Compare commits
4 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 07572f8e6c | |||
| da68d078b0 | |||
| 9d48ce54c1 | |||
| c120d7a164 |
16
Dockerfile
16
Dockerfile
@@ -1,15 +1,11 @@
|
||||
FROM nginx:alpine
|
||||
FROM openresty/openresty:alpine
|
||||
|
||||
# Copy nginx configuration and HTML
|
||||
COPY nginx.conf /etc/nginx/nginx.conf
|
||||
# Copy config (OpenResty uses this path)
|
||||
COPY nginx.conf /usr/local/openresty/nginx/conf/nginx.conf
|
||||
# HTML and data dirs (config references /usr/share/nginx/html and /etc/nginx/data)
|
||||
RUN mkdir -p /usr/share/nginx/html /etc/nginx/data/cache /etc/nginx/data/temp
|
||||
COPY index.html /usr/share/nginx/html/index.html
|
||||
|
||||
# Create data directories
|
||||
RUN mkdir -p /etc/nginx/data/cache /etc/nginx/data/temp && \
|
||||
chown -R nginx:nginx /etc/nginx/data
|
||||
|
||||
# Expose port
|
||||
EXPOSE 3000
|
||||
|
||||
# Start nginx
|
||||
CMD ["nginx", "-g", "daemon off;"]
|
||||
CMD ["/usr/local/openresty/bin/openresty", "-g", "daemon off;"]
|
||||
|
||||
50
nginx.conf
50
nginx.conf
@@ -18,21 +18,58 @@ http {
|
||||
|
||||
resolver 127.0.0.11 valid=60s;
|
||||
|
||||
# Raw url= value from request (stops at next & so %26 in encoded URLs is preserved)
|
||||
map $request_uri $url_encoded {
|
||||
default "";
|
||||
"~*[?&]url=((?:[^&%]|%[0-9A-Fa-f][0-9A-f])*)(?:&|$)" $1;
|
||||
}
|
||||
|
||||
server {
|
||||
listen 3000;
|
||||
|
||||
location / {
|
||||
# If no url parameter, serve the readme
|
||||
if ($arg_url = "") {
|
||||
rewrite ^ /index.html last;
|
||||
set $backend_base "";
|
||||
# Decode url, build upstream URL, strip our "url=". Force that URI to upstream (variable proxy_pass can send original request URI otherwise)
|
||||
rewrite_by_lua_block {
|
||||
local enc = ngx.var.url_encoded
|
||||
local decoded = (enc and enc ~= "") and ngx.unescape_uri(enc) or ngx.var.arg_url or ""
|
||||
if decoded == "" then
|
||||
ngx.exec("/index.html")
|
||||
return
|
||||
end
|
||||
local args = ngx.var.args or ""
|
||||
local rest = args:gsub("^url=[^&]*&?", ""):gsub("&url=[^&]*", ""):gsub("^url=[^&]*$", "")
|
||||
local full = decoded
|
||||
if rest ~= "" then
|
||||
local sep = decoded:find("?") and "&" or "?"
|
||||
full = decoded .. sep .. rest
|
||||
end
|
||||
local scheme, host, pathquery = full:match("^(https?)://([^/]+)(.*)$")
|
||||
if not host then
|
||||
ngx.status = 400
|
||||
ngx.say("invalid url")
|
||||
return ngx.exit(400)
|
||||
end
|
||||
if pathquery == "" then pathquery = "/" end
|
||||
local path = pathquery:match("^([^?]*)") or "/"
|
||||
local query = pathquery:match("%?(.*)$") or ""
|
||||
ngx.var.backend_base = scheme .. "://" .. host
|
||||
ngx.req.set_uri(path)
|
||||
ngx.req.set_uri_args((query:gsub("^%?", "")))
|
||||
}
|
||||
|
||||
proxy_pass $arg_url;
|
||||
proxy_pass $backend_base$uri$is_args$args;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Host $proxy_host;
|
||||
proxy_ssl_server_name on;
|
||||
|
||||
# CORS headers
|
||||
# Strip upstream CORS so we only send our own (duplicate = browser reject)
|
||||
proxy_hide_header Access-Control-Allow-Origin;
|
||||
proxy_hide_header Access-Control-Allow-Methods;
|
||||
proxy_hide_header Access-Control-Allow-Headers;
|
||||
proxy_hide_header Access-Control-Expose-Headers;
|
||||
proxy_hide_header Access-Control-Max-Age;
|
||||
|
||||
# CORS headers — replace with our own *
|
||||
add_header Access-Control-Allow-Origin * always;
|
||||
add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH" always;
|
||||
add_header Access-Control-Allow-Headers "DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,X-Cache,X-NoCache,X-Status" always;
|
||||
@@ -45,6 +82,7 @@ http {
|
||||
|
||||
proxy_cache api_cache;
|
||||
proxy_cache_valid 200 201 202 203 204 205 206 207 208 226 365d;
|
||||
proxy_ignore_headers Cache-Control Expires;
|
||||
|
||||
proxy_cache_bypass $http_x_nocache;
|
||||
proxy_no_cache $http_x_nocache;
|
||||
|
||||
Reference in New Issue
Block a user