nsgate handle 404 for https

deploy/docker/build/nsgate/nginx.conf

@@ -26,26 +26,5 @@ http {
     error_log                       /dev/stderr ;
     server_names_hash_bucket_size   128;
 
-    server {
-        server_name _;
-        root        /www/404;
-        expires     1M;
-
-        error_page 404 /404.html;
-
-        location / {
-            add_header  X-ReactiveTraderCloud-Proxy-NsGate-Config   '404';
-            add_header  X-ReactiveTraderCloud-Proxy-NsGate-Version  "__NSGATE_VERSION__";
-
-            index   index.html;
-            rewrite ^/(.*)/$ /$1 permanent;
-            try_files "${uri}.html" $uri $uri/ =404;
-        }
-
-        location = /404.html {
-            internal;
-        }
-    }
-
     include /servers/*;
 }

deploy/docker/build/nsgate/template.writeFunctions.sh

@@ -16,39 +16,62 @@ createProxyConfiguration() {
     port_number=$3
     namespace=$4
 
-    nginx_conf_file="/servers/server.$port_name.$namespace"
     mkdir -p /servers
 
     # Write file
     file_content="server {\n"
     file_content+="    server_name             ${port_name}-${namespace}.*;\n"
-    file_content+="    listen                  ${port_number};\n"
-    file_content+="\n"
     if [[ "$port_number" == "80" ]]
     then
+    file_content+="    listen                  80;\n"
     file_content+="    listen                  443 ssl;\n"
     file_content+="    ssl_certificate         ${CERTIFICATE};\n"
     file_content+="    ssl_certificate_key     ${CERTIFICATE_KEY};\n"
-    file_content+="\n"
+    else
+    file_content+="    listen                  ${port_number};\n"
     fi
-
     file_content+="    location / {\n"
     file_content+="        # Miscalneous\n"
     file_content+="        add_header          X-ReactiveTraderCloud-Proxy-NsGate-Version  \"${NSGATE_VERSION}\";\n"
-    file_content+="\n"
     file_content+="        # Proxy\n"
     file_content+="        proxy_set_header    Host                \$host;\n"
     file_content+="        proxy_set_header    X-Real-IP           \$remote_addr;\n"
     file_content+="        proxy_set_header    X-Forwarded-Proto   \$scheme;\n"
     file_content+="        proxy_set_header    X-Forwarded-For     \$proxy_add_x_forwarded_for;\n"
     file_content+="        proxy_pass          http://${service}.${namespace}:${port_number};\n"
-    file_content+="\n"
     file_content+="        # ws\n"
     file_content+="        proxy_http_version  1.1;\n"
     file_content+="        proxy_set_header    Upgrade     \$http_upgrade;\n"
     file_content+="        proxy_set_header    Connection  \"upgrade\";\n"
     file_content+="    }\n"
     file_content+="}\n"
+    echo -e ${file_content} > "/servers/server.$port_name.$namespace"
 
-    echo -e ${file_content} > $nginx_conf_file
+    # 404
+    file_content="server {\n"
+    file_content+="    server_name _;\n"
+    if [[ "$port_number" == "80" ]]
+    then
+    file_content+="    listen                  80 default_server;\n"
+    file_content+="    listen                  443 ssl default_server;\n"
+    file_content+="    ssl_certificate         ${CERTIFICATE};\n"
+    file_content+="    ssl_certificate_key     ${CERTIFICATE_KEY};\n"
+    else
+    file_content+="    listen      $port_number default_server;\n"
+    fi
+    file_content+="    root        /www/404;\n"
+    file_content+="    expires     1M;\n"
+    file_content+="    error_page  404 /404.html;\n"
+    file_content+="    location / {\n"
+    file_content+="        add_header  X-ReactiveTraderCloud-Proxy-NsGate-Config   '404';\n"
+    file_content+="        add_header  X-ReactiveTraderCloud-Proxy-NsGate-Version  \"__NSGATE_VERSION__\";\n"
+    file_content+="        index   index.html;\n"
+    file_content+="        rewrite ^/(.*)/$ /\$1 permanent;\n"
+    file_content+="        try_files \"\${uri}.html\" \$uri \$uri/ =404;\n"
+    file_content+="    }\n"
+    file_content+="    location = /404.html {\n"
+    file_content+="        internal;\n"
+    file_content+="    }\n"
+    file_content+="}\n"
+    echo -e ${file_content} > "/servers/server.$port_number"
 }

docs/deployment/nsgate.md

@@ -15,7 +15,7 @@ The **Kubernetes ingress** are load balancer level 7, but these one didn't exist
 The **Kubernetes service** resource is a load balancers level 4. So we did have to implement a small program named **nsgate** based on **nginx** that do the load balancers level 7 for us without the ingress limitations.
 
 ## High level
-**nsgate** means **namespace-gate**. It concist of 2 containers running behind a **Kubernetes service** with one static external ip. We have created a domain for the cluster **adaptivecluster.com** and we redirect all subdomains **wildcard.adaptivecluster.com** to this static ip in order that every connection goes through **nsgate**. **nsgate** is a nginx service that will read the subdomain to dynamicly choose the backend to proxy the connection to.
+**nsgate** means **namespace-gate**. It concists of 2 containers running behind a **Kubernetes service** with one static external ip. We have created a domain for the cluster **adaptivecluster.com** and we redirect all subdomains **wildcard.adaptivecluster.com** to this static ip in order that every connection goes through **nsgate**. **nsgate** is a nginx service that will read the subdomain to dynamicly choose the backend to proxy the connection to.
 
 ## Mechanism
 ### Configuration
@@ -35,3 +35,9 @@ The issue is only present with https. **http://foo-bar.adaptivecluster.com** is
 
 [service-official-doc]: https://Kubernetes.io/docs/concepts/services-networking/service/
 [ingress-official-doc]: https://Kubernetes.io/docs/concepts/services-networking/ingress/
+
+## Update
+- update the code as expected (/deploy/docker/nsgate)
+- choose the build number by looking latest nsgate built
+- `./deploy/docker/helpers/listAllTags.sh weareadaptive/nsgate`
+- `./deploy/debug/build-and-update-nsgate.sh build`