ThatGuyJack/nginx-proxy-manager
1
0
Fork 0
mirror of https://github.com/NginxProxyManager/nginx-proxy-manager.git synced 2025-06-18 10:06:26 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge branch 'NginxProxyManager:develop' into develop-crowdsec

Browse Source
This commit is contained in:
Brian Munro
2024-01-15 06:34:14 +02:00
committed by GitHub
parent 9827c0b202 9f16dae2ff
commit a108a5d316
54 changed files with 5815 additions and 12080 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
docker/Dockerfile
View File

@ -3,7 +3,7 @@
# This file assumes that the frontend has been built using ./scripts/frontend-build
FROM jc21/nginx-full:certbot-node
FROM nginxproxymanager/nginx-full:certbot-node
ARG TARGETPLATFORM
ARG BUILD_VERSION
@ -20,7 +20,8 @@ ENV SUPPRESS_NO_CONFIG_WARNING=1 \
NODE_ENV=production \
NPM_BUILD_VERSION="${BUILD_VERSION}" \
NPM_BUILD_COMMIT="${BUILD_COMMIT}" \
NPM_BUILD_DATE="${BUILD_DATE}"
NPM_BUILD_DATE="${BUILD_DATE}" \
NODE_OPTIONS="--openssl-legacy-provider"
RUN echo "fs.file-max = 65535" > /etc/sysctl.conf \
&& apt-get update \
@ -47,11 +48,9 @@ COPY docker/rootfs /
# Remove frontend service not required for prod, dev nginx config as well
RUN rm -rf /etc/s6-overlay/s6-rc.d/user/contents.d/frontend /etc/nginx/conf.d/dev.conf \
&& chmod 644 /etc/logrotate.d/nginx-proxy-manager \
&& pip uninstall --yes setuptools \
&& pip install --no-cache-dir "setuptools==58.0.0"
&& chmod 644 /etc/logrotate.d/nginx-proxy-manager
VOLUME [ "/data", "/etc/letsencrypt" ]
VOLUME [ "/data" ]
ENTRYPOINT [ "/init" ]
LABEL org.label-schema.schema-version="1.0" \

5
docker/dev/Dockerfile
View File

@ -1,4 +1,4 @@
FROM jc21/nginx-full:certbot-node
FROM nginxproxymanager/nginx-full:certbot-node
LABEL maintainer="Jamie Curnow <jc@jc21.com>"
# See: https://github.com/just-containers/s6-overlay/blob/master/README.md
@ -7,7 +7,8 @@ ENV SUPPRESS_NO_CONFIG_WARNING=1 \
S6_CMD_WAIT_FOR_SERVICES_MAXTIME=0 \
S6_FIX_ATTRS_HIDDEN=1 \
S6_KILL_FINISH_MAXTIME=10000 \
S6_VERBOSITY=2
S6_VERBOSITY=2 \
NODE_OPTIONS="--openssl-legacy-provider"
RUN echo "fs.file-max = 65535" > /etc/sysctl.conf \
&& apt-get update \

26
docker/docker-compose.ci.yml
View File

@ -14,7 +14,8 @@ services:
DB_MYSQL_PASSWORD: 'npm'
DB_MYSQL_NAME: 'npm'
volumes:
- npm_data:/data
- npm_data_mysql:/data
- npm_le_mysql:/etc/letsencrypt
expose:
- 81
- 80
@ -22,7 +23,7 @@ services:
depends_on:
- db
healthcheck:
test: ["CMD", "/bin/check-health"]
test: ["CMD", "/usr/bin/check-health"]
interval: 10s
timeout: 3s
@ -37,13 +38,14 @@ services:
PGID: 1000
DISABLE_IPV6: 'true'
volumes:
- npm_data:/data
- npm_data_sqlite:/data
- npm_le_sqlite:/etc/letsencrypt
expose:
- 81
- 80
- 443
healthcheck:
test: ["CMD", "/bin/check-health"]
test: ["CMD", "/usr/bin/check-health"]
interval: 10s
timeout: 3s
@ -55,7 +57,7 @@ services:
MYSQL_USER: 'npm'
MYSQL_PASSWORD: 'npm'
volumes:
- db_data:/var/lib/mysql
- mysql_data:/var/lib/mysql
cypress-mysql:
image: "${IMAGE}-cypress:ci-${BUILD_NUMBER}"
@ -65,7 +67,7 @@ services:
environment:
CYPRESS_baseUrl: 'http://fullstack-mysql:81'
volumes:
- cypress-logs:/results
- cypress_logs_mysql:/results
command: cypress run --browser chrome --config-file=${CYPRESS_CONFIG:-cypress/config/ci.json}
cypress-sqlite:
@ -76,10 +78,14 @@ services:
environment:
CYPRESS_baseUrl: "http://fullstack-sqlite:81"
volumes:
- cypress-logs:/results
- cypress_logs_sqlite:/results
command: cypress run --browser chrome --config-file=${CYPRESS_CONFIG:-cypress/config/ci.json}
volumes:
cypress-logs:
npm_data:
db_data:
cypress_logs_mysql:
cypress_logs_sqlite:
npm_data_mysql:
npm_data_sqlite:
npm_le_sqlite:
npm_le_mysql:
mysql_data:

