Commit Graph

143 Commits

Author SHA1 Message Date
Asif Bacchus
d742bdf9ab refactor(CONFIG): update sample configuration defaults 2021-01-07 15:04:04 -07:00
Asif Bacchus
a1c1ac280a struct(MOVE): move security headers to snippets from configs 2021-01-07 15:03:24 -07:00
Asif Bacchus
e8b80833e6 update readme - permissions section 2021-01-07 14:33:52 -07:00
Asif Bacchus
77b1b74df3 update gitattributes 2021-01-07 14:33:13 -07:00
Asif Bacchus
5132e6f2e2 fix(DOCKERFILE): terminate with SIGQUIT for NGINX 2021-01-07 13:34:09 -07:00
Asif Bacchus
00fcd6dd10 refactor(NGINX): move tmp paths to accessible locations for limited user 2021-01-07 13:31:04 -07:00
Asif Bacchus
d293e7b3e9 fix(DOCKERFILE): properly remove entrypoint script from parent container 2021-01-07 13:25:57 -07:00
Asif Bacchus
67e9a699d9 refactor(DOCKERFILE): change UID 2021-01-07 11:25:12 -07:00
Asif Bacchus
956acfc9a1 feature(DOCKERFILE): remove parent container entrypoint script 2021-01-07 11:07:49 -07:00
Asif Bacchus
2125dcb939 fix(DOCKERFILE): fix user creation, add home directory too 2021-01-07 10:45:40 -07:00
Asif Bacchus
0609c680e0 refactor(NGINX): update letsencrypt integration
- actually create letsencrypt challenge directory
- point default server-blocks to proper LE directory
- fix access and error logging for LE requests
- update server-block configuration comment headers
2021-01-07 10:16:24 -07:00
Asif Bacchus
4901116443 fix(DOCKERFILE): missing backslash in run cmd 2021-01-07 10:10:35 -07:00
Asif Bacchus
c08d3f1c37 chore(DOCKERFILE): bump internal version number 2021-01-07 10:09:43 -07:00
Asif Bacchus
715ae9cd38 feature(DOCKERFILE): set up nginx to run as non-root
- add libcap
- use setcap (via libcap) to allow nginx to bind to ports <1024
- set permissions on nginx directories
- change nginx pid location to /etc/nginx
2021-01-07 10:06:17 -07:00
Asif Bacchus
53ea4c9dc1 revert(DOCKERFILE): remove nano, update internal version 2021-01-07 08:58:08 -07:00
Asif Bacchus
6149fd092e docs(README): update readme 2021-01-07 08:55:40 -07:00
Asif Bacchus
a5d342afda docs(README): update readme 2021-01-07 07:29:39 -07:00
Asif Bacchus
609e1d3dd8 fix(NANO): update config option names 2021-01-07 07:22:54 -07:00
Asif Bacchus
394f1fdccd fix(DOCKERFILE): fix errant reference to old user variable 2021-01-07 07:14:01 -07:00
Asif Bacchus
318e595bbd refactor(SITES): rename default site block files
- remove test from filenames to avoid confusion
- these are production-capable files
2021-01-07 07:11:20 -07:00
Asif Bacchus
23da6ae576 docs(DOCKERFILE): fix username comment 2021-01-07 07:05:20 -07:00
Asif Bacchus
294c31d19e feature(DOCKERFILE): run as limited user
- remove ability to specify username
- hardcode username to www-docker
- run as www-docker
2021-01-07 07:03:57 -07:00
Asif Bacchus
5f07c685ad feature(DOCKERFILE): add nano, stop using git
- add nano and nano configuration file
- download and untar errorpages instead of installing git
2021-01-07 06:59:53 -07:00
Asif Bacchus
cffa79fe25 refactor(NGINX): remove settings from nginx.conf
- remove resolver
- remove proxy buffers
- these options should not be hardcoded, prevent conflicts
2021-01-07 05:19:17 -07:00
Asif Bacchus
c4a30f829e docs(README): update readme 2021-01-06 15:51:15 -07:00
Asif Bacchus
ce95e94092 fix(SCRIPT): disable ssl configs without erroneous err msg 2021-01-06 12:44:40 -07:00
Asif Bacchus
639296a2b1 [README] move directory tree to code block 2021-01-06 08:43:38 -07:00
Asif Bacchus
0991ae7c8a [README] add directory layout, correct mentions of preconfiguration. 2021-01-06 08:35:51 -07:00
Asif Bacchus
fe0413d5ab perf(SCRIPT): remove unneeded variable 2021-01-06 04:59:52 -07:00
Asif Bacchus
73d998178c refactor(SCRIPT): rewrite file update method 2021-01-06 04:52:20 -07:00
Asif Bacchus
f5e553ac21 build(GIT): ignore checksum file 2021-01-06 04:09:22 -07:00
Asif Bacchus
38ec7e96dd refactor(SCRIPT): change update server path 2021-01-06 04:04:15 -07:00
Asif Bacchus
a9f0387e12 feature(SCRIPT): basic update script 2021-01-06 03:50:34 -07:00
Asif Bacchus
c5ddc0f6e8 fix(SCRIPT): prevent erroneous error message
- port update should target secure block file regardless if disabled
2021-01-06 02:48:38 -07:00
Asif Bacchus
e5b2f68fd4 fix(SCRIPT): verify docker installed 2021-01-06 02:35:29 -07:00
Asif Bacchus
942a855ffa refactor(SCRIPT): rework ssl implementation
- restart: prevent unnecessary error messages from already renamed files
2021-01-06 02:31:18 -07:00
Asif Bacchus
1a1df53175 fix(SCRIPT): fix null hostname error 2021-01-06 01:19:37 -07:00
Asif Bacchus
cc2a81070d fix(SCRIPT): revert quoting vmount var
- this variable relies on being globbed
2021-01-06 01:03:14 -07:00
Asif Bacchus
d3b9229d85 fix(SCRIPT): fix erroneous DHparam check when not using SSL 2021-01-06 00:59:52 -07:00
Asif Bacchus
5a313ea778 refactor(SCRIPT): replace in-line printf styles 2021-01-06 00:57:00 -07:00
Asif Bacchus
b617b7e633 refactor(SCRIPT): new formatting
- check for tput, set formatting to null if not installed
- collapse scriptHelp according to screen width
2021-01-06 00:19:54 -07:00
Asif Bacchus
6f4b2509b4 docs(PARAMS): update comments for clarity 2021-01-05 23:21:15 -07:00
Asif Bacchus
dcd3dbeac6 docs(README): fix mistake in SERVER_NAMES explanation 2021-01-05 23:20:44 -07:00
Asif Bacchus
bc62d15fbe docs(README): proper readme 2021-01-05 23:06:52 -07:00
Asif Bacchus
c683856959 fix(NGINX): fix healthcheck URL 2021-01-05 18:24:58 -07:00
Asif Bacchus
530b4ce476 refactor(LABELS): replace label schema with OCI 2021-01-05 18:01:53 -07:00
Asif Bacchus
f54bed8817 build(VERSION): align version with NGINX versions
- add separate label for internal version tracking
2021-01-05 17:36:04 -07:00
Asif Bacchus
e1bce5aaf6 feature(CONFIG): add healthcheck 2021-01-05 17:35:03 -07:00
Asif Bacchus
31bdf7b7f2 fix(CONFIG): change healthcheck port 2021-01-05 17:29:10 -07:00
Asif Bacchus
2301422842 fix(CONFIG): fix typo in sites note 2021-01-05 17:20:07 -07:00