30388f81cd
fix(dockerfile): create certs directory
...
- create certs directory and set permissions for limited user
- required for certs and DHparams auto-generation
Closes #1
2021-09-13 02:43:28 -06:00
2e26095dbf
update curl and apk-tools to address security issues
2021-07-27 23:18:17 -06:00
24975088d3
set scripts as executable
2021-07-27 21:22:33 -06:00
9563e2b847
chore(dockerfile): update email addresses
2021-07-27 21:15:05 -06:00
2b583ad7e0
struct(dockerfile): change internal labels
...
- add internal name label to allow finding containers
- use new domain in private labels
2021-07-27 15:10:49 -06:00
f1faf3fedf
feature(generate-cert): allow create self-signed cert
...
- self-signed cert with a group-readable key and customizable hostname
2021-07-25 19:18:32 -06:00
4ded854631
feature(entrypoint): generate missing dhparam file if needed
2021-07-25 16:00:16 -06:00
8890e662b0
docs(dockerfile): update domain in labels
2021-07-25 15:42:18 -06:00
a4cebd5216
fix(dockerfile): remove quotes in maintainer tag
2021-07-25 15:39:36 -06:00
f6efb86f2a
feature(dockerfile): specify NGINX version via build-arg
...
- build-arg for NGINX version
- add labels incorporating NGINX version and internal version
- add label to reference GIT commit for tagged release
2021-07-25 15:37:38 -06:00
e499b7982c
struct(entrypoint): add planned exit codes
2021-07-25 15:13:31 -06:00
1c608859e7
refactor(dockerfile): change healthcheck periods
...
- reduce interval and increase start-period
- format for clarity
2021-07-25 15:04:22 -06:00
7ea21e2cc4
feature(dockerfile): allow separate UID and GID during build
2021-07-25 15:03:24 -06:00
d045d098d9
docs(dockerfile): add deprecated maintainer tag
...
Harbor still uses this for informational display
2021-07-25 15:02:54 -06:00
287830ffe7
chore(dockerfile): bump internal and nginx version
...
- update nginx to current
- bump internal version in preparation for new features
2021-07-25 15:02:11 -06:00
Asif Bacchus
dc336de922
build(BASE): update NGINX base image version
...
- change internal version numbering to include NGINX version
- update NGINX internal version label
2021-04-04 12:31:44 -06:00
Asif Bacchus
cbb8595380
refactor(NGINX): auto-load certificates
...
- use container-bound certificates by default
- do not use separate certificate loading include
2021-01-08 22:02:22 -07:00
Asif Bacchus
5132e6f2e2
fix(DOCKERFILE): terminate with SIGQUIT for NGINX
2021-01-07 13:34:09 -07:00
Asif Bacchus
00fcd6dd10
refactor(NGINX): move tmp paths to accessible locations for limited user
2021-01-07 13:31:04 -07:00
Asif Bacchus
d293e7b3e9
fix(DOCKERFILE): properly remove entrypoint script from parent container
2021-01-07 13:25:57 -07:00
Asif Bacchus
67e9a699d9
refactor(DOCKERFILE): change UID
2021-01-07 11:25:12 -07:00
Asif Bacchus
956acfc9a1
feature(DOCKERFILE): remove parent container entrypoint script
2021-01-07 11:07:49 -07:00
Asif Bacchus
2125dcb939
fix(DOCKERFILE): fix user creation, add home directory too
2021-01-07 10:45:40 -07:00
Asif Bacchus
0609c680e0
refactor(NGINX): update letsencrypt integration
...
- actually create letsencrypt challenge directory
- point default server-blocks to proper LE directory
- fix access and error logging for LE requests
- update server-block configuration comment headers
2021-01-07 10:16:24 -07:00
Asif Bacchus
4901116443
fix(DOCKERFILE): missing backslash in run cmd
2021-01-07 10:10:35 -07:00
Asif Bacchus
c08d3f1c37
chore(DOCKERFILE): bump internal version number
2021-01-07 10:09:43 -07:00
Asif Bacchus
715ae9cd38
feature(DOCKERFILE): set up nginx to run as non-root
...
