container/nginx-s3
1
0
Fork 0
Code Issues 1 Pull Requests Releases 6 Activity

feat: add option to control repo mode
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/tag Build is passing
Details

Browse Source
This commit is contained in:
Robert Kaussow 2023-09-27 00:02:20 +02:00
parent 081e7d2f41
commit 2fb2e2e9f4
Signed by: xoxys
GPG Key ID: 4E692A2EAECC03C0
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
overlay/etc/templates/vhosts.conf.tmpl
View File

@ -1,5 +1,5 @@
{{- $config := ds "config" }} {{- $config := ds "config" }}
{{- $defauls := data.YAML "{hostnames: [localhost], upstream_use_tls: false, proxy_ssl_protocols: TLSv1.2 TLSv1.3, proxy_hide_header: [X-Amz-*]}" -}} {{- $defauls := data.YAML "{hostnames: [localhost], repo_mode: false, upstream_use_tls: false, proxy_ssl_protocols: TLSv1.2 TLSv1.3, proxy_hide_header: [X-Amz-*]}" -}}
{{- range $config }} {{- range $config }}
{{- $this := coll.Merge . $defauls }} {{- $this := coll.Merge . $defauls }}
@ -41,7 +41,7 @@ server {
end end
return content return content
} }
set $string_to_sign "GET\n\n\n${now}\n/{{ $this.bucket }}/${repo}$request_path"; set $string_to_sign "GET\n\n\n${now}\n/{{ $this.bucket }}{{ if $this.repo_mode | conv.ToBool }}/${repo}{{ end }}$request_path";
set_hmac_sha1 $aws_signature "$secret_access_key" "$string_to_sign"; set_hmac_sha1 $aws_signature "$secret_access_key" "$string_to_sign";
set_encode_base64 $aws_signature "$aws_signature"; set_encode_base64 $aws_signature "$aws_signature";
@ -51,14 +51,14 @@ server {
{{ end -}} {{ end -}}
{{- if $this.upstream_use_tls }} {{- if $this.upstream_use_tls }}
proxy_pass https://backend_s3_{{ $this.bucket }}/{{ $this.bucket }}/${repo}$uri; proxy_pass https://backend_s3_{{ $this.bucket }}/{{ $this.bucket }}{{ if $this.repo_mode | conv.ToBool }}/${repo}{{ end }}$uri;
proxy_ssl_name {{ $upstream_host }}; proxy_ssl_name {{ $upstream_host }};
proxy_ssl_server_name on; proxy_ssl_server_name on;
proxy_ssl_verify on; proxy_ssl_verify on;
proxy_ssl_trusted_certificate /etc/ssl/certs/ca-certificates.crt; proxy_ssl_trusted_certificate /etc/ssl/certs/ca-certificates.crt;
proxy_ssl_protocols {{ $this.proxy_ssl_protocols }}; proxy_ssl_protocols {{ $this.proxy_ssl_protocols }};
{{- else }} {{- else }}
proxy_pass http://backend_s3_{{ $this.bucket }}/{{ $this.bucket }}/${repo}$uri; proxy_pass http://backend_s3_{{ $this.bucket }}/{{ $this.bucket }}{{ if $this.repo_mode | conv.ToBool }}/${repo}{{ end }}$uri;
{{- end }} {{- end }}
proxy_http_version 1.1; proxy_http_version 1.1;