From e9805d28bb2a7c9fd2e0d6a2ee5f49547074350d Mon Sep 17 00:00:00 2001 From: boyska Date: Sun, 19 Aug 2018 00:50:25 +0200 Subject: [PATCH] frontend based on apache reasons: 1. nginx resolve names at startup. This requires strong dependency between containers. Strong dependency is bad. 2. apache is used elsewhere, so less knowledge needed to develop the whole stack --- docker-compose.yml | 6 +- docker/frontend-apache.conf | 190 ++++++++++++++++++++++++++++++++++++ docker/nginx.conf | 28 ------ 3 files changed, 193 insertions(+), 31 deletions(-) create mode 100644 docker/frontend-apache.conf delete mode 100644 docker/nginx.conf diff --git a/docker-compose.yml b/docker-compose.yml index cf6c63e..6e08192 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -45,11 +45,11 @@ services: environment: - APACHE_SERVER_NAME=rss-bridge - webserver: - image: nginx:latest + feedati-fe: + image: httpd:2.4-alpine container_name: feedati_webserver volumes: - - ./docker/nginx.conf:/etc/nginx/conf.d/default.conf:ro + - ./docker/frontend-apache.conf:/usr/local/apache2/conf/httpd.conf:ro ports: - 80:80 diff --git a/docker/frontend-apache.conf b/docker/frontend-apache.conf new file mode 100644 index 0000000..befe9ff --- /dev/null +++ b/docker/frontend-apache.conf @@ -0,0 +1,190 @@ +ServerRoot "/usr/local/apache2" + +Listen 80 + +LoadModule mpm_event_module modules/mod_mpm_event.so +LoadModule authn_core_module modules/mod_authn_core.so +LoadModule authz_core_module modules/mod_authz_core.so +LoadModule access_compat_module modules/mod_access_compat.so +LoadModule mime_module modules/mod_mime.so +LoadModule log_config_module modules/mod_log_config.so +LoadModule env_module modules/mod_env.so +#LoadModule expires_module modules/mod_expires.so +#LoadModule headers_module modules/mod_headers.so +#LoadModule setenvif_module modules/mod_setenvif.so +#LoadModule remoteip_module modules/mod_remoteip.so +LoadModule proxy_module modules/mod_proxy.so +LoadModule proxy_http_module modules/mod_proxy_http.so +LoadModule unixd_module modules/mod_unixd.so +LoadModule status_module modules/mod_status.so +LoadModule autoindex_module modules/mod_autoindex.so +LoadModule dir_module modules/mod_dir.so +LoadModule alias_module modules/mod_alias.so +#LoadModule rewrite_module modules/mod_rewrite.so + + +# +# If you wish httpd to run as a different user or group, you must run +# httpd as root initially and it will switch. +# +# User/Group: The name (or #number) of the user/group to run httpd as. +# It is usually good practice to create a dedicated user and group for +# running httpd, as with most system services. +# +User daemon +Group daemon + + +ServerAdmin you@example.com + +ServerName feedati-fe:80 + + + AllowOverride none + Require all denied + + +DocumentRoot "/usr/local/apache2/htdocs" + + # + # Possible values for the Options directive are "None", "All", + # or any combination of: + # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews + # + # Note that "MultiViews" must be named *explicitly* --- "Options All" + # doesn't give it to you. + # + # The Options directive is both complicated and important. Please see + # http://httpd.apache.org/docs/2.4/mod/core.html#options + # for more information. + # + Options Indexes FollowSymLinks + + # + # AllowOverride controls what directives may be placed in .htaccess files. + # It can be "All", "None", or any combination of the keywords: + # AllowOverride FileInfo AuthConfig Limit + # + AllowOverride None + + # + # Controls who can get stuff from this server. + # + Require all granted + + + + Require all denied + + +# ErrorLog: The location of the error log file. +# If you do not specify an ErrorLog directive within a +# container, error messages relating to that virtual host will be +# logged here. If you *do* define an error logfile for a +# container, that host's errors will be logged there and not here. +# +ErrorLog /proc/self/fd/2 + +# LogLevel: Control the number of messages logged to the error_log. +# Possible values include: debug, info, notice, warn, error, crit, +# alert, emerg. +LogLevel warn + + + # + # The following directives define some format nicknames for use with + # a CustomLog directive (see below). + # + LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined + LogFormat "%h %l %u %t \"%r\" %>s %b" common + + + # You need to enable mod_logio.c to use %I and %O + LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio + + + # + # The location and format of the access logfile (Common Logfile Format). + # If you do not define any access logfiles within a + # container, they will be logged here. Contrariwise, if you *do* + # define per- access logfiles, transactions will be + # logged therein and *not* in this file. + # + CustomLog /proc/self/fd/1 common + + # + # If you prefer a logfile with access, agent, and referer information + # (Combined Logfile Format) you can use the following directive. + # + #CustomLog "logs/access_log" combined + + + + # + # Avoid passing HTTP_PROXY environment to CGI's on this or any proxied + # backend servers which have lingering "httpoxy" defects. + # 'Proxy' request header is undefined by the IETF, not listed by IANA + # + RequestHeader unset Proxy early + + + + # + # TypesConfig points to the file containing the list of mappings from + # filename extension to MIME-type. + # + TypesConfig conf/mime.types + + # + # AddType allows you to add to or override the MIME configuration + # file specified in TypesConfig for specific file types. + # + #AddType application/x-gzip .tgz + # + # AddEncoding allows you to have certain browsers uncompress + # information on the fly. Note: Not all browsers support this. + # + #AddEncoding x-compress .Z + #AddEncoding x-gzip .gz .tgz + # + # If the AddEncoding directives above are commented-out, then you + # probably should define those extensions to indicate media types: + # + AddType application/x-compress .Z + AddType application/x-gzip .gz .tgz + + # + # AddHandler allows you to map certain file extensions to "handlers": + # actions unrelated to filetype. These can be either built into the server + # or added with the Action directive (see below) + # + # To use CGI scripts outside of ScriptAliased directories: + # (You will also need to add "ExecCGI" to the "Options" directive.) + # + #AddHandler cgi-script .cgi + + # For type maps (negotiated resources): + #AddHandler type-map var + + # + # Filters allow you to process content before it is sent to the client. + # + # To parse .shtml files for server-side includes (SSI): + # (You will also need to add "Includes" to the "Options" directive.) + # + #AddType text/html .shtml + #AddOutputFilter INCLUDES .shtml + + +ProxyPreserveHost On + +ProxyPass http://tt-rss/tt-rss/ +ProxyPassReverse http://tt-rss/tt-rss/ + + + +ProxyPass http://rss-bridge/ +ProxyPassReverse http://rss-bridge/ + + +# vim: set ft=apache bkc=yes: diff --git a/docker/nginx.conf b/docker/nginx.conf deleted file mode 100644 index d17ff08..0000000 --- a/docker/nginx.conf +++ /dev/null @@ -1,28 +0,0 @@ -server { - listen 80; - server_name _; - - location = /rss-bridge { - rewrite /rss-bridge /rss-bridge/ permanent; - } - - location /tt-rss { - resolver 127.0.0.11 ipv6=off; - proxy_pass http://tt-rss/tt-rss; - proxy_read_timeout 60s; - proxy_connect_timeout 4s; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - } - - location /rss-bridge/ { - resolver 127.0.0.11 ipv6=off; - proxy_pass http://rss-bridge/; - proxy_read_timeout 60s; - proxy_connect_timeout 4s; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - } -}