container/nginx-s3
1
0
Fork 0
Code Issues 1 Pull Requests Releases 5 Activity
bb2b33c798
nginx-s3/overlay/etc/templates/vhost.conf.tmpl
Robert Kaussow bb2b33c798
All checks were successful
continuous-integration/drone/push Build is passing
Details
intial s3 proxy setup
2023-09-23 14:17:09 +02:00

60 lines
2.0 KiB
Cheetah
Raw Blame History

{{- $vhost := ds "vhost" }}
{{- $defauls := data.YAML "{hostnames: [localhost], proxy_ssl_protocols: TLSv1.2 TLSv1.3, proxy_hide_header: [X-Amz-*]}" -}}
{{- range $vhost }}
{{- $this := coll.Merge . $defauls }}
{{- $upstream_host := index ($this.upstream | strings.Split ":") 0 }}
{{- $access_key_id := index $this "access_key_id" }}
{{- $secret_access_key := index $this "secret_access_key" -}}
upstream backend_s3_{{ $this.bucket }} {
server {{ $this.upstream }};
}
server {
listen 8080;
server_name {{ conv.Join $this.hostnames " " }};
location / {
{{ if and $access_key_id $secret_access_key -}}
set_by_lua $now "return ngx.http_time(ngx.time())";
set $string_to_sign "GET\n\n\n${now}\n/{{ $this.bucket }}/${repo}$request_path";
set_hmac_sha1 $aws_signature "{{ $this.secret_access_key }}" "$string_to_sign";
set_encode_base64 $aws_signature "$aws_signature";
proxy_set_header Date "$now";
proxy_set_header Authorization "AWS {{ $this.access_key_id }}:$aws_signature";
{{ end -}}
proxy_pass https://backend_s3_{{ $this.bucket }}/{{ $this.bucket }}/${repo}$uri;
proxy_ssl_name {{ $upstream_host }};
proxy_ssl_server_name on;
proxy_ssl_verify on;
proxy_ssl_trusted_certificate /etc/ssl/certs/ca-certificates.crt;
proxy_ssl_protocols {{ $this.proxy_ssl_protocols }};
proxy_http_version 1.1;
proxy_buffering off;
proxy_connect_timeout 300;
proxy_intercept_errors on;
port_in_redirect off;
proxy_set_header Host "{{ $upstream_host }}";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
{{ range $this.proxy_hide_header }}
more_clear_headers {{ . }};
{{- end }}
proxy_ignore_headers Set-Cookie;
rewrite ^([^.]*[^/])$ $1/ permanent;
rewrite ^(.*)/$ $1/index.html break;
rewrite ^(.*/[^./]+)$ $1/index.html break;
}
}
{{- end -}}
Reference in New Issue View Git Blame Copy Permalink