From f31fda452a84d500ecb75c99bd5b41ec96cf5045 Mon Sep 17 00:00:00 2001 From: Robert Lemke Date: Fri, 3 Feb 2023 16:24:12 +0100 Subject: [PATCH] Introduce BEACH_ASSET_PROXY_RESOLVER The new environment variable defines the IP address of a DNS server to use for resolving domains when proxying assets. Set this to 127.0.0.11 when using Local Beach. --- README.md | 1 + root-files/opt/flownative/lib/nginx-legacy.sh | 7 ++++--- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index a3d22e3..784d229 100644 --- a/README.md +++ b/README.md @@ -70,6 +70,7 @@ for possible values. The default value is `warn`. | BEACH_NGINX_CUSTOM_METRICS_TARGET_PORT | integer | 8082 | Port at which Nginx should listen to provide the metrics for scraping | | BEACH_NGINX_MODE | string | Flow | Either "Flow" or "Static"; this variable is going to be renamed in the future | | BEACH_ASSET_PROXY_ENDPOINT | string | | Endpoint of a cloud storage frontend to use for proxying requests to Flow persistent resources. Requires BEACH_PERSISTENT_RESOURCES_BASE_PATH to be set. Example: "https://assets.flownative.com/example-bucket/" | +| BEACH_ASSET_PROXY_RESOLVER | string | 8.8.8.8 | IP address of a DNS server to use for resolving domains when proxying assets. Set this to 127.0.0.11 when using Local Beach. | | BEACH_PERSISTENT_RESOURCES_BASE_PATH | string | | Base path of URLs pointing to Flow persistent resources; example: "https://www.flownative.com/assets/" | | BEACH_STATIC_RESOURCES_LIFETIME | string | 30d | Expiration time for static resources; examples: "3600s" or "7d" or "max" | | FLOW_HTTP_TRUSTED_PROXIES | string | 10.0.0.0/8 | Nginx passes FLOW_HTTP_TRUSTED_PROXIES to the virtual host using the value of this variable | diff --git a/root-files/opt/flownative/lib/nginx-legacy.sh b/root-files/opt/flownative/lib/nginx-legacy.sh index 8cf3b95..1cf2f97 100644 --- a/root-files/opt/flownative/lib/nginx-legacy.sh +++ b/root-files/opt/flownative/lib/nginx-legacy.sh @@ -47,6 +47,7 @@ fi export BEACH_PERSISTENT_RESOURCES_FALLBACK_BASE_URI=${BEACH_PERSISTENT_RESOURCES_FALLBACK_BASE_URI:-} export BEACH_PERSISTENT_RESOURCES_BASE_PATH=${BEACH_PERSISTENT_RESOURCES_BASE_PATH:-/_Resources/Persistent/} export BEACH_ASSET_PROXY_ENDPOINT=${BEACH_ASSET_PROXY_ENDPOINT:-} +export BEACH_ASSET_PROXY_RESOLVER=${BEACH_ASSET_PROXY_RESOLVER:-8.8.8.8} export BEACH_PHP_FPM_HOST=${BEACH_PHP_FPM_HOST:-localhost} export BEACH_PHP_FPM_PORT=${BEACH_PHP_FPM_PORT:-9000} export BEACH_NGINX_MODE=${BEACH_NGINX_MODE:-Flow} @@ -190,7 +191,7 @@ EOM } # pass persistent resource requests to the custom endpoint (S3, Minio, GCS ...) location ~* "^${BEACH_PERSISTENT_RESOURCES_BASE_PATH}([a-f0-9]{40})/" { - resolver 8.8.8.8; + resolver ${BEACH_ASSET_PROXY_RESOLVER}; proxy_set_header Authorization ""; add_header Via 'Beach Asset Proxy'; ${addHeaderStrictTransportSecurity} @@ -207,7 +208,7 @@ EOM } # pass persistent resource requests to GCS location ~* "^${BEACH_PERSISTENT_RESOURCES_BASE_PATH}([a-f0-9]{40})/" { - resolver 8.8.8.8; + resolver ${BEACH_ASSET_PROXY_RESOLVER}; proxy_set_header Authorization ""; add_header Via 'Beach Asset Proxy'; ${addHeaderStrictTransportSecurity} @@ -229,7 +230,7 @@ EOM set \$assetUri ${BEACH_PERSISTENT_RESOURCES_FALLBACK_BASE_URI}\$1; add_header Via 'Beach Asset Fallback'; ${addHeaderStrictTransportSecurity} - resolver 8.8.8.8; + resolver ${BEACH_ASSET_PROXY_RESOLVER}; proxy_pass \$assetUri; } EOM