nwaf_update service and nginx

p-clemot

New member
Hi all,
Recent user of Nemesida, I integrated the free WAF into our existing reverse proxy, which is executed in a Docker container (nginx + jwilder/docker-gen + letsencrypt companion), by modifying the proxy docker image to add Nemesida WAF module.
I encounter a problem when executing the "nwaf_update" service: after downloading the rules, it stops the nginx service and restarts it to make it take the downloaded rules into account. But this behavior stops the container.
Is there a way to change the "nwaf_update" service to send a SIGHUP signal to nginx, rather than restarting the nginx service?
Thank you,
Pascal
 

support

Well-known member
Staff member
Hi all,
Recent user of Nemesida, I integrated the free WAF into our existing reverse proxy, which is executed in a Docker container (nginx + jwilder/docker-gen + letsencrypt companion), by modifying the proxy docker image to add Nemesida WAF module.
I encounter a problem when executing the "nwaf_update" service: after downloading the rules, it stops the nginx service and restarts it to make it take the downloaded rules into account. But this behavior stops the container.
Is there a way to change the "nwaf_update" service to send a SIGHUP signal to nginx, rather than restarting the nginx service?
Thank you,
Pascal
Hello, we don't have such problem at our docker images. You can look for an example. Your main process or last command in main process of docker image shouldn't be nginx.
 

p-clemot

New member
Hi,
Sorry for the late reply. I finally succeeded in getting the expected behaviour by changing the Dockerfile entrypoint with a custom script that calls /docker-entrypoint.sh with nginx -g 'daemon off;' in parameter, and then enter an infinite loop.
Regards
Pascal
 
  • Like
Reactions: rr
Top