6
docker/rootfs/etc/logrotate.d/nginx-proxy-manager
View File

@ -1,5 +1,6 @@
/data/logs/*_access.log /data/logs/*/access.log {
create 0644 root root
su npm npm
create 0644
weekly
rotate 4
missingok
@ -12,7 +13,8 @@
}
/data/logs/*_error.log /data/logs/*/error.log {
create 0644 root root
su npm npm
create 0644
weekly
rotate 10
missingok

7
docker/rootfs/etc/nginx/conf.d/include/force-ssl.conf
View File

@ -1,3 +1,10 @@
set $test "";
if ($scheme = "http") {
set $test "H";
}
if ($request_uri = /.well-known/acme-challenge/test-challenge) {
set $test "${test}T";
}
if ($test = H) {
return 301 https://$host$request_uri;
}

2
docker/rootfs/etc/s6-overlay/s6-rc.d/backend/run
View File

@ -3,7 +3,7 @@
set -e
. /bin/common.sh
. /usr/bin/common.sh
cd /app || exit 1

2
docker/rootfs/etc/s6-overlay/s6-rc.d/frontend/run
View File

@ -6,7 +6,7 @@ set -e
# This service is DEVELOPMENT only.
if [ "$DEVELOPMENT" = 'true' ]; then
. /bin/common.sh
. /usr/bin/common.sh
cd /app/frontend || exit 1
HOME=$NPMHOME
export HOME

2
docker/rootfs/etc/s6-overlay/s6-rc.d/nginx/run
View File

@ -3,7 +3,7 @@
set -e
. /bin/common.sh
. /usr/bin/common.sh
log_info 'Starting nginx ...'
exec s6-setuidgid "$PUID:$PGID" nginx

2
docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/00-all.sh
View File

@ -3,7 +3,7 @@
set -e
. /bin/common.sh
. /usr/bin/common.sh
if [ "$(id -u)" != "0" ]; then
log_fatal "This docker container must be run as root, do not specify a user.\nYou can specify PUID and PGID env vars to run processes as that user and group after initialization."

2
docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh
View File

@ -24,4 +24,4 @@ chown -R "$PUID:$PGID" /etc/nginx/nginx.conf
chown -R "$PUID:$PGID" /etc/nginx/conf.d
# Prevents errors when installing python certbot plugins when non-root
chown -R "$PUID:$PGID" /opt/certbot
chown -R "$PUID:$PGID" /opt/certbot/lib/python*/site-packages

0
docker/rootfs/bin/check-health → docker/rootfs/usr/bin/check-health
View File

4
docker/rootfs/bin/common.sh → docker/rootfs/usr/bin/common.sh
View File

@ -12,6 +12,10 @@ export CYAN BLUE YELLOW RED RESET
PUID=${PUID:-0}
PGID=${PGID:-0}
# If changing the username and group name below,
# ensure all references to this user is also changed.
# See docker/rootfs/etc/logrotate.d/nginx-proxy-manager
# and docker/rootfs/etc/nginx/nginx.conf
NPMUSER=npm
NPMGROUP=npm
NPMHOME=/tmp/npmuserhome