hassio-addons/addon-traccar
1
0
Fork 0
mirror of https://github.com/hassio-addons/addon-traccar.git synced 2025-05-04 19:11:31 +00:00
Code Issues Projects Releases Packages Wiki Activity

Refactor NGINX configuration

Browse source
This commit is contained in:
Franck Nijhof 2021-01-24 20:27:52 +01:00
parent be3e407009
commit be449204a8
No known key found for this signature in database
GPG key ID: D62583BA8AB11CA3
9 changed files with 44 additions and 66 deletions
Download patch file Download diff file Expand all files Collapse all files

1
traccar/config.json
View file

@ -11,7 +11,6 @@
"startup": "services", "startup": "services",
"arch": ["aarch64", "amd64", "armhf", "armv7", "i386"], "arch": ["aarch64", "amd64", "armhf", "armv7", "i386"],
"init": false, "init": false,
"hassio_api": true,
"host_network": true, "host_network": true,
"ports": { "ports": {
"80/tcp": null "80/tcp": null

48
traccar/rootfs/etc/cont-init.d/nginx.sh
View file

@ -3,36 +3,24 @@
# Home Assistant Community Add-on: Traccar # Home Assistant Community Add-on: Traccar
# Configures NGINX for use with the Traccar server # Configures NGINX for use with the Traccar server
# ============================================================================== # ==============================================================================
declare port
declare certfile
declare dns_host
declare ingress_interface
declare ingress_port
declare keyfile
port=$(bashio::addon.port 80) # Generate Ingress configuration
if bashio::var.has_value "${port}"; then bashio::var.json \
interface "$(bashio::addon.ip_address)" \
port "$(bashio::addon.ingress_port)" \
| tempio \
-template /etc/nginx/templates/ingress.gtpl \
-out /etc/nginx/servers/ingress.conf
# Generate direct access configuration, if enabled.
if bashio::var.has_value "$(bashio::addon.port 80)"; then
bashio::config.require.ssl bashio::config.require.ssl
bashio::var.json \
if bashio::config.true 'ssl'; then certfile "$(bashio::config 'certfile')" \
certfile=$(bashio::config 'certfile') keyfile "$(bashio::config 'keyfile')" \
keyfile=$(bashio::config 'keyfile') port "^$(bashio::addon.port 80)" \
ssl "^$(bashio::config 'ssl')" \
mv /etc/nginx/servers/direct-ssl.disabled /etc/nginx/servers/direct.conf | tempio \
sed -i "s#%%certfile%%#${certfile}#g" /etc/nginx/servers/direct.conf -template /etc/nginx/templates/direct.gtpl \
sed -i "s#%%keyfile%%#${keyfile}#g" /etc/nginx/servers/direct.conf -out /etc/nginx/servers/direct.conf
else
mv /etc/nginx/servers/direct.disabled /etc/nginx/servers/direct.conf
fi
sed -i "s/%%port%%/${port}/g" /etc/nginx/servers/direct.conf
fi fi
ingress_port=$(bashio::addon.ingress_port)
ingress_interface=$(bashio::addon.ip_address)
sed -i "s/%%port%%/${ingress_port}/g" /etc/nginx/servers/ingress.conf
sed -i "s/%%interface%%/${ingress_interface}/g" /etc/nginx/servers/ingress.conf
dns_host=$(bashio::dns.host)
sed -i "s/%%dns_host%%/${dns_host}/g" /etc/nginx/includes/resolver.conf

1
traccar/rootfs/etc/nginx/includes/resolver.conf
View file

@ -1 +0,0 @@
resolver %%dns_host%%;

9
traccar/rootfs/etc/nginx/nginx.conf
View file

@ -16,13 +16,6 @@ pcre_jit on;
# Write error log to the add-on log. # Write error log to the add-on log.
error_log /proc/1/fd/1 error; error_log /proc/1/fd/1 error;
# Load allowed environment vars
env SUPERVISOR_TOKEN;
env DISABLE_HA_AUTHENTICATION;
# Load dynamic modules.
include /etc/nginx/modules/*.conf;
# Max num of simultaneous connections by a worker process. # Max num of simultaneous connections by a worker process.
events { events {
worker_connections 512; worker_connections 512;
@ -50,8 +43,6 @@ http {
'' close; '' close;
} }
include /etc/nginx/includes/resolver.conf;
include /etc/nginx/includes/upstream.conf; include /etc/nginx/includes/upstream.conf;
include /etc/nginx/servers/*.conf; include /etc/nginx/servers/*.conf;
} }

1
traccar/rootfs/etc/nginx/servers/.gitkeep Normal file
View file

@ -0,0 +1 @@
Without requirements or design, programming is the art of adding bugs to an empty text file. (Louis Srygley)

14
traccar/rootfs/etc/nginx/servers/direct-ssl.disabled
View file

@ -1,14 +0,0 @@
server {
listen %%port%% default_server ssl http2;
include /etc/nginx/includes/server_params.conf;
include /etc/nginx/includes/ssl_params.conf;
include /etc/nginx/includes/proxy_params.conf;
ssl_certificate /ssl/%%certfile%%;
ssl_certificate_key /ssl/%%keyfile%%;
location / {
proxy_pass http://backend;
}
}

10
traccar/rootfs/etc/nginx/servers/direct.disabled
View file

@ -1,10 +0,0 @@
server {
listen %%port%% default_server;
include /etc/nginx/includes/server_params.conf;
include /etc/nginx/includes/proxy_params.conf;
location / {
proxy_pass http://backend;
}
}

21
traccar/rootfs/etc/nginx/templates/direct.gtpl Normal file
View file

@ -0,0 +1,21 @@
server {
{{ if not .ssl }}
listen {{ .port }} default_server;
{{ else }}
listen {{ .port }} default_server ssl http2;
{{ end }}
include /etc/nginx/includes/server_params.conf;
include /etc/nginx/includes/proxy_params.conf;
{{ if .ssl }}
include /etc/nginx/includes/ssl_params.conf;
ssl_certificate /ssl/{{ .certfile }};
ssl_certificate_key /ssl/{{ .keyfile }};
{{ end }}
location / {
proxy_pass http://backend;
}
}

5
traccar/rootfs/etc/nginx/servers/ingress.conf → traccar/rootfs/etc/nginx/templates/ingress.gtpl
View file

@ -1,9 +1,12 @@
server { server {
listen %%interface%%:%%port%% default_server; listen {{ .interface }}:{{ . port }} default_server;
include /etc/nginx/includes/server_params.conf; include /etc/nginx/includes/server_params.conf;
include /etc/nginx/includes/proxy_params.conf; include /etc/nginx/includes/proxy_params.conf;
allow 172.30.32.2;
deny all;
location / { location / {
allow 172.30.32.2; allow 172.30.32.2;
deny all; deny all;