platform/#1492: support host and path redirects.map and add new nginx image version

Author: Monska85

CHANGELOG.md

@@ -5,6 +5,13 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## 2022-09-16
+
+### Added
+
+- Add the support in the `redirects.map` file to use `$host$request_uri` as key (left-side) to manage multiple domains on the same nginx instance.
+- Add the new `1.23.1-alpine` image.
+
 ## 2022-05-03
 
 ### Added

Dockerfile-1.23.1-alpine

@@ -0,0 +1,33 @@
+FROM nginx:1.23.1-alpine
+
+# Pass inexistent UUID (e.g.: 1001) to enhance the container security
+ARG user=root
+
+LABEL org.opencontainers.image.source https://github.com/sparkfabrik/docker-php-drupal-nginx/tree/feature/d8
+
+COPY docker-entrypoint.sh /docker-entrypoint.sh
+COPY templates /templates
+COPY config/custom.conf /etc/nginx/conf.d/000-custom.conf
+
+RUN chmod +x /docker-entrypoint.sh && \
+    chmod 775 /etc/nginx && \
+    chmod 775 /etc/nginx/conf.d && \
+    chmod 664 /etc/nginx/conf.d/000-custom.conf && \
+    mkdir -p /etc/nginx/conf.d/custom && \
+    chmod 775 /etc/nginx/conf.d/custom && \
+    mkdir -p /etc/nginx/conf.d/fragments && \
+    chmod 775 /etc/nginx/conf.d/fragments && \
+    chgrp root /var/cache/nginx && \
+    chmod 775 /var/cache/nginx && \
+    chmod 775 /var/log/nginx && \
+    mkdir -p /var/run/nginx && \
+    chmod 775 /var/run/nginx && \
+    sed -i 's|/var/run/nginx.pid|/var/run/nginx/nginx.pid|g' /etc/nginx/nginx.conf && \
+    chmod 775 /templates && \
+    chmod 664 /etc/nginx/fastcgi.conf && \
+    chmod 664 /etc/nginx/conf.d/default.conf
+
+# Go to target user
+USER $user
+
+ENTRYPOINT [ "/docker-entrypoint.sh" ]

Makefile

@@ -9,26 +9,30 @@ build:
 	docker build -f Dockerfile-1.17.6-alpine -t $(IMAGE_NAME):1.17.6-alpine.d8 --build-arg user=root .
 	docker build -f Dockerfile-1.21.1-alpine -t $(IMAGE_NAME):1.21.1-alpine.d8 --build-arg user=root .
 	docker build -f Dockerfile-1.21.6-alpine -t $(IMAGE_NAME):1.21.6-alpine.d8 --build-arg user=root .
+	docker build -f Dockerfile-1.23.1-alpine -t $(IMAGE_NAME):1.23.1-alpine.d8 --build-arg user=root .
 
 test:
 	@chmod +x ./tests/tests.sh
 	@IMAGE_NAME=$(IMAGE_NAME) IMAGE_TAG=1.13.6-alpine.d8 ./tests/tests.sh
 	@IMAGE_NAME=$(IMAGE_NAME) IMAGE_TAG=1.17.6-alpine.d8 ./tests/tests.sh
 	@IMAGE_NAME=$(IMAGE_NAME) IMAGE_TAG=1.21.1-alpine.d8 ./tests/tests.sh
 	@IMAGE_NAME=$(IMAGE_NAME) IMAGE_TAG=1.21.6-alpine.d8 ./tests/tests.sh
+	@IMAGE_NAME=$(IMAGE_NAME) IMAGE_TAG=1.23.1-alpine.d8 ./tests/tests.sh
 
 build-rootless:
 	docker build -f Dockerfile-1.13.6-alpine -t $(IMAGE_NAME):1.13.6-alpine.d8-rootless --build-arg user=1001 .
 	docker build -f Dockerfile-1.17.6-alpine -t $(IMAGE_NAME):1.17.6-alpine.d8-rootless --build-arg user=1001 .
 	docker build -f Dockerfile-1.21.1-alpine -t $(IMAGE_NAME):1.21.1-alpine.d8-rootless --build-arg user=1001 .
 	docker build -f Dockerfile-1.21.6-alpine -t $(IMAGE_NAME):1.21.6-alpine.d8-rootless --build-arg user=1001 .
+	docker build -f Dockerfile-1.23.1-alpine -t $(IMAGE_NAME):1.23.1-alpine.d8-rootless --build-arg user=1001 .
 
 test-rootless:
 	@chmod +x ./tests/tests.sh
 	@IMAGE_NAME=$(IMAGE_NAME) IMAGE_TAG=1.13.6-alpine.d8-rootless IMAGE_USER="unknown uid 1001" BASE_TESTS_PORT="8080" ./tests/tests.sh
 	@IMAGE_NAME=$(IMAGE_NAME) IMAGE_TAG=1.17.6-alpine.d8-rootless IMAGE_USER="unknown uid 1001" BASE_TESTS_PORT="8080" ./tests/tests.sh
 	@IMAGE_NAME=$(IMAGE_NAME) IMAGE_TAG=1.21.1-alpine.d8-rootless IMAGE_USER="unknown uid 1001" BASE_TESTS_PORT="8080" ./tests/tests.sh
 	@IMAGE_NAME=$(IMAGE_NAME) IMAGE_TAG=1.21.6-alpine.d8-rootless IMAGE_USER="unknown uid 1001" BASE_TESTS_PORT="8080" ./tests/tests.sh
+	@IMAGE_NAME=$(IMAGE_NAME) IMAGE_TAG=1.23.1-alpine.d8-rootless IMAGE_USER="unknown uid 1001" BASE_TESTS_PORT="8080" ./tests/tests.sh
 
 shellcheck-build:
 	@docker build -f shellcheck/Dockerfile -t sparkfabrik/shellchek shellcheck

