[ARVADOS] updated: 1.3.0-601-g5fed82405

Git user git at public.curoverse.com
Tue Mar 26 20:10:00 UTC 2019


Summary of changes:
 tools/arvbox/lib/arvbox/docker/service/nginx/run   | 127 ++++++++++++++++++++-
 .../lib/arvbox/docker/service/nginx/run-service    | 119 -------------------
 2 files changed, 126 insertions(+), 120 deletions(-)
 mode change 120000 => 100755 tools/arvbox/lib/arvbox/docker/service/nginx/run
 delete mode 100755 tools/arvbox/lib/arvbox/docker/service/nginx/run-service

       via  5fed82405ed48bb67d73273eb32b5fd3b764e6dc (commit)
      from  004cf8a6b59ac10bf84e213309289e6138c48b7d (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.


commit 5fed82405ed48bb67d73273eb32b5fd3b764e6dc
Author: Peter Amstutz <pamstutz at veritasgenetics.com>
Date:   Tue Mar 26 16:09:31 2019 -0400

    arvbox nginx redirects http to https
    
    no issue #
    
    Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <pamstutz at veritasgenetics.com>

diff --git a/tools/arvbox/lib/arvbox/docker/service/nginx/run b/tools/arvbox/lib/arvbox/docker/service/nginx/run
deleted file mode 120000
index a388c8b67..000000000
--- a/tools/arvbox/lib/arvbox/docker/service/nginx/run
+++ /dev/null
@@ -1 +0,0 @@
-/usr/local/lib/arvbox/runsu.sh
\ No newline at end of file
diff --git a/tools/arvbox/lib/arvbox/docker/service/nginx/run b/tools/arvbox/lib/arvbox/docker/service/nginx/run
new file mode 100755
index 000000000..4014c5c8b
--- /dev/null
+++ b/tools/arvbox/lib/arvbox/docker/service/nginx/run
@@ -0,0 +1,126 @@
+#!/bin/bash
+# Copyright (C) The Arvados Authors. All rights reserved.
+#
+# SPDX-License-Identifier: AGPL-3.0
+
+exec 2>&1
+set -ex -o pipefail
+
+. /usr/local/lib/arvbox/common.sh
+
+cat <<EOF >/var/lib/arvados/nginx.conf
+worker_processes auto;
+pid /var/lib/arvados/nginx.pid;
+
+error_log stderr;
+daemon off;
+user arvbox;
+
+events {
+	worker_connections 64;
+}
+
+http {
+     access_log off;
+     include /etc/nginx/mime.types;
+     default_type application/octet-stream;
+     server {
+            listen ${services[doc]} default_server;
+            listen [::]:${services[doc]} default_server;
+            root /usr/src/arvados/doc/.site;
+            index index.html;
+            server_name _;
+     }
+
+  server {
+    listen 80 default_server;
+    server_name _;
+    return 301 https://\$host\$request_uri;
+  }
+
+  upstream controller {
+    server localhost:${services[controller]};
+  }
+  server {
+    listen *:${services[controller-ssl]} ssl default_server;
+    server_name controller;
+    ssl_certificate "/var/lib/arvados/server-cert-${localip}.pem";
+    ssl_certificate_key "/var/lib/arvados/server-cert-${localip}.key";
+    location  / {
+      proxy_pass http://controller;
+      proxy_set_header Host \$http_host;
+      proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
+      proxy_set_header X-Forwarded-Proto https;
+      proxy_redirect off;
+    }
+  }
+
+upstream arvados-ws {
+  server localhost:${services[websockets]};
+}
+server {
+  listen *:${services[websockets-ssl]} ssl default_server;
+  server_name           websockets;
+
+  proxy_connect_timeout 90s;
+  proxy_read_timeout    300s;
+
+  ssl                   on;
+  ssl_certificate "/var/lib/arvados/server-cert-${localip}.pem";
+  ssl_certificate_key "/var/lib/arvados/server-cert-${localip}.key";
+
+  location / {
+    proxy_pass          http://arvados-ws;
+    proxy_set_header    Upgrade         \$http_upgrade;
+    proxy_set_header    Connection      "upgrade";
+    proxy_set_header Host \$http_host;
+    proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
+  }
+}
+
+  upstream workbench2 {
+    server localhost:${services[workbench2]};
+  }
+  server {
+    listen *:${services[workbench2-ssl]} ssl default_server;
+    server_name workbench2;
+    ssl_certificate "/var/lib/arvados/server-cert-${localip}.pem";
+    ssl_certificate_key "/var/lib/arvados/server-cert-${localip}.key";
+    location  / {
+      proxy_pass http://workbench2;
+      proxy_set_header Host \$http_host;
+      proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
+      proxy_set_header X-Forwarded-Proto https;
+      proxy_redirect off;
+    }
+    location  /sockjs-node {
+      proxy_pass http://workbench2;
+      proxy_set_header    Upgrade         \$http_upgrade;
+      proxy_set_header    Connection      "upgrade";
+      proxy_set_header Host \$http_host;
+      proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
+    }
+  }
+
+  upstream keep-web {
+    server localhost:${services[keep-web]};
+  }
+  server {
+    listen *:${services[keep-web-ssl]} ssl default_server;
+    server_name keep-web;
+    ssl_certificate "/var/lib/arvados/server-cert-${localip}.pem";
+    ssl_certificate_key "/var/lib/arvados/server-cert-${localip}.key";
+    location  / {
+      proxy_pass http://keep-web;
+      proxy_set_header Host \$http_host;
+      proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
+      proxy_set_header X-Forwarded-Proto https;
+      proxy_redirect off;
+    }
+  }
+
+}
+
+EOF
+
+exec nginx -c /var/lib/arvados/nginx.conf
diff --git a/tools/arvbox/lib/arvbox/docker/service/nginx/run-service b/tools/arvbox/lib/arvbox/docker/service/nginx/run-service
deleted file mode 100755
index cf72ed2c2..000000000
--- a/tools/arvbox/lib/arvbox/docker/service/nginx/run-service
+++ /dev/null
@@ -1,119 +0,0 @@
-#!/bin/bash
-# Copyright (C) The Arvados Authors. All rights reserved.
-#
-# SPDX-License-Identifier: AGPL-3.0
-
-exec 2>&1
-set -ex -o pipefail
-
-. /usr/local/lib/arvbox/common.sh
-
-cat <<EOF >/var/lib/arvados/nginx.conf
-worker_processes auto;
-pid /var/lib/arvados/nginx.pid;
-
-error_log stderr;
-daemon off;
-
-events {
-	worker_connections 64;
-}
-
-http {
-     access_log off;
-     include /etc/nginx/mime.types;
-     default_type application/octet-stream;
-     server {
-            listen ${services[doc]} default_server;
-            listen [::]:${services[doc]} default_server;
-            root /usr/src/arvados/doc/.site;
-            index index.html;
-            server_name _;
-     }
-
-  upstream controller {
-    server localhost:${services[controller]};
-  }
-  server {
-    listen *:${services[controller-ssl]} ssl default_server;
-    server_name controller;
-    ssl_certificate "/var/lib/arvados/server-cert-${localip}.pem";
-    ssl_certificate_key "/var/lib/arvados/server-cert-${localip}.key";
-    location  / {
-      proxy_pass http://controller;
-      proxy_set_header Host \$http_host;
-      proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
-      proxy_set_header X-Forwarded-Proto https;
-      proxy_redirect off;
-    }
-  }
-
-upstream arvados-ws {
-  server localhost:${services[websockets]};
-}
-server {
-  listen *:${services[websockets-ssl]} ssl default_server;
-  server_name           websockets;
-
-  proxy_connect_timeout 90s;
-  proxy_read_timeout    300s;
-
-  ssl                   on;
-  ssl_certificate "/var/lib/arvados/server-cert-${localip}.pem";
-  ssl_certificate_key "/var/lib/arvados/server-cert-${localip}.key";
-
-  location / {
-    proxy_pass          http://arvados-ws;
-    proxy_set_header    Upgrade         \$http_upgrade;
-    proxy_set_header    Connection      "upgrade";
-    proxy_set_header Host \$http_host;
-    proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
-  }
-}
-
-  upstream workbench2 {
-    server localhost:${services[workbench2]};
-  }
-  server {
-    listen *:${services[workbench2-ssl]} ssl default_server;
-    server_name workbench2;
-    ssl_certificate "/var/lib/arvados/server-cert-${localip}.pem";
-    ssl_certificate_key "/var/lib/arvados/server-cert-${localip}.key";
-    location  / {
-      proxy_pass http://workbench2;
-      proxy_set_header Host \$http_host;
-      proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
-      proxy_set_header X-Forwarded-Proto https;
-      proxy_redirect off;
-    }
-    location  /sockjs-node {
-      proxy_pass http://workbench2;
-      proxy_set_header    Upgrade         \$http_upgrade;
-      proxy_set_header    Connection      "upgrade";
-      proxy_set_header Host \$http_host;
-      proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
-    }
-  }
-
-  upstream keep-web {
-    server localhost:${services[keep-web]};
-  }
-  server {
-    listen *:${services[keep-web-ssl]} ssl default_server;
-    server_name keep-web;
-    ssl_certificate "/var/lib/arvados/server-cert-${localip}.pem";
-    ssl_certificate_key "/var/lib/arvados/server-cert-${localip}.key";
-    location  / {
-      proxy_pass http://keep-web;
-      proxy_set_header Host \$http_host;
-      proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
-      proxy_set_header X-Forwarded-Proto https;
-      proxy_redirect off;
-    }
-  }
-
-}
-
-EOF
-
-exec nginx -c /var/lib/arvados/nginx.conf

-----------------------------------------------------------------------


hooks/post-receive
-- 




More information about the arvados-commits mailing list