mirror of
https://github.com/NginxProxyManager/nginx-proxy-manager.git
synced 2025-08-03 07:53:39 +00:00
docker hub changes/disable 0-rtt/enable request limits
Signed-off-by: Zoey <zoey@z0ey.de>
This commit is contained in:
Zoey
13
.github/workflows/docker-latest.yml
vendored
13
.github/workflows/docker-latest.yml
vendored
@@ -11,17 +11,20 @@ jobs:
|
||||
with:
|
||||
username: ${{ secrets.DOCKER_USERNAME }}
|
||||
password: ${{ secrets.DOCKER_PASSWORD }}
|
||||
- name: Convert Username
|
||||
id: un
|
||||
run: echo "un=$(echo "${{ github.repository_owner }}" | tr '[:upper:]' '[:lower:]')" >> $GITHUB_OUTPUT
|
||||
- name: Login to GitHub Container Registry
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
registry: ghcr.io
|
||||
username: ${{ secrets.DOCKER_USERNAME }}
|
||||
username: ${{ steps.un.outputs.un }}
|
||||
password: ${{ github.token }}
|
||||
- name: Push develop to latest
|
||||
run: |
|
||||
docker buildx imagetools create --tag ${{ secrets.DOCKER_USERNAME }}/${{ github.event.repository.name }}:latest ${{ secrets.DOCKER_USERNAME }}/${{ github.event.repository.name }}:${{ github.ref_name }}
|
||||
docker buildx imagetools create --tag ghcr.io/${{ secrets.DOCKER_USERNAME }}/${{ github.event.repository.name }}:latest ghcr.io/${{ secrets.DOCKER_USERNAME }}/${{ github.event.repository.name }}:${{ github.ref_name }}
|
||||
docker buildx imagetools create --tag ${{ steps.un.outputs.un }}/${{ github.event.repository.name }}:latest ${{ steps.un.outputs.un }}/${{ github.event.repository.name }}:${{ github.ref_name }}
|
||||
docker buildx imagetools create --tag ghcr.io/${{ steps.un.outputs.un }}/${{ github.event.repository.name }}:latest ghcr.io/${{ steps.un.outputs.un }}/${{ github.event.repository.name }}:${{ github.ref_name }}
|
||||
- name: Show Nginx version
|
||||
run: |
|
||||
docker run --rm --entrypoint nginx ${{ secrets.DOCKER_USERNAME }}/${{ github.event.repository.name }}:latest -V
|
||||
docker run --rm --entrypoint nginx ghcr.io/${{ secrets.DOCKER_USERNAME }}/${{ github.event.repository.name }}:latest -V
|
||||
docker run --rm --entrypoint nginx ${{ steps.un.outputs.un }}/${{ github.event.repository.name }}:latest -V
|
||||
docker run --rm --entrypoint nginx ghcr.io/${{ steps.un.outputs.un }}/${{ github.event.repository.name }}:latest -V
|
||||
|
||||
11
.github/workflows/docker.yml
vendored
11
.github/workflows/docker.yml
vendored
@@ -60,11 +60,14 @@ jobs:
|
||||
with:
|
||||
username: ${{ secrets.DOCKER_USERNAME }}
|
||||
password: ${{ secrets.DOCKER_PASSWORD }}
|
||||
- name: Convert Username
|
||||
id: un
|
||||
run: echo "un=$(echo "${{ github.repository_owner }}" | tr '[:upper:]' '[:lower:]')" >> $GITHUB_OUTPUT
|
||||
- name: Login to GitHub Container Registry
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
registry: ghcr.io
|
||||
username: ${{ secrets.DOCKER_USERNAME }}
|
||||
username: ${{ steps.un.outputs.un }}
|
||||
password: ${{ github.token }}
|
||||
- name: Build
|
||||
uses: docker/build-push-action@v4
|
||||
@@ -73,8 +76,8 @@ jobs:
|
||||
file: ./Dockerfile
|
||||
platforms: linux/amd64,linux/arm64 #,linux/amd64/v2,linux/amd64/v3,linux/amd64/v4 #,linux/ppc64le,linux/s390x,linux/386,linux/arm/v7,linux/arm/v6
|
||||
push: ${{ github.ref == 'refs/heads/develop' }}
|
||||
