TAG: latest + EXPOSED_PORT: 443 + run: docker-compose build - name: Login to GitHub Container Registry uses: docker/login-action@v1 with: @@ -21,4 +24,6 @@ jobs: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Push images to GitHub Container Registry - run: TAG=latest docker-compose push + env: + TAG: latest + run: docker-compose push diff --git a/.gitignore b/.gitignore index 35542da..0d96905 100644 --- a/.gitignore +++ b/.gitignore @@ -4,4 +4,7 @@ # Certificate *.pem *.crt -*.der \ No newline at end of file +*.der + +# Misc +.env diff --git a/Dockerfile b/Dockerfile index c81a62b..9cd27a2 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,3 +1,6 @@ FROM nginx:1.20.2 -ADD nginx.conf /etc/nginx/ -EXPOSE 443 \ No newline at end of file +COPY nginx.conf /etc/nginx/ +ARG EXPOSED_PORT=443 +ENV EXPOSED_PORT $EXPOSED_PORT +RUN envsubst '\$EXPOSED_PORT' < /etc/nginx/nginx.conf | tee /etc/nginx/nginx.conf +EXPOSE 443 diff --git a/docker-compose.yml b/docker-compose.yml index dbc8956..f5f1b5a 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -2,4 +2,7 @@ version: '3.8' services: nginx: image: ghcr.io/opexdev/nginx:$TAG - build: . + build: + context: . + args: + - EXPOSED_PORT=$EXPOSED_PORT diff --git a/nginx.conf b/nginx.conf index 620f831..5cd9b44 100644 --- a/nginx.conf +++ b/nginx.conf @@ -76,7 +76,7 @@ http { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Host $server_name; - proxy_set_header X-Forwarded-Port 8443; + proxy_set_header X-Forwarded-Port $EXPOSED_PORT; server { listen 443 ssl;