Force nginx to run dns queries at runtime

2017-11-13 21:38:04 +01:00
parent dc79e6e539
commit eb32871904
2 changed files with 24 additions and 7 deletions
--- a/core/nginx/conf/nginx.conf
+++ b/core/nginx/conf/nginx.conf
@@ -18,9 +18,16 @@ http {
    keepalive_timeout  65;
    server_tokens off;
    absolute_redirect off;
+    resolver {{ RESOLVER }} valid=30s;

    # Main HTTP server
    server {
+      # Variables for proxifying
+      set $admin admin;
+      set $antispam antispam:11334;
+      set $webmail webmail;
+      set $webdav webdav:5232;
+
      # Always listen over HTTP
      listen 80;
      listen [::]:80;
@@ -44,7 +51,7 @@ http {
      # In any case, enable the proxy for certbot if the flavor is letsencrypt
      {% if TLS_FLAVOR == 'letsencrypt' %}
      location ^~ /.well-known/acme-challenge/ {
-          proxy_pass http://localhost:8008;
+          proxy_pass http://127.0.0.1:8008;
      }
      {% endif %}

@@ -64,7 +71,8 @@ http {
      location {{ WEB_WEBMAIL }} {
        rewrite ^({{ WEB_WEBMAIL }})$ $1/ permanent;
        rewrite ^{{ WEB_WEBMAIL }}/(.*) /$1 break;
-        proxy_pass http://webmail;
+        proxy_set_header Host $host;
+        proxy_pass http://$webmail;
      }
      {% endif %}

@@ -76,7 +84,8 @@ http {
      location ~ {{ WEB_ADMIN }}/(ui|static) {
        rewrite ^{{ WEB_ADMIN }}/(.*) /$1 break;
        proxy_set_header X-Forwarded-Prefix {{ WEB_ADMIN }};
-        proxy_pass http://admin;
+        proxy_set_header Host $host;
+        proxy_pass http://$admin;
      }

      location {{ WEB_ADMIN }}/antispam {
@@ -84,14 +93,14 @@ http {
        auth_request /internal/auth/admin;
        proxy_set_header X-Real-IP "";
        proxy_set_header X-Forwarded-For "";
-        proxy_pass http://antispam:11334;
+        proxy_pass http://$antispam;
      }
      {% endif %}

      {% if WEBDAV != 'none' %}
      location /webdav {
        rewrite ^/webdav/(.*) /$1 break;
-        proxy_pass http://webdav:5232;
+        proxy_pass http://$webdav;
      }
      {% endif %}
      {% endif %}
@@ -99,7 +108,7 @@ http {
      location /internal {
        internal;

-        proxy_pass http://admin;
+        proxy_pass http://$admin;
        proxy_pass_request_body off;
        proxy_set_header Content-Length "";
      }
@@ -110,7 +119,7 @@ http {
      listen 127.0.0.1:8000;

      location / {
-        proxy_pass http://admin/internal/;
+        proxy_pass http://$admin/internal/;
      }
    }
 }