Infra-Mirrors/docker-swag
1
0
Fork 0
mirror of https://github.com/linuxserver/docker-swag.git synced 2024-10-01 01:35:49 -04:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #15 from linuxserver/sorting

Browse Source 
Cleanups and reordering
This commit is contained in:
aptalca 2020-10-04 12:04:09 -04:00 committed by GitHub
commit c230a05837
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 44 additions and 46 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
readme-vars.yml
View File

@ -139,7 +139,7 @@ app_setup_block: |
2. Review our repository commits and apply the new changes yourself 2. Review our repository commits and apply the new changes yourself
3. Delete the modified config file with listed updates, restart the container, reapply your changes 3. Delete the modified config file with listed updates, restart the container, reapply your changes
* If you have NOT modified a file with noted changes in the changelog: * If you have NOT modified a file with noted changes in the changelog:
1. Delete the config file with listed updates, restart the container, reapply your changes 1. Delete the config file with listed updates, restart the container
* Proxy sample updates are not listed in the changelog. See the changes here: [https://github.com/linuxserver/reverse-proxy-confs/commits/master](https://github.com/linuxserver/reverse-proxy-confs/commits/master) * Proxy sample updates are not listed in the changelog. See the changes here: [https://github.com/linuxserver/reverse-proxy-confs/commits/master](https://github.com/linuxserver/reverse-proxy-confs/commits/master)
* Proxy sample files WILL be updated, however your renamed (enabled) proxy files will not. * Proxy sample files WILL be updated, however your renamed (enabled) proxy files will not.
* You can check the new sample and adjust your active config as needed. * You can check the new sample and adjust your active config as needed.
@ -149,7 +149,8 @@ app_setup_nginx_reverse_proxy_block: ""
# changelog # changelog
changelogs: changelogs:
- { date: "20.09.20:", desc: "Update nginx.conf - Added geoip2 configs. Added MAXMINDDB_LICENSE_KEY variable to readme."} - { date: "04.10.20:", desc: "[Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) nginx.conf, proxy.conf, and ssl.conf - Minor cleanups and reordering." }
- { date: "20.09.20:", desc: "[Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) nginx.conf - Added geoip2 configs. Added MAXMINDDB_LICENSE_KEY variable to readme."}
- { date: "08.09.20:", desc: "Add php7-xsl." } - { date: "08.09.20:", desc: "Add php7-xsl." }
- { date: "01.09.20:", desc: "Update nginx.conf and proxy.conf (and various proxy samples) to better handle websockets." } - { date: "01.09.20:", desc: "[Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) nginx.conf, proxy.conf, and various proxy samples - Global websockets across all configs." }
- { date: "03.08.20:", desc: "Initial release." } - { date: "03.08.20:", desc: "Initial release." }

16
root/defaults/nginx.conf
View File

@ -1,4 +1,4 @@
## Version 2020/09/20 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx.conf ## Version 2020/10/04 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx.conf
user abc; user abc;
worker_processes 4; worker_processes 4;
@ -16,21 +16,21 @@ http {
# Basic Settings # Basic Settings
## ##
sendfile on; client_body_buffer_size 128k;
tcp_nopush on; client_max_body_size 0;
tcp_nodelay on;
keepalive_timeout 65; keepalive_timeout 65;
large_client_header_buffers 4 16k;
send_timeout 5m;
sendfile on;
tcp_nodelay on;
tcp_nopush on;
types_hash_max_size 2048; types_hash_max_size 2048;
variables_hash_max_size 2048; variables_hash_max_size 2048;
large_client_header_buffers 4 16k;
# server_tokens off; # server_tokens off;
# server_names_hash_bucket_size 64; # server_names_hash_bucket_size 64;
# server_name_in_redirect off; # server_name_in_redirect off;
client_max_body_size 0;
include /etc/nginx/mime.types; include /etc/nginx/mime.types;
default_type application/octet-stream; default_type application/octet-stream;

51
root/defaults/proxy.conf
View File

@ -1,33 +1,30 @@
## Version 2020/09/01 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/proxy.conf ## Version 2020/10/04 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/proxy.conf
client_body_buffer_size 128k; # Timeout if the real server is dead
#Timeout if the real server is dead
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503; proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;
# Advanced Proxy Config # Proxy Connection Settings
send_timeout 5m;
proxy_read_timeout 240;
proxy_send_timeout 240;
proxy_connect_timeout 240;
# TLS 1.3 early data
proxy_set_header Early-Data $ssl_early_data;
# Basic Proxy Config
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Ssl on;
proxy_redirect http:// $scheme://;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
#proxy_cookie_path / "/; HTTPOnly; Secure"; # enable at your own risk, may break certain apps
proxy_cache_bypass $cookie_session;
proxy_no_cache $cookie_session;
proxy_buffers 32 4k; proxy_buffers 32 4k;
proxy_connect_timeout 240;
proxy_headers_hash_bucket_size 128; proxy_headers_hash_bucket_size 128;
proxy_headers_hash_max_size 1024; proxy_headers_hash_max_size 1024;
proxy_http_version 1.1;
proxy_read_timeout 240;
proxy_redirect http:// $scheme://;
proxy_send_timeout 240;
# Proxy Cache and Cookie Settings
proxy_cache_bypass $cookie_session;
#proxy_cookie_path / "/; Secure"; # enable at your own risk, may break certain apps
proxy_no_cache $cookie_session;
# Proxy Header Settings
proxy_set_header Connection $connection_upgrade;
proxy_set_header Early-Data $ssl_early_data;
proxy_set_header Host $host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Ssl on;
proxy_set_header X-Real-IP $remote_addr;

12
root/defaults/ssl.conf
View File

@ -1,4 +1,4 @@
## Version 2020/06/17 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/ssl.conf ## Version 2020/10/04 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/ssl.conf
### Mozilla Recommendations ### Mozilla Recommendations
# generated 2020-06-17, Mozilla Guideline v5.4, nginx 1.18.0-r0, OpenSSL 1.1.1g-r0, intermediate configuration # generated 2020-06-17, Mozilla Guideline v5.4, nginx 1.18.0-r0, OpenSSL 1.1.1g-r0, intermediate configuration
@ -39,10 +39,10 @@ ssl_early_data on;
#add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always; #add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always;
# Optional additional headers # Optional additional headers
#add_header Content-Security-Policy "upgrade-insecure-requests";
#add_header X-Frame-Options "SAMEORIGIN" always;
#add_header X-XSS-Protection "1; mode=block" always;
#add_header X-Content-Type-Options "nosniff" always;
#add_header X-UA-Compatible "IE=Edge" always;
#add_header Cache-Control "no-transform" always; #add_header Cache-Control "no-transform" always;
#add_header Content-Security-Policy "upgrade-insecure-requests";
#add_header Referrer-Policy "same-origin" always; #add_header Referrer-Policy "same-origin" always;
#add_header X-Content-Type-Options "nosniff" always;
#add_header X-Frame-Options "SAMEORIGIN" always;
#add_header X-UA-Compatible "IE=Edge" always;
#add_header X-XSS-Protection "1; mode=block" always;