From 9d2b017bf389059aaa33ec38f827aabac7e4c1a9 Mon Sep 17 00:00:00 2001
From: Arpit Mohan <mohanarpit@users.noreply.github.com>
Date: Fri, 16 Oct 2020 10:00:33 +0530
Subject: [PATCH] Making the nginx root configuration also configurable. (#694)

This is required for enabling custom logging. In future, we can leverage this for proxy caching as well.

Not adding this nginx-root.conf.template file to the installation script because there's nothing for the user to configure there during installation. This file will be baked into the Dockerfile and only the environment variables will be replaced during container start.
---
 app/client/.gitignore                         |  1 +
 app/client/Dockerfile                         |  2 +
 app/client/cypress/setup-test.sh              |  2 +
 app/client/docker/start-nginx.sh              |  3 ++
 .../docker/templates/nginx-root.conf.template | 41 +++++++++++++++++++
 app/client/start-https.sh                     |  6 ++-
 6 files changed, 53 insertions(+), 2 deletions(-)
 create mode 100644 app/client/docker/templates/nginx-root.conf.template

diff --git a/app/client/.gitignore b/app/client/.gitignore
index 76ef548c17..017b00ad03 100755
--- a/app/client/.gitignore
+++ b/app/client/.gitignore
@@ -34,6 +34,7 @@ results/
 
 /docker/*.pem
 /docker/nginx.conf
+/docker/nginx-root.conf
 
 storybook-static/*
 build-storybook.log
diff --git a/app/client/Dockerfile b/app/client/Dockerfile
index d273e15762..ad7ac70c36 100644
--- a/app/client/Dockerfile
+++ b/app/client/Dockerfile
@@ -6,5 +6,7 @@ EXPOSE 80
 # This is the default nginx template file inside the container. 
 # This is replaced by the install.sh script during a deployment
 COPY ./docker/templates/nginx-linux.conf.template /nginx.conf.template
+COPY ./docker/templates/nginx-root.conf.template /nginx-root.conf.template
+# This is the script that is used to start Nginx when the Docker container starts
 COPY ./docker/start-nginx.sh /start-nginx.sh
 CMD ["/start-nginx.sh"]
diff --git a/app/client/cypress/setup-test.sh b/app/client/cypress/setup-test.sh
index 198ed4f884..1578ed748b 100755
--- a/app/client/cypress/setup-test.sh
+++ b/app/client/cypress/setup-test.sh
@@ -11,6 +11,7 @@ serve -s build -p 3000 &
 # Substitute all the env variables in nginx
 vars_to_substitute=$(printf '\$%s,' $(env | grep -o "^APPSMITH_[A-Z0-9_]\+" | xargs))
 cat ./docker/templates/nginx-linux.conf.template | envsubst ${vars_to_substitute} | sed -e 's|\${\(APPSMITH_[A-Z0-9_]*\)}||g' > ./docker/nginx.conf
+cat ./docker/templates/nginx-root.conf.template | envsubst ${vars_to_substitute} | sed -e 's|\${\(APPSMITH_[A-Z0-9_]*\)}||g' > ./docker/nginx-root.conf
 
 # Create the SSL files for Nginx. Required for service workers to work properly.
 touch ./docker/dev.appsmith.com.pem ./docker/dev.appsmith.com-key.pem
@@ -21,6 +22,7 @@ echo "Going to run the nginx server"
 sudo docker pull nginx:latest
 
