1
0
mirror of https://github.com/thib8956/nginx-proxy synced 2024-11-24 12:56:30 +00:00
Commit Graph

520 Commits

Author SHA1 Message Date
Steve Kamerman
8534185b0c Added newline to config 2016-10-03 10:05:55 -04:00
Steve Kamerman
8cf0b75d80 Updated README with HTTPS_METHOD=nohttps 2016-10-01 11:25:11 -04:00
Steve Kamerman
374b1256cd Add HTTPS_METHOD=https to disable SSL site 2016-10-01 11:22:48 -04:00
Steve Kamerman
c091d08fee Updated docs for issue #562 2016-09-29 22:24:06 -04:00
Steve Kamerman
ebbf7a7b74 Expanded documentation in SSL/TLS support 2016-09-29 21:57:28 -04:00
Steve Kamerman
d3a0da451a TLSv1 End-of-life pushed to June 30, 2018, rolled back for compatibility 2016-09-29 21:35:37 -04:00
Steve Kamerman
c51c9980cf Removed TLS 1.0 as it is considered unsafe and must be disabled for PCI compliance 2016-09-29 19:52:20 -04:00
Steve Kamerman
6f2b3f1c54 Issue #586 Removed DES-based SSL ciphers 2016-09-29 17:10:17 -04:00
Steve Kamerman
0b1e9e56e1 Issue #535 Added default 2048-bit dhparam.pem file 2016-09-29 16:48:18 -04:00
Steve Kamerman
9ef0bb3356 Comment typo 2016-09-29 16:06:53 -04:00
Steve Kamerman
b9bf183df2 Added httpoxy test 2016-09-29 15:43:07 -04:00
Steve Kamerman
7422539f20 Updated README to reflect X-Forwarded-Port 2016-09-29 15:42:49 -04:00
Steve Kamerman
112aad39b6 Implemented more advanced webserver with routing and request header echoing, added header tests 2016-09-29 15:36:01 -04:00
Steve Kamerman
124b8cd757 Honor upstream forwarded port if available 2016-09-29 11:33:21 -04:00
Steve Kamerman
6ebbdb10c7 Merge branch 'master' into feature_x_forwarded_port 2016-09-29 11:26:51 -04:00
Jason Wilder
0670a13d92 Merge pull request #581 from chulkilee/ssl_session_tickets
add ssl_session_tickets to default site
2016-09-24 20:22:16 -06:00
Chulki Lee
4661bf4dd9 add ssl_session_tickets to default site
Fixes #580
2016-09-23 21:58:09 -07:00
Jason Wilder
760936d9ea Merge pull request #572 from pvlg/patch-2
Replace "replace" to "trimSuffix"
2016-09-17 09:58:27 -06:00
pvlg
fe9a538ec8 Replace "replace" to "trimSuffix"
I have a domain key-mydomain.com. When I add domain www.key-mydomain.com with ssl cert I did not get the desired result. Function replace cut name ssl cert "www.key-mydomain.com.key" to "www-mydomain.com".
2016-09-17 16:53:01 +03:00
Jason Wilder
f02bc98a6e Merge pull request #566 from mplx/patch/hsts-no-subdomains
do not enable HSTS for subdomains
2016-09-13 09:18:27 -06:00
mplx
37323320c8 do not enable HSTS for subdomains 2016-09-12 09:46:59 +02:00
Jason Wilder
40d433ae80 Merge pull request #493 from ryneeverett/docker_compose_separate_containers
Add docker-compose file for separate containers.
2016-09-09 14:18:06 -06:00
Jason Wilder
ec7169c112 Merge pull request #323 from pabra/master
connect to uWSGI backends
2016-09-09 14:16:08 -06:00
Matthias Döring
7d05f0d924 Add nginx alpine to update-dependencies task 2016-09-03 12:05:27 +02:00
Matthias Döring
ba55d1a0b6 Add alpine base image
- Inspired by #408
- Possible solution for #543
2016-09-02 17:11:36 +02:00
Jason Wilder
e95d3e9fdf Merge pull request #555 from freakinruben/patch-1
Update ciphers and HTST settings to get A+ rating
2016-09-01 09:21:56 -06:00
Ruben
87879c1ee2 Update ciphers and HTST settings to get A+ rating
The default config gets you an 'A' rating. Cipher settings are copied from [Mozilla SSL Configartion Generator](https://mozilla.github.io/server-side-tls/ssl-config-generator/?server=nginx-1.10.1&openssl=1.0.1t&hsts=yes&profile=intermediate)
2016-09-01 11:34:56 +02:00
Jason Wilder
579bc1bf6e Merge pull request #518 from huiwang/nginx_upgrade
upgrade nginx to 1.11.3
2016-08-25 20:55:54 -06:00
hwang
176b78943e upgrade nginx to 1.11.3 in makefile 2016-08-25 21:46:57 +02:00
Jason Wilder
a6287d7df1 Merge pull request #545 from auchri/patch-1
Update .travis.yml
2016-08-25 12:30:16 -06:00
Christoph
c113e7ac82 Update .travis.yml 2016-08-25 20:22:35 +02:00
hwang
03e863d838 upgrade nginx to 1.11.3 2016-08-25 20:16:37 +02:00
ryneeverett
478ad17adb Remove proxy-tier network in favor of the default.
As @huiwang pointed out, using a custom network is unnecessary since the
default bridge network works just as well.
2016-07-29 17:23:10 -04:00
hwang
86c408bbdd upgrade nginx to 1.11.0 2016-07-29 21:17:14 +02:00
Steve Kamerman
2e29168d92 Added X-Forwarded-Port 2016-07-21 11:23:35 -04:00
Jason Wilder
30128cfda0 Merge pull request #511 from kamermans/master
Mitigate httpoxy attack by suppressing `Proxy` request header
2016-07-19 12:15:35 -06:00
Steve Kamerman
fd127517b9 Added comments about httpoxy 2016-07-19 11:03:41 -04:00
Steve Kamerman
357d58ad97 Mitigate httpoxy attack (httpoxy.org, CVE-2016-(5385-5388,1000109-1000110) 2016-07-18 13:34:37 -04:00
ryneeverett
5f684d4fc5 Add docker-compose file for separate containers.
Demonstrate that this pattern works.

