forked from jtangelder/dokku-nginx-alt
-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathpost-deploy
executable file
·84 lines (72 loc) · 3.22 KB
/
post-deploy
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
#!/usr/bin/env bash
set -eo pipefail; [[ $DOKKU_TRACE ]] && set -x
echo "-----> Deploying nginx..."
APP="$1"; PORT="$2"
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" #this directory
APP_PATH="/home/dokku/$APP"
VHOST_PATH="$APP_PATH/VHOST"
SSL_DIR="$DOKKU_ROOT/$APP/ssl"
# Check if a VHOST exists. If not, default to proxying the server's hostname
# (which may not always be correct, but worth a try).
if [[ ! -f $VHOST_PATH ]]; then
echo "-----> Creating new $VHOST_PATH with hostname: $APP.$HOSTNAME..."
echo "$APP.$HOSTNAME" > $VHOST_PATH
fi
# Remove old nginx.conf if exists
rm $APP_PATH/nginx.conf
# Add once-off configuration options. These should NOT go in the .conf
# templates because the .conf templates are meant to be appendable for
# multiple domains.
echo "upstream $APP { server 127.0.0.1:$PORT; }" > $APP_PATH/nginx.conf
# Put list of VHOST domains in variable. This will be overridden if SSL for
# some domains are enabled.
NONSSL_VHOSTS=`cat $VHOST_PATH`
# Check if SSL should be enabled
if [[ -f "$SSL_DIR/server.crt" ]] && [[ -f "$SSL_DIR/server.key" ]]; then
# Make sure that the domain name of the SSL certificate matches an entry
# in the VHOST file. (It's okay if the SSL certificate is a wildcard
# subdomain, as long as there are matches in VHOST.)
NGINX_CONF="$DIR/nginx.ssl.conf"
# Ability to override default configuration files
# (If a nginx.ssl.template file exists in the $DOKKU_ROOT/$APP directory, use that
# instead.)
APP_NGINX_SSL_TEMPLATE="$DOKKU_ROOT/$APP/nginx.ssl.template"
if [[ -f $APP_NGINX_SSL_TEMPLATE ]]; then
echo '-----> Overriding default SSL nginx.conf with detected nginx.ssl.template...'
NGINX_CONF=$APP_NGINX_SSL_TEMPLATE
fi
SSL_HOSTNAME=`openssl x509 -in $SSL_DIR/server.crt -noout -subject | tr '/' '\n' | grep CN= | cut -c4-`
# Prepare the hostname so that it satisfies grep's regex syntax.
# e.g. mydomain.com -> mydomain\.com
# *.mydomain.com -> .*\.mydomain\.com
SSL_HOSTNAME=`echo "$SSL_HOSTNAME" | sed 's|\.|\\.|g' | sed 's/\*/\.\*/g'`
SSL_VHOSTS=`grep "$SSL_HOSTNAME" $VHOST_PATH`
NONSSL_VHOSTS=`grep -v "$SSL_HOSTNAME" $VHOST_PATH` #-v flag means inverse
# For each domain that satisfies the SSL certificate, set up nginx under
# the SSL template.
while read line; do
echo "-----> Configuring SSL for $line..."
SERVER_NAME=$line
eval "cat <<< \"$(< $NGINX_CONF)\" >> $DOKKU_ROOT/$APP/nginx.conf"
done <<< "$SSL_VHOSTS"
fi
# Now handle non-SSL domains
# default nginx.conf
NGINX_CONF="$DIR/nginx.conf"
# Ability to override default configuration files
# (If a nginx.template file exists in the $DOKKU_ROOT/$APP directory, use that
# instead.)
APP_NGINX_TEMPLATE="$DOKKU_ROOT/$APP/nginx.template"
if [[ -f $APP_NGINX_TEMPLATE ]]; then
echo '-----> Overriding default nginx.conf with detected nginx.template...'
NGINX_CONF=$APP_NGINX_TEMPLATE
fi
# The VHOST file can contain more than one custom domain. We add each to the
# server_name parameter of nginx.
cat $VHOST_PATH | xargs -i \
echo "-----> Configuring {}..."
SERVER_NAME=`echo $NONSSL_VHOSTS | tr '\n' ' '`
eval "cat <<< \"$(< $NGINX_CONF)\" >> $DOKKU_ROOT/$APP/nginx.conf"
pluginhook nginx-pre-reload $APP
echo '-----> Reloading nginx...'
sudo /etc/init.d/nginx reload > /dev/null