pub/elevenlabs.io
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
db610976a051fe602d328781ea07425b4184ee26
elevenlabs.io/docker-entrypoint.sh
Vassiliy Yegorov db610976a0 init
2026-03-21 10:47:11 +07:00

57 lines
1.5 KiB
Bash
Executable File
Raw Blame History

#!/bin/sh
# proxy-vm/docker-entrypoint.sh
# Generates nginx config fragments from environment variables at container start.
set -e
CONF_DIR="/etc/nginx/conf.d"
mkdir -p "${CONF_DIR}"
# --- 1. Generate IP allowlist (geo block) ---
ALLOWLIST_FILE="${CONF_DIR}/allowlist.conf"
if [ -z "${ALLOWED_CIDR}" ]; then
# Dev mode: allow all IPs
cat > "${ALLOWLIST_FILE}" <<'GEO'
geo $allowed_ip {
default 1;
}
GEO
echo "[entrypoint] ALLOWED_CIDR is empty — allowing all IPs (dev mode)"
else
# Build geo block from comma-separated CIDRs
{
echo 'geo $allowed_ip {'
echo ' default 0;'
echo "${ALLOWED_CIDR}" | tr ',' '\n' | while read -r cidr; do
cidr=$(echo "${cidr}" | xargs) # trim whitespace
[ -n "${cidr}" ] && echo " ${cidr} 1;"
done
echo '}'
} > "${ALLOWLIST_FILE}"
echo "[entrypoint] IP allowlist configured: ${ALLOWED_CIDR}"
fi
# --- 2. Generate token auth (map block) ---
AUTH_FILE="${CONF_DIR}/auth.conf"
if [ -z "${PROXY_SECRET}" ]; then
echo "[entrypoint] WARNING: PROXY_SECRET is not set — all requests will be rejected!"
cat > "${AUTH_FILE}" <<'MAP'
map $http_x_proxy_token $auth_ok {
default 0;
}
MAP
else
cat > "${AUTH_FILE}" <<MAP
map \$http_x_proxy_token \$auth_ok {
default 0;
"${PROXY_SECRET}" 1;
}
MAP
echo "[entrypoint] Token auth configured"
fi
# --- 3. Start nginx ---
echo "[entrypoint] Starting nginx..."
exec nginx -g 'daemon off;'
Reference in New Issue View Git Blame Copy Permalink