Skip to content

Commit

Permalink
[Nginx] Use jinja2 for templating nginx configuration
Browse files Browse the repository at this point in the history
  • Loading branch information
FreddleSpl0it committed Nov 19, 2024
1 parent 5ad4ab5 commit 70ca5fd
Show file tree
Hide file tree
Showing 18 changed files with 526 additions and 369 deletions.
18 changes: 18 additions & 0 deletions data/Dockerfiles/nginx/Dockerfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
FROM nginx:alpine
LABEL maintainer "The Infrastructure Company GmbH <info@servercow.de>"

ENV PIP_BREAK_SYSTEM_PACKAGES=1

RUN apk add --no-cache nginx \
python3 \
py3-pip && \
pip install --upgrade pip && \
pip install Jinja2

RUN mkdir -p /etc/nginx/includes

COPY ./bootstrap.py /
COPY ./docker-entrypoint.sh /

ENTRYPOINT ["/docker-entrypoint.sh"]
CMD ["nginx", "-g", "daemon off;"]
76 changes: 76 additions & 0 deletions data/Dockerfiles/nginx/bootstrap.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,76 @@
import os
import subprocess
from jinja2 import Environment, FileSystemLoader


def sites_default_conf(env, template_vars):
config_name = "sites-default.conf"
template = env.get_template(f"{config_name}.j2")
config = template.render(template_vars)

with open(f"/etc/nginx/includes/{config_name}", "w") as f:
f.write(config)

def nginx_conf(env, template_vars):
config_name = "nginx.conf"
template = env.get_template(f"{config_name}.j2")
config = template.render(template_vars)

with open(f"/etc/nginx/{config_name}", "w") as f:
f.write(config)

def prepare_template_vars():
template_vars = {
'IPV4_NETWORK': os.getenv("IPV4_NETWORK", "172.22.1"),
'TRUSTED_NETWORK': os.getenv("TRUSTED_NETWORK", False),
'SKIP_RSPAMD': os.getenv("SKIP_RSPAMD", "n").lower() in ("y", "yes"),
'SKIP_SOGO': os.getenv("SKIP_SOGO", "n").lower() in ("y", "yes"),
'NGINX_USE_PROXY_PROTOCOL': os.getenv("NGINX_USE_PROXY_PROTOCOL", "n").lower() in ("y", "yes"),
'MAILCOW_HOSTNAME': os.getenv("MAILCOW_HOSTNAME", ""),
'ADDITIONAL_SERVER_NAMES': os.getenv("ADDITIONAL_SERVER_NAMES", "").replace(',', ' '),
'HTTP_PORT': os.getenv("HTTP_PORT", "80"),
'HTTPS_PORT': os.getenv("HTTPS_PORT", "443"),
'SOGOHOST': os.getenv("SOGOHOST", "sogo-mailcow"),
'RSPAMDHOST': os.getenv("RSPAMDHOST", "rspamd-mailcow"),
'PHPFPMHOST': os.getenv("PHPFPMHOST", "php-fpm-mailcow"),
}

ssl_dir = '/etc/ssl/mail/'
template_vars['valid_cert_dirs'] = []
for d in os.listdir(ssl_dir):
full_path = os.path.join(ssl_dir, d)
if not os.path.isdir(full_path):
continue

cert_path = os.path.join(full_path, 'cert.pem')
key_path = os.path.join(full_path, 'key.pem')
domains_path = os.path.join(full_path, 'domains')

if os.path.isfile(cert_path) and os.path.isfile(key_path) and os.path.isfile(domains_path):
with open(domains_path, 'r') as file:
domains = file.read().strip()
domains_list = domains.split()
if domains_list and template_vars["MAILCOW_HOSTNAME"] not in domains_list:
template_vars['valid_cert_dirs'].append({
'cert_path': full_path + '/',
'domains': domains
})

return template_vars

def main():
env = Environment(loader=FileSystemLoader('./etc/nginx/conf.d'))

# Render config
print("Render config")
template_vars = prepare_template_vars()
sites_default_conf(env, template_vars)
nginx_conf(env, template_vars)

# Validate config
print("Validate config")
subprocess.run(["nginx", "-qt"])


if __name__ == "__main__":
main()
26 changes: 26 additions & 0 deletions data/Dockerfiles/nginx/docker-entrypoint.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
#!/bin/sh

until ping ${REDISHOST} -c1 > /dev/null; do
echo "Waiting for Redis..."
sleep 1
done
until ping ${PHPFPMHOST} -c1 > /dev/null; do
echo "Waiting for PHP..."
sleep 1
done
if printf "%s\n" "${SKIP_SOGO}" | grep -E '^([yY][eE][sS]|[yY])+$' >/dev/null; then
until ping ${SOGOHOST} -c1 > /dev/null; do
echo "Waiting for SOGo..."
sleep 1
done
fi
if printf "%s\n" "${SKIP_RSPAMD}" | grep -E '^([yY][eE][sS]|[yY])+$' >/dev/null; then
until ping ${RSPAMDHOST} -c1 > /dev/null; do
echo "Waiting for Rspamd..."
sleep 1
done
fi

python3 /bootstrap.py

exec "$@"
3 changes: 0 additions & 3 deletions data/conf/nginx/000-map-size.conf

This file was deleted.

19 changes: 0 additions & 19 deletions data/conf/nginx/dynmaps.conf

This file was deleted.

242 changes: 0 additions & 242 deletions data/conf/nginx/includes/site-defaults.conf

This file was deleted.

8 changes: 0 additions & 8 deletions data/conf/nginx/includes/sogo_proxy_auth.conf

This file was deleted.

Loading

0 comments on commit 70ca5fd

Please sign in to comment.