11#! /bin/sh
22
33# Set default values for optional configuration
4- MTLS_VERIFY_CERT=${MTLS_VERIFY_CERT:- " off"
4+ if [ -z " $MTLS_VERIFY_CERT " ; then
5+ if [ -z " $MTLS_CA_CERT_PATH " ; then
6+ MTLS_VERIFY_CERT=" off"
7+ else
8+ MTLS_VERIFY_CERT=" on"
9+ fi
10+ fi
511
612# Generate conditional configuration strings
713MTLS_CA_CONFIG=" "
814MTLS_VERIFY_CONFIG=" "
915MTLS_CERTIFICATES=" "
16+ HOST_HEADER_CONFIG=" "
1017
1118if [ -z " $PROXY_TARGET " ; then
1219 echo " [ERROR] PROXY_TARGET is a required env variable" >&2
1320 exit 1
1421fi
1522
23+ if [ -z " $PROXY_HOST_HEADER " ; then
24+ PROXY_HOST_HEADER=' $host'
25+ else
26+ echo " [INFO] Configuring Host override for ${PROXY_HOST_HEADER} "
27+ fi
28+
29+ HOST_HEADER_CONFIG=" proxy_set_header Host ${PROXY_HOST_HEADER} ;"
30+
1631# Only add CA certificate configuration if MTLS_CA_CERT_PATH is set and file exists
1732if [ -n " $MTLS_CA_CERT_PATH " && [ -f " $MTLS_CA_CERT_PATH " ; then
1833 echo " [INFO] Using CA certificate: $MTLS_CA_CERT_PATH "
@@ -22,6 +37,9 @@ if [ -n "$MTLS_CA_CERT_PATH" ] && [ -f "$MTLS_CA_CERT_PATH" ]; then
2237 if [ " $MTLS_VERIFY_CERT " != " off" ; then
2338 echo " [INFO] Enabling certificate verification: $MTLS_VERIFY_CERT "
2439 MTLS_VERIFY_CONFIG=" proxy_ssl_verify $MTLS_VERIFY_CERT ;"
40+ if [ -n " $MTLS_VERIFY_DEPTH " ; then
41+ MTLS_VERIFY_CONFIG=" $MTLS_VERIFY_CONFIG \nproxy_ssl_verify_depth $MTLS_VERIFY_DEPTH ;"
42+ fi
2543 fi
2644else
2745 echo " [WARNING] No CA certificate configured or file not found. SSL verification disabled."
4159export MTLS_CA_CONFIG
4260export MTLS_VERIFY_CONFIG
4361export MTLS_CERTIFICATES
62+ export HOST_HEADER_CONFIG
4463
4564# Start nginx with the original Docker entrypoint
4665exec /docker-entrypoint.sh " $@ "
0 commit comments