瀏覽代碼

Merge pull request #102 from md5/virtual-proto

Support VIRTUAL_PROTO=https for HTTPS backends
Jason Wilder 10 年之前
父節點
當前提交
a431122d8b
共有 2 個文件被更改,包括 9 次插入2 次删除
  1. 4 0
      README.md
  2. 5 2
      nginx.tmpl

+ 4 - 0
README.md

@@ -31,6 +31,10 @@ If you need to support multiple virtual hosts for a container, you can separate
 
 
 You can also use wildcards at the beginning and the end of host name, like `*.bar.com` or `foo.bar.*`. Or even a regular expression, which can be very useful in conjunction with a wildcard DNS service like [xip.io](http://xip.io), using `~^foo\.bar\..*\.xip\.io` will match `foo.bar.127.0.0.1.xip.io`, `foo.bar.10.0.2.2.xip.io` and all other given IPs. More information about this topic can be found in the nginx documentation about [`server_names`](http://nginx.org/en/docs/http/server_names.html).
 You can also use wildcards at the beginning and the end of host name, like `*.bar.com` or `foo.bar.*`. Or even a regular expression, which can be very useful in conjunction with a wildcard DNS service like [xip.io](http://xip.io), using `~^foo\.bar\..*\.xip\.io` will match `foo.bar.127.0.0.1.xip.io`, `foo.bar.10.0.2.2.xip.io` and all other given IPs. More information about this topic can be found in the nginx documentation about [`server_names`](http://nginx.org/en/docs/http/server_names.html).
 
 
+### SSL Backends
+
+If you would like to connect to your backend using HTTPS instead of HTTP, set `VIRTUAL_PROTO=https` on the backend container.
+
 ### Separate Containers
 ### Separate Containers
 
 
 nginx-proxy can also be run as two separate containers using the [jwilder/docker-gen](https://index.docker.io/u/jwilder/docker-gen/)
 nginx-proxy can also be run as two separate containers using the [jwilder/docker-gen](https://index.docker.io/u/jwilder/docker-gen/)

+ 5 - 2
nginx.tmpl

@@ -68,6 +68,9 @@ upstream {{ $host }} {
 {{ end }}
 {{ end }}
 }
 }
 
 
+{{/* Get the VIRTUAL_PROTO defined by containers w/ the same vhost, falling back to "http" */}}
+{{ $proto := or (first (groupByKeys $containers "Env.VIRTUAL_PROTO")) "http" }}
+
 {{/* Get the first cert name defined by containers w/ the same vhost */}}
 {{/* Get the first cert name defined by containers w/ the same vhost */}}
 {{ $certName := (first (groupByKeys $containers "Env.CERT_NAME")) }}
 {{ $certName := (first (groupByKeys $containers "Env.CERT_NAME")) }}
 
 
@@ -105,7 +108,7 @@ server {
 	add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
 	add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
 
 
 	location / {
 	location / {
-		proxy_pass http://{{ $host }};
+		proxy_pass {{ $proto }}://{{ $host }};
 		{{ if (exists (printf "/etc/nginx/htpasswd/%s" $host)) }}
 		{{ if (exists (printf "/etc/nginx/htpasswd/%s" $host)) }}
 		auth_basic	"Restricted {{ $host }}";
 		auth_basic	"Restricted {{ $host }}";
 		auth_basic_user_file	{{ (printf "/etc/nginx/htpasswd/%s" $host) }};
 		auth_basic_user_file	{{ (printf "/etc/nginx/htpasswd/%s" $host) }};
@@ -118,7 +121,7 @@ server {
 	server_name {{ $host }};
 	server_name {{ $host }};
 
 
 	location / {
 	location / {
-		proxy_pass http://{{ $host }};
+		proxy_pass {{ $proto }}://{{ $host }};
 		{{ if (exists (printf "/etc/nginx/htpasswd/%s" $host)) }}
 		{{ if (exists (printf "/etc/nginx/htpasswd/%s" $host)) }}
 		auth_basic	"Restricted {{ $host }}";
 		auth_basic	"Restricted {{ $host }}";
 		auth_basic_user_file	{{ (printf "/etc/nginx/htpasswd/%s" $host) }};
 		auth_basic_user_file	{{ (printf "/etc/nginx/htpasswd/%s" $host) }};