From 1efd9f8b94a5696f6110ed198d9a4e9d2e6a7e3e Mon Sep 17 00:00:00 2001 From: Riddhesh Sanghvi Date: Tue, 30 Jun 2026 17:18:16 +0530 Subject: [PATCH] fix(proxy): only reload nginx-proxy when its config test passes --- src/helper/site-utils.php | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/src/helper/site-utils.php b/src/helper/site-utils.php index 087a4b71..d7afe955 100644 --- a/src/helper/site-utils.php +++ b/src/helper/site-utils.php @@ -555,11 +555,18 @@ function configure_postfix( $site_url, $site_fs_path ) { */ function reload_global_nginx_proxy() { - if ( \EE::launch( sprintf( 'docker exec %s sh -c "nginx -t"', EE_PROXY_TYPE ) ) ) { - return \EE::launch( sprintf( 'docker exec %s sh -c "/app/docker-entrypoint.sh /usr/local/bin/docker-gen /app/nginx.tmpl /etc/nginx/conf.d/default.conf; /usr/sbin/nginx -s reload"', EE_PROXY_TYPE ) ); + // Regenerate default.conf first so `nginx -t` validates the config that will actually be served. + \EE::launch( sprintf( 'docker exec %s sh -c "/app/docker-entrypoint.sh /usr/local/bin/docker-gen /app/nginx.tmpl /etc/nginx/conf.d/default.conf"', EE_PROXY_TYPE ) ); + + // `EE::launch()` returns a ProcessRun object (truthy), so gate on the exit code to avoid reloading a broken config. + $test = \EE::launch( sprintf( 'docker exec %s sh -c "nginx -t"', EE_PROXY_TYPE ) ); + if ( 0 !== $test->return_code ) { + \EE::warning( 'nginx config test failed, skipping reload of ' . EE_PROXY_TYPE . ":\n" . $test->stderr ); + + return false; } - return false; + return \EE::launch( sprintf( 'docker exec %s sh -c "/usr/sbin/nginx -s reload"', EE_PROXY_TYPE ) ); } /**