nginx template fix

2026-02-06 21:14:52 +03:00
parent bb1a3c9400
commit 5260e45bd8
7 changed files with 49 additions and 30 deletions
--- a/APP_PROFILER/Dockerfile
+++ b/APP_PROFILER/Dockerfile
@@ -1,7 +1,7 @@
 FROM python:3.12-alpine

 # Install OpenVPN, OpenRC and other system deps
-RUN apk add --no-cache openvpn openrc iproute2 bash
+RUN apk add --no-cache openvpn openrc iproute2 bash iptables

 WORKDIR /app

--- a/APP_PROFILER/entrypoint.sh
+++ b/APP_PROFILER/entrypoint.sh
@@ -10,6 +10,14 @@ fi
 # Enable IP forwarding
 sysctl -w net.ipv4.ip_forward=1

+# NAT MASQUERADE
+iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
+
+# MSS Clamping (Path MTU Tuning)
+# Works for both directions in one rule on the FORWARD chain
+iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
+
+
 # Start OpenRC (needed for rc-service if we use it, but better to start openvpn directly or via rc)
 # Since we are in Alpine, we can try to start the service if configured, 
 # but Container 4 main.py might expect rc-service to work.
--- a/APP_PROFILER/templates/server.conf.j2
+++ b/APP_PROFILER/templates/server.conf.j2
@@ -28,13 +28,13 @@ server {{ vpn_network }} {{ vpn_netmask }}

 ifconfig-pool-persist /etc/openvpn/ipp.txt

-log /etc/openvpn/openvpn.log
-log-append /etc/openvpn/openvpn.log
+log /var/log/openvpn/openvpn-status.log
+log-append /var/log/openvpn/openvpn-status.log

 verb 3

 # Use Extended Status Output
-status /etc/openvpn/openvpn-status.log 5
+status /var/log/openvpn/openvpn-status.log 5
 status-version 2

 # Tunneling Mode
--- a/APP_UI/Dockerfile
+++ b/APP_UI/Dockerfile
@@ -9,6 +9,7 @@ RUN npm run build
 # Stage 2: Serve
 FROM nginx:alpine
 COPY --from=build-stage /app/dist /usr/share/nginx/html
-COPY nginx.conf /etc/nginx/conf.d/default.conf
+COPY default.conf.template /etc/nginx/templates/default.conf.template
 EXPOSE 80
 CMD ["nginx", "-g", "daemon off;"]
+
--- a/APP_UI/default.conf.template
+++ b/APP_UI/default.conf.template
@@ -0,0 +1,29 @@
+server {
+    listen 80;
+    server_name localhost;
+
+    root /usr/share/nginx/html;
+    index index.html;
+
+    location / {
+        try_files $uri $uri/ /index.html;
+    }
+
+    # Proxy API requests
+    location /api/v1/ {
+        proxy_pass http://${OVP_API_HOST}:${OVP_API_PORT};
+    }
+    
+    location /api/auth {
+        proxy_pass http://${OVP_API_HOST}:${OVP_API_PORT};
+    }
+
+    location /api/ {
+        proxy_pass http://${OVP_PROFILER_HOST}:${OVP_PROFILER_PORT};
+    }
+
+    error_page 500 502 503 504 /50x.html;
+    location = /50x.html {
+        root /usr/share/nginx/html;
+    }
+}
--- a/APP_UI/nginx.conf
+++ b/APP_UI/nginx.conf
@@ -1,25 +0,0 @@
-server {
-    listen 80;
-    server_name localhost;
-
-    root /usr/share/nginx/html;
-    index index.html;
-
-    location / {
-        try_files $uri $uri/ /index.html;
-    }
-
-    # Proxy API requests if needed or let the frontend handle URLs
-    # location /api/v1/ {
-    #     proxy_pass http://app-api:5001;
-    # }
-
-    # location /api/ {
-    #     proxy_pass http://app-profiler:8000;
-    # }
-
-    error_page 500 502 503 504 /50x.html;
-    location = /50x.html {
-        root /usr/share/nginx/html;
-    }
-}
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -11,6 +11,12 @@ services:
      - app-profiler
    networks:
      - ovp-net
+    environment:
+      - OVP_API_HOST=ovp-api
+      - OVP_API_PORT=5001
+      - OVP_PROFILER_HOST=ovp-profiler
+      - OVP_PROFILER_PORT=8000
+

  app-gatherer:
    build: