thib8956/nginx-proxy
1
0
Fork 0
mirror of https://github.com/thib8956/nginx-proxy synced 2026-04-19 18:39:39 +00:00
Code Issues Releases Wiki Activity
1,542 Commits 3 Branches 6 Tags
6ebf9d6fac704d5c5586fcd4d88ec6b88ff842de
Commit Graph

68 Commits

Author SHA1 Message Date
Nicolas Duchon 6ebf9d6fac Merge pull request #2587 from antoniomika/am/proxy-protocol 
Proxy Protocol Support
 2025-07-27 16:15:32 +02:00
Nicolas Duchon 121e7020fc docs: add proxy protocol to configuration summary 2025-07-27 15:27:56 +02:00
Antonio Mika 4c86502dc4 docs: fix spelling 
Co-authored-by: Niek <100143256+SchoNie@users.noreply.github.com>
 2025-07-27 15:24:02 +02:00
Antonio Mika 872e5b5646 feat: global proxy protocol support 2025-07-27 15:23:46 +02:00
JamBalaya56562 8911ceffaf docs: bump docker image version 2025-07-27 09:22:12 +09:00
Niek 76fc9bbdab docs: note about CRL expiration 2025-07-09 13:00:26 +02:00
Niek df85d14f6c docs: note about global and per-vhost CRL 2025-06-10 10:40:54 +02:00
Niek 7edf50a9e5 docs: SSL client certificate validation mTLS 2025-06-04 15:42:25 +02:00
Nicolas Duchon f4c297995d docs: config summary 2025-05-24 11:05:17 +02:00
Povilas Kanapickas 4c8f22ebcc feat: support ACME challenges for unknown virtual hosts 
Currently any ACME challenge for unknown virtual host returns 503. This
is inconvenient because if the user does not use wildcard certificates,
then the user must match the configuration of certificate renewal script
to what virtual hosts are enabled at the time.

This must be done automatically, because due to short certificate
lifetime the renewal script runs automatically. Additionally, enabling a
previously disabled virtual host forces certificate renewal.

Accordingly, it's worthwhile supporting unknown virtual hosts for the
purposes of passing ACME challenges. This is done by introducing a
global ACME_HTTP_CHALLENGE_ACCEPT_UNKNOWN_HOST variable to control this.
 2025-05-19 20:10:02 +02:00
Nicolas Duchon a1372d2a9b docs: standadize docker cli invocation style 2025-05-18 20:39:59 +02:00
Nicolas Duchon 145278b0ae Merge pull request #2279 from Knapoc/network-segregation-seperate-containers 
feat: allow nginx / docker-gen network segregation
 2025-05-15 13:18:29 +02:00
Nicolas Duchon eb9f0f31d7 docs: add NGINX_CONTAINER_LABEL to docs 2025-05-11 13:05:12 +02:00
uak f091544c27 Clear instruction for naming of htpasswd file 
Previous instructions could make the impression that user have to create a directory named as the virtual host and also a file named as the virutal host.
 2025-05-03 08:14:06 +00:00
Knapoc 9711ade7a6 feat: allow nginx / docker-gen network segregation 
* fix merge conflicts
 2025-04-22 11:58:44 +02:00
Povilas Kanapickas c646aeebc9 docs: Add a note about configuration ordering in /etc/nginx/conf.d 
Users may not be aware that the filename chosen to add extra
configuration in /etc/nginx/conf.d may interfere with nginx-proxy.
nginx-proxy stores its configuration at /etc/nginx/conf.d/default.conf.
Any files that come before default.conf in alphabetical order will be
applied before default.conf and vice-versa.

This is confusing, because the documentation does not specify how
exactly nginx-proxy interacts with nginx.

