From fb8d6e5cad49b3bcb0e6d6f61ebca35ec8d67c91 Mon Sep 17 00:00:00 2001
From: Jesse Awan <jesse.awan@sap.com>
Date: Wed, 10 Dec 2025 22:02:03 +0100
Subject: [PATCH 1/2] Add IPv6 support to default.conf.template for OSS/Plus
 images

The OSS and Plus base images were missing IPv6 support.
The nginx base image's IPv6 enabler script modifies /etc/nginx/conf.d/default.conf,
but the template processing (which runs after) overwrites this file,
removing the IPv6 listen directive.

This fix adds both IPv4 and IPv6 listen directives directly to the
source template, ensuring they are present in the final configuration
for OSS and Plus image variants.

Fixes #453

Signed-off-by: Jesse Awan <jesse.awan@sap.com>
---
 common/etc/nginx/templates/default.conf.template | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/common/etc/nginx/templates/default.conf.template b/common/etc/nginx/templates/default.conf.template
index 19c13cc9..4b65aa64 100644
--- a/common/etc/nginx/templates/default.conf.template
+++ b/common/etc/nginx/templates/default.conf.template
@@ -32,6 +32,8 @@ js_set $awsSessionToken awscredentials.sessionToken;
 js_set $s3uri s3gateway.s3uri;
 
 server {
+    listen       80;
+    listen       [::]:80;
     include /etc/nginx/conf.d/gateway/server_variables.conf;
 
     # Don't display the NGINX version number because we don't want to reveal

From 443ead30feecc9100ec7fa9ff3344fc4eba12f65 Mon Sep 17 00:00:00 2001
From: Jesse Awan <jesse.awan@sap.com>
Date: Wed, 10 Dec 2025 22:02:14 +0100
Subject: [PATCH 2/2] Add IPv6 support to unprivileged Docker image

The unprivileged image needs to replace port 80 with port 8080
(since unprivileged users cannot bind to port 80).

This fix modifies the sed commands to replace the port 80 listen
directives (both IPv4 and IPv6) with port 8080 equivalents,
ensuring dual-stack support without privilege issues.

Fixes #339

Signed-off-by: Jesse Awan <jesse.awan@sap.com>
---
 Dockerfile.unprivileged | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/Dockerfile.unprivileged b/Dockerfile.unprivileged
index 87ffcce2..d7539f33 100644
--- a/Dockerfile.unprivileged
+++ b/Dockerfile.unprivileged
@@ -6,7 +6,8 @@
 FROM nginx-s3-gateway
 
 # Implement changes required to run NGINX as an unprivileged user
-RUN sed -i "/^server {/a \    listen       8080;" /etc/nginx/templates/default.conf.template \
+RUN sed -i 's/listen[[:space:]]*80;/listen 8080;/g' /etc/nginx/templates/default.conf.template \
+    && sed -i 's/listen[[:space:]]*\[::\]:80;/listen [::]:8080;/g' /etc/nginx/templates/default.conf.template \
     && sed -i '/user  nginx;/d' /etc/nginx/nginx.conf \
     && sed -i 's#http://127.0.0.1:80#http://127.0.0.1:8080#g' /etc/nginx/include/s3gateway.js \
     && sed -i 's,/var/run/nginx.pid,/tmp/nginx.pid,' /etc/nginx/nginx.conf \