This is based on the example at
<https://github.com/fatk/docker-letsencrypt-nginx-proxy-companion-examples/blob/master/docker-compose/v2/simple-site/docker-compose.yml>.
2016-07-13 17:31:53 -04:00
Jason Wilder
a2ab8363ca Merge pull request #483 from jwilder/jw-docker-gen
Update to docker-gen 0.7.3
2016-06-13 08:18:07 -06:00
Jason Wilder
8ed5ab38b8 Update to docker-gen 0.7.3 2016-06-13 00:24:21 -06:00
Jason Wilder
db3ef67a7f Merge pull request #482 from jwilder/jw-revert
Revert 9c93efa
2016-06-13 00:21:38 -06:00
Jason Wilder
580517725f Revert 9c93efa 2016-06-13 00:10:49 -06:00
Jason Wilder
d1e6e1c0be Merge pull request #344 from schmunk42/feature/error-code
changed error code for non-usable/default SSL cert, fixes #341
2016-06-12 15:54:40 -06:00
Jason Wilder
fc619d63ad Merge pull request #460 from kumy/patch-1
Fix a typo in comment
2016-06-12 15:28:40 -06:00
Jason Wilder
c36b42933d Merge pull request #462 from kamermans/master
Disable HSTS when HTTPS_METHOD=noredirect
2016-06-12 15:28:08 -06:00
Jason Wilder
a0dee5c833 Remove -only-exposed from separate container instructions 2016-06-12 15:25:32 -06:00
Jason Wilder
fdfb0becd2 Merge pull request #480 from jwilder/jw-certs
Fix template error when /etc/nginx/certs does not exist
2016-06-12 14:28:35 -06:00
Jason Wilder
fdf93cafba Add docker-compose.yml v2 example 2016-06-12 14:10:46 -06:00
Jason Wilder
b325dad98d Remove -only-exposed from Procfile 2016-06-12 14:10:46 -06:00