 sudo docker run --network host --name wildcard-nginx -d -p 80:80 -p 443:443 \
+	-v `pwd`/docker/nginx-root.conf:/etc/nginx/nginx.conf \
     -v `pwd`/docker/nginx.conf:/etc/nginx/conf.d/app.conf \
     -v `pwd`/docker/dev.appsmith.com.pem:/etc/certificate/dev.appsmith.com.pem \
     -v `pwd`/docker/dev.appsmith.com-key.pem:/etc/certificate/dev.appsmith.com-key.pem \
diff --git a/app/client/docker/start-nginx.sh b/app/client/docker/start-nginx.sh
index b11c25ef5d..17e69a3dac 100755
--- a/app/client/docker/start-nginx.sh
+++ b/app/client/docker/start-nginx.sh
@@ -1,4 +1,7 @@
 #!/bin/sh
+# This script is baked into the appsmith-editor Dockerfile and is used to boot Nginx when the Docker container starts
+# Refer: /app/client/Dockerfile
 set -ue
 cat /nginx.conf.template | envsubst "$(printf '$%s,' $(env | grep -Eo '^APPSMITH_[A-Z0-9_]+'))" | sed -e 's|\${\(APPSMITH_[A-Z0-9_]*\)}||g' > /etc/nginx/conf.d/default.conf
+cat /nginx-root.conf.template | envsubst "$(printf '$%s,' $(env | grep -Eo '^APPSMITH_[A-Z0-9_]+'))" | sed -e 's|\${\(APPSMITH_[A-Z0-9_]*\)}||g' > /etc/nginx/nginx.conf
 exec nginx -g 'daemon off;'
diff --git a/app/client/docker/templates/nginx-root.conf.template b/app/client/docker/templates/nginx-root.conf.template
new file mode 100644
index 0000000000..23637571ee
--- /dev/null
+++ b/app/client/docker/templates/nginx-root.conf.template
@@ -0,0 +1,41 @@
+user  nginx;
+worker_processes  1;
+
+error_log  /var/log/nginx/error.log warn;
+pid        /var/run/nginx.pid;
+
+events {
+    worker_connections  1024;
+}
+
+
+http {
+    include       /etc/nginx/mime.types;
+    default_type  application/octet-stream;
+
+    log_format main '"$time_local" client=$remote_addr '
+               'method=$request_method request="$request" '
+               'request_length=$request_length '
+               'status=$status bytes_sent=$bytes_sent '
+               'body_bytes_sent=$body_bytes_sent '
+               'referer=$http_referer '
+               'http_x_forwarded_for=$http_x_forwarded_for '
+               'user_agent="$http_user_agent" '
+               'upstream_addr=$upstream_addr '
+               'upstream_status=$upstream_status '
+               'request_time=$request_time '
+               'upstream_response_time=$upstream_response_time '
+               'upstream_connect_time=$upstream_connect_time '
+               'upstream_header_time=$upstream_header_time';
+
+    access_log  /var/log/nginx/access.log  main;
+
+    sendfile        on;
+    #tcp_nopush     on;
+
+    keepalive_timeout  65;
+
+    #gzip  on;
+
+    include /etc/nginx/conf.d/*.conf;
+}
diff --git a/app/client/start-https.sh b/app/client/start-https.sh
index 3f150122e0..f28eaacc63 100755
--- a/app/client/start-https.sh
+++ b/app/client/start-https.sh
@@ -51,7 +51,8 @@ case "${unameOut}" in
     Starting nginx for Linux...
     "
                 cat ./docker/templates/nginx-linux.conf.template | envsubst ${vars_to_substitute} | sed -e 's|\${\(APPSMITH_[A-Z0-9_]*\)}||g' > ./docker/nginx.conf  &&
-                sudo docker run --network host --name wildcard-nginx -d -p 80:80 -p 443:443 -v `pwd`/docker/nginx.conf:/etc/nginx/conf.d/app.conf -v `pwd`/docker/_wildcard.appsmith.com.pem:/etc/certificate/dev.appsmith.com.pem -v `pwd`/docker/_wildcard.appsmith.com-key.pem:/etc/certificate/dev.appsmith.com-key.pem nginx:latest \
+                cat ./docker/templates/nginx-root.conf.template | envsubst ${vars_to_substitute} | sed -e 's|\${\(APPSMITH_[A-Z0-9_]*\)}||g' > ./docker/nginx-root.conf  &&
+                sudo docker run --network host --name wildcard-nginx -d -p 80:80 -p 443:443 -v `pwd`/docker/nginx-root.conf:/etc/nginx/nginx.conf -v `pwd`/docker/nginx.conf:/etc/nginx/conf.d/app.conf -v `pwd`/docker/_wildcard.appsmith.com.pem:/etc/certificate/dev.appsmith.com.pem -v `pwd`/docker/_wildcard.appsmith.com-key.pem:/etc/certificate/dev.appsmith.com-key.pem nginx:latest \
                 && echo "
     nginx is listening on port 443 and forwarding to port 3000
     visit https://dev.appsmith.com
@@ -62,7 +63,8 @@ case "${unameOut}" in
     Starting nginx for MacOS...
     "
                 cat ./docker/templates/nginx-mac.conf.template | envsubst ${vars_to_substitute} | sed -e 's|\${\(APPSMITH_[A-Z0-9_]*\)}||g' > ./docker/nginx.conf  &&
-                docker run --name wildcard-nginx -d -p 80:80 -p 443:443 -v `pwd`/docker/nginx.conf:/etc/nginx/conf.d/app.conf -v `pwd`/docker/_wildcard.appsmith.com.pem:/etc/certificate/dev.appsmith.com.pem -v `pwd`/docker/_wildcard.appsmith.com-key.pem:/etc/certificate/dev.appsmith.com-key.pem nginx:latest \
+                cat ./docker/templates/nginx-root.conf.template | envsubst ${vars_to_substitute} | sed -e 's|\${\(APPSMITH_[A-Z0-9_]*\)}||g' > ./docker/nginx-root.conf  &&
+                docker run --name wildcard-nginx -d -p 80:80 -p 443:443 -v `pwd`/docker/nginx-root.conf:/etc/nginx/nginx.conf -v `pwd`/docker/nginx.conf:/etc/nginx/conf.d/app.conf -v `pwd`/docker/_wildcard.appsmith.com.pem:/etc/certificate/dev.appsmith.com.pem -v `pwd`/docker/_wildcard.appsmith.com-key.pem:/etc/certificate/dev.appsmith.com-key.pem nginx:latest \
                 && echo "
     nginx is listening on port 443 and forwarding to port 3000
     visit https://dev.appsmith.com