twistedpair/Dockerfile

## Dockerfile
FROM nginx

# Copy custom error pages
COPY html /usr/share/nginx/html

# nginx defaults like logging
COPY nginx/default.conf /etc/nginx/conf.d/default.conf

# nginx mapping file for URL routing
COPY nginx/nginx.conf /etc/nginx/nginx.conf

## html-404.html
<html>
<body><h1>404 😭</h1></body>
</html>

## html-index.html
<html>
<body>There is nothing here. Be sure to enter the correct preview environment path.</body>
</html>

## nginx-default.confg
server {
    listen       8080;
    server_name  localhost;

    # TLS is terminated upstream, so use forwarded proto to determine redirect need
    if ($http_x_forwarded_proto ~* ^http$ ) {
        return 301 https://$host$request_uri;
    }

    # Extract wildcard commit hash from hostname -> app_hash
    # Use this matcher for <app-hash>-<app-name>-<env-name>.preview.acme.com style wildcard DNS routing
    # server_name "~^(?<app_hash>[a-f0-9]{7})-(?<app_name>[a-z]{3,10})-(?<env_name>dev|prod})\.preview.acme.com$";
    # Use this matcher for preview.acme.com/<app-name>/<app-hash>/ style routing (env-name optional)
    server_name "preview.acme.com";

    # enable rewrite debugging logs - uncomment for debugging
    #rewrite_log on;
    #error_log /var/log/nginx/debug.log debug;

    # Map to our custom erorr page - use this for a custom error page (include in your HTML dir)
    error_page 404 /404.html;

    # Support health checking
    location ~ /health.html {
        return 204;
    }

    # NOTE: this is a little tricky, we need to add the app path TWICE, since the location matcher will STRIP IT
    location / {

        # Rewrite / -> /index.html on upstream
        # (1) / -> index.html
        rewrite ^/$ /cdn/$env_name/$app_name/$app_hash/index.html last;

        # (2) Anything without a file extension /foo, /foo/bar -> index.html
        rewrite ^/(.*/)?[^\.]+$ /cdn/$env_name/$app_name/$app_hash/index.html last;

        # (3) Add GCS path to all other requests
        rewrite ^/(.*)$ /cdn/$env_name/$app_name/$app_hash/$1 last;
    }

    # The app name will be blank if someone is just fuzzing this proxy - don't proxy to GCS
    # A blank app name (or otherwise invalid URL) will give us a double slash `//`
    location ~ // {
        return 404; # set 404 code
    }

    # Path parts matched here will be stripped by Nginx when resolving in the proxy, so just add the 'cdn/' prefix above
    # proxy resolvers like this can have NO DYNAMIC MATCHERS/PARTS
    location /cdn {

# Extra header info to help with debugging
        set $upstream_url https://storage.googleapis.com/<YOUR-BUCKET-NAME-HERE>/$app_name/$app_hash/$1;
        add_header X-app-hash "$app_hash";
        add_header X-app-name "$app_name";
        add_header X-upstream-url "$upstream_url";

        # Note: no trailing slash, as the rewrite rules above/stripping will leave us with an appended slash
        # TODO ADD YOUR BUCKET NAME HERE
        proxy_pass https://storage.googleapis.com/<YOUR-BUCKET-NAME-HERE>;
    }

    # Map error status codes
    location = /404.html {
        root  /usr/share/nginx/html;
        internal;
    }
}

## nginx-nginx.conf

user  nginx;
worker_processes  1;

error_log   /var/log/nginx/error.log notice;

pid        /var/run/nginx.pid;

events {
    worker_connections  1024;
}

http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;
    server_tokens off;

    log_format  main  '[$time_local] "$host" "$remote_addr" "$http_x_forwarded_for" '
                      '"$http_x_forwarded_proto" "$http_referer" "$remote_user" "$request" $status $body_bytes_sent '
                      '$request_time $upstream_connect_time $upstream_header_time $upstream_response_time '
                      '"$http_user_agent"';

    # Turn on for detailed debugging
    #rewrite_log on;
    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    #gzip  on;
    include /etc/nginx/conf.d/*.conf;
}
	FROM nginx

