fsfe-system-hackers/proxy-external-websites

Archived

This repository has been archived on 2021-09-06. You can view files and clone it, but cannot push or open issues or pull requests.

Go to file

linus 405ef0e714

continuous-integration/drone/push Build is passing

Details

add --project-name flag

2021-07-13 17:32:08 +02:00

.drone.yml

add --project-name flag

2021-07-13 17:32:08 +02:00

docker-compose.yml

migrate to cont1.noris

2021-07-13 17:26:29 +02:00

Dockerfile

Updated image use

2017-09-19 08:58:23 +02:00

LICENSE

Initial commit

2017-05-12 11:45:05 +00:00

proxy.conf

Commit of initial version

2017-05-12 13:55:58 +02:00

README.md

Fix typos [ci skip]

2018-05-08 09:39:35 +02:00

setdest.sh

Updated image use

2017-09-19 08:58:23 +02:00

README.md

FSFE reverse proxy to external websites

This repository holds the deployment code for containers used to proxy requests to a remote server from lund's reverse proxy.

What does this do?

The containers transfer requests to remote hosts. For example, for the pdfreaders.org website, the requests are transferred from the reverse proxy to the claus server:

|                lund                      |        claus          |
reverse-proxy    ->    proxy-pdfreaders    ->    claus.fsfeurope.org

The benefit of that is that we can use the automatic certificate provisioning integrated in the reverse proxy for websites not being hosted on lund.

How does this work?

The containers use nginx as a reverse proxy. The proxy.conf file is used as a template for the nginx configuration. The file setdest.sh replaces the placeholders %DESTINATION_HOST% and %DESTINATION_PORT% in the template with environment variables. The environment variables are set in the playbook.

The Dockerfile takes nginx:alpine as the base image, exposes the port 80, and copy both the template and the script to replace the placeholders. Then it runs the script and start nginx as CMD statement.

The nginx configuration transfers the IP addresses to the web servers as well as the Host HTTP header.