search

pwncollege / dojo

Infrastructure powering the pwn.college dojo
https://pwn.college
BSD 2-Clause "Simplified" License
281 stars 89 forks source link

Nginx Resetting vhost.d/default @forward #355

Open ConnorNelson opened 6 months ago

ConnorNelson commented 6 months ago

I have seen this happen at least twice now, this time it happened as part of full restarting the infra (probably that triggered it last time too). Something is causing the location @forward block in nginx-proxy/etc/nginx/vhost.d/default to get deleted. We need this block for sensai forwarding to work.

The quick fix is:

$ git checkout nginx-proxy/etc/nginx/vhost.d/default
$ dojo compose restart nginx

Hopefully we can figure out something that makes that fix not-required. The nginx container automatically handles this block:

## Start of configuration add by letsencrypt container
location ^~ /.well-known/acme-challenge/ {
    auth_basic off;
    auth_request off;
    allow all;
    root /usr/share/nginx/html;
    try_files $uri =404;
    break;
}
## End of configuration add by letsencrypt container

Probably something is causing that logic to no longer play nice with pre-existing blocks.

zardus commented 6 months ago

Can we just mount it in read-only in the docker-compose?