Template nginx config

carlssonk · Sep 27, 2024 · 6c42c26 · 6c42c26
1 parent 657942f
commit 6c42c26
Show file tree

Hide file tree

Showing 4 changed files with 51 additions and 103 deletions.
diff --git a/common/services/main.tf b/common/services/main.tf
@@ -41,49 +41,18 @@ data "cloudinit_config" "this" {
 
   part {
     content_type = "text/x-shellscript"
-    content      = <<-EOT
-      #!/bin/bash
-
-      sudo yum update -y
-      sudo yum install -y nginx
-
-      # Create nginx config
-      sudo tee /etc/nginx/nginx.conf <<'EOF'
-      events {
-          worker_connections 1024;
+    content = templatefile("${path.module}/nginx_proxy.tpl", {
+      services_map = {
+        "flagracer.carlssonk.com" = "flagracer.carlssonk:8080", # TODO
+        "blackjack.carlssonk.com" = "blackjack.carlssonk:8080", # TODO
       }
-
-      http {
-          map $http_host $upstream {
-              hostnames;
-              blackjack.carlssonk.com blackjack.carlssonk:8080;
-              flagracer.carlssonk.com flagracer.carlssonk:8080;
-          }
-          
-          server {
-              listen 80;
-              server_name blackjack.carlssonk.com flagracer.carlssonk.com;
-
-              resolver 10.0.0.2;
-
-              location / {
-                  proxy_pass $upstream;
-                  proxy_set_header Host $host;
-                  proxy_set_header X-Real-IP $remote_addr;
-                  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-                  proxy_set_header X-Forwarded-Proto $scheme;
-              }
-          }
-      }
-      EOF
-
-      # Restart NGINX to apply changes
-      sudo systemctl restart nginx
-      EOT
+      dns_resolver_ip = "10.0.0.2"
+      server_name     = "blackjack.carlssonk.com flagracer.carlssonk.com"
+    })
   }
 }
 
-module "ec2_instance_nginx" {
+module "ec2_instance_nginx_proxy" {
   count             = var.reverse_proxy_type == "nginx" ? 1 : 0
   name              = "nginx-reverse-proxy"
   source            = "../../modules/ec2-instance/default"
@@ -120,7 +89,7 @@ module "ec2_instance_nginx" {
 module "ec2_instance_nginx_eip" {
   count       = var.reverse_proxy_type == "nginx" ? 1 : 0
   source      = "../../modules/elastic-ip/default"
-  instance_id = module.ec2_instance_nginx[0].id
+  instance_id = module.ec2_instance_nginx_proxy[0].id
 }
 
 module "main_alb_access_logs_bucket" {

diff --git a/common/services/nginx_proxy.tpl b/common/services/nginx_proxy.tpl
@@ -0,0 +1,41 @@
+#!/bin/bash
+
+sudo yum update -y
+sudo yum install -y nginx
+
+# Create nginx config
+sudo tee /etc/nginx/nginx.conf <<'EOF'
+events {
+    worker_connections 1024;
+}
+
+http {
+    map $http_host $upstream {
+        hostnames;
+        %{ for domain, backend in services_map ~}
+        ${domain} ${backend};
+        %{ endfor ~}
+    }
+    
+    server {
+        listen 80;
+        server_name ${server_name};
+
+        resolver ${dns_resolver_ip};
+
+        location / {
+            proxy_pass $upstream;
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+            proxy_http_version 1.1;
+            proxy_set_header Upgrade $http_upgrade;
+            proxy_set_header Connection "upgrade";
+        }
+    }
+}
+EOF
+
+# Restart NGINX to apply changes
+sudo systemctl restart nginx
diff --git a/common/services/nginx_reverse_proxy.tpl b/common/services/nginx_reverse_proxy.tpl
diff --git a/common/services/outputs.tf b/common/services/outputs.tf
@@ -1,7 +1,7 @@
 output "policy_documents" {
   value = [
     try(module.service_discovery_namespace[0].policy_document, null),
-    try(module.ec2_instance_nginx[0].policy_document, null),
+    try(module.ec2_instance_nginx_proxy[0].policy_document, null),
     try(module.ec2_instance_nginx_eip[0].policy_document, null),
     try(module.main_alb[0].policy_document, null),
     try(module.main_alb_access_logs_bucket[0].policy_document, null),