1
0
mirror of https://github.com/thib8956/nginx-proxy synced 2024-11-22 20:06:30 +00:00
Commit Graph

82 Commits

Author SHA1 Message Date
Steve Kamerman
374b1256cd Add HTTPS_METHOD=https to disable SSL site 2016-10-01 11:22:48 -04:00
Chulki Lee
4661bf4dd9 add ssl_session_tickets to default site
Fixes #580
2016-09-23 21:58:09 -07:00
pvlg
fe9a538ec8 Replace "replace" to "trimSuffix"
I have a domain key-mydomain.com. When I add domain www.key-mydomain.com with ssl cert I did not get the desired result. Function replace cut name ssl cert "www.key-mydomain.com.key" to "www-mydomain.com".
2016-09-17 16:53:01 +03:00
mplx
37323320c8 do not enable HSTS for subdomains 2016-09-12 09:46:59 +02:00
Jason Wilder
ec7169c112 Merge pull request #323 from pabra/master
connect to uWSGI backends
2016-09-09 14:16:08 -06:00
Ruben
87879c1ee2 Update ciphers and HTST settings to get A+ rating
The default config gets you an 'A' rating. Cipher settings are copied from [Mozilla SSL Configartion Generator](https://mozilla.github.io/server-side-tls/ssl-config-generator/?server=nginx-1.10.1&openssl=1.0.1t&hsts=yes&profile=intermediate)
2016-09-01 11:34:56 +02:00
Steve Kamerman
fd127517b9 Added comments about httpoxy 2016-07-19 11:03:41 -04:00
Steve Kamerman
357d58ad97 Mitigate httpoxy attack (httpoxy.org, CVE-2016-(5385-5388,1000109-1000110) 2016-07-18 13:34:37 -04:00
Jason Wilder
580517725f Revert 9c93efa 2016-06-13 00:10:49 -06:00
Jason Wilder
d1e6e1c0be Merge pull request #344 from schmunk42/feature/error-code
changed error code for non-usable/default SSL cert, fixes #341
2016-06-12 15:54:40 -06:00
Jason Wilder
fc619d63ad Merge pull request #460 from kumy/patch-1
Fix a typo in comment
2016-06-12 15:28:40 -06:00
Jason Wilder
c36b42933d Merge pull request #462 from kamermans/master
Disable HSTS when HTTPS_METHOD=noredirect
2016-06-12 15:28:08 -06:00
Jason Wilder
9c93efaef9 Fix template error when /etc/nginx/certs does not exist 2016-06-12 14:10:40 -06:00
Steve Kamerman
da3e257843 Removed HSTS when HTTPS_METHOD=noredirect, added tests, improved docs wrt HSTS 2016-05-19 23:20:43 -04:00
kumy
8c76ea9f9b Fix a typo in comment 2016-05-17 01:46:46 +02:00
Jason Wilder
5b9264d945 Merge pull request #298 from kamermans/master
Added env var to disable SSL redirect
2016-05-01 17:45:45 -06:00
Baptiste Donaux
ebab7cf2b9 [TEMPLATE] fix variable call 2016-02-23 13:59:30 +01:00
Baptiste Donaux
658e20f661 Support container in one network shared with current container 2016-02-05 09:16:43 +01:00
Tobias Munk
b4e5f780e3 changed error code for non-usable/default SSL cert, fixes #341 2016-01-21 12:31:03 +01:00
Baptiste Donaux
a66115f560 Use new Network interface to support new overlay network 2016-01-17 12:29:55 +01:00
pabra
51c219d651 connect to uWSGI backends 2015-12-22 21:20:44 +01:00
Steve Kamerman
97c6340a9f Implemented HTTPS noredir 2015-11-20 17:37:06 -05:00
Steve Kamerman
9dd6ad8503 First try at HTTPS_METHOD 2015-11-20 16:53:50 -05:00
Marius Gundersen
1e0b930174 trim whitespace from host and port
based on latest docker-gen
2015-10-13 21:48:59 +02:00
Jonas Svatos