This can be remedied by a simple note alerting the users of the
importance of filename choices.
 2025-04-09 01:26:59 +03:00
Marukome0743 ec5343cc46 docs: bump docker image version 2025-03-10 17:23:09 +09:00
Nicolas Duchon 18030a7896 Merge pull request #1737 from junderw/fix-redirect 
feat: redirect non-GET methods using 308 instead of 301
 2025-01-18 22:03:27 +01:00
Nicolas Duchon 9312d5239a docs: typo 2025-01-18 20:25:01 +01:00
Nicolas Duchon 9fc7cec15c feat: customizable non get redirect code 2025-01-18 20:25:01 +01:00
junderw 1859811311 feat: redirect using 308 for non-GET requests 2025-01-18 20:25:01 +01:00
Nicolas Duchon fbad3ac3fc chore: docker compose version is obsolete 2024-12-18 02:08:46 +01:00
Nicolas Duchon 0c4be4e90f docs: better custom config examples 
plus a few minor fixes and some linting
 2024-12-09 00:17:48 +01:00
Nicolas Duchon a25b7ea1ef docs: add proto to VIRTUAL_HOST_MULTIPORTS 2024-12-08 14:06:38 +01:00
Nicolas Duchon 3c5bbcf029 docs: clarify certificate selection 2024-12-08 13:11:50 +01:00
Nicolas Duchon baa2ce5e8b docs: IPv6 support for docker networks 2024-12-01 22:41:09 +01:00
Nicolas Duchon 07b469d8ac docs: default certificate optional trust 2024-12-01 19:58:30 +01:00
Nicolas Duchon 023a3d17da fix: force enable HTTP when both vhost and default cert are missing 2024-11-03 21:06:23 +01:00
Nicolas Duchon 57e503c830 feat: trust default certificate 2024-11-03 20:10:32 +01:00
Nicolas Duchon 7c003a4aa4 docs: markdown linting 2024-12-02 09:21:03 +01:00
Niek b4c2b0dd5e Extra newline for readability 2024-11-27 20:17:00 +01:00
Niek 12b482a7ea Change regular expression tip to note 2024-11-27 20:15:08 +01:00
Niek c6664335b7 Alerts Markdown 
Use [Alerts Markdown extension](https://docs.github.com/en/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax#alerts) available since [December 2023](https://github.blog/changelog/2023-12-14-new-markdown-extension-alerts-provide-distinctive-styling-for-significant-content/) to better indicate the significance of the content for some documentation.
 2024-11-27 09:19:25 +01:00
Niek 627b6ad75f Remove experimental label 
Remove experimental label.
 2024-11-26 10:34:28 +01:00
Nicolas Duchon 52ffab1ce6 feat: enable keepalive by default 2024-11-25 09:16:57 +01:00
Nicolas Duchon fbf3e2f458 docs: complete debug endpoint docs 2024-11-03 11:44:50 +01:00
Nicolas Duchon 32ad9b7102 feat: protection against too long debug response 2024-11-02 16:04:21 +01:00
Nicolas Duchon 7dafac8b87 docs: documentation for debug endpoint 2024-11-02 16:04:21 +01:00
Nicolas Duchon 5baf4a163f docs: update docs regex file name change 2024-11-01 21:36:00 +01:00
Nicolas Duchon 5ec120a296 docs: TLSv1/TLSv1.1 work on the alpine image too 2024-10-16 12:25:21 +02:00
Nicolas Duchon 8417046748 Merge pull request #2510 from liuxiaoy/patch-1 
fix: correctly enable TLSv1 and TLSv1.1
 2024-10-12 19:33:33 +02:00
Nicolas Duchon ac0a4ca826 docs: warn about TLSv1 / TLSv1.1 being available only on debian 2024-10-06 16:01:58 +02:00
Nicolas Duchon 712a7ef176 fix: reject SSL handshake rather than using empty certificate 2024-10-03 09:57:20 +02:00
Niek 705dfa090b docs: update version in README.md 2024-06-10 09:42:07 +02:00
Gilles Filippini 60b123d249 feat: ENABLE_HTTP_ON_MISSING_CERT variable 
Default: true
 2024-06-06 11:26:17 +02:00
Nicolas Duchon cea905ff88 docs: typo 
Co-authored-by: Niek <100143256+SchoNie@users.noreply.github.com>
 2024-06-05 15:55:49 +02:00
Nicolas Duchon 714fa25704 style: docs linting 2024-06-05 08:47:39 +02:00
Nicolas Duchon 4bd542de99 feat: handle acme challenge location by default 2024-06-05 08:47:11 +02:00
Niek 7922c925af chore: spelling fixes for #2468 (#2471) 2024-05-31 17:07:07 +02:00
pini-gh 9cf736f1f8 feat: variable ACME_HTTP_CHALLENGE_LOCATION (#2468) 
Values:
* `legacy` (default): generate location blocks for ACME HTP Challenge
  excepted when `HTTPS_METHOD=noredirect` or there is no certificate for
  the domain
* `true`: generate location blocks for ACME HTP Challenge in all cases
* `false`: do not generate location blocks for ACME HTP Challenge

This feature is currently needed because acme-companion may generate
the HTTP Challenge configuration while it was done already by nginx-proxy
(see #2465#issuecomment-2136361373).

Also sometimes a hardcoded ACME challenge location is not wanted because
the challenge validation is not done with acme-companion / Let's Encrypt,
and with a challenge location setup differently.
 2024-05-31 00:10:44 +02:00