simplify reverse proxy (#98)

make use of mainline nginx image, switch ssl/non-ssl config file based on presence of cert/key, hardcode app port since it is hardcoded in the app container as well

README.md

@@ -23,14 +23,7 @@ make sure to set the appropriate values for `MM_USERNAME`, `MM_PASSWORD` and `MM
 
 ### Install with SSL certificate
 
-1. Open docker-compose.yml and set `MATTERMOST_ENABLE_SSL` to true.
-
-    ```
-    environment:
-      - MATTERMOST_ENABLE_SSL=true
-    ```
-
-2. Put your SSL certificate as `./volumes/web/cert/cert.pem` and the private key that has
+1. Put your SSL certificate as `./volumes/web/cert/cert.pem` and the private key that has
    no password as `./volumes/web/cert/key-no-password.pem`. If you don't have
    them you may generate a self-signed SSL certificate.
 
@@ -42,14 +35,7 @@ make sure to set the appropriate values for `MM_USERNAME`, `MM_PASSWORD` and `MM
 
 ### Install without SSL certificate
 
-1. Open docker-compose.yml and set `MATTERMOST_ENABLE_SSL` to false.
-
-    ```
-    environment:
-      - MATTERMOST_ENABLE_SSL=false
-    ```
-
-2. Build and run mattermost
+1. Build and run mattermost
 
     docker-compose up -d
 

docker-compose-v1.yml

@@ -42,6 +42,3 @@ web:
       # This directory must have cert files
     - ./volumes/web/cert:/cert:ro
     - /etc/localtime:/etc/localtime:ro
-  environment:
-    - MATTERMOST_ENABLE_SSL=false
-    - PLATFORM_PORT_80_TCP_PORT=80

docker-compose.yml

@@ -45,8 +45,5 @@ services:
       # This directory must have cert files
       - ./volumes/web/cert:/cert:ro
       - /etc/localtime:/etc/localtime:ro
-    environment:
-      - MATTERMOST_ENABLE_SSL=false
-      - PLATFORM_PORT_80_TCP_PORT=80
     depends_on:
       - app

web/Dockerfile

@@ -1,22 +1,9 @@
-FROM ubuntu:14.04
+FROM nginx:mainline
 
-RUN apt-get update && apt-get install -y nginx
-
-RUN rm /etc/nginx/sites-enabled/default
-
-COPY mattermost /etc/nginx/sites-available/
-COPY mattermost-ssl /etc/nginx/sites-available/
-ADD docker-entry.sh /
+RUN rm /etc/nginx/conf.d/default.conf
+COPY ./mattermost /etc/nginx/sites-available/
+COPY ./mattermost-ssl /etc/nginx/sites-available/
 
+COPY docker-entry.sh /
 RUN chmod +x /docker-entry.sh
-
-# You can see the logs using `docker-compose logs web`.
-RUN ln -sf /dev/stdout /var/log/nginx/access.log
-RUN ln -sf /dev/stderr /var/log/nginx/error.log
-
-# Define working directory.
-WORKDIR /etc/nginx
-
 ENTRYPOINT /docker-entry.sh
-
-EXPOSE 80 443

web/docker-entry.sh

@@ -1,9 +1,9 @@
 #!/bin/bash
-echo Starting Nginx
-sed -Ei "s/APP_PORT/$PLATFORM_PORT_80_TCP_PORT/" /etc/nginx/sites-available/mattermost
-sed -Ei "s/APP_PORT/$PLATFORM_PORT_80_TCP_PORT/" /etc/nginx/sites-available/mattermost-ssl
-if [ "$MATTERMOST_ENABLE_SSL" = true ]; then
-    ssl="-ssl"
+if [ -f "/cert/cert.pem" -a -f "/cert/key-no-password.pem" ]; then
+  echo "found certificate and key, linking ssl config"
+  ssl="-ssl"
+else
+  echo "linking plain config"
 fi
-ln -s /etc/nginx/sites-available/mattermost$ssl /etc/nginx/sites-enabled/mattermost
+ln -s /etc/nginx/sites-available/mattermost$ssl /etc/nginx/conf.d/mattermost.conf
 nginx -g 'daemon off;'

web/mattermost

@@ -17,6 +17,6 @@ server {
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
         proxy_set_header X-Forwarded-Proto $proxy_x_forwarded_proto;
         proxy_set_header X-Frame-Options SAMEORIGIN;
-        proxy_pass http://app:APP_PORT;
+        proxy_pass http://app:80;
     }
 }

web/mattermost-ssl

@@ -32,7 +32,7 @@ server {
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
         proxy_set_header X-Forwarded-Proto $proxy_x_forwarded_proto;
         proxy_set_header X-Frame-Options SAMEORIGIN;
-        proxy_pass http://app:APP_PORT;
+        proxy_pass http://app:80;
     }
 }