Public | Automated Build

Last pushed: 4 months ago
Short Description
Nginx/Openresty + Consul agent + Custom Init written in C to handle graceful stopping.
Full Description

docker-openresty-consul-init

Nginx / Openresty + Consul agent + Custom Init written in C

This docker contains Openresty / Nginx + Consul agent and a Custom init.
For some painful reasons at work we use consul agents in the actual docker images.
Because of this we need to have a supervising service running on PID 1, the custom init.

init quick guide:

  • on docker stop init will send a SIGQUIT to Nginx and SIGINT to the Consul agent, gracefulling stopping both.
  • on docker kill init will send a SIGKILL to Nginx and the Consul agent.
  • to stop init from starting the Consul agnet you need to supply the start up argument "--no-consul"/
  • docker kill -s SIGHUP proxy will directly pass SIGHUP only to nginx. The follow signals will be passed directly and only to nginx SIGHUP, SIGUSR1, SIGUSR2, SIGWINCH.

nginx quick guide:

  • nginx config is found in: /usr/local/openresty/nginx/conf/nginx.conf
  • nginx logs is found in: /usr/local/openresty/nginx/logs/
  • nginx logs/error.log and logs/access.log is symlinked to /dev/stdout.
  • nginx root path is: /usr/local/openresty/

consul quick guide:

Consul start args are: /usr/bin/consul agent -config-dir /etc/consul -data-dir /var/lib/consul/data
So mount or copy your consul config in to /etc/consul.

If you want consul not to start then you need to override the docker ENTRYPOINT
from:

  • from ENTRYPOINT ["/bin/init"]
  • to ENTRYPOINT ["/bin/init", "--no-consul"]

nginx

include params files

I've added some include files I use a bit.

  • gzip-params: default settings I use for gziping
  • proxy-pass-params: default settings I use for proxying
  • ssl-params: default settings I use for CERTS / https note this file assumes ssl_dhparam dhparams.pem; i.e. you should create a dhparams file in /usr/local/openresty/nginx/conf/dhparams.pem.

LUA - CORS - Cross-origin resource sharing

To enable cors in your website add the following openresty/lua files in your nginx config.

server {
  header_filter_by_lua_file lua/cors/cors_header_filter.lua;
  access_by_lua_file lua/cors/cors_access.lua;
}

location / {
  header_filter_by_lua_file lua/cors/cors_header_filter.lua;
  access_by_lua_file lua/cors/cors_access.lua;
}

you can override lua's out puts by setting the variables before the file is called, examples:

set $access_control_allow_credentials 'true';
set $access_control_allow_methods 'GET, OPTIONS, POST';
set $access_control_allow_headers 'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since'
set $access_control_expose_headers 'Content-Length';
set $access_control_max_age '186400';

you can also append to 'Access-control-Allow-Headers' by setting the variable access_control_allow_headers_append.

set $access_control_allow_headers_append 'apikey';

example calls using nginx.example.conf / docker-compose up

curl 'http://localhost:3333/test' -H 'Origin: https://example.com'
hello, world
https://example.com
Docker Pull Command
Owner
metocean