commit
5a220be50c
@ -0,0 +1,8 @@ |
||||
# Networks |
||||
NETWORK= |
||||
|
||||
# Reverse Proxy |
||||
MYIP_IMG= |
||||
MYIP_TAG= |
||||
MYIP_CONTAINER_NAME= |
||||
MYIP_RESTART= |
@ -0,0 +1 @@ |
||||
*.env |
@ -0,0 +1,20 @@ |
||||
version: '3' |
||||
|
||||
services: |
||||
nginx: |
||||
build: |
||||
context: nginx/. |
||||
args: |
||||
- IMAGE=${MYIP_IMG:-nginx} |
||||
- TAG=${MYIP_TAG:-alpine} |
||||
container_name: ${MYIP_CONTAINER_NAME:-myip-nginx} |
||||
restart: ${MYIP_RESTART:-unless-stopped} |
||||
expose: |
||||
- 80 |
||||
env_file: |
||||
- nginx.env |
||||
|
||||
networks: |
||||
default: |
||||
external: |
||||
name: ${NETWORK:-webservices} |
@ -0,0 +1,13 @@ |
||||
# Domain name used for myip (this parameter is required) |
||||
# Note: issue the domain NAME only |
||||
# CORRECT -> sub.domain.tld |
||||
# WRONG -> http://sub.domain.tld |
||||
MYIP_HOSTNAME= |
||||
|
||||
NGINX_LISTEN_PORT=80 |
||||
|
||||
# Reverse-proxy and certbot |
||||
VIRTUAL_HOST=domain.tld |
||||
VIRTUAL_PORT=80 |
||||
LETSENCRYPT_HOST=domain.tld |
||||
LETSENCRYPT_EMAIL=user@domain.tld |
@ -0,0 +1,13 @@ |
||||
ARG IMAGE |
||||
ARG TAG |
||||
|
||||
FROM ${IMAGE}:${TAG} |
||||
|
||||
LABEL maintainer="Meliurwen <meliruwen@gmail.com>" |
||||
|
||||
COPY root/ / |
||||
|
||||
ENV MYIP_HOSTNAME= |
||||
ENV NGINX_LISTEN_PORT=80 |
||||
|
||||
ENTRYPOINT ["/entrypoint.sh"] |
@ -0,0 +1,13 @@ |
||||
#!/bin/sh |
||||
|
||||
# Exit at first error |
||||
set -e |
||||
|
||||
# Fill the varibles in myip.template and put the result in default.conf |
||||
envsubst "`env | awk -F = '{printf \" $$%s\", $$1}'`" < \ |
||||
/etc/nginx/conf.d/myip.template > \ |
||||
/etc/nginx/conf.d/default.conf |
||||
|
||||
cat /etc/nginx/conf.d/default.conf |
||||
|
||||
nginx -g 'daemon off;' |
@ -0,0 +1,43 @@ |
||||
# Apply fix for very long server names |
||||
server_names_hash_bucket_size 128; |
||||
|
||||
log_format vhost '$host $remote_addr - $remote_user [$time_local] ' |
||||
'"$request" $status $body_bytes_sent ' |
||||
'"$http_referer" "$http_user_agent"'; |
||||
access_log off; |
||||
|
||||
server { |
||||
# This is a catch-all hostname (it will never trigger on a real hostname). |
||||
# If an access by IP or by an unhandled domain linking to this IP is tried, |
||||
# a 503 response will be issued. |
||||
# See: https://nginx.org/en/docs/http/server_names.html |
||||
server_name _; |
||||
listen 80; |
||||
access_log /var/log/nginx/access.log vhost; |
||||
return 503; |
||||
} |
||||
|
||||
server { |
||||
listen ${NGINX_LISTEN_PORT}; |
||||
server_name ${MYIP_HOSTNAME}; |
||||
|
||||
# Disable uploads |
||||
# TODO: check if this directive makes sense in this context |
||||
client_max_body_size 1k; |
||||
|
||||
# Disable do not add the server version in the header |
||||
server_tokens off; |
||||
|
||||
# Disables keepalive connections. |
||||
# See: https://nginx.org/en/docs/http/ngx_http_core_module.html |
||||
keepalive_requests 0; |
||||
keepalive_timeout 0; |
||||
|
||||
# Disable cache |
||||
expires -1; |
||||
|
||||
location / { |
||||
default_type text/plain; |
||||
return 200 $remote_addr; |
||||
} |
||||
} |
@ -0,0 +1,14 @@ |
||||
# Real IP Settings |
||||
# This option get user's real ip address |
||||
# to be fowared to your service container |
||||
|
||||
# The option 'set_real_ip_from' |
||||
# must correspont to your docker network address |
||||
set_real_ip_from 172.16.0.0/12; |
||||
set_real_ip_from 10.0.0.0/8; |
||||
set_real_ip_from 192.168.0.0/16; |
||||
|
||||
# Header for Real IP Address |
||||
real_ip_header X-Forwarded-For; |
||||
#real_ip_header X-Real-IP; |
||||
real_ip_recursive on; |
Loading…
Reference in new issue