ThatGuyJack/nginx-proxy-manager
1
0
Fork 0
mirror of https://github.com/NginxProxyManager/nginx-proxy-manager.git synced 2025-06-18 18:16:26 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Updates to user/group determination after recent changes to v2 branch

Browse Source
This commit is contained in:
Jamie Curnow
2023-04-11 09:12:48 +10:00
parent fe46da3355
commit c0c89e5d15
18 changed files with 267 additions and 83 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
docker/rootfs/etc/nginx/conf.d/include/ip_ranges.conf Normal file
View File

@ -0,0 +1,2 @@
# This should be left blank is it is populated programatically
# by the application backend.

39
docker/rootfs/etc/nginx/nginx.conf
View File

@ -1,7 +1,7 @@
# run nginx in foreground
daemon off;
#user npmuser;
pid /run/nginx/nginx.pid;
user npmuser;
# Set number of worker processes automatically based on number of CPU cores.
worker_processes auto;
@ -9,7 +9,7 @@ worker_processes auto;
# Enables the use of JIT for regular expressions to speed-up their processing.
pcre_jit on;
error_log /data/logs/error.log warn;
error_log /data/logs/fallback_error.log warn;
# Includes files with directives to load dynamic modules.
include /etc/nginx/modules/*.conf;
@ -41,7 +41,12 @@ http {
proxy_cache_path /var/lib/nginx/cache/private levels=1:2 keys_zone=private-cache:5m max_size=1024m;
log_format proxy '[$time_local] $upstream_cache_status $upstream_status $status - $request_method $scheme $host "$request_uri" [Client $remote_addr] [Length $body_bytes_sent] [Gzip $gzip_ratio] "$http_user_agent" "$http_referer"';
access_log /data/logs/default.log proxy;
log_format standard '[$time_local] $status - $request_method $scheme $host "$request_uri" [Client $remote_addr] [Length $body_bytes_sent] [Gzip $gzip_ratio] "$http_user_agent" "$http_referer"';
access_log /data/logs/fallback_access.log proxy;
# Dynamically generated resolvers file
include /etc/nginx/conf.d/include/resolvers.conf;
# Default upstream scheme
map $host $forward_scheme {
@ -49,18 +54,38 @@ http {
}
# Real IP Determination
# Docker subnet:
set_real_ip_from 172.0.0.0/8;
# Local subnets:
set_real_ip_from 10.0.0.0/8;
set_real_ip_from 172.16.0.0/12; # Includes Docker subnet
set_real_ip_from 192.168.0.0/16;
# NPM generated CDN ip ranges:
#include conf.d/include/ip_ranges.conf;
include conf.d/include/ip_ranges.conf;
# always put the following 2 lines after ip subnets:
real_ip_header X-Forwarded-For;
real_ip_header X-Real-IP;
real_ip_recursive on;
# Custom
include /data/nginx/custom/http_top[.]conf;
# Files generated by NPM
include /etc/nginx/conf.d/*.conf;
include /data/nginx/default_host/*.conf;
include /data/nginx/upstreams/*.conf;
include /data/nginx/hosts/*.conf;
include /data/nginx/streams/*.conf;
# Custom
include /data/nginx/custom/http[.]conf;
}
stream {
# Files generated by NPM
include /data/nginx/stream/*.conf;
# Custom
include /data/nginx/custom/stream[.]conf;
}
# Custom
include /data/nginx/custom/root[.]conf;