tags: "ghcr.io/${{ secrets.DOCKER_USERNAME }}/${{ github.event.repository.name }}:${{ github.ref_name }}\n${{ secrets.DOCKER_USERNAME }}/${{ github.event.repository.name }}:${{ github.ref_name }}\n \n"
|
||||
tags: "ghcr.io/${{ steps.un.outputs.un }}/${{ github.event.repository.name }}:${{ github.ref_name }}\n${{ steps.un.outputs.un }}/${{ github.event.repository.name }}:${{ github.ref_name }}\n \n"
|
||||
- name: show version
|
||||
run: |
|
||||
docker run --rm --entrypoint nginx ${{ secrets.DOCKER_USERNAME }}/${{ github.event.repository.name }}:${{ github.ref_name }} -V
|
||||
docker run --rm --entrypoint nginx ghcr.io/${{ secrets.DOCKER_USERNAME }}/${{ github.event.repository.name }}:${{ github.ref_name }} -V
|
||||
docker run --rm --entrypoint nginx ${{ steps.un.outputs.un }}/${{ github.event.repository.name }}:${{ github.ref_name }} -V
|
||||
docker run --rm --entrypoint nginx ghcr.io/${{ steps.un.outputs.un }}/${{ github.event.repository.name }}:${{ github.ref_name }} -V
|
||||
|
||||
11
.github/workflows/pull-request.yml
vendored
11
.github/workflows/pull-request.yml
vendored
@@ -58,11 +58,14 @@ jobs:
|
||||
uses: docker/setup-buildx-action@v2
|
||||
with:
|
||||
driver-opts: env.BUILDKIT_STEP_LOG_MAX_SIZE=-1
|
||||
- name: Convert Username
|
||||
id: un
|
||||
run: echo "un=$(echo "${{ github.repository_owner }}" | tr '[:upper:]' '[:lower:]')" >> $GITHUB_OUTPUT
|
||||
- name: Login to GitHub Container Registry
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
registry: ghcr.io
|
||||
username: ${{ secrets.DOCKER_USERNAME }}
|
||||
username: ${{ steps.un.outputs.un }}
|
||||
password: ${{ github.token }}
|
||||
- name: Set PR-Number
|
||||
id: pr
|
||||
@@ -74,11 +77,11 @@ jobs:
|
||||
file: ./Dockerfile
|
||||
platforms: linux/amd64,linux/arm64 #,linux/amd64/v2,linux/amd64/v3,linux/amd64/v4 #,linux/ppc64le,linux/s390x,linux/386,linux/arm/v7,linux/arm/v6
|
||||
push: ${{ github.event_name == 'pull_request' }}
|
||||
tags: ghcr.io/${{ secrets.DOCKER_USERNAME }}/${{ github.event.repository.name }}:${{ steps.pr.outputs.pr }}
|
||||
tags: ghcr.io/${{ steps.un.outputs.un }}/${{ github.event.repository.name }}:${{ steps.pr.outputs.pr }}
|
||||
- name: show version
|
||||
run: docker run --rm --entrypoint nginx ghcr.io/${{ secrets.DOCKER_USERNAME }}/${{ github.event.repository.name }}:${{ steps.pr.outputs.pr }} -V
|
||||
run: docker run --rm --entrypoint nginx ghcr.io/${{ steps.un.outputs.un }}/${{ github.event.repository.name }}:${{ steps.pr.outputs.pr }} -V
|
||||
- name: add comment
|
||||
uses: mshick/add-pr-comment@v2
|
||||
with:
|
||||
message: "The Docker Image can now be found here: `ghcr.io/${{ secrets.DOCKER_USERNAME }}/${{ github.event.repository.name }}:${{ steps.pr.outputs.pr }}`"
|
||||
message: "The Docker Image can now be found here: `ghcr.io/${{ steps.un.outputs.un }}/${{ github.event.repository.name }}:${{ steps.pr.outputs.pr }}`"
|
||||
repo-token: ${{ github.token }}
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
FROM zoeyvid/nginx-quic:84
|
||||
FROM zoeyvid/nginx-quic:87
|
||||
COPY rootfs /
|
||||
COPY backend /app
|
||||
COPY global /app/global
|
||||
|
||||
@@ -25,7 +25,7 @@ proxying hosts with TLS termination and it had to be so easy that a monkey could
|
||||
While there might be advanced options they are optional and the project should be as simple as possible
|
||||
so that the barrier for entry here is low.
