rosskukulinski · October 21, 2014 17:07
diff --git a/confd-watch b/confd-watch
 #!/bin/bash

 set -eo pipefail

 export ETCD_PORT=${ETCD_PORT:-4001}
 export HOST_IP=${HOST_IP:-172.17.42.1}
 export ETCD=$HOST_IP:$ETCD_PORT

 echo "[nginx] booting container. ETCD: $ETCD."

 # Try to make initial configuration every 5 seconds until successful
 until confd -onetime -node $ETCD -config-file /etc/confd/conf.d/nginx.toml; do
    echo "[nginx] waiting for confd to create initial nginx configuration."
    sleep 5
 done

 # Put a continual polling `confd` process into the background to watch
 # for changes every 10 seconds
 confd -interval 10 -node $ETCD -config-file /etc/confd/conf.d/nginx.toml &
 echo "[nginx] confd is now monitoring etcd for changes..."

 # Start the Nginx service using the generated config
 echo "[nginx] starting nginx service..."
 /usr/sbin/nginx&

 # Follow the logs to allow the script to continue running
 while ! tail -f /var/log/nginx-servicename*.log ; do sleep 2 ; done
diff --git a/Dockerfile b/Dockerfile
 FROM <private repo>
 MAINTAINER Ross Kukulinski "[email protected]"

 ADD nginx.toml /etc/confd/conf.d/nginx.toml

 ADD templates/nginx.tmpl /etc/confd/templates/nginx.tmpl


 ADD confd-watch /usr/local/bin/confd-watch
 RUN chmod +x /usr/local/bin/confd-watch

 EXPOSE 443

 CMD /usr/local/bin/confd-watch
diff --git a/nginx.tmpl b/nginx.tmpl
 {{ if ls "/services/servicename" }}
 upstream ar {
 {{ range getvs "/services/servicename/*" }}
    server {{ . }};{{ end }}
 }


 server {
  listen 443;
  server_name mydomain.com;

  ssl on;
  ssl_certificate /etc/ssl/certs/mycert.crt;
  ssl_certificate_key /etc/ssl/private/mykey.key;
  ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;
  ssl_ciphers         HIGH:!aNULL:!MD5;

  access_log /var/log/nginx-servicename-access.log;
  error_log /var/log/nginx-servicename-error.log;

  location / {
    proxy_pass http://servicename/;
    proxy_http_version 1.1;
    proxy_read_timeout 86400s;
    proxy_send_timeout 86400s;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504 http_404;
  }
 }
 {{ end }}
diff --git a/nginx.toml b/nginx.toml
 [template]

 # The name of the template that will be used to render the application's configuration file
 # Confd will look in `/etc/conf.d/templates` for these files by default
 src = "nginx.tmpl"

 # The location to place the rendered configuration file
 dest = "/etc/nginx/sites-enabled/<appname>.conf"

 # The etcd keys or directory to watch.  This is where the information to fill in
 # the template will come from.
 keys = [ "/services/<appname>/" ]

 # File ownership and mode information
 owner = "root"
 mode = "0644"

 # These are the commands that will be used to check whether the rendered config is
 # valid and to reload the actual service once the new config is in place
 check_cmd = "/usr/sbin/nginx -t"
 reload_cmd = "/usr/sbin/service nginx reload"
	#!/bin/bash

	set -eo pipefail

	export ETCD_PORT=${ETCD_PORT:-4001}
	export HOST_IP=${HOST_IP:-172.17.42.1}
	export ETCD=$HOST_IP:$ETCD_PORT

	echo "[nginx] booting container. ETCD: $ETCD."

	# Try to make initial configuration every 5 seconds until successful
	until confd -onetime -node $ETCD -config-file /etc/confd/conf.d/nginx.toml; do
	echo "[nginx] waiting for confd to create initial nginx configuration."
	sleep 5
	done

	# Put a continual polling `confd` process into the background to watch
	# for changes every 10 seconds
	confd -interval 10 -node $ETCD -config-file /etc/confd/conf.d/nginx.toml &
	echo "[nginx] confd is now monitoring etcd for changes..."

	# Start the Nginx service using the generated config
	echo "[nginx] starting nginx service..."
	/usr/sbin/nginx&

	# Follow the logs to allow the script to continue running
	while ! tail -f /var/log/nginx-servicename*.log ; do sleep 2 ; done
	FROM <private repo>
	MAINTAINER Ross Kukulinski "[email protected]"

	ADD nginx.toml /etc/confd/conf.d/nginx.toml

	ADD templates/nginx.tmpl /etc/confd/templates/nginx.tmpl


	ADD confd-watch /usr/local/bin/confd-watch
	RUN chmod +x /usr/local/bin/confd-watch

	EXPOSE 443

	CMD /usr/local/bin/confd-watch
	{{ if ls "/services/servicename" }}
	upstream ar {
	{{ range getvs "/services/servicename/*" }}
	server {{ . }};{{ end }}
	}


	server {
	listen 443;
	server_name mydomain.com;

	ssl on;
	ssl_certificate /etc/ssl/certs/mycert.crt;
	ssl_certificate_key /etc/ssl/private/mykey.key;
	ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
	ssl_ciphers HIGH:!aNULL:!MD5;

	access_log /var/log/nginx-servicename-access.log;
	error_log /var/log/nginx-servicename-error.log;

	location / {
	proxy_pass http://servicename/;
	proxy_http_version 1.1;
	proxy_read_timeout 86400s;
	proxy_send_timeout 86400s;
	proxy_set_header Upgrade $http_upgrade;
	proxy_set_header Connection "upgrade";
	proxy_set_header Host $host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504 http_404;
	}
	}
	{{ end }}
	[template]

	# The name of the template that will be used to render the application's configuration file
	# Confd will look in `/etc/conf.d/templates` for these files by default
	src = "nginx.tmpl"

	# The location to place the rendered configuration file
	dest = "/etc/nginx/sites-enabled/<appname>.conf"

	# The etcd keys or directory to watch. This is where the information to fill in
	# the template will come from.
	keys = [ "/services/<appname>/" ]

	# File ownership and mode information
	owner = "root"
	mode = "0644"

	# These are the commands that will be used to check whether the rendered config is
	# valid and to reload the actual service once the new config is in place
	check_cmd = "/usr/sbin/nginx -t"
	reload_cmd = "/usr/sbin/service nginx reload"