libreshop/nginx
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
edd3dee3d92e61db66cee89a80b7257d6965edef
nginx/nginx.conf.template
Michael Czechowski edd3dee3d9
All checks were successful
Build and publish / build (pull_request) Successful in 19s
Details
feat: bake default white-label nginx.conf into the image 
The image used to ship just nginx + an entrypoint, with no routing
config — adapters had to mount their own nginx.conf via compose
`configs:` for anything to work. This broke the standalone
libreshop/demo preview (`curl /admin` returned 404).

Add a default nginx.conf.template that routes the standard libreshop
surface (`/admin`, `/uploads`, `/api`, `/`, ...) to
`${NGINX_UPSTREAM_CMS:-cms:5555}` / `${NGINX_UPSTREAM_SHOP:-shop:9999}`,
plus health and forwarded-headers handling. The entrypoint runs
envsubst at startup, then nginx.

Adapter override path is preserved: if compose `configs:` already
replaced /etc/nginx/nginx.conf with a non-stock file (detected via
the absence of the upstream nginx `worker_processes  auto;` line),
the entrypoint leaves it untouched.

Closes #1.
2026-04-29 19:20:43 +02:00

100 lines
4.0 KiB
Plaintext
Raw Blame History

# nginx.conf.template — libreshop white-label default.
#
# The image's docker-entrypoint.sh runs envsubst over this template and
# writes the result to /etc/nginx/nginx.conf at startup. Adapters that
# need a wholly different topology can still mount their own config via
# compose `configs:` (see mp's compose.yml for an example) — the
# template is then ignored entirely.
#
# Substituted at startup:
# ${NGINX_UPSTREAM_SHOP} default shop:9999
# ${NGINX_UPSTREAM_CMS} default cms:5555
# ${NGINX_CACHE_LIFETIME} default 1h
#
# All other `$variable` tokens are nginx variables, left literal.
worker_processes 1;
events { worker_connections 1024; }
http {
log_format info '$time_iso8601 info: $request ($msec) $status $remote_addr - $remote_user $body_bytes_sent "$http_referer" "$http_user_agent"';
access_log /dev/stdout info;
error_log /dev/stdout error;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# Cache zones live under /cache (the image creates these dirs at
# startup). 2g caps each — adapters with heavier traffic can mount
# their own config to enlarge.
proxy_cache_path /cache/shop levels=1:2 keys_zone=shop_cache:5m max_size=2g inactive=30m;
proxy_cache_path /cache/uploads levels=1:2 keys_zone=uploads_cache:5m max_size=2g inactive=30m;
server {
listen 80 default_server;
server_name _;
# Trust forwarded headers when fronted by another proxy
# (e.g. caddy in the netcup edge network).
real_ip_header X-Forwarded-For;
set_real_ip_from 0.0.0.0/0;
location /health { return 200 '{"status":"ok"}'; }
# CMS admin + management surfaces.
location ~ ^/(upload|content-manager|content-type-builder|admin|i18n|email|user-permissions|users-permissions|documentation|plugins) {
proxy_pass http://${NGINX_UPSTREAM_CMS};
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_cache off;
proxy_buffering off;
}
# CMS uploads (images, files).
location /uploads {
proxy_pass http://${NGINX_UPSTREAM_CMS};
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
proxy_cache uploads_cache;
proxy_cache_valid 200 ${NGINX_CACHE_LIFETIME};
proxy_cache_use_stale error timeout invalid_header updating http_500 http_502 http_503 http_504;
add_header X-Cache-Status $upstream_cache_status;
}
# Shop API (Nuxt server routes).
location /api {
proxy_pass http://${NGINX_UPSTREAM_SHOP};
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
proxy_cache off;
proxy_buffering off;
}
# Shop frontend (catch-all).
location / {
proxy_pass http://${NGINX_UPSTREAM_SHOP};
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
proxy_cache shop_cache;
proxy_cache_valid 200 10m;
proxy_cache_use_stale error timeout invalid_header updating http_500 http_502 http_503 http_504;
add_header X-Cache-Status $upstream_cache_status;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
}
}
}
Reference in New Issue View Git Blame Copy Permalink