From 57ed0618b32a6802d2b7cba8a387684bd8b9133e Mon Sep 17 00:00:00 2001 From: Marius van den Beek Date: Wed, 3 Feb 2016 12:07:17 +0100 Subject: [PATCH 1/4] Make nginx prefix configurable --- defaults/main.yml | 2 ++ templates/nginx.conf.j2 | 28 ++++++++++++++-------------- templates/nginx_galaxy_web.conf.j2 | 2 +- templates/nginx_ide.conf.j2 | 2 +- templates/nginx_uwsgi.conf.j2 | 2 +- 5 files changed, 19 insertions(+), 17 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index cbee0355..468667c9 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -78,6 +78,8 @@ startup_chown_on_directory: "" nginx_conf_path: /etc/nginx/nginx.conf nginx_conf_directory: /etc/nginx/conf.d nginx_upload_store_path: "/tmp/nginx_upload_store" +# Set nginx_proxy_prefix to galaxy, if galaxy should be served at subdirectory (e.g. example.com/galaxy) +nginx_proxy_prefix: "" ## Development Box Configuration # Configure nginx to setup a proxy to an IDE. diff --git a/templates/nginx.conf.j2 b/templates/nginx.conf.j2 index 9f108a3d..a4d7531c 100644 --- a/templates/nginx.conf.j2 +++ b/templates/nginx.conf.j2 @@ -39,7 +39,7 @@ http { {% if nginx_proxy_reports %} # enable reports under :80/reports/ # if the file /etc/nginx/htpasswd exists authentification is enabled - location /reports/ { + location {{ nginx_proxy_prefix }}/reports/ { set $auth "Galaxy reports are restricted. Please contact your administrator."; if (!-f /etc/nginx/htpasswd) { @@ -51,19 +51,19 @@ http { proxy_pass http://127.0.0.1:{{ galaxy_reports_port }}/; } # serve static content for report app - location /reports/static { + location {{ nginx_proxy_prefix }}/reports/static { alias /galaxy-central/static; gzip on; gzip_types text/plain text/xml text/javascript text/css application/x-javascript; expires 24h; } - location /reports/static/style { + location {{ nginx_proxy_prefix }}/reports/static/style { alias /galaxy-central/static/style/blue; gzip on; gzip_types text/plain text/xml text/javascript text/css application/x-javascript; expires 24h; } - location /reports/static/scripts { + location {{ nginx_proxy_prefix }}/reports/static/scripts { alias /galaxy-central/static/scripts/packed; gzip on; gzip_types text/plain text/javascript application/x-javascript; @@ -86,25 +86,25 @@ http { include {{ nginx_conf_directory }}/{{ a }}.conf; {% endfor %} {% if nginx_serve_planemo_machine_web %} - location /planemo { + location {{ nginx_proxy_prefix }}/planemo { alias {{ planemo_machine_web_dir }}; } {% endif %} # serve static content - location /static { + location {{ nginx_proxy_prefix }}/static { alias {{ galaxy_root }}/static; gzip on; gzip_types text/plain text/xml text/javascript text/css application/x-javascript; expires 24h; } - location /static/style { + location {{ nginx_proxy_prefix }}/static/style { alias {{ galaxy_root }}/static/style/blue; gzip on; gzip_types text/plain text/xml text/javascript text/css application/x-javascript; expires 24h; } - location /static/scripts { + location {{ nginx_proxy_prefix }}/static/scripts { alias {{ galaxy_root }}/static/scripts/packed; gzip on; gzip_types text/plain text/javascript application/x-javascript; @@ -112,13 +112,13 @@ http { } # delegated downloads - location /_x_accel_redirect { + location {{ nginx_proxy_prefix }}/_x_accel_redirect { internal; alias /; } # this