diff options
| author | Mathias Magnusson <mathias@magnusson.space> | 2023-09-19 20:12:43 +0200 |
|---|---|---|
| committer | Mathias Magnusson <mathias@magnusson.space> | 2023-09-19 20:12:43 +0200 |
| commit | 0d1a7a8c7dfc8a79329d3364761a6eb0f3a3d8c3 (patch) | |
| tree | 25e940c1bf73f1124f0a0cb99b672d7b6240c545 /jobs/virtual-hosting.nomad.hcl | |
| parent | e25fb13a653dde3afd3e6fd2ad5e3ae7bfd2c044 (diff) | |
| download | garm-0d1a7a8c7dfc8a79329d3364761a6eb0f3a3d8c3.tar.gz | |
Add support for http challenges for tls certificates
Diffstat (limited to 'jobs/virtual-hosting.nomad.hcl')
| -rw-r--r-- | jobs/virtual-hosting.nomad.hcl | 27 |
1 files changed, 26 insertions, 1 deletions
diff --git a/jobs/virtual-hosting.nomad.hcl b/jobs/virtual-hosting.nomad.hcl index 638a1c9..fcf4f91 100644 --- a/jobs/virtual-hosting.nomad.hcl +++ b/jobs/virtual-hosting.nomad.hcl @@ -41,6 +41,26 @@ job "virtual-hosting" { template { data = <<EOF +{{- $hijackHTTPHostnames := sprig_list -}} +{{- $hijackUpstream := "" -}} +{{- range $s := nomadServices -}} +{{- range $tag := $s.Tags -}} + {{- if $tag | regexMatch "nginx.hijack_http=" -}} + {{- $hijackHTTPHostnames = $tag | replaceAll "nginx.hijack_http=" "" | split "," -}} + {{- $hijackUpstream = $s.Name | toLower | regexReplaceAll "[^a-z0-9\\-._]" "" -}} +upstream {{ $hijackUpstream }} { + {{- range nomadService $s.Name }} + server {{ .Address }}:{{ .Port }}; + {{- end }} +} + {{- break -}} + {{- end -}} + {{- if ne (len $hijackHTTPHostnames) 0 -}} + {{- break -}} + {{- end -}} +{{- end -}} +{{- end }} + {{- range nomadServices -}} {{- $hostname := "" -}} @@ -77,8 +97,13 @@ server { server_name {{ $hostname }}; location / { - proxy_pass http://{{ $upstream }}; + {{ if $hijackHTTPHostnames | contains $hostname -}} + proxy_pass http://{{ $hijackUpstream }}; + {{- else -}} + proxy_pass http://{{ $upstream }}; + {{- end }} + proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Port $server_port; |