Merge pull request #1574 from torreytsui/feature/allow-ui-to-run-from-non-privileged

Allow ui to run from non privileged

ui/Dockerfile

@@ -9,3 +9,4 @@ RUN npx parcel build src/index.html
 FROM nginx:alpine
 COPY --from=builder /opt/ui/dist /var/www
 COPY default.nginx.conf /etc/nginx/conf.d/
+COPY nginx.conf /etc/nginx/

ui/default.nginx.conf

@@ -31,6 +31,13 @@ gzip_types
     text/xml
     text/x-component
     text/x-cross-domain-policy;
+
+upstream model {
+    # Update to the cost model endpoint
+    # Example: host.docker.internal:9003;
+    server 0.0.0.0:9003;
+}
+
 server {
     server_name _;
     root /var/www;
@@ -51,7 +58,6 @@ server {
     add_header ETag "1.96.0";
     listen 9090;
     listen [::]:9090;
-    resolver kube-dns.kube-system.svc.cluster.local valid=5s;
     location /healthz {
         return 200 'OK';
     }
@@ -59,8 +65,7 @@ server {
         proxy_connect_timeout       180;
         proxy_send_timeout          180;
         proxy_read_timeout          180;
-        set $server http://opencost.opencost.svc.cluster.local.:9003;
-        proxy_pass $server;
+        proxy_pass http://model/;
         proxy_redirect off;
         proxy_http_version 1.1;
         proxy_set_header Connection "";

ui/nginx.conf

@@ -0,0 +1,36 @@
+worker_processes  auto;
+
+error_log  /var/log/nginx/error.log notice;
+pid        /tmp/nginx.pid;
+
+
+events {
+    worker_connections  1024;
+}
+
+
+http {
+    proxy_temp_path /tmp/proxy_temp;
+    client_body_temp_path /tmp/client_temp;
+    fastcgi_temp_path /tmp/fastcgi_temp;
+    uwsgi_temp_path /tmp/uwsgi_temp;
+    scgi_temp_path /tmp/scgi_temp;
+
+    include       /etc/nginx/mime.types;
+    default_type  application/octet-stream;
+
+    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+                      '$status $body_bytes_sent "$http_referer" '
+                      '"$http_user_agent" "$http_x_forwarded_for"';
+
+    access_log  /var/log/nginx/access.log  main;
+
+    sendfile        on;
+    #tcp_nopush     on;
+
+    keepalive_timeout  65;
+
+    #gzip  on;
+
+    include /etc/nginx/conf.d/*.conf;
+}