Fully functional release

master
Meliurwen 4 years ago
commit 5a220be50c
Signed by: meliurwen
GPG Key ID: 818A8B35E9F1CE10
  1. 8
      .env.example
  2. 1
      .gitignore
  3. 20
      docker-compose.yml
  4. 13
      nginx.env.example
  5. 13
      nginx/Dockerfile
  6. 13
      nginx/root/entrypoint.sh
  7. 43
      nginx/root/etc/nginx/conf.d/myip.template
  8. 14
      nginx/root/etc/nginx/conf.d/realip.conf

@ -0,0 +1,8 @@
# Networks
NETWORK=
# Reverse Proxy
MYIP_IMG=
MYIP_TAG=
MYIP_CONTAINER_NAME=
MYIP_RESTART=

1
.gitignore vendored

@ -0,0 +1 @@
*.env

@ -0,0 +1,20 @@
version: '3'
services:
nginx:
build:
context: nginx/.
args:
- IMAGE=${MYIP_IMG:-nginx}
- TAG=${MYIP_TAG:-alpine}
container_name: ${MYIP_CONTAINER_NAME:-myip-nginx}
restart: ${MYIP_RESTART:-unless-stopped}
expose:
- 80
env_file:
- nginx.env
networks:
default:
external:
name: ${NETWORK:-webservices}

@ -0,0 +1,13 @@
# Domain name used for myip (this parameter is required)
# Note: issue the domain NAME only
# CORRECT -> sub.domain.tld
# WRONG -> http://sub.domain.tld
MYIP_HOSTNAME=
NGINX_LISTEN_PORT=80
# Reverse-proxy and certbot
VIRTUAL_HOST=domain.tld
VIRTUAL_PORT=80
LETSENCRYPT_HOST=domain.tld
LETSENCRYPT_EMAIL=user@domain.tld

@ -0,0 +1,13 @@
ARG IMAGE
ARG TAG
FROM ${IMAGE}:${TAG}
LABEL maintainer="Meliurwen <meliruwen@gmail.com>"
COPY root/ /
ENV MYIP_HOSTNAME=
ENV NGINX_LISTEN_PORT=80
ENTRYPOINT ["/entrypoint.sh"]

@ -0,0 +1,13 @@
#!/bin/sh
# Exit at first error
set -e
# Fill the varibles in myip.template and put the result in default.conf
envsubst "`env | awk -F = '{printf \" $$%s\", $$1}'`" < \
/etc/nginx/conf.d/myip.template > \
/etc/nginx/conf.d/default.conf
cat /etc/nginx/conf.d/default.conf
nginx -g 'daemon off;'

@ -0,0 +1,43 @@
# Apply fix for very long server names
server_names_hash_bucket_size 128;
log_format vhost '$host $remote_addr - $remote_user [$time_local] '
'"$request" $status $body_bytes_sent '
'"$http_referer" "$http_user_agent"';
access_log off;
server {
# This is a catch-all hostname (it will never trigger on a real hostname).
# If an access by IP or by an unhandled domain linking to this IP is tried,
# a 503 response will be issued.
# See: https://nginx.org/en/docs/http/server_names.html
server_name _;
listen 80;
access_log /var/log/nginx/access.log vhost;
return 503;
}
server {
listen ${NGINX_LISTEN_PORT};
server_name ${MYIP_HOSTNAME};
# Disable uploads
# TODO: check if this directive makes sense in this context
client_max_body_size 1k;
# Disable do not add the server version in the header
server_tokens off;
# Disables keepalive connections.
# See: https://nginx.org/en/docs/http/ngx_http_core_module.html
keepalive_requests 0;
keepalive_timeout 0;
# Disable cache
expires -1;
location / {
default_type text/plain;
return 200 $remote_addr;
}
}

@ -0,0 +1,14 @@
# Real IP Settings
# This option get user's real ip address
# to be fowared to your service container
# The option 'set_real_ip_from'
# must correspont to your docker network address
set_real_ip_from 172.16.0.0/12;
set_real_ip_from 10.0.0.0/8;
set_real_ip_from 192.168.0.0/16;
# Header for Real IP Address
real_ip_header X-Forwarded-For;
#real_ip_header X-Real-IP;
real_ip_recursive on;
Loading…
Cancel
Save