nginx.tmpl: use closest vhost.d and htpasswd files (#1309) #1558
Conversation
|
I'd like this functionality to be merged, as I still use it. But I'm not satisfied with using the 'closest' function, as it matches anywhere inside the filename string, it isn't anchored to the end, so e.g. a file 'b.c' will match 'a.b.c.d'. I'd want something like a 'closestSuffix' function, which would anchor the match at the end of the string, so for example, only 'b.c.d' or 'c.d' will match 'a.b.c.d'. I think the only way to implement this is by adding a 'closestSuffix' function to docker-gen, but I don't have time to set up a build environment for it. Perhaps someone could implement the function there, and I could update this pull request to use it? I'm envisioning something like: # same as arrayClosest but anchored to the end of the string
func arrayClosestSuffix(values []string, input string) string {
best := ""
for _, v := range values {
if strings.HasSuffix(input, v) && len(v) > len(best) {
best = v
}
}
return best
}This could be further improved by checking that the first subdomain is not a partial match, e.g. 'bc.def' should not match 'abc.def' (with the above function, it will), but at first, it's not necesarry. In the meantime I will rebase to main and update the PR. |
jjakob
force-pushed
the
vhost-htpasswd-closest-match
branch
from
01dfb5b to
88e792b
Compare
jjakob
force-pushed
the
vhost-htpasswd-closest-match
branch
2 times, most recently
from
48b6637 to
5fbec43
Compare
Add logic to find the closest matching files for vhost.d, vhost.d _include and htpasswd files. This allows multiple hosts to share these files, similar to wildcard certificate files, but not limited to just 1 subdomain depth. The match is anchored to the end of the string filename, so a largest suffix match is found. For example, 'vhost.d/b.c' will match a 'a.b.c' virtual host. But 'a.b' will not match 'a.b.c'. This is stricter than the "closest" match function that certificate files used in the past, which would also match in the 2nd case. This is a WIP, unfinished sections are marked with TODO.
jjakob
force-pushed
the
vhost-htpasswd-closest-match
branch
from
5fbec43 to
8adc2eb
Compare
|
@jjakob I'm not opposed at all to add a function to docker-gen if this can help with a feature here, I'll look into it. |
2 participants
This changes the logic for finding a matching file to the same one used
by certificates. This allows wildcard host names to find a matching
config file.
The container prints "Template error: open /etc/nginx/htpasswd: no such
file or directory" if /etc/nginx/htpasswd doesn't exist, but this
doesn't impact functionality. A fix would be to make sure that directory
is always created.
Fixes #1309.