first commit

Andy 8 years ago
parent f180026ae1
commit 31a97d8a20
Signed by: arno
GPG Key ID: 368DDA2E9A471EAC

@ -0,0 +1,11 @@
FROM alpine:3.3
MAINTAINER Andrey Arapov <>
RUN echo '@testing' >> /etc/apk/repositories && \
apk update && \
apk add nginx-naxsi@testing inotify-tools && \
mkdir /tmp/nginx
COPY nginx.conf /etc/nginx/nginx.conf
COPY launch /launch

@ -0,0 +1,64 @@
# nginx simple semi-automated reverse proxy
Simply mount your volume or a directory as `/etc/nginx/conf.d` to the container,
it will automatically detect the differences in there and load-up the new configuration!
**docker-compose.yml** file example
version '2'
image: andrey01/nginx
- backend
- frontend
- /home/docker/configs/letsencrypt:/etc/letsencrypt:ro
- /home/docker/configs/nginx:/etc/nginx/conf.d:ro
- 80:80
- 443:443
restart: always
Then you can add some configuration to the `/home/docker/configs/nginx` directory,
for example you may add the following config:
**webmail.conf** file example
server {
listen 80;
return 301 https://$host$request_uri;
server {
listen 443 ssl http2;
ssl on;
ssl_certificate /etc/letsencrypt/live/;
ssl_certificate_key /etc/letsencrypt/live/;
# enable HSTS (HTTP Strict Transport Security) to avoid SSL stripping
add_header Strict-Transport-Security "max-age=15768000; includeSubdomains" always;
# Built-in Docker's DNS server
resolver ipv6=off valid=10s;
set $upstream_endpoint http://webmail:8080;
location / {
proxy_pass $upstream_endpoint;
proxy_redirect off;
proxy_buffering off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
You can have your `webmail` service running in the `backend` network, of which the nginx will take care of and pass it to the frontend.

@ -0,0 +1,12 @@
# debug
# set -x
while true; do
inotifywait -e close_write,moved_to,create,delete /etc/nginx/conf.d
sleep 2
echo "INFO: nginx configuration change detected, attempting to load the new configuration ..."
nginx -t && nginx -s reload || echo "ERROR: nginx configuration has problems, thus cannot be reloaded."
done &

@ -0,0 +1,25 @@
daemon off;
error_log stderr info;
user nginx;
worker_processes 1;
pid /var/run/;
events {
worker_connections 1024;
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
keepalive_timeout 65;
gzip on;
server_tokens off;
include conf.d/*.conf;