LAB-linuxserver/templates
1
0
Fork 0
mirror of https://github.com/linuxserver/templates.git synced 2026-03-16 00:02:47 +08:00
Code Issues Packages Projects Releases Wiki Activity
templates/unraid/swag.xml
LinuxServer-CI 8137789894 Bot Updating Unraid Template
2021-10-01 17:37:24 +02:00

134 lines
10 KiB
XML
Executable File
Raw Blame History

<?xml version="1.0"?>
<!-- DO NOT CHANGE THIS FILE MANUALLY, IT IS AUTOMATICALLY GENERATED -->
<!-- GENERATED FROM https://github.com/linuxserver/docker-swag/blob/master/readme-vars.yml -->
<Container version="2">
<Name>swag</Name>
<Repository>ghcr.io/linuxserver/swag</Repository>
<Registry>https://github.com/orgs/linuxserver/packages/container/package/swag</Registry>
<DonateText>Donations</DonateText>
<DonateLink>https://www.linuxserver.io/donate</DonateLink>
<DonateImg>https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/donate.png</DonateImg>
<Network>bridge</Network>
<Privileged>false</Privileged>
<Support>https://github.com/linuxserver/docker-swag/issues/new/choose</Support>
<Shell>bash</Shell>
<GitHub>https://github.com/linuxserver/docker-swag#application-setup</GitHub>
<Project>https://linuxserver.io</Project>
<Overview>SWAG - Secure Web Application Gateway (formerly known as letsencrypt, no relation to Let&#39;s Encrypt™) sets up an Nginx webserver and reverse proxy with php support and a built-in certbot client that automates free SSL server certificate generation and renewal processes (Let&#39;s Encrypt and ZeroSSL). It also contains fail2ban for intrusion prevention.</Overview>
<ExtraParams>--cap-add=NET_ADMIN</ExtraParams>
<WebUI>http://[IP]:[PORT:80]</WebUI>
<TemplateURL>https://raw.githubusercontent.com/linuxserver/templates/main/unraid/swag.xml</TemplateURL>
<Icon>https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/linuxserver-ls-logo.png</Icon>
<Date>2021-10-01</Date>
<Changes>
### 2021-10-01
- Check if the cert uses the old LE root cert, revoke and regenerate if necessary. Here&#39;s more info(https://twitter.com/letsencrypt/status/1443621997288767491) on LE root cert expiration
### 2021-09-19
- Add an optional header to opt out of Google FLoC in `ssl.conf`.
### 2021-09-17
- Mark `SUBDOMAINS` var as optional.
### 2021-08-01
- Add support for ionos dns validation.
### 2021-07-15
- Fix libmaxminddb issue due to upstream change.
### 2021-07-07
- Rebase to alpine 3.14.
### 2021-06-24
- Update default nginx conf folder.
### 2021-05-28
- Existing users should update:(https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) authelia-server.conf - Use `resolver.conf` and patch for `CVE-2021-32637`.
### 2021-05-20
- Modify resolver.conf generation to detect and ignore ipv6.
### 2021-05-14
- Existing users should update:(https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) nginx.conf, ssl.conf, proxy.conf, and the default site-conf - Rework nginx.conf to be inline with alpine upstream and relocate lines from other files. Use linuxserver.io wheel index for pip packages. Switch to using ffdhe4096(https://ssl-config.mozilla.org/ffdhe4096.txt) for `dhparams.pem` per RFC7919(https://datatracker.ietf.org/doc/html/rfc7919). Added `worker_processes.conf`, which sets the number of nginx workers, and `resolver.conf`, which sets the dns resolver. Both conf files are auto-generated only on first start and can be user modified later.
### 2021-04-21
- Existing users should update:(https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) authelia-server.conf and authelia-location.conf - Add remote name/email headers and pass http method.
### 2021-04-12
- Add php7-gmp and php7-pecl-mailparse.
### 2021-04-12
- Add support for vultr dns validation.
### 2021-03-14
- Add support for directadmin dns validation.
### 2021-02-12
- Clean up rust/cargo cache, which ballooned the image size in the last couple of builds.
### 2021-02-10
- Fix aliyun, domeneshop, inwx and transip dns confs for existing users.
### 2021-02-09
- Rebasing to alpine 3.13. Add nginx mods brotli and dav-ext. Remove nginx mods lua and lua-upstream (due to regression over the last couple of years).
### 2021-01-26
- Add support for hetzner dns validation.
### 2021-01-20
- Add check for ZeroSSL EAB retrieval.
### 2021-01-08
- Add support for getting certs from ZeroSSL(https://zerossl.com/) via optional `CERTPROVIDER` env var. Update aliyun, domeneshop, inwx and transip dns plugins with the new plugin names. Hide `donoteditthisfile.conf` because users were editing it despite its name. Suppress harmless error when no proxy confs are enabled.
### 2021-01-03
- Existing users should update:(https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) /config/nginx/site-confs/default - Add helper pages to aid troubleshooting
### 2020-12-10
- Add support for njalla dns validation
### 2020-12-09
- Check for template/conf updates and notify in the log. Add support for gehirn and sakuracloud dns validation.
### 2020-11-01
- Add support for netcup dns validation
### 2020-10-29
- Existing users should update:(https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) ssl.conf - Add frame-ancestors to Content-Security-Policy.
### 2020-10-04
- Existing users should update:(https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) nginx.conf, proxy.conf, and ssl.conf - Minor cleanups and reordering.
