diff --git a/images/router/nginx/Dockerfile b/images/router/nginx/Dockerfile index a589b529b9f2..5aebfb560ce5 100644 --- a/images/router/nginx/Dockerfile +++ b/images/router/nginx/Dockerfile @@ -11,10 +11,12 @@ RUN INSTALL_PKGS="nginx" && \ rpm -V $INSTALL_PKGS && \ yum clean all && \ mkdir -p /var/lib/nginx/router/{certs,cacerts} && \ - mkdir -p /var/lib/nginx/{conf,run,bin,log} && \ + mkdir -p /var/lib/nginx/{conf,run,bin,log,logs} && \ touch /var/lib/nginx/conf/{{os_http_be,os_edge_http_be,os_tcp_be,os_sni_passthrough,os_reencrypt,os_route_http_expose,os_route_http_redirect,cert_config,os_wildcard_domain}.map,nginx.config} && \ setcap 'cap_net_bind_service=ep' /usr/sbin/nginx && \ chown -R :0 /var/lib/nginx && \ + chown -R :0 /var/log/nginx && \ + chmod -R 777 /var/log/nginx && \ chmod -R 777 /var/lib/nginx COPY . /var/lib/nginx/ diff --git a/images/router/nginx/conf/nginx-config.template b/images/router/nginx/conf/nginx-config.template index c5258f7c3a03..84c306a35e55 100644 --- a/images/router/nginx/conf/nginx-config.template +++ b/images/router/nginx/conf/nginx-config.template @@ -4,10 +4,10 @@ backend for a route and contains all the endpoints for the service */}} {{- define "/var/lib/nginx/conf/nginx.config" -}} -user www www; ## Default: nobody +#user www www; ## Default: nobody worker_processes 5; ## Default: 1 -error_log logs/error.log; -pid logs/nginx.pid; +error_log /var/lib/nginx/logs/error.log; +pid /var/lib/nginx/logs/nginx.pid; worker_rlimit_nofile 8192; events { @@ -15,16 +15,16 @@ events { } http { - include conf/mime.types; - include /etc/nginx/proxy.conf; - include /etc/nginx/fastcgi.conf; + #include conf/mime.types; + #include /etc/nginx/proxy.conf; + #include /etc/nginx/fastcgi.conf; index index.html index.htm index.php; default_type application/octet-stream; log_format main '$remote_addr - $remote_user [$time_local] $status ' '"$request" $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; - access_log logs/access.log main; + access_log /var/lib/nginx/logs/access.log main; sendfile on; tcp_nopush on; server_names_hash_bucket_size 128; # this seems to be required for some vhosts @@ -47,8 +47,8 @@ http { server { # simple load balancing listen 80; - server_name {{$cfg.host}}; - access_log logs/be_http_{{$cfgIdx}}.log main; + server_name {{$cfg.Host}}; + access_log /var/lib/nginx/logs/be_http_{{$cfgIdx}}.log main; location / { proxy_pass http://be_http_{{$cfgIdx}}; diff --git a/images/router/nginx/reload-nginx b/images/router/nginx/reload-nginx index 90e75b5c82f5..a496804b1db3 100755 --- a/images/router/nginx/reload-nginx +++ b/images/router/nginx/reload-nginx @@ -7,10 +7,10 @@ old_pids=$(ps -A -opid,args | grep nginx | egrep -v -e 'grep|reload-nginx' | awk reload_status=0 if [ -n "$old_pids" ]; then - /usr/sbin/nginx -s reload + /usr/sbin/nginx -c ${config_file} -s reload reload_status=$? else - /usr/sbin/nginx -c $config_file + /usr/sbin/nginx -c ${config_file} reload_status=$? fi exit $reload_status