is needed if 'welcome_url' is set to /etc/galaxy/web - location /etc/galaxy/web { + location {{ nginx_proxy_prefix }}/etc/galaxy/web { alias /etc/galaxy/web; gzip on; gzip_types text/plain text/xml text/javascript text/css application/x-javascript; @@ -135,7 +135,7 @@ http { {% if galaxy_extras_config_nginx_upload == True %} # delegated uploads - location /_upload { + location {{ nginx_proxy_prefix }}/_upload { upload_store {{ nginx_upload_store_path }}; upload_store_access user:rw; upload_pass_form_field ""; @@ -146,7 +146,7 @@ http { upload_pass_args on; upload_pass /_upload_done; } - location /_upload_done { + location {{ nginx_proxy_prefix }}/_upload_done { set $dst /api/tools; if ($args ~ nginx_redir=([^&]+)) { set $dst $1; @@ -154,8 +154,8 @@ http { rewrite "" $dst; } {% endif %} - error_page 502 /502.html; - location = /502.html { + error_page 502 {{ nginx_proxy_prefix }}/502.html; + location = {{ nginx_proxy_prefix }}/502.html { root /root/; proxy_intercept_errors on; } diff --git a/templates/nginx_galaxy_web.conf.j2 b/templates/nginx_galaxy_web.conf.j2 index c7af7474..5a03a947 100644 --- a/templates/nginx_galaxy_web.conf.j2 +++ b/templates/nginx_galaxy_web.conf.j2 @@ -1,5 +1,5 @@ # pass to uWSGI by default -location / { +location {{ nginx_proxy_prefix }}/ { proxy_pass http://galaxy_web_app; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; diff --git a/templates/nginx_ide.conf.j2 b/templates/nginx_ide.conf.j2 index ca61bddf..b0fd58bf 100644 --- a/templates/nginx_ide.conf.j2 +++ b/templates/nginx_ide.conf.j2 @@ -1,4 +1,4 @@ -location /ide { +location {{ nginx_proxy_prefix }}/ide { rewrite /ide/(.*) /$1 break; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; diff --git a/templates/nginx_uwsgi.conf.j2 b/templates/nginx_uwsgi.conf.j2 index 9a5d177d..a7e2099c 100644 --- a/templates/nginx_uwsgi.conf.j2 +++ b/templates/nginx_uwsgi.conf.j2 @@ -1,5 +1,5 @@ # pass to uWSGI by default -location / { +location {{ nginx_proxy_prefix }}/ { uwsgi_pass 127.0.0.1:{{ uwsgi_port }}; include uwsgi_params; {% if galaxy_admin_user is defined and galaxy_admin_user %} From bf016f118e4e5e5fbc2db77548d798926dd21182 Mon Sep 17 00:00:00 2001 From: Marius van den Beek Date: Wed, 3 Feb 2016 13:42:52 +0100 Subject: [PATCH 2/4] Fix doc --- defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/defaults/main.yml b/defaults/main.yml index 468667c9..9591d1b2 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -78,7 +78,7 @@ startup_chown_on_directory: "" nginx_conf_path: /etc/nginx/nginx.conf nginx_conf_directory: /etc/nginx/conf.d nginx_upload_store_path: "/tmp/nginx_upload_store" -# Set nginx_proxy_prefix to galaxy, if galaxy should be served at subdirectory (e.g. example.com/galaxy) +# Set nginx_proxy_prefix to "/galaxy", if galaxy should be served at subdirectory (e.g. example.com/galaxy) nginx_proxy_prefix: "" ## Development Box Configuration From a66be88983f8dacfd040e3a2179452ffae3d4b90 Mon Sep 17 00:00:00 2001 From: Marius van den Beek Date: Wed, 3 Feb 2016 13:45:52 +0100 Subject: [PATCH 3/4] Add tag allowing to configure only nginx. --- tasks/main.