1
0
mirror of https://github.com/thib8956/nginx-proxy synced 2025-07-01 14:25:46 +00:00
Commit Graph

77 Commits

Author SHA1 Message Date
824c424d53 Merge pull request #77 from jperville/allow-longer-virtual-host-names
Allow for even longer virtual host names (should work to at least 50 chars).
2015-01-12 16:45:50 -07:00
07793dbc48 Merge pull request #81 from asmundg/x-gzip-javascript
Gzip application/javascript
2015-01-12 16:34:19 -07:00
67933f0e29 Merge pull request #84 from wenlock/master
Adding license for usage
2015-01-08 12:37:24 -07:00
231fe01c81 Adding license for usage
Adding a license so we can use it with other projects.
2015-01-08 11:29:04 -08:00
36039f8e13 Gzip application/javascript
As per RFC4329, nginx uses application/javascript as the default MIME
type for .js files. Nginx-proxy will now gzip these files if the client
requests it.
2015-01-05 13:31:26 +01:00
d7e499e4e6 Allow for even longer virtual host names (should work to at least 50 chars). 2015-01-02 10:49:21 +06:30
6d646d92f8 Basic Authentication Support 2014-12-19 16:26:42 -07:00
56b4a2e182 Fix README grammar 2014-12-15 12:30:58 -07:00
654e037741 Merge pull request #65 from josephpage/patch-1
Bump to nginx 1.7.8
2014-12-13 16:59:29 -07:00
e546afd4bc Merge pull request #66 from maxcnunes/fix-server-name-max-length
fixes problem to set server name max length…
2014-12-13 16:56:57 -07:00
10bc94f6db fixes problem to set server name max length…
current base image does not have commented configurations which means is impossible to use the previous configuration to set the server name max length
2014-12-13 10:00:45 -02:00
a668579392 Bump to nginx 1.7.8 2014-12-10 11:37:44 +01:00
4a38297009 Merge pull request #62 from md5/log-format-host
Add $host to logs
2014-12-08 10:23:31 -07:00
ac1f2d8875 Include Host or SERVER_NAME in logs 2014-12-06 17:46:25 -08:00
54b9043323 Remove redundant access_log and error_log 2014-12-06 17:45:59 -08:00
1aef35678e Merge branch 'thaJeztah-switch-to-nginx-image' 2014-12-03 11:15:33 -07:00
db924dba76 Use nginx:1.7.7 2014-12-03 11:12:01 -07:00
080a5157e6 Remove OCSP stapling
Looks like it was not actually working before and failing silently
because ssl_trusted_certificate was not specified.  Will need to
revisit implementing this functionality so removing it for now
to prevent the warnings logged by nginx now.
2014-12-03 11:06:11 -07:00
3c5843264e Switch to official nginx base-image.
This changes the base-image to the official nginx image,
reducing the virtual size of the image by approx 50%.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2014-12-03 10:20:58 +01:00
0580726415 Ensure cert exists before referencing it 2014-12-02 23:29:00 -07:00
35b81f5092 Fix separate containers instructions 2014-12-02 16:17:58 -07:00
50839742f2 Grammar/formatting 2014-12-02 14:43:50 -07:00
61c3933e0e Merge pull request #56 from jwilder/jw-https
Add SSL Support
2014-12-01 17:40:44 -07:00
51c5c172ee Update README w/ SSL docs 2014-11-27 12:49:44 -07:00
2e43a5459b Add SSL support
This adds SSL support for containers.  It supports single host
certificates, wildcards and SNI using naming conventions for
certificates or optionally specify a cert name (for SNI).  The SSL
cipher configuration is based on mozilla intermediate profile which
should provide compatibility with clients back to Firefox 1, Chrome 1,
IE 7, Opera 5, Safari 1, Windows XP IE8, Android 2.3, Java 7.  The
configuration also enables OCSP stapling, HSTS, and ssl session caches.

To enable SSL, nginx-proxy should be started w/ -p 443:443 and -v
/path/to/certs:/etc/nginx/certs.  Certificates must be named:
<virtualhost>.crt and <virtualhost>.key where <virtualhost> matches
the a value of VIRTUAL_HOST on a container.

For wildcard certificates, the certificate and private key should be
named after the wildcard domain with .crt and .key suffixes.  For example,
*.example.com should be name example.com.crt and example.com.key.

