diff --git a/.docker/nginx/Dockerfile b/.docker/nginx/Dockerfile new file mode 100644 index 0000000..eeb46e0 --- /dev/null +++ b/.docker/nginx/Dockerfile @@ -0,0 +1,20 @@ +FROM nginx:1.19.2-alpine + +EXPOSE 8080 + +ENV PORT 8080 + +ENV API_DOMAIN vk-api-proxy.example.com +ENV STATIC_DOMAIN vk-static-proxy.example.com +ENV OAUTH_DOMAIN vk-oauth-proxy.example.com + +ENV VK_PROXY_HOST vk-proxy +ENV VK_PROXY_PORT 8080 + + +COPY ./entrypoint.sh /entrypoint.sh + +COPY nginx.conf /tmp/nginx.conf + +ENTRYPOINT [ "/entrypoint.sh" ] +CMD nginx -g "daemon off;" \ No newline at end of file diff --git a/.docker/nginx/entrypoint.sh b/.docker/nginx/entrypoint.sh new file mode 100755 index 0000000..7c7b3b6 --- /dev/null +++ b/.docker/nginx/entrypoint.sh @@ -0,0 +1,16 @@ +#!/bin/ash +set -e + +envsubst "\$PORT \$API_DOMAIN \$STATIC_DOMAIN \$OAUTH_DOMAIN \$VK_PROXY_HOST \$VK_PROXY_PORT" < /tmp/nginx.conf > /etc/nginx/nginx.conf + +echo Check for vk proxy up before starting the nginx +echo "Checking vk proxy status." +until nc -z -v -w30 $VK_PROXY_HOST $VK_PROXY_PORT +do + echo "Waiting for vk proxy connection..." + # wait for 5 seconds before check again + sleep 5 +done + +echo Startup command: $@ +exec "$@" \ No newline at end of file diff --git a/.docker/nginx/nginx.conf b/.docker/nginx/nginx.conf new file mode 100644 index 0000000..0cb8728 --- /dev/null +++ b/.docker/nginx/nginx.conf @@ -0,0 +1,137 @@ +user nginx; +worker_processes 1; + +pid /var/run/nginx.pid; + +events { + worker_connections 1024; +} + +http { + sendfile on; + tcp_nopush on; + tcp_nodelay on; + keepalive_timeout 65; + types_hash_max_size 2048; + + client_max_body_size 10M; + server_names_hash_bucket_size 64; + + include /etc/nginx/mime.types; + default_type application/octet-stream; + + access_log off; + error_log /var/log/nginx/error.log crit; + + gzip on; + gzip_disable "msie6"; + + gzip_vary on; + gzip_min_length 500; + gzip_buffers 16 8k; + gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript; + + upstream vk-proxy { + server ${VK_PROXY_HOST}:${VK_PROXY_PORT}; + keepalive 64; + } + + map $request_method $cors_origin { + default "*"; + "OPTIONS" $http_access_control_allow_origin; + } + + server { + listen ${PORT}; + listen [::]:${PORT}; + + server_name ${API_DOMAIN}; + charset UTF-8; + + # Нужен для динамических доменов в proxy_pass + resolver 8.8.8.8; + + # Если вы используете Let's Encrypt, то в файлике ssl-snippet.conf лежат рекомендуемые настройки SSL + #include ssl-snippet.conf + + proxy_buffering on; + proxy_request_buffering off; + proxy_max_temp_file_size 0; + + location /_ { + location /_ { + return 403; + } + + location ~ ^/_/(?:vk\.com|(?:[-_a-zA-Z0-9]+)\.(?:userapi\.com|vk-cdn\.net|vk\.(?:me|com)|vkuser(?:live|video|audio)\.(?:net|com)))/ { + rewrite /_/([^/]+)/(.*) /$2 break; + + client_max_body_size 128m; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass https://$1; + + # Переадресация локальных ссылок + # $1 берется из регекспа rewrite + proxy_redirect / /_/$1/; + + # Переадресация абсолютных ссылок + proxy_redirect ~^https?://(.*) /_/$1; + } + } + + location / { + gzip_proxied any; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Host $host; + proxy_pass http://vk-proxy; + add_header Access-Control-Allow-Origin $cors_origin; + } + } + + server { + listen ${PORT}; + listen [::]:${PORT}; + + server_name ${STATIC_DOMAIN}; + charset UTF-8; + + #include ssl-snippet.conf + + proxy_buffering on; + proxy_request_buffering off; + proxy_max_temp_file_size 0; + + location ~* ^.+\.(jpeg|gif|png|jpg|ico|otf|woff|ttf|woff2|svg) { + proxy_pass https://static.vk.com; + proxy_redirect https://static.vk.com/ /; + } + + location / { + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Proxy-Host static.vk.com; + proxy_pass http://vk-proxy; + } + } + + server { + listen 80; + listen [::]:80; + + server_name ${OAUTH_DOMAIN}; + charset UTF-8; + + #include ssl-snippet.conf + + proxy_buffering on; + proxy_request_buffering off; + proxy_max_temp_file_size 0; + + location / { + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Proxy-Host oauth.vk.com; + proxy_pass http://vk-proxy; + proxy_redirect https://oauth.vk.com/ /; + } + } +} diff --git a/.docker/vk-proxy/entrypoint.sh b/.docker/vk-proxy/entrypoint.sh new file mode 100755 index 0000000..4ed460a --- /dev/null +++ b/.docker/vk-proxy/entrypoint.sh @@ -0,0 +1,9 @@ +#!/bin/ash + +set -e + +/app/vk-proxy -allowMissingConfig \ + -bind 0.0.0.0:$PORT \ + -domain $API_DOMAIN \ + -domain-static $STATIC_DOMAIN \ + -log-verbosity 3 diff --git a/.gitignore b/.gitignore index f7d4735..681d86c 100644 --- a/.gitignore +++ b/.gitignore @@ -6,4 +6,4 @@ *.dylib *.test -vk-proxy +/vk-proxy diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..6a022a7 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,22 @@ +FROM golang:1.14-alpine as build + +WORKDIR /go/src/github.com/xtrafrancyz/vk-proxy/ + +COPY . . + +RUN go install && go build + +FROM alpine:3.12 + +EXPOSE 8080 + +ENV PORT 8080 +ENV API_DOMAIN vk-api-proxy.example.com +ENV STATIC_DOMAIN vk-static-proxy.example.com + +WORKDIR /app + +COPY --from=build /go/src/github.com/xtrafrancyz/vk-proxy/vk-proxy/ /app/vk-proxy +COPY .docker/vk-proxy/entrypoint.sh /entrypoint.sh + +ENTRYPOINT [ "/entrypoint.sh" ] \ No newline at end of file diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..660cc39 --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,20 @@ +version: '2' + + +services: + nginx: + image: vk-proxy-nginx + build: .docker/nginx + environment: + - VK_PROXY_HOST=vk-proxy + - DOMAIN=... + - STATIC_DOMAIN=... + ports: + - 8080:8080 + + vk-proxy: + image: vk-proxy + build: . + environment: + - DOMAIN=... + - STATIC_DOMAIN=... \ No newline at end of file