	# Copy custom error pages
	COPY html /usr/share/nginx/html

	# nginx defaults like logging
	COPY nginx/default.conf /etc/nginx/conf.d/default.conf

	# nginx mapping file for URL routing
	COPY nginx/nginx.conf /etc/nginx/nginx.conf
	<html>
	<body>There is nothing here. Be sure to enter the correct preview environment path.</body>
	</html>
	server {
	listen 8080;
	server_name localhost;

	# TLS is terminated upstream, so use forwarded proto to determine redirect need
	if ($http_x_forwarded_proto ~* ^http$ ) {
	return 301 https://$host$request_uri;
	}

	# Extract wildcard commit hash from hostname -> app_hash
	# Use this matcher for <app-hash>-<app-name>-<env-name>.preview.acme.com style wildcard DNS routing
	# server_name "~^(?<app_hash>[a-f0-9]{7})-(?<app_name>[a-z]{3,10})-(?<env_name>dev\|prod})\.preview.acme.com$";
	# Use this matcher for preview.acme.com/<app-name>/<app-hash>/ style routing (env-name optional)
	server_name "preview.acme.com";

	# enable rewrite debugging logs - uncomment for debugging
	#rewrite_log on;
	#error_log /var/log/nginx/debug.log debug;

	# Map to our custom erorr page - use this for a custom error page (include in your HTML dir)
	error_page 404 /404.html;

	# Support health checking
	location ~ /health.html {
	return 204;
	}

	# NOTE: this is a little tricky, we need to add the app path TWICE, since the location matcher will STRIP IT
	location / {

	# Rewrite / -> /index.html on upstream
	# (1) / -> index.html
	rewrite ^/$ /cdn/$env_name/$app_name/$app_hash/index.html last;

	# (2) Anything without a file extension /foo, /foo/bar -> index.html
	rewrite ^/(.*/)?[^\.]+$ /cdn/$env_name/$app_name/$app_hash/index.html last;

	# (3) Add GCS path to all other requests
	rewrite ^/(.*)$ /cdn/$env_name/$app_name/$app_hash/$1 last;
	}

	# The app name will be blank if someone is just fuzzing this proxy - don't proxy to GCS
	# A blank app name (or otherwise invalid URL) will give us a double slash `//`
	location ~ // {
	return 404; # set 404 code
	}

	# Path parts matched here will be stripped by Nginx when resolving in the proxy, so just add the 'cdn/' prefix above
	# proxy resolvers like this can have NO DYNAMIC MATCHERS/PARTS
	location /cdn {

	# Extra header info to help with debugging
	set $upstream_url https://storage.googleapis.com/<YOUR-BUCKET-NAME-HERE>/$app_name/$app_hash/$1;
	add_header X-app-hash "$app_hash";
	add_header X-app-name "$app_name";
	add_header X-upstream-url "$upstream_url";

	# Note: no trailing slash, as the rewrite rules above/stripping will leave us with an appended slash
	# TODO ADD YOUR BUCKET NAME HERE
	proxy_pass https://storage.googleapis.com/<YOUR-BUCKET-NAME-HERE>;
	}

	# Map error status codes
	location = /404.html {
	root /usr/share/nginx/html;
	internal;
	}
	}

	user nginx;
	worker_processes 1;

	error_log /var/log/nginx/error.log notice;

	pid /var/run/nginx.pid;

	events {
	worker_connections 1024;
	}

	http {
	include /etc/nginx/mime.types;
	default_type application/octet-stream;
	server_tokens off;

	log_format main '[$time_local] "$host" "$remote_addr" "$http_x_forwarded_for" '
	'"$http_x_forwarded_proto" "$http_referer" "$remote_user" "$request" $status $body_bytes_sent '
	'$request_time $upstream_connect_time $upstream_header_time $upstream_response_time '
	'"$http_user_agent"';

	# Turn on for detailed debugging
	#rewrite_log on;
	access_log /var/log/nginx/access.log main;

	sendfile on;
	#tcp_nopush on;

	keepalive_timeout 65;

	#gzip on;
	include /etc/nginx/conf.d/*.conf;
	}