Because of the way if statements work in nginx (no nesting, no multiple conditions) I can't figure out a way to combine these two features:
- Using the nginx Geo module I have a list of allowed ips
- On my filesystem if I
touch appnamein a certain dir the application automatically goes into 503 maintenance mode.
This is what I would like to do, but it's not allowed in nginx:
location / {
if (-f /var/www/maintmode/appname && $allowed_ip = no) {
return 503;
}
try_files $uri;
}
If the above was possible in nginx, anyone on the allowed_ip list from the Geo module would bypass the 503 and get to use the site as normal. Then when verified the application is working rm appname from the maint dir and 503 maintenance mode ends.
The benefit of this method would be touching a single file enables/disables maint mode without ever having to modify a conf and reloading nginx.
Any ideas on how I can get something like this to work?
If you already are using geo you should have something like this:
So instead of using
/var/www/maintmode/appnameyou could use:If file
/var/www/maintmode/not_allowedexists the page goes into maintenance mode except for the ip addresses in the allowed list.So thanks to the tip from HD here is how I went about solving this one:
Took advantage of this fact form the Geo docs: When default is not specified, the default value will be an empty string.
so I can still
touch app1in the maint dir to shut down a specific app, because if we have a valid IP$maintmode = app1allowed, which will skip past the 503. All other IPs will have$maintmode = app1which will fall into the 503. Thanks HD!