add HEALTHCHECK to Dockerfile and append 10.0.0.0/8 to DNSBL whitelist
This commit is contained in:
parent
491d879fec
commit
3c721dc2a0
|
@ -35,4 +35,6 @@ EXPOSE 8080/tcp 8443/tcp
|
|||
|
||||
USER nginx:nginx
|
||||
|
||||
HEALTHCHECK --interval=30s --timeout=10s --start-period=120s --retries=3 CMD [ -f /tmp/nginx.pid ] || exit 1
|
||||
|
||||
ENTRYPOINT ["/opt/entrypoint/entrypoint.sh"]
|
||||
|
|
|
@ -102,6 +102,7 @@ class AutoConf :
|
|||
del self.__instances[id]
|
||||
else :
|
||||
utils.log("[!] Initial config failed")
|
||||
# TODO : wait while unhealthy if not swarm
|
||||
utils.log("[*] bunkerized-nginx instance created : " + name + " / " + id)
|
||||
|
||||
elif event == "start" :
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
local M = {}
|
||||
local dns = require "dns"
|
||||
local M = {}
|
||||
local dns = require "dns"
|
||||
local logger = require "logger"
|
||||
local iputils = require "resty.iputils"
|
||||
|
||||
|
@ -12,7 +12,7 @@ function M.cached ()
|
|||
end
|
||||
|
||||
function M.check (dnsbls, resolvers)
|
||||
local local_ips = iputils.parse_cidrs({"127.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16"})
|
||||
local local_ips = iputils.parse_cidrs({"127.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16", "10.0.0.0/8"})
|
||||
if iputils.ip_in_cidrs(ngx.var.remote_addr, local_ips) then
|
||||
ngx.shared.dnsbl_cache:set(ngx.var.remote_addr, "ok", 86400)
|
||||
return false
|
||||
|
|
Loading…
Reference in New Issue