Enable http using an environment variable

Change-Id: I29bfb49e6538dbad87e5a030b42ba03c45545150 Issue-ID: NONRTRIC-232 Signed-off-by: RehanRaza <muhammad.rehan.raza@est.tech>

Enable http using an environment variable
d728781c · RehanRaza · af8d73d8 · d728781c · d728781c · d728781c
Commit d728781c authored 5 years ago by RehanRaza
--- a/near-rt-ric-simulator/Dockerfile
+++ b/near-rt-ric-simulator/Dockerfile
@@ -24,6 +24,7 @@ RUN pip install connexion[swagger-ui]
 #install nginx
 RUN apt-get update
 RUN apt-get install -y nginx=1.14.*
+RUN apt-get install -y nginx-extras
 #install curl
 RUN apt-get install -y curl

--- a/near-rt-ric-simulator/README.md
+++ b/near-rt-ric-simulator/README.md
@@ -154,7 +154,12 @@ file "pass" stores the password when you run the shell script
 Start the a1-interface container without specifing external certificates:
 'docker run -it -p 8085:8085 -p 8185:8185 -e A1\_VERSION=STD\_1.1.3 -e REMOTE_HOSTS_LOGGING=1 a1test'
-It will listen to http 8085 port and https 8185 port(using default certificates) at the same time.
+It will listen to https 8185 port(using default certificates) by default.
+Http can be enabled on port 8085 using an environment variable "ALLOW_HTTP".
+If this environment variable is left out or set to false, the nginx server will send
+"444 Connection Closed Without Response" when making a call using http.
+Example command to enable http:
+'docker run -it -p 8085:8085 -p 8185:8185 -e A1\_VERSION=OSC\_2.1.0 -e ALLOW_HTTP=true a1test'
 This certificates/key can be overriden by mounting a volume when using "docker run" or "docker-compose"
 In 'docker run', use field:
@@ -163,7 +168,7 @@ In 'docker-compose.yml', use field:
 volumes:
      - ./certificate:/usr/src/app/cert:ro
-In docker run the full command could look like this:<br> 'docker run -it -p 8085:8085 -p 8185:8185 -e A1\_VERSION=STD\_1.1.3 -e REMOTE_HOSTS_LOGGING=1 --volume /PATH_TO_CERT_DIR/certificate:/usr/src/app/cert a1test'
+In docker run the full command could look like this:<br> 'docker run -it -p 8085:8085 -p 8185:8185 -e A1\_VERSION=STD\_1.1.3 -e ALLOW_HTTP=true -e REMOTE_HOSTS_LOGGING=1 --volume /PATH_TO_CERT_DIR/certificate:/usr/src/app/cert a1test'
 http port 8085 and https port 8185
 The variable for A1 version is set with the '-e' flag.
 With logging of remote host enabled "-e REMOTE_HOSTS_LOGGING=1 "

--- a/near-rt-ric-simulator/nginx.conf
+++ b/near-rt-ric-simulator/nginx.conf
@@ -3,6 +3,8 @@ worker_processes auto;
 pid /run/nginx.pid;
 include /etc/nginx/modules-enabled/*.conf;
+env ALLOW_HTTP;
 events {
    worker_connections 768;
    # multi_accept on;
@@ -27,9 +29,26 @@ http {
    include /etc/nginx/mime.types;
    default_type application/octet-stream;
+    perl_set $allow_http 'sub { return $ENV{"ALLOW_HTTP"}; }';
    server { # simple reverse-proxy
-        listen      8085;
+	listen      8085;
        listen      [::]:8085;
+        server_name  localhost;
+	if ($allow_http != true) {
+	    return 444;
+	}
+	# serve dynamic requests
+        location / {
+            proxy_set_header   Host                 $host;
+            proxy_set_header   X-Real-IP            $remote_addr;
+            proxy_set_header   X-Forwarded-For      $proxy_add_x_forwarded_for;
+            proxy_pass      http://localhost:2222;
+        }
+    }
+    server { # simple reverse-proxy
        listen      8185 ssl;
        listen      [::]:8185 ssl;
        server_name  localhost;
@@ -37,7 +56,6 @@ http {
        ssl_certificate_key /usr/src/app/cert/key.crt;
        ssl_password_file   /usr/src/app/cert/pass;
        # serve dynamic requests
        location / {
            proxy_set_header   Host                 $host;