Skip to content
Snippets Groups Projects
Commit 385d40a2 authored by ale's avatar ale
Browse files

Initial commit

parents
No related branches found
No related tags found
No related merge requests found
Pipeline #85442 passed
Stage: build
Show whitespace changes
Inline Side-by-side
.gitlab-ci.yml 0 → 100644
+ 2
0
View file @ 385d40a2
include: "https://git.autistici.org/pipelines/containers/raw/master/common.yml"
Dockerfile 0 → 100644
+ 10
0
View file @ 385d40a2
FROM docker.io/library/debian:stable-slim
RUN apt-get -q update && \
DEBIAN_FRONTEND=noninteractive apt-get -q install -y --no-install-recommends nginx openssl && \
rm -fr /var/lib/apt/lists/*
COPY --chmod=755 start.sh /start.sh
ENTRYPOINT ["/start.sh"]
README.md 0 → 100644
+ 11
0
View file @ 385d40a2
A simple HTTP reverse proxy with a self-signed SSL certificate. It can
proxy one domain to a single upstream address.
## Configuration
Use environment variables to control the proxy behavior.
* `PORT` (default 443) - Port that the proxy will listen on.
* `DOMAIN` - Domain to proxy.
* `BACKEND_ADDR` - Address (in host:port syntax) of the upstream.
start.sh 0 → 100755
+ 60
0
View file @ 385d40a2
#!/bin/sh
set -e
set -u
config_dir=$(mktemp -d)
echo "generating self-signed certificate..."
openssl req -x509 -newkey rsa:2048 -sha256 -days 3650 \
-nodes -keyout ${config_dir}/ssl.key -out ${config_dir}/ssl.crt \
-subj "/CN=${DOMAIN}" \
-addext "subjectAltName=DNS:${DOMAIN},DNS:*.${DOMAIN}"
cat >${config_dir}/nginx.conf <<EOF
include /etc/nginx/modules-enabled/*.conf;
worker_processes auto;
pid ${config_dir}/nginx.pid;
error_log stderr;
events {
worker_connections 8192;
}
http {
sendfile on;
tcp_nopush on;
tcp_nodelay on;
access_log ${config_dir}/access.log;
include /etc/nginx/mime.types;
include /etc/nginx/conf.d/*.conf;
upstream target {
server ${BACKEND_ADDR};
}
server {
listen [::]:${PORT:-443} http2 ssl;
server_name *.${DOMAIN} ${DOMAIN};
ssl_certificate ${config_dir}/ssl.crt;
ssl_certificate_key ${config_dir}/ssl.key;
location / {
include /etc/nginx/proxy_params;
proxy_pass http://target;
}
}
}
EOF
echo "testing NGINX configuration..."
nginx -c ${config_dir}/nginx.conf -t
if [ $? -gt 0 ]; then
echo "ERROR!" >&2
cat ${config_dir}/nginx.conf
exit 2
fi
echo "starting NGINX..."
nginx -c ${config_dir}/nginx.conf -g 'daemon off;'
exit 0
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment