forked from mendersoftware/mender-api-gateway-docker
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathentrypoint.sh
executable file
·86 lines (70 loc) · 3.3 KB
/
entrypoint.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
#!/bin/sh
CERT_PATH=/var/www/mendersoftware/cert/cert.crt
KEY_PATH=/var/www/mendersoftware/cert/private.key
waserr=0
for f in $CERT_PATH $KEY_PATH; do
if ! test -e $f; then
echo "required file $f not found in container"
waserr=1
fi
done
if [ "$waserr" = "1" ]; then
echo "certificate or key not found, exiting"
exit 1
fi
if [ -n "$ALLOWED_HOSTS" ]; then
sed -i -e "s/[@]ALLOWED_HOSTS[@]/$ALLOWED_HOSTS/" /usr/local/openresty/nginx/conf/nginx.conf
# generate ORIGIN whitelist
hosts=$(echo $ALLOWED_HOSTS | sed 's/ \{1,\}/|/g' | sed 's/[.]\{1,\}/\\\\\\./g')
sed -i -e "s/[@]ALLOWED_ORIGIN_HOSTS[@]/$hosts/" /usr/local/openresty/nginx/conf/nginx.conf
else
echo "ALLOWED_HOSTS undefined, exiting"
exit 1
fi
# Disabled by default
if [ -n "$CACHE_UI_BROWSER_PERIOD" ]; then
sed -i -e "s/[@]CACHE_UI_BROWSER_PERIOD[@]/$CACHE_UI_BROWSER_PERIOD/" /usr/local/openresty/nginx/conf/nginx.conf
else
sed -i -e "s/[@]CACHE_UI_BROWSER_PERIOD[@]/off/" /usr/local/openresty/nginx/conf/nginx.conf
fi
# Disabled by default
if [ -n "$CACHE_UI_SUCCESS_PERIOD" ]; then
sed -i -e "s/[@]CACHE_UI_SUCCESS_PERIOD[@]/$CACHE_UI_SUCCESS_PERIOD/" /usr/local/openresty/nginx/conf/nginx.conf
else
sed -i -e "s/[@]CACHE_UI_SUCCESS_PERIOD[@]/0s/" /usr/local/openresty/nginx/conf/nginx.conf
fi
# Disabled by default
if [ -n "$CACHE_UI_FAILUE_PERIOD" ]; then
sed -i -e "s/[@]CACHE_UI_FAILURE_PERIOD[@]/$CACHE_UI_FAILURE_PERIOD/" /usr/local/openresty/nginx/conf/nginx.conf
else
sed -i -e "s/[@]CACHE_UI_FAILURE_PERIOD[@]/0s/" /usr/local/openresty/nginx/conf/nginx.conf
fi
if [ -n "$HAVE_MULTITENANT" ]; then
ln -sf /usr/local/openresty/nginx/conf/tenantadm.nginx.conf \
/usr/local/openresty/nginx/conf/optional/endpoints/tenantadm.nginx.conf
fi
# Rate limits - disabled by default
if [ -n "$RATE_LIMIT_GLOBAL_RATE" ] && [ $RATE_LIMIT_GLOBAL_RATE -gt 0 ]; then
sed -i -e "s/[@]RATE_LIMIT_GLOBAL_RATE[@]/${RATE_LIMIT_GLOBAL_RATE}r\/s/" /usr/local/openresty/nginx/conf/nginx.conf
if [ -n "$RATE_LIMIT_GLOBAL_BURST" ] && [ $RATE_LIMIT_GLOBAL_BURST -gt 0 ]; then
sed -i -e "s/[@]RATE_LIMIT_GLOBAL_BURST[@]/burst=$RATE_LIMIT_GLOBAL_BURST/" /usr/local/openresty/nginx/conf/nginx.conf
else
sed -i -e "s/[@]RATE_LIMIT_GLOBAL_BURST[@] //" /usr/local/openresty/nginx/conf/nginx.conf
fi
else
sed -i -e "/[@]RATE_LIMIT_GLOBAL_RATE[@]/d" /usr/local/openresty/nginx/conf/nginx.conf
sed -i -e "/[@]RATE_LIMIT_GLOBAL_BURST[@]/d" /usr/local/openresty/nginx/conf/nginx.conf
sed -i -e "/limit_req_status/d" /usr/local/openresty/nginx/conf/nginx.conf
fi
# Enabling access logs json format - disabled by default
if [ -n "$IS_LOGS_FORMAT_JSON" ] && [ "$IS_LOGS_FORMAT_JSON" = "true" ]; then
sed -i -e "s/[@]LOGS_FORMAT[@]/access_log_json/g" /usr/local/openresty/nginx/conf/nginx.conf
else
sed -i -e "s/[@]LOGS_FORMAT[@]/main/g" /usr/local/openresty/nginx/conf/nginx.conf
fi
DNS_NAMES=${DNS_NAMES:-mender-useradm mender-inventory mender-deployments \
mender-device-auth mender-device-adm \
mender-gui}
echo "setting up automatic reload on host IP address changes for DNS names: $(echo $DNS_NAMES | tr -s " ")"
./reload-when-hosts-changed $DNS_NAMES &
exec /usr/local/openresty/bin/openresty -g "daemon off;" $*