|
||||
|
||||
### Sponsor the original creator (not me):
|
||||
### Sponsor the original creator (not us):
|
||||
<a href="https://www.buymeacoffee.com/jc21" target="_blank"><img src="http://public.jc21.com/github/by-me-a-coffee.png" alt="Buy Me A Coffee" style="height: 51px !important;width: 217px !important;" ></a>
|
||||
|
||||
|
||||
|
||||
@@ -26,13 +26,13 @@
|
||||
"objection": "2.2.18",
|
||||
"path": "0.12.7",
|
||||
"signale": "1.4.0",
|
||||
"sqlite3": "5.1.4",
|
||||
"sqlite3": "5.1.5",
|
||||
"temp-write": "4.0.0"
|
||||
},
|
||||
"author": "Jamie Curnow <jc@jc21.com>",
|
||||
"license": "MIT",
|
||||
"devDependencies": {
|
||||
"eslint": "8.35.0",
|
||||
"eslint": "8.36.0",
|
||||
"eslint-plugin-align-assignments": "1.1.2"
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,6 +1,5 @@
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Port $server_port;
|
||||
proxy_set_header Early-Data $ssl_early_data;
|
||||
proxy_set_header X-Forwarded-Scheme $scheme;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
|
||||
@@ -1,8 +1,6 @@
|
||||
ssl_stapling on;
|
||||
ssl_stapling_verify on;
|
||||
|
||||
ssl_early_data on;
|
||||
|
||||
ssl_session_timeout 1d;
|
||||
ssl_session_cache shared:MozSSL:10m; # about 40000 sessions
|
||||
ssl_session_tickets off;
|
||||
|
||||
@@ -53,6 +53,9 @@ http {
|
||||
proxy_headers_hash_max_size 1024;
|
||||
proxy_headers_hash_bucket_size 128;
|
||||
|
||||
limit_req_zone $binary_remote_addr zone=one:10m rate=200r/s;
|
||||
limit_req zone=one burst=2000;
|
||||
|
||||
# Default upstream scheme
|
||||
map $host $forward_scheme {
|
||||
default http;
|
||||
|
||||
@@ -1,23 +0,0 @@
|
||||
#!/bin/bash -e
|
||||
|
||||
DOCKER_IMAGE=nginxproxymanager/nginx-full:certbot-node
|
||||
docker pull "${DOCKER_IMAGE}"
|
||||
|
||||
# Test
|
||||
docker run --rm \
|
||||
-v "$(pwd)/backend:/app" \
|
||||
-v "$(pwd)/global:/app/global" \
|
||||
-w /app \
|
||||
"${DOCKER_IMAGE}" \
|
||||
sh -c 'yarn install && yarn eslint . && rm -rf node_modules'
|
||||
|
||||
# Build
|
||||
docker build --pull --no-cache --squash --compress \
|
||||
-t "${IMAGE}:ci-${BUILD_NUMBER}" \
|
||||
-f docker/Dockerfile \
|
||||
--build-arg TARGETPLATFORM=linux/amd64 \
|
||||
--build-arg BUILDPLATFORM=linux/amd64 \
|
||||
--build-arg BUILD_VERSION="${BUILD_VERSION}" \
|
||||
--build-arg BUILD_COMMIT="${BUILD_COMMIT}" \
|
||||
--build-arg BUILD_DATE="$(date '+%Y-%m-%d %T %Z')" \
|
||||
.
|
||||
Reference in New Issue
Block a user