technolo-g/app1.conf

## app1.conf
## -- Begin app1 Cluster -- ##


upstream app1 {
  server 10.32.28.2:32851;
}

server {
  listen 80;
  server_name app1.paas.domain.com;
  rewrite ^ https://$server_name$request_uri? permanent;
}

server {
  listen 443 ssl;
  ssl_certificate /etc/nginx/ssl/testn.crt;
  ssl_certificate_key /etc/nginx/ssl/testn.key;
  proxy_ssl_session_reuse off;
  server_name app1.paas.domain.com;


  location / {

      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header Host $host;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_connect_timeout 300;
      proxy_send_timeout  300;
      client_max_body_size  5M;
      proxy_read_timeout  300;
      send_timeout  300;
      proxy_pass https://app1;

  }
}
## -- End app1 Cluster -- ##

## consul.conf.ctmpl
{{range $key, $pairs := tree "apps" | byKey}}
## -- Begin {{$key}} Cluster -- ##

{{range $pair := $pairs}}{{if (regexMatch "main-app" .Key)}}
upstream {{$key}} {
  server {{.Value}};
}{{end}}{{end}}

server {
  listen 80;
  {{range $pair := $pairs}}{{if (regexMatch "metadata-.*" .Key)}}server_name {{(replaceAll "metadata-" "" .Key) | toLower}}.{{env "PAAS_DOMAIN"}};
  rewrite ^ https://$server_name$request_uri? permanent;{{end}}{{end}}
}

server {
  listen 443 ssl;
  {{range $pair := $pairs}}{{if (regexMatch "metadata-.*" .Key)}}ssl_certificate /etc/nginx/ssl/apps.crt;
  ssl_certificate_key /etc/nginx/ssl/apps.key;
  proxy_ssl_session_reuse off;
  server_name {{(replaceAll "metadata-" "" .Key) | toLower}}.{{env "PAAS_DOMAIN"}};
  {{end}}{{end}}

  location / {
    {{range $pair := $pairs}}{{if (regexMatch "main-app" .Key)}}
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header Host $host;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_connect_timeout 300;
      proxy_send_timeout  300;
      client_max_body_size  5M;
      proxy_read_timeout  300;
      send_timeout  300;
      proxy_pass https://{{$key}};
    {{end}}{{end}}
  }
}
## -- End {{$key}} Cluster -- ##
{{end}}

## start.sh
#!/bin/bash -ex

# Enable logging
export CONSUL_TEMPLATE_LOG="${CONSUL_TEMPLATE_LOG:-warn}"

# Write the initial (valid) template
/bin/consul-template \
  -consul ${CONSUL_HOST}:${CONSUL_PORT} \
  -log-level "${CONSUL_TEMPLATE_LOG}" \
  -template "/etc/nginx/consul.conf.ctmpl:/etc/nginx/conf.d/consul.conf:/usr/sbin/nginx -s reload || true" \
  -once 2>&1 |tee /var/log/consul-template-runonce.log

# Start the consul-template daemon
/bin/consul-template \
  -consul ${CONSUL_HOST}:${CONSUL_PORT} \
  -log-level "${CONSUL_TEMPLATE_LOG}" \
  -template "/etc/nginx/consul.conf.ctmpl:/etc/nginx/conf.d/consul.conf:/usr/sbin/nginx -s reload || true" \
  2>&1 |tee /var/log/consul-template.log &

# Start Nginx in foreground
/usr/sbin/nginx -c /etc/nginx/nginx.conf
	## -- Begin app1 Cluster -- ##


	upstream app1 {
	server 10.32.28.2:32851;
	}

	server {
	listen 80;
	server_name app1.paas.domain.com;
	rewrite ^ https://$server_name$request_uri? permanent;
	}

	server {
	listen 443 ssl;
	ssl_certificate /etc/nginx/ssl/testn.crt;
	ssl_certificate_key /etc/nginx/ssl/testn.key;
	proxy_ssl_session_reuse off;
	server_name app1.paas.domain.com;


	location / {

	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header Host $host;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_connect_timeout 300;
	proxy_send_timeout 300;
	client_max_body_size 5M;
	proxy_read_timeout 300;
	send_timeout 300;
	proxy_pass https://app1;

	}
	}
	## -- End app1 Cluster -- ##
	{{range $key, $pairs := tree "apps" \| byKey}}
	## -- Begin {{$key}} Cluster -- ##

	{{range $pair := $pairs}}{{if (regexMatch "main-app" .Key)}}
	upstream {{$key}} {
	server {{.Value}};
	}{{end}}{{end}}

	server {
	listen 80;
	{{range $pair := $pairs}}{{if (regexMatch "metadata-.*" .Key)}}server_name {{(replaceAll "metadata-" "" .Key) \| toLower}}.{{env "PAAS_DOMAIN"}};
	rewrite ^ https://$server_name$request_uri? permanent;{{end}}{{end}}
	}

	server {
	listen 443 ssl;
	{{range $pair := $pairs}}{{if (regexMatch "metadata-.*" .Key)}}ssl_certificate /etc/nginx/ssl/apps.crt;
	ssl_certificate_key /etc/nginx/ssl/apps.key;
	proxy_ssl_session_reuse off;
	server_name {{(replaceAll "metadata-" "" .Key) \| toLower}}.{{env "PAAS_DOMAIN"}};
	{{end}}{{end}}

	location / {
	{{range $pair := $pairs}}{{if (regexMatch "main-app" .Key)}}
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header Host $host;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_connect_timeout 300;
	proxy_send_timeout 300;
	client_max_body_size 5M;
	proxy_read_timeout 300;
	send_timeout 300;
	proxy_pass https://{{$key}};
	{{end}}{{end}}
	}
	}
	## -- End {{$key}} Cluster -- ##
	{{end}}
	#!/bin/bash -ex

	# Enable logging
	export CONSUL_TEMPLATE_LOG="${CONSUL_TEMPLATE_LOG:-warn}"

	# Write the initial (valid) template
	/bin/consul-template \
	-consul ${CONSUL_HOST}:${CONSUL_PORT} \
	-log-level "${CONSUL_TEMPLATE_LOG}" \
	-template "/etc/nginx/consul.conf.ctmpl:/etc/nginx/conf.d/consul.conf:/usr/sbin/nginx -s reload \|\| true" \
	-once 2>&1 \|tee /var/log/consul-template-runonce.log

	# Start the consul-template daemon
	/bin/consul-template \
	-consul ${CONSUL_HOST}:${CONSUL_PORT} \
	-log-level "${CONSUL_TEMPLATE_LOG}" \
	-template "/etc/nginx/consul.conf.ctmpl:/etc/nginx/conf.d/consul.conf:/usr/sbin/nginx -s reload \|\| true" \
	2>&1 \|tee /var/log/consul-template.log &

	# Start Nginx in foreground
	/usr/sbin/nginx -c /etc/nginx/nginx.conf