diff --git a/docker/Dockerfile b/docker/Dockerfile index 58bad95d..46520998 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -3,7 +3,7 @@ # This file assumes that the frontend has been built using ./scripts/frontend-build -FROM baudneo/nginx-full:certbot-node +FROM baudneo/nginx-full:bullseye-certbot-node ARG TARGETPLATFORM ARG BUILD_VERSION @@ -72,4 +72,4 @@ LABEL org.label-schema.schema-version="1.0" \ org.label-schema.description="Docker container for managing Nginx proxy hosts with a simple, powerful interface " \ org.label-schema.url="https://github.com/baudneo/nginx-proxy-manager" \ org.label-schema.vcs-url="https://github.com/baudneo/nginx-proxy-manager.git" \ - org.label-schema.cmd="docker run --rm -ti baudneo/nginx-proxy-manager:${BASE_TAG:-latest}" + org.label-schema.cmd="docker run --rm -ti baudneo/nginx-proxy-manager:${BASE_TAG:-bullseye}" diff --git a/docker/rootfs/etc/cont-init.d/97_modsecurity.sh b/docker/rootfs/etc/cont-init.d/97_modsecurity.sh index 552c11a7..21584170 100644 --- a/docker/rootfs/etc/cont-init.d/97_modsecurity.sh +++ b/docker/rootfs/etc/cont-init.d/97_modsecurity.sh @@ -33,14 +33,14 @@ fi # Enable modsecurity in the server block of :80 and :443 # Can disable this (default) and add the modsec directives in each location block if [ "${MODSEC_ENABLE}" == "1" ] || [ "${MODSEC_ENABLE}" -eq 1 ]; then - log "Enabling modsecurity in server block of port 80 and 443" + message="Enabling modsecurity in ROOT http block" sed -i "s|#|modsecurity on;|g" /etc/nginx/nginx.conf sed -i "s|#|modsecurity_rules_file /etc/nginx/modsec/main.conf;|g" /etc/nginx/nginx.conf + # Enabled modsecurity in the server block of :81 (admin dashboard) + if [ "${MODSEC_ADMIN_PANEL}" == "0" ] || [ "${MODSEC_ADMIN_PANEL}" -eq 0 ]; then + log "${message} and DISABLING in Admin dashboard port 81" + sed -i "s|#|modsecurity off;|g" /etc/nginx/conf.d/production.conf + else + log "${message} and Admin dashboard port 81" + fi fi -# Enabled modsecurity in the server block of :81 (admin dashboard) -if [ "${MODSEC_ADMIN_PANEL}" == "1" ] || [ "${MODSEC_ADMIN_PANEL}" -eq 1 ]; then - log "Enabling modsecurity in server block of admin dashboard port 81" - sed -i "s|#|modsecurity on;|g" /etc/nginx/conf.d/production.conf - sed -i "s|#|modsecurity_rules_file /etc/nginx/modsec/main.conf;|g" /etc/nginx/conf.d/production.conf - -fi \ No newline at end of file diff --git a/docker/rootfs/etc/nginx/nginx.conf b/docker/rootfs/etc/nginx/nginx.conf index e99f3ea4..07a48409 100644 --- a/docker/rootfs/etc/nginx/nginx.conf +++ b/docker/rootfs/etc/nginx/nginx.conf @@ -58,7 +58,6 @@ http { } # # - # Real IP Determination # Local subnets: diff --git a/local-build.sh b/local-build.sh index 8834d363..6334bfd3 100755 --- a/local-build.sh +++ b/local-build.sh @@ -1,30 +1,33 @@ #!/bin/bash -e -BLUE='\E[1;34m' -CYAN='\E[1;36m' -YELLOW='\E[1;33m' -GREEN='\E[1;32m' -RED='\E[1;31m' -RESET='\E[0m' +export BLUE='\E[1;34m' +export CYAN='\E[1;36m' +export YELLOW='\E[1;33m' +export GREEN='\E[1;32m' +export RED='\E[1;31m' +export RESET='\E[0m' DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" cd "${DIR}" -export DOCKER_IMAGE=baudneo/nginx-proxy-manager +export DOCKER_IMAGE="baudneo/nginx-proxy-manager" export MAINTAINER="baudneo " export REPO_OWNER="baudneo" -export BASE_TAG='local_latest' +export BASE_TAG='local_bullseye' export TARGETPLATFORM=amd64 export BUILD_VERSION=dev export BUILD_COMMIT= export BUILD_DATE="$(date '+%Y-%m-%d %T %Z')" export SSL_CERTS_PATH="/etc/ssl/certs/GTS_Root_R1.pem" + +# Build FrontEnd #echo -e "${YELLOW}❯❯❯ ${CYAN}Running ${RED}'scripts/frontend-build'${RESET}" #bash ./scripts/frontend-build -# Build -echo -e "${BLUE}❯ ${CYAN}Building Image [${DOCKER_IMAGE}] with tag: ${YELLOW}${BASE_TAG}${CYAN}...${RESET}" +#echo -e "${YELLOW}❯❯❯ ${CYAN}Completed ${RED}'frontend-build'${RESET}" + +# Build Final Image +echo -e "${BLUE}❯ ${CYAN}Building ${RED}LOCAL ${CYAN}Image [${DOCKER_IMAGE}] with tag: ${YELLOW}${BASE_TAG}${CYAN}...${RESET}" docker build \ - \ --build-arg BUILD_VERSION="${BUILD_VERSION:-dev}" \ --build-arg BUILD_COMMIT="${BUILD_COMMIT:-notset}" \ --build-arg BUILD_DATE="${BUILD_DATE}" \ diff --git a/scripts/.common.sh b/scripts/.common.sh index 3cea0916..5c8c8e85 100644 --- a/scripts/.common.sh +++ b/scripts/.common.sh @@ -1,17 +1,13 @@ #!/bin/bash # Colors -BLUE='\E[1;34m' -CYAN='\E[1;36m' -GREEN='\E[1;32m' -RED='\E[1;31m' -RESET='\E[0m' -YELLOW='\E[1;33m' - -export BLUE CYAN GREEN RED RESET YELLOW +export BLUE='\E[1;34m' +export CYAN='\E[1;36m' +export GREEN='\E[1;32m' +export RED='\E[1;31m' +export RESET='\E[0m' +export YELLOW='\E[1;33m' # Docker Compose -COMPOSE_PROJECT_NAME="npmdev" -COMPOSE_FILE="docker/docker-compose.dev.yml" - -export COMPOSE_FILE COMPOSE_PROJECT_NAME +export COMPOSE_PROJECT_NAME="npmdev" +export COMPOSE_FILE="docker/docker-compose.dev.yml" diff --git a/scripts/build_common.sh b/scripts/build_common.sh new file mode 100644 index 00000000..050637f3 --- /dev/null +++ b/scripts/build_common.sh @@ -0,0 +1,7 @@ +export BLUE='\E[1;34m' +export CYAN='\E[1;36m' +export GREEN='\E[1;32m' +export RED='\E[1;31m' +export RESET='\E[0m' +export YELLOW='\E[1;33m' + diff --git a/scripts/frontend-build b/scripts/frontend-build index 2c5947fa..e00971ec 100755 --- a/scripts/frontend-build +++ b/scripts/frontend-build @@ -3,12 +3,12 @@ DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" . "$DIR/.common.sh" -DOCKER_IMAGE='baudneo/nginx-full:certbot-node' +DOCKER_IMAGE='baudneo/nginx-full:bullseye-certbot-node' # Ensure docker exists if hash docker 2>/dev/null; then - docker pull "${DOCKER_IMAGE}" +# docker pull "${DOCKER_IMAGE}" cd "${DIR}/.." echo -e "${BLUE}❯ ${CYAN}Building Frontend ...${RESET}" docker run --rm -e CI=true -v "$(pwd)/frontend:/app/frontend" -v "$(pwd)/global:/app/global" \