##### # Parameters for use by ab-nginx convenience script # # If you are not using the 'ab-nginx.sh' script file to start the container, # then you don't have to do anything with this file. ##### ### Network options # If you want to specify a network to which this container should bind or one # that should be created, then use this variable. If you don't know what this # means or if you just want to use the default, leave this line/variable # commented-out. #NETWORK=nginx_network # If you want to specify a particular IP subnet for the network to be created # as per the above variable, specify it here. Again, if you don't know what # this means, just leave this commented-out. #SUBNET='172.31.254.0/24' ### Timezone # This doesn't impact any functionality of the container, but it does make your # logs easier to understand if they report the correct local time, right? # (https://en.wikipedia.org/wiki/List_of_tz_database_time_zones) TZ=Area/Location ### NGINX options # Hostnames to which this instance of NGINX should answer: # By default, this is set to '_' meaning 'match anything'. However, that won't # work if you're using SSL certificates! Multiple hostnames must be space # delimited and "enclosed in quotes". # This is NOT required if you are supplying your own server blocks via # 'SERVERS_DIR' HOSTNAMES="domain.tld www.domain.tld server.domain.tld alt.domain.tld" # Ports to expose on the HOST machine (container ALWAYS internally uses 80/443): # If you need to use ports other than HTTP=80 and HTTPS=443, remember to set up # your server blocks accordingly! See 'test_secured.conf.disabled' in the # container if you need help. If you're using the 'test blocks', they # automatically adjust for non-standard ports # If you want to use the defaults, either leave these lines as-is, comment them # out or just delete them. #HTTP_PORT=80 #HTTPS_PORT=443 # Access logging (global preference): # Unless overridden in a server/location block, access logging will be handled # according to this setting. Default is OFF. Choices are 'ON' or 'OFF'. # Logs will be printed to the console so they are accessible via # 'docker logs ...' ACCESS_LOG=OFF ### Content files # Whatever you specify here will replace the default files in the container # with your content/configurations. # Specify a directory containing your NGINX configurations (if any) # Remember that these will be all be applied in the HTTP configuration # context. # Only files with a ".conf" extension will be loaded! If you want to disable a # file, simply change it's extension (i.e. '.conf.disabled'). CONFIG_DIR=$(pwd)/config # Specify a directory containing your NGINX server-block configurations (if any) # If you are just serving static content from the 'webroot', you can use the # hard-coded 'test blocks' in the container and specify a webroot with your # files below. # More likely, you will have your own server blocks. Remember, files are # processed in order so consider starting file names with numbers # (i.e. 00-first_server.conf, 05-second_server.conf) # Only files with a ".conf" extension will be loaded! If you want to disable a # file, simply change it's extension (i.e. '.conf.disabled'). SERVERS_DIR=$(pwd)/sites # Specify a directory containing 'snippets' of NGINX code you want/need to # reference in various other configuration files. Pointers to additional SSL # certificates for other hosted domains is a good example of this. SNIPPETS_DIR=$(pwd)/snippets # Specify a directory that contains files for your 'webroot'. This includes # things like HTML, CSS, etc. WEBROOT_DIR=/var/www ### SSL options: # Enable HSTS only AFTER you've tested SSL implementation! Container sets the # header to require SSL for 6 months! Subdomains are NOT included. HSTS=FALSE # If 'FALSE' (default), NGINX will accept both TLS 1.2 and 1.3 connections. # If 'TRUE', only TLS 1.3 connections will be accepted. TLS13_ONLY=FALSE ### Certificate files to be bind-mounted # Remember, if you are mounting symlinks (like when using Let's Encrypt), you # MUST specify the full path of the symlink so the target is resolved! # DH (Diffie-Hellman Parameters file) is only required if using TLS 1.2 #SSL_CERT=/path/to/your/ssl-certificate/fullchain.pem #SSL_KEY=/path/to/your/ssl-private-key/privkey.pem #SSL_CHAIN=/path/to/your/ssl-certificate-chain/chain.pem #DH=/path/to/your/diffie-hellman-parameters-file/dhparam.pem #EOF