From 4e4733f68e0fa44b0cb686d9046b7cf62c210d00 Mon Sep 17 00:00:00 2001 From: Jason Wilder Date: Fri, 9 Jun 2017 12:55:39 -0600 Subject: [PATCH] Trim $host and $proto before they are used --- nginx.tmpl | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/nginx.tmpl b/nginx.tmpl index a5b1d32..b340473 100644 --- a/nginx.tmpl +++ b/nginx.tmpl @@ -99,10 +99,14 @@ server { {{ end }} {{ range $host, $containers := groupByMulti $ "Env.VIRTUAL_HOST" "," }} + +{{ $host := trim $host }} {{ $is_regexp := hasPrefix "~" $host }} {{ $upstream_name := when $is_regexp (sha1 $host) $host }} + # {{ $host }} upstream {{ $upstream_name }} { + {{ range $container := $containers }} {{ $addrLen := len $container.Addresses }} @@ -131,7 +135,7 @@ upstream {{ $upstream_name }} { {{ $default_server := index (dict $host "" $default_host "default_server") $host }} {{/* Get the VIRTUAL_PROTO defined by containers w/ the same vhost, falling back to "http" */}} -{{ $proto := or (first (groupByKeys $containers "Env.VIRTUAL_PROTO")) "http" }} +{{ $proto := trim (or (first (groupByKeys $containers "Env.VIRTUAL_PROTO")) "http") }} {{/* Get the HTTPS_METHOD defined by containers w/ the same vhost, falling back to "redirect" */}} {{ $https_method := or (first (groupByKeys $containers "Env.HTTPS_METHOD")) "redirect" }} @@ -205,6 +209,7 @@ server { {{ else }} proxy_pass {{ trim $proto }}://{{ trim $upstream_name }}; {{ end }} + {{ if (exists (printf "/etc/nginx/htpasswd/%s" $host)) }} auth_basic "Restricted {{ $host }}"; auth_basic_user_file {{ (printf "/etc/nginx/htpasswd/%s" $host) }};