bsherriff/aviation
1
1
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects 1 Releases Wiki Activity

Updated nginx to toggle ssl

Browse Source
This commit is contained in:
Ben Sherriff
2025-04-12 23:21:25 -04:00
parent 261daa8644
commit 99f23cb05b
7 changed files with 60 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
nginx/Dockerfile
View File

@@ -1,3 +1,6 @@
FROM nginx
COPY nginx.conf /etc/nginx/nginx.conf
COPY templates/ /etc/nginx/templates/
COPY templates/ /templates/
COPY scripts/01-configure_ssh.sh /docker-entrypoint.d/01-configure_ssh.sh
RUN chmod +x /docker-entrypoint.d/01-configure_ssh.sh

12
nginx/scripts/01-configure_ssh.sh Executable file
View File

@@ -0,0 +1,12 @@
#!/bin/sh
set -e
mkdir -p /etc/nginx/templates
if [ "$NGINX_SSL_ENABLED" = "true" ]; then
echo "Using SSL configuration"
cp /templates/ssl.conf.template /etc/nginx/templates/default.conf.template
else
echo "Using non-SSL configuration"
cp /templates/nossl.conf.template /etc/nginx/templates/default.conf.template
fi

36
nginx/templates/nossl.conf.template Normal file
View File

@@ -0,0 +1,36 @@
# HTTP server configuration
server {
listen 80;
listen [::]:80;
server_name ${NGINX_HOST};
location /api/ {
proxy_pass ${API_PROTOCOL}://${NGINX_API_HOST}:${API_PORT}/api/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location /minio/ {
proxy_pass ${MINIO_PROTOCOL}://${NGINX_MINIO_HOST}:${MINIO_PORT_INTERNAL}/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
# Reverse proxy for the UI and default catch-all
location / {
proxy_pass ${UI_PROTOCOL}://${NGINX_UI_HOST}:${UI_PORT}/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}

8
nginx/templates/default.conf.template → nginx/templates/ssl.conf.template
View File

@@ -19,10 +19,10 @@ server {
ssl_certificate_key ${SSL_CERT_KEY_PATH};
# Optional: SSL session settings and ciphers (adjust as required)
#ssl_session_cache shared:SSL:10m;
#ssl_session_timeout 10m;
#ssl_ciphers HIGH:!aNULL:!MD5;
#ssl_prefer_server_ciphers on;
# ssl_session_cache shared:SSL:10m;
# ssl_session_timeout 10m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
location /api/ {
proxy_pass ${API_PROTOCOL}://${NGINX_API_HOST}:${API_PORT}/api/;