mirror of
https://github.com/thib8956/nginx-proxy
synced 2024-12-25 03:56:31 +00:00
Add dynamically-computed DNS resolvers to nginx (for PR #574)
This commit is contained in:
parent
6bdd184d6a
commit
0cc71fad49
@ -18,6 +18,12 @@ fi
|
||||
# Note: if $DHPARAM_BITS is not defined, generate-dhparam.sh will use 2048 as a default
|
||||
/app/generate-dhparam.sh $DHPARAM_BITS
|
||||
|
||||
# Compute the DNS resolvers for use in the templates
|
||||
export RESOLVERS=$(awk '$1 == "nameserver" {print $2}' ORS=' ' /etc/resolv.conf | sed 's/ *$//g')
|
||||
if [ "x$RESOLVERS" = "x" ]; then
|
||||
echo "Warning: unable to determine DNS resolvers for nginx" >&2
|
||||
fi
|
||||
|
||||
# If the user has run the default command and the socket doesn't exist, fail
|
||||
if [ "$socketMissing" = 1 -a "$1" = forego -a "$2" = start -a "$3" = '-r' ]; then
|
||||
exit 1
|
||||
|
10
nginx.tmpl
10
nginx.tmpl
@ -58,6 +58,10 @@ log_format vhost '$host $remote_addr - $remote_user [$time_local] '
|
||||
|
||||
access_log off;
|
||||
|
||||
{{ if ne $.Env.RESOLVERS "" }}
|
||||
resolver {{ $.Env.RESOLVERS }};
|
||||
{{ end }}
|
||||
|
||||
{{ if (exists "/etc/nginx/proxy.conf") }}
|
||||
include /etc/nginx/proxy.conf;
|
||||
{{ else }}
|
||||
@ -198,6 +202,12 @@ server {
|
||||
ssl_dhparam {{ printf "/etc/nginx/certs/%s.dhparam.pem" $cert }};
|
||||
{{ end }}
|
||||
|
||||
{{ if (exists (printf "/etc/nginx/certs/%s.chain.crt" $cert)) }}
|
||||
ssl_stapling on;
|
||||
ssl_stapling_verify on;
|
||||
ssl_trusted_certificate {{ printf "/etc/nginx/certs/%s.chain.crt" $cert }};
|
||||
{{ end }}
|
||||
|
||||
{{ if (ne $https_method "noredirect") }}
|
||||
add_header Strict-Transport-Security "max-age=31536000";
|
||||
{{ end }}
|
||||
|
Loading…
Reference in New Issue
Block a user