### 2020-09-20
- Existing users should update:(https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) nginx.conf - Added geoip2 configs. Added MAXMINDDB_LICENSE_KEY variable to readme.
### 2020-09-08
- Add php7-xsl.
### 2020-09-01
- Existing users should update:(https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) nginx.conf, proxy.conf, and various proxy samples - Global websockets across all configs.
### 2020-08-03
- Initial release.
</Changes>
<Config Name="WebUI" Target="443" Default="443" Mode="tcp" Description="Https port" Type="Port" Display="always" Required="true" Mask="false"/>
<Config Name="Port: 80" Target="80" Default="80" Mode="tcp" Description="Http port (required for http validation and http - https redirect)" Type="Port" Display="always" Required="false" Mask="false"/>
<Config Name="Appdata" Target="/config" Default="" Mode="rw" Description="All the config files including the webroot reside here." Type="Path" Display="advanced" Required="true" Mask="false"/>
<Config Name="URL" Target="URL" Default="yourdomain.url" Description="Top url you have control over (`customdomain.com` if you own it, or `customsubdomain.ddnsprovider.com` if dynamic dns)." Type="Variable" Display="always" Required="true" Mask="true"/>
<Config Name="VALIDATION" Target="VALIDATION" Default="http" Description="Certbot validation method to use, options are `http`, `dns` or `duckdns` (`dns` method also requires `DNSPLUGIN` variable set) (`duckdns` method requires `DUCKDNSTOKEN` variable set, and the `SUBDOMAINS` variable must be either empty or set to `wildcard`)." Type="Variable" Display="always" Required="true" Mask="true"/>
<Config Name="SUBDOMAINS" Target="SUBDOMAINS" Default="www," Description="Subdomains you&#39;d like the cert to cover (comma separated, no spaces) ie. `www,ftp,cloud`. For a wildcard cert, set this _exactly_ to `wildcard` (wildcard cert is available via `dns` and `duckdns` validation only)" Type="Variable" Display="always" Required="false" Mask="true"/>
<Config Name="CERTPROVIDER" Target="CERTPROVIDER" Default="" Description="Optionally define the cert provider. Set to `zerossl` for ZeroSSL certs (requires existing ZeroSSL account(https://app.zerossl.com/signup) and the e-mail address entered in `EMAIL` env var). Otherwise defaults to Let&#39;s Encrypt." Type="Variable" Display="always" Required="false" Mask="true"/>
<Config Name="DNSPLUGIN" Target="DNSPLUGIN" Default="cloudflare" Description="Required if `VALIDATION` is set to `dns`. Options are `aliyun`, `cloudflare`, `cloudxns`, `cpanel`, `digitalocean`, `directadmin`, `dnsimple`, `dnsmadeeasy`, `domeneshop`, `gandi`, `gehirn`, `google`, `hetzner`, `inwx`, `ionos`, `linode`, `luadns`, `netcup`, `njalla`, `nsone`, `ovh`, `rfc2136`, `route53`, `sakuracloud`, `transip` and `vultr`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`." Type="Variable" Display="always" Required="false" Mask="true"/>
<Config Name="PROPAGATION" Target="PROPAGATION" Default="" Description="Optionally override (in seconds) the default propagation time for the dns plugins." Type="Variable" Display="always" Required="false" Mask="true"/>
<Config Name="DUCKDNSTOKEN" Target="DUCKDNSTOKEN" Default="" Description="Required if `VALIDATION` is set to `duckdns`. Retrieve your token from https://www.duckdns.org" Type="Variable" Display="always" Required="false" Mask="true"/>
<Config Name="EMAIL" Target="EMAIL" Default="" Description="Optional e-mail address used for cert expiration notifications (Required for ZeroSSL)." Type="Variable" Display="always" Required="false" Mask="true"/>
<Config Name="ONLY_SUBDOMAINS" Target="ONLY_SUBDOMAINS" Default="false" Description="If you wish to get certs only for certain subdomains, but not the main domain (main domain may be hosted on another machine and cannot be validated), set this to `true`" Type="Variable" Display="always" Required="false" Mask="true"/>
<Config Name="EXTRA_DOMAINS" Target="EXTRA_DOMAINS" Default="" Description="Additional fully qualified domain names (comma separated, no spaces) ie. `extradomain.com,subdomain.anotherdomain.org,*.anotherdomain.org`" Type="Variable" Display="always" Required="false" Mask="true"/>
<Config Name="STAGING" Target="STAGING" Default="false" Description="Set to `true` to retrieve certs in staging mode. Rate limits will be much higher, but the resulting cert will not pass the browser&#39;s security test. Only to be used for testing purposes." Type="Variable" Display="always" Required="false" Mask="true"/>
<Config Name="MAXMINDDB_LICENSE_KEY" Target="MAXMINDDB_LICENSE_KEY" Default="" Description="Add your MaxmindDB license key to automatically download the GeoLite2-City.mmdb database. Download location is /config/geoip2db. The database is updated weekly." Type="Variable" Display="always" Required="false" Mask="true"/>
<Config Name="PUID" Target="PUID" Default="99" Description="Container Variable: PUID" Type="Variable" Display="advanced" Required="true" Mask="false"/>
<Config Name="PGID" Target="PGID" Default="100" Description="Container Variable: PGID" Type="Variable" Display="advanced" Required="true" Mask="false"/>
<Config Name="UMASK" Target="UMASK" Default="022" Description="Container Variable: UMASK" Type="Variable" Display="advanced" Required="false" Mask="false"/>
</Container>
Reference in New Issue View Git Blame Copy Permalink