faas-rs/faas
1
0
Fork 0
mirror of https://github.com/openfaas/faas.git synced 2025-06-22 14:53:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add Nginx config with docker secrets

Browse Source 
Signed-off-by: Alex Ellis <alexellis2@gmail.com>
This commit is contained in:
Alex Ellis
2017-10-28 09:01:29 +01:00
parent 6f005d2240
commit b4c5be54a9
3 changed files with 92 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
contrib/nginx/Dockerfile Normal file
View File

@ -0,0 +1,4 @@
FROM nginx:latest
COPY gateway.conf /etc/nginx/conf.d/default.conf

46
contrib/nginx/README.md Normal file
View File

@ -0,0 +1,46 @@
### Create a .htaccess:
```
$ sudo apt-get install apache2-utils
```
```
$ htpasswd -c openfaas.htpasswd admin
New password:
Re-type new password:
Adding password for user admin
```
Example:
```
$ cat openfaas.htpasswd
admin:$apr1$BgwAfB5i$dfzQPXy6VliPCVqofyHsT.
```
### Create a secret in the cluster
```
$ docker secret create --label openfaas openfaas_htpasswd openfaas.htpasswd
q70h0nsj9odbtv12vrsijcutx
```
You can now see the secret created:
```
$ docker secret ls
ID NAME DRIVER CREATED UPDATED
q70h0nsj9odbtv12vrsijcutx openfaas_htpasswd 13 seconds ago 13 seconds ago
```
### Launch nginx
Build gwnginx from contrib directory.
```
$ docker service rm gwnginx ; \
docker service create --network=func_functions \
--secret openfaas_htpasswd --publish 8081:8080 --name gwnginx gwnginx
```

42
contrib/nginx/gateway.conf Normal file
View File

@ -0,0 +1,42 @@
server {
listen 8080;
# location ~ ^/(/system|/ui)/ {
location /system {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_pass http://gateway:8080/;
auth_basic "Restricted"; #For Basic Auth
auth_basic_user_file /var/run/secrets/openfaas.htpasswd; #For Basic Auth
}
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_pass http://gateway:8080/;
}
location /ui {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_pass http://gateway:8080/;
auth_basic "Restricted"; #For Basic Auth
auth_basic_user_file /var/run/secrets/openfaas.htpasswd; #For Basic Auth
}
location /async/function {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_pass http://gateway:8080/;
}
location /function {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_pass http://gateway:8080/;
}
}