diff --git a/root/defaults/nginx/nginx.conf.sample b/root/defaults/nginx/nginx.conf.sample index 7d04492..6f1434d 100644 --- a/root/defaults/nginx/nginx.conf.sample +++ b/root/defaults/nginx/nginx.conf.sample @@ -1,4 +1,4 @@ -## Version 2021/10/24 - Changelog: https://github.com/linuxserver/docker-baseimage-alpine-nginx/commits/master/root/defaults/nginx.conf +## Version 2021/10/24 - Changelog: https://github.com/linuxserver/docker-baseimage-alpine-nginx/commits/master/root/defaults/nginx.conf.sample ### Based on alpine defaults # https://git.alpinelinux.org/aports/tree/main/nginx/nginx.conf?h=3.14-stable diff --git a/root/defaults/nginx/server-confs/ssl.conf.sample b/root/defaults/nginx/server-confs/ssl.conf.sample index 875de93..1902b58 100644 --- a/root/defaults/nginx/server-confs/ssl.conf.sample +++ b/root/defaults/nginx/server-confs/ssl.conf.sample @@ -1,4 +1,4 @@ -## Version 2021/10/24 - Changelog: https://github.com/linuxserver/docker-baseimage-alpine-nginx/commits/master/root/defaults/nginx/server-confs/ssl.conf +## Version 2021/10/24 - Changelog: https://github.com/linuxserver/docker-baseimage-alpine-nginx/commits/master/root/defaults/nginx/server-confs/ssl.conf.sample ### Mozilla Recommendations # generated 2021-10-16, Mozilla Guideline v5.6, nginx 1.20.1-r3, OpenSSL 1.1.1l-r0, intermediate configuration @@ -10,7 +10,7 @@ listen [::]:443 ssl http2; ssl_certificate /config/keys/cert.crt; ssl_certificate_key /config/keys/cert.key; ssl_session_timeout 1d; -ssl_session_cache shared:MozSSL:10m; # about 40000 sessions +ssl_session_cache shared:MozSSL:10m; # about 40000 sessions ssl_session_tickets off; # curl https://ssl-config.mozilla.org/ffdhe2048.txt > /path/to/dhparam diff --git a/root/defaults/nginx/site-confs/default.conf.sample b/root/defaults/nginx/site-confs/default.conf.sample index 033f28c..1bf1a64 100644 --- a/root/defaults/nginx/site-confs/default.conf.sample +++ b/root/defaults/nginx/site-confs/default.conf.sample @@ -1,9 +1,13 @@ -## Version 2021/10/24 - Changelog: https://github.com/linuxserver/docker-baseimage-alpine-nginx/commits/master/root/defaults/default.conf +## Version 2021/10/24 - Changelog: https://github.com/linuxserver/docker-baseimage-alpine-nginx/commits/master/root/defaults/default.conf.sample server { + include /config/nginx/server-confs/*.conf; + listen 80 default_server; listen [::]:80 default_server; + server_name _; + set $root /app/www/public; if (!-d /app/www/public) { set $root /config/www; @@ -11,14 +15,14 @@ server { root $root; index index.html index.htm index.php; - include /config/nginx/server-confs/*.conf; - set $htpasswd_file /config/nginx/.htpasswd; set $auth_basic "Restricted"; if (!-f $htpasswd_file) { set $auth_basic off; } location / { + include /config/nginx/location-confs/*.conf; + auth_basic $auth_basic; auth_basic_user_file $htpasswd_file; @@ -34,6 +38,6 @@ server { # deny access to .htaccess/.htpasswd files location ~ /\.ht { - deny all; + deny all; } } diff --git a/root/etc/cont-init.d/17-nginx-confs b/root/etc/cont-init.d/17-nginx-confs index 0524a06..c455290 100644 --- a/root/etc/cont-init.d/17-nginx-confs +++ b/root/etc/cont-init.d/17-nginx-confs @@ -12,7 +12,9 @@ if ! grep -q 'resolver' /config/nginx/http-confs/resolver.conf; then RESOLVER="127.0.0.11" fi echo "Setting resolver to ${RESOLVER}" - echo -e "# This file is auto-generated only on first start, based on the container's /etc/resolv.conf file. Feel free to modify it as you wish.\n\nresolver ${RESOLVER} valid=30s;" > /config/nginx/http-confs/resolver.conf + RESOLVEROUTPUT="# This file is auto-generated only on first start, based on the container's /etc/resolv.conf file. Feel free to modify it as you wish.\n\nresolver ${RESOLVER} valid=30s;" + echo -e "${RESOLVEROUTPUT}" > /config/nginx/http-confs/resolver.conf + echo -e "${RESOLVEROUTPUT}" > /config/nginx/location-confs/resolver.conf fi # Set worker_processes