Use `ps | grep` instead of `jobs | grep`

It appears that `jobs` won't track the nginx processes started from a
config reload, so let's use `ps` instead.  Also, set `reuseport` on all
listen interfaces in order to dodge kernels that don't like `nginx`
restarting quickly.
This commit is contained in:
Elliot Saba 2020-03-23 17:24:15 -07:00
parent 4486e47861
commit 4fa974585c
3 changed files with 4 additions and 4 deletions

View File

@ -8,7 +8,7 @@ EXPOSE 443
# Do this apt/pip stuff all in one RUN command to avoid creating large # Do this apt/pip stuff all in one RUN command to avoid creating large
# intermediate layers on non-squashable docker installs # intermediate layers on non-squashable docker installs
RUN apt update && \ RUN apt update && \
apt install -y python python-dev libffi6 libffi-dev libssl-dev curl build-essential && \ apt install -y python python-dev libffi6 libffi-dev libssl-dev curl build-essential procps && \
curl -L 'https://bootstrap.pypa.io/get-pip.py' | python && \ curl -L 'https://bootstrap.pypa.io/get-pip.py' | python && \
pip install -U cffi certbot && \ pip install -U cffi certbot && \
apt remove --purge -y python-dev build-essential libffi-dev libssl-dev curl && \ apt remove --purge -y python-dev build-essential libffi-dev libssl-dev curl && \

View File

@ -1,7 +1,7 @@
server { server {
# Listen on plain old HTTP # Listen on plain old HTTP
listen 80 default_server; listen 80 default_server reuseport;
listen [::]:80 default_server; listen [::]:80 default_server reuseport;
# Pass this particular URL off to certbot, to authenticate HTTPS certificates # Pass this particular URL off to certbot, to authenticate HTTPS certificates
location '/.well-known/acme-challenge' { location '/.well-known/acme-challenge' {

View File

@ -31,7 +31,7 @@ while [ true ]; do
# Make sure we do not run container empty (without nginx process). # Make sure we do not run container empty (without nginx process).
# If nginx quit for whatever reason then stop the container. # If nginx quit for whatever reason then stop the container.
# Leave the restart decision to the container orchestration. # Leave the restart decision to the container orchestration.
if ! jobs | grep --quiet nginx ; then if ! ps aux | grep --quiet nginx ; then
exit 1 exit 1
fi fi