Skip to content

Commit

Permalink
Merge pull request #87 from coderbydesign/dynamic-resolver
Browse files Browse the repository at this point in the history 
Use dynamic resolver from /etc/resolv.conf
  • Loading branch information
@coderbydesign
coderbydesign authored Aug 18, 2022
2 parents f1132d9 + 289885c commit 2392511
Show file tree
Hide file tree
Showing 5 changed files with 30 additions and 4 deletions.
1 change: 1 addition & 0 deletions .env.example
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,3 +4,4 @@ SECRET_KEY=
FLASK_ENV=development
MULTI_VALUE_SAML_ATTRS=Role
AUTH_DEBUG=1
TURNPIKE_ALLOWED_ORIGIN_DOMAINS=web,echo-server,foo,host.docker.internal
2 changes: 1 addition & 1 deletion .pre-commit-config.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ default_language_version:
python: python3.8
repos:
- repo: https://github.com/psf/black
rev: 19.3b0
rev: 22.3.0
hooks:
- id: black
args: ["-l", "119", "-t", "py38"]
Expand Down
9 changes: 9 additions & 0 deletions dev-backends.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,12 @@
auth:
saml: "True"
x509: "True"
- name: rbac
route: /api/rbac
origin: http://host.docker.internal:8000/_private/api
auth:
saml: "True"
x509: "True"
- name: healthcheck
route: /public/healthcheck/
origin: http://web.svc.cluster.local:5000/_healthcheck/
Expand All @@ -19,3 +25,6 @@
origin: http://echo-server.svc.cluster.local:8080/
source_ip:
- 240.0.0.0/4
- name: nginx_regression_test
route: /api/does_not_exist/
origin: http://foo:5000/does_not_exist/
6 changes: 4 additions & 2 deletions nginx/backend_template.conf.j2
View file
Original file line number Diff line number Diff line change
@@ -1,10 +1,12 @@
location {{ route }} {
location ~ {{ route }}(.*)$ {
resolver {{ resolver }} valid=60s;
set $upstream {{ origin }};
auth_request /auth/;
auth_request_set $login_url $upstream_http_login_url;
{% for header in headers %}
auth_request_set $turnpike_{{ header.lower().replace("-", "_") }} $upstream_http_{{ header.lower().replace("-", "_") }};
{% endfor %}
proxy_pass {{ origin }};
proxy_pass $upstream$1$is_args$args;
proxy_set_header X-Original-URI $request_uri;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Host $proxy_host;
Expand Down
16 changes: 15 additions & 1 deletion nginx/build_config.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
import argparse
import json
import os
import re
import time
from urllib import parse, request, error
import warnings
Expand Down Expand Up @@ -47,6 +48,18 @@ def validate_route(backend):
return True


def get_resolver():
resolver_file_name = "/etc/resolv.conf"
file = open(resolver_file_name, "r")
match = re.search("(?<=nameserver )(.*)(?=\\n)", file.read())
if not match:
raise Exception(f"Error getting resolver from {resolver_file_name}")

resolver = match.group()
print(f"Using resolver: {resolver}")
return resolver


def main(args):
try:
with open(args.config_map_path) as ifs:
Expand Down Expand Up @@ -77,6 +90,7 @@ def main(args):
headers_to_upstream = nginx_config["to_upstream"]
headers_to_policy_service = nginx_config["to_policy_service"]
blueprints = nginx_config["blueprints"]
resolver = get_resolver()

with open("/etc/nginx/api_gateway.conf.j2") as ifs:
template = jinja2.Template(ifs.read())
Expand All @@ -90,7 +104,7 @@ def main(args):
print(f"Processing backend configuration for {name}")
if validate_route(backend):
with open(f"/etc/nginx/api_conf.d/{name}.conf", "w") as ofs:
ofs.write(template.render(headers=headers_to_upstream, **backend))
ofs.write(template.render(headers=headers_to_upstream, resolver=resolver, **backend))
print("Done.")


Expand Down

0 comments on commit 2392511

Please sign in to comment.