README.md

@@ -87,3 +87,62 @@ If you provide a non-root user the container will drop its privileges targeting
 We have inserted the specific make targets with dedicated image suffix tags (`-rootless`) for these flavours.
 
 You can find some more information [here](https://docs.bitnami.com/tutorials/work-with-non-root-containers/).
+
+## redirects.map file
+
+You can use the file `/etc/nginx/conf.d/redirects.map` to specify the static redirection that you want to manage. Each line of the file represents a key-value pair used to verify the current request and to send the 301 header and the corresponding new `Location` to the client. The file structure is:
+
+```bash
+<key to match> <new localtion>;
+```
+
+The key to match, or the left side of the file, could be the host and path (e.g.: `www.example.com/my-awesome-path`) or only the path (e.g.: `/my-awesome-path`). In the case of the same path, the more detailed rule will be applied (host and path), **ignoring the order in the file**. **ATTENTION**: as described, the left part of the file is treated as a key, so you must avoid any conflict.
+
+### Example
+
+Here you can find an example for the `redirects.map` file:
+
+```bash
+# The line below will send a redirect only for .com TLD to a new path
+www.example.com/my-awesome-path https://www.example.com/my-new-awesome-path;
+# The line below will send a redirect only for .co.uk TLD to a new path
+www.example.co.uk/my-awesome-path https://www.example.co.uk/my-new-awesome-path;
+# The line below will send a redirect for all other domains to the .it TLD and to a new path
+/my-awesome-path https://www.example.it/another-awesome-path;
+# The line below will send a redirect only for .fr TLD to a new path
+www.example.fr/my-awesome-path https://www.example.fr/my-new-awesome-path;
+```
+
+With this configuration, the nginx server will first test the host and path key, and if there is no match it will then also test the simple path. You can find some examples of response header below, obtained when using the previous `redirects.map` file:
+
+```bash
+$ curl --head -H "Host: www.example.com" http://localhost/my-awesome-path
+HTTP/1.1 301 Moved Permanently
+Location: https://www.example.com/my-new-awesome-path
+```
+
+```bash
+$ curl --head -H "Host: www.example.co.uk" http://localhost/my-awesome-path
+HTTP/1.1 301 Moved Permanently
+Location: https://www.example.co.uk/my-new-awesome-path
+```
+
+```bash
+$ curl --head -H "Host: www.example.eu" http://localhost/my-awesome-path
+HTTP/1.1 301 Moved Permanently
+Location: https://www.example.it/my-new-awesome-path
+```
+
+```bash
+$ curl --head -H "Host: www.example.fr" http://localhost/my-awesome-path
+HTTP/1.1 301 Moved Permanently
+Location: https://www.example.fr/my-new-awesome-path
+```
+
+```bash
+$ curl --head -H "Host: www.example.de" http://localhost/my-awesome-path
+HTTP/1.1 301 Moved Permanently
+Location: https://www.example.it/my-new-awesome-path
+```
+
+You can find the redirects.map test file in the `example` folder of this repo.

examples/redirects.map

@@ -0,0 +1,8 @@
+# The line below will send a redirect only for .com TLD to a new path 
+www.example.com/my-awesome-path https://www.example.com/my-new-awesome-path;
+# The line below will send a redirect only for .co.uk TLD to a new path
+www.example.co.uk/my-awesome-path https://www.example.co.uk/my-new-awesome-path;
+# The line below will send a redirect for all other domains to the .it TLD and to a new path
+/my-awesome-path https://www.example.it/another-awesome-path;
+# The line below will send a redirect only for .fr TLD to a new path
+www.example.fr/my-awesome-path https://www.example.fr/my-new-awesome-path;

templates/default.conf

@@ -8,7 +8,12 @@ map $http_x_forwarded_proto $fastcgi_https {
     https on;
 }
 
-# We should use $request_uri to support redirect with query parameters.
+# We should use $host$request_uri to support redirects when nginx is serving multiple domains.
+map $host$request_uri $new_host_and_uri {
+  include /etc/nginx/conf.d/redirects[.]map;
+}
+
+# We should use $request_uri to support redirects with query parameters.
 map $request_uri $new_uri {
   include /etc/nginx/conf.d/redirects[.]map;
 }
@@ -26,6 +31,10 @@ server {
     # default, catch all server, regardless of server_name.
     listen ${NGINX_DEFAULT_SERVER_PORT} ${DEFAULT_SERVER};
 
+    if ($new_host_and_uri) {
+        return 301 $new_host_and_uri;
+    }
+
     if ($new_uri) {
         return 301 $new_uri;
     }