1

The Problem

I'm creating a docker image which dynamically creates nginx config based on environment variables. I would like to minimise the number of environment variables required.

I have a config template file that looks something like this:

server {
...
  $ALLOW_DENY
...
}

And I'd like to configure the template like this

export ALLOW_DENY="allow 11.11.11.11; deny all;"
envsubst '\$ALLOW_DENY' < sites-available/site.template > sites-available/my-site

My problem is that I don't want to create multiple environment variables for each allow or deny statement (some configurations of this file might require none, where others might require 5 or 6) but I can't find a way to make envsubst accept newline characters, and I'm not sure if multiple nginx commands are allowed on a single line.

For reference, I'm going to be loading all my environment variables using aws ssm and I don't think it accepts multi-line environment variables like this:

export $ALLOW_DENY="  allow 11.11.11.11;
  deny all;"

tl;dr

Is this valid?

server {
...
  allow 11.11.11.11; deny all;
...
}
Max Colledge
  • 131
  • 4
  • 1
    You could have tested whether that worked in less time than it took you to write this question. – womble Aug 08 '19 at 22:57

1 Answers1

4

Yes. Though I highly recommend making liberal use of whitespaces, line breaks and include statements to increase readability - ultimately its up to you to skip line breaks where convenient - nginx only treats line breaks special to be able to point out the line where configuration parser errors occurred.

nginx configuration files are nothing more than semicolon-separated directives in curly-brace-delimited blocks - line breaks are irrelevant other than being parsed similar to spaces and tabs:

A simple directive consists of the name and parameters separated by spaces and ends with a semicolon (;). A block directive has the same structure as a simple directive, but instead of the semicolon it ends with a set of additional instructions surrounded by braces ({ and }).

The only reason you do not want to too much of your configuration in a single line is readability - and comments are only possible on a line basis:

The rest of a line after the # sign is considered a comment.

Nginx Beginner’s Guide

anx
  • 8,963
  • 5
  • 24
  • 48