- add libcap
- use setcap (via libcap) to allow nginx to bind to ports <1024
- set permissions on nginx directories
- change nginx pid location to /etc/nginx
2021-01-07 10:06:17 -07:00
Asif Bacchus
53ea4c9dc1
revert(DOCKERFILE): remove nano, update internal version
2021-01-07 08:58:08 -07:00
Asif Bacchus
609e1d3dd8
fix(NANO): update config option names
2021-01-07 07:22:54 -07:00
Asif Bacchus
394f1fdccd
fix(DOCKERFILE): fix errant reference to old user variable
2021-01-07 07:14:01 -07:00
Asif Bacchus
318e595bbd
refactor(SITES): rename default site block files
...
- remove test from filenames to avoid confusion
- these are production-capable files
2021-01-07 07:11:20 -07:00
Asif Bacchus
23da6ae576
docs(DOCKERFILE): fix username comment
2021-01-07 07:05:20 -07:00
Asif Bacchus
294c31d19e
feature(DOCKERFILE): run as limited user
...
- remove ability to specify username
- hardcode username to www-docker
- run as www-docker
2021-01-07 07:03:57 -07:00
Asif Bacchus
5f07c685ad
feature(DOCKERFILE): add nano, stop using git
...
- add nano and nano configuration file
- download and untar errorpages instead of installing git
2021-01-07 06:59:53 -07:00
Asif Bacchus
cffa79fe25
refactor(NGINX): remove settings from nginx.conf
...
- remove resolver
- remove proxy buffers
- these options should not be hardcoded, prevent conflicts
2021-01-07 05:19:17 -07:00
Asif Bacchus
ce95e94092
fix(SCRIPT): disable ssl configs without erroneous err msg
2021-01-06 12:44:40 -07:00
Asif Bacchus
c5ddc0f6e8
fix(SCRIPT): prevent erroneous error message
...
- port update should target secure block file regardless if disabled
2021-01-06 02:48:38 -07:00
Asif Bacchus
942a855ffa
refactor(SCRIPT): rework ssl implementation
...
- restart: prevent unnecessary error messages from already renamed files
2021-01-06 02:31:18 -07:00
Asif Bacchus
c683856959
fix(NGINX): fix healthcheck URL
2021-01-05 18:24:58 -07:00
Asif Bacchus
530b4ce476
refactor(LABELS): replace label schema with OCI
2021-01-05 18:01:53 -07:00
Asif Bacchus
f54bed8817
build(VERSION): align version with NGINX versions
...
- add separate label for internal version tracking
2021-01-05 17:36:04 -07:00
Asif Bacchus
e1bce5aaf6
feature(CONFIG): add healthcheck
2021-01-05 17:35:03 -07:00
Asif Bacchus
31bdf7b7f2
fix(CONFIG): change healthcheck port
2021-01-05 17:29:10 -07:00
Asif Bacchus
2301422842
fix(CONFIG): fix typo in sites note
2021-01-05 17:20:07 -07:00
Asif Bacchus
7cf92e7b2c
feature(NGINX): add health stub site
2021-01-05 17:18:24 -07:00
Asif Bacchus
ccc303f597
refactor(CONFIG): update SSL configurations
2021-01-05 17:12:00 -07:00
Asif Bacchus
2c1712700c
move version label for faster build, bump version
2020-03-10 23:20:54 -06:00
Asif Bacchus
d7f24405e1
make version explicitly 2.0
2019-11-18 05:04:08 -07:00
Asif Bacchus
f9d620cf08
fix stupid function return mistake
2019-11-18 05:00:39 -07:00
Asif Bacchus
096aecfeec
update proxy buffers to resolve access_log msg
2019-11-18 01:11:58 -07:00