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/tasks/main.yml b/tasks/main.yml index 7eebf071..b7c2df5b 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -10,6 +10,7 @@ - include: nginx.yml when: galaxy_extras_config_nginx + tags: nginx_config - include: proftpd.yml when: galaxy_extras_config_proftpd From d0a62e5d61cb1d0cb9dbb6ce3c380d52ef195872 Mon Sep 17 00:00:00 2001 From: Marius van den Beek Date: Wed, 3 Feb 2016 18:02:06 +0100 Subject: [PATCH 4/4] fine-grained control over proxy_prefix --- defaults/main.yml | 10 ++++++++-- templates/nginx.conf.j2 | 30 +++++++++++++++--------------- templates/nginx_galaxy_web.conf.j2 | 2 +- templates/nginx_ide.conf.j2 | 2 +- templates/nginx_uwsgi.conf.j2 | 2 +- 5 files changed, 26 insertions(+), 20 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index 468667c9..03ca93dc 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -78,8 +78,14 @@ startup_chown_on_directory: "" nginx_conf_path: /etc/nginx/nginx.conf nginx_conf_directory: /etc/nginx/conf.d nginx_upload_store_path: "/tmp/nginx_upload_store" -# Set nginx_proxy_prefix to galaxy, if galaxy should be served at subdirectory (e.g. example.com/galaxy) -nginx_proxy_prefix: "" +# Use nginx_*_location variables to control serving apps at subdirectories. +# If galaxy should be served at subdirectory (e.g. example.com/galaxy) set nginx_galaxy_location: /galaxy +# If all apps should be served on a common subdirectory, use nginx_prefix_location: /your_common_dir +nginx_prefix_location: "" +nginx_galaxy_location: "{{ nginx_prefix_location }}" +nginx_reports_location: "{{ nginx_prefix_location }}/reports" +nginx_planemo_web_location: "{{ nginx_prefix_location }}/planemo" +nginx_ide_location: "{{ nginx_prefix_location }}/ide" ## Development Box Configuration # Configure nginx to setup a proxy to an IDE. diff --git a/templates/nginx.conf.j2 b/templates/nginx.conf.j2 index a4d7531c..51f65903 100644 --- a/templates/nginx.conf.j2 +++ b/templates/nginx.conf.j2 @@ -39,7 +39,7 @@ http { {% if nginx_proxy_reports %} # enable reports under :80/reports/ # if the file /etc/nginx/htpasswd exists authentification is enabled - location {{ nginx_proxy_prefix }}/reports/ { + location {{ nginx_reports_location }} { set $auth "Galaxy reports are restricted. Please contact your administrator."; if (!-f /etc/nginx/htpasswd) { @@ -48,22 +48,22 @@ http { auth_basic $auth; auth_basic_user_file htpasswd; - proxy_pass http://127.0.0.1:{{ galaxy_reports_port }}/; + proxy_pass http://127.0.0.1:{{ galaxy_reports_port }}; } # serve static content for report app - location {{ nginx_proxy_prefix }}/reports/static { + location {{ nginx_reports_location }}/static { alias /galaxy-central/static; gzip on; gzip_types text/plain text/xml text/javascript text/css application/x-javascript; expires 24h; } - location {{ nginx_proxy_prefix }}/reports/static/style { + location {{ nginx_reports_location }}/static/style { alias /galaxy-central/static/style/blue; gzip on; gzip_types text/plain text/xml text/javascript text/css application/x-javascript; expires 24h; } - location {{ nginx_proxy_prefix }}/reports/static/scripts { + location {{ nginx_reports_location }}/static/scripts { alias /galaxy-central/static/scripts/packed; gzip on; gzip_types text/plain text/javascript application/x-javascript; @@ -86,25 +86,25 @@ http { include {{ nginx_conf_directory }}/{{ a }}.conf; {% endfor %} {% if nginx_serve_planemo_machine_web %} - location {{ nginx_proxy_prefix }}/planemo { + location {{ nginx_planemo_web_location }} { alias {{ planemo_machine_web_dir }}; } {% endif %} # serve static content - location {{ nginx_proxy_prefix }}/static { + location {{ nginx_galaxy_location }}/static { alias {{ galaxy_root }}/static; gzip on; gzip_types text/plain text/xml text/javascript text/css application/x-javascript; expires 24h; } - location {{ nginx_proxy_prefix }}/static/style { + location {{ nginx_galaxy_location }}/static/style { alias {{ galaxy_root }}/static/style/blue; gzip on; gzip_types text/plain text/xml text/javascript text/css application/x-javascript; expires 24h; } - location {{ nginx_proxy_prefix }}/static/scripts { + location {{ nginx_galaxy_location }}/static/scripts { alias {{ galaxy_root }}/static/scripts/packed; gzip on; gzip_types text/plain text/javascript application/x-javascript; @@ -112,13 +112,13 @@ http { } # delegated downloads - location {{ nginx_proxy_prefix }}/_x_accel_redirect { + location {{ nginx_galaxy_location }}/_x_accel_redirect { internal; alias /; } # this is needed if 'welcome_url' is set to /etc/galaxy/web - location {{ nginx_proxy_prefix }}/etc/galaxy/web { + location {{ nginx_galaxy_location }}/etc/galaxy/web { alias /etc/galaxy/web; gzip on; gzip_types text/plain text/xml text/javascript text/css application/x-javascript; @@ -135,7 +135,7 @@ http { {% if galaxy_extras_config_nginx_upload == True %} # delegated uploads - location {{ nginx_proxy_prefix }}/_upload { + location {{ nginx_galaxy_location }}/_upload { upload_store {{ nginx_upload_store_path }}; upload_store_access user:rw; upload_pass_form_field ""; @@ -146,7 +146,7 @@ http { upload_pass_args on; upload_pass /_upload_done; } - location {{ nginx_proxy_prefix }}/_upload_done { + location {{ nginx_galaxy_location }}/_upload_done { set $dst /api/tools; if ($args ~ nginx_redir=([^&]+)) { set $dst $1; @@ -154,8 +154,8 @@ http { rewrite "" $dst; } {% endif %} - error_page 502 {{ nginx_proxy_prefix }}/502.html; - location = {{ nginx_proxy_prefix }}/502.html { + error_page 502 {{ nginx_prefix_location }}/502.html; + location = {{ nginx_prefix_location }}/502.html { root /root/; proxy_intercept_errors on; } diff --git a/templates/nginx_galaxy_web.conf.j2 b/templates/nginx_galaxy_web.conf.j2 index 5a03a947..a695e673 100644 --- a/templates/nginx_galaxy_web.conf.j2 +++ b/templates/nginx_galaxy_web.conf.j2 @@ -1,5 +1,5 @@ # pass to uWSGI by default -location {{ nginx_proxy_prefix }}/ { +location {{ nginx_galaxy_location }}/ { proxy_pass http://galaxy_web_app; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; diff --git a/templates/nginx_ide.conf.j2 b/templates/nginx_ide.conf.j2 index b0fd58bf..65936453 100644 --- a/templates/nginx_ide.conf.j2 +++ b/templates/nginx_ide.conf.j2 @@ -1,4 +1,4 @@ -location {{ nginx_proxy_prefix }}/ide { +location {{ nginx_ide_location }} { rewrite /ide/(.*) /$1 break; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; diff --git a/templates/nginx_uwsgi.conf.j2 b/templates/nginx_uwsgi.conf.j2 index a7e2099c..0edb01c6 100644 --- a/templates/nginx_uwsgi.conf.j2 +++ b/templates/nginx_uwsgi.conf.j2 @@ -1,5 +1,5 @@ # pass to uWSGI by default -location {{ nginx_proxy_prefix }}/ { +location {{ nginx_galaxy_location }}/ { uwsgi_pass 127.0.0.1:{{ uwsgi_port }}; include uwsgi_params; {% if galaxy_admin_user is defined and galaxy_admin_user %}