Skip to content

Commit

Permalink
Refactor NGINX configuration (#158)
Browse files Browse the repository at this point in the history
  • Loading branch information
@frenck
frenck authored Jan 24, 2021
1 parent ff5f61b commit 73ebb43
Show file tree
Hide file tree
Showing 10 changed files with 41 additions and 72 deletions.
1 change: 0 additions & 1 deletion motioneye/config.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,6 @@
"ports_description": {
"80/tcp": "Web interface (Not required for Ingress)"
},
"hassio_api": true,
"host_network": true,
"apparmor": false,
"video": true,
Expand Down
48 changes: 18 additions & 30 deletions motioneye/rootfs/etc/cont-init.d/nginx.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,36 +3,24 @@
# Home Assistant Community Add-on: motionEye
# Configures NGINX for use with motionEye
# ==============================================================================
declare port
declare certfile
declare dns_host
declare ingress_interface
declare ingress_port
declare keyfile

port=$(bashio::addon.port 80)
if bashio::var.has_value "${port}"; then
bashio::config.require.ssl

if bashio::config.true 'ssl'; then
certfile=$(bashio::config 'certfile')
keyfile=$(bashio::config 'keyfile')

mv /etc/nginx/servers/direct-ssl.disabled /etc/nginx/servers/direct.conf
sed -i "s#%%certfile%%#${certfile}#g" /etc/nginx/servers/direct.conf
sed -i "s#%%keyfile%%#${keyfile}#g" /etc/nginx/servers/direct.conf

else
mv /etc/nginx/servers/direct.disabled /etc/nginx/servers/direct.conf
fi
# Generate Ingress configuration
bashio::var.json \
interface "$(bashio::addon.ip_address)" \
port "^$(bashio::addon.ingress_port)" \
| tempio \
-template /etc/nginx/templates/ingress.gtpl \
-out /etc/nginx/servers/ingress.conf

sed -i "s/%%port%%/${port}/g" /etc/nginx/servers/direct.conf
# Generate direct access configuration, if enabled.
if bashio::var.has_value "$(bashio::addon.port 80)"; then
bashio::config.require.ssl
bashio::var.json \
certfile "$(bashio::config 'certfile')" \
keyfile "$(bashio::config 'keyfile')" \
port "^$(bashio::addon.port 80)" \
ssl "^$(bashio::config 'ssl')" \
| tempio \
-template /etc/nginx/templates/direct.gtpl \
-out /etc/nginx/servers/direct.conf
fi

ingress_port=$(bashio::addon.ingress_port)
ingress_interface=$(bashio::addon.ip_address)
sed -i "s/%%port%%/${ingress_port}/g" /etc/nginx/servers/ingress.conf
sed -i "s/%%interface%%/${ingress_interface}/g" /etc/nginx/servers/ingress.conf

dns_host=$(bashio::dns.host)
sed -i "s/%%dns_host%%/${dns_host}/g" /etc/nginx/includes/resolver.conf
1 change: 0 additions & 1 deletion motioneye/rootfs/etc/nginx/includes/resolver.conf
View file

This file was deleted.

9 changes: 0 additions & 9 deletions motioneye/rootfs/etc/nginx/nginx.conf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,13 +16,6 @@ pcre_jit on;
# Write error log to the add-on log.
error_log /proc/1/fd/1 error;

# Load allowed environment vars
env SUPERVISOR_TOKEN;
env DISABLE_HA_AUTHENTICATION;

# Load dynamic modules.
include /etc/nginx/modules/*.conf;

# Max num of simultaneous connections by a worker process.
events {
worker_connections 512;
Expand Down Expand Up @@ -50,8 +43,6 @@ http {
'' close;
}

include /etc/nginx/includes/resolver.conf;
include /etc/nginx/includes/upstream.conf;

include /etc/nginx/servers/*.conf;
}
1 change: 1 addition & 0 deletions motioneye/rootfs/etc/nginx/servers/.gitkeep
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Without requirements or design, programming is the art of adding bugs to an empty text file. (Louis Srygley)
14 changes: 0 additions & 14 deletions motioneye/rootfs/etc/nginx/servers/direct-ssl.disabled
View file

This file was deleted.

10 changes: 0 additions & 10 deletions motioneye/rootfs/etc/nginx/servers/direct.disabled
View file

This file was deleted.

21 changes: 21 additions & 0 deletions motioneye/rootfs/etc/nginx/templates/direct.gtpl
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
server {
{{ if not .ssl }}
listen {{ .port }} default_server;
{{ else }}
listen {{ .port }} default_server ssl http2;
{{ end }}

include /etc/nginx/includes/server_params.conf;
include /etc/nginx/includes/proxy_params.conf;

{{ if .ssl }}
include /etc/nginx/includes/ssl_params.conf;

ssl_certificate /ssl/{{ .certfile }};
ssl_certificate_key /ssl/{{ .keyfile }};
{{ end }}

location / {
proxy_pass http://backend;
}
}
2 changes: 1 addition & 1 deletion ...eye/rootfs/etc/nginx/servers/ingress.conf → ...e/rootfs/etc/nginx/templates/ingress.gtpl
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
server {
listen %%interface%%:%%port%% default_server;
listen {{ .interface }}:{{ .port }} default_server;

include /etc/nginx/includes/server_params.conf;
include /etc/nginx/includes/proxy_params.conf;
Expand Down
6 changes: 0 additions & 6 deletions motioneye/rootfs/etc/services.d/nginx/run
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,10 +8,4 @@
bashio::net.wait_for 28765

bashio::log.info "Starting NGinx..."

# Disable HA Authentication if front door is open
if bashio::config.true 'leave_front_door_open'; then
export DISABLE_HA_AUTHENTICATION=true
fi

exec nginx

0 comments on commit 73ebb43

Please sign in to comment.