1
0
mirror of https://github.com/thib8956/nginx-proxy synced 2024-11-22 11:56:31 +00:00

Merge pull request #789 from matt-hh/feature/upgrade-1.11.13

Upgrade to nginx 1.11.13
This commit is contained in:
Jason Wilder 2017-04-07 09:38:33 -06:00 committed by GitHub
commit 851b0e36cd
4 changed files with 16 additions and 16 deletions

View File

@ -1,4 +1,4 @@
FROM nginx:1.11.10 FROM nginx:1.11.13
MAINTAINER Jason Wilder mail@jasonwilder.com MAINTAINER Jason Wilder mail@jasonwilder.com
# Install wget and install/updates certificates # Install wget and install/updates certificates

View File

@ -1,4 +1,4 @@
FROM nginx:1.11.10-alpine FROM nginx:1.11.13-alpine
MAINTAINER Jason Wilder mail@jasonwilder.com MAINTAINER Jason Wilder mail@jasonwilder.com
# Install wget and install/updates certificates # Install wget and install/updates certificates

View File

@ -1,4 +1,4 @@
![nginx 1.11.10](https://img.shields.io/badge/nginx-1.11.10-brightgreen.svg) ![License MIT](https://img.shields.io/badge/license-MIT-blue.svg) [![Build Status](https://travis-ci.org/jwilder/nginx-proxy.svg?branch=master)](https://travis-ci.org/jwilder/nginx-proxy) [![](https://img.shields.io/docker/stars/jwilder/nginx-proxy.svg)](https://hub.docker.com/r/jwilder/nginx-proxy 'DockerHub') [![](https://img.shields.io/docker/pulls/jwilder/nginx-proxy.svg)](https://hub.docker.com/r/jwilder/nginx-proxy 'DockerHub') ![nginx 1.11.13](https://img.shields.io/badge/nginx-1.11.13-brightgreen.svg) ![License MIT](https://img.shields.io/badge/license-MIT-blue.svg) [![Build Status](https://travis-ci.org/jwilder/nginx-proxy.svg?branch=master)](https://travis-ci.org/jwilder/nginx-proxy) [![](https://img.shields.io/docker/stars/jwilder/nginx-proxy.svg)](https://hub.docker.com/r/jwilder/nginx-proxy 'DockerHub') [![](https://img.shields.io/docker/pulls/jwilder/nginx-proxy.svg)](https://hub.docker.com/r/jwilder/nginx-proxy 'DockerHub')
nginx-proxy sets up a container running nginx and [docker-gen][1]. docker-gen generates reverse proxy configs for nginx and reloads nginx when containers are started and stopped. nginx-proxy sets up a container running nginx and [docker-gen][1]. docker-gen generates reverse proxy configs for nginx and reloads nginx when containers are started and stopped.

View File

@ -11,7 +11,7 @@ if [[ "$#" -eq 0 ]]; then
You can also create certificates for wildcard domains: You can also create certificates for wildcard domains:
$(basename $0) '*.my-domain.tdl' $(basename $0) '*.my-domain.tdl'
EOF EOF
exit 0 exit 0
else else
@ -24,8 +24,8 @@ fi
# Create a nginx container (which conveniently provides the `openssl` command) # Create a nginx container (which conveniently provides the `openssl` command)
############################################################################### ###############################################################################
CONTAINER=$(docker run -d -v $DIR:/work -w /work -e SAN="$ALTERNATE_DOMAINS" nginx:1.11.8) CONTAINER=$(docker run -d -v $DIR:/work -w /work -e SAN="$ALTERNATE_DOMAINS" nginx:1.11.13)
# Configure openssl # Configure openssl
docker exec $CONTAINER bash -c ' docker exec $CONTAINER bash -c '
mkdir -p /ca/{certs,crl,private,newcerts} 2>/dev/null mkdir -p /ca/{certs,crl,private,newcerts} 2>/dev/null
echo 1000 > /ca/serial echo 1000 > /ca/serial
@ -117,7 +117,7 @@ function openssl {
} }
function exitfail { function exitfail {
echo echo
echo ERROR: "$@" echo ERROR: "$@"
docker rm -f $CONTAINER docker rm -f $CONTAINER
exit 1 exit 1
@ -129,15 +129,15 @@ function exitfail {
############################################################################### ###############################################################################
if ! [[ -f "$DIR/ca-root.key" ]]; then if ! [[ -f "$DIR/ca-root.key" ]]; then
echo echo
echo "> Create a Certificate Authority root key: $DIR/ca-root.key" echo "> Create a Certificate Authority root key: $DIR/ca-root.key"
openssl genrsa -out ca-root.key 2048 openssl genrsa -out ca-root.key 2048
[[ $? -eq 0 ]] || exitfail failed to generate CA root key [[ $? -eq 0 ]] || exitfail failed to generate CA root key
fi fi
# Create a CA root certificate # Create a CA root certificate
if ! [[ -f "$DIR/ca-root.crt" ]]; then if ! [[ -f "$DIR/ca-root.crt" ]]; then
echo echo
echo "> Create a CA root certificate: $DIR/ca-root.crt" echo "> Create a CA root certificate: $DIR/ca-root.crt"
openssl req -config /ca/openssl.cnf \ openssl req -config /ca/openssl.cnf \
-key ca-root.key \ -key ca-root.key \
@ -154,30 +154,30 @@ fi
# create server key and certificate signed by the certificate authority # create server key and certificate signed by the certificate authority
############################################################################### ###############################################################################
echo echo
echo "> Create a host key: $DIR/$DOMAIN.key" echo "> Create a host key: $DIR/$DOMAIN.key"
openssl genrsa -out "$DOMAIN.key" 2048 openssl genrsa -out "$DOMAIN.key" 2048
echo echo
echo "> Create a host certificate signing request" echo "> Create a host certificate signing request"
SAN="$ALTERNATE_DOMAINS" openssl req -config /ca/openssl.cnf \ SAN="$ALTERNATE_DOMAINS" openssl req -config /ca/openssl.cnf \
-key "$DOMAIN.key" \ -key "$DOMAIN.key" \
-new -out "/ca/$DOMAIN.csr" -days 1000 -extensions san_env -subj "/CN=$DOMAIN" -new -out "/ca/$DOMAIN.csr" -days 1000 -extensions san_env -subj "/CN=$DOMAIN"
[[ $? -eq 0 ]] || exitfail failed to generate server certificate signing request [[ $? -eq 0 ]] || exitfail failed to generate server certificate signing request
echo echo
echo "> Create server certificate: $DIR/$DOMAIN.crt" echo "> Create server certificate: $DIR/$DOMAIN.crt"
SAN="$ALTERNATE_DOMAINS" openssl ca -config /ca/openssl.cnf -batch \ SAN="$ALTERNATE_DOMAINS" openssl ca -config /ca/openssl.cnf -batch \
-extensions server_cert \ -extensions server_cert \
-extensions san_env \ -extensions san_env \
-in "/ca/$DOMAIN.csr" \ -in "/ca/$DOMAIN.csr" \
-out "$DOMAIN.crt" -out "$DOMAIN.crt"
[[ $? -eq 0 ]] || exitfail failed to generate server certificate [[ $? -eq 0 ]] || exitfail failed to generate server certificate
# Verify host certificate # Verify host certificate
#openssl x509 -noout -text -in "$DOMAIN.crt" #openssl x509 -noout -text -in "$DOMAIN.crt"
docker rm -f $CONTAINER >/dev/null docker rm -f $CONTAINER >/dev/null