xsc · mmajis · Mar 19, 2020 · Mar 19, 2020
diff --git a/Dockerfile b/Dockerfile
@@ -31,13 +31,14 @@ RUN wget -O dockerize.tar.gz https://github.com/jwilder/dockerize/releases/downl
 # --------------------
 # TEMPLATES
 # --------------------
-COPY default.conf.tpl nginx.conf.tpl /templates/
+COPY default.conf.tpl nginx.conf.tpl proxy.conf.tpl /templates/
 
 # --------------------
 # FILL TEMPLATES & GO
 # --------------------
 CMD htpasswd -Bbn "$BASIC_AUTH_USERNAME" "$BASIC_AUTH_PASSWORD" > /etc/nginx/auth.htpasswd && \
   dockerize \
   -template /templates/default.conf.tpl:/etc/nginx/conf.d/default.conf \
+  -template /templates/proxy.conf.tpl:/etc/nginx/proxy.conf \
   -template /templates/nginx.conf.tpl:/etc/nginx/nginx.conf \
   nginx
diff --git a/README.md b/README.md
@@ -28,6 +28,7 @@ Configuration is provided using environment variables:
 | `PROXY_BUFFERING`         | Enables or disables buffering of responses from the proxied server | `on`          |
 | `WEBSOCKET_PATH`          | Activates websocket handling on the given path                     | (none)        |
 | `FORWARD_WEBSOCKET_PATH`  | If the remote path differs from `WEBSOCKET_PATH`, use this         | (none)        |
+| `HEALTH_PATH`             | For health checks. No authentication required on this path         | (none)        |
 
 
 ## Usage

diff --git a/default.conf.tpl b/default.conf.tpl
@@ -28,24 +28,20 @@ server {
     }
 {{ end }}
 
+{{ if .Env.HEALTH_PATH }}
+    location {{ .Env.HEALTH_PATH }} {
+        auth_basic "off";
+        include /etc/nginx/proxy.conf;
+    }
+{{ end }}
+
     location / {
 
         # Basic Auth
         limit_except OPTIONS {
             auth_basic "Restricted";
             auth_basic_user_file "auth.htpasswd";
         }
-
-        # Proxy
-        proxy_set_header Host $host;
-        proxy_set_header X-Real-IP $remote_addr;
-        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-        proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
-        proxy_pass http://backend;
-        proxy_read_timeout {{ .Env.PROXY_READ_TIMEOUT }};
-        proxy_send_timeout {{ .Env.PROXY_SEND_TIMEOUT }};
-        client_max_body_size {{ .Env.CLIENT_MAX_BODY_SIZE }};
-        proxy_request_buffering {{ .Env.PROXY_REQUEST_BUFFERING }};
-        proxy_buffering {{ .Env.PROXY_BUFFERING }};
+        include /etc/nginx/proxy.conf;
     }
 }
diff --git a/proxy.conf.tpl b/proxy.conf.tpl
@@ -0,0 +1,11 @@
+# Proxy
+proxy_set_header Host $host;
+proxy_set_header X-Real-IP $remote_addr;
+proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
+proxy_pass http://backend;
+proxy_read_timeout {{ .Env.PROXY_READ_TIMEOUT }};
+proxy_send_timeout {{ .Env.PROXY_SEND_TIMEOUT }};
+client_max_body_size {{ .Env.CLIENT_MAX_BODY_SIZE }};
+proxy_request_buffering {{ .Env.PROXY_REQUEST_BUFFERING }};
+proxy_buffering {{ .Env.PROXY_BUFFERING }};