From bb47d443cdd3561f385d7ed4fd3f59d1e03f8252 Mon Sep 17 00:00:00 2001 From: sebdet Date: Thu, 26 Mar 2020 17:03:33 -0700 Subject: Fix frontend docker Rework the frontend image so that it does not crash when it starts Issue-ID: CLAMP-797 Signed-off-by: sebdet Change-Id: I9448f52eada95a171006e6e524ffac2e70c9f59e --- src/main/docker/frontend/Dockerfile | 16 +++++++++-- src/main/docker/frontend/nginx/default.conf | 25 +++++++++++++++++ src/main/docker/frontend/nginx/nginx.conf | 43 ++++++++++++----------------- 3 files changed, 57 insertions(+), 27 deletions(-) create mode 100644 src/main/docker/frontend/nginx/default.conf (limited to 'src') diff --git a/src/main/docker/frontend/Dockerfile b/src/main/docker/frontend/Dockerfile index 1bcf4b06..660fb824 100644 --- a/src/main/docker/frontend/Dockerfile +++ b/src/main/docker/frontend/Dockerfile @@ -49,7 +49,19 @@ COPY --from=build /app/build /usr/share/nginx/html COPY --from=build /app/ssl /etc/ssl RUN rm /etc/nginx/conf.d/default.conf RUN ln -sf /dev/stdout /var/log/nginx/access.log && ln -sf /dev/stderr /var/log/nginx/error.log -COPY nginx/nginx.conf /etc/nginx/conf.d -EXPOSE 443 + +COPY nginx/nginx.conf /etc/nginx/nginx.conf +COPY nginx/default.conf /etc/nginx/conf.d/default.conf + +WORKDIR /app + +RUN chown -R clamp:onap /app && chmod -R 755 /app && \ + chown -R clamp:onap /var/cache/nginx && \ + chown -R clamp:onap /var/log/nginx && \ + chown -R clamp:onap /etc/nginx/conf.d +RUN touch /var/run/nginx.pid && \ + chown -R clamp:onap /var/run/nginx.pid + USER clamp +EXPOSE 2443 CMD ["nginx", "-g", "daemon off;"] \ No newline at end of file diff --git a/src/main/docker/frontend/nginx/default.conf b/src/main/docker/frontend/nginx/default.conf new file mode 100644 index 00000000..b15429c7 --- /dev/null +++ b/src/main/docker/frontend/nginx/default.conf @@ -0,0 +1,25 @@ +server { + + listen 2443 default ssl; + ssl_protocols TLSv1.2; + ssl_certificate /etc/ssl/clamp.pem; + ssl_certificate_key /etc/ssl/clamp.key; + ssl_verify_client optional_no_ca; + location /restservices/clds/ { + proxy_pass https://clamp-backend:8443; + proxy_set_header X-SSL-Cert $ssl_client_escaped_cert; + } + + location / { + root /usr/share/nginx/html; + index index.html index.htm; + try_files $uri $uri/ /index.html; + } + + error_page 500 502 503 504 /50x.html; + + location = /50x.html { + root /usr/share/nginx/html; + } + +} \ No newline at end of file diff --git a/src/main/docker/frontend/nginx/nginx.conf b/src/main/docker/frontend/nginx/nginx.conf index e18c1e83..beeb2b1e 100644 --- a/src/main/docker/frontend/nginx/nginx.conf +++ b/src/main/docker/frontend/nginx/nginx.conf @@ -1,25 +1,18 @@ -server { - - listen 443 default ssl; - ssl_protocols TLSv1.2; - ssl_certificate /etc/ssl/clamp.pem; - ssl_certificate_key /etc/ssl/clamp.key; - ssl_verify_client optional_no_ca; - location /restservices/clds/ { - proxy_pass https://clamp-backend:8443; - proxy_set_header X-SSL-Cert $ssl_client_escaped_cert; - } - - location / { - root /usr/share/nginx/html; - index index.html index.htm; - try_files $uri $uri/ /index.html; - } - - error_page 500 502 503 504 /50x.html; - - location = /50x.html { - root /usr/share/nginx/html; - } - -} \ No newline at end of file +worker_processes 1; +pid /var/run/nginx.pid; +error_log /dev/stdout info; +events { +} +http { + include /etc/nginx/mime.types; + default_type application/octet-stream; + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + access_log /var/log/nginx/access.log main; + sendfile on; + #tcp_nopush on; + keepalive_timeout 65; + #gzip on; + include /etc/nginx/conf.d/*.conf; + } \ No newline at end of file -- cgit 1.2.3-korg