5c2280df84 fix condition for default config location
Signed-off-by: Jonas Svatos <jonas.svatos@etnetera.cz>
2015-10-08 12:03:28 +02:00
Mike Dillon
6b5e12a946 Add missing access_log statement to HTTPS fallback 2015-10-06 21:18:00 -07:00
Aleš Roubíček
e06d5917a2 Use HTTP/2 instead of SPDY 2015-09-23 17:48:40 +02:00
Aleš Roubíček
249fb204f1 Use HTTP/2 instead of SPDY 2015-09-23 17:47:18 +02:00
Jason Wilder
8c193ba7e1 Merge pull request #215 from gradecam/feature/customize_improvements
customizability improvements
2015-09-12 15:23:53 -06:00
Jason Wilder
bddb647b5f Merge pull request #230 from appropriate/remove_duplicate_access_log_entries
Remove duplicate access log entries
2015-09-12 15:12:31 -06:00
Mike Dillon
900a676af8 Move access_log from the http level to server
This prevents duplicate access_log entries from being written for each request
2015-09-03 08:33:33 -07:00
CoreOS Admin
ae0da36d75 Fix bugs in config file from refactor 2015-08-29 18:38:43 -06:00
Ray Walker
d066bd32e0 Fix for #188 - add SSL server block outside hosts loop 2015-08-26 18:35:47 +10:00
Ray Walker
d3f56468b1 Fix for #188 - remove hostname from default SSL block 2015-08-26 12:49:59 +10:00
Mike Dillon
924fcd7984 Remove error_log setting from nginx.tmpl
It's already set correctly in nginx.conf
2015-08-23 09:00:23 -07:00
Richard Bateman
405f4876b9 As per pull request feedback, update names to be consistent 2015-08-14 12:26:19 -06:00
Richard Bateman
d9ee7ed704 Add support for adding options to the location block of a vhost 2015-08-14 12:26:19 -06:00
Richard Bateman
b131b00e19 Add support for vhosts.d/defaults file with default vhost options
- Only used if it exists and a vhost-specific one doesn't
2015-08-14 12:26:19 -06:00
Richard Bateman
2eff96969a Add support for overriding default proxy settings
- If /etc/nginx/proxy.conf exists use that, otherwise use the default
2015-08-14 12:26:07 -06:00
Wolfgang Ebner
6965b1ead4 fallback when DEFAULT_HOST is not set 2015-07-26 11:38:45 +02:00
Wolfgang Ebner
b0647dd5e9 set default_server also for https 2015-07-24 10:39:56 +02:00
Viranch Mehta
4f5351265a Use define & template for re-usable blocks of upstream server template 2015-07-15 20:51:10 +05:30
Viranch Mehta
784507df1a Cascade two else blocks into one using coalesce on VIRTUAL_PORT and 80
This also takes care of the case when VIRTUAL_PORT is not actually
exposed.
2015-07-11 01:19:44 +05:30
Viranch Mehta
c4923d1f58 Use container host's IP:port if we're connected to a swarm master 2015-07-04 18:43:52 +05:30
Mike Dillon
f36ca3d7a3 Prevent generating broken config
Fixes #115
2015-06-23 17:05:12 -07:00
Kuo-Cheng Yeu
d74a4146c8 fix indention, and file nameing 2015-05-21 23:43:09 +08:00
Kuo-Cheng Yeu
a10d1b50bf add support for ssl_dhparams to prevent 'Logjam' attack 2015-05-21 15:19:58 +08:00
Jason Wilder
503072c03f Merge pull request #72 from BenHall/default_host
Ability to set a default host for nginx
2015-05-14 10:00:04 -06:00
Markus Kosmal
b680fb003e Close marker instead of empty 2015-05-09 23:15:26 +02:00
Kuo-Cheng Yeu
4d2403b5d7 Add SPDY support 2015-04-29 14:41:25 +08:00