add HEALTHCHECK to Dockerfile and append 10.0.0.0/8 to DNSBL whitelist

2021-06-14 20:54:36 +02:00 · 2021-06-14 20:54:36 +02:00 · 3c721dc2a0
parent 491d879fec
commit 3c721dc2a0
3 changed files with 6 additions and 3 deletions
--- a/2
+++ b/2
@ -35,4 +35,6 @@ EXPOSE 8080/tcp 8443/tcp

 USER nginx:nginx

+HEALTHCHECK --interval=30s --timeout=10s --start-period=120s --retries=3 CMD [ -f /tmp/nginx.pid ] || exit 1
+
 ENTRYPOINT ["/opt/entrypoint/entrypoint.sh"]
--- a/autoconf/AutoConf.py
+++ b/autoconf/AutoConf.py
@ -102,6 +102,7 @@ class AutoConf :
 						del self.__instances[id]
 				else :
 					utils.log("[!] Initial config failed")
+			# TODO : wait while unhealthy if not swarm
 			utils.log("[*] bunkerized-nginx instance created : " + name + " / " + id)

 		elif event == "start" :
--- a/lua/dnsbl.lua
+++ b/lua/dnsbl.lua
@ -1,5 +1,5 @@
-local M			= {}
-local dns		= require "dns"
+local M		= {}
+local dns	= require "dns"
 local logger	= require "logger"
 local iputils	= require "resty.iputils"

@ -12,7 +12,7 @@ function M.cached ()
 end

 function M.check (dnsbls, resolvers)
-	local local_ips = iputils.parse_cidrs({"127.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16"})
+	local local_ips = iputils.parse_cidrs({"127.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16", "10.0.0.0/8"})
 	if iputils.ip_in_cidrs(ngx.var.remote_addr, local_ips) then
 		ngx.shared.dnsbl_cache:set(ngx.var.remote_addr, "ok", 86400)
 		return false