Add 502 page for ingress
This commit is contained in:
parent
ad42658ce5
commit
aa1eaccf5f
3 changed files with 84 additions and 34 deletions
|
|
@ -1,3 +1,16 @@
|
|||
FROM error-pages as build-error-pages
|
||||
|
||||
RUN python build.py 502
|
||||
|
||||
|
||||
FROM nginx:alpine
|
||||
|
||||
COPY app.conf /etc/nginx/conf.d/
|
||||
WORKDIR /usr/share/nginx/html
|
||||
|
||||
RUN rm -rf *
|
||||
|
||||
COPY --from=build-error-pages /home/python/built errors
|
||||
RUN find . -type f | xargs gzip -k9 &&\
|
||||
chmod -R 555 .
|
||||
|
||||
COPY nginx-config /etc/nginx/
|
||||
|
|
|
|||
|
|
@ -1,33 +0,0 @@
|
|||
server {
|
||||
listen 80;
|
||||
server_name decla.red;
|
||||
server_tokens off;
|
||||
|
||||
location /.well-known/acme-challenge/ {
|
||||
root /var/www/certbot;
|
||||
}
|
||||
|
||||
location / {
|
||||
return 301 https://$host$request_uri;
|
||||
}
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name decla.red;
|
||||
server_tokens off;
|
||||
|
||||
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
|
||||
|
||||
ssl_certificate /etc/letsencrypt/live/decla.red/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/decla.red/privkey.pem;
|
||||
include /etc/letsencrypt/options-ssl-nginx.conf;
|
||||
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
|
||||
|
||||
location / {
|
||||
proxy_pass http://frontend;
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
}
|
||||
}
|
||||
70
ingress/nginx-config/nginx.conf
Normal file
70
ingress/nginx-config/nginx.conf
Normal file
|
|
@ -0,0 +1,70 @@
|
|||
user nginx;
|
||||
worker_processes auto;
|
||||
|
||||
error_log /var/log/nginx/error.log warn;
|
||||
pid /var/run/nginx.pid;
|
||||
|
||||
events {
|
||||
worker_connections 1024;
|
||||
}
|
||||
|
||||
http {
|
||||
include /etc/nginx/mime.types;
|
||||
default_type application/octet-stream;
|
||||
|
||||
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
|
||||
'$status $body_bytes_sent "$http_referer" '
|
||||
'"$http_user_agent" "$http_x_forwarded_for"';
|
||||
|
||||
access_log /var/log/nginx/access.log main;
|
||||
|
||||
keepalive_timeout 65;
|
||||
|
||||
server {
|
||||
listen 80;
|
||||
server_name decla.red;
|
||||
server_tokens off;
|
||||
|
||||
location /.well-known/acme-challenge/ {
|
||||
root /var/www/certbot;
|
||||
}
|
||||
|
||||
location / {
|
||||
return 301 https://$host$request_uri;
|
||||
}
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name decla.red;
|
||||
server_tokens off;
|
||||
|
||||
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
|
||||
|
||||
ssl_certificate /etc/letsencrypt/live/decla.red/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/decla.red/privkey.pem;
|
||||
include /etc/letsencrypt/options-ssl-nginx.conf;
|
||||
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
|
||||
|
||||
location ~ ^/(502).html$ {
|
||||
root /usr/share/nginx/html/errors;
|
||||
internal;
|
||||
}
|
||||
|
||||
location / {
|
||||
proxy_pass http://frontend;
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
}
|
||||
|
||||
location /bad {
|
||||
proxy_pass http://backend;
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
}
|
||||
|
||||
error_page 502 /502.html;
|
||||
}
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue