#install nginx
RUN apt-get update
RUN apt-get install -y nginx=1.14.*
+RUN apt-get install -y nginx-extras
#install curl
RUN apt-get install -y curl
Start the a1-interface container without specifing external certificates:
'docker run -it -p 8085:8085 -p 8185:8185 -e A1\_VERSION=STD\_1.1.3 -e REMOTE_HOSTS_LOGGING=1 a1test'
-It will listen to http 8085 port and https 8185 port(using default certificates) at the same time.
+It will listen to https 8185 port(using default certificates) by default.
+Http can be enabled on port 8085 using an environment variable "ALLOW_HTTP".
+If this environment variable is left out or set to false, the nginx server will send
+"444 Connection Closed Without Response" when making a call using http.
+Example command to enable http:
+'docker run -it -p 8085:8085 -p 8185:8185 -e A1\_VERSION=OSC\_2.1.0 -e ALLOW_HTTP=true a1test'
This certificates/key can be overriden by mounting a volume when using "docker run" or "docker-compose"
In 'docker run', use field:
volumes:
- ./certificate:/usr/src/app/cert:ro
-In docker run the full command could look like this:<br> 'docker run -it -p 8085:8085 -p 8185:8185 -e A1\_VERSION=STD\_1.1.3 -e REMOTE_HOSTS_LOGGING=1 --volume /PATH_TO_CERT_DIR/certificate:/usr/src/app/cert a1test'
+In docker run the full command could look like this:<br> 'docker run -it -p 8085:8085 -p 8185:8185 -e A1\_VERSION=STD\_1.1.3 -e ALLOW_HTTP=true -e REMOTE_HOSTS_LOGGING=1 --volume /PATH_TO_CERT_DIR/certificate:/usr/src/app/cert a1test'
http port 8085 and https port 8185
The variable for A1 version is set with the '-e' flag.
With logging of remote host enabled "-e REMOTE_HOSTS_LOGGING=1 "
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
+env ALLOW_HTTP;
+
events {
worker_connections 768;
# multi_accept on;
include /etc/nginx/mime.types;
default_type application/octet-stream;
+ perl_set $allow_http 'sub { return $ENV{"ALLOW_HTTP"}; }';
+
server { # simple reverse-proxy
- listen 8085;
+ listen 8085;
listen [::]:8085;
+ server_name localhost;
+ if ($allow_http != true) {
+ return 444;
+ }
+
+ # serve dynamic requests
+ location / {
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_pass http://localhost:2222;
+ }
+ }
+
+ server { # simple reverse-proxy
listen 8185 ssl;
listen [::]:8185 ssl;
server_name localhost;
ssl_certificate_key /usr/src/app/cert/key.crt;
ssl_password_file /usr/src/app/cert/pass;
-
# serve dynamic requests
location / {
proxy_set_header Host $host;
echo "Starting $1 mode"
#Run the container in interactive mode, unsecure port 8085, secure port 8185.
-docker run -it -p 8085:8085 -p 8185:8185 -e A1_VERSION=1.1.x-alpha.2 -e REMOTE_HOSTS_LOGGING=1 --volume "$PWD/certificate:/usr/src/app/cert" a1test
+docker run -it -p 8085:8085 -p 8185:8185 -e A1_VERSION=1.1.x-alpha.2 -e ALLOW_HTTP=true -e REMOTE_HOSTS_LOGGING=1 --volume "$PWD/certificate:/usr/src/app/cert" a1test
echo "Starting $1 mode"
#Run the container in interactive mode, unsecure port 8085, secure port 8185.
-docker run -it -p 8085:8085 -p 8185:8185 -e A1_VERSION=OSC_2.1.0 -e REMOTE_HOSTS_LOGGING=1 --volume "$PWD/certificate:/usr/src/app/cert" a1test
+docker run -it -p 8085:8085 -p 8185:8185 -e A1_VERSION=OSC_2.1.0 -e ALLOW_HTTP=true -e REMOTE_HOSTS_LOGGING=1 --volume "$PWD/certificate:/usr/src/app/cert" a1test
echo "Starting ric-sim"
#Run the container in interactive mode, unsecure port 8085, secure port 8185
-docker run -it -p 8085:8085 -p 8185:8185 -e A1_VERSION=STD_1.1.3 -e REMOTE_HOSTS_LOGGING=1 --volume "$PWD/certificate:/usr/src/app/cert" a1test
\ No newline at end of file
+docker run -it -p 8085:8085 -p 8185:8185 -e A1_VERSION=STD_1.1.3 -e ALLOW_HTTP=true -e REMOTE_HOSTS_LOGGING=1 --volume "$PWD/certificate:/usr/src/app/cert" a1test
\ No newline at end of file
Code Review / sim / a1-interface.git / commitdiff