For SNI where a certificate may be used for multiple domain names, the
container can specify a CERT_NAME env var that corresponds to the base
file name of the certificate and key.  For example, if you have a cert
allowing *.example.com and *.bar.com, it can be name shared.crt and
shared.key.  A container can use that cert by having CERT_NAME=shared and
VIRTUAL_HOST=foo.example.com.  The name "shared" is arbitrary and can
be whatever makes sense.

The behavior for the proxy when port 80 and 443 is defined is as
follows:

* If a container has a usable cert, port 80 will redirect to
443 for that container to always prefer HTTPS when available.
* If the container does not have a usable cert 503 will be returned.

In the last case, a self-signed or generic cert can be defined as
"default.crt" and "default.key" which will allow a client browser to
at least make a SSL connection.
2014-11-27 12:49:38 -07:00
7c4d0d22ac upgrade to docker-gen 0.3.6 2014-11-26 15:48:17 -07:00
20093a1f83 Merge pull request #52 from thaJeztah/optimize-dockerfile
Optimize Dockerfile.
2014-11-26 10:38:23 -07:00
d68be71a3f Optimize Dockerfile.
This optimizes the Dockerfile by;

- Combining RUN statements so that files are removed in the
  same layer as they are added.
- Removing the downloaded .tar.gz of the docker-gen binary
  after expanding
- Adding `--no-install-recommends` (but explicitly installing
  ca-certificates)
- Replacing `ADD` with `COPY` (recommended if no unpacking is
  required)

Also added a `.dockerignore` file to prevent the `.git` directory
and README.md being added to the image.

These changes reduce the size of the image with 34 MB (was 268.4 MB,
now 233.9 MB), and results in less layers being produced.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2014-11-26 11:00:01 +01:00
1a03ac35c6 Merge pull request #49 from md5/reduce-redundancy
Simplify template output
2014-11-25 17:58:57 -07:00
0306692b31 Move gzip_types, access_log, and error_log to http 2014-11-25 16:56:16 -08:00
a84aee4a84 Drop unused index variables from range statement 2014-11-25 16:56:16 -08:00
3414a02edf Make template more readable
* $value -> $container
2014-11-25 16:56:16 -08:00
e1bbe8cde0 Raise proxy_buffering statement to http level 2014-11-25 16:56:16 -08:00
5b9e8c4554 Move settings that don't differ per container to the top level 2014-11-25 16:56:16 -08:00
a912287461 Merge pull request #50 from bettse/master
Typo in readme
2014-11-16 08:45:12 -08:00
f117bfa5f3 Typo in readme 2014-11-15 20:47:38 -08:00
55878cd36c Merge pull request #46 from md5/connection-upgrade
Send "Connection: upgrade" when "Upgrade" header is received
2014-10-30 10:23:16 -06:00
6c2221bdcc Set "Connection: upgrade" when we receive an "Upgrade" header
Fixes #37
2014-10-25 17:13:17 -07:00
0028cdafe9 Add comment about X-Forwarded-Proto mapping 2014-10-25 17:13:04 -07:00
2c9d9ab74a Merge pull request #44 from synctree/docker-gen-0.3.4
Update to docker-gen 0.3.4
2014-10-22 17:50:05 -06:00
ddfd8ef8f4 Update to docker-gen 0.3.4 2014-10-22 16:32:50 -07:00
d7ffc052ab Merge pull request #41 from synctree/pass-through-x-forwarded-proto
Pass through X-Forwarded-Proto
2014-10-22 16:37:20 -06:00
199f18da07 Pass through X-Forwarded-Proto
* Creates a $proxy_x_forwarded_proto variable that is set to the
  X-Forwarded-Proto header passed by the client or else the $scheme
2014-10-22 15:18:46 -07:00
94f3d9849f Inline /etc/nginx/proxy_params
/etc/nginx/proxy_params does not exist in the official nginx image.
2014-10-22 10:42:22 -06:00
935aee2f91 Merge pull request #43 from mrmayfield/patch-1
Update README.md
2014-10-21 21:20:54 -06:00
1699879271 Update README.md
Fix typo
2014-10-21 20:39:34 -06:00
b71c45abc0 Fix command line usage 2014-10-21 18:29:31 -06:00
e0bf18f041 Add separate container instructions
Fixes #34
Fixes #5
2014-10-21 18:21:05 -06:00
941f3cc9d2 Merge pull request #35 from vegasbrianc/master
Added the updated Bash
2014-09-25 08:30:37 -06:00
1404ecacf9 Upgrade Bash
Updated Dockerfile in order to update/upgrade bash to fix the security bug found by Red Hat https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/
2014-09-25 12:59:36 +02:00