Using variables on configuration (map?) for regex


#1

Hi

I’m trying to /clean/ up a config file and I’m having a headache trying
to do it.

Consider the following scenario:

  • Users from group gfoo must be allowed to GET URL foo, while adminfoo
    must be able to POST
  • Users from group gbar must be allowed to GET URL bar, while adminbar
    must be able to POST
  • …and so on for ~50 groups.

The configuration at this moment is similar to:

server {
     listen 80;
     server_name foo.domain.com;
     location ~ /content/foo {
         if ($denied_foo) {
             return 403 "Forbidden";
         }
         ...
     }
     location ~ /page/bar/action...and ~10 locations more per 

server…
}
server {
listen 80;
server_name bar.domain.com;
location ~ /content/bar {
if ($denied_bar) {
return 403 “Forbidden”;
}

}
location ~ /page/bar/action…and ~10 locations more per
server…
}
…~200 whatever.domain.com servers more
map $request_method:$request_uri:$http_groups $denied_foo {
default 1;
~^GET:/content/foo:gfoo 0;
~^POST:/content/foo:adminfoo 0;
}
map $request_method:$request_uri:$http_groups $denied_bar {
default 1;
~^GET:/content/bar:gbat 0;
~^POST:/content/bar:adminbar 0;
}
…lots of map directives

I’ll like to be able to simplify it doing something like:

     server_name (?<myvar>.*)\.domain\.com;
...
map $request_method:$request_uri:$http_groups $denied {
     default 1;
     ~^GET:/content/$myvar:g$myvar 0;
     ~^POST:/content/$myvar:admin$myvar 0;
}

I have even tried using an auxiliary map this way:

map $servername $myvar {
~^(?<v>.*)\.domain\.com $v;
}

map $request_method:$request_uri:$http_groups $denied {
     default 1;
     ~^GET:/content/$myvar:g$myvar 0;
     ~^POST:/content/$myvar:admin$myvar 0;
}

But I haven’t succeeded so far. Could you help me?

Having ~200 configuration files doesn’t seem a good option, so omit
“on-build config with script parameters”

Thanks in advance,

Regards.